From 02b4d3f347b3150f3e2fa2906df8bd10fb3b5ccc Mon Sep 17 00:00:00 2001
From: Benjamin Neff <benjamin@coding4coffee.ch>
Date: Thu, 11 May 2017 01:42:55 +0200
Subject: [PATCH] Don't raise when the public key of a person is "broken"

Breaking a public key of a person can be used to "block" receiving posts
from this person on the pod. So we should handle that case better and
not just trigger many retries for something that will fail again.

closes #7448
---
 Changelog.md                               |  1 +
 app/models/person.rb                       |  2 ++
 config/initializers/diaspora_federation.rb |  3 +--
 spec/models/person_spec.rb                 | 13 +++++++++++++
 4 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/Changelog.md b/Changelog.md
index cd78e1cd08..b4ee909435 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -7,6 +7,7 @@
 * Make photo upload button hover text translatable [#7429](https://github.com/diaspora/diaspora/pull/7429)
 * Fix first comment in mobile view with french locale [#7441](https://github.com/diaspora/diaspora/pull/7441)
 * Use post page title and post author in atom feed [#7420](https://github.com/diaspora/diaspora/pull/7420)
+* Handle broken public keys when receiving posts [#7448](https://github.com/diaspora/diaspora/pull/7448)
 
 ## Features
 
diff --git a/app/models/person.rb b/app/models/person.rb
index 1f86c28bcd..f4a5202ade 100644
--- a/app/models/person.rb
+++ b/app/models/person.rb
@@ -229,6 +229,8 @@ class Person < ActiveRecord::Base
 
   def public_key
     OpenSSL::PKey::RSA.new(serialized_public_key)
+  rescue OpenSSL::PKey::RSAError
+    nil
   end
 
   def exported_key
diff --git a/config/initializers/diaspora_federation.rb b/config/initializers/diaspora_federation.rb
index 49ff3da6cd..aff729ec4b 100644
--- a/config/initializers/diaspora_federation.rb
+++ b/config/initializers/diaspora_federation.rb
@@ -72,8 +72,7 @@ DiasporaFederation.configure do |config|
     end
 
     on :fetch_public_key do |diaspora_id|
-      key = Person.find_or_fetch_by_identifier(diaspora_id).serialized_public_key
-      OpenSSL::PKey::RSA.new(key) unless key.nil?
+      Person.find_or_fetch_by_identifier(diaspora_id).public_key
     end
 
     on :fetch_related_entity do |entity_type, guid|
diff --git a/spec/models/person_spec.rb b/spec/models/person_spec.rb
index bb2bb7d6b9..f9e76db512 100644
--- a/spec/models/person_spec.rb
+++ b/spec/models/person_spec.rb
@@ -479,6 +479,19 @@ describe Person, :type => :model do
     end
   end
 
+  describe "#public_key" do
+    it "returns the public key for the person" do
+      key = @person.public_key
+      expect(key).to be_a(OpenSSL::PKey::RSA)
+      expect(key.to_s).to eq(@person.serialized_public_key)
+    end
+
+    it "handles broken keys and returns nil" do
+      @person.update_attributes(serialized_public_key: "broken")
+      expect(@person.public_key).to be_nil
+    end
+  end
+
   context 'people finders for webfinger' do
     let(:user) { FactoryGirl.create(:user) }
     let(:person) { FactoryGirl.create(:person) }
-- 
GitLab