mj-saunders
/
epicyon
forked from indymedia/epicyon
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Separate content-length check

main
Bob Mottram 2019-11-12 16:48:05 +00:00
parent a37e401440
commit 9d7bff34ec
1 changed files with 8 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
httpsig.py
View File

@ -190,17 +190,15 @@ def verifyPostHeaders(httpPrefix: str,publicKeyPem: str,headers: dict, \
signedHeaderList.append(f'digest: SHA-256={bodyDigest}') signedHeaderList.append(f'digest: SHA-256={bodyDigest}')
#print('***************************Verify digest: SHA-256='+bodyDigest) #print('***************************Verify digest: SHA-256='+bodyDigest)
#print('***************************Verify messageBodyJsonStr: '+messageBodyJsonStr) #print('***************************Verify messageBodyJsonStr: '+messageBodyJsonStr)
elif signedHeader == 'content-length' or signedHeader == 'Content-Length':
if int(headers[signedHeader])!=contentLength:
if debug:
print('DEBUG: verifyPostHeaders content-length does not match '+headers[signedHeader]+' != '+str(contentLength))
return False
signedHeaderList.append(f'content-length: '+headers[signedHeader])
else: else:
if headers.get(signedHeader): if headers.get(signedHeader):
if signedHeader=='content-length': if signedHeader=='date':
if int(headers[signedHeader])!=contentLength:
if debug:
print('DEBUG: verifyPostHeaders content-length does not match '+headers[signedHeader]+' != '+str(contentLength))
return False
elif debug:
print('DEBUG: verifyPostHeaders content-length matches '+headers[signedHeader])
elif signedHeader=='date':
if not verifyRecentSignature(headers[signedHeader]): if not verifyRecentSignature(headers[signedHeader]):
if debug: if debug:
print('DEBUG: verifyPostHeaders date is not recent '+headers[signedHeader]) print('DEBUG: verifyPostHeaders date is not recent '+headers[signedHeader])
@ -210,15 +208,7 @@ def verifyPostHeaders(httpPrefix: str,publicKeyPem: str,headers: dict, \
f'{signedHeader}: {headers[signedHeader]}') f'{signedHeader}: {headers[signedHeader]}')
else: else:
signedHeaderCap=signedHeader.capitalize() signedHeaderCap=signedHeader.capitalize()
if signedHeader=='Content-Length': if signedHeaderCap=='Date':
signedHeaderCap=signedHeader
if int(headers[signedHeader])!=contentLength:
if debug:
print('DEBUG: verifyPostHeaders Content-Length does not match '+headers[signedHeader]+' != '+str(contentLength))
return False
elif debug:
print('DEBUG: verifyPostHeaders Content-Length matches '+headers[signedHeader])
elif signedHeaderCap=='Date':
if not verifyRecentSignature(headers[signedHeaderCap]): if not verifyRecentSignature(headers[signedHeaderCap]):
if debug: if debug:
print('DEBUG: verifyPostHeaders date is not recent '+headers[signedHeader]) print('DEBUG: verifyPostHeaders date is not recent '+headers[signedHeader])