cat aescling's git repositories - mastodon.git/commit

]> cat aescling's git repositories - mastodon.git/commit

cat aescling's git repositories / mastodon.git / commit

author	ThibG <thib@sitedethib.com>
	Mon, 7 Jan 2019 20:45:13 +0000 (21:45 +0100)
committer	Eugen Rochko <eugen@zeonfederated.com>
	Mon, 7 Jan 2019 20:45:13 +0000 (21:45 +0100)
commit	28b482874ab4393639a77fdd895658096bcbfd57
tree	3f0dfa3d6abfdddf378e57bf0d2aba07b0e2c442	tree \| snapshot
parent	cf3c0fc38cd2650a421f46a5f221d1d645ef6c7b	commit \| diff

Improvements to signature verification (#9667)

* Refactor signature verification a bit

* Rescue signature verification if recorded public key is invalid

Fixes #8822

* Always re-fetch AP signing key when HTTP Signature verification fails

But when the account is not marked as stale, avoid fetching collections and
media, and avoid webfinger round-trip.

* Apply stoplight to key/account update as well as initial key retrieval

app/controllers/concerns/signature_verification.rb		diff \| blob \| history
app/services/activitypub/fetch_remote_account_service.rb		diff \| blob \| history
app/services/activitypub/process_account_service.rb		diff \| blob \| history

source code fur Kibicat Mastodon

RSS Atom