Commit Graph

1111 Commits

Author SHA1 Message Date
Mikael Nordfeldth
b20b9727cf More debugging info for FeedSub PuSH self-healing 2017-04-30 09:46:15 +02:00
Mikael Nordfeldth
e21043e81c syntax fix (throw _new_ *Exception) 2017-04-30 09:33:06 +02:00
Mikael Nordfeldth
1ecf709918 Make sure we don't receiveFeed() in the case of that exception 2017-04-30 09:31:16 +02:00
Mikael Nordfeldth
5288a6f9e2 Update huburi for FeedSub if PuSH signature is invalid
This because some remote server might have used third party PuSH hubs
but switch and we don't know about it.

Possible risks here are of course MITM that could force us to rediscover
PuSH hubs from a feed they control, but that currently feels ... meh.
2017-04-30 09:20:08 +02:00
Mikael Nordfeldth
853b016a42 Separate ensureHub into function in FeedSub 2017-04-27 09:24:12 +02:00
Mikael Nordfeldth
598b51eb7a Escaping a URI in common_debug call 2017-04-27 09:23:45 +02:00
Mikael Nordfeldth
bb76af4f65 Test URLs against blacklist also on PuSH subscriptions. 2017-04-26 22:41:59 +02:00
Mikael Nordfeldth
a53284fe4f Use getByID nistead of getKV for Feedsub in PushInQueueHandler 2017-04-25 20:42:10 +02:00
Mikael Nordfeldth
956cfaf844 Try https first on URL mention lookup 2017-04-22 12:29:53 +02:00
Mikael Nordfeldth
95f991cff3 Somewhat simpler regex. Thanks acct:takeshitakenji@gs.kawa-kun.com 2017-04-22 12:12:27 +02:00
Mikael Nordfeldth
69e944e21a Fix URL mention regular expression FOR REALZ 2017-04-22 11:45:24 +02:00
Mikael Nordfeldth
51e5cc2ac8 Fix URL mention regular expression in OStatusPlugin 2017-04-22 11:15:55 +02:00
Mikael Nordfeldth
2fc4b174c1 Domain name regular expression into lib/framework.php 2017-04-22 11:07:38 +02:00
Mikael Nordfeldth
bd6c93a811 Split up OStatusPlugin preg functions so they can be reused 2017-04-22 11:02:41 +02:00
Mikael Nordfeldth
54971842f2 A bit more instructive debugging 2017-04-22 10:55:24 +02:00
Mikael Nordfeldth
0fd83f0028 New domain regexp for WebFinger matching. 2017-04-22 10:51:03 +02:00
Mikael Nordfeldth
e98bceec10 Import backlog on new subscription.
Danger is when importing a new feed that may be maliciously crafted
to contain a zillion entries.
2017-04-21 09:31:27 +02:00
Mikael Nordfeldth
f51cb6fca9 Split OStatusPlugin FeedSub receive into two parts
FeedSub::receive now only handles the PuSH verification
FeedSub::receiveFeed is protected and only parses+imports feed XML
2017-04-21 08:13:39 +02:00
Mikael Nordfeldth
e87115d462 Less frightening interface on remote subscription
Instead of an error message in a red box about being unable to find the
profile, you get the title "Remote subscription" and no error message.
2017-04-19 11:41:34 +02:00
Mikael Nordfeldth
548e59fc99 Empty resource would throw exception
The "+ Remote" link on your profile page broke because of exception.
2017-04-19 11:37:43 +02:00
Mikael Nordfeldth
35b0a9e3ae Handle normalized acct: URIs in ostatussub
Mastodon sent the proper acct: URI and not just 'user@domain' when
using the remote subscribe functionality.
2017-04-16 11:01:16 +02:00
Mikael Nordfeldth
6bfc97c95d Less spammy logs 2016-10-22 23:24:13 +02:00
Mikael Nordfeldth
6ebc5f0bff some debugging calls and make sure $hints['feedurl'] gets set with $feeduri in case that variable is used. 2016-10-22 23:08:44 +02:00
Mikael Nordfeldth
a833eaa651 Make all hash algorithms available (but whitelist by default)
sha1 is whitelisted only because StatusNet requires it.
2016-06-28 11:54:39 +02:00
Mikael Nordfeldth
3166a04cef actually respond with the error message in text on Salmon calls 2016-06-25 20:50:00 +02:00
Mikael Nordfeldth
ad7ebd1a8c Even more phpseclib update related stuff. 2016-06-25 20:34:28 +02:00
Mikael Nordfeldth
d10ce6ac7c Give Webfinger response to group queries 2016-06-25 20:13:19 +02:00
Mikael Nordfeldth
d0c26fb1a4 URIFIX in Ostatus_profile, handle missing feedsub 2016-06-25 11:59:31 +02:00
Mikael Nordfeldth
c19f87f867 fixes issue #189 with a script lacking exception handling 2016-06-24 15:19:24 +02:00
Mikael Nordfeldth
a4051945fd Handle exception from Magic Envelope toXML function 2016-06-23 23:27:18 +02:00
Mikael Nordfeldth
16f4583498 throw ClientException instead of clientError 2016-06-19 03:38:00 +02:00
Mikael Nordfeldth
47aabf4fda Let's just put the namespaced phpseclib in extlib instead of plugins/OStatus/extlib 2016-06-18 00:00:32 +02:00
Mikael Nordfeldth
3a8ce99a9d Magicsig call for phpseclib\Math\BigInteger fixed 2016-06-17 23:47:00 +02:00
Mikael Nordfeldth
1839082f95 OStatus Magicsig adaptations to new phpseclib
Some constants have changed and the way to call RSA->sign(...) too.
2016-06-17 23:43:24 +02:00
Mikael Nordfeldth
a1d064129a Handle namespaces for new phpseclib 2016-06-17 23:21:34 +02:00
Mikael Nordfeldth
28ca5d90d9 phpseclib updated, some new features that we won't use 2016-06-17 22:44:12 +02:00
Chimo
9de79f0a36 Update prepare() method on Action subclasses.
Fixes handle()-related strict warnings such as "Strict Standards:
Declaration of AdminPanelAction::prepare() should be compatible with
Action::prepare(array $args = Array)

Ref. #190
2016-06-01 02:26:44 +00:00
Mikael Nordfeldth
922b65d231 More debugging in Salmon since we get situations which can't find inReplyToID 2016-04-01 23:10:34 +02:00
Mikael Nordfeldth
d4041a4a1f a little bit more explicit logging 2016-03-28 16:41:29 +02:00
Mikael Nordfeldth
16517f019a Embarrasing copy-paste gone too fast 2016-03-28 16:25:29 +02:00
Mikael Nordfeldth
7bef2ad4cc Update Profile Data script fixes, might work for groups too now 2016-03-28 16:19:47 +02:00
Mikael Nordfeldth
a93c69d150 OStatus update profile data script fixes 2016-03-28 15:42:41 +02:00
Mikael Nordfeldth
2d0153195e Output proper remote info on WebFinger notice resources 2016-03-27 14:56:27 +02:00
Mikael Nordfeldth
7be4641040 Actually return an Ostatus_profile 2016-03-27 14:54:14 +02:00
Mikael Nordfeldth
2759c3f0db Debugging output in OStatus for easier reading+greping 2016-03-23 17:52:02 +01:00
Mikael Nordfeldth
8c6d0759c7 If upgraded from http to https, keep hubsub->topic up to date too (thanks hannes2peer) 2016-03-23 15:37:55 +01:00
Mikael Nordfeldth
0767bf487e Use the new onUpdateKeys in dataobject for tasks on-update of keys
sets the hashkey column of the row to sha1(topic + '|' + callback)
2016-03-23 15:22:34 +01:00
Mikael Nordfeldth
14cb2d5398 Merge branch 'master' into mmn_fixes 2016-03-21 12:27:04 +01:00
Mikael Nordfeldth
afdd6d39ec Some Google stuff that need to be there (or comments)
Note that these won't be shown to the enduser and will never be accessed automatically.

We should put the salmon-protocol stuff on ostatus.org
2016-03-21 12:25:04 +01:00
Mikael Nordfeldth
980085a8a3 Merge branch 'master' of git.gnu.io:gnu/gnu-social into mmn_fixes
Conflicts:
	plugins/Minify/extlib/minify/README.txt
	plugins/Minify/extlib/minify/UPGRADING.txt
	plugins/Minify/extlib/minify/min/README.txt
	plugins/Minify/extlib/minify/min/builder/index.php
	plugins/Minify/extlib/minify/min/lib/JSMin.php
	plugins/Minify/extlib/minify/min/lib/Minify.php
	plugins/Minify/extlib/minify/min/lib/Minify/CSS.php
	plugins/Minify/extlib/minify/min/lib/Minify/CSS/Compressor.php
	plugins/Minify/extlib/minify/min/lib/Minify/Controller/Page.php
	plugins/Minify/extlib/minify/min/lib/Minify/Packer.php
	plugins/Recaptcha/RecaptchaPlugin.php
2016-03-21 03:10:19 +01:00
Bob Mottram
11c57e7aee Remove Google References
This removes most references to Google, with some
remaining since they may point to things which are still
relevant. References to Google Code, Google Buzz and
Google Maps have been removed
2016-03-20 13:06:58 +00:00
Mikael Nordfeldth
f4833c6c91 More verbose salmon debugging 2016-03-15 16:53:19 +01:00
Mikael Nordfeldth
e4e0a39dad Only OStatus distribute if profile hasRight to PUBLICNOTICE 2016-03-02 12:42:09 +01:00
Mikael Nordfeldth
9a89990293 Some changes since getFancyName() is longer with full acct: URI 2016-03-02 00:13:28 +01:00
Mikael Nordfeldth
12f1707a74 Ostatus_source filled no purpose whatsoever 2016-02-26 22:37:26 +01:00
mmn
dc51354316 Merge branch 'readme-plugins' into 'nightly'
Readme plugins

* Adds several plugin READMEs
  They are pretty basic, but it's a start.

* Changes status.net/wiki URLs to git.gnu.io
  The status.net wiki is dead.

See merge request !103
2016-02-26 12:32:42 +00:00
Mikael Nordfeldth
e6f07d8554 Use in_array instead. Now we get third party responses to contextually interesting threads
I think this solves much of the "third party conversation" issues, assuming involved parties
are using modern GNU social instances.
2016-02-24 00:19:27 +01:00
Mikael Nordfeldth
31c9b2c1d8 Check the notice context for users in UsersalmonAction 2016-02-23 23:56:43 +01:00
Mikael Nordfeldth
9319033ff0 Properly attach activityobjects
For some reason they were written to ->object, which is incorrect as
we use the objects[] array (which usually just holds one entry though)
2016-02-23 23:50:57 +01:00
Mikael Nordfeldth
0eb5122817 Check that the user is in the context of a salmon slap 2016-02-23 23:42:41 +01:00
Mikael Nordfeldth
422d475e44 Differentiate two similar log warning messages 2016-02-17 21:57:52 +01:00
Chimo
2c5cba28b6 Change status.net/wiki URLs to git.gnu.io 2016-02-08 17:48:10 +00:00
Mikael Nordfeldth
098c8b1df4 NoHttpResponseException extends HTTP_Request2_ConnectionException 2016-02-07 01:52:20 +01:00
Mikael Nordfeldth
1f01356076 Fix issue #127 by catching exceptions
update-profile-data.php threw exceptions on http connection issues
2016-02-04 12:06:35 +01:00
Mikael Nordfeldth
a5c1b063fd isPerson did not exist for Ostatus_profile 2016-01-29 16:15:06 +01:00
Mikael Nordfeldth
689e277c62 Allow @localuser@mysite.example to be looked up as a mention 2016-01-29 16:06:16 +01:00
Mikael Nordfeldth
36f099958c Don't match @nickname on @nickname@server.com 2016-01-29 15:53:58 +01:00
Mikael Nordfeldth
efe23ed404 updateWithKeys now understands multi-column keys
and automatically identifies _which_ columns are the right ones,
so for example 'uri' primary keys don't need to be explicitly set
2016-01-28 16:42:59 +01:00
Mikael Nordfeldth
fa8e02b832 Handle exceptions when salmon slapping
Make it so notifyDeferred actually _always_ throws exceptions and handle
them in the places it is called.
2016-01-20 14:56:24 +01:00
Mikael Nordfeldth
6dc0477c00 Let the remote side know the Salmon was accepted (sorta) 2016-01-16 22:39:59 +01:00
Mikael Nordfeldth
deda83fdef Distinguish notice saving errors from others for Salmon 2016-01-16 22:39:04 +01:00
Mikael Nordfeldth
c559b8ce2a bulkDistribute won't add empty lists to database 2016-01-16 17:34:27 +01:00
Mikael Nordfeldth
f53ebdeadb Start handling salmon entries directly with Notice::saveActivity
More to come...
2016-01-16 17:25:29 +01:00
Mikael Nordfeldth
2b67b53112 In very specific circumstances we can bulkDistribute 0 notices
Seems to be what caused an infinite loop on quitter.es, or I guess so anyway.
2016-01-16 17:18:14 +01:00
Mikael Nordfeldth
2f1bfe126b Debug message formatting gone wrong 2016-01-14 13:52:11 +01:00
Mikael Nordfeldth
59e75ef966 Incorrect use of getByHashKey in HubSub 2016-01-14 13:15:31 +01:00
Mikael Nordfeldth
bacd49a6a8 Don't try to replace http with https if https already exists 2016-01-14 13:06:37 +01:00
Mikael Nordfeldth
83cb1dfa68 Salmon debugging 2016-01-14 03:48:41 +01:00
Mikael Nordfeldth
cf7d2f4d0f Salmon queue handler getByID for exception throwing 2016-01-14 01:51:00 +01:00
Mikael Nordfeldth
0482b7de8e Debugging by indexing callback column in HubSub 2016-01-13 22:57:42 +01:00
Mikael Nordfeldth
8ab98b72ac getLeaseRemaining for FeedSub too 2016-01-13 20:01:00 +01:00
Mikael Nordfeldth
377947c57f s/getLease/getLeaseTime/ just to be a bit more clear 2016-01-13 19:55:17 +01:00
Mikael Nordfeldth
1d26fedf12 Don't store lease seconds, just sub start and end
The seconds can always be calculated from the dates!
2016-01-13 19:45:20 +01:00
Mikael Nordfeldth
494746e665 Minor PuSH comment and debug stuff 2016-01-13 19:25:39 +01:00
Mikael Nordfeldth
a5fd4fde25 Request a month long sub lease by default 2016-01-13 19:24:07 +01:00
Mikael Nordfeldth
b38a789005 HubSub didn't save sub start and end datetimes 2016-01-13 19:23:34 +01:00
Mikael Nordfeldth
5c262a788d Unused, unnecessary and intrusive cookie/storage removed! 2016-01-13 15:22:28 +01:00
Mikael Nordfeldth
99da1ebe41 Catch NoHttpResponseException when using HTTPClient 2016-01-13 14:17:49 +01:00
Mikael Nordfeldth
3ed632decf NoHttpResponseException needed instead of HTTP_Request2_Exception
HTTP_Request2_Exception assumed an HTTP response status code/line
2016-01-13 14:08:48 +01:00
Mikael Nordfeldth
e75472f460 Use the upstream function to get effectiveUrl 2016-01-13 14:00:05 +01:00
Mikael Nordfeldth
f4feef477b Don't follow redirects on PuSH POST. 2016-01-12 14:32:28 +01:00
Mikael Nordfeldth
c826fe0af4 $target was klantigtly copied from another debug message 2016-01-11 20:10:38 +01:00
Mikael Nordfeldth
bd6efa0e45 Update PuSH callback URL if remote side switched to HTTPS
See the comment in the source on why we're not following Location headers...
2016-01-11 19:55:02 +01:00
Mikael Nordfeldth
f24cdf4a80 Much more logging in PushHubAction (OStatus) 2016-01-11 19:54:05 +01:00
Mikael Nordfeldth
b13f8df79b HTTPClient would return null instead of exception
This caused $response->isOK() tests to call a function on a non-existing object, causing all hell to break loose.
2016-01-11 02:36:59 +01:00
Mikael Nordfeldth
42dff2742a Put salmon slaps in queues before pushing user Atom feed 2016-01-10 00:29:32 +01:00
Mikael Nordfeldth
c3c5a9974d Do proper fromUri lookup on groups too 2016-01-09 14:36:47 +01:00
Mikael Nordfeldth
4e0ed61f7c OStatus queue handler uses Notice->getAttentionProfiles()
and lots more debugging for LOG_DEBUG
2016-01-08 01:31:47 +01:00
Mikael Nordfeldth
3471213d1c processFeed would abort on certain errors where findLocalObject failed 2016-01-05 15:00:07 +01:00
Mikael Nordfeldth
ab93bb009c XSS vulnerability when remote-subscribing
->raw was used on non-filtered strings for some reasons, changed
to ->text.
2016-01-05 12:15:50 +01:00