Merge remote-tracking branch 'origin/translations' into develop

diff --git a/CHANGELOG.md b/CHANGELOG.md
index eef3c53b8fe0347f0066b4051301a0f174243886..e2737611cc5acbc4c26d8163ea35c4c6f85db15b 100644 (file)
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -23,6 +23,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - Follow/Block/Mute imports now spin off into *n* tasks to avoid the oban timeout
 - Transient activities recieved from remote servers are no longer persisted in the database
 - Overhauled static-fe view for logged-out users
+- Blocked instances will now not be sent _any_ requests, even fetch ones that would get rejected by MRF anyhow
 
 ## Removed
 - FollowBotPolicy

diff --git a/lib/pleroma/object/fetcher.ex b/lib/pleroma/object/fetcher.ex
index cde4e503969e4a07f86e2a048afc4c08c3a449cd..8309ef64a042de3ffbb1da16a36c6869fca50fc8 100644 (file)
--- a/lib/pleroma/object/fetcher.ex
+++ b/lib/pleroma/object/fetcher.ex
@@ -116,7 +116,11 @@ defmodule Pleroma.Object.Fetcher do
 
   # Note: will create a Create activity, which we need internally at the moment.
   def fetch_object_from_id(id, options \\ []) do
-    with {_, nil} <- {:fetch_object, Object.get_cached_by_ap_id(id)},
+    with %URI{} = uri <- URI.parse(id),
+         # If we have instance restrictions, apply them here to prevent fetching from unwanted instances
+         {:ok, nil} <- Pleroma.Web.ActivityPub.MRF.SimplePolicy.check_reject(uri),
+         {:ok, _} <- Pleroma.Web.ActivityPub.MRF.SimplePolicy.check_accept(uri),
+         {_, nil} <- {:fetch_object, Object.get_cached_by_ap_id(id)},
          {_, true} <- {:allowed_depth, Federator.allowed_thread_distance?(options[:depth])},
          {_, {:ok, data}} <- {:fetch, fetch_and_contain_remote_object_from_id(id)},
          {_, nil} <- {:normalize, Object.normalize(data, fetch: false)},
@@ -155,6 +159,9 @@ defmodule Pleroma.Object.Fetcher do
       {:fetch, {:error, error}} ->
         {:error, error}
 
+      {:reject, reason} ->
+        {:reject, reason}
+
       e ->
         e
     end

diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex
index c8262b37b6a146942bfa0f7e3f34257fce42c02e..e32dd161e1883ef458b2de095982a673ba48b8ca 100644 (file)
--- a/lib/pleroma/user.ex
+++ b/lib/pleroma/user.ex
@@ -1922,7 +1922,7 @@ defmodule Pleroma.User do
         {:ok, user}
 
       e ->
-        Logger.error("Could not fetch user, #{inspect(e)}")
+        Logger.error("Could not fetch user #{ap_id}, #{inspect(e)}")
         {:error, :not_found}
     end
   end

diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex
index 521c8b8520c2aac8f11f5a8fa6d80519a257f617..3adb4ab5486dfb6746ac4ec89d80ceaa85b219ac 100644 (file)
--- a/lib/pleroma/web/activity_pub/activity_pub.ex
+++ b/lib/pleroma/web/activity_pub/activity_pub.ex
@@ -1711,7 +1711,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
       {:ok, maybe_update_follow_information(data)}
     else
       # If this has been deleted, only log a debug and not an error
-      {:error, {"Object has been deleted" = e, _, _}} ->
+      {:error, {"Object has been deleted", _, _} = e} ->
         Logger.debug("Could not decode user at fetch #{ap_id}, #{inspect(e)}")
         {:error, e}
 

diff --git a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex
index f7eb0f159326687e76b1f97c3690ad4636394caa..ba54eb67435b873a00112bb5c69599493d037408 100644 (file)
--- a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex
+++ b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex
@@ -13,7 +13,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
 
   require Pleroma.Constants
 
-  defp check_accept(%{host: actor_host} = _actor_info) do
+  def check_accept(%{host: actor_host} = _actor_info) do
     accepts =
       instance_list(:accept)
       |> MRF.subdomains_regex()
@@ -26,7 +26,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
     end
   end
 
-  defp check_reject(%{host: actor_host} = _actor_info) do
+  def check_reject(%{host: actor_host} = _actor_info) do
     rejects =
       instance_list(:reject)
       |> MRF.subdomains_regex()

diff --git a/lib/pleroma/web/activity_pub/transmogrifier.ex b/lib/pleroma/web/activity_pub/transmogrifier.ex
index b9d8536105c9173c30d78ee9d00a0ac989d6c241..77015241be0674fcb75ddf5fdbb15839bac2646d 100644 (file)
--- a/lib/pleroma/web/activity_pub/transmogrifier.ex
+++ b/lib/pleroma/web/activity_pub/transmogrifier.ex
@@ -136,7 +136,7 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
         |> Map.drop(["conversation", "inReplyToAtomUri"])
       else
         e ->
-          Logger.warn("Couldn't fetch #{inspect(in_reply_to_id)}, error: #{inspect(e)}")
+          Logger.warn("Couldn't fetch reply@#{inspect(in_reply_to_id)}, error: #{inspect(e)}")
           object
       end
     else
@@ -159,7 +159,7 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
         |> Map.put("quoteUri", quoted_object.data["id"])
       else
         e ->
-          Logger.warn("Couldn't fetch #{inspect(quote_url)}, error: #{inspect(e)}")
+          Logger.warn("Couldn't fetch quote@#{inspect(quote_url)}, error: #{inspect(e)}")
           object
       end
     else
@@ -833,7 +833,7 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
       Map.put(data, "object", external_url)
     else
       {:fetch, e} ->
-        Logger.error("Couldn't fetch #{object} #{inspect(e)}")
+        Logger.error("Couldn't fetch fixed_object@#{object} #{inspect(e)}")
         data
 
       _ ->

diff --git a/test/pleroma/object/fetcher_test.exs b/test/pleroma/object/fetcher_test.exs
index 22192d98f44124f09ea22a909f8b7198184a89fb..c76a09fd7142e7c3f82961afb2dc315376ea988f 100644 (file)
--- a/test/pleroma/object/fetcher_test.exs
+++ b/test/pleroma/object/fetcher_test.exs
@@ -161,6 +161,28 @@ defmodule Pleroma.Object.FetcherTest do
                )
     end
 
+    test "does not fetch anything from a rejected instance" do
+      clear_config([:mrf_simple, :reject], [{"evil.example.org", "i said so"}])
+
+      assert {:reject, _} =
+               Fetcher.fetch_object_from_id("http://evil.example.org/@admin/99541947525187367")
+    end
+
+    test "does not fetch anything if mrf_simple accept is on" do
+      clear_config([:mrf_simple, :accept], [{"mastodon.example.org", "i said so"}])
+      clear_config([:mrf_simple, :reject], [])
+
+      assert {:reject, _} =
+               Fetcher.fetch_object_from_id(
+                 "http://notlisted.example.org/@admin/99541947525187367"
+               )
+
+      assert {:ok, _object} =
+               Fetcher.fetch_object_from_id(
+                 "http://mastodon.example.org/@admin/99541947525187367"
+               )
+    end
+
     test "it resets instance reachability on successful fetch" do
       id = "http://mastodon.example.org/@admin/99541947525187367"
       Instances.set_consistently_unreachable(id)