harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add key passing and verification to targeted discovery

Browse Source
This commit is contained in:
friendica 2012-11-02 15:34:35 -07:00
parent 78884195bc
commit aca2e3b52a
3 changed files with 17 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
include/zot.php
View File

@ -75,7 +75,6 @@ function zot_notify($channel,$url) {
function zot_finger($webbie,$channel) { function zot_finger($webbie,$channel) {
logger('zot_finger:' . print_r($channel,true));
if(strpos($webbie,'@') === false) { if(strpos($webbie,'@') === false) {
$address = $webbie; $address = $webbie;
$host = get_app()->get_hostname(); $host = get_app()->get_hostname();
@ -105,9 +104,10 @@ function zot_finger($webbie,$channel) {
if($channel) { if($channel) {
$postvars = array( $postvars = array(
'address' => $address, 'address' => $address,
'target' => $channel['channel_guid'], 'target' => $channel['channel_guid'],
'target_sig' => $channel['channel_guid_sig'] 'target_sig' => $channel['channel_guid_sig'],
'key' => $channel['channel_pubkey']
); );
$result = z_post_url($url . $rhs,$postvars); $result = z_post_url($url . $rhs,$postvars);
if(! $result['success']) if(! $result['success'])

16
mod/zfinger.php
View File

@ -7,11 +7,19 @@ function zfinger_init(&$a) {
$ret = array('success' => false); $ret = array('success' => false);
$zguid = ((x($_REQUEST,'guid')) ? $_REQUEST['guid'] : ''); $zguid = ((x($_REQUEST,'guid')) ? $_REQUEST['guid'] : '');
$zaddr = ((x($_REQUEST,'address')) ? $_REQUEST['address'] : ''); $zaddr = ((x($_REQUEST,'address')) ? $_REQUEST['address'] : '');
$ztarget = ((x($_REQUEST,'target')) ? trim($_REQUEST['target']) : ''); $ztarget = ((x($_REQUEST,'target')) ? $_REQUEST['target'] : '');
$zsig = ((x($_REQUEST,'target_sig')) ? trim($_REQUEST['target_sig']) : ''); $zsig = ((x($_REQUEST,'target_sig')) ? $_REQUEST['target_sig'] : '');
$zkey = ((x($_REQUEST,'key')) ? $_REQUEST['key'] : '');
if($ztarget) {
if((! $zkey) || (! $zsig) || (! rsa_verify($ztarget,base64url_decode($zsig),$zkey))) {
logger('zfinger: invalid target signature');
$ret['message'] = t("invalid target signature");
json_return_and_die($ret);
}
}
$r = null; $r = null;

2
version.inc
View File

@ -1 +1 @@
2012-11-01.125 2012-11-02.126