diff options
| author | zotlabs <mike@macgirvin.com> | 2019-08-13 23:53:04 +0000 |
|---|---|---|
| committer | Mario <mario@mariovavti.com> | 2019-08-16 19:29:21 +0200 |
| commit | 88fa18204f2c54ed3096ea94f7715bf2b1fe4fff (patch) | |
| tree | 47cc9dcdf2e2299323b131a58d0e9ed68603b67e | |
| parent | e8f3b7f8530c69045dcabffecab2f158d0b35214 (diff) | |
| download | volse-hubzilla-88fa18204f2c54ed3096ea94f7715bf2b1fe4fff.tar.gz volse-hubzilla-88fa18204f2c54ed3096ea94f7715bf2b1fe4fff.tar.bz2 volse-hubzilla-88fa18204f2c54ed3096ea94f7715bf2b1fe4fff.zip | |
illegal offset warning (prevents encrypted signatures from being used for encrypted messages). Not fatal but can leak metadata.
(cherry picked from commit feda23587c7e24dec0cfc8be9f2f444e009f967f)
| -rw-r--r-- | include/zot.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/zot.php b/include/zot.php index 53c3d4d86..60bada1d6 100644 --- a/include/zot.php +++ b/include/zot.php @@ -304,7 +304,7 @@ function zot_zot($url, $data, $channel = null,$crypto = null) { if($channel) { $headers['X-Zot-Token'] = random_string(); $headers['X-Zot-Digest'] = \Zotlabs\Web\HTTPSig::generate_digest_header($data); - $h = \Zotlabs\Web\HTTPSig::create_sig($headers,$channel['channel_prvkey'],'acct:' . channel_reddress($channel),false,'sha512',(($crypto) ? $crypto['hubloc_sitekey'] : ''), (($crypto) ? zot_best_algorithm($crypto['site_crypto']) : '')); + $h = \Zotlabs\Web\HTTPSig::create_sig($headers,$channel['channel_prvkey'],'acct:' . channel_reddress($channel),false,'sha512',(($crypto) ? [ 'key' => $crypto['hubloc_sitekey'], 'algorithm' => $crypto['site_crypto'] ] : false)); } $redirects = 0; |