* @brief The implementation of the diaspora protocol
*
* The new protocol is described here: http://diaspora.github.io/diaspora_federation/index.html
- * Currently this implementation here interprets the old and the new protocol and sends the old one.
- * This will change in the future.
+ * This implementation here interprets the old and the new protocol and sends the new one.
+ * In the future we will remove most stuff from "valid_posting" and interpret only the new protocol.
*/
use Friendica\App;
if (dbm::is_result($r)) {
return $r[0];
} else {
- // We haven't found it?
- // We use another function for it that will possibly create a contact entry
+ /*
+ * We haven't found it?
+ * We use another function for it that will possibly create a contact entry.
+ */
$cid = get_contact($handle, $uid);
if ($cid > 0) {
+ /// @TODO Contact retrieval should be encapsulated into an "entity" class like `Contact`
$r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1", intval($cid));
if (dbm::is_result($r)) {
*/
private static function post_allow($importer, $contact, $is_comment = false) {
- // perhaps we were already sharing with this person. Now they're sharing with us.
- // That makes us friends.
- // Normally this should have handled by getting a request - but this could get lost
+ /*
+ * Perhaps we were already sharing with this person. Now they're sharing with us.
+ * That makes us friends.
+ * Normally this should have handled by getting a request - but this could get lost
+ */
if ($contact["rel"] == CONTACT_IS_FOLLOWER && in_array($importer["page-flags"], array(PAGE_FREELOVE))) {
q("UPDATE `contact` SET `rel` = %d, `writable` = 1 WHERE `id` = %d AND `uid` = %d",
intval(CONTACT_IS_FRIEND),
// We don't seem to like that person
if ($contact["blocked"] || $contact["readonly"] || $contact["archive"]) {
+ // Maybe blocked, don't accept.
return false;
- // We are following this person? Then it is okay
+ // We are following this person?
} elseif (($contact["rel"] == CONTACT_IS_SHARING) || ($contact["rel"] == CONTACT_IS_FRIEND)) {
+ // Yes, then it is fine.
return true;
- // Is it a post to a community? That's good
+ // Is it a post to a community?
} elseif (($contact["rel"] == CONTACT_IS_FOLLOWER) && ($importer["page-flags"] == PAGE_COMMUNITY)) {
+ // That's good
return true;
- }
- // Messages for the global users and comments are always accepted
- if (($importer["uid"] == 0) || $is_comment) {
+ // Is the message a global user or a comment?
+ } elseif (($importer["uid"] == 0) || $is_comment) {
+ // Messages for the global users and comments are always accepted
return true;
}
$person = self::person_by_handle($msg_author);
+ dba::lock('mail');
+
$r = q("SELECT `id` FROM `mail` WHERE `guid` = '%s' AND `uid` = %d LIMIT 1",
dbesc($msg_guid),
intval($importer["uid"])
dbesc($msg_created_at)
);
+ dba::unlock();
+
q("UPDATE `conv` SET `updated` = '%s' WHERE `id` = %d",
dbesc(datetime_convert()),
intval($conversation["id"])
return false;
}
+ $body = diaspora2bb($text);
+
+ $body = self::replace_people_guid($body, $person["url"]);
+
+ dba::lock('mail');
+
$r = q("SELECT `id` FROM `mail` WHERE `guid` = '%s' AND `uid` = %d LIMIT 1",
dbesc($guid),
intval($importer["uid"])
return false;
}
- $body = diaspora2bb($text);
-
- $body = self::replace_people_guid($body, $person["url"]);
-
q("INSERT INTO `mail` (`uid`, `guid`, `convid`, `from-name`,`from-photo`,`from-url`,`contact-id`,`title`,`body`,`seen`,`reply`,`uri`,`parent-uri`,`created`)
VALUES ( %d, '%s', %d, '%s', '%s', '%s', %d, '%s', '%s', %d, %d, '%s','%s','%s')",
intval($importer["uid"]),
dbesc($created_at)
);
+ dba::unlock();
+
q("UPDATE `conv` SET `updated` = '%s' WHERE `id` = %d",
dbesc(datetime_convert()),
intval($conversation["id"])
return $nick."@".substr(App::get_baseurl(), strpos(App::get_baseurl(),"://") + 3);
}
- /**
- * @brief Creates the envelope for the "fetch" endpoint
- *
- * @param string $msg The message that is to be transmitted
- * @param array $user The record of the sender
- *
- * @return string The envelope
- */
-
- public static function build_magic_envelope($msg, $user) {
-
- $b64url_data = base64url_encode($msg);
- $data = str_replace(array("\n", "\r", " ", "\t"), array("", "", "", ""), $b64url_data);
-
- $key_id = base64url_encode(self::my_handle($user));
- $type = "application/xml";
- $encoding = "base64url";
- $alg = "RSA-SHA256";
- $signable_data = $data.".".base64url_encode($type).".".base64url_encode($encoding).".".base64url_encode($alg);
- $signature = rsa_sign($signable_data, $user["prvkey"]);
- $sig = base64url_encode($signature);
-
- $xmldata = array("me:env" => array("me:data" => $data,
- "@attributes" => array("type" => $type),
- "me:encoding" => $encoding,
- "me:alg" => $alg,
- "me:sig" => $sig,
- "@attributes2" => array("key_id" => $key_id)));
-
- $namespaces = array("me" => "http://salmon-protocol.org/ns/magic-env");
-
- return xml::from_array($xmldata, $xml, false, $namespaces);
- }
/**
- * @brief Creates the envelope for a public message
+ * @brief Creates the data for a private message in the new format
*
* @param string $msg The message that is to be transmitted
* @param array $user The record of the sender
* @param string $prvkey The private key of the sender
* @param string $pubkey The public key of the receiver
*
- * @return string The envelope
+ * @return string The encrypted data
*/
- private static function build_public_message($msg, $user, $contact, $prvkey, $pubkey) {
+ public static function encode_private_data($msg, $user, $contact, $prvkey, $pubkey) {
logger("Message: ".$msg, LOGGER_DATA);
- $handle = self::my_handle($user);
-
- $b64url_data = base64url_encode($msg);
-
- $data = str_replace(array("\n", "\r", " ", "\t"), array("", "", "", ""), $b64url_data);
-
- $type = "application/xml";
- $encoding = "base64url";
- $alg = "RSA-SHA256";
+ // without a public key nothing will work
+ if (!$pubkey) {
+ logger("pubkey missing: contact id: ".$contact["id"]);
+ return false;
+ }
- $signable_data = $data.".".base64url_encode($type).".".base64url_encode($encoding).".".base64url_encode($alg);
+ $aes_key = openssl_random_pseudo_bytes(32);
+ $b_aes_key = base64_encode($aes_key);
+ $iv = openssl_random_pseudo_bytes(16);
+ $b_iv = base64_encode($iv);
- $signature = rsa_sign($signable_data,$prvkey);
- $sig = base64url_encode($signature);
+ $ciphertext = self::aes_encrypt($aes_key, $iv, $msg);
- $xmldata = array("diaspora" => array("header" => array("author_id" => $handle),
- "me:env" => array("me:encoding" => $encoding,
- "me:alg" => $alg,
- "me:data" => $data,
- "@attributes" => array("type" => $type),
- "me:sig" => $sig)));
+ $json = json_encode(array("iv" => $b_iv, "key" => $b_aes_key));
- $namespaces = array("" => "https://joindiaspora.com/protocol",
- "me" => "http://salmon-protocol.org/ns/magic-env");
+ $encrypted_key_bundle = "";
+ openssl_public_encrypt($json, $encrypted_key_bundle, $pubkey);
- $magic_env = xml::from_array($xmldata, $xml, false, $namespaces);
+ $json_object = json_encode(array("aes_key" => base64_encode($encrypted_key_bundle),
+ "encrypted_magic_envelope" => base64_encode($ciphertext)));
- logger("magic_env: ".$magic_env, LOGGER_DATA);
- return $magic_env;
+ return $json_object;
}
/**
- * @brief Creates the envelope for a private message
+ * @brief Creates the envelope for the "fetch" endpoint and for the new format
*
* @param string $msg The message that is to be transmitted
* @param array $user The record of the sender
- * @param array $contact Target of the communication
- * @param string $prvkey The private key of the sender
- * @param string $pubkey The public key of the receiver
*
* @return string The envelope
*/
- private static function build_private_message($msg, $user, $contact, $prvkey, $pubkey) {
-
- logger("Message: ".$msg, LOGGER_DATA);
-
- // without a public key nothing will work
-
- if (!$pubkey) {
- logger("pubkey missing: contact id: ".$contact["id"]);
- return false;
- }
-
- $inner_aes_key = openssl_random_pseudo_bytes(32);
- $b_inner_aes_key = base64_encode($inner_aes_key);
- $inner_iv = openssl_random_pseudo_bytes(16);
- $b_inner_iv = base64_encode($inner_iv);
-
- $outer_aes_key = openssl_random_pseudo_bytes(32);
- $b_outer_aes_key = base64_encode($outer_aes_key);
- $outer_iv = openssl_random_pseudo_bytes(16);
- $b_outer_iv = base64_encode($outer_iv);
-
- $handle = self::my_handle($user);
-
- $inner_encrypted = self::aes_encrypt($inner_aes_key, $inner_iv, $msg);
-
- $b64_data = base64_encode($inner_encrypted);
-
+ public static function build_magic_envelope($msg, $user) {
- $b64url_data = base64url_encode($b64_data);
+ $b64url_data = base64url_encode($msg);
$data = str_replace(array("\n", "\r", " ", "\t"), array("", "", "", ""), $b64url_data);
+ $key_id = base64url_encode(self::my_handle($user));
$type = "application/xml";
$encoding = "base64url";
$alg = "RSA-SHA256";
-
$signable_data = $data.".".base64url_encode($type).".".base64url_encode($encoding).".".base64url_encode($alg);
- $signature = rsa_sign($signable_data,$prvkey);
- $sig = base64url_encode($signature);
-
- $xmldata = array("decrypted_header" => array("iv" => $b_inner_iv,
- "aes_key" => $b_inner_aes_key,
- "author_id" => $handle));
-
- $decrypted_header = xml::from_array($xmldata, $xml, true);
-
- $ciphertext = self::aes_encrypt($outer_aes_key, $outer_iv, $decrypted_header);
-
- $outer_json = json_encode(array("iv" => $b_outer_iv, "key" => $b_outer_aes_key));
-
- $encrypted_outer_key_bundle = "";
- openssl_public_encrypt($outer_json, $encrypted_outer_key_bundle, $pubkey);
-
- $b64_encrypted_outer_key_bundle = base64_encode($encrypted_outer_key_bundle);
-
- logger("outer_bundle: ".$b64_encrypted_outer_key_bundle." key: ".$pubkey, LOGGER_DATA);
-
- $encrypted_header_json_object = json_encode(array("aes_key" => base64_encode($encrypted_outer_key_bundle),
- "ciphertext" => base64_encode($ciphertext)));
- $cipher_json = base64_encode($encrypted_header_json_object);
+ // Fallback if the private key wasn't transmitted in the expected field
+ if ($user['uprvkey'] == "")
+ $user['uprvkey'] = $user['prvkey'];
- $xmldata = array("diaspora" => array("encrypted_header" => $cipher_json,
- "me:env" => array("me:encoding" => $encoding,
- "me:alg" => $alg,
- "me:data" => $data,
- "@attributes" => array("type" => $type),
- "me:sig" => $sig)));
+ $signature = rsa_sign($signable_data, $user["uprvkey"]);
+ $sig = base64url_encode($signature);
- $namespaces = array("" => "https://joindiaspora.com/protocol",
- "me" => "http://salmon-protocol.org/ns/magic-env");
+ $xmldata = array("me:env" => array("me:data" => $data,
+ "@attributes" => array("type" => $type),
+ "me:encoding" => $encoding,
+ "me:alg" => $alg,
+ "me:sig" => $sig,
+ "@attributes2" => array("key_id" => $key_id)));
- $magic_env = xml::from_array($xmldata, $xml, false, $namespaces);
+ $namespaces = array("me" => "http://salmon-protocol.org/ns/magic-env");
- logger("magic_env: ".$magic_env, LOGGER_DATA);
- return $magic_env;
+ return xml::from_array($xmldata, $xml, false, $namespaces);
}
/**
*/
private static function build_message($msg, $user, $contact, $prvkey, $pubkey, $public = false) {
- //$new = Config::get('system', 'new_diaspora', null, true);
+ // The message is put into an envelope with the sender's signature
+ $envelope = self::build_magic_envelope($msg, $user);
- if ($public)
- $magic_env = self::build_public_message($msg,$user,$contact,$prvkey,$pubkey);
- else
- $magic_env = self::build_private_message($msg,$user,$contact,$prvkey,$pubkey);
+ // Private messages are put into a second envelope, encrypted with the receivers public key
+ if (!$public) {
+ $envelope = self::encode_private_data($envelope, $user, $contact, $prvkey, $pubkey);
+ }
- // The data that will be transmitted is double encoded via "urlencode", strange ...
- $slap = "xml=".urlencode(urlencode($magic_env));
- return $slap;
+ return $envelope;
}
/**
*
* @param array $owner the array of the item owner
* @param array $contact Target of the communication
- * @param string $slap The message that is to be transmitted
+ * @param string $envelope The message that is to be transmitted
* @param bool $public_batch Is it a public post?
* @param bool $queue_run Is the transmission called from the queue?
* @param string $guid message guid
*
* @return int Result of the transmission
*/
- public static function transmit($owner, $contact, $slap, $public_batch, $queue_run=false, $guid = "") {
+ public static function transmit($owner, $contact, $envelope, $public_batch, $queue_run=false, $guid = "") {
$a = get_app();
$return_code = 0;
} else {
if (!intval(get_config("system", "diaspora_test"))) {
- post_url($dest_url."/", $slap);
+ $content_type = (($public_batch) ? "application/magic-envelope+xml" : "application/json");
+
+ post_url($dest_url."/", $envelope, array("Content-Type: ".$content_type));
$return_code = $a->get_curl_code();
} else {
logger("test_mode");
$r = q("SELECT `id` FROM `queue` WHERE `cid` = %d AND `network` = '%s' AND `content` = '%s' AND `batch` = %d LIMIT 1",
intval($contact["id"]),
dbesc(NETWORK_DIASPORA),
- dbesc($slap),
+ dbesc($envelope),
intval($public_batch)
);
if ($r) {
logger("add_to_queue ignored - identical item already in queue");
} else {
// queue message for redelivery
- add_to_queue($contact["id"], NETWORK_DIASPORA, $slap, $public_batch);
+ add_to_queue($contact["id"], NETWORK_DIASPORA, $envelope, $public_batch);
// The message could not be delivered. We mark the contact as "dead"
mark_for_death($contact);
if ($owner['uprvkey'] == "")
$owner['uprvkey'] = $owner['prvkey'];
- $slap = self::build_message($msg, $owner, $contact, $owner['uprvkey'], $contact['pubkey'], $public_batch);
+ $envelope = self::build_message($msg, $owner, $contact, $owner['uprvkey'], $contact['pubkey'], $public_batch);
if ($spool) {
- add_to_queue($contact['id'], NETWORK_DIASPORA, $slap, $public_batch);
+ add_to_queue($contact['id'], NETWORK_DIASPORA, $envelope, $public_batch);
return true;
} else
- $return_code = self::transmit($owner, $contact, $slap, $public_batch, false, $guid);
+ $return_code = self::transmit($owner, $contact, $envelope, $public_batch, false, $guid);
logger("guid: ".$item["guid"]." result ".$return_code, LOGGER_DEBUG);
*/
public static function send_share($owner, $contact) {
- /// @todo support the different possible combinations of "following" and "sharing"
-/*
- if (in_array($contact["rel"], array(CONTACT_IS_FRIEND, CONTACT_IS_FOLLOWER))) {
- $new_relation = CONTACT_IS_FRIEND;
- $new_relation = CONTACT_IS_SHARING;
- $new_relation = CONTACT_IS_FOLLOWER;
-*/
+ /**
+ * @todo support the different possible combinations of "following" and "sharing"
+ * Currently, Diaspora only interprets the "sharing" field
+ *
+ * Before switching this code productive, we have to check all "send_share" calls if "rel" is set correctly
+ */
+
+ /*
+ switch ($contact["rel"]) {
+ case CONTACT_IS_FRIEND:
+ $following = true;
+ $sharing = true;
+ case CONTACT_IS_SHARING:
+ $following = false;
+ $sharing = true;
+ case CONTACT_IS_FOLLOWER:
+ $following = true;
+ $sharing = false;
+ }
+ */
+
$message = array("author" => self::my_handle($owner),
"recipient" => $contact["addr"],
"following" => "true",
* This will break Diaspora compatibility with Friendica versions prior to 3.5.
*/
q("INSERT INTO `sign` (`iid`,`signed_text`) VALUES (%d,'%s')",
- intval($message_id),
+ intval($post_id),
dbesc(json_encode($message))
);
projects / friendica.git / blobdiff