Reviewed. This is OK.

Revert "may be exploitable in current form - awaiting review" This reverts commit 7bff60edacd68ef3dccf6f956e9c57092919950a.
author: zotlabs <mike@macgirvin.com> 2017-09-03 00:59:51 -0700
committer: zotlabs <mike@macgirvin.com> 2017-09-03 00:59:51 -0700
commit: 499b7de0d217e5e56819f34dea26cb5d395e2a0b (patch)
tree: 950cec9c031dd4f1248289a334a92233fdc9dc08 /include/api_auth.php
parent: 7bff60edacd68ef3dccf6f956e9c57092919950a (diff)
download: volse-hubzilla-499b7de0d217e5e56819f34dea26cb5d395e2a0b.tar.gz
volse-hubzilla-499b7de0d217e5e56819f34dea26cb5d395e2a0b.tar.bz2
volse-hubzilla-499b7de0d217e5e56819f34dea26cb5d395e2a0b.zip
1 files changed, 1 insertions, 2 deletions
diff --git a/include/api_auth.php b/include/api_auth.php
index 0acd4ac68..0818fa54b 100644
--- a/include/api_auth.php
+++ b/include/api_auth.php
@@ -85,8 +85,7 @@ function api_login(&$a){
 					else {
 						continue;
 					}
-// requires security review
-$record = null;
+
 					if($record) {					
 						$verified = \Zotlabs\Web\HTTPSig::verify('',$record['channel']['channel_pubkey']);
 						if(! ($verified && $verified['header_signed'] && $verified['header_valid'])) {
author	zotlabs <mike@macgirvin.com>	2017-09-03 00:59:51 -0700
committer	zotlabs <mike@macgirvin.com>	2017-09-03 00:59:51 -0700
commit	499b7de0d217e5e56819f34dea26cb5d395e2a0b (patch)
tree	950cec9c031dd4f1248289a334a92233fdc9dc08 /include/api_auth.php
parent	7bff60edacd68ef3dccf6f956e9c57092919950a (diff)
download	volse-hubzilla-499b7de0d217e5e56819f34dea26cb5d395e2a0b.tar.gz volse-hubzilla-499b7de0d217e5e56819f34dea26cb5d395e2a0b.tar.bz2 volse-hubzilla-499b7de0d217e5e56819f34dea26cb5d395e2a0b.zip