X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fsalmon.php;h=10b1046b02d1924e9b65d956bcb7191e8e4934d0;hb=5b80a1fcaa04e96992cc54c27e8437a88df591f1;hp=76ab999b2d8d06c9acdc353343ceb6176b08ccba;hpb=5a6da8b447430174ae231a3b8203fd4bd8416cc1;p=friendica.git diff --git a/mod/salmon.php b/mod/salmon.php index 76ab999b2d..10b1046b02 100644 --- a/mod/salmon.php +++ b/mod/salmon.php @@ -8,9 +8,9 @@ require_once('include/follow.php'); function salmon_return($val) { - if ($val >= 400) + if($val >= 400) $err = 'Error'; - if ($val >= 200 && $val < 300) + if($val >= 200 && $val < 300) $err = 'OK'; logger('mod-salmon returns ' . $val); @@ -43,14 +43,14 @@ function salmon_post(App $a) { // figure out where in the DOM tree our data is hiding - if ($dom->provenance->data) + if($dom->provenance->data) $base = $dom->provenance; - elseif ($dom->env->data) + elseif($dom->env->data) $base = $dom->env; - elseif ($dom->data) + elseif($dom->data) $base = $dom; - if (! $base) { + if(! $base) { logger('mod-salmon: unable to locate salmon data in xml '); http_status_exit(400); } @@ -79,7 +79,7 @@ function salmon_post(App $a) { $signed_data = $data . '.' . base64url_encode($type) . '.' . base64url_encode($encoding) . '.' . base64url_encode($alg); - $compliant_format = str_replace('=','',$signed_data); + $compliant_format = str_replace('=', '', $signed_data); // decode the data @@ -88,7 +88,7 @@ function salmon_post(App $a) { $author = ostatus::salmon_author($data,$importer); $author_link = $author["author-link"]; - if (! $author_link) { + if(! $author_link) { logger('mod-salmon: Could not retrieve author URI.'); http_status_exit(400); } @@ -99,7 +99,7 @@ function salmon_post(App $a) { $key = get_salmon_key($author_link,$keyhash); - if (! $key) { + if(! $key) { logger('mod-salmon: Could not retrieve author key.'); http_status_exit(400); } @@ -115,16 +115,20 @@ function salmon_post(App $a) { // We should have everything we need now. Let's see if it verifies. - $verify = rsa_verify($compliant_format,$signature,$pubkey); + // Try GNU Social format + $verify = rsa_verify($signed_data, $signature, $pubkey); + $mode = 1; if (! $verify) { - logger('mod-salmon: message did not verify using protocol. Trying padding hack.'); - $verify = rsa_verify($signed_data,$signature,$pubkey); + logger('mod-salmon: message did not verify using protocol. Trying compliant format.'); + $verify = rsa_verify($compliant_format, $signature, $pubkey); + $mode = 2; } if (! $verify) { - logger('mod-salmon: message did not verify using padding. Trying old statusnet hack.'); - $verify = rsa_verify($stnet_signed_data,$signature,$pubkey); + logger('mod-salmon: message did not verify using padding. Trying old statusnet format.'); + $verify = rsa_verify($stnet_signed_data, $signature, $pubkey); + $mode = 3; } if (! $verify) { @@ -132,7 +136,7 @@ function salmon_post(App $a) { http_status_exit(400); } - logger('mod-salmon: Message verified.'); + logger('mod-salmon: Message verified with mode '.$mode); /* @@ -153,9 +157,9 @@ function salmon_post(App $a) { ); if (! dbm::is_result($r)) { logger('mod-salmon: Author unknown to us.'); - if (get_pconfig($importer['uid'],'system','ostatus_autofriend')) { + if(get_pconfig($importer['uid'],'system','ostatus_autofriend')) { $result = new_contact($importer['uid'],$author_link); - if ($result['success']) { + if($result['success']) { $r = q("SELECT * FROM `contact` WHERE `network` = '%s' AND ( `url` = '%s' OR `alias` = '%s') AND `uid` = %d LIMIT 1", dbesc(NETWORK_OSTATUS), @@ -170,7 +174,7 @@ function salmon_post(App $a) { // Have we ignored the person? // If so we can not accept this post. - //if ((dbm::is_result($r)) && (($r[0]['readonly']) || ($r[0]['rel'] == CONTACT_IS_FOLLOWER) || ($r[0]['blocked']))) { + //if((dbm::is_result($r)) && (($r[0]['readonly']) || ($r[0]['rel'] == CONTACT_IS_FOLLOWER) || ($r[0]['blocked']))) { if (dbm::is_result($r) && $r[0]['blocked']) { logger('mod-salmon: Ignoring this author.'); http_status_exit(202);