From 7c5d1545193c4a2a09cfee29c751f31b3cbcd1d1 Mon Sep 17 00:00:00 2001
From: Micah Lee <micah@micahflee.com>
Date: Mon, 17 Sep 2018 17:42:21 -0700
Subject: [PATCH] Make separate function for comparing the slug and comparing
 the shutdown_slug, to prevent 404 errors on the shutdown request

---
 onionshare/web.py | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/onionshare/web.py b/onionshare/web.py
index e3e965da..10c130cb 100644
--- a/onionshare/web.py
+++ b/onionshare/web.py
@@ -483,7 +483,7 @@ class Web(object):
             """
             Stop the flask web server, from the context of an http request.
             """
-            self.check_slug_candidate(slug_candidate, self.shutdown_slug)
+            self.check_shutdown_slug_candidate(slug_candidate)
             self.force_shutdown()
             return ""
 
@@ -578,15 +578,17 @@ class Web(object):
         log_handler.setLevel(logging.WARNING)
         self.app.logger.addHandler(log_handler)
 
-    def check_slug_candidate(self, slug_candidate, slug_compare=None):
-        self.common.log('Web', 'check_slug_candidate: slug_candidate={}, slug_compare={}'.format(slug_candidate, slug_compare))
+    def check_slug_candidate(self, slug_candidate):
+        self.common.log('Web', 'check_slug_candidate: slug_candidate={}'.format(slug_candidate))
         if self.common.settings.get('public_mode'):
             abort(404)
-        else:
-            if not slug_compare:
-                slug_compare = self.slug
-            if not hmac.compare_digest(slug_compare, slug_candidate):
-                abort(404)
+        if not hmac.compare_digest(self.slug, slug_candidate):
+            abort(404)
+
+    def check_shutdown_slug_candidate(self, slug_candidate):
+        self.common.log('Web', 'check_shutdown_slug_candidate: slug_candidate={}'.format(slug_candidate))
+        if not hmac.compare_digest(self.shutdown_slug, slug_candidate):
+            abort(404)
 
     def force_shutdown(self):
         """