Verify activitypub payload digests (#885)
This commit is contained in:
parent
0350f4bbeb
commit
916592944a
3 changed files with 12 additions and 6 deletions
4
server/Cargo.lock
generated
vendored
4
server/Cargo.lock
generated
vendored
|
@ -1413,9 +1413,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "http-signature-normalization-actix"
|
||||
version = "0.4.0-alpha.0"
|
||||
version = "0.4.0-alpha.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "09afff6987c7edbed101d1cddd2185786fb0af0dd9c06b654aca73a0a763680f"
|
||||
checksum = "1c6efbc3e600cdd617585f4f15be3726c6942fb2eba3c8c79474c5d3159ad7c0"
|
||||
dependencies = [
|
||||
"actix-http",
|
||||
"actix-web",
|
||||
|
|
2
server/Cargo.toml
vendored
2
server/Cargo.toml
vendored
|
@ -43,7 +43,7 @@ percent-encoding = "2.1.0"
|
|||
comrak = "0.7"
|
||||
openssl = "0.10"
|
||||
http = "0.2.1"
|
||||
http-signature-normalization-actix = { version = "0.4.0-alpha.0", default-features = false, features = ["sha-2"] }
|
||||
http-signature-normalization-actix = { version = "0.4.0-alpha.1", default-features = false, features = ["sha-2"] }
|
||||
base64 = "0.12.1"
|
||||
tokio = "0.2.21"
|
||||
futures = "0.3.5"
|
||||
|
|
|
@ -12,6 +12,8 @@ use crate::{
|
|||
settings::Settings,
|
||||
};
|
||||
use actix_web::*;
|
||||
use http_signature_normalization_actix::digest::middleware::VerifyDigest;
|
||||
use sha2::{Digest, Sha256};
|
||||
|
||||
pub fn config(cfg: &mut web::ServiceConfig) {
|
||||
if Settings::get().federation.enabled {
|
||||
|
@ -38,8 +40,12 @@ pub fn config(cfg: &mut web::ServiceConfig) {
|
|||
.route("/comment/{comment_id}", web::get().to(get_apub_comment)),
|
||||
)
|
||||
// Inboxes dont work with the header guard for some reason.
|
||||
.route("/c/{community_name}/inbox", web::post().to(community_inbox))
|
||||
.route("/u/{user_name}/inbox", web::post().to(user_inbox))
|
||||
.route("/inbox", web::post().to(shared_inbox));
|
||||
.service(
|
||||
web::scope("/")
|
||||
.wrap(VerifyDigest::new(Sha256::new()))
|
||||
.route("/c/{community_name}/inbox", web::post().to(community_inbox))
|
||||
.route("/u/{user_name}/inbox", web::post().to(user_inbox))
|
||||
.route("/inbox", web::post().to(shared_inbox)),
|
||||
);
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue