diff options
author | Friendika <info@friendika.com> | 2010-11-30 18:32:34 -0800 |
---|---|---|
committer | Friendika <info@friendika.com> | 2010-11-30 18:32:34 -0800 |
commit | 99bbc29747e8b8f4f9a7a1952aecbbd202ed2470 (patch) | |
tree | 683417787780551f78b888fc37366d4ea239b4ba /mod | |
parent | 67e827e128a4c446b89f581793f64fd0f1299389 (diff) | |
download | volse-hubzilla-99bbc29747e8b8f4f9a7a1952aecbbd202ed2470.tar.gz volse-hubzilla-99bbc29747e8b8f4f9a7a1952aecbbd202ed2470.tar.bz2 volse-hubzilla-99bbc29747e8b8f4f9a7a1952aecbbd202ed2470.zip |
rino landing
Diffstat (limited to 'mod')
-rw-r--r-- | mod/dfrn_notify.php | 29 |
1 files changed, 24 insertions, 5 deletions
diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php index 54fa9b97d..830a2d255 100644 --- a/mod/dfrn_notify.php +++ b/mod/dfrn_notify.php @@ -6,10 +6,11 @@ require_once('include/items.php'); function dfrn_notify_post(&$a) { - $dfrn_id = notags(trim($_POST['dfrn_id'])); - $dfrn_version = (float) $_POST['dfrn_version']; - $challenge = notags(trim($_POST['challenge'])); - $data = $_POST['data']; + $dfrn_id = ((x($_POST,'dfrn_id')) ? notags(trim($_POST['dfrn_id'])) : ''); + $dfrn_version = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0); + $challenge = ((x($_POST,'challenge')) ? notags(trim($_POST['challenge'])) : ''); + $data = ((x($_POST,'data')) ? $_POST['data'] : ''); + $key = ((x($_POST,'key')) ? $_POST['key'] : ''); $direction = (-1); if(strpos($dfrn_id,':') == 1) { @@ -50,7 +51,8 @@ function dfrn_notify_post(&$a) { } - $r = q("SELECT `contact`.*, `contact`.`uid` AS `importer_uid`, `user`.* FROM `contact` + $r = q("SELECT `contact`.*, `contact`.`uid` AS `importer_uid`, + `contact`.`pubkey` AS `cpubkey`, `contact`.`prvkey` AS `cprvkey`, `user`.* FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid` WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `user`.`nickname` = '%s' $sql_extra LIMIT 1", @@ -76,6 +78,23 @@ function dfrn_notify_post(&$a) { //NOTREACHED } + if(strlen($key)) { + $rawkey = hex2bin(trim($key)); + logger('rino: md5 raw key: ' . md5($rawkey)); + $final_key = ''; + + if((($importer['duplex']) && strlen($importer['cpubkey'])) || (! strlen($importer['cprvkey']))) { + openssl_public_decrypt($rawkey,$final_key,$importer['cpubkey']); + } + else { + openssl_private_decrypt($rawkey,$final_key,$importer['cprvkey']); + } + + logger('rino: received key : ' . $final_key); + $data = aes_decrypt(hex2bin($data),$final_key); + logger('rino: decrypted data: ' . $data, LOGGER_DATA); + } + // Consume notification feed. This may differ from consuming a public feed in several ways // - might contain email // - might contain remote followup to our message |