From b868b828f190d3ea6d293b4b54df101beb17a49f Mon Sep 17 00:00:00 2001 From: JoeGruff Date: Mon, 28 Jun 2021 14:25:27 +0900 Subject: [PATCH] middleware: Allow alternate vsp auth address. If an alternate address exists for this ticket, check it first and fall back to the commitment address if validation fails. Alternate address failure is allowed so that other endpoints do not need to add a field to all requests specifying whether this is the alternate address's signature or the commitment address's signature. --- background/background.go | 8 ++++++++ webapi/middleware.go | 19 ++++++++++++++++--- 2 files changed, 24 insertions(+), 3 deletions(-) diff --git a/background/background.go b/background/background.go index ab7fe63..c9e3c6e 100644 --- a/background/background.go +++ b/background/background.go @@ -102,6 +102,14 @@ func blockConnected() { log.Errorf("%s: db.DeleteTicket error (ticketHash=%s): %v", funcName, ticket.Hash, err) } + + // This will not error if an alternate signature does not + // exist for ticket. + err = db.DeleteAltSig(ticket.Hash) + if err != nil { + log.Errorf("%s: db.DeleteAltSig error (ticketHash=%s): %v", + funcName, ticket.Hash, err) + } } else { log.Errorf("%s: dcrd.GetRawTransaction for ticket failed (ticketHash=%s): %v", funcName, ticket.Hash, err) diff --git a/webapi/middleware.go b/webapi/middleware.go index 993be96..52700f3 100644 --- a/webapi/middleware.go +++ b/webapi/middleware.go @@ -347,9 +347,22 @@ func vspAuth() gin.HandlerFunc { // Validate request signature to ensure ticket ownership. err = validateSignature(reqBytes, commitmentAddress, c) if err != nil { - log.Warnf("%s: Bad signature (clientIP=%s, ticketHash=%s): %v", funcName, c.ClientIP(), hash, err) - sendError(errBadSignature, c) - return + // Don't return an error straight away if sig validation fails - + // first check if we have an alternate sig address for this ticket. + altSigData, err := db.AltSigData(hash) + if err != nil { + log.Errorf("%s: db.AltSigData failed (ticketHash=%s): %v", funcName, hash, err) + sendError(errInternalError, c) + return + } + + // If we have no alternate sig, or if validating with the alt sig + // fails, return an error to the client. + if altSigData == nil || validateSignature(reqBytes, altSigData.AltSigAddr, c) != nil { + log.Warnf("%s: Bad signature (clientIP=%s, ticketHash=%s)", funcName, c.ClientIP(), hash) + sendError(errBadSignature, c) + return + } } // Add ticket information to context so downstream handlers don't need