From f23a877cd8ad8d583b74c312c7e9baa842b5a86a Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 26 Feb 2010 15:38:48 -0500 Subject: Discovery::lookup now throws an exception --- plugins/OStatus/classes/Ostatus_profile.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/plugins/OStatus/classes/Ostatus_profile.php b/plugins/OStatus/classes/Ostatus_profile.php index 35539bff7..7b1aec76b 100644 --- a/plugins/OStatus/classes/Ostatus_profile.php +++ b/plugins/OStatus/classes/Ostatus_profile.php @@ -1288,9 +1288,9 @@ class Ostatus_profile extends Memcached_DataObject $disco = new Discovery(); - $result = $disco->lookup($addr); - - if (!$result) { + try { + $result = $disco->lookup($addr); + } catch (Exception $e) { self::cacheSet(sprintf('ostatus_profile:webfinger:%s', $addr), null); return null; } -- cgit v1.2.3-54-g00ecf From e4c462570f8010f751caf214f329617c08bf7105 Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 26 Feb 2010 15:39:30 -0500 Subject: move salmon posting to send application/magic-envelope+xml per http://salmon-protocol.googlecode.com/svn/trunk/draft-panzer-salmon-00.html#RPF --- plugins/OStatus/lib/magicenvelope.php | 22 ++++++++++++++++++++++ plugins/OStatus/lib/salmon.php | 18 +++++++++++------- plugins/OStatus/lib/salmonaction.php | 26 ++++++++++++++------------ 3 files changed, 47 insertions(+), 19 deletions(-) diff --git a/plugins/OStatus/lib/magicenvelope.php b/plugins/OStatus/lib/magicenvelope.php index f33119b8f..230d81ba1 100644 --- a/plugins/OStatus/lib/magicenvelope.php +++ b/plugins/OStatus/lib/magicenvelope.php @@ -83,6 +83,28 @@ class MagicEnvelope } + public function toXML($env) { + $dom = new DOMDocument(); + + $envelope = $dom->createElementNS(MagicEnvelope::NS, 'me:env'); + $envelope->setAttribute('xmlns:me', MagicEnvelope::NS); + $data = $dom->createElementNS(MagicEnvelope::NS, 'me:data', $env['data']); + $data->setAttribute('type', $env['data_type']); + $envelope->appendChild($data); + $enc = $dom->createElementNS(MagicEnvelope::NS, 'me:encoding', $env['encoding']); + $envelope->appendChild($enc); + $alg = $dom->createElementNS(MagicEnvelope::NS, 'me:alg', $env['alg']); + $envelope->appendChild($alg); + $sig = $dom->createElementNS(MagicEnvelope::NS, 'me:sig', $env['sig']); + $envelope->appendChild($sig); + + $dom->appendChild($envelope); + + + return $dom->saveXML(); + } + + public function unfold($env) { $dom = new DOMDocument(); diff --git a/plugins/OStatus/lib/salmon.php b/plugins/OStatus/lib/salmon.php index 6e2459544..68883a410 100644 --- a/plugins/OStatus/lib/salmon.php +++ b/plugins/OStatus/lib/salmon.php @@ -48,12 +48,17 @@ class Salmon return false; } - if (!common_config('ostatus', 'skip_signatures')) { + try { $xml = $this->createMagicEnv($xml, $actor); + } catch (Exception $e) { + common_log(LOG_ERR, "Salmon unable to sign: " . $e->getMessage()); + return false; } - $headers = array('Content-Type: application/atom+xml'); + $headers = array('Content-Type: application/magic-envelope+xml'); + common_log(LOG_DEBUG, "Salmon: going to post " . $xml); + try { $client = new HTTPClient(); $client->setBody($xml); @@ -72,7 +77,6 @@ class Salmon public function createMagicEnv($text, $actor) { - common_log(LOG_DEBUG, "Got actor as : ". print_r($actor, true)); $magic_env = new MagicEnvelope(); $user = User::staticGet('id', $actor->id); @@ -84,7 +88,6 @@ class Salmon $magickey = new Magicsig(); $magickey->generate($user->id); } - common_log(LOG_DEBUG, "Salmon: Loaded key for ". $user->id); } else { throw new Exception("Salmon invalid actor for signing"); } @@ -95,15 +98,16 @@ class Salmon common_log(LOG_ERR, "Salmon signing failed: ". $e->getMessage()); return $text; } - return $magic_env->unfold($env); + return $magic_env->toXML($env); } - public function verifyMagicEnv($dom) + public function verifyMagicEnv($text) { + common_log(LOG_DEBUG, "Going to verify ". $text); $magic_env = new MagicEnvelope(); - $env = $magic_env->fromDom($dom); + $env = $magic_env->parse($text); return $magic_env->verify($env); } diff --git a/plugins/OStatus/lib/salmonaction.php b/plugins/OStatus/lib/salmonaction.php index a03169101..9ca350e67 100644 --- a/plugins/OStatus/lib/salmonaction.php +++ b/plugins/OStatus/lib/salmonaction.php @@ -41,29 +41,31 @@ class SalmonAction extends Action $this->clientError(_m('This method requires a POST.')); } - if (empty($_SERVER['CONTENT_TYPE']) || $_SERVER['CONTENT_TYPE'] != 'application/atom+xml') { - $this->clientError(_m('Salmon requires application/atom+xml')); + if (empty($_SERVER['CONTENT_TYPE']) || $_SERVER['CONTENT_TYPE'] != 'application/magic-envelope+xml') { + $this->clientError(_m('Salmon requires application/magic-envelope+xml')); } $xml = file_get_contents('php://input'); - $dom = DOMDocument::loadXML($xml); + // Check the signature + $salmon = new Salmon; + if (!$salmon->verifyMagicEnv($xml)) { + common_log(LOG_DEBUG, "Salmon signature verification failed."); + $this->clientError(_m('Salmon signature verification failed.')); + } else { + $env = MagicEnvelope::parse($xml); + $xml = MagicEnvelope::unfold($env); + } + + + $dom = DOMDocument::loadXML($xml); if ($dom->documentElement->namespaceURI != Activity::ATOM || $dom->documentElement->localName != 'entry') { common_log(LOG_DEBUG, "Got invalid Salmon post: $xml"); $this->clientError(_m('Salmon post must be an Atom entry.')); } - // Check the signature - $salmon = new Salmon; - if (!common_config('ostatus', 'skip_signatures')) { - if (!$salmon->verifyMagicEnv($dom)) { - common_log(LOG_DEBUG, "Salmon signature verification failed."); - $this->clientError(_m('Salmon signature verification failed.')); - } - } - $this->act = new Activity($dom->documentElement); return true; } -- cgit v1.2.3-54-g00ecf From b0acaeafe345e925a9a5bf44f4ad86567eee14c2 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Fri, 26 Feb 2010 13:06:06 -0800 Subject: Check for conversation with unique conversation ID --- lib/noticelist.php | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/lib/noticelist.php b/lib/noticelist.php index 28a563d87..7d1d2828f 100644 --- a/lib/noticelist.php +++ b/lib/noticelist.php @@ -540,16 +540,13 @@ class NoticeListItem extends Widget function showContext() { $hasConversation = false; - if( !empty($this->notice->conversation) - && $this->notice->conversation != $this->notice->id){ - $hasConversation = true; - }else{ - $conversation = Notice::conversationStream($this->notice->id, 1, 1); - if($conversation->N > 0){ + if (!empty($this->notice->conversation)) { + $conversation = Notice::conversationStream($this->notice->conversation, 1, 1); + if ($conversation->N > 0) { $hasConversation = true; } } - if ($hasConversation){ + if ($hasConversation) { $this->out->text(' '); $convurl = common_local_url('conversation', array('id' => $this->notice->conversation)); -- cgit v1.2.3-54-g00ecf From c82cee18769763d105304f09de9b6b4079e48aae Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 26 Feb 2010 16:25:47 -0500 Subject: removing some extraneous debug logging --- plugins/OStatus/lib/salmon.php | 4 ---- 1 file changed, 4 deletions(-) diff --git a/plugins/OStatus/lib/salmon.php b/plugins/OStatus/lib/salmon.php index 68883a410..3d3341bc6 100644 --- a/plugins/OStatus/lib/salmon.php +++ b/plugins/OStatus/lib/salmon.php @@ -57,8 +57,6 @@ class Salmon $headers = array('Content-Type: application/magic-envelope+xml'); - common_log(LOG_DEBUG, "Salmon: going to post " . $xml); - try { $client = new HTTPClient(); $client->setBody($xml); @@ -95,7 +93,6 @@ class Salmon try { $env = $magic_env->signMessage($text, 'application/atom+xml', $magickey->toString()); } catch (Exception $e) { - common_log(LOG_ERR, "Salmon signing failed: ". $e->getMessage()); return $text; } return $magic_env->toXML($env); @@ -104,7 +101,6 @@ class Salmon public function verifyMagicEnv($text) { - common_log(LOG_DEBUG, "Going to verify ". $text); $magic_env = new MagicEnvelope(); $env = $magic_env->parse($text); -- cgit v1.2.3-54-g00ecf From 0ecf435dc5df3d6424fc7bd0438d2856aa07c1da Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 26 Feb 2010 16:50:00 -0500 Subject: adding sequenceKeys() to magicsig --- plugins/OStatus/classes/Magicsig.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 751527c81..dee193cd5 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -84,6 +84,10 @@ class Magicsig extends Memcached_DataObject return array('user_id' => 'K'); } + function sequenceKeys() { + return array(false, false, false); + } + function insert() { $this->keypair = $this->toString(); -- cgit v1.2.3-54-g00ecf From 6ee7660a585faf290dc1650a714d280b40ac3a2d Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 26 Feb 2010 16:51:50 -0500 Subject: should be sequenceKey (singular) --- plugins/OStatus/classes/HubSub.php | 2 +- plugins/OStatus/classes/Magicsig.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/OStatus/classes/HubSub.php b/plugins/OStatus/classes/HubSub.php index 1ac181fee..e599d83a9 100644 --- a/plugins/OStatus/classes/HubSub.php +++ b/plugins/OStatus/classes/HubSub.php @@ -99,7 +99,7 @@ class HubSub extends Memcached_DataObject return array_keys($this->keyTypes()); } - function sequenceKeys() + function sequenceKey() { return array(false, false, false); } diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index dee193cd5..d47dcf143 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -84,7 +84,7 @@ class Magicsig extends Memcached_DataObject return array('user_id' => 'K'); } - function sequenceKeys() { + function sequenceKey() { return array(false, false, false); } -- cgit v1.2.3-54-g00ecf From 1cf08c7ad7704cd92d59f319573e831d1115e996 Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 26 Feb 2010 17:09:50 -0500 Subject: MagicEnvelope::parse shouldn't be called statically --- plugins/OStatus/lib/salmonaction.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/plugins/OStatus/lib/salmonaction.php b/plugins/OStatus/lib/salmonaction.php index 9ca350e67..fa9dc3b1d 100644 --- a/plugins/OStatus/lib/salmonaction.php +++ b/plugins/OStatus/lib/salmonaction.php @@ -54,8 +54,9 @@ class SalmonAction extends Action common_log(LOG_DEBUG, "Salmon signature verification failed."); $this->clientError(_m('Salmon signature verification failed.')); } else { - $env = MagicEnvelope::parse($xml); - $xml = MagicEnvelope::unfold($env); + $magic_env = new MagicEnvelope(); + $env = $magic_env->parse($xml); + $xml = $magic_env->unfold($env); } -- cgit v1.2.3-54-g00ecf From 4b696cf51f39cd2e1cec4fddaec4f82e675df8d3 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 26 Feb 2010 17:28:44 -0500 Subject: add a flag to impede adding sessions to URLs (for permanent stuff) --- lib/util.php | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/lib/util.php b/lib/util.php index 8381bc63c..32061ec04 100644 --- a/lib/util.php +++ b/lib/util.php @@ -856,7 +856,7 @@ function common_relative_profile($sender, $nickname, $dt=null) return null; } -function common_local_url($action, $args=null, $params=null, $fragment=null) +function common_local_url($action, $args=null, $params=null, $fragment=null, $addSession=true) { $r = Router::get(); $path = $r->build($action, $args, $params, $fragment); @@ -864,12 +864,12 @@ function common_local_url($action, $args=null, $params=null, $fragment=null) $ssl = common_is_sensitive($action); if (common_config('site','fancy')) { - $url = common_path(mb_substr($path, 1), $ssl); + $url = common_path(mb_substr($path, 1), $ssl, $addSession); } else { if (mb_strpos($path, '/index.php') === 0) { - $url = common_path(mb_substr($path, 1), $ssl); + $url = common_path(mb_substr($path, 1), $ssl, $addSession); } else { - $url = common_path('index.php'.$path, $ssl); + $url = common_path('index.php'.$path, $ssl, $addSession); } } return $url; @@ -888,7 +888,7 @@ function common_is_sensitive($action) return $ssl; } -function common_path($relative, $ssl=false) +function common_path($relative, $ssl=false, $addSession=true) { $pathpart = (common_config('site', 'path')) ? common_config('site', 'path')."/" : ''; @@ -912,7 +912,9 @@ function common_path($relative, $ssl=false) } } - $relative = common_inject_session($relative, $serverpart); + if ($addSession) { + $relative = common_inject_session($relative, $serverpart); + } return $proto.'://'.$serverpart.'/'.$pathpart.$relative; } @@ -1134,14 +1136,15 @@ function common_broadcast_profile(Profile $profile) function common_profile_url($nickname) { - return common_local_url('showstream', array('nickname' => $nickname)); + return common_local_url('showstream', array('nickname' => $nickname), + null, null, false); } // Should make up a reasonable root URL function common_root_url($ssl=false) { - $url = common_path('', $ssl); + $url = common_path('', $ssl, false); $i = strpos($url, '?'); if ($i !== false) { $url = substr($url, 0, $i); @@ -1426,7 +1429,8 @@ function common_remove_magic_from_request() function common_user_uri(&$user) { - return common_local_url('userbyid', array('id' => $user->id)); + return common_local_url('userbyid', array('id' => $user->id), + null, null, false); } function common_notice_uri(&$notice) -- cgit v1.2.3-54-g00ecf From d3fc8e22193a86fc71ba21462db89c30fa2abc4b Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Fri, 26 Feb 2010 14:47:38 -0800 Subject: Pull conversation URL from Conversation instead of assuming it's local --- lib/noticelist.php | 35 ++++++++++++++++++++++++++++------- 1 file changed, 28 insertions(+), 7 deletions(-) diff --git a/lib/noticelist.php b/lib/noticelist.php index 7d1d2828f..88a925241 100644 --- a/lib/noticelist.php +++ b/lib/noticelist.php @@ -541,18 +541,39 @@ class NoticeListItem extends Widget { $hasConversation = false; if (!empty($this->notice->conversation)) { - $conversation = Notice::conversationStream($this->notice->conversation, 1, 1); + $conversation = Notice::conversationStream( + $this->notice->conversation, + 1, + 1 + ); if ($conversation->N > 0) { $hasConversation = true; } } if ($hasConversation) { - $this->out->text(' '); - $convurl = common_local_url('conversation', - array('id' => $this->notice->conversation)); - $this->out->element('a', array('href' => $convurl.'#notice-'.$this->notice->id, - 'class' => 'response'), - _('in context')); + $conv = Conversation::staticGet( + 'id', + $this->notice->conversation + ); + $convurl = $conv->uri; + if (!empty($convurl)) { + $this->out->text(' '); + $this->out->element( + 'a', + array( + 'href' => $convurl.'#notice-'.$this->notice->id, + 'class' => 'response'), + _('in context') + ); + } else { + $msg = sprintf( + "Couldn't find Conversation ID %d to make 'in context'" + . "link for Notice ID %d", + $this->notice->conversation, + $this->notice->id + ); + common_log(LOG_WARNING, $msg); + } } } -- cgit v1.2.3-54-g00ecf From a5cfda850537e5e55d61f381cfac7d5100aa3bea Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 26 Feb 2010 17:47:39 -0500 Subject: blow cache on known replies --- classes/Notice.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/classes/Notice.php b/classes/Notice.php index ac4640534..2d02a9a19 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -944,6 +944,8 @@ class Notice extends Memcached_DataObject $reply->profile_id = $user->id; $id = $reply->insert(); + + self::blow('reply:stream:%d', $user->id); } } -- cgit v1.2.3-54-g00ecf From ee7603b09f162188caaf1d319a70e7fd5d6aa385 Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 26 Feb 2010 17:52:12 -0500 Subject: better return check in Magicsig::staticGet() --- plugins/OStatus/classes/Magicsig.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index d47dcf143..30da63c36 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -50,7 +50,11 @@ class Magicsig extends Memcached_DataObject public /*static*/ function staticGet($k, $v=null) { $obj = parent::staticGet(__CLASS__, $k, $v); - return Magicsig::fromString($obj->keypair); + if (!empty($obj)) { + return Magicsig::fromString($obj->keypair); + } + + return $obj; } -- cgit v1.2.3-54-g00ecf From 21edb98a32cf67b9f754c9a74414f113cb71cb37 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 26 Feb 2010 18:26:52 -0500 Subject: change function name --- plugins/OStatus/classes/Magicsig.php | 27 ++++++++++++--------------- 1 file changed, 12 insertions(+), 15 deletions(-) diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 30da63c36..7a804a47a 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -33,20 +33,20 @@ class Magicsig extends Memcached_DataObject { const PUBLICKEYREL = 'magic-public-key'; - + public $__table = 'magicsig'; public $user_id; public $keypair; public $alg; - + private $_rsa; public function __construct($alg = 'RSA-SHA256') { $this->alg = $alg; } - + public /*static*/ function staticGet($k, $v=null) { $obj = parent::staticGet(__CLASS__, $k, $v); @@ -57,7 +57,6 @@ class Magicsig extends Memcached_DataObject return $obj; } - function table() { return array( @@ -77,7 +76,6 @@ class Magicsig extends Memcached_DataObject 64, false)); } - function keys() { return array_keys($this->keyTypes()); @@ -114,7 +112,6 @@ class Magicsig extends Memcached_DataObject $this->insert(); } - public function toString($full_pair = true) { $public_key = $this->_rsa->_public_key; @@ -127,15 +124,15 @@ class Magicsig extends Memcached_DataObject $private_exp = '.' . base64_url_encode($private_key->getExponent()); } - return 'RSA.' . $mod . '.' . $exp . $private_exp; + return 'RSA.' . $mod . '.' . $exp . $private_exp; } - + public static function fromString($text) { PEAR::pushErrorHandling(PEAR_ERROR_RETURN); $magic_sig = new Magicsig(); - + // remove whitespace $text = preg_replace('/\s+/', '', $text); @@ -143,7 +140,7 @@ class Magicsig extends Memcached_DataObject if (!preg_match('/RSA\.([^\.]+)\.([^\.]+)(.([^\.]+))?/', $text, $matches)) { return false; } - + $mod = base64_url_decode($matches[1]); $exp = base64_url_decode($matches[2]); if ($matches[4]) { @@ -185,10 +182,10 @@ class Magicsig extends Memcached_DataObject } } - + public function sign($bytes) { - $sig = $this->_rsa->createSign($bytes, null, 'sha256'); + $sig = $this->_rsa->createSign($bytes, null, 'magicsig_sha256'); if ($this->_rsa->isError()) { $error = $this->_rsa->getLastError(); common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); @@ -200,7 +197,7 @@ class Magicsig extends Memcached_DataObject public function verify($signed_bytes, $signature) { - $result = $this->_rsa->validateSign($signed_bytes, $signature, null, 'sha256'); + $result = $this->_rsa->validateSign($signed_bytes, $signature, null, 'magicsig_sha256'); if ($this->_rsa->isError()) { $error = $this->keypair->getLastError(); common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); @@ -208,12 +205,12 @@ class Magicsig extends Memcached_DataObject } return $result; } - + } // Define a sha256 function for hashing // (Crypt_RSA should really be updated to use hash() ) -function sha256($bytes) +function magicsig_sha256($bytes) { return hash('sha256', $bytes); } -- cgit v1.2.3-54-g00ecf From 831eb0d2b6e35073992106a792f2878bb98e6aa4 Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 26 Feb 2010 18:22:08 -0500 Subject: renaming sha256 to prevent conflict --- plugins/OStatus/classes/Magicsig.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 30da63c36..96900d876 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -181,14 +181,15 @@ class Magicsig extends Memcached_DataObject switch ($this->alg) { case 'RSA-SHA256': - return 'sha256'; + return 'magicsig_sha256'; } } public function sign($bytes) { - $sig = $this->_rsa->createSign($bytes, null, 'sha256'); + $hash = $this->getHash(); + $sig = $this->_rsa->createSign($bytes, null, $hash); if ($this->_rsa->isError()) { $error = $this->_rsa->getLastError(); common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); @@ -200,7 +201,8 @@ class Magicsig extends Memcached_DataObject public function verify($signed_bytes, $signature) { - $result = $this->_rsa->validateSign($signed_bytes, $signature, null, 'sha256'); + $hash = $this->getHash(); + $result = $this->_rsa->validateSign($signed_bytes, $signature, null, $hash); if ($this->_rsa->isError()) { $error = $this->keypair->getLastError(); common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); @@ -213,7 +215,7 @@ class Magicsig extends Memcached_DataObject // Define a sha256 function for hashing // (Crypt_RSA should really be updated to use hash() ) -function sha256($bytes) +function magicsig_sha256($bytes) { return hash('sha256', $bytes); } -- cgit v1.2.3-54-g00ecf From 2344db1ae5b061ee80b0793f70f072cbee3a18f3 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 26 Feb 2010 18:28:33 -0500 Subject: Revert "change function name" This reverts commit 21edb98a32cf67b9f754c9a74414f113cb71cb37. --- plugins/OStatus/classes/Magicsig.php | 27 +++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 7a804a47a..30da63c36 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -33,20 +33,20 @@ class Magicsig extends Memcached_DataObject { const PUBLICKEYREL = 'magic-public-key'; - + public $__table = 'magicsig'; public $user_id; public $keypair; public $alg; - + private $_rsa; public function __construct($alg = 'RSA-SHA256') { $this->alg = $alg; } - + public /*static*/ function staticGet($k, $v=null) { $obj = parent::staticGet(__CLASS__, $k, $v); @@ -57,6 +57,7 @@ class Magicsig extends Memcached_DataObject return $obj; } + function table() { return array( @@ -76,6 +77,7 @@ class Magicsig extends Memcached_DataObject 64, false)); } + function keys() { return array_keys($this->keyTypes()); @@ -112,6 +114,7 @@ class Magicsig extends Memcached_DataObject $this->insert(); } + public function toString($full_pair = true) { $public_key = $this->_rsa->_public_key; @@ -124,15 +127,15 @@ class Magicsig extends Memcached_DataObject $private_exp = '.' . base64_url_encode($private_key->getExponent()); } - return 'RSA.' . $mod . '.' . $exp . $private_exp; + return 'RSA.' . $mod . '.' . $exp . $private_exp; } - + public static function fromString($text) { PEAR::pushErrorHandling(PEAR_ERROR_RETURN); $magic_sig = new Magicsig(); - + // remove whitespace $text = preg_replace('/\s+/', '', $text); @@ -140,7 +143,7 @@ class Magicsig extends Memcached_DataObject if (!preg_match('/RSA\.([^\.]+)\.([^\.]+)(.([^\.]+))?/', $text, $matches)) { return false; } - + $mod = base64_url_decode($matches[1]); $exp = base64_url_decode($matches[2]); if ($matches[4]) { @@ -182,10 +185,10 @@ class Magicsig extends Memcached_DataObject } } - + public function sign($bytes) { - $sig = $this->_rsa->createSign($bytes, null, 'magicsig_sha256'); + $sig = $this->_rsa->createSign($bytes, null, 'sha256'); if ($this->_rsa->isError()) { $error = $this->_rsa->getLastError(); common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); @@ -197,7 +200,7 @@ class Magicsig extends Memcached_DataObject public function verify($signed_bytes, $signature) { - $result = $this->_rsa->validateSign($signed_bytes, $signature, null, 'magicsig_sha256'); + $result = $this->_rsa->validateSign($signed_bytes, $signature, null, 'sha256'); if ($this->_rsa->isError()) { $error = $this->keypair->getLastError(); common_log(LOG_DEBUG, 'RSA Error: '. $error->getMessage()); @@ -205,12 +208,12 @@ class Magicsig extends Memcached_DataObject } return $result; } - + } // Define a sha256 function for hashing // (Crypt_RSA should really be updated to use hash() ) -function magicsig_sha256($bytes) +function sha256($bytes) { return hash('sha256', $bytes); } -- cgit v1.2.3-54-g00ecf From 31ecc8619830746cadada92b5d7ab83c529bf3b3 Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Sat, 27 Feb 2010 16:59:33 +0100 Subject: Fixes entity_tags alignment --- theme/base/css/display.css | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/theme/base/css/display.css b/theme/base/css/display.css index 52f97f6b1..f32c57ea4 100644 --- a/theme/base/css/display.css +++ b/theme/base/css/display.css @@ -799,8 +799,8 @@ list-style-type:none; display:inline; } .entity_tags li { -float:left; -margin-right:11px; +display:inline; +margin-right:7px; } .aside .section { -- cgit v1.2.3-54-g00ecf From babca69f67d6aa2f7d491f84a4982b772056ebcb Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sat, 27 Feb 2010 11:04:24 -0500 Subject: add bugfix to version number. --- lib/common.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/common.php b/lib/common.php index 2dbe3b3c5..546f6bbe4 100644 --- a/lib/common.php +++ b/lib/common.php @@ -22,7 +22,7 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } //exit with 200 response, if this is checking fancy from the installer if (isset($_REQUEST['p']) && $_REQUEST['p'] == 'check-fancy') { exit; } -define('STATUSNET_VERSION', '0.9.0beta6'); +define('STATUSNET_VERSION', '0.9.0beta6+bugfix1'); define('LACONICA_VERSION', STATUSNET_VERSION); // compatibility define('STATUSNET_CODENAME', 'Stand'); -- cgit v1.2.3-54-g00ecf From 55f27feb78a8ae5c6a829623f89bf3f89016aa08 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sat, 27 Feb 2010 15:03:17 -0500 Subject: Plugin to restrict too many registrations from one IP We throttle registrations by IP. We record IP address of each registration, and if too many registrations have been done by the same IP address in the time interval, we reject the registration. --- .../RegisterThrottle/RegisterThrottlePlugin.php | 249 +++++++++++++++++++++ plugins/RegisterThrottle/Registration_ip.php | 124 ++++++++++ 2 files changed, 373 insertions(+) create mode 100644 plugins/RegisterThrottle/RegisterThrottlePlugin.php create mode 100644 plugins/RegisterThrottle/Registration_ip.php diff --git a/plugins/RegisterThrottle/RegisterThrottlePlugin.php b/plugins/RegisterThrottle/RegisterThrottlePlugin.php new file mode 100644 index 000000000..05709b780 --- /dev/null +++ b/plugins/RegisterThrottle/RegisterThrottlePlugin.php @@ -0,0 +1,249 @@ +. + * + * @category Spam + * @package StatusNet + * @author Evan Prodromou + * @copyright 2010 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +/** + * Throttle registration by IP address + * + * We a) record IP address of registrants and b) throttle registrations. + * + * @category Spam + * @package StatusNet + * @author Evan Prodromou + * @copyright 2010 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0 + * @link http://status.net/ + */ + +class RegisterThrottlePlugin extends Plugin +{ + /** + * Array of time spans in seconds to limits. + * + * Default is 3 registrations per hour, 5 per day, 10 per week. + */ + + public $regLimits = array(604800 => 10, // per week + 86400 => 5, // per day + 3600 => 3); // per hour + + /** + * Database schema setup + * + * We store user registrations in a table registration_ip. + * + * @return boolean hook value; true means continue processing, false means stop. + */ + + function onCheckSchema() + { + $schema = Schema::get(); + + // For storing user-submitted flags on profiles + + $schema->ensureTable('registration_ip', + array(new ColumnDef('user_id', 'integer', null, + false, 'PRI'), + new ColumnDef('ipaddress', 'varchar', 15, false, 'MUL'), + new ColumnDef('created', 'timestamp', null, false, 'MUL'))); + + return true; + } + + /** + * Load related modules when needed + * + * @param string $cls Name of the class to be loaded + * + * @return boolean hook value; true means continue processing, false means stop. + */ + + function onAutoload($cls) + { + $dir = dirname(__FILE__); + + switch ($cls) + { + case 'Registration_ip': + include_once $dir . '/'.$cls.'.php'; + return false; + default: + return true; + } + } + + /** + * Called when someone tries to register. + * + * We check the IP here to determine if it goes over any of our + * configured limits. + * + * @param Action $action Action that is being executed + * + * @return boolean hook value + * + */ + + function onStartRegistrationTry($action) + { + $ipaddress = $this->_getIpAddress(); + + if (empty($ipaddress)) { + throw new ServerException(_m('Cannot find IP address.')); + } + + foreach ($this->regLimits as $seconds => $limit) { + + $this->debug("Checking $seconds ($limit)"); + + $reg = $this->_getNthReg($ipaddress, $limit); + + if (!empty($reg)) { + $this->debug("Got a {$limit}th registration."); + $regtime = strtotime($reg->created); + $now = time(); + $this->debug("Comparing {$regtime} to {$now}"); + if ($now - $regtime < $seconds) { + throw new Exception(_("Too many registrations. Take a break and try again later.")); + } + } + } + + return true; + } + + /** + * Called after someone registers. + * + * We record the successful registration and IP address. + * + * @param Action $action Action that is being executed + * + * @return boolean hook value + * + */ + + function onEndRegistrationTry($action) + { + $ipaddress = $this->_getIpAddress(); + + if (empty($ipaddress)) { + throw new ServerException(_m('Cannot find IP address.')); + } + + $user = common_current_user(); + + if (empty($user)) { + throw new ServerException(_m('Cannot find user after successful registration.')); + } + + $reg = new Registration_ip(); + + $reg->user_id = $user->id; + $reg->ipaddress = $ipaddress; + + $result = $reg->insert(); + + if (!$result) { + common_log_db_error($reg, 'INSERT', __FILE__); + // @todo throw an exception? + } + + return true; + } + + /** + * Check the version of the plugin. + * + * @param array &$versions Version array. + * + * @return boolean hook value + */ + + function onPluginVersion(&$versions) + { + $versions[] = array('name' => 'RegisterThrottle', + 'version' => STATUSNET_VERSION, + 'author' => 'Evan Prodromou', + 'homepage' => 'http://status.net/wiki/Plugin:RegisterThrottle', + 'description' => + _m('Throttles excessive registration from a single IP.')); + return true; + } + + /** + * Gets the current IP address. + * + * @return string IP address or null if not found. + */ + + private function _getIpAddress() + { + $keys = array('HTTP_X_FORWARDED_FOR', + 'CLIENT-IP', + 'REMOTE_ADDR'); + + foreach ($keys as $k) { + if (!empty($_SERVER[$k])) { + return $_SERVER[$k]; + } + } + + return null; + } + + /** + * Gets the Nth registration with the given IP address. + * + * @param string $ipaddress Address to key on + * @param integer $n Nth address + * + * @return Registration_ip nth registration or null if not found. + */ + + private function _getNthReg($ipaddress, $n) + { + $reg = new Registration_ip(); + + $reg->ipaddress = $ipaddress; + + $reg->orderBy('created DESC'); + $reg->limit($n - 1, 1); + + if ($reg->find(true)) { + return $reg; + } else { + return null; + } + } +} diff --git a/plugins/RegisterThrottle/Registration_ip.php b/plugins/RegisterThrottle/Registration_ip.php new file mode 100644 index 000000000..7e61d089e --- /dev/null +++ b/plugins/RegisterThrottle/Registration_ip.php @@ -0,0 +1,124 @@ + + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://status.net/ + * + * StatusNet - the distributed open-source microblogging tool + * Copyright (C) 2010, StatusNet, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR . '/classes/Memcached_DataObject.php'; + +/** + * Data class for storing IP addresses of new registrants. + * + * @category Spam + * @package StatusNet + * @author Evan Prodromou + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://status.net/ + */ + +class Registration_ip extends Memcached_DataObject +{ + public $__table = 'registration_ip'; // table name + public $user_id; // int(4) primary_key not_null + public $ipaddress; // varchar(15) + public $created; // timestamp + + /** + * Get an instance by key + * + * @param string $k Key to use to lookup (usually 'user_id' for this class) + * @param mixed $v Value to lookup + * + * @return User_greeting_count object found, or null for no hits + * + */ + + function staticGet($k, $v=null) + { + return Memcached_DataObject::staticGet('Registration_ip', $k, $v); + } + + /** + * return table definition for DB_DataObject + * + * @return array array of column definitions + */ + + function table() + { + return array('user_id' => DB_DATAOBJECT_INT + DB_DATAOBJECT_NOTNULL, + 'ipaddress' => DB_DATAOBJECT_STR + DB_DATAOBJECT_NOTNULL, + 'created' => DB_DATAOBJECT_MYSQLTIMESTAMP + DB_DATAOBJECT_NOTNULL); + } + + /** + * return key definitions for DB_DataObject + * + * DB_DataObject needs to know about keys that the table has; this function + * defines them. + * + * @return array key definitions + */ + + function keys() + { + return array('user_id' => 'K'); + } + + /** + * return key definitions for Memcached_DataObject + * + * Our caching system uses the same key definitions, but uses a different + * method to get them. + * + * @return array key definitions + */ + + function keyTypes() + { + return $this->keys(); + } + + /** + * Magic formula for non-autoincrementing integer primary keys + * + * If a table has a single integer column as its primary key, DB_DataObject + * assumes that the column is auto-incrementing and makes a sequence table + * to do this incrementation. Since we don't need this for our class, we + * overload this method and return the magic formula that DB_DataObject needs. + * + * @return array magic three-false array that stops auto-incrementing. + */ + + function sequenceKey() + { + return array(false, false, false); + } +} -- cgit v1.2.3-54-g00ecf From 4d9daf21493e75354190667e5c1ab3140b46dee1 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sat, 27 Feb 2010 16:06:46 -0500 Subject: Use notice for context when deciding who @nickname refers to In a federated system, "@nickname" is insufficient to uniquely identify a user. However, it's a very convenient idiom. We need to guess from context who 'nickname' refers to. Previously, we were using the sender's profile (or what we knew about them) as the only context. So, we assumed that they'd be mentioning to someone they followed, or someone who followed them, or someone on their own server. Now, we include the notice information for context. We check to see if the notice is a reply to another notice, and if the author of the original notice has the nickname 'nickname', then the mention is probably for them. Alternately, if the original notice mentions someone with nickname 'nickname', then this notice is probably referring to _them_. Doing this kind of context sleuthing means we have to render the content very late in the notice-saving process. --- classes/Notice.php | 12 ++++++------ lib/util.php | 51 +++++++++++++++++++++++++++++++++++++++++++++------ 2 files changed, 51 insertions(+), 12 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index 2d02a9a19..6614f3d55 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -282,12 +282,6 @@ class Notice extends Memcached_DataObject $notice->content = $final; - if (!empty($rendered)) { - $notice->rendered = $rendered; - } else { - $notice->rendered = common_render_content($final, $notice); - } - $notice->source = $source; $notice->uri = $uri; $notice->url = $url; @@ -315,6 +309,12 @@ class Notice extends Memcached_DataObject $notice->location_ns = $location_ns; } + if (!empty($rendered)) { + $notice->rendered = $rendered; + } else { + $notice->rendered = common_render_content($final, $notice); + } + if (Event::handle('StartNoticeSave', array(&$notice))) { // XXX: some of these functions write to the DB diff --git a/lib/util.php b/lib/util.php index 32061ec04..d12a7920d 100644 --- a/lib/util.php +++ b/lib/util.php @@ -426,14 +426,14 @@ function common_render_content($text, $notice) { $r = common_render_text($text); $id = $notice->profile_id; - $r = common_linkify_mentions($id, $r); + $r = common_linkify_mentions($r, $notice); $r = preg_replace('/(^|[\s\.\,\:\;]+)!([A-Za-z0-9]{1,64})/e', "'\\1!'.common_group_link($id, '\\2')", $r); return $r; } -function common_linkify_mentions($profile_id, $text) +function common_linkify_mentions($text, $notice) { - $mentions = common_find_mentions($profile_id, $text); + $mentions = common_find_mentions($text, $notice); // We need to go through in reverse order by position, // so our positions stay valid despite our fudging with the @@ -487,11 +487,11 @@ function common_linkify_mention($mention) return $output; } -function common_find_mentions($profile_id, $text) +function common_find_mentions($text, $notice) { $mentions = array(); - $sender = Profile::staticGet('id', $profile_id); + $sender = Profile::staticGet('id', $notice->profile_id); if (empty($sender)) { return $mentions; @@ -499,6 +499,30 @@ function common_find_mentions($profile_id, $text) if (Event::handle('StartFindMentions', array($sender, $text, &$mentions))) { + // Get the context of the original notice, if any + + $originalAuthor = null; + $originalNotice = null; + $originalMentions = array(); + + // Is it a reply? + + if (!empty($notice) && !empty($notice->reply_to)) { + $originalNotice = Notice::staticGet('id', $notice->reply_to); + if (!empty($originalNotice)) { + $originalAuthor = Profile::staticGet('id', $originalNotice->profile_id); + + $ids = $originalNotice->getReplies(); + + foreach ($ids as $id) { + $repliedTo = Profile::staticGet('id', $id); + if (!empty($repliedTo)) { + $originalMentions[$repliedTo->nickname] = $repliedTo; + } + } + } + } + preg_match_all('/^T ([A-Z0-9]{1,64}) /', $text, $tmatches, @@ -514,7 +538,22 @@ function common_find_mentions($profile_id, $text) foreach ($matches as $match) { $nickname = common_canonical_nickname($match[0]); - $mentioned = common_relative_profile($sender, $nickname); + + // Try to get a profile for this nickname. + // Start with conversation context, then go to + // sender context. + + if (!empty($originalAuthor) && $originalAuthor->nickname == $nickname) { + + $mentioned = $originalAuthor; + + } else if (!empty($originalMentions) && + array_key_exists($nickname, $originalMentions)) { + + $mention = $originalMentions[$nickname]; + } else { + $mentioned = common_relative_profile($sender, $nickname); + } if (!empty($mentioned)) { -- cgit v1.2.3-54-g00ecf From 04c4facba9230f40726c5891dcac21d928fbb2ab Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sat, 27 Feb 2010 16:30:38 -0500 Subject: fix call of common_find_mentions() in Notice::saveReplies() --- classes/Notice.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/classes/Notice.php b/classes/Notice.php index 6614f3d55..3702dbcfa 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -973,7 +973,10 @@ class Notice extends Memcached_DataObject $sender = Profile::staticGet($this->profile_id); - $mentions = common_find_mentions($this->profile_id, $this->content); + // @todo ideally this parser information would only + // be calculated once. + + $mentions = common_find_mentions($this->content, $this); $replied = array(); -- cgit v1.2.3-54-g00ecf