fix constant panics when keystore is weird

2023-08-03 11:30:50 -04:00 · 2023-08-03 11:30:50 -04:00 · afbd1d2ba0
parent 750aabc83c
commit afbd1d2ba0
1 changed files with 16 additions and 13 deletions
--- a/trifid-api/src/routes/v1/dnclient.rs
+++ b/trifid-api/src/routes/v1/dnclient.rs
@ -70,13 +70,11 @@ pub async fn dnclient(
    let client_keys = host_in_ks
        .client_keys
        .iter()
-        .find(|u| u.id == req.counter as u64)
-        .unwrap();
+        .find(|u| u.id == req.counter as u64);
    let client_keys_2 = host_in_ks
        .client_keys
        .iter()
-        .find(|u| u.id == host_in_ks.current_client_key)
-        .unwrap();
+        .find(|u| u.id == host_in_ks.current_client_key);;

    let signature = match Signature::from_slice(&req.signature) {
        Ok(sig) => sig,
@ -92,15 +90,20 @@ pub async fn dnclient(
        }
    };

-    if client_keys
-        .ed_pub
-        .verify(req.message.as_bytes(), &signature)
-        .is_err()
-        && client_keys_2
-            .ed_pub
-            .verify(req.message.as_bytes(), &signature)
-            .is_err()
-    {
+    let mut valid = false;
+
+    if let Some(client_keys) = client_keys {
+        if client_keys.ed_pub.verify(req.message.as_bytes(), &signature).is_ok() {
+            valid = true;
+        }
+    }
+    if let Some(client_keys_2) = client_keys_2 {
+        if client_keys_2.ed_pub.verify(req.message.as_bytes(), &signature).is_ok() {
+            valid = true;
+        }
+    }
+
+    if !valid {
        // Be intentionally vague as the message is invalid.
        warn!("! invalid signature from {}", host);
        return HttpResponse::Unauthorized().json(vec![APIError {