From 499b7de0d217e5e56819f34dea26cb5d395e2a0b Mon Sep 17 00:00:00 2001
From: zotlabs <mike@macgirvin.com>
Date: Sun, 3 Sep 2017 00:59:51 -0700
Subject: Reviewed. This is OK. Revert "may be exploitable in current form -
 awaiting review"

This reverts commit 7bff60edacd68ef3dccf6f956e9c57092919950a.
---
 Zotlabs/Module/Cdav.php | 2 --
 Zotlabs/Module/Dav.php  | 2 --
 include/api_auth.php    | 3 +--
 3 files changed, 1 insertion(+), 6 deletions(-)

diff --git a/Zotlabs/Module/Cdav.php b/Zotlabs/Module/Cdav.php
index ec177ae2a..abaec26a6 100644
--- a/Zotlabs/Module/Cdav.php
+++ b/Zotlabs/Module/Cdav.php
@@ -64,8 +64,6 @@ class Cdav extends \Zotlabs\Web\Controller {
 								if(! ($verified && $verified['header_signed'] && $verified['header_valid'])) {
 									$record = null;
 								}
-// requires security review
-$record = null;
 								if($record['account']) {
 							        authenticate_success($record['account']);
 							        if($channel_login) {
diff --git a/Zotlabs/Module/Dav.php b/Zotlabs/Module/Dav.php
index 5cd0c9c5e..d506fe9f5 100644
--- a/Zotlabs/Module/Dav.php
+++ b/Zotlabs/Module/Dav.php
@@ -73,8 +73,6 @@ class Dav extends \Zotlabs\Web\Controller {
 							if(! ($verified && $verified['header_signed'] && $verified['header_valid'])) {
 								$record = null;
 							}
-// requires security review
-$record = null;
 							if($record['account']) {
 						        authenticate_success($record['account']);
 						        if($channel_login) {
diff --git a/include/api_auth.php b/include/api_auth.php
index 0acd4ac68..0818fa54b 100644
--- a/include/api_auth.php
+++ b/include/api_auth.php
@@ -85,8 +85,7 @@ function api_login(&$a){
 					else {
 						continue;
 					}
-// requires security review
-$record = null;
+
 					if($record) {					
 						$verified = \Zotlabs\Web\HTTPSig::verify('',$record['channel']['channel_pubkey']);
 						if(! ($verified && $verified['header_signed'] && $verified['header_valid'])) {
-- 
cgit v1.2.3