Commit Graph

114 Commits

Author SHA1 Message Date
Zach Copley
a54991797d Upgrade OAuth.php to the latest version. 2010-10-06 13:39:58 -07:00
Brion Vibber
f0620a74c8 Provisional OAuth, OpenID token check timing attack patches 2010-07-19 16:47:49 -07:00
Brion Vibber
c5e89527d9 Updated OMB_Yadis_XRDS for compatibility with php-openid 2.2.2: Auth_Yadis_XRDS::parseXRDS() is now declared static, and PHP 5.3 demands it say so on the subclass too.
Compat fix branch for upstream: 6589dc073f
2010-06-29 15:03:50 -04:00
Brion Vibber
15b1d130d2 Update to last upstream version of libomb: coding style updates, static call fix, improved handling of invalid XRD URIs. 2010-06-29 14:39:57 -04:00
Brion Vibber
2d920e05d5 Update the (formerly) Janrain OpenID library to 2.2.2 -- bug fixes including PHP 5.3 compatibility fix.
Upstream release was tagged at: a287b2d85e
2010-06-29 10:24:48 -04:00
Brion Vibber
f514f7b722 Merge branch 'testing' into 0.9.x 2010-05-03 12:25:29 -07:00
Brion Vibber
df4462611c Revert "Update PEAR::Mail to 1.2.0 release; fixes deprecation warnings running under PHP 5.3."
This reverts commit 9fd02a4f11.

Looks like there's some changes I missed in there and getting this in'll involve updating some other packages. Will poke it after 0.9.2.
2010-05-01 09:51:25 -07:00
Brion Vibber
f85fc944b7 Merge branch 'testing' into 0.9.x 2010-04-30 14:07:24 -07:00
Brion Vibber
9fd02a4f11 Update PEAR::Mail to 1.2.0 release; fixes deprecation warnings running under PHP 5.3. 2010-04-30 13:47:46 -07:00
Brion Vibber
a39efbd8d8 Update XMPPHP to last upstream release (r77), includes an XML quoting fix. 2010-04-30 13:37:40 -07:00
Brion Vibber
df9eb4164a Merge branch 'testing' of git@gitorious.org:statusnet/mainline into 0.9.x 2010-03-31 12:48:24 -07:00
Brion Vibber
0841fa712e Ticket #1281: JID validation now more or less follows spec instead of calling e-mail validator
Basic splitting/validation code submitted via http://status.net/wiki/XMPP/JID_validation -- Copyright 2009 Patrick Georgi <patrick@georgi-clan.de> Licensed under ISC-L, which is compatible with everything else that keeps the copyright notice intact.

Added PEAR Net_IDNA package to extlib to handle IDN normalization (also used by Validate's email verifier if present).

* added test suite, supplemented my own test cases with JID validation and normalization test cases from libpurple
* follows XMPP rules for validation of name part
* fixes for normalization with non-ASCII names
* will do domain checks if $config['email']['check_domain'] is on, checking for an XMPP-server SRV record or any lookup. (We don't actually need to ping those direct though.)
* some more obscure stringprep validation rules aren't quite followed yet, but we err on the side of permissiveness.
* we still don't actually let you save your address with a resource on it, as we strip resources when looking up users who've sent us presence or message updates. I would recommend saving the outgoing resource as a separate field if/when we add that..?
2010-03-30 17:35:27 -07:00
Craig Andrews
1f73156dae Move the bundled Net/LDAP2 library to the LdapCommon directory 2010-03-23 21:57:47 -04:00
Brion Vibber
e18e659ca3 Drop HTMLPurifier; we don't need its extra capabilities and we're already using htmLawed which is lighter-weight. 2010-02-24 23:39:40 +00:00
Evan Prodromou
81ea0f8117 Add HTMLPurifier to extlib
HTMLPurifier defangs arbitrary submitted HTML. We're using it in the
OStatus plugin, but it may be valuable for other parts of the codebase
(I think OEmbed might benefit, for example).
2010-02-20 11:35:01 -05:00
Brion Vibber
8869ccc94e Temporary debug hack tracking down 'revoked accesstoken' issue with OMB posts 2010-02-15 15:19:16 -08:00
Evan Prodromou
7679f058ef Revert "DEBUG HACK: error checking for xml_parse in XMPPHP input stream"
This reverts commit 906450e2f5.

1) It was a quick debug hack 2) it doesn't meet the requirements
for changing extlib/ libraries
2010-01-20 15:56:24 -05:00
Brion Vibber
906450e2f5 DEBUG HACK: error checking for xml_parse in XMPPHP input stream 2010-01-20 08:37:58 -08:00
Evan Prodromou
8679bc6c7b add LGPL 2010-01-02 22:46:50 -10:00
Evan Prodromou
dfba47bdf4 include DB_DataObject 1.9.0 2009-12-08 15:32:50 -05:00
Brion Vibber
8ab40e7051 Cleanup for bug 1813: workaround sometimes-missing dl() in PHP 5.3 by defining our own bogus function rather than attempting to patch upstream libs. This keeps our fix across upstream versions (or when loading upstream library from outside extlib)
Note that fixes to OpenID libraries in commit fe9473ac78 were lost in just such an update.
2009-11-16 15:45:15 -08:00
Craig Andrews
5b51eeeebb Bump to version 1.0.0 2009-11-16 11:14:00 -05:00
Zach Copley
40bf174c01 Revert a OS X-specific change to PEAR MIME_Type that I accidentally commited. 2009-11-05 05:59:46 +00:00
Zach Copley
527427d3e0 Implement update avatar via API (/api/account/update_profile_image.format) 2009-11-04 21:00:26 -08:00
Craig Andrews
c403f7fa44 Added Net_LDAP2 to extlib, and add a skeleton LDAP plugin 2009-11-04 13:39:56 -05:00
Brion Vibber
5581143bee Rebuilt HTTPClient class as an extension of PEAR HTTP_Request2 package, adding redirect handling and convenience functions.
Caching support will be added in future work after unit tests have been added.

* extlib: add PEAR HTTP_Request2 0.4.1 alpha
* extlib: update PEAR Net_URL2 to 0.3.0 beta for HTTP_Request2 compatibility
* moved direct usage of CURL and file_get_contents to HTTPClient class, excluding external-sourced libraries
* adapted GeonamesPlugin for new HTTPResponse interface

Note some plugins haven't been fully tested yet.
2009-11-02 09:14:15 -08:00
Brion Vibber
b22fc5b74a Revert "Rebuilt HTTPClient class as an extension of PEAR HTTP_Request2 package, adding redirect handling and convenience functions."
Going to restructure a little more before finalizing this...

This reverts commit fa37967858.
2009-11-02 07:51:29 -08:00
Brion Vibber
fa37967858 Rebuilt HTTPClient class as an extension of PEAR HTTP_Request2 package, adding redirect handling and convenience functions.
Caching support will be added in future work after unit tests have been added.

* extlib: add PEAR HTTP_Request2 0.4.1 alpha
* extlib: update PEAR Net_URL2 to 0.3.0 beta for HTTP_Request2 compatibility
* moved direct usage of CURL and file_get_contents to HTTPClient class, excluding external-sourced libraries

Note some plugins haven't been tested yet.
2009-11-02 06:31:28 -08:00
Evan Prodromou
44ce8e2fcd Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x 2009-10-31 14:47:21 -04:00
Evan Prodromou
4e9ec0d0e1 merge from testing 2009-10-31 14:36:04 -04:00
Evan Prodromou
ae7d524fd8 add a README warning devs from fracking around in extlib/ 2009-10-31 13:35:20 -04:00
Craig Andrews
02131db1c9 Bump to Auth_OpenID 2.1.3 2009-10-30 01:30:42 -04:00
Zach Copley
d07c9d8750 Gather all the Facebook stuff together in one place 2009-10-21 01:07:03 +00:00
Evan Prodromou
035d4cf86e Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x 2009-10-19 15:36:26 -04:00
Brion Vibber
39598582d9 Merge branch 'i18n-work' into i18n-0.9.x 2009-10-19 09:25:05 -07:00
Brion Vibber
21e17e3738 Fix a logic error in php-gettext's setlocale() check; if setlocale() failed to return, we fall back to checking LANG environment variable. Now actually works when doing a setlocale *check* instead of a *set*.
Submitting fix upstream, but as the package is currently unmaintained it may not make it in.
2009-10-16 11:19:52 -07:00
Evan Prodromou
c1c8daa021 Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x 2009-10-15 04:49:59 -04:00
Evan Prodromou
2e3cda4da6 update DB_DataObject to 1.8.12 2009-10-15 04:49:45 -04:00
Brion Vibber
ffeef6520c Commit upstream updates to php-gettext after the 1.0.7 release (but in 2006! :P)
Fixes file magic checks on 64-bit systems.

http://bazaar.launchpad.net/~danilo/php-gettext/trunk/revision/17
http://bazaar.launchpad.net/~danilo/php-gettext/trunk/revision/18
http://bazaar.launchpad.net/~danilo/php-gettext/trunk/revision/19
2009-10-13 14:54:48 -07:00
Brion Vibber
77afd6c344 Commit upstream updates to php-gettext after the 1.0.7 release (but in 2006! :P)
Fixes file magic checks on 64-bit systems.

http://bazaar.launchpad.net/~danilo/php-gettext/trunk/revision/17
http://bazaar.launchpad.net/~danilo/php-gettext/trunk/revision/18
http://bazaar.launchpad.net/~danilo/php-gettext/trunk/revision/19
2009-10-13 14:51:23 -07:00
Evan Prodromou
8284b3cb82 Merge branch '0.8.x' into 0.9.x
Conflicts:
	actions/requesttoken.php
	classes/File.php
	install.php
	lib/noticeform.php
2009-09-23 09:45:22 -04:00
Evan Prodromou
48565a2cdc Revert "Several fixes to make RabbitMQ a player."
This reverts commit c04987018c.
2009-09-15 17:08:27 -04:00
Brion Vibber
fe9473ac78 Check that 'dl' function is available and usable before trying to call it with error suppression; if it's disabled or unavailable we end up with mysterious failures during installation or loading of libraries.
Fixed for StatusNet installer as well as some external libraries that should be fixed upstream if they haven't already been:
* PEAR
* Auth/OpenID
* Auth/Yadis
2009-09-13 21:53:30 -04:00
Marcel van der Boom
c04987018c Several fixes to make RabbitMQ a player.
* extlib/Stomp.php
    -spaces for tabs (we're on PEAR, right?)
    - send: initialize the $properties parameter as array() instead of null
      this prevents unsetting $headers if $properties was not set
      (besides that, it's the proper way to initialize an array)
    - subscribe: insert FIXME's on ActiveMQ specifics
    - ack: make sure the content-length header is set *and* is zero.
      I have seen the header set to '3' there but could not find where it
      came from, this is at least safe.
    - disconnect: typo in $headers variable
    - readFrame: use fgets() instead of gets() so that RabbitQ, which is more protocol strict can also play
  * extlib/Stomp/Frame.php
    - spaces for tabs
    - add note on possibly protocol violating linefeed
  * extlib/Stomp/Message.php
    - space for tabs
    - add content-length header for message
  * lib/stompqueuemanager.php
    - use the notice for logging, not the frame
2009-09-11 20:50:53 -04:00
Marcel van der Boom
a73162d3eb Silence the NOTICE log messages on port not defined, we deal with
that properly, and most of the time it is indeed not define
2009-09-11 20:49:24 -04:00
Craig Andrews
d7ae0ed4fd Merge remote branch 'laconica/0.8.x' into 0.9.x
Conflicts:
	lib/omb.php
2009-09-09 22:52:38 -04:00
Craig Andrews
5974871b7b Improve OAuth CGI compatibility
Fixes http://status.net/trac/ticket/1822
Reported upstream at http://code.google.com/p/oauth/issues/detail?id=118
2009-09-03 18:35:46 -04:00
Craig Andrews
a535ccdc4e Merge remote branch 'laconica/0.8.x' into 0.9.x
Conflicts:
	lib/common.php
	lib/twitter.php
2009-09-02 16:42:15 -04:00
Craig Andrews
29d0dd740c Allow whitespace before and after the = and require space before the href in <link href="url"> html 2009-09-01 23:18:39 -04:00
Craig Andrews
00032e1112 Allow the oEmbed <link> tag to be split across lines 2009-08-31 22:16:49 -04:00