borekon/PeerTube_original
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Increase clock skew for HTTP signatures

Browse Source
This commit is contained in:
Chocobozzz 2019-10-25 14:53:39 +02:00
parent 4ce7eb71ba
commit f67d757452
No known key found for this signature in database
GPG Key ID: 583A612D890159BE
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
server/initializers/constants.ts
View File

@ -467,7 +467,8 @@ const ACTIVITY_PUB_ACTOR_TYPES: { [ id: string ]: ActivityPubActorType } = {
const HTTP_SIGNATURE = { const HTTP_SIGNATURE = {
HEADER_NAME: 'signature', HEADER_NAME: 'signature',
ALGORITHM: 'rsa-sha256', ALGORITHM: 'rsa-sha256',
HEADERS_TO_SIGN: [ '(request-target)', 'host', 'date', 'digest' ] HEADERS_TO_SIGN: [ '(request-target)', 'host', 'date', 'digest' ],
CLOCK_SKEW_SECONDS: 1800
} }
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------

2
server/middlewares/activitypub.ts
View File

@ -55,7 +55,7 @@ async function checkHttpSignature (req: Request, res: Response) {
const sig = req.headers[HTTP_SIGNATURE.HEADER_NAME] as string const sig = req.headers[HTTP_SIGNATURE.HEADER_NAME] as string
if (sig && sig.startsWith('Signature ') === false) req.headers[HTTP_SIGNATURE.HEADER_NAME] = 'Signature ' + sig if (sig && sig.startsWith('Signature ') === false) req.headers[HTTP_SIGNATURE.HEADER_NAME] = 'Signature ' + sig
const parsed = parseHTTPSignature(req) const parsed = parseHTTPSignature(req, HTTP_SIGNATURE.CLOCK_SKEW_SECONDS)
const keyId = parsed.keyId const keyId = parsed.keyId
if (!keyId) { if (!keyId) {