mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-20 14:15:18 +00:00
Merge branch 'dev' into release
This commit is contained in:
commit
543027dc42
3 changed files with 22 additions and 12 deletions
|
@ -37,7 +37,6 @@ class Zotfinger {
|
|||
$redirects = 0;
|
||||
$x = z_post_url($resource,$data,$redirects, [ 'headers' => $h ] );
|
||||
|
||||
|
||||
if ($x['success']) {
|
||||
|
||||
$result['signature'] = HTTPSig::verify($x);
|
||||
|
|
|
@ -88,7 +88,7 @@ class HTTPSig {
|
|||
|
||||
// See draft-cavage-http-signatures-10
|
||||
|
||||
static function verify($data,$key = '') {
|
||||
static function verify($data,$key = '', $keytype = '') {
|
||||
|
||||
$body = $data;
|
||||
$headers = null;
|
||||
|
@ -170,7 +170,7 @@ class HTTPSig {
|
|||
|
||||
$result['signer'] = $sig_block['keyId'];
|
||||
|
||||
$fkey = self::get_key($key,$result['signer']);
|
||||
$fkey = self::get_key($key,$keytype,$result['signer']);
|
||||
|
||||
if (! ($fkey && $fkey['public_key'])) {
|
||||
return $result;
|
||||
|
@ -185,7 +185,7 @@ class HTTPSig {
|
|||
// try again, ignoring the local actor (xchan) cache and refetching the key
|
||||
// from its source
|
||||
|
||||
$fkey = self::get_key($key,$result['signer'],true);
|
||||
$fkey = self::get_key($key,$keytype,$result['signer'],true);
|
||||
|
||||
if ($fkey && $fkey['public_key']) {
|
||||
$y = Crypto::verify($signed_data,$sig_block['signature'],$fkey['public_key'],$algorithm);
|
||||
|
@ -230,7 +230,7 @@ class HTTPSig {
|
|||
return $result;
|
||||
}
|
||||
|
||||
static function get_key($key,$id,$force = false) {
|
||||
static function get_key($key,$keytype,$id,$force = false) {
|
||||
|
||||
if ($key) {
|
||||
if (function_exists($key)) {
|
||||
|
@ -239,14 +239,22 @@ class HTTPSig {
|
|||
return [ 'public_key' => $key ];
|
||||
}
|
||||
|
||||
if ($keytype === 'zot6') {
|
||||
$key = self::get_zotfinger_key($id,$force);
|
||||
if ($key) {
|
||||
return $key;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if (strpos($id,'#') === false) {
|
||||
$key = self::get_webfinger_key($id,$force);
|
||||
if ($key) {
|
||||
return $key;
|
||||
}
|
||||
}
|
||||
|
||||
if (! $key) {
|
||||
$key = self::get_activitystreams_key($id,$force);
|
||||
}
|
||||
|
||||
$key = self::get_activitystreams_key($id,$force);
|
||||
return $key;
|
||||
|
||||
}
|
||||
|
@ -353,7 +361,7 @@ class HTTPSig {
|
|||
function get_zotfinger_key($id,$force = false) {
|
||||
|
||||
if (! $force) {
|
||||
$x = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_addr = '%s' or hubloc_id_url = '%s' ",
|
||||
$x = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_addr = '%s' or hubloc_id_url = '%s' and hubloc_network = 'zot6'",
|
||||
dbesc(str_replace('acct:','',$id)),
|
||||
dbesc($id)
|
||||
);
|
||||
|
|
|
@ -163,16 +163,19 @@ class Receiver {
|
|||
|
||||
$result = false;
|
||||
|
||||
$this->sigdata = HTTPSig::verify($this->rawdata);
|
||||
$this->sigdata = HTTPSig::verify($this->rawdata, EMPTY_STR, 'zot6');
|
||||
|
||||
if ($this->sigdata && $this->sigdata['header_signed'] && $this->sigdata['header_valid']) {
|
||||
$result = true;
|
||||
|
||||
|
||||
|
||||
|
||||
// It is OK to not have signed content - not all messages provide content.
|
||||
// But if it is signed, it has to be valid
|
||||
|
||||
if (($this->sigdata['content_signed']) && (! $this->sigdata['content_valid'])) {
|
||||
$result = false;
|
||||
$result = false;
|
||||
}
|
||||
}
|
||||
return $result;
|
||||
|
|
Loading…
Reference in a new issue