New function srv_archive_error().

activitypub.c

@@ -930,8 +930,13 @@ int process_input_message(snac *snac, char *msg, char *req)
     }
 
     /* check the signature */
-    if (!check_signature(snac, req)) {
-        snac_log(snac, xs_fmt("bad signature %s", actor));
+    xs *sig_err = NULL;
+
+    if (!check_signature(snac, req, &sig_err)) {
+        snac_log(snac, xs_fmt("bad signature %s (%s)", actor, sig_err));
+
+        srv_archive_error("check_signature", sig_err, req, msg);
+
         return 1;
     }
 

data.c

@@ -1844,3 +1844,33 @@ void srv_archive(const char *direction, xs_dict *req,
         }
     }
 }
+
+
+void srv_archive_error(const char *prefix, const xs_str *err,
+                       const xs_dict *req, const xs_dict *data)
+/* archives an error */
+{
+    xs *ntid = tid(0);
+    xs *fn   = xs_fmt("%s/error/%s_%s", srv_basedir, prefix, ntid);
+    FILE *f;
+
+    if ((f = fopen(fn, "w")) != NULL) {
+        fprintf(f, "Error: %s\n", err);
+
+        if (req) {
+            fprintf(f, "Request headers:\n");
+
+            xs *j = xs_json_dumps_pp(req, 4);
+            fwrite(j, strlen(j), 1, f);
+        }
+
+        if (data) {
+            fprintf(f, "Data:\n");
+
+            xs *j = xs_json_dumps_pp(data, 4);
+            fwrite(j, strlen(j), 1, f);
+        }
+
+        fclose(f);
+    }
+}

http.c

@@ -119,7 +119,7 @@ xs_dict *http_signed_request(snac *snac, const char *method, const char *url,
 }
 
 
-static int _check_signature(snac *snac, char *req, char **err)
+int check_signature(snac *snac, xs_dict *req, xs_str **err)
 /* check the signature */
 {
     char *sig_hdr = xs_dict_get(req, "signature");
@@ -134,7 +134,8 @@ static int _check_signature(snac *snac, char *req, char **err)
     {
         /* extract the values */
         xs *l = xs_split(sig_hdr, ",");
-        char *v;
+        xs_list *p;
+        xs_val *v;
 
         p = l;
         while (xs_list_iter(&p, &v)) {
@@ -182,7 +183,8 @@ static int _check_signature(snac *snac, char *req, char **err)
 
     {
         xs *l = xs_split(headers, " ");
-        char *v;
+        xs_list *p;
+        xs_val *v;
 
         p = l;
         while (xs_list_iter(&p, &v)) {
@@ -224,30 +226,3 @@ static int _check_signature(snac *snac, char *req, char **err)
 
     return 1;
 }
-
-
-int check_signature(snac *snac, char *req)
-/* checks the signature and archives the error */
-{
-    int ret;
-    xs *err = NULL;
-
-    if ((ret = _check_signature(snac, req, &err)) == 0) {
-        snac_debug(snac, 1, xs_fmt("check_signature %s", err));
-
-        xs *ntid = tid(0);
-        xs *fn   = xs_fmt("%s/error/check_signature_%s", srv_basedir, ntid);
-        FILE *f;
-
-        if ((f = fopen(fn, "w")) != NULL) {
-            fprintf(f, "Error: %s\nRequest headers:\n", err);
-
-            xs *j = xs_json_dumps_pp(req, 4);
-
-            fwrite(j, strlen(j), 1, f);
-            fclose(f);
-        }
-    }
-
-    return ret;
-}

snac.h

@@ -55,6 +55,8 @@ void srv_archive(const char *direction, xs_dict *req,
                  const char *payload, int p_size,
                  int status, xs_dict *headers,
                  const char *body, int b_size);
+void srv_archive_error(const char *prefix, const xs_str *err,
+                       const xs_dict *req, const xs_dict *data);
 
 double mtime_nl(const char *fn, int *n_link);
 #define mtime(fn) mtime_nl(fn, NULL)
@@ -157,7 +159,7 @@ xs_dict *http_signed_request(snac *snac, const char *method, const char *url,
                             const char *body, int b_size,
                             int *status, xs_str **payload, int *p_size,
                             int timeout);
-int check_signature(snac *snac, char *req);
+int check_signature(snac *snac, xs_dict *req, xs_str **err);
 
 void httpd(void);