From 2aef98f71d95ba5c2caae7637002daef0bce6de5 Mon Sep 17 00:00:00 2001
From: Friendika <info@friendika.com>
Date: Mon, 19 Sep 2011 01:17:12 -0700
Subject: cripple account when expired

---
 mod/dfrn_notify.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'mod/dfrn_notify.php')

diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php
index 84cb2fc16..d174c87ee 100644
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@@ -72,7 +72,7 @@ function dfrn_notify_post(&$a) {
 			FROM `contact` 
 			LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid` 
 			WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 
-				AND `user`.`nickname` = '%s' $sql_extra LIMIT 1",
+				AND `user`.`nickname` = '%s' AND `user`.`account_expired` = 0 $sql_extra LIMIT 1",
 		dbesc($a->argv[1])
 	);
 
@@ -829,7 +829,8 @@ function dfrn_notify_content(&$a) {
 		}
 
 		$r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid` 
-				WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `user`.`nickname` = '%s' $sql_extra LIMIT 1",
+				WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `user`.`nickname` = '%s' 
+				AND `user`.`account_expired` = 0 $sql_extra LIMIT 1",
 				dbesc($a->argv[1])
 		);
 
-- 
cgit v1.2.3


From fd18b42a5a4dfb212dac1272294a0934076183b7 Mon Sep 17 00:00:00 2001
From: Friendika <info@friendika.com>
Date: Mon, 19 Sep 2011 03:30:59 -0700
Subject: Check all keys before use

---
 mod/dfrn_notify.php | 20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

(limited to 'mod/dfrn_notify.php')

diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php
index d174c87ee..bd665c208 100644
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@@ -807,7 +807,7 @@ function dfrn_notify_content(&$a) {
 			intval(time() + 90 )
 		);
 
-		logger('dfrn_notify: challenge=' . $hash );
+		logger('dfrn_notify: challenge=' . $hash, LOGGER_DEBUG );
 
 		$sql_extra = '';
 		switch($direction) {
@@ -841,14 +841,18 @@ function dfrn_notify_content(&$a) {
 		$encrypted_id = '';
 		$id_str = $my_id . '.' . mt_rand(1000,9999);
 
-		if((($r[0]['duplex']) && strlen($r[0]['prvkey'])) || (! strlen($r[0]['pubkey']))) {
-			openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
-			openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']);
-		}
-		else {
-			openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']);
-			openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']);
+		if(strlen($r[0]['prvkey']) || strlen($r[0]['pubkey'])) {
+			if(($r[0]['duplex']) || (! strlen($r[0]['pubkey']))) {
+				openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
+				openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']);
+			}
+			else {
+				openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']);
+				openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']);
+			}
 		}
+		else
+			$status = 1;
 
 		$challenge    = bin2hex($challenge);
 		$encrypted_id = bin2hex($encrypted_id);
-- 
cgit v1.2.3


From d653d922b117cb123268e0b7f7b584e86482f5a7 Mon Sep 17 00:00:00 2001
From: Friendika <info@friendika.com>
Date: Mon, 19 Sep 2011 21:24:16 -0700
Subject: sorting through key issue

---
 mod/dfrn_notify.php | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

(limited to 'mod/dfrn_notify.php')

diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php
index bd665c208..870e4f2fb 100644
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@@ -841,18 +841,18 @@ function dfrn_notify_content(&$a) {
 		$encrypted_id = '';
 		$id_str = $my_id . '.' . mt_rand(1000,9999);
 
-		if(strlen($r[0]['prvkey']) || strlen($r[0]['pubkey'])) {
-			if(($r[0]['duplex']) || (! strlen($r[0]['pubkey']))) {
-				openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
-				openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']);
-			}
-			else {
-				openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']);
-				openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']);
-			}
+		$prv_key = trim($r[0]['prvkey']);
+		$pub_key = trim($r[0]['pubkey']);
+		$dplx = intval($r[0]['duplex']);
+
+		if((($dplx) && (strlen($prv_key))) || ((strlen($prv_key)) && (!(strlen($pub_key))))) {
+			openssl_private_encrypt($hash,$challenge,$prv_key);
+			openssl_private_encrypt($id_str,$encrypted_id,$prv_key);
+		}
+		else {
+			openssl_public_encrypt($hash,$challenge,$pub_key);
+			openssl_public_encrypt($id_str,$encrypted_id,$pub_key);
 		}
-		else
-			$status = 1;
 
 		$challenge    = bin2hex($challenge);
 		$encrypted_id = bin2hex($encrypted_id);
-- 
cgit v1.2.3


From 11ca81adbaa033123ca1aa2c354fb3be6f5225d0 Mon Sep 17 00:00:00 2001
From: Friendika <info@friendika.com>
Date: Wed, 21 Sep 2011 05:43:26 -0700
Subject: keychecks

---
 mod/dfrn_notify.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'mod/dfrn_notify.php')

diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php
index 870e4f2fb..23bdd7388 100644
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@@ -849,10 +849,12 @@ function dfrn_notify_content(&$a) {
 			openssl_private_encrypt($hash,$challenge,$prv_key);
 			openssl_private_encrypt($id_str,$encrypted_id,$prv_key);
 		}
-		else {
+		elseif(strlen($pub_key)) {
 			openssl_public_encrypt($hash,$challenge,$pub_key);
 			openssl_public_encrypt($id_str,$encrypted_id,$pub_key);
 		}
+		else
+			$status = 1;
 
 		$challenge    = bin2hex($challenge);
 		$encrypted_id = bin2hex($encrypted_id);
-- 
cgit v1.2.3