aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xlacme-accountd15
1 files changed, 9 insertions, 6 deletions
diff --git a/lacme-accountd b/lacme-accountd
index 0f5deb2..5794ec1 100755
--- a/lacme-accountd
+++ b/lacme-accountd
@@ -239,19 +239,22 @@ sub conn($$$) {
$data =~ s/\r\n\z// or panic();
my ($header, $payload) = split(/\./, $data, 2);
- unless (defined $header and $header =~ /\A[A-Za-z0-9\-_]+\z/) {
+ if (defined $header and $header =~ /\A[A-Za-z0-9\-_]+\z/) {
+ $header = decode_base64url($header);
+ } else {
info("[$id] >>> Error: Refusing to sign request: Malformed protected header");
last;
}
- unless (defined $payload and $payload =~ /\A[A-Za-z0-9\-_]*\z/) {
- # POST-as-GET yields an empty payload
+ if (defined $payload and $payload =~ /\A[A-Za-z0-9\-_]*\z/) {
+ # empty payloads are valid, cf. POST-as-GET
+ $payload = decode_base64url($payload);
+ } else {
info("[$id] >>> Error: Refusing to sign request: Malformed payload");
last;
}
- logmsg(noquiet => "[$id] >>> OK signing request: ",
- "header=base64url(", decode_base64url($header), "); ",
- "playload=base64url(", decode_base64url($payload), ")");
+ my $req = "header=base64url($header); playload=base64url($payload)";
+ logmsg(noquiet => "[$id] >>> OK signing request: ", $req);
my $sig = $SIGN->($data);
$out->printflush( encode_base64url($sig), "\r\n" ) or warn "print: $!";