From b49858b038a0a05bbe7685929e88071d0e125538 Mon Sep 17 00:00:00 2001 From: Mike Macgirvin Date: Thu, 2 Sep 2010 00:31:11 -0700 Subject: [PATCH] start on 2way comms, 2.0 dev --- include/notifier.php | 30 +++++++++++++++---------- include/poller.php | 53 ++++++++++++++++++++++++++------------------ mod/dfrn_notify.php | 29 ++++++++++++++++-------- mod/dfrn_poll.php | 43 +++++++++++++++++++++-------------- mod/redir.php | 9 +++++--- view/atom_feed.tpl | 14 +++++------- view/atom_item.tpl | 6 ++--- 7 files changed, 110 insertions(+), 74 deletions(-) diff --git a/include/notifier.php b/include/notifier.php index fe1925c337..40fdbcc5f7 100644 --- a/include/notifier.php +++ b/include/notifier.php @@ -266,12 +266,12 @@ if($rr['self']) continue; - if(! strlen($rr['dfrn-id'])) + if((! strlen($rr['dfrn-id'])) || ($rr['duplex'] && ! strlen($rr['issued-id']))) continue; + $idtosend = (($rr['duplex']) ? $rr['issued-id'] : $rr['dfrn-id']); - - $url = $rr['notify'] . '?dfrn_id=' . $rr['dfrn-id']; + $url = $rr['notify'] . '?dfrn_id=' . $idtosend; $xml = fetch_url($url); @@ -288,25 +288,31 @@ $postvars = array(); $sent_dfrn_id = hex2bin($res->dfrn_id); - + $challenge = hex2bin($res->challenge); $final_dfrn_id = ''; - openssl_public_decrypt($sent_dfrn_id,$final_dfrn_id,$rr['pubkey']); + + if($rr['duplex']) { + openssl_private_decrypt($sent_dfrn_id,$final_dfrn_id,$rr['prvkey']); + openssl_private_decrypt($challenge,$postvars['challenge'],$rr['prvkey']); + } + else { + openssl_public_decrypt($sent_dfrn_id,$final_dfrn_id,$rr['pubkey']); + openssl_public_decrypt($challenge,$postvars['challenge'],$rr['pubkey']); + } + $final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.')); - if($final_dfrn_id != $rr['dfrn-id']) { + if(($final_dfrn_id != $rr['dfrn-id']) || (($rr['duplex']) && ($final_dfrn_id != $rr['issued-id']))) { // did not decode properly - cannot trust this site continue; } - $postvars['dfrn_id'] = $rr['dfrn-id']; - - $challenge = hex2bin($res->challenge); - - openssl_public_decrypt($challenge,$postvars['challenge'],$rr['pubkey']); + $postvars['dfrn_id'] = (($duplex) ? $rr['issued-id'] : $rr['dfrn-id']); if($cmd == 'mail') { $postvars['data'] = $atom; } - elseif(strlen($rr['dfrn-id']) && (! ($rr['blocked']) || ($rr['readonly']))) { + elseif(((strlen($rr['dfrn-id'])) || (($rr['duplex']) && (strlen($rr['issued-id'])))) + && (! ($rr['blocked']) || ($rr['readonly']))) { $postvars['data'] = $atom; } else { diff --git a/include/poller.php b/include/poller.php index f771a3af4b..96c6472786 100644 --- a/include/poller.php +++ b/include/poller.php @@ -1,27 +1,25 @@ set_baseurl(get_config('system','url')); $contacts = q("SELECT * FROM `contact` - WHERE `dfrn-id` != '' AND `self` = 0 AND `blocked` = 0 - AND `readonly` = 0 ORDER BY RAND()"); + WHERE ( `dfrn-id` != '' OR (`issued-id` != '' AND `duplex` = 1)) + AND `self` = 0 AND `blocked` = 0 AND `readonly` = 0 ORDER BY RAND()"); if(! count($contacts)) killme(); @@ -75,11 +73,15 @@ require_once('include/items.php'); ? datetime_convert('UTC','UTC','now - 30 days','Y-m-d\TH:i:s\Z') : datetime_convert('UTC','UTC',$contact['last-update'],'Y-m-d\TH:i:s\Z')); - $url = $contact['poll'] . '?dfrn_id=' . $contact['dfrn-id'] . '&type=data&last_update=' . $last_update ; + $idtosend = (($contact['duplex']) ? $contact['issued-id'] : $contact['dfrn-id']); + + $url = $contact['poll'] . '?dfrn_id=' . $idtosend . '&type=data&last_update=' . $last_update ; $xml = fetch_url($url); + echo "URL: " . $url; echo "XML: " . $xml; + if(! $xml) continue; @@ -91,19 +93,28 @@ echo "XML: " . $xml; $postvars = array(); $sent_dfrn_id = hex2bin($res->dfrn_id); + $challenge = hex2bin($res->challenge); $final_dfrn_id = ''; - openssl_public_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['pubkey']); + + if($contact['duplex']) { + openssl_private_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['prvkey']); + openssl_private_decrypt($challenge,$postvars['challenge'],$contact['prvkey']); + + } + else { + openssl_public_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['pubkey']); + openssl_public_decrypt($challenge,$postvars['challenge'],$contact['pubkey']); + } + $final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.')); - if($final_dfrn_id != $contact['dfrn-id']) { + if(($final_dfrn_id != $contact['dfrn-id']) + || (($contact['duplex']) && ($final_dfrn_id != $contact['issued-id']))) { // did not decode properly - cannot trust this site continue; } - $postvars['dfrn_id'] = $contact['dfrn-id']; - $challenge = hex2bin($res->challenge); - - openssl_public_decrypt($challenge,$postvars['challenge'],$contact['pubkey']); + $postvars['dfrn_id'] = (($contact['duplex']) ? $contact['issued-id'] : $contact['dfrn-id']); $xml = post_url($contact['poll'],$postvars); diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php index 3e98377e88..7cab98eb8e 100644 --- a/mod/dfrn_notify.php +++ b/mod/dfrn_notify.php @@ -23,7 +23,10 @@ function dfrn_notify_post(&$a) { // find the local user who owns this relationship. - $r = q("SELECT `contact`.*, `contact`.`uid` AS `importer_uid`, `user`.* FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid` WHERE `issued-id` = '%s' LIMIT 1", + $r = q("SELECT `contact`.*, `contact`.`uid` AS `importer_uid`, `user`.* FROM `contact` + LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid` + WHERE ( `issued-id` = '%s' OR ( `duplex` = 1 AND `dfrn-id` = '%s' )) LIMIT 1", + dbesc($dfrn_id), dbesc($dfrn_id) ); @@ -341,20 +344,28 @@ function dfrn_notify_content(&$a) { intval(time() + 60 ) ); - $r = q("SELECT * FROM `contact` WHERE `issued-id` = '%s' AND `blocked` = 0 AND `pending` = 0 LIMIT 1", - dbesc($_GET['dfrn_id'])); - if((! count($r)) || (! strlen($r[0]['prvkey']))) + $r = q("SELECT * FROM `contact` WHERE ( `issued-id` = '%s' OR ( `duplex` = 1 AND `dfrn-id` = '%s')) + AND `blocked` = 0 AND `pending` = 0 LIMIT 1", + dbesc($_GET['dfrn_id']), + dbesc($_GET['dfrn_id']) + ); + if(! count($r)) $status = 1; $challenge = ''; - - openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']); - $challenge = bin2hex($challenge); - $encrypted_id = ''; $id_str = $_GET['dfrn_id'] . '.' . mt_rand(1000,9999); - openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']); + if($r[0]['duplex']) { + openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']); + openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']); + } + else { + openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']); + openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']); + } + + $challenge = bin2hex($challenge); $encrypted_id = bin2hex($encrypted_id); echo '' .$status . '' . $encrypted_id . '' . '' . $challenge . '' . "\r\n" ; diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php index c627c2b418..84cb58da0d 100644 --- a/mod/dfrn_poll.php +++ b/mod/dfrn_poll.php @@ -25,8 +25,11 @@ function dfrn_poll_init(&$a) { $r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid` - WHERE `dfrn-id` = '%s' LIMIT 1", - dbesc($dfrn_id)); + WHERE ( `dfrn-id` = '%s' OR ( `issued-id` = '%s' AND `duplex `= 1 )) LIMIT 1", + dbesc($dfrn_id), + dbesc($dfrn_id) + ); + if(count($r)) { $s = fetch_url($r[0]['poll'] . '?dfrn_id=' . $dfrn_id . '&type=profile-check'); if(strlen($s)) { @@ -87,9 +90,11 @@ function dfrn_poll_post(&$a) { ); - $r = q("SELECT * FROM `contact` WHERE `issued-id` = '%s' LIMIT 1", + $r = q("SELECT * FROM `contact` WHERE ( `issued-id` = '%s' OR ( `dfrn-id` = '%s' AND `duplex` = 1 )) LIMIT 1", + dbesc($dfrn_id), dbesc($dfrn_id) ); + if(! count($r)) killme(); @@ -165,23 +170,32 @@ function dfrn_poll_content(&$a) { dbesc($last_update) ); - $r = q("SELECT * FROM `contact` WHERE `issued-id` = '%s' AND `blocked` = 0 AND `pending` = 0 LIMIT 1", - dbesc($_GET['dfrn_id'])); - if((count($r)) && (strlen($r[0]['prvkey']))) { + $r = q("SELECT * FROM `contact` WHERE ( `issued-id` = '%s' OR ( `dfrn-id` = '%s' AND `duplex` = 1 )) + AND `blocked` = 0 AND `pending` = 0 LIMIT 1", + dbesc($_GET['dfrn_id']), + dbesc($_GET['dfrn_id']) + ); + if(count($r)) { $challenge = ''; - - openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']); - $challenge = bin2hex($challenge); - $encrypted_id = ''; $id_str = $_GET['dfrn_id'] . '.' . mt_rand(1000,9999); - openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']); + + if($r[0]['duplex']) { + openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']); + openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']); + } + else { + openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']); + openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']); + } + + $challenge = bin2hex($challenge); $encrypted_id = bin2hex($encrypted_id); } else { - $status = 1; // key not found + $status = 1; } echo '' .$status . '' . $encrypted_id . '' @@ -189,11 +203,6 @@ function dfrn_poll_content(&$a) { session_write_close(); exit; } - - - - - } diff --git a/mod/redir.php b/mod/redir.php index ea1aec6e90..88b291146b 100644 --- a/mod/redir.php +++ b/mod/redir.php @@ -4,17 +4,20 @@ function redir_init(&$a) { if((! local_user()) || (! ($a->argc == 2)) || (! intval($a->argv[1]))) goaway($a->get_baseurl()); - $r = q("SELECT `issued-id`, `poll` FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", + $r = q("SELECT `issued-id`, `dfrn-id`, `duplex`, `poll` FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($a->argv[1]), intval($_SESSION['uid'])); if(! count($r)) goaway($a->get_baseurl()); + + $dfrn_id = (($r[0]['duplex']) ? $r[0]['dfrn-id'] : $r[0]['issued-id']); + q("INSERT INTO `profile_check` ( `uid`, `dfrn_id`, `expire`) VALUES( %d, '%s', %d )", intval($_SESSION['uid']), - dbesc($r[0]['issued-id']), + dbesc($dfrn_id), intval(time() + 45)); - goaway ($r[0]['poll'] . '?dfrn_id=' . $r[0]['issued-id'] . '&type=profile'); + goaway ($r[0]['poll'] . '?dfrn_id=' . $dfrn_id . '&type=profile'); diff --git a/view/atom_feed.tpl b/view/atom_feed.tpl index b77b146463..316fcb10ba 100644 --- a/view/atom_feed.tpl +++ b/view/atom_feed.tpl @@ -2,20 +2,16 @@ $feed_id $feed_title - $photo - $picdate $feed_updated - $name - $namdate - $profile_page - $uridate - $thumb - $picdate - + $name + $profile_page + + diff --git a/view/atom_item.tpl b/view/atom_item.tpl index 1dae06db56..8104cfaa5a 100644 --- a/view/atom_item.tpl +++ b/view/atom_item.tpl @@ -2,19 +2,19 @@ $name $profile_page - $thumb + $owner_name $owner_profile_page - $owner_thumb + $item_id $title $published $updated - $content + $content $location $comment_allow