diff --git a/cmd/realy/app/implementation.go b/cmd/realy/app/implementation.go index 873bf92..bac5d80 100644 --- a/cmd/realy/app/implementation.go +++ b/cmd/realy/app/implementation.go @@ -60,11 +60,17 @@ func (r *Relay) Init() (err er) { } return fmt.Sprintf("%v", ownerIds) }) + r.ZeroLists() + r.CheckOwnerLists(context.Bg()) + return nil +} + +func (r *Relay) ZeroLists() { r.Followed = make(map[st]struct{}) r.OwnersFollowed = make(map[st]struct{}) + r.OwnersFollowLists = r.OwnersFollowLists[:0] r.Muted = make(map[st]struct{}) - r.CheckOwnerLists(context.Bg()) - return nil + r.OwnersMuteLists = r.OwnersMuteLists[:0] } func (r *Relay) AcceptEvent(c cx, evt *event.T, hr *http.Request, origin st, @@ -92,11 +98,7 @@ func (r *Relay) AcceptEvent(c cx, evt *event.T, hr *http.Request, origin st, for o := range r.OwnersFollowed { if equals(by(o), evt.PubKey) { return true, "", func() { - r.Followed = make(map[st]struct{}) - r.OwnersFollowed = make(map[st]struct{}) - r.OwnersFollowLists = r.OwnersFollowLists[:0] - r.Muted = make(map[st]struct{}) - r.OwnersMuteLists = r.OwnersMuteLists[:0] + r.ZeroLists() r.CheckOwnerLists(context.Bg()) } } @@ -107,11 +109,7 @@ func (r *Relay) AcceptEvent(c cx, evt *event.T, hr *http.Request, origin st, for _, o := range r.Owners { if equals(o, evt.PubKey) { return true, "", func() { - r.Followed = make(map[st]struct{}) - r.OwnersFollowed = make(map[st]struct{}) - r.OwnersFollowLists = r.OwnersFollowLists[:0] - r.Muted = make(map[st]struct{}) - r.OwnersMuteLists = r.OwnersMuteLists[:0] + r.ZeroLists() r.CheckOwnerLists(context.Bg()) } } @@ -128,7 +126,7 @@ func (r *Relay) AcceptEvent(c cx, evt *event.T, hr *http.Request, origin st, tt := tag.New(append(r.OwnersFollowLists, r.OwnersMuteLists...)...) if evt.Tags.ContainsAny(by("e"), tt) { return false, - "cannot delete owner's follow, owners's follows follow or mute events", + "cannot delete owner's follow, owners' follows follow or mute events", nil } // next, check all a tags present are not follow/mute lists of the owners @@ -173,7 +171,7 @@ func (r *Relay) AcceptEvent(c cx, evt *event.T, hr *http.Request, origin st, // they come from a pubkey that is on the follow list. for pk := range r.Muted { if equals(evt.PubKey, by(pk)) { - return false, "rejecting event with pubkey " + st(evt.PubKey) + + return false, "rejecting event with pubkey " + hex.Enc(evt.PubKey) + " because on owner mute list", nil } } @@ -201,6 +199,7 @@ func (r *Relay) AcceptReq(c cx, hr *http.Request, id by, ff *filters.T, authedPubkey by) (allowed *filters.T, ok bo) { // if the authenticator is enabled we require auth to process requests if !r.AuthEnabled() { + allowed = ff ok = true return } @@ -356,12 +355,12 @@ func (r *Relay) CheckOwnerLists(c cx) { } } -func (r *Relay) AuthEnabled() bo { return r.C.AuthRequired } +func (r *Relay) AuthEnabled() bo { return r.AuthRequired || len(r.Owners) > 0 } // ServiceUrl returns the address of the relay to send back in auth responses. // If auth is disabled this returns an empty string. func (r *Relay) ServiceUrl(req *http.Request) (s st) { - if !r.C.AuthRequired { + if !r.AuthEnabled() { return } host := req.Header.Get("X-Forwarded-Host") diff --git a/number/list.go b/number/list.go index f5ebfbe..dce257c 100644 --- a/number/list.go +++ b/number/list.go @@ -4,6 +4,10 @@ import "fmt" type List []no +func (l List) Len() int { return len(l) } +func (l List) Less(i, j int) bool { return l[i] < l[j] } +func (l List) Swap(i, j int) { l[i], l[j] = l[j], l[i] } + // HasNumber returns true if the list contains a given number func (l List) HasNumber(n no) (idx no, has bo) { for idx = range l { diff --git a/realy/handleAdmin.go b/realy/handleAdmin.go index fba540e..a426234 100644 --- a/realy/handleAdmin.go +++ b/realy/handleAdmin.go @@ -90,6 +90,10 @@ func (s *Server) handleAdmin(w http.ResponseWriter, r *http.Request) { sto := s.relay.Storage(context.Bg()) read := io.LimitReader(r.Body, r.ContentLength) sto.Import(read) + if realy, ok := s.relay.(*app.Relay); ok { + realy.ZeroLists() + realy.CheckOwnerLists(context.Bg()) + } case strings.HasPrefix(r.URL.Path, "/shutdown"): if ok := s.auth(r); !ok { s.unauthorized(w) diff --git a/realy/handleCount.go b/realy/handleCount.go index 7181b74..46c7a59 100644 --- a/realy/handleCount.go +++ b/realy/handleCount.go @@ -19,7 +19,7 @@ func (s *Server) handleCount(c context.T, ws *web.Socket, req by, store store.I) return normalize.Restricted.F("this relay does not support NIP-45") } if ws.AuthRequested() && len(ws.Authed()) == 0 { - return + return by("awaiting auth for count") } var err er var rem by diff --git a/realy/handleEvent.go b/realy/handleEvent.go index 9fbdb28..dbe3e92 100644 --- a/realy/handleEvent.go +++ b/realy/handleEvent.go @@ -2,6 +2,7 @@ package realy import ( "bytes" + "strings" "realy.lol/envelopes/authenvelope" "realy.lol/envelopes/eventenvelope" @@ -21,6 +22,9 @@ import ( func (s *Server) handleEvent(c cx, ws *web.Socket, req by, sto store.I) (msg by) { log.T.F("handleEvent %s %s", ws.RealRemote(), req) + if ws.AuthRequested() && len(ws.Authed()) == 0 { + return by("awaiting auth for event") + } var err er var ok bo var rem by @@ -35,27 +39,33 @@ func (s *Server) handleEvent(c cx, ws *web.Socket, req by, sto store.I) (msg by) accept, notice, after := s.relay.AcceptEvent(c, env.T, ws.Req(), ws.RealRemote(), by(ws.Authed())) if !accept { - var auther relay.Authenticator - if auther, ok = s.relay.(relay.Authenticator); ok && auther.AuthEnabled() { - if !ws.AuthRequested() { - if err = okenvelope.NewFrom(env.ID, false, - normalize.AuthRequired.F("auth required for request processing")).Write(ws); chk.T(err) { - } - log.T.F("requesting auth from client %s", ws.RealRemote()) - if err = authenvelope.NewChallengeWith(ws.Challenge()).Write(ws); chk.T(err) { + if strings.Contains(notice, "mute") { + if err = okenvelope.NewFrom(env.ID, false, + normalize.Blocked.F(notice)).Write(ws); chk.T(err) { + } + } else { + var auther relay.Authenticator + if auther, ok = s.relay.(relay.Authenticator); ok && auther.AuthEnabled() { + if !ws.AuthRequested() { + if err = okenvelope.NewFrom(env.ID, false, + normalize.AuthRequired.F("auth required for request processing")).Write(ws); chk.T(err) { + } + log.T.F("requesting auth from client %s", ws.RealRemote()) + if err = authenvelope.NewChallengeWith(ws.Challenge()).Write(ws); chk.T(err) { + return + } + ws.RequestAuth() return - } - ws.RequestAuth() - return - } else { - if err = okenvelope.NewFrom(env.ID, false, - normalize.AuthRequired.F("auth required for storing events")).Write(ws); chk.T(err) { - } - log.T.F("requesting auth again from client %s", ws.RealRemote()) - if err = authenvelope.NewChallengeWith(ws.Challenge()).Write(ws); chk.T(err) { + } else { + if err = okenvelope.NewFrom(env.ID, false, + normalize.AuthRequired.F("auth required for storing events")).Write(ws); chk.T(err) { + } + log.T.F("requesting auth again from client %s", ws.RealRemote()) + if err = authenvelope.NewChallengeWith(ws.Challenge()).Write(ws); chk.T(err) { + return + } return } - return } } if err = okenvelope.NewFrom(env.ID, false, diff --git a/realy/handleReq.go b/realy/handleReq.go index 0c0a510..1e5c832 100644 --- a/realy/handleReq.go +++ b/realy/handleReq.go @@ -25,7 +25,7 @@ import ( func (s *Server) handleReq(c cx, ws *web.Socket, req by, sto store.I) (r by) { if ws.AuthRequested() && len(ws.Authed()) == 0 { - return + return by("awaiting auth for req") } var err er var rem by diff --git a/realy/version b/realy/version index 917b30e..0ce0d3f 100644 --- a/realy/version +++ b/realy/version @@ -1 +1 @@ -v1.2.37 \ No newline at end of file +v1.2.39 \ No newline at end of file diff --git a/relayinfo/types.go b/relayinfo/types.go index c30d0d3..cf177c5 100644 --- a/relayinfo/types.go +++ b/relayinfo/types.go @@ -4,6 +4,7 @@ import ( "encoding/json" "errors" "os" + "sort" "sync" "realy.lol/kinds" @@ -22,6 +23,7 @@ func GetList(items ...NIP) (n number.List) { for _, item := range items { n = append(n, item.N()) } + sort.Sort(n) return }