cleanup of last fix

unexpected openssl result
improve owa logging
2018-01-14 07:46:59 +01:00 · 2018-01-14 07:46:47 +01:00 · 2018-01-14 07:46:39 +01:00 · 2018-01-12 09:20:25 +01:00
3 changed files with 20 additions and 13 deletions
--- a/Zotlabs/Module/Owa.php
+++ b/Zotlabs/Module/Owa.php
@@ -31,19 +31,26 @@ class Owa extends \Zotlabs\Web\Controller {

 					if($keyId) {
 						$r = q("select * from hubloc left join xchan on hubloc_hash = xchan_hash 
-							where hubloc_addr = '%s' limit 1",
+							where hubloc_addr = '%s' ",
 							dbesc(str_replace('acct:','',$keyId))
 						);
 						if($r) {
-							$hubloc = $r[0];
-							$verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']);	
-							if($verified && $verified['header_signed'] && $verified['header_valid']) {
-								$ret['success'] = true;
-								$token = random_string(32);
-								\Zotlabs\Zot\Verify::create('owt',0,$token,$r[0]['hubloc_addr']);
-								$result = '';
-								openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']);
-								$ret['encrypted_token'] = base64url_encode($result);
+							foreach($r as $hubloc) {
+								$verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']);	
+								if($verified && $verified['header_signed'] && $verified['header_valid']) {
+									logger('OWA header: ' . print_r($verified,true),LOGGER_DATA);	
+									logger('OWA success: ' . $hubloc['hubloc_addr'],LOGGER_DATA);
+									$ret['success'] = true;
+									$token = random_string(32);
+									\Zotlabs\Zot\Verify::create('owt',0,$token,$hubloc['hubloc_addr']);
+									$result = '';
+									openssl_public_encrypt($token,$result,$hubloc['xchan_pubkey']);
+									$ret['encrypted_token'] = base64url_encode($result);
+									break;
+								}
+								else {
+									logger('OWA fail: ' . $hubloc['hubloc_id'] . ' ' . $hubloc['hubloc_addr']);
+								}
 							}
 						}
 					}
--- a/Zotlabs/Web/HTTPSig.php
+++ b/Zotlabs/Web/HTTPSig.php
@@ -117,7 +117,7 @@ class HTTPSig {

 		logger('verified: ' . $x, LOGGER_DEBUG);

-		if($x === false)
+		if(! $x)
 			return $result;

 		if(! $spoofable)
--- a/include/crypto.php
+++ b/include/crypto.php
@@ -22,13 +22,13 @@ function rsa_verify($data,$sig,$key,$alg = 'sha256') {
 		$alg = OPENSSL_ALGO_SHA256;
 	$verify = @openssl_verify($data,$sig,$key,$alg);

-	if(! $verify) {
+	if($verify === (-1)) {
 		while($msg = openssl_error_string())
 			logger('openssl_verify: ' . $msg,LOGGER_NORMAL,LOG_ERR);
 		btlogger('openssl_verify: key: ' . $key, LOGGER_DEBUG, LOG_ERR); 
 	}

-	return $verify;
+	return (($verify > 0) ? true : false);
 }

 function pkcs5_pad ($text, $blocksize)
Author	SHA1	Message	Date
zotlabs	84105c3b05	cleanup of last fix	2018-01-14 07:46:59 +01:00
zotlabs	a70db805b7	unexpected openssl result	2018-01-14 07:46:47 +01:00
zotlabs	750e0a8d11	improve owa logging	2018-01-14 07:46:39 +01:00
zotlabs	be3bfa3806	OpenWebAuth: can fail after site re-installs; this may need to be pushed forward to master	2018-01-12 09:20:25 +01:00