Browse Source

dfrn remote profile protocol revision

pull/1/head
Friendika 10 years ago
parent
commit
0fe997490d
5 changed files with 87 additions and 13 deletions
  1. +1
    -1
      boot.php
  2. +1
    -1
      include/items.php
  3. +1
    -1
      include/poller.php
  4. +83
    -9
      mod/dfrn_poll.php
  5. +1
    -1
      mod/dfrn_request.php

+ 1
- 1
boot.php View File

@ -3,7 +3,7 @@
set_time_limit(0);
define ( 'FRIENDIKA_VERSION', '2.1.934' );
define ( 'DFRN_PROTOCOL_VERSION', '2.1' );
define ( 'DFRN_PROTOCOL_VERSION', '2.2' );
define ( 'DB_UPDATE_VERSION', 1045 );
define ( 'EOL', "<br />\r\n" );


+ 1
- 1
include/items.php View File

@ -762,7 +762,7 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
if(! $rino_enable)
$rino = 0;
$url = $contact['notify'] . '?f=&dfrn_id=' . $idtosend . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . (($rino) ? '&rino=1' : '');
$url = $contact['notify'] . '&dfrn_id=' . $idtosend . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . (($rino) ? '&rino=1' : '');
logger('dfrn_deliver: ' . $url);


+ 1
- 1
include/poller.php View File

@ -167,7 +167,7 @@ function poller_run($argv, $argc){
if(intval($contact['duplex']) && $contact['issued-id'])
$idtosend = '1:' . $orig_id;
$url = $contact['poll'] . '?f=&dfrn_id=' . $idtosend
$url = $contact['poll'] . '?dfrn_id=' . $idtosend
. '&dfrn_version=' . DFRN_PROTOCOL_VERSION
. '&type=data&last_update=' . $last_update ;


+ 83
- 9
mod/dfrn_poll.php View File

@ -63,7 +63,7 @@ function dfrn_poll_init(&$a) {
if(count($r)) {
$s = fetch_url($r[0]['poll'] . '?f=&dfrn_id=' . $my_id . '&type=profile-check');
$s = fetch_url($r[0]['poll'] . '?dfrn_id=' . $my_id . '&type=profile-check');
logger("dfrn_poll: old profile returns " . $s, LOGGER_DATA);
@ -92,7 +92,7 @@ function dfrn_poll_init(&$a) {
}
if($type === 'profile-check') {
if($type === 'profile-check' && $dfrn_version < 2.2 ) {
if((strlen($challenge)) && (strlen($sec))) {
@ -182,8 +182,69 @@ function dfrn_poll_post(&$a) {
$dfrn_id = ((x($_POST,'dfrn_id')) ? $_POST['dfrn_id'] : '');
$challenge = ((x($_POST,'challenge')) ? $_POST['challenge'] : '');
$url = ((x($_POST,'url')) ? $_POST['url'] : '');
$sec = ((x($_POST,'sec')) ? $_POST['sec'] : '');
$ptype = ((x($_POST,'type')) ? $_POST['type'] : '');
$dfrn_version = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);
if($ptype === 'profile-check') {
if((strlen($challenge)) && (strlen($sec))) {
logger('dfrn_poll: POST: profile-check');
q("DELETE FROM `profile_check` WHERE `expire` < " . intval(time()));
$r = q("SELECT * FROM `profile_check` WHERE `sec` = '%s' ORDER BY `expire` DESC LIMIT 1",
dbesc($sec)
);
if(! count($r)) {
xml_status(3, 'No ticket');
// NOTREACHED
}
$orig_id = $r[0]['dfrn_id'];
if(strpos($orig_id, ':'))
$orig_id = substr($orig_id,2);
$c = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
intval($r[0]['cid'])
);
if(! count($c)) {
xml_status(3, 'No profile');
}
$contact = $c[0];
$sent_dfrn_id = hex2bin($dfrn_id);
$challenge = hex2bin($challenge);
$final_dfrn_id = '';
if(($contact['duplex']) && strlen($contact['prvkey'])) {
openssl_private_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['prvkey']);
openssl_private_decrypt($challenge,$decoded_challenge,$contact['prvkey']);
}
else {
openssl_public_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['pubkey']);
openssl_public_decrypt($challenge,$decoded_challenge,$contact['pubkey']);
}
$final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.'));
if(strpos($final_dfrn_id,':') == 1)
$final_dfrn_id = substr($final_dfrn_id,2);
if($final_dfrn_id != $orig_id) {
logger('profile_check: ' . $final_dfrn_id . ' != ' . $orig_id, LOGGER_DEBUG);
// did not decode properly - cannot trust this site
xml_status(3, 'Bad decryption');
}
header("Content-type: text/xml");
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?><dfrn_poll><status>0</status><challenge>$decoded_challenge</challenge><sec>$sec</sec></dfrn_poll>";
killme();
// NOTREACHED
}
}
$direction = (-1);
if(strpos($dfrn_id,':') == 1) {
$direction = intval(substr($dfrn_id,0,1));
@ -365,13 +426,26 @@ function dfrn_poll_content(&$a) {
if(($type === 'profile') && (strlen($sec))) {
// URL reply
$s = fetch_url($r[0]['poll']
. '?f=&dfrn_id=' . $encrypted_id
. '&type=profile-check'
. '&dfrn_version=' . DFRN_PROTOCOL_VERSION
. '&challenge=' . $challenge
. '&sec=' . $sec
);
if($dfrn_version < 2.2) {
$s = fetch_url($r[0]['poll']
. '?dfrn_id=' . $encrypted_id
. '&type=profile-check'
. '&dfrn_version=' . DFRN_PROTOCOL_VERSION
. '&challenge=' . $challenge
. '&sec=' . $sec
);
}
else {
$s = post_url($r[0]['poll'], array(
'dfrn_id' => $encrypted_id,
'type' => 'profile-check',
'dfrn_version' => DFRN_PROTOCOL_VERSION,
'challenge' => $challenge,
'sec' => $sec
));
}
logger("dfrn_poll: sec profile: " . $s, LOGGER_DATA);


+ 1
- 1
mod/dfrn_request.php View File

@ -172,7 +172,7 @@ function dfrn_request_post(&$a) {
$dfrn_request = $contact_record['request'];
if(strlen($dfrn_request) && strlen($confirm_key))
$s = fetch_url($dfrn_request . '?f=&confirm_key=' . $confirm_key);
$s = fetch_url($dfrn_request . '?confirm_key=' . $confirm_key);
// (ignore reply, nothing we can do it failed)


Loading…
Cancel
Save