diff options
| author |  default | 2023-01-10 18:21:00 +0100 |
|---|---|---|
| committer | default | 2023-01-10 18:21:00 +0100 |
| commit | 23eb05ee99dace9ba5d828334eac3eccbe1417e4 (patch) | |
| tree | 823d88e314f5f8029e90eaa4f436af621d2bac19 | |
| parent | Backport from xs. (diff) | |
| download | snac2-23eb05ee99dace9ba5d828334eac3eccbe1417e4.tar.gz snac2-23eb05ee99dace9ba5d828334eac3eccbe1417e4.tar.xz snac2-23eb05ee99dace9ba5d828334eac3eccbe1417e4.zip | |
Use the already loaded actor in check_signature().
| -rw-r--r-- | activitypub.c | 2 | ||||
| -rw-r--r-- | http.c | 8 | ||||
| -rw-r--r-- | snac.h | 2 |
3 files changed, 7 insertions, 5 deletions
diff --git a/activitypub.c b/activitypub.c index ba4f594..7e208b6 100644 --- a/activitypub.c +++ b/activitypub.c | |||
| @@ -839,7 +839,7 @@ int process_message(snac *snac, char *msg, char *req) | |||
| 839 | } | 839 | } |
| 840 | 840 | ||
| 841 | /* check the signature */ | 841 | /* check the signature */ |
| 842 | if (!check_signature(snac, req)) { | 842 | if (!check_signature(snac, req, actor_o)) { |
| 843 | snac_log(snac, xs_fmt("bad signature")); | 843 | snac_log(snac, xs_fmt("bad signature")); |
| 844 | return 1; | 844 | return 1; |
| 845 | } | 845 | } |
| @@ -103,7 +103,7 @@ d_char *http_signed_request(snac *snac, char *method, char *url, | |||
| 103 | } | 103 | } |
| 104 | 104 | ||
| 105 | 105 | ||
| 106 | static int _check_signature(snac *snac, char *req, char **err) | 106 | static int _check_signature(snac *snac, char *req, char *actor, char **err) |
| 107 | /* check the signature */ | 107 | /* check the signature */ |
| 108 | { | 108 | { |
| 109 | char *sig_hdr = xs_dict_get(req, "signature"); | 109 | char *sig_hdr = xs_dict_get(req, "signature"); |
| @@ -144,6 +144,7 @@ static int _check_signature(snac *snac, char *req, char **err) | |||
| 144 | return 0; | 144 | return 0; |
| 145 | } | 145 | } |
| 146 | 146 | ||
| 147 | #if 0 | ||
| 147 | /* strip the # from the keyId */ | 148 | /* strip the # from the keyId */ |
| 148 | if ((p = strchr(keyId, '#')) != NULL) | 149 | if ((p = strchr(keyId, '#')) != NULL) |
| 149 | *p = '\0'; | 150 | *p = '\0'; |
| @@ -154,6 +155,7 @@ static int _check_signature(snac *snac, char *req, char **err) | |||
| 154 | *err = xs_fmt("unknown actor %s", keyId); | 155 | *err = xs_fmt("unknown actor %s", keyId); |
| 155 | return 0; | 156 | return 0; |
| 156 | } | 157 | } |
| 158 | #endif | ||
| 157 | 159 | ||
| 158 | if ((p = xs_dict_get(actor, "publicKey")) == NULL || | 160 | if ((p = xs_dict_get(actor, "publicKey")) == NULL || |
| 159 | ((pubkey = xs_dict_get(p, "publicKeyPem")) == NULL)) { | 161 | ((pubkey = xs_dict_get(p, "publicKeyPem")) == NULL)) { |
| @@ -210,13 +212,13 @@ static int _check_signature(snac *snac, char *req, char **err) | |||
| 210 | } | 212 | } |
| 211 | 213 | ||
| 212 | 214 | ||
| 213 | int check_signature(snac *snac, char *req) | 215 | int check_signature(snac *snac, char *req, char *actor) |
| 214 | /* checks the signature and archives the error */ | 216 | /* checks the signature and archives the error */ |
| 215 | { | 217 | { |
| 216 | int ret; | 218 | int ret; |
| 217 | xs *err = NULL; | 219 | xs *err = NULL; |
| 218 | 220 | ||
| 219 | if ((ret = _check_signature(snac, req, &err)) == 0) { | 221 | if ((ret = _check_signature(snac, req, actor, &err)) == 0) { |
| 220 | snac_debug(snac, 1, xs_fmt("check_signature %s", err)); | 222 | snac_debug(snac, 1, xs_fmt("check_signature %s", err)); |
| 221 | 223 | ||
| 222 | xs *ntid = tid(0); | 224 | xs *ntid = tid(0); |
| @@ -139,7 +139,7 @@ d_char *http_signed_request(snac *snac, char *method, char *url, | |||
| 139 | d_char *headers, | 139 | d_char *headers, |
| 140 | d_char *body, int b_size, | 140 | d_char *body, int b_size, |
| 141 | int *status, d_char **payload, int *p_size); | 141 | int *status, d_char **payload, int *p_size); |
| 142 | int check_signature(snac *snac, char *req); | 142 | int check_signature(snac *snac, char *req, char *actor); |
| 143 | 143 | ||
| 144 | void httpd(void); | 144 | void httpd(void); |
| 145 | 145 | ||