diff options
author | zotlabs <mike@macgirvin.com> | 2017-03-16 18:19:03 -0700 |
---|---|---|
committer | zotlabs <mike@macgirvin.com> | 2017-03-16 18:19:03 -0700 |
commit | cf11ba1147355f0583016db2cec4f7793e656dfc (patch) | |
tree | 7172154f903c7ee086d5359a81ba7aeb873bbde0 | |
parent | 446b5550a2c2b52bb31db5b99602c42b9dfdade6 (diff) | |
download | volse-hubzilla-cf11ba1147355f0583016db2cec4f7793e656dfc.tar.gz volse-hubzilla-cf11ba1147355f0583016db2cec4f7793e656dfc.tar.bz2 volse-hubzilla-cf11ba1147355f0583016db2cec4f7793e656dfc.zip |
simplify the message signing spaghetti
-rwxr-xr-x | include/items.php | 61 | ||||
-rw-r--r-- | include/photos.php | 15 |
2 files changed, 29 insertions, 47 deletions
diff --git a/include/items.php b/include/items.php index c6aedc2e4..3d0f380b4 100755 --- a/include/items.php +++ b/include/items.php @@ -1408,6 +1408,26 @@ function get_profile_elements($x) { } + + +function item_sign(&$item) { + + if(array_key_exists('sig',$item) && $item['sig']) + return; + + $r = q("select channel_prvkey from channel where channel_id = %d and channel_hash = '%s' ", + intval($item['uid']), + dbesc($item['author_xchan']) + ); + if(! $r) + return; + + $item['sig'] = base64url_encode(rsa_sign($item['body'],$r[0]['channel_prvkey'])); + $item['item_verified'] = 1; + +} + + /** * @brief * @@ -1487,24 +1507,12 @@ function item_store($arr, $allow_exec = false, $deliver = true) { $arr['lang'] = detect_language($arr['body']); + // apply the input filter here - if(array_key_exists('input_filtered_signed',$arr)) { - unset($arr['input_filtered_signed']); - } - else { - $arr['body'] = trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec)); - - if(local_channel() && (local_channel() == $arr['uid'])) { - if(! $arr['sig']) { - $channel = App::get_channel(); - if($channel['channel_hash'] === $arr['author_xchan']) { - $arr['sig'] = base64url_encode(rsa_sign($arr['body'],$channel['channel_prvkey'])); - $arr['item_verified'] = 1; - } - } - } - } + $arr['body'] = trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec)); + + item_sign($arr); if(! array_key_exists('sig',$arr)) $arr['sig'] = ''; @@ -1917,22 +1925,11 @@ function item_store_update($arr,$allow_exec = false, $deliver = true) { $arr['lang'] = detect_language($arr['body']); - if(array_key_exists('input_filtered_signed',$arr)) { - unset($arr['input_filtered_signed']); - } - else { - $arr['body'] = trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec)); - - if(local_channel() && (local_channel() == $arr['uid'])) { - if(! $arr['sig']) { - $channel = App::get_channel(); - if($channel['channel_hash'] === $arr['author_xchan']) { - $arr['sig'] = base64url_encode(rsa_sign($arr['body'],$channel['channel_prvkey'])); - $arr['item_verified'] = 1; - } - } - } - } + // apply the input filter here + + $arr['body'] = trim(z_input_filter($arr['body'],$arr['mimetype'],$allow_exec)); + + item_sign($arr); $allowed_languages = get_pconfig($arr['uid'],'system','allowed_languages'); diff --git a/include/photos.php b/include/photos.php index c0f0ec8a9..b4d297bfd 100644 --- a/include/photos.php +++ b/include/photos.php @@ -340,21 +340,6 @@ function photo_upload($channel, $observer, $args) { $item['tgt_type'] = ACTIVITY_OBJ_ALBUM; $item['target'] = json_encode($target); - $item['body'] = trim(z_input_filter($item['body'],$item['mimetype'],false)); - - if($item['author_xchan'] === $channel['channel_hash']) { - $item['sig'] = base64url_encode(rsa_sign($item['body'],$channel['channel_prvkey'])); - $item['item_verified'] = 1; - } - else { - $item['sig'] = ''; - } - - // notify item_store or item_store_update that the input has been filtered and signed already. - // The signing procedure in those functions uses local_channel() which may not apply here. - - $item['input_filtered_signed'] = true; - $force = true; } |