Additional checks

diff --git a/src/Protocol/Diaspora.php b/src/Protocol/Diaspora.php
index ffa47b16884cbe6e9009be1683ddd2f441b1ea9e..097ec8ddd58d9fb3ee9781af1802d72c3876fa7d 100644 (file)
--- a/src/Protocol/Diaspora.php
+++ b/src/Protocol/Diaspora.php
@@ -221,6 +221,11 @@ class Diaspora
 
                $signable_data = $msg.".".base64url_encode($type).".".base64url_encode($encoding).".".base64url_encode($alg);
 
+               if ($handle == '') {
+                       logger('No author could be decoded. Discarding. Message: ' . $envelope);
+                       return false;
+               }
+
                $key = self::key($handle);
                if ($key == '') {
                        logger("Couldn't get a key for handle " . $handle . ". Discarding.");
@@ -331,6 +336,10 @@ class Diaspora
                }
 
                $key = self::key($author_addr);
+               if ($key == '') {
+                       logger("Couldn't get a key for handle " . $author_addr . ". Discarding.");
+                       System::httpExit(400);
+               }
 
                $verify = Crypto::rsaVerify($signed_data, $signature, $key);
                if (!$verify) {