Disable federation by default (#20045)

This commit is contained in:
Gusted 2022-06-20 01:48:17 +02:00 committed by GitHub
parent e91229eefb
commit 02d745827b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 39 additions and 26 deletions

View file

@ -2249,27 +2249,27 @@ PATH =
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;; ;;
;; Enable/Disable federation capabilities ;; Enable/Disable federation capabilities
; ENABLED = true ;ENABLED = false
;; ;;
;; Enable/Disable user statistics for nodeinfo if federation is enabled ;; Enable/Disable user statistics for nodeinfo if federation is enabled
; SHARE_USER_STATISTICS = true ;SHARE_USER_STATISTICS = true
;; ;;
;; Maximum federation request and response size (MB) ;; Maximum federation request and response size (MB)
; MAX_SIZE = 4 ;MAX_SIZE = 4
;; ;;
;; WARNING: Changing the settings below can break federation. ;; WARNING: Changing the settings below can break federation.
;; ;;
;; HTTP signature algorithms ;; HTTP signature algorithms
; ALGORITHMS = rsa-sha256, rsa-sha512, ed25519 ;ALGORITHMS = rsa-sha256, rsa-sha512, ed25519
;; ;;
;; HTTP signature digest algorithm ;; HTTP signature digest algorithm
; DIGEST_ALGORITHM = SHA-256 ;DIGEST_ALGORITHM = SHA-256
;; ;;
;; GET headers for federation requests ;; GET headers for federation requests
; GET_HEADERS = (request-target), Date ;GET_HEADERS = (request-target), Date
;; ;;
;; POST headers for federation requests ;; POST headers for federation requests
; POST_HEADERS = (request-target), Date, Digest ;POST_HEADERS = (request-target), Date, Digest
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

View file

@ -1088,7 +1088,7 @@ Task queue configuration has been moved to `queue.task`. However, the below conf
## Federation (`federation`) ## Federation (`federation`)
- `ENABLED`: **true**: Enable/Disable federation capabilities - `ENABLED`: **false**: Enable/Disable federation capabilities
- `SHARE_USER_STATISTICS`: **true**: Enable/Disable user statistics for nodeinfo if federation is enabled - `SHARE_USER_STATISTICS`: **true**: Enable/Disable user statistics for nodeinfo if federation is enabled
- `MAX_SIZE`: **4**: Maximum federation request and response size (MB) - `MAX_SIZE`: **4**: Maximum federation request and response size (MB)

View file

@ -15,18 +15,21 @@ import (
user_model "code.gitea.io/gitea/models/user" user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/activitypub" "code.gitea.io/gitea/modules/activitypub"
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/routers"
ap "github.com/go-ap/activitypub" ap "github.com/go-ap/activitypub"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
func TestActivityPubPerson(t *testing.T) { func TestActivityPubPerson(t *testing.T) {
onGiteaRun(t, func(*testing.T, *url.URL) {
setting.Federation.Enabled = true setting.Federation.Enabled = true
c = routers.NormalRoutes()
defer func() { defer func() {
setting.Federation.Enabled = false setting.Federation.Enabled = false
c = routers.NormalRoutes()
}() }()
onGiteaRun(t, func(*testing.T, *url.URL) {
username := "user2" username := "user2"
req := NewRequestf(t, "GET", fmt.Sprintf("/api/v1/activitypub/user/%s", username)) req := NewRequestf(t, "GET", fmt.Sprintf("/api/v1/activitypub/user/%s", username))
resp := MakeRequest(t, req, http.StatusOK) resp := MakeRequest(t, req, http.StatusOK)
@ -56,12 +59,14 @@ func TestActivityPubPerson(t *testing.T) {
} }
func TestActivityPubMissingPerson(t *testing.T) { func TestActivityPubMissingPerson(t *testing.T) {
onGiteaRun(t, func(*testing.T, *url.URL) {
setting.Federation.Enabled = true setting.Federation.Enabled = true
c = routers.NormalRoutes()
defer func() { defer func() {
setting.Federation.Enabled = false setting.Federation.Enabled = false
c = routers.NormalRoutes()
}() }()
onGiteaRun(t, func(*testing.T, *url.URL) {
req := NewRequestf(t, "GET", "/api/v1/activitypub/user/nonexistentuser") req := NewRequestf(t, "GET", "/api/v1/activitypub/user/nonexistentuser")
resp := MakeRequest(t, req, http.StatusNotFound) resp := MakeRequest(t, req, http.StatusNotFound)
assert.Contains(t, resp.Body.String(), "user redirect does not exist") assert.Contains(t, resp.Body.String(), "user redirect does not exist")
@ -69,15 +74,20 @@ func TestActivityPubMissingPerson(t *testing.T) {
} }
func TestActivityPubPersonInbox(t *testing.T) { func TestActivityPubPersonInbox(t *testing.T) {
setting.Federation.Enabled = true
c = routers.NormalRoutes()
defer func() {
setting.Federation.Enabled = false
c = routers.NormalRoutes()
}()
srv := httptest.NewServer(c) srv := httptest.NewServer(c)
defer srv.Close() defer srv.Close()
onGiteaRun(t, func(*testing.T, *url.URL) { onGiteaRun(t, func(*testing.T, *url.URL) {
appURL := setting.AppURL appURL := setting.AppURL
setting.Federation.Enabled = true
setting.AppURL = srv.URL setting.AppURL = srv.URL
defer func() { defer func() {
setting.Federation.Enabled = false
setting.Database.LogSQL = false setting.Database.LogSQL = false
setting.AppURL = appURL setting.AppURL = appURL
}() }()

View file

@ -11,17 +11,20 @@ import (
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
api "code.gitea.io/gitea/modules/structs" api "code.gitea.io/gitea/modules/structs"
"code.gitea.io/gitea/routers"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
func TestNodeinfo(t *testing.T) { func TestNodeinfo(t *testing.T) {
onGiteaRun(t, func(*testing.T, *url.URL) {
setting.Federation.Enabled = true setting.Federation.Enabled = true
c = routers.NormalRoutes()
defer func() { defer func() {
setting.Federation.Enabled = false setting.Federation.Enabled = false
c = routers.NormalRoutes()
}() }()
onGiteaRun(t, func(*testing.T, *url.URL) {
req := NewRequestf(t, "GET", "/api/v1/nodeinfo") req := NewRequestf(t, "GET", "/api/v1/nodeinfo")
resp := MakeRequest(t, req, http.StatusOK) resp := MakeRequest(t, req, http.StatusOK)
var nodeinfo api.NodeInfo var nodeinfo api.NodeInfo

View file

@ -21,7 +21,7 @@ var (
GetHeaders []string GetHeaders []string
PostHeaders []string PostHeaders []string
}{ }{
Enabled: true, Enabled: false,
ShareUserStatistics: true, ShareUserStatistics: true,
MaxSize: 4, MaxSize: 4,
Algorithms: []string{"rsa-sha256", "rsa-sha512", "ed25519"}, Algorithms: []string{"rsa-sha256", "rsa-sha512", "ed25519"},