From: Felix Ableitner Date: Tue, 29 Sep 2020 14:46:49 +0000 (+0200) Subject: Also sign the digest header X-Git-Url: http://these/git/%22https:/join-lemmy.org/%7Bthis.state.url%7D?a=commitdiff_plain;h=c1db1042ad8e06f0789550d46fd539946e8126e0;p=lemmy.git Also sign the digest header --- diff --git a/lemmy_apub/src/extensions/signatures.rs b/lemmy_apub/src/extensions/signatures.rs index 3ab42c8d..dd525068 100644 --- a/lemmy_apub/src/extensions/signatures.rs +++ b/lemmy_apub/src/extensions/signatures.rs @@ -27,13 +27,19 @@ lazy_static! { /// Signs request headers with the given keypair. pub async fn sign( client: &Client, - headers: BTreeMap, + mut headers: BTreeMap, url: &Url, activity: String, actor_id: &Url, private_key: String, ) -> Result { let signing_key_id = format!("{}#main-key", actor_id); + let digest = format!( + "{}={}", + Sha256::NAME, + Sha256::new().compute(activity.as_bytes()) + ); + headers.insert("Digest".into(), digest); let mut path_and_query = url.path().to_string(); if let Some(query) = url.query() { @@ -49,11 +55,6 @@ pub async fn sign( Ok(base64::encode(signer.sign_to_vec()?)) as Result<_, LemmyError> })? .signature_header(); - let digest = format!( - "{}={}", - Sha256::NAME, - Sha256::new().compute(activity.as_bytes()) - ); let mut header_map = HeaderMap::new(); for h in headers { @@ -66,7 +67,6 @@ pub async fn sign( .post(&url.to_string()) .headers(header_map) .header("Signature", signature_header_value) - .header("Digest", digest) .body(activity); Ok(signed_request.build()?)