Don't calculate sig for payloads that don't need it

Signed-off-by: Maxime “pep” Buquet <pep@bouah.net>
This commit is contained in:
Maxime “pep” Buquet 2024-07-24 19:35:27 +02:00
parent a9a16c30bf
commit edd0e0074a
Signed by: pep
GPG key ID: DEDA74AEECA9D0F2

View file

@ -56,10 +56,22 @@ async fn hooks_inner(req: Request<Incoming>, secret: &str) -> Result<Hook, Error
return Err(Error::InvalidContentType); return Err(Error::InvalidContentType);
} }
// Get payload and generate hmac signature // Get payload
let mut payload: Vec<u8> = vec![]; let mut payload: Vec<u8> = vec![];
let whole_body = req.collect().await?.aggregate(); let whole_body = req.collect().await?.aggregate();
whole_body.reader().read_to_end(&mut payload)?; whole_body.reader().read_to_end(&mut payload)?;
if let Some(val) = headers.get("X-Gitlab-Token") {
debug!("Found Gitlab payload");
if secret != val {
return Err(Error::InvalidSecret);
}
let hook: GitlabHook = serde_json::from_slice(&payload[..])?;
return Ok(Hook::Gitlab(hook));
}
// Generate hmac signature
let mut mac = HmacSha256::new_from_slice(secret.as_bytes())?; let mut mac = HmacSha256::new_from_slice(secret.as_bytes())?;
mac.update(&payload); mac.update(&payload);
let result = mac.finalize().into_bytes(); let result = mac.finalize().into_bytes();
@ -76,14 +88,6 @@ async fn hooks_inner(req: Request<Incoming>, secret: &str) -> Result<Hook, Error
let hook: ForgejoHook = serde_json::from_slice(&payload[..])?; let hook: ForgejoHook = serde_json::from_slice(&payload[..])?;
return Ok(Hook::Forgejo(hook)); return Ok(Hook::Forgejo(hook));
debug!("Found Forgejo payload."); debug!("Found Forgejo payload.");
} else if let Some(val) = headers.get("X-Gitlab-Token") {
debug!("Found Gitlab payload");
if secret != val {
return Err(Error::InvalidSecret);
}
let hook: GitlabHook = serde_json::from_slice(&payload[..])?;
return Ok(Hook::Gitlab(hook));
} }
// No match found for the payload // No match found for the payload