From 6857392067f99b905803a7ccdb12559adef384ed Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Thu, 18 Jan 2018 20:13:50 -0500 Subject: [PATCH 01/12] [Composer] Upgrade defuse/php-encryption to version ^2.0 --- composer.json | 2 +- composer.lock | 44 +++++++++++++++++++++++++++++++------------- 2 files changed, 32 insertions(+), 14 deletions(-) diff --git a/composer.json b/composer.json index 77322add0..e8933ffbb 100644 --- a/composer.json +++ b/composer.json @@ -18,7 +18,7 @@ "ezyang/htmlpurifier": "~4.7.0", "mobiledetect/mobiledetectlib": "2.8.*", "league/html-to-markdown": "~4.4.1", - "defuse/php-encryption": "1.*", + "defuse/php-encryption": "^2.0", "pear/Text_LanguageDetect": "1.*", "pear/Text_Highlighter": "dev-master", "paragonie/random_compat": "^2.0", diff --git a/composer.lock b/composer.lock index ce9741ae1..46d8252bb 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "content-hash": "6cf3b635594e443a7268a3bd9100d62d", + "content-hash": "e2efb30af29afe0f5b9a001aac5da6d8", "packages": [ { "name": "bower-asset/Chart-js", @@ -71,28 +71,35 @@ }, { "name": "defuse/php-encryption", - "version": "v1.2.1", + "version": "v2.1.0", "source": { "type": "git", "url": "https://github.com/defuse/php-encryption.git", - "reference": "b87737b2eec06b13f025cabea847338fa203d1b4" + "reference": "5176f5abb38d3ea8a6e3ac6cd3bbb54d8185a689" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/defuse/php-encryption/zipball/b87737b2eec06b13f025cabea847338fa203d1b4", - "reference": "b87737b2eec06b13f025cabea847338fa203d1b4", + "url": "https://api.github.com/repos/defuse/php-encryption/zipball/5176f5abb38d3ea8a6e3ac6cd3bbb54d8185a689", + "reference": "5176f5abb38d3ea8a6e3ac6cd3bbb54d8185a689", "shasum": "" }, "require": { - "ext-mcrypt": "*", "ext-openssl": "*", + "paragonie/random_compat": "~2.0", "php": ">=5.4.0" }, + "require-dev": { + "nikic/php-parser": "^2.0|^3.0", + "phpunit/phpunit": "^4|^5" + }, + "bin": [ + "bin/generate-defuse-key" + ], "type": "library", "autoload": { - "files": [ - "Crypto.php" - ] + "psr-4": { + "Defuse\\Crypto\\": "src" + } }, "notification-url": "https://packagist.org/downloads/", "license": [ @@ -101,18 +108,29 @@ "authors": [ { "name": "Taylor Hornby", - "email": "havoc@defuse.ca" + "email": "taylor@defuse.ca", + "homepage": "https://defuse.ca/" + }, + { + "name": "Scott Arciszewski", + "email": "info@paragonie.com", + "homepage": "https://paragonie.com" } ], "description": "Secure PHP Encryption Library", "keywords": [ "aes", + "authenticated encryption", "cipher", + "crypto", + "cryptography", + "encrypt", "encryption", - "mcrypt", - "security" + "openssl", + "security", + "symmetric key cryptography" ], - "time": "2015-03-14T20:27:45+00:00" + "time": "2017-05-18T21:28:48+00:00" }, { "name": "ezyang/htmlpurifier", From 7af6cc8454cb7756f095453e36771f554c19244b Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Thu, 18 Jan 2018 20:15:26 -0500 Subject: [PATCH 02/12] Add RINO version 3 encrypt/decrypt - Add legacy decrypt of RINO2 - Add fallback to RINO1 to encrypt --- mod/dfrn_notify.php | 34 +++++++++++++++++++++++++++------- src/Protocol/DFRN.php | 35 ++++++++++++++++++++--------------- 2 files changed, 47 insertions(+), 22 deletions(-) diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php index b81f26db9..0d7e4bc7e 100644 --- a/mod/dfrn_notify.php +++ b/mod/dfrn_notify.php @@ -6,6 +6,10 @@ * @see PDF with dfrn specs: https://github.com/friendica/friendica/blob/master/spec/dfrn2.pdf */ +use Defuse\Crypto\Crypto; +use Defuse\Crypto\Exception\EnvironmentIsBrokenException; +use Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException; +use Defuse\Crypto\Key; use Friendica\App; use Friendica\Core\Config; use Friendica\Database\DBM; @@ -179,8 +183,8 @@ function dfrn_notify_post(App $a) { break; case 2: try { - $data = \Crypto::decrypt(hex2bin($data), $final_key); - } catch (\InvalidCiphertextException $ex) { // VERY IMPORTANT + $data = Crypto::legacyDecrypt(hex2bin($data), $final_key); + } catch (WrongKeyOrModifiedCiphertextException $ex) { // VERY IMPORTANT /* * Either: * 1. The ciphertext was modified by the attacker, @@ -190,12 +194,28 @@ function dfrn_notify_post(App $a) { */ logger('The ciphertext has been tampered with!'); xml_status(0, 'The ciphertext has been tampered with!'); - } catch (\CryptoTestFailedException $ex) { - logger('Cannot safely perform dencryption'); - xml_status(0, 'CryptoTestFailed'); - } catch (\CannotPerformOperationException $ex) { + } catch (EnvironmentIsBrokenException $ex) { logger('Cannot safely perform decryption'); - xml_status(0, 'Cannot safely perform decryption'); + xml_status(0, 'Environment is broken'); + } + break; + case 3: + $KeyObject = Key::loadFromAsciiSafeString($final_key); + try { + $data = Crypto::decrypt(hex2bin($data), $KeyObject); + } catch (WrongKeyOrModifiedCiphertextException $ex) { // VERY IMPORTANT + /* + * Either: + * 1. The ciphertext was modified by the attacker, + * 2. The key is wrong, or + * 3. $ciphertext is not a valid ciphertext or was corrupted. + * Assume the worst. + */ + logger('The ciphertext has been tampered with!'); + xml_status(0, 'The ciphertext has been tampered with!'); + } catch (EnvironmentIsBrokenException $ex) { + logger('Cannot safely perform decryption'); + xml_status(0, 'Environment is broken'); } break; default: diff --git a/src/Protocol/DFRN.php b/src/Protocol/DFRN.php index c05b5b3d6..bfe2fafaa 100644 --- a/src/Protocol/DFRN.php +++ b/src/Protocol/DFRN.php @@ -8,6 +8,9 @@ */ namespace Friendica\Protocol; +use Defuse\Crypto\Crypto; +use Defuse\Crypto\Exception\EnvironmentIsBrokenException; +use Defuse\Crypto\Key; use Friendica\App; use Friendica\Content\OEmbed; use Friendica\Core\Config; @@ -22,11 +25,14 @@ use Friendica\Model\Term; use Friendica\Model\User; use Friendica\Object\Image; use Friendica\Protocol\OStatus; +use Friendica\Util\Crypto as FriendicaCrypto; use Friendica\Util\XML; use dba; use DOMDocument; use DOMXPath; +use HTMLPurifier; +use HTMLPurifier_Config; require_once 'boot.php'; require_once 'include/dba.php'; @@ -465,7 +471,7 @@ class DFRN /* get site pubkey. this could be a new installation with no site keys*/ $pubkey = Config::get('system', 'site_pubkey'); if (! $pubkey) { - $res = Crypto::newKeypair(1024); + $res = FriendicaCrypto::newKeypair(1024); Config::set('system', 'site_prvkey', $res['prvkey']); Config::set('system', 'site_pubkey', $res['pubkey']); } @@ -1291,30 +1297,29 @@ class DFRN switch ($rino_remote_version) { case 1: + case 2: + $rino = 1; + $rino_remote_version = 1; // Deprecated rino version! $key = openssl_random_pseudo_bytes(16); $data = self::aesEncrypt($postvars['data'], $key); break; - case 2: - // RINO 2 based on php-encryption + case 3: try { - $key = \Crypto::CreateNewRandomKey(); - } catch (\CryptoTestFailedException $ex) { + $KeyObject = Key::createNewRandomKey(); + } catch (EnvironmentIsBrokenException $ex) { logger('Cannot safely create a key'); return -4; - } catch (\CannotPerformOperationException $ex) { - logger('Cannot safely create a key'); - return -5; } + try { - $data = \Crypto::Encrypt($postvars['data'], $key); - } catch (\CryptoTestFailedException $ex) { + $data = Crypto::encrypt($postvars['data'], $key); + } catch (EnvironmentIsBrokenException $ex) { logger('Cannot safely perform encryption'); return -6; - } catch (\CannotPerformOperationException $ex) { - logger('Cannot safely perform encryption'); - return -7; } + + $key = $KeyObject->saveToAsciiSafeString(); break; default: logger("rino: invalid requested version '$rino_remote_version'"); @@ -2489,13 +2494,13 @@ class DFRN $item['body'] = OEmbed::HTML2BBCode($item['body']); - $config = \HTMLPurifier_Config::createDefault(); + $config = HTMLPurifier_Config::createDefault(); $config->set('Cache.DefinitionImpl', null); // we shouldn't need a whitelist, because the bbcode converter // will strip out any unsupported tags. - $purifier = new \HTMLPurifier($config); + $purifier = new HTMLPurifier($config); $item['body'] = $purifier->purify($item['body']); $item['body'] = @html2bbcode($item['body']); From de70007a463e45095e840cafa1130a7f69a7b048 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Thu, 18 Jan 2018 20:15:56 -0500 Subject: [PATCH 03/12] Update RINO settings --- htconfig.php | 4 ++-- include/network.php | 2 +- mod/admin.php | 2 +- util/htconfig.vagrant.php | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/htconfig.php b/htconfig.php index 67db66e86..86f2d1432 100644 --- a/htconfig.php +++ b/htconfig.php @@ -62,9 +62,9 @@ $a->config['php_path'] = 'php'; // Server-to-server private message encryption (RINO) is allowed by default. // Encryption will only be provided if this setting is set to a non zero value -// set to 0 to disable, 2 to enable, 1 is deprecated +// set to 0 to disable, 3 to enable -$a->config['system']['rino_encrypt'] = 2; +$a->config['system']['rino_encrypt'] = 3; // allowed themes (change this from admin panel after installation) diff --git a/include/network.php b/include/network.php index fe502bdb5..de7069a6d 100644 --- a/include/network.php +++ b/include/network.php @@ -488,7 +488,7 @@ function validate_url($url) /// @TODO Really suppress function outcomes? Why not find them + debug them? $h = @parse_url($url); - if ((is_array($h)) && (dns_get_record($h['host'], DNS_A + DNS_CNAME + DNS_PTR) || filter_var($h['host'], FILTER_VALIDATE_IP) )) { + if ((is_array($h)) && (@dns_get_record($h['host'], DNS_A + DNS_CNAME + DNS_PTR) || filter_var($h['host'], FILTER_VALIDATE_IP) )) { return $url; } diff --git a/mod/admin.php b/mod/admin.php index eabbe36d3..dfa6d627d 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -1336,7 +1336,7 @@ function admin_page_site(App $a) '$relocate_url' => ['relocate_url', t("New base url"), System::baseUrl(), t("Change base url for this server. Sends relocate message to all Friendica and Diaspora* contacts of all users.")], - '$rino' => ['rino', t("RINO Encryption"), intval(Config::get('system','rino_encrypt')), t("Encryption layer between nodes."), ["Disabled", "RINO1 (deprecated)", "RINO2"]], + '$rino' => ['rino', t("RINO Encryption"), intval(Config::get('system','rino_encrypt')), t("Encryption layer between nodes."), ["Disabled", "RINO3"]], '$worker_queues' => ['worker_queues', t("Maximum number of parallel workers"), Config::get('system','worker_queues'), t("On shared hosters set this to 2. On larger systems, values of 10 are great. Default value is 4.")], '$worker_dont_fork' => ['worker_dont_fork', t("Don't use 'proc_open' with the worker"), Config::get('system','worker_dont_fork'), t("Enable this if your system doesn't allow the use of 'proc_open'. This can happen on shared hosters. If this is enabled you should increase the frequency of worker calls in your crontab.")], diff --git a/util/htconfig.vagrant.php b/util/htconfig.vagrant.php index cc4ade758..5b50b9f39 100644 --- a/util/htconfig.vagrant.php +++ b/util/htconfig.vagrant.php @@ -52,7 +52,7 @@ $a->config['php_path'] = '/usr/bin/php'; // Encryption will only be provided if this setting is true and the // PHP mcrypt extension is installed on both systems -$a->config['system']['rino_encrypt'] = true; +$a->config['system']['rino_encrypt'] = 3; // default system theme From cadf8c5e5dc2636f51870d1a2be735028e95d28d Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Thu, 18 Jan 2018 23:47:54 -0500 Subject: [PATCH 04/12] Bump new users RSA key strength --- src/Protocol/DFRN.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Protocol/DFRN.php b/src/Protocol/DFRN.php index bfe2fafaa..bf662cb1c 100644 --- a/src/Protocol/DFRN.php +++ b/src/Protocol/DFRN.php @@ -471,7 +471,7 @@ class DFRN /* get site pubkey. this could be a new installation with no site keys*/ $pubkey = Config::get('system', 'site_pubkey'); if (! $pubkey) { - $res = FriendicaCrypto::newKeypair(1024); + $res = FriendicaCrypto::newKeypair(2048); Config::set('system', 'site_prvkey', $res['prvkey']); Config::set('system', 'site_pubkey', $res['pubkey']); } From 2e58120bbb27de1c27b76e27aef1ecfd17ee4a27 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Fri, 19 Jan 2018 08:10:59 -0500 Subject: [PATCH 05/12] Fix RINO admin setting values --- mod/admin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod/admin.php b/mod/admin.php index dfa6d627d..98cd8d0ac 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -1336,7 +1336,7 @@ function admin_page_site(App $a) '$relocate_url' => ['relocate_url', t("New base url"), System::baseUrl(), t("Change base url for this server. Sends relocate message to all Friendica and Diaspora* contacts of all users.")], - '$rino' => ['rino', t("RINO Encryption"), intval(Config::get('system','rino_encrypt')), t("Encryption layer between nodes."), ["Disabled", "RINO3"]], + '$rino' => ['rino', t("RINO Encryption"), intval(Config::get('system','rino_encrypt')), t("Encryption layer between nodes."), [0 => "Disabled", 3 => "RINO3"]], '$worker_queues' => ['worker_queues', t("Maximum number of parallel workers"), Config::get('system','worker_queues'), t("On shared hosters set this to 2. On larger systems, values of 10 are great. Default value is 4.")], '$worker_dont_fork' => ['worker_dont_fork', t("Don't use 'proc_open' with the worker"), Config::get('system','worker_dont_fork'), t("Enable this if your system doesn't allow the use of 'proc_open'. This can happen on shared hosters. If this is enabled you should increase the frequency of worker calls in your crontab.")], From 5db1717f4632a33da34e08b916816d7cba0e1878 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Fri, 19 Jan 2018 08:13:32 -0500 Subject: [PATCH 06/12] Re-added missing RINO admin setting values --- mod/admin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod/admin.php b/mod/admin.php index 98cd8d0ac..ebb5509de 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -1336,7 +1336,7 @@ function admin_page_site(App $a) '$relocate_url' => ['relocate_url', t("New base url"), System::baseUrl(), t("Change base url for this server. Sends relocate message to all Friendica and Diaspora* contacts of all users.")], - '$rino' => ['rino', t("RINO Encryption"), intval(Config::get('system','rino_encrypt')), t("Encryption layer between nodes."), [0 => "Disabled", 3 => "RINO3"]], + '$rino' => ['rino', t("RINO Encryption"), intval(Config::get('system','rino_encrypt')), t("Encryption layer between nodes."), [0 => "Disabled", 1 => "RINO1 two-ways (deprecated)", 2 => "RINO1 sending/RINO2 receiving (deprectated)", 3 => "RINO3 (experimental)"]], '$worker_queues' => ['worker_queues', t("Maximum number of parallel workers"), Config::get('system','worker_queues'), t("On shared hosters set this to 2. On larger systems, values of 10 are great. Default value is 4.")], '$worker_dont_fork' => ['worker_dont_fork', t("Don't use 'proc_open' with the worker"), Config::get('system','worker_dont_fork'), t("Enable this if your system doesn't allow the use of 'proc_open'. This can happen on shared hosters. If this is enabled you should increase the frequency of worker calls in your crontab.")], From 5bc7f4a4429afd95fd43966fb92c29b91cebe90e Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Fri, 19 Jan 2018 11:25:48 -0500 Subject: [PATCH 07/12] Remove RINO2 and RINO3 --- htconfig.php | 5 ++--- mod/admin.php | 2 +- mod/dfrn_notify.php | 44 +------------------------------------ mod/install.php | 2 +- src/Protocol/DFRN.php | 21 ------------------ util/htconfig.vagrant.php | 5 ++--- view/templates/htconfig.tpl | 3 +-- 7 files changed, 8 insertions(+), 74 deletions(-) diff --git a/htconfig.php b/htconfig.php index 86f2d1432..1661dd30e 100644 --- a/htconfig.php +++ b/htconfig.php @@ -61,10 +61,9 @@ $a->config['system']['maximagesize'] = 800000; $a->config['php_path'] = 'php'; // Server-to-server private message encryption (RINO) is allowed by default. -// Encryption will only be provided if this setting is set to a non zero value -// set to 0 to disable, 3 to enable +// set to 0 to disable, 1 to enable -$a->config['system']['rino_encrypt'] = 3; +$a->config['system']['rino_encrypt'] = 1; // allowed themes (change this from admin panel after installation) diff --git a/mod/admin.php b/mod/admin.php index ebb5509de..9c286c11d 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -1336,7 +1336,7 @@ function admin_page_site(App $a) '$relocate_url' => ['relocate_url', t("New base url"), System::baseUrl(), t("Change base url for this server. Sends relocate message to all Friendica and Diaspora* contacts of all users.")], - '$rino' => ['rino', t("RINO Encryption"), intval(Config::get('system','rino_encrypt')), t("Encryption layer between nodes."), [0 => "Disabled", 1 => "RINO1 two-ways (deprecated)", 2 => "RINO1 sending/RINO2 receiving (deprectated)", 3 => "RINO3 (experimental)"]], + '$rino' => ['rino', t("RINO Encryption"), intval(Config::get('system','rino_encrypt')), t("Encryption layer between nodes."), [0 => "Disabled", 1 => "Enabled"]], '$worker_queues' => ['worker_queues', t("Maximum number of parallel workers"), Config::get('system','worker_queues'), t("On shared hosters set this to 2. On larger systems, values of 10 are great. Default value is 4.")], '$worker_dont_fork' => ['worker_dont_fork', t("Don't use 'proc_open' with the worker"), Config::get('system','worker_dont_fork'), t("Enable this if your system doesn't allow the use of 'proc_open'. This can happen on shared hosters. If this is enabled you should increase the frequency of worker calls in your crontab.")], diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php index 0d7e4bc7e..9c5aff2ea 100644 --- a/mod/dfrn_notify.php +++ b/mod/dfrn_notify.php @@ -6,10 +6,6 @@ * @see PDF with dfrn specs: https://github.com/friendica/friendica/blob/master/spec/dfrn2.pdf */ -use Defuse\Crypto\Crypto; -use Defuse\Crypto\Exception\EnvironmentIsBrokenException; -use Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException; -use Defuse\Crypto\Key; use Friendica\App; use Friendica\Core\Config; use Friendica\Database\DBM; @@ -176,54 +172,16 @@ function dfrn_notify_post(App $a) { case 0: case 1: /* - *we got a key. old code send only the key, without RINO version. + * we got a key. old code send only the key, without RINO version. * we assume RINO 1 if key and no RINO version */ $data = DFRN::aesDecrypt(hex2bin($data), $final_key); break; - case 2: - try { - $data = Crypto::legacyDecrypt(hex2bin($data), $final_key); - } catch (WrongKeyOrModifiedCiphertextException $ex) { // VERY IMPORTANT - /* - * Either: - * 1. The ciphertext was modified by the attacker, - * 2. The key is wrong, or - * 3. $ciphertext is not a valid ciphertext or was corrupted. - * Assume the worst. - */ - logger('The ciphertext has been tampered with!'); - xml_status(0, 'The ciphertext has been tampered with!'); - } catch (EnvironmentIsBrokenException $ex) { - logger('Cannot safely perform decryption'); - xml_status(0, 'Environment is broken'); - } - break; - case 3: - $KeyObject = Key::loadFromAsciiSafeString($final_key); - try { - $data = Crypto::decrypt(hex2bin($data), $KeyObject); - } catch (WrongKeyOrModifiedCiphertextException $ex) { // VERY IMPORTANT - /* - * Either: - * 1. The ciphertext was modified by the attacker, - * 2. The key is wrong, or - * 3. $ciphertext is not a valid ciphertext or was corrupted. - * Assume the worst. - */ - logger('The ciphertext has been tampered with!'); - xml_status(0, 'The ciphertext has been tampered with!'); - } catch (EnvironmentIsBrokenException $ex) { - logger('Cannot safely perform decryption'); - xml_status(0, 'Environment is broken'); - } - break; default: logger("rino: invalid sent version '$rino_remote'"); xml_status(0, "Invalid sent version '$rino_remote'"); } - logger('rino: decrypted data: ' . $data, LOGGER_DATA); } diff --git a/mod/install.php b/mod/install.php index 2989f7fbe..b39e7c949 100644 --- a/mod/install.php +++ b/mod/install.php @@ -63,7 +63,7 @@ function install_post(App $a) { $timezone = notags(trim($_POST['timezone'])); $language = notags(trim($_POST['language'])); $adminmail = notags(trim($_POST['adminmail'])); - $rino = 2; + $rino = 1; // connect to db dba::connect($dbhost, $dbuser, $dbpass, $dbdata, true); diff --git a/src/Protocol/DFRN.php b/src/Protocol/DFRN.php index bf662cb1c..76e8d5856 100644 --- a/src/Protocol/DFRN.php +++ b/src/Protocol/DFRN.php @@ -8,9 +8,6 @@ */ namespace Friendica\Protocol; -use Defuse\Crypto\Crypto; -use Defuse\Crypto\Exception\EnvironmentIsBrokenException; -use Defuse\Crypto\Key; use Friendica\App; use Friendica\Content\OEmbed; use Friendica\Core\Config; @@ -1304,23 +1301,6 @@ class DFRN $key = openssl_random_pseudo_bytes(16); $data = self::aesEncrypt($postvars['data'], $key); break; - case 3: - try { - $KeyObject = Key::createNewRandomKey(); - } catch (EnvironmentIsBrokenException $ex) { - logger('Cannot safely create a key'); - return -4; - } - - try { - $data = Crypto::encrypt($postvars['data'], $key); - } catch (EnvironmentIsBrokenException $ex) { - logger('Cannot safely perform encryption'); - return -6; - } - - $key = $KeyObject->saveToAsciiSafeString(); - break; default: logger("rino: invalid requested version '$rino_remote_version'"); return -8; @@ -1331,7 +1311,6 @@ class DFRN //logger('rino: sent key = ' . $key, LOGGER_DEBUG); - if ($dfrn_version >= 2.1) { if (($contact['duplex'] && strlen($contact['pubkey'])) || ($owner['page-flags'] == PAGE_COMMUNITY && strlen($contact['pubkey'])) diff --git a/util/htconfig.vagrant.php b/util/htconfig.vagrant.php index 5b50b9f39..d5cb23357 100644 --- a/util/htconfig.vagrant.php +++ b/util/htconfig.vagrant.php @@ -49,10 +49,9 @@ $a->config['php_path'] = '/usr/bin/php'; // Server-to-server private message encryption (RINO) is allowed by default. -// Encryption will only be provided if this setting is true and the -// PHP mcrypt extension is installed on both systems +// set to 0 to disable, 1 to enable -$a->config['system']['rino_encrypt'] = 3; +$a->config['system']['rino_encrypt'] = 1; // default system theme diff --git a/view/templates/htconfig.tpl b/view/templates/htconfig.tpl index f9771c88d..1ecd9a2b4 100644 --- a/view/templates/htconfig.tpl +++ b/view/templates/htconfig.tpl @@ -78,8 +78,7 @@ $a->config['max_import_size'] = 200000; $a->config['system']['maximagesize'] = 800000; // Server-to-server private message encryption (RINO) is allowed by default. -// Encryption will only be provided if this setting is set to a non zero value -// set to 0 to disable, 2 to enable, 1 is deprecated +// set to 0 to disable, 1 to enable $a->config['system']['rino_encrypt'] = {{$rino}}; From 633b133db630697dd2649b2ce3bab3ce54402c88 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Fri, 19 Jan 2018 11:26:06 -0500 Subject: [PATCH 08/12] [Composer] Remove defuse/php-encryption dependency --- composer.json | 1 - composer.lock | 65 +-------------------------------------------------- 2 files changed, 1 insertion(+), 65 deletions(-) diff --git a/composer.json b/composer.json index e8933ffbb..19fa2b1c3 100644 --- a/composer.json +++ b/composer.json @@ -18,7 +18,6 @@ "ezyang/htmlpurifier": "~4.7.0", "mobiledetect/mobiledetectlib": "2.8.*", "league/html-to-markdown": "~4.4.1", - "defuse/php-encryption": "^2.0", "pear/Text_LanguageDetect": "1.*", "pear/Text_Highlighter": "dev-master", "paragonie/random_compat": "^2.0", diff --git a/composer.lock b/composer.lock index 46d8252bb..a67eb0e1c 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "content-hash": "e2efb30af29afe0f5b9a001aac5da6d8", + "content-hash": "7fcbb730be98076fe8318b03c858f41c", "packages": [ { "name": "bower-asset/Chart-js", @@ -69,69 +69,6 @@ "description": "Base64 encoding and decoding", "time": "2017-03-25T21:16:21+00:00" }, - { - "name": "defuse/php-encryption", - "version": "v2.1.0", - "source": { - "type": "git", - "url": "https://github.com/defuse/php-encryption.git", - "reference": "5176f5abb38d3ea8a6e3ac6cd3bbb54d8185a689" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/defuse/php-encryption/zipball/5176f5abb38d3ea8a6e3ac6cd3bbb54d8185a689", - "reference": "5176f5abb38d3ea8a6e3ac6cd3bbb54d8185a689", - "shasum": "" - }, - "require": { - "ext-openssl": "*", - "paragonie/random_compat": "~2.0", - "php": ">=5.4.0" - }, - "require-dev": { - "nikic/php-parser": "^2.0|^3.0", - "phpunit/phpunit": "^4|^5" - }, - "bin": [ - "bin/generate-defuse-key" - ], - "type": "library", - "autoload": { - "psr-4": { - "Defuse\\Crypto\\": "src" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Taylor Hornby", - "email": "taylor@defuse.ca", - "homepage": "https://defuse.ca/" - }, - { - "name": "Scott Arciszewski", - "email": "info@paragonie.com", - "homepage": "https://paragonie.com" - } - ], - "description": "Secure PHP Encryption Library", - "keywords": [ - "aes", - "authenticated encryption", - "cipher", - "crypto", - "cryptography", - "encrypt", - "encryption", - "openssl", - "security", - "symmetric key cryptography" - ], - "time": "2017-05-18T21:28:48+00:00" - }, { "name": "ezyang/htmlpurifier", "version": "v4.7.0", From 035394cbf2c4edff8cd36595beaee2c1e9dcc4c4 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Fri, 19 Jan 2018 11:34:56 -0500 Subject: [PATCH 09/12] RINO code cleanup - Restore original use Friendica\Util\Crypto - Remove RINO1 deprecation comments - Fix undefined variable $rino_remote_version --- mod/dfrn_notify.php | 10 +++------- src/Protocol/DFRN.php | 7 ++++--- 2 files changed, 7 insertions(+), 10 deletions(-) diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php index 9c5aff2ea..8903d66e3 100644 --- a/mod/dfrn_notify.php +++ b/mod/dfrn_notify.php @@ -143,7 +143,7 @@ function dfrn_notify_post(App $a) { // if local rino is lower than remote rino, abort: should not happen! // but only for $remote_rino > 1, because old code did't send rino version - if ($rino_remote_version > 1 && $rino < $rino_remote) { + if ($rino_remote > 1 && $rino < $rino_remote) { logger("rino version '$rino_remote' is lower than supported '$rino'"); xml_status(0, "rino version '$rino_remote' is lower than supported '$rino'"); } @@ -166,15 +166,11 @@ function dfrn_notify_post(App $a) { } } - #logger('rino: received key : ' . $final_key); - switch($rino_remote) { case 0: case 1: - /* - * we got a key. old code send only the key, without RINO version. - * we assume RINO 1 if key and no RINO version - */ + // we got a key. old code send only the key, without RINO version. + // we assume RINO 1 if key and no RINO version $data = DFRN::aesDecrypt(hex2bin($data), $final_key); break; default: diff --git a/src/Protocol/DFRN.php b/src/Protocol/DFRN.php index 76e8d5856..305e3d3fd 100644 --- a/src/Protocol/DFRN.php +++ b/src/Protocol/DFRN.php @@ -22,7 +22,7 @@ use Friendica\Model\Term; use Friendica\Model\User; use Friendica\Object\Image; use Friendica\Protocol\OStatus; -use Friendica\Util\Crypto as FriendicaCrypto; +use Friendica\Util\Crypto; use Friendica\Util\XML; use dba; @@ -468,7 +468,7 @@ class DFRN /* get site pubkey. this could be a new installation with no site keys*/ $pubkey = Config::get('system', 'site_pubkey'); if (! $pubkey) { - $res = FriendicaCrypto::newKeypair(2048); + $res = Crypto::newKeypair(2048); Config::set('system', 'site_prvkey', $res['prvkey']); Config::set('system', 'site_pubkey', $res['pubkey']); } @@ -1295,9 +1295,10 @@ class DFRN switch ($rino_remote_version) { case 1: case 2: + // Force downgrade in case the remote server is still using the deprecated version 2 $rino = 1; $rino_remote_version = 1; - // Deprecated rino version! + $key = openssl_random_pseudo_bytes(16); $data = self::aesEncrypt($postvars['data'], $key); break; From dd07c47ab25d6fb29e3286d0d64900ed95d9df17 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Fri, 19 Jan 2018 11:50:43 -0500 Subject: [PATCH 10/12] Code cleanup in Protocol\DFRN - Remove commented out code - Fix mixed quote style --- src/Protocol/DFRN.php | 48 +++++++++++-------------------------------- 1 file changed, 12 insertions(+), 36 deletions(-) diff --git a/src/Protocol/DFRN.php b/src/Protocol/DFRN.php index 305e3d3fd..507bdaa16 100644 --- a/src/Protocol/DFRN.php +++ b/src/Protocol/DFRN.php @@ -1310,8 +1310,6 @@ class DFRN $postvars['rino'] = $rino_remote_version; $postvars['data'] = bin2hex($data); - //logger('rino: sent key = ' . $key, LOGGER_DEBUG); - if ($dfrn_version >= 2.1) { if (($contact['duplex'] && strlen($contact['pubkey'])) || ($owner['page-flags'] == PAGE_COMMUNITY && strlen($contact['pubkey'])) @@ -2162,8 +2160,6 @@ class DFRN * valid community action. Also forum_mode makes it valid for sure. * If neither, it's not. */ - - /// @TODO Maybe merge these if() blocks into one? if ($is_a_remote_action && $community && (!$r[0]["forum_mode"]) && (!$r[0]["wall"])) { $is_a_remote_action = false; logger("not a community action"); @@ -2365,21 +2361,12 @@ class DFRN $title = ""; foreach ($links as $link) { foreach ($link->attributes as $attributes) { - /// @TODO Rewrite these repeated (same) if () statements to a switch() - if ($attributes->name == "href") { - $href = $attributes->textContent; - } - if ($attributes->name == "rel") { - $rel = $attributes->textContent; - } - if ($attributes->name == "type") { - $type = $attributes->textContent; - } - if ($attributes->name == "length") { - $length = $attributes->textContent; - } - if ($attributes->name == "title") { - $title = $attributes->textContent; + switch ($attributes->name) { + case "href" : $href = $attributes->textContent; break; + case "rel" : $rel = $attributes->textContent; break; + case "type" : $type = $attributes->textContent; break; + case "length": $length = $attributes->textContent; break; + case "title" : $title = $attributes->textContent; break; } } if (($rel != "") && ($href != "")) { @@ -2630,16 +2617,6 @@ class DFRN if (($item["network"] != $author["network"]) && ($author["network"] != "")) { $item["network"] = $author["network"]; } - - /// @TODO maybe remove this old-lost code then? - // This code was taken from the old DFRN code - // When activated, forums don't work. - // And: Why should we disallow commenting by followers? - // the behaviour is now similar to the Diaspora part. - //if ($importer["rel"] == CONTACT_IS_FOLLOWER) { - // logger("Contact ".$importer["id"]." is only follower. Quitting", LOGGER_DEBUG); - // return; - //} } if ($entrytype == DFRN_REPLY_RC) { @@ -2656,13 +2633,12 @@ class DFRN $ev = bbtoevent($item["body"]); if ((x($ev, "desc") || x($ev, "summary")) && x($ev, "start")) { logger("Event in item ".$item["uri"]." was found.", LOGGER_DEBUG); - /// @TODO Mixure of "/' ahead ... - $ev["cid"] = $importer["id"]; - $ev["uid"] = $importer["uid"]; - $ev["uri"] = $item["uri"]; - $ev["edited"] = $item["edited"]; - $ev['private'] = $item['private']; - $ev["guid"] = $item["guid"]; + $ev["cid"] = $importer["id"]; + $ev["uid"] = $importer["uid"]; + $ev["uri"] = $item["uri"]; + $ev["edited"] = $item["edited"]; + $ev["private"] = $item["private"]; + $ev["guid"] = $item["guid"]; $r = q( "SELECT `id` FROM `event` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", From 2c284f30c243a66cc2046b31167a56974b60c5fe Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Fri, 19 Jan 2018 11:58:26 -0500 Subject: [PATCH 11/12] Revert bumping the site RSA key strength to 2048 --- src/Protocol/DFRN.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Protocol/DFRN.php b/src/Protocol/DFRN.php index 507bdaa16..60b093159 100644 --- a/src/Protocol/DFRN.php +++ b/src/Protocol/DFRN.php @@ -468,7 +468,7 @@ class DFRN /* get site pubkey. this could be a new installation with no site keys*/ $pubkey = Config::get('system', 'site_pubkey'); if (! $pubkey) { - $res = Crypto::newKeypair(2048); + $res = Crypto::newKeypair(1024); Config::set('system', 'site_prvkey', $res['prvkey']); Config::set('system', 'site_pubkey', $res['pubkey']); } From 98344a9d08c84c82c2d3244c613e4a287f4fde19 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Fri, 19 Jan 2018 12:06:09 -0500 Subject: [PATCH 12/12] Remove reference to RINO version 2 --- src/Protocol/DFRN.php | 5 ----- 1 file changed, 5 deletions(-) diff --git a/src/Protocol/DFRN.php b/src/Protocol/DFRN.php index 60b093159..0d92d598c 100644 --- a/src/Protocol/DFRN.php +++ b/src/Protocol/DFRN.php @@ -1294,11 +1294,6 @@ class DFRN switch ($rino_remote_version) { case 1: - case 2: - // Force downgrade in case the remote server is still using the deprecated version 2 - $rino = 1; - $rino_remote_version = 1; - $key = openssl_random_pseudo_bytes(16); $data = self::aesEncrypt($postvars['data'], $key); break;