diff options
| -rw-r--r-- | RELEASE_NOTES.md | 2 | ||||
| -rw-r--r-- | activitypub.c | 32 | ||||
| -rw-r--r-- | doc/snac.8 | 4 |
3 files changed, 38 insertions, 0 deletions
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index 72e1d77..cd77370 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md | |||
| @@ -8,6 +8,8 @@ Follower-only replies to unknown users are not shown in timelines. | |||
| 8 | 8 | ||
| 9 | Added verification of metadata links: if the linked page contains a link back to the snac user with a rel="me" attribute, it's marked as verified. | 9 | Added verification of metadata links: if the linked page contains a link back to the snac user with a rel="me" attribute, it's marked as verified. |
| 10 | 10 | ||
| 11 | Added a new server-level configuration parameter: `min_account_age`. If this value (in seconds) is set in `server.json`, any activity coming from accounts that were created newer than that will be discarded. This can be used to mitigate spam. | ||
| 12 | |||
| 11 | Added a profile-page relation to links in webfinger responses (contributed by khm). | 13 | Added a profile-page relation to links in webfinger responses (contributed by khm). |
| 12 | 14 | ||
| 13 | Fixed some regressions and a crash. | 15 | Fixed some regressions and a crash. |
diff --git a/activitypub.c b/activitypub.c index d8f748e..3e306a6 100644 --- a/activitypub.c +++ b/activitypub.c | |||
| @@ -1826,6 +1826,38 @@ int process_input_message(snac *snac, xs_dict *msg, xs_dict *req) | |||
| 1826 | } | 1826 | } |
| 1827 | } | 1827 | } |
| 1828 | 1828 | ||
| 1829 | /* check the minimum acceptable account age */ | ||
| 1830 | int min_account_age = xs_number_get(xs_dict_get(srv_config, "min_account_age")); | ||
| 1831 | |||
| 1832 | if (min_account_age > 0) { | ||
| 1833 | char *actor_date = xs_dict_get(actor_o, "published"); | ||
| 1834 | if (!xs_is_null(actor_date)) { | ||
| 1835 | time_t actor_t = xs_parse_iso_date(actor_date, 0); | ||
| 1836 | |||
| 1837 | if (actor_t < 950000000) { | ||
| 1838 | snac_log(snac, xs_fmt("rejected activity from %s (suspicious date, %s)", | ||
| 1839 | actor, actor_date)); | ||
| 1840 | |||
| 1841 | return 1; | ||
| 1842 | } | ||
| 1843 | |||
| 1844 | if (actor_t > 0) { | ||
| 1845 | int td = (int)(time(NULL) - actor_t); | ||
| 1846 | |||
| 1847 | snac_debug(snac, 2, xs_fmt("actor %s age: %d seconds", actor, td)); | ||
| 1848 | |||
| 1849 | if (td < min_account_age) { | ||
| 1850 | snac_log(snac, xs_fmt("rejected activity from %s (too new, %d seconds)", | ||
| 1851 | actor, td)); | ||
| 1852 | |||
| 1853 | return 1; | ||
| 1854 | } | ||
| 1855 | } | ||
| 1856 | } | ||
| 1857 | else | ||
| 1858 | snac_log(snac, xs_fmt("warning: empty or null creation date for %s", actor)); | ||
| 1859 | } | ||
| 1860 | |||
| 1829 | if (strcmp(type, "Follow") == 0) { /** **/ | 1861 | if (strcmp(type, "Follow") == 0) { /** **/ |
| 1830 | if (!follower_check(snac, actor)) { | 1862 | if (!follower_check(snac, actor)) { |
| 1831 | /* ensure the actor object is here */ | 1863 | /* ensure the actor object is here */ |
| @@ -205,6 +205,10 @@ If set to true, history monthly snapshots are not served nor their links shown. | |||
| 205 | This boolean value selects if shared inboxes are announced or not. Enabling | 205 | This boolean value selects if shared inboxes are announced or not. Enabling |
| 206 | shared inboxes helps (somewhat) in optimizing incoming traffic for instances | 206 | shared inboxes helps (somewhat) in optimizing incoming traffic for instances |
| 207 | with a large number of users. | 207 | with a large number of users. |
| 208 | .It Ic min_account_age | ||
| 209 | If this numeric value (in seconds) is set, any activity coming from an account | ||
| 210 | that was created more recently than that will be rejected. This may be used | ||
| 211 | to mitigate spam from automatically created accounts. | ||
| 208 | .El | 212 | .El |
| 209 | .Pp | 213 | .Pp |
| 210 | You must restart the server to make effective these changes. | 214 | You must restart the server to make effective these changes. |