feat: encryption_disabled config option

Can be used with ROCKET_ENCRYPTION_DISABLED=true
This commit is contained in:
timokoesters 2020-07-26 20:41:10 +02:00
parent 5a8705bd25
commit dc5fb7e33a
No known key found for this signature in database
GPG Key ID: 24DA7517711A2BA4
4 changed files with 18 additions and 0 deletions

View File

@ -1,6 +1,7 @@
[global] [global]
server_name = "your.server.name" server_name = "your.server.name"
#registration_disabled = true #registration_disabled = true
#encryption_disabled = true
# Default path is in this user's data # Default path is in this user's data
#database_path = "/home/timo/MyConduitServer" #database_path = "/home/timo/MyConduitServer"
@ -8,6 +9,7 @@ server_name = "your.server.name"
port = 14004 port = 14004
address = "0.0.0.0" address = "0.0.0.0"
# Not necessary when using a reverse proxy
#[global.tls] #[global.tls]
#certs = "/etc/letsencrypt/live/your.server.name/fullchain.pem" #certs = "/etc/letsencrypt/live/your.server.name/fullchain.pem"
#key = "/etc/letsencrypt/live/your.server.name/privkey.pem" #key = "/etc/letsencrypt/live/your.server.name/privkey.pem"

View File

@ -1341,6 +1341,11 @@ pub fn create_room_route(
content, content,
} in &body.initial_state } in &body.initial_state
{ {
// Silently skip encryption events if they are not allowed
if event_type == &EventType::RoomEncryption && db.globals.encryption_disabled() {
continue
}
db.rooms.append_pdu( db.rooms.append_pdu(
room_id.clone(), room_id.clone(),
user_id.clone(), user_id.clone(),

View File

@ -10,6 +10,7 @@ pub struct Globals {
reqwest_client: reqwest::Client, reqwest_client: reqwest::Client,
server_name: Box<ServerName>, server_name: Box<ServerName>,
registration_disabled: bool, registration_disabled: bool,
encryption_disabled: bool,
} }
impl Globals { impl Globals {
@ -33,6 +34,7 @@ impl Globals {
.try_into() .try_into()
.map_err(|_| Error::BadConfig("Invalid server name found."))?, .map_err(|_| Error::BadConfig("Invalid server name found."))?,
registration_disabled: config.get_bool("registration_disabled").unwrap_or(false), registration_disabled: config.get_bool("registration_disabled").unwrap_or(false),
encryption_disabled: config.get_bool("encryption_disabled").unwrap_or(false),
}) })
} }
@ -70,4 +72,8 @@ impl Globals {
pub fn registration_disabled(&self) -> bool { pub fn registration_disabled(&self) -> bool {
self.registration_disabled self.registration_disabled
} }
pub fn encryption_disabled(&self) -> bool {
self.encryption_disabled
}
} }

View File

@ -319,7 +319,12 @@ impl Rooms {
Some, Some,
); );
// Is the event allowed?
if !match event_type { if !match event_type {
EventType::RoomEncryption => {
// Don't allow encryption events when it's disabled
!globals.encryption_disabled()
}
EventType::RoomMember => { EventType::RoomMember => {
let target_user_id = UserId::try_from(&**state_key).map_err(|_| { let target_user_id = UserId::try_from(&**state_key).map_err(|_| {
Error::BadRequest( Error::BadRequest(