diff options
| author | Starfall <us@starfall.systems> | 2022-11-10 08:50:11 -0600 |
|---|---|---|
| committer | Starfall <us@starfall.systems> | 2022-11-10 08:50:11 -0600 |
| commit | 67d1a0476d77e2ed0ca15dd2981c54c2b90b0742 (patch) | |
| tree | 152f8c13a341d76738e8e2c09b24711936e6af68 /app/lib/request.rb | |
| parent | b581e6b6d4a5ba9ed4ae17427b7f2d5d158be4e5 (diff) | |
| parent | ee7e49d1b1323618e16026bc8db8ab7f9459cc2d (diff) | |
Merge remote-tracking branch 'glitch/main'
- Remove Helm charts - Lots of conflicts with our removal of recommended settings and custom icons
Diffstat (limited to 'app/lib/request.rb')
| -rw-r--r-- | app/lib/request.rb | 37 |
1 files changed, 19 insertions, 18 deletions
diff --git a/app/lib/request.rb b/app/lib/request.rb index f5123d776..dd198f399 100644 --- a/app/lib/request.rb +++ b/app/lib/request.rb @@ -40,12 +40,11 @@ class Request set_digest! if options.key?(:body) end - def on_behalf_of(account, key_id_format = :uri, sign_with: nil) - raise ArgumentError, 'account must not be nil' if account.nil? + def on_behalf_of(actor, sign_with: nil) + raise ArgumentError, 'actor must not be nil' if actor.nil? - @account = account - @keypair = sign_with.present? ? OpenSSL::PKey::RSA.new(sign_with) : @account.keypair - @key_id_format = key_id_format + @actor = actor + @keypair = sign_with.present? ? OpenSSL::PKey::RSA.new(sign_with) : @actor.keypair self end @@ -63,8 +62,6 @@ class Request end begin - response = response.extend(ClientLimit) - # If we are using a persistent connection, we have to # read every response to be able to move forward at all. # However, simply calling #to_s or #flush may not be safe, @@ -79,7 +76,7 @@ class Request end def headers - (@account ? @headers.merge('Signature' => signature) : @headers).without(REQUEST_TARGET) + (@actor ? @headers.merge('Signature' => signature) : @headers).without(REQUEST_TARGET) end class << self @@ -128,12 +125,7 @@ class Request end def key_id - case @key_id_format - when :acct - @account.to_webfinger_s - when :uri - [ActivityPub::TagManager.instance.uri_for(@account), '#main-key'].join - end + ActivityPub::TagManager.instance.key_uri_for(@actor) end def http_client @@ -187,6 +179,14 @@ class Request end end + if ::HTTP::Response.methods.include?(:body_with_limit) && !Rails.env.production? + abort 'HTTP::Response#body_with_limit is already defined, the monkey patch will not be applied' + else + class ::HTTP::Response + include Request::ClientLimit + end + end + class Socket < TCPSocket class << self def open(host, *args) @@ -199,7 +199,8 @@ class Request rescue IPAddr::InvalidAddressError Resolv::DNS.open do |dns| dns.timeouts = 5 - addresses = dns.getaddresses(host).take(2) + addresses = dns.getaddresses(host) + addresses = addresses.filter { |addr| addr.is_a?(Resolv::IPv6) }.take(2) + addresses.filter { |addr| !addr.is_a?(Resolv::IPv6) }.take(2) end end @@ -208,7 +209,7 @@ class Request addresses.each do |address| begin - check_private_address(address) + check_private_address(address, host) sock = ::Socket.new(address.is_a?(Resolv::IPv6) ? ::Socket::AF_INET6 : ::Socket::AF_INET, ::Socket::SOCK_STREAM, 0) sockaddr = ::Socket.pack_sockaddr_in(port, address.to_s) @@ -264,10 +265,10 @@ class Request alias new open - def check_private_address(address) + def check_private_address(address, host) addr = IPAddr.new(address.to_s) return if private_address_exceptions.any? { |range| range.include?(addr) } - raise Mastodon::HostValidationError if PrivateAddressCheck.private_address?(addr) + raise Mastodon::PrivateNetworkAddressError, host if PrivateAddressCheck.private_address?(addr) end def private_address_exceptions |