mirror of
https://github.com/LemmyNet/lemmy.git
synced 2024-12-25 02:19:27 +00:00
Verify activitypub payload digests (#885)
This commit is contained in:
parent
0350f4bbeb
commit
916592944a
4
server/Cargo.lock
generated
vendored
4
server/Cargo.lock
generated
vendored
|
@ -1413,9 +1413,9 @@ dependencies = [
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "http-signature-normalization-actix"
|
name = "http-signature-normalization-actix"
|
||||||
version = "0.4.0-alpha.0"
|
version = "0.4.0-alpha.1"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "09afff6987c7edbed101d1cddd2185786fb0af0dd9c06b654aca73a0a763680f"
|
checksum = "1c6efbc3e600cdd617585f4f15be3726c6942fb2eba3c8c79474c5d3159ad7c0"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"actix-http",
|
"actix-http",
|
||||||
"actix-web",
|
"actix-web",
|
||||||
|
|
2
server/Cargo.toml
vendored
2
server/Cargo.toml
vendored
|
@ -43,7 +43,7 @@ percent-encoding = "2.1.0"
|
||||||
comrak = "0.7"
|
comrak = "0.7"
|
||||||
openssl = "0.10"
|
openssl = "0.10"
|
||||||
http = "0.2.1"
|
http = "0.2.1"
|
||||||
http-signature-normalization-actix = { version = "0.4.0-alpha.0", default-features = false, features = ["sha-2"] }
|
http-signature-normalization-actix = { version = "0.4.0-alpha.1", default-features = false, features = ["sha-2"] }
|
||||||
base64 = "0.12.1"
|
base64 = "0.12.1"
|
||||||
tokio = "0.2.21"
|
tokio = "0.2.21"
|
||||||
futures = "0.3.5"
|
futures = "0.3.5"
|
||||||
|
|
|
@ -12,6 +12,8 @@ use crate::{
|
||||||
settings::Settings,
|
settings::Settings,
|
||||||
};
|
};
|
||||||
use actix_web::*;
|
use actix_web::*;
|
||||||
|
use http_signature_normalization_actix::digest::middleware::VerifyDigest;
|
||||||
|
use sha2::{Digest, Sha256};
|
||||||
|
|
||||||
pub fn config(cfg: &mut web::ServiceConfig) {
|
pub fn config(cfg: &mut web::ServiceConfig) {
|
||||||
if Settings::get().federation.enabled {
|
if Settings::get().federation.enabled {
|
||||||
|
@ -38,8 +40,12 @@ pub fn config(cfg: &mut web::ServiceConfig) {
|
||||||
.route("/comment/{comment_id}", web::get().to(get_apub_comment)),
|
.route("/comment/{comment_id}", web::get().to(get_apub_comment)),
|
||||||
)
|
)
|
||||||
// Inboxes dont work with the header guard for some reason.
|
// Inboxes dont work with the header guard for some reason.
|
||||||
|
.service(
|
||||||
|
web::scope("/")
|
||||||
|
.wrap(VerifyDigest::new(Sha256::new()))
|
||||||
.route("/c/{community_name}/inbox", web::post().to(community_inbox))
|
.route("/c/{community_name}/inbox", web::post().to(community_inbox))
|
||||||
.route("/u/{user_name}/inbox", web::post().to(user_inbox))
|
.route("/u/{user_name}/inbox", web::post().to(user_inbox))
|
||||||
.route("/inbox", web::post().to(shared_inbox));
|
.route("/inbox", web::post().to(shared_inbox)),
|
||||||
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue