From 6cbbc38a4d99403e1d766be28b879276d3831746 Mon Sep 17 00:00:00 2001
From: Ted Unangst <tedu@tedunangst.com>
Date: Sat, 20 Apr 2019 16:12:41 -0400
Subject: [PATCH] signature failure fix:
 makeitworksomehowwithoutregardforkeycontinuity

---
 fun.go  | 10 ++++++++++
 honk.go | 17 +++++++++++------
 zig.go  |  4 ++--
 3 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/fun.go b/fun.go
index 9435acf..72f8d42 100644
--- a/fun.go
+++ b/fun.go
@@ -22,6 +22,7 @@ import (
 	"html"
 	"html/template"
 	"log"
+	"net/http"
 	"regexp"
 	"strings"
 	"sync"
@@ -303,6 +304,15 @@ func zaggy(keyname string) (key *rsa.PublicKey) {
 	return
 }
 
+func makeitworksomehowwithoutregardforkeycontinuity(keyname string, r *http.Request, payload []byte) (string, error) {
+	db := opendatabase()
+	db.Exec("delete from xonkers where xid = ?", keyname)
+	ziggylock.Lock()
+	delete(zaggies, keyname)
+	ziggylock.Unlock()
+	return zag(r, payload)
+}
+
 func thoudostbitethythumb(userid int64, who string) bool {
 	where := ""
 	m := re_unurl.FindStringSubmatch(who)
diff --git a/honk.go b/honk.go
index 9a42929..3bef158 100644
--- a/honk.go
+++ b/honk.go
@@ -301,12 +301,17 @@ func inbox(w http.ResponseWriter, r *http.Request) {
 	keyname, err := zag(r, payload)
 	if err != nil {
 		log.Printf("inbox message failed signature: %s", err)
-		fd, _ := os.OpenFile("savedinbox.json", os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0666)
-		io.WriteString(fd, "bad signature:\n")
-		WriteJunk(fd, j)
-		io.WriteString(fd, "\n")
-		fd.Close()
-		return
+		if keyname != "" {
+			keyname, err = makeitworksomehowwithoutregardforkeycontinuity(keyname, r, payload)
+		}
+		if err != nil {
+			fd, _ := os.OpenFile("savedinbox.json", os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0666)
+			io.WriteString(fd, "bad signature:\n")
+			WriteJunk(fd, j)
+			io.WriteString(fd, "\n")
+			fd.Close()
+			return
+		}
 	}
 	what, _ := jsongetstring(j, "type")
 	if what == "Like" {
diff --git a/zig.go b/zig.go
index dddae5d..0b63175 100644
--- a/zig.go
+++ b/zig.go
@@ -124,7 +124,7 @@ func zag(req *http.Request, content []byte) (string, error) {
 
 	key := zaggy(keyname)
 	if key == nil {
-		return "", fmt.Errorf("no key for %s", keyname)
+		return keyname, fmt.Errorf("no key for %s", keyname)
 	}
 	headers := strings.Split(heads, " ")
 	var stuff []string
@@ -146,7 +146,7 @@ func zag(req *http.Request, content []byte) (string, error) {
 	sig := b64s(bsig)
 	err := rsa.VerifyPKCS1v15(key, crypto.SHA256, h.Sum(nil), sig)
 	if err != nil {
-		return "", err
+		return keyname, err
 	}
 	return keyname, nil
 }