aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2012-04-02 21:01:19 -0700
committerfriendica <info@friendica.com>2012-04-02 21:01:19 -0700
commitf4721955dbfb23992c4acdadd05108cb1b92e2af (patch)
treea270213a6852a5689ce43c72ffc0c3bc2d333b23
parente1de2e3de0142c350fd74ea2161117ed61654dd6 (diff)
downloadvolse-hubzilla-f4721955dbfb23992c4acdadd05108cb1b92e2af.tar.gz
volse-hubzilla-f4721955dbfb23992c4acdadd05108cb1b92e2af.tar.bz2
volse-hubzilla-f4721955dbfb23992c4acdadd05108cb1b92e2af.zip
more ssl policy fixes and prevent delivery to soapbox when using local delivery
-rwxr-xr-xinclude/delivery.php50
-rwxr-xr-xinclude/notifier.php50
-rwxr-xr-xmod/dfrn_notify.php5
3 files changed, 100 insertions, 5 deletions
diff --git a/include/delivery.php b/include/delivery.php
index 532dcd699..2407f11c0 100755
--- a/include/delivery.php
+++ b/include/delivery.php
@@ -321,6 +321,56 @@ function delivery_run($argv, $argc){
$x[0]['writable'] = 1;
}
+
+ $ssl_policy = get_config('system','ssl_policy');
+ // if contact's ssl policy changed, update our links
+
+ $ssl_changed = false;
+
+ if($ssl_policy == SSL_POLICY_SELFSIGN && strstr($x[0]['url'],'https:')) {
+ $ssl_changed = true;
+ $x[0]['url'] = str_replace('https:','http:',$x[0]['url']);
+ $x[0]['request'] = str_replace('https:','http:',$x[0]['request']);
+ $x[0]['notify'] = str_replace('https:','http:',$x[0]['notify']);
+ $x[0]['poll'] = str_replace('https:','http:',$x[0]['poll']);
+ $x[0]['confirm'] = str_replace('https:','http:',$x[0]['confirm']);
+ $x[0]['poco'] = str_replace('https:','http:',$x[0]['poco']);
+ }
+
+ if($ssl_policy == SSL_POLICY_FULL && strstr($x[0]['url'],'http:')) {
+ $ssl_changed = true;
+ $x[0]['url'] = str_replace('http:','https:',$x[0]['url']);
+ $x[0]['request'] = str_replace('http:','https:',$x[0]['request']);
+ $x[0]['notify'] = str_replace('http:','https:',$x[0]['notify']);
+ $x[0]['poll'] = str_replace('http:','https:',$x[0]['poll']);
+ $x[0]['confirm'] = str_replace('http:','https:',$x[0]['confirm']);
+ $x[0]['poco'] = str_replace('http:','https:',$x[0]['poco']);
+ }
+
+ if($ssl_changed) {
+ q("update contact set
+ url = '%s',
+ request = '%s',
+ notify = '%s',
+ poll = '%s',
+ confirm = '%s',
+ poco = '%s'
+ where id = %d limit 1",
+ dbesc($x[0]['url']),
+ dbesc($x[0]['request']),
+ dbesc($x[0]['notify']),
+ dbesc($x[0]['poll']),
+ dbesc($x[0]['confirm']),
+ dbesc($x[0]['poco']),
+ intval($x[0]['id'])
+ );
+ }
+
+ // If we are setup as a soapbox we aren't accepting input from this person
+
+ if($x[0]['page-flags'] == PAGE_SOAPBOX)
+ break;
+
require_once('library/simplepie/simplepie.inc');
logger('mod-delivery: local delivery');
local_delivery($x[0],$atom);
diff --git a/include/notifier.php b/include/notifier.php
index d63ad7ae7..e91185c51 100755
--- a/include/notifier.php
+++ b/include/notifier.php
@@ -537,6 +537,56 @@ function notifier_run($argv, $argc){
$x[0]['writable'] = 1;
}
+ $ssl_policy = get_config('system','ssl_policy');
+ // if contact's ssl policy changed, update our links
+
+ $ssl_changed = false;
+
+ if($ssl_policy == SSL_POLICY_SELFSIGN && strstr($x[0]['url'],'https:')) {
+ $ssl_changed = true;
+ $x[0]['url'] = str_replace('https:','http:',$x[0]['url']);
+ $x[0]['request'] = str_replace('https:','http:',$x[0]['request']);
+ $x[0]['notify'] = str_replace('https:','http:',$x[0]['notify']);
+ $x[0]['poll'] = str_replace('https:','http:',$x[0]['poll']);
+ $x[0]['confirm'] = str_replace('https:','http:',$x[0]['confirm']);
+ $x[0]['poco'] = str_replace('https:','http:',$x[0]['poco']);
+ }
+
+ if($ssl_policy == SSL_POLICY_FULL && strstr($x[0]['url'],'http:')) {
+ $ssl_changed = true;
+ $x[0]['url'] = str_replace('http:','https:',$x[0]['url']);
+ $x[0]['request'] = str_replace('http:','https:',$x[0]['request']);
+ $x[0]['notify'] = str_replace('http:','https:',$x[0]['notify']);
+ $x[0]['poll'] = str_replace('http:','https:',$x[0]['poll']);
+ $x[0]['confirm'] = str_replace('http:','https:',$x[0]['confirm']);
+ $x[0]['poco'] = str_replace('http:','https:',$x[0]['poco']);
+ }
+
+ if($ssl_changed) {
+ q("update contact set
+ url = '%s',
+ request = '%s',
+ notify = '%s',
+ poll = '%s',
+ confirm = '%s',
+ poco = '%s'
+ where id = %d limit 1",
+ dbesc($x[0]['url']),
+ dbesc($x[0]['request']),
+ dbesc($x[0]['notify']),
+ dbesc($x[0]['poll']),
+ dbesc($x[0]['confirm']),
+ dbesc($x[0]['poco']),
+ intval($x[0]['id'])
+ );
+ }
+
+ // If we are setup as a soapbox we aren't accepting input from this person
+
+ if($x[0]['page-flags'] == PAGE_SOAPBOX)
+ break;
+
+
require_once('library/simplepie/simplepie.inc');
logger('mod-delivery: local delivery');
local_delivery($x[0],$atom);
diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php
index 4ce324652..5d44e8144 100755
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@@ -106,7 +106,6 @@ function dfrn_notify_post(&$a) {
if($ssl_policy == 'self' && strstr($importer['url'],'https:')) {
$ssl_changed = true;
$importer['url'] = str_replace('https:','http:',$importer['url']);
- $importer['nurl'] = normalise_link($importer['url']);
$importer['request'] = str_replace('https:','http:',$importer['request']);
$importer['notify'] = str_replace('https:','http:',$importer['notify']);
$importer['poll'] = str_replace('https:','http:',$importer['poll']);
@@ -117,7 +116,6 @@ function dfrn_notify_post(&$a) {
if($ssl_policy == 'full' && strstr($importer['url'],'http:')) {
$ssl_changed = true;
$importer['url'] = str_replace('http:','https:',$importer['url']);
- $importer['nurl'] = normalise_link($importer['url']);
$importer['request'] = str_replace('http:','https:',$importer['request']);
$importer['notify'] = str_replace('http:','https:',$importer['notify']);
$importer['poll'] = str_replace('http:','https:',$importer['poll']);
@@ -129,9 +127,6 @@ function dfrn_notify_post(&$a) {
q("update contact set
url = '%s',
nurl = '%s',
- photo = '%s',
- thumb = '%s',
- micro = '%s',
request = '%s',
notify = '%s',
poll = '%s',