Changeset 2262553
- Timestamp:
- 03/17/2020 02:52:37 PM (6 years ago)
- Location:
- ithemes-sync
- Files:
-
- 2 added
- 12 edited
- 1 copied
-
tags/2.1.4 (copied) (copied from ithemes-sync/trunk)
-
tags/2.1.4/functions.php (modified) (1 diff)
-
tags/2.1.4/history.txt (modified) (1 diff)
-
tags/2.1.4/init.php (modified) (1 diff)
-
tags/2.1.4/lang/ithemes-sync.pot (modified) (1 diff)
-
tags/2.1.4/public.key (added)
-
tags/2.1.4/readme.txt (modified) (2 diffs)
-
tags/2.1.4/request-handler.php (modified) (5 diffs)
-
trunk/functions.php (modified) (1 diff)
-
trunk/history.txt (modified) (1 diff)
-
trunk/init.php (modified) (1 diff)
-
trunk/lang/ithemes-sync.pot (modified) (1 diff)
-
trunk/public.key (added)
-
trunk/readme.txt (modified) (2 diffs)
-
trunk/request-handler.php (modified) (5 diffs)
Legend:
- Unmodified
- Added
- Removed
-
ithemes-sync/tags/2.1.4/functions.php
r2244568 r2262553 1030 1030 return false; 1031 1031 } 1032 1033 /** 1034 * Checks if sodium library and methods we use are available 1035 * Also checks if sodium is fast enough on this system 1036 * If available: include the compatiability layer, core utilities, and Base64 UrlSafe classes 1037 * 1038 * @return bool 1039 */ 1040 public static function is_sodium_available() { 1041 $requiredFiles = array( 1042 'wp-includes/sodium_compat/src/Compat.php', 1043 'wp-includes/sodium_compat/src/Core/Base64/UrlSafe.php', 1044 'wp-includes/sodium_compat/src/Core/Util.php' 1045 ); 1046 1047 foreach ( $requiredFiles as $file ) { 1048 if ( file_exists( ABSPATH . $file ) ) { 1049 require_once( ABSPATH . $file ); 1050 } else { 1051 return false; 1052 } 1053 } 1054 1055 // Check for a edge-case affecting PHP Maths abilities 1056 // Sodium_Compat isn't compatible with PHP 7.2.0~7.2.2 due to a bug in the PHP Opcache extension, bail early as it'll fail. 1057 if ( 1058 ! extension_loaded( 'sodium' ) && 1059 in_array( PHP_VERSION_ID, [ 70200, 70201, 70202 ], true ) && 1060 extension_loaded( 'opcache' ) 1061 ) { 1062 return false; 1063 } 1064 1065 // Verify runtime speed of Sodium_Compat is acceptable. 1066 if ( ! extension_loaded( 'sodium' ) && ! ParagonIE_Sodium_Compat::polyfill_is_fast() ) { 1067 1068 // Allow for an old version of Sodium_Compat being loaded before the bundled WordPress one. 1069 if ( method_exists( 'ParagonIE_Sodium_Compat', 'runtime_speed_test' ) ) { 1070 // Run `ParagonIE_Sodium_Compat::runtime_speed_test()` in optimized integer mode, as that's what is used for signing verifications. 1071 $old_fastMult = ParagonIE_Sodium_Compat::$fastMult; 1072 ParagonIE_Sodium_Compat::$fastMult = true; 1073 $sodium_compat_is_fast = ParagonIE_Sodium_Compat::runtime_speed_test( 100, 10 ); 1074 ParagonIE_Sodium_Compat::$fastMult = $old_fastMult; 1075 1076 return $sodium_compat_is_fast; 1077 } 1078 1079 } 1080 1081 return true; 1082 } 1032 1083 } -
ithemes-sync/tags/2.1.4/history.txt
r2246281 r2262553 229 229 2.1.3.1 - 2020-02-18 - Lew Ayotte 230 230 Forgot to update the stable tag from last update 231 2.1.4 - 2020-03-16 - Josh Oakes 232 Enhancement: Added support for public-key signed requests to the plugin -
ithemes-sync/tags/2.1.4/init.php
r2246281 r2262553 5 5 Description: Manage updates to your WordPress sites easily in one place. 6 6 Author: iThemes 7 Version: 2.1. 3.17 Version: 2.1.4 8 8 Author URI: http://ithemes.com/ 9 9 Domain Path: /lang/ -
ithemes-sync/tags/2.1.4/lang/ithemes-sync.pot
r2246281 r2262553 3 3 msgid "" 4 4 msgstr "" 5 "Project-Id-Version: iThemes Sync 2.1. 3.1\n"5 "Project-Id-Version: iThemes Sync 2.1.4\n" 6 6 "Report-Msgid-Bugs-To: http://ithemes.com/support/\n" 7 "POT-Creation-Date: 2020-0 2-18 15:41:10+00:00\n"7 "POT-Creation-Date: 2020-03-17 14:06:40+00:00\n" 8 8 "PO-Revision-Date: 2020-MO-DA HO:MI+ZONE\n" 9 9 "MIME-Version: 1.0\n" -
ithemes-sync/tags/2.1.4/readme.txt
r2246281 r2262553 5 5 Requires PHP: 5.6 6 6 Tested up to: 5.4 7 Stable tag: 2.1. 3.17 Stable tag: 2.1.4 8 8 License: GPLv3 or later 9 9 License URI: http://www.gnu.org/licenses/quick-guide-gplv3.html … … 88 88 == Changelog == 89 89 90 = 2.1.4 = 91 * Enhancement: Added support for public-key signed requests to the plugin 92 90 93 = 2.1.3.1 = 91 94 * Updating stable tag -
ithemes-sync/tags/2.1.4/request-handler.php
r2244568 r2262553 36 36 37 37 require_once( $GLOBALS['ithemes_sync_path'] . '/load-translations.php' ); 38 require_once( $GLOBALS['ithemes_sync_path'] . '/functions.php' ); 38 39 39 40 class Ithemes_Sync_Request_Handler { … … 46 47 public function __construct() { 47 48 $this->show_errors(); 48 49 49 50 50 if ( empty( $_POST['request'] ) ) { 51 51 return; 52 52 } 53 54 $request = $_POST['request']; 55 56 if ( ( defined( 'DOING_AJAX' ) && DOING_AJAX ) ) { 57 $request = stripslashes( $request ); 58 } 59 60 $request = json_decode( $request, true ); 61 62 if ( ! is_array( $request ) ) { 63 return; 64 } 65 66 67 $GLOBALS['ithemes_sync_request_handler'] = $this; 68 69 70 add_action( 'ithemes-sync-add-log', array( $this, 'add_log' ), 10, 2 ); 71 add_action( 'shutdown', array( $this, 'handle_error' ) ); 72 73 add_action( 'ithemes_sync_verbs_registered', array( $this, 'handle_request' ) ); 74 53 75 54 require_once( $GLOBALS['ithemes_sync_path'] . '/api.php' ); 76 55 require_once( $GLOBALS['ithemes_sync_path'] . '/functions.php' ); 77 56 require_once( $GLOBALS['ithemes_sync_path'] . '/settings.php' ); 78 57 58 add_action( 'ithemes-sync-add-log', array( $this, 'add_log' ), 10, 2 ); 59 add_action( 'shutdown', array( $this, 'handle_error' ) ); 60 add_action( 'ithemes_sync_verbs_registered', array( $this, 'handle_request' ) ); 61 62 $request = $_POST['request']; 63 64 if ( !empty( $_POST['signature'] ) ) { 65 66 // Append success and failures to response 67 $sodium_available = Ithemes_Sync_Functions::is_sodium_available(); 68 69 if ( $sodium_available && ! $this->verify_request_signature( $request, $_POST['signature'] ) ) { 70 // Sodium is available and verification failed 71 do_action( 'ithemes-sync-add-log', 'signature-verification', array( 'available' => true, 'verified' => false ) ); 72 73 // $this->send_response( new WP_Error( 'request-signature-invalid', 'The request signature could not be verified' ) ); 74 } elseif ( $sodium_available ) { 75 // Sodium available and signature was verified 76 do_action( 'ithemes-sync-add-log', 'signature-verification', array( 'available' => true, 'verified' => true ) ); 77 } else { 78 // Sodium is not available 79 do_action( 'ithemes-sync-add-log', 'signature-verification', array( 'available' => false, 'verified' => false ) ); 80 } 81 } 82 83 if ( ( defined( 'DOING_AJAX' ) && DOING_AJAX ) ) { 84 $request = stripslashes( $request ); 85 } 86 87 $request = json_decode( $request, true ); 88 89 if ( ! is_array( $request ) ) { 90 return; 91 } 92 93 $GLOBALS['ithemes_sync_request_handler'] = $this; 94 79 95 $this->options = $GLOBALS['ithemes-sync-settings']->get_options(); 80 96 … … 278 294 public function send_response( $data ) { 279 295 if ( is_wp_error( $data ) ) { 280 foreach ( $data->get_error_codes() as $code ) 281 $response['errors'][ $code] = $data->get_error_message( $code );282 }283 else {296 foreach ( $data->get_error_codes() as $code ) { 297 $response['errors'][ $code ] = $data->get_error_message( $code ); 298 } 299 } else { 284 300 $response = array( 285 301 'response' => $data, 286 302 ); 287 303 } 288 304 289 305 if ( ! empty( $this->logs ) ) { 290 306 $response['logs'] = $this->logs; … … 437 453 $this->logs[] = $log; 438 454 } 439 455 440 456 public function handle_error() { 441 457 $this->send_response( new WP_Error( 'unhandled_request', 'This request was not handled by any registered verb. This was likely caused by a fatal error.' ) ); … … 464 480 return $json; 465 481 } 482 483 /** 484 * Determine if signature supplied in the request can be verified using the public key 485 * 486 * @param $request 487 * @param $signature 488 * 489 * @return bool 490 */ 491 private function verify_request_signature( $request, $signature ) { 492 493 try { 494 495 $public_key = sodium_base642bin( file_get_contents( $GLOBALS['ithemes_sync_path'] . '/public.key' ), 5 ); 496 $signature = sodium_base642bin( $signature, 5 ); 497 498 } catch ( Exception $e ) { 499 return false; 500 } 501 502 return sodium_crypto_sign_verify_detached( $signature, $request, $public_key ); 503 } 504 466 505 } 467 506 -
ithemes-sync/trunk/functions.php
r2244568 r2262553 1030 1030 return false; 1031 1031 } 1032 1033 /** 1034 * Checks if sodium library and methods we use are available 1035 * Also checks if sodium is fast enough on this system 1036 * If available: include the compatiability layer, core utilities, and Base64 UrlSafe classes 1037 * 1038 * @return bool 1039 */ 1040 public static function is_sodium_available() { 1041 $requiredFiles = array( 1042 'wp-includes/sodium_compat/src/Compat.php', 1043 'wp-includes/sodium_compat/src/Core/Base64/UrlSafe.php', 1044 'wp-includes/sodium_compat/src/Core/Util.php' 1045 ); 1046 1047 foreach ( $requiredFiles as $file ) { 1048 if ( file_exists( ABSPATH . $file ) ) { 1049 require_once( ABSPATH . $file ); 1050 } else { 1051 return false; 1052 } 1053 } 1054 1055 // Check for a edge-case affecting PHP Maths abilities 1056 // Sodium_Compat isn't compatible with PHP 7.2.0~7.2.2 due to a bug in the PHP Opcache extension, bail early as it'll fail. 1057 if ( 1058 ! extension_loaded( 'sodium' ) && 1059 in_array( PHP_VERSION_ID, [ 70200, 70201, 70202 ], true ) && 1060 extension_loaded( 'opcache' ) 1061 ) { 1062 return false; 1063 } 1064 1065 // Verify runtime speed of Sodium_Compat is acceptable. 1066 if ( ! extension_loaded( 'sodium' ) && ! ParagonIE_Sodium_Compat::polyfill_is_fast() ) { 1067 1068 // Allow for an old version of Sodium_Compat being loaded before the bundled WordPress one. 1069 if ( method_exists( 'ParagonIE_Sodium_Compat', 'runtime_speed_test' ) ) { 1070 // Run `ParagonIE_Sodium_Compat::runtime_speed_test()` in optimized integer mode, as that's what is used for signing verifications. 1071 $old_fastMult = ParagonIE_Sodium_Compat::$fastMult; 1072 ParagonIE_Sodium_Compat::$fastMult = true; 1073 $sodium_compat_is_fast = ParagonIE_Sodium_Compat::runtime_speed_test( 100, 10 ); 1074 ParagonIE_Sodium_Compat::$fastMult = $old_fastMult; 1075 1076 return $sodium_compat_is_fast; 1077 } 1078 1079 } 1080 1081 return true; 1082 } 1032 1083 } -
ithemes-sync/trunk/history.txt
r2246281 r2262553 229 229 2.1.3.1 - 2020-02-18 - Lew Ayotte 230 230 Forgot to update the stable tag from last update 231 2.1.4 - 2020-03-16 - Josh Oakes 232 Enhancement: Added support for public-key signed requests to the plugin -
ithemes-sync/trunk/init.php
r2246281 r2262553 5 5 Description: Manage updates to your WordPress sites easily in one place. 6 6 Author: iThemes 7 Version: 2.1. 3.17 Version: 2.1.4 8 8 Author URI: http://ithemes.com/ 9 9 Domain Path: /lang/ -
ithemes-sync/trunk/lang/ithemes-sync.pot
r2246281 r2262553 3 3 msgid "" 4 4 msgstr "" 5 "Project-Id-Version: iThemes Sync 2.1. 3.1\n"5 "Project-Id-Version: iThemes Sync 2.1.4\n" 6 6 "Report-Msgid-Bugs-To: http://ithemes.com/support/\n" 7 "POT-Creation-Date: 2020-0 2-18 15:41:10+00:00\n"7 "POT-Creation-Date: 2020-03-17 14:06:40+00:00\n" 8 8 "PO-Revision-Date: 2020-MO-DA HO:MI+ZONE\n" 9 9 "MIME-Version: 1.0\n" -
ithemes-sync/trunk/readme.txt
r2246281 r2262553 5 5 Requires PHP: 5.6 6 6 Tested up to: 5.4 7 Stable tag: 2.1. 3.17 Stable tag: 2.1.4 8 8 License: GPLv3 or later 9 9 License URI: http://www.gnu.org/licenses/quick-guide-gplv3.html … … 88 88 == Changelog == 89 89 90 = 2.1.4 = 91 * Enhancement: Added support for public-key signed requests to the plugin 92 90 93 = 2.1.3.1 = 91 94 * Updating stable tag -
ithemes-sync/trunk/request-handler.php
r2244568 r2262553 36 36 37 37 require_once( $GLOBALS['ithemes_sync_path'] . '/load-translations.php' ); 38 require_once( $GLOBALS['ithemes_sync_path'] . '/functions.php' ); 38 39 39 40 class Ithemes_Sync_Request_Handler { … … 46 47 public function __construct() { 47 48 $this->show_errors(); 48 49 49 50 50 if ( empty( $_POST['request'] ) ) { 51 51 return; 52 52 } 53 54 $request = $_POST['request']; 55 56 if ( ( defined( 'DOING_AJAX' ) && DOING_AJAX ) ) { 57 $request = stripslashes( $request ); 58 } 59 60 $request = json_decode( $request, true ); 61 62 if ( ! is_array( $request ) ) { 63 return; 64 } 65 66 67 $GLOBALS['ithemes_sync_request_handler'] = $this; 68 69 70 add_action( 'ithemes-sync-add-log', array( $this, 'add_log' ), 10, 2 ); 71 add_action( 'shutdown', array( $this, 'handle_error' ) ); 72 73 add_action( 'ithemes_sync_verbs_registered', array( $this, 'handle_request' ) ); 74 53 75 54 require_once( $GLOBALS['ithemes_sync_path'] . '/api.php' ); 76 55 require_once( $GLOBALS['ithemes_sync_path'] . '/functions.php' ); 77 56 require_once( $GLOBALS['ithemes_sync_path'] . '/settings.php' ); 78 57 58 add_action( 'ithemes-sync-add-log', array( $this, 'add_log' ), 10, 2 ); 59 add_action( 'shutdown', array( $this, 'handle_error' ) ); 60 add_action( 'ithemes_sync_verbs_registered', array( $this, 'handle_request' ) ); 61 62 $request = $_POST['request']; 63 64 if ( !empty( $_POST['signature'] ) ) { 65 66 // Append success and failures to response 67 $sodium_available = Ithemes_Sync_Functions::is_sodium_available(); 68 69 if ( $sodium_available && ! $this->verify_request_signature( $request, $_POST['signature'] ) ) { 70 // Sodium is available and verification failed 71 do_action( 'ithemes-sync-add-log', 'signature-verification', array( 'available' => true, 'verified' => false ) ); 72 73 // $this->send_response( new WP_Error( 'request-signature-invalid', 'The request signature could not be verified' ) ); 74 } elseif ( $sodium_available ) { 75 // Sodium available and signature was verified 76 do_action( 'ithemes-sync-add-log', 'signature-verification', array( 'available' => true, 'verified' => true ) ); 77 } else { 78 // Sodium is not available 79 do_action( 'ithemes-sync-add-log', 'signature-verification', array( 'available' => false, 'verified' => false ) ); 80 } 81 } 82 83 if ( ( defined( 'DOING_AJAX' ) && DOING_AJAX ) ) { 84 $request = stripslashes( $request ); 85 } 86 87 $request = json_decode( $request, true ); 88 89 if ( ! is_array( $request ) ) { 90 return; 91 } 92 93 $GLOBALS['ithemes_sync_request_handler'] = $this; 94 79 95 $this->options = $GLOBALS['ithemes-sync-settings']->get_options(); 80 96 … … 278 294 public function send_response( $data ) { 279 295 if ( is_wp_error( $data ) ) { 280 foreach ( $data->get_error_codes() as $code ) 281 $response['errors'][ $code] = $data->get_error_message( $code );282 }283 else {296 foreach ( $data->get_error_codes() as $code ) { 297 $response['errors'][ $code ] = $data->get_error_message( $code ); 298 } 299 } else { 284 300 $response = array( 285 301 'response' => $data, 286 302 ); 287 303 } 288 304 289 305 if ( ! empty( $this->logs ) ) { 290 306 $response['logs'] = $this->logs; … … 437 453 $this->logs[] = $log; 438 454 } 439 455 440 456 public function handle_error() { 441 457 $this->send_response( new WP_Error( 'unhandled_request', 'This request was not handled by any registered verb. This was likely caused by a fatal error.' ) ); … … 464 480 return $json; 465 481 } 482 483 /** 484 * Determine if signature supplied in the request can be verified using the public key 485 * 486 * @param $request 487 * @param $signature 488 * 489 * @return bool 490 */ 491 private function verify_request_signature( $request, $signature ) { 492 493 try { 494 495 $public_key = sodium_base642bin( file_get_contents( $GLOBALS['ithemes_sync_path'] . '/public.key' ), 5 ); 496 $signature = sodium_base642bin( $signature, 5 ); 497 498 } catch ( Exception $e ) { 499 return false; 500 } 501 502 return sodium_crypto_sign_verify_detached( $signature, $request, $public_key ); 503 } 504 466 505 } 467 506
Note: See TracChangeset
for help on using the changeset viewer.