aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2017-03-16 18:19:03 -0700
committerMario Vavti <mario@mariovavti.com>2017-03-29 13:50:27 +0200
commite9a5af6109a4a83a644432a2f39b47eb96303f4f (patch)
tree8708bb7a6719f2c316c8b015e43520ac56183a47
parentfd6b32758edb67c7e711eddd4c468a6ef459c478 (diff)
downloadvolse-hubzilla-e9a5af6109a4a83a644432a2f39b47eb96303f4f.tar.gz
volse-hubzilla-e9a5af6109a4a83a644432a2f39b47eb96303f4f.tar.bz2
volse-hubzilla-e9a5af6109a4a83a644432a2f39b47eb96303f4f.zip
simplify the message signing spaghetti
-rwxr-xr-xinclude/items.php61
-rw-r--r--include/photos.php15
2 files changed, 29 insertions, 47 deletions
diff --git a/include/items.php b/include/items.php
index 8ae7ca818..304a7acfc 100755
--- a/include/items.php
+++ b/include/items.php
@@ -1457,6 +1457,26 @@ function get_profile_elements($x) {
}
+
+
+function item_sign(&$item) {
+
+ if(array_key_exists('sig',$item) && $item['sig'])
+ return;
+
+ $r = q("select channel_prvkey from channel where channel_id = %d and channel_hash = '%s' ",
+ intval($item['uid']),
+ dbesc($item['author_xchan'])
+ );
+ if(! $r)
+ return;
+
+ $item['sig'] = base64url_encode(rsa_sign($item['body'],$r[0]['channel_prvkey']));
+ $item['item_verified'] = 1;
+
+}
+
+
/**
* @brief
*
@@ -1537,24 +1557,12 @@ function item_store($arr, $allow_exec = false, $deliver = true) {
$arr['lang'] = detect_language($arr['body']);
+
// apply the input filter here
- if(array_key_exists('input_filtered_signed',$arr)) {
- unset($arr['input_filtered_signed']);
- }
- else {
- $arr['body'] = trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec));
-
- if(local_channel() && (local_channel() == $arr['uid'])) {
- if(! $arr['sig']) {
- $channel = App::get_channel();
- if($channel['channel_hash'] === $arr['author_xchan']) {
- $arr['sig'] = base64url_encode(rsa_sign($arr['body'],$channel['channel_prvkey']));
- $arr['item_verified'] = 1;
- }
- }
- }
- }
+ $arr['body'] = trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec));
+
+ item_sign($arr);
if(! array_key_exists('sig',$arr))
$arr['sig'] = '';
@@ -1967,22 +1975,11 @@ function item_store_update($arr,$allow_exec = false, $deliver = true) {
$arr['lang'] = detect_language($arr['body']);
- if(array_key_exists('input_filtered_signed',$arr)) {
- unset($arr['input_filtered_signed']);
- }
- else {
- $arr['body'] = trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec));
-
- if(local_channel() && (local_channel() == $arr['uid'])) {
- if(! $arr['sig']) {
- $channel = App::get_channel();
- if($channel['channel_hash'] === $arr['author_xchan']) {
- $arr['sig'] = base64url_encode(rsa_sign($arr['body'],$channel['channel_prvkey']));
- $arr['item_verified'] = 1;
- }
- }
- }
- }
+ // apply the input filter here
+
+ $arr['body'] = trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec));
+
+ item_sign($arr);
$allowed_languages = get_pconfig($arr['uid'],'system','allowed_languages');
diff --git a/include/photos.php b/include/photos.php
index dff45a0bc..62c7f1c12 100644
--- a/include/photos.php
+++ b/include/photos.php
@@ -344,21 +344,6 @@ function photo_upload($channel, $observer, $args) {
$item['tgt_type'] = ACTIVITY_OBJ_ALBUM;
$item['target'] = json_encode($target);
- $item['body'] = trim(z_input_filter($item['body'],$item['mimetype'],false));
-
- if($item['author_xchan'] === $channel['channel_hash']) {
- $item['sig'] = base64url_encode(rsa_sign($item['body'],$channel['channel_prvkey']));
- $item['item_verified'] = 1;
- }
- else {
- $item['sig'] = '';
- }
-
- // notify item_store or item_store_update that the input has been filtered and signed already.
- // The signing procedure in those functions uses local_channel() which may not apply here.
-
- $item['input_filtered_signed'] = true;
-
$force = true;
}