Removed MagicEnvelopeCompat, legacy from SN <0.9.7

This commit is contained in:
Mikael Nordfeldth 2014-05-26 23:07:37 +02:00
parent 7c7426b473
commit 54ae0ed3cc
3 changed files with 32 additions and 94 deletions

View File

@ -286,23 +286,3 @@ class MagicEnvelope
); );
} }
} }
/**
* Variant of MagicEnvelope using the earlier signature form listed in the MagicEnvelope
* spec in early 2010; this was used in StatusNet up through 0.9.6, so for backwards compatiblity
* we still need to accept and sometimes send this format.
*/
class MagicEnvelopeCompat extends MagicEnvelope {
/**
* StatusNet through 0.9.6 used an earlier version of the MagicEnvelope spec
* which used only the input data, without the additional fields, as the plaintext
* for signing.
*
* @param array $env
* @return string
*/
public function signingText($env) {
return $env['data'];
}
}

View File

@ -53,9 +53,8 @@ class Salmon
return false; return false;
} }
foreach ($this->formatClasses() as $class) {
try { try {
$envelope = $this->createMagicEnv($xml, $actor, $class); $envelope = $this->createMagicEnv($xml, $actor);
} catch (Exception $e) { } catch (Exception $e) {
common_log(LOG_ERR, "Salmon unable to sign: " . $e->getMessage()); common_log(LOG_ERR, "Salmon unable to sign: " . $e->getMessage());
return false; return false;
@ -69,30 +68,17 @@ class Salmon
$response = $client->post($endpoint_uri, $headers); $response = $client->post($endpoint_uri, $headers);
} catch (HTTP_Request2_Exception $e) { } catch (HTTP_Request2_Exception $e) {
common_log(LOG_ERR, "Salmon ($class) post to $endpoint_uri failed: " . $e->getMessage()); common_log(LOG_ERR, "Salmon ($class) post to $endpoint_uri failed: " . $e->getMessage());
continue; return false;
} }
if ($response->getStatus() != 200) { if ($response->getStatus() != 200) {
common_log(LOG_ERR, "Salmon ($class) at $endpoint_uri returned status " . common_log(LOG_ERR, "Salmon ($class) at $endpoint_uri returned status " .
$response->getStatus() . ': ' . $response->getBody()); $response->getStatus() . ': ' . $response->getBody());
continue; return false;
} }
// Success! // Success!
return true; return true;
} }
return false;
}
/**
* List the magic envelope signature class variants in the order we try them.
* Multiples are needed for backwards-compat with StatusNet prior to 0.9.7,
* which used a draft version of the magic envelope spec.
*
* FIXME: Deprecate and remove. GNU social shouldn't have to interface with SN<0.9.7
*/
protected function formatClasses() {
return array('MagicEnvelope', 'MagicEnvelopeCompat');
}
/** /**
* Encode the given string as a signed MagicEnvelope XML document, * Encode the given string as a signed MagicEnvelope XML document,
@ -104,20 +90,15 @@ class Salmon
* *
* @param string $text XML fragment to sign, assumed to be Atom * @param string $text XML fragment to sign, assumed to be Atom
* @param Profile $actor Profile of a local user to use as signer * @param Profile $actor Profile of a local user to use as signer
* @param string $class to override the magic envelope signature version, pass a MagicEnvelope subclass here
* *
* @return string XML string representation of magic envelope * @return string XML string representation of magic envelope
* *
* @throws Exception on bad profile input or key generation problems * @throws Exception on bad profile input or key generation problems
* @fixme if signing fails, this seems to return the original text without warning. Is there a reason for this? * @fixme if signing fails, this seems to return the original text without warning. Is there a reason for this?
*/ */
public function createMagicEnv($text, $actor, $class='MagicEnvelope') public function createMagicEnv($text, $actor)
{ {
if (!in_array($class, $this->formatClasses())) { $magic_env = new MagicEnvelope();
throw new ServerException('Bad class parameter for createMagicEnv');
}
$magic_env = new $class();
// We only generate keys for our local users of course, so let // We only generate keys for our local users of course, so let
// getUser throw an exception if the profile is not local. // getUser throw an exception if the profile is not local.
@ -141,8 +122,8 @@ class Salmon
/** /**
* Check if the given magic envelope is well-formed and correctly signed. * Check if the given magic envelope is well-formed and correctly signed.
* Needs to have network access to fetch public keys over the web. * Needs to have network access to fetch public keys over the web if not
* Both current and back-compat signature formats will be checked. * already stored locally.
* *
* Side effects: exceptions and caching updates may occur during network * Side effects: exceptions and caching updates may occur during network
* fetches. * fetches.
@ -155,16 +136,10 @@ class Salmon
*/ */
public function verifyMagicEnv($text) public function verifyMagicEnv($text)
{ {
foreach ($this->formatClasses() as $class) { $magic_env = new MagicEnvelope();
$magic_env = new $class();
$env = $magic_env->parse($text); $env = $magic_env->parse($text);
if ($magic_env->verify($env)) { return $magic_env->verify($env);
return true;
}
}
return false;
} }
} }

View File

@ -41,21 +41,4 @@ class MagicEnvelopeTest extends PHPUnit_Framework_TestCase
) )
); );
} }
/**
* Test that MagicEnvelope builds the correct plaintext for signing.
* @dataProvider provider
*/
public function testSignatureTextCompat($env, $expected)
{
// Our old code didn't add the extra fields, just used the armored text.
$alt = $env['data'];
$magic = new MagicEnvelopeCompat;
$text = $magic->signingText($env);
$this->assertEquals($alt, $text, "'$text' should be '$alt'");
}
} }