aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2017-04-03 15:55:22 -0700
committerzotlabs <mike@macgirvin.com>2017-04-03 15:55:22 -0700
commitf2f2b534e611c37105b1dc56470735c13641c944 (patch)
tree2eed3379df931bccd56dd7be8e3a56394fa3e0f9
parent2d9ae8ff2c581b8981c9c7308c4cf98bfee934b1 (diff)
parenta9bda2b12e3d393fa854e23207a081052e2e7bfd (diff)
downloadvolse-hubzilla-f2f2b534e611c37105b1dc56470735c13641c944.tar.gz
volse-hubzilla-f2f2b534e611c37105b1dc56470735c13641c944.tar.bz2
volse-hubzilla-f2f2b534e611c37105b1dc56470735c13641c944.zip
Merge branch 'dev' of https://github.com/redmatrix/hubzilla into dev_merge
-rw-r--r--Zotlabs/Lib/Apps.php16
-rw-r--r--Zotlabs/Module/Connedit.php30
-rw-r--r--Zotlabs/Widget/Photo_albums.php2
-rwxr-xr-xboot.php3
-rw-r--r--include/crypto.php44
-rw-r--r--include/import.php26
-rwxr-xr-xinclude/items.php13
-rw-r--r--include/permissions.php7
-rw-r--r--include/zot.php22
9 files changed, 101 insertions, 62 deletions
diff --git a/Zotlabs/Lib/Apps.php b/Zotlabs/Lib/Apps.php
index 0ca2f7a99..edf050b95 100644
--- a/Zotlabs/Lib/Apps.php
+++ b/Zotlabs/Lib/Apps.php
@@ -219,7 +219,7 @@ class Apps {
'Suggest Channels' => t('Suggest Channels'),
'Login' => t('Login'),
'Channel Manager' => t('Channel Manager'),
- 'Grid' => t('Grid'),
+ 'Grid' => t('Activity'),
'Settings' => t('Settings'),
'Files' => t('Files'),
'Webpages' => t('Webpages'),
@@ -245,9 +245,19 @@ class Apps {
'Profile Photo' => t('Profile Photo')
);
- if(array_key_exists($arr['name'],$apps)) {
- $arr['name'] = $apps[$arr['name']];
+ if(array_key_exists('name',$arr)) {
+ if(array_key_exists($arr['name'],$apps)) {
+ $arr['name'] = $apps[$arr['name']];
+ }
+ }
+ else {
+ for($x = 0; $x < count($arr); $x++) {
+ if(array_key_exists($arr[$x]['name'],$apps)) {
+ $arr[$x]['name'] = $apps[$arr[$x]['name']];
+ }
+ }
}
+
}
diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php
index 72bd3e86e..484e69b52 100644
--- a/Zotlabs/Module/Connedit.php
+++ b/Zotlabs/Module/Connedit.php
@@ -388,30 +388,22 @@ class Connedit extends \Zotlabs\Web\Controller {
$section = ((array_key_exists('section',$_REQUEST)) ? $_REQUEST['section'] : '');
$channel = \App::get_channel();
- $my_perms = get_channel_default_perms(local_channel());
- $role = get_pconfig(local_channel(),'system','permissions_role');
- if($role) {
- $x = \Zotlabs\Access\PermissionRoles::role_perms($role);
- if($x['perms_connect'])
- $my_perms = $x['perms_connect'];
- }
$yes_no = array(t('No'),t('Yes'));
- if($my_perms) {
- $o .= "<script>function connectDefaultShare() {
- \$('.abook-edit-me').each(function() {
- if(! $(this).is(':disabled'))
- $(this).prop('checked', false);
- });\n\n";
- $perms = get_perms();
- foreach($perms as $p => $v) {
- if($my_perms & $v[1]) {
- $o .= "\$('#me_id_perms_" . $p . "').prop('checked', true); \n";
- }
+ $connect_perms = \Zotlabs\Access\Permissions::connect_perms(local_channel());
+
+ $o .= "<script>function connectDefaultShare() {
+ \$('.abook-edit-me').each(function() {
+ if(! $(this).is(':disabled'))
+ $(this).prop('checked', false);
+ });\n\n";
+ foreach($connect_perms['perms'] as $p => $v) {
+ if($v) {
+ $o .= "\$('#me_id_perms_" . $p . "').prop('checked', true); \n";
}
- $o .= " }\n</script>\n";
}
+ $o .= " }\n</script>\n";
if(argc() == 3) {
diff --git a/Zotlabs/Widget/Photo_albums.php b/Zotlabs/Widget/Photo_albums.php
index 2a746e492..6df8ddf3c 100644
--- a/Zotlabs/Widget/Photo_albums.php
+++ b/Zotlabs/Widget/Photo_albums.php
@@ -16,7 +16,7 @@ class Photo_albums {
if((! $channelx) || (! perm_is_allowed(\App::$profile['profile_uid'], get_observer_hash(), 'view_storage')))
return '';
- $sortkey = ((array_key_exists('sortkey',$arr)) ? $arr['sortkey'] : 'album');
+ $sortkey = ((array_key_exists('sortkey',$arr)) ? $arr['sortkey'] : 'display_path');
$direction = ((array_key_exists('direction',$arr)) ? $arr['direction'] : 'asc');
return photos_album_widget($channelx, \App::get_observer(),$sortkey,$direction);
diff --git a/boot.php b/boot.php
index 57f41894d..52b1113c1 100755
--- a/boot.php
+++ b/boot.php
@@ -619,9 +619,6 @@ function sys_boot() {
define( 'DEFAULT_NOTIFY_ICON', '/images/hz-white-32.png' );
}
- if(! defined('CRYPTO_ALGORITHM')) {
- define( 'CRYPTO_ALGORITHM', 'aes256cbc' );
- }
/*
* Try to open the database;
diff --git a/include/crypto.php b/include/crypto.php
index f75390985..2c5545e9b 100644
--- a/include/crypto.php
+++ b/include/crypto.php
@@ -55,6 +55,7 @@ function AES256CBC_decrypt($data,$key,$iv) {
return openssl_decrypt($data,'aes-256-cbc',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
}
+
function AES128CBC_encrypt($data,$key,$iv) {
$key = substr($key,0,16);
$iv = substr($iv,0,16);
@@ -67,18 +68,33 @@ function AES128CBC_decrypt($data,$key,$iv) {
return openssl_decrypt($data,'aes-128-cbc',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
}
-function STD_encrypt($data,$key,$iv) {
+
+function AES256CTR_encrypt($data,$key,$iv) {
$key = substr($key,0,32);
$iv = substr($iv,0,16);
- return openssl_encrypt($data,'aes-256-cbc',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
+ return openssl_encrypt($data,'aes-256-ctr',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
}
-function STD_decrypt($data,$key,$iv) {
+function AES256CTR_decrypt($data,$key,$iv) {
$key = substr($key,0,32);
$iv = substr($iv,0,16);
- return openssl_decrypt($data,'aes-256-cbc',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
+ return openssl_decrypt($data,'aes-256-ctr',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
+}
+
+
+function CAMELLIA256CFB_encrypt($data,$key,$iv) {
+ $key = substr($key,0,32);
+ $iv = substr($iv,0,16);
+ return openssl_encrypt($data,'camellia-256-cfb',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
+}
+
+function CAMELLIA256CFB_decrypt($data,$key,$iv) {
+ $key = substr($key,0,32);
+ $iv = substr($iv,0,16);
+ return openssl_decrypt($data,'camellia-256-cfb',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
}
+
function CAST5CBC_encrypt($data,$key,$iv) {
$key = substr($key,0,16);
$iv = substr($iv,0,8);
@@ -91,6 +107,20 @@ function CAST5CBC_decrypt($data,$key,$iv) {
return openssl_decrypt($data,'cast5-cbc',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,8,"\0"));
}
+function CAST5CFB_encrypt($data,$key,$iv) {
+ $key = substr($key,0,16);
+ $iv = substr($iv,0,8);
+ return openssl_encrypt($data,'cast5-cfb',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,8,"\0"));
+}
+
+function CAST5CFB_decrypt($data,$key,$iv) {
+ $key = substr($key,0,16);
+ $iv = substr($iv,0,8);
+ return openssl_decrypt($data,'cast5-cfb',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,8,"\0"));
+}
+
+
+
function crypto_encapsulate($data,$pubkey,$alg='aes256cbc') {
$fn = strtoupper($alg) . '_encrypt';
@@ -142,17 +172,13 @@ function other_encapsulate($data,$pubkey,$alg) {
function crypto_methods() {
- if(\Zotlabs\Lib\System::get_server_role() !== 'pro')
- return [ 'aes256cbc' ];
-
- // 'std' is the new project standard which is aes256cbc but transmits/receives 256-byte key and iv.
// aes256cbc is provided for compatibility with earlier zot implementations which assume 32-byte key and 16-byte iv.
// other_encapsulate() now produces these longer keys/ivs by default so that it is difficult to guess a
// particular implementation or choice of underlying implementations based on the key/iv length.
// The actual methods are responsible for deriving the actual key/iv from the provided parameters;
// possibly by truncation or segmentation - though many other methods could be used.
- $r = [ 'std', 'aes256cbc', 'aes128cbc', 'cast5cbc' ];
+ $r = [ 'aes256ctr', 'camellia256cfb', 'cast5cfb', 'aes256cbc', 'aes128cbc', 'cast5cbc' ];
call_hooks('crypto_methods',$r);
return $r;
diff --git a/include/import.php b/include/import.php
index f6ebd4bff..9007dbe74 100644
--- a/include/import.php
+++ b/include/import.php
@@ -98,7 +98,7 @@ function import_channel($channel, $account_id, $seize) {
$r = q("select * from channel where channel_account_id = %d and channel_guid = '%s' limit 1",
intval($account_id),
- $channel['channel_guid'] // Already dbesc'd
+ dbesc($channel['channel_guid'])
);
if(! $r) {
logger('mod_import: channel not found. ' . print_r($channel,true));
@@ -195,23 +195,24 @@ function import_hublocs($channel, $hublocs, $seize, $moving = false) {
}
if(! array_key_exists('hubloc_primary',$hubloc)) {
- $hubloc['hubloc_primary'] = (($hubloc['hubloc_flags'] & 0x0001) ? 1 : 0);
- $hubloc['hubloc_orphancheck'] = (($hubloc['hubloc_flags'] & 0x0004) ? 1 : 0);
- $hubloc['hubloc_error'] = (($hubloc['hubloc_status'] & 0x0003) ? 1 : 0);
- $hubloc['hubloc_deleted'] = (($hubloc['hubloc_flags'] & 0x1000) ? 1 : 0);
+ $hubloc['hubloc_primary'] = (($hubloc['hubloc_flags'] & 0x0001) ? 1 : 0);
+ $hubloc['hubloc_orphancheck'] = (($hubloc['hubloc_flags'] & 0x0004) ? 1 : 0);
+ $hubloc['hubloc_error'] = (($hubloc['hubloc_status'] & 0x0003) ? 1 : 0);
+ $hubloc['hubloc_deleted'] = (($hubloc['hubloc_flags'] & 0x1000) ? 1 : 0);
}
if($moving && $hubloc['hubloc_hash'] === $channel['channel_hash'] && $hubloc['hubloc_url'] !== z_root()) {
$hubloc['hubloc_deleted'] = 1;
}
- $arr = array(
- 'guid' => $hubloc['hubloc_guid'],
+ $arr = [
+ 'guid' => $hubloc['hubloc_guid'],
'guid_sig' => $hubloc['hubloc_guid_sig'],
- 'url' => $hubloc['hubloc_url'],
- 'url_sig' => $hubloc['hubloc_url_sig'],
- 'sitekey' => ((array_key_exists('hubloc_sitekey',$hubloc)) ? $hubloc['hubloc_sitekey'] : '')
- );
+ 'url' => $hubloc['hubloc_url'],
+ 'url_sig' => $hubloc['hubloc_url_sig'],
+ 'sitekey' => ((array_key_exists('hubloc_sitekey',$hubloc)) ? $hubloc['hubloc_sitekey'] : '')
+ ];
+
if(($hubloc['hubloc_hash'] === $channel['channel_hash']) && intval($hubloc['hubloc_primary']) && ($seize))
$hubloc['hubloc_primary'] = 0;
@@ -1443,7 +1444,8 @@ function import_webpage_element($element, $channel, $type) {
// The author is either the owner or whomever was specified
$arr['author_xchan'] = (($element['author_xchan']) ? $element['author_xchan'] : get_observer_hash());
// Import mimetype if it is a valid mimetype for the element
- $mimetypes = [ 'text/bbcode',
+ $mimetypes = [
+ 'text/bbcode',
'text/html',
'text/markdown',
'text/plain',
diff --git a/include/items.php b/include/items.php
index 304a7acfc..933b9ef81 100755
--- a/include/items.php
+++ b/include/items.php
@@ -769,6 +769,8 @@ function import_author_xchan($x) {
if($arr['xchan_hash'])
return $arr['xchan_hash'];
+ $y = false;
+
if((! array_key_exists('network', $x)) || ($x['network'] === 'zot')) {
$y = import_author_zot($x);
}
@@ -779,11 +781,11 @@ function import_author_xchan($x) {
$y = import_author_rss($x);
}
- if($x['network'] === 'unknown') {
+ if(! $y) {
$y = import_author_unknown($x);
}
- return(($y) ? $y : false);
+ return($y);
}
/**
@@ -1824,9 +1826,12 @@ logger('revision: ' . $arr['revision']);
intval($arr['revision'])
);
- if($r && count($r)) {
+ if($r) {
+ // This will gives us a fresh copy of what's now in the DB and undo the db escaping,
+ // which really messes up the notifications
+
$current_post = $r[0]['id'];
- $arr = $r[0]; // This will gives us a fresh copy of what's now in the DB and undo the db escaping, which really messes up the notifications
+ $arr = $r[0];
logger('item_store: created item ' . $current_post, LOGGER_DEBUG);
}
else {
diff --git a/include/permissions.php b/include/permissions.php
index d21b45550..f719394c5 100644
--- a/include/permissions.php
+++ b/include/permissions.php
@@ -314,11 +314,12 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
'channel_id' => $uid,
'observer_hash' => $observer_xchan,
'permission' => $permission,
- 'result' => false);
+ 'result' => 'unset');
call_hooks('perm_is_allowed', $arr);
- if($arr['result'])
- return true;
+ if($arr['result'] !== 'unset') {
+ return $arr['result'];
+ }
$global_perms = \Zotlabs\Access\Permissions::Perms();
diff --git a/include/zot.php b/include/zot.php
index 8a2178913..266060839 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -165,9 +165,6 @@ function zot_build_packet($channel, $type = 'notify', $recipients = null, $remot
function zot_best_algorithm($methods) {
- if(\Zotlabs\Lib\System::get_server_role() !== 'pro')
- return 'aes256cbc';
-
$x = [ 'methods' => $methods, 'result' => '' ];
call_hooks('zot_best_algorithm',$x);
if($x['result'])
@@ -3581,21 +3578,30 @@ function get_rpost_path($observer) {
function import_author_zot($x) {
+ // Check that we have both a hubloc and xchan record - as occasionally storage calls will fail and
+ // we may only end up with one; which results in posts with no author name or photo and are a bit
+ // of a hassle to repair. If either or both are missing, do a full discovery probe.
+
$hash = make_xchan_hash($x['guid'],$x['guid_sig']);
- $r = q("select hubloc_url from hubloc where hubloc_guid = '%s' and hubloc_guid_sig = '%s' and hubloc_primary = 1 limit 1",
+ $r1 = q("select hubloc_url from hubloc where hubloc_guid = '%s' and hubloc_guid_sig = '%s' and hubloc_primary = 1 limit 1",
dbesc($x['guid']),
dbesc($x['guid_sig'])
);
- if ($r) {
- logger('import_author_zot: in cache', LOGGER_DEBUG);
+ $r2 = q("select xchan_hash from xchan where xchan_guid = '%s' and xchan_guid_sig = '%s' limit 1",
+ dbesc($x['guid']),
+ dbesc($x['guid_sig'])
+ );
+
+ if($r1 && $r2) {
+ logger('in cache', LOGGER_DEBUG);
return $hash;
}
- logger('import_author_zot: entry not in cache - probing: ' . print_r($x,true), LOGGER_DEBUG);
+ logger('not in cache - probing: ' . print_r($x,true), LOGGER_DEBUG);
$them = array('hubloc_url' => $x['url'], 'xchan_guid' => $x['guid'], 'xchan_guid_sig' => $x['guid_sig']);
- if (zot_refresh($them))
+ if(zot_refresh($them))
return $hash;
return false;