forked from friendica/friendica-addons
bug fixes and improvements
This commit is contained in:
parent
05c8b71d13
commit
af99d51a7c
|
@ -10,6 +10,9 @@ address of a BOSH proxy that works with your account.
|
||||||
The addon has an experimental autosubscribe and autosuggest functionality which tries
|
The addon has an experimental autosubscribe and autosuggest functionality which tries
|
||||||
to add your Friendica contacts to your roster automatically.
|
to add your Friendica contacts to your roster automatically.
|
||||||
|
|
||||||
|
Limitations:
|
||||||
|
- can only handle Jabber passwords that are at most 39 characters long
|
||||||
|
|
||||||
Installation
|
Installation
|
||||||
------------
|
------------
|
||||||
|
|
||||||
|
|
|
@ -23,7 +23,8 @@ and not to the server (at least as soon as the user is logged in). It can be sto
|
||||||
This encryption key could be the friendica password, but then this password would be stored in the browser in cleartext.
|
This encryption key could be the friendica password, but then this password would be stored in the browser in cleartext.
|
||||||
It is better to use a hash of the password.
|
It is better to use a hash of the password.
|
||||||
The server should not be able to reconstruct the password, so we can't take the same hash the server stores. But we can
|
The server should not be able to reconstruct the password, so we can't take the same hash the server stores. But we can
|
||||||
use hash("some_prefix"+password). This will however not work with OpenID logins.
|
use hash("some_prefix"+password). This will however not work with OpenID logins, for this type of login the password must
|
||||||
|
be queried manually.
|
||||||
|
|
||||||
Problem:
|
Problem:
|
||||||
How to discover the jabber addresses of the friendica contacts?
|
How to discover the jabber addresses of the friendica contacts?
|
||||||
|
@ -37,17 +38,23 @@ We do not want to make the jabber address public.
|
||||||
|
|
||||||
Solution:
|
Solution:
|
||||||
When two friendica users connect using DFRN, the relation gets a DFRN ID and a keypair is generated.
|
When two friendica users connect using DFRN, the relation gets a DFRN ID and a keypair is generated.
|
||||||
Using this keypair, we can provide the jabber address only to contacs:
|
Using this keypair, we can provide the jabber address only to contacts:
|
||||||
|
|
||||||
Case 1: Alice has prvkey, Bob has pubkey.
|
Alice:
|
||||||
Alice encrypts request
|
signed_address = openssl_*_encrypt(alice_jabber_address)
|
||||||
Bob decrypts the request, send jabber address unencrypted
|
send signed_address to Bob, who does
|
||||||
Alice reads address
|
trusted_address = openssl_*_decrypt(signed_address)
|
||||||
|
save trusted_address
|
||||||
|
encrypted_address = openssl_*_encrypt(bob_jabber_address)
|
||||||
|
reply with encrypted_address to Alice, who does
|
||||||
|
decrypted_address = openssl_*_decrypt(encrypted_address)
|
||||||
|
save decrypted_address
|
||||||
|
|
||||||
Case 2: Alice has prvkey, Bob has pubkey
|
Interface for this:
|
||||||
Alice send request
|
GET /jappixmini/?role=%s&signed_address=%s&dfrn_id=%s
|
||||||
Bob encrypts jabber address
|
|
||||||
Alice decrypts jabber address
|
Response:
|
||||||
|
json({"status":"ok", "encrypted_address":"%s"})
|
||||||
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
@ -78,6 +85,8 @@ unregister_hook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_dow
|
||||||
}
|
}
|
||||||
|
|
||||||
function jappixmini_plugin_admin(&$a, &$o) {
|
function jappixmini_plugin_admin(&$a, &$o) {
|
||||||
|
// display instructions and warnings on addon settings page for admin
|
||||||
|
|
||||||
if (!file_exists("addon/jappixmini/jappix")) {
|
if (!file_exists("addon/jappixmini/jappix")) {
|
||||||
$o .= '<p><strong>You need to install the Jappix application, adapted for Friendica (see README).</strong></p>';
|
$o .= '<p><strong>You need to install the Jappix application, adapted for Friendica (see README).</strong></p>';
|
||||||
}
|
}
|
||||||
|
@ -91,81 +100,80 @@ function jappixmini_plugin_admin_post(&$a) {
|
||||||
|
|
||||||
function jappixmini_module() {}
|
function jappixmini_module() {}
|
||||||
function jappixmini_init(&$a) {
|
function jappixmini_init(&$a) {
|
||||||
// Here, other friendica sites can fetch the jabber address of local users.
|
// module page where other Friendica sites can submit Jabber addresses to and also can query Jabber addresses
|
||||||
// Because we do not want to publish the addresses publicly, they are encrypted so
|
// of local users
|
||||||
// that only contacts can read it.
|
|
||||||
$encrypt_for = $_REQUEST["encrypt_for"];
|
$dfrn_id = $_REQUEST["dfrn_id"];
|
||||||
if ($encrypt_for) {
|
if (!$dfrn_id) killme();
|
||||||
$r = q("SELECT * FROM `contact` WHERE LENGTH(`pubkey`) AND `dfrn-id` = '%s' LIMIT 1",
|
|
||||||
dbesc($encrypt_for)
|
$role = $_REQUEST["role"];
|
||||||
|
if ($role=="pub") {
|
||||||
|
$r = q("SELECT * FROM `contact` WHERE LENGTH(`pubkey`) AND `dfrn-id`='%s' LIMIT 1",
|
||||||
|
dbesc($dfrn_id)
|
||||||
);
|
);
|
||||||
if (!count($r)) killme();
|
if (!count($r)) killme();
|
||||||
|
|
||||||
// get public key to encrypt address
|
$encrypt_func = openssl_public_encrypt;
|
||||||
$pubkey = $r[0]['pubkey'];
|
$decrypt_func = openssl_public_decrypt;
|
||||||
|
$key = $r[0]["pubkey"];
|
||||||
|
} else if ($role=="prv") {
|
||||||
|
$r = q("SELECT * FROM `contact` WHERE LENGTH(`prvkey`) AND `issued-id`='%s' LIMIT 1",
|
||||||
|
dbesc($dfrn_id)
|
||||||
|
);
|
||||||
|
if (!count($r)) killme();
|
||||||
|
|
||||||
// get jabber address
|
$encrypt_func = openssl_private_encrypt;
|
||||||
$uid = $r[0]['uid'];
|
$decrypt_func = openssl_private_decrypt;
|
||||||
$username = get_pconfig($uid, 'jappixmini', 'username');
|
$key = $r[0]["prvkey"];
|
||||||
if (!$username) killme();
|
} else {
|
||||||
$server = get_pconfig($uid, 'jappixmini', 'server');
|
|
||||||
if (!$server) killme();
|
|
||||||
|
|
||||||
$address = $username."@".$server;
|
|
||||||
|
|
||||||
// encrypt address
|
|
||||||
$encrypted = "";
|
|
||||||
openssl_public_encrypt($address,$encrypted,$pubkey);
|
|
||||||
|
|
||||||
// calculate hex representation of encrypted address
|
|
||||||
$hex = bin2hex($encrypted);
|
|
||||||
|
|
||||||
// construct answer
|
|
||||||
$answer = Array("status"=>"ok", "encrypted_address"=>$hex);
|
|
||||||
|
|
||||||
// return answer as json
|
|
||||||
echo json_encode($answer);
|
|
||||||
killme();
|
killme();
|
||||||
}
|
}
|
||||||
|
|
||||||
// If we have only a private key, other site sends encrypted request, we answer unencrypted.
|
$uid = $r[0]["uid"];
|
||||||
$encrypted_for = $_REQUEST["encrypted_for"];
|
|
||||||
if (!$encrypted_for) killme();
|
|
||||||
|
|
||||||
$encrypted_request_hex = $_REQUEST["encrypted_request"];
|
// save the Jabber address we received
|
||||||
if (!$encrypted_request_hex) killme();
|
try {
|
||||||
$encrypted_request = hex2bin($encrypted_request_hex);
|
$signed_address_hex = $_REQUEST["signed_address"];
|
||||||
|
$signed_address = hex2bin($signed_address_hex);
|
||||||
|
|
||||||
$r = q("SELECT * FROM `contact` WHERE LENGTH(`prvkey`) AND `issued-id` = '%s' LIMIT 1",
|
$trusted_address = "";
|
||||||
dbesc($encrypted_for)
|
$decrypt_func($signed_address, $trusted_address, $key);
|
||||||
);
|
|
||||||
if (!count($r)) killme();
|
|
||||||
|
|
||||||
// decrypt request, validate it
|
$now = intval(time());
|
||||||
$prvkey = $r[0]['prvkey'];
|
set_pconfig($uid, "jappixmini", "id:$dfrn_id", "$now:$trusted_address");
|
||||||
$decrypted_request = "";
|
} catch (Exception $e) {
|
||||||
openssl_private_decrypt($encrypted_request, $decrypted_request, $prvkey);
|
}
|
||||||
|
|
||||||
if ($decrypted_request!=$encrypted_for) killme();
|
// return the requested Jabber address
|
||||||
|
try {
|
||||||
|
$username = get_pconfig($uid, 'jappixmini', 'username');
|
||||||
|
$server = get_pconfig($uid, 'jappixmini', 'server');
|
||||||
|
$address = "$username@$server";
|
||||||
|
|
||||||
// get jabber address
|
$encrypted_address = "";
|
||||||
$uid = $r[0]['uid'];
|
$encrypt_func($address, $encrypted_address, $key);
|
||||||
$username = get_pconfig($uid, 'jappixmini', 'username');
|
|
||||||
if (!$username) killme();
|
|
||||||
$server = get_pconfig($uid, 'jappixmini', 'server');
|
|
||||||
if (!$server) killme();
|
|
||||||
|
|
||||||
$address = $username."@".$server;
|
$encrypted_address_hex = bin2hex($encrypted_address);
|
||||||
|
|
||||||
// construct answer
|
$answer = Array(
|
||||||
$answer = Array("status"=>"ok", "address"=>$address);
|
"status"=>"ok",
|
||||||
|
"encrypted_address"=>$encrypted_address_hex
|
||||||
|
);
|
||||||
|
|
||||||
// return answer as json
|
$answer_json = json_encode($answer);
|
||||||
echo json_encode($answer);
|
echo $answer_json;
|
||||||
killme();
|
killme();
|
||||||
|
} catch (Exception $e) {
|
||||||
|
killme();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
function jappixmini_settings(&$a, &$s) {
|
function jappixmini_settings(&$a, &$s) {
|
||||||
|
// addon settings for a user
|
||||||
|
|
||||||
|
$activate = get_pconfig(local_user(),'jappixmini','activate');
|
||||||
|
$activate = intval($activate) ? ' checked="checked"' : '';
|
||||||
|
|
||||||
$username = get_pconfig(local_user(),'jappixmini','username');
|
$username = get_pconfig(local_user(),'jappixmini','username');
|
||||||
$username = htmlentities($username);
|
$username = htmlentities($username);
|
||||||
$server = get_pconfig(local_user(),'jappixmini','server');
|
$server = get_pconfig(local_user(),'jappixmini','server');
|
||||||
|
@ -177,8 +185,6 @@ function jappixmini_settings(&$a, &$s) {
|
||||||
$autosubscribe = intval($autosubscribe) ? ' checked="checked"' : '';
|
$autosubscribe = intval($autosubscribe) ? ' checked="checked"' : '';
|
||||||
$autoapprove = get_pconfig(local_user(),'jappixmini','autoapprove');
|
$autoapprove = get_pconfig(local_user(),'jappixmini','autoapprove');
|
||||||
$autoapprove = intval($autoapprove) ? ' checked="checked"' : '';
|
$autoapprove = intval($autoapprove) ? ' checked="checked"' : '';
|
||||||
$activate = get_pconfig(local_user(),'jappixmini','activate');
|
|
||||||
$activate = intval($activate) ? ' checked="checked"' : '';
|
|
||||||
|
|
||||||
$s .= '<div class="settings-block">';
|
$s .= '<div class="settings-block">';
|
||||||
$s .= '<h3>Jappix Mini addon settings</h3>';
|
$s .= '<h3>Jappix Mini addon settings</h3>';
|
||||||
|
@ -206,7 +212,7 @@ function jappixmini_settings(&$a, &$s) {
|
||||||
$s .= '<label for="jappixmini-autosubscribe">Subscribe to Friendica contacts automatically</label>';
|
$s .= '<label for="jappixmini-autosubscribe">Subscribe to Friendica contacts automatically</label>';
|
||||||
$s .= ' <input id="jappixmini-autosubscribe" type="checkbox" name="jappixmini-autosubscribe" value="1"'.$autosubscribe.' />';
|
$s .= ' <input id="jappixmini-autosubscribe" type="checkbox" name="jappixmini-autosubscribe" value="1"'.$autosubscribe.' />';
|
||||||
$s .= '<br />';
|
$s .= '<br />';
|
||||||
$s .= '<label for="jappixmini-purge">Purge list of jabber addresses of contacts</label>';
|
$s .= '<label for="jappixmini-purge">Purge internal list of jabber addresses of contacts</label>';
|
||||||
$s .= ' <input id="jappixmini-purge" type="checkbox" name="jappixmini-purge" value="1" />';
|
$s .= ' <input id="jappixmini-purge" type="checkbox" name="jappixmini-purge" value="1" />';
|
||||||
$s .= '<br />';
|
$s .= '<br />';
|
||||||
$s .= '<input type="submit" name="jappixmini-submit" value="' . t('Submit') . '" />';
|
$s .= '<input type="submit" name="jappixmini-submit" value="' . t('Submit') . '" />';
|
||||||
|
@ -220,20 +226,32 @@ function jappixmini_settings(&$a, &$s) {
|
||||||
}
|
}
|
||||||
|
|
||||||
function jappixmini_settings_post(&$a,&$b) {
|
function jappixmini_settings_post(&$a,&$b) {
|
||||||
|
// save addon settings for a user
|
||||||
|
|
||||||
if(! local_user()) return;
|
if(! local_user()) return;
|
||||||
|
$uid = local_user();
|
||||||
|
|
||||||
if($_POST['jappixmini-submit']) {
|
if($_POST['jappixmini-submit']) {
|
||||||
set_pconfig(local_user(),'jappixmini','username',trim($b['jappixmini-username']));
|
$purge = intval($b['jappixmini-purge']);
|
||||||
set_pconfig(local_user(),'jappixmini','server',trim($b['jappixmini-server']));
|
|
||||||
set_pconfig(local_user(),'jappixmini','bosh',trim($b['jappixmini-bosh']));
|
$username = trim($b['jappixmini-username']);
|
||||||
set_pconfig(local_user(),'jappixmini','encrypted-password',trim($b['jappixmini-encrypted-password']));
|
$old_username = get_pconfig($uid,'jappixmini','username');
|
||||||
set_pconfig(local_user(),'jappixmini','autosubscribe',intval($b['jappixmini-autosubscribe']));
|
if ($username!=$old_username) $purge = 1;
|
||||||
set_pconfig(local_user(),'jappixmini','autoapprove',intval($b['jappixmini-autoapprove']));
|
|
||||||
set_pconfig(local_user(),'jappixmini','activate',intval($b['jappixmini-activate']));
|
$server = trim($b['jappixmini-server']);
|
||||||
|
$old_server = get_pconfig($uid,'jappixmini','server');
|
||||||
|
if ($server!=$old_server) $purge = 1;
|
||||||
|
|
||||||
|
set_pconfig($uid,'jappixmini','username',$username);
|
||||||
|
set_pconfig($uid,'jappixmini','server',$server);
|
||||||
|
set_pconfig($uid,'jappixmini','bosh',trim($b['jappixmini-bosh']));
|
||||||
|
set_pconfig($uid,'jappixmini','encrypted-password',trim($b['jappixmini-encrypted-password']));
|
||||||
|
set_pconfig($uid,'jappixmini','autosubscribe',intval($b['jappixmini-autosubscribe']));
|
||||||
|
set_pconfig($uid,'jappixmini','autoapprove',intval($b['jappixmini-autoapprove']));
|
||||||
|
set_pconfig($uid,'jappixmini','activate',intval($b['jappixmini-activate']));
|
||||||
info( 'Jappix Mini settings saved.' );
|
info( 'Jappix Mini settings saved.' );
|
||||||
|
|
||||||
if (intval($b['jappixmini-purge'])) {
|
if ($purge) {
|
||||||
$uid = local_user();
|
|
||||||
q("DELETE FROM `pconfig` WHERE `uid`=$uid AND `cat`='jappixmini' and `k` LIKE 'id%%'");
|
q("DELETE FROM `pconfig` WHERE `uid`=$uid AND `cat`='jappixmini' and `k` LIKE 'id%%'");
|
||||||
info( 'List of addresses purged.' );
|
info( 'List of addresses purged.' );
|
||||||
}
|
}
|
||||||
|
@ -241,6 +259,8 @@ function jappixmini_settings_post(&$a,&$b) {
|
||||||
}
|
}
|
||||||
|
|
||||||
function jappixmini_script(&$a,&$s) {
|
function jappixmini_script(&$a,&$s) {
|
||||||
|
// adds the script to the page header which starts Jappix Mini
|
||||||
|
|
||||||
if(! local_user()) return;
|
if(! local_user()) return;
|
||||||
|
|
||||||
$activate = get_pconfig(local_user(),'jappixmini','activate');
|
$activate = get_pconfig(local_user(),'jappixmini','activate');
|
||||||
|
@ -251,6 +271,7 @@ function jappixmini_script(&$a,&$s) {
|
||||||
|
|
||||||
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&f=caps.js"></script>'."\r\n";
|
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&f=caps.js"></script>'."\r\n";
|
||||||
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&f=name.js"></script>'."\r\n";
|
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&f=name.js"></script>'."\r\n";
|
||||||
|
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&f=roster.js"></script>'."\r\n";
|
||||||
|
|
||||||
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/lib.js"></script>'."\r\n";
|
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/lib.js"></script>'."\r\n";
|
||||||
|
|
||||||
|
@ -271,18 +292,35 @@ function jappixmini_script(&$a,&$s) {
|
||||||
// get a list of jabber accounts of the contacts
|
// get a list of jabber accounts of the contacts
|
||||||
$contacts = Array();
|
$contacts = Array();
|
||||||
$uid = local_user();
|
$uid = local_user();
|
||||||
$rows = q("SELECT `v` FROM `pconfig` WHERE `uid`=$uid AND `cat`='jappixmini' and `k` LIKE 'id%%'");
|
$rows = q("SELECT * FROM `pconfig` WHERE `uid`=$uid AND `cat`='jappixmini' and `k` LIKE 'id%%'");
|
||||||
foreach ($rows as $row) {
|
foreach ($rows as $row) {
|
||||||
|
$key = $row['k'];
|
||||||
|
$pos = strpos($key, ":");
|
||||||
|
$dfrn_id = substr($key, $pos+1);
|
||||||
|
$r = q("SELECT `name` FROM `contact` WHERE `uid`=$uid AND `dfrn-id`='%s' OR `issued-id`='%s'",
|
||||||
|
dbesc($dfrn_id),
|
||||||
|
dbesc($dfrn_id)
|
||||||
|
);
|
||||||
|
$name = $r[0]["name"];
|
||||||
|
|
||||||
$value = $row['v'];
|
$value = $row['v'];
|
||||||
$pos = strpos($value, ":");
|
$pos = strpos($value, ":");
|
||||||
$address = substr($value, $pos+1);
|
$address = substr($value, $pos+1);
|
||||||
$contacts[] = $address;
|
if (!$address) continue;
|
||||||
|
if (!$name) $name = $address;
|
||||||
|
|
||||||
|
$contacts[$address] = $name;
|
||||||
}
|
}
|
||||||
$contacts_json = json_encode($contacts);
|
$contacts_json = json_encode($contacts);
|
||||||
|
|
||||||
|
// get nickname
|
||||||
|
$r = q("SELECT `username` FROM `user` WHERE `uid`=$uid");
|
||||||
|
$nickname = json_encode($r[0]["username"]);
|
||||||
|
|
||||||
|
// add javascript to start Jappix Mini
|
||||||
$a->page['htmlhead'] .= "<script type=\"text/javascript\">
|
$a->page['htmlhead'] .= "<script type=\"text/javascript\">
|
||||||
jQuery(document).ready(function() {
|
jQuery(document).ready(function() {
|
||||||
jappixmini_addon_start('$server', '$username', '$bosh', '$encrypted_password');
|
jappixmini_addon_start('$server', '$username', '$bosh', '$encrypted_password', $nickname);
|
||||||
jappixmini_manage_roster($contacts_json, $autoapprove, $autosubscribe);
|
jappixmini_manage_roster($contacts_json, $autoapprove, $autosubscribe);
|
||||||
});
|
});
|
||||||
</script>";
|
</script>";
|
||||||
|
@ -291,7 +329,16 @@ function jappixmini_script(&$a,&$s) {
|
||||||
}
|
}
|
||||||
|
|
||||||
function jappixmini_login(&$a, &$o) {
|
function jappixmini_login(&$a, &$o) {
|
||||||
// save hash of password using setDB
|
// for setDB, needed by jappixmini_addon_set_client_secret
|
||||||
|
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&f=datastore.js"></script>'."\r\n";
|
||||||
|
|
||||||
|
// for str_sha1, needed by jappixmini_addon_set_client_secret
|
||||||
|
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&f=jsjac.js"></script>'."\r\n";
|
||||||
|
|
||||||
|
// for jappixmini_addon_set_client_secret
|
||||||
|
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/lib.js"></script>'."\r\n";
|
||||||
|
|
||||||
|
// save hash of password
|
||||||
$o = str_replace("<form ", "<form onsubmit=\"jappixmini_addon_set_client_secret(this.elements['id_password'].value);return true;\" ", $o);
|
$o = str_replace("<form ", "<form onsubmit=\"jappixmini_addon_set_client_secret(this.elements['id_password'].value);return true;\" ", $o);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -311,10 +358,17 @@ function jappixmini_cron(&$a, $d) {
|
||||||
if (!$request) continue;
|
if (!$request) continue;
|
||||||
|
|
||||||
$dfrn_id = $contact_row["dfrn-id"];
|
$dfrn_id = $contact_row["dfrn-id"];
|
||||||
$pubkey = $contact_row["pubkey"];
|
if ($dfrn_id) {
|
||||||
if (!$dfrn_id) {
|
$key = $contact_row["pubkey"];
|
||||||
|
$encrypt_func = openssl_public_encrypt;
|
||||||
|
$decrypt_func = openssl_public_decrypt;
|
||||||
|
$role = "prv";
|
||||||
|
} else {
|
||||||
$dfrn_id = $contact_row["issued-id"];
|
$dfrn_id = $contact_row["issued-id"];
|
||||||
$prvkey = $contact_row["prvkey"];
|
$key = $contact_row["prvkey"];
|
||||||
|
$encrypt_func = openssl_private_encrypt;
|
||||||
|
$decrypt_func = openssl_private_decrypt;
|
||||||
|
$role = "pub";
|
||||||
}
|
}
|
||||||
|
|
||||||
// check if jabber address already present
|
// check if jabber address already present
|
||||||
|
@ -334,48 +388,55 @@ function jappixmini_cron(&$a, $d) {
|
||||||
$pos = strpos($request, "/dfrn_request/");
|
$pos = strpos($request, "/dfrn_request/");
|
||||||
if ($pos===false) continue;
|
if ($pos===false) continue;
|
||||||
|
|
||||||
$base = substr($request, 0, $pos)."/jappixmini";
|
$base = substr($request, 0, $pos)."/jappixmini?role=$role";
|
||||||
|
|
||||||
// retrieve address
|
// construct own address
|
||||||
if ($prvkey) {
|
$username = get_pconfig($uid, 'jappixmini', 'username');
|
||||||
$retrieval_address = $base."?encrypt_for=".urlencode($dfrn_id);
|
if (!$username) continue;
|
||||||
|
$server = get_pconfig($uid, 'jappixmini', 'server');
|
||||||
|
if (!$server) continue;
|
||||||
|
|
||||||
$answer_json = fetch_url($retrieval_address);
|
$address = $username."@".$server;
|
||||||
|
|
||||||
|
// sign address
|
||||||
|
$signed_address = "";
|
||||||
|
$encrypt_func($address, $signed_address, $key);
|
||||||
|
|
||||||
|
// construct request url
|
||||||
|
$signed_address_hex = bin2hex($signed_address);
|
||||||
|
$url = $base."&signed_address=$signed_address_hex&dfrn_id=".urlencode($dfrn_id);
|
||||||
|
|
||||||
|
try {
|
||||||
|
// send request
|
||||||
|
$answer_json = fetch_url($url);
|
||||||
|
|
||||||
|
// parse answer
|
||||||
$answer = json_decode($answer_json);
|
$answer = json_decode($answer_json);
|
||||||
if ($answer->status != "ok") continue;
|
if ($answer->status != "ok") throw new Exception();
|
||||||
|
|
||||||
$encrypted_address_hex = $answer->encrypted_address;
|
$encrypted_address_hex = $answer->encrypted_address;
|
||||||
if (!$encrypted_address_hex) continue;
|
if (!$encrypted_address_hex) throw new Exception();
|
||||||
|
|
||||||
$encrypted_address = hex2bin($encrypted_address_hex);
|
$encrypted_address = hex2bin($encrypted_address_hex);
|
||||||
|
if (!$encrypted_address) throw new Exception();
|
||||||
|
|
||||||
|
// decrypt address
|
||||||
|
$decrypted_address = "";
|
||||||
|
$decrypt_func($encrypted_address, $decrypted_address, $key);
|
||||||
|
if (!$decrypted_address) throw new Exception();
|
||||||
|
} catch (Exception $e) {
|
||||||
$decrypted_address = "";
|
$decrypted_address = "";
|
||||||
openssl_private_decrypt($encrypted_address, $decrypted_address, $prvkey);
|
|
||||||
if (!$decrypted_address) continue;
|
|
||||||
|
|
||||||
$address = $decrypted_address;
|
|
||||||
} else if ($pubkey) {
|
|
||||||
$encrypted_request = "";
|
|
||||||
openssl_public_encrypt($dfrn_id, $encrypted_request, $pubkey);
|
|
||||||
if (!$encrypted_request) continue;
|
|
||||||
$encrypted_request_hex = bin2hex($encrypted_request);
|
|
||||||
|
|
||||||
$retrieval_address = $base."?encrypted_for=".urlencode($dfrn_id)."&encrypted_request=".urlencode($encrypted_request_hex);
|
|
||||||
|
|
||||||
$answer_json = fetch_url($retrieval_address);
|
|
||||||
$answer = json_decode($answer_json);
|
|
||||||
if ($answer->status != "ok") continue;
|
|
||||||
|
|
||||||
$address = $answer->address;
|
|
||||||
if (!$address) continue;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// save address
|
// save address
|
||||||
set_pconfig($uid, "jappixmini", "id:$dfrn_id", "$now:$address");
|
set_pconfig($uid, "jappixmini", "id:$dfrn_id", "$now:$decrypted_address");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
function jappixmini_download_source(&$a,&$b) {
|
function jappixmini_download_source(&$a,&$b) {
|
||||||
|
// Jappix Mini source download link on About page
|
||||||
|
|
||||||
$b .= '<h1>Jappix Mini</h1>';
|
$b .= '<h1>Jappix Mini</h1>';
|
||||||
$b .= '<p>This site uses Jappix Mini by the <a href="'.$a->get_baseurl().'/addon/jappixmini/jappix/AUTHORS">Jappix authors</a>, which is distributed under the terms of the <a href="'.$a->get_baseurl().'/addon/jappixmini/jappix/COPYING">GNU Affero General Public License</a>.</p>';
|
$b .= '<p>This site uses Jappix Mini by the <a href="'.$a->get_baseurl().'/addon/jappixmini/jappix/AUTHORS">Jappix authors</a>, which is distributed under the terms of the <a href="'.$a->get_baseurl().'/addon/jappixmini/jappix/COPYING">GNU Affero General Public License</a>.</p>';
|
||||||
$b .= '<p>You can download the <a href="'.$a->get_baseurl().'/addon/jappixmini/jappix.zip">source code</a>.</p>';
|
$b .= '<p>You can download the <a href="'.$a->get_baseurl().'/addon/jappixmini/jappix.zip">source code</a>.</p>';
|
||||||
|
|
|
@ -15,14 +15,23 @@ function jappixmini_addon_xor(str1, str2) {
|
||||||
}
|
}
|
||||||
|
|
||||||
function jappixmini_addon_set_client_secret(password) {
|
function jappixmini_addon_set_client_secret(password) {
|
||||||
client_secret = str_sha1("client_secret:"+password);
|
if (!password) return;
|
||||||
|
|
||||||
|
salt1 = "h8doCRekWto0njyQohKpdx6BN0UTyC6N";
|
||||||
|
salt2 = "jdX8OwFC1kWAq3s9uOyAcE8g3UNNO5t3";
|
||||||
|
|
||||||
|
client_secret1 = str_sha1(salt1+password);
|
||||||
|
client_secret2 = str_sha1(salt2+password);
|
||||||
|
client_secret = client_secret1 + client_secret2;
|
||||||
|
|
||||||
setDB('jappix-mini', 'client_secret', client_secret);
|
setDB('jappix-mini', 'client_secret', client_secret);
|
||||||
|
console.log("client secret set");
|
||||||
}
|
}
|
||||||
|
|
||||||
function jappixmini_addon_get_client_secret() {
|
function jappixmini_addon_get_client_secret() {
|
||||||
client_secret = getDB('jappix-mini', 'client_secret');
|
client_secret = getDB('jappix-mini', 'client_secret');
|
||||||
if (client_secret===null) {
|
if (client_secret===null) {
|
||||||
div = $('<div style="position:fixed;padding:1em;background-color:#F00;color:#fff;top:50px;left:50px;" id="x123">Reintroduce your Friendica password for chatting:</div>');
|
div = $('<div style="position:fixed;padding:1em;background-color:#F00;color:#fff;top:50px;left:50px;">Retype your Friendica password for chatting:</div>');
|
||||||
div.append($("<br>"));
|
div.append($("<br>"));
|
||||||
input = $('<input type="password">')
|
input = $('<input type="password">')
|
||||||
div.append(input);
|
div.append(input);
|
||||||
|
@ -43,7 +52,7 @@ function jappixmini_addon_encrypt_password(password) {
|
||||||
client_secret = jappixmini_addon_get_client_secret();
|
client_secret = jappixmini_addon_get_client_secret();
|
||||||
|
|
||||||
// add \0 to password until it has the same length as secret
|
// add \0 to password until it has the same length as secret
|
||||||
if (client_secret.length<password.length) throw "password too long";
|
if (password.length>client_secret.length-1) throw "password too long";
|
||||||
while (password.length<client_secret.length) {
|
while (password.length<client_secret.length) {
|
||||||
password += "\0";
|
password += "\0";
|
||||||
}
|
}
|
||||||
|
@ -60,7 +69,7 @@ function jappixmini_addon_decrypt_password(encrypted_password) {
|
||||||
|
|
||||||
client_secret = jappixmini_addon_get_client_secret();
|
client_secret = jappixmini_addon_get_client_secret();
|
||||||
|
|
||||||
// xor encrypted password with secret
|
// xor password with secret
|
||||||
password = jappixmini_addon_xor(client_secret, encrypted_password);
|
password = jappixmini_addon_xor(client_secret, encrypted_password);
|
||||||
|
|
||||||
// remove \0
|
// remove \0
|
||||||
|
@ -80,12 +89,12 @@ function jappixmini_manage_roster(contacts, autoapprove, autosubscribe) {
|
||||||
var xid = bareXID(from);
|
var xid = bareXID(from);
|
||||||
|
|
||||||
approve = true;
|
approve = true;
|
||||||
if ((!autoapprove) || ($.inArray(xid, contacts) == -1))
|
if ((!autoapprove) || contacts[xid]===undefined)
|
||||||
approve = confirm("Accept "+xid+" for chat?");
|
approve = confirm("Accept "+xid+" for chat?");
|
||||||
|
|
||||||
if (approve) {
|
if (approve) {
|
||||||
acceptSubscribe(xid);
|
acceptSubscribe(xid, contacts[xid]);
|
||||||
//alert("Accepted "+xid+" for chat.");
|
console.log("Accepted "+xid+" for chat.");
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -94,16 +103,18 @@ function jappixmini_manage_roster(contacts, autoapprove, autosubscribe) {
|
||||||
for (i=0; i<contacts.length; i++) {
|
for (i=0; i<contacts.length; i++) {
|
||||||
xid = contacts[i];
|
xid = contacts[i];
|
||||||
sendSubscribe(xid, "subscribe");
|
sendSubscribe(xid, "subscribe");
|
||||||
|
console.log("Subscribed to "+xid);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
function jappixmini_addon_start(server, username, bosh, encrypted_password) {
|
function jappixmini_addon_start(server, username, bosh, encrypted_password, nickname) {
|
||||||
// check if settings have changed, reinitialize jappix mini if this is the case
|
// check if settings have changed, reinitialize jappix mini if this is the case
|
||||||
settings_identifier = str_sha1(server);
|
settings_identifier = str_sha1(server);
|
||||||
settings_identifier += str_sha1(username);
|
settings_identifier += str_sha1(username);
|
||||||
settings_identifier += str_sha1(bosh);
|
settings_identifier += str_sha1(bosh);
|
||||||
settings_identifier += str_sha1(encrypted_password);
|
settings_identifier += str_sha1(encrypted_password);
|
||||||
|
settings_identifier += str_sha1(nickname);
|
||||||
|
|
||||||
saved_identifier = getDB("jappix-mini", "settings_identifier");
|
saved_identifier = getDB("jappix-mini", "settings_identifier");
|
||||||
if (saved_identifier != settings_identifier) removeDB('jappix-mini', 'dom');
|
if (saved_identifier != settings_identifier) removeDB('jappix-mini', 'dom');
|
||||||
|
@ -116,5 +127,6 @@ function jappixmini_addon_start(server, username, bosh, encrypted_password) {
|
||||||
password = jappixmini_addon_decrypt_password(encrypted_password);
|
password = jappixmini_addon_decrypt_password(encrypted_password);
|
||||||
|
|
||||||
// start jappix mini
|
// start jappix mini
|
||||||
|
MINI_NICKNAME = nickname;
|
||||||
launchMini(true, false, server, username, password);
|
launchMini(true, false, server, username, password);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue