signature failure fix: makeitworksomehowwithoutregardforkeycontinuity
This commit is contained in:
Ted Unangst
parent
3cf015d636
commit
6cbbc38a4d
10
fun.go
10
fun.go
|
|
@ -22,6 +22,7 @@ import (
|
||||||
"html"
|
"html"
|
||||||
"html/template"
|
"html/template"
|
||||||
"log"
|
"log"
|
||||||
|
"net/http"
|
||||||
"regexp"
|
"regexp"
|
||||||
"strings"
|
"strings"
|
||||||
"sync"
|
"sync"
|
||||||
|
|
@ -303,6 +304,15 @@ func zaggy(keyname string) (key *rsa.PublicKey) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func makeitworksomehowwithoutregardforkeycontinuity(keyname string, r *http.Request, payload []byte) (string, error) {
|
||||||
|
db := opendatabase()
|
||||||
|
db.Exec("delete from xonkers where xid = ?", keyname)
|
||||||
|
ziggylock.Lock()
|
||||||
|
delete(zaggies, keyname)
|
||||||
|
ziggylock.Unlock()
|
||||||
|
return zag(r, payload)
|
||||||
|
}
|
||||||
|
|
||||||
func thoudostbitethythumb(userid int64, who string) bool {
|
func thoudostbitethythumb(userid int64, who string) bool {
|
||||||
where := ""
|
where := ""
|
||||||
m := re_unurl.FindStringSubmatch(who)
|
m := re_unurl.FindStringSubmatch(who)
|
||||||
|
|
|
||||||
17
honk.go
17
honk.go
|
|
@ -301,12 +301,17 @@ func inbox(w http.ResponseWriter, r *http.Request) {
|
||||||
keyname, err := zag(r, payload)
|
keyname, err := zag(r, payload)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Printf("inbox message failed signature: %s", err)
|
log.Printf("inbox message failed signature: %s", err)
|
||||||
fd, _ := os.OpenFile("savedinbox.json", os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0666)
|
if keyname != "" {
|
||||||
io.WriteString(fd, "bad signature:\n")
|
keyname, err = makeitworksomehowwithoutregardforkeycontinuity(keyname, r, payload)
|
||||||
WriteJunk(fd, j)
|
}
|
||||||
io.WriteString(fd, "\n")
|
if err != nil {
|
||||||
fd.Close()
|
fd, _ := os.OpenFile("savedinbox.json", os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0666)
|
||||||
return
|
io.WriteString(fd, "bad signature:\n")
|
||||||
|
WriteJunk(fd, j)
|
||||||
|
io.WriteString(fd, "\n")
|
||||||
|
fd.Close()
|
||||||
|
return
|
||||||
|
}
|
||||||
}
|
}
|
||||||
what, _ := jsongetstring(j, "type")
|
what, _ := jsongetstring(j, "type")
|
||||||
if what == "Like" {
|
if what == "Like" {
|
||||||
|
|
|
||||||
4
zig.go
4
zig.go
|
|
@ -124,7 +124,7 @@ func zag(req *http.Request, content []byte) (string, error) {
|
||||||
|
|
||||||
key := zaggy(keyname)
|
key := zaggy(keyname)
|
||||||
if key == nil {
|
if key == nil {
|
||||||
return "", fmt.Errorf("no key for %s", keyname)
|
return keyname, fmt.Errorf("no key for %s", keyname)
|
||||||
}
|
}
|
||||||
headers := strings.Split(heads, " ")
|
headers := strings.Split(heads, " ")
|
||||||
var stuff []string
|
var stuff []string
|
||||||
|
|
@ -146,7 +146,7 @@ func zag(req *http.Request, content []byte) (string, error) {
|
||||||
sig := b64s(bsig)
|
sig := b64s(bsig)
|
||||||
err := rsa.VerifyPKCS1v15(key, crypto.SHA256, h.Sum(nil), sig)
|
err := rsa.VerifyPKCS1v15(key, crypto.SHA256, h.Sum(nil), sig)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return keyname, err
|
||||||
}
|
}
|
||||||
return keyname, nil
|
return keyname, nil
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue