Plume
/
Plume
7
9
Fork 8
Code Issues 132 Pull Requests 13 Releases 4 Wiki Activity
Labels Milestones
New Pull Request

#399 Support blind key rotation

Merged
Plume_migration_agent merged 3 commits from blind-key-rotation into master 1 year ago
Conversation 2 Commits 3 Files Changed 5
trinity-1686a commented 1 year ago

Fix #398

Fix #398 - [x] try to fetch user when receiving an invalid signature - [x] regenerate new key-pair when sending `Delete` activity
codecov[bot] commented 1 year ago (Migrated from github.com)
Owner

Codecov Report

Merging #399 into master will increase coverage by 0.21%.
The diff coverage is 0%.

@@            Coverage Diff             @@
##           master     #399      +/-   ##
==========================================
+ Coverage   27.87%   28.08%   +0.21%     
==========================================
  Files          63       63              
  Lines        7254     7405     +151     
==========================================
+ Hits         2022     2080      +58     
- Misses       5232     5325      +93
# [Codecov](https://codecov.io/gh/Plume-org/Plume/pull/399?src=pr&el=h1) Report > Merging [#399](https://codecov.io/gh/Plume-org/Plume/pull/399?src=pr&el=desc) into [master](https://codecov.io/gh/Plume-org/Plume/commit/3128e6a3b9963bda81f482e972eb853c0d564d35?src=pr&el=desc) will **increase** coverage by `0.21%`. > The diff coverage is `0%`. ```diff @@ Coverage Diff @@ ## master #399 +/- ## ========================================== + Coverage 27.87% 28.08% +0.21% ========================================== Files 63 63 Lines 7254 7405 +151 ========================================== + Hits 2022 2080 +58 - Misses 5232 5325 +93 ```
igalic (Migrated from github.com) reviewed 1 year ago
igalic (Migrated from github.com) left a comment

👀

src/routes/user.rs
Plume_migration_agent commented 1 year ago

should we be printing stuff here?

should we be printing stuff here?
trinity-1686a reviewed 1 year ago
src/routes/user.rs
trinity-1686a commented 1 year ago

I kept it because it was here before. If we had a proper logger this should get logged as this could be a an attack trial, but as it is, lost in stdout, I guess it’s more of a debugging print?

I kept it because it was here before. If we had a proper logger this should get logged as this could be a an attack trial, but as it is, lost in stdout, I guess it's more of a debugging print?
igalic (Migrated from github.com) reviewed 1 year ago
src/routes/user.rs
Plume_migration_agent commented 1 year ago

i was wondering where our (debugging) log was

i was wondering where our (debugging) log was
elegaanz (Migrated from github.com) reviewed 1 year ago
elegaanz (Migrated from github.com) left a comment

The code looks right, but I think I found a bug (maybe it’s only me). To reproduce:

  • Create a@plume.one and b@plume.two
  • Make them follow each other
  • a@plume.one posts two articles, they are received on plume.two as they should
  • a@plume.one deletes one of these articles, and it is deleted on plume.two too
  • a@plume.one waits more than 10 minutes, and delete the second article
  • the Delete activity gets rejected by plume.two

Edit: also note that the next activities from a@plume.one are correctly received by plume.two

elegaanz (Migrated from github.com) approved these changes 1 year ago
elegaanz (Migrated from github.com) left a comment

It is working now. 👍 (but I don’t understand what was wrong with the previous condition, and this one doesn’t make sense for me)

trinity-1686a commented 1 year ago
Owner

previously, the first if would match in case of invalid request, and the second would do exactly the same, match on invalid request. But the first block is the Ok(()) one, so on invalid request it would say “ok this is fine”.
Now the condition for the second if is inverted, so when the request is valid it returns Ok(()), when the request is invalid it returns the signature error

previously, the first `if` would match in case of invalid request, and the second would do exactly the same, match on invalid request. But the first block is the Ok(()) one, so on _invalid_ request it would say "ok this is fine". Now the condition for the second `if` is inverted, so when the request is _valid_ it returns Ok(()), when the request is invalid it returns the signature error
👍 2

Reviewers

Plume_migration_agent approved these changes 1 year ago
The pull request has been merged as c4a4ea5b6c.
Sign in to join this conversation.
Reviewers
Request review
No reviewers
 Plume_migration_agent
Labels
Apply labels
Clear labels
A: API
Related to the REST API A: Backend
Code running on the server A: Federation
Stuff related to Federation A: Front-End
Related to the front-end A: I18N
Translations, and related code A: Meta
More about project management or code than the project itself A: Security Build
The building, or installation process of Plume C: Bug
Something isn't working C: Discussion
We need to talk C: Enhancement
New feature or request C: Feature
This is a new feature Compatibility
Compatibility with different browsers, readers and OS Dependency
Related to an external package that Plume uses Design
UI/UX related issues and PRs Documentation Good first issue
Good for newcomers Help welcome
Extra attention is needed Mobile
Issues affecting only mobile UX Rendering
How elements're rendered out for the end user S: Blocked
Something else needs to be fixed first S: Duplicate
This issue or pull request already exists S: Incomplete
This PR is not complete yet S: Instance specific
Issues concern a limited number of instances S: Invalid
This doesn't seem right S: Needs Voting/Discussion
Need to be discussed by the community (on Loomio) S: Ready for review
This PR is ready to be reviewed Suggestion
Proposed ideas worth considering S: Voted on Loomio
This is issue has been created after a vote on Loomio S: Wontfix
This will not be worked on
No Label
A: API
A: Backend
A: Federation
A: Front-End
A: I18N
A: Meta
A: Security
Build
C: Bug
C: Discussion
C: Enhancement
C: Feature
Compatibility
Dependency
Design
Documentation
Good first issue
Help welcome
Mobile
Rendering
S: Blocked
S: Duplicate
S: Incomplete
S: Instance specific
S: Invalid
S: Needs Voting/Discussion
S: Ready for review
Suggestion
S: Voted on Loomio
S: Wontfix
Milestone
Set milestone
Clear milestone
No items
No Milestone
Assignees
Assign users
Clear assignees
No Assignees
2 Participants
Notifications
Due Date

No due date set.

Dependencies

This pull request currently doesn't have any dependencies.

Write Preview
Loading…
Cancel
Save
There is no content yet.
Delete Branch 'blind-key-rotation'

Deleting a branch is permanent. It CANNOT be undone. Continue?

No
Yes