squeegily/pleroma
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

activitypub: publisher: add (request-target) to http signature when POSTing

Browse Source
This commit is contained in:
Ariadne Conill 2019-08-14 19:00:48 +00:00
parent acc3c0ed58
commit 974488a52e
2 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -6,6 +6,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
## [1.0.6] - 2019-08-14 ## [1.0.6] - 2019-08-14
### Fixed ### Fixed
- MRF: fix use of unserializable keyword lists in describe() implementations - MRF: fix use of unserializable keyword lists in describe() implementations
- ActivityPub S2S: POST requests are now signed with `(request-target)` pseudo-header.
## [1.0.5] - 2019-08-13 ## [1.0.5] - 2019-08-13
### Fixed ### Fixed

5
lib/pleroma/web/activity_pub/publisher.ex
View File

@ -44,7 +44,9 @@ defmodule Pleroma.Web.ActivityPub.Publisher do
""" """
def publish_one(%{inbox: inbox, json: json, actor: %User{} = actor, id: id} = params) do def publish_one(%{inbox: inbox, json: json, actor: %User{} = actor, id: id} = params) do
Logger.info("Federating #{id} to #{inbox}") Logger.info("Federating #{id} to #{inbox}")
host = URI.parse(inbox).host uri = URI.parse(inbox)
host = uri.host
path = uri.path
digest = "SHA-256=" <> (:crypto.hash(:sha256, json) |> Base.encode64()) digest = "SHA-256=" <> (:crypto.hash(:sha256, json) |> Base.encode64())
@ -54,6 +56,7 @@ defmodule Pleroma.Web.ActivityPub.Publisher do
signature = signature =
Pleroma.Signature.sign(actor, %{ Pleroma.Signature.sign(actor, %{
"(request-target)": "post #{path}",
host: host, host: host,
"content-length": byte_size(json), "content-length": byte_size(json),
digest: digest, digest: digest,