nocebo/diaspora_federation
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Don't check the author_signature when the author is the parent author

Browse source 
The signature from the Magic Envelope is enough for that scenario,
because it's all from the same person.
This commit is contained in:
Benjamin Neff 2017-05-14 04:44:09 +02:00
parent 6817579072
commit 57edc8baab
No known key found for this signature in database
GPG key ID: 971464C3F1A90194
3 changed files with 16 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
docs/federation/relayable.md
View file

@ -24,14 +24,17 @@ All relayables have the following properties:
## Relaying
The author of the relayable sends the entity to the parent author. The author must include the `author_signature`.
If the author is not the same as the parent author, the author of the relayable sends the entity to the parent author
and the author must include the `author_signature`.
The parent author then must envelop it in a new [Magic Envelope][magicsig] and send the entity to all the recipients
of the parent entity. If the author and the parent author are on the same server, the author must sign the
`author_signature` and the parent author needs to sign the Magic Envelope.
If someone other then the parent author receives a relayable without a valid Magic Envelope signed from
the parent author, it must be ignored. If the `author_signature` is missing or invalid, it also must be ignored.
the parent author, it must be ignored. If the author is not the same as the parent author and the `author_signature`
is missing or invalid, it also must be ignored. If the author is the same as the parent author, the `author_signature`
can be missing, because a valid signature in the Magic Envelope from the author is enough in that case.
## Signatures

4
lib/diaspora_federation/entities/relayable.rb
View file

@ -70,13 +70,13 @@ module DiasporaFederation
super(data)
end
# Verifies the +author_signature+.
# Verifies the +author_signature+ if needed.
# @see DiasporaFederation::Entities::Signable#verify_signature
#
# @raise [SignatureVerificationFailed] if the signature is not valid
# @raise [PublicKeyNotFound] if no public key is found
def verify_signature
super(author, :author_signature)
super(author, :author_signature) unless author == parent.author
end
def sender_valid?(sender)

9
spec/lib/diaspora_federation/entities/relayable_spec.rb
View file

@ -69,6 +69,15 @@ module DiasporaFederation
}.to raise_error Entities::Relayable::SignatureVerificationFailed
end
it "doesn't raise when no author signature was passed, but the author is also the parent author" do
hash[:author_signature] = nil
hash[:parent] = Fabricate(:related_entity, author: author, local: false)
expect {
Entities::SomeRelayable.new(hash, signature_order).verify_signature
}.not_to raise_error
end
it "raises when bad author signature was passed" do
hash[:author_signature] = sign_with_key(author_pkey, "bad signed string")