1 files changed, 16 insertions, 10 deletions

diff --git a/src/queue/processors/inbox.ts b/src/queue/processors/inbox.ts
index 16badabcf7..481bcbb1c4 100644
--- a/src/queue/processors/inbox.ts
+++ b/src/queue/processors/inbox.ts
@@ -4,7 +4,6 @@ import parseAcct from '../../misc/acct/parse';
 import { IRemoteUser } from '../../models/entities/user';
 import perform from '../../remote/activitypub/perform';
 import { resolvePerson, updatePerson } from '../../remote/activitypub/models/person';
-import { toUnicode } from 'punycode';
 import { URL } from 'url';
 import { publishApLogStream } from '../../services/stream';
 import Logger from '../../services/logger';
@@ -13,6 +12,7 @@ import { Instances, Users, UserPublickeys } from '../../models';
 import { instanceChart } from '../../services/chart';
 import { UserPublickey } from '../../models/entities/user-publickey';
 import fetchMeta from '../../misc/fetch-meta';
+import { toPuny } from '../../misc/convert-host';
 
 const logger = new Logger('inbox');
 
@@ -33,7 +33,10 @@ export default async (job: Bull.Job): Promise<void> => {
 	let key: UserPublickey;
 
 	if (keyIdLower.startsWith('acct:')) {
-		const { username, host } = parseAcct(keyIdLower.slice('acct:'.length));
+		const acct = parseAcct(keyIdLower.slice('acct:'.length));
+		const host = toPuny(acct.host);
+		const username = toPuny(acct.username);
+
 		if (host === null) {
 			logger.warn(`request was made by local user: @${username}`);
 			return;
@@ -50,19 +53,22 @@ export default async (job: Bull.Job): Promise<void> => {
 		// ブロックしてたら中断
 		// TODO: いちいちデータベースにアクセスするのはコスト高そうなのでどっかにキャッシュしておく
 		const meta = await fetchMeta();
-		if (meta.blockedHosts.includes(host.toLowerCase())) {
+		if (meta.blockedHosts.includes(host)) {
 			logger.info(`Blocked request: ${host}`);
 			return;
 		}
 
-		user = await Users.findOne({ usernameLower: username, host: host.toLowerCase() }) as IRemoteUser;
+		user = await Users.findOne({
+			usernameLower: username.toLowerCase(),
+			host: host
+		}) as IRemoteUser;
 
 		key = await UserPublickeys.findOne({
 			userId: user.id
 		});
 	} else {
 		// アクティビティ内のホストの検証
-		const host = toUnicode(new URL(signature.keyId).hostname.toLowerCase());
+		const host = toPuny(new URL(signature.keyId).hostname);
 		try {
 			ValidateActivity(activity, host);
 		} catch (e) {
@@ -73,7 +79,7 @@ export default async (job: Bull.Job): Promise<void> => {
 		// ブロックしてたら中断
 		// TODO: いちいちデータベースにアクセスするのはコスト高そうなのでどっかにキャッシュしておく
 		const meta = await fetchMeta();
-		if (meta.blockedHosts.includes(host.toLowerCase())) {
+		if (meta.blockedHosts.includes(host)) {
 			logger.info(`Blocked request: ${host}`);
 			return;
 		}
@@ -145,7 +151,7 @@ export default async (job: Bull.Job): Promise<void> => {
 function ValidateActivity(activity: any, host: string) {
 	// id (if exists)
 	if (typeof activity.id === 'string') {
-		const uriHost = toUnicode(new URL(activity.id).hostname.toLowerCase());
+		const uriHost = toPuny(new URL(activity.id).hostname);
 		if (host !== uriHost) {
 			const diag = activity.signature ? '. Has LD-Signature. Forwarded?' : '';
 			throw new Error(`activity.id(${activity.id}) has different host(${host})${diag}`);
@@ -154,7 +160,7 @@ function ValidateActivity(activity: any, host: string) {
 
 	// actor (if exists)
 	if (typeof activity.actor === 'string') {
-		const uriHost = toUnicode(new URL(activity.actor).hostname.toLowerCase());
+		const uriHost = toPuny(new URL(activity.actor).hostname);
 		if (host !== uriHost) throw new Error('activity.actor has different host');
 	}
 
@@ -162,13 +168,13 @@ function ValidateActivity(activity: any, host: string) {
 	if (activity.type === 'Create' && activity.object) {
 		// object.id (if exists)
 		if (typeof activity.object.id === 'string') {
-			const uriHost = toUnicode(new URL(activity.object.id).hostname.toLowerCase());
+			const uriHost = toPuny(new URL(activity.object.id).hostname);
 			if (host !== uriHost) throw new Error('activity.object.id has different host');
 		}
 
 		// object.attributedTo (if exists)
 		if (typeof activity.object.attributedTo === 'string') {
-			const uriHost = toUnicode(new URL(activity.object.attributedTo).hostname.toLowerCase());
+			const uriHost = toPuny(new URL(activity.object.attributedTo).hostname);
 			if (host !== uriHost) throw new Error('activity.object.attributedTo has different host');
 		}
 	}