aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2013-07-28 21:04:03 -0700
committerfriendica <info@friendica.com>2013-07-28 21:04:03 -0700
commitd002ff668aee672d7a49cd744d6797eb616b9152 (patch)
tree01044d6e4788ad9867d57d2c475973a43d368961 /include
parent10f016841c612c6cef86cff91f45baea74c5d3d6 (diff)
downloadvolse-hubzilla-d002ff668aee672d7a49cd744d6797eb616b9152.tar.gz
volse-hubzilla-d002ff668aee672d7a49cd744d6797eb616b9152.tar.bz2
volse-hubzilla-d002ff668aee672d7a49cd744d6797eb616b9152.zip
encrypt private messages on disk - there are still a couple of places where the text is leaked in the logs during processing.
Diffstat (limited to 'include')
-rwxr-xr-xinclude/items.php12
-rwxr-xr-xinclude/text.php12
-rw-r--r--include/zot.php23
3 files changed, 39 insertions, 8 deletions
diff --git a/include/items.php b/include/items.php
index 863fa419b..6b99fc6b1 100755
--- a/include/items.php
+++ b/include/items.php
@@ -599,6 +599,14 @@ function encode_item($item) {
$scope = map_scope($public_scope);
$c_scope = map_scope($comment_scope);
+ if(array_key_exists('item_flags',$item) && ($item['item_flags'] & ITEM_OBSCURED)) {
+ $key = get_config('system','prvkey');
+ if($item['title'])
+ $item['title'] = aes_unencapsulate(json_decode($item['title'],true),$key);
+ if($item['body'])
+ $item['body'] = aes_unencapsulate(json_decode($item['body'],true),$key);
+ }
+
if($item['item_restrict'] & ITEM_DELETED) {
$x['message_id'] = $item['mid'];
$x['created'] = $item['created'];
@@ -1553,7 +1561,7 @@ function item_store($arr,$force_parent = false) {
if(strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid))
$private = 1;
else
- $private = $arr['private'];
+ $private = $arr['item_private'];
// Set parent id - and also make sure to inherit the parent's ACL's.
@@ -1574,7 +1582,7 @@ function item_store($arr,$force_parent = false) {
$arr['allow_gid'] = $allow_gid;
$arr['deny_cid'] = $deny_cid;
$arr['deny_gid'] = $deny_gid;
- $arr['private'] = $private;
+ $arr['item_private'] = $private;
// Store taxonomy
diff --git a/include/text.php b/include/text.php
index dce927e80..890355aea 100755
--- a/include/text.php
+++ b/include/text.php
@@ -980,8 +980,19 @@ function link_compare($a,$b) {
function prepare_body($item,$attach = false) {
$a = get_app();
+
+
+
call_hooks('prepare_body_init', $item);
+ if(array_key_exists('item_flags',$item) && ($item['item_flags'] & ITEM_OBSCURED)) {
+ $key = get_config('system','prvkey');
+ if($item['title'])
+ $item['title'] = aes_unencapsulate(json_decode($item['title'],true),$key);
+ if($item['body'])
+ $item['body'] = aes_unencapsulate(json_decode($item['body'],true),$key);
+ }
+
$s = prepare_text($item['body'],$item['mimetype']);
$prep_arr = array('item' => $item, 'html' => $s);
@@ -992,6 +1003,7 @@ function prepare_body($item,$attach = false) {
return $s;
}
+
$arr = json_decode($item['attach'],true);
if(count($arr)) {
$s .= '<div class="body-attach">';
diff --git a/include/zot.php b/include/zot.php
index e870f73b7..d2bb0842c 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -770,8 +770,6 @@ function zot_fetch($arr) {
function zot_import($arr) {
-// logger('zot_import: ' . print_r($arr,true), LOGGER_DATA);
-
$data = json_decode($arr['body'],true);
if(! $data) {
@@ -783,8 +781,6 @@ function zot_import($arr) {
$data = json_decode(aes_unencapsulate($data,get_config('system','prvkey')),true);
}
- logger('zot_import: data' . print_r($data,true), LOGGER_DATA);
-
$incoming = $data['pickup'];
$return = array();
@@ -837,6 +833,21 @@ function zot_import($arr) {
if($i['message']) {
if($i['message']['type'] === 'activity') {
$arr = get_item_elements($i['message']);
+
+ // if it's a private post, encrypt it in the DB.
+ // We have to do that here because we need to cleanse the input and prevent bad stuff from getting in,
+ // and we need plaintext to do that.
+
+ if(array_key_exists('item_private',$arr) && intval($arr['item_private'])) {
+ logger('Encrypting local storage');
+ $arr['item_flags'] = $arr['item_flags'] | ITEM_OBSCURED;
+ $key = get_config('system','pubkey');
+ if($arr['title'])
+ $arr['title'] = json_encode(aes_encapsulate($arr['title'],$key));
+ if($arr['body'])
+ $arr['body'] = json_encode(aes_encapsulate($arr['body'],$key));
+ }
+
if(! array_key_exists('created',$arr)) {
logger('Activity rejected: probable failure to lookup author/owner. ' . print_r($i['message'],true));
continue;
@@ -1565,7 +1576,7 @@ function build_sync_packet($uid = 0, $packet = null) {
// don't pass these elements, they should not be synchronised
- $disallowed = array('channel_id','channel_account_id','channel_primary','channel_prvkey');
+ $disallowed = array('channel_id','channel_account_id','channel_primary','channel_prvkey','channel_address');
if(in_array($k,$disallowed))
continue;
@@ -1636,7 +1647,7 @@ function process_channel_sync_delivery($sender,$arr,$deliveries) {
}
if(array_key_exists('channel',$arr) && is_array($arr['channel']) && count($arr['channel'])) {
- $disallowed = array('channel_id','channel_account_id','channel_primary','channel_prvkey');
+ $disallowed = array('channel_id','channel_account_id','channel_primary','channel_prvkey', 'channel_address');
$clean = array();
foreach($arr['channel'] as $k => $v) {