harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

illegal offset warning (prevents encrypted signatures from being used for encrypted messages). Not fatal but can leak metadata.

Browse Source
This commit is contained in:
zotlabs 2019-08-13 16:53:04 -07:00
parent 7200c2ac0c
commit feda23587c
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/zot.php
View File

@ -304,7 +304,7 @@ function zot_zot($url, $data, $channel = null,$crypto = null) {
if($channel) {
$headers['X-Zot-Token'] = random_string();
$headers['X-Zot-Digest'] = \Zotlabs\Web\HTTPSig::generate_digest_header($data);
$h = \Zotlabs\Web\HTTPSig::create_sig($headers,$channel['channel_prvkey'],'acct:' . channel_reddress($channel),false,'sha512',(($crypto) ? $crypto['hubloc_sitekey'] : ''), (($crypto) ? zot_best_algorithm($crypto['site_crypto']) : ''));
$h = \Zotlabs\Web\HTTPSig::create_sig($headers,$channel['channel_prvkey'],'acct:' . channel_reddress($channel),false,'sha512',(($crypto) ? [ 'key' => $crypto['hubloc_sitekey'], 'algorithm' => $crypto['site_crypto'] ] : false));
}
$redirects = 0;