diff options
Diffstat (limited to 'mod/dfrn_notify.php')
-rw-r--r-- | mod/dfrn_notify.php | 35 |
1 files changed, 22 insertions, 13 deletions
diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php index f904b06bc..7f023ef22 100644 --- a/mod/dfrn_notify.php +++ b/mod/dfrn_notify.php @@ -24,7 +24,7 @@ function dfrn_notify_post(&$a) { dbesc($challenge) ); if(! count($r)) { - logger('dfrn_notify: could not match challenge to dfrn_id ' . $dfrn_id); + logger('dfrn_notify: could not match challenge to dfrn_id ' . $dfrn_id . ' challenge=' . $challenge); xml_status(3); } @@ -52,8 +52,6 @@ function dfrn_notify_post(&$a) { } - - $r = q("SELECT `contact`.*, `contact`.`uid` AS `importer_uid`, `contact`.`pubkey` AS `cpubkey`, `contact`.`prvkey` AS `cprvkey`, `user`.* FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid` @@ -93,11 +91,21 @@ function dfrn_notify_post(&$a) { logger('rino: md5 raw key: ' . md5($rawkey)); $final_key = ''; - if((($importer['duplex']) && strlen($importer['cpubkey'])) || (! strlen($importer['cprvkey']))) { - openssl_public_decrypt($rawkey,$final_key,$importer['cpubkey']); + if($dfrn_version >= 2.1) { + if((($importer['duplex']) && strlen($importer['cprvkey'])) || (! strlen($importer['cpubkey']))) { + openssl_private_decrypt($rawkey,$final_key,$importer['cprvkey']); + } + else { + openssl_public_decrypt($rawkey,$final_key,$importer['cpubkey']); + } } else { - openssl_private_decrypt($rawkey,$final_key,$importer['cprvkey']); + if((($importer['duplex']) && strlen($importer['cpubkey'])) || (! strlen($importer['cprvkey']))) { + openssl_public_decrypt($rawkey,$final_key,$importer['cpubkey']); + } + else { + openssl_private_decrypt($rawkey,$final_key,$importer['cprvkey']); + } } logger('rino: received key : ' . $final_key); @@ -460,12 +468,13 @@ function dfrn_notify_content(&$a) { $r = q("DELETE FROM `challenge` WHERE `expire` < " . intval(time())); $r = q("INSERT INTO `challenge` ( `challenge`, `dfrn-id`, `expire` ) - VALUES( '%s', '%s', '%s') ", + VALUES( '%s', '%s', %d ) ", dbesc($hash), dbesc($dfrn_id), - intval(time() + 60 ) + intval(time() + 90 ) ); + logger('dfrn_notify: challenge=' . $hash ); $sql_extra = ''; switch($direction) { @@ -498,14 +507,14 @@ function dfrn_notify_content(&$a) { $encrypted_id = ''; $id_str = $my_id . '.' . mt_rand(1000,9999); - if((($r[0]['duplex']) && strlen($r[0]['pubkey'])) || (! strlen($r[0]['prvkey']))) { - openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']); - openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']); - } - else { + if((($r[0]['duplex']) && strlen($r[0]['prvkey'])) || (! strlen($r[0]['pubkey']))) { openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']); openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']); } + else { + openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']); + openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']); + } $challenge = bin2hex($challenge); $encrypted_id = bin2hex($encrypted_id); |