From d03c435563be5a4ba564749785e90067aee41858 Mon Sep 17 00:00:00 2001 From: Felix Ableitner Date: Mon, 6 Jul 2020 14:20:29 +0200 Subject: [PATCH] Revert "Verify activitypub payload digests (#885)" This reverts commit 916592944af8e32f2044c9acf0d57eb7991427a5. --- server/Cargo.lock | 4 ++-- server/Cargo.toml | 2 +- server/src/routes/federation.rs | 12 +++--------- 3 files changed, 6 insertions(+), 12 deletions(-) diff --git a/server/Cargo.lock b/server/Cargo.lock index 7b0d9a88..c54419e1 100644 --- a/server/Cargo.lock +++ b/server/Cargo.lock @@ -1413,9 +1413,9 @@ dependencies = [ [[package]] name = "http-signature-normalization-actix" -version = "0.4.0-alpha.1" +version = "0.4.0-alpha.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1c6efbc3e600cdd617585f4f15be3726c6942fb2eba3c8c79474c5d3159ad7c0" +checksum = "09afff6987c7edbed101d1cddd2185786fb0af0dd9c06b654aca73a0a763680f" dependencies = [ "actix-http", "actix-web", diff --git a/server/Cargo.toml b/server/Cargo.toml index 22507994..8daf72c4 100644 --- a/server/Cargo.toml +++ b/server/Cargo.toml @@ -43,7 +43,7 @@ percent-encoding = "2.1.0" comrak = "0.7" openssl = "0.10" http = "0.2.1" -http-signature-normalization-actix = { version = "0.4.0-alpha.1", default-features = false, features = ["sha-2"] } +http-signature-normalization-actix = { version = "0.4.0-alpha.0", default-features = false, features = ["sha-2"] } base64 = "0.12.1" tokio = "0.2.21" futures = "0.3.5" diff --git a/server/src/routes/federation.rs b/server/src/routes/federation.rs index 20b5dc83..fe6e3365 100644 --- a/server/src/routes/federation.rs +++ b/server/src/routes/federation.rs @@ -12,8 +12,6 @@ use crate::{ settings::Settings, }; use actix_web::*; -use http_signature_normalization_actix::digest::middleware::VerifyDigest; -use sha2::{Digest, Sha256}; pub fn config(cfg: &mut web::ServiceConfig) { if Settings::get().federation.enabled { @@ -40,12 +38,8 @@ pub fn config(cfg: &mut web::ServiceConfig) { .route("/comment/{comment_id}", web::get().to(get_apub_comment)), ) // Inboxes dont work with the header guard for some reason. - .service( - web::scope("/") - .wrap(VerifyDigest::new(Sha256::new())) - .route("/c/{community_name}/inbox", web::post().to(community_inbox)) - .route("/u/{user_name}/inbox", web::post().to(user_inbox)) - .route("/inbox", web::post().to(shared_inbox)), - ); + .route("/c/{community_name}/inbox", web::post().to(community_inbox)) + .route("/u/{user_name}/inbox", web::post().to(user_inbox)) + .route("/inbox", web::post().to(shared_inbox)); } } -- 2.44.1