Merge branch 'master' into glitch-soc/merge-upstream

Conflicts: app/controllers/api/v1/mutes_controller.rb config/locales/simple_form.pl.yml
2018-08-27 17:30:42 +02:00
parent af934b9071 81697997a3
commit 53b7bb9d04
83 changed files with 900 additions and 120 deletions
--- a/app/lib/activitypub/activity/update.rb
+++ b/app/lib/activitypub/activity/update.rb
@ -11,6 +11,6 @@ class ActivityPub::Activity::Update < ActivityPub::Activity

  def update_account
    return if @account.uri != object_uri
-    ActivityPub::ProcessAccountService.new.call(@account.username, @account.domain, @object)
+    ActivityPub::ProcessAccountService.new.call(@account.username, @account.domain, @object, signed_with_known_key: true)
  end
 end
--- a/app/lib/activitypub/linked_data_signature.rb
+++ b/app/lib/activitypub/linked_data_signature.rb
@ -32,7 +32,7 @@ class ActivityPub::LinkedDataSignature
    end
  end

-  def sign!(creator)
+  def sign!(creator, sign_with: nil)
    options = {
      'type'    => 'RsaSignature2017',
      'creator' => [ActivityPub::TagManager.instance.uri_for(creator), '#main-key'].join,
@ -42,8 +42,9 @@ class ActivityPub::LinkedDataSignature
    options_hash  = hash(options.without('type', 'id', 'signatureValue').merge('@context' => CONTEXT))
    document_hash = hash(@json.without('signature'))
    to_be_signed  = options_hash + document_hash
+    keypair       = sign_with.present? ? OpenSSL::PKey::RSA.new(sign_with) : creator.keypair

-    signature = Base64.strict_encode64(creator.keypair.sign(OpenSSL::Digest::SHA256.new, to_be_signed))
+    signature = Base64.strict_encode64(keypair.sign(OpenSSL::Digest::SHA256.new, to_be_signed))

    @json.merge('signature' => options.merge('signatureValue' => signature))
  end
--- a/app/lib/feed_manager.rb
+++ b/app/lib/feed_manager.rb
@ -288,7 +288,7 @@ class FeedManager
      # remains in the set. We could pick a random element, but this
      # set should generally be small, and it seems ideal to show the
      # oldest potential such reblog.
-      other_reblog = redis.smembers(reblog_set_key).map(&:to_i).sort.first
+      other_reblog = redis.smembers(reblog_set_key).map(&:to_i).min

      redis.zadd(timeline_key, other_reblog, other_reblog) if other_reblog

--- a/app/lib/request.rb
+++ b/app/lib/request.rb
@ -22,10 +22,11 @@ class Request
    set_digest! if options.key?(:body)
  end

-  def on_behalf_of(account, key_id_format = :acct)
+  def on_behalf_of(account, key_id_format = :acct, sign_with: nil)
    raise ArgumentError unless account.local?

    @account       = account
+    @keypair       = sign_with.present? ? OpenSSL::PKey::RSA.new(sign_with) : @account.keypair
    @key_id_format = key_id_format

    self
@ -70,7 +71,7 @@ class Request

  def signature
    algorithm = 'rsa-sha256'
-    signature = Base64.strict_encode64(@account.keypair.sign(OpenSSL::Digest::SHA256.new, signed_string))
+    signature = Base64.strict_encode64(@keypair.sign(OpenSSL::Digest::SHA256.new, signed_string))

    "keyId=\"#{key_id}\",algorithm=\"#{algorithm}\",headers=\"#{signed_headers}\",signature=\"#{signature}\""
  end