Diaspora: Better handling for unrelayed comments and likes
This commit is contained in:
parent
8510b4d4dd
commit
d7b56db996
1 changed files with 24 additions and 15 deletions
|
@ -333,19 +333,20 @@ class Diaspora {
|
|||
return false;
|
||||
}
|
||||
|
||||
if (!self::valid_posting($msg, $fields)) {
|
||||
if (!($postdata = self::valid_posting($msg))) {
|
||||
logger("Invalid posting");
|
||||
return false;
|
||||
}
|
||||
|
||||
// Is it a an action (comment, like, ...) for our own post?
|
||||
if (isset($fields->parent_guid)) {
|
||||
$guid = notags(unxmlify($fields->parent_guid));
|
||||
$fields = $postdata['fields'];
|
||||
|
||||
// Is it a an action (comment, like, ...) for our own post?
|
||||
if (isset($fields->parent_guid) AND !$postdata["relayed"]) {
|
||||
$guid = notags(unxmlify($fields->parent_guid));
|
||||
$importer = self::importer_for_guid($guid);
|
||||
if (is_array($importer)) {
|
||||
logger("delivering to origin: ".$importer["name"]);
|
||||
$message_id = self::dispatch($importer, $msg);
|
||||
$message_id = self::dispatch($importer, $msg, $fields);
|
||||
return $message_id;
|
||||
}
|
||||
}
|
||||
|
@ -361,14 +362,14 @@ class Diaspora {
|
|||
if (dbm::is_result($r)) {
|
||||
foreach ($r as $rr) {
|
||||
logger("delivering to: ".$rr["username"]);
|
||||
self::dispatch($rr, $msg);
|
||||
self::dispatch($rr, $msg, $fields);
|
||||
}
|
||||
} elseif (!Config::get('system', 'relay_subscribe', false)) {
|
||||
logger("Unwanted message from ".$sender." send by ".$_SERVER["REMOTE_ADDR"]." with ".$_SERVER["HTTP_USER_AGENT"].": ".print_r($msg, true), LOGGER_DEBUG);
|
||||
logger("Unwanted message from ".$msg["author"]." send by ".$_SERVER["REMOTE_ADDR"]." with ".$_SERVER["HTTP_USER_AGENT"].": ".print_r($msg, true), LOGGER_DEBUG);
|
||||
} else {
|
||||
// Use a dummy importer to import the data for the public copy
|
||||
$importer = array("uid" => 0, "page-flags" => PAGE_FREELOVE);
|
||||
$message_id = self::dispatch($importer, $msg);
|
||||
$message_id = self::dispatch($importer, $msg, $fields);
|
||||
}
|
||||
|
||||
return $message_id;
|
||||
|
@ -382,15 +383,19 @@ class Diaspora {
|
|||
*
|
||||
* @return int The message id of the generated message, "true" or "false" if there was an error
|
||||
*/
|
||||
public static function dispatch($importer, $msg) {
|
||||
public static function dispatch($importer, $msg, $fields = null) {
|
||||
|
||||
// The sender is the handle of the contact that sent the message.
|
||||
// This will often be different with relayed messages (for example "like" and "comment")
|
||||
$sender = $msg["author"];
|
||||
|
||||
if (!self::valid_posting($msg, $fields)) {
|
||||
logger("Invalid posting");
|
||||
return false;
|
||||
// This is only needed for private postings since this is already done for public ones before
|
||||
if (is_null($fields)) {
|
||||
if (!($postdata = self::valid_posting($msg))) {
|
||||
logger("Invalid posting");
|
||||
return false;
|
||||
}
|
||||
$fields = $postdata['fields'];
|
||||
}
|
||||
|
||||
$type = $fields->getName();
|
||||
|
@ -456,7 +461,7 @@ class Diaspora {
|
|||
*
|
||||
* @return bool Is the posting valid?
|
||||
*/
|
||||
private static function valid_posting($msg, &$fields) {
|
||||
private static function valid_posting($msg) {
|
||||
|
||||
$data = parse_xml_string($msg["message"], false);
|
||||
|
||||
|
@ -552,7 +557,7 @@ class Diaspora {
|
|||
|
||||
// Only some message types have signatures. So we quit here for the other types.
|
||||
if (!in_array($type, array("comment", "message", "like")))
|
||||
return true;
|
||||
return array("fields" => $fields, "relayed" => false);
|
||||
|
||||
// No author_signature? This is a must, so we quit.
|
||||
if (!isset($author_signature)) {
|
||||
|
@ -561,12 +566,16 @@ class Diaspora {
|
|||
}
|
||||
|
||||
if (isset($parent_author_signature)) {
|
||||
$relayed = true;
|
||||
|
||||
$key = self::key($msg["author"]);
|
||||
|
||||
if (!rsa_verify($signed_data, $parent_author_signature, $key, "sha256")) {
|
||||
logger("No valid parent author signature for parent author ".$msg["author"]. " in type ".$type." - signed data: ".$signed_data." - Message: ".$msg["message"]." - Signature ".$parent_author_signature, LOGGER_DEBUG);
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
$relayed = false;
|
||||
}
|
||||
|
||||
$key = self::key($fields->author);
|
||||
|
@ -575,7 +584,7 @@ class Diaspora {
|
|||
logger("No valid author signature for author ".$fields->author. " in type ".$type." - signed data: ".$signed_data." - Message: ".$msg["message"]." - Signature ".$author_signature, LOGGER_DEBUG);
|
||||
return false;
|
||||
} else
|
||||
return true;
|
||||
return array("fields" => $fields, "relayed" => $relayed);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
Loading…
Reference in a new issue