Pleroma crashing during follow request
Environment
- Installation type (OTP or From Source): I believe from source.
- Pleroma version: 2.1.2 and b225c357
- Elixir version:
$ elixir -v
warning: the VM is running with native name encoding of latin1 which may cause Elixir to malfunction as it expects utf8. Please ensure your locale is set to UTF-8 (which can be verified by running "locale" in your shell)
Erlang/OTP 21 [erts-10.3.5.13] [source] [64-bit] [smp:4:4] [ds:4:4:10] [async-threads:1] [hipe] [dtrace]
Elixir 1.10.4 (compiled with Erlang/OTP 21)
- Operating system: FreeBSD dev 12.1-RELEASE-p7 FreeBSD 12.1-RELEASE-p7 GENERIC amd64
- PostgreSQL version (
psql -V
): psql (PostgreSQL) 12.4
Bug description
Hi all, I believe there is a bug causing Pleroma to hit an exception condition when I send a Follow request.
I wrote custom python code that sent the JSON code below to /users/ngrok/inbox
. The Pleroma server is running on ee880c3b32b8.ngrok.io
, while my test server was p.farhan.codes
:
{
"Host":"ee880c3b32b8.ngrok.io",
"Date":"Wed, 11 Nov 2020 01:08:25 GMT",
"Signature":"keyId=\"https://p.farhan.codes/users/farhan#main-key\",algorithm=\"rsa-sha256\",headers=\"(request-target) host date\",signature=\"F2nbDekiiZ9D8l6RIqkschE9IEUkcxHfVZq8We3YluWw8htcmuyBweKCQBHAML4jBxT+V1M/MxOBhD5kzRSYAIPwLaqROkjEnkos55MTe/eJU9ERJF/Mbf965s0pw3z1yVijg8dB7E0Q9NYVM59pX77jNmaP7sLv/qaOTym59ZRG5JxEjpFz51v0fjGPVJoy2HYae0YX9/DxaqUdaiuR5TLX+qaFcgIy/ZyFJrJj974ps828d2PWt3w5vvvV10uzTw+Om1WDQrGjMcTajpu79X3Tr9jrqsTZfGwsPlCwjojrsV3cWpzhfTklPhtyvOCN8rbHCiPet9GK5OA9RfX6dg==\""
}
{
"@context":"https://www.w3.org/ns/activitystreams",
"id":"https://p.farhan.codes/activities/4367d2a7-b6ed-424e-8bd1-e7f053af4f5c",
"object":"https://ee880c3b32b8.ngrok.io/users/ngrok",
"type":"Follow",
"actor":"https://p.farhan.codes/users/farhan"
}
My custom test server replied as following:
{
"@context":[
"https://www.w3.org/ns/activitystreams",
"https://p.farhan.codes/schemas/litepub-0.1.jsonld",
{
"@language":"und"
}
],
"attachment":[
],
"capabilities":{
"acceptsChatMessages":true
},
"discoverable":false,
"endpoints":{
"oauthAuthorizationEndpoint":"https://p.farhan.codes/oauth/authorize",
"oauthRegistrationEndpoint":"https://p.farhan.codes/api/v1/apps",
"oauthTokenEndpoint":"https://p.farhan.codes/oauth/token",
"sharedInbox":"https://p.farhan.codes/inbox",
"uploadMedia":"https://p.farhan.codes/api/ap/upload_media"
},
"followers":"https://p.farhan.codes/users/farhan/followers",
"following":"https://p.farhan.codes/users/farhan/following",
"id":"https://p.farhan.codes/users/farhan",
"inbox":"https://p.farhan.codes/users/farhan/inbox",
"manuallyApprovesFollowers":false,
"name":"farhan",
"outbox":"https://p.farhan.codes/users/farhan/outbox",
"preferredUsername":"farhan",
"publicKey":{
"id":"https://p.farhan.codes/users/farhan#main-key",
"owner":"https://p.farhan.codes/users/farhan",
"publicKeyPem":"-----BEGIN PUBLIC KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5JI+uBbt3w0tPekK+UD\\naQLRG220XztYLEE1gC8eGYctYgrTX0wruNP+CFap1VsvyWxRoitNjFLDD3pwYxK9\\n+k6P459ekL0fSRqQ0bzOQ5Vb22PBs9iOKonV9FSljCcDg0kc3cvxCeU246BMurGI\\nIs0vWk3UwygkeMo+rYXDluTtuSvZs+2ume2JYgrtcQoDH5YzU+76dRLYfd1+xEFo\\nP+K0hFb7+LhwGwDuLtTUYQ39kqm2jnC9/3W5yyweBqh05iQ0joDC0nuoZpjvT7on\\n2Obwluci30Q2xS1i+5244qr9Ouq1EK+9kdf15RMMOH1Azumho1YNFoVZlcxy2bar\\n6wIDAQAB\\n-----END PUBLIC KEY-----\\n\\n"
},
"summary":"",
"tag":[
],
"type":"Person",
"url":"https://p.farhan.codes/users/farhan"
}
At this point, the Pleroma server crashed with the following message:
19:56:38.131 [error] #PID<0.1120.0> running Pleroma.Web.Endpoint (connection #PID<0.1119.0>, stream id 1) terminated
Server: ee880c3b32b8.ngrok.io:80 (http)
Request: POST /users/ngrok/inbox
** (exit) an exception was raised:
** (FunctionClauseError) no function clause matching in Plug.Conn.resp/3
(plug 1.10.4) lib/plug/conn.ex:580: Plug.Conn.resp(%Plug.Conn{adapter: {Plug.Cowboy.Conn, :...}, assigns: %{kind: :error, layout: false, locale: "en", reason: %ArgumentError{message: "nil given for :ap_id. Comparison with nil is forbidden as it is unsafe. Instead write a query with is_nil/1, for example: is_nil(s.ap_id)"}, remote_ip_found: true, stack: [{Ecto.Query.Builder.Filter, :kw!, 7, [file: 'lib/ecto/query/builder/filter.ex', line: 135]}, {Ecto.Query.Builder.Filter, :kw!, 3, [file: 'lib/ecto/query/builder/filter.ex', line: 128]}, {Ecto.Query.Builder.Filter, :filter!, 6, [file: 'lib/ecto/query/builder/filter.ex', line: 110]}, {Ecto.Query.Builder.Filter, :filter!, 7, [file: 'lib/ecto/query/builder/filter.ex', line: 122]}, {Ecto.Repo.Queryable, :get_by, 4, [file: 'lib/ecto/repo/queryable.ex', line: 70]}, {Pleroma.User, :get_cached_by_ap_id, 1, [file: 'lib/pleroma/user.ex', line: 1037]}, {Pleroma.User, :get_or_fetch_by_ap_id, 1, [file: 'lib/pleroma/user.ex', line: 1827]}, {Pleroma.Web.ActivityPub.ActivityPubController, :inbox, 2, [file: 'lib/pleroma/web/activity_pub/activity_pub_controller.ex', line: 268]}], status: 500, user: %Pleroma.User{blocker_blocks: #Ecto.Association.NotLoaded<association :blocker_blocks is not loaded>, inbox: "https://p.farhan.codes/users/farhan/inbox", is_moderator: false, locked: false, background: %{}, public_key: "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5JI+uBbt3w0tPekK+UD\naQLRG220XztYLEE1gC8eGYctYgrTX0wruNP+CFap1VsvyWxRoitNjFLDD3pwYxK9\n+k6P459ekL0fSRqQ0bzOQ5Vb22PBs9iOKonV9FSljCcDg0kc3cvxCeU246BMurGI\nIs0vWk3UwygkeMo+rYXDluTtuSvZs+2ume2JYgrtcQoDH5YzU+76dRLYfd1+xEFo\nP+K0hFb7+LhwGwDuLtTUYQ39kqm2jnC9/3W5yyweBqh05iQ0joDC0nuoZpjvT7on\n2Obwluci30Q2xS1i+5244qr9Ouq1EK+9kdf15RMMOH1Azumho1YNFoVZlcxy2bar\n6wIDAQAB\n-----END PUBLIC KEY-----\n\n", subscriber_users: #Ecto.Association.NotLoaded<association :subscriber_users is not loaded>, multi_factor_authentication_settings: %Pleroma.MFA.Settings{backup_codes: [], enabled: false, totp: nil}, keys: nil, password: nil, hide_followers: false, follower_address: "https://p.farhan.codes/users/farhan/followers", subscribee_subscriptions: #Ecto.Association.NotLoaded<association :subscribee_subscriptions is not loaded>, search_rank: nil, unread_conversation_count: 0, muter_users: #Ecto.Association.NotLoaded<association :muter_users is not loaded>, uri: "https://p.farhan.codes/users/farhan", muted_notifications: [], emoji: %{}, notifications: #Ecto.Association.NotLoaded<association :notifications is not loaded>, fields: [], deactivated: false, accepts_chat_messages: true, raw_bio: nil, pleroma_settings_store: %{}, muter_mutes: #Ecto.Association.NotLoaded<association :muter_mutes is not loaded>, is_admin: false, reblog_muter_mutes: #Ecto.Association.NotLoaded<association :reblog_muter_mutes is not loaded>, also_known_as: [], last_digest_emailed_at: ~N[2020-11-09 18:51:24], actor_type: "Person", default_scope: "public", following_address: "https://p.farhan.codes/users/farhan/following", ap_id: "https://p.farhan.codes/users/farhan", email: nil, search_type: nil, blocks: [], notification_muted_users: #Ecto.Association.NotLoaded<association :notification_muted_users is not loaded>, registration_reason: nil, password_hash: nil, ...}, valid_signature: true}, before_send: [#Function<0.84436418/1 in Pleroma.Web.Endpoint.PipelineInstrumenter.call/2>, #Function<1.2543719/1 in Plug.Logger.call/2>], body_params: %{}, cookies: %Plug.Conn.Unfetched{aspect: :cookies}, halted: false, host: "ee880c3b32b8.ngrok.io", method: "POST", owner: #PID<0.1120.0>, params: %{"nickname" => "ngrok"}, path_info: ["users", "ngrok", "inbox"], path_params: %{"nickname" => "ngrok"}, port: 80, private: %{Pleroma.Web.Router => {[], %{}}, :phoenix_action => :inbox, :phoenix_controller => Pleroma.Web.ActivityPub.ActivityPubController, :phoenix_endpoint => Pleroma.Web.Endpoint, :phoenix_format => "activity+json", :phoenix_layout => false, :phoenix_root_layout => false, :phoenix_router => Pleroma.Web.Router, :phoenix_template => "500.activity+json", :phoenix_view => Pleroma.Web.ErrorView, :plug_session_fetch => #Function<1.55231287/1 in Plug.Session.fetch_session/1>}, query_params: %{}, query_string: "", remote_ip: {72, 196, 212, 59}, req_cookies: %Plug.Conn.Unfetched{aspect: :cookies}, req_headers: [{"accept", "*/*"}, {"accept-encoding", "gzip, deflate"}, {"content-length", "254"}, {"date", "Wed, 11 Nov 2020 00:56:37 GMT"}, {"host", "ee880c3b32b8.ngrok.io"}, {"signature", "keyId=\"https://p.farhan.codes/users/farhan#main-key\",algorithm=\"rsa-sha256\",headers=\"(request-target) host date\",signature=\"diPgO9u7HTuBkGyOwaxMzSylRARxNVuUET7ic23+g+ypZ/mtVDcxVQ4qJ/Yy5ob2sZBBqYeP9kqa7mND4MVnXUdJteNDPRceeuPcX6CR5JwXyx5GputAxMwfxGamoH9vYXWlu7uts97LvMx27a4UDdPQyRDAkqWoH4SVXkloMKA1fjiYhonZFQjjRCcCD4KHEOVDYt97wy+UAWt+Zi9kOYt/wZ+7LtfFnMpK+1JVS+kKKAVHhr1G7rHvp6V+iamlzdhxiHtGJ734/OuvmQtPrErTddBRhNCJe0PNLwozYBOEpDqfDNu/hzOIQ7ZlXAMn9MFUj8RzmHKPppSwFo1g/g==\""}, {"user-agent", "python-requests/2.23.0"}, {"x-forwarded-for", "72.196.212.59"}, {"x-forwarded-proto", "https"}, {"(request-target)", "post /users/ngrok/inbox"}], request_path: "/users/ngrok/inbox", resp_body: nil, resp_cookies: %{}, resp_headers: [{"content-type", "application/activity+json; charset=utf-8"}, {"cache-control", "max-age=0, private, must-revalidate"}, {"access-control-allow-origin", "*"}, {"access-control-expose-headers", "Link,X-RateLimit-Reset,X-RateLimit-Limit,X-RateLimit-Remaining,X-Request-Id,Idempotency-Key"}, {"access-control-allow-credentials", "true"}, {"x-xss-protection", "1; mode=block"}, {"x-permitted-cross-domain-policies", "none"}, {"x-frame-options", "DENY"}, {"x-content-type-options", "nosniff"}, {"referrer-policy", "same-origin"}, {"x-download-options", "noopen"}, {"content-security-policy", "upgrade-insecure-requests;script-src 'self';connect-src 'self' blob: https://ee880c3b32b8.ngrok.io wss://ee880c3b32b8.ngrok.io;media-src 'self' https:;img-src 'self' data: blob: https:;default-src 'none';base-uri 'self';frame-ancestors 'none';style-src 'self' 'unsafe-inline';font-src 'self';manifest-src 'self';"}, {"x-request-id", "FkZOG6wFZUQGFk4AAA4k"}], scheme: :http, script_name: [], secret_key_base: :..., state: :unset, status: 500}, 500, %{errors: %{detail: "Internal server error"}})
(phoenix 1.4.17) lib/phoenix/endpoint/render_errors.ex:77: Phoenix.Endpoint.RenderErrors.instrument_render_and_send/5
(phoenix 1.4.17) lib/phoenix/endpoint/render_errors.ex:62: Phoenix.Endpoint.RenderErrors.__catch__/5
(phoenix 1.4.17) lib/phoenix/endpoint/cowboy2_handler.ex:42: Phoenix.Endpoint.Cowboy2Handler.init/4
(cowboy 2.8.0) /usr/home/pleroma/pleroma/deps/cowboy/src/cowboy_handler.erl:37: :cowboy_handler.execute/2
(cowboy 2.8.0) /usr/home/pleroma/pleroma/deps/cowboy/src/cowboy_stream_h.erl:300: :cowboy_stream_h.execute/3
(cowboy 2.8.0) /usr/home/pleroma/pleroma/deps/cowboy/src/cowboy_stream_h.erl:291: :cowboy_stream_h.request_process/3
(stdlib 3.8.2.4) proc_lib.erl:249: :proc_lib.init_p_do_apply/3
My follow request works to a Mastodon host. Assuming my follow request is not broken, this appears to be a bug in Pleroma.