diff options
author | Chocobozzz <florian.bigard@gmail.com> | 2017-11-24 14:36:28 +0100 |
---|---|---|
committer | Chocobozzz <florian.bigard@gmail.com> | 2017-11-27 19:40:53 +0100 |
commit | f10336cad0949c301a46c87b7d2b8010999b23bb (patch) | |
tree | 5dd2fa5c52158834c62b5f531d83f64f409ec045 | |
parent | 63c93323ecdeaa4b6183d75dd3f13469e1ef3ebd (diff) | |
download | PeerTube-f10336cad0949c301a46c87b7d2b8010999b23bb.tar.gz PeerTube-f10336cad0949c301a46c87b7d2b8010999b23bb.tar.zst PeerTube-f10336cad0949c301a46c87b7d2b8010999b23bb.zip |
Check signature is correct with the activity pub actor
-rw-r--r-- | server/controllers/activitypub/inbox.ts | 2 | ||||
-rw-r--r-- | server/lib/activitypub/process/process.ts | 8 |
2 files changed, 8 insertions, 2 deletions
diff --git a/server/controllers/activitypub/inbox.ts b/server/controllers/activitypub/inbox.ts index 243ae7381..92bd20ddb 100644 --- a/server/controllers/activitypub/inbox.ts +++ b/server/controllers/activitypub/inbox.ts | |||
@@ -48,7 +48,7 @@ async function inboxController (req: express.Request, res: express.Response, nex | |||
48 | activities = activities.filter(a => isActivityValid(a)) | 48 | activities = activities.filter(a => isActivityValid(a)) |
49 | logger.debug('We keep %d activities.', activities.length, { activities }) | 49 | logger.debug('We keep %d activities.', activities.length, { activities }) |
50 | 50 | ||
51 | await processActivities(activities, res.locals.account) | 51 | await processActivities(activities, res.locals.signature.account, res.locals.account) |
52 | 52 | ||
53 | res.status(204).end() | 53 | res.status(204).end() |
54 | } | 54 | } |
diff --git a/server/lib/activitypub/process/process.ts b/server/lib/activitypub/process/process.ts index 40f19c701..54981c289 100644 --- a/server/lib/activitypub/process/process.ts +++ b/server/lib/activitypub/process/process.ts | |||
@@ -23,8 +23,14 @@ const processActivity: { [ P in ActivityType ]: (activity: Activity, inboxAccoun | |||
23 | Like: processLikeActivity | 23 | Like: processLikeActivity |
24 | } | 24 | } |
25 | 25 | ||
26 | async function processActivities (activities: Activity[], inboxAccount?: AccountInstance) { | 26 | async function processActivities (activities: Activity[], signatureAccount?: AccountInstance, inboxAccount?: AccountInstance) { |
27 | for (const activity of activities) { | 27 | for (const activity of activities) { |
28 | // When we fetch remote data, we don't have signature | ||
29 | if (signatureAccount && activity.actor !== signatureAccount.url) { | ||
30 | logger.warn('Signature mismatch between %s and %s.', activity.actor, signatureAccount.url) | ||
31 | continue | ||
32 | } | ||
33 | |||
28 | const activityProcessor = processActivity[activity.type] | 34 | const activityProcessor = processActivity[activity.type] |
29 | if (activityProcessor === undefined) { | 35 | if (activityProcessor === undefined) { |
30 | logger.warn('Unknown activity type %s.', activity.type, { activityId: activity.id }) | 36 | logger.warn('Unknown activity type %s.', activity.type, { activityId: activity.id }) |