HelloZeroNet
/
ZeroNet
mirror of https://github.com/HelloZeroNet/ZeroNet.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Only verify content after valid signiture

This commit is contained in:
shortcutme 2018-03-29 02:55:53 +02:00
parent f162987a4f
commit 508d2472e9
No known key found for this signature in database
GPG Key ID: 5B63BAE6CB9613AE
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/Content/ContentManager.py
View File

@ -858,8 +858,6 @@ class ContentManager(object):
'"modified": %s' % modified_fixed
)
self.verifyContent(inner_path, new_content)
if signs: # New style signing
valid_signers = self.getValidSigners(inner_path, new_content)
signs_required = self.getSignsRequired(inner_path, new_content)
@ -881,10 +879,10 @@ class ContentManager(object):
if valid_signs < signs_required:
raise VerifyError("Valid signs: %s/%s" % (valid_signs, signs_required))
else:
return True
return self.verifyContent(inner_path, new_content)
else: # Old style signing
if CryptBitcoin.verify(sign_content, self.site.address, sign):
return True
return self.verifyContent(inner_path, new_content)
else:
raise VerifyError("Invalid old-style sign")