diff --git a/activitypub.c b/activitypub.c index ba4f594..7e208b6 100644 --- a/activitypub.c +++ b/activitypub.c @@ -839,7 +839,7 @@ int process_message(snac *snac, char *msg, char *req) } /* check the signature */ - if (!check_signature(snac, req)) { + if (!check_signature(snac, req, actor_o)) { snac_log(snac, xs_fmt("bad signature")); return 1; } diff --git a/http.c b/http.c index d01284c..9600434 100644 --- a/http.c +++ b/http.c @@ -103,7 +103,7 @@ d_char *http_signed_request(snac *snac, char *method, char *url, } -static int _check_signature(snac *snac, char *req, char **err) +static int _check_signature(snac *snac, char *req, char *actor, char **err) /* check the signature */ { char *sig_hdr = xs_dict_get(req, "signature"); @@ -144,6 +144,7 @@ static int _check_signature(snac *snac, char *req, char **err) return 0; } +#if 0 /* strip the # from the keyId */ if ((p = strchr(keyId, '#')) != NULL) *p = '\0'; @@ -154,6 +155,7 @@ static int _check_signature(snac *snac, char *req, char **err) *err = xs_fmt("unknown actor %s", keyId); return 0; } +#endif if ((p = xs_dict_get(actor, "publicKey")) == NULL || ((pubkey = xs_dict_get(p, "publicKeyPem")) == NULL)) { @@ -210,13 +212,13 @@ static int _check_signature(snac *snac, char *req, char **err) } -int check_signature(snac *snac, char *req) +int check_signature(snac *snac, char *req, char *actor) /* checks the signature and archives the error */ { int ret; xs *err = NULL; - if ((ret = _check_signature(snac, req, &err)) == 0) { + if ((ret = _check_signature(snac, req, actor, &err)) == 0) { snac_debug(snac, 1, xs_fmt("check_signature %s", err)); xs *ntid = tid(0); diff --git a/snac.h b/snac.h index b8cfae0..a4e846e 100644 --- a/snac.h +++ b/snac.h @@ -139,7 +139,7 @@ d_char *http_signed_request(snac *snac, char *method, char *url, d_char *headers, d_char *body, int b_size, int *status, d_char **payload, int *p_size); -int check_signature(snac *snac, char *req); +int check_signature(snac *snac, char *req, char *actor); void httpd(void);