From 4119e1f9cc9ebb6a45ec69fd23c1262b3f823c3a Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Mon, 21 Jan 2013 19:40:25 -0800
Subject: testing begins

---
 mod/post.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'mod/post.php')

diff --git a/mod/post.php b/mod/post.php
index bfcc99022..7a96bcf7a 100644
--- a/mod/post.php
+++ b/mod/post.php
@@ -72,8 +72,8 @@ function post_init(&$a) {
 
 			// Auth packets MUST use ultra top-secret hush-hush mode 
 
-			$p = zot_build_packet($c[0],$type = 'auth_check',array('guid' => $x[0]['hubloc_guid'],'guid_sig' => $x[0]['hubloc_guid_sig']), $x[0]['hubloc_prvkey'], $sec);
-			$result = zot_zot($x[0]['hubloc_url'],$p);
+			$p = zot_build_packet($c[0],$type = 'auth_check',array(array('guid' => $x[0]['hubloc_guid'],'guid_sig' => $x[0]['hubloc_guid_sig'])), $x[0]['hubloc_sitekey'], $sec);
+			$result = zot_zot($x[0]['hubloc_callback'],$p);
 
 			if($result['success']) {
 				$j = json_decode($result['body'],true);
@@ -276,7 +276,7 @@ function post_post(&$a) {
 		$y = q("select xchan_pubkey from xchan where xchan_hash = '%s' limit 1",
 			dbesc($sender_hash)
 		);
-		if((! $y) || (! rsa_verify($data['secret'],$data['secret_sig'],$y[0]['xchan_pubkey']))) {
+		if((! $y) || (! rsa_verify($data['secret'],base64url_decode($data['secret_sig']),$y[0]['xchan_pubkey']))) {
 			logger('mod_zot: auth_check: sender not found or secret_sig invalid.');
 			json_return_and_die($ret);
 		}
-- 
cgit v1.2.3