X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fsalmon.php;h=10b1046b02d1924e9b65d956bcb7191e8e4934d0;hb=5b80a1fcaa04e96992cc54c27e8437a88df591f1;hp=ee3826d8a8bb37a3c3b734fea775dd12804afeab;hpb=0c764684bb32a9432fd161e62db907efb78af1a5;p=friendica.git diff --git a/mod/salmon.php b/mod/salmon.php index ee3826d8a8..10b1046b02 100644 --- a/mod/salmon.php +++ b/mod/salmon.php @@ -6,7 +6,6 @@ require_once('include/crypto.php'); require_once('include/items.php'); require_once('include/follow.php'); -if(! function_exists('salmon_return')) { function salmon_return($val) { if($val >= 400) @@ -17,11 +16,10 @@ function salmon_return($val) { logger('mod-salmon returns ' . $val); header($_SERVER["SERVER_PROTOCOL"] . ' ' . $val . ' ' . $err); killme(); -} + } -if(! function_exists('salmon_post')) { -function salmon_post(&$a) { +function salmon_post(App $a) { $xml = file_get_contents('php://input'); @@ -33,8 +31,9 @@ function salmon_post(&$a) { $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `account_expired` = 0 AND `account_removed` = 0 LIMIT 1", dbesc($nick) ); - if(! count($r)) + if (! dbm::is_result($r)) { http_status_exit(500); + } $importer = $r[0]; @@ -80,13 +79,13 @@ function salmon_post(&$a) { $signed_data = $data . '.' . base64url_encode($type) . '.' . base64url_encode($encoding) . '.' . base64url_encode($alg); - $compliant_format = str_replace('=','',$signed_data); + $compliant_format = str_replace('=', '', $signed_data); // decode the data $data = base64url_decode($data); - $author = ostatus_salmon_author($data,$importer); + $author = ostatus::salmon_author($data,$importer); $author_link = $author["author-link"]; if(! $author_link) { @@ -116,24 +115,28 @@ function salmon_post(&$a) { // We should have everything we need now. Let's see if it verifies. - $verify = rsa_verify($compliant_format,$signature,$pubkey); + // Try GNU Social format + $verify = rsa_verify($signed_data, $signature, $pubkey); + $mode = 1; - if(! $verify) { - logger('mod-salmon: message did not verify using protocol. Trying padding hack.'); - $verify = rsa_verify($signed_data,$signature,$pubkey); + if (! $verify) { + logger('mod-salmon: message did not verify using protocol. Trying compliant format.'); + $verify = rsa_verify($compliant_format, $signature, $pubkey); + $mode = 2; } - if(! $verify) { - logger('mod-salmon: message did not verify using padding. Trying old statusnet hack.'); - $verify = rsa_verify($stnet_signed_data,$signature,$pubkey); + if (! $verify) { + logger('mod-salmon: message did not verify using padding. Trying old statusnet format.'); + $verify = rsa_verify($stnet_signed_data, $signature, $pubkey); + $mode = 3; } - if(! $verify) { + if (! $verify) { logger('mod-salmon: Message did not verify. Discarding.'); http_status_exit(400); } - logger('mod-salmon: Message verified.'); + logger('mod-salmon: Message verified with mode '.$mode); /* @@ -152,7 +155,7 @@ function salmon_post(&$a) { dbesc(normalise_link($author_link)), intval($importer['uid']) ); - if(! count($r)) { + if (! dbm::is_result($r)) { logger('mod-salmon: Author unknown to us.'); if(get_pconfig($importer['uid'],'system','ostatus_autofriend')) { $result = new_contact($importer['uid'],$author_link); @@ -171,8 +174,8 @@ function salmon_post(&$a) { // Have we ignored the person? // If so we can not accept this post. - //if((count($r)) && (($r[0]['readonly']) || ($r[0]['rel'] == CONTACT_IS_FOLLOWER) || ($r[0]['blocked']))) { - if(count($r) && $r[0]['blocked']) { + //if((dbm::is_result($r)) && (($r[0]['readonly']) || ($r[0]['rel'] == CONTACT_IS_FOLLOWER) || ($r[0]['blocked']))) { + if (dbm::is_result($r) && $r[0]['blocked']) { logger('mod-salmon: Ignoring this author.'); http_status_exit(202); // NOTREACHED @@ -181,10 +184,9 @@ function salmon_post(&$a) { // Placeholder for hub discovery. $hub = ''; - $contact_rec = ((count($r)) ? $r[0] : null); + $contact_rec = ((dbm::is_result($r)) ? $r[0] : null); - ostatus_import($data,$importer,$contact_rec, $hub); + ostatus::import($data,$importer,$contact_rec, $hub); http_status_exit(200); } -}