diff --git a/Cargo.lock b/Cargo.lock index 29beb49a..8fda7703 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1045,6 +1045,15 @@ dependencies = [ "itoa", ] +[[package]] +name = "http-auth" +version = "0.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "643c9bbf6a4ea8a656d6b4cd53d34f79e3f841ad5203c1a55fb7d761923bc255" +dependencies = [ + "memchr", +] + [[package]] name = "http-body" version = "0.4.6" @@ -1081,9 +1090,9 @@ dependencies = [ [[package]] name = "httparse" -version = "1.8.0" +version = "1.9.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d897f394bad6a705d5f4104762e116a75639e470d80901eed05a860a95cb1904" +checksum = "0fcc0b4a115bf80b728eb8ea024ad5bd707b615bfed49e0665b6e0f86fd082d9" [[package]] name = "httpdate" @@ -2111,7 +2120,7 @@ dependencies = [ [[package]] name = "ruma" version = "0.10.1" -source = "git+https://github.com/ruma/ruma?branch=main#ba9a492fdee6ad89b179e2b3ab689c3114107012" +source = "git+https://github.com/ruma/ruma?branch=main#14d7415f0d80aadf425c2384c0f348d1c03527c8" dependencies = [ "assign", "js_int", @@ -2132,7 +2141,7 @@ dependencies = [ [[package]] name = "ruma-appservice-api" version = "0.10.0" -source = "git+https://github.com/ruma/ruma?branch=main#ba9a492fdee6ad89b179e2b3ab689c3114107012" +source = "git+https://github.com/ruma/ruma?branch=main#14d7415f0d80aadf425c2384c0f348d1c03527c8" dependencies = [ "js_int", "ruma-common", @@ -2144,7 +2153,7 @@ dependencies = [ [[package]] name = "ruma-client-api" version = "0.18.0" -source = "git+https://github.com/ruma/ruma?branch=main#ba9a492fdee6ad89b179e2b3ab689c3114107012" +source = "git+https://github.com/ruma/ruma?branch=main#14d7415f0d80aadf425c2384c0f348d1c03527c8" dependencies = [ "as_variant", "assign", @@ -2167,7 +2176,7 @@ dependencies = [ [[package]] name = "ruma-common" version = "0.13.0" -source = "git+https://github.com/ruma/ruma?branch=main#ba9a492fdee6ad89b179e2b3ab689c3114107012" +source = "git+https://github.com/ruma/ruma?branch=main#14d7415f0d80aadf425c2384c0f348d1c03527c8" dependencies = [ "as_variant", "base64 0.22.1", @@ -2197,7 +2206,7 @@ dependencies = [ [[package]] name = "ruma-events" version = "0.28.1" -source = "git+https://github.com/ruma/ruma?branch=main#ba9a492fdee6ad89b179e2b3ab689c3114107012" +source = "git+https://github.com/ruma/ruma?branch=main#14d7415f0d80aadf425c2384c0f348d1c03527c8" dependencies = [ "as_variant", "indexmap 2.2.6", @@ -2213,15 +2222,22 @@ dependencies = [ "thiserror", "tracing", "url", + "web-time", "wildmatch", ] [[package]] name = "ruma-federation-api" version = "0.9.0" -source = "git+https://github.com/ruma/ruma?branch=main#ba9a492fdee6ad89b179e2b3ab689c3114107012" +source = "git+https://github.com/ruma/ruma?branch=main#14d7415f0d80aadf425c2384c0f348d1c03527c8" dependencies = [ + "bytes", + "http 1.1.0", + "httparse", "js_int", + "memchr", + "mime", + "rand", "ruma-common", "ruma-events", "serde", @@ -2231,7 +2247,7 @@ dependencies = [ [[package]] name = "ruma-identifiers-validation" version = "0.9.5" -source = "git+https://github.com/ruma/ruma?branch=main#ba9a492fdee6ad89b179e2b3ab689c3114107012" +source = "git+https://github.com/ruma/ruma?branch=main#14d7415f0d80aadf425c2384c0f348d1c03527c8" dependencies = [ "js_int", "thiserror", @@ -2240,7 +2256,7 @@ dependencies = [ [[package]] name = "ruma-identity-service-api" version = "0.9.0" -source = "git+https://github.com/ruma/ruma?branch=main#ba9a492fdee6ad89b179e2b3ab689c3114107012" +source = "git+https://github.com/ruma/ruma?branch=main#14d7415f0d80aadf425c2384c0f348d1c03527c8" dependencies = [ "js_int", "ruma-common", @@ -2250,7 +2266,7 @@ dependencies = [ [[package]] name = "ruma-macros" version = "0.13.0" -source = "git+https://github.com/ruma/ruma?branch=main#ba9a492fdee6ad89b179e2b3ab689c3114107012" +source = "git+https://github.com/ruma/ruma?branch=main#14d7415f0d80aadf425c2384c0f348d1c03527c8" dependencies = [ "once_cell", "proc-macro-crate", @@ -2265,7 +2281,7 @@ dependencies = [ [[package]] name = "ruma-push-gateway-api" version = "0.9.0" -source = "git+https://github.com/ruma/ruma?branch=main#ba9a492fdee6ad89b179e2b3ab689c3114107012" +source = "git+https://github.com/ruma/ruma?branch=main#14d7415f0d80aadf425c2384c0f348d1c03527c8" dependencies = [ "js_int", "ruma-common", @@ -2277,18 +2293,20 @@ dependencies = [ [[package]] name = "ruma-server-util" version = "0.3.0" -source = "git+https://github.com/ruma/ruma?branch=main#ba9a492fdee6ad89b179e2b3ab689c3114107012" +source = "git+https://github.com/ruma/ruma?branch=main#14d7415f0d80aadf425c2384c0f348d1c03527c8" dependencies = [ "headers", + "http 1.1.0", + "http-auth", "ruma-common", + "thiserror", "tracing", - "yap", ] [[package]] name = "ruma-signatures" version = "0.15.0" -source = "git+https://github.com/ruma/ruma?branch=main#ba9a492fdee6ad89b179e2b3ab689c3114107012" +source = "git+https://github.com/ruma/ruma?branch=main#14d7415f0d80aadf425c2384c0f348d1c03527c8" dependencies = [ "base64 0.22.1", "ed25519-dalek", @@ -2304,7 +2322,7 @@ dependencies = [ [[package]] name = "ruma-state-res" version = "0.11.0" -source = "git+https://github.com/ruma/ruma?branch=main#ba9a492fdee6ad89b179e2b3ab689c3114107012" +source = "git+https://github.com/ruma/ruma?branch=main#14d7415f0d80aadf425c2384c0f348d1c03527c8" dependencies = [ "itertools", "js_int", @@ -3720,12 +3738,6 @@ version = "2.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "213b7324336b53d2414b2db8537e56544d981803139155afa84f76eeebb7a546" -[[package]] -name = "yap" -version = "0.12.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bfe269e7b803a5e8e20cbd97860e136529cd83bf2c9c6d37b142467e7e1f051f" - [[package]] name = "zerocopy" version = "0.7.34" diff --git a/src/api/client_server/media.rs b/src/api/client_server/media.rs index 95c31609..c6b13b1c 100644 --- a/src/api/client_server/media.rs +++ b/src/api/client_server/media.rs @@ -6,12 +6,15 @@ use http::{ HeaderName, HeaderValue, }; use phf::{phf_set, Set}; -use ruma::api::client::{ - error::ErrorKind, - media::{ - create_content, get_content, get_content_as_filename, - get_content_thumbnail, get_media_config, +use ruma::{ + api::client::{ + error::ErrorKind, + media::{ + create_content, get_content, get_content_as_filename, + get_content_thumbnail, get_media_config, + }, }, + http_headers::{ContentDisposition, ContentDispositionType}, }; use tracing::error; @@ -77,16 +80,17 @@ fn content_security_policy() -> HeaderValue { // Doing this correctly is tricky, so I'm skipping it for now. fn content_disposition_for( content_type: Option<&str>, - filename: Option<&str>, -) -> String { - match ( - content_type.is_some_and(|x| INLINE_CONTENT_TYPES.contains(x)), + filename: Option, +) -> ContentDisposition { + let disposition_type = match content_type { + Some(x) if INLINE_CONTENT_TYPES.contains(x) => { + ContentDispositionType::Inline + } + _ => ContentDispositionType::Attachment, + }; + ContentDisposition { + disposition_type, filename, - ) { - (true, None) => "inline".to_owned(), - (true, Some(x)) => format!("inline; filename={x}"), - (false, None) => "attachment".to_owned(), - (false, Some(x)) => format!("attachment; filename={x}"), } } @@ -114,6 +118,7 @@ fn set_header_or_panic( /// # `GET /_matrix/media/r0/config` /// /// Returns max upload size. +#[allow(deprecated)] // unauthenticated media pub(crate) async fn get_media_config_route( _body: Ar, ) -> Result> { @@ -142,9 +147,12 @@ pub(crate) async fn create_content_route( .create( mxc.clone(), body.filename - .as_ref() - .map(|filename| format!("inline; filename={filename}")) - .as_deref(), + .clone() + .map(|filename| ContentDisposition { + disposition_type: ContentDispositionType::Inline, + filename: Some(filename), + }) + .as_ref(), body.content_type.as_deref(), &body.file, ) @@ -156,6 +164,7 @@ pub(crate) async fn create_content_route( })) } +#[allow(deprecated)] // unauthenticated media pub(crate) async fn get_remote_content( mxc: &str, server_name: &ruma::ServerName, @@ -179,7 +188,7 @@ pub(crate) async fn get_remote_content( .media .create( mxc.to_owned(), - content_response.content_disposition.as_deref(), + content_response.content_disposition.as_ref(), content_response.content_type.as_deref(), &content_response.file, ) @@ -198,6 +207,7 @@ pub(crate) async fn get_remote_content( /// Load media from our server or over federation. /// /// - Only allows federation if `allow_remote` is true +#[allow(deprecated)] // unauthenticated media pub(crate) async fn get_content_route( body: Ar, ) -> Result { @@ -214,6 +224,7 @@ pub(crate) async fn get_content_route( }) } +#[allow(deprecated)] // unauthenticated media async fn get_content_route_ruma( body: Ar, ) -> Result { @@ -259,6 +270,7 @@ async fn get_content_route_ruma( /// Load media from our server or over federation, permitting desired filename. /// /// - Only allows federation if `allow_remote` is true +#[allow(deprecated)] // unauthenticated media pub(crate) async fn get_content_as_filename_route( body: Ar, ) -> Result { @@ -275,6 +287,7 @@ pub(crate) async fn get_content_as_filename_route( }) } +#[allow(deprecated)] // unauthenticated media pub(crate) async fn get_content_as_filename_route_ruma( body: Ar, ) -> Result { @@ -290,7 +303,7 @@ pub(crate) async fn get_content_as_filename_route_ruma( file, content_disposition: Some(content_disposition_for( content_type.as_deref(), - Some(body.filename.as_str()), + Some(body.filename.clone()), )), content_type, cross_origin_resource_policy: Some("cross-origin".to_owned()), @@ -305,7 +318,7 @@ pub(crate) async fn get_content_as_filename_route_ruma( Ok(get_content_as_filename::v3::Response { content_disposition: Some(content_disposition_for( remote_content_response.content_type.as_deref(), - Some(body.filename.as_str()), + Some(body.filename.clone()), )), content_type: remote_content_response.content_type, file: remote_content_response.file, @@ -321,6 +334,7 @@ pub(crate) async fn get_content_as_filename_route_ruma( /// Load media thumbnail from our server or over federation. /// /// - Only allows federation if `allow_remote` is true +#[allow(deprecated)] // unauthenticated media pub(crate) async fn get_content_thumbnail_route( body: Ar, ) -> Result { @@ -342,6 +356,7 @@ pub(crate) async fn get_content_thumbnail_route( &mut r, CONTENT_DISPOSITION, content_disposition_for(content_type.as_deref(), None) + .to_string() .try_into() .expect("generated header value should be valid"), ); @@ -350,6 +365,7 @@ pub(crate) async fn get_content_thumbnail_route( }) } +#[allow(deprecated)] // unauthenticated media async fn get_content_thumbnail_route_ruma( body: Ar, ) -> Result { @@ -393,6 +409,7 @@ async fn get_content_thumbnail_route_ruma( media_id: body.media_id.clone(), timeout_ms: Duration::from_secs(20), allow_redirect: false, + animated: Some(false), }, ) .await?; diff --git a/src/api/ruma_wrapper/axum.rs b/src/api/ruma_wrapper/axum.rs index 79fba3a5..6315e5e1 100644 --- a/src/api/ruma_wrapper/axum.rs +++ b/src/api/ruma_wrapper/axum.rs @@ -212,7 +212,7 @@ async fn ar_from_request_inner( let origin_signatures = BTreeMap::from_iter([( x_matrix.key.to_string(), - CanonicalJsonValue::String(x_matrix.sig), + CanonicalJsonValue::String(x_matrix.sig.to_string()), )]); let signatures = BTreeMap::from_iter([( diff --git a/src/api/server_server.rs b/src/api/server_server.rs index 7a13a055..496a4870 100644 --- a/src/api/server_server.rs +++ b/src/api/server_server.rs @@ -244,11 +244,12 @@ where .unwrap(); let key_id = OwnedSigningKeyId::try_from(key_id.clone()).unwrap(); - let signature = signature.as_str().unwrap().to_owned(); + let signature = Base64::parse(signature.as_str().unwrap()) + .expect("generated signature should be valid base64"); http_request.headers_mut().typed_insert(Authorization(XMatrix::new( services().globals.server_name().to_owned(), - Some(destination.to_owned()), + destination.to_owned(), key_id, signature, ))); diff --git a/src/service/media.rs b/src/service/media.rs index 052c726c..1f014f8a 100644 --- a/src/service/media.rs +++ b/src/service/media.rs @@ -1,6 +1,7 @@ use std::io::Cursor; use image::imageops::FilterType; +use ruma::http_headers::ContentDisposition; use tokio::{ fs::File, io::{AsyncReadExt, AsyncWriteExt}, @@ -35,7 +36,7 @@ impl Service { pub(crate) async fn create( &self, mxc: String, - content_disposition: Option<&str>, + content_disposition: Option<&ContentDisposition>, content_type: Option<&str>, file: &[u8], ) -> Result<()> { @@ -44,7 +45,7 @@ impl Service { mxc, 0, 0, - content_disposition, + content_disposition.map(ContentDisposition::to_string).as_deref(), content_type, )?;