Overview
| Comment: | fix privilege bugs, make visible and shout actually do things |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
611a3210269d407ce56c2e640360c9e8 |
| User & Date: | lexi on 2022-11-04 16:49:18 |
| Other Links: | manifest | tags |
Context
|
2025-02-07
| ||
| 11:06 | move back to AGPLv3 away from extremely sketchy EUPL; fix stinkscrape invocation; update authmech list check-in: ce454cea05 user: lexi tags: trunk | |
|
2022-11-04
| ||
| 16:49 | fix privilege bugs, make visible and shout actually do things check-in: 611a321026 user: lexi tags: trunk | |
| 12:45 | begin steps to port parsav to mbedtls3 and modern nix. also? fuck mbedtls with a fucking jackhammer i am never using it again holy fuck check-in: e7e16156a6 user: lexi tags: trunk | |
Changes
Modified backend/pgsql.t from [8e095d7d59] to [223be568a8].
1225 1225 local schema = sqlsquash(lib.util.ingest 'backend/schema/pgsql.sql') 1226 1226 local obliterator = sqlsquash(lib.util.ingest 'backend/schema/pgsql-drop.sql') 1227 1227 1228 1228 local privupdate = terra( 1229 1229 src: &lib.store.source, 1230 1230 ac: &lib.store.actor 1231 1231 ): {} 1232 - var pdef: lib.store.powerset pdef:clear() 1232 + var pdef = lib.store.rights_default().powers 1233 1233 var map = array([privmap]) 1234 1234 for i=0, [map.type.N] do 1235 1235 var d = pdef and map[i].val 1236 1236 var u = ac.rights.powers and map[i].val 1237 1237 queries.actor_power_delete.exec(src, ac.id, map[i].name) 1238 - if d:sz() > 0 and u:sz() == 0 then 1238 + if d:any() and u:sz() == 0 then 1239 1239 lib.dbg('blocking power ', {map[i].name.ptr, map[i].name.ct}) 1240 1240 queries.actor_power_insert.exec(src, ac.id, map[i].name, 0) 1241 - elseif d:sz() == 0 and u:sz() > 0 then 1241 + elseif d:any() == false and u:sz() > 0 then 1242 1242 lib.dbg('granting power ', {map[i].name.ptr, map[i].name.ct}) 1243 1243 queries.actor_power_insert.exec(src, ac.id, map[i].name, 1) 1244 1244 end 1245 1245 end 1246 1246 end 1247 1247 1248 1248 local getpow = terra(
Modified makefile from [21260c66fc] to [814abb2313].
1 1 version = dev 2 2 dl = git 3 3 dbg-flags = $(if $(dbg),-g) 4 - 4 +build-vars = parsav_enable_debug=$(if $(dbg),yes,no) 5 5 # for nix 6 6 prefix = ${out} 7 7 8 8 images = static/default-avatar.webp static/query.webp static/heart.webp static/retweet.webp static/reply.webp static/file.webp static/follow.webp 9 9 #$(addsuffix .webp, $(basename $(wildcard static/*.svg))) 10 10 styles = $(addsuffix .css, $(basename $(wildcard static/*.scss))) 11 11 12 12 # .PHONY: all 13 13 # all: parsav parsavd 14 14 15 15 parsav parsavd: parsav.t config.lua pkgdata.lua $(images) $(styles) 16 - terra $(dbg-flags) $< 16 + env $(build-vars) terra $(dbg-flags) $< 17 17 parsav.o parsavd.o: parsav.t config.lua pkgdata.lua $(images) $(styles) 18 - env parsav_link=no terra $(dbg-flags) $< 18 + env $(build-vars) parsav_link=no terra $(dbg-flags) $< 19 19 parsav.ll parsavd.ll: parsav.t config.lua pkgdata.lua $(images) $(styles) 20 - env parsav_emit_type=ll parsav_link=no terra $(dbg-flags) $< 20 + env $(build-vars) parsav_emit_type=ll parsav_link=no terra $(dbg-flags) $< 21 21 parsav.s parsavd.ss: parsav.ll 22 22 llc --march=$(target) $< 23 23 24 24 static/%.svg.clean: static/%.svg 25 25 svgcleaner $< $@ 26 26 static/%.webp: static/%.png 27 27 cwebp -q 90 $< -o $@
Modified parsav.t from [04815ba40d] to [db2ced38ab].
278 278 set.idvmap = o 279 279 set.null = quote var s: set s:clear() in s end 280 280 set.name = string.format('set<%s>', table.concat(tbl, '|')) 281 281 set.metamethods.__entrymissing = macro(function(val, obj) 282 282 if o[val] == nil then error('value ' .. val .. ' not in set') end 283 283 return `bit { _v=[o[val] - 1], _set = &(obj) } 284 284 end) 285 + terra set:any() 286 + for i = 0, bytes - 1 do 287 + if self._store[i] ~= 0 then return true end 288 + end 289 + return false 290 + end 285 291 terra set:sz() 286 292 var ct: intptr = 0 287 293 --for i = 0, [math.floor(#tbl/8)] do 288 294 -- ct = ct + lib.math.ll.ctpop_u8(self._store[i]) 289 295 --end 290 296 --[(function() 291 297 -- if #tbl % 8 ~= 0 then
Modified render/timeline.t from [5c434424ea] to [0ee70a00a0].
14 14 var spec = lib.str.ref.null() 15 15 if hpath.ct >= 2 then 16 16 modestr = hpath(1) 17 17 if hpath.ct >= 3 then spec = hpath(2) end 18 18 end 19 19 var mode = modes.follow 20 20 var circle: uint64 = 0 21 + var reqPowers: lib.store.powerset 22 + reqPowers:clear() 23 + reqPowers.visible = true 21 24 if modestr:ref() then 22 - if modestr:cmp('local' ) then mode = [modes['local']] 25 + if modestr:cmp('local' ) then mode = [modes['local']] reqPowers.shout = true 23 26 elseif modestr:cmp('mutual') then mode = modes.mutual 24 - elseif modestr:cmp('fedi' ) then mode = modes.fedi 27 + elseif modestr:cmp('fedi' ) then mode = modes.fedi reqPowers.shout = true 25 28 elseif modestr:cmp('circle') then mode = modes.circle 26 29 end 27 30 end 28 31 if requires_login(mode) and co.aid == 0 then mode = [modes['local']] end 29 32 30 33 31 34 var stoptime = lib.osclock.time(nil) ................................................................................ 97 100 for i = 0, posts.sz do 98 101 var author = co:uid2actor(posts(i).ptr.author) 99 102 if mode == modes.mutual and posts(i).ptr.author ~= co.who.id then 100 103 if not author.relationship.recip.follow() then goto skip end 101 104 end 102 105 if author.relationship.rel.mute() or 103 106 author.relationship.rel.avoid() or 104 - author.relationship.recip.exclude() then goto skip end 107 + author.relationship.recip.exclude() or 108 + (not ((author.rights.powers and reqPowers) == reqPowers)) 109 + then goto skip end 105 110 if posts(i).ptr.rtdby ~= 0 then 106 111 var rter = co:uid2actor(posts(i).ptr.rtdby) 107 112 if rter.relationship.rel.mute() 108 113 or rter.relationship.rel.attenuate() 109 114 or rter.relationship.rel.avoid() 110 - or rter.relationship.recip.exclude() then goto skip end 115 + or rter.relationship.recip.exclude() 116 + or (not ((rter.rights.powers and reqPowers) == reqPowers)) 117 + then goto skip end 111 118 end 112 119 lib.render.tweet(co, posts(i).ptr, &acc) 113 120 var t = lib.math.biggest(lib.math.biggest(posts(i).ptr.posted, posts(i).ptr.discovered),posts(i).ptr.edited) 114 121 if t > newest then newest = t end 115 122 ::skip:: posts(i):free() 116 123 end 117 124 if posts.run > 0 then posts:free() end
Modified route.t from [5d2607bf9b] to [38909346ca].
730 730 if not msg then msg = 'user record updated' end 731 731 end 732 732 end 733 733 elseif path.ct == 2 and meth == method.post then 734 734 var act = co:ppostv('act') 735 735 if act:cmp('create') then 736 736 var newname = co:ppostv('handle') 737 - if not newname or not lib.store.actor.handle_validate(newname.ptr) then 737 + if (not newname) or (not lib.store.actor.handle_validate(newname)) then 738 738 co:complain(400,'invalid handle','the handle you have requested is not valid') 739 + return 739 740 end 740 741 var tu = co.srv:actor_fetch_xid(newname) 741 742 if tu:ref() then tu:free() 742 743 co:complain(409,'handle clash','that handle conflicts with one that already exists') 743 744 return 744 745 end 745 746 var kbuf: uint8[lib.crypt.const.maxdersz]
Modified store.t from [54bd5bc381] to [093a07dfdc].
159 159 -- otherwise, nobody could reset their passwords 160 160 -- (also dissuades people from giving root lightly) 161 161 return true 162 162 end 163 163 return self:outranks(other) 164 164 end 165 165 166 -terra m.actor.methods.handle_validate(hnd: rawstring) 167 - if hnd[0] == 0 then 166 +terra m.actor.methods.handle_validate(hnd: pstr) 167 + if hnd.ct == 0 then 168 168 return false 169 169 end 170 170 -- TODO validate fully 171 171 return true 172 172 end 173 173 174 174 terra m.actor.methods.mk(kbuf: &uint8)