From f706a74b9f719d66fa6748a68da6a46a8ef9f51c Mon Sep 17 00:00:00 2001 From: sennui Date: Thu, 26 Mar 2020 10:18:36 +0100 Subject: [PATCH 1/3] lack of admin rights caused case_clause and silent server --- apps/roster/src/protocol/roster_room.erl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/roster/src/protocol/roster_room.erl b/apps/roster/src/protocol/roster_room.erl index 295fe295c..608406f4d 100644 --- a/apps/roster/src/protocol/roster_room.erl +++ b/apps/roster/src/protocol/roster_room.erl @@ -214,7 +214,7 @@ info(#'Room'{status = St, id = Room, members = Members, admins = Admins, readers <- roster:members(#muc{name = Room}), SST /= removed], R4 end, kvs:put(R2), <<>>; - [] -> #io{code = #error{code = permission_denied}} end; + _ -> #io{code = #error{code = permission_denied}} end; {error, _} -> #io{code = #error{code = room_not_found}} end, {reply, {bert, IO}, Req, State}; -- GitLab From 3ad68c00442c2823a5256fe6c038c2e363e0292e Mon Sep 17 00:00:00 2001 From: Hans Svensson Date: Thu, 26 Mar 2020 13:50:16 +0100 Subject: [PATCH 2/3] roster_friend: add a case clause to avoid crashing on bad request --- apps/roster/src/protocol/roster_friend.erl | 56 ++++++++++++---------- 1 file changed, 32 insertions(+), 24 deletions(-) diff --git a/apps/roster/src/protocol/roster_friend.erl b/apps/roster/src/protocol/roster_friend.erl index 069de4ff1..30ae11bf6 100644 --- a/apps/roster/src/protocol/roster_friend.erl +++ b/apps/roster/src/protocol/roster_friend.erl @@ -7,27 +7,31 @@ start() -> n2o_async:start(#handler{module = ?MODULE, class = system, group = roster, name = ?MODULE, state = []}). -info(#'Friend'{phone_id = Me, friend_id = Friend, settings = FriendSettings, status = request}, {Req, handled}, - #cx{params = ClientId, client_pid = C} = State) -> +info(#'Friend'{phone_id = Me, friend_id = Friend, settings = FriendSettings, status = request}, + {Req, handled}, #cx{params = ClientId, client_pid = C} = State) -> [From, FromId] = roster:parts_phone_id(Me), [To, ToId] = roster:parts_phone_id(Friend), - [{ok, FromR}, {ok, ToR}] = [kvs:get('Roster', Id) || Id <- [FromId, ToId]], - D = case {roster:get_contact(FromR, Friend), roster:get_contact(ToR, Me)} of - {#'Contact'{status = S1}, #'Contact'{status = S2}} when S1 =/= [];S2 =/= [] -> - #io{code = invalid_data}; - _ -> - [Mc] = roster:to_contact([FromR], authorization), - [Fc] = roster:to_contact([ToR], request), - Now = roster:now_msec(), - Mec = Mc#'Contact'{update = Now, created = Now, settings = Mc#'Contact'.settings ++ FriendSettings}, - Friendc = Fc#'Contact'{update = Now, created = Now}, - _Local = roster:add_contacts(ToR, [Mec]), - _Remote = roster:add_contacts(FromR, [Friendc]), - roster:send_ses(C, To, roster:presence(#'Contact'{reader = Rs} = roster:readmsgs(Mec, Friend))), - roster:send_ses(C, From, roster:presence(Friendc#'Contact'{reader = lists:reverse(Rs)})), - n2o_async:pid(system, ?MODULE) ! {send_push, Me, Friend, <<"request">>}, - roster:info(?MODULE, "~p:~p:Friend/request:~p", [Me, ClientId, Friend]), - <<>> + {ok, FromR} = kvs:get('Roster', FromId), + D = case kvs:get('Roster', ToId) of + {error, _} -> #io{code = invalid_data}; + {ok, ToR} -> + case {roster:get_contact(FromR, Friend), roster:get_contact(ToR, Me)} of + {#'Contact'{status = S1}, #'Contact'{status = S2}} when S1 =/= [];S2 =/= [] -> + #io{code = invalid_data}; + _ -> + [Mc] = roster:to_contact([FromR], authorization), + [Fc] = roster:to_contact([ToR], request), + Now = roster:now_msec(), + Mec = Mc#'Contact'{update = Now, created = Now, settings = Mc#'Contact'.settings ++ FriendSettings}, + Friendc = Fc#'Contact'{update = Now, created = Now}, + _Local = roster:add_contacts(ToR, [Mec]), + _Remote = roster:add_contacts(FromR, [Friendc]), + roster:send_ses(C, To, roster:presence(#'Contact'{reader = Rs} = roster:readmsgs(Mec, Friend))), + roster:send_ses(C, From, roster:presence(Friendc#'Contact'{reader = lists:reverse(Rs)})), + n2o_async:pid(system, ?MODULE) ! {send_push, Me, Friend, <<"request">>}, + roster:info(?MODULE, "~p:~p:Friend/request:~p", [Me, ClientId, Friend]), + <<>> + end end, {reply, {bert, D}, Req, State}; info(#'Friend'{phone_id = Me, status = request} = F, Req, #cx{params = ClientId} = State) -> @@ -37,11 +41,15 @@ info(#'Friend'{phone_id = Me, status = request} = F, Req, #cx{params = ClientId} __________ -> roster:info(?MODULE, "invalid client id: ~p", [ClientId]), error end, case PhoneId of - ?IS_UUID -> roster:info(?MODULE, "invalid phone id: ~p", [PhoneId]), - {reply, {bert, #io{code = {error, corrupted_db}}}, Req, State}; - Me -> info(F#'Friend'{phone_id = Me}, {Req, handled}, State); - _ -> roster:info(?MODULE, "invalid phone id: ~p", [Me]), - {reply, {bert, #io{code = {error, permission_denied}}}, Req, State} end; + ?IS_UUID -> + roster:info(?MODULE, "invalid phone id: ~p", [PhoneId]), + {reply, {bert, #io{code = {error, corrupted_db}}}, Req, State}; + Me -> + info(F#'Friend'{phone_id = Me}, {Req, handled}, State); + _ -> + roster:info(?MODULE, "invalid phone id: ~p", [Me]), + {reply, {bert, #io{code = {error, permission_denied}}}, Req, State} + end; info(#'Friend'{friend_id = Friend, status = ignore}, Req, #cx{params = ClientId, client_pid = C} = State) -> Me = roster:phone_id(ClientId), -- GitLab From b99db3401bd08c0012f92611235c5466b483ea42 Mon Sep 17 00:00:00 2001 From: "A.Popov" Date: Thu, 26 Mar 2020 19:01:37 +0200 Subject: [PATCH 3/3] Updated transcribe related config --- etc/certs/transcribe-dacb4306ab76.json | 12 ++++++------ sys.config | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/etc/certs/transcribe-dacb4306ab76.json b/etc/certs/transcribe-dacb4306ab76.json index 04a938a84..a8a5cf778 100644 --- a/etc/certs/transcribe-dacb4306ab76.json +++ b/etc/certs/transcribe-dacb4306ab76.json @@ -1,12 +1,12 @@ { "type": "service_account", - "project_id": "transcribe-1557912315366", - "private_key_id": "dacb4306ab761b2e97bf21a0c2f2767525948936", - "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCvStOgQkLp3n/Q\nvYgEBZmjFmaK5jeMLjUWRVCtksNxiPFyZjCt1yyNMBH4BFcpb146ysIxBCCRjuHZ\nQcx3N3CMfmqS+jC3KdBU9QPaXSqrw2SJJwP6Ubd9XltBYhXHbTnV3gI+8J+H1Hkj\njajr2FlglG6ZDEDnpQZc0KQtk++9jSlat4FOA5X+Vw2UNIWKihVoptDmV6ZvjcCs\nvRPJ+ne23zykrI+vpLs+s6mMUYY6nvbSiFXgg7TwcJUVShbi6OeQiB5eYLdFeQR7\nfHMV+TtN7UCJFK/jADJxZitw5AieERGt9ZUkuJTqVZ1Bl1Eh4eJX65aTv3PcjCJS\nhBKcSOUTAgMBAAECggEABiVFHCDr6vpzrWQns58P+Ylx2ObPWxPM+qs9c92/Cmj3\nBhVnxCsqEwfKFCbwI1zAh1ElKRtwRN98iDsSqboA29Fxd8EGb4rWFKnDvnvLti/o\ng20hv5HuhppbRVnkp5RAayttwA/RmAKD/hIbslZoc8a1xe80YKqxeWmQh/ngIDDB\nlRQDRfxfJTSudQMIE3ZxQaC5vlG8jkNiMFoJNBOzJ/ecZwJWHJjMOrcIMneUFNiW\nQqen2CE0N0bIlU5yBsIJhZvBn1JKiShZEMLLjdQhNdIgiz0QwgoctVtKNGAjCk1V\nwAkzp6qrdkRcM8uBZkqoLjLhP9yQ9l+hw71irWFB6QKBgQDXAAbQI/7T6fUlWuaO\n2wWoWrjQmTY/iHlnK8JCBauoO5944VBAwJa7svWPxFrWHjFfMpiZfbsNohTrarqF\nsYzGZrFImfye3+v6uBSO66Isk3eVoeGWhV00eekwNQQvZMNpw55OhR6Ng+JSMumO\nsRbd7WJYMRWtAnbVIUCYhPt+lwKBgQDQuFNvBP5IA2Rb1cEfTELLmlFOlegluTgs\n92QyDlY/3UkCH/o/YUSALQI5QbGMTHxmIOSTXv2ASyoF++3wD4Tgiy/ecvRcDSK4\nmijnxc1z5p4bzW5yovPovsbmZiNItCeoIlCgEbGsFQYpzPAbALztElxw7GVGUfBx\nsigiGPGY5QKBgAjglWdutQzm8hpSwIZRgNBMvqjOSrEg33JlGiZDuay+mX0SQJAL\n461oXD9NajrBEGTP4AEmcdzEPnzh8UWn6RogD13iDc45jLLTevXTwOR6SkvBXWEr\nrIeIKRq2da/HR1JMo3K2iGZrdaLTO1WK9li/fnoJvM1h9qoiL1qc0w2NAoGBAL1O\nQZZTMBK+yNqmcEfj0j16lL4zJuB4MuRN6dmguUepe9tqh33OyeN7byXhWJjIkpfK\nw6aKpGAlTFMrIa73VGyYsW0QVGPdIh3O7MTy2hqCE+thkwh0lccGqb4061G43LMZ\nlIjqI3zRgMqO70N+ktxvJ9rf/icekHd+v/nVJ+OlAoGBALrsHkxUAvM/BmtvQG8+\n7ct/8A0q7mth/SnWCWgXEyZtI332B/2CLSjO1UQW1wFGJvq5xNXQGuv6Z2y73mUq\nVJoBS+D6AHAPhQavj56Rty4CNAFMdWgnr++iYQX5qo5izAzSwmLn+J5I7NgjmIkI\nPZQZnK27mh3/FdSPVDF/e+2c\n-----END PRIVATE KEY-----\n", - "client_email": "starting-account-9n8wy3uslums@transcribe-1557912315366.iam.gserviceaccount.com", - "client_id": "116250585209624477790", + "project_id": "nynja-translation", + "private_key_id": "7b3bc13792cc50f444049119ef30182b72987c1d", + "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCezJ5DYnZnPNlo\nBXussdr4aT5FL+SW3+nlFJmVWFeDzmKvdUDf4JPXawdu/l0JwioJwBFZ56gzqGQC\nuugWpVsqLijcv4oSr0dsf9zlTwvkxRm3zuFzYay57HZc0/O8Nx0JlW+nGnQiwyFG\nFz48K9esUdsGlNeqZrphSAPD2q/bHyP3+uQf5BM2eBBOuk7plCeSWCn8D1nnDH68\nXyM4VzhkhF/tI9jFEyYqDVqF7ZKX7w/Y2PIP71R84lH6Z0asNfWjDh215/Wev24f\nS/G8xJvhQdwMeReBGs+CWwhszlMrDpisJUzK7iWc5dktOZ9N+/6wjok4KnyaC08P\nQZoV+iIBAgMBAAECggEAAM4Js9/P0mYlIKNl4EK8Z805FYfV72YwvnYtl3ZGOCRw\nplqFwcbbDYBCV+1x7I3+7jLFO74b/T1ep4baxEMVPIcZv1WsBQ1GBYG7GDAy5iQ0\nGFtrcbfBFupP2fZ5vmCsO0+6Z+6msxWSJUbSXU2GJi956+7kifchcLZ/jPyk1T6k\nlLpULG1I+CfmJDNJiqOXzMFjSnKa1V//xl8Jnj79Xl4cpzuwP9RHpmUi9N3FZt49\nTcPcdkO3uWCxGMR3eJdn2twK5Z5fo39BnKJ13oxAE8CyKH+1It3CConfNSeoYYZo\nX8s74WH4/V2VUXlsJmeiDVsixSS8DLTBmrF4W4+p2QKBgQDeuIJDDkCn0Aq9kHkm\n8h4hVSFqoynUC4cNvHUaflyoDplHULH9duFs7CgXEyO7CgXtI5b/wI4yQXVZPJPo\n2Hp3gOkKuaLKac1i4h7/n6NU7ifIPX56YGZ8wpY4uQ43ShM/cW81WIYyiXsxLxwV\niCUiK0DEEPtOgRz+P7GzvQ6S+QKBgQC2hv4cHalOOP+YMrhG0et26aiL85vF+93A\ntvGDBQ2o7Bg7MB7WmMvewadPOa7IRTTpiwRo3XN5AWxjOmodXqCG4C4JAJ8rhlzd\nYcR3NCpsSDdWQTZ1Z5bRfwMYOAGkwIzAVKv5+timShm8rJMD5CDylaOvWEnIEXAE\n8msQtMlBSQKBgEzZEzE5+LsugJY6BGOYxSaxLg+SbvtYYugtb6aNlUDzkJXX1SJk\n45Fmxsp3cyu1YKgbUJ28fhP/HBOHYG3GTDNxyndF6FK5QQHujc2b8op6hkWEWmC1\nZIeFyLmXuL0BFTUd2cZpXhyP7W7iF2miiVWJ4RYF2gCTckKUDae8AwxZAoGAY+Ee\nsBfzC2DZTFmEyQwZwyo9FsgpV39pawkwwzdCsErxP4InfdqCxNRHT20LHX/xYlK2\nCQQVKgQDYZEXfBbJ1MRbrIVwlAqkSmgzb99Vz4b88PAicsBKoTzVXq1XCOZsnto2\neUYww14NE1eD4z80YEpOFadESHxyReK5f5zN/DECgYEAoe/+I0lyYUR0WRMNJtzZ\nPJ86ttDJ45eSF/PJz0A7mzt+8+Da8VSTpgxwg5hulvFHNWakVES5chmp9fq2VJtP\nf7JVWtZsntW7CqrskYv3OhsyY3toZAmvq8y5v7tEhhmGnrQbkKRgz7YuGs56YWlK\npfq/izvTu7d1ZvlsB+FQ2E4=\n-----END PRIVATE KEY-----\n", + "client_email": "transcribe@nynja-translation.iam.gserviceaccount.com", + "client_id": "104340978839319713769", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "token_uri": "https://oauth2.googleapis.com/token", "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", - "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/starting-account-9n8wy3uslums%40transcribe-1557912315366.iam.gserviceaccount.com" + "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/transcribe%40nynja-translation.iam.gserviceaccount.com" } diff --git a/sys.config b/sys.config index 6d111849b..74771f3c1 100644 --- a/sys.config +++ b/sys.config @@ -41,7 +41,7 @@ ]} ]}, {google_api, [ - {gs_bucket, <<"cryoflamer">>}, + {gs_bucket, <<"transcribe-store">>}, {key, <<"AIzaSyC-HHyIj9gwYLEK1tdcYC1AhCq5xie4lYc">>}, {app_credentials, "etc/certs/transcribe-dacb4306ab76.json"} ]}, -- GitLab