Mikael Nordfeldth
7ccd36849e
Merge branch 'master' of git.gnu.io:gnu/gnu-social into nightly
...
Conflicts:
plugins/OStatus/OStatusPlugin.php
master vs. nightly thing
2015-11-05 16:16:02 +01:00
Stephen Paul Weber
4b31bc3fd2
Enqueue renewals
...
Better for request times, etc
2015-10-21 01:50:03 +00:00
Mikael Nordfeldth
af1b0915f4
Magic signature discovery and envelope changes
2015-10-04 17:26:35 +02:00
Mikael Nordfeldth
6afa091dca
Change some Salmon events and similar
...
Use Profile instead of User and (if we know it) send along the target
profile, so a Diaspora plugin can encrypt to the receiver.
2015-10-04 17:26:23 +02:00
Mikael Nordfeldth
2970333adb
Set otherwise undiscovered salmonuri on OStatus script update-profile.php
2015-10-04 17:21:56 +02:00
Mikael Nordfeldth
57f26a97fb
var_export without true
2015-10-04 16:40:21 +02:00
Mikael Nordfeldth
684b9419a0
Add an event to get plugin discovery hints from XRD
2015-10-04 14:46:45 +02:00
Mikael Nordfeldth
2aed59a02a
Diaspora plugin is almost there (for remote salmon slaps at least)
2015-10-04 12:06:48 +02:00
Mikael Nordfeldth
9b461db4da
Send the entire XMLStringer object in MagicEnvelope events.
2015-10-04 09:59:01 +02:00
Mikael Nordfeldth
184293c634
Break out MagicEnvelope->toXML() functionality to allow for plugin flexibility
2015-10-04 00:17:07 +02:00
Mikael Nordfeldth
30a4393afa
Move around some code related to Magic_envelope and signing
2015-10-03 23:35:46 +02:00
Mikael Nordfeldth
c5a5eaf288
Do we update feeduri and salmonuri for Ostatus_profile now?
...
When changing from HTTP to HTTPS, following up on commit
59763ceecb
where http to https Ostatus_profile URI changing was first introduced.
2015-07-11 19:46:01 +02:00
Mikael Nordfeldth
24b1e26406
MagicEnvelope called DOMDocument::loadXML statically
...
but apparently we shouldn't do this, despite recommended on https://secure.php.net/manual/en/domdocument.loadxml.php
2015-07-10 23:24:50 +02:00
Mikael Nordfeldth
6478034e92
Diaspora-compatible Salmon slap receival
...
We're not all the way there yet, there is something which seems to bugger
up profile discovery from their end.
2015-06-06 17:14:38 +02:00
Mikael Nordfeldth
faf14197cd
Diaspora doesn't understand our Salmon POST, so send again
2015-06-06 16:57:29 +02:00
Mikael Nordfeldth
4de125dd84
Moved FeedSubException parent class to own file
2015-06-06 16:02:25 +02:00
Mikael Nordfeldth
8fac7a9f6c
StatusNet class renamed GNUsocial
...
also added backward compatible StatusNet class for the two calls I know
third party plugins use, isHTTPS and getActivePlugins
2015-02-27 12:44:15 +01:00
Mikael Nordfeldth
9aa59c7f62
forgot primary key column to updateWithKeys in SalmonAction
2015-02-17 21:31:35 +01:00
Mikael Nordfeldth
59763ceecb
SalmonAction now updates remote URI if it was stale.
...
After doublechecking two identities so that they match (like one that was
previously http:// but now is https://) we update the URI in our database
to match.
This has to be verified so it's not easy to fool our script and thus make
us replace legitimate URIs with fake ones. I believe the callback method
is safe, but I'm not sure how well it handles HTTP MITM attacks etc.
2015-02-17 17:35:45 +01:00
Mikael Nordfeldth
aeaee388bf
Store remote magicsig public keys locally
2015-01-24 13:06:09 +01:00
Mikael Nordfeldth
975ce6d83e
Documentation update (clarifying need for php5-gmp in comment)
2015-01-24 12:22:29 +01:00
Mikael Nordfeldth
57d8eb8a53
Ensuring unknown profiles in salmon slaps work again
2015-01-13 13:43:35 +01:00
Mikael Nordfeldth
66044b7782
ensureActivityObjectProfile is more thorough than createAct...
2015-01-12 11:47:21 +01:00
Mikael Nordfeldth
73669ed308
ensureProfile already done and stored in $this->oprofile
2015-01-12 02:01:26 +01:00
Mikael Nordfeldth
d8f4de450c
Support for updated aliases
...
will verify unknown aliases against old ones if the new identifies as a
previously recognized URI.
Steps:
1. Check the newly received URI. Who does it say it is?
2. Compare these alleged identities to our local database.
3. If we found any locally stored identities, ask it about its aliases.
4. Do any of the aliases from our known identity match the recently introduced one?
Currently we do _not_ update the ostatus_profile table with the new URI.
2015-01-10 02:07:39 +01:00
Mikael Nordfeldth
c44146d6f8
Favorites are now being stored from activities
2014-07-02 18:38:19 +02:00
Mikael Nordfeldth
d0da552722
SalmonAction and extensions simplified
2014-06-28 20:33:09 +02:00
Mikael Nordfeldth
c74dc15173
DiscoveryHints gets microformats2 parsing abilities
2014-06-24 01:27:03 +02:00
Mikael Nordfeldth
55418685c4
DiscoveryHints now properly returns hcard url
2014-06-23 20:51:37 +02:00
Mikael Nordfeldth
d350a20e1f
Less verbose debugging (also don't log private keys)
...
Magicsig private keys were logged. That's probably not a good thing.
MagicEnvelope full XML entries no longer spam the log either.
2014-06-03 12:53:04 +02:00
Mikael Nordfeldth
0bc122ff58
Magicsig::generate is now static
...
This also fixes a problem with "initial salmon slap", which was a
problem for newly registered accounts which would have their first
salmon slap fail to distribute since there was a problem with Magicsig
keys. Apparently we have to re-read them with importKeys so the
Crypt_RSA objects publicKey and privateKey match later instances of them.
I think it may have been that generate() doesn't specify a signatureMode,
but I leave experimentation of that to the future.
2014-06-02 21:50:40 +02:00
Mikael Nordfeldth
537dff7987
Salmon posts can only be made for local users. More typing!
...
Since we of course don't have the remote party's private keys anyway.
I made some small fixes in Magicsig class too, removing unnecessary code.
2014-06-02 19:46:42 +02:00
Mikael Nordfeldth
78805d113a
MagicEnvelope discoverKeyPair now returns string
...
getKeyPair fills in missing data so it's a complete Magicsig.
We may use insert() here in the future so the Magicsig is cached locally.
2014-06-02 18:31:48 +02:00
Mikael Nordfeldth
d44588f98b
Only use a Profile in MagicEnvelope keypair retrieval
...
So we _know_ there is a profile for the submitter we're about to verify.
2014-06-02 16:12:26 +02:00
Mikael Nordfeldth
dc52a8ff43
Don't ensureProfile before we verify signature
2014-06-02 16:10:26 +02:00
Mikael Nordfeldth
993ad00333
Improve debugging for Salmon slaps
2014-06-02 14:20:58 +02:00
Mikael Nordfeldth
d534ea7bd6
Try the whole Salmon action for AlreadyFulfilledException
...
If we have already fulfilled the action, we don't have to send an error back.
2014-06-02 13:57:30 +02:00
Mikael Nordfeldth
75711ae06a
Magicsig is made a bit less cumbersome
2014-05-31 13:41:49 +02:00
Mikael Nordfeldth
411f3b86a4
Use locally cached Salmon keys for profiles
...
Please note that we're not yet actually caching them ourselves.
2014-05-31 12:51:51 +02:00
Mikael Nordfeldth
0c2134f9ad
Last objectification of MagicEnvelope. Smarter SalmonAction
2014-05-31 12:00:46 +02:00
Mikael Nordfeldth
9e6599b9fb
Salmon log message tidying up
2014-05-28 14:07:47 +02:00
Mikael Nordfeldth
03fc02c26f
Bad variable names (fixes last commit)
2014-05-27 13:02:26 +02:00
Mikael Nordfeldth
41773d3f67
MagicEnvelope object orientation (no passing arrays)
...
MagicEnvelope now uses object properties instead of passing arrays
around everywhere.
2014-05-27 12:01:12 +02:00
Mikael Nordfeldth
14251d26ad
Make MagicEnvelope self-reference
...
Also, a stricer typing for DOMDocument in fromDom parsing function.
2014-05-27 10:18:36 +02:00
Mikael Nordfeldth
54ae0ed3cc
Removed MagicEnvelopeCompat, legacy from SN <0.9.7
2014-05-26 23:54:22 +02:00
Mikael Nordfeldth
7c7426b473
Minor changes in Salmon lib for Magicsig retrieval.
2014-05-26 20:06:45 +02:00
Mikael Nordfeldth
ba10da27da
Should not normalize Salmon author URIs.
...
It's normalized in Discovery->lookup later anyway.
2014-05-26 14:20:42 +02:00
Mikael Nordfeldth
8c348c96e7
getAuthorUri is a more appropriate function name
2014-05-26 14:14:54 +02:00
Mikael Nordfeldth
fac102a50a
checkAuthor not used anywhere
2014-05-26 14:13:35 +02:00
Mikael Nordfeldth
1a0171ef61
MagicEnvelope class now throws exception on XRD fail
2014-05-06 13:11:29 +02:00