Avoid local network communication / invalid url requests

[friendica.git] / src / Worker / Notifier.php

diff --git a/src/Worker/Notifier.php b/src/Worker/Notifier.php
index c09faca89b27c033fce18894a934b94a6e22af89..e4189c2c75c4b2fb12e1c09c8d2a8ff466c734f9 100644 (file)
--- a/src/Worker/Notifier.php
+++ b/src/Worker/Notifier.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @copyright Copyright (C) 2010-2022, the Friendica project
+ * @copyright Copyright (C) 2010-2023, the Friendica project
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -30,6 +30,7 @@ use Friendica\DI;
 use Friendica\Model\Contact;
 use Friendica\Model\Conversation;
 use Friendica\Model\Group;
+use Friendica\Model\GServer;
 use Friendica\Model\Item;
 use Friendica\Model\Post;
 use Friendica\Model\PushSubscriber;
@@ -38,8 +39,10 @@ use Friendica\Model\User;
 use Friendica\Protocol\Activity;
 use Friendica\Protocol\ActivityPub;
 use Friendica\Protocol\Diaspora;
+use Friendica\Protocol\Delivery;
 use Friendica\Protocol\OStatus;
 use Friendica\Protocol\Salmon;
+use Friendica\Util\LDSignature;
 use Friendica\Util\Network;
 use Friendica\Util\Strings;
 
@@ -99,7 +102,7 @@ class Notifier
                        $uid = $target_id;
 
                        $condition = ['uid' => $target_id, 'self' => false, 'network' => [Protocol::DFRN, Protocol::DIASPORA]];
-                       $delivery_contacts_stmt = DBA::select('contact', ['id', 'url', 'addr', 'network', 'protocol', 'batch'], $condition);
+                       $delivery_contacts_stmt = DBA::select('contact', ['id', 'url', 'addr', 'network', 'protocol', 'baseurl', 'gsid', 'batch'], $condition);
                } else {
                        $post = Post::selectFirst(['id'], ['uri-id' => $post_uriid, 'uid' => $sender_uid]);
                        if (!DBA::isResult($post)) {
@@ -425,7 +428,7 @@ class Notifier
                        if (!empty($networks)) {
                                $condition['network'] = $networks;
                        }
-                       $delivery_contacts_stmt = DBA::select('contact', ['id', 'addr', 'url', 'network', 'protocol', 'batch'], $condition);
+                       $delivery_contacts_stmt = DBA::select('contact', ['id', 'addr', 'url', 'network', 'protocol', 'baseurl', 'gsid', 'batch'], $condition);
                }
 
                $conversants = [];
@@ -437,7 +440,7 @@ class Notifier
                        if ($diaspora_delivery && !$unlisted) {
                                $batch_delivery = true;
 
-                               $participants = DBA::selectToArray('contact', ['batch', 'network', 'protocol', 'id', 'url', 'name'],
+                               $participants = DBA::selectToArray('contact', ['batch', 'network', 'protocol', 'baseurl', 'gsid', 'id', 'url', 'name'],
                                        ["`network` = ? AND `batch` != '' AND `uid` = ? AND `rel` != ? AND NOT `blocked` AND NOT `pending` AND NOT `archive`", Protocol::DIASPORA, $owner['uid'], Contact::SHARING],
                                        ['group_by' => ['batch', 'network', 'protocol']]);
 
@@ -449,7 +452,7 @@ class Notifier
                        $condition = ['network' => Protocol::DFRN, 'uid' => $owner['uid'], 'blocked' => false,
                                'pending' => false, 'archive' => false, 'rel' => [Contact::FOLLOWER, Contact::FRIEND]];
 
-                       $contacts = DBA::selectToArray('contact', ['id', 'url', 'addr', 'name', 'network', 'protocol'], $condition);
+                       $contacts = DBA::selectToArray('contact', ['id', 'url', 'addr', 'name', 'network', 'protocol', 'baseurl', 'gsid'], $condition);
 
                        $conversants = array_merge($contacts, $participants);
 
@@ -514,7 +517,11 @@ class Notifier
 
                foreach ($contacts as $contact) {
                        // Direct delivery of local contacts
-                       if (!in_array($cmd, [Delivery::RELOCATION, Delivery::SUGGESTION, Delivery::DELETION, Delivery::MAIL]) && $target_uid = User::getIdForURL($contact['url'])) {
+                       if (!in_array($cmd, [Delivery::RELOCATION, Delivery::SUGGESTION, Delivery::MAIL]) && $target_uid = User::getIdForURL($contact['url'])) {
+                               if ($cmd == Delivery::DELETION) {
+                                       Logger::info('No need to deliver deletions internally', ['uid' => $target_uid, 'guid' => $target_item['guid'], 'uri-id' => $target_item['uri-id'], 'uri' => $target_item['uri']]);
+                                       continue;
+                               }
                                if ($target_item['origin'] || ($target_item['network'] != Protocol::ACTIVITYPUB)) {
                                        if ($target_uid != $target_item['uid']) {
                                                $fields = ['protocol' => Conversation::PARCEL_LOCAL_DFRN, 'direction' => Conversation::PUSH, 'post-reason' => Item::PR_DIRECT];
@@ -563,6 +570,19 @@ class Notifier
                                continue;
                        }
 
+                       if (empty($contact['gsid'])) {
+                               $reachable = GServer::reachable($contact);
+                       } elseif (!DI::config()->get('system', 'bulk_delivery')) {
+                               $reachable = GServer::isReachableById($contact['gsid']);
+                       } else {
+                               $reachable = !GServer::isDefunctById($contact['gsid']);
+                       }
+
+                       if (!$reachable) {
+                               Logger::info('Server is not reachable', ['id' => $post_uriid, 'uid' => $sender_uid, 'contact' => $contact]);
+                               continue;
+                       }
+
                        Logger::info('Delivery', ['batch' => $in_batch, 'target' => $post_uriid, 'uid' => $sender_uid, 'guid' => $target_item['guid'] ?? '', 'to' => $contact]);
 
                        // Ensure that posts with our own protocol arrives before Diaspora posts arrive.
@@ -575,9 +595,17 @@ class Notifier
                                $deliver_options = ['priority' => $a->getQueueValue('priority'), 'created' => $a->getQueueValue('created'), 'dont_fork' => true];
                        }
 
-                       if (Worker::add($deliver_options, 'Delivery', $cmd, $post_uriid, (int)$contact['id'], $sender_uid)) {
+                       if (!empty($contact['gsid']) && DI::config()->get('system', 'bulk_delivery')) {
                                $delivery_queue_count++;
+                               $deliveryQueueItem = DI::deliveryQueueItemFactory()->createFromDelivery($cmd, $post_uriid, new \DateTimeImmutable($target_item['created']), $contact['id'], $contact['gsid'], $sender_uid);
+                               DI::deliveryQueueItemRepo()->save($deliveryQueueItem);
+                               Worker::add(['priority' => Worker::PRIORITY_HIGH, 'dont_fork' => true], 'BulkDelivery', $contact['gsid']);
+                       } else {
+                               if (Worker::add($deliver_options, 'Delivery', $cmd, $post_uriid, (int)$contact['id'], $sender_uid)) {
+                                       $delivery_queue_count++;
+                               }
                        }
+
                        Worker::coolDown();
                }
                return $delivery_queue_count;
@@ -772,6 +800,7 @@ class Notifier
                        }
 
                        Logger::info('Origin item will be distributed', ['id' => $target_item['id'], 'url' => $target_item['uri'], 'verb' => $target_item['verb']]);
+                       $check_signature = false;
                } elseif (!Post\Activity::exists($target_item['uri-id'])) {
                        Logger::info('Remote item is no AP post. It will not be distributed.', ['id' => $target_item['id'], 'url' => $target_item['uri'], 'verb' => $target_item['verb']]);
                        return ['count' => 0, 'contacts' => []];
@@ -783,6 +812,7 @@ class Notifier
                        }
 
                        Logger::info('Remote item will be distributed', ['id' => $target_item['id'], 'url' => $target_item['uri'], 'verb' => $target_item['verb']]);
+                       $check_signature = ($target_item['gravity'] == Item::GRAVITY_ACTIVITY); 
                } else {
                        Logger::info('Remote activity will not be distributed', ['id' => $target_item['id'], 'url' => $target_item['uri'], 'verb' => $target_item['verb']]);
                        return ['count' => 0, 'contacts' => []];
@@ -794,7 +824,16 @@ class Notifier
                }
 
                // Fill the item cache
-               ActivityPub\Transmitter::createCachedActivityFromItem($target_item['id'], true);
+               $activity = ActivityPub\Transmitter::createCachedActivityFromItem($target_item['id'], true);
+               if (empty($activity)) {
+                       Logger::info('Item cache was not created. The post will not be distributed.', ['id' => $target_item['id'], 'url' => $target_item['uri'], 'verb' => $target_item['verb']]);
+                       return ['count' => 0, 'contacts' => []];
+               }
+
+               if ($check_signature && !LDSignature::isSigned($activity)) {
+                       Logger::info('Unsigned remote activity will not be distributed', ['id' => $target_item['id'], 'url' => $target_item['uri'], 'verb' => $target_item['verb']]);
+                       return ['count' => 0, 'contacts' => []];
+               }
 
                $delivery_queue_count = 0;
                $contacts = [];
@@ -804,7 +843,11 @@ class Notifier
 
                        if ((count($receivers) == 1) && Network::isLocalLink($inbox)) {
                                $contact = Contact::getById($receivers[0], ['url']);
-                               if (!in_array($cmd, [Delivery::RELOCATION, Delivery::SUGGESTION, Delivery::DELETION, Delivery::MAIL]) && ($target_uid = User::getIdForURL($contact['url']))) {
+                               if (!in_array($cmd, [Delivery::RELOCATION, Delivery::SUGGESTION, Delivery::MAIL]) && ($target_uid = User::getIdForURL($contact['url']))) {
+                                       if ($cmd == Delivery::DELETION) {
+                                               Logger::info('No need to deliver deletions internally', ['uid' => $target_uid, 'guid' => $target_item['guid'], 'uri-id' => $target_item['uri-id'], 'uri' => $target_item['uri']]);
+                                               continue;
+                                       }
                                        if ($target_item['origin'] || ($target_item['network'] != Protocol::ACTIVITYPUB)) {
                                                if ($target_uid != $target_item['uid']) {
                                                        $fields = ['protocol' => Conversation::PARCEL_LOCAL_DFRN, 'direction' => Conversation::PUSH, 'post-reason' => Item::PR_BCC];
@@ -827,7 +870,7 @@ class Notifier
                        if (DI::config()->get('system', 'bulk_delivery')) {
                                $delivery_queue_count++;
                                Post\Delivery::add($target_item['uri-id'], $uid, $inbox, $target_item['created'], $cmd, $receivers);
-                               Worker::add(Worker::PRIORITY_HIGH, 'APDelivery', '', 0, $inbox, 0);
+                               Worker::add([Worker::PRIORITY_HIGH, 'dont_fork' => true], 'APDelivery', '', 0, $inbox, 0);
                        } else {
                                if (Worker::add(['priority' => $priority, 'created' => $created, 'dont_fork' => true],
                                                'APDelivery', $cmd, $target_item['id'], $inbox, $uid, $receivers, $target_item['uri-id'])) {
@@ -844,7 +887,7 @@ class Notifier
                        if (DI::config()->get('system', 'bulk_delivery')) {
                                $delivery_queue_count++;
                                Post\Delivery::add($target_item['uri-id'], $uid, $inbox, $target_item['created'], $cmd, []);
-                               Worker::add(Worker::PRIORITY_MEDIUM, 'APDelivery', '', 0, $inbox, 0);
+                               Worker::add([Worker::PRIORITY_MEDIUM, 'dont_fork' => true], 'APDelivery', '', 0, $inbox, 0);
                        } else {
                                if (Worker::add(['priority' => $priority, 'dont_fork' => true], 'APDelivery', $cmd, $target_item['id'], $inbox, $uid, [], $target_item['uri-id'])) {
                                        $delivery_queue_count++;