diff options
| author |  default | 2023-01-11 09:38:19 +0100 |
|---|---|---|
| committer | default | 2023-01-11 09:38:19 +0100 |
| commit | 1aac24ca756be5305f0895f7ebfc12a989773975 (patch) | |
| tree | c0a332a2ba2c8df2e307263dca5a73701d381504 | |
| parent | Log tweaks. (diff) | |
| download | snac2-1aac24ca756be5305f0895f7ebfc12a989773975.tar.gz snac2-1aac24ca756be5305f0895f7ebfc12a989773975.tar.xz snac2-1aac24ca756be5305f0895f7ebfc12a989773975.zip | |
More keyId/signature tweaks.
| -rw-r--r-- | activitypub.c | 7 | ||||
| -rw-r--r-- | http.c | 12 | ||||
| -rw-r--r-- | snac.h | 2 |
3 files changed, 7 insertions, 14 deletions
diff --git a/activitypub.c b/activitypub.c index 4d20487..b316574 100644 --- a/activitypub.c +++ b/activitypub.c | |||
| @@ -139,11 +139,6 @@ int send_to_inbox(snac *snac, char *inbox, char *msg, d_char **payload, int *p_s | |||
| 139 | response = http_signed_request(snac, "POST", inbox, | 139 | response = http_signed_request(snac, "POST", inbox, |
| 140 | NULL, j_msg, strlen(j_msg), &status, payload, p_size); | 140 | NULL, j_msg, strlen(j_msg), &status, payload, p_size); |
| 141 | 141 | ||
| 142 | if (status == 400) { | ||
| 143 | snac_debug(snac, 0, xs_fmt("send_to_inbox error %d (response date: '%s')", | ||
| 144 | status, xs_dict_get(response, "date"))); | ||
| 145 | } | ||
| 146 | |||
| 147 | xs_free(response); | 142 | xs_free(response); |
| 148 | 143 | ||
| 149 | return status; | 144 | return status; |
| @@ -839,7 +834,7 @@ int process_message(snac *snac, char *msg, char *req) | |||
| 839 | } | 834 | } |
| 840 | 835 | ||
| 841 | /* check the signature */ | 836 | /* check the signature */ |
| 842 | if (!check_signature(snac, req, actor_o)) { | 837 | if (!check_signature(snac, req)) { |
| 843 | snac_log(snac, xs_fmt("bad signature %s", actor)); | 838 | snac_log(snac, xs_fmt("bad signature %s", actor)); |
| 844 | return 1; | 839 | return 1; |
| 845 | } | 840 | } |
| @@ -103,7 +103,7 @@ d_char *http_signed_request(snac *snac, char *method, char *url, | |||
| 103 | } | 103 | } |
| 104 | 104 | ||
| 105 | 105 | ||
| 106 | static int _check_signature(snac *snac, char *req, char *actor, char **err) | 106 | static int _check_signature(snac *snac, char *req, char **err) |
| 107 | /* check the signature */ | 107 | /* check the signature */ |
| 108 | { | 108 | { |
| 109 | char *sig_hdr = xs_dict_get(req, "signature"); | 109 | char *sig_hdr = xs_dict_get(req, "signature"); |
| @@ -144,18 +144,16 @@ static int _check_signature(snac *snac, char *req, char *actor, char **err) | |||
| 144 | return 0; | 144 | return 0; |
| 145 | } | 145 | } |
| 146 | 146 | ||
| 147 | #if 0 | ||
| 148 | /* strip the # from the keyId */ | 147 | /* strip the # from the keyId */ |
| 149 | if ((p = strchr(keyId, '#')) != NULL) | 148 | if ((p = strchr(keyId, '#')) != NULL) |
| 150 | *p = '\0'; | 149 | *p = '\0'; |
| 151 | 150 | ||
| 152 | /* the actor must already be here */ | ||
| 153 | xs *actor = NULL; | 151 | xs *actor = NULL; |
| 154 | if (!valid_status(actor_get(snac, keyId, &actor))) { | 152 | |
| 153 | if (!valid_status(actor_request(snac, keyId, &actor))) { | ||
| 155 | *err = xs_fmt("unknown actor %s", keyId); | 154 | *err = xs_fmt("unknown actor %s", keyId); |
| 156 | return 0; | 155 | return 0; |
| 157 | } | 156 | } |
| 158 | #endif | ||
| 159 | 157 | ||
| 160 | if ((p = xs_dict_get(actor, "publicKey")) == NULL || | 158 | if ((p = xs_dict_get(actor, "publicKey")) == NULL || |
| 161 | ((pubkey = xs_dict_get(p, "publicKeyPem")) == NULL)) { | 159 | ((pubkey = xs_dict_get(p, "publicKeyPem")) == NULL)) { |
| @@ -212,13 +210,13 @@ static int _check_signature(snac *snac, char *req, char *actor, char **err) | |||
| 212 | } | 210 | } |
| 213 | 211 | ||
| 214 | 212 | ||
| 215 | int check_signature(snac *snac, char *req, char *actor) | 213 | int check_signature(snac *snac, char *req) |
| 216 | /* checks the signature and archives the error */ | 214 | /* checks the signature and archives the error */ |
| 217 | { | 215 | { |
| 218 | int ret; | 216 | int ret; |
| 219 | xs *err = NULL; | 217 | xs *err = NULL; |
| 220 | 218 | ||
| 221 | if ((ret = _check_signature(snac, req, actor, &err)) == 0) { | 219 | if ((ret = _check_signature(snac, req, &err)) == 0) { |
| 222 | snac_debug(snac, 1, xs_fmt("check_signature %s", err)); | 220 | snac_debug(snac, 1, xs_fmt("check_signature %s", err)); |
| 223 | 221 | ||
| 224 | xs *ntid = tid(0); | 222 | xs *ntid = tid(0); |
| @@ -139,7 +139,7 @@ d_char *http_signed_request(snac *snac, char *method, char *url, | |||
| 139 | d_char *headers, | 139 | d_char *headers, |
| 140 | d_char *body, int b_size, | 140 | d_char *body, int b_size, |
| 141 | int *status, d_char **payload, int *p_size); | 141 | int *status, d_char **payload, int *p_size); |
| 142 | int check_signature(snac *snac, char *req, char *actor); | 142 | int check_signature(snac *snac, char *req); |
| 143 | 143 | ||
| 144 | void httpd(void); | 144 | void httpd(void); |
| 145 | 145 | ||