if((! $community_page) && (! $prvgroup))
return false;
-
-
return true;
-
}
-
-
-
-
-
-function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
-
- $a = get_app();
-
- $idtosend = $orig_id = (($contact['dfrn-id']) ? $contact['dfrn-id'] : $contact['issued-id']);
-
- if($contact['duplex'] && $contact['dfrn-id'])
- $idtosend = '0:' . $orig_id;
- if($contact['duplex'] && $contact['issued-id'])
- $idtosend = '1:' . $orig_id;
-
-
- $rino = get_config('system','rino_encrypt');
- $rino = intval($rino);
- // use RINO1 if mcrypt isn't installed and RINO2 was selected
- if ($rino==2 and !function_exists('mcrypt_create_iv')) $rino=1;
-
- logger("Local rino version: ". $rino, LOGGER_DEBUG);
-
- $ssl_val = intval(get_config('system','ssl_policy'));
- $ssl_policy = '';
-
- switch($ssl_val){
- case SSL_POLICY_FULL:
- $ssl_policy = 'full';
- break;
- case SSL_POLICY_SELFSIGN:
- $ssl_policy = 'self';
- break;
- case SSL_POLICY_NONE:
- default:
- $ssl_policy = 'none';
- break;
- }
-
- $url = $contact['notify'] . '&dfrn_id=' . $idtosend . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . (($rino) ? '&rino='.$rino : '');
-
- logger('dfrn_deliver: ' . $url);
-
- $xml = fetch_url($url);
-
- $curl_stat = $a->get_curl_code();
- if(! $curl_stat)
- return(-1); // timed out
-
- logger('dfrn_deliver: ' . $xml, LOGGER_DATA);
-
- if(! $xml)
- return 3;
-
- if(strpos($xml,'<?xml') === false) {
- logger('dfrn_deliver: no valid XML returned');
- logger('dfrn_deliver: returned XML: ' . $xml, LOGGER_DATA);
- return 3;
- }
-
- $res = parse_xml_string($xml);
-
- if((intval($res->status) != 0) || (! strlen($res->challenge)) || (! strlen($res->dfrn_id)))
- return (($res->status) ? $res->status : 3);
-
- $postvars = array();
- $sent_dfrn_id = hex2bin((string) $res->dfrn_id);
- $challenge = hex2bin((string) $res->challenge);
- $perm = (($res->perm) ? $res->perm : null);
- $dfrn_version = (float) (($res->dfrn_version) ? $res->dfrn_version : 2.0);
- $rino_remote_version = intval($res->rino);
- $page = (($owner['page-flags'] == PAGE_COMMUNITY) ? 1 : 0);
-
- logger("Remote rino version: ".$rino_remote_version." for ".$contact["url"], LOGGER_DEBUG);
-
- if($owner['page-flags'] == PAGE_PRVGROUP)
- $page = 2;
-
- $final_dfrn_id = '';
-
- if($perm) {
- if((($perm == 'rw') && (! intval($contact['writable'])))
- || (($perm == 'r') && (intval($contact['writable'])))) {
- q("update contact set writable = %d where id = %d",
- intval(($perm == 'rw') ? 1 : 0),
- intval($contact['id'])
- );
- $contact['writable'] = (string) 1 - intval($contact['writable']);
- }
- }
-
- if(($contact['duplex'] && strlen($contact['pubkey']))
- || ($owner['page-flags'] == PAGE_COMMUNITY && strlen($contact['pubkey']))
- || ($contact['rel'] == CONTACT_IS_SHARING && strlen($contact['pubkey']))) {
- openssl_public_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['pubkey']);
- openssl_public_decrypt($challenge,$postvars['challenge'],$contact['pubkey']);
- }
- else {
- openssl_private_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['prvkey']);
- openssl_private_decrypt($challenge,$postvars['challenge'],$contact['prvkey']);
- }
-
- $final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.'));
-
- if(strpos($final_dfrn_id,':') == 1)
- $final_dfrn_id = substr($final_dfrn_id,2);
-
- if($final_dfrn_id != $orig_id) {
- logger('dfrn_deliver: wrong dfrn_id.');
- // did not decode properly - cannot trust this site
- return 3;
- }
-
- $postvars['dfrn_id'] = $idtosend;
- $postvars['dfrn_version'] = DFRN_PROTOCOL_VERSION;
- if($dissolve)
- $postvars['dissolve'] = '1';
-
-
- if((($contact['rel']) && ($contact['rel'] != CONTACT_IS_SHARING) && (! $contact['blocked'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) {
- $postvars['data'] = $atom;
- $postvars['perm'] = 'rw';
- }
- else {
- $postvars['data'] = str_replace('<dfrn:comment-allow>1','<dfrn:comment-allow>0',$atom);
- $postvars['perm'] = 'r';
- }
-
- $postvars['ssl_policy'] = $ssl_policy;
-
- if($page)
- $postvars['page'] = $page;
-
-
- if($rino>0 && $rino_remote_version>0 && (! $dissolve)) {
- logger('rino version: '. $rino_remote_version);
-
- switch($rino_remote_version) {
- case 1:
- // Deprecated rino version!
- $key = substr(random_string(),0,16);
- $data = aes_encrypt($postvars['data'],$key);
- break;
- case 2:
- // RINO 2 based on php-encryption
- try {
- $key = Crypto::createNewRandomKey();
- } catch (CryptoTestFailed $ex) {
- logger('Cannot safely create a key');
- return -1;
- } catch (CannotPerformOperation $ex) {
- logger('Cannot safely create a key');
- return -1;
- }
- try {
- $data = Crypto::encrypt($postvars['data'], $key);
- } catch (CryptoTestFailed $ex) {
- logger('Cannot safely perform encryption');
- return -1;
- } catch (CannotPerformOperation $ex) {
- logger('Cannot safely perform encryption');
- return -1;
- }
- break;
- default:
- logger("rino: invalid requested verision '$rino_remote_version'");
- return -1;
- }
-
- $postvars['rino'] = $rino_remote_version;
- $postvars['data'] = bin2hex($data);
-
- #logger('rino: sent key = ' . $key, LOGGER_DEBUG);
-
-
- if($dfrn_version >= 2.1) {
- if(($contact['duplex'] && strlen($contact['pubkey']))
- || ($owner['page-flags'] == PAGE_COMMUNITY && strlen($contact['pubkey']))
- || ($contact['rel'] == CONTACT_IS_SHARING && strlen($contact['pubkey']))) {
-
- openssl_public_encrypt($key,$postvars['key'],$contact['pubkey']);
- }
- else {
- openssl_private_encrypt($key,$postvars['key'],$contact['prvkey']);
- }
- }
- else {
- if(($contact['duplex'] && strlen($contact['prvkey'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) {
- openssl_private_encrypt($key,$postvars['key'],$contact['prvkey']);
- }
- else {
- openssl_public_encrypt($key,$postvars['key'],$contact['pubkey']);
- }
- }
-
- logger('md5 rawkey ' . md5($postvars['key']));
-
- $postvars['key'] = bin2hex($postvars['key']);
- }
-
-
- logger('dfrn_deliver: ' . "SENDING: " . print_r($postvars,true), LOGGER_DATA);
-
- $xml = post_url($contact['notify'],$postvars);
-
- logger('dfrn_deliver: ' . "RECEIVED: " . $xml, LOGGER_DATA);
-
- $curl_stat = $a->get_curl_code();
- if((! $curl_stat) || (! strlen($xml)))
- return(-1); // timed out
-
- if(($curl_stat == 503) && (stristr($a->get_curl_headers(),'retry-after')))
- return(-1);
-
- if(strpos($xml,'<?xml') === false) {
- logger('dfrn_deliver: phase 2: no valid XML returned');
- logger('dfrn_deliver: phase 2: returned XML: ' . $xml, LOGGER_DATA);
- return 3;
- }
-
- if($contact['term-date'] != '0000-00-00 00:00:00') {
- logger("dfrn_deliver: $url back from the dead - removing mark for death");
- require_once('include/Contact.php');
- unmark_for_death($contact);
- }
-
- $res = parse_xml_string($xml);
-
- return $res->status;
-}
-
-
/*
This function returns true if $update has an edited timestamp newer
than $existing, i.e. $update contains new data which should override