diff options
Diffstat (limited to 'mod')
-rw-r--r-- | mod/post.php | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/mod/post.php b/mod/post.php index e5c68d4bd..5b002eb36 100644 --- a/mod/post.php +++ b/mod/post.php @@ -10,9 +10,9 @@ require_once('include/zot.php'); function post_init(&$a) { - // All other access to this endpoint is via the post method. + // Most access to this endpoint is via the post method. // Here we will pick out the magic auth params which arrive - // as a get request. + // as a get request, and the only communications to arrive this way. if(argc() > 1) { @@ -150,6 +150,11 @@ function post_post(&$a) { logger('mod_zot: data: ' . print_r($data,true), LOGGER_DATA); + /** + * Many message packets will arrive encrypted. The existence of an 'iv' element + * tells us we need to unencapsulate the AES-256-CBC content using the site private key + */ + if(array_key_exists('iv',$data)) { $data = aes_unencapsulate($data,get_config('system','prvkey')); logger('mod_zot: decrypt1: ' . $data, LOGGER_DATA); |