deny connections for banned keys

2021-04-07 10:53:57 +02:00 · 2021-04-07 10:53:57 +02:00 · 83500421f8
parent 764b15f4eb
commit 83500421f8
4 changed files with 12 additions and 3 deletions
--- a/cmd/server/main.go
+++ b/cmd/server/main.go
@ -229,6 +229,7 @@ func runroomsrv() error {
 	// create the shs+muxrpc server
 	roomsrv, err := mksrv.New(
 		db.Members,
+		db.DeniedKeys,
 		db.Aliases,
 		db.AuthWithSSB,
 		bridge,
--- a/roomdb/interface.go
+++ b/roomdb/interface.go
@ -94,7 +94,7 @@ type DeniedKeysService interface {
 	// HasFeed returns true if a feed is on the list.
 	HasFeed(context.Context, refs.FeedRef) bool

-	// HasFeed returns true if a feed is on the list.
+	// HasID returns true if a member id is on the list.
 	HasID(context.Context, int64) bool

 	// GetByID returns the list entry for that ID or an error
--- a/roomsrv/init_network.go
+++ b/roomsrv/init_network.go
@ -40,6 +40,11 @@ func (s *Server) initNetwork() error {
 			}
 		}

+		// if feed is in the deny list, deny their connection
+		if s.DeniedKeys.HasFeed(s.rootCtx, *remote) {
+			return nil, fmt.Errorf("this key has been banned")
+		}
+
 		// for community + open modes, allow all connections
 		return &s.public, nil
 	}
--- a/roomsrv/server.go
+++ b/roomsrv/server.go
@ -65,8 +65,9 @@ type Server struct {

 	StateManager *roomstate.Manager

-	Members roomdb.MembersService
-	Aliases roomdb.AliasesService
+	Members    roomdb.MembersService
+	DeniedKeys roomdb.DeniedKeysService
+	Aliases    roomdb.AliasesService

 	authWithSSB       roomdb.AuthWithSSBService
 	authWithSSBBridge *signinwithssb.SignalBridge
@ -79,6 +80,7 @@ func (s Server) Whoami() refs.FeedRef {

 func New(
 	membersdb roomdb.MembersService,
+	deniedkeysdb roomdb.DeniedKeysService,
 	aliasdb roomdb.AliasesService,
 	awsdb roomdb.AuthWithSSBService,
 	bridge *signinwithssb.SignalBridge,
@ -90,6 +92,7 @@ func New(
 	s.authorizer = membersdb

 	s.Members = membersdb
+	s.DeniedKeys = deniedkeysdb
 	s.Aliases = aliasdb
 	s.Config = config