From 23eb05ee99dace9ba5d828334eac3eccbe1417e4 Mon Sep 17 00:00:00 2001
From: default <nobody@localhost>
Date: Tue, 10 Jan 2023 18:21:00 +0100
Subject: [PATCH] Use the already loaded actor in check_signature().

---
 activitypub.c | 2 +-
 http.c        | 8 +++++---
 snac.h        | 2 +-
 3 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/activitypub.c b/activitypub.c
index ba4f594..7e208b6 100644
--- a/activitypub.c
+++ b/activitypub.c
@@ -839,7 +839,7 @@ int process_message(snac *snac, char *msg, char *req)
     }
 
     /* check the signature */
-    if (!check_signature(snac, req)) {
+    if (!check_signature(snac, req, actor_o)) {
         snac_log(snac, xs_fmt("bad signature"));
         return 1;
     }
diff --git a/http.c b/http.c
index d01284c..9600434 100644
--- a/http.c
+++ b/http.c
@@ -103,7 +103,7 @@ d_char *http_signed_request(snac *snac, char *method, char *url,
 }
 
 
-static int _check_signature(snac *snac, char *req, char **err)
+static int _check_signature(snac *snac, char *req, char *actor, char **err)
 /* check the signature */
 {
     char *sig_hdr = xs_dict_get(req, "signature");
@@ -144,6 +144,7 @@ static int _check_signature(snac *snac, char *req, char **err)
         return 0;
     }
 
+#if 0
     /* strip the # from the keyId */
     if ((p = strchr(keyId, '#')) != NULL)
         *p = '\0';
@@ -154,6 +155,7 @@ static int _check_signature(snac *snac, char *req, char **err)
         *err = xs_fmt("unknown actor %s", keyId);
         return 0;
     }
+#endif
 
     if ((p = xs_dict_get(actor, "publicKey")) == NULL ||
         ((pubkey = xs_dict_get(p, "publicKeyPem")) == NULL)) {
@@ -210,13 +212,13 @@ static int _check_signature(snac *snac, char *req, char **err)
 }
 
 
-int check_signature(snac *snac, char *req)
+int check_signature(snac *snac, char *req, char *actor)
 /* checks the signature and archives the error */
 {
     int ret;
     xs *err = NULL;
 
-    if ((ret = _check_signature(snac, req, &err)) == 0) {
+    if ((ret = _check_signature(snac, req, actor, &err)) == 0) {
         snac_debug(snac, 1, xs_fmt("check_signature %s", err));
 
         xs *ntid = tid(0);
diff --git a/snac.h b/snac.h
index b8cfae0..a4e846e 100644
--- a/snac.h
+++ b/snac.h
@@ -139,7 +139,7 @@ d_char *http_signed_request(snac *snac, char *method, char *url,
                         d_char *headers,
                         d_char *body, int b_size,
                         int *status, d_char **payload, int *p_size);
-int check_signature(snac *snac, char *req);
+int check_signature(snac *snac, char *req, char *actor);
 
 void httpd(void);