X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fdfrn_notify.php;h=db967290660a7e300bb4ae53516c701887fe1556;hb=bf0b98017decf73123891e935993f2921d3b0acf;hp=8ad599c9d415b91499d6fae3dd4f3582595140cf;hpb=ec02af593db87e78b0b388047ac4265aa5f987b1;p=friendica.git

diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php
index 8ad599c9d4..db96729066 100644
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@@ -8,8 +8,9 @@
 
 use Friendica\App;
 use Friendica\Core\Config;
+use Friendica\Core\System;
 use Friendica\Database\DBM;
-use Friendica\Object\Contact;
+use Friendica\Model\Contact;
 use Friendica\Protocol\DFRN;
 
 require_once 'include/items.php';
@@ -17,6 +18,12 @@ require_once 'include/event.php';
 
 function dfrn_notify_post(App $a) {
 	logger(__function__, LOGGER_TRACE);
+
+	if (empty($_POST)) {
+		require_once 'mod/salmon.php';
+		salmon_post($a);
+	}
+
 	$dfrn_id      = ((x($_POST,'dfrn_id'))      ? notags(trim($_POST['dfrn_id']))   : '');
 	$dfrn_version = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version']    : 2.0);
 	$challenge    = ((x($_POST,'challenge'))    ? notags(trim($_POST['challenge'])) : '');
@@ -48,7 +55,7 @@ function dfrn_notify_post(App $a) {
 	);
 	if (! DBM::is_result($r)) {
 		logger('dfrn_notify: could not match challenge to dfrn_id ' . $dfrn_id . ' challenge=' . $challenge);
-		xml_status(3, 'Could not match challenge');
+		System::xmlExit(3, 'Could not match challenge');
 	}
 
 	$r = q("DELETE FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s'",
@@ -70,7 +77,7 @@ function dfrn_notify_post(App $a) {
 			$sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
 			break;
 		default:
-			xml_status(3, 'Invalid direction');
+			System::xmlExit(3, 'Invalid direction');
 			break; // NOTREACHED
 	}
 
@@ -96,7 +103,7 @@ function dfrn_notify_post(App $a) {
 
 	if (! DBM::is_result($r)) {
 		logger('dfrn_notify: contact not found for dfrn_id ' . $dfrn_id);
-		xml_status(3, 'Contact not found');
+		System::xmlExit(3, 'Contact not found');
 		//NOTREACHED
 	}
 
@@ -122,17 +129,16 @@ function dfrn_notify_post(App $a) {
 
 	// if contact's ssl policy changed, update our links
 
-	fix_contact_ssl_policy($importer,$ssl_policy);
+	$importer = Contact::updateSslPolicy($importer, $ssl_policy);
 
 	logger('dfrn_notify: received notify from ' . $importer['name'] . ' for ' . $importer['username']);
 	logger('dfrn_notify: data: ' . $data, LOGGER_DATA);
 
 	if ($dissolve == 1) {
-		require_once('include/Contact.php');
 		// Relationship is dissolved permanently
 		Contact::remove($importer['id']);
 		logger('relationship dissolved : ' . $importer['name'] . ' dissolved ' . $importer['username']);
-		xml_status(0, 'relationship dissolved');
+		System::xmlExit(0, 'relationship dissolved');
 	}
 
 	$rino = Config::get('system', 'rino_encrypt');
@@ -144,9 +150,9 @@ function dfrn_notify_post(App $a) {
 
 		// if local rino is lower than remote rino, abort: should not happen!
 		// but only for $remote_rino > 1, because old code did't send rino version
-		if ($rino_remote_version > 1 && $rino < $rino_remote) {
+		if ($rino_remote > 1 && $rino < $rino_remote) {
 			logger("rino version '$rino_remote' is lower than supported '$rino'");
-			xml_status(0, "rino version '$rino_remote' is lower than supported '$rino'");
+			System::xmlExit(0, "rino version '$rino_remote' is lower than supported '$rino'");
 		}
 
 		$rawkey = hex2bin(trim($key));
@@ -167,49 +173,23 @@ function dfrn_notify_post(App $a) {
 			}
 		}
 
-		#logger('rino: received key : ' . $final_key);
-
 		switch($rino_remote) {
 			case 0:
 			case 1:
-				/*
-				 *we got a key. old code send only the key, without RINO version.
-				 * we assume RINO 1 if key and no RINO version
-				 */
-				$data = DFRN::aes_decrypt(hex2bin($data), $final_key);
-				break;
-			case 2:
-				try {
-					$data = \Crypto::decrypt(hex2bin($data), $final_key);
-				} catch (\InvalidCiphertextException $ex) { // VERY IMPORTANT
-					/*
-					 * Either:
-					 *   1. The ciphertext was modified by the attacker,
-					 *   2. The key is wrong, or
-					 *   3. $ciphertext is not a valid ciphertext or was corrupted.
-					 * Assume the worst.
-					 */
-					logger('The ciphertext has been tampered with!');
-					xml_status(0, 'The ciphertext has been tampered with!');
-				} catch (\CryptoTestFailedException $ex) {
-					logger('Cannot safely perform dencryption');
-					xml_status(0, 'CryptoTestFailed');
-				} catch (\CannotPerformOperationException $ex) {
-					logger('Cannot safely perform decryption');
-					xml_status(0, 'Cannot safely perform decryption');
-				}
+				// we got a key. old code send only the key, without RINO version.
+				// we assume RINO 1 if key and no RINO version
+				$data = DFRN::aesDecrypt(hex2bin($data), $final_key);
 				break;
 			default:
 				logger("rino: invalid sent version '$rino_remote'");
-				xml_status(0, "Invalid sent version '$rino_remote'");
+				System::xmlExit(0, "Invalid sent version '$rino_remote'");
 		}
 
-
 		logger('rino: decrypted data: ' . $data, LOGGER_DATA);
 	}
 
 	$ret = DFRN::import($data, $importer);
-	xml_status($ret, 'Processed');
+	System::xmlExit($ret, 'Processed');
 
 	// NOTREACHED
 }