Merge pull request #6 from redmatrix/master

updating from original codebase

.openshift/README.md

@@ -0,0 +1,5 @@
+The OpenShift `php` cartridge documentation can be found at:
+http://openshift.github.io/documentation/oo_cartridge_guide.html#php
+
+For information about .openshift directory, consult the documentation:
+http://openshift.github.io/documentation/oo_user_guide.html#the-openshift-directory

.openshift/action_hooks/README.md

@@ -0,0 +1,3 @@
+For information about action hooks, consult the documentation:
+
+http://openshift.github.io/documentation/oo_user_guide.html#action-hooks

.openshift/action_hooks/deploy

@@ -0,0 +1,178 @@
+#!/bin/bash
+# This deploy hook gets executed after dependencies are resolved and the
+# build hook has been run but before the application has been started back
+# up again. This script gets executed directly, so it could be python, php,
+# ruby, etc.
+
+# Bash help: http://www.panix.com/~elflord/unix/bash-tute.html
+
+# For information about action hooks supported by OpenShift, consult the documentation:
+# http://openshift.github.io/documentation/oo_user_guide.html#the-openshift-directory
+
+####
+
+# Hubzilla specific deploy script
+
+# Place this file in /.openshift/action_hooks/ (The .openshift folder will be in the root of your repo)
+# The file name should be "deploy" such that you have:
+# .openshift/action_hooks/deploy
+
+# Conventions: Vars in curley braces have the slash after implied so no need to add it.
+# e.g. ${OPENSHIFT_REPO_DIR}php/foobar = /repo/php/foobar
+# See all OpenShift vars here:
+# https://www.openshift.com/developers/openshift-environment-variables
+
+# HME - NOTE - leftover from original openshift-drupal-deploy
+# In config.php you can leverage the enviroment variables like this:
+# // Define env vars.
+# if (array_key_exists('OPENSHIFT_APP_NAME', $_SERVER)) {
+#  $src = $_SERVER;
+# } else {
+#  $src = $_ENV;
+# }
+#
+# $conf["file_private_path"] = $src['OPENSHIFT_DATA_DIR'] . "private";
+# $conf["file_temporary_path"] = $src['OPENSHIFT_DATA_DIR'] . "tmp";
+
+
+####
+
+# Start Deploy
+
+echo "Starting Deploy..."
+
+# Let's create the Hubzilla files directory in the Openshift data folder ($OPENSHIFT_DATA_DIR).
+
+echo "Check for the files directory called store, if not created - create it"
+
+if [ ! -d ${OPENSHIFT_DATA_DIR}store ]; then
+mkdir -p ${OPENSHIFT_DATA_DIR}"store/[data]/smarty3"
+echo "Done creating files directory"
+
+else
+
+echo "The files directory called store already exists"
+
+fi
+
+####
+
+# Set permissions on the files directory.
+
+echo "Now chmod 777 -R files"
+
+chmod -R 777 ${OPENSHIFT_DATA_DIR}store
+
+echo "chmod done, permissions set to 777"
+
+####
+
+# Symlink our files folder to the repo.
+
+# Note the "php" directory below seems to be the best way to serve OpenShift files.
+# This is good as that allows us for directories one level above such as tmp and private
+
+echo "Create sym links for writeable directories"
+
+ln -sf ${OPENSHIFT_DATA_DIR}store ${OPENSHIFT_REPO_DIR}store
+
+echo "Files sym links created"
+
+####
+
+# Copy .htconfig.php from the repo, rename it and place it in the data directory.
+# if it's there already, skip it.
+
+if [ ! -f ${OPENSHIFT_DATA_DIR}.htconfig.php ];
+
+then
+
+cp ${OPENSHIFT_REPO_DIR}.htconfig.php ${OPENSHIFT_DATA_DIR}.htconfig.php
+
+echo ".htconfig.php copied."
+
+else
+
+echo "Looks like the .htconfig.php file is already there, we won't overwrite it."
+
+fi
+
+####
+
+# symlink the .htconfig.php file.
+
+echo "Create sym link for .htconfig.php"
+
+ln -sf ${OPENSHIFT_DATA_DIR}.htconfig.php ${OPENSHIFT_REPO_DIR}.htconfig.php
+
+echo ".htconfig.php symlink created"
+
+####
+# Copy .htaccess from the repo, rename it and place it in the data directory.
+# if it's there already, skip it.
+
+if [ ! -f ${OPENSHIFT_DATA_DIR}.htaccess ];
+
+then
+
+cp ${OPENSHIFT_REPO_DIR}.htaccess ${OPENSHIFT_DATA_DIR}.htaccess
+
+echo ".htaccess copied."
+
+else
+
+echo "Looks like the .htaccess file is already there, we won't overwrite it."
+
+fi
+
+####
+
+# symlink the .htaccess file.
+
+echo "Create sym link for .htaccess"
+
+ln -sf ${OPENSHIFT_DATA_DIR}.htaccess ${OPENSHIFT_REPO_DIR}.htaccess
+
+echo ".htaccess symlink created"
+
+####
+
+echo "Check for the poller at .openshift/cron/minutely/poller , if not created - create it"
+
+if [ ! -f ${OPENSHIFT_REPO_DIR}.openshift/cron/minutely/poller ]; then
+printf '%s\n' '#!/bin/bash' 'if [ ! -f $OPENSHIFT_DATA_DIR/last_run ]; then' '  touch $OPENSHIFT_DATA_DIR/last_run' 'fi' 'if [[ $(find $OPENSHIFT_DATA_DIR/last_run -mmin +9) ]]; then #run every 10 mins' '  rm -f $OPENSHIFT_DATA_DIR/last_run' '  touch $OPENSHIFT_DATA_DIR/last_run' '  # The command(s) that you want to run every 10 minutes' 'cd /var/lib/openshift/${OPENSHIFT_APP_UUID}/app-root/repo; /opt/rh/php54/root/usr/bin/php include/poller.php' 'fi' >${OPENSHIFT_REPO_DIR}.openshift/cron/minutely/poller
+echo "Done creating file .openshift/cron/minutely/poller"
+
+else
+
+echo "The poller already exists"
+
+fi
+
+####
+
+# Set permissions on the poller script to make it executable.
+
+echo "Now chmod 777 -R poller"
+
+chmod -R 777 ${OPENSHIFT_REPO}.openshift/cron/minutely/poller
+
+echo "chmod done, permissions set to 777 on poller script."
+
+####
+
+### echo "Check for the hot deploy marker at .openshift/markers/hot_deploy , if not created - create it"
+
+### if [ ! -f ${OPENSHIFT_REPO_DIR}.openshift/markers/hot_deploy ]; then
+
+### touch ${OPENSHIFT_REPO_DIR}.openshift/markers/hot_deploy
+
+### echo "Done creating file .openshift/markers/hot_deploy"
+
+### else
+
+### echo "The hot deploy marker already exists"
+
+### fi
+
+####

.openshift/cron/README.cron

@@ -0,0 +1,27 @@
+Run scripts or jobs on a periodic basis
+=======================================
+Any scripts or jobs added to the minutely, hourly, daily, weekly or monthly
+directories will be run on a scheduled basis (frequency is as indicated by the
+name of the directory) using run-parts.
+
+run-parts ignores any files that are hidden or dotfiles (.*) or backup
+files (*~ or *,)  or named *.{rpmsave,rpmorig,rpmnew,swp,cfsaved}
+
+The presence of two specially named files jobs.deny and jobs.allow controls
+how run-parts executes your scripts/jobs.
+   jobs.deny  ===> Prevents specific scripts or jobs from being executed.
+   jobs.allow ===> Only execute the named scripts or jobs (all other/non-named
+                   scripts that exist in this directory are ignored).
+
+The principles of jobs.deny and jobs.allow are the same as those of cron.deny
+and cron.allow and are described in detail at: 
+   http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/ch-Automating_System_Tasks.html#s2-autotasks-cron-access
+
+See: man crontab or above link for more details and see the the weekly/
+     directory for an example.
+
+PLEASE NOTE: The Cron cartridge must be installed in order to run the configured jobs.
+
+For more information about cron, consult the documentation:
+http://openshift.github.io/documentation/oo_cartridge_guide.html#cron
+http://openshift.github.io/documentation/oo_user_guide.html#cron

.openshift/cron/weekly/README

@@ -0,0 +1,16 @@
+Run scripts or jobs on a weekly basis
+=====================================
+Any scripts or jobs added to this directory will be run on a scheduled basis
+(weekly) using run-parts.
+
+run-parts ignores any files that are hidden or dotfiles (.*) or backup
+files (*~ or *,)  or named *.{rpmsave,rpmorig,rpmnew,swp,cfsaved} and handles
+the files named jobs.deny and jobs.allow specially.
+
+In this specific example, the chronograph script is the only script or job file
+executed on a weekly basis (due to white-listing it in jobs.allow). And the
+README and chrono.dat file are ignored either as a result of being black-listed
+in jobs.deny or because they are NOT white-listed in the jobs.allow file.
+
+For more details, please see ../README.cron file.
+

.openshift/cron/weekly/chrono.dat

@@ -0,0 +1 @@
+Time And Relative D...n In Execution (Open)Shift!

.openshift/cron/weekly/chronograph

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+echo "`date`: `cat $(dirname \"$0\")/chrono.dat`"

.openshift/cron/weekly/jobs.allow

@@ -0,0 +1,12 @@
+#
+#  Script or job files listed in here (one entry per line) will be
+#  executed on a weekly-basis.
+#
+#  Example: The chronograph script will be executed weekly but the README 
+#           and chrono.dat files in this directory will be ignored.
+#
+#           The README file is actually ignored due to the entry in the
+#           jobs.deny which is checked before jobs.allow (this file).
+#
+chronograph
+

.openshift/cron/weekly/jobs.deny

@@ -0,0 +1,7 @@
+#
+#  Any script or job files listed in here (one entry per line) will NOT be
+#  executed (read as ignored by run-parts).
+#
+
+README
+

.openshift/markers/README.md

@@ -0,0 +1,4 @@
+For information about markers, consult the documentation:
+
+http://openshift.github.io/documentation/oo_user_guide.html#markers
+http://openshift.github.io/documentation/oo_cartridge_guide.html#php-markers

include/Contact.php

@@ -319,6 +319,8 @@ function channel_remove($channel_id, $local = true, $unset_session=true) {
 	q("DELETE FROM `pconfig` WHERE `uid` = %d", intval($channel_id));
 	q("DELETE FROM `spam` WHERE `uid` = %d", intval($channel_id));
 
+	// @FIXME At this stage we need to remove the file resources located under /store/$nickname
+
 
 	q("delete from abook where abook_xchan = '%s' and abook_self = 1 ",
 		dbesc($channel['channel_hash'])

include/account.php

@@ -217,6 +217,8 @@ function create_account($arr) {
 	$result['email']    = $email;
 	$result['password'] = $password;
 
+	call_hooks('register_account',$result);
+
 	return $result;
 }
 

include/deliver.php

@@ -29,6 +29,8 @@ function deliver_run($argv, $argc) {
 			 * If not, reduce the outq_priority.
 			 */
 
+			$base = '';
+
 			$h = parse_url($r[0]['outq_posturl']);
 			if($h) {
 				$base = $h['scheme'] . '://' . $h['host'] . (($h['port']) ? ':' . $h['port'] : '');
@@ -76,11 +78,13 @@ function deliver_run($argv, $argc) {
 				$result = z_post_url($r[0]['outq_posturl'],$r[0]['outq_msg']); 
 				if($result['success'] && $result['return_code'] < 300) {
 					logger('deliver: queue post success to ' . $r[0]['outq_posturl'], LOGGER_DEBUG);
+					if($base) {
 						q("update site set site_update = '%s', site_dead = 0 where site_url = '%s' ",
 							dbesc(datetime_convert()),
-						dbesc($site_url)
+							dbesc($base)
 						);
-					q("update dreport set status = '%s', dreport_time = '%s' where dreport_queue = '%s' limit 1",
+					}
+					q("update dreport set dreport_result = '%s', dreport_time = '%s' where dreport_queue = '%s' limit 1",
 						dbesc('accepted for delivery'),
 						dbesc(datetime_convert()),
 						dbesc($argv[$x])

include/enotify.php

@@ -315,9 +315,12 @@ function notification($params) {
 		'epreamble' => $epreamble,
 		'body'      => $body,
 		'sitelink'  => $sitelink,
+		'sitename'  => $sitename,
 		'tsitelink' => $tsitelink,
 		'hsitelink' => $hsitelink,
-		'itemlink'  => $itemlink
+		'itemlink'  => $itemlink,
+		'sender'    => $sender,
+		'recipient' => $recip
 	);
 
 	call_hooks('enotify', $h);

include/items.php

@@ -3522,11 +3522,17 @@ function mail_store($arr) {
 		dbesc($arr['mid']),
 		intval($arr['channel_id'])
 	);
+
 	if($r) {
 		logger('mail_store: duplicate item ignored. ' . print_r($arr,true));
 		return 0;
 	}
 
+	if(! $r && $arr['mail_recalled'] == 1) {
+		logger('mail_store: recalled item not found. ' . print_r($arr,true));
+		return 0;
+	}
+
 	call_hooks('post_mail',$arr);
 
 	if(x($arr,'cancel')) {

include/notifier.php

@@ -605,11 +605,16 @@ function notifier_run($argv, $argc){
 				'request' => $request,
 				'normal_mode' => $normal_mode,
 				'packet_type' => $packet_type,
-				'walltowall' => $walltowall
+				'walltowall' => $walltowall,
+				'queued' => array()
 			);
 
 
 			call_hooks('notifier_hub',$narr);
+			if($narr['queued']) {
+				foreach($narr['queued'] as $pq)
+					$deliveries[] = $pq;
+			}
 			continue;
 
 		}

include/queue.php

@@ -23,6 +23,9 @@ function queue_run($argv, $argc){
 	logger('queue: start');
 
 
+	// delete all queue items more than 3 days old
+	// but first mark these sites dead if we haven't heard from them in a month
+
 	$r = q("select outq_posturl from outq where outq_created < %s - INTERVAL %s",
 		db_utcnow(), db_quoteinterval('3 DAY')
 	);
@@ -85,15 +88,34 @@ function queue_run($argv, $argc){
 		return;
 
 	foreach($r as $rr) {
+
+		$dresult = null;
+
 		if(in_array($rr['outq_posturl'],$deadguys))
 			continue;
 
+		$base = '';
+		$h = parse_url($rr['outq_posturl']);
+		if($h)
+			$base = $h['scheme'] . '://' . $h['host'] . (($h['port']) ? ':' . $h['port'] : '');
+
 		if($rr['outq_driver'] === 'post') {
 			$result = z_post_url($rr['outq_posturl'],$rr['outq_msg']); 
 			if($result['success'] && $result['return_code'] < 300) {
 				logger('queue: queue post success to ' . $rr['outq_posturl'], LOGGER_DEBUG);
+				if($base) {
+					q("update site set site_update = '%s', site_dead = 0 where site_url = '%s' ",
+						dbesc(datetime_convert()),
+						dbesc($base)
+					);
+				}
+				q("update dreport set dreport_result = '%s', dreport_time = '%s' where dreport_queue = '%s' limit 1",
+					dbesc('accepted for delivery'),
+					dbesc(datetime_convert()),
+					dbesc($rr['outq_hash'])
+				);
 				$y = q("delete from outq where outq_hash = '%s'",
-					dbesc($rr['ouq_hash'])
+					dbesc($rr['outq_hash'])
 				);
 			}
 			else {
@@ -102,6 +124,7 @@ function queue_run($argv, $argc){
 					dbesc(datetime_convert()),
 					dbesc($rr['outq_hash'])
 				);
+				$deadguys[] = $rr['outq_posturl'];
 			}
 			continue;
 		}

include/taxonomy.php

@@ -185,7 +185,7 @@ function dir_tagadelic($count = 0) {
 	$count = intval($count);
 
 	// Fetch tags
-	$r = q("select xtag_term, count(xtag_term) as total from xtag
+	$r = q("select xtag_term, count(xtag_term) as total from xtag where xtag_flags = 0
 		group by xtag_term order by total desc %s",
 		((intval($count)) ? "limit $count" : '')
 	);

include/zot.php

@@ -11,6 +11,7 @@
 require_once('include/crypto.php');
 require_once('include/items.php');
 require_once('include/hubloc.php');
+require_once('include/DReport.php');
 
 
 /**
@@ -901,7 +902,7 @@ function import_xchan($arr,$ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
 			$r = q("delete from xprof where xprof_hash = '%s'",
 				dbesc($xchan_hash)
 			);
-			$r = q("delete from xtag where xtag_hash = '%s'",
+			$r = q("delete from xtag where xtag_hash = '%s' and xtag_flags = 0",
 				dbesc($xchan_hash)
 			);
 		}
@@ -1556,7 +1557,6 @@ function allowed_public_recips($msg) {
 function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $request = false) {
 
 	$result = array();
-	require_once('include/DReport.php');
 
 	$result['site'] = z_root();
 
@@ -1569,6 +1569,7 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
 		}
 	}
 
+
 	foreach($deliveries as $d) {
 		$local_public = $public;
 
@@ -1587,11 +1588,21 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
 		$channel = $r[0];
 		$DR->addto_recipient($channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>');
 
-		if($d['hash'] === $sender['hash']) {
-			$DR->update('self delivery ignored');
-			$result[] = $DR->get();
-			continue;
-		}
+		/**
+		 * @FIXME: Somehow we need to block normal message delivery from our clones, as the delivered
+		 * message doesn't have ACL information in it as the cloned copy does. That copy 
+		 * will normally arrive first via sync delivery, but this isn't guaranteed. 
+		 * There's a chance the current delivery could take place before the cloned copy arrives
+		 * hence the item could have the wrong ACL and *could* be used in subsequent deliveries or
+		 * access checks. So far all attempts at identifying this situation precisely
+		 * have caused issues with delivery of relayed comments. 
+		 */
+
+//		if(($d['hash'] === $sender['hash']) && ($sender['url'] !== z_root()) && (! $relay)) {
+//			$DR->update('self delivery ignored');
+//			$result[] = $DR->get();
+//			continue;
+//		}
 
 		// allow public postings to the sys channel regardless of permissions, but not
 		// for comments travelling upstream. Wait and catch them on the way down.
@@ -1949,8 +1960,7 @@ function delete_imported_item($sender, $item, $uid, $relay) {
 	$item_found = false;
 	$post_id = 0;
 
-
-	$r = q("select id, item_deleted from item where ( author_xchan = '%s' or owner_xchan = '%s' or source_xchan = '%s' )
+	$r = q("select id, author_xchan, owner_xchan, source_xchan, item_deleted from item where ( author_xchan = '%s' or owner_xchan = '%s' or source_xchan = '%s' )
 		and mid = '%s' and uid = %d limit 1",
 		dbesc($sender['hash']),
 		dbesc($sender['hash']),
@@ -1958,6 +1968,7 @@ function delete_imported_item($sender, $item, $uid, $relay) {
 		dbesc($item['mid']),
 		intval($uid)
 	);
+
 	if ($r) {
 		if ($r[0]['author_xchan'] === $sender['hash'] || $r[0]['owner_xchan'] === $sender['hash'] || $r[0]['source_xchan'] === $sender['hash'])
 			$ownership_valid = true;
@@ -2031,20 +2042,26 @@ function process_mail_delivery($sender, $arr, $deliveries) {
 	}
 
 	foreach($deliveries as $d) {
+
+		$DR = new DReport(z_root(),$sender['hash'],$d['hash'],$arr['mid']);
+
 		$r = q("select * from channel where channel_hash = '%s' limit 1",
 			dbesc($d['hash'])
 		);
 
 		if(! $r) {
-			$result[] = array($d['hash'],'not found');
+			$DR->update('recipient not found');
+			$result[] = $DR->get();
 			continue;
 		}
 
 		$channel = $r[0];
+		$DR->addto_recipient($channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>');
 
 		if(! perm_is_allowed($channel['channel_id'],$sender['hash'],'post_mail')) {
 			logger("permission denied for mail delivery {$channel['channel_id']}");
-			$result[] = array($d['hash'],'permission denied',$channel['channel_name'],$arr['mid']);
+			$DR->update('permission denied');
+			$result[] = $DR->get();
 			continue;
 		}
 
@@ -2058,11 +2075,13 @@ function process_mail_delivery($sender, $arr, $deliveries) {
 					intval($r[0]['id']),
 					intval($channel['channel_id'])
 				);
-				$result[] = array($d['hash'],'mail recalled',$channel['channel_name'],$arr['mid']);
+				$DR->update('mail recalled');
+				$result[] = $DR->get();
 				logger('mail_recalled');
 			}
 			else {
-				$result[] = array($d['hash'],'duplicate mail received',$channel['channel_name'],$arr['mid']);
+				$DR->update('duplicate mail received');
+				$result[] = $DR->get();
 				logger('duplicate mail received');
 			}
 			continue;
@@ -2071,7 +2090,8 @@ function process_mail_delivery($sender, $arr, $deliveries) {
 			$arr['account_id'] = $channel['channel_account_id'];
 			$arr['channel_id'] = $channel['channel_id'];
 			$item_id = mail_store($arr);
-			$result[] = array($d['hash'],'mail delivered',$channel['channel_name'],$arr['mid']);
+			$DR->update('mail delivered');
+			$result[] = $DR->get();
 		}
 	}
 
@@ -2392,6 +2412,9 @@ function sync_locations($sender, $arr, $absolute = false) {
 			}
 		}
 	}
+	else {
+		logger('No locations to sync!');
+	}
 
 	$ret['change_message'] = $what;
 	$ret['changed'] = $changed;
@@ -2577,7 +2600,7 @@ function import_directory_profile($hash, $profile, $addr, $ud_flags = UPDATE_FLA
 function import_directory_keywords($hash, $keywords) {
 
 	$existing = array();
-	$r = q("select * from xtag where xtag_hash = '%s'",
+	$r = q("select * from xtag where xtag_hash = '%s' and xtag_flags = 0",
 		dbesc($hash)
 	);
 
@@ -2595,14 +2618,14 @@ function import_directory_keywords($hash, $keywords) {
 
 	foreach($existing as $x) {
 		if(! in_array($x, $clean))
-			$r = q("delete from xtag where xtag_hash = '%s' and xtag_term = '%s'",
+			$r = q("delete from xtag where xtag_hash = '%s' and xtag_term = '%s' and xtag_flags = 0",
 				dbesc($hash),
 				dbesc($x)
 			);
 	}
 	foreach($clean as $x) {
 		if(! in_array($x, $existing)) {
-			$r = q("insert into xtag ( xtag_hash, xtag_term) values ( '%s' ,'%s' )",
+			$r = q("insert into xtag ( xtag_hash, xtag_term, xtag_flags) values ( '%s' ,'%s', 0 )",
 				dbesc($hash),
 				dbesc($x)
 			);
@@ -2768,7 +2791,7 @@ function import_site($arr, $pubkey) {
 	else {
 		$update = true;
 		$r = q("insert into site ( site_location, site_url, site_access, site_flags, site_update, site_directory, site_register, site_sellpage, site_realm, site_type )
-			values ( '%s', '%s', %d, %d, '%s', '%s', %d, '%s', '%s' )",
+			values ( '%s', '%s', %d, %d, '%s', '%s', %d, '%s', '%s', %d )",
 			dbesc($site_location),
 			dbesc($url),
 			intval($access_policy),
@@ -3783,7 +3806,73 @@ function zotinfo($arr) {
 		$ret['site']['realm'] = get_directory_realm();
 
 	}
+
+	check_zotinfo($e,$x,$ret);
+
+
 	call_hooks('zot_finger',$ret);
 	return($ret);
 
 }
+
+
+function check_zotinfo($channel,$locations,&$ret) {
+
+
+//	logger('locations: ' . print_r($locations,true),LOGGER_DATA);
+
+	// This function will likely expand as we find more things to detect and fix.
+	// 1. Because magic-auth is reliant on it, ensure that the system channel has a valid hubloc
+	//    Force this to be the case if anything is found to be wrong with it. 
+
+	// @FIXME ensure that the system channel exists in the first place and has an xchan
+
+	if($channel['channel_system']) {
+		// the sys channel must have a location (hubloc)
+		$valid_location = false;
+		if((count($locations) === 1) && ($locations[0]['primary']) && (! $locations[0]['deleted'])) {
+			if((rsa_verify($locations[0]['url'],base64url_decode($locations[0]['url_sig']),$channel['channel_pubkey']))
+				&& ($locations[0]['sitekey'] === get_config('system','pubkey'))
+				&& ($locations[0]['url'] === z_root()))
+				$valid_location = true;
+			else
+				logger('sys channel: invalid url signature');
+		}
+
+		if((! $locations) || (! $valid_location)) {
+
+			logger('System channel locations are not valid. Attempting repair.');
+
+			// Don't trust any existing records. Just get rid of them, but only do this 
+			// for the sys channel as normal channels will be trickier.
+ 
+			q("delete from hubloc where hubloc_hash = '%s'",
+				dbesc($channel['channel_hash'])
+			);
+			$r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_primary,
+				hubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey, hubloc_network )
+				values ( '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s' )",
+				dbesc($channel['channel_guid']),
+				dbesc($channel['channel_guid_sig']),
+				dbesc($channel['channel_hash']),
+				dbesc($channel['channel_address'] . '@' . get_app()->get_hostname()),
+				intval(1),
+				dbesc(z_root()),
+				dbesc(base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey']))),
+				dbesc(get_app()->get_hostname()),
+				dbesc(z_root() . '/post'),
+				dbesc(get_config('system','pubkey')),
+				dbesc('zot')
+			);
+			if($r) {
+				$x = zot_encode_locations($channel);
+				if($x) {
+					$ret['locations'] = $x;
+				}
+			}
+			else {
+				logger('Unable to store sys hub location');
+			}
+		}
+	}
+}

library/cacert.pem

@@ -1,7 +1,7 @@
 ##
 ## Bundle of CA Root Certificates
 ##
-## Certificate data from Mozilla as of: Wed Apr 22 03:12:04 2015
+## Certificate data from Mozilla as of: Wed Sep  2 18:30:34 2015
 ##
 ## This is a bundle of X.509 certificates of public Certificate Authorities
 ## (CA). These were automatically extracted from Mozilla's root certificates

library/certs/README.md

@@ -1 +1,12 @@
 This directory contains *browser valid* certs for use with hubzilla when using curl (server to server communication). The cacert.pem file in this directory is downloaded (when necessary) from the curl repository and tracks the Mozilla built-in certs. Additionally we've discovered we occasionally require intermediate certs from some cert providers which Mozilla and other browsers obtain automatically but curl does not. You may add these here if required. All these files are concatenated to create the library/cacert.pem file which we will use.  
+
+Obtain the converted mozilla certs here:
+http://curl.haxx.se/docs/caextract.html
+
+Store as cacert.pem in this directory and then
+
+cat *.pem > ../cacert.pem
+
+to generate the master file in /library/cacert.pem
+
+

library/certs/cacert.pem

@@ -1,7 +1,7 @@
 ##
 ## Bundle of CA Root Certificates
 ##
-## Certificate data from Mozilla as of: Wed Apr 22 03:12:04 2015
+## Certificate data from Mozilla as of: Wed Sep  2 18:30:34 2015
 ##
 ## This is a bundle of X.509 certificates of public Certificate Authorities
 ## (CA). These were automatically extracted from Mozilla's root certificates

mod/dreport.php

@@ -7,15 +7,45 @@ function dreport_content(&$a) {
 		return;
 	}
 
+	$table = 'item';
+
 	$channel = $a->get_channel();
 	
 	$mid = ((argc() > 1) ? argv(1) : '');
 
+	if($mid === 'mail') {
+		$table = 'mail';
+		$mid = ((argc() > 2) ? argv(2) : '');
+	}
+
+
 	if(! $mid) {
 		notice( t('Invalid message') . EOL);
 		return;
 	}
 
+	switch($table) {
+		case 'item':
+			$i = q("select id from item where mid = '%s' and author_xchan = '%s' ",
+				dbesc($mid),
+				dbesc($channel['channel_hash'])
+			);
+			break;
+		case 'mail':
+			$i = q("select id from mail where mid = '%s' and from_xchan = '%s'",
+				dbesc($mid),
+				dbesc($channel['channel_hash'])
+			);
+			break;
+		default:
+			break;
+	}
+
+	if(! $i) {
+		notice( t('Permission denied') . EOL);
+		return;
+	}
+	
 	$r = q("select * from dreport where dreport_xchan = '%s' and dreport_mid = '%s'",
 		dbesc($channel['channel_hash']),
 		dbesc($mid)
@@ -33,6 +63,11 @@ function dreport_content(&$a) {
 	for($x = 0; $x < count($r); $x++ ) {
 		$r[$x]['name'] = escape_tags(substr($r[$x]['dreport_recip'],strpos($r[$x]['dreport_recip'],' ')));
 
+		// This has two purposes: 1. make the delivery report strings translateable, and
+		// 2. assign an ordering to item delivery results so we can group them and provide
+		// a readable report with more interesting events listed toward the top and lesser
+		// interesting items towards the bottom
+
 		switch($r[$x]['dreport_result']) {
 			case 'channel sync processed':
 				$r[$x]['gravity'] = 0;
@@ -61,6 +96,18 @@ function dreport_content(&$a) {
 				$r[$x]['dreport_result'] = t('permission denied');
 				$r[$x]['gravity'] = 6;
 				break;
+			case 'recipient not found':
+				$r[$x]['dreport_result'] = t('recipient not found');
+				break;
+			case 'mail recalled':
+				$r[$x]['dreport_result'] = t('mail recalled');
+				break;
+			case 'duplicate mail received':
+				$r[$x]['dreport_result'] = t('duplicate mail received');
+				break;
+			case 'mail delivered':
+				$r[$x]['dreport_result'] = t('mail delivered');
+				break;
 			default:
 				$r[$x]['gravity'] = 1;
 				break;

mod/item.php

@@ -372,13 +372,24 @@ function item_post(&$a) {
 
 	}
 	else {
-		if((! $walltowall) && 
-			((array_key_exists('contact_allow',$_REQUEST))
+		if(! $walltowall) {
+			if((array_key_exists('contact_allow',$_REQUEST))
 				|| (array_key_exists('group_allow',$_REQUEST))
 				|| (array_key_exists('contact_deny',$_REQUEST))
-			|| (array_key_exists('group_deny',$_REQUEST)))) {
+				|| (array_key_exists('group_deny',$_REQUEST))) {
 				$acl->set_from_array($_REQUEST);
 			}
+			elseif(! $api_source) {
+
+				// if no ACL has been defined and we aren't using the API, the form
+				// didn't send us any parameters. This means there's no ACL or it has
+				// been reset to the default audience.
+				// If $api_source is set and there are no ACL parameters, we default
+				// to the channel permissions which were set in the ACL contructor.
+
+				$acl->set(array('allow_cid' => '', 'allow_gid' => '', 'deny_cid' => '', 'deny_gid' => ''));
+			}
+		}
 
 
 		$location          = notags(trim($_REQUEST['location']));

mod/mail.php

@@ -324,6 +324,7 @@ function mail_content(&$a) {
 		$mails[] = array(
 			'mailbox' => $mailbox,
 			'id' => $message['id'],
+			'mid' => $message['mid'],
 			'from_name' => $message['from']['xchan_name'],
 			'from_url' =>  chanlink_hash($message['from_xchan']),
 			'from_photo' => $message['from']['xchan_photo_s'],
@@ -333,6 +334,7 @@ function mail_content(&$a) {
 			'subject' => $message['title'],
 			'body' => smilies(bbcode($message['body']) . $s),
 			'delete' => t('Delete message'),
+			'dreport' => t('Delivery report'),
 			'recall' => t('Recall message'),
 			'can_recall' => (($channel['channel_hash'] == $message['from_xchan']) ? true : false),
 			'is_recalled' => (intval($message['mail_recalled']) ? t('Message has been recalled.') : ''),

version.inc

@@ -1 +1 @@
-2015-09-28.1169
+2015-10-01.1172

view/tpl/locmanage.tpl

@@ -12,15 +12,15 @@ function drophub(id) {
 <table>
 <tr><td>{{$loc}}</td><td>{{$mkprm}}</td><td>{{$drop}}</td></tr>
 {{foreach $hubs as $hub}}
+{{if ! $hub.deleted }}
 <tr><td>
-{{if $hub.deleted}}<strike>{{/if}}
-{{$hub.hubloc_url}} ({{$hub.hubloc_addr}}){{if $hub.deleted}}</strike>{{/if}}</td>
+{{$hub.hubloc_url}} ({{$hub.hubloc_addr}})</td>
 <td>
-
 {{if $hub.primary}}<button class="btn btn-std"><i class="icon-check"></i></button>{{else}}<button class="btn btn-std" onclick="primehub({{$hub.hubloc_id}}); return false;" ><i class="icon-check-empty"  ></i></button>{{/if}}
 </td>
-<td>{{if ! $hub.deleted}}<button class="btn btn-std" onclick="drophub({{$hub.hubloc_id}}); return false;"><i class="icon-trash"></i></button>{{/if}}</td>
+<td><button class="btn btn-std" onclick="drophub({{$hub.hubloc_id}}); return false;"><i class="icon-trash"></i></button></td>
 </tr>
+{{/if}}
 {{/foreach}}
 </table>
 

view/tpl/mail_conv.tpl

@@ -9,6 +9,7 @@
 		<div class="mail-conv-body">{{$mail.body}}</div>
 		<div class="btn-group pull-right" id="mail-conv-delete-wrapper-{{$mail.id}}" >
 			{{if $mail.can_recall}}
+			<a href="dreport/mail/{{$mail.mid}}" title="{{$mail.dreport}}" id="mail-conv-dreport-icon-{{$mail.id}}" class="btn btn-default" ><i class="icon-barcode mail-icons"></i></a>
 			<a href="mail/{{$mail.mailbox}}/recall/{{$mail.id}}" title="{{$mail.recall}}" id="mail-conv-recall-icon-{{$mail.id}}" class="btn btn-default" ><i class="icon-undo mail-icons"></i></a>
 			{{/if}}
 			<a href="#" onclick="dropItem('mail/{{$mail.mailbox}}/drop/{{$mail.id}}', '#mail-{{$mail.id}}'); return false;" title="{{$mail.delete}}" id="mail-conv-delete-icon-{{$mail.id}}" class="btn btn-default" ><i class="icon-trash mail-icons"></i></a>

view/tpl/opensearch.tpl

@@ -1,10 +1,10 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <OpenSearchDescription xmlns="http://a9.com/-/spec/opensearch/1.1/">
 	<ShortName>Hubzilla@{{$nodename}}</ShortName>
-	<Description>Search in The Hubzilla@{{$nodename}}</Description>
-	<Contact>http://github.com/friendica/red/</Contact>
-	<Image height="16" width="16" type="image/png">{{$baseurl}}/images/rm-16.png</Image>
-	<Image height="64" width="64" type="image/png">{{$baseurl}}/images/rm-64.png</Image>
+	<Description>Search in Hubzilla@{{$nodename}}</Description>
+	<Contact>http://github.com/redmatrix/hubzilla/</Contact>
+	<Image height="16" width="16" type="image/png">{{$baseurl}}/images/hz-16.png</Image>
+	<Image height="64" width="64" type="image/png">{{$baseurl}}/images/hz-64.png</Image>
 	<Url type="text/html" 
         template="{{$baseurl}}/search?search={searchTerms}"/>
 	<Url type="application/opensearchdescription+xml"

zot

@@ -0,0 +1 @@
+Subproject commit d94e61a7b627381715751fb6cb6c0cecf7ece3f9