From a0704db43a29ca3392bfc8817d41e100994535d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Roland=20H=C3=A4der?= Date: Fri, 20 Jan 2023 01:49:11 +0100 Subject: [PATCH 1/3] Continued: - some trolls managed to flood gserver with useless URLs. They can be blocked by domain blocking them, but still it floods gserver table with dead entries - this hack tries to change that so they won't enter gserver at all. Let's hope these trolls as `activitypub-trolls.cf` learn a lesson (and get adults soon) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Roland Häder --- src/Model/GServer.php | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/src/Model/GServer.php b/src/Model/GServer.php index 54e4d7220e..468978d10c 100644 --- a/src/Model/GServer.php +++ b/src/Model/GServer.php @@ -458,19 +458,30 @@ class GServer */ public static function setFailureByUrl(string $url) { - $gserver = DBA::selectFirst('gserver', [], ['nurl' => Strings::normaliseLink($url)]); + $nurl = Strings::normaliseLink($url); + + if (Network::isUrlBlocked($url)) { + Logger::info('Server domain is blocked', ['url' => $url]); + return; + } elseif (Network::isUrlBlocked($nurl)) { + Logger::info('Server domain is blocked', ['nurl' => $nurl]); + return; + } + + $gserver = DBA::selectFirst('gserver', [], ['nurl' => $nurl]); if (DBA::isResult($gserver)) { $next_update = self::getNextUpdateDate(false, $gserver['created'], $gserver['last_contact']); self::update(['url' => $url, 'failed' => true, 'blocked' => Network::isUrlBlocked($url), 'last_failure' => DateTimeFormat::utcNow(), 'next_contact' => $next_update, 'network' => Protocol::PHANTOM, 'detection-method' => null], - ['nurl' => Strings::normaliseLink($url)]); + ['nurl' => $nurl]); Logger::info('Set failed status for existing server', ['url' => $url]); if (self::isDefunct($gserver)) { self::archiveContacts($gserver['id']); } return; } - self::insert(['url' => $url, 'nurl' => Strings::normaliseLink($url), + + self::insert(['url' => $url, 'nurl' => $nurl, 'network' => Protocol::PHANTOM, 'created' => DateTimeFormat::utcNow(), 'failed' => true, 'last_failure' => DateTimeFormat::utcNow()]); Logger::info('Set failed status for new server', ['url' => $url]); @@ -560,6 +571,9 @@ class GServer self::detect($url, $network, $only_nodeinfo); } return false; + } elseif (Network::isUrlBlocked($url)) { + Logger::info('Server domain is blocked', ['url' => $url]); + return false; } $valid_url = Network::isUrlValid($url); From ba08692403a1d9b7b4f4e249ca7c9d2e00c728fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Roland=20H=C3=A4der?= Date: Fri, 20 Jan 2023 02:43:26 +0100 Subject: [PATCH 2/3] Continued: - just for consistency ... --- src/Worker/UpdateServerPeers.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Worker/UpdateServerPeers.php b/src/Worker/UpdateServerPeers.php index 85a1b61bf6..8119030a17 100644 --- a/src/Worker/UpdateServerPeers.php +++ b/src/Worker/UpdateServerPeers.php @@ -57,13 +57,13 @@ class UpdateServerPeers $total = 0; $added = 0; foreach ($peers as $peer) { - if (Network::isUrlBlocked('http://' . $peer)) { + if (Network::isUrlBlocked('https://' . $peer)) { // Ignore blocked systems as soon as possible in the loop to avoid being slowed down by tar pits continue; } ++$total; - if (DBA::exists('gserver', ['nurl' => Strings::normaliseLink('http://' . $peer)])) { + if (DBA::exists('gserver', ['nurl' => Strings::normaliseLink('https://' . $peer)])) { // We already know this server continue; } From 27969e8ca69b93c1b7c17a2b87ce3ccca2a2389a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Roland=20H=C3=A4der?= Date: Sat, 21 Jan 2023 01:04:31 +0100 Subject: [PATCH 3/3] Continued: - moved if() block to suggested position by MrPetovan, for me I want to have all conditions checked at the start of the method, e.g. no unwanted null references or (in this case) if the URL is blacklisted - normalized URLs are without SSL, means http://host/path/file.ext so they exist only once for contacts and servers (aka. instances) - documented returned type `void` --- src/Model/GServer.php | 17 +++++++++-------- src/Worker/UpdateServerPeers.php | 2 +- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/src/Model/GServer.php b/src/Model/GServer.php index 468978d10c..41edb6c8d2 100644 --- a/src/Model/GServer.php +++ b/src/Model/GServer.php @@ -455,19 +455,12 @@ class GServer * Set failed server status * * @param string $url + * @return void */ public static function setFailureByUrl(string $url) { $nurl = Strings::normaliseLink($url); - if (Network::isUrlBlocked($url)) { - Logger::info('Server domain is blocked', ['url' => $url]); - return; - } elseif (Network::isUrlBlocked($nurl)) { - Logger::info('Server domain is blocked', ['nurl' => $nurl]); - return; - } - $gserver = DBA::selectFirst('gserver', [], ['nurl' => $nurl]); if (DBA::isResult($gserver)) { $next_update = self::getNextUpdateDate(false, $gserver['created'], $gserver['last_contact']); @@ -481,6 +474,14 @@ class GServer return; } + if (Network::isUrlBlocked($url)) { + Logger::info('Server domain is blocked', ['url' => $url]); + return; + } elseif (Network::isUrlBlocked($nurl)) { + Logger::info('Server domain is blocked', ['nurl' => $nurl]); + return; + } + self::insert(['url' => $url, 'nurl' => $nurl, 'network' => Protocol::PHANTOM, 'created' => DateTimeFormat::utcNow(), 'failed' => true, 'last_failure' => DateTimeFormat::utcNow()]); diff --git a/src/Worker/UpdateServerPeers.php b/src/Worker/UpdateServerPeers.php index 8119030a17..51f8b4b767 100644 --- a/src/Worker/UpdateServerPeers.php +++ b/src/Worker/UpdateServerPeers.php @@ -63,7 +63,7 @@ class UpdateServerPeers } ++$total; - if (DBA::exists('gserver', ['nurl' => Strings::normaliseLink('https://' . $peer)])) { + if (DBA::exists('gserver', ['nurl' => 'http://' . $peer])) { // We already know this server continue; }