indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity
7,424 Commits
3 Branches
2 Tags
455 MiB
Commit Graph

539 Commits (6df30d02c06192f3a6bfec9ca6097949ec1550a4)

Author SHA1 Message Date
Bob Mottram a0a800c980 Don't send bounce messages too frequently 
Otherwise an adversary can tie up your instance with sending bounces
 2021-02-24 11:43:48 +00:00
Bob Mottram cc35f03170 Don't send bounces to replies to bounces 2021-02-24 11:10:03 +00:00
Bob Mottram a9de85cb13 Send DM bounce messages 2021-02-24 11:01:44 +00:00
Bob Mottram 4555917eeb Tidying 2021-02-24 10:05:30 +00:00
Bob Mottram 764f6673c0 Improve follow checking when a DM arrives 2021-02-24 09:54:37 +00:00
Bob Mottram 6b55ceab12 Broch mode elapses 2021-02-15 22:26:25 +00:00
Bob Mottram 01385fbdfe Only show failed http signatures in debug mode 2021-02-14 20:41:11 +00:00
Bob Mottram 0c1ad3ecde Don't log posts for http signature failures 2021-02-14 20:30:01 +00:00
Bob Mottram 62100efd38 Log posts of failing signatures 2021-02-14 19:49:39 +00:00
Bob Mottram 5c5e6c7d1a More descriptive jsonld failures 2021-02-14 15:45:42 +00:00
Bob Mottram e6b9382a0a Allow incoming posts with failing http signatures provided that they have a json signature which passes 
This provides the same level of assurance, but allows posts to arrive via relays
 2021-02-14 15:22:03 +00:00
Bob Mottram 345ded45c7 Honk style users path 2021-02-09 16:21:59 +00:00
Bob Mottram 30ac93d578 Additional type checks on incoming json 2021-02-08 15:06:26 +00:00
Bob Mottram ae0b1505f9 Join activity has the same meaning as Follow 2021-02-08 14:48:37 +00:00
Bob Mottram 8bbd9b6173 Check for dangerous markup in display name and clearly indicate adversaries 2021-01-31 11:05:17 +00:00
Bob Mottram 8299b77942 Check for dangerout markup in downloaded announces 2021-01-30 11:47:09 +00:00
Bob Mottram 419353ccf9 Version 1.2.0 2021-01-26 10:07:42 +00:00
Bob Mottram e5c4d9e69b Only use json signatures on outgoing posts unless verify all signatures is enabled 2021-01-05 20:55:11 +00:00
Bob Mottram 2ce7456e28 Convert to string 2021-01-05 20:16:58 +00:00
Bob Mottram 99903072d2 Debug 2021-01-05 20:15:52 +00:00
Bob Mottram 6b9f30cbd2 Check context before json signature verify 2021-01-05 20:11:16 +00:00
Bob Mottram 52159d3817 Debug 2021-01-05 17:36:50 +00:00
Bob Mottram 0a5c65e9a2 Limit json signature checking to strict mode 2021-01-05 12:20:59 +00:00
Bob Mottram 584fe93b56 Only abandon post if signature checking is strict 2021-01-05 12:13:18 +00:00
Bob Mottram 75788fd9f8 Comment 2021-01-05 10:54:50 +00:00
Bob Mottram 7125a97bbe Update json signature enforcement state once per min 2021-01-05 10:48:22 +00:00
Bob Mottram 2c2476f3c0 Option to enforce json signature checks 2021-01-05 10:29:37 +00:00
Bob Mottram b8a698d887 Show keyId for json signature check 2021-01-04 20:26:55 +00:00
Bob Mottram 9bdfec94f0 Fix jsonld signatures 
Also some schemas are no longer remotely accessed
 2021-01-04 19:02:24 +00:00
Bob Mottram 6aa1cc8389 Extra json signature checks 2021-01-03 19:20:28 +00:00
Bob Mottram 5fc36f6ebb Debug 2021-01-03 19:11:59 +00:00
Bob Mottram a8906b25d7 Check for signature without header 2021-01-03 19:08:39 +00:00
Bob Mottram 5a327d281e Debug 2021-01-03 18:42:39 +00:00
Bob Mottram edf0c8880e Debug 2021-01-03 18:40:26 +00:00
Bob Mottram 2449b57005 Simplify 2021-01-03 18:34:35 +00:00
Bob Mottram b0eaa6835d Consistent message 2021-01-03 18:25:23 +00:00
Bob Mottram 77f965162c Enable checking of json signatures on inbox posts 2021-01-03 18:20:25 +00:00
Bob Mottram be14587011 Only warn about json signature failures 2021-01-03 14:44:57 +00:00
Bob Mottram 183141ee80 Show from key 2021-01-03 14:36:16 +00:00
Bob Mottram e8290d99d5 Check that json signatured are present on inbox posts 2021-01-03 14:25:20 +00:00
Bob Mottram c09596f1e2 More verbose 2021-01-03 09:44:33 +00:00
Bob Mottram 1df8ed9c76 Resolving the webfinger conundrum 2020-12-31 12:23:15 +00:00
Bob Mottram 0d0d49ac89 Revert "Fix missing webfingers" 
This reverts commit 4bee4e236a.
 2020-12-31 12:14:47 +00:00
Bob Mottram 4bee4e236a Fix missing webfingers 2020-12-31 11:08:08 +00:00
Bob Mottram 9d937826bc Update when receiving likes 2020-12-30 21:21:57 +00:00
Bob Mottram 7fbdb2445f Get webfinger from cache 2020-12-30 10:29:14 +00:00
Bob Mottram adbddb95c3 Check before adding new entries to indexes 2020-12-29 20:22:28 +00:00
Bob Mottram cce7941b39 Only write to indexes once 2020-12-29 17:56:42 +00:00
Bob Mottram b3bb866f69 Remove option to follow new actor 
It wasn't implemented, and doing so could create an oprn relay situation where the authenticity of posts becomes obscured
 2020-12-26 10:22:56 +00:00
Bob Mottram cf4d9466eb Start of custom peertube sites 2020-12-23 23:59:49 +00:00