Merge pull request #11885 from annando/tolerant-receiver

Be more tolerant when receiving messages
This commit is contained in:
Tobias Diekershoff 2022-09-04 15:11:43 +02:00 committed by GitHub
commit da655f5159
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 207 additions and 201 deletions

View file

@ -1,5 +1,5 @@
-- ------------------------------------------
-- Friendica 2022.09-dev (Giant Rhubarb)
-- Friendica 2022.09-rc (Giant Rhubarb)
-- DB_UPDATE_VERSION 1481
-- ------------------------------------------

View file

@ -122,20 +122,21 @@ class Receiver
$http_signer = HTTPSignature::getSigner($body, $header);
if ($http_signer === false) {
Logger::warning('Invalid HTTP signature, message will be discarded.', ['uid' => $uid, 'actor' => $actor, 'header' => $header, 'body' => $body]);
return;
Logger::notice('Invalid HTTP signature, message will not be trusted.', ['uid' => $uid, 'actor' => $actor, 'header' => $header, 'body' => $body]);
$signer = [];
} elseif (empty($http_signer)) {
Logger::info('Signer is a tombstone. The message will be discarded, the signer account is deleted.');
return;
} else {
Logger::info('Valid HTTP signature', ['signer' => $http_signer]);
$signer = [$http_signer];
}
$signer = [$http_signer];
Logger::info('Message for user ' . $uid . ' is from actor ' . $actor);
if (LDSignature::isSigned($activity)) {
if ($http_signer === false) {
$trust_source = false;
} elseif (LDSignature::isSigned($activity)) {
$ld_signer = LDSignature::getSigner($activity);
if (empty($ld_signer)) {
Logger::info('Invalid JSON-LD signature from ' . $actor);

File diff suppressed because it is too large Load diff