Browse Source

Retraction do work as well

pull/3010/head
Michael Vogel 5 years ago
committed by Roland Haeder
parent
commit
22c889c319
No known key found for this signature in database GPG Key ID: B72F8185C6C7BD78
7 changed files with 29 additions and 178 deletions
  1. +1
    -3
      database.sql
  2. +0
    -1
      doc/database/db_sign.md
  3. +0
    -2
      include/dbstructure.php
  4. +28
    -45
      include/diaspora.php
  5. +0
    -51
      include/items.php
  6. +0
    -69
      include/like.php
  7. +0
    -7
      include/notifier.php

+ 1
- 3
database.sql View File

@ -901,13 +901,11 @@ CREATE TABLE IF NOT EXISTS `session` (
CREATE TABLE IF NOT EXISTS `sign` (
`id` int(10) unsigned NOT NULL auto_increment,
`iid` int(10) unsigned NOT NULL DEFAULT 0,
`retract_iid` int(10) unsigned NOT NULL DEFAULT 0,
`signed_text` mediumtext NOT NULL,
`signature` text NOT NULL,
`signer` varchar(255) NOT NULL DEFAULT '',
PRIMARY KEY(`id`),
INDEX `iid` (`iid`),
INDEX `retract_iid` (`retract_iid`)
INDEX `iid` (`iid`)
) DEFAULT CHARSET=utf8;
--


+ 0
- 1
doc/database/db_sign.md View File

@ -5,7 +5,6 @@ Table sign
| ------------ | ------------- | ---------------- | ---- | --- | ------- | --------------- |
| id | sequential ID | int(10) unsigned | NO | PRI | NULL | auto_increment |
| iid | item.id | int(10) unsigned | NO | MUL | 0 | |
| retract_iid | | int(10) unsigned | NO | MUL | 0 | |
| signed_text | | mediumtext | NO | | NULL | |
| signature | | text | NO | | NULL | |
| signer | | varchar(255) | NO | | | |


+ 0
- 2
include/dbstructure.php View File

@ -1235,7 +1235,6 @@ function db_definition() {
"fields" => array(
"id" => array("type" => "int(10) unsigned", "not null" => "1", "extra" => "auto_increment", "primary" => "1"),
"iid" => array("type" => "int(10) unsigned", "not null" => "1", "default" => "0"),
"retract_iid" => array("type" => "int(10) unsigned", "not null" => "1", "default" => "0"),
"signed_text" => array("type" => "mediumtext", "not null" => "1"),
"signature" => array("type" => "text", "not null" => "1"),
"signer" => array("type" => "varchar(255)", "not null" => "1", "default" => ""),
@ -1243,7 +1242,6 @@ function db_definition() {
"indexes" => array(
"PRIMARY" => array("id"),
"iid" => array("iid"),
"retract_iid" => array("retract_iid"),
)
);
$database["spam"] = array(


+ 28
- 45
include/diaspora.php View File

@ -12,8 +12,8 @@
* - send mail
* - send status retraction
* - send comment retraction on own post
* - send comment retraction on diaspora post
* - send like retraction on own post
* - send comment retraction on diaspora post
* - send like retraction on diaspora post
* - receive status
* - receive reshare
@ -30,10 +30,10 @@
* - relay comment retraction from friendica
* - relay like retraction from diaspora
* - relay like retraction from friendica
* - send share
*
* Should work:
* - receive account deletion
* - send share
* - send unshare
*
* Unchecked:
@ -610,15 +610,21 @@ class diaspora {
return $r;
}
public static function handle_from_contact($contact_id) {
public static function handle_from_contact($contact_id, $gcontact_id = 0) {
$handle = False;
logger("contact id is ".$contact_id, LOGGER_DEBUG);
logger("contact id is ".$contact_id." - gcontact id is ".$gcontact_id, LOGGER_DEBUG);
if ($gcontact_id != 0) {
$r = q("SELECT `addr` FROM `gcontact` WHERE `id` = %d AND `addr` != ''",
intval($gcontact_id));
if ($r)
return $r[0]["addr"];
}
$r = q("SELECT `network`, `addr`, `self`, `url`, `nick` FROM `contact` WHERE `id` = %d",
intval($contact_id)
);
if($r) {
intval($contact_id));
if ($r) {
$contact = $r[0];
logger("contact 'self' = ".$contact['self']." 'url' = ".$contact['url'], LOGGER_DEBUG);
@ -1759,16 +1765,6 @@ class diaspora {
// Now check if the retraction needs to be relayed by us
if($p[0]["origin"]) {
// Formerly we stored the signed text, the signature and the author in different fields.
// We now store the raw data so that we are more flexible.
q("INSERT INTO `sign` (`retract_iid`,`signed_text`) VALUES (%d,'%s')",
intval($r[0]["id"]),
dbesc(json_encode($data))
);
$s = q("select * from sign where retract_iid = %d", intval($r[0]["id"]));
logger("Stored signatur for item ".$r[0]["id"]." - ".print_r($s, true), LOGGER_DEBUG);
// notify others
proc_run("php", "include/notifier.php", "drop", $r[0]["id"]);
}
@ -2380,28 +2376,21 @@ class diaspora {
public static function send_relay($item, $owner, $contact, $public_batch = false) {
if ($item["deleted"]) {
$sql_sign_id = "retract_iid";
$type = "relayable_retraction";
} elseif ($item['verb'] === ACTIVITY_LIKE) {
$sql_sign_id = "iid";
if ($item["deleted"])
return self::send_retraction($item, $owner, $contact, $public_batch, true);
elseif ($item['verb'] === ACTIVITY_LIKE)
$type = "like";
} else {
$sql_sign_id = "iid";
else
$type = "comment";
}
logger("Got relayable data ".$type." for item ".$item["guid"]." (".$item["id"].")", LOGGER_DEBUG);
// fetch the original signature
$r = q("SELECT `signed_text`, `signature`, `signer` FROM `sign` WHERE `".$sql_sign_id."` = %d LIMIT 1",
$r = q("SELECT `signed_text`, `signature`, `signer` FROM `sign` WHERE `iid` = %d LIMIT 1",
intval($item["id"]));
if (!$r) {
if ($item["deleted"])
return self::send_retraction($item, $owner, $contact, $public_batch);
logger("Couldn't fetch signatur for item ".$item["guid"]." (".$item["id"].")", LOGGER_DEBUG);
return false;
}
@ -2431,23 +2420,17 @@ class diaspora {
logger("Signature text for item ".$item["guid"]." (".$item["id"].") couldn't be extracted: ".$signature['signed_text'], LOGGER_DEBUG);
}
if ($item["deleted"]) {
$signed_text = $message["target_guid"].';'.$message["target_type"];
$message["parent_author_signature"] = base64_encode(rsa_sign($signed_text, $owner["uprvkey"], "sha256"));
} else
$message["parent_author_signature"] = self::signature($owner, $message);
$message["parent_author_signature"] = self::signature($owner, $message);
logger("Relayed data ".print_r($message, true), LOGGER_DEBUG);
return self::build_and_transmit($owner, $contact, $type, $message, $public_batch, $item["guid"]);
}
public static function send_retraction($item, $owner, $contact, $public_batch = false) {
/// @todo Fetch handle from every contact (via gcontact)
$itemaddr = self::handle_from_contact($item["contact-id"]);
public static function send_retraction($item, $owner, $contact, $public_batch = false, $relay = false) {
$myaddr = self::my_handle($owner);
$itemaddr = self::handle_from_contact($item["contact-id"], $item["gcontact-id"]);
//$myaddr = self::my_handle($owner);
// Check whether the retraction is for a top-level post or whether it's a relayable
if ($item["uri"] !== $item["parent-uri"]) {
@ -2458,17 +2441,17 @@ class diaspora {
$target_type = "StatusMessage";
}
if ($relay AND ($item["uri"] !== $item["parent-uri"]))
$signature = "parent_author_signature";
else
$signature = "target_author_signature";
$signed_text = $item["guid"].";".$target_type;
$message = array("target_guid" => $item['guid'],
"target_type" => $target_type,
"sender_handle" => $itemaddr,
"target_author_signature" => base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256')));
if ($itemaddr != $myaddr) {
$message["parent_author_signature"] = $message["target_author_signature"];
unset($message["target_author_signature"]);
}
$signature => base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256')));
logger("Got message ".print_r($message, true), LOGGER_DEBUG);


+ 0
- 51
include/items.php View File

@ -1980,9 +1980,6 @@ function drop_item($id,$interactive = true) {
intval($r[0]['id'])
);
}
// Add a relayable_retraction signature for Diaspora.
store_diaspora_retract_sig($item, $a->user, $a->get_baseurl());
}
$drop_id = intval($item['id']);
@ -2115,51 +2112,3 @@ function posted_date_widget($url,$uid,$wall) {
));
return $o;
}
function store_diaspora_retract_sig($item, $user, $baseurl) {
// Note that we can't add a target_author_signature
// if the comment was deleted by a remote user. That should be ok, because if a remote user is deleting
// the comment, that means we're the home of the post, and Diaspora will only
// check the parent_author_signature of retractions that it doesn't have to relay further
//
// I don't think this function gets called for an "unlike," but I'll check anyway
$enabled = intval(get_config('system','diaspora_enabled'));
if(! $enabled) {
logger('drop_item: diaspora support disabled, not storing retraction signature', LOGGER_DEBUG);
return;
}
logger('drop_item: storing diaspora retraction signature');
$signed_text = $item['guid'] . ';' . ( ($item['verb'] === ACTIVITY_LIKE) ? 'Like' : 'Comment');
if(local_user() == $item['uid']) {
$handle = $user['nickname'] . '@' . substr($baseurl, strpos($baseurl,'://') + 3);
$authorsig = base64_encode(rsa_sign($signed_text,$user['prvkey'],'sha256'));
}
else {
$r = q("SELECT `nick`, `url` FROM `contact` WHERE `id` = '%d' LIMIT 1",
$item['contact-id'] // If this function gets called, drop_item() has already checked remote_user() == $item['contact-id']
);
if(count($r)) {
// The below handle only works for NETWORK_DFRN. I think that's ok, because this function
// only handles DFRN deletes
$handle_baseurl_start = strpos($r['url'],'://') + 3;
$handle_baseurl_length = strpos($r['url'],'/profile') - $handle_baseurl_start;
$handle = $r['nick'] . '@' . substr($r['url'], $handle_baseurl_start, $handle_baseurl_length);
$authorsig = '';
}
}
if(isset($handle))
q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
intval($item['id']),
dbesc($signed_text),
dbesc($authorsig),
dbesc($handle)
);
return;
}

+ 0
- 69
include/like.php View File

@ -151,9 +151,6 @@ function do_like($item_id, $verb) {
intval($like_item['id'])
);
// Save the author information for the unlike in case we need to relay to Diaspora
store_diaspora_like_retract_sig($activity, $item, $like_item, $contact);
$like_item_id = $like_item['id'];
proc_run('php',"include/notifier.php","like","$like_item_id");
@ -251,72 +248,6 @@ EOT;
return true;
}
function store_diaspora_like_retract_sig($activity, $item, $like_item, $contact) {
// Note that we can only create a signature for a user of the local server. We don't have
// a key for remote users. That is ok, because if a remote user is "unlike"ing a post, it
// means we are the relay, and for relayable_retractions, Diaspora
// only checks the parent_author_signature if it doesn't have to relay further
//
// If $item['resource-id'] exists, it means the item is a photo. Diaspora doesn't support
// likes on photos, so don't bother.
$enabled = intval(get_config('system','diaspora_enabled'));
if(! $enabled) {
logger('mod_like: diaspora support disabled, not storing like retraction signature', LOGGER_DEBUG);
return;
}
logger('mod_like: storing diaspora like retraction signature');
if(($activity === ACTIVITY_LIKE) && (! $item['resource-id'])) {
$signed_text = $like_item['guid'] . ';' . 'Like';
// Only works for NETWORK_DFRN
$contact_baseurl_start = strpos($contact['url'],'://') + 3;
$contact_baseurl_length = strpos($contact['url'],'/profile') - $contact_baseurl_start;
$contact_baseurl = substr($contact['url'], $contact_baseurl_start, $contact_baseurl_length);
$diaspora_handle = $contact['nick'] . '@' . $contact_baseurl;
// This code could never had worked (the return values form the queries were used in a wrong way.
// Additionally it is needlessly complicated. Either the contact is owner or not. And we have this data already.
/*
// Get contact's private key if he's a user of the local Friendica server
$r = q("SELECT `contact`.`uid` FROM `contact` WHERE `url` = '%s' AND `self` = 1 LIMIT 1",
dbesc($contact['url'])
);
if( $r) {
$contact_uid = $r['uid'];
$r = q("SELECT prvkey FROM user WHERE uid = %d LIMIT 1",
intval($contact_uid)
);
*/
// Is the contact the owner? Then fetch the private key
if ($contact['self'] AND ($contact['uid'] > 0)) {
$r = q("SELECT prvkey FROM user WHERE uid = %d LIMIT 1",
intval($contact['uid'])
);
if($r)
$authorsig = base64_encode(rsa_sign($signed_text,$r[0]['prvkey'],'sha256'));
}
if(! isset($authorsig))
$authorsig = '';
q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
intval($like_item['id']),
dbesc($signed_text),
dbesc($authorsig),
dbesc($diaspora_handle)
);
}
return;
}
function store_diaspora_like_sig($activity, $post_type, $contact, $post_id) {
// Note that we can only create a signature for a user of the local server. We don't have
// a key for remote users. That is ok, because if a remote user is "unlike"ing a post, it


+ 0
- 7
include/notifier.php View File

@ -628,13 +628,6 @@ function notifier_run(&$argv, &$argc){
proc_run('php','include/pubsubpublish.php');
}
// If the item was deleted, clean up the `sign` table
/* if($target_item['deleted']) {
$r = q("DELETE FROM sign where `retract_iid` = %d",
intval($target_item['id'])
);
} */
logger('notifier: calling hooks', LOGGER_DEBUG);
if($normal_mode)


Loading…
Cancel
Save