From e2e1ff7ea338bc03d24823c3a13bd27bdbfa3fda Mon Sep 17 00:00:00 2001 From: Till Faelligen Date: Thu, 28 Apr 2022 17:17:28 +0200 Subject: [PATCH] Make enable open registration a parameter --- build/docker/config/dendrite.yaml | 5 ----- dendrite-config.yaml | 5 ----- setup/config/config_clientapi.go | 5 ++++- setup/flags.go | 9 +++++++-- 4 files changed, 11 insertions(+), 13 deletions(-) diff --git a/build/docker/config/dendrite.yaml b/build/docker/config/dendrite.yaml index d1410a7b4..94dcf4558 100644 --- a/build/docker/config/dendrite.yaml +++ b/build/docker/config/dendrite.yaml @@ -142,11 +142,6 @@ client_api: # using the registration shared secret below. registration_disabled: true - # Enable registration without captcha verification or shared secret. Note: this option is *not* recommended, - # as registration without verification is a known vector for spam and abuse. Defaults to false. Has no effect - # unless `registration_disabled` is set to false. - enable_registration_without_verification: false - # If set, allows registration by anyone who knows the shared secret, regardless of # whether registration is otherwise disabled. registration_shared_secret: "" diff --git a/dendrite-config.yaml b/dendrite-config.yaml index e92315462..1c11ef96d 100644 --- a/dendrite-config.yaml +++ b/dendrite-config.yaml @@ -161,11 +161,6 @@ client_api: # using the registration shared secret below. registration_disabled: true - # Enable registration without captcha verification or shared secret. Note: this option is *not* recommended, - # as registration without verification is a known vector for spam and abuse. Defaults to false. Has no effect - # unless `registration_disabled` is set to false. - enable_registration_without_verification: false - # Prevents new guest accounts from being created. Guest registration is also # disabled implicitly by setting 'registration_disabled' above. guests_disabled: true diff --git a/setup/config/config_clientapi.go b/setup/config/config_clientapi.go index f96aa5a10..5c2170e60 100644 --- a/setup/config/config_clientapi.go +++ b/setup/config/config_clientapi.go @@ -19,7 +19,7 @@ type ClientAPI struct { // Enable registration without captcha verification or shared secret. Note: this option is *not* recommended, // as registration without verification is a known vector for spam and abuse. Defaults to false. Has no effect // unless `registration_disabled` is set to false. - RegistrationWithoutVerificationEnabled bool `yaml:"enable_registration_without_verification"` + RegistrationWithoutVerificationEnabled bool `yaml:"-"` // If set, allows registration by anyone who also has the shared // secret, even if registration is otherwise disabled. @@ -63,6 +63,9 @@ func (c *ClientAPI) Defaults(generate bool) { c.RecaptchaSiteVerifyAPI = "" c.RegistrationDisabled = false c.RegistrationWithoutVerificationEnabled = false + if generate { + c.RegistrationWithoutVerificationEnabled = true + } c.RateLimiting.Defaults() } diff --git a/setup/flags.go b/setup/flags.go index 281cf3392..ecacfbed5 100644 --- a/setup/flags.go +++ b/setup/flags.go @@ -25,8 +25,9 @@ import ( ) var ( - configPath = flag.String("config", "dendrite.yaml", "The path to the config file. For more information, see the config file in this repository.") - version = flag.Bool("version", false, "Shows the current version and exits immediately.") + configPath = flag.String("config", "dendrite.yaml", "The path to the config file. For more information, see the config file in this repository.") + version = flag.Bool("version", false, "Shows the current version and exits immediately.") + enableRegistrationWithoutVerification = flag.Bool("really-enable-open-registration", false, "This allows open registration without verification (captcha, shared secret etc). (NOT RECOMMENDED)") ) // ParseFlags parses the commandline flags and uses them to create a config. @@ -48,5 +49,9 @@ func ParseFlags(monolith bool) *config.Dendrite { logrus.Fatalf("Invalid config file: %s", err) } + if *enableRegistrationWithoutVerification { + cfg.ClientAPI.RegistrationWithoutVerificationEnabled = true + } + return cfg }