gourami

[UNMAINTAINED] Activitypub server in Rust
Log | Files | Refs | README | LICENSE

commit 2f0fb2210af12138a3ca5b5f75f0f73bfce56c66
parent a1d2a3d2ed1169115d8cfa0a5d5ee3ccc576ff0c
Author: alex wennerberg <alex@alexwennerberg.com>
Date:   Thu, 23 Apr 2020 18:16:12 -0500

Setup some boilerplate, update dependencies

Diffstat:
MCargo.lock | 82+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
MCargo.toml | 2+-
MTODO | 2++
Msrc/db/note.rs | 34++++++++++++++++++----------------
4 files changed, 103 insertions(+), 17 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock @@ -125,6 +125,15 @@ checksum = "1b20b618342cf9891c292c4f5ac2cde7287cc5c87e87e9c769d617793607dec1" [[package]] name = "base64" +version = "0.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b25d992356d2eb0ed82172f5248873db5560c4721f564b13cb5193bda5e668e" +dependencies = [ + "byteorder", +] + +[[package]] +name = "base64" version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b41b7ea54a0c9d92199de89e20e58d49f02f8e699814ef3fdf266f6f748d15c7" @@ -1611,6 +1620,21 @@ dependencies = [ ] [[package]] +name = "ring" +version = "0.16.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1ba5a8ec64ee89a76c98c549af81ff14813df09c3e6dc4766c3856da48597a0c" +dependencies = [ + "cc", + "lazy_static", + "libc", + "spin", + "untrusted", + "web-sys", + "winapi 0.3.8", +] + +[[package]] name = "rustc_version" version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1620,6 +1644,19 @@ dependencies = [ ] [[package]] +name = "rustls" +version = "0.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b25a18b1bf7387f0145e7f8324e700805aade3842dd3db2e74e4cdeb4677c09e" +dependencies = [ + "base64 0.10.1", + "log 0.4.8", + "ring", + "sct", + "webpki", +] + +[[package]] name = "rustversion" version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1674,6 +1711,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" [[package]] +name = "sct" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3042af939fca8c3453b7af0f1c66e533a15a86169e39de2657310ade8f98d3c" +dependencies = [ + "ring", + "untrusted", +] + +[[package]] name = "security-framework" version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1797,6 +1844,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "05720e22615919e4734f6a99ceae50d00226c3c5aca406e102ebc33298214e0a" [[package]] +name = "spin" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" + +[[package]] name = "standback" version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2045,6 +2098,18 @@ dependencies = [ ] [[package]] +name = "tokio-rustls" +version = "0.12.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "141afec0978abae6573065a48882c6bae44c5cc61db9b511ac4abf6a09bfd9cc" +dependencies = [ + "futures-core", + "rustls", + "tokio", + "webpki", +] + +[[package]] name = "tokio-tls" version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2185,6 +2250,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "826e7639553986605ec5979c7dd957c7895e93eabed50ab2ffa7f6128a75097c" [[package]] +name = "untrusted" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "60369ef7a31de49bcb3f6ca728d4ba7300d9a1658f94c727d4cab8c8d9f4aece" + +[[package]] name = "url" version = "2.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2256,6 +2327,7 @@ dependencies = [ "serde_json", "serde_urlencoded", "tokio", + "tokio-rustls", "tokio-tungstenite", "tower-service", "urlencoding", @@ -2346,6 +2418,16 @@ dependencies = [ ] [[package]] +name = "webpki" +version = "0.21.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f1f50e1972865d6b1adb54167d1c8ed48606004c2c9d0ea5f1eeb34d95e863ef" +dependencies = [ + "ring", + "untrusted", +] + +[[package]] name = "winapi" version = "0.2.8" source = "registry+https://github.com/rust-lang/crates.io-index" diff --git a/Cargo.toml b/Cargo.toml @@ -19,7 +19,7 @@ reqwest = "0.10.4" serde = { version = "1.0.106", features = ["derive"] } serde_json = "1.0.51" tokio = { version = "0.2.18", features = ["macros"] } -warp = "0.2.2" +warp = {version = "0.2.2", features = ["tls"]} hyper = "0.13.5" regex = "1.3.7" ammonia = "3.1.0" diff --git a/TODO b/TODO @@ -1,5 +1,7 @@ A nice big new feature would be event planning +https://github.com/seanmonstar/warp/blob/8b8c9950260ef7312e29c4af72b0753619a5ad5c/examples/tls.rs + sanitize on write to db parse markdown? diff --git a/src/db/note.rs b/src/db/note.rs @@ -1,21 +1,31 @@ use maplit::hashset; use super::schema::notes; -use serde::{Deserialize, Serialize}; +use serde::{de::Error, Deserialize, Serialize, Deserializer}; use regex::Regex; use ammonia; -// Statuses are note activitystream object #[derive(Queryable, Clone, Deserialize, Serialize)] -pub struct Note { +pub struct Note { // rename RenderedNote pub id: i32, pub creator_id: i32, pub creator_username: String, pub parent_id: Option<i32>, + // deserialize wiht pub content: String, pub created_time: String, } +/// Content in the DB is stored in plaintext (WILL BE) +/// We want to render it so that it is rendered in HTML +/// This basically just means escaping characters and adding +/// automatic URL parsing +fn render_content<'de, D>(deserializer: D) -> Result<String, D::Error> +where D: Deserializer<'de> { + let s: &str = Deserialize::deserialize(deserializer)?; + return Ok(parse_note_text(s)); +} + #[derive(Insertable, Clone)] #[table_name = "notes"] pub struct NoteInput { @@ -27,23 +37,16 @@ pub struct NoteInput { // pub published: chrono::NaiveDateTime, } -/// used when we get content from another server -/// Derived from the big elephant -/// https://github.com/tootsuite/mastodon/blob/master/app/lib/sanitize_config.rb -pub fn sanitize_remote_content(html_string: &str) -> String { - let ok_tags = hashset!["p", "br", "span", "a"]; - let html_clean = ammonia::Builder::new() - .tags(ok_tags) - .clean(html_string) - .to_string(); - // this is OK for now -- but we want to add microformats like mastodon does - html_clean +impl NoteInput { + // implement a better constructor here } /// used for user-input /// Parse links -- stolen from https://git.cypr.io/oz/autolink-rust/src/branch/master/src/lib.rs +/// TODO -- sanitize before write and then render links on read pub fn parse_note_text(text: &str) -> String { - // dont hack me + // There shouldn't be any html tags in the db, but + // Let's strip it out just in case let html_clean = ammonia::clean_text(text); if text.len() == 0 { return String::new(); @@ -67,7 +70,6 @@ pub fn parse_note_text(text: &str) -> String { let replace_str = "<a href=\"/user/$2\">$0</a>"; let people_parsed = person_regex.replace_all(&notes_parsed, &replace_str as &str).to_string(); // TODO get mentions too - println!("{}", people_parsed); return people_parsed; }