aboutsummaryrefslogblamecommitdiffstats
path: root/include/diaspora.php
blob: 6121466f26c449c834a6170f49d8af9193fd9d03 (plain) (tree)
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
2531
2532
2533
2534
2535
2536
2537
2538
2539
2540
2541
2542
2543
2544
2545
2546
2547
2548
2549
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562
2563
2564
2565
2566
2567
2568
2569
2570
2571
2572
2573
2574
2575
2576
2577
2578
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622
2623
2624
2625
2626
2627
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647
2648
2649
2650
2651
2652
2653
2654
2655
2656
2657
2658
2659
2660
2661
2662
2663
2664
2665
2666
2667
2668
2669
2670
2671
2672
2673
2674
2675
2676
2677
2678
2679
2680
2681
2682
2683
2684
2685
2686
2687
2688
2689
2690
2691





















































































































                                                                                                                                                       
         
                                         



                                                       


                                                                                                                                        















                                                  
                                                                             

                                      
                        




































































































































































































































































































































































































                                                                                                                                     

                                          









                                                             


                                               
                                                                                          
 
                                              

                                                                                                 
                                                
 
                                                                                                                                                
 



                                                                                                                    

                  




                                                              
                                                               



                                                                                                                           




                                                                                             

          

                                                                 
 
                                                                                                                                         
 












                                                                                                                                                                                                                                                                                                               
          
                
 

                                                                                             
 


                                                                                                                                                                                          
                  














                                                                                                           
         
 


                                                                                                 
 


                                                                                           

         









                                                                                                    


               
 












                                                                                                               
                                                                                            


                       
                                                                                             





                                                                                                     
                                                



































































                                                                                                                                                                   
                                                   



















































                                                                                                                   
                                                                                            


                       
                                                                                             





                                                                                                                 
                                                

























































































































                                                                                                                                                                                      
                                                   




























































                                                                                                                                   
                                                                                            


                       
                                                                                             





                                                                                                     
                                                







































                                                                                                                                          
                                                   

















































                                                                                                                            
                                                                                          




                                                                                   
                                                                                               




                                                                                 
                                                







                                                                                                                               
                                                


































































































                                                                                                                                                                   
                                                   






















































                                                                                                                                                                
                                               





















                                                                                        
                                                                          








































                                                                                                                                          
                                                                                          












                                                                                                          
                                                





                                                                                                                                            
                                                        








                                                                                           
                                                











































































                                                                                                                                                                                                                                                              
                                                        






















































                                                                                           
                                                                                                












                                                                                                          
                                                

































                                                                                                                                                                                  
                                               






                                                                                                                                                                                                                                                      
                                                













































                                                                                             
                                                                                          




                                                                                                                       
                                                                                             




                                                                                 
                                                




                                                                                             
                                                           













































                                                                                                                                                 
                                                                                          




                                                                                

                                                                                               




                                                                                 
                                                









                                                                                 
                                                












                                                                                                         
                                                               







































































































                                                                                                                                                                              
                                              






































































                                                                                                                                              
                                                                                            









                                                                                                             
                                                       
























                                                                                                                            
                                                                                            
                        
                                                                                                                         









































                                                                                                                         
                                                       






















































                                                                                                                                                    
                                                                                            























                                                                                                                                        
                                                





                                                 
                                                                                          
























                                                                                                                                                                                           
                                               





                                                                                                                                                        
                                                                        
























































































































































































































































































































































































































































































































































































































                                                                                                                                                   
<?php

require_once('include/crypto.php');
require_once('include/items.php');
require_once('include/bb2diaspora.php');
require_once('include/contact_selectors.php');
//require_once('include/queue_fn.php');
//require_once('include/lock.php');

function diaspora_dispatch_public($msg) {

	$enabled = intval(get_config('system','diaspora_enabled'));
	if(! $enabled) {
		logger('mod-diaspora: disabled');
		return;
	}

	// find everybody following or allowing this author


	$r = q("SELECT * from channel where channel_id in ( SELECT abook_channel from abook WHERE abook_network = 'diaspora' and abook_xchan = '%s' )",
		dbesc($msg['author'])
	);

	// also need to look for those following public streams

	if($r) {
		foreach($r as $rr) {
			logger('diaspora_public: delivering to: ' . $rr['channel_name'] . ' (' . $rr['channel_address'] . ') ');
			diaspora_dispatch($rr,$msg);
		}
	}
	else
		logger('diaspora_public: no subscribers');
}



function diaspora_dispatch($importer,$msg,$attempt=1) {

	$ret = 0;

	$enabled = intval(get_config('system','diaspora_enabled'));
	if(! $enabled) {
		logger('mod-diaspora: disabled');
		return;
	}

	// php doesn't like dashes in variable names

	$msg['message'] = str_replace(
			array('<activity_streams-photo>','</activity_streams-photo>'),
			array('<asphoto>','</asphoto>'),
			$msg['message']);


	$parsed_xml = parse_xml_string($msg['message'],false);

	$xmlbase = $parsed_xml->post;

	logger('diaspora_dispatch: ' . print_r($xmlbase,true), LOGGER_DEBUG);


	if($xmlbase->request) {
		$ret = diaspora_request($importer,$xmlbase->request);
	}
	elseif($xmlbase->status_message) {
		$ret = diaspora_post($importer,$xmlbase->status_message,$msg);
	}
	elseif($xmlbase->profile) {
		$ret = diaspora_profile($importer,$xmlbase->profile,$msg);
	}
	elseif($xmlbase->comment) {
		$ret = diaspora_comment($importer,$xmlbase->comment,$msg);
	}
	elseif($xmlbase->like) {
		$ret = diaspora_like($importer,$xmlbase->like,$msg);
	}
	elseif($xmlbase->asphoto) {
		$ret = diaspora_asphoto($importer,$xmlbase->asphoto,$msg);
	}
	elseif($xmlbase->reshare) {
		$ret = diaspora_reshare($importer,$xmlbase->reshare,$msg);
	}
	elseif($xmlbase->retraction) {
		$ret = diaspora_retraction($importer,$xmlbase->retraction,$msg);
	}
	elseif($xmlbase->signed_retraction) {
		$ret = diaspora_signed_retraction($importer,$xmlbase->signed_retraction,$msg);
	}
	elseif($xmlbase->relayable_retraction) {
		$ret = diaspora_signed_retraction($importer,$xmlbase->relayable_retraction,$msg);
	}
	elseif($xmlbase->photo) {
		$ret = diaspora_photo($importer,$xmlbase->photo,$msg,$attempt);
	}
	elseif($xmlbase->conversation) {
		$ret = diaspora_conversation($importer,$xmlbase->conversation,$msg);
	}
	elseif($xmlbase->message) {
		$ret = diaspora_message($importer,$xmlbase->message,$msg);
	}
	else {
		logger('diaspora_dispatch: unknown message type: ' . print_r($xmlbase,true));
	}
	return $ret;
}

function diaspora_handle_from_contact($contact_id) {
	$handle = false;

	logger("diaspora_handle_from_contact: contact id is " . $contact_id, LOGGER_DEBUG);

	$r = q("SELECT * from abook left join xchan on abook_xchan = xchan_hash where abook_id = %d",
		intval($contact_id)
	);
	if($r) {
		$contact = $r[0];
	}
	$handle = $contact['xchan_addr'];
	return $handle;
}

function diaspora_get_contact_by_handle($uid,$handle) {
	$r = q("SELECT * FROM abook left join xchan on xchan_hash = abook_xchan where xchan_addr = '%s' and abook_channel = %d limit 1",
		dbesc($handle),
		intval($uid)
	);
	if($r)
		return $r[0];
	return false;
}

function find_diaspora_person_by_handle($handle) {

	$person = false;
	$update = false;
	$got_lock = false;

	$endlessloop = 0;
	$maxloops = 10;

	do {
		$r = q("select * from xchan where xchan_addr = '%s' limit 1",
			dbesc($handle)
		);
		if($r) {
			$person = $r[0];
			logger('find_diaspora_person_by handle: in cache ' . print_r($r,true), LOGGER_DEBUG);

			// update record occasionally so it doesn't get stale
			$d = strtotime($person['updated'] . ' +00:00');
			if($d < strtotime('now - 14 days'))
				$update = true;
		}


		// FETCHING PERSON INFORMATION FROM REMOTE SERVER
		//
		// If the person isn't in our 'fcontact' table, or if he/she is but
		// his/her information hasn't been updated for more than 14 days, then
		// we want to fetch the person's information from the remote server.
		//
		// Note that $person isn't changed by this block of code unless the
		// person's information has been successfully fetched from the remote
		// server. So if $person was 'false' to begin with (because he/she wasn't
		// in the local cache), it'll stay false, and if $person held the local
		// cache information to begin with, it'll keep that information. That way
		// if there's a problem with the remote fetch, we can at least use our
		// cached information--it's better than nothing.

//fixme!!!

		if((! $person) || ($update))  {
			// Lock the function to prevent race conditions if multiple items
			// come in at the same time from a person who doesn't exist in
			// fcontact
			//
			// Don't loop forever. On the last loop, try to create the contact
			// whether the function is locked or not. Maybe the locking thread
			// has died or something. At any rate, a duplicate in 'fcontact'
			// is a much smaller problem than a deadlocked thread
//			$got_lock = lock_function('find_diaspora_person_by_handle', false);
			if(($endlessloop + 1) >= $maxloops)
				$got_lock = true;

			if($got_lock) {
				logger('find_diaspora_person_by_handle: create or refresh', LOGGER_DEBUG);
				require_once('include/Scrape.php');
				$r = probe_url($handle, PROBE_DIASPORA);

				// Note that Friendica contacts can return a "Diaspora person"
				// if Diaspora connectivity is enabled on their server
				if((count($r)) && ($r['network'] === NETWORK_DIASPORA)) {
					add_fcontact($r,$update);
					$person = ($r);
				}

//				unlock_function('find_diaspora_person_by_handle');
			}
			else {
				logger('find_diaspora_person_by_handle: couldn\'t lock function', LOGGER_DEBUG);
//				if(! $person)
//					block_on_function_lock('find_diaspora_person_by_handle');
			}
		}
	} while((! $person) && (! $got_lock) && (++$endlessloop < $maxloops));

	// We need to try again if the person wasn't in 'fcontact' but the function was locked.
	// The fact that the function was locked may mean that another process was creating the
	// person's record. It could also mean another process was creating or updating an unrelated
	// person.
	//
	// At any rate, we need to keep trying until we've either got the person or had a chance to
	// try to fetch his/her remote information. But we don't want to block on locking the
	// function, because if the other process is creating the record, then when we acquire the lock
	// we'll dive right into creating another, duplicate record. We DO want to at least wait
	// until the lock is released, so we don't flood the database with requests.
	//
	// If the person was in the 'fcontact' table, don't try again. It's not worth the time, since
	// we do have some information for the person

	return $person;
}


function get_diaspora_key($uri) {
	logger('Fetching diaspora key for: ' . $uri);

	$r = find_diaspora_person_by_handle($uri);
	if($r)
		return $r['pubkey'];
	return '';
}


function diaspora_pubmsg_build($msg,$user,$contact,$prvkey,$pubkey) {

	$a = get_app();

	logger('diaspora_pubmsg_build: ' . $msg, LOGGER_DATA);


	$handle = $user['xchan_addr'];

	$b64url_data = base64url_encode($msg);

	$data = str_replace(array("\n","\r"," ","\t"),array('','','',''),$b64url_data);

	$type = 'application/xml';
	$encoding = 'base64url';
	$alg = 'RSA-SHA256';

	$signable_data = $data  . '.' . base64url_encode($type) . '.'
		. base64url_encode($encoding) . '.' . base64url_encode($alg) ;

	$signature = rsa_sign($signable_data,$prvkey);
	$sig = base64url_encode($signature);

$magic_env = <<< EOT
<?xml version='1.0' encoding='UTF-8'?>
<diaspora xmlns="https://joindiaspora.com/protocol" xmlns:me="http://salmon-protocol.org/ns/magic-env" >
  <header>
    <author_id>$handle</author_id>
  </header>
  <me:env>
    <me:encoding>base64url</me:encoding>
    <me:alg>RSA-SHA256</me:alg>
    <me:data type="application/xml">$data</me:data>
    <me:sig>$sig</me:sig>
  </me:env>
</diaspora>
EOT;

	logger('diaspora_pubmsg_build: magic_env: ' . $magic_env, LOGGER_DATA);
	return $magic_env;

}




function diaspora_msg_build($msg,$user,$contact,$prvkey,$pubkey,$public = false) {
	$a = get_app();

	if($public)
		return diaspora_pubmsg_build($msg,$user,$contact,$prvkey,$pubkey);

	logger('diaspora_msg_build: ' . $msg, LOGGER_DATA);

	// without a public key nothing will work

	if(! $pubkey) {
		logger('diaspora_msg_build: pubkey missing: contact id: ' . $contact['abook_id']);
		return '';
	}

	$inner_aes_key = random_string(32);
	$b_inner_aes_key = base64_encode($inner_aes_key);
	$inner_iv = random_string(16);
	$b_inner_iv = base64_encode($inner_iv);

	$outer_aes_key = random_string(32);
	$b_outer_aes_key = base64_encode($outer_aes_key);
	$outer_iv = random_string(16);
	$b_outer_iv = base64_encode($outer_iv);

	$handle = $user['xchan_addr'];

	$padded_data = pkcs5_pad($msg,16);
	$inner_encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $padded_data, MCRYPT_MODE_CBC, $inner_iv);

	$b64_data = base64_encode($inner_encrypted);


	$b64url_data = base64url_encode($b64_data);
	$data = str_replace(array("\n","\r"," ","\t"),array('','','',''),$b64url_data);

	$type = 'application/xml';
	$encoding = 'base64url';
	$alg = 'RSA-SHA256';

	$signable_data = $data  . '.' . base64url_encode($type) . '.'
		. base64url_encode($encoding) . '.' . base64url_encode($alg) ;

	$signature = rsa_sign($signable_data,$prvkey);
	$sig = base64url_encode($signature);

$decrypted_header = <<< EOT
<decrypted_header>
  <iv>$b_inner_iv</iv>
  <aes_key>$b_inner_aes_key</aes_key>
  <author_id>$handle</author_id>
</decrypted_header>
EOT;

	$decrypted_header = pkcs5_pad($decrypted_header,16);

	$ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $outer_aes_key, $decrypted_header, MCRYPT_MODE_CBC, $outer_iv);

	$outer_json = json_encode(array('iv' => $b_outer_iv,'key' => $b_outer_aes_key));

	$encrypted_outer_key_bundle = '';
	openssl_public_encrypt($outer_json,$encrypted_outer_key_bundle,$pubkey);

	$b64_encrypted_outer_key_bundle = base64_encode($encrypted_outer_key_bundle);

	logger('outer_bundle: ' . $b64_encrypted_outer_key_bundle . ' key: ' . $pubkey, LOGGER_DATA);

	$encrypted_header_json_object = json_encode(array('aes_key' => base64_encode($encrypted_outer_key_bundle), 
		'ciphertext' => base64_encode($ciphertext)));
	$cipher_json = base64_encode($encrypted_header_json_object);

	$encrypted_header = '<encrypted_header>' . $cipher_json . '</encrypted_header>';

$magic_env = <<< EOT
<?xml version='1.0' encoding='UTF-8'?>
<diaspora xmlns="https://joindiaspora.com/protocol" xmlns:me="http://salmon-protocol.org/ns/magic-env" >
  $encrypted_header
  <me:env>
    <me:encoding>base64url</me:encoding>
    <me:alg>RSA-SHA256</me:alg>
    <me:data type="application/xml">$data</me:data>
    <me:sig>$sig</me:sig>
  </me:env>
</diaspora>
EOT;

	logger('diaspora_msg_build: magic_env: ' . $magic_env, LOGGER_DATA);
	return $magic_env;

}

/**
 *
 * diaspora_decode($importer,$xml)
 *   array $importer -> from user table
 *   string $xml -> urldecoded Diaspora salmon 
 *
 * Returns array
 * 'message' -> decoded Diaspora XML message
 * 'author' -> author diaspora handle
 * 'key' -> author public key (converted to pkcs#8)
 *
 * Author and key are used elsewhere to save a lookup for verifying replies and likes
 */


function diaspora_decode($importer,$xml) {

	$public = false;
	$basedom = parse_xml_string($xml);

	$children = $basedom->children('https://joindiaspora.com/protocol');

	if($children->header) {
		$public = true;
		$author_link = str_replace('acct:','',$children->header->author_id);
	}
	else {

		$encrypted_header = json_decode(base64_decode($children->encrypted_header));

		$encrypted_aes_key_bundle = base64_decode($encrypted_header->aes_key);
		$ciphertext = base64_decode($encrypted_header->ciphertext);

		$outer_key_bundle = '';
		openssl_private_decrypt($encrypted_aes_key_bundle,$outer_key_bundle,$importer['prvkey']);

		$j_outer_key_bundle = json_decode($outer_key_bundle);

		$outer_iv = base64_decode($j_outer_key_bundle->iv);
		$outer_key = base64_decode($j_outer_key_bundle->key);

		$decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $outer_key, $ciphertext, MCRYPT_MODE_CBC, $outer_iv);


		$decrypted = pkcs5_unpad($decrypted);

		/**
		 * $decrypted now contains something like
		 *
		 *  <decrypted_header>
		 *     <iv>8e+G2+ET8l5BPuW0sVTnQw==</iv>
		 *     <aes_key>UvSMb4puPeB14STkcDWq+4QE302Edu15oaprAQSkLKU=</aes_key>

***** OBSOLETE

		 *     <author>
		 *       <name>Ryan Hughes</name>
		 *       <uri>acct:galaxor@diaspora.pirateship.org</uri>
		 *     </author>

***** CURRENT

		 *     <author_id>galaxor@diaspora.priateship.org</author_id>

***** END DIFFS

		 *  </decrypted_header>
		 */

		logger('decrypted: ' . $decrypted, LOGGER_DEBUG);
		$idom = parse_xml_string($decrypted,false);

		$inner_iv = base64_decode($idom->iv);
		$inner_aes_key = base64_decode($idom->aes_key);

		$author_link = str_replace('acct:','',$idom->author_id);

	}

	$dom = $basedom->children(NAMESPACE_SALMON_ME);

	// figure out where in the DOM tree our data is hiding

	if($dom->provenance->data)
		$base = $dom->provenance;
	elseif($dom->env->data)
		$base = $dom->env;
	elseif($dom->data)
		$base = $dom;

	if(! $base) {
		logger('mod-diaspora: unable to locate salmon data in xml ');
		http_status_exit(400);
	}


	// Stash the signature away for now. We have to find their key or it won't be good for anything.
	$signature = base64url_decode($base->sig);

	// unpack the  data

	// strip whitespace so our data element will return to one big base64 blob
	$data = str_replace(array(" ","\t","\r","\n"),array("","","",""),$base->data);


	// stash away some other stuff for later

	$type = $base->data[0]->attributes()->type[0];
	$keyhash = $base->sig[0]->attributes()->keyhash[0];
	$encoding = $base->encoding;
	$alg = $base->alg;


	$signed_data = $data  . '.' . base64url_encode($type) . '.' . base64url_encode($encoding) . '.' . base64url_encode($alg);


	// decode the data
	$data = base64url_decode($data);


	if($public) {
		$inner_decrypted = $data;
	}
	else {

		// Decode the encrypted blob

		$inner_encrypted = base64_decode($data);
		$inner_decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $inner_encrypted, MCRYPT_MODE_CBC, $inner_iv);
		$inner_decrypted = pkcs5_unpad($inner_decrypted);
	}

	if(! $author_link) {
		logger('mod-diaspora: Could not retrieve author URI.');
		http_status_exit(400);
	}

	// Once we have the author URI, go to the web and try to find their public key
	// (first this will look it up locally if it is in the fcontact cache)
	// This will also convert diaspora public key from pkcs#1 to pkcs#8

	logger('mod-diaspora: Fetching key for ' . $author_link );
 	$key = get_diaspora_key($author_link);

	if(! $key) {
		logger('mod-diaspora: Could not retrieve author key.');
		http_status_exit(400);
	}

	$verify = rsa_verify($signed_data,$signature,$key);

	if(! $verify) {
		logger('mod-diaspora: Message did not verify. Discarding.');
		http_status_exit(400);
	}

	logger('mod-diaspora: Message verified.');

	return array('message' => $inner_decrypted, 'author' => $author_link, 'key' => $key);

}


/* sender is now sharing with recipient */

function diaspora_request($importer,$xml) {

	$a = get_app();

	$sender_handle = unxmlify($xml->sender_handle);
	$recipient_handle = unxmlify($xml->recipient_handle);

	if(! $sender_handle || ! $recipient_handle)
		return;


	// Do we already have an abook record? 

	$contact = diaspora_get_contact_by_handle($importer['channel_id'],$sender_handle);

	if($contact && $contact['abook_id']) {

		// perhaps we were already sharing with this person. Now they're sharing with us.
		// That makes us friends. Maybe.

		$newperms = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTO|PERMS_R_ABOOK|PERMS_W_STREAM|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_W_CHAT;

		$r = q("update abook set abook_their_perms = %d where abook_id = %d and abook_channel = %d limit 1",
			intval($newperms),
			intval($contact['abook_id']),
			intval($importer['channel_id'])
		);

		return;
	}

	$ret = find_diaspora_person_by_handle($sender_handle);

	if((! $ret) || ($ret['xchan_network'] != 'diaspora')) {
		logger('diaspora_request: Cannot resolve diaspora handle ' . $sender_handle . ' for ' . $recipient_handle);
		return;
	}

	$default_perms = 0;
	// look for default permissions to apply in return - e.g. auto-friend
	$z = q("select * from abook where abook_channel = %d and (abook_flags & %d) limit 1",
		intval($importer['channel_id']),
		intval(ABOOK_FLAG_SELF)
	);

	if($z)
		$default_perms = intval($z[0]['abook_my_perms']);

	$their_perms = PERMS_R_STREAM|PERMS_R_PROFILE|PERMS_R_PHOTO|PERMS_R_ABOOK|PERMS_W_STREAM|PERMS_W_COMMENT|PERMS_W_MAIL|PERMS_CHAT;

	$r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_my_perms, abook_their_perms, abook_closeness, abook_rating, abook_created, abook_updated, abook_connected, abook_dob, abook_flags, abook_profile) values ( %d, %d, '%s' %d %d, %d, %d, '%s', '%s', '%s', '%s', %d, '%s')",
		intval($importer['channel_account_id']),
		intval($importer['channel_id']),
		dbesc($ret['xchan_hash']),
		intval($default_perms),
		intval($their_perms),
		intval(99),
		intval(0),
		dbesc(datetime_convert()),
		dbesc(datetime_convert()),
		dbesc(datetime_convert()),
		dbesc('0000-00-00 00:00:00'),
		intval(($default_perms) ? 0 : ABOOK_FLAG_PENDING)
	);
		

	if($r) {
		logger("New Diaspora introduction received for {$importer['channel_name']}");

		$new_connection = q("select * from abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and abook_xchan = '%s' order by abook_created desc limit 1",
			intval($importer['channel_id']),
			dbesc($ret['xchan_hash'])
		);
		if($new_connection) {
			require_once('include/enotify.php');
			notification(array(
				'type'         => NOTIFY_INTRO,
				'from_xchan'   => $ret['xchan_hash'],
				'to_xchan'     => $importer['channel_hash'],
				'link'         => z_root() . '/connedit/' . $new_connection[0]['abook_id'],
			));

			if($default_perms) {
				// Send back a sharing notification to them
				diaspora_share($importer['channel_id'],$new_connection[0]);
        
			}
		}
	}

	// find the abook record we just created

	$contact_record = diaspora_get_contact_by_handle($importer['channel_id'],$sender_handle);

	if(! $contact_record) {
		logger('diaspora_request: unable to locate newly created contact record.');
		return;
	}

//FIXME
//	$g = q("select def_gid from user where uid = %d limit 1",
//		intval($importer['channel_id'])
//	);
//	if($g && intval($g[0]['def_gid'])) {
//		require_once('include/group.php');
//		group_add_member($importer['channel_id'],'',$contact_record['id'],$g[0]['def_gid']);
//	}


	return;
}




function diaspora_post($importer,$xml,$msg) {

	$a = get_app();
	$guid = notags(unxmlify($xml->guid));
	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));

	if($diaspora_handle != $msg['author']) {
		logger('diaspora_post: Potential forgery. Message handle is not the same as envelope sender.');
		return 202;
	}

	$contact = diaspora_get_contact_by_handle($importer['channel_id'],$diaspora_handle);
	if(! $contact)
		return;

	if(! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream')) {
		logger('diaspora_post: Ignoring this author.');
		return 202;
	}

	$message_id = $diaspora_handle . ':' . $guid;
	$r = q("SELECT `id` FROM `item` WHERE `uid` = %d AND `uri` = '%s' AND `guid` = '%s' LIMIT 1",
		intval($importer['channel_id']),
		dbesc($message_id),
		dbesc($guid)
	);
	if(count($r)) {
		logger('diaspora_post: message exists: ' . $guid);
		return;
	}

	// allocate a guid on our system - we aren't fixing any collisions.
	// we're ignoring them

	$g = q("select * from guid where guid = '%s' limit 1",
		dbesc($guid)
	);
	if(! count($g)) {
		q("insert into guid ( guid ) values ( '%s' )",
			dbesc($guid)
		);
	}

	$created = unxmlify($xml->created_at);
	$private = ((unxmlify($xml->public) == 'false') ? 1 : 0);

	$body = diaspora2bb($xml->raw_message);

	// Add OEmbed and other information to the body
	$body = add_page_info_to_body($body, false, true);

	$datarray = array();

	$str_tags = '';

	$tags = get_tags($body);

	if(count($tags)) {
		foreach($tags as $tag) {
			if(strpos($tag,'#') === 0) {
				if(strpos($tag,'[url='))
					continue;

				// don't link tags that are already embedded in links

				if(preg_match('/\[(.*?)' . preg_quote($tag,'/') . '(.*?)\]/',$body))
					continue;
				if(preg_match('/\[(.*?)\]\((.*?)' . preg_quote($tag,'/') . '(.*?)\)/',$body))
					continue;

				$basetag = str_replace('_',' ',substr($tag,1));
				$body = str_replace($tag,'#[url=' . $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag) . ']' . $basetag . '[/url]',$body);
				if(strlen($str_tags))
					$str_tags .= ',';
				$str_tags .= '#[url=' . $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag) . ']' . $basetag . '[/url]';
				continue;
			}
		}
	}

	$cnt = preg_match_all('/@\[url=(.*?)\[\/url\]/ism',$body,$matches,PREG_SET_ORDER);
	if($cnt) {
		foreach($matches as $mtch) {
			if(strlen($str_tags))
				$str_tags .= ',';
			$str_tags .= '@[url=' . $mtch[1] . '[/url]';
		}
	}

	$plink = 'https://'.substr($diaspora_handle,strpos($diaspora_handle,'@')+1).'/posts/'.$guid;

	$datarray['uid'] = $importer['channel_id'];
	$datarray['contact-id'] = $contact['id'];
	$datarray['wall'] = 0;
	$datarray['network'] = NETWORK_DIASPORA;
	$datarray['verb'] = ACTIVITY_POST;
	$datarray['guid'] = $guid;
	$datarray['uri'] = $datarray['parent-uri'] = $message_id;
	$datarray['changed'] = $datarray['created'] = $datarray['edited'] = datetime_convert('UTC','UTC',$created);
	$datarray['private'] = $private;
	$datarray['parent'] = 0;
	$datarray['plink'] = $plink;
	$datarray['owner-name'] = $contact['name'];
	$datarray['owner-link'] = $contact['url'];
	//$datarray['owner-avatar'] = $contact['thumb'];
	$datarray['owner-avatar'] = ((x($contact,'thumb')) ? $contact['thumb'] : $contact['photo']);
	$datarray['author-name'] = $contact['name'];
	$datarray['author-link'] = $contact['url'];
	$datarray['author-avatar'] = $contact['thumb'];
	$datarray['body'] = $body;
	$datarray['tag'] = $str_tags;
	$datarray['app']  = 'Diaspora';

	// if empty content it might be a photo that hasn't arrived yet. If a photo arrives, we'll make it visible.

	$datarray['visible'] = ((strlen($body)) ? 1 : 0);

	$message_id = item_store($datarray);

	//if($message_id) {
	//	q("update item set plink = '%s' where id = %d",
	//		dbesc($a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $message_id),
	//		intval($message_id)
	//	);
	//}

	return;

}

function diaspora_reshare($importer,$xml,$msg) {

	logger('diaspora_reshare: init: ' . print_r($xml,true));

	$a = get_app();
	$guid = notags(unxmlify($xml->guid));
	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));


	if($diaspora_handle != $msg['author']) {
		logger('diaspora_post: Potential forgery. Message handle is not the same as envelope sender.');
		return 202;
	}

	$contact = diaspora_get_contact_by_handle($importer['channel_id'],$diaspora_handle);
	if(! $contact)
		return;

	if(! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream')) {
		logger('diaspora_reshare: Ignoring this author: ' . $diaspora_handle . ' ' . print_r($xml,true));
		return 202;
	}

	$message_id = $diaspora_handle . ':' . $guid;
	$r = q("SELECT `id` FROM `item` WHERE `uid` = %d AND `uri` = '%s' AND `guid` = '%s' LIMIT 1",
		intval($importer['channel_id']),
		dbesc($message_id),
		dbesc($guid)
	);
	if(count($r)) {
		logger('diaspora_reshare: message exists: ' . $guid);
		return;
	}

	$orig_author = notags(unxmlify($xml->root_diaspora_id));
	$orig_guid = notags(unxmlify($xml->root_guid));

	$source_url = 'https://' . substr($orig_author,strpos($orig_author,'@')+1) . '/p/' . $orig_guid . '.xml';
	$orig_url = 'https://'.substr($orig_author,strpos($orig_author,'@')+1).'/posts/'.$orig_guid;
	$x = fetch_url($source_url);
	if(! $x)
		$x = fetch_url(str_replace('https://','http://',$source_url));
	if(! $x) {
		logger('diaspora_reshare: unable to fetch source url ' . $source_url);
		return;
	}
	logger('diaspora_reshare: source: ' . $x);

	$x = str_replace(array('<activity_streams-photo>','</activity_streams-photo>'),array('<asphoto>','</asphoto>'),$x);
	$source_xml = parse_xml_string($x,false);

	if(strlen($source_xml->post->asphoto->objectId) && ($source_xml->post->asphoto->objectId != 0) && ($source_xml->post->asphoto->image_url)) {
		$body = '[url=' . notags(unxmlify($source_xml->post->asphoto->image_url)) . '][img]' . notags(unxmlify($source_xml->post->asphoto->objectId)) . '[/img][/url]' . "\n";
		$body = scale_external_images($body,false);
	}
	elseif($source_xml->post->asphoto->image_url) {
		$body = '[img]' . notags(unxmlify($source_xml->post->asphoto->image_url)) . '[/img]' . "\n";
		$body = scale_external_images($body);
	}
	elseif($source_xml->post->status_message) {
		$body = diaspora2bb($source_xml->post->status_message->raw_message);

		// Checking for embedded pictures
		if($source_xml->post->status_message->photo->remote_photo_path AND
			$source_xml->post->status_message->photo->remote_photo_name) {

			$remote_photo_path = notags(unxmlify($source_xml->post->status_message->photo->remote_photo_path));
			$remote_photo_name = notags(unxmlify($source_xml->post->status_message->photo->remote_photo_name));

			$body = '[img]'.$remote_photo_path.$remote_photo_name.'[/img]'."\n".$body;

			logger('diaspora_reshare: embedded picture link found: '.$body, LOGGER_DEBUG);
		}

		$body = scale_external_images($body);

		// Add OEmbed and other information to the body
		$body = add_page_info_to_body($body, false, true);
	}
	else {
		// Maybe it is a reshare of a photo that will be delivered at a later time (testing)
		logger('diaspora_reshare: no reshare content found: ' . print_r($source_xml,true));
		$body = "";
		//return;
	}

	//if(! $body) {
	//	logger('diaspora_reshare: empty body: source= ' . $x);
	//	return;
	//}

	$person = find_diaspora_person_by_handle($orig_author);

	/*if(is_array($person) && x($person,'name') && x($person,'url'))
		$details = '[url=' . $person['url'] . ']' . $person['name'] . '[/url]';
	else
		$details = $orig_author;

	$prefix = html_entity_decode("&#x2672; ", ENT_QUOTES, 'UTF-8') . $details . "\n";*/


	// allocate a guid on our system - we aren't fixing any collisions.
	// we're ignoring them

	$g = q("select * from guid where guid = '%s' limit 1",
		dbesc($guid)
	);
	if(! count($g)) {
		q("insert into guid ( guid ) values ( '%s' )",
			dbesc($guid)
		);
	}

	$created = unxmlify($xml->created_at);
	$private = ((unxmlify($xml->public) == 'false') ? 1 : 0);

	$datarray = array();

	$str_tags = '';

	$tags = get_tags($body);

	if(count($tags)) {
		foreach($tags as $tag) {
			if(strpos($tag,'#') === 0) {
				if(strpos($tag,'[url='))
					continue;

				// don't link tags that are already embedded in links

				if(preg_match('/\[(.*?)' . preg_quote($tag,'/') . '(.*?)\]/',$body))
					continue;
				if(preg_match('/\[(.*?)\]\((.*?)' . preg_quote($tag,'/') . '(.*?)\)/',$body))
					continue;


				$basetag = str_replace('_',' ',substr($tag,1));
				$body = str_replace($tag,'#[url=' . $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag) . ']' . $basetag . '[/url]',$body);
				if(strlen($str_tags))
					$str_tags .= ',';
				$str_tags .= '#[url=' . $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag) . ']' . $basetag . '[/url]';
				continue;
			}
		}
	}

	$plink = 'https://'.substr($diaspora_handle,strpos($diaspora_handle,'@')+1).'/posts/'.$guid;

	$datarray['uid'] = $importer['channel_id'];
	$datarray['contact-id'] = $contact['id'];
	$datarray['wall'] = 0;
	$datarray['network']  = NETWORK_DIASPORA;
	$datarray['guid'] = $guid;
	$datarray['uri'] = $datarray['parent-uri'] = $message_id;
	$datarray['changed'] = $datarray['created'] = $datarray['edited'] = datetime_convert('UTC','UTC',$created);
	$datarray['private'] = $private;
	$datarray['parent'] = 0;
	$datarray['plink'] = $plink;
	$datarray['owner-name'] = $contact['name'];
	$datarray['owner-link'] = $contact['url'];
	$datarray['owner-avatar'] = ((x($contact,'thumb')) ? $contact['thumb'] : $contact['photo']);
	if (!intval(get_config('system','wall-to-wall_share'))) {
		$prefix = "[share author='".str_replace(array("'", "[", "]"), array("&#x27;", "&#x5B;", "&#x5D;"),$person['name']).
				"' profile='".$person['url'].
				"' avatar='".((x($person,'thumb')) ? $person['thumb'] : $person['photo']).
				"' link='".str_replace(array("'", "[", "]"), array("&#x27;", "&#x5B;", "&#x5D;"),$orig_url)."']";
		$datarray['author-name'] = $contact['name'];
		$datarray['author-link'] = $contact['url'];
		$datarray['author-avatar'] = $contact['thumb'];
		$datarray['body'] = $prefix.$body."[/share]";
	} else {
		// Let reshared messages look like wall-to-wall posts
		$datarray['author-name'] = $person['name'];
		$datarray['author-link'] = $person['url'];
		$datarray['author-avatar'] = ((x($person,'thumb')) ? $person['thumb'] : $person['photo']);
		$datarray['body'] = $body;
	}

	$datarray['tag'] = $str_tags;
	$datarray['app']  = 'Diaspora';

	// if empty content it might be a photo that hasn't arrived yet. If a photo arrives, we'll make it visible. (testing)
	$datarray['visible'] = ((strlen($body)) ? 1 : 0);

	$message_id = item_store($datarray);

	//if($message_id) {
	//	q("update item set plink = '%s' where id = %d",
	//		dbesc($a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $message_id),
	//		intval($message_id)
	//	);
	//}

	return;

}


function diaspora_asphoto($importer,$xml,$msg) {
	logger('diaspora_asphoto called');

	$a = get_app();
	$guid = notags(unxmlify($xml->guid));
	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));

	if($diaspora_handle != $msg['author']) {
		logger('diaspora_post: Potential forgery. Message handle is not the same as envelope sender.');
		return 202;
	}

	$contact = diaspora_get_contact_by_handle($importer['channel_id'],$diaspora_handle);
	if(! $contact)
		return;

	if(! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream')) {
		logger('diaspora_asphoto: Ignoring this author.');
		return 202;
	}

	$message_id = $diaspora_handle . ':' . $guid;
	$r = q("SELECT `id` FROM `item` WHERE `uid` = %d AND `uri` = '%s' AND `guid` = '%s' LIMIT 1",
		intval($importer['channel_id']),
		dbesc($message_id),
		dbesc($guid)
	);
	if(count($r)) {
		logger('diaspora_asphoto: message exists: ' . $guid);
		return;
	}

	// allocate a guid on our system - we aren't fixing any collisions.
	// we're ignoring them

	$g = q("select * from guid where guid = '%s' limit 1",
		dbesc($guid)
	);
	if(! count($g)) {
		q("insert into guid ( guid ) values ( '%s' )",
			dbesc($guid)
		);
	}

	$created = unxmlify($xml->created_at);
	$private = ((unxmlify($xml->public) == 'false') ? 1 : 0);

	if(strlen($xml->objectId) && ($xml->objectId != 0) && ($xml->image_url)) {
		$body = '[url=' . notags(unxmlify($xml->image_url)) . '][img]' . notags(unxmlify($xml->objectId)) . '[/img][/url]' . "\n";
		$body = scale_external_images($body,false);
	}
	elseif($xml->image_url) {
		$body = '[img]' . notags(unxmlify($xml->image_url)) . '[/img]' . "\n";
		$body = scale_external_images($body);
	}
	else {
		logger('diaspora_asphoto: no photo url found.');
		return;
	}

	$plink = 'https://'.substr($diaspora_handle,strpos($diaspora_handle,'@')+1).'/posts/'.$guid;

	$datarray = array();

	$datarray['uid'] = $importer['channel_id'];
	$datarray['contact-id'] = $contact['id'];
	$datarray['wall'] = 0;
	$datarray['network']  = NETWORK_DIASPORA;
	$datarray['guid'] = $guid;
	$datarray['uri'] = $datarray['parent-uri'] = $message_id;
	$datarray['changed'] = $datarray['created'] = $datarray['edited'] = datetime_convert('UTC','UTC',$created);
	$datarray['private'] = $private;
	$datarray['parent'] = 0;
	$datarray['plink'] = $plink;
	$datarray['owner-name'] = $contact['name'];
	$datarray['owner-link'] = $contact['url'];
	//$datarray['owner-avatar'] = $contact['thumb'];
	$datarray['owner-avatar'] = ((x($contact,'thumb')) ? $contact['thumb'] : $contact['photo']);
	$datarray['author-name'] = $contact['name'];
	$datarray['author-link'] = $contact['url'];
	$datarray['author-avatar'] = $contact['thumb'];
	$datarray['body'] = $body;

	$datarray['app']  = 'Diaspora/Cubbi.es';

	$message_id = item_store($datarray);

	//if($message_id) {
	//	q("update item set plink = '%s' where id = %d",
	//		dbesc($a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $message_id),
	//		intval($message_id)
	//	);
	//}

	return;

}






function diaspora_comment($importer,$xml,$msg) {

	$a = get_app();
	$guid = notags(unxmlify($xml->guid));
	$parent_guid = notags(unxmlify($xml->parent_guid));
	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
	$target_type = notags(unxmlify($xml->target_type));
	$text = unxmlify($xml->text);
	$author_signature = notags(unxmlify($xml->author_signature));

	$parent_author_signature = (($xml->parent_author_signature) ? notags(unxmlify($xml->parent_author_signature)) : '');

	$contact = diaspora_get_contact_by_handle($importer['channel_id'],$msg['author']);
	if(! $contact) {
		logger('diaspora_comment: cannot find contact: ' . $msg['author']);
		return;
	}

	if(! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'post_comments')) {
		logger('diaspora_comment: Ignoring this author.');
		return 202;
	}

	$r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1",
		intval($importer['channel_id']),
		dbesc($guid)
	);
	if(count($r)) {
		logger('diaspora_comment: our comment just got relayed back to us (or there was a guid collision) : ' . $guid);
		return;
	}

	$r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1",
		intval($importer['channel_id']),
		dbesc($parent_guid)
	);
	if(! count($r)) {
		logger('diaspora_comment: parent item not found: parent: ' . $parent_guid . ' item: ' . $guid);
		return;
	}
	$parent_item = $r[0];


	/* How Diaspora performs comment signature checking:

	   - If an item has been sent by the comment author to the top-level post owner to relay on
	     to the rest of the contacts on the top-level post, the top-level post owner should check
	     the author_signature, then create a parent_author_signature before relaying the comment on
	   - If an item has been relayed on by the top-level post owner, the contacts who receive it
	     check only the parent_author_signature. Basically, they trust that the top-level post
	     owner has already verified the authenticity of anything he/she sends out
	   - In either case, the signature that get checked is the signature created by the person
	     who sent the salmon
	*/

	$signed_data = $guid . ';' . $parent_guid . ';' . $text . ';' . $diaspora_handle;
	$key = $msg['key'];

	if($parent_author_signature) {
		// If a parent_author_signature exists, then we've received the comment
		// relayed from the top-level post owner. There's no need to check the
		// author_signature if the parent_author_signature is valid

		$parent_author_signature = base64_decode($parent_author_signature);

		if(! rsa_verify($signed_data,$parent_author_signature,$key,'sha256')) {
			logger('diaspora_comment: top-level owner verification failed.');
			return;
		}
	}
	else {
		// If there's no parent_author_signature, then we've received the comment
		// from the comment creator. In that case, the person is commenting on
		// our post, so he/she must be a contact of ours and his/her public key
		// should be in $msg['key']

		$author_signature = base64_decode($author_signature);

		if(! rsa_verify($signed_data,$author_signature,$key,'sha256')) {
			logger('diaspora_comment: comment author verification failed.');
			return;
		}
	}

	// Phew! Everything checks out. Now create an item.

	// Find the original comment author information.
	// We need this to make sure we display the comment author
	// information (name and avatar) correctly.
	if(strcasecmp($diaspora_handle,$msg['author']) == 0)
		$person = $contact;
	else {
		$person = find_diaspora_person_by_handle($diaspora_handle);

		if(! is_array($person)) {
			logger('diaspora_comment: unable to find author details');
			return;
		}
	}

	$body = diaspora2bb($text);
	$message_id = $diaspora_handle . ':' . $guid;

	$datarray = array();

	$str_tags = '';

	$tags = get_tags($body);

	if(count($tags)) {
		foreach($tags as $tag) {
			if(strpos($tag,'#') === 0) {
				if(strpos($tag,'[url='))
					continue;

				// don't link tags that are already embedded in links

				if(preg_match('/\[(.*?)' . preg_quote($tag,'/') . '(.*?)\]/',$body))
					continue;
				if(preg_match('/\[(.*?)\]\((.*?)' . preg_quote($tag,'/') . '(.*?)\)/',$body))
					continue;


				$basetag = str_replace('_',' ',substr($tag,1));
				$body = str_replace($tag,'#[url=' . $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag) . ']' . $basetag . '[/url]',$body);
				if(strlen($str_tags))
					$str_tags .= ',';
				$str_tags .= '#[url=' . $a->get_baseurl() . '/search?tag=' . rawurlencode($basetag) . ']' . $basetag . '[/url]';
				continue;
			}
		}
	}

	$datarray['uid'] = $importer['channel_id'];
	$datarray['contact-id'] = $contact['id'];
	$datarray['type'] = 'remote-comment';
	$datarray['wall'] = $parent_item['wall'];
	$datarray['network']  = NETWORK_DIASPORA;
	$datarray['verb'] = ACTIVITY_POST;
	$datarray['gravity'] = GRAVITY_COMMENT;
	$datarray['guid'] = $guid;
	$datarray['uri'] = $message_id;
	$datarray['parent-uri'] = $parent_item['uri'];

	// No timestamps for comments? OK, we'll the use current time.
	$datarray['changed'] = $datarray['created'] = $datarray['edited'] = datetime_convert();
	$datarray['private'] = $parent_item['private'];

	$datarray['owner-name'] = $parent_item['owner-name'];
	$datarray['owner-link'] = $parent_item['owner-link'];
	$datarray['owner-avatar'] = $parent_item['owner-avatar'];

	$datarray['author-name'] = $person['name'];
	$datarray['author-link'] = $person['url'];
	$datarray['author-avatar'] = ((x($person,'thumb')) ? $person['thumb'] : $person['photo']);
	$datarray['body'] = $body;
	$datarray['tag'] = $str_tags;

	// We can't be certain what the original app is if the message is relayed.
	if(($parent_item['origin']) && (! $parent_author_signature))
		$datarray['app']  = 'Diaspora';

	$message_id = item_store($datarray);

	//if($message_id) {
		//q("update item set plink = '%s' where id = %d",
		//	//dbesc($a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $message_id),
		//	dbesc($a->get_baseurl().'/display/'.$datarray['guid']),
		//	intval($message_id)
		//);
	//}

	if(($parent_item['origin']) && (! $parent_author_signature)) {
		q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
			intval($message_id),
			dbesc($signed_data),
			dbesc(base64_encode($author_signature)),
			dbesc($diaspora_handle)
		);

		// if the message isn't already being relayed, notify others
		// the existence of parent_author_signature means the parent_author or owner
		// is already relaying.

		proc_run('php','include/notifier.php','comment-import',$message_id);
	}

	$myconv = q("SELECT `author-link`, `author-avatar`, `parent` FROM `item` WHERE `parent-uri` = '%s' AND `uid` = %d AND `parent` != 0 AND `deleted` = 0 ",
		dbesc($parent_item['uri']),
		intval($importer['channel_id'])
	);

	if(count($myconv)) {
		$importer_url = $a->get_baseurl() . '/profile/' . $importer['nickname'];

		foreach($myconv as $conv) {

			// now if we find a match, it means we're in this conversation

			if(! link_compare($conv['author-link'],$importer_url))
				continue;

			require_once('include/enotify.php');

			$conv_parent = $conv['parent'];

			notification(array(
				'type'         => NOTIFY_COMMENT,
				'notify_flags' => $importer['notify-flags'],
				'language'     => $importer['language'],
				'to_name'      => $importer['username'],
				'to_email'     => $importer['email'],
				'uid'          => $importer['channel_id'],
				'item'         => $datarray,
				//'link'		   => $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $message_id,
				'link'		   => $a->get_baseurl().'/display/'.$datarray['guid'],
				'source_name'  => $datarray['author-name'],
				'source_link'  => $datarray['author-link'],
				'source_photo' => $datarray['author-avatar'],
				'verb'         => ACTIVITY_POST,
				'otype'        => 'item',
				'parent'       => $conv_parent,
				'parent_uri'   => $parent_uri
			));

			// only send one notification
			break;
		}
	}
	return;
}




function diaspora_conversation($importer,$xml,$msg) {

	$a = get_app();

	$guid = notags(unxmlify($xml->guid));
	$subject = notags(unxmlify($xml->subject));
	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
	$participant_handles = notags(unxmlify($xml->participant_handles));
	$created_at = datetime_convert('UTC','UTC',notags(unxmlify($xml->created_at)));

	$parent_uri = $diaspora_handle . ':' . $guid;
 
	$messages = $xml->message;

	if(! count($messages)) {
		logger('diaspora_conversation: empty conversation');
		return;
	}

	$contact = diaspora_get_contact_by_handle($importer['channel_id'],$msg['author']);
	if(! $contact) {
		logger('diaspora_conversation: cannot find contact: ' . $msg['author']);
		return;
	}

	if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) { 
		logger('diaspora_conversation: Ignoring this author.');
		return 202;
	}

	$conversation = null;

	$c = q("select * from conv where uid = %d and guid = '%s' limit 1",
		intval($importer['channel_id']),
		dbesc($guid)
	);
	if(count($c))
		$conversation = $c[0];
	else {
		$r = q("insert into conv (uid,guid,creator,created,updated,subject,recips) values(%d, '%s', '%s', '%s', '%s', '%s', '%s') ",
			intval($importer['channel_id']),
			dbesc($guid),
			dbesc($diaspora_handle),
			dbesc(datetime_convert('UTC','UTC',$created_at)),
			dbesc(datetime_convert()),
			dbesc($subject),
			dbesc($participant_handles)
		);
		if($r)
			$c = q("select * from conv where uid = %d and guid = '%s' limit 1",
	        intval($importer['channel_id']),
    	    dbesc($guid)
    	);
	    if(count($c))
    	    $conversation = $c[0];
	}
	if(! $conversation) {
		logger('diaspora_conversation: unable to create conversation.');
		return;
	}

	foreach($messages as $mesg) {

		$reply = 0;

		$msg_guid = notags(unxmlify($mesg->guid));
		$msg_parent_guid = notags(unxmlify($mesg->parent_guid));
		$msg_parent_author_signature = notags(unxmlify($mesg->parent_author_signature));
		$msg_author_signature = notags(unxmlify($mesg->author_signature));
		$msg_text = unxmlify($mesg->text);
		$msg_created_at = datetime_convert('UTC','UTC',notags(unxmlify($mesg->created_at)));
		$msg_diaspora_handle = notags(unxmlify($mesg->diaspora_handle));
		$msg_conversation_guid = notags(unxmlify($mesg->conversation_guid));
		if($msg_conversation_guid != $guid) {
			logger('diaspora_conversation: message conversation guid does not belong to the current conversation. ' . $xml);
			continue;
		}

		$body = diaspora2bb($msg_text);
		$message_id = $msg_diaspora_handle . ':' . $msg_guid;

		$author_signed_data = $msg_guid . ';' . $msg_parent_guid . ';' . $msg_text . ';' . unxmlify($mesg->created_at) . ';' . $msg_diaspora_handle . ';' . $msg_conversation_guid;

		$author_signature = base64_decode($msg_author_signature);

		if(strcasecmp($msg_diaspora_handle,$msg['author']) == 0) {
			$person = $contact;
			$key = $msg['key'];
		}
		else {
			$person = find_diaspora_person_by_handle($msg_diaspora_handle);	

			if(is_array($person) && x($person,'pubkey'))
				$key = $person['pubkey'];
			else {
				logger('diaspora_conversation: unable to find author details');
				continue;
			}
		}

		if(! rsa_verify($author_signed_data,$author_signature,$key,'sha256')) {
			logger('diaspora_conversation: verification failed.');
			continue;
		}

		if($msg_parent_author_signature) {
			$owner_signed_data = $msg_guid . ';' . $msg_parent_guid . ';' . $msg_text . ';' . unxmlify($mesg->created_at) . ';' . $msg_diaspora_handle . ';' . $msg_conversation_guid;

			$parent_author_signature = base64_decode($msg_parent_author_signature);

			$key = $msg['key'];

			if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha256')) {
				logger('diaspora_conversation: owner verification failed.');
				continue;
			}
		}

		$r = q("select id from mail where `uri` = '%s' limit 1",
			dbesc($message_id)
		);
		if(count($r)) {
			logger('diaspora_conversation: duplicate message already delivered.', LOGGER_DEBUG);
			continue;
		}

		q("insert into mail ( `uid`, `guid`, `convid`, `from-name`,`from-photo`,`from-url`,`contact-id`,`title`,`body`,`seen`,`reply`,`uri`,`parent-uri`,`created`) values ( %d, '%s', %d, '%s', '%s', '%s', %d, '%s', '%s', %d, %d, '%s','%s','%s')",
			intval($importer['channel_id']),
			dbesc($msg_guid),
			intval($conversation['id']),
			dbesc($person['name']),
			dbesc($person['photo']),
			dbesc($person['url']),
			intval($contact['id']),	 
			dbesc($subject),
			dbesc($body),
			0,
			0,
			dbesc($message_id),
			dbesc($parent_uri),
			dbesc($msg_created_at)
		);

		q("update conv set updated = '%s' where id = %d",
			dbesc(datetime_convert()),
			intval($conversation['id'])
		);

		require_once('include/enotify.php');
		notification(array(
			'type' => NOTIFY_MAIL,
			'notify_flags' => $importer['notify-flags'],
			'language' => $importer['language'],
			'to_name' => $importer['username'],
			'to_email' => $importer['email'],
			'uid' =>$importer['importer_uid'],
			'item' => array('subject' => $subject, 'body' => $body),
			'source_name' => $person['name'],
			'source_link' => $person['url'],
			'source_photo' => $person['thumb'],
			'verb' => ACTIVITY_POST,
			'otype' => 'mail'
		));
	}

	return;
}

function diaspora_message($importer,$xml,$msg) {

	$a = get_app();

	$msg_guid = notags(unxmlify($xml->guid));
	$msg_parent_guid = notags(unxmlify($xml->parent_guid));
	$msg_parent_author_signature = notags(unxmlify($xml->parent_author_signature));
	$msg_author_signature = notags(unxmlify($xml->author_signature));
	$msg_text = unxmlify($xml->text);
	$msg_created_at = datetime_convert('UTC','UTC',notags(unxmlify($xml->created_at)));
	$msg_diaspora_handle = notags(unxmlify($xml->diaspora_handle));
	$msg_conversation_guid = notags(unxmlify($xml->conversation_guid));

	$parent_uri = $diaspora_handle . ':' . $msg_parent_guid;
 
	$contact = diaspora_get_contact_by_handle($importer['channel_id'],$msg_diaspora_handle);
	if(! $contact) {
		logger('diaspora_message: cannot find contact: ' . $msg_diaspora_handle);
		return;
	}

	if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) { 
		logger('diaspora_message: Ignoring this author.');
		return 202;
	}

	$conversation = null;

	$c = q("select * from conv where uid = %d and guid = '%s' limit 1",
		intval($importer['channel_id']),
		dbesc($msg_conversation_guid)
	);
	if(count($c))
		$conversation = $c[0];
	else {
		logger('diaspora_message: conversation not available.');
		return;
	}

	$reply = 0;

	$body = diaspora2bb($msg_text);
	$message_id = $msg_diaspora_handle . ':' . $msg_guid;

	$author_signed_data = $msg_guid . ';' . $msg_parent_guid . ';' . $msg_text . ';' . unxmlify($xml->created_at) . ';' . $msg_diaspora_handle . ';' . $msg_conversation_guid;


	$author_signature = base64_decode($msg_author_signature);

	$person = find_diaspora_person_by_handle($msg_diaspora_handle);	
	if(is_array($person) && x($person,'pubkey'))
		$key = $person['pubkey'];
	else {
		logger('diaspora_message: unable to find author details');
		return;
	}

	if(! rsa_verify($author_signed_data,$author_signature,$key,'sha256')) {
		logger('diaspora_message: verification failed.');
		return;
	}

	$r = q("select id from mail where `uri` = '%s' and uid = %d limit 1",
		dbesc($message_id),
		intval($importer['channel_id'])
	);
	if(count($r)) {
		logger('diaspora_message: duplicate message already delivered.', LOGGER_DEBUG);
		return;
	}

	q("insert into mail ( `uid`, `guid`, `convid`, `from-name`,`from-photo`,`from-url`,`contact-id`,`title`,`body`,`seen`,`reply`,`uri`,`parent-uri`,`created`) values ( %d, '%s', %d, '%s', '%s', '%s', %d, '%s', '%s', %d, %d, '%s','%s','%s')",
		intval($importer['channel_id']),
		dbesc($msg_guid),
		intval($conversation['id']),
		dbesc($person['name']),
		dbesc($person['photo']),
		dbesc($person['url']),
		intval($contact['id']),	 
		dbesc($conversation['subject']),
		dbesc($body),
		0,
		1,
		dbesc($message_id),
		dbesc($parent_uri),
		dbesc($msg_created_at)
	);

	q("update conv set updated = '%s' where id = %d",
		dbesc(datetime_convert()),
		intval($conversation['id'])
	);

	return;
}


function diaspora_photo($importer,$xml,$msg,$attempt=1) {

	$a = get_app();

	logger('diaspora_photo: init',LOGGER_DEBUG);

	$remote_photo_path = notags(unxmlify($xml->remote_photo_path));

	$remote_photo_name = notags(unxmlify($xml->remote_photo_name));

	$status_message_guid = notags(unxmlify($xml->status_message_guid));

	$guid = notags(unxmlify($xml->guid));

	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));

	$public = notags(unxmlify($xml->public));

	$created_at = notags(unxmlify($xml_created_at));

	logger('diaspora_photo: status_message_guid: ' . $status_message_guid, LOGGER_DEBUG);

	$contact = diaspora_get_contact_by_handle($importer['channel_id'],$msg['author']);
	if(! $contact) {
		logger('diaspora_photo: contact record not found: ' . $msg['author'] . ' handle: ' . $diaspora_handle);
		return;
	}

	if(! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'send_stream')) {
		logger('diaspora_photo: Ignoring this author.');
		return 202;
	}

	$r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1",
		intval($importer['channel_id']),
		dbesc($status_message_guid)
	);
	if(! count($r)) {
		if($attempt <= 3) {
			q("INSERT INTO dsprphotoq (uid, msg, attempt) VALUES (%d, '%s', %d)",
			   intval($importer['channel_id']),
			   dbesc(serialize($msg)),
			   intval($attempt + 1)
			);
		}
		logger('diaspora_photo: attempt = ' . $attempt . '; status message not found: ' . $status_message_guid . ' for photo: ' . $guid);
		return;
	}

	$parent_item = $r[0];

	$link_text = '[img]' . $remote_photo_path . $remote_photo_name . '[/img]' . "\n";

	$link_text = scale_external_images($link_text, true,
	                                   array($remote_photo_name, 'scaled_full_' . $remote_photo_name));

	if(strpos($parent_item['body'],$link_text) === false) {
		$r = q("update item set `body` = '%s', `visible` = 1 where `id` = %d and `uid` = %d",
			dbesc($link_text . $parent_item['body']),
			intval($parent_item['id']),
			intval($parent_item['uid'])
		);
	}

	return;
}




function diaspora_like($importer,$xml,$msg) {

	$a = get_app();
	$guid = notags(unxmlify($xml->guid));
	$parent_guid = notags(unxmlify($xml->parent_guid));
	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
	$target_type = notags(unxmlify($xml->target_type));
	$positive = notags(unxmlify($xml->positive));
	$author_signature = notags(unxmlify($xml->author_signature));

	$parent_author_signature = (($xml->parent_author_signature) ? notags(unxmlify($xml->parent_author_signature)) : '');

	// likes on comments not supported here and likes on photos not supported by Diaspora

//	if($target_type !== 'Post')
//		return;

	$contact = diaspora_get_contact_by_handle($importer['channel_id'],$msg['author']);
	if(! $contact) {
		logger('diaspora_like: cannot find contact: ' . $msg['author']);
		return;
	}


	if(! perm_is_allowed($importer['channel_id'],$contact['xchan_hash'],'post_comments')) {
		logger('diaspora_like: Ignoring this author.');
		return 202;
	}

	$r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1",
		intval($importer['channel_id']),
		dbesc($parent_guid)
	);
	if(! count($r)) {
		logger('diaspora_like: parent item not found: ' . $guid);
		return;
	}

	$parent_item = $r[0];

	$r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1",
		intval($importer['channel_id']),
		dbesc($guid)
	);
	if(count($r)) {
		if($positive === 'true') {
			logger('diaspora_like: duplicate like: ' . $guid);
			return;
		}
		// Note: I don't think "Like" objects with positive = "false" are ever actually used
		// It looks like "RelayableRetractions" are used for "unlike" instead
		if($positive === 'false') {
			logger('diaspora_like: received a like with positive set to "false"...ignoring');
/*			q("UPDATE `item` SET `deleted` = 1 WHERE `id` = %d AND `uid` = %d",
				intval($r[0]['id']),
				intval($importer['channel_id'])
			);*/
			// FIXME--actually don't unless it turns out that Diaspora does indeed send out "false" likes
			//  send notification via proc_run()
			return;
		}
	}
	// Note: I don't think "Like" objects with positive = "false" are ever actually used
	// It looks like "RelayableRetractions" are used for "unlike" instead
	if($positive === 'false') {
		logger('diaspora_like: received a like with positive set to "false"');
		logger('diaspora_like: unlike received with no corresponding like...ignoring');
		return;	
	}


	/* How Diaspora performs "like" signature checking:

	   - If an item has been sent by the like author to the top-level post owner to relay on
	     to the rest of the contacts on the top-level post, the top-level post owner should check
	     the author_signature, then create a parent_author_signature before relaying the like on
	   - If an item has been relayed on by the top-level post owner, the contacts who receive it
	     check only the parent_author_signature. Basically, they trust that the top-level post
	     owner has already verified the authenticity of anything he/she sends out
	   - In either case, the signature that get checked is the signature created by the person
	     who sent the salmon
	*/

	$signed_data = $guid . ';' . $target_type . ';' . $parent_guid . ';' . $positive . ';' . $diaspora_handle;
	$key = $msg['key'];

	if($parent_author_signature) {
		// If a parent_author_signature exists, then we've received the like
		// relayed from the top-level post owner. There's no need to check the
		// author_signature if the parent_author_signature is valid

		$parent_author_signature = base64_decode($parent_author_signature);

		if(! rsa_verify($signed_data,$parent_author_signature,$key,'sha256')) {
			if (intval(get_config('system','ignore_diaspora_like_signature')))
				logger('diaspora_like: top-level owner verification failed. Proceeding anyway.');
			else {
				logger('diaspora_like: top-level owner verification failed.');
				return;
			}
		}
	}
	else {
		// If there's no parent_author_signature, then we've received the like
		// from the like creator. In that case, the person is "like"ing
		// our post, so he/she must be a contact of ours and his/her public key
		// should be in $msg['key']

		$author_signature = base64_decode($author_signature);

		if(! rsa_verify($signed_data,$author_signature,$key,'sha256')) {
			if (intval(get_config('system','ignore_diaspora_like_signature')))
				logger('diaspora_like: like creator verification failed. Proceeding anyway');
			else {
				logger('diaspora_like: like creator verification failed.');
				return;
			}
		}
	}

	// Phew! Everything checks out. Now create an item.

	// Find the original comment author information.
	// We need this to make sure we display the comment author
	// information (name and avatar) correctly.
	if(strcasecmp($diaspora_handle,$msg['author']) == 0)
		$person = $contact;
	else {
		$person = find_diaspora_person_by_handle($diaspora_handle);

		if(! is_array($person)) {
			logger('diaspora_like: unable to find author details');
			return;
		}
	}

	$uri = $diaspora_handle . ':' . $guid;

	$activity = ACTIVITY_LIKE;
	$post_type = (($parent_item['resource-id']) ? t('photo') : t('status'));
	$objtype = (($parent_item['resource-id']) ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); 
	$link = xmlify('<link rel="alternate" type="text/html" href="' . $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $parent_item['id'] . '" />' . "\n") ;
	$body = $parent_item['body'];

	$obj = <<< EOT

	<object>
		<type>$objtype</type>
		<local>1</local>
		<id>{$parent_item['uri']}</id>
		<link>$link</link>
		<title></title>
		<content>$body</content>
	</object>
EOT;
	$bodyverb = t('%1$s likes %2$s\'s %3$s');

	$arr = array();

	$arr['uri'] = $uri;
	$arr['uid'] = $importer['channel_id'];
	$arr['guid'] = $guid;
	$arr['network']  = NETWORK_DIASPORA;
	$arr['contact-id'] = $contact['id'];
	$arr['type'] = 'activity';
	$arr['wall'] = $parent_item['wall'];
	$arr['gravity'] = GRAVITY_LIKE;
	$arr['parent'] = $parent_item['id'];
	$arr['parent-uri'] = $parent_item['uri'];

	$arr['owner-name'] = $parent_item['name'];
	$arr['owner-link'] = $parent_item['url'];
	//$arr['owner-avatar'] = $parent_item['thumb'];
	$arr['owner-avatar'] = ((x($parent_item,'thumb')) ? $parent_item['thumb'] : $parent_item['photo']);

	$arr['author-name'] = $person['name'];
	$arr['author-link'] = $person['url'];
	$arr['author-avatar'] = ((x($person,'thumb')) ? $person['thumb'] : $person['photo']);

	$ulink = '[url=' . $contact['url'] . ']' . $contact['name'] . '[/url]';
	$alink = '[url=' . $parent_item['author-link'] . ']' . $parent_item['author-name'] . '[/url]';
	//$plink = '[url=' . $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $parent_item['id'] . ']' . $post_type . '[/url]';
	$plink = '[url='.$a->get_baseurl().'/display/'.$guid.']'.$post_type.'[/url]';
	$arr['body'] =  sprintf( $bodyverb, $ulink, $alink, $plink );

	$arr['app']  = 'Diaspora';

	$arr['private'] = $parent_item['private'];
	$arr['verb'] = $activity;
	$arr['object-type'] = $objtype;
	$arr['object'] = $obj;
	$arr['visible'] = 1;
	$arr['unseen'] = 1;
	$arr['last-child'] = 0;

	$message_id = item_store($arr);


	//if($message_id) {
	//	q("update item set plink = '%s' where id = %d",
	//		//dbesc($a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $message_id),
	//		dbesc($a->get_baseurl().'/display/'.$guid),
	//		intval($message_id)
	//	);
	//}

	if(! $parent_author_signature) {
		q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
			intval($message_id),
			dbesc($signed_data),
			dbesc(base64_encode($author_signature)),
			dbesc($diaspora_handle)
		);
	}

	// if the message isn't already being relayed, notify others
	// the existence of parent_author_signature means the parent_author or owner
	// is already relaying. The parent_item['origin'] indicates the message was created on our system

	if(($parent_item['origin']) && (! $parent_author_signature))
		proc_run('php','include/notifier.php','comment-import',$message_id);

	return;
}

function diaspora_retraction($importer,$xml) {


	$guid = notags(unxmlify($xml->guid));
	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
	$type = notags(unxmlify($xml->type));

	$contact = diaspora_get_contact_by_handle($importer['channel_id'],$diaspora_handle);
	if(! $contact)
		return;

	if($type === 'Person') {
		require_once('include/Contact.php');
		contact_remove($contact['id']);
	}
	elseif($type === 'Post') {
		$r = q("select * from item where guid = '%s' and uid = %d and not file like '%%[%%' limit 1",
			dbesc('guid'),
			intval($importer['channel_id'])
		);
		if(count($r)) {
			if(link_compare($r[0]['author-link'],$contact['url'])) {
				q("update item set `deleted` = 1, `changed` = '%s' where `id` = %d",
					dbesc(datetime_convert()),
					intval($r[0]['id'])
				);
			}
		}
	}

	return 202;
	// NOTREACHED
}

function diaspora_signed_retraction($importer,$xml,$msg) {


	$guid = notags(unxmlify($xml->target_guid));
	$diaspora_handle = notags(unxmlify($xml->sender_handle));
	$type = notags(unxmlify($xml->target_type));
	$sig = notags(unxmlify($xml->target_author_signature));

	$parent_author_signature = (($xml->parent_author_signature) ? notags(unxmlify($xml->parent_author_signature)) : '');

	$contact = diaspora_get_contact_by_handle($importer['channel_id'],$diaspora_handle);
	if(! $contact) {
		logger('diaspora_signed_retraction: no contact ' . $diaspora_handle . ' for ' . $importer['channel_id']);
		return;
	}


	$signed_data = $guid . ';' . $type ;
	$key = $msg['key'];

	/* How Diaspora performs relayable_retraction signature checking:

	   - If an item has been sent by the item author to the top-level post owner to relay on
	     to the rest of the contacts on the top-level post, the top-level post owner checks
	     the author_signature, then creates a parent_author_signature before relaying the item on
	   - If an item has been relayed on by the top-level post owner, the contacts who receive it
	     check only the parent_author_signature. Basically, they trust that the top-level post
	     owner has already verified the authenticity of anything he/she sends out
	   - In either case, the signature that get checked is the signature created by the person
	     who sent the salmon
	*/

	if($parent_author_signature) {

		$parent_author_signature = base64_decode($parent_author_signature);

		if(! rsa_verify($signed_data,$parent_author_signature,$key,'sha256')) {
			logger('diaspora_signed_retraction: top-level post owner verification failed');
			return;
		}

	}
	else {

		$sig_decode = base64_decode($sig);

		if(! rsa_verify($signed_data,$sig_decode,$key,'sha256')) {
			logger('diaspora_signed_retraction: retraction owner verification failed.' . print_r($msg,true));
			return;
		}
	}

	if($type === 'StatusMessage' || $type === 'Comment' || $type === 'Like') {
		$r = q("select * from item where guid = '%s' and uid = %d and not file like '%%[%%' limit 1",
			dbesc($guid),
			intval($importer['channel_id'])
		);
		if(count($r)) {
			if(link_compare($r[0]['author-link'],$contact['url'])) {
				q("update item set `deleted` = 1, `edited` = '%s', `changed` = '%s', `body` = '' , `title` = '' where `id` = %d",
					dbesc(datetime_convert()),
					dbesc(datetime_convert()),
					intval($r[0]['id'])
				);

				// Now check if the retraction needs to be relayed by us
				//
				// The first item in the `item` table with the parent id is the parent. However, MySQL doesn't always
				// return the items ordered by `item`.`id`, in which case the wrong item is chosen as the parent.
				// The only item with `parent` and `id` as the parent id is the parent item.
				$p = q("select origin from item where parent = %d and id = %d limit 1",
					$r[0]['parent'],
					$r[0]['parent']
				);
				if(count($p)) {
					if(($p[0]['origin']) && (! $parent_author_signature)) {
						q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
							$r[0]['id'],
							dbesc($signed_data),
							dbesc($sig),
							dbesc($diaspora_handle)
						);

						// the existence of parent_author_signature would have meant the parent_author or owner
						// is already relaying.
						logger('diaspora_signed_retraction: relaying relayable_retraction');

						proc_run('php','include/notifier.php','drop',$r[0]['id']);
					}
				}
			}
		}
	}
	else
		logger('diaspora_signed_retraction: unknown type: ' . $type);

	return 202;
	// NOTREACHED
}

function diaspora_profile($importer,$xml,$msg) {

	$a = get_app();
	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));


	if($diaspora_handle != $msg['author']) {
		logger('diaspora_post: Potential forgery. Message handle is not the same as envelope sender.');
		return 202;
	}

	$contact = diaspora_get_contact_by_handle($importer['channel_id'],$diaspora_handle);
	if(! $contact)
		return;

	if($contact['blocked']) {
		logger('diaspora_post: Ignoring this author.');
		return 202;
	}

	$name = unxmlify($xml->first_name) . ((strlen($xml->last_name)) ? ' ' . unxmlify($xml->last_name) : '');
	$image_url = unxmlify($xml->image_url);
	$birthday = unxmlify($xml->birthday);


	$handle_parts = explode("@", $diaspora_handle);
	if($name === '') {
		$name = $handle_parts[0];
	}
	
	 
	if( preg_match("|^https?://|", $image_url) === 0) {
		$image_url = "http://" . $handle_parts[1] . $image_url;
	}

/*	$r = q("SELECT DISTINCT ( `resource-id` ) FROM `photo` WHERE  `uid` = %d AND `contact-id` = %d AND `album` = 'Contact Photos' ",
		intval($importer['channel_id']),
		intval($contact['id'])
	);
	$oldphotos = ((count($r)) ? $r : null);*/

	require_once('include/Photo.php');

	$images = import_profile_photo($image_url,$importer['channel_id'],$contact['id']);
	
	// Generic birthday. We don't know the timezone. The year is irrelevant. 

	$birthday = str_replace('1000','1901',$birthday);

	$birthday = datetime_convert('UTC','UTC',$birthday,'Y-m-d');

	// this is to prevent multiple birthday notifications in a single year
	// if we already have a stored birthday and the 'm-d' part hasn't changed, preserve the entry, which will preserve the notify year

	if(substr($birthday,5) === substr($contact['bd'],5))
		$birthday = $contact['bd'];

	// TODO: update name on item['author-name'] if the name changed. See consume_feed()
	// Not doing this currently because D* protocol is scheduled for revision soon. 

	$r = q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s', `photo` = '%s', `thumb` = '%s', `micro` = '%s', `avatar-date` = '%s' , `bd` = '%s' WHERE `id` = %d AND `uid` = %d",
		dbesc($name),
		dbesc(datetime_convert()),
		dbesc($images[0]),
		dbesc($images[1]),
		dbesc($images[2]),
		dbesc(datetime_convert()),
		dbesc($birthday),
		intval($contact['id']),
		intval($importer['channel_id'])
	); 

/*	if($r) {
		if($oldphotos) {
			foreach($oldphotos as $ph) {
				q("DELETE FROM `photo` WHERE `uid` = %d AND `contact-id` = %d AND `album` = 'Contact Photos' AND `resource-id` = '%s' ",
					intval($importer['channel_id']),
					intval($contact['id']),
					dbesc($ph['resource-id'])
				);
			}
		}
	}	*/

	return;

}

function diaspora_share($me,$contact) {
	$a = get_app();
	$myaddr = $me['nickname'] . '@' .  substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
	$theiraddr = $contact['addr'];

	$tpl = get_markup_template('diaspora_share.tpl');
	$msg = replace_macros($tpl, array(
		'$sender' => $myaddr,
		'$recipient' => $theiraddr
	));

	$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$me,$contact,$me['prvkey'],$contact['pubkey'])));
	//$slap = 'xml=' . urlencode(diaspora_msg_build($msg,$me,$contact,$me['prvkey'],$contact['pubkey']));

	return(diaspora_transmit($owner,$contact,$slap, false));
}

function diaspora_unshare($me,$contact) {

	$a = get_app();
	$myaddr = $me['nickname'] . '@' .  substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);

	$tpl = get_markup_template('diaspora_retract.tpl');
	$msg = replace_macros($tpl, array(
		'$guid'   => $me['guid'],
		'$type'   => 'Person',
		'$handle' => $myaddr
	));

	$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$me,$contact,$me['prvkey'],$contact['pubkey'])));
	//$slap = 'xml=' . urlencode(diaspora_msg_build($msg,$me,$contact,$me['prvkey'],$contact['pubkey']));

	return(diaspora_transmit($owner,$contact,$slap, false));

}


function diaspora_send_status($item,$owner,$contact,$public_batch = false) {

	$a = get_app();
	$myaddr = $owner['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
	$theiraddr = $contact['addr'];

	$images = array();

	$title = $item['title'];
	$body = $item['body'];

/*
	// We're trying to match Diaspora's split message/photo protocol but
	// all the photos are displayed on D* as links and not img's - even
	// though we're sending pretty much precisely what they send us when
	// doing the same operation.  
	// Commented out for now, we'll use bb2diaspora to convert photos to markdown
	// which seems to get through intact.

	$cnt = preg_match_all('|\[img\](.*?)\[\/img\]|',$body,$matches,PREG_SET_ORDER);
	if($cnt) {
		foreach($matches as $mtch) {
			$detail = array();
			$detail['str'] = $mtch[0];
			$detail['path'] = dirname($mtch[1]) . '/';
			$detail['file'] = basename($mtch[1]);
			$detail['guid'] = $item['guid'];
			$detail['handle'] = $myaddr;
			$images[] = $detail;
			$body = str_replace($detail['str'],$mtch[1],$body);
		}
	}
*/

	//if(strlen($title))
	//	$body = "[b]".html_entity_decode($title)."[/b]\n\n".$body;

	// convert to markdown
	$body = xmlify(html_entity_decode(bb2diaspora($body)));
	//$body = bb2diaspora($body);

	// Adding the title
	if(strlen($title))
		$body = "## ".html_entity_decode($title)."\n\n".$body;

	if($item['attach']) {
		$cnt = preg_match_all('/href=\"(.*?)\"(.*?)title=\"(.*?)\"/ism',$item['attach'],$matches,PREG_SET_ORDER);
		if(cnt) {
			$body .= "\n" . t('Attachments:') . "\n";
			foreach($matches as $mtch) {
				$body .= '[' . $mtch[3] . '](' . $mtch[1] . ')' . "\n";
			}
		}
	}


	$public = (($item['private']) ? 'false' : 'true');

	require_once('include/datetime.php');
	$created = datetime_convert('UTC','UTC',$item['created'],'Y-m-d H:i:s \U\T\C');

	// Detect a share element and do a reshare
	// see: https://github.com/Raven24/diaspora-federation/blob/master/lib/diaspora-federation/entities/reshare.rb
	if (!$item['private'] AND ($ret = diaspora_is_reshare($item["body"]))) {
		$tpl = get_markup_template('diaspora_reshare.tpl');
		$msg = replace_macros($tpl, array(
			'$root_handle' => xmlify($ret['root_handle']),
			'$root_guid' => $ret['root_guid'],
			'$guid' => $item['guid'],
			'$handle' => xmlify($myaddr),
			'$public' => $public,
			'$created' => $created,
			'$provider' => $item["app"]
		));
	} else {
		$tpl = get_markup_template('diaspora_post.tpl');
		$msg = replace_macros($tpl, array(
			'$body' => $body,
			'$guid' => $item['guid'],
			'$handle' => xmlify($myaddr),
			'$public' => $public,
			'$created' => $created,
			'$provider' => $item["app"]
		));
	}

	logger('diaspora_send_status: '.$owner['username'].' -> '.$contact['name'].' base message: '.$msg, LOGGER_DATA);

	$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'],$public_batch)));
	//$slap = 'xml=' . urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'],$public_batch));

	$return_code = diaspora_transmit($owner,$contact,$slap,$public_batch);

	logger('diaspora_send_status: guid: '.$item['guid'].' result '.$return_code, LOGGER_DEBUG);

	if(count($images)) {
		diaspora_send_images($item,$owner,$contact,$images,$public_batch);
	}

	return $return_code;
}

function diaspora_is_reshare($body) {
	$body = trim($body);

        // Skip if it isn't a pure repeated messages
        // Does it start with a share?
        if (strpos($body, "[share") > 0)
                return(false);

        // Does it end with a share?
        if (strlen($body) > (strrpos($body, "[/share]") + 8))
                return(false);

        $attributes = preg_replace("/\[share(.*?)\]\s?(.*?)\s?\[\/share\]\s?/ism","$1",$body);
        // Skip if there is no shared message in there
        if ($body == $attributes)
                return(false);

        $profile = "";
        preg_match("/profile='(.*?)'/ism", $attributes, $matches);
        if ($matches[1] != "")
                $profile = $matches[1];

        preg_match('/profile="(.*?)"/ism', $attributes, $matches);
        if ($matches[1] != "")
                $profile = $matches[1];

        $ret= array();

        $ret["root_handle"] = preg_replace("=https?://(.*)/u/(.*)=ism", "$2@$1", $profile);
        if (($ret["root_handle"] == $profile) OR ($ret["root_handle"] == ""))
                return(false);

        $link = "";
        preg_match("/link='(.*?)'/ism", $attributes, $matches);
        if ($matches[1] != "")
                $link = $matches[1];

        preg_match('/link="(.*?)"/ism', $attributes, $matches);
        if ($matches[1] != "")
                $link = $matches[1];

        $ret["root_guid"] = preg_replace("=https?://(.*)/posts/(.*)=ism", "$2", $link);
        if (($ret["root_guid"] == $link) OR ($ret["root_guid"] == ""))
                return(false);

        return($ret);
}

function diaspora_send_images($item,$owner,$contact,$images,$public_batch = false) {
	$a = get_app();
	if(! count($images))
		return;
	$mysite = substr($a->get_baseurl(),strpos($a->get_baseurl(),'://') + 3) . '/photo';

	$tpl = get_markup_template('diaspora_photo.tpl');
	foreach($images as $image) {
		if(! stristr($image['path'],$mysite))
			continue;
		$resource = str_replace('.jpg','',$image['file']);
		$resource = substr($resource,0,strpos($resource,'-'));

		$r = q("select * from photo where `resource-id` = '%s' and `uid` = %d limit 1",
			dbesc($resource),
			intval($owner['uid'])
		);
		if(! count($r))
			continue;
		$public = (($r[0]['allow_cid'] || $r[0]['allow_gid'] || $r[0]['deny_cid'] || $r[0]['deny_gid']) ? 'false' : 'true' );
		$msg = replace_macros($tpl,array(
			'$path' => xmlify($image['path']),
			'$filename' => xmlify($image['file']),
			'$msg_guid' => xmlify($image['guid']),
			'$guid' => xmlify($r[0]['guid']),
			'$handle' => xmlify($image['handle']),
			'$public' => xmlify($public),
			'$created_at' => xmlify(datetime_convert('UTC','UTC',$r[0]['created'],'Y-m-d H:i:s \U\T\C'))
		));


		logger('diaspora_send_photo: base message: ' . $msg, LOGGER_DATA);
		$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'],$public_batch)));
		//$slap = 'xml=' . urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'],$public_batch));

		diaspora_transmit($owner,$contact,$slap,$public_batch);
	}

}

function diaspora_send_followup($item,$owner,$contact,$public_batch = false) {

	$a = get_app();
	$myaddr = $owner['nickname'] . '@' .  substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
//	$theiraddr = $contact['addr'];

	// Diaspora doesn't support threaded comments, but some
	// versions of Diaspora (i.e. Diaspora-pistos) support
	// likes on comments
	if($item['verb'] === ACTIVITY_LIKE && $item['thr-parent']) {
		$p = q("select guid, type, uri, `parent-uri` from item where uri = '%s' limit 1",
		        dbesc($item['thr-parent'])
		      );
	}
	else {
		// The first item in the `item` table with the parent id is the parent. However, MySQL doesn't always
		// return the items ordered by `item`.`id`, in which case the wrong item is chosen as the parent.
		// The only item with `parent` and `id` as the parent id is the parent item.
		$p = q("select guid, type, uri, `parent-uri` from item where parent = %d and id = %d limit 1",
			intval($item['parent']),
			intval($item['parent'])
		);
	}
	if(count($p))
		$parent = $p[0];
	else
		return;

	if($item['verb'] === ACTIVITY_LIKE) {
		$tpl = get_markup_template('diaspora_like.tpl');
		$like = true;
		$target_type = ( $parent['uri'] === $parent['parent-uri']  ? 'Post' : 'Comment');
//		$target_type = (strpos($parent['type'], 'comment') ? 'Comment' : 'Post');
//		$positive = (($item['deleted']) ? 'false' : 'true');
		$positive = 'true';

		if(($item['deleted']))
			logger('diaspora_send_followup: received deleted "like". Those should go to diaspora_send_retraction');
	}
	else {
		$tpl = get_markup_template('diaspora_comment.tpl');
		$like = false;
	}

	$text = html_entity_decode(bb2diaspora($item['body']));

	// sign it

	if($like)
		$signed_text = $item['guid'] . ';' . $target_type . ';' . $parent['guid'] . ';' . $positive . ';' . $myaddr;
	else
		$signed_text = $item['guid'] . ';' . $parent['guid'] . ';' . $text . ';' . $myaddr;

	$authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256'));

	$msg = replace_macros($tpl,array(
		'$guid' => xmlify($item['guid']),
		'$parent_guid' => xmlify($parent['guid']),
		'$target_type' =>xmlify($target_type),
		'$authorsig' => xmlify($authorsig),
		'$body' => xmlify($text),
		'$positive' => xmlify($positive),
		'$handle' => xmlify($myaddr)
	));

	logger('diaspora_followup: base message: ' . $msg, LOGGER_DATA);

	$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'],$public_batch)));
	//$slap = 'xml=' . urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'],$public_batch));

	return(diaspora_transmit($owner,$contact,$slap,$public_batch));
}


function diaspora_send_relay($item,$owner,$contact,$public_batch = false) {


	$a = get_app();
	$myaddr = $owner['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
//	$theiraddr = $contact['addr'];

	$body = $item['body'];
	$text = html_entity_decode(bb2diaspora($body));

	// Diaspora doesn't support threaded comments, but some
	// versions of Diaspora (i.e. Diaspora-pistos) support
	// likes on comments
	if($item['verb'] === ACTIVITY_LIKE && $item['thr-parent']) {
		$p = q("select guid, type, uri, `parent-uri` from item where uri = '%s' limit 1",
		        dbesc($item['thr-parent'])
		      );
	}
	else {
		// The first item in the `item` table with the parent id is the parent. However, MySQL doesn't always
		// return the items ordered by `item`.`id`, in which case the wrong item is chosen as the parent.
		// The only item with `parent` and `id` as the parent id is the parent item.
		$p = q("select guid, type, uri, `parent-uri` from item where parent = %d and id = %d limit 1",
		       intval($item['parent']),
		       intval($item['parent'])
		      );
	}
	if(count($p))
		$parent = $p[0];
	else
		return;

	$like = false;
	$relay_retract = false;
	$sql_sign_id = 'iid';
	if( $item['deleted']) {
		$relay_retract = true;

		$target_type = ( ($item['verb'] === ACTIVITY_LIKE) ? 'Like' : 'Comment');

		$sql_sign_id = 'retract_iid';
		$tpl = get_markup_template('diaspora_relayable_retraction.tpl');
	}
	elseif($item['verb'] === ACTIVITY_LIKE) {
		$like = true;

		$target_type = ( $parent['uri'] === $parent['parent-uri']  ? 'Post' : 'Comment');
//		$positive = (($item['deleted']) ? 'false' : 'true');
		$positive = 'true';

		$tpl = get_markup_template('diaspora_like_relay.tpl');
	}
	else { // item is a comment
		$tpl = get_markup_template('diaspora_comment_relay.tpl');
	}


	// fetch the original signature	if the relayable was created by a Diaspora
	// or DFRN user. Relayables for other networks are not supported.

/*	$r = q("select * from sign where " . $sql_sign_id . " = %d limit 1",
		intval($item['id'])
	);
	if(count($r)) { 
		$orig_sign = $r[0];
		$signed_text = $orig_sign['signed_text'];
		$authorsig = $orig_sign['signature'];
		$handle = $orig_sign['signer'];
	}
	else {

		// Author signature information (for likes, comments, and retractions of likes or comments,
		// whether from Diaspora or Friendica) must be placed in the `sign` table before this 
		// function is called
		logger('diaspora_send_relay: original author signature not found, cannot send relayable');
		return;
	}*/

	/* Since the author signature is only checked by the parent, not by the relay recipients,
	 * I think it may not be necessary for us to do so much work to preserve all the original
	 * signatures. The important thing that Diaspora DOES need is the original creator's handle.
	 * Let's just generate that and forget about all the original author signature stuff.
	 *
	 * Note: this might be more of an problem if we want to support likes on comments for older
	 * versions of Diaspora (diaspora-pistos), but since there are a number of problems with
	 * doing that, let's ignore it for now.
	 *
	 * Currently, only DFRN contacts are supported. StatusNet shouldn't be hard, but it hasn't
	 * been done yet
	 */

	$handle = diaspora_handle_from_contact($item['contact-id']);
	if(! $handle)
		return;


	if($relay_retract)
		$sender_signed_text = $item['guid'] . ';' . $target_type;
	elseif($like)
		$sender_signed_text = $item['guid'] . ';' . $target_type . ';' . $parent['guid'] . ';' . $positive . ';' . $handle;
	else
		$sender_signed_text = $item['guid'] . ';' . $parent['guid'] . ';' . $text . ';' . $handle;

	// Sign the relayable with the top-level owner's signature
	//
	// We'll use the $sender_signed_text that we just created, instead of the $signed_text
	// stored in the database, because that provides the best chance that Diaspora will
	// be able to reconstruct the signed text the same way we did. This is particularly a
	// concern for the comment, whose signed text includes the text of the comment. The
	// smallest change in the text of the comment, including removing whitespace, will
	// make the signature verification fail. Since we translate from BB code to Diaspora's
	// markup at the top of this function, which is AFTER we placed the original $signed_text
	// in the database, it's hazardous to trust the original $signed_text.

	$parentauthorsig = base64_encode(rsa_sign($sender_signed_text,$owner['uprvkey'],'sha256'));

	$msg = replace_macros($tpl,array(
		'$guid' => xmlify($item['guid']),
		'$parent_guid' => xmlify($parent['guid']),
		'$target_type' =>xmlify($target_type),
		'$authorsig' => xmlify($authorsig),
		'$parentsig' => xmlify($parentauthorsig),
		'$body' => xmlify($text),
		'$positive' => xmlify($positive),
		'$handle' => xmlify($handle)
	));

	logger('diaspora_send_relay: base message: ' . $msg, LOGGER_DATA);


	$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'],$public_batch)));
	//$slap = 'xml=' . urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'],$public_batch));

	return(diaspora_transmit($owner,$contact,$slap,$public_batch));

}



function diaspora_send_retraction($item,$owner,$contact,$public_batch = false) {

	$a = get_app();
	$myaddr = $owner['nickname'] . '@' .  substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);

	// Check whether the retraction is for a top-level post or whether it's a relayable
	if( $item['uri'] !== $item['parent-uri'] ) {

		$tpl = get_markup_template('diaspora_relay_retraction.tpl');
		$target_type = (($item['verb'] === ACTIVITY_LIKE) ? 'Like' : 'Comment');
	}
	else {
		
		$tpl = get_markup_template('diaspora_signed_retract.tpl');
		$target_type = 'StatusMessage';
	}

	$signed_text = $item['guid'] . ';' . $target_type;

	$msg = replace_macros($tpl, array(
		'$guid'   => xmlify($item['guid']),
		'$type'   => xmlify($target_type),
		'$handle' => xmlify($myaddr),
		'$signature' => xmlify(base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256')))
	));

	$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'],$public_batch)));
	//$slap = 'xml=' . urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'],$public_batch));

	return(diaspora_transmit($owner,$contact,$slap,$public_batch));
}

function diaspora_send_mail($item,$owner,$contact) {

	$a = get_app();
	$myaddr = $owner['nickname'] . '@' .  substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);

	$r = q("select * from conv where id = %d and uid = %d limit 1",
		intval($item['convid']),
		intval($item['uid'])
	);

	if(! count($r)) {
		logger('diaspora_send_mail: conversation not found.');
		return;
	}
	$cnv = $r[0];

	$conv = array(
		'guid' => xmlify($cnv['guid']),
		'subject' => xmlify($cnv['subject']),
		'created_at' => xmlify(datetime_convert('UTC','UTC',$cnv['created'],'Y-m-d H:i:s \U\T\C')),
		'diaspora_handle' => xmlify($cnv['creator']),
		'participant_handles' => xmlify($cnv['recips'])
	);

	$body = bb2diaspora($item['body']);
	$created = datetime_convert('UTC','UTC',$item['created'],'Y-m-d H:i:s \U\T\C');
 
	$signed_text =  $item['guid'] . ';' . $cnv['guid'] . ';' . $body .  ';' 
		. $created . ';' . $myaddr . ';' . $cnv['guid'];

	$sig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256'));

	$msg = array(
		'guid' => xmlify($item['guid']),
		'parent_guid' => xmlify($cnv['guid']),
		'parent_author_signature' => (($item['reply']) ? null : xmlify($sig)),
		'author_signature' => xmlify($sig),
		'text' => xmlify($body),
		'created_at' => xmlify($created),
		'diaspora_handle' => xmlify($myaddr),
		'conversation_guid' => xmlify($cnv['guid'])
	);

	if($item['reply']) {
		$tpl = get_markup_template('diaspora_message.tpl');
		$xmsg = replace_macros($tpl, array('$msg' => $msg));
	}
	else {
		$conv['messages'] = array($msg);
		$tpl = get_markup_template('diaspora_conversation.tpl');
		$xmsg = replace_macros($tpl, array('$conv' => $conv));
	}

	logger('diaspora_conversation: ' . print_r($xmsg,true), LOGGER_DATA);

	$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($xmsg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'],false)));
	//$slap = 'xml=' . urlencode(diaspora_msg_build($xmsg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'],false));

	return(diaspora_transmit($owner,$contact,$slap,false));


}

function diaspora_transmit($owner,$contact,$slap,$public_batch,$queue_run=false) {

	$enabled = intval(get_config('system','diaspora_enabled'));
	if(! $enabled) {
		return 200;
	}

	$a = get_app();
	$logid = random_string(4);
	$dest_url = (($public_batch) ? $contact['batch'] : $contact['notify']);
	if(! $dest_url) {
		logger('diaspora_transmit: no url for contact: ' . $contact['id'] . ' batch mode =' . $public_batch);
		return 0;
	} 

	logger('diaspora_transmit: ' . $logid . ' ' . $dest_url);

	if( (! $queue_run) && (was_recently_delayed($contact['id'])) ) {
		$return_code = 0;
	}
	else {
		if (!intval(get_config('system','diaspora_test'))) {
			post_url($dest_url . '/', $slap);
			$return_code = $a->get_curl_code();
		} else {
			logger('diaspora_transmit: test_mode');
			return 200;
		}
	}

	logger('diaspora_transmit: ' . $logid . ' returns: ' . $return_code);

	if((! $return_code) || (($return_code == 503) && (stristr($a->get_curl_headers(),'retry-after')))) {
		logger('diaspora_transmit: queue message');

		$r = q("SELECT id from queue where cid = %d and network = '%s' and content = '%s' and batch = %d limit 1",
			intval($contact['id']),
			dbesc(NETWORK_DIASPORA),
			dbesc($slap),
			intval($public_batch)
		);
		if(count($r)) {
			logger('diaspora_transmit: add_to_queue ignored - identical item already in queue');
		}
		else {
			// queue message for redelivery
			add_to_queue($contact['id'],NETWORK_DIASPORA,$slap,$public_batch);
		}
	}


	return(($return_code) ? $return_code : (-1));
}