diff options
author | Hilmar R <u02@u29lx193> | 2021-02-28 21:06:16 +0100 |
---|---|---|
committer | Hilmar R <u02@u29lx193> | 2021-03-01 18:48:11 +0100 |
commit | c26dede97f626b52b7bf8962ed55d1dbda86abe8 (patch) | |
tree | 3c8c9bc97aa09f7ce9afe9bf467cf87bbf2c7d0b /Zotlabs/Web | |
parent | ea3390d626f85b7293a750958bfd1b5460958365 (diff) | |
download | volse-hubzilla-c26dede97f626b52b7bf8962ed55d1dbda86abe8.tar.gz volse-hubzilla-c26dede97f626b52b7bf8962ed55d1dbda86abe8.tar.bz2 volse-hubzilla-c26dede97f626b52b7bf8962ed55d1dbda86abe8.zip |
get dev
Diffstat (limited to 'Zotlabs/Web')
-rw-r--r-- | Zotlabs/Web/HTTPSig.php | 27 | ||||
-rw-r--r-- | Zotlabs/Web/Router.php | 85 | ||||
-rw-r--r-- | Zotlabs/Web/WebServer.php | 8 |
3 files changed, 62 insertions, 58 deletions
diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php index 1f6979191..2535c9016 100644 --- a/Zotlabs/Web/HTTPSig.php +++ b/Zotlabs/Web/HTTPSig.php @@ -3,8 +3,9 @@ namespace Zotlabs\Web; use Zotlabs\Lib\ActivityStreams; +use Zotlabs\Lib\Crypto; +use Zotlabs\Lib\Keyutils; use Zotlabs\Lib\Webfinger; -use Zotlabs\Web\HTTPHeaders; use Zotlabs\Lib\Libzot; /** @@ -157,10 +158,12 @@ class HTTPSig { return $result; } - $x = rsa_verify($signed_data,$sig_block['signature'],$cached_key['public_key'],$algorithm); + $x = Crypto::verify($signed_data,$sig_block['signature'],$cached_key['public_key'],$algorithm); logger('verified: ' . $x, LOGGER_DEBUG); + $fetched_key = ''; + if(! $x) { // try again, ignoring the local actor (xchan) cache and refetching the key @@ -169,7 +172,7 @@ class HTTPSig { $fetched_key = self::get_key($key,$keytype,$result['signer'],true); if ($fetched_key && $fetched_key['public_key']) { - $y = rsa_verify($signed_data,$sig_block['signature'],$fetched_key['public_key'],$algorithm); + $y = Crypto::verify($signed_data,$sig_block['signature'],$fetched_key['public_key'],$algorithm); logger('verified: (cache reload) ' . $x, LOGGER_DEBUG); } @@ -225,7 +228,7 @@ class HTTPSig { } if($keytype === 'zot6') { - $key = self::get_zotfinger_key($id,$force); + $key = self::get_zotfinger_key($id); if($key) { return $key; } @@ -244,13 +247,13 @@ class HTTPSig { } - function convertKey($key) { + static function convertKey($key) { if(strstr($key,'RSA ')) { return rsatopem($key); } elseif(substr($key,0,5) === 'data:') { - return convert_salmon_key($key); + return Keyutils::convertSalmonKey($key); } else { return $key; @@ -267,7 +270,7 @@ class HTTPSig { * false if no pub key found, otherwise return the pub key */ - function get_activitystreams_key($id) { + static function get_activitystreams_key($id) { // remove fragment @@ -298,7 +301,7 @@ class HTTPSig { } - function get_webfinger_key($id) { + static function get_webfinger_key($id) { $x = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_addr = '%s' or hubloc_id_url = '%s'", dbesc(str_replace('acct:','',$id)), @@ -333,7 +336,7 @@ class HTTPSig { return (($key['public_key']) ? $key : false); } - function get_zotfinger_key($id) { + static function get_zotfinger_key($id) { $x = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_addr = '%s' or hubloc_id_url = '%s' and hubloc_network = 'zot6'", dbesc(str_replace('acct:','',$id)), @@ -415,7 +418,7 @@ class HTTPSig { $headerval = 'keyId="' . $keyid . '",algorithm="' . $algorithm . '",headers="' . $x['headers'] . '",signature="' . $x['signature'] . '"'; if($encryption) { - $x = crypto_encapsulate($headerval,$encryption['key'],$encryption['algorithm']); + $x = Crypto::encapsulate($headerval,$encryption['key'],$encryption['algorithm']); if(is_array($x)) { $headerval = 'iv="' . $x['iv'] . '",key="' . $x['key'] . '",alg="' . $x['alg'] . '",data="' . $x['data'] . '"'; } @@ -489,7 +492,7 @@ class HTTPSig { $headers = rtrim($headers,"\n"); } - $sig = base64_encode(rsa_sign($headers,$prvkey,$alg)); + $sig = base64_encode(Crypto::sign($headers,$prvkey,$alg)); $ret['headers'] = $fields; $ret['signature'] = $sig; @@ -565,7 +568,7 @@ class HTTPSig { $data = $matches[1]; if($iv && $key && $alg && $data) { - return crypto_unencapsulate([ 'encrypted' => true, 'iv' => $iv, 'key' => $key, 'alg' => $alg, 'data' => $data ] , $prvkey); + return Crypto::unencapsulate([ 'encrypted' => true, 'iv' => $iv, 'key' => $key, 'alg' => $alg, 'data' => $data ] , $prvkey); } return ''; diff --git a/Zotlabs/Web/Router.php b/Zotlabs/Web/Router.php index 96bf131b8..a6a841ccb 100644 --- a/Zotlabs/Web/Router.php +++ b/Zotlabs/Web/Router.php @@ -2,6 +2,7 @@ namespace Zotlabs\Web; +use App; use Zotlabs\Extend\Route; use Exception; @@ -43,7 +44,7 @@ class Router { */ function __construct() { - $module = \App::$module; + $module = App::$module; $modname = "Zotlabs\\Module\\" . ucfirst($module); if(strlen($module)) { @@ -60,7 +61,7 @@ class Router { include_once($route[0]); if(class_exists($modname)) { $this->controller = new $modname; - \App::$module_loaded = true; + App::$module_loaded = true; } } } @@ -68,15 +69,15 @@ class Router { // legacy plugins - this can be removed when they have all been converted - if(! (\App::$module_loaded)) { - if(is_array(\App::$plugins) && in_array($module,\App::$plugins) && file_exists("addon/{$module}/{$module}.php")) { + if(! (App::$module_loaded)) { + if(is_array(App::$plugins) && in_array($module, App::$plugins) && file_exists("addon/{$module}/{$module}.php")) { include_once("addon/{$module}/{$module}.php"); if(class_exists($modname)) { $this->controller = new $modname; - \App::$module_loaded = true; + App::$module_loaded = true; } elseif(function_exists($module . '_module')) { - \App::$module_loaded = true; + App::$module_loaded = true; } } } @@ -86,40 +87,40 @@ class Router { * Otherwise, look for the standard program module */ - if(! (\App::$module_loaded)) { + if(! (App::$module_loaded)) { try { $filename = 'Zotlabs/SiteModule/'. ucfirst($module). '.php'; if(file_exists($filename)) { // This won't be picked up by the autoloader, so load it explicitly require_once($filename); $this->controller = new $modname; - \App::$module_loaded = true; + App::$module_loaded = true; } else { $filename = 'Zotlabs/Module/'. ucfirst($module). '.php'; if(file_exists($filename)) { $this->controller = new $modname; - \App::$module_loaded = true; + App::$module_loaded = true; } } - if(! \App::$module_loaded) - throw new \Exception('Module not found'); + if(! App::$module_loaded) + throw new Exception('Module not found'); } - catch(\Exception $e) { + catch(Exception $e) { if(file_exists("mod/site/{$module}.php")) { include_once("mod/site/{$module}.php"); - \App::$module_loaded = true; + App::$module_loaded = true; } elseif(file_exists("mod/{$module}.php")) { include_once("mod/{$module}.php"); - \App::$module_loaded = true; + App::$module_loaded = true; } } } $x = [ 'module' => $module, - 'installed' => \App::$module_loaded, + 'installed' => App::$module_loaded, 'controller' => $this->controller ]; /** @@ -136,7 +137,7 @@ class Router { */ call_hooks('module_loaded', $x); if($x['installed']) { - \App::$module_loaded = true; + App::$module_loaded = true; $this->controller = $x['controller']; } @@ -144,7 +145,7 @@ class Router { * The URL provided does not resolve to a valid module. */ - if(! (\App::$module_loaded)) { + if(! (App::$module_loaded)) { // undo the setting of a letsencrypt acme-challenge rewrite rule // which blocks access to our .well-known routes. @@ -160,7 +161,7 @@ class Router { $x = [ 'module' => $module, - 'installed' => \App::$module_loaded, + 'installed' => App::$module_loaded, 'controller' => $this->controller ]; call_hooks('page_not_found',$x); @@ -181,14 +182,14 @@ class Router { header($_SERVER['SERVER_PROTOCOL'] . ' 404 Not Found'); $tpl = get_markup_template('404.tpl'); - \App::$page['content'] = replace_macros($tpl, array( + App::$page['content'] = replace_macros($tpl, array( '$message' => t('Page not found.') )); // pretend this is a module so it will initialise the theme - \App::$module = '404'; - \App::$module_loaded = true; - \App::$error = true; + App::$module = '404'; + App::$module_loaded = true; + App::$error = true; } } } @@ -203,9 +204,9 @@ class Router { * Call module functions */ - if(\App::$module_loaded) { + if(App::$module_loaded) { - \App::$page['page_title'] = \App::$module; + App::$page['page_title'] = App::$module; $placeholder = ''; /* @@ -216,13 +217,13 @@ class Router { */ $arr = array('init' => true, 'replace' => false); - call_hooks(\App::$module . '_mod_init', $arr); + call_hooks(App::$module . '_mod_init', $arr); if(! $arr['replace']) { if($this->controller && method_exists($this->controller,'init')) { $this->controller->init(); } - elseif(function_exists(\App::$module . '_init')) { - $func = \App::$module . '_init'; + elseif(function_exists(App::$module . '_init')) { + $func = App::$module . '_init'; $func($a); } } @@ -258,41 +259,41 @@ class Router { $func = str_replace('-', '_', $current_theme[0]) . '_init'; $func($a); } - elseif (x(\App::$theme_info, 'extends') && file_exists('view/theme/' . \App::$theme_info['extends'] . '/php/theme.php')) { - require_once('view/theme/' . \App::$theme_info['extends'] . '/php/theme.php'); - if(function_exists(str_replace('-', '_', \App::$theme_info['extends']) . '_init')) { - $func = str_replace('-', '_', \App::$theme_info['extends']) . '_init'; + elseif (x(App::$theme_info, 'extends') && file_exists('view/theme/' . App::$theme_info['extends'] . '/php/theme.php')) { + require_once('view/theme/' . App::$theme_info['extends'] . '/php/theme.php'); + if(function_exists(str_replace('-', '_', App::$theme_info['extends']) . '_init')) { + $func = str_replace('-', '_', App::$theme_info['extends']) . '_init'; $func($a); } } - if(($_SERVER['REQUEST_METHOD'] === 'POST') && (! \App::$error) && (! x($_POST, 'auth-params'))) { - call_hooks(\App::$module . '_mod_post', $_POST); + if(($_SERVER['REQUEST_METHOD'] === 'POST') && (! App::$error) && (! x($_POST, 'auth-params'))) { + call_hooks(App::$module . '_mod_post', $_POST); if($this->controller && method_exists($this->controller,'post')) { $this->controller->post(); } - elseif(function_exists(\App::$module . '_post')) { - $func = \App::$module . '_post'; + elseif(function_exists(App::$module . '_post')) { + $func = App::$module . '_post'; $func($a); } } - if(! \App::$error) { - $arr = array('content' => \App::$page['content'], 'replace' => false); - call_hooks(\App::$module . '_mod_content', $arr); + if(! App::$error) { + $arr = array('content' => App::$page['content'], 'replace' => false); + call_hooks(App::$module . '_mod_content', $arr); if(! $arr['replace']) { if($this->controller && method_exists($this->controller,'get')) { $arr = array('content' => $this->controller->get()); } - elseif(function_exists(\App::$module . '_content')) { - $func = \App::$module . '_content'; + elseif(function_exists(App::$module . '_content')) { + $func = App::$module . '_content'; $arr = array('content' => $func($a)); } } - call_hooks(\App::$module . '_mod_aftercontent', $arr); - \App::$page['content'] = (($arr['replace']) ? $arr['content'] : \App::$page['content'] . $arr['content']); + call_hooks(App::$module . '_mod_aftercontent', $arr); + App::$page['content'] = ((isset($arr['replace'])) ? $arr['content'] : App::$page['content'] . $arr['content']); } } } diff --git a/Zotlabs/Web/WebServer.php b/Zotlabs/Web/WebServer.php index ac792dd69..de0d5a883 100644 --- a/Zotlabs/Web/WebServer.php +++ b/Zotlabs/Web/WebServer.php @@ -112,7 +112,7 @@ class WebServer { // now that we've been through the module content, see if the page reported // a permission problem and if so, a 403 response would seem to be in order. - if(is_array($_SESSION['sysmsg']) && stristr(implode("", $_SESSION['sysmsg']), t('Permission denied'))) { + if(isset($_SESSION['sysmsg']) && is_array($_SESSION['sysmsg']) && stristr(implode("", $_SESSION['sysmsg']), t('Permission denied'))) { header($_SERVER['SERVER_PROTOCOL'] . ' 403 ' . t('Permission denied.')); } @@ -137,9 +137,9 @@ class WebServer { private function create_channel_links() { - /* Initialise the Link: response header if this is a channel page. + /* Initialise the Link: response header if this is a channel page. * This cannot be done inside the channel module because some protocol - * addons over-ride the module functions and these links are common + * addons over-ride the module functions and these links are common * to all protocol drivers; thus doing it here avoids duplication. */ @@ -156,7 +156,7 @@ class WebServer { 'url' => z_root() . '/.well-known/webfinger?f=&resource=acct%3A' . argv(1) . '%40' . \App::get_hostname() ], ]; - $x = [ 'channel_address' => argv(1), 'channel_links' => \App::$channel_links ]; + $x = [ 'channel_address' => argv(1), 'channel_links' => \App::$channel_links ]; call_hooks('channel_links', $x ); \App::$channel_links = $x['channel_links']; header('Link: ' . \App::get_channel_links()); |