Use the already loaded actor in check_signature().

This commit is contained in:
default 2023-01-10 18:21:00 +01:00
parent d2eae2b369
commit 23eb05ee99
3 changed files with 7 additions and 5 deletions

View file

@ -839,7 +839,7 @@ int process_message(snac *snac, char *msg, char *req)
}
/* check the signature */
if (!check_signature(snac, req)) {
if (!check_signature(snac, req, actor_o)) {
snac_log(snac, xs_fmt("bad signature"));
return 1;
}

8
http.c
View file

@ -103,7 +103,7 @@ d_char *http_signed_request(snac *snac, char *method, char *url,
}
static int _check_signature(snac *snac, char *req, char **err)
static int _check_signature(snac *snac, char *req, char *actor, char **err)
/* check the signature */
{
char *sig_hdr = xs_dict_get(req, "signature");
@ -144,6 +144,7 @@ static int _check_signature(snac *snac, char *req, char **err)
return 0;
}
#if 0
/* strip the # from the keyId */
if ((p = strchr(keyId, '#')) != NULL)
*p = '\0';
@ -154,6 +155,7 @@ static int _check_signature(snac *snac, char *req, char **err)
*err = xs_fmt("unknown actor %s", keyId);
return 0;
}
#endif
if ((p = xs_dict_get(actor, "publicKey")) == NULL ||
((pubkey = xs_dict_get(p, "publicKeyPem")) == NULL)) {
@ -210,13 +212,13 @@ static int _check_signature(snac *snac, char *req, char **err)
}
int check_signature(snac *snac, char *req)
int check_signature(snac *snac, char *req, char *actor)
/* checks the signature and archives the error */
{
int ret;
xs *err = NULL;
if ((ret = _check_signature(snac, req, &err)) == 0) {
if ((ret = _check_signature(snac, req, actor, &err)) == 0) {
snac_debug(snac, 1, xs_fmt("check_signature %s", err));
xs *ntid = tid(0);

2
snac.h
View file

@ -139,7 +139,7 @@ d_char *http_signed_request(snac *snac, char *method, char *url,
d_char *headers,
d_char *body, int b_size,
int *status, d_char **payload, int *p_size);
int check_signature(snac *snac, char *req);
int check_signature(snac *snac, char *req, char *actor);
void httpd(void);