Use the already loaded actor in check_signature().

2024-11-09 19:50:26 +03:00 · 2023-01-10 18:21:00 +01:00 · 2023-01-10 18:21:00 +01:00 · 23eb05ee99
commit 23eb05ee99
parent d2eae2b369
3 changed files with 7 additions and 5 deletions
--- a/activitypub.c
+++ b/activitypub.c
@ -839,7 +839,7 @@ int process_message(snac *snac, char *msg, char *req)
    }

    /* check the signature */
-    if (!check_signature(snac, req)) {
+    if (!check_signature(snac, req, actor_o)) {
        snac_log(snac, xs_fmt("bad signature"));
        return 1;
    }
--- a/http.c
+++ b/http.c
@ -103,7 +103,7 @@ d_char *http_signed_request(snac *snac, char *method, char *url,
 }


-static int _check_signature(snac *snac, char *req, char **err)
+static int _check_signature(snac *snac, char *req, char *actor, char **err)
 /* check the signature */
 {
    char *sig_hdr = xs_dict_get(req, "signature");
@ -144,6 +144,7 @@ static int _check_signature(snac *snac, char *req, char **err)
        return 0;
    }

+#if 0
    /* strip the # from the keyId */
    if ((p = strchr(keyId, '#')) != NULL)
        *p = '\0';
@ -154,6 +155,7 @@ static int _check_signature(snac *snac, char *req, char **err)
        *err = xs_fmt("unknown actor %s", keyId);
        return 0;
    }
+#endif

    if ((p = xs_dict_get(actor, "publicKey")) == NULL ||
        ((pubkey = xs_dict_get(p, "publicKeyPem")) == NULL)) {
@ -210,13 +212,13 @@ static int _check_signature(snac *snac, char *req, char **err)
 }


-int check_signature(snac *snac, char *req)
+int check_signature(snac *snac, char *req, char *actor)
 /* checks the signature and archives the error */
 {
    int ret;
    xs *err = NULL;

-    if ((ret = _check_signature(snac, req, &err)) == 0) {
+    if ((ret = _check_signature(snac, req, actor, &err)) == 0) {
        snac_debug(snac, 1, xs_fmt("check_signature %s", err));

        xs *ntid = tid(0);
--- a/snac.h
+++ b/snac.h
@ -139,7 +139,7 @@ d_char *http_signed_request(snac *snac, char *method, char *url,
                        d_char *headers,
                        d_char *body, int b_size,
                        int *status, d_char **payload, int *p_size);
-int check_signature(snac *snac, char *req);
+int check_signature(snac *snac, char *req, char *actor);

 void httpd(void);