Route Move activity (calls stub function account_move ), require that the HTTP signature matches the actor field of posted activities

src/controller/inbox.c

@@ -232,6 +232,42 @@ static bool route_update( struct ap_activity* act )
 	return true;
 }
 
+static bool route_move( struct ap_activity* act )
+{
+	bool result = false;
+	struct account* a = NULL;
+
+	if( act->object.tag != apaot_ref ) { goto discard; }
+
+	// TODO: make this work
+	printf( "TODO: move %s to %s\n", act->object.ref, act->target );
+
+	// Make sure this belongs to a local account
+	a = account_from_uri( act->object.ref );
+	if( !a ) { goto discard; }
+
+	// Verify the target is an existing alias
+	bool is_alias = false;
+	for( int i = 0; i < a->aliases.count; ++i ) {
+		if( 0 == strcmp( a->aliases.items[i], act->target ) ) {
+			goto is_alias;
+		}
+	}
+	goto failed;
+is_alias:
+
+	account_move( a, act->target );
+
+discard:
+	result = true;
+cleanup:
+	account_free(a);
+	return result;
+failed:
+	result = false;
+	goto cleanup;
+}
+
 static bool route_create( struct ap_activity* act )
 {
 	struct status* s = NULL;
@@ -344,6 +380,7 @@ bool route_activity( struct ap_activity* act )
 		case apat_add:			return route_add(act);
 		case apat_emoji_react:	return route_emoji_react(act);
 		case apat_update:		return route_update(act);
+		case apat_move:		return route_move(act);
 		default:
 			printf( "Unhandled activity type: %d\n", act->type );
 	}
@@ -386,7 +423,7 @@ static bool process_one()
 	}
 
 	// Validate signature
-	env->validated = http_signature_validate( env, "post /inbox" );
+	env->validated = http_signature_validate( env, "post /inbox", act->actor );
 
 	if( !env->validated ) { goto failed; }
 

src/controller/test/crypto.c

@@ -65,7 +65,7 @@ static bool test_http_signature()
 		.body = "{\"hello\": \"world\"}",
 	};
 
-	return http_signature_validate( &env, "post /foo?param=value&pet=dog" );
+	return http_signature_validate( &env, "post /foo?param=value&pet=dog", "Test" );
 }
 static bool test_http_signature_2()
 {
@@ -104,7 +104,7 @@ static bool test_http_signature_2()
 		.body = "{\"hello\": \"world\"}",
 	};
 
-	result = http_signature_validate( &env, "post /inbox" );
+	result = http_signature_validate( &env, "post /inbox", "Test" );
 cleanup:
 	http_signature_free(&hs);
 	crypto_keys_free(keys);

src/model/account.c

@@ -613,6 +613,10 @@ void account_list_following( struct account* a, int offset, int limit, void* id_
 	char filename[512];
 	account_list( format( filename, sizeof(filename), "data/accounts/%d/following", a->id ), offset, limit, id_array );
 }
+void account_move( struct account* a, const char* new_uri )
+{
+	printf( "TODO: implement account move\n" );
+}
 bool account_does_follow( struct account* a, int account_id )
 {
 	char index[512];

src/model/account.h

@@ -84,6 +84,8 @@ void account_unfollow( struct account* a, struct account* to_unfollow );
 void account_list_followers( struct account* a, int offset, int limit, void* id_array );
 void account_list_following( struct account* a, int offset, int limit, void* id_array );
 
+void account_move( struct account* a, const char* new_uri );
+
 void account_announce( struct account* a, struct status* s );
 
 bool account_does_follow( struct account* a, int account_id );

src/model/crypto/http_sign.c

@@ -142,7 +142,7 @@ failed:
 	goto cleanup;
 }
 
-bool http_signature_validate( struct ap_envelope* env, const char* request_target )
+bool http_signature_validate( struct ap_envelope* env, const char* request_target, const char* expected_actor )
 {
 	char* signature_header = NULL;
 	char* date_header = NULL;
@@ -222,6 +222,11 @@ bool http_signature_validate( struct ap_envelope* env, const char* request_targe
 			goto failed;
 		}
 
+		if( 0 != strcmp( actor_uri, expected_actor ) ) {
+			printf( "! Signature doesn't match actor (Expected %s, got %s)\n", expected_actor, actor_uri );
+			goto failed;
+		}
+
 		// Get the account
 		struct account* actor = account_from_uri_or_fetch(actor_uri);
 		if( !actor ) {

src/model/crypto/http_sign.h

@@ -14,5 +14,5 @@ struct http_signature
 
 bool http_signature_make( const char* inbox, struct crypto_keys* keys, struct http_signature* sign );
 void http_signature_free( struct http_signature* sign );
-bool http_signature_validate( struct ap_envelope* env, const char* request_target );
+bool http_signature_validate( struct ap_envelope* env, const char* request_target, const char* expected_actor );