mirror of
https://github.com/friendica/friendica
synced 2024-12-23 17:20:16 +00:00
Diaspora: Accept new Salmon format
This commit is contained in:
parent
76d8a3213f
commit
aa88691bc1
3 changed files with 106 additions and 25 deletions
|
@ -174,6 +174,9 @@ class Probe {
|
||||||
return array();
|
return array();
|
||||||
|
|
||||||
$host = $parts["host"];
|
$host = $parts["host"];
|
||||||
|
if (isset($parts["port"])) {
|
||||||
|
$host .= ':'.$parts["port"];
|
||||||
|
}
|
||||||
|
|
||||||
$path_parts = explode("/", trim($parts["path"], "/"));
|
$path_parts = explode("/", trim($parts["path"], "/"));
|
||||||
|
|
||||||
|
@ -334,8 +337,10 @@ class Probe {
|
||||||
|
|
||||||
if (isset($parts["scheme"]) AND isset($parts["host"]) AND isset($parts["path"])) {
|
if (isset($parts["scheme"]) AND isset($parts["host"]) AND isset($parts["path"])) {
|
||||||
|
|
||||||
/// @todo: Ports?
|
|
||||||
$host = $parts["host"];
|
$host = $parts["host"];
|
||||||
|
if (isset($parts["port"])) {
|
||||||
|
$host .= ':'.$parts["port"];
|
||||||
|
}
|
||||||
|
|
||||||
if ($host == 'twitter.com') {
|
if ($host == 'twitter.com') {
|
||||||
return array("network" => NETWORK_TWITTER);
|
return array("network" => NETWORK_TWITTER);
|
||||||
|
|
|
@ -187,7 +187,80 @@ class Diaspora {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief: Decodes incoming Diaspora message
|
* @brief: Decodes incoming Diaspora message in the new format
|
||||||
|
*
|
||||||
|
* @param array $importer Array of the importer user
|
||||||
|
* @param string $raw raw post message
|
||||||
|
*
|
||||||
|
* @return array
|
||||||
|
* 'message' -> decoded Diaspora XML message
|
||||||
|
* 'author' -> author diaspora handle
|
||||||
|
* 'key' -> author public key (converted to pkcs#8)
|
||||||
|
*/
|
||||||
|
public static function decode_raw($importer, $raw) {
|
||||||
|
$data = json_decode($raw);
|
||||||
|
|
||||||
|
// Is it a private post? Then decrypt the outer Salmon
|
||||||
|
if (is_object($data)) {
|
||||||
|
$encrypted_aes_key_bundle = base64_decode($data->aes_key);
|
||||||
|
$ciphertext = base64_decode($data->encrypted_magic_envelope);
|
||||||
|
|
||||||
|
$outer_key_bundle = '';
|
||||||
|
@openssl_private_decrypt($encrypted_aes_key_bundle, $outer_key_bundle, $importer['prvkey']);
|
||||||
|
$j_outer_key_bundle = json_decode($outer_key_bundle);
|
||||||
|
|
||||||
|
if (!is_object($j_outer_key_bundle)) {
|
||||||
|
logger('Outer Salmon did not verify. Discarding.');
|
||||||
|
http_status_exit(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
$outer_iv = base64_decode($j_outer_key_bundle->iv);
|
||||||
|
$outer_key = base64_decode($j_outer_key_bundle->key);
|
||||||
|
|
||||||
|
$xml = diaspora::aes_decrypt($outer_key, $outer_iv, $ciphertext);
|
||||||
|
} else {
|
||||||
|
$xml = $raw;
|
||||||
|
}
|
||||||
|
|
||||||
|
$basedom = parse_xml_string($xml);
|
||||||
|
|
||||||
|
if (!is_object($basedom)) {
|
||||||
|
logger('Received data does not seem to be an XML. Discarding.');
|
||||||
|
http_status_exit(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
$base = $basedom->children(NAMESPACE_SALMON_ME);
|
||||||
|
|
||||||
|
// Not sure if this cleaning is needed
|
||||||
|
$data = str_replace(array(" ", "\t", "\r", "\n"), array("", "", "", ""), $base->data);
|
||||||
|
|
||||||
|
// Build the signed data
|
||||||
|
$type = $base->data[0]->attributes()->type[0];
|
||||||
|
$encoding = $base->encoding;
|
||||||
|
$alg = $base->alg;
|
||||||
|
$signed_data = $data.'.'.base64url_encode($type).'.'.base64url_encode($encoding).'.'.base64url_encode($alg);
|
||||||
|
|
||||||
|
// This is the signature
|
||||||
|
$signature = base64url_decode($base->sig);
|
||||||
|
|
||||||
|
// Get the senders' public key
|
||||||
|
$key_id = $base->sig[0]->attributes()->key_id[0];
|
||||||
|
$author_addr = base64_decode($key_id);
|
||||||
|
$key = diaspora::key($author_addr);
|
||||||
|
|
||||||
|
$verify = rsa_verify($signed_data, $signature, $key);
|
||||||
|
if (!$verify) {
|
||||||
|
logger('Message did not verify. Discarding.');
|
||||||
|
http_status_exit(400);
|
||||||
|
}
|
||||||
|
|
||||||
|
return array('message' => (string)base64url_decode($base->data),
|
||||||
|
'author' => unxmlify($author_addr),
|
||||||
|
'key' => (string)$key);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @brief: Decodes incoming Diaspora message in the deprecated format
|
||||||
*
|
*
|
||||||
* @param array $importer Array of the importer user
|
* @param array $importer Array of the importer user
|
||||||
* @param string $xml urldecoded Diaspora salmon
|
* @param string $xml urldecoded Diaspora salmon
|
||||||
|
@ -202,9 +275,10 @@ class Diaspora {
|
||||||
$public = false;
|
$public = false;
|
||||||
$basedom = parse_xml_string($xml);
|
$basedom = parse_xml_string($xml);
|
||||||
|
|
||||||
if (!is_object($basedom))
|
if (!is_object($basedom)) {
|
||||||
|
logger("XML is not parseable.");
|
||||||
return false;
|
return false;
|
||||||
|
}
|
||||||
$children = $basedom->children('https://joindiaspora.com/protocol');
|
$children = $basedom->children('https://joindiaspora.com/protocol');
|
||||||
|
|
||||||
if ($children->header) {
|
if ($children->header) {
|
||||||
|
|
|
@ -11,8 +11,6 @@ require_once('include/diaspora.php');
|
||||||
|
|
||||||
|
|
||||||
function receive_post(App $a) {
|
function receive_post(App $a) {
|
||||||
|
|
||||||
|
|
||||||
$enabled = intval(get_config('system', 'diaspora_enabled'));
|
$enabled = intval(get_config('system', 'diaspora_enabled'));
|
||||||
if (!$enabled) {
|
if (!$enabled) {
|
||||||
logger('mod-diaspora: disabled');
|
logger('mod-diaspora: disabled');
|
||||||
|
@ -23,12 +21,11 @@ function receive_post(App $a) {
|
||||||
|
|
||||||
if (($a->argc == 2) && ($a->argv[1] === 'public')) {
|
if (($a->argc == 2) && ($a->argv[1] === 'public')) {
|
||||||
$public = true;
|
$public = true;
|
||||||
}
|
} else {
|
||||||
else {
|
|
||||||
|
|
||||||
if($a->argc != 3 || $a->argv[1] !== 'users')
|
if ($a->argc != 3 || $a->argv[1] !== 'users') {
|
||||||
http_status_exit(500);
|
http_status_exit(500);
|
||||||
|
}
|
||||||
$guid = $a->argv[2];
|
$guid = $a->argv[2];
|
||||||
|
|
||||||
$r = q("SELECT * FROM `user` WHERE `guid` = '%s' AND `account_expired` = 0 AND `account_removed` = 0 LIMIT 1",
|
$r = q("SELECT * FROM `user` WHERE `guid` = '%s' AND `account_expired` = 0 AND `account_removed` = 0 LIMIT 1",
|
||||||
|
@ -47,21 +44,26 @@ function receive_post(App $a) {
|
||||||
|
|
||||||
$xml = urldecode($_POST['xml']);
|
$xml = urldecode($_POST['xml']);
|
||||||
|
|
||||||
logger('mod-diaspora: new salmon ' . $xml, LOGGER_DATA);
|
if (!$xml) {
|
||||||
|
$postdata = file_get_contents("php://input");
|
||||||
if(! $xml)
|
if ($postdata == '') {
|
||||||
http_status_exit(500);
|
http_status_exit(500);
|
||||||
|
}
|
||||||
|
|
||||||
logger('mod-diaspora: message is okay', LOGGER_DEBUG);
|
logger('mod-diaspora: message is in the new format', LOGGER_DEBUG);
|
||||||
|
$msg = Diaspora::decode_raw($importer, $postdata);
|
||||||
|
} else {
|
||||||
|
logger('mod-diaspora: message is in the old format', LOGGER_DEBUG);
|
||||||
$msg = Diaspora::decode($importer, $xml);
|
$msg = Diaspora::decode($importer, $xml);
|
||||||
|
}
|
||||||
|
|
||||||
logger('mod-diaspora: decoded', LOGGER_DEBUG);
|
logger('mod-diaspora: decoded', LOGGER_DEBUG);
|
||||||
|
|
||||||
logger('mod-diaspora: decoded msg: ' . print_r($msg, true), LOGGER_DATA);
|
logger('mod-diaspora: decoded msg: ' . print_r($msg, true), LOGGER_DATA);
|
||||||
|
|
||||||
if(! is_array($msg))
|
if (!is_array($msg)) {
|
||||||
http_status_exit(500);
|
http_status_exit(500);
|
||||||
|
}
|
||||||
|
|
||||||
logger('mod-diaspora: dispatching', LOGGER_DEBUG);
|
logger('mod-diaspora: dispatching', LOGGER_DEBUG);
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue