diff options
| -rw-r--r-- | Zotlabs/Lib/DReport.php (renamed from Zotlabs/Zot/DReport.php) | 2 | ||||
| -rw-r--r-- | Zotlabs/Lib/ProtoDriver.php | 19 | ||||
| -rw-r--r-- | Zotlabs/Lib/Verify.php (renamed from Zotlabs/Zot/Verify.php) | 2 | ||||
| -rw-r--r-- | Zotlabs/Lib/ZotDriver.php | 30 | ||||
| -rw-r--r-- | Zotlabs/Module/Magic.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Module/Owa.php | 2 | ||||
| -rw-r--r-- | include/crypto.php | 51 | ||||
| -rw-r--r-- | include/event.php | 7 | ||||
| -rw-r--r-- | include/zid.php | 4 | ||||
| -rw-r--r-- | include/zot.php | 12 |
10 files changed, 50 insertions, 81 deletions
diff --git a/Zotlabs/Zot/DReport.php b/Zotlabs/Lib/DReport.php index c90f4f670..a68d6c18f 100644 --- a/Zotlabs/Zot/DReport.php +++ b/Zotlabs/Lib/DReport.php @@ -1,5 +1,5 @@ <?php -namespace Zotlabs\Zot; +namespace Zotlabs\Lib; class DReport { diff --git a/Zotlabs/Lib/ProtoDriver.php b/Zotlabs/Lib/ProtoDriver.php deleted file mode 100644 index daf887dbb..000000000 --- a/Zotlabs/Lib/ProtoDriver.php +++ /dev/null @@ -1,19 +0,0 @@ -<?php /** @file */ - -namespace Zotlabs\Lib; - -/* - * Abstraction class for dealing with alternate networks (which of course do not exist, hence the abstraction) - */ - - -abstract class ProtoDriver { - abstract protected function discover($channel,$location); - abstract protected function deliver($item,$channel,$recipients); - abstract protected function collect($channel,$connection); - abstract protected function change_permissions($permissions,$channel,$recipient); - abstract protected function acknowledge_permissions($permissions,$channel,$recipient); - abstract protected function deliver_private($item,$channel,$recipients); - abstract protected function collect_private($channel,$connection); - -} diff --git a/Zotlabs/Zot/Verify.php b/Zotlabs/Lib/Verify.php index 7abe38d17..8703e29e6 100644 --- a/Zotlabs/Zot/Verify.php +++ b/Zotlabs/Lib/Verify.php @@ -1,6 +1,6 @@ <?php -namespace Zotlabs\Zot; +namespace Zotlabs\Lib; class Verify { diff --git a/Zotlabs/Lib/ZotDriver.php b/Zotlabs/Lib/ZotDriver.php deleted file mode 100644 index e14cc7f35..000000000 --- a/Zotlabs/Lib/ZotDriver.php +++ /dev/null @@ -1,30 +0,0 @@ -<?php /** @file */ - -namespace Zotlabs\Lib; - - -class ZotDriver extends ProtoDriver { - - protected function discover($channel,$location) { - - } - protected function deliver($item,$channel,$recipients) { - - } - protected function collect($channel,$connection) { - - } - protected function change_permissions($permissions,$channel,$recipient) { - - } - protected function acknowledge_permissions($permissions,$channel,$recipient) { - - } - protected function deliver_private($item,$channel,$recipients) { - - } - protected function collect_private($channel,$connection) { - - } - -} diff --git a/Zotlabs/Module/Magic.php b/Zotlabs/Module/Magic.php index 9ad9c951c..15e5cedcf 100644 --- a/Zotlabs/Module/Magic.php +++ b/Zotlabs/Module/Magic.php @@ -166,7 +166,7 @@ class Magic extends \Zotlabs\Web\Controller { $token = random_string(); - \Zotlabs\Zot\Verify::create('auth',$channel['channel_id'],$token,$x[0]['hubloc_url']); + \Zotlabs\Lib\Verify::create('auth',$channel['channel_id'],$token,$x[0]['hubloc_url']); $target_url = $x[0]['hubloc_callback'] . '/?f=&auth=' . urlencode(channel_reddress($channel)) . '&sec=' . $token . '&dest=' . urlencode($dest) . '&version=' . ZOT_REVISION; diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index 23ee14f39..e62fc9592 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -42,7 +42,7 @@ class Owa extends \Zotlabs\Web\Controller { logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA); $ret['success'] = true; $token = random_string(32); - \Zotlabs\Zot\Verify::create('owt',0,$token,$hubloc['hubloc_addr']); + \Zotlabs\Lib\Verify::create('owt',0,$token,$hubloc['hubloc_addr']); $result = ''; openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']); $ret['encrypted_token'] = base64url_encode($result); diff --git a/include/crypto.php b/include/crypto.php index ab33ba096..1040ac29b 100644 --- a/include/crypto.php +++ b/include/crypto.php @@ -119,21 +119,27 @@ function crypto_encapsulate($data,$pubkey,$alg='aes256cbc') { } function other_encapsulate($data,$pubkey,$alg) { + if(! $pubkey) logger('no key. data: ' . $data); - $oaep = false; + // This default will change in the future. For now make it backward compatible. - if(strpos($alg,'.oaep')) { - $oaep = true; - $subalg = substr($alg,0,-5); - } - else { - $subalg = $alg; + $padding = OPENSSL_PKCS1_PADDING; + $base = $alg; + + $exts = explode('.',$alg); + if(count($exts) > 1) { + switch($exts[1]) { + case 'oaep': + $padding = OPENSSL_PKCS1_OAEP_PADDING; + break; + } + $base = $exts[0]; } - $fn = strtoupper($subalg) . '_encrypt'; + $fn = strtoupper($base) . '_encrypt'; if(function_exists($fn)) { // A bit hesitant to use openssl_random_pseudo_bytes() as we know @@ -151,14 +157,14 @@ function other_encapsulate($data,$pubkey,$alg) { $iv = openssl_random_pseudo_bytes(256); $result['data'] = base64url_encode($fn($data,$key,$iv),true); // log the offending call so we can track it down - if(! openssl_public_encrypt($key,$k,$pubkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING))) { + if(! openssl_public_encrypt($key,$k,$pubkey,$padding)) { $x = debug_backtrace(); logger('RSA failed. ' . print_r($x[0],true)); } $result['alg'] = $alg; $result['key'] = base64url_encode($k,true); - openssl_public_encrypt($iv,$i,$pubkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING)); + openssl_public_encrypt($iv,$i,$pubkey,$padding); $result['iv'] = base64url_encode($i,true); return $result; } @@ -229,20 +235,25 @@ function crypto_unencapsulate($data,$prvkey) { function other_unencapsulate($data,$prvkey,$alg) { - $oaep = false; + // This default will change in the future. For now make it backward compatible. - if(strpos($alg,'.oaep')) { - $oaep = true; - $subalg = substr($alg,0,-5); - } - else { - $subalg = $alg; + $padding = OPENSSL_PKCS1_PADDING; + $base = $alg; + + $exts = explode('.',$alg); + if(count($exts) > 1) { + switch($exts[1]) { + case 'oaep': + $padding = OPENSSL_PKCS1_OAEP_PADDING; + break; + } + $base = $exts[0]; } - $fn = strtoupper($subalg) . '_decrypt'; + $fn = strtoupper($base) . '_decrypt'; if(function_exists($fn)) { - openssl_private_decrypt(base64url_decode($data['key']),$k,$prvkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING)); - openssl_private_decrypt(base64url_decode($data['iv']),$i,$prvkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING)); + openssl_private_decrypt(base64url_decode($data['key']),$k,$prvkey,$padding); + openssl_private_decrypt(base64url_decode($data['iv']),$i,$prvkey,$padding); return $fn(base64url_decode($data['data']),$k,$i); } else { diff --git a/include/event.php b/include/event.php index c1cf59425..1077a3c64 100644 --- a/include/event.php +++ b/include/event.php @@ -1200,6 +1200,13 @@ function event_store_item($arr, $event) { )); } + // propagate the event resource_id so that posts containing it are easily searchable in downstream copies + // of the item which have not stored the actual event. Required for Diaspora event federation as Diaspora + // event_participation messages refer to the event resource_id as a parent, while out own event attendance + // activities refer to the item message_id as the parent. + + set_iconfig($item_arr, 'system','event_id',$event['event_hash'],true); + $res = item_store($item_arr); $item_id = $res['item_id']; diff --git a/include/zid.php b/include/zid.php index b3a7d1e6a..67c1d9f6c 100644 --- a/include/zid.php +++ b/include/zid.php @@ -265,9 +265,9 @@ function red_zrlify_img_callback($matches) { */ function owt_init($token) { - \Zotlabs\Zot\Verify::purge('owt', '3 MINUTE'); + \Zotlabs\Lib\Verify::purge('owt', '3 MINUTE'); - $ob_hash = \Zotlabs\Zot\Verify::get_meta('owt', 0, $token); + $ob_hash = \Zotlabs\Lib\Verify::get_meta('owt', 0, $token); if($ob_hash === false) { return; diff --git a/include/zot.php b/include/zot.php index d28e584a1..0cfc370a2 100644 --- a/include/zot.php +++ b/include/zot.php @@ -1728,7 +1728,7 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $ foreach($deliveries as $d) { $local_public = $public; - $DR = new Zotlabs\Zot\DReport(z_root(),$sender['hash'],$d['hash'],$arr['mid']); + $DR = new Zotlabs\Lib\DReport(z_root(),$sender['hash'],$d['hash'],$arr['mid']); $r = q("select * from channel where channel_hash = '%s' limit 1", dbesc($d['hash']) @@ -2257,7 +2257,7 @@ function process_mail_delivery($sender, $arr, $deliveries) { foreach($deliveries as $d) { - $DR = new Zotlabs\Zot\DReport(z_root(),$sender['hash'],$d['hash'],$arr['mid']); + $DR = new Zotlabs\Lib\DReport(z_root(),$sender['hash'],$d['hash'],$arr['mid']); $r = q("select * from channel where channel_hash = '%s' limit 1", dbesc($d['hash']) @@ -3898,11 +3898,11 @@ function process_channel_sync_delivery($sender, $arr, $deliveries) { // we should probably do this for all items, but usually we only send one. if(array_key_exists('item',$arr) && is_array($arr['item'][0])) { - $DR = new Zotlabs\Zot\DReport(z_root(),$d['hash'],$d['hash'],$arr['item'][0]['message_id'],'channel sync processed'); + $DR = new Zotlabs\Lib\DReport(z_root(),$d['hash'],$d['hash'],$arr['item'][0]['message_id'],'channel sync processed'); $DR->addto_recipient($channel['channel_name'] . ' <' . channel_reddress($channel) . '>'); } else - $DR = new Zotlabs\Zot\DReport(z_root(),$d['hash'],$d['hash'],'sync packet','channel sync delivered'); + $DR = new Zotlabs\Lib\DReport(z_root(),$d['hash'],$d['hash'],'sync packet','channel sync delivered'); $result[] = $DR->get(); } @@ -4913,7 +4913,7 @@ function zot_reply_auth_check($data,$encrypted_packet) { * the web server. We should probably convert this to webserver time rather than DB time so * that the different clocks won't affect it and allow us to keep the time short. */ - Zotlabs\Zot\Verify::purge('auth', '30 MINUTE'); + Zotlabs\Lib\Verify::purge('auth', '30 MINUTE'); $y = q("select xchan_pubkey from xchan where xchan_hash = '%s' limit 1", dbesc($sender_hash) @@ -4954,7 +4954,7 @@ function zot_reply_auth_check($data,$encrypted_packet) { // This additionally checks for forged sites since we already stored the expected result in meta // and we've already verified that this is them via zot_gethub() and that their key signed our token - $z = Zotlabs\Zot\Verify::match('auth',$c[0]['channel_id'],$data['secret'],$data['sender']['url']); + $z = Zotlabs\Lib\Verify::match('auth',$c[0]['channel_id'],$data['secret'],$data['sender']['url']); if (! $z) { logger('mod_zot: auth_check: verification key not found.'); $ret['message'] .= 'verification key not found' . EOL; |