LogalDeveloper/owncast
LogalDeveloper/owncast
0
Fork 0
Code

Tweaks for sig verify error message

Browse Source
This commit is contained in:
Gabe Kangas 2022-06-11 15:11:17 -07:00
parent 09d3350d50
commit 0f4aab24a8
No known key found for this signature in database
GPG Key ID: 9A56337728BC81EA
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
activitypub/inbox/worker.go
View File

@ -21,7 +21,7 @@ import (
func handle(request apmodels.InboxRequest) { func handle(request apmodels.InboxRequest) {
if verified, err := Verify(request.Request); err != nil { if verified, err := Verify(request.Request); err != nil {
log.Debugln("Error in attempting to verify request", err) log.Errorln("Error in attempting to verify request", err)
return return
} else if !verified { } else if !verified {
log.Debugln("Request failed verification", err) log.Debugln("Request failed verification", err)
@ -35,6 +35,7 @@ func handle(request apmodels.InboxRequest) {
// Verify will Verify the http signature of an inbound request as well as // Verify will Verify the http signature of an inbound request as well as
// check it against the list of blocked domains. // check it against the list of blocked domains.
// nolint: cyclop
func Verify(request *http.Request) (bool, error) { func Verify(request *http.Request) (bool, error) {
verifier, err := httpsig.NewVerifier(request) verifier, err := httpsig.NewVerifier(request)
if err != nil { if err != nil {
@ -51,6 +52,10 @@ func Verify(request *http.Request) (bool, error) {
} }
signature := request.Header.Get("signature") signature := request.Header.Get("signature")
if signature == "" {
return false, errors.New("http signature header not found in request")
}
var algorithmString string var algorithmString string
signatureComponents := strings.Split(signature, ",") signatureComponents := strings.Split(signature, ",")
for _, component := range signatureComponents { for _, component := range signatureComponents {
@ -102,8 +107,7 @@ func Verify(request *http.Request) (bool, error) {
// The verifier will verify the Digest in addition to the HTTP signature // The verifier will verify the Digest in addition to the HTTP signature
if err := verifier.Verify(parsedKey, algorithm); err != nil { if err := verifier.Verify(parsedKey, algorithm); err != nil {
log.Warnln("verification error for", pubKeyID, err) return false, errors.Wrap(err, algorithmString+" http signature verification error for: "+pubKeyID.String())
return false, errors.Wrap(err, "verification error: "+pubKeyID.String())
} }
return true, nil return true, nil