2018-12-23 21:04:54 +01:00
|
|
|
# Pleroma: A lightweight social networking server
|
2018-12-31 16:41:47 +01:00
|
|
|
# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
|
2018-12-23 21:04:54 +01:00
|
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
2017-04-23 15:21:58 +02:00
|
|
|
defmodule Pleroma.Web.Salmon do
|
2019-05-12 06:27:01 +02:00
|
|
|
@behaviour Pleroma.Web.Federator.Publisher
|
|
|
|
|
2017-05-05 14:16:54 +02:00
|
|
|
@httpoison Application.get_env(:pleroma, :httpoison)
|
|
|
|
|
2017-04-23 15:21:58 +02:00
|
|
|
use Bitwise
|
2019-02-06 20:20:02 +01:00
|
|
|
|
2019-05-12 06:27:01 +02:00
|
|
|
alias Pleroma.Activity
|
2019-01-23 16:37:25 +01:00
|
|
|
alias Pleroma.Instances
|
2019-02-09 16:16:26 +01:00
|
|
|
alias Pleroma.User
|
2019-05-12 06:27:01 +02:00
|
|
|
alias Pleroma.Web.ActivityPub.Visibility
|
|
|
|
alias Pleroma.Web.Federator.Publisher
|
2019-05-12 21:05:03 +02:00
|
|
|
alias Pleroma.Web.OStatus
|
2017-05-01 13:14:58 +02:00
|
|
|
alias Pleroma.Web.OStatus.ActivityRepresenter
|
2019-03-05 03:52:23 +01:00
|
|
|
alias Pleroma.Web.XML
|
2019-02-06 20:20:02 +01:00
|
|
|
|
2017-05-01 13:14:58 +02:00
|
|
|
require Logger
|
2017-04-23 15:21:58 +02:00
|
|
|
|
2017-04-23 16:35:17 +02:00
|
|
|
def decode(salmon) do
|
2017-04-27 09:43:58 +02:00
|
|
|
doc = XML.parse_document(salmon)
|
2017-04-23 15:21:58 +02:00
|
|
|
|
|
|
|
{:xmlObj, :string, data} = :xmerl_xpath.string('string(//me:data[1])', doc)
|
|
|
|
{:xmlObj, :string, sig} = :xmerl_xpath.string('string(//me:sig[1])', doc)
|
|
|
|
{:xmlObj, :string, alg} = :xmerl_xpath.string('string(//me:alg[1])', doc)
|
|
|
|
{:xmlObj, :string, encoding} = :xmerl_xpath.string('string(//me:encoding[1])', doc)
|
|
|
|
{:xmlObj, :string, type} = :xmerl_xpath.string('string(//me:data[1]/@type)', doc)
|
|
|
|
|
|
|
|
{:ok, data} = Base.url_decode64(to_string(data), ignore: :whitespace)
|
|
|
|
{:ok, sig} = Base.url_decode64(to_string(sig), ignore: :whitespace)
|
|
|
|
alg = to_string(alg)
|
|
|
|
encoding = to_string(encoding)
|
|
|
|
type = to_string(type)
|
|
|
|
|
2017-04-23 16:35:17 +02:00
|
|
|
[data, type, encoding, alg, sig]
|
|
|
|
end
|
|
|
|
|
|
|
|
def fetch_magic_key(salmon) do
|
2017-05-03 14:26:49 +02:00
|
|
|
with [data, _, _, _, _] <- decode(salmon),
|
|
|
|
doc <- XML.parse_document(data),
|
|
|
|
uri when not is_nil(uri) <- XML.string_from_xpath("/entry/author[1]/uri", doc),
|
2018-02-18 22:57:07 +01:00
|
|
|
{:ok, public_key} <- User.get_public_key_for_ap_id(uri),
|
|
|
|
magic_key <- encode_key(public_key) do
|
2017-05-03 14:26:49 +02:00
|
|
|
{:ok, magic_key}
|
|
|
|
end
|
2017-04-23 16:35:17 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
def decode_and_validate(magickey, salmon) do
|
|
|
|
[data, type, encoding, alg, sig] = decode(salmon)
|
|
|
|
|
2018-03-30 15:01:53 +02:00
|
|
|
signed_text =
|
|
|
|
[data, type, encoding, alg]
|
|
|
|
|> Enum.map(&Base.url_encode64/1)
|
|
|
|
|> Enum.join(".")
|
2017-04-23 15:21:58 +02:00
|
|
|
|
|
|
|
key = decode_key(magickey)
|
|
|
|
|
|
|
|
verify = :public_key.verify(signed_text, :sha256, sig, key)
|
|
|
|
|
|
|
|
if verify do
|
|
|
|
{:ok, data}
|
|
|
|
else
|
|
|
|
:error
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-04-26 14:25:44 +02:00
|
|
|
def decode_key("RSA." <> magickey) do
|
2018-03-30 15:01:53 +02:00
|
|
|
make_integer = fn bin ->
|
2017-04-23 15:21:58 +02:00
|
|
|
list = :erlang.binary_to_list(bin)
|
2018-03-30 15:01:53 +02:00
|
|
|
Enum.reduce(list, 0, fn el, acc -> acc <<< 8 ||| el end)
|
2017-04-23 15:21:58 +02:00
|
|
|
end
|
|
|
|
|
2018-03-30 15:01:53 +02:00
|
|
|
[modulus, exponent] =
|
|
|
|
magickey
|
|
|
|
|> String.split(".")
|
|
|
|
|> Enum.map(fn n -> Base.url_decode64!(n, padding: false) end)
|
|
|
|
|> Enum.map(make_integer)
|
2017-04-23 15:21:58 +02:00
|
|
|
|
|
|
|
{:RSAPublicKey, modulus, exponent}
|
|
|
|
end
|
2017-04-26 14:25:44 +02:00
|
|
|
|
|
|
|
def encode_key({:RSAPublicKey, modulus, exponent}) do
|
2018-03-30 15:01:53 +02:00
|
|
|
modulus_enc = :binary.encode_unsigned(modulus) |> Base.url_encode64()
|
|
|
|
exponent_enc = :binary.encode_unsigned(exponent) |> Base.url_encode64()
|
2017-04-26 14:25:44 +02:00
|
|
|
|
|
|
|
"RSA.#{modulus_enc}.#{exponent_enc}"
|
|
|
|
end
|
|
|
|
|
2017-11-28 16:50:12 +01:00
|
|
|
# Native generation of RSA keys is only available since OTP 20+ and in default build conditions
|
|
|
|
# We try at compile time to generate natively an RSA key otherwise we fallback on the old way.
|
|
|
|
try do
|
2019-03-05 05:03:13 +01:00
|
|
|
_ = :public_key.generate_key({:rsa, 2048, 65_537})
|
2018-03-30 15:01:53 +02:00
|
|
|
|
2017-11-28 16:50:12 +01:00
|
|
|
def generate_rsa_pem do
|
2019-03-05 05:03:13 +01:00
|
|
|
key = :public_key.generate_key({:rsa, 2048, 65_537})
|
2017-11-28 16:50:12 +01:00
|
|
|
entry = :public_key.pem_entry_encode(:RSAPrivateKey, key)
|
2018-03-30 15:01:53 +02:00
|
|
|
pem = :public_key.pem_encode([entry]) |> String.trim_trailing()
|
2017-04-26 14:25:44 +02:00
|
|
|
{:ok, pem}
|
|
|
|
end
|
2017-11-28 16:50:12 +01:00
|
|
|
rescue
|
|
|
|
_ ->
|
|
|
|
def generate_rsa_pem do
|
|
|
|
port = Port.open({:spawn, "openssl genrsa"}, [:binary])
|
2018-03-30 15:01:53 +02:00
|
|
|
|
|
|
|
{:ok, pem} =
|
|
|
|
receive do
|
|
|
|
{^port, {:data, pem}} -> {:ok, pem}
|
|
|
|
end
|
|
|
|
|
2017-11-28 16:50:12 +01:00
|
|
|
Port.close(port)
|
2018-03-30 15:01:53 +02:00
|
|
|
|
2017-11-28 16:50:12 +01:00
|
|
|
if Regex.match?(~r/RSA PRIVATE KEY/, pem) do
|
|
|
|
{:ok, pem}
|
|
|
|
else
|
|
|
|
:error
|
|
|
|
end
|
|
|
|
end
|
2017-04-26 14:25:44 +02:00
|
|
|
end
|
|
|
|
|
|
|
|
def keys_from_pem(pem) do
|
|
|
|
[private_key_code] = :public_key.pem_decode(pem)
|
|
|
|
private_key = :public_key.pem_entry_decode(private_key_code)
|
|
|
|
{:RSAPrivateKey, _, modulus, exponent, _, _, _, _, _, _, _} = private_key
|
|
|
|
public_key = {:RSAPublicKey, modulus, exponent}
|
|
|
|
{:ok, private_key, public_key}
|
|
|
|
end
|
|
|
|
|
|
|
|
def encode(private_key, doc) do
|
|
|
|
type = "application/atom+xml"
|
|
|
|
encoding = "base64url"
|
|
|
|
alg = "RSA-SHA256"
|
|
|
|
|
2018-03-30 15:01:53 +02:00
|
|
|
signed_text =
|
|
|
|
[doc, type, encoding, alg]
|
|
|
|
|> Enum.map(&Base.url_encode64/1)
|
|
|
|
|> Enum.join(".")
|
2017-04-26 14:25:44 +02:00
|
|
|
|
2018-03-30 15:01:53 +02:00
|
|
|
signature =
|
|
|
|
signed_text
|
|
|
|
|> :public_key.sign(:sha256, private_key)
|
|
|
|
|> to_string
|
|
|
|
|> Base.url_encode64()
|
2017-05-05 12:07:38 +02:00
|
|
|
|
2018-03-30 15:01:53 +02:00
|
|
|
doc_base64 =
|
|
|
|
doc
|
|
|
|
|> Base.url_encode64()
|
2017-04-26 14:25:44 +02:00
|
|
|
|
|
|
|
# Don't need proper xml building, these strings are safe to leave unescaped
|
|
|
|
salmon = """
|
|
|
|
<?xml version="1.0" encoding="UTF-8"?>
|
|
|
|
<me:env xmlns:me="http://salmon-protocol.org/ns/magic-env">
|
|
|
|
<me:data type="application/atom+xml">#{doc_base64}</me:data>
|
|
|
|
<me:encoding>#{encoding}</me:encoding>
|
|
|
|
<me:alg>#{alg}</me:alg>
|
|
|
|
<me:sig>#{signature}</me:sig>
|
|
|
|
</me:env>
|
|
|
|
"""
|
|
|
|
|
|
|
|
{:ok, salmon}
|
|
|
|
end
|
2017-05-01 13:14:58 +02:00
|
|
|
|
2018-02-18 16:59:41 +01:00
|
|
|
def remote_users(%{data: %{"to" => to} = data}) do
|
|
|
|
to = to ++ (data["cc"] || [])
|
2018-03-30 15:01:53 +02:00
|
|
|
|
2017-05-01 13:14:58 +02:00
|
|
|
to
|
2018-03-30 15:01:53 +02:00
|
|
|
|> Enum.map(fn id -> User.get_cached_by_ap_id(id) end)
|
|
|
|
|> Enum.filter(fn user -> user && !user.local end)
|
2017-05-01 13:14:58 +02:00
|
|
|
end
|
|
|
|
|
2019-02-03 10:41:27 +01:00
|
|
|
@doc "Pushes an activity to remote account."
|
2019-05-12 06:27:01 +02:00
|
|
|
def publish_one(%{recipient: %{info: %{salmon: salmon}}} = params),
|
|
|
|
do: publish_one(Map.put(params, :recipient, salmon))
|
2018-12-29 10:48:54 +01:00
|
|
|
|
2019-05-12 06:27:01 +02:00
|
|
|
def publish_one(%{recipient: url, feed: feed} = params) when is_binary(url) do
|
2019-01-28 09:03:52 +01:00
|
|
|
with {:ok, %{status: code}} when code in 200..299 <-
|
2019-05-12 06:27:01 +02:00
|
|
|
@httpoison.post(
|
2018-12-29 10:48:54 +01:00
|
|
|
url,
|
2018-03-30 15:01:53 +02:00
|
|
|
feed,
|
2018-12-06 03:23:15 +01:00
|
|
|
[{"Content-Type", "application/magic-envelope+xml"}]
|
2018-03-30 15:01:53 +02:00
|
|
|
) do
|
2019-02-03 11:28:13 +01:00
|
|
|
if !Map.has_key?(params, :unreachable_since) || params[:unreachable_since],
|
|
|
|
do: Instances.set_reachable(url)
|
|
|
|
|
2018-12-29 10:48:54 +01:00
|
|
|
Logger.debug(fn -> "Pushed to #{url}, code #{code}" end)
|
2019-01-25 18:38:13 +01:00
|
|
|
:ok
|
2017-06-23 16:22:19 +02:00
|
|
|
else
|
2019-01-23 16:37:25 +01:00
|
|
|
e ->
|
2019-02-03 10:41:27 +01:00
|
|
|
unless params[:unreachable_since], do: Instances.set_reachable(url)
|
2019-01-23 16:37:25 +01:00
|
|
|
Logger.debug(fn -> "Pushing Salmon to #{url} failed, #{inspect(e)}" end)
|
2019-05-12 06:27:01 +02:00
|
|
|
{:error, "Unreachable instance"}
|
2017-06-23 16:22:19 +02:00
|
|
|
end
|
2017-05-01 13:14:58 +02:00
|
|
|
end
|
|
|
|
|
2019-05-12 06:27:01 +02:00
|
|
|
def publish_one(_), do: :noop
|
2017-05-01 13:14:58 +02:00
|
|
|
|
2018-02-17 16:08:55 +01:00
|
|
|
@supported_activities [
|
|
|
|
"Create",
|
|
|
|
"Follow",
|
|
|
|
"Like",
|
|
|
|
"Announce",
|
|
|
|
"Undo",
|
|
|
|
"Delete"
|
|
|
|
]
|
2018-12-29 10:48:54 +01:00
|
|
|
|
2019-05-12 06:27:01 +02:00
|
|
|
def is_representable?(%Activity{data: %{"type" => type}} = activity)
|
|
|
|
when type in @supported_activities,
|
|
|
|
do: Visibility.is_public?(activity)
|
|
|
|
|
|
|
|
def is_representable?(_), do: false
|
|
|
|
|
2018-12-29 10:48:54 +01:00
|
|
|
@doc """
|
|
|
|
Publishes an activity to remote accounts
|
|
|
|
"""
|
2019-05-12 06:27:01 +02:00
|
|
|
@spec publish(User.t(), Pleroma.Activity.t()) :: none
|
|
|
|
def publish(user, activity)
|
2018-03-30 15:01:53 +02:00
|
|
|
|
2019-05-12 06:27:01 +02:00
|
|
|
def publish(%{info: %{keys: keys}} = user, %{data: %{"type" => type}} = activity)
|
2018-03-30 15:01:53 +02:00
|
|
|
when type in @supported_activities do
|
2018-05-11 17:59:53 +02:00
|
|
|
feed = ActivityRepresenter.to_simple_form(activity, user, true)
|
2017-05-01 13:14:58 +02:00
|
|
|
|
|
|
|
if feed do
|
2018-05-11 17:59:53 +02:00
|
|
|
feed =
|
|
|
|
ActivityRepresenter.wrap_with_entry(feed)
|
|
|
|
|> :xmerl.export_simple(:xmerl_xml)
|
|
|
|
|> to_string
|
|
|
|
|
2017-05-01 13:14:58 +02:00
|
|
|
{:ok, private, _} = keys_from_pem(keys)
|
|
|
|
{:ok, feed} = encode(private, feed)
|
|
|
|
|
2019-01-24 17:15:23 +01:00
|
|
|
remote_users = remote_users(activity)
|
|
|
|
|
|
|
|
salmon_urls = Enum.map(remote_users, & &1.info.salmon)
|
2019-02-03 10:41:27 +01:00
|
|
|
reachable_urls_metadata = Instances.filter_reachable(salmon_urls)
|
|
|
|
reachable_urls = Map.keys(reachable_urls_metadata)
|
2019-01-24 17:15:23 +01:00
|
|
|
|
|
|
|
remote_users
|
2019-02-03 10:41:27 +01:00
|
|
|
|> Enum.filter(&(&1.info.salmon in reachable_urls))
|
2018-03-30 15:01:53 +02:00
|
|
|
|> Enum.each(fn remote_user ->
|
2019-01-25 18:38:13 +01:00
|
|
|
Logger.debug(fn -> "Sending Salmon to #{remote_user.ap_id}" end)
|
2019-02-03 10:41:27 +01:00
|
|
|
|
2019-05-12 06:27:01 +02:00
|
|
|
Publisher.enqueue_one(__MODULE__, %{
|
2019-02-03 10:41:27 +01:00
|
|
|
recipient: remote_user,
|
|
|
|
feed: feed,
|
|
|
|
unreachable_since: reachable_urls_metadata[remote_user.info.salmon]
|
|
|
|
})
|
2017-05-01 13:14:58 +02:00
|
|
|
end)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-05-12 06:27:01 +02:00
|
|
|
def publish(%{id: id}, _), do: Logger.debug(fn -> "Keys missing for user #{id}" end)
|
2019-05-12 21:05:03 +02:00
|
|
|
|
|
|
|
def gather_webfinger_links(%User{} = user) do
|
|
|
|
{:ok, _private, public} = keys_from_pem(user.info.keys)
|
|
|
|
magic_key = encode_key(public)
|
|
|
|
|
|
|
|
[
|
|
|
|
%{"rel" => "salmon", "href" => OStatus.salmon_path(user)},
|
|
|
|
%{
|
|
|
|
"rel" => "magic-public-key",
|
|
|
|
"href" => "data:application/magic-public-key,#{magic_key}"
|
|
|
|
}
|
|
|
|
]
|
|
|
|
end
|
2019-05-12 21:15:29 +02:00
|
|
|
|
|
|
|
def gather_nodeinfo_protocol_names, do: []
|
2017-04-23 15:21:58 +02:00
|
|
|
end
|