reciprocal verification on notify, poll
This commit is contained in:
parent
b294ff6302
commit
40a06771ff
|
@ -267,12 +267,22 @@ echo $xml;
|
||||||
|
|
||||||
$res = simplexml_load_string($xml);
|
$res = simplexml_load_string($xml);
|
||||||
|
|
||||||
if((intval($res->status) != 0) || (! strlen($res->challenge)) || ($res->dfrn_id != $rr['dfrn-id']))
|
if((intval($res->status) != 0) || (! strlen($res->challenge)) || (! strlen($res->dfrn_id)))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
$postvars = array();
|
$postvars = array();
|
||||||
|
$sent_dfrn_id = hex2bin($res->dfrn_id);
|
||||||
|
|
||||||
|
$final_dfrn_id = '';
|
||||||
|
openssl_public_decrypt($sent_dfrn_id,$final_dfrn_id,$rr['pubkey']);
|
||||||
|
$final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.'));
|
||||||
|
if($final_dfrn_id != $rr['dfrn-id']) {
|
||||||
|
// did not decode properly - cannot trust this site
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
$postvars['dfrn_id'] = $rr['dfrn-id'];
|
$postvars['dfrn_id'] = $rr['dfrn-id'];
|
||||||
|
|
||||||
$challenge = hex2bin($res->challenge);
|
$challenge = hex2bin($res->challenge);
|
||||||
|
|
||||||
openssl_public_decrypt($challenge,$postvars['challenge'],$rr['pubkey']);
|
openssl_public_decrypt($challenge,$postvars['challenge'],$rr['pubkey']);
|
||||||
|
@ -295,7 +305,7 @@ echo $xml;
|
||||||
// Currently there is no retry attempt for failed mail delivery.
|
// Currently there is no retry attempt for failed mail delivery.
|
||||||
// We need to handle this in the UI, report the non-deliverables and try again
|
// We need to handle this in the UI, report the non-deliverables and try again
|
||||||
|
|
||||||
if(($cmd == 'mail) && (intval($res->status) == 0)) {
|
if(($cmd == 'mail') && (intval($res->status) == 0)) {
|
||||||
|
|
||||||
$r = q("UPDATE `mail` SET `delivered` = 1 WHERE `id` = %d LIMIT 1",
|
$r = q("UPDATE `mail` SET `delivered` = 1 WHERE `id` = %d LIMIT 1",
|
||||||
intval($item_id)
|
intval($item_id)
|
||||||
|
|
|
@ -84,11 +84,21 @@ echo "XML: " . $xml;
|
||||||
|
|
||||||
$res = simplexml_load_string($xml);
|
$res = simplexml_load_string($xml);
|
||||||
|
|
||||||
if((intval($res->status) != 0) || (! strlen($res->challenge)) || ($res->dfrn_id != $contact['dfrn-id']))
|
if((intval($res->status) != 0) || (! strlen($res->challenge)) || (! strlen($res->dfrn_id)))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
$postvars = array();
|
$postvars = array();
|
||||||
|
|
||||||
|
$sent_dfrn_id = hex2bin($res->dfrn_id);
|
||||||
|
|
||||||
|
$final_dfrn_id = '';
|
||||||
|
openssl_public_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['pubkey']);
|
||||||
|
$final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.'));
|
||||||
|
if($final_dfrn_id != $contact['dfrn-id']) {
|
||||||
|
// did not decode properly - cannot trust this site
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
$postvars['dfrn_id'] = $contact['dfrn-id'];
|
$postvars['dfrn_id'] = $contact['dfrn-id'];
|
||||||
$challenge = hex2bin($res->challenge);
|
$challenge = hex2bin($res->challenge);
|
||||||
|
|
||||||
|
|
|
@ -253,7 +253,14 @@ function dfrn_notify_content(&$a) {
|
||||||
|
|
||||||
openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
|
openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
|
||||||
$challenge = bin2hex($challenge);
|
$challenge = bin2hex($challenge);
|
||||||
echo '<?xml version="1.0" encoding="UTF-8"?><dfrn_notify><status>' .$status . '</status><dfrn_id>' . $_GET['dfrn_id'] . '</dfrn_id>'
|
|
||||||
|
$encrypted_id = '';
|
||||||
|
$id_str = $_GET['dfrn_id'] . '.' . mt_rand(1000,9999);
|
||||||
|
|
||||||
|
openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']);
|
||||||
|
$encrypted_id = bin2hex($encrypted_id);
|
||||||
|
|
||||||
|
echo '<?xml version="1.0" encoding="UTF-8"?><dfrn_notify><status>' .$status . '</status><dfrn_id>' . $encrypted_id . '</dfrn_id>'
|
||||||
. '<challenge>' . $challenge . '</challenge></dfrn_notify>' . "\r\n" ;
|
. '<challenge>' . $challenge . '</challenge></dfrn_notify>' . "\r\n" ;
|
||||||
session_write_close();
|
session_write_close();
|
||||||
exit;
|
exit;
|
||||||
|
|
|
@ -174,7 +174,15 @@ function dfrn_poll_content(&$a) {
|
||||||
|
|
||||||
openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
|
openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
|
||||||
$challenge = bin2hex($challenge);
|
$challenge = bin2hex($challenge);
|
||||||
echo '<?xml version="1.0" encoding="UTF-8"?><dfrn_poll><status>' .$status . '</status><dfrn_id>' . $_GET['dfrn_id'] . '</dfrn_id>'
|
|
||||||
|
$encrypted_id = '';
|
||||||
|
$id_str = $_GET['dfrn_id'] . '.' . mt_rand(1000,9999);
|
||||||
|
|
||||||
|
openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']);
|
||||||
|
$encrypted_id = bin2hex($encrypted_id);
|
||||||
|
|
||||||
|
|
||||||
|
echo '<?xml version="1.0" encoding="UTF-8"?><dfrn_poll><status>' .$status . '</status><dfrn_id>' . $encrypted_id . '</dfrn_id>'
|
||||||
. '<challenge>' . $challenge . '</challenge></dfrn_poll>' . "\r\n" ;
|
. '<challenge>' . $challenge . '</challenge></dfrn_poll>' . "\r\n" ;
|
||||||
session_write_close();
|
session_write_close();
|
||||||
exit;
|
exit;
|
||||||
|
|
|
@ -6,7 +6,7 @@ function regmod_content(&$a) {
|
||||||
|
|
||||||
if(! local_user()) {
|
if(! local_user()) {
|
||||||
notice( t('Please login.') . EOL);
|
notice( t('Please login.') . EOL);
|
||||||
$o = login(($a->config['register_policy'] == REGISTER_CLOSED) ? 0 : 1);
|
$o .= '<br /><br />' . login(($a->config['register_policy'] == REGISTER_CLOSED) ? 0 : 1);
|
||||||
return $o;
|
return $o;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user