projects / akkoma / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge remote-tracking branch 'remotes/origin/develop' into authenticated-api-oauth...
[akkoma] / lib / pleroma / gun / conn.ex
diff --git a/lib/pleroma/gun/conn.ex b/lib/pleroma/gun/conn.ex
index 9ae41909227b65635cd3bba3ba31b05c7431f4a1..cd25a2e746d1889f9b263daff6a3200917177780 100644 (file)
--- a/lib/pleroma/gun/conn.ex
+++ b/lib/pleroma/gun/conn.ex
@@ -6,7 +6,7 @@ defmodule Pleroma.Gun.Conn do
   @moduledoc """
   Struct for gun connection data
   """
-  alias Pleroma.Gun.API
+  alias Pleroma.Gun
   alias Pleroma.Pool.Connections
 
   require Logger
@@ -42,16 +42,17 @@ defmodule Pleroma.Gun.Conn do
     opts =
       opts
       |> Enum.into(%{})
-      |> Map.put_new(:retry, pool_opts[:retry] || 0)
-      |> Map.put_new(:retry_timeout, pool_opts[:retry_timeout] || 100)
+      |> Map.put_new(:retry, pool_opts[:retry] || 1)
+      |> Map.put_new(:retry_timeout, pool_opts[:retry_timeout] || 1000)
       |> Map.put_new(:await_up_timeout, pool_opts[:await_up_timeout] || 5_000)
+      |> maybe_add_tls_opts(uri)
 
     key = "#{uri.scheme}:#{uri.host}:#{uri.port}"
 
-    Logger.debug("opening new connection #{Connections.compose_uri_log(uri)}")
+    max_connections = pool_opts[:max_connections] || 250
 
     conn_pid =
-      if Connections.count(name) < opts[:max_connection] do
+      if Connections.count(name) < max_connections do
         do_open(uri, opts)
       else
         close_least_used_and_do_open(name, uri, opts)
@@ -65,11 +66,34 @@ defmodule Pleroma.Gun.Conn do
         last_reference: :os.system_time(:second)
       }
 
-      :ok = API.set_owner(conn_pid, Process.whereis(name))
+      :ok = Gun.set_owner(conn_pid, Process.whereis(name))
       Connections.add_conn(name, key, conn)
     end
   end
 
+  defp maybe_add_tls_opts(opts, %URI{scheme: "http"}), do: opts
+
+  defp maybe_add_tls_opts(opts, %URI{scheme: "https", host: host}) do
+    tls_opts = [
+      verify: :verify_peer,
+      cacertfile: CAStore.file_path(),
+      depth: 20,
+      reuse_sessions: false,
+      verify_fun:
+        {&:ssl_verify_hostname.verify_fun/3,
+         [check_hostname: Pleroma.HTTP.Connection.format_host(host)]}
+    ]
+
+    tls_opts =
+      if Keyword.keyword?(opts[:tls_opts]) do
+        Keyword.merge(tls_opts, opts[:tls_opts])
+      else
+        tls_opts
+      end
+
+    Map.put(opts, :tls_opts, tls_opts)
+  end
+
   defp do_open(uri, %{proxy: {proxy_host, proxy_port}} = opts) do
     connect_opts =
       uri
@@ -77,17 +101,17 @@ defmodule Pleroma.Gun.Conn do
       |> add_http2_opts(uri.scheme, Map.get(opts, :tls_opts, []))
 
     with open_opts <- Map.delete(opts, :tls_opts),
-         {:ok, conn} <- API.open(proxy_host, proxy_port, open_opts),
-         {:ok, _} <- API.await_up(conn, opts[:await_up_timeout]),
-         stream <- API.connect(conn, connect_opts),
-         {:response, :fin, 200, _} <- API.await(conn, stream) do
+         {:ok, conn} <- Gun.open(proxy_host, proxy_port, open_opts),
+         {:ok, _} <- Gun.await_up(conn, opts[:await_up_timeout]),
+         stream <- Gun.connect(conn, connect_opts),
+         {:response, :fin, 200, _} <- Gun.await(conn, stream) do
       conn
     else
       error ->
         Logger.warn(
-          "Received error on opening connection with http proxy #{
-            Connections.compose_uri_log(uri)
-          } #{inspect(error)}"
+          "Opening proxied connection to #{compose_uri_log(uri)} failed with error #{
+            inspect(error)
+          }"
         )
 
         error
@@ -115,15 +139,15 @@ defmodule Pleroma.Gun.Conn do
       |> Map.put(:protocols, [:socks])
       |> Map.put(:socks_opts, socks_opts)
 
-    with {:ok, conn} <- API.open(proxy_host, proxy_port, opts),
-         {:ok, _} <- API.await_up(conn, opts[:await_up_timeout]) do
+    with {:ok, conn} <- Gun.open(proxy_host, proxy_port, opts),
+         {:ok, _} <- Gun.await_up(conn, opts[:await_up_timeout]) do
       conn
     else
       error ->
         Logger.warn(
-          "Received error on opening connection with socks proxy #{
-            Connections.compose_uri_log(uri)
-          } #{inspect(error)}"
+          "Opening socks proxied connection to #{compose_uri_log(uri)} failed with error #{
+            inspect(error)
+          }"
         )
 
         error
@@ -133,15 +157,13 @@ defmodule Pleroma.Gun.Conn do
   defp do_open(%URI{host: host, port: port} = uri, opts) do
     host = Pleroma.HTTP.Connection.parse_host(host)
 
-    with {:ok, conn} <- API.open(host, port, opts),
-         {:ok, _} <- API.await_up(conn, opts[:await_up_timeout]) do
+    with {:ok, conn} <- Gun.open(host, port, opts),
+         {:ok, _} <- Gun.await_up(conn, opts[:await_up_timeout]) do
       conn
     else
       error ->
         Logger.warn(
-          "Received error on opening connection #{Connections.compose_uri_log(uri)} #{
-            inspect(error)
-          }"
+          "Opening connection to #{compose_uri_log(uri)} failed with error #{inspect(error)}"
         )
 
         error
@@ -160,16 +182,17 @@ defmodule Pleroma.Gun.Conn do
   defp add_http2_opts(opts, _, _), do: opts
 
   defp close_least_used_and_do_open(name, uri, opts) do
-    Logger.debug("try to open conn #{Connections.compose_uri_log(uri)}")
-
-    with [{close_key, least_used} | _conns] <-
-           Connections.get_unused_conns(name),
-         :ok <- Pleroma.Gun.API.close(least_used.conn) do
-      Connections.remove_conn(name, close_key)
+    with [{key, conn} | _conns] <- Connections.get_unused_conns(name),
+         :ok <- Gun.close(conn.conn) do
+      Connections.remove_conn(name, key)
 
       do_open(uri, opts)
     else
       [] -> {:error, :pool_overflowed}
     end
   end
+
+  def compose_uri_log(%URI{scheme: scheme, host: host, path: path}) do
+    "#{scheme}://#{host}#{path}"
+  end
 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git