|
|
@ -1696,245 +1696,9 @@ function tgroup_check($uid,$item) { |
|
|
|
if((! $community_page) && (! $prvgroup)) |
|
|
|
return false; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return true; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function dfrn_deliver($owner,$contact,$atom, $dissolve = false) { |
|
|
|
|
|
|
|
$a = get_app(); |
|
|
|
|
|
|
|
$idtosend = $orig_id = (($contact['dfrn-id']) ? $contact['dfrn-id'] : $contact['issued-id']); |
|
|
|
|
|
|
|
if($contact['duplex'] && $contact['dfrn-id']) |
|
|
|
$idtosend = '0:' . $orig_id; |
|
|
|
if($contact['duplex'] && $contact['issued-id']) |
|
|
|
$idtosend = '1:' . $orig_id; |
|
|
|
|
|
|
|
|
|
|
|
$rino = get_config('system','rino_encrypt'); |
|
|
|
$rino = intval($rino); |
|
|
|
// use RINO1 if mcrypt isn't installed and RINO2 was selected
|
|
|
|
if ($rino==2 and !function_exists('mcrypt_create_iv')) $rino=1; |
|
|
|
|
|
|
|
logger("Local rino version: ". $rino, LOGGER_DEBUG); |
|
|
|
|
|
|
|
$ssl_val = intval(get_config('system','ssl_policy')); |
|
|
|
$ssl_policy = ''; |
|
|
|
|
|
|
|
switch($ssl_val){ |
|
|
|
case SSL_POLICY_FULL: |
|
|
|
$ssl_policy = 'full'; |
|
|
|
break; |
|
|
|
case SSL_POLICY_SELFSIGN: |
|
|
|
$ssl_policy = 'self'; |
|
|
|
break; |
|
|
|
case SSL_POLICY_NONE: |
|
|
|
default: |
|
|
|
$ssl_policy = 'none'; |
|
|
|
break; |
|
|
|
} |
|
|
|
|
|
|
|
$url = $contact['notify'] . '&dfrn_id=' . $idtosend . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . (($rino) ? '&rino='.$rino : ''); |
|
|
|
|
|
|
|
logger('dfrn_deliver: ' . $url); |
|
|
|
|
|
|
|
$xml = fetch_url($url); |
|
|
|
|
|
|
|
$curl_stat = $a->get_curl_code(); |
|
|
|
if(! $curl_stat) |
|
|
|
return(-1); // timed out
|
|
|
|
|
|
|
|
logger('dfrn_deliver: ' . $xml, LOGGER_DATA); |
|
|
|
|
|
|
|
if(! $xml) |
|
|
|
return 3; |
|
|
|
|
|
|
|
if(strpos($xml,'<?xml') === false) { |
|
|
|
logger('dfrn_deliver: no valid XML returned'); |
|
|
|
logger('dfrn_deliver: returned XML: ' . $xml, LOGGER_DATA); |
|
|
|
return 3; |
|
|
|
} |
|
|
|
|
|
|
|
$res = parse_xml_string($xml); |
|
|
|
|
|
|
|
if((intval($res->status) != 0) || (! strlen($res->challenge)) || (! strlen($res->dfrn_id))) |
|
|
|
return (($res->status) ? $res->status : 3); |
|
|
|
|
|
|
|
$postvars = array(); |
|
|
|
$sent_dfrn_id = hex2bin((string) $res->dfrn_id); |
|
|
|
$challenge = hex2bin((string) $res->challenge); |
|
|
|
$perm = (($res->perm) ? $res->perm : null); |
|
|
|
$dfrn_version = (float) (($res->dfrn_version) ? $res->dfrn_version : 2.0); |
|
|
|
$rino_remote_version = intval($res->rino); |
|
|
|
$page = (($owner['page-flags'] == PAGE_COMMUNITY) ? 1 : 0); |
|
|
|
|
|
|
|
logger("Remote rino version: ".$rino_remote_version." for ".$contact["url"], LOGGER_DEBUG); |
|
|
|
|
|
|
|
if($owner['page-flags'] == PAGE_PRVGROUP) |
|
|
|
$page = 2; |
|
|
|
|
|
|
|
$final_dfrn_id = ''; |
|
|
|
|
|
|
|
if($perm) { |
|
|
|
if((($perm == 'rw') && (! intval($contact['writable']))) |
|
|
|
|| (($perm == 'r') && (intval($contact['writable'])))) { |
|
|
|
q("update contact set writable = %d where id = %d", |
|
|
|
intval(($perm == 'rw') ? 1 : 0), |
|
|
|
intval($contact['id']) |
|
|
|
); |
|
|
|
$contact['writable'] = (string) 1 - intval($contact['writable']); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
if(($contact['duplex'] && strlen($contact['pubkey'])) |
|
|
|
|| ($owner['page-flags'] == PAGE_COMMUNITY && strlen($contact['pubkey'])) |
|
|
|
|| ($contact['rel'] == CONTACT_IS_SHARING && strlen($contact['pubkey']))) { |
|
|
|
openssl_public_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['pubkey']); |
|
|
|
openssl_public_decrypt($challenge,$postvars['challenge'],$contact['pubkey']); |
|
|
|
} |
|
|
|
else { |
|
|
|
openssl_private_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['prvkey']); |
|
|
|
openssl_private_decrypt($challenge,$postvars['challenge'],$contact['prvkey']); |
|
|
|
} |
|
|
|
|
|
|
|
$final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.')); |
|
|
|
|
|
|
|
if(strpos($final_dfrn_id,':') == 1) |
|
|
|
$final_dfrn_id = substr($final_dfrn_id,2); |
|
|
|
|
|
|
|
if($final_dfrn_id != $orig_id) { |
|
|
|
logger('dfrn_deliver: wrong dfrn_id.'); |
|
|
|
// did not decode properly - cannot trust this site
|
|
|
|
return 3; |
|
|
|
} |
|
|
|
|
|
|
|
$postvars['dfrn_id'] = $idtosend; |
|
|
|
$postvars['dfrn_version'] = DFRN_PROTOCOL_VERSION; |
|
|
|
if($dissolve) |
|
|
|
$postvars['dissolve'] = '1'; |
|
|
|
|
|
|
|
|
|
|
|
if((($contact['rel']) && ($contact['rel'] != CONTACT_IS_SHARING) && (! $contact['blocked'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) { |
|
|
|
$postvars['data'] = $atom; |
|
|
|
$postvars['perm'] = 'rw'; |
|
|
|
} |
|
|
|
else { |
|
|
|
$postvars['data'] = str_replace('<dfrn:comment-allow>1','<dfrn:comment-allow>0',$atom); |
|
|
|
$postvars['perm'] = 'r'; |
|
|
|
} |
|
|
|
|
|
|
|
$postvars['ssl_policy'] = $ssl_policy; |
|
|
|
|
|
|
|
if($page) |
|
|
|
$postvars['page'] = $page; |
|
|
|
|
|
|
|
|
|
|
|
if($rino>0 && $rino_remote_version>0 && (! $dissolve)) { |
|
|
|
logger('rino version: '. $rino_remote_version); |
|
|
|
|
|
|
|
switch($rino_remote_version) { |
|
|
|
case 1: |
|
|
|
// Deprecated rino version!
|
|
|
|
$key = substr(random_string(),0,16); |
|
|
|
$data = aes_encrypt($postvars['data'],$key); |
|
|
|
break; |
|
|
|
case 2: |
|
|
|
// RINO 2 based on php-encryption
|
|
|
|
try { |
|
|
|
$key = Crypto::createNewRandomKey(); |
|
|
|
} catch (CryptoTestFailed $ex) { |
|
|
|
logger('Cannot safely create a key'); |
|
|
|
return -1; |
|
|
|
} catch (CannotPerformOperation $ex) { |
|
|
|
logger('Cannot safely create a key'); |
|
|
|
return -1; |
|
|
|
} |
|
|
|
try { |
|
|
|
$data = Crypto::encrypt($postvars['data'], $key); |
|
|
|
} catch (CryptoTestFailed $ex) { |
|
|
|
logger('Cannot safely perform encryption'); |
|
|
|
return -1; |
|
|
|
} catch (CannotPerformOperation $ex) { |
|
|
|
logger('Cannot safely perform encryption'); |
|
|
|
return -1; |
|
|
|
} |
|
|
|
break; |
|
|
|
default: |
|
|
|
logger("rino: invalid requested verision '$rino_remote_version'"); |
|
|
|
return -1; |
|
|
|
} |
|
|
|
|
|
|
|
$postvars['rino'] = $rino_remote_version; |
|
|
|
$postvars['data'] = bin2hex($data); |
|
|
|
|
|
|
|
#logger('rino: sent key = ' . $key, LOGGER_DEBUG);
|
|
|
|
|
|
|
|
|
|
|
|
if($dfrn_version >= 2.1) { |
|
|
|
if(($contact['duplex'] && strlen($contact['pubkey'])) |
|
|
|
|| ($owner['page-flags'] == PAGE_COMMUNITY && strlen($contact['pubkey'])) |
|
|
|
|| ($contact['rel'] == CONTACT_IS_SHARING && strlen($contact['pubkey']))) { |
|
|
|
|
|
|
|
openssl_public_encrypt($key,$postvars['key'],$contact['pubkey']); |
|
|
|
} |
|
|
|
else { |
|
|
|
openssl_private_encrypt($key,$postvars['key'],$contact['prvkey']); |
|
|
|
} |
|
|
|
} |
|
|
|
else { |
|
|
|
if(($contact['duplex'] && strlen($contact['prvkey'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) { |
|
|
|
openssl_private_encrypt($key,$postvars['key'],$contact['prvkey']); |
|
|
|
} |
|
|
|
else { |
|
|
|
openssl_public_encrypt($key,$postvars['key'],$contact['pubkey']); |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
logger('md5 rawkey ' . md5($postvars['key'])); |
|
|
|
|
|
|
|
$postvars['key'] = bin2hex($postvars['key']); |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
logger('dfrn_deliver: ' . "SENDING: " . print_r($postvars,true), LOGGER_DATA); |
|
|
|
|
|
|
|
$xml = post_url($contact['notify'],$postvars); |
|
|
|
|
|
|
|
logger('dfrn_deliver: ' . "RECEIVED: " . $xml, LOGGER_DATA); |
|
|
|
|
|
|
|
$curl_stat = $a->get_curl_code(); |
|
|
|
if((! $curl_stat) || (! strlen($xml))) |
|
|
|
return(-1); // timed out
|
|
|
|
|
|
|
|
if(($curl_stat == 503) && (stristr($a->get_curl_headers(),'retry-after'))) |
|
|
|
return(-1); |
|
|
|
|
|
|
|
if(strpos($xml,'<?xml') === false) { |
|
|
|
logger('dfrn_deliver: phase 2: no valid XML returned'); |
|
|
|
logger('dfrn_deliver: phase 2: returned XML: ' . $xml, LOGGER_DATA); |
|
|
|
return 3; |
|
|
|
} |
|
|
|
|
|
|
|
if($contact['term-date'] != '0000-00-00 00:00:00') { |
|
|
|
logger("dfrn_deliver: $url back from the dead - removing mark for death"); |
|
|
|
require_once('include/Contact.php'); |
|
|
|
unmark_for_death($contact); |
|
|
|
} |
|
|
|
|
|
|
|
$res = parse_xml_string($xml); |
|
|
|
|
|
|
|
return $res->status; |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
/* |
|
|
|
This function returns true if $update has an edited timestamp newer |
|
|
|
than $existing, i.e. $update contains new data which should override |
|
|
|