Commit Graph

1058 Commits

Author SHA1 Message Date
Mikael Nordfeldth
5288a6f9e2 Update huburi for FeedSub if PuSH signature is invalid
This because some remote server might have used third party PuSH hubs
but switch and we don't know about it.

Possible risks here are of course MITM that could force us to rediscover
PuSH hubs from a feed they control, but that currently feels ... meh.
2017-04-30 09:20:08 +02:00
Mikael Nordfeldth
853b016a42 Separate ensureHub into function in FeedSub 2017-04-27 09:24:12 +02:00
Mikael Nordfeldth
598b51eb7a Escaping a URI in common_debug call 2017-04-27 09:23:45 +02:00
Mikael Nordfeldth
bb76af4f65 Test URLs against blacklist also on PuSH subscriptions. 2017-04-26 22:41:59 +02:00
Mikael Nordfeldth
a53284fe4f Use getByID nistead of getKV for Feedsub in PushInQueueHandler 2017-04-25 20:42:10 +02:00
Mikael Nordfeldth
956cfaf844 Try https first on URL mention lookup 2017-04-22 12:29:53 +02:00
Mikael Nordfeldth
95f991cff3 Somewhat simpler regex. Thanks acct:takeshitakenji@gs.kawa-kun.com 2017-04-22 12:12:27 +02:00
Mikael Nordfeldth
69e944e21a Fix URL mention regular expression FOR REALZ 2017-04-22 11:45:24 +02:00
Mikael Nordfeldth
51e5cc2ac8 Fix URL mention regular expression in OStatusPlugin 2017-04-22 11:15:55 +02:00
Mikael Nordfeldth
2fc4b174c1 Domain name regular expression into lib/framework.php 2017-04-22 11:07:38 +02:00
Mikael Nordfeldth
bd6c93a811 Split up OStatusPlugin preg functions so they can be reused 2017-04-22 11:02:41 +02:00
Mikael Nordfeldth
54971842f2 A bit more instructive debugging 2017-04-22 10:55:24 +02:00
Mikael Nordfeldth
0fd83f0028 New domain regexp for WebFinger matching. 2017-04-22 10:51:03 +02:00
Mikael Nordfeldth
e98bceec10 Import backlog on new subscription.
Danger is when importing a new feed that may be maliciously crafted
to contain a zillion entries.
2017-04-21 09:31:27 +02:00
Mikael Nordfeldth
f51cb6fca9 Split OStatusPlugin FeedSub receive into two parts
FeedSub::receive now only handles the PuSH verification
FeedSub::receiveFeed is protected and only parses+imports feed XML
2017-04-21 08:13:39 +02:00
Mikael Nordfeldth
e87115d462 Less frightening interface on remote subscription
Instead of an error message in a red box about being unable to find the
profile, you get the title "Remote subscription" and no error message.
2017-04-19 11:41:34 +02:00
Mikael Nordfeldth
548e59fc99 Empty resource would throw exception
The "+ Remote" link on your profile page broke because of exception.
2017-04-19 11:37:43 +02:00
Mikael Nordfeldth
35b0a9e3ae Handle normalized acct: URIs in ostatussub
Mastodon sent the proper acct: URI and not just 'user@domain' when
using the remote subscribe functionality.
2017-04-16 11:01:16 +02:00
Mikael Nordfeldth
6bfc97c95d Less spammy logs 2016-10-22 23:24:13 +02:00
Mikael Nordfeldth
6ebc5f0bff some debugging calls and make sure $hints['feedurl'] gets set with $feeduri in case that variable is used. 2016-10-22 23:08:44 +02:00
Mikael Nordfeldth
a833eaa651 Make all hash algorithms available (but whitelist by default)
sha1 is whitelisted only because StatusNet requires it.
2016-06-28 11:54:39 +02:00
Mikael Nordfeldth
3166a04cef actually respond with the error message in text on Salmon calls 2016-06-25 20:50:00 +02:00
Mikael Nordfeldth
ad7ebd1a8c Even more phpseclib update related stuff. 2016-06-25 20:34:28 +02:00
Mikael Nordfeldth
d10ce6ac7c Give Webfinger response to group queries 2016-06-25 20:13:19 +02:00
Mikael Nordfeldth
d0c26fb1a4 URIFIX in Ostatus_profile, handle missing feedsub 2016-06-25 11:59:31 +02:00
Mikael Nordfeldth
c19f87f867 fixes issue #189 with a script lacking exception handling 2016-06-24 15:19:24 +02:00
Mikael Nordfeldth
a4051945fd Handle exception from Magic Envelope toXML function 2016-06-23 23:27:18 +02:00
Mikael Nordfeldth
16f4583498 throw ClientException instead of clientError 2016-06-19 03:38:00 +02:00
Mikael Nordfeldth
47aabf4fda Let's just put the namespaced phpseclib in extlib instead of plugins/OStatus/extlib 2016-06-18 00:00:32 +02:00
Mikael Nordfeldth
3a8ce99a9d Magicsig call for phpseclib\Math\BigInteger fixed 2016-06-17 23:47:00 +02:00
Mikael Nordfeldth
1839082f95 OStatus Magicsig adaptations to new phpseclib
Some constants have changed and the way to call RSA->sign(...) too.
2016-06-17 23:43:24 +02:00
Mikael Nordfeldth
a1d064129a Handle namespaces for new phpseclib 2016-06-17 23:21:34 +02:00
Mikael Nordfeldth
28ca5d90d9 phpseclib updated, some new features that we won't use 2016-06-17 22:44:12 +02:00
Chimo
9de79f0a36 Update prepare() method on Action subclasses.
Fixes handle()-related strict warnings such as "Strict Standards:
Declaration of AdminPanelAction::prepare() should be compatible with
Action::prepare(array $args = Array)

Ref. #190
2016-06-01 02:26:44 +00:00
Mikael Nordfeldth
922b65d231 More debugging in Salmon since we get situations which can't find inReplyToID 2016-04-01 23:10:34 +02:00
Mikael Nordfeldth
d4041a4a1f a little bit more explicit logging 2016-03-28 16:41:29 +02:00
Mikael Nordfeldth
16517f019a Embarrasing copy-paste gone too fast 2016-03-28 16:25:29 +02:00
Mikael Nordfeldth
7bef2ad4cc Update Profile Data script fixes, might work for groups too now 2016-03-28 16:19:47 +02:00
Mikael Nordfeldth
a93c69d150 OStatus update profile data script fixes 2016-03-28 15:42:41 +02:00
Mikael Nordfeldth
2d0153195e Output proper remote info on WebFinger notice resources 2016-03-27 14:56:27 +02:00
Mikael Nordfeldth
7be4641040 Actually return an Ostatus_profile 2016-03-27 14:54:14 +02:00
Mikael Nordfeldth
2759c3f0db Debugging output in OStatus for easier reading+greping 2016-03-23 17:52:02 +01:00
Mikael Nordfeldth
8c6d0759c7 If upgraded from http to https, keep hubsub->topic up to date too (thanks hannes2peer) 2016-03-23 15:37:55 +01:00
Mikael Nordfeldth
0767bf487e Use the new onUpdateKeys in dataobject for tasks on-update of keys
sets the hashkey column of the row to sha1(topic + '|' + callback)
2016-03-23 15:22:34 +01:00
Mikael Nordfeldth
14cb2d5398 Merge branch 'master' into mmn_fixes 2016-03-21 12:27:04 +01:00
Mikael Nordfeldth
afdd6d39ec Some Google stuff that need to be there (or comments)
Note that these won't be shown to the enduser and will never be accessed automatically.

We should put the salmon-protocol stuff on ostatus.org
2016-03-21 12:25:04 +01:00
Mikael Nordfeldth
980085a8a3 Merge branch 'master' of git.gnu.io:gnu/gnu-social into mmn_fixes
Conflicts:
	plugins/Minify/extlib/minify/README.txt
	plugins/Minify/extlib/minify/UPGRADING.txt
	plugins/Minify/extlib/minify/min/README.txt
	plugins/Minify/extlib/minify/min/builder/index.php
	plugins/Minify/extlib/minify/min/lib/JSMin.php
	plugins/Minify/extlib/minify/min/lib/Minify.php
	plugins/Minify/extlib/minify/min/lib/Minify/CSS.php
	plugins/Minify/extlib/minify/min/lib/Minify/CSS/Compressor.php
	plugins/Minify/extlib/minify/min/lib/Minify/Controller/Page.php
	plugins/Minify/extlib/minify/min/lib/Minify/Packer.php
	plugins/Recaptcha/RecaptchaPlugin.php
2016-03-21 03:10:19 +01:00
Bob Mottram
11c57e7aee Remove Google References
This removes most references to Google, with some
remaining since they may point to things which are still
relevant. References to Google Code, Google Buzz and
Google Maps have been removed
2016-03-20 13:06:58 +00:00
Mikael Nordfeldth
f4833c6c91 More verbose salmon debugging 2016-03-15 16:53:19 +01:00
Mikael Nordfeldth
e4e0a39dad Only OStatus distribute if profile hasRight to PUBLICNOTICE 2016-03-02 12:42:09 +01:00