Merge branch 'dev' into oauth2

4 files changed, 35 insertions, 9 deletions

diff --git a/include/bbcode.php b/include/bbcode.php
index 86fd24696..03a46444b 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -438,7 +438,7 @@ function bb_summary($match) {
 	$rnd3 = mt_rand();
 	$rnd4 = mt_rand();
 
-	return $match[1] . '<div style="display: block;" id="opendiv-' . $rnd2 . '">' . $match[2] . '</div><div style="display: block;" id="opendiv-' . $rnd3 . '" onclick="openClose(\'opendiv-' . $rnd1 . '\'); openClose(\'opendiv-' . $rnd2 . '\'); openClose(\'opendiv-' . $rnd3 . '\'); openClose(\'opendiv-' . $rnd4 . '\'); return false;" class="fakelink">' . t('View article') . '</div><div style="display: none;" id="opendiv-' . $rnd4 . '" onclick="openClose(\'opendiv-' . $rnd1 . '\'); openClose(\'opendiv-' . $rnd2 . '\'); openClose(\'opendiv-' . $rnd3 . '\'); openClose(\'opendiv-' . $rnd4 . '\'); return false;" class="fakelink">' . t('View summary') . '</div><div id="opendiv-' . $rnd1 . '" style="display: none;">' . $match[3] . '</div>';
+	return $match[1] . '<div style="display: block;" id="opendiv-' . $rnd2 . '">' . $match[2] . '</div><div style="display: block;" id="opendiv-' . $rnd3 . '" onclick="openClose(\'opendiv-' . $rnd1 . '\'); openClose(\'opendiv-' . $rnd2 . '\'); openClose(\'opendiv-' . $rnd3 . '\'); openClose(\'opendiv-' . $rnd4 . '\'); return false;" class="fakelink view-article">' . t('View article') . '</div><div style="display: none;" id="opendiv-' . $rnd4 . '" onclick="openClose(\'opendiv-' . $rnd1 . '\'); openClose(\'opendiv-' . $rnd2 . '\'); openClose(\'opendiv-' . $rnd3 . '\'); openClose(\'opendiv-' . $rnd4 . '\'); return false;" class="fakelink view-summary">' . t('View summary') . '</div><div id="opendiv-' . $rnd1 . '" style="display: none;">' . $match[3] . '</div>';
 }
 
 
diff --git a/include/crypto.php b/include/crypto.php
index 105c1c54f..ab33ba096 100644
--- a/include/crypto.php
+++ b/include/crypto.php
@@ -122,7 +122,18 @@ function other_encapsulate($data,$pubkey,$alg) {
 	if(! $pubkey)
 		logger('no key. data: ' . $data);
 
-	$fn = strtoupper($alg) . '_encrypt';
+	$oaep = false;
+
+	if(strpos($alg,'.oaep')) {
+		$oaep = true;
+		$subalg = substr($alg,0,-5);
+	}
+	else {
+		$subalg = $alg;
+	}
+
+
+	$fn = strtoupper($subalg) . '_encrypt';
 	if(function_exists($fn)) {
 
 		// A bit hesitant to use openssl_random_pseudo_bytes() as we know
@@ -140,14 +151,14 @@ function other_encapsulate($data,$pubkey,$alg) {
 		$iv  = openssl_random_pseudo_bytes(256);
 		$result['data'] = base64url_encode($fn($data,$key,$iv),true);
 		// log the offending call so we can track it down
-		if(! openssl_public_encrypt($key,$k,$pubkey)) {
+		if(! openssl_public_encrypt($key,$k,$pubkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING))) {
 			$x = debug_backtrace();
 			logger('RSA failed. ' . print_r($x[0],true));
 		}
 
 		$result['alg'] = $alg;
 	 	$result['key'] = base64url_encode($k,true);
-		openssl_public_encrypt($iv,$i,$pubkey);
+		openssl_public_encrypt($iv,$i,$pubkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING));
 		$result['iv'] = base64url_encode($i,true);
 		return $result;
 	}
@@ -166,7 +177,7 @@ function crypto_methods() {
 	// The actual methods are responsible for deriving the actual key/iv from the provided parameters;
 	// possibly by truncation or segmentation - though many other methods could be used.  
 
-	$r = [ 'aes256ctr', 'camellia256cfb', 'cast5cfb', 'aes256cbc', 'aes128cbc', 'cast5cbc' ];
+	$r = [ 'aes256ctr.oaep', 'camellia256cfb.oaep', 'cast5cfb.oaep', 'aes256ctr', 'camellia256cfb', 'cast5cfb', 'aes256cbc', 'aes128cbc', 'cast5cbc' ];
 	call_hooks('crypto_methods',$r);
 	return $r;
 
@@ -207,6 +218,7 @@ function aes_encapsulate($data,$pubkey) {
 function crypto_unencapsulate($data,$prvkey) {
 	if(! $data)
 		return;
+
 	$alg = ((array_key_exists('alg',$data)) ? $data['alg'] : 'aes256cbc');
 	if($alg === 'aes256cbc')
 		return aes_unencapsulate($data,$prvkey);
@@ -216,10 +228,21 @@ function crypto_unencapsulate($data,$prvkey) {
 }
 
 function other_unencapsulate($data,$prvkey,$alg) {
-	$fn = strtoupper($alg) . '_decrypt';
+
+	$oaep = false;
+
+	if(strpos($alg,'.oaep')) {
+		$oaep = true;
+		$subalg = substr($alg,0,-5);
+	}
+	else {
+		$subalg = $alg;
+	}
+
+	$fn = strtoupper($subalg) . '_decrypt';
 	if(function_exists($fn)) {
-		openssl_private_decrypt(base64url_decode($data['key']),$k,$prvkey);
-		openssl_private_decrypt(base64url_decode($data['iv']),$i,$prvkey);
+		openssl_private_decrypt(base64url_decode($data['key']),$k,$prvkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING));
+		openssl_private_decrypt(base64url_decode($data['iv']),$i,$prvkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING));
 		return $fn(base64url_decode($data['data']),$k,$i);
 	}
 	else {
diff --git a/include/feedutils.php b/include/feedutils.php
index c4e9790de..369193fce 100644
--- a/include/feedutils.php
+++ b/include/feedutils.php
@@ -436,6 +436,9 @@ function get_atom_elements($feed, $item) {
 
 	$summary = unxmlify($item->get_description(true));
 
+	if($summary === $res['body'])
+		$summary = '';
+
 	if(($summary) && ((strpos($summary,'<') !== false) || (strpos($summary,'>') !== false))) {
 		$summary = purify_html($summary);
 		$summary = html2bbcode($summary);
diff --git a/include/items.php b/include/items.php
index 04962ec76..68fa4c3b2 100755
--- a/include/items.php
+++ b/include/items.php
@@ -3477,7 +3477,7 @@ function item_expire($uid,$days) {
 		AND item_thread_top = 1
 		AND resource_type = ''
 		AND item_starred = 0
-		$sql_extra $item_normal ORDER BY created ASC LIMIT $expire_limit ",
+		$sql_extra $item_normal LIMIT $expire_limit ",
 		intval($uid),
 		db_utcnow(),
 		db_quoteinterval(intval($days).' DAY')