From 066900ec08f5cf2749079969e67e3a135cfbaa80 Mon Sep 17 00:00:00 2001 From: Paul Kirby Date: Thu, 24 Jan 2019 13:26:30 -0600 Subject: [PATCH 1/2] Allowing for Speech Channel credentials in options page --- classes/LBRYPress.php | 2 + classes/LBRY_Admin.php | 107 +++++++++++++++++++++++++++++++++++++--- classes/LBRY_Speech.php | 10 ++-- lbry_config.example.php | 4 -- lbrypress.php | 6 +-- 5 files changed, 109 insertions(+), 20 deletions(-) delete mode 100644 lbry_config.example.php diff --git a/classes/LBRYPress.php b/classes/LBRYPress.php index 4d9fed2..808cf41 100644 --- a/classes/LBRYPress.php +++ b/classes/LBRYPress.php @@ -113,6 +113,8 @@ class LBRYPress $this->define('LBRY_ADMIN_PAGE', 'lbrypress'); $this->define('LBRY_WALLET', 'lbry_wallet'); // the wallet address $this->define('LBRY_SPEECH', 'lbry_speech'); // the spee.ch address + $this->define('LBRY_SPEECH_CHANNEL', 'lbry_speech_channel'); // The spee.ch channel + $this->define('LBRY_SPEECH_PW', 'lbry_speech_pw'); // The password for the spee.ch channel $this->define('LBRY_LICENSE', 'lbry_license'); // the license to publish with to the LBRY network $this->define('LBRY_LBC_PUBLISH', 'lbry_lbc_publish'); // amount of lbc to use per publish $this->define('LBRY_WILL_PUBLISH', '_lbry_will_publish'); // The meta key for if to publish to LBRY Network or not diff --git a/classes/LBRY_Admin.php b/classes/LBRY_Admin.php index bde034e..dabd79c 100644 --- a/classes/LBRY_Admin.php +++ b/classes/LBRY_Admin.php @@ -40,7 +40,7 @@ class LBRY_Admin public function page_init() { // Register the LBRY Setting array - register_setting(LBRY_SETTINGS_GROUP, LBRY_SETTINGS, array($this, 'sanitize')); + register_setting(LBRY_SETTINGS_GROUP, LBRY_SETTINGS, array('sanitize_callback' => array($this, 'sanitize'))); // Add Required Settings Sections add_settings_section( @@ -60,11 +60,27 @@ class LBRY_Admin ); add_settings_field( - LBRY_SPEECH, // ID - 'Spee.ch URL', // Title - array( $this, 'speech_callback' ), // Callback - LBRY_ADMIN_PAGE, // Page - LBRY_SETTINGS_SECTION_GENERAL // Section + LBRY_SPEECH, + 'Spee.ch URL', + array( $this, 'speech_callback' ), + LBRY_ADMIN_PAGE, + LBRY_SETTINGS_SECTION_GENERAL + ); + + add_settings_field( + LBRY_SPEECH_CHANNEL, + 'Spee.ch Channel', + array( $this, 'speech_channel_callback' ), + LBRY_ADMIN_PAGE, + LBRY_SETTINGS_SECTION_GENERAL + ); + + add_settings_field( + LBRY_SPEECH_PW, + 'Spee.ch Password', + array( $this, 'speech_pw_callback' ), + LBRY_ADMIN_PAGE, + LBRY_SETTINGS_SECTION_GENERAL ); add_settings_field( @@ -96,10 +112,15 @@ class LBRY_Admin /** * Sanitizes setting input - * // TODO Actually sanitize the input + * // COMBAK Potentially sanitize more */ public function sanitize($input) { + if (!empty($input['lbry_speech_pw'])) { + $encrypted = $this->encrypt($input['lbry_speech_pw']); + $input['lbry_speech_pw'] = $encrypted; + } + return $input; } @@ -140,6 +161,32 @@ class LBRY_Admin ); } + /** + * Prints Spee.ch channel input + */ + public function speech_channel_callback() + { + printf( + '@', + LBRY_SPEECH_CHANNEL, + LBRY_SETTINGS, + isset($this->options[LBRY_SPEECH_CHANNEL]) ? esc_attr($this->options[LBRY_SPEECH_CHANNEL]) : '' + ); + } + + /** + * Prints Spee.ch password input + */ + public function speech_pw_callback() + { + printf( + 'options[LBRY_SPEECH_PW]) ? $this->get_pw_length() : '' + ); + } + /** * Prints License input */ @@ -232,4 +279,50 @@ class LBRY_Admin set_transient('lbry_wallet_check', true, 2 * HOUR_IN_SECONDS); } } + + private function get_pw_length() + { + $pw = $this->options[LBRY_SPEECH_PW]; + if (empty($pw)) { + return ''; + } + $pw = $this->decrypt($pw); + $length = strlen($pw); + return str_repeat("X", $length); + } + + private function encrypt($plaintext) + { + $ivlen = openssl_cipher_iv_length($cipher="AES-256-CTR"); + $iv = openssl_random_pseudo_bytes($ivlen); + $ciphertext_raw = openssl_encrypt($plaintext, $cipher, wp_salt(), $options=OPENSSL_RAW_DATA, $iv); + $hmac = hash_hmac('sha256', $ciphertext_raw, wp_salt(), $as_binary=true); + return base64_encode($iv.$hmac.$ciphertext_raw); + } + + private function decrypt($ciphertext) + { + $c = base64_decode($ciphertext); + $ivlen = openssl_cipher_iv_length($cipher="AES-256-CTR"); + $iv = substr($c, 0, $ivlen); + $hmac = substr($c, $ivlen, $sha2len=32); + $ciphertext_raw = substr($c, $ivlen+$sha2len); + $original_plaintext = openssl_decrypt($ciphertext_raw, $cipher, wp_salt(), $options=OPENSSL_RAW_DATA, $iv); + $calcmac = hash_hmac('sha256', $ciphertext_raw, wp_salt(), $as_binary=true); + if (hash_equals($hmac, $calcmac)) {//PHP 5.6+ timing attack safe comparison + return $original_plaintext; + } + + return false; + } + + public function get_speech_pw() + { + $ciphertext = get_option(LBRY_SETTINGS)[LBRY_SPEECH_PW]; + if (empty($ciphertext)) { + return false; + } + + return $this->decrypt($ciphertext); + } } diff --git a/classes/LBRY_Speech.php b/classes/LBRY_Speech.php index 43ebd52..eab3ab3 100644 --- a/classes/LBRY_Speech.php +++ b/classes/LBRY_Speech.php @@ -67,10 +67,11 @@ class LBRY_Speech ); // Pull Channel and Password from config file for now - // COMBAK: This will change in the future - if (LBRY_SPEECH_CHANNEL && LBRY_SPEECH_CHANNEL_PASSWORD) { - $params['channelName'] = LBRY_SPEECH_CHANNEL; - $params['channelPassword'] = LBRY_SPEECH_CHANNEL_PASSWORD; + $speech_channel = get_option(LBRY_SETTINGS)[LBRY_SPEECH_CHANNEL]; + $speech_pw = LBRY()->admin->get_speech_pw(); + if (!empty($speech_channel) && !empty($speech_pw)) { + $params['channelName'] = $speech_channel; + $params['channelPassword'] = $speech_pw; } $ch = $this->build_request('publish', $params); @@ -160,7 +161,6 @@ class LBRY_Speech } } // Don't forget the featured image - error_log($post_id); if ($featured_id = get_post_thumbnail_id($post_id)) { $image_ids = array_merge($image_ids, array($featured_id)); } diff --git a/lbry_config.example.php b/lbry_config.example.php deleted file mode 100644 index cc9afd9..0000000 --- a/lbry_config.example.php +++ /dev/null @@ -1,4 +0,0 @@ - Date: Thu, 24 Jan 2019 14:05:46 -0600 Subject: [PATCH 2/2] fixed pw value on options page --- classes/LBRY_Admin.php | 31 +++++++++++++++---------------- classes/LBRY_Speech.php | 5 ++++- 2 files changed, 19 insertions(+), 17 deletions(-) diff --git a/classes/LBRY_Admin.php b/classes/LBRY_Admin.php index dabd79c..18cdac2 100644 --- a/classes/LBRY_Admin.php +++ b/classes/LBRY_Admin.php @@ -116,9 +116,20 @@ class LBRY_Admin */ public function sanitize($input) { - if (!empty($input['lbry_speech_pw'])) { + if (!empty($input[LBRY_SPEECH_CHANNEL])) { + $channel = $input[LBRY_SPEECH_CHANNEL]; + $channel = str_replace('@', '', $channel); + $input[LBRY_SPEECH_CHANNEL] = $channel; + } + + if (!empty($input[LBRY_SPEECH_PW])) { $encrypted = $this->encrypt($input['lbry_speech_pw']); - $input['lbry_speech_pw'] = $encrypted; + $input[LBRY_SPEECH_PW] = $encrypted; + } else { + // If we have a password and its empty, keep orginal password + if (!empty(get_option(LBRY_SETTINGS)[LBRY_SPEECH_PW])) { + $input[LBRY_SPEECH_PW] = get_option(LBRY_SETTINGS)[LBRY_SPEECH_PW]; + } } return $input; @@ -180,10 +191,9 @@ class LBRY_Admin public function speech_pw_callback() { printf( - 'options[LBRY_SPEECH_PW]) ? $this->get_pw_length() : '' + LBRY_SETTINGS ); } @@ -280,17 +290,6 @@ class LBRY_Admin } } - private function get_pw_length() - { - $pw = $this->options[LBRY_SPEECH_PW]; - if (empty($pw)) { - return ''; - } - $pw = $this->decrypt($pw); - $length = strlen($pw); - return str_repeat("X", $length); - } - private function encrypt($plaintext) { $ivlen = openssl_cipher_iv_length($cipher="AES-256-CTR"); diff --git a/classes/LBRY_Speech.php b/classes/LBRY_Speech.php index eab3ab3..f88929b 100644 --- a/classes/LBRY_Speech.php +++ b/classes/LBRY_Speech.php @@ -70,8 +70,11 @@ class LBRY_Speech $speech_channel = get_option(LBRY_SETTINGS)[LBRY_SPEECH_CHANNEL]; $speech_pw = LBRY()->admin->get_speech_pw(); if (!empty($speech_channel) && !empty($speech_pw)) { - $params['channelName'] = $speech_channel; + $params['channelName'] = '@' . $speech_channel; $params['channelPassword'] = $speech_pw; + + error_log($params['channelName']); + error_log($params['channelPassword']); } $ch = $this->build_request('publish', $params);