aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2019-08-13 16:53:04 -0700
committerzotlabs <mike@macgirvin.com>2019-08-13 16:53:04 -0700
commitfeda23587c7e24dec0cfc8be9f2f444e009f967f (patch)
treef56cff944a2bd4607a4cfe83da7af5be2474a612
parent7200c2ac0cc203a2717cd94be7ae5c02316747ab (diff)
downloadvolse-hubzilla-feda23587c7e24dec0cfc8be9f2f444e009f967f.tar.gz
volse-hubzilla-feda23587c7e24dec0cfc8be9f2f444e009f967f.tar.bz2
volse-hubzilla-feda23587c7e24dec0cfc8be9f2f444e009f967f.zip
illegal offset warning (prevents encrypted signatures from being used for encrypted messages). Not fatal but can leak metadata.
-rw-r--r--include/zot.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/include/zot.php b/include/zot.php
index 53c3d4d86..60bada1d6 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -304,7 +304,7 @@ function zot_zot($url, $data, $channel = null,$crypto = null) {
if($channel) {
$headers['X-Zot-Token'] = random_string();
$headers['X-Zot-Digest'] = \Zotlabs\Web\HTTPSig::generate_digest_header($data);
- $h = \Zotlabs\Web\HTTPSig::create_sig($headers,$channel['channel_prvkey'],'acct:' . channel_reddress($channel),false,'sha512',(($crypto) ? $crypto['hubloc_sitekey'] : ''), (($crypto) ? zot_best_algorithm($crypto['site_crypto']) : ''));
+ $h = \Zotlabs\Web\HTTPSig::create_sig($headers,$channel['channel_prvkey'],'acct:' . channel_reddress($channel),false,'sha512',(($crypto) ? [ 'key' => $crypto['hubloc_sitekey'], 'algorithm' => $crypto['site_crypto'] ] : false));
}
$redirects = 0;