Changeset 2309135
- Timestamp:
- 05/20/2020 09:03:04 PM (6 years ago)
- Location:
- ithemes-sync
- Files:
-
- 16 edited
- 1 copied
-
tags/2.1.6 (copied) (copied from ithemes-sync/trunk)
-
tags/2.1.6/functions.php (modified) (1 diff)
-
tags/2.1.6/history.txt (modified) (1 diff)
-
tags/2.1.6/init.php (modified) (1 diff)
-
tags/2.1.6/lang/ithemes-sync.pot (modified) (2 diffs)
-
tags/2.1.6/readme.txt (modified) (1 diff)
-
tags/2.1.6/request-handler.php (modified) (2 diffs)
-
tags/2.1.6/server.php (modified) (6 diffs)
-
tags/2.1.6/settings-page.php (modified) (2 diffs)
-
trunk/functions.php (modified) (1 diff)
-
trunk/history.txt (modified) (1 diff)
-
trunk/init.php (modified) (1 diff)
-
trunk/lang/ithemes-sync.pot (modified) (2 diffs)
-
trunk/readme.txt (modified) (1 diff)
-
trunk/request-handler.php (modified) (2 diffs)
-
trunk/server.php (modified) (6 diffs)
-
trunk/settings-page.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
ithemes-sync/tags/2.1.6/functions.php
r2263241 r2309135 1031 1031 } 1032 1032 1033 /** 1034 * Checks if sodium library and methods we use are available 1035 * Also checks if sodium is fast enough on this system 1036 * If available: include the compatiability layer, core utilities, and Base64 UrlSafe classes 1037 * 1038 * @return bool 1039 */ 1040 public static function is_sodium_available() { 1041 $requiredFiles = array( 1042 'wp-includes/sodium_compat/autoload.php', 1043 ); 1044 1045 foreach ( $requiredFiles as $file ) { 1046 if ( file_exists( ABSPATH . $file ) ) { 1047 require_once( ABSPATH . $file ); 1048 } else { 1049 return false; 1050 } 1051 } 1052 1053 // Verify the functions we need are callable 1054 if ( ! is_callable( 'sodium_base642bin' ) || ! is_callable( 'sodium_crypto_sign_verify_detached' ) ) { 1055 return false; 1056 } 1057 1058 // Check for a edge-case affecting PHP Maths abilities 1059 // Sodium_Compat isn't compatible with PHP 7.2.0~7.2.2 due to a bug in the PHP Opcache extension, bail early as it'll fail. 1060 if ( 1061 ! extension_loaded( 'sodium' ) && 1062 in_array( PHP_VERSION_ID, [ 70200, 70201, 70202 ], true ) && 1063 extension_loaded( 'opcache' ) 1064 ) { 1065 return false; 1066 } 1067 1068 // Verify runtime speed of Sodium_Compat is acceptable. 1069 if ( ! extension_loaded( 'sodium' ) && ! ParagonIE_Sodium_Compat::polyfill_is_fast() ) { 1070 1071 // Allow for an old version of Sodium_Compat being loaded before the bundled WordPress one. 1072 if ( method_exists( 'ParagonIE_Sodium_Compat', 'runtime_speed_test' ) ) { 1073 // Run `ParagonIE_Sodium_Compat::runtime_speed_test()` in optimized integer mode, as that's what is used for signing verifications. 1074 $old_fastMult = ParagonIE_Sodium_Compat::$fastMult; 1075 ParagonIE_Sodium_Compat::$fastMult = true; 1076 $sodium_compat_is_fast = ParagonIE_Sodium_Compat::runtime_speed_test( 100, 10 ); 1077 ParagonIE_Sodium_Compat::$fastMult = $old_fastMult; 1078 1079 return $sodium_compat_is_fast; 1080 } 1081 1082 } 1083 1084 return true; 1085 } 1033 1086 } -
ithemes-sync/tags/2.1.6/history.txt
r2275244 r2309135 235 235 2.1.5 - 2020-04-03 - Josh Oakes 236 236 Bug Fix: Limit the total number of unsent notices that can be queued 237 2.1.6 - 2020-05-20 - Josh Oakes 238 Bug Fix: Fixed an issue where a user couldn't be unsynced if already removed from the dashboard -
ithemes-sync/tags/2.1.6/init.php
r2275244 r2309135 5 5 Description: Manage updates to your WordPress sites easily in one place. 6 6 Author: iThemes 7 Version: 2.1. 57 Version: 2.1.6 8 8 Author URI: http://ithemes.com/ 9 9 Domain Path: /lang/ -
ithemes-sync/tags/2.1.6/lang/ithemes-sync.pot
r2275244 r2309135 5 5 "Project-Id-Version: iThemes Sync 2.1.5\n" 6 6 "Report-Msgid-Bugs-To: http://ithemes.com/support/\n" 7 "POT-Creation-Date: 2020-0 4-03 16:05:35+00:00\n"7 "POT-Creation-Date: 2020-05-20 20:44:47+00:00\n" 8 8 "PO-Revision-Date: 2020-MO-DA HO:MI+ZONE\n" 9 9 "MIME-Version: 1.0\n" … … 351 351 msgstr "" 352 352 353 #: server.php:19 2353 #: server.php:195 354 354 msgid "An unrecognized server response format was received from the iThemes Sync server." 355 355 msgstr "" -
ithemes-sync/tags/2.1.6/readme.txt
r2275244 r2309135 88 88 == Changelog == 89 89 90 = 2.1.6 = 91 * Bug Fix: Fixed an issue where a user couldn't be unsynced if already removed from the dashboard 92 90 93 = 2.1.5 = 91 94 * Bug Fix: Limit the total number of unsent notices that can be queued -
ithemes-sync/tags/2.1.6/request-handler.php
r2263241 r2309135 62 62 $request = $_POST['request']; 63 63 64 if ( !empty( $_POST['signature'] ) ) { 65 66 // Append success and failures to response 67 $sodium_available = Ithemes_Sync_Functions::is_sodium_available(); 68 69 if ( $sodium_available && ! $this->verify_request_signature( $request, $_POST['signature'] ) ) { 70 // Sodium is available and verification failed 71 do_action( 'ithemes-sync-add-log', 'signature-verification', array( 'available' => true, 'verified' => false ) ); 72 73 // $this->send_response( new WP_Error( 'request-signature-invalid', 'The request signature could not be verified' ) ); 74 } elseif ( $sodium_available ) { 75 // Sodium available and signature was verified 76 do_action( 'ithemes-sync-add-log', 'signature-verification', array( 'available' => true, 'verified' => true ) ); 77 } else { 78 // Sodium is not available 79 do_action( 'ithemes-sync-add-log', 'signature-verification', array( 'available' => false, 'verified' => false ) ); 80 } 81 } 82 64 83 if ( ( defined( 'DOING_AJAX' ) && DOING_AJAX ) ) { 65 84 $request = stripslashes( $request ); … … 462 481 } 463 482 483 /** 484 * Determine if signature supplied in the request can be verified using the public key 485 * 486 * @param $request 487 * @param $signature 488 * 489 * @return bool 490 */ 491 private function verify_request_signature( $request, $signature ) { 492 493 // Verify the functions we need are callable 494 if ( ! is_callable( 'sodium_base642bin' ) || ! is_callable( 'sodium_crypto_sign_verify_detached' ) ) { 495 return false; 496 } 497 498 try { 499 500 $public_key = sodium_base642bin( file_get_contents( $GLOBALS['ithemes_sync_path'] . '/public.key' ), 5 ); 501 $signature = sodium_base642bin( $signature, 5 ); 502 503 } catch ( Exception $e ) { 504 return false; 505 } 506 507 return sodium_crypto_sign_verify_detached( $signature, $request, $public_key ); 508 } 509 464 510 } 465 511 -
ithemes-sync/tags/2.1.6/server.php
r2244568 r2309135 111 111 112 112 public static function request( $action, $query = array(), $data = array() ) { 113 114 $secure_url = apply_filters( 'sync_api_request_url', self::$secure_server_url ); 115 113 116 if ( isset( $data['auth_token'] ) ) { 114 117 $data['iterations'] = self::$password_iterations; … … 153 156 154 157 if ( is_wp_error( $response ) ) { 155 $response = wp_remote_post( self::$secure_server_url . $request, $remote_post_args );158 $response = wp_remote_post( $secure_url . $request, $remote_post_args ); 156 159 } else { 157 160 $options['use_ca_patch'] = true; … … 159 162 } 160 163 else { 161 $response = wp_remote_post( self::$secure_server_url . $request, $remote_post_args );164 $response = wp_remote_post( $secure_url . $request, $remote_post_args ); 162 165 163 166 if ( is_wp_error( $response ) ) { … … 171 174 172 175 if ( is_wp_error( $response ) ) { 173 $response = wp_remote_post( self::$insecure_server_url . $request . '&insecure=1', $remote_post_args );176 $response = wp_remote_post( $secure_url . $request . '&insecure=1', $remote_post_args ); 174 177 175 178 $options['use_ssl'] = false; … … 202 205 203 206 private static function do_patched_post( $request, $remote_post_args ) { 207 $secure_url = apply_filters( 'sync_api_request_url', self::$secure_server_url ); 208 204 209 self::enable_ssl_ca_patch(); 205 $response = wp_remote_post( self::$secure_server_url . $request . '&ca_patch=1', $remote_post_args );210 $response = wp_remote_post( $secure_url . $request . '&ca_patch=1', $remote_post_args ); 206 211 self::disable_ssl_ca_patch(); 207 212 … … 225 230 226 231 public static function add_ca_patch_to_curl_opts( $handle ) { 232 $secure_url = apply_filters( 'sync_api_request_url', self::$secure_server_url ); 227 233 $url = curl_getinfo( $handle, CURLINFO_EFFECTIVE_URL ); 228 234 229 if ( ! preg_match( '/^' . preg_quote( self::$secure_server_url, '/' ) . '/', $url ) ) {235 if ( ! preg_match( '/^' . preg_quote( $secure_url, '/' ) . '/', $url ) ) { 230 236 return; 231 237 } -
ithemes-sync/tags/2.1.6/settings-page.php
r1881423 r2309135 156 156 157 157 $result = Ithemes_Sync_Server::deauthenticate( $data['user'], $user_details['username'], $user_details['key'] ); 158 159 if ( is_wp_error( $result ) && ( 'authentication' != $result->get_error_code() ) ) {158 159 if ( is_wp_error( $result ) && ( 'authentication' != $result->get_error_code() ) && 'This site has not been authenticated by this user.' != $result->get_error_message() ) { 160 160 $heading = __( 'The user could not be unsynced.', 'it-l10n-ithemes-sync' ); 161 161 $message = $result->get_error_message(); … … 337 337 </form> 338 338 </div> 339 <?php do_action('sync_dev_render'); ?> 339 340 </div> 340 341 <?php -
ithemes-sync/trunk/functions.php
r2263241 r2309135 1031 1031 } 1032 1032 1033 /** 1034 * Checks if sodium library and methods we use are available 1035 * Also checks if sodium is fast enough on this system 1036 * If available: include the compatiability layer, core utilities, and Base64 UrlSafe classes 1037 * 1038 * @return bool 1039 */ 1040 public static function is_sodium_available() { 1041 $requiredFiles = array( 1042 'wp-includes/sodium_compat/autoload.php', 1043 ); 1044 1045 foreach ( $requiredFiles as $file ) { 1046 if ( file_exists( ABSPATH . $file ) ) { 1047 require_once( ABSPATH . $file ); 1048 } else { 1049 return false; 1050 } 1051 } 1052 1053 // Verify the functions we need are callable 1054 if ( ! is_callable( 'sodium_base642bin' ) || ! is_callable( 'sodium_crypto_sign_verify_detached' ) ) { 1055 return false; 1056 } 1057 1058 // Check for a edge-case affecting PHP Maths abilities 1059 // Sodium_Compat isn't compatible with PHP 7.2.0~7.2.2 due to a bug in the PHP Opcache extension, bail early as it'll fail. 1060 if ( 1061 ! extension_loaded( 'sodium' ) && 1062 in_array( PHP_VERSION_ID, [ 70200, 70201, 70202 ], true ) && 1063 extension_loaded( 'opcache' ) 1064 ) { 1065 return false; 1066 } 1067 1068 // Verify runtime speed of Sodium_Compat is acceptable. 1069 if ( ! extension_loaded( 'sodium' ) && ! ParagonIE_Sodium_Compat::polyfill_is_fast() ) { 1070 1071 // Allow for an old version of Sodium_Compat being loaded before the bundled WordPress one. 1072 if ( method_exists( 'ParagonIE_Sodium_Compat', 'runtime_speed_test' ) ) { 1073 // Run `ParagonIE_Sodium_Compat::runtime_speed_test()` in optimized integer mode, as that's what is used for signing verifications. 1074 $old_fastMult = ParagonIE_Sodium_Compat::$fastMult; 1075 ParagonIE_Sodium_Compat::$fastMult = true; 1076 $sodium_compat_is_fast = ParagonIE_Sodium_Compat::runtime_speed_test( 100, 10 ); 1077 ParagonIE_Sodium_Compat::$fastMult = $old_fastMult; 1078 1079 return $sodium_compat_is_fast; 1080 } 1081 1082 } 1083 1084 return true; 1085 } 1033 1086 } -
ithemes-sync/trunk/history.txt
r2275244 r2309135 235 235 2.1.5 - 2020-04-03 - Josh Oakes 236 236 Bug Fix: Limit the total number of unsent notices that can be queued 237 2.1.6 - 2020-05-20 - Josh Oakes 238 Bug Fix: Fixed an issue where a user couldn't be unsynced if already removed from the dashboard -
ithemes-sync/trunk/init.php
r2275244 r2309135 5 5 Description: Manage updates to your WordPress sites easily in one place. 6 6 Author: iThemes 7 Version: 2.1. 57 Version: 2.1.6 8 8 Author URI: http://ithemes.com/ 9 9 Domain Path: /lang/ -
ithemes-sync/trunk/lang/ithemes-sync.pot
r2275244 r2309135 5 5 "Project-Id-Version: iThemes Sync 2.1.5\n" 6 6 "Report-Msgid-Bugs-To: http://ithemes.com/support/\n" 7 "POT-Creation-Date: 2020-0 4-03 16:05:35+00:00\n"7 "POT-Creation-Date: 2020-05-20 20:44:47+00:00\n" 8 8 "PO-Revision-Date: 2020-MO-DA HO:MI+ZONE\n" 9 9 "MIME-Version: 1.0\n" … … 351 351 msgstr "" 352 352 353 #: server.php:19 2353 #: server.php:195 354 354 msgid "An unrecognized server response format was received from the iThemes Sync server." 355 355 msgstr "" -
ithemes-sync/trunk/readme.txt
r2275244 r2309135 88 88 == Changelog == 89 89 90 = 2.1.6 = 91 * Bug Fix: Fixed an issue where a user couldn't be unsynced if already removed from the dashboard 92 90 93 = 2.1.5 = 91 94 * Bug Fix: Limit the total number of unsent notices that can be queued -
ithemes-sync/trunk/request-handler.php
r2263241 r2309135 62 62 $request = $_POST['request']; 63 63 64 if ( !empty( $_POST['signature'] ) ) { 65 66 // Append success and failures to response 67 $sodium_available = Ithemes_Sync_Functions::is_sodium_available(); 68 69 if ( $sodium_available && ! $this->verify_request_signature( $request, $_POST['signature'] ) ) { 70 // Sodium is available and verification failed 71 do_action( 'ithemes-sync-add-log', 'signature-verification', array( 'available' => true, 'verified' => false ) ); 72 73 // $this->send_response( new WP_Error( 'request-signature-invalid', 'The request signature could not be verified' ) ); 74 } elseif ( $sodium_available ) { 75 // Sodium available and signature was verified 76 do_action( 'ithemes-sync-add-log', 'signature-verification', array( 'available' => true, 'verified' => true ) ); 77 } else { 78 // Sodium is not available 79 do_action( 'ithemes-sync-add-log', 'signature-verification', array( 'available' => false, 'verified' => false ) ); 80 } 81 } 82 64 83 if ( ( defined( 'DOING_AJAX' ) && DOING_AJAX ) ) { 65 84 $request = stripslashes( $request ); … … 462 481 } 463 482 483 /** 484 * Determine if signature supplied in the request can be verified using the public key 485 * 486 * @param $request 487 * @param $signature 488 * 489 * @return bool 490 */ 491 private function verify_request_signature( $request, $signature ) { 492 493 // Verify the functions we need are callable 494 if ( ! is_callable( 'sodium_base642bin' ) || ! is_callable( 'sodium_crypto_sign_verify_detached' ) ) { 495 return false; 496 } 497 498 try { 499 500 $public_key = sodium_base642bin( file_get_contents( $GLOBALS['ithemes_sync_path'] . '/public.key' ), 5 ); 501 $signature = sodium_base642bin( $signature, 5 ); 502 503 } catch ( Exception $e ) { 504 return false; 505 } 506 507 return sodium_crypto_sign_verify_detached( $signature, $request, $public_key ); 508 } 509 464 510 } 465 511 -
ithemes-sync/trunk/server.php
r2244568 r2309135 111 111 112 112 public static function request( $action, $query = array(), $data = array() ) { 113 114 $secure_url = apply_filters( 'sync_api_request_url', self::$secure_server_url ); 115 113 116 if ( isset( $data['auth_token'] ) ) { 114 117 $data['iterations'] = self::$password_iterations; … … 153 156 154 157 if ( is_wp_error( $response ) ) { 155 $response = wp_remote_post( self::$secure_server_url . $request, $remote_post_args );158 $response = wp_remote_post( $secure_url . $request, $remote_post_args ); 156 159 } else { 157 160 $options['use_ca_patch'] = true; … … 159 162 } 160 163 else { 161 $response = wp_remote_post( self::$secure_server_url . $request, $remote_post_args );164 $response = wp_remote_post( $secure_url . $request, $remote_post_args ); 162 165 163 166 if ( is_wp_error( $response ) ) { … … 171 174 172 175 if ( is_wp_error( $response ) ) { 173 $response = wp_remote_post( self::$insecure_server_url . $request . '&insecure=1', $remote_post_args );176 $response = wp_remote_post( $secure_url . $request . '&insecure=1', $remote_post_args ); 174 177 175 178 $options['use_ssl'] = false; … … 202 205 203 206 private static function do_patched_post( $request, $remote_post_args ) { 207 $secure_url = apply_filters( 'sync_api_request_url', self::$secure_server_url ); 208 204 209 self::enable_ssl_ca_patch(); 205 $response = wp_remote_post( self::$secure_server_url . $request . '&ca_patch=1', $remote_post_args );210 $response = wp_remote_post( $secure_url . $request . '&ca_patch=1', $remote_post_args ); 206 211 self::disable_ssl_ca_patch(); 207 212 … … 225 230 226 231 public static function add_ca_patch_to_curl_opts( $handle ) { 232 $secure_url = apply_filters( 'sync_api_request_url', self::$secure_server_url ); 227 233 $url = curl_getinfo( $handle, CURLINFO_EFFECTIVE_URL ); 228 234 229 if ( ! preg_match( '/^' . preg_quote( self::$secure_server_url, '/' ) . '/', $url ) ) {235 if ( ! preg_match( '/^' . preg_quote( $secure_url, '/' ) . '/', $url ) ) { 230 236 return; 231 237 } -
ithemes-sync/trunk/settings-page.php
r1881423 r2309135 156 156 157 157 $result = Ithemes_Sync_Server::deauthenticate( $data['user'], $user_details['username'], $user_details['key'] ); 158 159 if ( is_wp_error( $result ) && ( 'authentication' != $result->get_error_code() ) ) {158 159 if ( is_wp_error( $result ) && ( 'authentication' != $result->get_error_code() ) && 'This site has not been authenticated by this user.' != $result->get_error_message() ) { 160 160 $heading = __( 'The user could not be unsynced.', 'it-l10n-ithemes-sync' ); 161 161 $message = $result->get_error_message(); … … 337 337 </form> 338 338 </div> 339 <?php do_action('sync_dev_render'); ?> 339 340 </div> 340 341 <?php
Note: See TracChangeset
for help on using the changeset viewer.