Commit Graph

525 Commits (b73c730d37acdb2519d8d85a0a1407c96a383c91)

Author SHA1 Message Date
Bob Mottram 8bbd9b6173 Check for dangerous markup in display name and clearly indicate adversaries 2021-01-31 11:05:17 +00:00
Bob Mottram 8299b77942 Check for dangerout markup in downloaded announces 2021-01-30 11:47:09 +00:00
Bob Mottram 419353ccf9 Version 1.2.0 2021-01-26 10:07:42 +00:00
Bob Mottram e5c4d9e69b Only use json signatures on outgoing posts unless verify all signatures is enabled 2021-01-05 20:55:11 +00:00
Bob Mottram 2ce7456e28 Convert to string 2021-01-05 20:16:58 +00:00
Bob Mottram 99903072d2 Debug 2021-01-05 20:15:52 +00:00
Bob Mottram 6b9f30cbd2 Check context before json signature verify 2021-01-05 20:11:16 +00:00
Bob Mottram 52159d3817 Debug 2021-01-05 17:36:50 +00:00
Bob Mottram 0a5c65e9a2 Limit json signature checking to strict mode 2021-01-05 12:20:59 +00:00
Bob Mottram 584fe93b56 Only abandon post if signature checking is strict 2021-01-05 12:13:18 +00:00
Bob Mottram 75788fd9f8 Comment 2021-01-05 10:54:50 +00:00
Bob Mottram 7125a97bbe Update json signature enforcement state once per min 2021-01-05 10:48:22 +00:00
Bob Mottram 2c2476f3c0 Option to enforce json signature checks 2021-01-05 10:29:37 +00:00
Bob Mottram b8a698d887 Show keyId for json signature check 2021-01-04 20:26:55 +00:00
Bob Mottram 9bdfec94f0 Fix jsonld signatures
Also some schemas are no longer remotely accessed
2021-01-04 19:02:24 +00:00
Bob Mottram 6aa1cc8389 Extra json signature checks 2021-01-03 19:20:28 +00:00
Bob Mottram 5fc36f6ebb Debug 2021-01-03 19:11:59 +00:00
Bob Mottram a8906b25d7 Check for signature without header 2021-01-03 19:08:39 +00:00
Bob Mottram 5a327d281e Debug 2021-01-03 18:42:39 +00:00
Bob Mottram edf0c8880e Debug 2021-01-03 18:40:26 +00:00
Bob Mottram 2449b57005 Simplify 2021-01-03 18:34:35 +00:00
Bob Mottram b0eaa6835d Consistent message 2021-01-03 18:25:23 +00:00
Bob Mottram 77f965162c Enable checking of json signatures on inbox posts 2021-01-03 18:20:25 +00:00
Bob Mottram be14587011 Only warn about json signature failures 2021-01-03 14:44:57 +00:00
Bob Mottram 183141ee80 Show from key 2021-01-03 14:36:16 +00:00
Bob Mottram e8290d99d5 Check that json signatured are present on inbox posts 2021-01-03 14:25:20 +00:00
Bob Mottram c09596f1e2 More verbose 2021-01-03 09:44:33 +00:00
Bob Mottram 1df8ed9c76 Resolving the webfinger conundrum 2020-12-31 12:23:15 +00:00
Bob Mottram 0d0d49ac89 Revert "Fix missing webfingers"
This reverts commit 4bee4e236a.
2020-12-31 12:14:47 +00:00
Bob Mottram 4bee4e236a Fix missing webfingers 2020-12-31 11:08:08 +00:00
Bob Mottram 9d937826bc Update when receiving likes 2020-12-30 21:21:57 +00:00
Bob Mottram 7fbdb2445f Get webfinger from cache 2020-12-30 10:29:14 +00:00
Bob Mottram adbddb95c3 Check before adding new entries to indexes 2020-12-29 20:22:28 +00:00
Bob Mottram cce7941b39 Only write to indexes once 2020-12-29 17:56:42 +00:00
Bob Mottram b3bb866f69 Remove option to follow new actor
It wasn't implemented, and doing so could create an oprn relay situation where the authenticity of posts becomes obscured
2020-12-26 10:22:56 +00:00
Bob Mottram cf4d9466eb Start of custom peertube sites 2020-12-23 23:59:49 +00:00
Bob Mottram 0fe9b2adcd Tidying 2020-12-23 22:18:19 +00:00
Bob Mottram 838d853a59 Tidying of users path detection 2020-12-23 10:57:44 +00:00
Bob Mottram 3ff0866deb Test that number of function arguments match 2020-12-22 21:24:46 +00:00
Bob Mottram 5cd9aa8d66 Enforce convention of underscore before local function names 2020-12-22 18:06:23 +00:00
Bob Mottram 0cf0841402 Check that imports are correct 2020-12-22 13:57:24 +00:00
Bob Mottram a7b094f84f Test for stranded functions which aren't called 2020-12-22 12:59:46 +00:00
Bob Mottram 96e813181b Move hashtag categories functions to their own module 2020-12-22 10:30:52 +00:00
Bob Mottram 679c06b20e Don't guess very small tags 2020-12-22 10:13:15 +00:00
Bob Mottram a3cbc28c1e Indentation 2020-12-21 21:40:29 +00:00
Bob Mottram 23301b35a5 Validate newswire item dates
So they can't be in the future or too far in the past
2020-12-21 12:11:45 +00:00
Bob Mottram 31a48db4a4 Validation of published date on incoming posts
This mitigates replay attacks, where an otherwise valid post gets endlessly repeated
2020-12-21 10:45:31 +00:00
Bob Mottram 99374a63dc Revert to previous wfRequest 2020-12-19 14:17:30 +00:00
Bob Mottram 8c7071b6e3 Single webfinger 2020-12-18 18:12:33 +00:00
Bob Mottram bb31ce37cd is_alive replaces isAlive 2020-12-18 15:29:12 +00:00