about summary refs log tree commit diff
path: root/app/lib/webfinger_resource.rb
diff options
context:
space:
mode:
authorThibG <thib@sitedethib.com>2019-01-07 21:45:13 +0100
committerEugen Rochko <eugen@zeonfederated.com>2019-01-07 21:45:13 +0100
commit28b482874ab4393639a77fdd895658096bcbfd57 (patch)
tree3f0dfa3d6abfdddf378e57bf0d2aba07b0e2c442 /app/lib/webfinger_resource.rb
parentcf3c0fc38cd2650a421f46a5f221d1d645ef6c7b (diff)
Improvements to signature verification (#9667)
* Refactor signature verification a bit

* Rescue signature verification if recorded public key is invalid

Fixes #8822

* Always re-fetch AP signing key when HTTP Signature verification fails

But when the account is not marked as stale, avoid fetching collections and
media, and avoid webfinger round-trip.

* Apply stoplight to key/account update as well as initial key retrieval
Diffstat (limited to 'app/lib/webfinger_resource.rb')
0 files changed, 0 insertions, 0 deletions