Merge pull request #10508 from annando/loop-prevention

Prevent endless loop when updating contact by probe
2024-11-10 03:42:53 +00:00 · 2021-07-19 10:21:10 -04:00 · 2021-07-19 10:21:10 -04:00 · 7cbe1e3ca2
commit 7cbe1e3ca2
parent 0dd94e8fd5 d2408c1f1b
7 changed files with 137 additions and 76 deletions
--- a/src/Model/APContact.php
+++ b/src/Model/APContact.php
@ -31,11 +31,13 @@ use Friendica\DI;
 use Friendica\Network\Probe;
 use Friendica\Protocol\ActivityNamespace;
 use Friendica\Protocol\ActivityPub;
+use Friendica\Protocol\ActivityPub\Transmitter;
 use Friendica\Util\Crypto;
 use Friendica\Util\DateTimeFormat;
 use Friendica\Util\HTTPSignature;
 use Friendica\Util\JsonLD;
 use Friendica\Util\Network;
+use Friendica\Util\Strings;

 class APContact
 {
@ -52,6 +54,20 @@ class APContact
 			return [];
 		}

+		if (Contact::isLocal($addr) && ($local_uid = User::getIdForURL($addr)) && ($local_owner = User::getOwnerDataById($local_uid))) {
+			$data = [
+				'addr'      => $local_owner['addr'],
+				'baseurl'   => $local_owner['baseurl'],
+				'url'       => $local_owner['url'],
+				'subscribe' => $local_owner['baseurl'] . '/follow?url={uri}'];
+
+			if (!empty($local_owner['alias']) && ($local_owner['url'] != $local_owner['alias'])) {
+				$data['alias'] = $local_owner['alias'];
+			}
+
+			return $data;
+		}
+
 		$data = ['addr' => $addr];
 		$template = 'https://' . $addr_parts[1] . '/.well-known/webfinger?resource=acct:' . urlencode($addr);
 		$webfinger = Probe::webfinger(str_replace('{uri}', urlencode($addr), $template), 'application/jrd+json');
@ -148,6 +164,27 @@ class APContact
 			$url = $apcontact['url'];
 		}

+		// Detect multiple fast repeating request to the same address
+		// See https://github.com/friendica/friendica/issues/9303
+		$cachekey = 'apcontact:getByURL:' . $url;
+		$result = DI::cache()->get($cachekey);
+		if (!is_null($result)) {
+			Logger::notice('Multiple requests for the address', ['url' => $url, 'update' => $update, 'callstack' => System::callstack(20), 'result' => $result]);
+			if (!empty($fetched_contact)) {
+				return $fetched_contact;
+			}
+		} else {
+			DI::cache()->set($cachekey, System::callstack(20), Duration::FIVE_MINUTES);
+		}
+
+		if (Network::isLocalLink($url) && ($local_uid = User::getIdForURL($url))) {
+			$data  = Transmitter::getProfile($local_uid);
+			$local_owner = User::getOwnerDataById($local_uid);
+		}
+
+		if (empty($data)) {
+			$local_owner = [];
+
 			$curlResult = HTTPSignature::fetchRaw($url);
 			$failed = empty($curlResult) || empty($curlResult->getBody()) ||
 				(!$curlResult->isSuccess() && ($curlResult->getReturnCode() != 410));
@ -165,22 +202,13 @@ class APContact
 				self::markForArchival($fetched_contact ?: []);
 				return $fetched_contact;
 			}
+		}

 		$compacted = JsonLD::compact($data);
 		if (empty($compacted['@id'])) {
 			return $fetched_contact;
 		}

-		// Detect multiple fast repeating request to the same address
-		// See https://github.com/friendica/friendica/issues/9303
-		$cachekey = 'apcontact:getByURL:' . $url;
-		$result = DI::cache()->get($cachekey);
-		if (!is_null($result)) {
-			Logger::notice('Multiple requests for the address', ['url' => $url, 'update' => $update, 'callstack' => System::callstack(20), 'result' => $result]);
-		} else {
-			DI::cache()->set($cachekey, System::callstack(20), Duration::FIVE_MINUTES);
-		}
-
 		$apcontact['url'] = $compacted['@id'];
 		$apcontact['uuid'] = JsonLD::fetchElement($compacted, 'diaspora:guid', '@value');
 		$apcontact['type'] = str_replace('as:', '', JsonLD::fetchElement($compacted, '@type'));
@ -264,7 +292,11 @@ class APContact
 		}

 		if (!empty($apcontact['following'])) {
+			if (!empty($local_owner)) {
+				$following = ActivityPub\Transmitter::getContacts($local_owner, [Contact::SHARING, Contact::FRIEND], 'following');
+			} else {
 				$following = ActivityPub::fetchContent($apcontact['following']);
+			}
 			if (!empty($following['totalItems'])) {
 				// Mastodon seriously allows for this condition?
 				// Jul 14 2021 - See https://mastodon.social/@BLUW for a negative following count
@ -276,7 +308,11 @@ class APContact
 		}

 		if (!empty($apcontact['followers'])) {
+			if (!empty($local_owner)) {
+				$followers = ActivityPub\Transmitter::getContacts($local_owner, [Contact::FOLLOWER, Contact::FRIEND], 'followers');
+			} else {
 				$followers = ActivityPub::fetchContent($apcontact['followers']);
+			}
 			if (!empty($followers['totalItems'])) {
 				// Mastodon seriously allows for this condition?
 				// Jul 14 2021 - See https://mastodon.online/@goes11 for a negative followers count
@ -288,7 +324,11 @@ class APContact
 		}

 		if (!empty($apcontact['outbox'])) {
+			if (!empty($local_owner)) {
+				$outbox = ActivityPub\Transmitter::getOutbox($local_owner);
+			} else {
 				$outbox = ActivityPub::fetchContent($apcontact['outbox']);
+			}
 			if (!empty($outbox['totalItems'])) {
 				$apcontact['statuses_count'] = $outbox['totalItems'];
 			}
--- a/src/Model/Contact.php
+++ b/src/Model/Contact.php
@ -453,6 +453,11 @@ class Contact
 	 */
 	public static function isLocal($url)
 	{
+		if (!parse_url($url, PHP_URL_SCHEME)) {
+			$addr_parts = explode('@', $url);
+			return (count($addr_parts) == 2) && ($addr_parts[1] == DI::baseUrl()->getHostname());
+		}
+
 		return Strings::compareLink(self::getBasepath($url, true), DI::baseUrl());
 	}

@ -1808,7 +1813,7 @@ class Contact

 		// User contacts use are updated through the public contacts
 		if (($uid != 0) && !in_array($contact['network'], [Protocol::FEED, Protocol::MAIL])) {
-			$pcid = self::getIdForURL($contact['url'], false);
+			$pcid = self::getIdForURL($contact['url'], 0, false);
 			if (!empty($pcid)) {
 				Logger::debug('Update the private contact via the public contact', ['id' => $cid, 'uid' => $uid, 'public' => $pcid]);
 				self::updateAvatar($pcid, $avatar, $force, true);
@ -2117,7 +2122,7 @@ class Contact
 		}

 		if (Strings::normaliseLink($ret['url']) != Strings::normaliseLink($contact['url'])) {
-			$cid = self::getIdForURL($ret['url']);
+			$cid = self::getIdForURL($ret['url'], 0, false);
 			if (!empty($cid) && ($cid != $id)) {
 				Logger::notice('URL of contact changed.', ['id' => $id, 'new_id' => $cid, 'old' => $contact['url'], 'new' => $ret['url']]);
 				return self::updateFromProbeArray($cid, $ret);
--- a/src/Model/Photo.php
+++ b/src/Model/Photo.php
@ -804,30 +804,33 @@ class Photo
 	}

 	/**
-	 * Returns the GUID from picture links
+	 * Fetch the guid and scale from picture links
 	 *
 	 * @param string $name Picture link
-	 * @return string GUID
-	 * @throws \Exception
+	 * @return array
 	 */
-	public static function getGUID($name)
+	public static function getResourceData(string $name):array
 	{
 		$base = DI::baseUrl()->get();

 		$guid = str_replace([Strings::normaliseLink($base), '/photo/'], '', Strings::normaliseLink($name));

+		if (parse_url($guid, PHP_URL_SCHEME)) {
+			return [];
+		}
+
 		$guid = self::stripExtension($guid);
 		if (substr($guid, -2, 1) != "-") {
-			return '';
+			return [];
 		}

 		$scale = intval(substr($guid, -1, 1));
 		if (!is_numeric($scale)) {
-			return '';
+			return [];
 		}

 		$guid = substr($guid, 0, -2);
-		return $guid;
+		return ['guid' => $guid, 'scale' => $scale];
 	}

 	/**
@ -839,13 +842,12 @@ class Photo
 	 */
 	public static function isLocal($name)
 	{
-		$guid = self::getGUID($name);
-
-		if (empty($guid)) {
+		$data = self::getResourceData($name);
+		if (empty($data)) {
 			return false;
 		}

-		return DBA::exists('photo', ['resource-id' => $guid]);
+		return DBA::exists('photo', ['resource-id' => $data['guid'], 'scale' => $data['scale']]);
 	}

 	/**
--- a/src/Network/HTTPRequest.php
+++ b/src/Network/HTTPRequest.php
@ -74,6 +74,10 @@ class HTTPRequest implements IHTTPRequest
 	{
 		$stamp1 = microtime(true);

+		if (Network::isLocalLink($url)) {
+			$this->logger->info('Local link', ['url' => $url, 'callstack' => System::callstack(20)]);
+		}
+
 		if (strlen($url) > 1000) {
 			$this->logger->debug('URL is longer than 1000 characters.', ['url' => $url, 'callstack' => System::callstack(20)]);
 			$this->profiler->saveTimestamp($stamp1, 'network');
@ -226,6 +230,10 @@ class HTTPRequest implements IHTTPRequest
 	{
 		$stamp1 = microtime(true);

+		if (Network::isLocalLink($url)) {
+			$this->logger->info('Local link', ['url' => $url, 'callstack' => System::callstack(20)]);
+		}
+
 		if (Network::isUrlBlocked($url)) {
 			$this->logger->info('Domain is blocked.' . ['url' => $url]);
 			$this->profiler->saveTimestamp($stamp1, 'network');
@ -328,6 +336,10 @@ class HTTPRequest implements IHTTPRequest
 	 */
 	public function finalUrl(string $url, int $depth = 1, bool $fetchbody = false)
 	{
+		if (Network::isLocalLink($url)) {
+			$this->logger->info('Local link', ['url' => $url, 'callstack' => System::callstack(20)]);
+		}
+
 		if (Network::isUrlBlocked($url)) {
 			$this->logger->info('Domain is blocked.', ['url' => $url]);
 			return $url;
--- a/src/Network/Probe.php
+++ b/src/Network/Probe.php
@ -333,7 +333,7 @@ class Probe
 	public static function uri($uri, $network = '', $uid = -1)
 	{
 		// Local profiles aren't probed via network
-		if (empty($network) && strpos($uri, DI::baseUrl()->getHostname())) {
+		if (empty($network) && Contact::isLocal($uri)) {
 			$data = self::localProbe($uri);
 			if (!empty($data)) {
 				return $data;
@ -2201,20 +2201,9 @@ class Probe
 	 */
 	private static function localProbe(string $url)
 	{
-		$uid = User::getIdForURL($url);
-		if (empty($uid)) {
-			return [];
-		}
-
+		if ($uid = User::getIdForURL($url)) {
 			$profile   = User::getOwnerDataById($uid);
-		if (empty($profile)) {
-			return [];
-		}
-
 			$approfile = ActivityPub\Transmitter::getProfile($uid);
-		if (empty($approfile)) {
-			return [];
-		}

 			if (empty($profile['gsid'])) {
 				$profile['gsid'] = GServer::getID($approfile['generator']['url']);
@ -2234,6 +2223,11 @@ class Probe
 				'sharedinbox' => $approfile['endpoints']['sharedInbox'], 'network' => Protocol::DFRN, 
 				'pubkey' => $profile['upubkey'], 'baseurl' => $approfile['generator']['url'], 'gsid' => $profile['gsid'],
 				'manually-approve' => in_array($profile['page-flags'], [User::PAGE_FLAGS_NORMAL, User::PAGE_FLAGS_PRVGROUP])];
+		} else {
+			// Default values for non existing targets
+			$data = ['name' => $url, 'nick' => $url, 'url' => $url, 'network' => Protocol::PHANTOM,
+				'photo' => DI::baseUrl() . Contact::DEFAULT_AVATAR_PHOTO];
+		}
 		return self::rearrangeData($data);		
 	}
 }
--- a/src/Protocol/ActivityPub.php
+++ b/src/Protocol/ActivityPub.php
@ -22,8 +22,6 @@
 namespace Friendica\Protocol;

 use Friendica\Core\Protocol;
-use Friendica\Database\DBA;
-use Friendica\DI;
 use Friendica\Model\APContact;
 use Friendica\Model\User;
 use Friendica\Util\HTTPSignature;
--- a/src/Util/Images.php
+++ b/src/Util/Images.php
@ -22,8 +22,8 @@
 namespace Friendica\Util;

 use Friendica\Core\Logger;
-use Friendica\Core\System;
 use Friendica\DI;
+use Friendica\Model\Photo;

 /**
 * Image utilities
@ -184,7 +184,17 @@ class Images
 			return $data;
 		}

+		if (Network::isLocalLink($url) && ($data = Photo::getResourceData($url))) {
+			$photo = Photo::selectFirst([], ['resource-id' => $data['guid'], 'scale' => $data['scale']]);
+			if (!empty($photo)) {
+				$img_str = Photo::getImageDataForPhoto($photo);
+			}
+			// @todo Possibly add a check for locally stored files
+		}
+
+		if (empty($img_str)) {
 			$img_str = DI::httpRequest()->fetch($url, 4);
+		}

 		if (!$img_str) {
 			return [];