diff --git a/daemon.py b/daemon.py index 3516bd8b..a1302c40 100644 --- a/daemon.py +++ b/daemon.py @@ -223,8 +223,10 @@ class PubServer(BaseHTTPRequestHandler): self.server.GETbusy=False return # look up a person + print('************personLookup start '+self.server.domain+' '+self.path+' '+self.server.baseDir) getPerson = personLookup(self.server.domain,self.path, \ self.server.baseDir) + print('************personLookup end '+str(getPerson)) if getPerson: self._set_headers('application/json') self.wfile.write(json.dumps(getPerson).encode('utf-8')) @@ -391,6 +393,7 @@ class PubServer(BaseHTTPRequestHandler): self.postToNickname, \ self.server.domain, \ messageJson, + self.headers['host'], self.headers['signature']) if cacheFilename: if cacheFilename not in self.server.inboxQueue: @@ -425,7 +428,7 @@ def runDaemon(baseDir: str,domain: str,port=80,httpPrefix='https',fedList=[],use httpd.httpPrefix=httpPrefix httpd.debug=debug httpd.federationList=fedList.copy() - httpd.baseDir=os.getcwd() + httpd.baseDir=baseDir httpd.personCache={} httpd.cachedWebfingers={} httpd.useTor=useTor diff --git a/inbox.py b/inbox.py index 9dd55fd9..80cd1f4a 100644 --- a/inbox.py +++ b/inbox.py @@ -20,9 +20,9 @@ from session import getJson from follow import receiveFollowRequest from pprint import pprint from cache import getPersonFromCache +from cache import storePersonInCache def getPersonPubKey(session,personUrl: str,personCache: {},debug: bool) -> str: - asHeader = {'Accept': 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'} if not personUrl: return None personUrl=personUrl.replace('#main-key','') @@ -30,6 +30,7 @@ def getPersonPubKey(session,personUrl: str,personCache: {},debug: bool) -> str: if not personJson: if debug: print('DEBUG: Obtaining public key for '+personUrl) + asHeader = {'Accept': 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'} personJson = getJson(session,personUrl,asHeader,None) if not personJson: return None @@ -87,7 +88,7 @@ def validPublishedDate(published) -> bool: return False return True -def savePostToInboxQueue(baseDir: str,httpPrefix: str,nickname: str, domain: str,postJson: {},headers: str) -> str: +def savePostToInboxQueue(baseDir: str,httpPrefix: str,nickname: str, domain: str,postJson: {},host: str,headers: str) -> str: """Saves the give json to the inbox queue for the person keyId specifies the actor sending the post """ @@ -111,6 +112,7 @@ def savePostToInboxQueue(baseDir: str,httpPrefix: str,nickname: str, domain: str newQueueItem = { 'published': published, + 'host': host, 'headers': headers, 'post': postJson, 'filename': filename, @@ -185,10 +187,14 @@ def runInboxQueue(baseDir: str,httpPrefix: str,personCache: {},queue: [],domain: continue # check the signature + verifyHeaders={ + 'host': queueJson['host'], + 'signature': queueJson['headers'] + } if not verifyPostHeaders(httpPrefix, \ - pubKey, queueJson.headers, \ + pubKey, verifyHeaders, \ '/inbox', False, \ - json.dumps(messageJson)): + json.dumps(queueJson['post'])): if debug: print('DEBUG: Header signature check failed') os.remove(queueFilename) @@ -199,7 +205,7 @@ def runInboxQueue(baseDir: str,httpPrefix: str,personCache: {},queue: [],domain: print('DEBUG: Signature check success') if receiveFollowRequest(baseDir, \ - queueJson.post, \ + queueJson['post'], \ federationList): if debug: diff --git a/tests.py b/tests.py index 0776de39..57a5f78d 100644 --- a/tests.py +++ b/tests.py @@ -189,7 +189,7 @@ def testPostMessageBetweenServers(): while not (testServerAliceRunning and testServerBobRunning): time.sleep(1) - time.sleep(8) + time.sleep(1) print('Alice sends to Bob') os.chdir(aliceDir) @@ -208,7 +208,7 @@ def testPostMessageBetweenServers(): sendResult = sendPost(sessionAlice,aliceDir,'alice', aliceDomain, alicePort, 'bob', bobDomain, bobPort, ccUrl, httpPrefix, 'Why is a mouse when it spins?', followersOnly, saveToFile, clientToServer, federationList, aliceSendThreads, alicePostLog, aliceCachedWebfingers,alicePersonCache,inReplyTo, inReplyToAtomUri, subject) print('sendResult: '+str(sendResult)) - for i in range(60): + for i in range(5): time.sleep(1) # stop the servers