From: Brion Vibber Date: Fri, 2 Apr 2010 22:56:25 +0000 (-0700) Subject: Merge branch '0.9.x' into 1.0.x X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=2f4438fe24a99e5493469f734bf41547c8ad2ce5;p=quix0rs-gnu-social.git Merge branch '0.9.x' into 1.0.x Conflicts: actions/imsettings.php lib/jabber.php Made a quick attempt to merge the new JID validation into the XmppPlugin, have not had a chance to test that version live yet. Should also move over the test cases. --- 2f4438fe24a99e5493469f734bf41547c8ad2ce5 diff --cc plugins/Xmpp/XmppPlugin.php index 9557f392bb,0000000000..03bf47feac mode 100644,000000..100644 --- a/plugins/Xmpp/XmppPlugin.php +++ b/plugins/Xmpp/XmppPlugin.php @@@ -1,252 -1,0 +1,432 @@@ +. + * + * @category IM + * @package StatusNet + * @author Evan Prodromou + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + // This check helps protect against security problems; + // your code file can't be executed directly from the web. + exit(1); +} + +set_include_path(get_include_path() . PATH_SEPARATOR . INSTALLDIR . '/extlib/XMPPHP'); + +/** + * Plugin for XMPP + * + * @category Plugin + * @package StatusNet + * @author Evan Prodromou + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0 + * @link http://status.net/ + */ + +class XmppPlugin extends ImPlugin +{ + public $server = null; + public $port = 5222; + public $user = 'update'; + public $resource = null; + public $encryption = true; + public $password = null; + public $host = null; // only set if != server + public $debug = false; // print extra debug info + + public $transport = 'xmpp'; + + protected $fake_xmpp; + + function getDisplayName(){ + return _m('XMPP/Jabber/GTalk'); + } + - function normalize($screenname) ++ /** ++ * Splits a Jabber ID (JID) into node, domain, and resource portions. ++ * ++ * Based on validation routine submitted by: ++ * @copyright 2009 Patrick Georgi ++ * @license Licensed under ISC-L, which is compatible with everything else that keeps the copyright notice intact. ++ * ++ * @param string $jid string to check ++ * ++ * @return array with "node", "domain", and "resource" indices ++ * @throws Exception if input is not valid ++ */ ++ ++ protected function splitJid($jid) + { - if (preg_match("/(?:([^\@]+)\@)?([^\/]+)(?:\/(.*))?$/", $screenname, $matches)) { - $node = $matches[1]; - $server = $matches[2]; - return strtolower($node.'@'.$server); ++ $chars = ''; ++ /* the following definitions come from stringprep, Appendix C, ++ which is used in its entirety by nodeprop, Chapter 5, "Prohibited Output" */ ++ /* C1.1 ASCII space characters */ ++ $chars .= "\x{20}"; ++ /* C1.2 Non-ASCII space characters */ ++ $chars .= "\x{a0}\x{1680}\x{2000}-\x{200b}\x{202f}\x{205f}\x{3000a}"; ++ /* C2.1 ASCII control characters */ ++ $chars .= "\x{00}-\x{1f}\x{7f}"; ++ /* C2.2 Non-ASCII control characters */ ++ $chars .= "\x{80}-\x{9f}\x{6dd}\x{70f}\x{180e}\x{200c}\x{200d}\x{2028}\x{2029}\x{2060}-\x{2063}\x{206a}-\x{206f}\x{feff}\x{fff9}-\x{fffc}\x{1d173}-\x{1d17a}"; ++ /* C3 - Private Use */ ++ $chars .= "\x{e000}-\x{f8ff}\x{f0000}-\x{ffffd}\x{100000}-\x{10fffd}"; ++ /* C4 - Non-character code points */ ++ $chars .= "\x{fdd0}-\x{fdef}\x{fffe}\x{ffff}\x{1fffe}\x{1ffff}\x{2fffe}\x{2ffff}\x{3fffe}\x{3ffff}\x{4fffe}\x{4ffff}\x{5fffe}\x{5ffff}\x{6fffe}\x{6ffff}\x{7fffe}\x{7ffff}\x{8fffe}\x{8ffff}\x{9fffe}\x{9ffff}\x{afffe}\x{affff}\x{bfffe}\x{bffff}\x{cfffe}\x{cffff}\x{dfffe}\x{dffff}\x{efffe}\x{effff}\x{ffffe}\x{fffff}\x{10fffe}\x{10ffff}"; ++ /* C5 - Surrogate codes */ ++ $chars .= "\x{d800}-\x{dfff}"; ++ /* C6 - Inappropriate for plain text */ ++ $chars .= "\x{fff9}-\x{fffd}"; ++ /* C7 - Inappropriate for canonical representation */ ++ $chars .= "\x{2ff0}-\x{2ffb}"; ++ /* C8 - Change display properties or are deprecated */ ++ $chars .= "\x{340}\x{341}\x{200e}\x{200f}\x{202a}-\x{202e}\x{206a}-\x{206f}"; ++ /* C9 - Tagging characters */ ++ $chars .= "\x{e0001}\x{e0020}-\x{e007f}"; ++ ++ /* Nodeprep forbids some more characters */ ++ $nodeprepchars = $chars; ++ $nodeprepchars .= "\x{22}\x{26}\x{27}\x{2f}\x{3a}\x{3c}\x{3e}\x{40}"; ++ ++ $parts = explode("/", $jid, 2); ++ if (count($parts) > 1) { ++ $resource = $parts[1]; ++ if ($resource == '') { ++ // Warning: empty resource isn't legit. ++ // But if we're normalizing, we may as well take it... ++ } + } else { ++ $resource = null; ++ } ++ ++ $node = explode("@", $parts[0]); ++ if ((count($node) > 2) || (count($node) == 0)) { ++ throw new Exception("Invalid JID: too many @s"); ++ } else if (count($node) == 1) { ++ $domain = $node[0]; ++ $node = null; ++ } else { ++ $domain = $node[1]; ++ $node = $node[0]; ++ if ($node == '') { ++ throw new Exception("Invalid JID: @ but no node"); ++ } ++ } ++ ++ // Length limits per http://xmpp.org/rfcs/rfc3920.html#addressing ++ if ($node !== null) { ++ if (strlen($node) > 1023) { ++ throw new Exception("Invalid JID: node too long."); ++ } ++ if (preg_match("/[".$nodeprepchars."]/u", $node)) { ++ throw new Exception("Invalid JID node '$node'"); ++ } ++ } ++ ++ if (strlen($domain) > 1023) { ++ throw new Exception("Invalid JID: domain too long."); ++ } ++ if (!common_valid_domain($domain)) { ++ throw new Exception("Invalid JID domain name '$domain'"); ++ } ++ ++ if ($resource !== null) { ++ if (strlen($resource) > 1023) { ++ throw new Exception("Invalid JID: resource too long."); ++ } ++ if (preg_match("/[".$chars."]/u", $resource)) { ++ throw new Exception("Invalid JID resource '$resource'"); ++ } ++ } ++ ++ return array('node' => is_null($node) ? null : mb_strtolower($node), ++ 'domain' => is_null($domain) ? null : mb_strtolower($domain), ++ 'resource' => $resource); ++ } ++ ++ /** ++ * Checks whether a string is a syntactically valid Jabber ID (JID), ++ * either with or without a resource. ++ * ++ * Note that a bare domain can be a valid JID. ++ * ++ * @param string $jid string to check ++ * @param bool $check_domain whether we should validate that domain... ++ * ++ * @return boolean whether the string is a valid JID ++ */ ++ protected function validateFullJid($jid, $check_domain=false) ++ { ++ try { ++ $parts = $this->splitJid($jid); ++ if ($check_domain) { ++ if (!$this->checkDomain($parts['domain'])) { ++ return false; ++ } ++ } ++ return $parts['resource'] !== ''; // missing or present; empty ain't kosher ++ } catch (Exception $e) { ++ return false; ++ } ++ } ++ ++ /** ++ * Checks whether a string is a syntactically valid base Jabber ID (JID). ++ * A base JID won't include a resource specifier on the end; since we ++ * take it off when reading input we can't really use them reliably ++ * to direct outgoing messages yet (sorry guys!) ++ * ++ * Note that a bare domain can be a valid JID. ++ * ++ * @param string $jid string to check ++ * @param bool $check_domain whether we should validate that domain... ++ * ++ * @return boolean whether the string is a valid JID ++ */ ++ protected function validateBaseJid($jid, $check_domain=false) ++ { ++ try { ++ $parts = $this->splitJid($jid); ++ if ($check_domain) { ++ if (!$this->checkDomain($parts['domain'])) { ++ return false; ++ } ++ } ++ return ($parts['resource'] === null); // missing; empty ain't kosher ++ } catch (Exception $e) { ++ return false; ++ } ++ } ++ ++ /** ++ * Normalizes a Jabber ID for comparison, dropping the resource component if any. ++ * ++ * @param string $jid JID to check ++ * @param bool $check_domain if true, reject if the domain isn't findable ++ * ++ * @return string an equivalent JID in normalized (lowercase) form ++ */ ++ ++ function normalize($jid) ++ { ++ try { ++ $parts = $this->splitJid($jid); ++ if ($parts['node'] !== null) { ++ return $parts['node'] . '@' . $parts['domain']; ++ } else { ++ return $parts['domain']; ++ } ++ } catch (Exception $e) { + return null; + } + } + ++ /** ++ * Check if this domain's got some legit DNS record ++ */ ++ protected function checkDomain($domain) ++ { ++ if (checkdnsrr("_xmpp-server._tcp." . $domain, "SRV")) { ++ return true; ++ } ++ if (checkdnsrr($domain, "ANY")) { ++ return true; ++ } ++ return false; ++ } ++ + function daemon_screenname() + { + $ret = $this->user . '@' . $this->server; + if($this->resource) + { + return $ret . '/' . $this->resource; + }else{ + return $ret; + } + } + + function validate($screenname) + { - // Cheap but effective - return Validate::email($screenname); ++ return $this->validateBaseJid($screenname, common_config('email', 'check_domain')); + } + + /** + * Load related modules when needed + * + * @param string $cls Name of the class to be loaded + * + * @return boolean hook value; true means continue processing, false means stop. + */ + + function onAutoload($cls) + { + $dir = dirname(__FILE__); + + switch ($cls) + { + case 'XMPPHP_XMPP': + require_once 'XMPP.php'; + return false; + case 'Sharing_XMPP': + case 'Fake_XMPP': + require_once $dir . '/'.$cls.'.php'; + return false; + case 'XmppManager': + require_once $dir . '/'.strtolower($cls).'.php'; + return false; + default: + return true; + } + } + + function onStartImDaemonIoManagers(&$classes) + { + parent::onStartImDaemonIoManagers(&$classes); + $classes[] = new XmppManager($this); // handles pings/reconnects + return true; + } + + function microiduri($screenname) + { + return 'xmpp:' . $screenname; + } + + function send_message($screenname, $body) + { + $this->fake_xmpp->message($screenname, $body, 'chat'); + $this->enqueue_outgoing_raw($this->fake_xmpp->would_be_sent); + return true; + } + + function send_notice($screenname, $notice) + { + $msg = $this->format_notice($notice); + $entry = $this->format_entry($notice); + + $this->fake_xmpp->message($screenname, $msg, 'chat', null, $entry); + $this->enqueue_outgoing_raw($this->fake_xmpp->would_be_sent); + return true; + } + + /** + * extra information for XMPP messages, as defined by Twitter + * + * @param Profile $profile Profile of the sending user + * @param Notice $notice Notice being sent + * + * @return string Extra information (Atom, HTML, addresses) in string format + */ + + function format_entry($notice) + { + $profile = $notice->getProfile(); + + $entry = $notice->asAtomEntry(true, true); + + $xs = new XMLStringer(); + $xs->elementStart('html', array('xmlns' => 'http://jabber.org/protocol/xhtml-im')); + $xs->elementStart('body', array('xmlns' => 'http://www.w3.org/1999/xhtml')); + $xs->element('a', array('href' => $profile->profileurl), + $profile->nickname); + $xs->text(": "); + if (!empty($notice->rendered)) { + $xs->raw($notice->rendered); + } else { + $xs->raw(common_render_content($notice->content, $notice)); + } + $xs->text(" "); + $xs->element('a', array( + 'href'=>common_local_url('conversation', + array('id' => $notice->conversation)).'#notice-'.$notice->id + ),sprintf(_('[%s]'),$notice->id)); + $xs->elementEnd('body'); + $xs->elementEnd('html'); + + $html = $xs->getString(); + + return $html . ' ' . $entry; + } + + function receive_raw_message($pl) + { + $from = $this->normalize($pl['from']); + + if ($pl['type'] != 'chat') { + common_log(LOG_WARNING, "Ignoring message of type ".$pl['type']." from $from."); + return true; + } + + if (mb_strlen($pl['body']) == 0) { + common_log(LOG_WARNING, "Ignoring message with empty body from $from."); + return true; + } + + return $this->handle_incoming($from, $pl['body']); + } + + function initialize(){ + if(!isset($this->server)){ + throw new Exception("must specify a server"); + } + if(!isset($this->port)){ + throw new Exception("must specify a port"); + } + if(!isset($this->user)){ + throw new Exception("must specify a user"); + } + if(!isset($this->password)){ + throw new Exception("must specify a password"); + } + + $this->fake_xmpp = new Fake_XMPP($this->host ? + $this->host : + $this->server, + $this->port, + $this->user, + $this->password, + $this->resource, + $this->server, + $this->debug ? + true : false, + $this->debug ? + XMPPHP_Log::LEVEL_VERBOSE : null + ); + return true; + } + + function onPluginVersion(&$versions) + { + $versions[] = array('name' => 'XMPP', + 'version' => STATUSNET_VERSION, + 'author' => 'Craig Andrews, Evan Prodromou', + 'homepage' => 'http://status.net/wiki/Plugin:XMPP', + 'rawdescription' => + _m('The XMPP plugin allows users to send and receive notices over the XMPP/Jabber network.')); + return true; + } +} +