From 7e3046b85cec84ffdd8f482ec2e519b165fe3d54 Mon Sep 17 00:00:00 2001 From: nobody Date: Tue, 16 Feb 2021 23:33:39 -0800 Subject: more work on zap channel export. --- Zotlabs/Module/Uexport.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'Zotlabs/Module') diff --git a/Zotlabs/Module/Uexport.php b/Zotlabs/Module/Uexport.php index 3d1587b87..55c316317 100644 --- a/Zotlabs/Module/Uexport.php +++ b/Zotlabs/Module/Uexport.php @@ -17,6 +17,7 @@ class Uexport extends Controller { if(argc() > 1) { $sections = (($_REQUEST['sections']) ? explode(',',$_REQUEST['sections']) : ''); + $zap_compat = (($_REQUEST['zap_compat']) ? intval($_REQUEST['zap_compat']) : false); $channel = App::get_channel(); @@ -32,12 +33,12 @@ class Uexport extends Controller { header('content-disposition: attachment; filename="' . $channel['channel_address'] . (($year) ? '-' . $year : '') . (($month) ? '-' . $month : '') . (($_REQUEST['sections']) ? '-' . $_REQUEST['sections'] : '') . '.json"' ); if($year) { - echo json_encode(identity_export_year(local_channel(),$year,$month)); + echo json_encode(identity_export_year(local_channel(),$year,$month, $zap_compat)); killme(); } if(argc() > 1 && argv(1) === 'basic') { - echo json_encode(identity_basic_export(local_channel(),$sections)); + echo json_encode(identity_basic_export(local_channel(),$sections, $zap_compat)); killme(); } @@ -46,7 +47,7 @@ class Uexport extends Controller { if(argc() > 1 && argv(1) === 'complete') { $sections = get_default_export_sections(); $sections[] = 'items'; - echo json_encode(identity_basic_export(local_channel(),$sections)); + echo json_encode(identity_basic_export(local_channel(),$sections, $zap_compat)); killme(); } } -- cgit v1.2.3 From 8343f63964c6cc992c2a8c90aa2a1080d5804323 Mon Sep 17 00:00:00 2001 From: nobody Date: Sun, 29 Aug 2021 04:54:50 -0700 Subject: OWA: very difficult to trace failures due to empty public key record. The signature might succeed because an empty key triggers an external key fetch. But the empty key cannot encrypt the token. This has been observed in the wild on a number of sites/projects. --- Zotlabs/Module/Owa.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'Zotlabs/Module') diff --git a/Zotlabs/Module/Owa.php b/Zotlabs/Module/Owa.php index 9a3513f34..e30aa5fb4 100644 --- a/Zotlabs/Module/Owa.php +++ b/Zotlabs/Module/Owa.php @@ -32,14 +32,14 @@ class Owa extends Controller { $keyId = $sigblock['keyId']; if ($keyId) { $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash - WHERE hubloc_id_url = '%s'", + WHERE hubloc_id_url = '%s' AND xchan_pubkey != '' ", dbesc($keyId) ); if (! $r) { $found = discover_by_webbie(str_replace('acct:','',$keyId)); if ($found) { $r = q("SELECT * FROM hubloc LEFT JOIN xchan ON hubloc_hash = xchan_hash - WHERE hubloc_id_url = '%s'", + WHERE hubloc_id_url = '%s' AND xchan_pubkey != '' ", dbesc($keyId) ); } -- cgit v1.2.3