From 6cf2e9945a08451e3d53b6e79002843e9cdb8dc6 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 7 Feb 2018 21:53:47 -0800 Subject: encrypt the httpsig for zot6 transport --- include/queue_fn.php | 22 ++++++++++++++++++++-- include/zot.php | 6 ++++-- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/include/queue_fn.php b/include/queue_fn.php index d31e41b61..e50d58dd7 100644 --- a/include/queue_fn.php +++ b/include/queue_fn.php @@ -121,7 +121,7 @@ function queue_deliver($outq, $immediate = false) { $base = null; $h = parse_url($outq['outq_posturl']); - if($h) + if($h !== false) $base = $h['scheme'] . '://' . $h['host'] . (($h['port']) ? ':' . $h['port'] : ''); if(($base) && ($base !== z_root()) && ($immediate)) { @@ -160,6 +160,9 @@ function queue_deliver($outq, $immediate = false) { + + + $arr = array('outq' => $outq, 'base' => $base, 'handled' => false, 'immediate' => $immediate); call_hooks('queue_deliver',$arr); if($arr['handled']) @@ -223,9 +226,24 @@ function queue_deliver($outq, $immediate = false) { $channel = channelx_by_n($outq['outq_channel']); } + $host_crypto = null; + + if($channel && $base) { + $h = q("select hubloc_sitekey, site_crypto from hubloc left join site on hubloc_url = site_url where site_url = '%s' order by hubloc_id desc limit 1", + dbesc($base) + ); + if($h) { + $host_crypto = $h[0]; + } + } + + + + + $msg = $outq['outq_notify']; - $result = zot_zot($outq['outq_posturl'],$msg,$channel); + $result = zot_zot($outq['outq_posturl'],$msg,$channel,$host_crypto); if($result['success']) { diff --git a/include/zot.php b/include/zot.php index 5fb18d5a7..c00caebb4 100644 --- a/include/zot.php +++ b/include/zot.php @@ -288,9 +288,11 @@ function zot_best_algorithm($methods) { * * @param string $url * @param array $data + * @param array $channel (optional if using zot6 delivery) + * @param array $crypto (optional if encrypted httpsig, requires hubloc_sitekey and site_crypto elements) * @return array see z_post_url() for returned data format */ -function zot_zot($url, $data, $channel = null) { +function zot_zot($url, $data, $channel = null,$crypto = null) { $headers = []; @@ -298,7 +300,7 @@ function zot_zot($url, $data, $channel = null) { $headers['X-Zot-Token'] = random_string(); $hash = \Zotlabs\Web\HTTPSig::generate_digest($data,false); $headers['X-Zot-Digest'] = 'SHA-256=' . $hash; - $h = \Zotlabs\Web\HTTPSig::create_sig('',$headers,$channel['channel_prvkey'],'acct:' . $channel['channel_address'] . '@' . \App::get_hostname(),false,false,'sha512'); + $h = \Zotlabs\Web\HTTPSig::create_sig('',$headers,$channel['channel_prvkey'],'acct:' . $channel['channel_address'] . '@' . \App::get_hostname(),false,false,'sha512',(($crypto) ? $crypto['hubloc_sitekey'] : ''), (($crypto) ? zot_best_algorithm($crypto['site_crypto']) : '')); } $redirects = 0; -- cgit v1.2.3