mirror of
https://github.com/oxen-io/oxen-storage-server.git
synced 2023-12-13 21:00:26 +01:00
Enforce retrieval authentication at HF19 (except for namespace -10)
-10 is for legacy closed group messages, which will be the only unauthenticated-retrieval namespace starting at HF19.
This commit is contained in:
parent
84277ef035
commit
91337019f1
|
@ -66,7 +66,14 @@ class user_pubkey_t {
|
|||
std::string prefixed_raw() const;
|
||||
};
|
||||
|
||||
enum class namespace_id : int16_t { Default = 0, Min = -32768, Max = 32767 };
|
||||
enum class namespace_id : int16_t {
|
||||
Default = 0, // Ordinary Session messages
|
||||
Min = -32768,
|
||||
Max = 32767,
|
||||
SessionSync = 5, // Session sync data for imports & multidevice syncing
|
||||
ClosedV2 = 3, // Reserved for future Session closed group implementations
|
||||
LegacyClosed = -10, // For storage of "old" closed group messages; allows unauthenticated retrieval
|
||||
};
|
||||
|
||||
constexpr bool is_public_namespace(namespace_id ns) {
|
||||
return static_cast<std::underlying_type_t<namespace_id>>(ns) % 10 == 0;
|
||||
|
|
|
@ -407,7 +407,7 @@ static void load(retrieve& r, Dict& d) {
|
|||
require_exactly_one_of("pubkey", pubkey, "pubKey", pubKey, true);
|
||||
auto& pk = pubkey ? pubkey : pubKey;
|
||||
|
||||
if (pk_ed25519 || sig || ts || msg_ns) {
|
||||
if (pk_ed25519 || sig || ts || (msg_ns && *msg_ns != namespace_id::LegacyClosed)) {
|
||||
load_pk_signature(r, d, pk, pk_ed25519, sig);
|
||||
r.timestamp = std::move(*ts);
|
||||
r.check_signature = true;
|
||||
|
|
|
@ -570,6 +570,17 @@ void RequestHandler::process_client_req(
|
|||
return cb(handle_wrong_swarm(req.pubkey));
|
||||
|
||||
auto now = system_clock::now();
|
||||
|
||||
// At HF19 start requiring authentication for all retrievals (except legacy closed groups, which
|
||||
// can't be authenticated for technical reasons).
|
||||
if (service_node_.hf_at_least(HARDFORK_RETRIEVE_AUTH) &&
|
||||
req.msg_namespace != namespace_id::LegacyClosed) {
|
||||
if (!req.check_signature) {
|
||||
OXEN_LOG(debug, "retrieve: request signature required as of HF19");
|
||||
return cb(Response{http::UNAUTHORIZED, "retrieve: request signature required"sv});
|
||||
}
|
||||
}
|
||||
|
||||
if (req.check_signature) {
|
||||
if (req.timestamp < now - SIGNATURE_TOLERANCE ||
|
||||
req.timestamp > now + SIGNATURE_TOLERANCE) {
|
||||
|
|
|
@ -41,6 +41,10 @@ using hf_revision = std::pair<int, int>;
|
|||
// The earliest hardfork *this* version of storage server will work on:
|
||||
inline constexpr hf_revision STORAGE_SERVER_HARDFORK = {18, 1};
|
||||
|
||||
// The hardfork at which we require authentication for (almost) all retrieval. (Message namespace
|
||||
// -10 is temporarily exempt for closed group backwards support).
|
||||
inline constexpr hf_revision HARDFORK_RETRIEVE_AUTH = {19, 0};
|
||||
|
||||
class OxenmqServer;
|
||||
struct OnionRequestMetadata;
|
||||
class Swarm;
|
||||
|
|
Loading…
Reference in a new issue