From 02d745827bdbe01a82f9f069a904f53197252685 Mon Sep 17 00:00:00 2001 From: Gusted Date: Mon, 20 Jun 2022 01:48:17 +0200 Subject: [PATCH] Disable federation by default (#20045) --- custom/conf/app.example.ini | 14 ++++---- .../doc/advanced/config-cheat-sheet.en-us.md | 2 +- integrations/api_activitypub_person_test.go | 34 ++++++++++++------- integrations/api_nodeinfo_test.go | 13 ++++--- modules/setting/federation.go | 2 +- 5 files changed, 39 insertions(+), 26 deletions(-) diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini index c4b8913e4..80017a117 100644 --- a/custom/conf/app.example.ini +++ b/custom/conf/app.example.ini @@ -2249,27 +2249,27 @@ PATH = ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; ;; Enable/Disable federation capabilities -; ENABLED = true +;ENABLED = false ;; ;; Enable/Disable user statistics for nodeinfo if federation is enabled -; SHARE_USER_STATISTICS = true +;SHARE_USER_STATISTICS = true ;; ;; Maximum federation request and response size (MB) -; MAX_SIZE = 4 +;MAX_SIZE = 4 ;; ;; WARNING: Changing the settings below can break federation. ;; ;; HTTP signature algorithms -; ALGORITHMS = rsa-sha256, rsa-sha512, ed25519 +;ALGORITHMS = rsa-sha256, rsa-sha512, ed25519 ;; ;; HTTP signature digest algorithm -; DIGEST_ALGORITHM = SHA-256 +;DIGEST_ALGORITHM = SHA-256 ;; ;; GET headers for federation requests -; GET_HEADERS = (request-target), Date +;GET_HEADERS = (request-target), Date ;; ;; POST headers for federation requests -; POST_HEADERS = (request-target), Date, Digest +;POST_HEADERS = (request-target), Date, Digest ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; diff --git a/docs/content/doc/advanced/config-cheat-sheet.en-us.md b/docs/content/doc/advanced/config-cheat-sheet.en-us.md index b50e630a8..15628a7de 100644 --- a/docs/content/doc/advanced/config-cheat-sheet.en-us.md +++ b/docs/content/doc/advanced/config-cheat-sheet.en-us.md @@ -1088,7 +1088,7 @@ Task queue configuration has been moved to `queue.task`. However, the below conf ## Federation (`federation`) -- `ENABLED`: **true**: Enable/Disable federation capabilities +- `ENABLED`: **false**: Enable/Disable federation capabilities - `SHARE_USER_STATISTICS`: **true**: Enable/Disable user statistics for nodeinfo if federation is enabled - `MAX_SIZE`: **4**: Maximum federation request and response size (MB) diff --git a/integrations/api_activitypub_person_test.go b/integrations/api_activitypub_person_test.go index 4898d5e01..e19da4086 100644 --- a/integrations/api_activitypub_person_test.go +++ b/integrations/api_activitypub_person_test.go @@ -15,18 +15,21 @@ import ( user_model "code.gitea.io/gitea/models/user" "code.gitea.io/gitea/modules/activitypub" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/routers" ap "github.com/go-ap/activitypub" "github.com/stretchr/testify/assert" ) func TestActivityPubPerson(t *testing.T) { - onGiteaRun(t, func(*testing.T, *url.URL) { - setting.Federation.Enabled = true - defer func() { - setting.Federation.Enabled = false - }() + setting.Federation.Enabled = true + c = routers.NormalRoutes() + defer func() { + setting.Federation.Enabled = false + c = routers.NormalRoutes() + }() + onGiteaRun(t, func(*testing.T, *url.URL) { username := "user2" req := NewRequestf(t, "GET", fmt.Sprintf("/api/v1/activitypub/user/%s", username)) resp := MakeRequest(t, req, http.StatusOK) @@ -56,12 +59,14 @@ func TestActivityPubPerson(t *testing.T) { } func TestActivityPubMissingPerson(t *testing.T) { - onGiteaRun(t, func(*testing.T, *url.URL) { - setting.Federation.Enabled = true - defer func() { - setting.Federation.Enabled = false - }() + setting.Federation.Enabled = true + c = routers.NormalRoutes() + defer func() { + setting.Federation.Enabled = false + c = routers.NormalRoutes() + }() + onGiteaRun(t, func(*testing.T, *url.URL) { req := NewRequestf(t, "GET", "/api/v1/activitypub/user/nonexistentuser") resp := MakeRequest(t, req, http.StatusNotFound) assert.Contains(t, resp.Body.String(), "user redirect does not exist") @@ -69,15 +74,20 @@ func TestActivityPubMissingPerson(t *testing.T) { } func TestActivityPubPersonInbox(t *testing.T) { + setting.Federation.Enabled = true + c = routers.NormalRoutes() + defer func() { + setting.Federation.Enabled = false + c = routers.NormalRoutes() + }() + srv := httptest.NewServer(c) defer srv.Close() onGiteaRun(t, func(*testing.T, *url.URL) { appURL := setting.AppURL - setting.Federation.Enabled = true setting.AppURL = srv.URL defer func() { - setting.Federation.Enabled = false setting.Database.LogSQL = false setting.AppURL = appURL }() diff --git a/integrations/api_nodeinfo_test.go b/integrations/api_nodeinfo_test.go index c2fcd2fea..cf9ff4da1 100644 --- a/integrations/api_nodeinfo_test.go +++ b/integrations/api_nodeinfo_test.go @@ -11,17 +11,20 @@ import ( "code.gitea.io/gitea/modules/setting" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/routers" "github.com/stretchr/testify/assert" ) func TestNodeinfo(t *testing.T) { - onGiteaRun(t, func(*testing.T, *url.URL) { - setting.Federation.Enabled = true - defer func() { - setting.Federation.Enabled = false - }() + setting.Federation.Enabled = true + c = routers.NormalRoutes() + defer func() { + setting.Federation.Enabled = false + c = routers.NormalRoutes() + }() + onGiteaRun(t, func(*testing.T, *url.URL) { req := NewRequestf(t, "GET", "/api/v1/nodeinfo") resp := MakeRequest(t, req, http.StatusOK) var nodeinfo api.NodeInfo diff --git a/modules/setting/federation.go b/modules/setting/federation.go index b06d0a921..2a8ecadaf 100644 --- a/modules/setting/federation.go +++ b/modules/setting/federation.go @@ -21,7 +21,7 @@ var ( GetHeaders []string PostHeaders []string }{ - Enabled: true, + Enabled: false, ShareUserStatistics: true, MaxSize: 4, Algorithms: []string{"rsa-sha256", "rsa-sha512", "ed25519"},