X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fsalmon.php;h=10b1046b02d1924e9b65d956bcb7191e8e4934d0;hb=5b80a1fcaa04e96992cc54c27e8437a88df591f1;hp=37230a557351ad70e9b4faada55a17a89f6ef69e;hpb=2e9d233367068fceac8005126d14a2002539c772;p=friendica.git diff --git a/mod/salmon.php b/mod/salmon.php index 37230a5573..10b1046b02 100644 --- a/mod/salmon.php +++ b/mod/salmon.php @@ -19,7 +19,7 @@ function salmon_return($val) { } -function salmon_post(&$a) { +function salmon_post(App $a) { $xml = file_get_contents('php://input'); @@ -31,8 +31,9 @@ function salmon_post(&$a) { $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `account_expired` = 0 AND `account_removed` = 0 LIMIT 1", dbesc($nick) ); - if(! count($r)) + if (! dbm::is_result($r)) { http_status_exit(500); + } $importer = $r[0]; @@ -78,7 +79,7 @@ function salmon_post(&$a) { $signed_data = $data . '.' . base64url_encode($type) . '.' . base64url_encode($encoding) . '.' . base64url_encode($alg); - $compliant_format = str_replace('=','',$signed_data); + $compliant_format = str_replace('=', '', $signed_data); // decode the data @@ -114,24 +115,28 @@ function salmon_post(&$a) { // We should have everything we need now. Let's see if it verifies. - $verify = rsa_verify($compliant_format,$signature,$pubkey); + // Try GNU Social format + $verify = rsa_verify($signed_data, $signature, $pubkey); + $mode = 1; - if(! $verify) { - logger('mod-salmon: message did not verify using protocol. Trying padding hack.'); - $verify = rsa_verify($signed_data,$signature,$pubkey); + if (! $verify) { + logger('mod-salmon: message did not verify using protocol. Trying compliant format.'); + $verify = rsa_verify($compliant_format, $signature, $pubkey); + $mode = 2; } - if(! $verify) { - logger('mod-salmon: message did not verify using padding. Trying old statusnet hack.'); - $verify = rsa_verify($stnet_signed_data,$signature,$pubkey); + if (! $verify) { + logger('mod-salmon: message did not verify using padding. Trying old statusnet format.'); + $verify = rsa_verify($stnet_signed_data, $signature, $pubkey); + $mode = 3; } - if(! $verify) { + if (! $verify) { logger('mod-salmon: Message did not verify. Discarding.'); http_status_exit(400); } - logger('mod-salmon: Message verified.'); + logger('mod-salmon: Message verified with mode '.$mode); /* @@ -150,12 +155,12 @@ function salmon_post(&$a) { dbesc(normalise_link($author_link)), intval($importer['uid']) ); - if(! count($r)) { + if (! dbm::is_result($r)) { logger('mod-salmon: Author unknown to us.'); if(get_pconfig($importer['uid'],'system','ostatus_autofriend')) { $result = new_contact($importer['uid'],$author_link); if($result['success']) { - $r = q("SELECT * FROM `contact` WHERE `network` = '%s' AND ( `url` = '%s' OR `alias` = '%s') + $r = q("SELECT * FROM `contact` WHERE `network` = '%s' AND ( `url` = '%s' OR `alias` = '%s') AND `uid` = %d LIMIT 1", dbesc(NETWORK_OSTATUS), dbesc($author_link), @@ -169,8 +174,8 @@ function salmon_post(&$a) { // Have we ignored the person? // If so we can not accept this post. - //if((count($r)) && (($r[0]['readonly']) || ($r[0]['rel'] == CONTACT_IS_FOLLOWER) || ($r[0]['blocked']))) { - if(count($r) && $r[0]['blocked']) { + //if((dbm::is_result($r)) && (($r[0]['readonly']) || ($r[0]['rel'] == CONTACT_IS_FOLLOWER) || ($r[0]['blocked']))) { + if (dbm::is_result($r) && $r[0]['blocked']) { logger('mod-salmon: Ignoring this author.'); http_status_exit(202); // NOTREACHED @@ -179,7 +184,7 @@ function salmon_post(&$a) { // Placeholder for hub discovery. $hub = ''; - $contact_rec = ((count($r)) ? $r[0] : null); + $contact_rec = ((dbm::is_result($r)) ? $r[0] : null); ostatus::import($data,$importer,$contact_rec, $hub);