Browse files

Fix validation logic in the base consumer

The base consumer is intended to only derive its validation switch from the
on-disk configuration if the child class doesn't override the
validate_signatures switch.

There was a bug here where the default value provided in the base class made it
appear as if *all* child consumers had turned *off* validation, which is

This fix turns on signature validation by default while preserving the ability
of child consumers to override the on-disk configuration in special cases.

Fixes: CVE-2017-1000001
Reviewed-by: Patrick Uiterwijk <>
  • Loading branch information...
ralphbean authored and puiterwijk committed Jan 12, 2017
1 parent 320e9f6 commit 5c21cf88a24fac4c15340cfd68d6d7599ad4a4a2
Showing with 2 additions and 2 deletions.
  1. +2 −2 fedmsg/consumers/
@@ -72,7 +72,7 @@ class FedmsgConsumer(moksha.hub.api.consumer.Consumer):
in order for the consumer to be activated.
validate_signatures = False
validate_signatures = None
config_key = None
def __init__(self, hub):
@@ -100,7 +100,7 @@ def __init__(self, hub):
# Now, re-get our logger to override the one moksha assigns us.
self.log = logging.getLogger("fedmsg")
if self.validate_signatures:
if self.validate_signatures is None:
self.validate_signatures = self.hub.config['validate_signatures']
if hasattr(self, "replay_name"):

0 comments on commit 5c21cf8

Please sign in to comment.