From: Roland Häder Date: Sat, 1 Apr 2017 20:16:08 +0000 (+0200) Subject: Merge branch 'develop' into rewrites/coding-convention-split2 X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=49527b70d34cfc899b8ba1a3876a14bb11ed9e8a;p=friendica.git Merge branch 'develop' into rewrites/coding-convention-split2 --- 49527b70d34cfc899b8ba1a3876a14bb11ed9e8a diff --cc include/dfrn.php index 83d76a0ae4,4002bb4268..aae935963d --- a/include/dfrn.php +++ b/include/dfrn.php @@@ -948,21 -904,15 +972,16 @@@ class dfrn $idtosend = $orig_id = (($contact['dfrn-id']) ? $contact['dfrn-id'] : $contact['issued-id']); - if($contact['duplex'] && $contact['dfrn-id']) + if ($contact['duplex'] && $contact['dfrn-id']) { $idtosend = '0:' . $orig_id; - if($contact['duplex'] && $contact['issued-id']) + } + if ($contact['duplex'] && $contact['issued-id']) { $idtosend = '1:' . $orig_id; + } - - $rino = get_config('system','rino_encrypt'); + $rino = get_config('system', 'rino_encrypt'); $rino = intval($rino); - // use RINO1 if mcrypt isn't installed and RINO2 was selected - if ($rino == 2 and !function_exists('mcrypt_create_iv')) { - $rino = 1; - } - logger("Local rino version: ". $rino, LOGGER_DEBUG); $ssl_val = intval(get_config('system','ssl_policy')); @@@ -1082,19 -1027,18 +1101,19 @@@ $postvars['ssl_policy'] = $ssl_policy; - if($page) + if ($page) { $postvars['page'] = $page; + } - if($rino>0 && $rino_remote_version>0 && (! $dissolve)) { + if ($rino > 0 && $rino_remote_version > 0 && (! $dissolve)) { logger('rino version: '. $rino_remote_version); - switch($rino_remote_version) { + switch ($rino_remote_version) { case 1: // Deprecated rino version! - $key = substr(random_string(), 0, 16); - $data = aes_encrypt($postvars['data'],$key); + $key = openssl_random_pseudo_bytes(16); + $data = self::aes_encrypt($postvars['data'], $key); break; case 2: // RINO 2 based on php-encryption diff --cc mod/dfrn_notify.php index ddbc9219b1,8df462e58f..b42ef9b70a --- a/mod/dfrn_notify.php +++ b/mod/dfrn_notify.php @@@ -136,16 -133,19 +136,12 @@@ function dfrn_notify_post(App $a) } - - // If we are setup as a soapbox we aren't accepting input from this person - // This behaviour is deactivated since it really doesn't make sense to even disallow comments - // The check if someone is a friend or simply a follower is done in a later place so it needn't to be done here - //if($importer['page-flags'] == PAGE_SOAPBOX) - // xml_status(0); - - $rino = get_config('system','rino_encrypt'); + $rino = get_config('system', 'rino_encrypt'); $rino = intval($rino); - // use RINO1 if mcrypt isn't installed and RINO2 was selected - if ($rino == 2 && !function_exists('mcrypt_create_iv')) { - $rino = 1; - } - logger("Local rino version: ". $rino, LOGGER_DEBUG); + logger("Local rino version: " . $rino, LOGGER_DEBUG); - if(strlen($key)) { + if (strlen($key)) { // if local rino is lower than remote rino, abort: should not happen! // but only for $remote_rino > 1, because old code did't send rino version @@@ -177,11 -180,9 +173,11 @@@ switch($rino_remote) { case 0: case 1: - // we got a key. old code send only the key, without RINO version. - // we assume RINO 1 if key and no RINO version - $data = dfrn::aes_decrypt(hex2bin($data),$final_key); + /* - * we got a key. old code send only the key, without RINO version. ++ *we got a key. old code send only the key, without RINO version. + * we assume RINO 1 if key and no RINO version + */ - $data = aes_decrypt(hex2bin($data), $final_key); ++ $data = dfrn::aes_decrypt(hex2bin($data), $final_key); break; case 2: try { @@@ -314,12 -311,8 +310,8 @@@ function dfrn_notify_content(App $a) $encrypted_id = bin2hex($encrypted_id); - $rino = get_config('system','rino_encrypt'); + $rino = get_config('system', 'rino_encrypt'); $rino = intval($rino); - // use RINO1 if mcrypt isn't installed and RINO2 was selected - if ($rino == 2 && !function_exists('mcrypt_create_iv')) { - $rino = 1; - } logger("Local rino version: ". $rino, LOGGER_DEBUG);