M docs/changelog.txt → docs/changelog.txt

@@ -2,6 +2,8 @@ changelog
 
 -- next
 
++ Try a little harder to recover from httpsig failures.
+
 + Add cite tag for block quote attributions.
 
 + @media print styles.

M fun.go → fun.go

@@ -28,6 +28,7 @@ "net/url"
 	"os"
 	"regexp"
 	"strings"
+	"time"
 
 	"golang.org/x/net/html"
 	"humungus.tedunangst.com/r/webs/cache"
@@ -611,6 +612,12 @@ func zaggy(keyname string) *rsa.PublicKey {
 	var key *rsa.PublicKey
 	zaggies.Get(keyname, &key)
 	return key
+}
+
+func savingthrow(keyname string) {
+	when := time.Now().UTC().Sub(30 * time.Minute).Format(dbtimeformat)
+	stmtDeleteXonker.Exec(keyname, "pubkey", when)
+	zaggies.Clear(keyname)
 }
 
 func keymatch(keyname string, actor string) string {

M web.go → web.go

@@ -330,6 +330,10 @@ return
 	}
 
 	keyname, err := httpsig.VerifyRequest(r, payload, zaggy)
+	if err != nil && keyname != "" {
+		savingthrow(keyname)
+		keyname, err = httpsig.VerifyRequest(r, payload, zaggy)
+	}
 	if err != nil {
 		log.Printf("inbox message failed signature for %s from %s", keyname, r.Header.Get("X-Forwarded-For"))
 		if keyname != "" {
@@ -460,6 +464,10 @@ if crappola(j) {
 		return
 	}
 	keyname, err := httpsig.VerifyRequest(r, payload, zaggy)
+	if err != nil && keyname != "" {
+		savingthrow(keyname)
+		keyname, err = httpsig.VerifyRequest(r, payload, zaggy)
+	}
 	if err != nil {
 		log.Printf("inbox message failed signature for %s from %s", keyname, r.Header.Get("X-Forwarded-For"))
 		if keyname != "" {