aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
Diffstat
-rw-r--r--server/helpers/core-utils.ts6
-rw-r--r--server/lib/job-queue/handlers/activitypub-http-broadcast.ts5
-rw-r--r--server/lib/job-queue/handlers/activitypub-http-unicast.ts5
-rw-r--r--server/lib/job-queue/handlers/utils/activitypub-http-utils.ts19
4 files changed, 25 insertions, 10 deletions
diff --git a/server/helpers/core-utils.ts b/server/helpers/core-utils.ts
index 00bc0bdda..224e4fe92 100644
--- a/server/helpers/core-utils.ts
+++ b/server/helpers/core-utils.ts
@@ -5,7 +5,7 @@
5 5
6import * as bcrypt from 'bcrypt' 6import * as bcrypt from 'bcrypt'
7import * as createTorrent from 'create-torrent' 7import * as createTorrent from 'create-torrent'
8import { createHash, pseudoRandomBytes } from 'crypto' 8import { createHash, HexBase64Latin1Encoding, pseudoRandomBytes } from 'crypto'
9import { isAbsolute, join } from 'path' 9import { isAbsolute, join } from 'path'
10import * as pem from 'pem' 10import * as pem from 'pem'
11import { URL } from 'url' 11import { URL } from 'url'
@@ -126,8 +126,8 @@ function peertubeTruncate (str: string, maxLength: number) {
126 return truncate(str, options) 126 return truncate(str, options)
127} 127}
128 128
129function sha256 (str: string) { 129function sha256 (str: string, encoding: HexBase64Latin1Encoding = 'hex') {
130 return createHash('sha256').update(str).digest('hex') 130 return createHash('sha256').update(str).digest(encoding)
131} 131}
132 132
133function promisify0<A> (func: (cb: (err: any, result: A) => void) => void): () => Promise<A> { 133function promisify0<A> (func: (cb: (err: any, result: A) => void) => void): () => Promise<A> {
diff --git a/server/lib/job-queue/handlers/activitypub-http-broadcast.ts b/server/lib/job-queue/handlers/activitypub-http-broadcast.ts
index 03a9e12a4..abbd89b3b 100644
--- a/server/lib/job-queue/handlers/activitypub-http-broadcast.ts
+++ b/server/lib/job-queue/handlers/activitypub-http-broadcast.ts
@@ -3,7 +3,7 @@ import * as Bluebird from 'bluebird'
3import { logger } from '../../../helpers/logger' 3import { logger } from '../../../helpers/logger'
4import { doRequest } from '../../../helpers/requests' 4import { doRequest } from '../../../helpers/requests'
5import { ActorFollowModel } from '../../../models/activitypub/actor-follow' 5import { ActorFollowModel } from '../../../models/activitypub/actor-follow'
6import { buildSignedRequestOptions, computeBody } from './utils/activitypub-http-utils' 6import { buildGlobalHeaders, buildSignedRequestOptions, computeBody } from './utils/activitypub-http-utils'
7import { BROADCAST_CONCURRENCY, JOB_REQUEST_TIMEOUT } from '../../../initializers' 7import { BROADCAST_CONCURRENCY, JOB_REQUEST_TIMEOUT } from '../../../initializers'
8 8
9export type ActivitypubHttpBroadcastPayload = { 9export type ActivitypubHttpBroadcastPayload = {
@@ -25,7 +25,8 @@ async function processActivityPubHttpBroadcast (job: Bull.Job) {
25 uri: '', 25 uri: '',
26 json: body, 26 json: body,
27 httpSignature: httpSignatureOptions, 27 httpSignature: httpSignatureOptions,
28 timeout: JOB_REQUEST_TIMEOUT 28 timeout: JOB_REQUEST_TIMEOUT,
29 headers: buildGlobalHeaders(body)
29 } 30 }
30 31
31 const badUrls: string[] = [] 32 const badUrls: string[] = []
diff --git a/server/lib/job-queue/handlers/activitypub-http-unicast.ts b/server/lib/job-queue/handlers/activitypub-http-unicast.ts
index c90d735f6..d36479032 100644
--- a/server/lib/job-queue/handlers/activitypub-http-unicast.ts
+++ b/server/lib/job-queue/handlers/activitypub-http-unicast.ts
@@ -2,7 +2,7 @@ import * as Bull from 'bull'
2import { logger } from '../../../helpers/logger' 2import { logger } from '../../../helpers/logger'
3import { doRequest } from '../../../helpers/requests' 3import { doRequest } from '../../../helpers/requests'
4import { ActorFollowModel } from '../../../models/activitypub/actor-follow' 4import { ActorFollowModel } from '../../../models/activitypub/actor-follow'
5import { buildSignedRequestOptions, computeBody } from './utils/activitypub-http-utils' 5import { buildGlobalHeaders, buildSignedRequestOptions, computeBody } from './utils/activitypub-http-utils'
6import { JOB_REQUEST_TIMEOUT } from '../../../initializers' 6import { JOB_REQUEST_TIMEOUT } from '../../../initializers'
7 7
8export type ActivitypubHttpUnicastPayload = { 8export type ActivitypubHttpUnicastPayload = {
@@ -25,7 +25,8 @@ async function processActivityPubHttpUnicast (job: Bull.Job) {
25 uri, 25 uri,
26 json: body, 26 json: body,
27 httpSignature: httpSignatureOptions, 27 httpSignature: httpSignatureOptions,
28 timeout: JOB_REQUEST_TIMEOUT 28 timeout: JOB_REQUEST_TIMEOUT,
29 headers: buildGlobalHeaders(body)
29 } 30 }
30 31
31 try { 32 try {
diff --git a/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts b/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts
index 36092665e..d71c91a24 100644
--- a/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts
+++ b/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts
@@ -1,8 +1,11 @@
1import { buildSignedActivity } from '../../../../helpers/activitypub' 1import { buildSignedActivity } from '../../../../helpers/activitypub'
2import { getServerActor } from '../../../../helpers/utils' 2import { getServerActor } from '../../../../helpers/utils'
3import { ActorModel } from '../../../../models/activitypub/actor' 3import { ActorModel } from '../../../../models/activitypub/actor'
4import { sha256 } from '../../../../helpers/core-utils'
4 5
5async function computeBody (payload: { body: any, signatureActorId?: number }) { 6type Payload = { body: any, signatureActorId?: number }
7
8async function computeBody (payload: Payload) {
6 let body = payload.body 9 let body = payload.body
7 10
8 if (payload.signatureActorId) { 11 if (payload.signatureActorId) {
@@ -14,7 +17,7 @@ async function computeBody (payload: { body: any, signatureActorId?: number }) {
14 return body 17 return body
15} 18}
16 19
17async function buildSignedRequestOptions (payload: { signatureActorId?: number }) { 20async function buildSignedRequestOptions (payload: Payload) {
18 let actor: ActorModel | null 21 let actor: ActorModel | null
19 if (payload.signatureActorId) { 22 if (payload.signatureActorId) {
20 actor = await ActorModel.load(payload.signatureActorId) 23 actor = await ActorModel.load(payload.signatureActorId)
@@ -29,11 +32,21 @@ async function buildSignedRequestOptions (payload: { signatureActorId?: number }
29 algorithm: 'rsa-sha256', 32 algorithm: 'rsa-sha256',
30 authorizationHeaderName: 'Signature', 33 authorizationHeaderName: 'Signature',
31 keyId, 34 keyId,
32 key: actor.privateKey 35 key: actor.privateKey,
36 headers: [ 'date', 'host', 'digest', '(request-target)' ]
37 }
38}
39
40function buildGlobalHeaders (body: object) {
41 const digest = 'SHA-256=' + sha256(JSON.stringify(body), 'base64')
42
43 return {
44 'Digest': digest
33 } 45 }
34} 46}
35 47
36export { 48export {
49 buildGlobalHeaders,
37 computeBody, 50 computeBody,
38 buildSignedRequestOptions 51 buildSignedRequestOptions
39} 52}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-12 05:00:47 +0000