Merge branch 'develop' into l10n_develop

2 files changed, 88 insertions, 21 deletions

diff --git a/src/queue/processors/http/deliver.ts b/src/queue/processors/http/deliver.ts
index e14a162105..621219fec6 100644
--- a/src/queue/processors/http/deliver.ts
+++ b/src/queue/processors/http/deliver.ts
@@ -7,19 +7,18 @@ export default async (job: bq.Job, done: any): Promise<void> => {
 		await request(job.data.user, job.data.to, job.data.content);
 		done();
 	} catch (res) {
-		if (res == null || !res.hasOwnProperty('statusCode')) {
-			console.warn(`deliver failed (unknown): ${res}`);
-			return done();
-		}
-
-		if (res.statusCode == null) return done();
-		if (res.statusCode >= 400 && res.statusCode < 500) {
-			// HTTPステータスコード4xxはクライアントエラーであり、それはつまり
-			// 何回再送しても成功することはないということなのでエラーにはしないでおく
-			done();
+		if (res != null && res.hasOwnProperty('statusCode')) {
+			if (res.statusCode >= 400 && res.statusCode < 500) {
+				// HTTPステータスコード4xxはクライアントエラーであり、それはつまり
+				// 何回再送しても成功することはないということなのでエラーにはしないでおく
+				done();
+			} else {
+				console.warn(`deliver failed: ${res.statusCode} ${res.statusMessage} to=${job.data.to}`);
+				done(res.statusMessage);
+			}
 		} else {
-			console.warn(`deliver failed: ${res.statusMessage}`);
-			done(res.statusMessage);
+			console.warn(`deliver failed: ${res} to=${job.data.to}`);
+			done();
 		}
 	}
 };
diff --git a/src/queue/processors/http/process-inbox.ts b/src/queue/processors/http/process-inbox.ts
index c9c2fa72cb..8e6b3769de 100644
--- a/src/queue/processors/http/process-inbox.ts
+++ b/src/queue/processors/http/process-inbox.ts
@@ -5,7 +5,9 @@ const httpSignature = require('http-signature');
 import parseAcct from '../../../misc/acct/parse';
 import User, { IRemoteUser } from '../../../models/user';
 import perform from '../../../remote/activitypub/perform';
-import { resolvePerson } from '../../../remote/activitypub/models/person';
+import { resolvePerson, updatePerson } from '../../../remote/activitypub/models/person';
+import { toUnicode } from 'punycode';
+import { URL } from 'url';
 
 const log = debug('misskey:queue:inbox');
 
@@ -32,22 +34,51 @@ export default async (job: bq.Job, done: any): Promise<void> => {
 			return;
 		}
 
-		user = await User.findOne({ usernameLower: username, host: host.toLowerCase() }) as IRemoteUser;
-
-		// アクティビティを送信してきたユーザーがまだMisskeyサーバーに登録されていなかったら登録する
-		if (user === null) {
-			user = await resolvePerson(activity.actor) as IRemoteUser;
+		// アクティビティ内のホストの検証
+		try {
+			ValidateActivity(activity, host);
+		} catch (e) {
+			console.warn(e.message);
+			done();
+			return;
 		}
+
+		user = await User.findOne({ usernameLower: username, host: host.toLowerCase() }) as IRemoteUser;
 	} else {
+		// アクティビティ内のホストの検証
+		const host = toUnicode(new URL(signature.keyId).hostname.toLowerCase());
+		try {
+			ValidateActivity(activity, host);
+		} catch (e) {
+			console.warn(e.message);
+			done();
+			return;
+		}
+
 		user = await User.findOne({
 			host: { $ne: null },
 			'publicKey.id': signature.keyId
 		}) as IRemoteUser;
+	}
 
-		// アクティビティを送信してきたユーザーがまだMisskeyサーバーに登録されていなかったら登録する
-		if (user === null) {
-			user = await resolvePerson(activity.actor) as IRemoteUser;
+	// Update activityの場合は、ここで署名検証/更新処理まで実施して終了
+	if (activity.type === 'Update') {
+		if (activity.object && activity.object.type === 'Person') {
+			if (user == null) {
+				console.warn('Update activity received, but user not registed.');
+			} else if (!httpSignature.verifySignature(signature, user.publicKey.publicKeyPem)) {
+				console.warn('Update activity received, but signature verification failed.');
+			} else {
+				updatePerson(activity.actor, null, activity.object);
+			}
 		}
+		done();
+		return;
+	}
+
+	// アクティビティを送信してきたユーザーがまだMisskeyサーバーに登録されていなかったら登録する
+	if (user === null) {
+		user = await resolvePerson(activity.actor) as IRemoteUser;
 	}
 
 	if (user === null) {
@@ -69,3 +100,40 @@ export default async (job: bq.Job, done: any): Promise<void> => {
 		done(e);
 	}
 };
+
+/**
+ * Validate host in activity
+ * @param activity Activity
+ * @param host Expect host
+ */
+function ValidateActivity(activity: any, host: string) {
+	// id (if exists)
+	if (typeof activity.id === 'string') {
+		const uriHost = toUnicode(new URL(activity.id).hostname.toLowerCase());
+		if (host !== uriHost) {
+			const diag = activity.signature ? '. Has LD-Signature. Forwarded?' : '';
+			throw new Error(`activity.id(${activity.id}) has different host(${host})${diag}`);
+		}
+	}
+
+	// actor (if exists)
+	if (typeof activity.actor === 'string') {
+		const uriHost = toUnicode(new URL(activity.actor).hostname.toLowerCase());
+		if (host !== uriHost) throw new Error('activity.actor has different host');
+	}
+
+	// For Create activity
+	if (activity.type === 'Create' && activity.object) {
+		// object.id (if exists)
+		if (typeof activity.object.id === 'string') {
+			const uriHost = toUnicode(new URL(activity.object.id).hostname.toLowerCase());
+			if (host !== uriHost) throw new Error('activity.object.id has different host');
+		}
+
+		// object.attributedTo (if exists)
+		if (typeof activity.object.attributedTo === 'string') {
+			const uriHost = toUnicode(new URL(activity.object.attributedTo).hostname.toLowerCase());
+			if (host !== uriHost) throw new Error('activity.object.attributedTo has different host');
+		}
+	}
+}