LBRYFoundation/lbry.com
1
0
Fork 0
mirror of https://github.com/LBRYFoundation/lbry.com.git synced 2025-08-23 17:47:26 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

retire old hash

Browse source
This commit is contained in:
Alex Grintsvayg 2017-03-13 18:01:47 -04:00
parent b1cd52307c
commit a31a127fe0
1 changed files with 3 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
lib/thirdparty/Mailgun.class.php vendored
View file

@ -94,11 +94,11 @@ class Mailgun
return true; return true;
} }
protected static function getConfirmHash($email, $timestamp = null, $nonce = null, $useOldSecret = false) protected static function getConfirmHash($email, $timestamp = null, $nonce = null)
{ {
$timestamp = $timestamp !== null ? $timestamp : time(); $timestamp = $timestamp !== null ? $timestamp : time();
$nonce = $nonce !== null ? $nonce : bin2hex(random_bytes(8)); $nonce = $nonce !== null ? $nonce : bin2hex(random_bytes(8));
$secret = $useOldSecret ? 'testing' : Config::get('mailing_list_hmac_secret'); $secret = Config::get('mailing_list_hmac_secret');
if (!$secret) if (!$secret)
{ {
@ -122,11 +122,7 @@ class Mailgun
if (!hash_equals(static::getConfirmHash($email, $timestamp, $nonce), $hash)) if (!hash_equals(static::getConfirmHash($email, $timestamp, $nonce), $hash))
{ {
// TODO: once old hashes expire, just return null here return null;
if (date('Y-m-d') >= '2016-11-18' || !hash_equals(static::getConfirmHash($email, $timestamp, $nonce, true), $hash))
{
return null;
}
} }
if (!is_numeric($timestamp) || time() - $timestamp > 60 * 60 * 24 * 3) if (!is_numeric($timestamp) || time() - $timestamp > 60 * 60 * 24 * 3)