harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

converging on a workable crypto auth handshake

Browse Source
This commit is contained in:
friendica 2012-12-14 00:45:30 -08:00
parent ecce0f0e21
commit d39fb9b1d5
4 changed files with 55 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
boot.php
View File

@ -17,7 +17,7 @@ define ( 'FRIENDICA_PLATFORM', 'Friendica Red');
define ( 'FRIENDICA_VERSION', trim(file_get_contents('version.inc')) . 'R'); define ( 'FRIENDICA_VERSION', trim(file_get_contents('version.inc')) . 'R');
define ( 'DFRN_PROTOCOL_VERSION', '2.23' ); define ( 'DFRN_PROTOCOL_VERSION', '2.23' );
define ( 'ZOT_REVISION', 1 ); define ( 'ZOT_REVISION', 1 );
define ( 'DB_UPDATE_VERSION', 1001 ); define ( 'DB_UPDATE_VERSION', 1002 );
define ( 'EOL', "<br />\r\n" ); define ( 'EOL', "<br />\r\n" );
define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' ); define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' );

15
install/database.sql
View File

@ -894,6 +894,21 @@ CREATE TABLE IF NOT EXISTS `tokens` (
KEY `uid` (`uid`) KEY `uid` (`uid`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8; ) ENGINE=MyISAM DEFAULT CHARSET=utf8;
CREATE TABLE IF NOT EXISTS `verify` (
`id` int(10) unsigned NOT NULL,
`channel` int(10) unsigned NOT NULL DEFAULT '0',
`type` char(32) NOT NULL DEFAULT '',
`token` char(255) NOT NULL DEFAULT '',
`meta` char(255) NOT NULL DEFAULT '',
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
PRIMARY KEY (`id`),
KEY `channel` (`channel`),
KEY `type` (`type`),
KEY `token` (`token`),
KEY `meta` (`meta`),
KEY `created` (`created`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
CREATE TABLE IF NOT EXISTS `xchan` ( CREATE TABLE IF NOT EXISTS `xchan` (
`xchan_hash` char(255) NOT NULL, `xchan_hash` char(255) NOT NULL,
`xchan_guid` char(255) NOT NULL DEFAULT '', `xchan_guid` char(255) NOT NULL DEFAULT '',

20
install/update.php
View File

@ -1,6 +1,6 @@
<?php <?php
define( 'UPDATE_VERSION' , 1001 ); define( 'UPDATE_VERSION' , 1002 );
/** /**
* *
@ -43,3 +43,21 @@ function update_r1000() {
} }
function update_r1001() {
$r = q("CREATE TABLE if not exists `verify` (
`id` INT(10) UNSIGNED NOT NULL ,
`channel` INT(10) UNSIGNED NOT NULL DEFAULT '0',
`type` CHAR( 32 ) NOT NULL DEFAULT '',
`token` CHAR( 255 ) NOT NULL DEFAULT '',
`meta` CHAR( 255 ) NOT NULL DEFAULT '',
`created` DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00',
PRIMARY KEY ( `id` )
) ENGINE = MYISAM ");
$r2 = q("alter table `verify` add index (`channel`), add index (`type`), add index (`token`),
add index (`meta`), add index (`created`)");
if($r && $r2)
return UPDATE_SUCCESS;
return UPDATE_FAILED;
}

22
mod/magic.php
View File

@ -49,9 +49,21 @@ function magic_init(&$a) {
// Just redirect. // Just redirect.
goaway($desturl); goaway($desturl);
} }
$token = random_string();
$recip = array(array('guid' => $x[0]['hubloc_guid'],'guid_sig' => $x[0]['hubloc_guid_sig'])); $recip = array(array('guid' => $x[0]['hubloc_guid'],'guid_sig' => $x[0]['hubloc_guid_sig']));
$channel = $a->get_channel(); $channel = $a->get_channel();
$hash = random_string(); $hash = random_string();
$r = q("insert into verify ( type, channel, token, meta, created) values ('%s','%d','%s','%s','%s')",
dbesc('auth'),
intval($channel['channel_id']),
dbesc($token),
dbesc($hubloc['hubloc_hash']),
dbesc(datetime_convert())
);
$packet = zot_build_packet($channel,'auth',$recip,$x[0]['hubloc_sitekey'],$hash); $packet = zot_build_packet($channel,'auth',$recip,$x[0]['hubloc_sitekey'],$hash);
$result = zot_zot($x[0]['hubloc_callback'],$packet); $result = zot_zot($x[0]['hubloc_callback'],$packet);
if($result['success']) { if($result['success']) {
@ -60,8 +72,14 @@ function magic_init(&$a) {
$y = aes_unencapsulate($j,$channel['prvkey']); $y = aes_unencapsulate($j,$channel['prvkey']);
$j = json_decode($y,true); $j = json_decode($y,true);
} }
if($y['token']) if($j['token'] && $j['ticket'] && $j['token'] === $token) {
goaway($x[0]['callback'] . '?f=&token=' . $token . '&dest=' . $dest); $r = q("delete from verify where token = '%s' and type = '%s' and channel = %d limit 1",
dbesc($token),
dbesc('auth'),
intval($channel['channel_id'])
);
goaway($x[0]['callback'] . '?f=&ticket=' . $ticket . '&dest=' . $dest);
}
} }
goaway($dest); goaway($dest);
} }