dfrn remote profile protocol revision

This commit is contained in:
Friendika 2011-03-30 15:04:18 -07:00
parent f5d782f5c5
commit 0fe997490d
5 changed files with 87 additions and 13 deletions

View file

@ -3,7 +3,7 @@
set_time_limit(0); set_time_limit(0);
define ( 'FRIENDIKA_VERSION', '2.1.934' ); define ( 'FRIENDIKA_VERSION', '2.1.934' );
define ( 'DFRN_PROTOCOL_VERSION', '2.1' ); define ( 'DFRN_PROTOCOL_VERSION', '2.2' );
define ( 'DB_UPDATE_VERSION', 1045 ); define ( 'DB_UPDATE_VERSION', 1045 );
define ( 'EOL', "<br />\r\n" ); define ( 'EOL', "<br />\r\n" );

View file

@ -762,7 +762,7 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
if(! $rino_enable) if(! $rino_enable)
$rino = 0; $rino = 0;
$url = $contact['notify'] . '?f=&dfrn_id=' . $idtosend . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . (($rino) ? '&rino=1' : ''); $url = $contact['notify'] . '&dfrn_id=' . $idtosend . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . (($rino) ? '&rino=1' : '');
logger('dfrn_deliver: ' . $url); logger('dfrn_deliver: ' . $url);

View file

@ -167,7 +167,7 @@ function poller_run($argv, $argc){
if(intval($contact['duplex']) && $contact['issued-id']) if(intval($contact['duplex']) && $contact['issued-id'])
$idtosend = '1:' . $orig_id; $idtosend = '1:' . $orig_id;
$url = $contact['poll'] . '?f=&dfrn_id=' . $idtosend $url = $contact['poll'] . '?dfrn_id=' . $idtosend
. '&dfrn_version=' . DFRN_PROTOCOL_VERSION . '&dfrn_version=' . DFRN_PROTOCOL_VERSION
. '&type=data&last_update=' . $last_update ; . '&type=data&last_update=' . $last_update ;

View file

@ -63,7 +63,7 @@ function dfrn_poll_init(&$a) {
if(count($r)) { if(count($r)) {
$s = fetch_url($r[0]['poll'] . '?f=&dfrn_id=' . $my_id . '&type=profile-check'); $s = fetch_url($r[0]['poll'] . '?dfrn_id=' . $my_id . '&type=profile-check');
logger("dfrn_poll: old profile returns " . $s, LOGGER_DATA); logger("dfrn_poll: old profile returns " . $s, LOGGER_DATA);
@ -92,7 +92,7 @@ function dfrn_poll_init(&$a) {
} }
if($type === 'profile-check') { if($type === 'profile-check' && $dfrn_version < 2.2 ) {
if((strlen($challenge)) && (strlen($sec))) { if((strlen($challenge)) && (strlen($sec))) {
@ -182,8 +182,69 @@ function dfrn_poll_post(&$a) {
$dfrn_id = ((x($_POST,'dfrn_id')) ? $_POST['dfrn_id'] : ''); $dfrn_id = ((x($_POST,'dfrn_id')) ? $_POST['dfrn_id'] : '');
$challenge = ((x($_POST,'challenge')) ? $_POST['challenge'] : ''); $challenge = ((x($_POST,'challenge')) ? $_POST['challenge'] : '');
$url = ((x($_POST,'url')) ? $_POST['url'] : ''); $url = ((x($_POST,'url')) ? $_POST['url'] : '');
$sec = ((x($_POST,'sec')) ? $_POST['sec'] : '');
$ptype = ((x($_POST,'type')) ? $_POST['type'] : '');
$dfrn_version = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0); $dfrn_version = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);
if($ptype === 'profile-check') {
if((strlen($challenge)) && (strlen($sec))) {
logger('dfrn_poll: POST: profile-check');
q("DELETE FROM `profile_check` WHERE `expire` < " . intval(time()));
$r = q("SELECT * FROM `profile_check` WHERE `sec` = '%s' ORDER BY `expire` DESC LIMIT 1",
dbesc($sec)
);
if(! count($r)) {
xml_status(3, 'No ticket');
// NOTREACHED
}
$orig_id = $r[0]['dfrn_id'];
if(strpos($orig_id, ':'))
$orig_id = substr($orig_id,2);
$c = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
intval($r[0]['cid'])
);
if(! count($c)) {
xml_status(3, 'No profile');
}
$contact = $c[0];
$sent_dfrn_id = hex2bin($dfrn_id);
$challenge = hex2bin($challenge);
$final_dfrn_id = '';
if(($contact['duplex']) && strlen($contact['prvkey'])) {
openssl_private_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['prvkey']);
openssl_private_decrypt($challenge,$decoded_challenge,$contact['prvkey']);
}
else {
openssl_public_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['pubkey']);
openssl_public_decrypt($challenge,$decoded_challenge,$contact['pubkey']);
}
$final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.'));
if(strpos($final_dfrn_id,':') == 1)
$final_dfrn_id = substr($final_dfrn_id,2);
if($final_dfrn_id != $orig_id) {
logger('profile_check: ' . $final_dfrn_id . ' != ' . $orig_id, LOGGER_DEBUG);
// did not decode properly - cannot trust this site
xml_status(3, 'Bad decryption');
}
header("Content-type: text/xml");
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?><dfrn_poll><status>0</status><challenge>$decoded_challenge</challenge><sec>$sec</sec></dfrn_poll>";
killme();
// NOTREACHED
}
}
$direction = (-1); $direction = (-1);
if(strpos($dfrn_id,':') == 1) { if(strpos($dfrn_id,':') == 1) {
$direction = intval(substr($dfrn_id,0,1)); $direction = intval(substr($dfrn_id,0,1));
@ -365,13 +426,26 @@ function dfrn_poll_content(&$a) {
if(($type === 'profile') && (strlen($sec))) { if(($type === 'profile') && (strlen($sec))) {
// URL reply // URL reply
$s = fetch_url($r[0]['poll']
. '?f=&dfrn_id=' . $encrypted_id
. '&type=profile-check' if($dfrn_version < 2.2) {
. '&dfrn_version=' . DFRN_PROTOCOL_VERSION $s = fetch_url($r[0]['poll']
. '&challenge=' . $challenge . '?dfrn_id=' . $encrypted_id
. '&sec=' . $sec . '&type=profile-check'
); . '&dfrn_version=' . DFRN_PROTOCOL_VERSION
. '&challenge=' . $challenge
. '&sec=' . $sec
);
}
else {
$s = post_url($r[0]['poll'], array(
'dfrn_id' => $encrypted_id,
'type' => 'profile-check',
'dfrn_version' => DFRN_PROTOCOL_VERSION,
'challenge' => $challenge,
'sec' => $sec
));
}
logger("dfrn_poll: sec profile: " . $s, LOGGER_DATA); logger("dfrn_poll: sec profile: " . $s, LOGGER_DATA);

View file

@ -172,7 +172,7 @@ function dfrn_request_post(&$a) {
$dfrn_request = $contact_record['request']; $dfrn_request = $contact_record['request'];
if(strlen($dfrn_request) && strlen($confirm_key)) if(strlen($dfrn_request) && strlen($confirm_key))
$s = fetch_url($dfrn_request . '?f=&confirm_key=' . $confirm_key); $s = fetch_url($dfrn_request . '?confirm_key=' . $confirm_key);
// (ignore reply, nothing we can do it failed) // (ignore reply, nothing we can do it failed)