aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Zotlabs/Module/Owa.php7
-rw-r--r--Zotlabs/Web/HTTPSig.php2
-rw-r--r--include/crypto.php4
3 files changed, 9 insertions, 4 deletions
diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php
index 9a39fe4c0..23ee14f39 100644
--- a/Zotlabs/Module/Owa.php
+++ b/Zotlabs/Module/Owa.php
@@ -38,14 +38,19 @@ class Owa extends \Zotlabs\Web\Controller {
foreach($r as $hubloc) {
$verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']);
if($verified && $verified['header_signed'] && $verified['header_valid']) {
+ logger('OWA header: ' . print_r($verified,true),LOGGER_DATA);
+ logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA);
$ret['success'] = true;
$token = random_string(32);
- \Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']);
+ \Zotlabs\Zot\Verify::create('owt',0,$token,$hubloc['hubloc_addr']);
$result = '';
openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']);
$ret['encrypted_token'] = base64url_encode($result);
break;
}
+ else {
+ logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_addr']);
+ }
}
}
}
diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php
index 9a8c23a9b..63033ce5e 100644
--- a/Zotlabs/Web/HTTPSig.php
+++ b/Zotlabs/Web/HTTPSig.php
@@ -117,7 +117,7 @@ class HTTPSig {
logger('verified: ' . $x, LOGGER_DEBUG);
- if($x === false)
+ if(! $x)
return $result;
if(! $spoofable)
diff --git a/include/crypto.php b/include/crypto.php
index 622add4dc..b990b18d9 100644
--- a/include/crypto.php
+++ b/include/crypto.php
@@ -22,13 +22,13 @@ function rsa_verify($data,$sig,$key,$alg = 'sha256') {
$alg = OPENSSL_ALGO_SHA256;
$verify = @openssl_verify($data,$sig,$key,$alg);
- if(! $verify) {
+ if($verify === (-1)) {
while($msg = openssl_error_string())
logger('openssl_verify: ' . $msg,LOGGER_NORMAL,LOG_ERR);
btlogger('openssl_verify: key: ' . $key, LOGGER_DEBUG, LOG_ERR);
}
- return $verify;
+ return (($verify > 0) ? true : false);
}
function pkcs5_pad ($text, $blocksize)