diff options
-rw-r--r-- | boot.php | 4 | ||||
-rw-r--r-- | include/items.php | 35 | ||||
-rw-r--r-- | mod/dfrn_notify.php | 28 |
3 files changed, 45 insertions, 22 deletions
@@ -3,8 +3,8 @@ set_time_limit(0); define ( 'BUILD_ID', 1034 ); -define ( 'FRIENDIKA_VERSION', '2.10.0902' ); -define ( 'DFRN_PROTOCOL_VERSION', '2.0' ); +define ( 'FRIENDIKA_VERSION', '2.10.0903' ); +define ( 'DFRN_PROTOCOL_VERSION', '2.1' ); define ( 'EOL', "<br />\r\n" ); define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' ); diff --git a/include/items.php b/include/items.php index c29ad9e44..f909fde6a 100644 --- a/include/items.php +++ b/include/items.php @@ -768,7 +768,7 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) { $a = get_app(); - if((! strlen($contact['dfrn-id'])) && (! $contact['duplex']) && (! ($owner['page-flags'] == PAGE_COMMUNITY))) + if((! strlen($contact['issued-id'])) && (! $contact['duplex']) && (! ($owner['page-flags'] == PAGE_COMMUNITY))) return 3; $idtosend = $orig_id = (($contact['dfrn-id']) ? $contact['dfrn-id'] : $contact['issued-id']); @@ -808,20 +808,33 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) { $postvars = array(); $sent_dfrn_id = hex2bin((string) $res->dfrn_id); $challenge = hex2bin((string) $res->challenge); + $dfrn_version = (float) (($res->dfrn_version) ? $res->dfrn_version : 2.0); $rino_allowed = ((intval($res->rino) === 1) ? 1 : 0); $final_dfrn_id = ''; - - if(($contact['duplex'] && strlen($contact['prvkey'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) { - openssl_private_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['prvkey']); - openssl_private_decrypt($challenge,$postvars['challenge'],$contact['prvkey']); + if($dfrn_version > 2.1) { + if(($contact['duplex'] && strlen($contact['pubkey'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) { + openssl_public_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['pubkey']); + openssl_public_decrypt($challenge,$postvars['challenge'],$contact['pubkey']); + } + else { + openssl_private_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['prvkey']); + openssl_private_decrypt($challenge,$postvars['challenge'],$contact['prvkey']); + } } else { - openssl_public_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['pubkey']); - openssl_public_decrypt($challenge,$postvars['challenge'],$contact['pubkey']); + if(($contact['duplex'] && strlen($contact['prvkey'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) { + openssl_private_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['prvkey']); + openssl_private_decrypt($challenge,$postvars['challenge'],$contact['prvkey']); + } + else { + openssl_public_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['pubkey']); + openssl_public_decrypt($challenge,$postvars['challenge'],$contact['pubkey']); + } } + $final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.')); if(strpos($final_dfrn_id,':') == 1) @@ -854,11 +867,13 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) { $postvars['data'] = $data; logger('rino: sent key = ' . $key); - if(($contact['duplex'] && strlen($contact['prvkey'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) { - openssl_private_encrypt($key,$postvars['key'],$contact['prvkey']); + + + if(($contact['duplex'] && strlen($contact['pubkey'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) { + openssl_public_encrypt($key,$postvars['key'],$contact['pubkey']); } else { - openssl_public_encrypt($key,$postvars['key'],$contact['pubkey']); + openssl_private_encrypt($key,$postvars['key'],$contact['prvkey']); } logger('md5 rawkey ' . md5($postvars['key'])); diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php index f904b06bc..1eb2ff725 100644 --- a/mod/dfrn_notify.php +++ b/mod/dfrn_notify.php @@ -52,8 +52,6 @@ function dfrn_notify_post(&$a) { } - - $r = q("SELECT `contact`.*, `contact`.`uid` AS `importer_uid`, `contact`.`pubkey` AS `cpubkey`, `contact`.`prvkey` AS `cprvkey`, `user`.* FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid` @@ -93,11 +91,21 @@ function dfrn_notify_post(&$a) { logger('rino: md5 raw key: ' . md5($rawkey)); $final_key = ''; - if((($importer['duplex']) && strlen($importer['cpubkey'])) || (! strlen($importer['cprvkey']))) { - openssl_public_decrypt($rawkey,$final_key,$importer['cpubkey']); + if($dfrn_version > 2.1) { + if((($importer['duplex']) && strlen($importer['cprvkey'])) || (! strlen($importer['cpubkey']))) { + openssl_private_decrypt($rawkey,$final_key,$importer['cprvkey']); + } + else { + openssl_public_decrypt($rawkey,$final_key,$importer['cpubkey']); + } } else { - openssl_private_decrypt($rawkey,$final_key,$importer['cprvkey']); + if((($importer['duplex']) && strlen($importer['cpubkey'])) || (! strlen($importer['cprvkey']))) { + openssl_public_decrypt($rawkey,$final_key,$importer['cpubkey']); + } + else { + openssl_private_decrypt($rawkey,$final_key,$importer['cprvkey']); + } } logger('rino: received key : ' . $final_key); @@ -498,14 +506,14 @@ function dfrn_notify_content(&$a) { $encrypted_id = ''; $id_str = $my_id . '.' . mt_rand(1000,9999); - if((($r[0]['duplex']) && strlen($r[0]['pubkey'])) || (! strlen($r[0]['prvkey']))) { - openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']); - openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']); - } - else { + if((($r[0]['duplex']) && strlen($r[0]['prvkey'])) || (! strlen($r[0]['pubkey']))) { openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']); openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']); } + else { + openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']); + openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']); + } $challenge = bin2hex($challenge); $encrypted_id = bin2hex($encrypted_id); |