From 258dce125668ccac45d6d0958da1c841ab7cfcee Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Tue, 8 Oct 2024 10:59:51 -0400 Subject: [PATCH] Add `OpenSSL::SSL::SSLError` to http connection errors wrapper (#32307) --- app/controllers/application_controller.rb | 2 +- app/controllers/concerns/signature_verification.rb | 2 +- app/controllers/media_proxy_controller.rb | 2 +- app/lib/activitypub/activity/create.rb | 4 ++-- app/models/account_alias.rb | 2 +- app/models/account_migration.rb | 2 +- app/models/concerns/remotable.rb | 2 +- app/models/form/redirect.rb | 2 +- app/services/activitypub/process_account_service.rb | 6 +++--- app/services/activitypub/process_status_update_service.rb | 2 +- app/services/fetch_link_card_service.rb | 2 +- app/services/fetch_resource_service.rb | 2 +- app/services/import_service.rb | 2 +- app/services/process_mentions_service.rb | 2 +- app/services/software_update_check_service.rb | 2 +- app/services/verify_link_service.rb | 2 +- app/workers/refollow_worker.rb | 2 +- lib/exceptions.rb | 1 + lib/mastodon/cli/accounts.rb | 2 +- 19 files changed, 22 insertions(+), 21 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 40cae15b48..d493bd43bf 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -32,7 +32,7 @@ class ApplicationController < ActionController::Base rescue_from ActionController::InvalidAuthenticityToken, with: :unprocessable_entity rescue_from Mastodon::RateLimitExceededError, with: :too_many_requests - rescue_from(*Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError, with: :internal_server_error) + rescue_from(*Mastodon::HTTP_CONNECTION_ERRORS, with: :internal_server_error) rescue_from Mastodon::RaceConditionError, Stoplight::Error::RedLight, ActiveRecord::SerializationFailure, with: :service_unavailable rescue_from Seahorse::Client::NetworkingError do |e| diff --git a/app/controllers/concerns/signature_verification.rb b/app/controllers/concerns/signature_verification.rb index 6773c11099..4ae63632c0 100644 --- a/app/controllers/concerns/signature_verification.rb +++ b/app/controllers/concerns/signature_verification.rb @@ -80,7 +80,7 @@ module SignatureVerification fail_with! "Verification failed for #{actor.to_log_human_identifier} #{actor.uri} using rsa-sha256 (RSASSA-PKCS1-v1_5 with SHA-256)", signed_string: compare_signed_string, signature: signature_params['signature'] rescue SignatureVerificationError => e fail_with! e.message - rescue *Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError => e + rescue *Mastodon::HTTP_CONNECTION_ERRORS => e fail_with! "Failed to fetch remote data: #{e.message}" rescue Mastodon::UnexpectedResponseError fail_with! 'Failed to fetch remote data (got unexpected reply from server)' diff --git a/app/controllers/media_proxy_controller.rb b/app/controllers/media_proxy_controller.rb index 09a28c7e37..f68d85e44e 100644 --- a/app/controllers/media_proxy_controller.rb +++ b/app/controllers/media_proxy_controller.rb @@ -13,7 +13,7 @@ class MediaProxyController < ApplicationController rescue_from ActiveRecord::RecordInvalid, with: :not_found rescue_from Mastodon::UnexpectedResponseError, with: :not_found rescue_from Mastodon::NotPermittedError, with: :not_found - rescue_from(*Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError, with: :internal_server_error) + rescue_from(*Mastodon::HTTP_CONNECTION_ERRORS, with: :internal_server_error) def show with_redis_lock("media_download:#{params[:id]}") do diff --git a/app/lib/activitypub/activity/create.rb b/app/lib/activitypub/activity/create.rb index fd836f2305..d04f7226a0 100644 --- a/app/lib/activitypub/activity/create.rb +++ b/app/lib/activitypub/activity/create.rb @@ -199,7 +199,7 @@ class ActivityPub::Activity::Create < ActivityPub::Activity return if account.nil? @mentions << Mention.new(account: account, silent: false) - rescue Mastodon::UnexpectedResponseError, *Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError + rescue Mastodon::UnexpectedResponseError, *Mastodon::HTTP_CONNECTION_ERRORS @unresolved_mentions << tag['href'] end @@ -250,7 +250,7 @@ class ActivityPub::Activity::Create < ActivityPub::Activity media_attachment.download_file! media_attachment.download_thumbnail! media_attachment.save - rescue Mastodon::UnexpectedResponseError, *Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError + rescue Mastodon::UnexpectedResponseError, *Mastodon::HTTP_CONNECTION_ERRORS RedownloadMediaWorker.perform_in(rand(30..600).seconds, media_attachment.id) rescue Seahorse::Client::NetworkingError => e Rails.logger.warn "Error storing media attachment: #{e}" diff --git a/app/models/account_alias.rb b/app/models/account_alias.rb index a4a7427e24..41623ddedb 100644 --- a/app/models/account_alias.rb +++ b/app/models/account_alias.rb @@ -35,7 +35,7 @@ class AccountAlias < ApplicationRecord def set_uri target_account = ResolveAccountService.new.call(acct) self.uri = ActivityPub::TagManager.instance.uri_for(target_account) unless target_account.nil? - rescue Webfinger::Error, *Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError, Mastodon::Error + rescue Webfinger::Error, *Mastodon::HTTP_CONNECTION_ERRORS, Mastodon::Error # Validation will take care of it end diff --git a/app/models/account_migration.rb b/app/models/account_migration.rb index 5df857e3ba..7bda388f2a 100644 --- a/app/models/account_migration.rb +++ b/app/models/account_migration.rb @@ -61,7 +61,7 @@ class AccountMigration < ApplicationRecord def set_target_account self.target_account = ResolveAccountService.new.call(acct, skip_cache: true) - rescue Webfinger::Error, *Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError, Mastodon::Error, Addressable::URI::InvalidURIError + rescue Webfinger::Error, *Mastodon::HTTP_CONNECTION_ERRORS, Mastodon::Error, Addressable::URI::InvalidURIError # Validation will take care of it end diff --git a/app/models/concerns/remotable.rb b/app/models/concerns/remotable.rb index 80a99b35df..15133e7bde 100644 --- a/app/models/concerns/remotable.rb +++ b/app/models/concerns/remotable.rb @@ -26,7 +26,7 @@ module Remotable public_send(:"#{attachment_name}=", ResponseWithLimit.new(response, limit)) end - rescue Mastodon::UnexpectedResponseError, *Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError => e + rescue Mastodon::UnexpectedResponseError, *Mastodon::HTTP_CONNECTION_ERRORS => e Rails.logger.debug { "Error fetching remote #{attachment_name}: #{e}" } public_send(:"#{attachment_name}=", nil) if public_send(:"#{attachment_name}_file_name").present? raise e unless suppress_errors diff --git a/app/models/form/redirect.rb b/app/models/form/redirect.rb index ecacaa4d94..c5b3c1f8f3 100644 --- a/app/models/form/redirect.rb +++ b/app/models/form/redirect.rb @@ -32,7 +32,7 @@ class Form::Redirect def set_target_account @target_account = ResolveAccountService.new.call(acct, skip_cache: true) - rescue Webfinger::Error, *Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError, Mastodon::Error, Addressable::URI::InvalidURIError + rescue Webfinger::Error, *Mastodon::HTTP_CONNECTION_ERRORS, Mastodon::Error, Addressable::URI::InvalidURIError # Validation will take care of it end diff --git a/app/services/activitypub/process_account_service.rb b/app/services/activitypub/process_account_service.rb index d9482efac1..df6f23c021 100644 --- a/app/services/activitypub/process_account_service.rb +++ b/app/services/activitypub/process_account_service.rb @@ -127,13 +127,13 @@ class ActivityPub::ProcessAccountService < BaseService begin @account.avatar_remote_url = image_url('icon') || '' unless skip_download? @account.avatar = nil if @account.avatar_remote_url.blank? - rescue Mastodon::UnexpectedResponseError, *Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError + rescue Mastodon::UnexpectedResponseError, *Mastodon::HTTP_CONNECTION_ERRORS RedownloadAvatarWorker.perform_in(rand(30..600).seconds, @account.id) end begin @account.header_remote_url = image_url('image') || '' unless skip_download? @account.header = nil if @account.header_remote_url.blank? - rescue Mastodon::UnexpectedResponseError, *Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError + rescue Mastodon::UnexpectedResponseError, *Mastodon::HTTP_CONNECTION_ERRORS RedownloadHeaderWorker.perform_in(rand(30..600).seconds, @account.id) end @account.statuses_count = outbox_total_items if outbox_total_items.present? @@ -276,7 +276,7 @@ class ActivityPub::ProcessAccountService < BaseService total_items = collection.is_a?(Hash) && collection['totalItems'].present? && collection['totalItems'].is_a?(Numeric) ? collection['totalItems'] : nil has_first_page = collection.is_a?(Hash) && collection['first'].present? @collections[type] = [total_items, has_first_page] - rescue *Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError, Mastodon::LengthValidationError + rescue *Mastodon::HTTP_CONNECTION_ERRORS, Mastodon::LengthValidationError @collections[type] = [nil, nil] end diff --git a/app/services/activitypub/process_status_update_service.rb b/app/services/activitypub/process_status_update_service.rb index 9ec3f2b430..141ad24e92 100644 --- a/app/services/activitypub/process_status_update_service.rb +++ b/app/services/activitypub/process_status_update_service.rb @@ -109,7 +109,7 @@ class ActivityPub::ProcessStatusUpdateService < BaseService media_attachment.download_file! if media_attachment.remote_url_previously_changed? media_attachment.download_thumbnail! if media_attachment.thumbnail_remote_url_previously_changed? media_attachment.save - rescue Mastodon::UnexpectedResponseError, *Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError + rescue Mastodon::UnexpectedResponseError, *Mastodon::HTTP_CONNECTION_ERRORS RedownloadMediaWorker.perform_in(rand(30..600).seconds, media_attachment.id) rescue Seahorse::Client::NetworkingError => e Rails.logger.warn "Error storing media attachment: #{e}" diff --git a/app/services/fetch_link_card_service.rb b/app/services/fetch_link_card_service.rb index bb526099d6..4141fb43df 100644 --- a/app/services/fetch_link_card_service.rb +++ b/app/services/fetch_link_card_service.rb @@ -29,7 +29,7 @@ class FetchLinkCardService < BaseService end attach_card if @card&.persisted? - rescue *Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError, Addressable::URI::InvalidURIError, Mastodon::HostValidationError, Mastodon::LengthValidationError, Encoding::UndefinedConversionError, ActiveRecord::RecordInvalid => e + rescue *Mastodon::HTTP_CONNECTION_ERRORS, Addressable::URI::InvalidURIError, Mastodon::HostValidationError, Mastodon::LengthValidationError, Encoding::UndefinedConversionError, ActiveRecord::RecordInvalid => e Rails.logger.debug { "Error fetching link #{@original_url}: #{e}" } nil end diff --git a/app/services/fetch_resource_service.rb b/app/services/fetch_resource_service.rb index 949c289b6a..911950ccca 100644 --- a/app/services/fetch_resource_service.rb +++ b/app/services/fetch_resource_service.rb @@ -12,7 +12,7 @@ class FetchResourceService < BaseService return if url.blank? process(url) - rescue *Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError, Addressable::URI::InvalidURIError, Mastodon::HostValidationError, Mastodon::LengthValidationError => e + rescue *Mastodon::HTTP_CONNECTION_ERRORS, Addressable::URI::InvalidURIError, Mastodon::HostValidationError, Mastodon::LengthValidationError => e Rails.logger.debug { "Error fetching resource #{@url}: #{e}" } nil end diff --git a/app/services/import_service.rb b/app/services/import_service.rb index 26fabacb96..a695df2fc9 100644 --- a/app/services/import_service.rb +++ b/app/services/import_service.rb @@ -115,7 +115,7 @@ class ImportService < BaseService next if status.nil? && ActivityPub::TagManager.instance.local_uri?(uri) status || ActivityPub::FetchRemoteStatusService.new.call(uri) - rescue *Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError, Mastodon::UnexpectedResponseError + rescue *Mastodon::HTTP_CONNECTION_ERRORS, Mastodon::UnexpectedResponseError nil rescue => e Rails.logger.warn "Unexpected error when importing bookmark: #{e}" diff --git a/app/services/process_mentions_service.rb b/app/services/process_mentions_service.rb index 2d3c766304..3839eb4df4 100644 --- a/app/services/process_mentions_service.rb +++ b/app/services/process_mentions_service.rb @@ -44,7 +44,7 @@ class ProcessMentionsService < BaseService if mention_undeliverable?(mentioned_account) begin mentioned_account = ResolveAccountService.new.call(Regexp.last_match(1)) - rescue Webfinger::Error, *Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError, Mastodon::UnexpectedResponseError + rescue Webfinger::Error, *Mastodon::HTTP_CONNECTION_ERRORS, Mastodon::UnexpectedResponseError mentioned_account = nil end end diff --git a/app/services/software_update_check_service.rb b/app/services/software_update_check_service.rb index b9818c8199..24a6955b88 100644 --- a/app/services/software_update_check_service.rb +++ b/app/services/software_update_check_service.rb @@ -22,7 +22,7 @@ class SoftwareUpdateCheckService < BaseService Request.new(:get, "#{api_url}?version=#{version}").add_headers('Accept' => 'application/json', 'User-Agent' => 'Mastodon update checker').perform do |res| return Oj.load(res.body_with_limit, mode: :strict) if res.code == 200 end - rescue *Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError, Oj::ParseError + rescue *Mastodon::HTTP_CONNECTION_ERRORS, Oj::ParseError nil end diff --git a/app/services/verify_link_service.rb b/app/services/verify_link_service.rb index af5a5e4a95..17c86426be 100644 --- a/app/services/verify_link_service.rb +++ b/app/services/verify_link_service.rb @@ -10,7 +10,7 @@ class VerifyLinkService < BaseService return unless link_back_present? field.mark_verified! - rescue OpenSSL::SSL::SSLError, *Mastodon::HTTP_CONNECTION_ERRORS, Addressable::URI::InvalidURIError, Mastodon::HostValidationError, Mastodon::LengthValidationError, IPAddr::AddressFamilyError => e + rescue *Mastodon::HTTP_CONNECTION_ERRORS, Addressable::URI::InvalidURIError, Mastodon::HostValidationError, Mastodon::LengthValidationError, IPAddr::AddressFamilyError => e Rails.logger.debug { "Error fetching link #{@url}: #{e}" } nil end diff --git a/app/workers/refollow_worker.rb b/app/workers/refollow_worker.rb index 078c8502d8..7b26e4a062 100644 --- a/app/workers/refollow_worker.rb +++ b/app/workers/refollow_worker.rb @@ -21,7 +21,7 @@ class RefollowWorker # Schedule re-follow begin FollowService.new.call(follower, target_account, reblogs: reblogs, notify: notify, languages: languages, bypass_limit: true) - rescue Mastodon::NotPermittedError, ActiveRecord::RecordNotFound, Mastodon::UnexpectedResponseError, *Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError + rescue Mastodon::NotPermittedError, ActiveRecord::RecordNotFound, Mastodon::UnexpectedResponseError, *Mastodon::HTTP_CONNECTION_ERRORS next end end diff --git a/lib/exceptions.rb b/lib/exceptions.rb index 9c32cb6dda..1910d37a13 100644 --- a/lib/exceptions.rb +++ b/lib/exceptions.rb @@ -41,5 +41,6 @@ module Mastodon HTTP::ConnectionError, HTTP::Error, HTTP::TimeoutError, + OpenSSL::SSL::SSLError, ].freeze end diff --git a/lib/mastodon/cli/accounts.rb b/lib/mastodon/cli/accounts.rb index 6f0de0fd6a..e76735298f 100644 --- a/lib/mastodon/cli/accounts.rb +++ b/lib/mastodon/cli/accounts.rb @@ -305,7 +305,7 @@ module Mastodon::CLI begin code = Request.new(:head, account.uri).perform(&:code) - rescue *Mastodon::HTTP_CONNECTION_ERRORS, OpenSSL::SSL::SSLError, Mastodon::PrivateNetworkAddressError + rescue *Mastodon::HTTP_CONNECTION_ERRORS, Mastodon::PrivateNetworkAddressError skip_domains << account.domain end