aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorChocobozzz <florian.bigard@gmail.com>2017-11-24 14:36:28 +0100
committerChocobozzz <florian.bigard@gmail.com>2017-11-27 19:40:53 +0100
commitf10336cad0949c301a46c87b7d2b8010999b23bb (patch)
tree5dd2fa5c52158834c62b5f531d83f64f409ec045
parent63c93323ecdeaa4b6183d75dd3f13469e1ef3ebd (diff)
downloadPeerTube-f10336cad0949c301a46c87b7d2b8010999b23bb.tar.gz
PeerTube-f10336cad0949c301a46c87b7d2b8010999b23bb.tar.zst
PeerTube-f10336cad0949c301a46c87b7d2b8010999b23bb.zip
Check signature is correct with the activity pub actor
-rw-r--r--server/controllers/activitypub/inbox.ts2
-rw-r--r--server/lib/activitypub/process/process.ts8
2 files changed, 8 insertions, 2 deletions
diff --git a/server/controllers/activitypub/inbox.ts b/server/controllers/activitypub/inbox.ts
index 243ae7381..92bd20ddb 100644
--- a/server/controllers/activitypub/inbox.ts
+++ b/server/controllers/activitypub/inbox.ts
@@ -48,7 +48,7 @@ async function inboxController (req: express.Request, res: express.Response, nex
48 activities = activities.filter(a => isActivityValid(a)) 48 activities = activities.filter(a => isActivityValid(a))
49 logger.debug('We keep %d activities.', activities.length, { activities }) 49 logger.debug('We keep %d activities.', activities.length, { activities })
50 50
51 await processActivities(activities, res.locals.account) 51 await processActivities(activities, res.locals.signature.account, res.locals.account)
52 52
53 res.status(204).end() 53 res.status(204).end()
54} 54}
diff --git a/server/lib/activitypub/process/process.ts b/server/lib/activitypub/process/process.ts
index 40f19c701..54981c289 100644
--- a/server/lib/activitypub/process/process.ts
+++ b/server/lib/activitypub/process/process.ts
@@ -23,8 +23,14 @@ const processActivity: { [ P in ActivityType ]: (activity: Activity, inboxAccoun
23 Like: processLikeActivity 23 Like: processLikeActivity
24} 24}
25 25
26async function processActivities (activities: Activity[], inboxAccount?: AccountInstance) { 26async function processActivities (activities: Activity[], signatureAccount?: AccountInstance, inboxAccount?: AccountInstance) {
27 for (const activity of activities) { 27 for (const activity of activities) {
28 // When we fetch remote data, we don't have signature
29 if (signatureAccount && activity.actor !== signatureAccount.url) {
30 logger.warn('Signature mismatch between %s and %s.', activity.actor, signatureAccount.url)
31 continue
32 }
33
28 const activityProcessor = processActivity[activity.type] 34 const activityProcessor = processActivity[activity.type]
29 if (activityProcessor === undefined) { 35 if (activityProcessor === undefined) {
30 logger.warn('Unknown activity type %s.', activity.type, { activityId: activity.id }) 36 logger.warn('Unknown activity type %s.', activity.type, { activityId: activity.id })