66 commits

Author	SHA1	Message	Date
friendica	63a42480c7	add account_level, is_foreigner and is_member functions; convert all e2ee user input and prompts to hex to avoid javascipt's lame handling of quotes. !!This breaks all prior encrypted posts.!!	2013-12-23 15:13:09 -08:00
friendica	44ead61339	authtest: do a better job of success/failure indication	2013-12-17 16:35:22 -08:00
friendica	539988b62f	couple of additional checks	2013-12-05 15:55:14 -08:00
friendica	d66d8ff524	mod_authtest --- magic-auth diagnostic for those that are too freaking important to read logs or code and expect others to be able to debug complex authentication transactions with no information beyond "it didn't work". This will provide a transaction report including both sides of the exchange that you can paste into a bug report and that a developer can actually figure out where in the transaction that things went wrong and maybe even be able to then figure out why.	2013-12-05 15:40:50 -08:00
friendica	cc1e906825	generate a small amount of entropy to avoid duplicate notifications from essentially simultaneous deliveries.	2013-12-04 23:54:46 -08:00
friendica	d8903f09f5	include re-organisation and more doco, post_to_red fix ampersands in categories	2013-12-04 00:19:29 -08:00
friendica	f57909d190	on successful magic-auth, put remote_service_class and remote_hub into the session	2013-12-03 16:31:05 -08:00
friendica	645e897852	more work on magic-auth	2013-12-02 19:06:54 -08:00
friendica	e0f4a76856	magic-auth re-factor	2013-12-02 17:35:44 -08:00
friendica	d9f67876dc	refactor magic-auth	2013-12-02 15:15:02 -08:00
friendica	194c1e7abc	file corruption	2013-12-01 19:29:11 -08:00
friendica	71e67f6347	document the ping packet - and remove the ancient rusty brown square default profile photos.	2013-12-01 19:02:36 -08:00
friendica	fa5366bb95	don't magic-auth against a deleted channel	2013-12-01 17:18:09 -08:00
friendica	77186fa7cd	magic auth fix plus doco	2013-12-01 17:12:29 -08:00
friendica	b1e775a7a1	zot documentation inline in the code where we need it most.	2013-12-01 16:11:18 -08:00
friendica	8f236771c6	mark hublocs with incorrect sitekeys deleted	2013-11-21 14:42:48 -08:00
friendica	d7ee552c57	Protocol: now set data['alg'] on all encapsulated encrypted packets, so that we can more easily retire 'aes256cbc' once it is no longer viable.	2013-11-20 15:20:12 -08:00
friendica	b1a4dc7d7e	set a default value for $webbie - it's the right thing to do.	2013-11-18 01:00:04 -08:00
friendica	718f69c6fc	to clarify the fact, we'll remove the line we no longer need instead of commenting it	2013-11-18 00:57:56 -08:00
friendica	fa8f26c544	change the way magic-auth works - we rarely need a destination channel and if that channel has problems ... it shouldn't mess up authentication to the hub.	2013-11-18 00:55:41 -08:00
friendica	dd6c64f95a	magic auth issues	2013-11-17 23:12:34 -08:00
friendica	92f37fd0d5	document extra features	2013-11-17 01:10:46 -08:00
Olaf Conradi	66d2fe2289	Fix name of Bleichenbacher	2013-09-24 21:04:01 +02:00
friendica	d4ea56a77e	reduce susceptibility to bleichenberger attack	2013-09-24 05:20:29 -07:00
friendica	037fd43fbd	more remote error reporting for zot	2013-09-12 16:52:58 -07:00
Michael Meer	2c06a2c163	implement tip from Mike, corrected the sql statement	2013-09-11 15:24:26 +02:00
Michael Meer	2228264772	flag failed auth attempts in DB table hubloc	2013-09-11 13:59:45 +02:00
friendica	be289a96ad	implement a 'ping' message type to respond if we're still here and whether our URL or keys have changed.	2013-08-29 17:48:31 -07:00
friendica	1c17d1b69c	start timestamping hubloc connections so we can eventually remove dead ones	2013-08-24 18:55:07 -07:00
friendica	ad36ccdbc8	progress on unfriending	2013-08-04 19:09:53 -07:00
friendica	7073200e53	fix for multiple hublocs and incoming magic auth	2013-05-29 20:55:49 -07:00
friendica	9b66f16a01	we don't need every hubloc for the site, only those that have different keys	2013-05-16 21:06:01 -07:00
friendica	c1c2ba7b4e	allow multiple hublocs	2013-05-16 20:27:50 -07:00
friendica	deedac6ae5	workarounds for people that re-install and end up polluting everybody's databases with stale entries	2013-05-16 20:21:12 -07:00
friendica	f8f2591eb9	tweaks	2013-05-15 02:41:35 -07:00
friendica	427b9787d0	add magic_auth_complete hook	2013-05-15 02:20:46 -07:00
friendica	db038c5654	turn naked links in posts into zrl's if we've got a hubloc for the site	2013-04-18 17:55:35 -07:00
friendica	e411a4bdc2	IMPORTANT: magic-auth protocol update, plus 'zrl' bbcode tag for the privacy-is-more-important-than-ease-of-use folks.	2013-04-14 20:41:58 -07:00
friendica	abd58bce68	set hidden flags on new directory entries, not just existing ones	2013-03-26 19:37:33 -07:00
friendica	63c6427dc4	magic auth issue	2013-03-26 16:20:44 -07:00
friendica	884812bcba	doco	2013-03-25 21:32:12 -07:00
friendica	952b2ef2ab	.	2013-03-10 18:45:58 -07:00
friendica	65912ec0bf	moving on	2013-02-18 15:15:55 -08:00
friendica	942adadec6	fix auto rmagic when visiting with zid	2013-02-13 02:33:13 -08:00
friendica	d1e5337c72	recursion and typo in rmagic with zid	2013-02-13 00:14:01 -08:00
friendica	566dd55146	turn down the log noise a bit	2013-01-24 19:45:08 -08:00
friendica	f63997f618	plug potential hole in magic auth, add link to chanview to view in dedicated window	2013-01-23 16:06:01 -08:00
friendica	fb76675a28	now we're into the minor nitty fixes	2013-01-21 19:56:39 -08:00
friendica	4119e1f9cc	testing begins	2013-01-21 19:40:25 -08:00
friendica	5949607d17	magic auth - it's mostly done or at least all the code bits are written and it looks in theory to be pretty secure and it doesn't white screen. Getting it to actually work(?), well we won't know how hard that will be until we get it on a couple of systems and try it. Magic auth on one box is a no-op because you're already authenticated.	2013-01-21 19:16:21 -08:00