Commit Graph

14394 Commits

Author SHA1 Message Date
lain
75f912c63f Merge branch 'hackney_reenable_TLSv1.3' into 'develop'
hackney adapter helper: enable TLSv1.3

See merge request pleroma/pleroma!3661
2022-06-06 11:36:21 +00:00
Tusooa Zhu
b096fbba1a
Fix long report notes giving errors on creation 2022-06-02 01:28:39 -04:00
Pierre-Louis Bonicoli
6f23fc8e08
Add tlsv1.3 to suggestions 2022-05-31 00:51:48 +02:00
Pierre-Louis Bonicoli
a158774364
hackney adapter helper & reverse proxy client: enable TLSv1.3
The list of TLS versions was added by
8bd2b6eb13 when hackney version was
pinned to 1.15.2. Later hackney version was upgraded
(166455c884) but the list of TLS
versions wasn't removed. From the hackney point of view, this list has
been replaced by the OTP defaults since 0.16.0
(734694ea4e24f267864c459a2f050e943adc6694).

It looks like the same issue already occurred before:
0cb7b0ea84.

A way to test this issue (where example.com is an ActivityPub site
which uses TLSv1.3 only):

   $ PLEROMA_CONFIG_PATH=/path/to/config.exs pleroma start_iex
   Erlang/OTP 22 [erts-10.7.2.16] [source] [64-bit] [smp:2:2] [ds:2:2:10] [async-threads:1] [hipe]

   Erlang/OTP 22 [erts-10.7.2.16] [source] [64-bit] [smp:2:2] [ds:2:2:10] [async-threads:1] [hipe]

   Interactive Elixir (1.10.4) - press Ctrl+C to exit (type h() ENTER for help)
   iex(pleroma@127.0.0.1)2> Pleroma.Object.Fetcher.fetch_and_contain_remote_object_from_id("https://example.com/@/Nick/")
   {:error,
    {:tls_alert,
     {:protocol_version,
      'TLS client: In state hello received SERVER ALERT: Fatal - Protocol Version\n'}}}

With this patch, the output is the expected one:

   iex(pleroma@127.0.0.1)3> Pleroma.Object.Fetcher.fetch_and_contain_remote_object_from_id("https://example.com/@/Nick/")
   {:error,
   {:ok,
    %{
      "@context" => [
        "https://www.w3.org/ns/activitystreams",
        "https://w3id.org/security/v1",
        %{
          "Emoji" => "toot:Emoji",
          "Hashtag" => "as:Hashtag",
          "atomUri" => "ostatus:atomUri",
          "conversation" => "ostatus:conversation",
          "featured" => "toot:featured",
          "focalPoint" => %{"@container" => "@list", "@id" => "toot:focalPoint"},
          "inReplyToAtomUri" => "ostatus:inReplyToAtomUri",
          "manuallyApprovesFollowers" => "as:manuallyApprovesFollowers",
          "movedTo" => "as:movedTo",
          "ostatus" => "http://ostatus.org#",
          "sensitive" => "as:sensitive",
          "toot" => "http://joinmastodon.org/ns#"
        }
      ],
      "endpoints" => %{"sharedInbox" => "https://example.com/inbox"},
      "followers" => "https://example.com/@/Nick/followers",
      "following" => nil,
      "icon" => %{
        "type" => "Image",
        "url" => "https://example.com/static/media/[...].png"
      },
      "id" => "https://example.com/@/Nick/",
      "inbox" => "https://example.com/@/Nick/inbox",
      "liked" => nil,
      "name" => "Nick",
      "outbox" => "https://example.com/@/Nick/outbox",
      "preferredUsername" => "Nick",
      "publicKey" => %{
        "id" => "https://example.com/@/Nick/#main-key",
        "owner" => "https://example.com/@/Nick/",
        "publicKeyPem" => "[...]
      },
      "summary" => "",
      "type" => "Person",
      "url" => "https://example.com/@/Nick/"
    }}

A way to test the reverse proxy bits of this issue (where example.com allows TLSv1.3 only):

    iex(pleroma@127.0.0.1)1> Pleroma.ReverseProxy.Client.Hackney.request("GET", "https://example.com", [], [])
    {:error,
     {:tls_alert,
      {:protocol_version,
       'TLS client: In state hello received SERVER ALERT: Fatal - Protocol Version\n'}}}
2022-05-31 00:51:45 +02:00
Haelwenn
7466136ad3 Merge branch 'lewdthewides-develop-patch-48691' into 'develop'
Instruct users to run 'git pull' as the pleroma user

See merge request pleroma/pleroma!3667
2022-05-22 17:09:54 +00:00
lain
bdca5f5d68 Merge branch 'fix/mrf-steal-emoji-regex' into 'develop'
StealEmojiPolicy: fix String rejected_shortcodes

See merge request pleroma/pleroma!3673
2022-05-19 08:55:39 +00:00
Hélène
a74ce2d77a
StealEmojiPolicy: fix String rejected_shortcodes
* rejected_shortcodes is defined as a list of strings in the
  configuration description. As such, database-based configuration was
  led to handle those settings as strings, and not as the actually
  expected type, Regex.
* This caused each message passing through this MRF, if a rejected
  shortcode was set and the emoji did not exist already on the instance,
  to fail federating, as an exception was raised, swiftly caught and
  mostly silenced.
* This commit fixes the issue by introducing new behavior: strings are
  now handled as perfect matches for an emoji shortcode (meaning that if
  the emoji-to-be-pulled's shortcode is in the blacklist, it will be
  rejected), while still supporting Regex types as before.
2022-05-18 21:25:10 +02:00
lewdthewides
7977dd6ac7 Instruct users to run 'git pull' as the pleroma user 2022-05-12 16:02:58 +00:00
Tusooa Zhu
f1722a9f4a
Make lint happy
Ref: fix-local-public
2022-05-09 18:53:32 -04:00
Tusooa Zhu
6e5ef7f2eb
Test local-only in ap c2s outbox
Ref: fix-local-public
2022-05-09 18:53:32 -04:00
Tusooa Zhu
38444aa92a
Allow authenticated users to access local-only posts in MastoAPI
Ref: fix-local-public
2022-05-09 18:53:18 -04:00
Haelwenn
4605efe272 Merge branch 'improve_anti_followbot_policy' into 'develop'
Also use actor_type to determine if an account is a bot in antiFollowbotPolicy

Closes #2561

See merge request pleroma/pleroma!3498
2022-05-08 18:10:40 +00:00
Ilja
a8093732bd Also use actor_type to determine if an account is a bot in antiFollowbotPolicy 2022-05-08 18:10:40 +00:00
Tusooa Zhu
221cb3fb81
Allow users to create backups without providing email address
Ref: backup-without-email
2022-05-07 00:23:55 -04:00
Pete
aa51fd068b Add index hotspots
squash
2022-05-06 18:48:08 -07:00
Tusooa Zhu
fe933b9bf2
Prevent remote access of local-only posts via /objects
Ref: fix-local-public
2022-05-06 13:54:21 -04:00
Tusooa Zhu
466568ae36
Lint
Ref: fix-local-public
2022-05-06 13:54:13 -04:00
Tusooa Zhu
826deb7375
Make local-only statuses searchable
Ref: fix-local-public
2022-05-06 13:54:13 -04:00
Tusooa Zhu
38af42968d
Test that anonymous users cannot see local-only posts
Ref: fix-local-public
2022-05-06 13:54:12 -04:00
Tusooa Zhu
c48be59f58
Show local-only statuses in public timeline for authenticated users
Ref: fix-local-public
2022-05-06 13:54:02 -04:00
Haelwenn
214ef7ff73 Merge branch 'security/2.4.3-develop' into 'develop'
Merge back 2.4.3

See merge request pleroma/pleroma!3663
2022-05-06 08:27:03 +00:00
Haelwenn (lanodan) Monnier
f9943b2065 mix: Bump to 2.4.52 for 2.4.3 mergeback 2022-05-06 10:23:43 +02:00
Tusooa Zhu
57c030a0a7 Skip cache when /objects or /activities is authenticated
Ref: fix-local-public
2022-05-06 10:23:26 +02:00
Tusooa Zhu
e2d24eda57 Allow to skip cache in Cache plug
Ref: fix-local-public
2022-05-06 10:23:26 +02:00
Ilja
c3b2b71ea2 update sweet_xml [Security] 2022-05-06 10:23:25 +02:00
Haelwenn
8517bc18aa Merge branch 'from/upstream-develop/tusooa/fix-en-fallback' into 'develop'
Fix incorrect fallback when English is set to first language

See merge request pleroma/pleroma!3656
2022-04-18 03:31:44 +00:00
Tusooa Zhu
be08d9305b
Fix incorrect fallback when English is set to first language 2022-04-17 22:39:52 -04:00
Tusooa Zhu
6599607226
Translate static_pages.po (Simplified Chinese) 2022-04-07 17:42:19 -04:00
Haelwenn
a5d7e98de0 Merge branch 'fix_eratic_test_for_report_notes' into 'develop'
Fix eratic test for POST /api/pleroma/admin/reports/:id/notes

See merge request pleroma/pleroma!3653
2022-04-05 12:11:53 +00:00
Ilja
5f37db330f Fix eratic test for POST /api/pleroma/admin/reports/:id/notes
It retrieved two ReportNotes and then checked one of them. But the order isn't guaranteed, while the test tested on the content of the first ReportNote.

I made the test on the content more generic
2022-04-05 13:21:09 +02:00
Tusooa Zhu
7d1dae3bef
Restrict mastodon api announcements to logged-in users only 2022-04-02 02:25:13 -04:00
marcin mikołajczak
fbf9eced11 Add short_description field
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-03-29 14:04:27 +02:00
Haelwenn
d7c53da77a Merge branch 'from/upstream-develop/tusooa/translate-pages' into 'develop'
Translate backend-rendered pages

See merge request pleroma/pleroma!3634
2022-03-20 18:14:37 +00:00
Haelwenn
e63d49d238 Merge branch 'caddyfile-v2' into 'develop'
Update Caddyfile to Caddy v2

Closes #2764

See merge request pleroma/pleroma!3641
2022-03-20 18:14:00 +00:00
Haelwenn
b76340511d Merge branch 'delete_report_notifs_when_demoting_from_superuser' into 'develop'
Delete report notifs when demoting from superuser

Closes #2840

See merge request pleroma/pleroma!3642
2022-03-20 18:13:19 +00:00
Tusooa Zhu
0c78ab4a88
Use utc_datetime in db schema 2022-03-18 11:17:22 -04:00
Haelwenn (lanodan) Monnier
83338c25a5 Transmogrifier: Use validating regex for "mediaType" 2022-03-17 22:37:26 +01:00
Haelwenn (lanodan) Monnier
030183b35f AttachmentValidator: Use custom ecto type and regex for "mediaType" 2022-03-17 22:37:26 +01:00
Haelwenn (lanodan) Monnier
4ea9886faa EctoType: Add MIME validator 2022-03-17 22:37:26 +01:00
Haelwenn
2db640632b Merge branch 'bugfix/mix-dotgit' into 'develop'
mix: Check `.git` presence

See merge request pleroma/pleroma!3638
2022-03-17 21:21:59 +00:00
marcin mikołajczak
31ff467eff Use types for filtering notifications
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-03-16 21:15:44 +01:00
Tusooa Zhu
ebcda5265b
Format announcements into html 2022-03-08 23:00:51 -05:00
Tusooa Zhu
0e0a1758f7
Add doc for Admin Announcement APIs 2022-03-08 21:48:41 -05:00
Tusooa Zhu
eb1a29640f
Add pagination to AdminAPI.AnnouncementController.index 2022-03-08 21:26:05 -05:00
Tusooa Zhu
11a1996bf5
Implement update announcement admin api 2022-03-08 20:55:41 -05:00
Tusooa Zhu
881179ec72
Remove GET /api/v1/announcements/:id 2022-03-08 19:22:28 -05:00
Tusooa Zhu
d569694ae9
Show only visible announcements in MastodonAPI 2022-03-08 19:20:29 -05:00
Tusooa Zhu
cf8334dbc1
Add starts_at, ends_at and all_day parameters 2022-03-08 19:12:01 -05:00
Tusooa Zhu
fcf3c9057e
Implement visibility filtering for announcements 2022-03-08 18:21:20 -05:00
Tusooa Zhu
009817c9ee
Correct docstring for AnnouncementController.show 2022-03-08 17:00:49 -05:00