From d03c435563be5a4ba564749785e90067aee41858 Mon Sep 17 00:00:00 2001
From: Felix Ableitner <me@nutomic.com>
Date: Mon, 6 Jul 2020 14:20:29 +0200
Subject: [PATCH] Revert "Verify activitypub payload digests (#885)"

This reverts commit 916592944af8e32f2044c9acf0d57eb7991427a5.
---
 server/Cargo.lock               |  4 ++--
 server/Cargo.toml               |  2 +-
 server/src/routes/federation.rs | 12 +++---------
 3 files changed, 6 insertions(+), 12 deletions(-)

diff --git a/server/Cargo.lock b/server/Cargo.lock
index 7b0d9a88c..c54419e10 100644
--- a/server/Cargo.lock
+++ b/server/Cargo.lock
@@ -1413,9 +1413,9 @@ dependencies = [
 
 [[package]]
 name = "http-signature-normalization-actix"
-version = "0.4.0-alpha.1"
+version = "0.4.0-alpha.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1c6efbc3e600cdd617585f4f15be3726c6942fb2eba3c8c79474c5d3159ad7c0"
+checksum = "09afff6987c7edbed101d1cddd2185786fb0af0dd9c06b654aca73a0a763680f"
 dependencies = [
  "actix-http",
  "actix-web",
diff --git a/server/Cargo.toml b/server/Cargo.toml
index 225079940..8daf72c4a 100644
--- a/server/Cargo.toml
+++ b/server/Cargo.toml
@@ -43,7 +43,7 @@ percent-encoding = "2.1.0"
 comrak = "0.7"
 openssl = "0.10"
 http = "0.2.1"
-http-signature-normalization-actix = { version = "0.4.0-alpha.1", default-features = false, features = ["sha-2"] }
+http-signature-normalization-actix = { version = "0.4.0-alpha.0", default-features = false, features = ["sha-2"] }
 base64 = "0.12.1"
 tokio = "0.2.21"
 futures = "0.3.5"
diff --git a/server/src/routes/federation.rs b/server/src/routes/federation.rs
index 20b5dc834..fe6e33657 100644
--- a/server/src/routes/federation.rs
+++ b/server/src/routes/federation.rs
@@ -12,8 +12,6 @@ use crate::{
   settings::Settings,
 };
 use actix_web::*;
-use http_signature_normalization_actix::digest::middleware::VerifyDigest;
-use sha2::{Digest, Sha256};
 
 pub fn config(cfg: &mut web::ServiceConfig) {
   if Settings::get().federation.enabled {
@@ -40,12 +38,8 @@ pub fn config(cfg: &mut web::ServiceConfig) {
           .route("/comment/{comment_id}", web::get().to(get_apub_comment)),
       )
       // Inboxes dont work with the header guard for some reason.
-      .service(
-        web::scope("/")
-          .wrap(VerifyDigest::new(Sha256::new()))
-          .route("/c/{community_name}/inbox", web::post().to(community_inbox))
-          .route("/u/{user_name}/inbox", web::post().to(user_inbox))
-          .route("/inbox", web::post().to(shared_inbox)),
-      );
+      .route("/c/{community_name}/inbox", web::post().to(community_inbox))
+      .route("/u/{user_name}/inbox", web::post().to(user_inbox))
+      .route("/inbox", web::post().to(shared_inbox));
   }
 }