From 145389768d434c46bd24662488294eead7d3addb Mon Sep 17 00:00:00 2001
From: MeiMei <30769358+mei23@users.noreply.github.com>
Date: Sun, 10 May 2020 18:42:31 +0900
Subject: pub-relay (#6341)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* pub-relay

* relay actorをApplicationにする

* Disable koa-compress

* Homeはリレーに送らない

* Disable debug

* UI

* cleanupなど
---
 src/queue/processors/inbox.ts | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

(limited to 'src/queue')

diff --git a/src/queue/processors/inbox.ts b/src/queue/processors/inbox.ts
index f37f663ed5..3a0bdbe28a 100644
--- a/src/queue/processors/inbox.ts
+++ b/src/queue/processors/inbox.ts
@@ -56,12 +56,10 @@ export default async (job: Bull.Job<InboxJobData>): Promise<string> => {
 	}
 
 	// HTTP-Signatureの検証
-	if (!httpSignature.verifySignature(signature, authUser.key.keyPem)) {
-		return 'signature verification failed';
-	}
+	const httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem);
 
-	// signatureのsignerは、activity.actorと一致する必要がある
-	if (authUser.user.uri !== activity.actor) {
+	// また、signatureのsignerは、activity.actorと一致する必要がある
+	if (!httpSignatureValidated || authUser.user.uri !== activity.actor) {
 		// 一致しなくても、でもLD-Signatureがありそうならそっちも見る
 		if (activity.signature) {
 			if (activity.signature.type !== 'RsaSignature2017') {
@@ -93,7 +91,7 @@ export default async (job: Bull.Job<InboxJobData>): Promise<string> => {
 				return `skip: LD-Signature user(${authUser.user.uri}) !== activity.actor(${activity.actor})`;
 			}
 		} else {
-			return 'signature verification failed';
+			throw `skip: http-signature verification failed.`;
 		}
 	}
 
-- 
cgit v1.2.3-freya