indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Limit json signature checking to strict mode

merge-requests/30/head
Bob Mottram 2021-01-05 12:20:59 +00:00
parent 584fe93b56
commit 0a5c65e9a2
1 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
inbox.py
View File

@ -2734,7 +2734,7 @@ def runInboxQueue(recentPostsCache: {}, maxRecentPosts: int,
queue.pop(0) queue.pop(0)
continue continue
if checkJsonSignature: if checkJsonSignature and verifyAllSignatures:
# use the original json message received, not one which may have # use the original json message received, not one which may have
# been modified along the way # been modified along the way
if not verifyJsonSignature(queueJson['original'], pubKey): if not verifyJsonSignature(queueJson['original'], pubKey):
@ -2745,12 +2745,11 @@ def runInboxQueue(recentPostsCache: {}, maxRecentPosts: int,
else: else:
print('WARN: jsonld inbox signature check failed ' + print('WARN: jsonld inbox signature check failed ' +
keyId) keyId)
if verifyAllSignatures: if os.path.isfile(queueFilename):
if os.path.isfile(queueFilename): os.remove(queueFilename)
os.remove(queueFilename) if len(queue) > 0:
if len(queue) > 0: queue.pop(0)
queue.pop(0) continue
continue
else: else:
print('jsonld inbox signature check success ' + keyId) print('jsonld inbox signature check success ' + keyId)