From 98ccefebcf3a56c467709ffaf16a163da931bc0c Mon Sep 17 00:00:00 2001 From: Michael Vogel Date: Wed, 20 Jan 2016 16:00:43 +0100 Subject: [PATCH] Reworked check for double encoded Diaspora signatures --- include/diaspora.php | 4 ---- include/items.php | 8 ++++++++ 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/include/diaspora.php b/include/diaspora.php index d61ec016c7..4673cdaf4c 100644 --- a/include/diaspora.php +++ b/include/diaspora.php @@ -2911,10 +2911,6 @@ function diaspora_send_relay($item,$owner,$contact,$public_batch = false) { $authorsig = $orig_sign['signature']; $handle = $orig_sign['signer']; - // Friendica servers lower than 3.5 had double encoded the signature ... - if (substr($authorsig, -1, 1) != "=") - $authorsig = base64_decode($authorsig); - // Split the signed text $signed_parts = explode(";", $signed_text); diff --git a/include/items.php b/include/items.php index b7a759a3b5..76ff6e8b0c 100644 --- a/include/items.php +++ b/include/items.php @@ -1609,6 +1609,14 @@ function item_store($arr,$force_parent = false, $notify = false, $dontcache = fa ); if($dsprsig) { + + // Friendica servers lower than 3.4.3-2 had double encoded the signature ... + // We can check for this condition when we decode and encode the stuff again. + if (base64_encode(base64_decode(base64_decode($dsprsig->signature))) == base64_decode($dsprsig->signature)) { + $dsprsig->signature = base64_decode($dsprsig->signature); + logger("Repaired double encoded signature from handle ".$dsprsig->signer, LOGGER_DEBUG); + } + q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($current_post), dbesc($dsprsig->signed_text),