better re-install detection/protection. This necessitated a slight protocol change but should not introduce any compatibility issues with older software. Things just work better if you use an up-to-date server.

include/zot.php

@@ -117,7 +117,8 @@ function zot_build_packet($channel, $type = 'notify', $recipients = null, $remot
 			'guid' => $channel['channel_guid'],
 			'guid_sig' => base64url_encode(rsa_sign($channel['channel_guid'],$channel['channel_prvkey'])),
 			'url' => z_root(),
-			'url_sig' => base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey']))
+			'url_sig' => base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey'])),
+			'sitekey' => get_config('system','pubkey')
 		),
 		'callback' => '/post',
 		'version' => ZOT_REVISION
@@ -569,11 +570,12 @@ function zot_gethub($arr,$multiple = false) {
 		}
 
 		$limit = (($multiple) ? '' : ' limit 1 ');
-
+		$sitekey = ((array_key_exists('sitekey',$arr) && $arr['sitekey']) ? " and hubloc_sitekey = '" . protect_sprintf($arr['sitekey']) . "' " : '');
+ 
 		$r = q("select * from hubloc
 				where hubloc_guid = '%s' and hubloc_guid_sig = '%s'
 				and hubloc_url = '%s' and hubloc_url_sig = '%s'
-				$limit",
+				$sitekey $limit",
 			dbesc($arr['guid']),
 			dbesc($arr['guid_sig']),
 			dbesc($arr['url']),

mod/post.php

@@ -682,45 +682,57 @@ function post_post(&$a) {
 
 	foreach($hubs as $hub) {
 
+		$sitekey = $hub['hubloc_sitekey'];
+
+		if(array_key_exists('sitekey',$sender) && $sender['sitekey']) {
+
+			/*
+			 * This hub has now been proven to be valid.
+			 * Any hub with the same URL and a different sitekey cannot be valid.
+			 * Get rid of them (mark them deleted). There's a good chance they were re-installs.
+			 */
+	
+			q("update hubloc set hubloc_deleted = 1, hubloc_error = 1 where hubloc_url = '%s' and hubloc_sitekey != '%s' ",
+				dbesc($hub['hubloc_url']),
+				dbesc($sender['sitekey'])
+			);
+
+			$sitekey = $sender['sitekey'];
+		}
+
+		// $sender['sitekey'] is a new addition to the protcol to distinguish 
+		// hublocs coming from re-installed sites. Older sites will not provide
+		// this field and we have to still mark them valid, since we can't tell
+		// if this hubloc has the same sitekey as the packet we received.
+
 		// Update our DB to show when we last communicated successfully with this hub
 		// This will allow us to prune dead hubs from using up resources
 
-		$r = q("update hubloc set hubloc_connected = '%s' where hubloc_id = %d",
+		$r = q("update hubloc set hubloc_connected = '%s' where hubloc_id = %d and hubloc_sitekey = '%s' ",
 			dbesc(datetime_convert()),
-			intval($hub['hubloc_id'])
+			intval($hub['hubloc_id']),
+			dbesc($sitekey)
 		);
 
 		// a dead hub came back to life - reset any tombstones we might have
 
 		if(intval($hub['hubloc_error'])) {
-			q("update hubloc set hubloc_error = 0 where hubloc_id = %d",
-				intval($hub['hubloc_id'])		
+			q("update hubloc set hubloc_error = 0 where hubloc_id = %d and hubloc_sitekey = '%s' ",
+				intval($hub['hubloc_id']),
+				dbesc($sitekey)		
 			);
 			if(intval($r[0]['hubloc_orphancheck'])) {
-				q("update hubloc set hubloc_orhpancheck = 0 where hubloc_id = %d",
-					intval($hub['hubloc_id'])
+				q("update hubloc set hubloc_orhpancheck = 0 where hubloc_id = %d and hubloc_sitekey = '%s' ",
+					intval($hub['hubloc_id']),
+					dbesc($sitekey)
 				);
 			}
 			q("update xchan set xchan_orphan = 0 where xchan_orphan = 1 and xchan_hash = '%s'",
 				dbesc($hub['hubloc_hash'])
 			);
 		}
-
-
-		/*
-		 * This hub has now been proven to be valid.
-		 * Any hub with the same URL and a different sitekey cannot be valid.
-		 * Get rid of them (mark them deleted). There's a good chance they were re-installs.
-		 */
-
-	
-//		q("update hubloc set hubloc_deleted = 1 where hubloc_url = '%s' and hubloc_sitekey != '%s' ",
-//			dbesc($hub['hubloc_url']),
-//			dbesc($hub['hubloc_sitekey'])
-//		);
-
+		
 		$connecting_url = $hub['hubloc_url'];
-
 	}
 
 	/** @TODO check which hub is primary and take action if mismatched */