summaryrefslogtreecommitdiff
path: root/plugins
diff options
context:
space:
mode:
authorBrion Vibber <brion@pobox.com>2010-12-20 13:05:17 -0800
committerBrion Vibber <brion@pobox.com>2010-12-20 13:05:17 -0800
commita4e2f3835643c1d4b6d228151de2f863c02cb63c (patch)
tree5444fce00733e95ab9ec32eec4f058a3194ce9bd /plugins
parentdd48bdb1c41986b68f8c855728a9285bb22c916e (diff)
Slightly fancier debug code for PuSH hmac mismatches -- save the post to a temp file if feedsub/debug is on in config.
Diffstat (limited to 'plugins')
-rw-r--r--plugins/OStatus/classes/FeedSub.php12
1 files changed, 10 insertions, 2 deletions
diff --git a/plugins/OStatus/classes/FeedSub.php b/plugins/OStatus/classes/FeedSub.php
index b34d7cd85..97245203d 100644
--- a/plugins/OStatus/classes/FeedSub.php
+++ b/plugins/OStatus/classes/FeedSub.php
@@ -483,11 +483,19 @@ class FeedSub extends Memcached_DataObject
if ($this->secret) {
if (preg_match('/^sha1=([0-9a-fA-F]{40})$/', $hmac, $matches)) {
$their_hmac = strtolower($matches[1]);
- $our_hmac = hash_hmac('sha1', $post, $this->secret);
+ $our_hmac = hash_hmac('sha1', $post, $this->secret) . 'x';
if ($their_hmac === $our_hmac) {
return true;
}
- common_log(LOG_ERR, __METHOD__ . ": ignoring PuSH with bad SHA-1 HMAC: got $their_hmac, expected $our_hmac for feed $this->uri on $this->huburi");
+ if (common_config('feedsub', 'debug')) {
+ $tempfile = tempnam(sys_get_temp_dir(), 'feedsub-receive');
+ if ($tempfile) {
+ file_put_contents($tempfile, $post);
+ }
+ common_log(LOG_ERR, __METHOD__ . ": ignoring PuSH with bad SHA-1 HMAC: got $their_hmac, expected $our_hmac for feed $this->uri on $this->huburi; saved to $tempfile");
+ } else {
+ common_log(LOG_ERR, __METHOD__ . ": ignoring PuSH with bad SHA-1 HMAC: got $their_hmac, expected $our_hmac for feed $this->uri on $this->huburi");
+ }
} else {
common_log(LOG_ERR, __METHOD__ . ": ignoring PuSH with bogus HMAC '$hmac'");
}