commit e550e86afbba28c234ebc15aac17c45de0290fdb
parent 725508640117c24150fb18811e477fae4e2e9c85
Author: default <nobody@localhost>
Date: Tue, 27 Sep 2022 07:16:46 +0200
Check the digest before enqueueing.
Diffstat:
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/activitypub.c b/activitypub.c
@@ -6,6 +6,7 @@
#include "xs_json.h"
#include "xs_curl.h"
#include "xs_mime.h"
+#include "xs_openssl.h"
#include "snac.h"
@@ -311,7 +312,7 @@ void process_message(snac *snac, char *msg, char *req)
timeline_request(snac, in_reply_to, NULL);
- if (timeline_add(snac, id, msg, in_reply_to, NULL))
+ if (timeline_add(snac, id, object, in_reply_to, NULL))
snac_log(snac, xs_fmt("new 'Note' %s %s", actor, id));
}
}
@@ -551,6 +552,7 @@ int activitypub_post_handler(d_char *req, char *q_path,
int status = 202; /* accepted */
char *i_ctype = xs_dict_get(req, "content-type");
snac snac;
+ char *v;
if (i_ctype == NULL)
return 400;
@@ -584,6 +586,18 @@ int activitypub_post_handler(d_char *req, char *q_path,
return 404;
}
+ /* if it has a digest, check it now, because
+ later the payload won't be exactly the same */
+ if ((v = xs_dict_get(req, "digest")) != NULL) {
+ xs *s1 = xs_sha256_base64(payload, p_size);
+ xs *s2 = xs_fmt("SHA-256=%s", s1);
+
+ if (strcmp(s2, v) == 0)
+ srv_log(xs_fmt("digest check OK"));
+ else
+ srv_log(xs_fmt("digest check FAILED"));
+ }
+
enqueue_input(&snac, msg, req);
user_free(&snac);
