SECURITY: signature issue

(cherry picked from commit c6f3298f7864756f4a9b7827e8490a3ee859f82f)
author: zotlabs <mike@macgirvin.com> 2018-10-10 05:37:53 +0000
committer: Mario <mario@mariovavti.com> 2018-10-10 13:34:54 +0200
commit: 4e69467b14a01ae3cfded0d75f9cbe6d0b4656c7 (patch)
tree: 2c91925e298888c619ce1d0a60acced347e8a3f5 /Zotlabs/Module/Owa.php
parent: 94905a71ac29de37c6798c933df1a7c55f183c49 (diff)
download: volse-hubzilla-4e69467b14a01ae3cfded0d75f9cbe6d0b4656c7.tar.gz
volse-hubzilla-4e69467b14a01ae3cfded0d75f9cbe6d0b4656c7.tar.bz2
volse-hubzilla-4e69467b14a01ae3cfded0d75f9cbe6d0b4656c7.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php
index da26748b3..4a488086f 100644
--- a/Zotlabs/Module/Owa.php
+++ b/Zotlabs/Module/Owa.php
@@ -45,7 +45,7 @@ class Owa extends \Zotlabs\Web\Controller {
 						}
 						if($r) {
 							foreach($r as $hubloc) {
-								$verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']);	
+								$verified = \Zotlabs\Web\HTTPSig::verify(file_get_contents('php://input'),$hubloc['xchan_pubkey']);	
 								if($verified && $verified['header_signed'] && $verified['header_valid']) {
 									logger('OWA header: ' . print_r($verified,true),LOGGER_DATA);	
 									logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA);
author	zotlabs <mike@macgirvin.com>	2018-10-10 05:37:53 +0000
committer	Mario <mario@mariovavti.com>	2018-10-10 13:34:54 +0200
commit	4e69467b14a01ae3cfded0d75f9cbe6d0b4656c7 (patch)
tree	2c91925e298888c619ce1d0a60acced347e8a3f5 /Zotlabs/Module/Owa.php
parent	94905a71ac29de37c6798c933df1a7c55f183c49 (diff)
download	volse-hubzilla-4e69467b14a01ae3cfded0d75f9cbe6d0b4656c7.tar.gz volse-hubzilla-4e69467b14a01ae3cfded0d75f9cbe6d0b4656c7.tar.bz2 volse-hubzilla-4e69467b14a01ae3cfded0d75f9cbe6d0b4656c7.zip