Mikael Nordfeldth
aaef11077d
Default of Magicsig keypair toString should be secure
...
Prevent crappy coders from leaking private keys.
2014-06-03 12:51:52 +02:00
Mikael Nordfeldth
0bc122ff58
Magicsig::generate is now static
...
This also fixes a problem with "initial salmon slap", which was a
problem for newly registered accounts which would have their first
salmon slap fail to distribute since there was a problem with Magicsig
keys. Apparently we have to re-read them with importKeys so the
Crypt_RSA objects publicKey and privateKey match later instances of them.
I think it may have been that generate() doesn't specify a signatureMode,
but I leave experimentation of that to the future.
2014-06-02 21:50:40 +02:00
Mikael Nordfeldth
537dff7987
Salmon posts can only be made for local users. More typing!
...
Since we of course don't have the remote party's private keys anyway.
I made some small fixes in Magicsig class too, removing unnecessary code.
2014-06-02 19:46:42 +02:00
Mikael Nordfeldth
2cd25039af
Quick-return is more comprehensible than long if statements
2014-06-02 19:37:06 +02:00
Mikael Nordfeldth
f7479e3f57
Prepare for WebFinger magicsig data for remote profiles
2014-06-02 19:33:09 +02:00
Mikael Nordfeldth
78805d113a
MagicEnvelope discoverKeyPair now returns string
...
getKeyPair fills in missing data so it's a complete Magicsig.
We may use insert() here in the future so the Magicsig is cached locally.
2014-06-02 18:31:48 +02:00
Mikael Nordfeldth
d44588f98b
Only use a Profile in MagicEnvelope keypair retrieval
...
So we _know_ there is a profile for the submitter we're about to verify.
2014-06-02 16:12:26 +02:00
Mikael Nordfeldth
56194b3cd9
Magicsig importKeys finetuning and getHash() use
2014-06-02 16:11:15 +02:00
Mikael Nordfeldth
dc52a8ff43
Don't ensureProfile before we verify signature
2014-06-02 16:10:26 +02:00
Mikael Nordfeldth
00b2bddc7c
Clarify it's not base64, but base64url, encoding in Magicsig
2014-06-02 14:51:15 +02:00
Mikael Nordfeldth
993ad00333
Improve debugging for Salmon slaps
2014-06-02 14:20:58 +02:00
Mikael Nordfeldth
d534ea7bd6
Try the whole Salmon action for AlreadyFulfilledException
...
If we have already fulfilled the action, we don't have to send an error back.
2014-06-02 13:57:30 +02:00
Mikael Nordfeldth
c1dc13bef0
Magicsig warning message would fail to get bits
2014-06-02 13:35:29 +02:00
Mikael Nordfeldth
3ef8322b03
There could be unresolvable FeedSub entries
2014-06-01 16:07:08 +02:00
Mikael Nordfeldth
75711ae06a
Magicsig is made a bit less cumbersome
2014-05-31 13:41:49 +02:00
Mikael Nordfeldth
411f3b86a4
Use locally cached Salmon keys for profiles
...
Please note that we're not yet actually caching them ourselves.
2014-05-31 12:51:51 +02:00
Mikael Nordfeldth
0c2134f9ad
Last objectification of MagicEnvelope. Smarter SalmonAction
2014-05-31 12:00:46 +02:00
Mikael Nordfeldth
9e6599b9fb
Salmon log message tidying up
2014-05-28 14:07:47 +02:00
Mikael Nordfeldth
03fc02c26f
Bad variable names (fixes last commit)
2014-05-27 13:02:26 +02:00
Mikael Nordfeldth
41773d3f67
MagicEnvelope object orientation (no passing arrays)
...
MagicEnvelope now uses object properties instead of passing arrays
around everywhere.
2014-05-27 12:01:12 +02:00
Mikael Nordfeldth
14251d26ad
Make MagicEnvelope self-reference
...
Also, a stricer typing for DOMDocument in fromDom parsing function.
2014-05-27 10:18:36 +02:00
Mikael Nordfeldth
54ae0ed3cc
Removed MagicEnvelopeCompat, legacy from SN <0.9.7
2014-05-26 23:54:22 +02:00
Mikael Nordfeldth
7c7426b473
Minor changes in Salmon lib for Magicsig retrieval.
2014-05-26 20:06:45 +02:00
Mikael Nordfeldth
ba10da27da
Should not normalize Salmon author URIs.
...
It's normalized in Discovery->lookup later anyway.
2014-05-26 14:20:42 +02:00
Mikael Nordfeldth
8c348c96e7
getAuthorUri is a more appropriate function name
2014-05-26 14:14:54 +02:00
Mikael Nordfeldth
fac102a50a
checkAuthor not used anywhere
2014-05-26 14:13:35 +02:00
Mikael Nordfeldth
3c322abafc
There's no guarantee we have an Ostatus_profile for Feedsub
2014-05-19 18:34:44 +02:00
Mikael Nordfeldth
0dad11bb85
Inform and make use of NoProfileException in OStatus actions
...
This is because Ostatus_profile->localProfile() throws NoProfileException
instead of returning null for profiles which don't exist in Profile table.
2014-05-19 18:07:57 +02:00
Mikael Nordfeldth
63c20e59aa
UsersalmonAction cleanup
2014-05-19 18:07:14 +02:00
Mikael Nordfeldth
228dc1f851
Ostatus_profile throws NoProfileException from localProfile()
...
Some implementations of the exception handling is included here,
the actions come in a later commit.
2014-05-19 17:59:36 +02:00
Mikael Nordfeldth
d2c749c7de
NoUriException added and implemented in FeedSub class
...
This is a specific exception for objects which require URI but lack it,
first implemented in FeedSub to allow for identification of bad entries.
2014-05-19 17:30:04 +02:00
Mikael Nordfeldth
1207f4f06f
isLocal() for User_group
2014-05-19 14:46:54 +02:00
Mikael Nordfeldth
7977361193
Too many bird wings ({), sorry Erkan :)
2014-05-07 09:52:50 +02:00
Mikael Nordfeldth
b59beb50e6
misplaced dollar sign, also URLs != attention URIs
2014-05-07 09:20:57 +02:00
Mikael Nordfeldth
c01138c16b
Forgot 'new' before the Exception class
2014-05-07 00:06:04 +02:00
Mikael Nordfeldth
074b2b621c
Garbage collection script didn't loop through anything
2014-05-06 16:18:47 +02:00
Mikael Nordfeldth
8b12e41351
User object didn't have getNickname() function
...
We're just jumping on to the Profile->getNickname() function.
2014-05-06 16:08:36 +02:00
Mikael Nordfeldth
869ca2d20b
Missed a $user->id to $profile->id translation
2014-05-06 15:43:06 +02:00
Mikael Nordfeldth
c279a33feb
More Exceptions for FeedSub doSubscribe and related functions
...
Now also garbageCollect will now throw exceptions of failures of all kinds
and only reply true/false on entirely successful runs of sub/unsub.
2014-05-06 15:40:57 +02:00
Mikael Nordfeldth
0fa00d5106
Type testing instead of just empty() in OStatusPlugin
2014-05-06 14:36:52 +02:00
Mikael Nordfeldth
1a0171ef61
MagicEnvelope class now throws exception on XRD fail
2014-05-06 13:11:29 +02:00
Mikael Nordfeldth
fc3125cf28
More modern coding, stuff related to subscriptions
...
Also trying to use the newly implemented AlreadyFulfilledException
2014-05-05 23:58:05 +02:00
Mikael Nordfeldth
805958cc23
UsersalmonAction updated to stronger typing standards
2014-05-05 19:38:01 +02:00
Mikael Nordfeldth
595d231d9a
GroupsalmonAction updated to stronger typing standards
2014-05-05 19:25:39 +02:00
Mikael Nordfeldth
cdefeda659
More debugging for Salmon activities
2014-05-05 19:10:44 +02:00
Mikael Nordfeldth
bbada781b7
Stronger typing and function access control in OStatus
2014-05-05 19:06:22 +02:00
Mikael Nordfeldth
2ea5f00666
Success debugging was too much noise
2014-05-05 18:59:44 +02:00
Mikael Nordfeldth
960baae1d1
More debugging in Magicsig class verify method
2014-05-05 17:48:21 +02:00
Joshua Judson Rosen
7440dc2145
Prevent spurious refusals of legitimate notices posted to users via Salmon.
...
Make the logic match the intent described in the comments.
The intent is clearly "accept notices whenever (A or B or C)", but
the logic implemented was more like "not ((not A) or (not B) or (not C))",
which is a basical boolean algebra fail (each of those ORs need to
become ANDs for double-negation to work).
The practical implication was that, for example, writing a reply
to someone else's notice and including an @-reference to _another_
user on another site to bring them into the discussion would
fail to deliver the notice to the new user because their server
would basically say `oh no, you can't message this user
from someone else's thread' because an earlier check for
the `A' or `C' parts of `(A or B or C)' prevents `B' from
being checked.
cf.: <http://status.hackerposse.com/notice/55846 >, which was
refused by the nhcrossing.com server because it didn't know
about <http://sn.jonkman.ca/notice/93724 >, even though it would
have passed the later `notice contains a reference to a local user'
check if not for an exception being prematurely thrown.
The whole idea of reporting `which specific check FAILED'
in an `if ANY SUCCEEDS' analysis is just bogus, so nix all of
the distinct ClientExceptions--a single `ALL FAILED' exception
is the only one that makes sense.
2014-05-05 13:35:38 +02:00
Mikael Nordfeldth
b77a09fdee
Notice URIs are not necessarily URLs.
...
Let's use getUrl() for URL retrieval. May throw exceptions, but
only if it's a Notice that cannot be linked like that anyway.
2014-04-30 20:44:23 +02:00