clones/friendica
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Avoid transmitting a deletion message when we don't have a key

This commit is contained in:
Michael 2019-03-04 06:52:43 +00:00
parent 888e2ce2a9
commit a911baf8e5
2 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/Protocol/ActivityPub/Transmitter.php
View File

@ -1209,6 +1209,16 @@ class Transmitter
{ {
$owner = User::getOwnerDataById($uid); $owner = User::getOwnerDataById($uid);
if (empty($owner)) {
Logger::error('No owner data found, the deletion message cannot be processed.', ['user' => $uid]);
return false;
}
if (empty($owner['uprvkey'])) {
Logger::error('No private key for owner found, the deletion message cannot be processed.', ['user' => $uid]);
return false;
}
$data = ['@context' => ActivityPub::CONTEXT, $data = ['@context' => ActivityPub::CONTEXT,
'id' => System::baseUrl() . '/activity/' . System::createGUID(), 'id' => System::baseUrl() . '/activity/' . System::createGUID(),
'type' => 'Delete', 'type' => 'Delete',

4
src/Util/Crypto.php
View File

@ -26,7 +26,7 @@ class Crypto
public static function rsaSign($data, $key, $alg = 'sha256') public static function rsaSign($data, $key, $alg = 'sha256')
{ {
if (empty($key)) { if (empty($key)) {
logger::warning('Empty key parameter', ['callstack' => System::callstack()]); Logger::warning('Empty key parameter', ['callstack' => System::callstack()]);
} }
openssl_sign($data, $sig, $key, (($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : $alg)); openssl_sign($data, $sig, $key, (($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : $alg));
return $sig; return $sig;
@ -42,7 +42,7 @@ class Crypto
public static function rsaVerify($data, $sig, $key, $alg = 'sha256') public static function rsaVerify($data, $sig, $key, $alg = 'sha256')
{ {
if (empty($key)) { if (empty($key)) {
logger::warning('Empty key parameter', ['callstack' => System::callstack()]); Logger::warning('Empty key parameter', ['callstack' => System::callstack()]);
} }
return openssl_verify($data, $sig, $key, (($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : $alg)); return openssl_verify($data, $sig, $key, (($alg == 'sha1') ? OPENSSL_ALGO_SHA1 : $alg));
} }