pleroma.git - [no description]

Age	Commit message (Collapse)	Author
2022-05-31	hackney adapter helper & reverse proxy client: enable TLSv1.3	Pierre-Louis Bonicoli
	The list of TLS versions was added by 8bd2b6eb138ace3408a03c78ecc339fc35b19f10 when hackney version was pinned to 1.15.2. Later hackney version was upgraded (166455c88441b22455d996ed528ed4804514a3c0) but the list of TLS versions wasn't removed. From the hackney point of view, this list has been replaced by the OTP defaults since 0.16.0 (734694ea4e24f267864c459a2f050e943adc6694). It looks like the same issue already occurred before: 0cb7b0ea8477bdd7af2e5e9071843be5b8623dff. A way to test this issue (where example.com is an ActivityPub site which uses TLSv1.3 only): $ PLEROMA_CONFIG_PATH=/path/to/config.exs pleroma start_iex Erlang/OTP 22 [erts-10.7.2.16] [source] [64-bit] [smp:2:2] [ds:2:2:10] [async-threads:1] [hipe] Erlang/OTP 22 [erts-10.7.2.16] [source] [64-bit] [smp:2:2] [ds:2:2:10] [async-threads:1] [hipe] Interactive Elixir (1.10.4) - press Ctrl+C to exit (type h() ENTER for help) iex(pleroma@127.0.0.1)2> Pleroma.Object.Fetcher.fetch_and_contain_remote_object_from_id("https://example.com/@/Nick/") {:error, {:tls_alert, {:protocol_version, 'TLS client: In state hello received SERVER ALERT: Fatal - Protocol Version\n'}}} With this patch, the output is the expected one: iex(pleroma@127.0.0.1)3> Pleroma.Object.Fetcher.fetch_and_contain_remote_object_from_id("https://example.com/@/Nick/") {:error, {:ok, %{ "@context" => [ "https://www.w3.org/ns/activitystreams", "https://w3id.org/security/v1", %{ "Emoji" => "toot:Emoji", "Hashtag" => "as:Hashtag", "atomUri" => "ostatus:atomUri", "conversation" => "ostatus:conversation", "featured" => "toot:featured", "focalPoint" => %{"@container" => "@list", "@id" => "toot:focalPoint"}, "inReplyToAtomUri" => "ostatus:inReplyToAtomUri", "manuallyApprovesFollowers" => "as:manuallyApprovesFollowers", "movedTo" => "as:movedTo", "ostatus" => "http://ostatus.org#", "sensitive" => "as:sensitive", "toot" => "http://joinmastodon.org/ns#" } ], "endpoints" => %{"sharedInbox" => "https://example.com/inbox"}, "followers" => "https://example.com/@/Nick/followers", "following" => nil, "icon" => %{ "type" => "Image", "url" => "https://example.com/static/media/[...].png" }, "id" => "https://example.com/@/Nick/", "inbox" => "https://example.com/@/Nick/inbox", "liked" => nil, "name" => "Nick", "outbox" => "https://example.com/@/Nick/outbox", "preferredUsername" => "Nick", "publicKey" => %{ "id" => "https://example.com/@/Nick/#main-key", "owner" => "https://example.com/@/Nick/", "publicKeyPem" => "[...] }, "summary" => "", "type" => "Person", "url" => "https://example.com/@/Nick/" }} A way to test the reverse proxy bits of this issue (where example.com allows TLSv1.3 only): iex(pleroma@127.0.0.1)1> Pleroma.ReverseProxy.Client.Hackney.request("GET", "https://example.com", [], []) {:error, {:tls_alert, {:protocol_version, 'TLS client: In state hello received SERVER ALERT: Fatal - Protocol Version\n'}}}
2022-02-25	Copyright bump for 2022	Sean King

2021-12-16	Dirty hack to make mediaproxy functional by relying on Hackney for that part	Mark Felder

2021-06-04	ReverseProxy: create Client.Wrapper to call client from config	Alex Gleason
	Speeds up recompilation by reducing compile-time cycles
2021-01-13	Bump Copyright to 2021	Haelwenn (lanodan) Monnier
	grep -rl '# Copyright © .* Pleroma' * \| xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;'
2020-10-13	other files consistency	Alexander Strizhakov

2020-09-11	Merge remote-tracking branch 'remotes/origin/develop' into media-preview-proxy	Ivan Tashkinov
	# Conflicts: # lib/pleroma/instances/instance.ex
2020-09-10	pass options without adapter key	Alexander Strizhakov

2020-09-09	Merge branch 'develop' into media-preview-proxy	Mark Felder

2020-09-05	[#2497] Adjusted media proxy preview invalidation. Allowed client-side ↵	Ivan Tashkinov
	caching for media preview. Adjusted prewarmer to fetch only proxiable URIs. Removed :preview pool in favor of existing :media one. Misc. refactoring.
2020-09-04	fix for ReverseProxy	Alexander Strizhakov

2020-08-07	Merge remote-tracking branch 'remotes/origin/develop' into ↵	Ivan Tashkinov
	2168-media-preview-proxy # Conflicts: # mix.lock
2020-07-26	ReverseProxy tesla client: remove handling of old_conn	rinpatch
	This is no longer relevant because we use a custom FollowRedirects middleware now
2020-07-26	ReverseProxy: Fix a gun connection leak when there is an error with no	rinpatch
	body - Modify `close/1` function to do the same thing it does for hackney, which is - close the client rather than the whole connection - Release the connection when there is no body to chunk
2020-07-19	Merge remote-tracking branch 'remotes/origin/develop' into ↵	Ivan Tashkinov
	2168-media-preview-proxy # Conflicts: # config/config.exs # lib/pleroma/web/media_proxy/media_proxy.ex # mix.lock # test/web/media_proxy/media_proxy_test.exs
2020-07-15	Refactor gun pooling and simplify adapter option insertion	rinpatch
	This patch refactors gun pooling to use Elixir process registry and simplifies adapter option insertion. Having the pool use process registry instead of a GenServer has a number of advantages: - Simpler code: the initial implementation adds about half the lines of code it deletes - Concurrency: unlike a GenServer, ETS-based registry can handle multiple checkout/checkin requests at the same time - Precise and easy idle connection clousure: current proposal for closing idle connections in the GenServer-based pool needs to filter through all connections once a minute and compare their last active time with closing time. With Elixir process registry this can be done by just using `Process.send_after`/`Process.cancel_timer` in the worker process. - Lower memory footprint: In my tests `gun-memory-leak` branch uses about 290mb on peak load (250 connections) and 235mb on idle (5-10 connections). Registry-based pool uses 210mb on idle and 240mb on peak load
2020-07-10	Credo line length complaint	Mark Felder

2020-07-10	ReverseProxy: Streaming and disable encoding if Range	href
	Fixes #1823 Fixes #1860
2020-05-11	[#2497] Media preview proxy for images: fixes, tweaks, refactoring, tests ↵	Ivan Tashkinov
	adjustments.
2020-03-16	Merge branch 'develop' into gun	Alexander Strizhakov

2020-03-13	Lint	Mark Felder

2020-03-13	Update comment to reflect what the code is actually doing	Mark Felder

2020-03-13	Do not trust remote Cache-Control headers for mediaproxy	Mark Felder

2020-03-13	more clean up	Alexander Strizhakov

2020-03-03	Update Copyrights for gun related files	Mark Felder

2020-03-03	Merge branch 'develop' into gun	Mark Felder

2020-03-03	Update Copyrights	Mark Felder

2020-03-03	removing unnecessary with	Alexander Strizhakov
	comment in tesla client impovement
2020-03-03	Apply suggestion to lib/pleroma/reverse_proxy/client/tesla.ex	Alexander Strizhakov

2020-02-18	adding gun adapter	Alexander Strizhakov

2019-10-11	Make MediaProxy failure tracking less brutal	rinpatch
	The current failure tracking mechanism will never request anything that didn't respond with a success, 403, 404, or 5xx codes. This is causing issues when using in real fediverse because of weird status codes some software has and timeouts being frequent. This patch changes failure tracking mechanism to only never request the url again if it responded with 400, 204, or the body is too large, otherwise it can be re-requested in 60 seconds.
2019-10-01	Track failed proxy urls and don't request them again	Sergey Suprunenko

2019-08-16	Formatting	Mark Felder

2019-08-15	max_body_size -> max_body_length, as it should be	Mark Felder

2019-07-12	Merge the default options with custom ones in ReverseProxy and	rinpatch
	Pleroma.HTTP
2019-07-10	Add license/copyright to all project files	feld

2019-07-09	reverse proxy tests	Alexander Strizhakov