diff options
author | friendica <info@friendica.com> | 2014-09-09 22:45:26 -0700 |
---|---|---|
committer | friendica <info@friendica.com> | 2014-09-09 22:45:26 -0700 |
commit | cb10da3eef0fcf5e9f64f002932f9879de3310dc (patch) | |
tree | 8de2cf65557c4add1f8d85e17a51ce11afacb95b | |
parent | e7b005b1f86b276476aaade7b5b20ff04e5ec72e (diff) | |
download | volse-hubzilla-cb10da3eef0fcf5e9f64f002932f9879de3310dc.tar.gz volse-hubzilla-cb10da3eef0fcf5e9f64f002932f9879de3310dc.tar.bz2 volse-hubzilla-cb10da3eef0fcf5e9f64f002932f9879de3310dc.zip |
Did I ever mention how much I HATE hacking crypto? If you've got a protocol doc that says how you sign something, you damm well better sign it that way.
-rwxr-xr-x | include/diaspora.php | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/include/diaspora.php b/include/diaspora.php index 0c15bfd46..e7a6cb8ea 100755 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -1804,7 +1804,15 @@ function diaspora_like($importer,$xml,$msg) { who sent the salmon */ - $signed_data = $guid . ';' . $target_type . ';' . $parent_guid . ';' . $positive . ';' . $diaspora_handle; +// $signed_data = $guid . ';' . $target_type . ';' . $parent_guid . ';' . $positive . ';' . $diaspora_handle; + + // 2014-09-10 let's try this: signatures are failing. I'll try and make a signable string from + // the parameters in the order they were presented in the post. This is how D* creates the signable string. + + + $signed_data = $positive . ';' . $guid . ';' . $target_type . ';' . $parent_guid . ';' . $diaspora_handle; + + $key = $msg['key']; @@ -1841,6 +1849,9 @@ function diaspora_like($importer,$xml,$msg) { // } } } + + + logger('diaspora_like: signature check complete.',LOGGER_DEBUG); // Phew! Everything checks out. Now create an item. |