/**
* @file include/diaspora.php
* @brief The implementation of the diaspora protocol
- *
- * Checklist:
- *
- * Checked:
- * - send status
- * - send comment
- * - send like
- * - send mail
- * - send status retraction
- * - send comment retraction on own post
- * - send like retraction on own post
- * - send comment retraction on diaspora post
- * - send like retraction on diaspora post
- * - receive status
- * - receive reshare
- * - receive comment
- * - receive like
- * - receive connect request
- * - receive profile data
- * - receive mail
- * - receive comment retraction
- * - receive like retraction
- * - relay comment
- * - relay like
- * - relay comment retraction from diaspora
- * - relay comment retraction from friendica
- * - relay like retraction from diaspora
- * - relay like retraction from friendica
- * - send share
- *
- * Should work:
- * - receive account deletion
- * - send unshare
- *
- * Unchecked:
*/
require_once("include/items.php");
return($signature);
}
+ /**
+ * @brief verify the envelope and return the verified data
+ *
+ * @param string $envelope The magic envelope
+ *
+ * @return string verified data
+ */
+ private function verify_magic_envelope($envelope) {
+
+ $basedom = parse_xml_string($envelope, false);
+
+ if (!is_object($basedom)) {
+ logger("Envelope is no XML file");
+ return false;
+ }
+
+ $children = $basedom->children('http://salmon-protocol.org/ns/magic-env');
+
+ if (sizeof($children) == 0) {
+ logger("XML has no children");
+ return false;
+ }
+
+ $handle = "";
+
+ $data = base64url_decode($children->data);
+ $type = $children->data->attributes()->type[0];
+
+ $encoding = $children->encoding;
+
+ $alg = $children->alg;
+
+ $sig = base64url_decode($children->sig);
+ $key_id = $children->sig->attributes()->key_id[0];
+ if ($key_id != "")
+ $handle = base64url_decode($key_id);
+
+ $b64url_data = base64url_encode($data);
+ $msg = str_replace(array("\n", "\r", " ", "\t"), array("", "", "", ""), $b64url_data);
+
+ $signable_data = $msg.".".base64url_encode($type).".".base64url_encode($encoding).".".base64url_encode($alg);
+
+ $key = self::key($handle);
+
+ $verify = rsa_verify($signable_data, $sig, $key);
+ if (!$verify) {
+ logger('Message did not verify. Discarding.');
+ return false;
+ }
+
+ return $data;
+ }
+
/**
* @brief: Decodes incoming Diaspora message
*
return array('message' => (string)$inner_decrypted,
'author' => unxmlify($author_link),
'key' => (string)$key);
-
}
$data = parse_xml_string($msg["message"], false);
- if (!is_object($data))
+ if (!is_object($data)) {
+ logger("No valid XML ".$msg["message"], LOGGER_DEBUG);
return false;
+ }
$first_child = $data->getName();
}
}
- if ($fieldname == "author_signature")
+ if (($fieldname == "author_signature") AND ($entry != ""))
$author_signature = base64_decode($entry);
- elseif ($fieldname == "parent_author_signature")
+ elseif (($fieldname == "parent_author_signature") AND ($entry != ""))
$parent_author_signature = base64_decode($entry);
- elseif ($fieldname != "target_author_signature") {
+ elseif (!in_array($fieldname, array("author_signature", "parent_author_signature", "target_author_signature"))) {
if ($signed_data != "") {
$signed_data .= ";";
$signed_data_parent .= ";";
return true;
// No author_signature? This is a must, so we quit.
- if (!isset($author_signature))
+ if (!isset($author_signature)) {
+ logger("No author signature for type ".$type." - Message: ".$msg["message"], LOGGER_DEBUG);
return false;
+ }
if (isset($parent_author_signature)) {
$key = self::key($msg["author"]);
- if (!rsa_verify($signed_data, $parent_author_signature, $key, "sha256"))
+ if (!rsa_verify($signed_data, $parent_author_signature, $key, "sha256")) {
+ logger("No valid parent author signature for author ".$msg["author"]. " in type ".$type." - signed data: ".$signed_data." - Message: ".$msg["message"]." - Signature ".$parent_author_signature, LOGGER_DEBUG);
return false;
+ }
}
$key = self::key($fields->author);
- return rsa_verify($signed_data, $author_signature, $key, "sha256");
+ if (!rsa_verify($signed_data, $author_signature, $key, "sha256")) {
+ logger("No valid author signature for author ".$msg["author"]. " in type ".$type." - signed data: ".$signed_data." - Message: ".$msg["message"]." - Signature ".$author_signature, LOGGER_DEBUG);
+ return false;
+ } else
+ return true;
}
/**
if ($level > 5)
return false;
- // This will work for Diaspora and newer Friendica servers
- $source_url = $server."/p/".$guid.".xml";
- $x = fetch_url($source_url);
- if(!$x)
- return false;
+ // This will work for new Diaspora servers and Friendica servers from 3.5
+ $source_url = $server."/fetch/post/".$guid;
+ logger("Fetch post from ".$source_url, LOGGER_DEBUG);
+
+ $envelope = fetch_url($source_url);
+ if($envelope) {
+ logger("Envelope was fetched.", LOGGER_DEBUG);
+ $x = self::verify_magic_envelope($envelope);
+ if (!$x)
+ logger("Envelope could not be verified.", LOGGER_DEBUG);
+ else
+ logger("Envelope was verified.", LOGGER_DEBUG);
+ } else
+ $x = false;
+
+ // This will work for older Diaspora and Friendica servers
+ if (!$x) {
+ $source_url = $server."/p/".$guid.".xml";
+ logger("Fetch post from ".$source_url, LOGGER_DEBUG);
+
+ $x = fetch_url($source_url);
+ if(!$x)
+ return false;
+ }
$source_xml = parse_xml_string($x, false);
if ($source_xml->post->reshare) {
// Reshare of a reshare - old Diaspora version
+ logger("Message is a reshare", LOGGER_DEBUG);
return self::message($source_xml->post->reshare->root_guid, $server, ++$level);
} elseif ($source_xml->getName() == "reshare") {
// Reshare of a reshare - new Diaspora version
+ logger("Message is a new reshare", LOGGER_DEBUG);
return self::message($source_xml->root_guid, $server, ++$level);
}
$author = (string)$source_xml->author;
// If this isn't a "status_message" then quit
- if (!$author)
+ if (!$author) {
+ logger("Message doesn't seem to be a status message", LOGGER_DEBUG);
return false;
+ }
$msg = array("message" => $x, "author" => $author);
* @return bool Success
*/
private function receive_account_deletion($importer, $data) {
+
+ /// @todo Account deletion should remove the contact from the global contacts as well
+
$author = notags(unxmlify($data->author));
$contact = self::contact_by_handle($importer["uid"], $author);
return true;
}
+ /**
+ * @brief Fetch the uri from our database if we already have this item (maybe from ourselves)
+ *
+ * @param string $author Author handle
+ * @param string $guid Message guid
+ *
+ * @return string The constructed uri or the one from our database
+ */
+ private function get_uri_from_guid($author, $guid) {
+
+ $r = q("SELECT `uri` FROM `item` WHERE `guid` = '%s' LIMIT 1", dbesc($guid));
+ if ($r)
+ return $r[0]["uri"];
+ else
+ return $author.":".$guid;
+ }
+
/**
* @brief Processes an incoming comment
*
$datarray["owner-avatar"] = ((x($contact,"thumb")) ? $contact["thumb"] : $contact["photo"]);
$datarray["guid"] = $guid;
- $datarray["uri"] = $author.":".$guid;
+ $datarray["uri"] = self::get_uri_from_guid($author, $guid);
$datarray["type"] = "remote-comment";
$datarray["verb"] = ACTIVITY_POST;
$datarray["owner-avatar"] = ((x($contact,"thumb")) ? $contact["thumb"] : $contact["photo"]);
$datarray["guid"] = $guid;
- $datarray["uri"] = $author.":".$guid;
+ $datarray["uri"] = self::get_uri_from_guid($author, $guid);
$datarray["type"] = "activity";
$datarray["verb"] = $verb;
return;
}
- $g = q("SELECT `def_gid` FROM `user` WHERE `uid` = %d LIMIT 1",
- intval($importer["uid"])
- );
+ $def_gid = get_default_group($importer['uid'], $ret["network"]);
- if($g && intval($g[0]["def_gid"]))
- group_add_member($importer["uid"], "", $contact_record["id"], $g[0]["def_gid"]);
+ if(intval($def_gid))
+ group_add_member($importer["uid"], "", $contact_record["id"], $def_gid);
+
+ update_contact_avatar($ret["photo"], $importer['uid'], $contact_record["id"], true);
if($importer["page-flags"] == PAGE_NORMAL) {
if (!$r) {
$server = "https://".substr($orig_author, strpos($orig_author, "@") + 1);
- logger("1st try: reshared message ".$guid." will be fetched from original server: ".$server);
+ logger("1st try: reshared message ".$guid." will be fetched via SSL from the server ".$server);
$item_id = self::store_by_guid($guid, $server);
if (!$item_id) {
$server = "http://".substr($orig_author, strpos($orig_author, "@") + 1);
- logger("2nd try: reshared message ".$guid." will be fetched from original server: ".$server);
+ logger("2nd try: reshared message ".$guid." will be fetched without SLL from the server ".$server);
$item_id = self::store_by_guid($guid, $server);
}
- // Deactivated by now since there is a risk that someone could manipulate postings through this method
-/* if (!$item_id) {
- $server = "https://".substr($author, strpos($author, "@") + 1);
- logger("3rd try: reshared message ".$guid." will be fetched from sharer's server: ".$server);
- $item_id = self::store_by_guid($guid, $server);
- }
- if (!$item_id) {
- $server = "http://".substr($author, strpos($author, "@") + 1);
- logger("4th try: reshared message ".$guid." will be fetched from sharer's server: ".$server);
- $item_id = self::store_by_guid($guid, $server);
- }
-*/
if ($item_id) {
$r = q("SELECT `body`, `tag`, `app`, `created`, `object-type`, `uri`, `guid`,
`author-name`, `author-link`, `author-avatar`
FROM `item` WHERE `id` = %d AND `visible` AND NOT `deleted` AND `body` != '' LIMIT 1",
intval($item_id));
- if ($r)
+ if ($r) {
+ // If it is a reshared post from another network then reformat to avoid display problems with two share elements
+ if (self::is_reshare($r[0]["body"], false))
+ $r[0]["body"] = diaspora2bb(bb2diaspora($r[0]["body"]));
+
return $r[0];
+ }
}
}
$datarray["owner-avatar"] = $datarray["author-avatar"];
$datarray["guid"] = $guid;
- $datarray["uri"] = $datarray["parent-uri"] = $author.":".$guid;
+ $datarray["uri"] = $datarray["parent-uri"] = self::get_uri_from_guid($author, $guid);
$datarray["verb"] = ACTIVITY_POST;
$datarray["gravity"] = GRAVITY_PARENT;
case "StatusMessage":
return self::item_retraction($importer, $contact, $data);;
+ case "Contact":
case "Person":
/// @todo What should we do with an "unshare"?
// Removing the contact isn't correct since we still can read the public items
- //contact_remove($contact["id"]);
+ contact_remove($contact["id"]);
return true;
default:
$datarray["owner-avatar"] = $datarray["author-avatar"];
$datarray["guid"] = $guid;
- $datarray["uri"] = $datarray["parent-uri"] = $author.":".$guid;
+ $datarray["uri"] = $datarray["parent-uri"] = self::get_uri_from_guid($author, $guid);
$datarray["verb"] = ACTIVITY_POST;
$datarray["gravity"] = GRAVITY_PARENT;
return $nick."@".substr(App::get_baseurl(), strpos(App::get_baseurl(),"://") + 3);
}
+ /**
+ * @brief Creates the envelope for the "fetch" endpoint
+ *
+ * @param string $msg The message that is to be transmitted
+ * @param array $user The record of the sender
+ *
+ * @return string The envelope
+ */
+
+ public static function build_magic_envelope($msg, $user) {
+
+ $b64url_data = base64url_encode($msg);
+ $data = str_replace(array("\n", "\r", " ", "\t"), array("", "", "", ""), $b64url_data);
+
+ $key_id = base64url_encode(diaspora::my_handle($user));
+ $type = "application/xml";
+ $encoding = "base64url";
+ $alg = "RSA-SHA256";
+ $signable_data = $data.".".base64url_encode($type).".".base64url_encode($encoding).".".base64url_encode($alg);
+ $signature = rsa_sign($signable_data, $user["prvkey"]);
+ $sig = base64url_encode($signature);
+
+ $xmldata = array("me:env" => array("me:data" => $data,
+ "@attributes" => array("type" => $type),
+ "me:encoding" => $encoding,
+ "me:alg" => $alg,
+ "me:sig" => $sig,
+ "@attributes2" => array("key_id" => $key_id)));
+
+ $namespaces = array("me" => "http://salmon-protocol.org/ns/magic-env");
+
+ return xml::from_array($xmldata, $xml, false, $namespaces);
+ }
+
/**
* @brief Creates the envelope for a public message
*
$sig = base64url_encode($signature);
$xmldata = array("diaspora" => array("header" => array("author_id" => $handle),
- "me:env" => array("me:encoding" => "base64url",
- "me:alg" => "RSA-SHA256",
- "me:data" => $data,
- "@attributes" => array("type" => "application/xml"),
- "me:sig" => $sig)));
+ "me:env" => array("me:encoding" => $encoding,
+ "me:alg" => $alg,
+ "me:data" => $data,
+ "@attributes" => array("type" => $type),
+ "me:sig" => $sig)));
$namespaces = array("" => "https://joindiaspora.com/protocol",
"me" => "http://salmon-protocol.org/ns/magic-env");
$cipher_json = base64_encode($encrypted_header_json_object);
$xmldata = array("diaspora" => array("encrypted_header" => $cipher_json,
- "me:env" => array("me:encoding" => "base64url",
- "me:alg" => "RSA-SHA256",
+ "me:env" => array("me:encoding" => $encoding,
+ "me:alg" => $alg,
"me:data" => $data,
- "@attributes" => array("type" => "application/xml"),
+ "@attributes" => array("type" => $type),
"me:sig" => $sig)));
$namespaces = array("" => "https://joindiaspora.com/protocol",
}
+ /**
+ * @brief Build the post xml
+ *
+ * @param string $type The message type
+ * @param array $message The message data
+ *
+ * @return string The post XML
+ */
+ public static function build_post_xml($type, $message) {
+
+ $data = array("XML" => array("post" => array($type => $message)));
+ return xml::from_array($data, $xml);
+ }
+
/**
* @brief Builds and transmit messages
*
*/
private function build_and_transmit($owner, $contact, $type, $message, $public_batch = false, $guid = "", $spool = false) {
- $data = array("XML" => array("post" => array($type => $message)));
-
- $msg = xml::from_array($data, $xml);
+ $msg = self::build_post_xml($type, $message);
logger('message: '.$msg, LOGGER_DATA);
logger('send guid '.$guid, LOGGER_DEBUG);
// Skip if it isn't a pure repeated messages
// Does it start with a share?
- if (strpos($body, "[share") > 0)
+ if ((strpos($body, "[share") > 0) AND $complete)
return(false);
// Does it end with a share?
}
/**
- * @brief Sends a post
+ * @brief Create a post (status message or reshare)
*
* @param array $item The item that will be exported
* @param array $owner the array of the item owner
- * @param array $contact Target of the communication
- * @param bool $public_batch Is it a public post?
*
- * @return int The result of the transmission
+ * @return array
+ * 'type' -> Message type ("status_message" or "reshare")
+ * 'message' -> Array of XML elements of the status
*/
- public static function send_status($item, $owner, $contact, $public_batch = false) {
+ public static function build_status($item, $owner) {
$myaddr = self::my_handle($owner);
$type = "status_message";
}
+ return array("type" => $type, "message" => $message);
+ }
- return self::build_and_transmit($owner, $contact, $type, $message, $public_batch, $item["guid"]);
+ /**
+ * @brief Sends a post
+ *
+ * @param array $item The item that will be exported
+ * @param array $owner the array of the item owner
+ * @param array $contact Target of the communication
+ * @param bool $public_batch Is it a public post?
+ *
+ * @return int The result of the transmission
+ */
+ public static function send_status($item, $owner, $contact, $public_batch = false) {
+
+ $status = diaspora::build_status($item, $owner);
+
+ return self::build_and_transmit($owner, $contact, $status["type"], $status["message"], $public_batch, $item["guid"]);
}
/**
*/
public static function store_like_signature($contact, $post_id) {
- $enabled = intval(get_config('system','diaspora_enabled'));
- if (!$enabled) {
- logger('Diaspora support disabled, not storing like signature', LOGGER_DEBUG);
- return false;
- }
-
// Is the contact the owner? Then fetch the private key
if (!$contact['self'] OR ($contact['uid'] == 0)) {
logger("No owner post, so not storing signature", LOGGER_DEBUG);
return false;
}
- $enabled = intval(get_config('system','diaspora_enabled'));
- if (!$enabled) {
- logger('Diaspora support disabled, not storing comment signature', LOGGER_DEBUG);
- return false;
- }
-
$contact["uprvkey"] = $uprvkey;
$message = self::construct_comment($item, $contact);