mirrors/dendrite
1
0
Fork 0
mirror of https://github.com/matrix-org/dendrite.git synced 2026-01-01 11:13:12 -06:00
Code Issues Packages Projects Releases Wiki Activity

Ignore shared secret when warning about open registration, since it's not strictly required when it is set if registration is otherwise enabled

Browse source
This commit is contained in:
Neil Alexander 2022-04-28 17:18:31 +01:00
parent 617ec2098e
commit d784b13560
No known key found for this signature in database
GPG key ID: A02A2019A2BB0944
2 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
setup/config/config_clientapi.go
View file

@ -82,10 +82,10 @@ func (c *ClientAPI) Verify(configErrs *ConfigErrors, isMonolith bool) {
// Ensure there is any spam counter measure when enabling registration
if !c.RegistrationDisabled && !c.OpenRegistrationWithoutVerificationEnabled {
if !c.RecaptchaEnabled && c.RegistrationSharedSecret == "" {
if !c.RecaptchaEnabled {
configErrs.Add(
"You have tried to enable open registration without any secondary verification methods " +
"(such as captcha or shared secret). By enabling open registration, you are SIGNIFICANTLY " +
"(such as reCAPTCHA). By enabling open registration, you are SIGNIFICANTLY " +
"increasing the risk that your server will be used to send spam or abuse, and may result in " +
"your server being banned from some rooms. If you are ABSOLUTELY CERTAIN you want to do this, " +
"start Dendrite with the -really-enable-open-registration command line flag. Otherwise, you " +

2
setup/flags.go
View file

@ -27,7 +27,7 @@ import (
var (
configPath = flag.String("config", "dendrite.yaml", "The path to the config file. For more information, see the config file in this repository.")
version = flag.Bool("version", false, "Shows the current version and exits immediately.")
enableRegistrationWithoutVerification = flag.Bool("really-enable-open-registration", false, "This allows open registration without secondary verification (captcha, shared secret etc). This is NOT RECOMMENDED and will SIGNIFICANTLY increase the risk that your server will be used to send spam or conduct attacks, which may result in your server being banned from rooms.")
enableRegistrationWithoutVerification = flag.Bool("really-enable-open-registration", false, "This allows open registration without secondary verification (reCAPTCHA). This is NOT RECOMMENDED and will SIGNIFICANTLY increase the risk that your server will be used to send spam or conduct attacks, which may result in your server being banned from rooms.")
)
// ParseFlags parses the commandline flags and uses them to create a config.