Implement relaying of relayable_retractions

Also: some whitespace cleanup, fix Diaspora parent DB query
This commit is contained in:
Zach Prezkuta 2012-05-31 19:40:12 -06:00
parent 1fe1ac022f
commit c0af6dbb1a
8 changed files with 194 additions and 43 deletions

View File

@ -509,7 +509,7 @@ function delivery_run($argv, $argc){
// unsupported // unsupported
break; break;
} }
elseif(($target_item['deleted']) && ($target_item['verb'] !== ACTIVITY_LIKE)) { elseif(($target_item['deleted']) && ($top_level) && ($target_item['verb'] !== ACTIVITY_LIKE)) {
logger('delivery: diaspora retract: ' . $loc); logger('delivery: diaspora retract: ' . $loc);
// diaspora delete, // diaspora delete,
diaspora_send_retraction($target_item,$owner,$contact,$public_message); diaspora_send_retraction($target_item,$owner,$contact,$public_message);
@ -519,7 +519,7 @@ function delivery_run($argv, $argc){
logger('delivery: diaspora relay: ' . $loc); logger('delivery: diaspora relay: ' . $loc);
// we are the relay - send comments, likes and unlikes to our conversants // we are the relay - send comments, likes, unlikes and relayable_retractions to our conversants
diaspora_send_relay($target_item,$owner,$contact,$public_message); diaspora_send_relay($target_item,$owner,$contact,$public_message);
break; break;
} }

View File

@ -680,7 +680,7 @@ function diaspora_post($importer,$xml) {
return; return;
} }
// allocate a guid on our system - we aren't fixing any collisions. // allocate a guid on our system - we aren't fixing any collisions.
// we're ignoring them // we're ignoring them
$g = q("select * from guid where guid = '%s' limit 1", $g = q("select * from guid where guid = '%s' limit 1",
@ -847,7 +847,7 @@ function diaspora_reshare($importer,$xml) {
$prefix = '♲ ' . $details . "\n"; $prefix = '♲ ' . $details . "\n";
// allocate a guid on our system - we aren't fixing any collisions. // allocate a guid on our system - we aren't fixing any collisions.
// we're ignoring them // we're ignoring them
$g = q("select * from guid where guid = '%s' limit 1", $g = q("select * from guid where guid = '%s' limit 1",
@ -951,7 +951,7 @@ function diaspora_asphoto($importer,$xml) {
return; return;
} }
// allocate a guid on our system - we aren't fixing any collisions. // allocate a guid on our system - we aren't fixing any collisions.
// we're ignoring them // we're ignoring them
$g = q("select * from guid where guid = '%s' limit 1", $g = q("select * from guid where guid = '%s' limit 1",
@ -1168,7 +1168,22 @@ function diaspora_comment($importer,$xml,$msg) {
); );
} }
if(($parent_item['origin']) && (! $parent_author_signature)) { if(($parent_item['origin']) && (! $parent_author_signature)) { if(($parent_item['origin']) && (! $parent_author_signature)) {
q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
intval($message_id),
dbesc($author_signed_data),
dbesc(base64_encode($author_signature)),
dbesc($diaspora_handle)
);
// if the message isn't already being relayed, notify others
// the existence of parent_author_signature means the parent_author or owner
// is already relaying.
proc_run('php','include/notifier.php','comment',$message_id);
}
q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
intval($message_id), intval($message_id),
dbesc($author_signed_data), dbesc($author_signed_data),
@ -1797,7 +1812,7 @@ function diaspora_signed_retraction($importer,$xml,$msg) {
$signed_data = $guid . ';' . $type ; $signed_data = $guid . ';' . $type ;
$sig = base64_decode($sig); $sig_decode = base64_decode($sig);
if(strcasecmp($diaspora_handle,$msg['author']) == 0) { if(strcasecmp($diaspora_handle,$msg['author']) == 0) {
$person = $contact; $person = $contact;
@ -1814,22 +1829,21 @@ function diaspora_signed_retraction($importer,$xml,$msg) {
} }
} }
if(! rsa_verify($signed_data,$sig,$key,'sha256')) { if(! rsa_verify($signed_data,$sig_decode,$key,'sha256')) {
logger('diaspora_signed_retraction: retraction-owner verification failed.' . print_r($msg,true)); logger('diaspora_signed_retraction: retraction-owner verification failed.' . print_r($msg,true));
return; return;
} }
if($parent_author_signature) { if($parent_author_signature) {
$owner_signed_data = $guid . ';' . $type ;
$parent_author_signature = base64_decode($parent_author_signature); $parent_author_signature = base64_decode($parent_author_signature);
$key = $msg['key']; $key = $msg['key'];
if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha256')) { if(! rsa_verify($signed_data,$parent_author_signature,$key,'sha256')) {
logger('diaspora_signed_retraction: failed to verify person relaying the retraction (e.g. owner of a post relaying a retracted comment'); logger('diaspora_signed_retraction: failed to verify person relaying the retraction (e.g. owner of a post relaying a retracted comment');
return; return;
} }
} }
if($type === 'StatusMessage' || $type === 'Comment') { if($type === 'StatusMessage' || $type === 'Comment') {
@ -1839,10 +1853,36 @@ function diaspora_signed_retraction($importer,$xml,$msg) {
); );
if(count($r)) { if(count($r)) {
if(link_compare($r[0]['author-link'],$contact['url'])) { if(link_compare($r[0]['author-link'],$contact['url'])) {
q("update item set `deleted` = 1, `changed` = '%s' where `id` = %d limit 1", q("update item set `deleted` = 1, `edited` = '%s', `changed` = '%s', `body` = '' , `title` = '' where `id` = %d limit 1",
dbesc(datetime_convert()), dbesc(datetime_convert()),
intval($r[0]['id']) intval($r[0]['id'])
); );
// Now check if the retraction needs to be relayed by us
//
// The first item in the `item` table with the parent id is the parent. However, MySQL doesn't always
// return the items ordered by `item`.`id`, in which case the wrong item is chosen as the parent.
// The only item with `parent` and `id` as the parent id is the parent item.
$p = q("select origin from item where parent = %d and id = %d limit 1",
$r[0]['parent'],
$r[0]['parent']
);
if(count($p)) {
if(($p[0]['origin']) && (! $parent_author_signature)) {
q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
$r[0]['id'],
dbesc($signed_data),
dbesc($sig),
dbesc($diaspora_handle)
);
// the existence of parent_author_signature would have meant the parent_author or owner
// is already relaying.
logger('diaspora_signed_retraction: relaying relayable_retraction');
proc_run('php','include/notifier.php','relayable_retraction',$r[0]['id']);
}
}
} }
} }
} }
@ -2136,10 +2176,28 @@ function diaspora_send_followup($item,$owner,$contact,$public_batch = false) {
function diaspora_send_relay($item,$owner,$contact,$public_batch = false) { function diaspora_send_relay($item,$owner,$contact,$public_batch = false) {
// I think the first comment or like on a post whose home is our Friendica server is saved as an item
// as the top-level post owner's contact for writer of the comment or post. Thus, the "uid"
// on the item is `user`.`id` of the top-level post owner. That user is passed to this function
// as "$owner."
//
// I'm assuming for now that "$owner" will be the user of the top-level post for retractions too. Be
// aware that another reasonable possibility is that it's the "$owner" of the deleted comment.
// TODO
// CHECK 1. If we receive a retraction from Diaspora to be relayed by us, we need to insert the signature
// into the DB and call notifier.php
// CHECK 2. diaspora_send_retraction() needs to be modified to send
// Diaspora a retraction for it to relay when appropriate
// CHECK 3. notifier.php (and delivery.php?) need to be modified to call the right functions for the right
// retraction situation
// 4. If possible, modify notifier.php (and delivery.php?) to remove the relayable retraction's signature
// from the DB after finishing with relaying retractions
$a = get_app(); $a = get_app();
$myaddr = $owner['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3); $myaddr = $owner['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
$theiraddr = $contact['addr']; $theiraddr = $contact['addr'];
@ -2155,29 +2213,42 @@ function diaspora_send_relay($item,$owner,$contact,$public_batch = false) {
else else
return; return;
$like = false;
$relay_retract = false;
$sql_sign_id = 'iid';
if($item['verb'] === ACTIVITY_LIKE) { if($item['verb'] === ACTIVITY_LIKE) {
$tpl = get_markup_template('diaspora_like_relay.tpl'); $tpl = get_markup_template('diaspora_like_relay.tpl');
$like = true; $like = true;
$target_type = 'Post'; $target_type = 'Post';
$positive = (($item['deleted']) ? 'false' : 'true'); $positive = (($item['deleted']) ? 'false' : 'true');
} }
else { elseif(! $item['deleted']) {
$tpl = get_markup_template('diaspora_comment_relay.tpl'); $tpl = get_markup_template('diaspora_comment_relay.tpl');
$like = false; }
else {
$tpl = get_markup_template('diaspora_relayable_retraction.tpl');
$relay_retract = true;
$sql_sign_id = 'retract_iid';
$target_type = 'Comment';
} }
$body = $item['body']; $body = $item['body'];
$text = html_entity_decode(bb2diaspora($body)); $text = html_entity_decode(bb2diaspora($body));
// fetch the original signature if somebody sent the post to us to relay // fetch the original signature if somebody sent the post to us to relay
//
// If we are relaying for a reply originating on our own account, there wasn't a 'send to relay' // If we are relaying for a reply originating on our own account, there wasn't a 'send to relay'
// action. It wasn't needed. In that case create the original signature and the // action. It wasn't needed. In that case create the original signature and the
// owner (parent author) signature // owner (parent author) signature
// Note that mod/item.php seems to take care of creating a signature for Diaspora for replies
// created on our own account
//
// comments from other networks will be relayed under our name, with a brief // comments from other networks will be relayed under our name, with a brief
// preamble to describe what's happening and noting the real author // preamble to describe what's happening and noting the real author
$r = q("select * from sign where iid = %d limit 1", $r = q("select * from sign where " . $sql_sign_id . " = %d limit 1",
intval($item['id']) intval($item['id'])
); );
if(count($r)) { if(count($r)) {
@ -2196,29 +2267,39 @@ function diaspora_send_relay($item,$owner,$contact,$public_batch = false) {
$prefix = sprintf( t('[Relayed] Comment authored by %s from network %s'), $prefix = sprintf( t('[Relayed] Comment authored by %s from network %s'),
'['. $item['author-name'] . ']' . '(' . $item['author-link'] . ')', '['. $item['author-name'] . ']' . '(' . $item['author-link'] . ')',
network_to_name($itemcontact['network'])) . "\n"; network_to_name($itemcontact['network'])) . "\n";
// "$body" was assigned to "$text" above. It isn't used after that, so I don't think
// the following change will do anything
$body = $prefix . $body; $body = $prefix . $body;
// I think this comment will fail upon reaching Diaspora, because "$signed_text" is not defined
} }
} }
else { else {
// I'm confused about this "else." Since it sets "$handle = $myaddr," it seems like it should be for the case
// where the top-level post owner commented on his own post, i.e. "$itemcontact[0]['self']" is true. But it's
// positioned to be for the case where "count($itemcontact)" is 0.
$handle = $myaddr;
if($like) if($like)
$signed_text = $item['guid'] . ';' . $target_type . ';' . $parent_guid . ';' . $positive . ';' . $myaddr; $signed_text = $item['guid'] . ';' . $target_type . ';' . $parent_guid . ';' . $positive . ';' . $handle;
elseif($relay_retract)
$signed_text = $item['guid'] . ';' . $target_type;
else else
$signed_text = $item['guid'] . ';' . $parent_guid . ';' . $text . ';' . $myaddr; $signed_text = $item['guid'] . ';' . $parent_guid . ';' . $text . ';' . $handle;
$authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256')); $authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256'));
q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", q("insert into sign (`" . $sql_sign_id . "`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
intval($item['id']), intval($item['id']),
dbesc($signed_text), dbesc($signed_text),
dbesc(base64_encode($authorsig)), dbesc($authorsig),
dbesc($myaddr) dbesc($handle)
); );
$handle = $myaddr;
} }
} }
// sign it // sign it with the top-level owner's signature
$parentauthorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256')); $parentauthorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256'));
@ -2226,14 +2307,15 @@ function diaspora_send_relay($item,$owner,$contact,$public_batch = false) {
'$guid' => xmlify($item['guid']), '$guid' => xmlify($item['guid']),
'$parent_guid' => xmlify($parent_guid), '$parent_guid' => xmlify($parent_guid),
'$target_type' =>xmlify($target_type), '$target_type' =>xmlify($target_type),
'$authorsig' => xmlify($orig_sign['signature']), '$authorsig' => xmlify($authorsig),
'$parentsig' => xmlify($parentauthorsig), '$parentsig' => xmlify($parentauthorsig),
'$body' => xmlify($text), '$body' => xmlify($text),
'$positive' => xmlify($positive), '$positive' => xmlify($positive),
'$handle' => xmlify($handle) '$handle' => xmlify($handle)
)); ));
logger('diaspora_relay_comment: base message: ' . $msg, LOGGER_DATA); logger('diaspora_send_relay: base message: ' . $msg, LOGGER_DATA);
$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'],$public_batch))); $slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'],$public_batch)));
@ -2248,14 +2330,25 @@ function diaspora_send_retraction($item,$owner,$contact,$public_batch = false) {
$a = get_app(); $a = get_app();
$myaddr = $owner['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3); $myaddr = $owner['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
$signed_text = $item['guid'] . ';' . 'StatusMessage'; // Check if the retraction is for a top-level post, or whether it's for a comment
if( $item['id'] !== $item['parent'] ) {
$tpl = get_markup_template('diaspora_relay_retraction.tpl');
$target_type = 'Comment';
}
else {
$tpl = get_markup_template('diaspora_signed_retract.tpl');
$target_type = 'StatusMessage';
}
$signed_text = $item['guid'] . ';' . $target_type;
$tpl = get_markup_template('diaspora_signed_retract.tpl');
$msg = replace_macros($tpl, array( $msg = replace_macros($tpl, array(
'$guid' => $item['guid'], '$guid' => xmlify($item['guid']),
'$type' => 'StatusMessage', '$type' => xmlify($target_type),
'$handle' => $myaddr, '$handle' => xmlify($myaddr),
'$signature' => base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256')) '$signature' => xmlify(base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256')))
)); ));
$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'],$public_batch))); $slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'],$public_batch)));

View File

@ -3279,6 +3279,35 @@ function drop_item($id,$interactive = true) {
intval($r[0]['id']) intval($r[0]['id'])
); );
} }
// Add a relayable_retraction signature for Diaspora. Note that we can't add a target_author_signature
// if the comment was deleted by a remote user. That should be ok, because if a remote user is deleting
// the comment, that means we're the home of the post, and Diaspora will only
// check the parent_author_signature of retractions that it doesn't have to relay further
if( strcmp($item['type'], 'activity') != 0) {
$signed_text = $item['guid'] . ';' . 'Comment';
if(local_user() == $item['uid']) {
$handle = $a->user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
$authorsig = base64_encode(rsa_sign($signed_text,$a->user['prvkey'],'sha256'));
}
else {
$r = q("SELECT `nick`, `url` FROM `contact` WHERE `id` = '%d' LIMIT 1",
$item['contact-id']
);
if(count($r))
$handle = $r['nick'] . '@' . substr($r['url'], strpos($r['url'],'://') + 3, strpos($r['url'],'/profile') - 1);
}
if(isset($handle)
q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
intval($item['id']),
dbesc($signed_text),
dbesc($authorsig),
dbesc($handle)
);
}
} }
$drop_id = intval($item['id']); $drop_id = intval($item['id']);

View File

@ -597,7 +597,7 @@ function notifier_run($argv, $argc){
break; break;
case NETWORK_OSTATUS: case NETWORK_OSTATUS:
// Do not send to otatus if we are not configured to send to public networks // Do not send to ostatus if we are not configured to send to public networks
if($owner['prvnets']) if($owner['prvnets'])
break; break;
if(get_config('system','ostatus_disabled') || get_config('system','dfrn_only')) if(get_config('system','ostatus_disabled') || get_config('system','dfrn_only'))
@ -738,8 +738,8 @@ function notifier_run($argv, $argc){
// unsupported // unsupported
break; break;
} }
elseif(($target_item['deleted']) && ($target_item['verb'] !== ACTIVITY_LIKE)) { elseif(($target_item['deleted']) && ($top_level || $followup) && ($target_item['verb'] !== ACTIVITY_LIKE)) {
// diaspora delete, // diaspora delete, including relayable_retractions that need to be relayed
diaspora_send_retraction($target_item,$owner,$contact); diaspora_send_retraction($target_item,$owner,$contact);
break; break;
} }
@ -749,7 +749,7 @@ function notifier_run($argv, $argc){
break; break;
} }
elseif($target_item['parent'] != $target_item['id']) { elseif($target_item['parent'] != $target_item['id']) {
// we are the relay - send comments, likes and unlikes to our conversants // we are the relay - send comments, likes, unlikes and relayable_retractions to our conversants
diaspora_send_relay($target_item,$owner,$contact); diaspora_send_relay($target_item,$owner,$contact);
break; break;
} }
@ -859,6 +859,13 @@ function notifier_run($argv, $argc){
} }
// If the item was deleted, clean up the `sign` table
if($target_item['deleted']) {
$r = q("DELETE FROM sign where `retract_iid` = %d",
intval($target_item['id'])
);
}
logger('notifier: calling hooks', LOGGER_DEBUG); logger('notifier: calling hooks', LOGGER_DEBUG);
if($normal_mode) if($normal_mode)

View File

@ -737,16 +737,16 @@ function item_post(&$a) {
if($datarray['verb'] === ACTIVITY_LIKE) if($datarray['verb'] === ACTIVITY_LIKE)
$signed_text = $datarray['guid'] . ';' . 'Post' . ';' . $parent_item['guid'] . ';' . 'true' . ';' . $myaddr; $signed_text = $datarray['guid'] . ';' . 'Post' . ';' . $parent_item['guid'] . ';' . 'true' . ';' . $myaddr;
else else
$signed_text = $datarray['guid'] . ';' . $parent_item['guid'] . ';' . $signed_body . ';' . $myaddr; $signed_text = $datarray['guid'] . ';' . $parent_item['guid'] . ';' . $signed_body . ';' . $myaddr;
$authorsig = base64_encode(rsa_sign($signed_text,$a->user['prvkey'],'sha256')); $authorsig = base64_encode(rsa_sign($signed_text,$a->user['prvkey'],'sha256'));
q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
intval($post_id), intval($post_id),
dbesc($signed_text), dbesc($signed_text),
dbesc(base64_encode($authorsig)), dbesc(base64_encode($authorsig)),
dbesc($myaddr) dbesc($myaddr)
); );
} }
} }
else { else {

View File

@ -1274,4 +1274,5 @@ function update_1146() {
return UPDATE_SUCCESS ; return UPDATE_SUCCESS ;
} }
//ALTER TABLE `sign` MODIFY column int Default '10';

View File

@ -0,0 +1,10 @@
<XML>
<post>
<relayable_retraction>
<target_type>$type</target_type>
<target_guid>$guid</target_guid>
<target_author_signature>$signature</target_author_signature>
<sender_handle>$handle</sender_handle>
</relayable_retraction>
</post>
</XML>

View File

@ -0,0 +1,11 @@
<XML>
<post>
<relayable_retraction>
<target_type>$target_type</target_type>
<target_guid>$guid</target_guid>
<parent_author_signature>$parentauthorsig</parent_author_signature>
<target_author_signature>$authorsig</target_author_signature>
<sender_handle>$handle</sender_handle>
</relayable_retraction>
</post>
</XML>