rafaelcaricio/relay
1
0
Fork 0
forked from mirrors/relay
Code Pull requests Activity

Require publicKey, check actor's public key for agreement

Browse source
This commit is contained in:
asonix 2020-03-17 15:52:26 -05:00
parent a7b4a81197
commit 489a5ff023
4 changed files with 10 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/apub.rs
View file

@ -82,8 +82,7 @@ pub struct AcceptedActors {
pub endpoints: Endpoints,
#[serde(skip_serializing_if = "Option::is_none")]
pub public_key: Option<PublicKey>,
pub public_key: PublicKey,
}
#[derive(Clone, Debug, serde::Deserialize, serde::Serialize)]

3
src/error.rs
View file

@ -59,9 +59,6 @@ pub enum MyError {
#[error("URI is missing domain field")]
Domain,
#[error("Public key is missing")]
MissingKey,
}
impl ResponseError for MyError {

16
src/inbox.rs
View file

@ -27,7 +27,14 @@ pub async fn inbox(
) -> Result<HttpResponse, MyError> {
let input = input.into_inner();
if input.actor.as_str() != verified.key_id() {
let actor = fetch_actor(
state.clone().into_inner(),
client.clone().into_inner(),
&input.actor,
)
.await?;
if actor.public_key.id.as_str() != verified.key_id() {
error!(
"Request payload and requestor disagree on actor, {} != {}",
input.actor,
@ -36,13 +43,6 @@ pub async fn inbox(
return Err(MyError::BadActor);
}
let actor = fetch_actor(
state.clone().into_inner(),
client.clone().into_inner(),
&input.actor,
)
.await?;
match input.kind {
ValidTypes::Announce | ValidTypes::Create => {
handle_relay(state, client, input, actor).await

4
src/verifier.rs
View file

@ -50,10 +50,8 @@ async fn verify(
debug!("Fetching actor");
let actor = fetch_actor(state, client, &key_id.parse()?).await?;
let public_key = actor.public_key.ok_or(MyError::MissingKey)?;
debug!("Parsing public key");
let public_key = RSAPublicKey::from_pem_pkcs8(&public_key.public_key_pem)?;
let public_key = RSAPublicKey::from_pem_pkcs8(&actor.public_key.public_key_pem)?;
match algorithm {
Some(Algorithm::Hs2019) => (),