Merge branch 'dev' of https://github.com/redmatrix/hubzilla into dev_merge

5 files changed, 76 insertions, 36 deletions

diff --git a/include/crypto.php b/include/crypto.php
index f75390985..2c5545e9b 100644
--- a/include/crypto.php
+++ b/include/crypto.php
@@ -55,6 +55,7 @@ function AES256CBC_decrypt($data,$key,$iv) {
 	return openssl_decrypt($data,'aes-256-cbc',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
 }
 
+
 function AES128CBC_encrypt($data,$key,$iv) {
 	$key = substr($key,0,16);
 	$iv = substr($iv,0,16);
@@ -67,18 +68,33 @@ function AES128CBC_decrypt($data,$key,$iv) {
 	return openssl_decrypt($data,'aes-128-cbc',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
 }
 
-function STD_encrypt($data,$key,$iv) {
+
+function AES256CTR_encrypt($data,$key,$iv) {
 	$key = substr($key,0,32);
 	$iv = substr($iv,0,16);
-	return openssl_encrypt($data,'aes-256-cbc',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
+	return openssl_encrypt($data,'aes-256-ctr',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
 }
 
-function STD_decrypt($data,$key,$iv) {
+function AES256CTR_decrypt($data,$key,$iv) {
 	$key = substr($key,0,32);
 	$iv = substr($iv,0,16);
-	return openssl_decrypt($data,'aes-256-cbc',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
+	return openssl_decrypt($data,'aes-256-ctr',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
+}
+
+
+function CAMELLIA256CFB_encrypt($data,$key,$iv) {
+	$key = substr($key,0,32);
+	$iv = substr($iv,0,16);
+	return openssl_encrypt($data,'camellia-256-cfb',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
+}
+
+function CAMELLIA256CFB_decrypt($data,$key,$iv) {
+	$key = substr($key,0,32);
+	$iv = substr($iv,0,16);
+	return openssl_decrypt($data,'camellia-256-cfb',str_pad($key,32,"\0"),OPENSSL_RAW_DATA,str_pad($iv,16,"\0"));
 }
 
+
 function CAST5CBC_encrypt($data,$key,$iv) {
 	$key = substr($key,0,16);
 	$iv = substr($iv,0,8);
@@ -91,6 +107,20 @@ function CAST5CBC_decrypt($data,$key,$iv) {
 	return openssl_decrypt($data,'cast5-cbc',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,8,"\0"));
 }
 
+function CAST5CFB_encrypt($data,$key,$iv) {
+	$key = substr($key,0,16);
+	$iv = substr($iv,0,8);
+	return openssl_encrypt($data,'cast5-cfb',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,8,"\0"));
+}
+
+function CAST5CFB_decrypt($data,$key,$iv) {
+	$key = substr($key,0,16);
+	$iv = substr($iv,0,8);
+	return openssl_decrypt($data,'cast5-cfb',str_pad($key,16,"\0"),OPENSSL_RAW_DATA,str_pad($iv,8,"\0"));
+}
+
+
+
 function crypto_encapsulate($data,$pubkey,$alg='aes256cbc') {
 	$fn = strtoupper($alg) . '_encrypt';
 	
@@ -142,17 +172,13 @@ function other_encapsulate($data,$pubkey,$alg) {
 
 function crypto_methods() {
 
-	if(\Zotlabs\Lib\System::get_server_role() !== 'pro')
-		return [ 'aes256cbc' ];
-
-	// 'std' is the new project standard which is aes256cbc but transmits/receives 256-byte key and iv. 
 	// aes256cbc is provided for compatibility with earlier zot implementations which assume 32-byte key and 16-byte iv. 
 	// other_encapsulate() now produces these longer keys/ivs by default so that it is difficult to guess a
 	// particular implementation or choice of underlying implementations based on the key/iv length. 
 	// The actual methods are responsible for deriving the actual key/iv from the provided parameters;
 	// possibly by truncation or segmentation - though many other methods could be used.  
 
-	$r = [ 'std', 'aes256cbc', 'aes128cbc', 'cast5cbc' ];
+	$r = [ 'aes256ctr', 'camellia256cfb', 'cast5cfb', 'aes256cbc', 'aes128cbc', 'cast5cbc' ];
 	call_hooks('crypto_methods',$r);
 	return $r;
 
diff --git a/include/import.php b/include/import.php
index f6ebd4bff..9007dbe74 100644
--- a/include/import.php
+++ b/include/import.php
@@ -98,7 +98,7 @@ function import_channel($channel, $account_id, $seize) {
 
 	$r = q("select * from channel where channel_account_id = %d and channel_guid = '%s' limit 1",
 		intval($account_id),
-		$channel['channel_guid']   // Already dbesc'd
+		dbesc($channel['channel_guid'])
 	);
 	if(! $r) {
 		logger('mod_import: channel not found. ' . print_r($channel,true));
@@ -195,23 +195,24 @@ function import_hublocs($channel, $hublocs, $seize, $moving = false) {
 			}
 
 			if(! array_key_exists('hubloc_primary',$hubloc)) {
-				$hubloc['hubloc_primary'] = (($hubloc['hubloc_flags'] & 0x0001) ? 1 : 0);
-				$hubloc['hubloc_orphancheck'] = (($hubloc['hubloc_flags'] & 0x0004) ? 1 : 0);
-				$hubloc['hubloc_error'] = (($hubloc['hubloc_status'] & 0x0003) ? 1 : 0);
-				$hubloc['hubloc_deleted'] = (($hubloc['hubloc_flags'] & 0x1000) ? 1 : 0);
+				$hubloc['hubloc_primary']     = (($hubloc['hubloc_flags']  & 0x0001) ? 1 : 0);
+				$hubloc['hubloc_orphancheck'] = (($hubloc['hubloc_flags']  & 0x0004) ? 1 : 0);
+				$hubloc['hubloc_error']       = (($hubloc['hubloc_status'] & 0x0003) ? 1 : 0);
+				$hubloc['hubloc_deleted']     = (($hubloc['hubloc_flags']  & 0x1000) ? 1 : 0);
 			}
 
 			if($moving && $hubloc['hubloc_hash'] === $channel['channel_hash'] && $hubloc['hubloc_url'] !== z_root()) {
 				$hubloc['hubloc_deleted'] = 1;
 			}
 
-			$arr = array(
-				'guid' => $hubloc['hubloc_guid'],
+			$arr = [
+				'guid'     => $hubloc['hubloc_guid'],
 				'guid_sig' => $hubloc['hubloc_guid_sig'],
-				'url' => $hubloc['hubloc_url'],
-				'url_sig' => $hubloc['hubloc_url_sig'],
-				'sitekey' => ((array_key_exists('hubloc_sitekey',$hubloc)) ? $hubloc['hubloc_sitekey'] : '')
-			);
+				'url'      => $hubloc['hubloc_url'],
+				'url_sig'  => $hubloc['hubloc_url_sig'],
+				'sitekey'  => ((array_key_exists('hubloc_sitekey',$hubloc)) ? $hubloc['hubloc_sitekey'] : '')
+			];
+
 			if(($hubloc['hubloc_hash'] === $channel['channel_hash']) && intval($hubloc['hubloc_primary']) && ($seize))
 				$hubloc['hubloc_primary'] = 0;
 
@@ -1443,7 +1444,8 @@ function import_webpage_element($element, $channel, $type) {
 	// The author is either the owner or whomever was specified
 	$arr['author_xchan'] = (($element['author_xchan']) ? $element['author_xchan'] : get_observer_hash());
 	// Import mimetype if it is a valid mimetype for the element
-	$mimetypes = [	'text/bbcode',
+	$mimetypes = [	
+		'text/bbcode',
 		'text/html',
 		'text/markdown',
 		'text/plain',
diff --git a/include/items.php b/include/items.php
index 304a7acfc..933b9ef81 100755
--- a/include/items.php
+++ b/include/items.php
@@ -769,6 +769,8 @@ function import_author_xchan($x) {
 	if($arr['xchan_hash'])
 		return $arr['xchan_hash'];
 
+	$y = false;
+
 	if((! array_key_exists('network', $x)) || ($x['network'] === 'zot')) {
 		$y = import_author_zot($x);
 	}
@@ -779,11 +781,11 @@ function import_author_xchan($x) {
 		$y = import_author_rss($x);
 	}
 
-	if($x['network'] === 'unknown') {
+	if(! $y) {
 		$y = import_author_unknown($x);
 	}
 
-	return(($y) ? $y : false);
+	return($y);
 }
 
 /**
@@ -1824,9 +1826,12 @@ logger('revision: ' . $arr['revision']);
 		intval($arr['revision'])
 	);
 
-	if($r && count($r)) {
+	if($r) {
+		// This will gives us a fresh copy of what's now in the DB and undo the db escaping, 
+		// which really messes up the notifications
+
 		$current_post = $r[0]['id'];
-		$arr = $r[0];  // This will gives us a fresh copy of what's now in the DB and undo the db escaping, which really messes up the notifications
+		$arr = $r[0];
 		logger('item_store: created item ' . $current_post, LOGGER_DEBUG);
 	}
 	else {
diff --git a/include/permissions.php b/include/permissions.php
index d21b45550..f719394c5 100644
--- a/include/permissions.php
+++ b/include/permissions.php
@@ -314,11 +314,12 @@ function perm_is_allowed($uid, $observer_xchan, $permission) {
 		'channel_id'    => $uid,
 		'observer_hash' => $observer_xchan,
 		'permission'    => $permission,
-		'result'        => false);
+		'result'        => 'unset');
 
 	call_hooks('perm_is_allowed', $arr);
-	if($arr['result'])
-		return true;
+	if($arr['result'] !== 'unset') {
+		return $arr['result'];
+	}
 
 	$global_perms = \Zotlabs\Access\Permissions::Perms();
 
diff --git a/include/zot.php b/include/zot.php
index 8a2178913..266060839 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -165,9 +165,6 @@ function zot_build_packet($channel, $type = 'notify', $recipients = null, $remot
 
 function zot_best_algorithm($methods) {
 
-	if(\Zotlabs\Lib\System::get_server_role() !== 'pro')
-		return 'aes256cbc';
-
 	$x = [ 'methods' => $methods, 'result' => '' ];
 	call_hooks('zot_best_algorithm',$x);
 	if($x['result'])
@@ -3581,21 +3578,30 @@ function get_rpost_path($observer) {
 
 function import_author_zot($x) {
 
+	// Check that we have both a hubloc and xchan record - as occasionally storage calls will fail and
+	// we may only end up with one; which results in posts with no author name or photo and are a bit
+	// of a hassle to repair. If either or both are missing, do a full discovery probe.
+
 	$hash = make_xchan_hash($x['guid'],$x['guid_sig']);
-	$r = q("select hubloc_url from hubloc where hubloc_guid = '%s' and hubloc_guid_sig = '%s' and hubloc_primary = 1 limit 1",
+	$r1 = q("select hubloc_url from hubloc where hubloc_guid = '%s' and hubloc_guid_sig = '%s' and hubloc_primary = 1 limit 1",
 		dbesc($x['guid']),
 		dbesc($x['guid_sig'])
 	);
 
-	if ($r) {
-		logger('import_author_zot: in cache', LOGGER_DEBUG);
+	$r2 = q("select xchan_hash from xchan where xchan_guid = '%s' and xchan_guid_sig = '%s' limit 1",
+		dbesc($x['guid']),
+		dbesc($x['guid_sig'])
+	);
+
+	if($r1 && $r2) {
+		logger('in cache', LOGGER_DEBUG);
 		return $hash;
 	}
 
-	logger('import_author_zot: entry not in cache - probing: ' . print_r($x,true), LOGGER_DEBUG);
+	logger('not in cache - probing: ' . print_r($x,true), LOGGER_DEBUG);
 
 	$them = array('hubloc_url' => $x['url'], 'xchan_guid' => $x['guid'], 'xchan_guid_sig' => $x['guid_sig']);
-	if (zot_refresh($them))
+	if(zot_refresh($them))
 		return $hash;
 
 	return false;