aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2015-02-24 16:36:27 -0800
committerfriendica <info@friendica.com>2015-02-24 16:36:27 -0800
commit08f054130f5a57e2928e129131e7609271ec7f40 (patch)
treee4eb2166044c05f750c78fc30742835ae5294f44
parent11df605c2e065e123e58bd73525e7ca2113f40b8 (diff)
downloadvolse-hubzilla-08f054130f5a57e2928e129131e7609271ec7f40.tar.gz
volse-hubzilla-08f054130f5a57e2928e129131e7609271ec7f40.tar.bz2
volse-hubzilla-08f054130f5a57e2928e129131e7609271ec7f40.zip
require access token to view, query, or join directories in private realms, if the realm is so configured.
-rwxr-xr-xboot.php2
-rw-r--r--include/dir_fns.php18
-rw-r--r--install/schema_mysql.sql4
-rw-r--r--install/schema_postgres.sql2
-rw-r--r--install/update.php10
-rw-r--r--mod/directory.php8
-rw-r--r--mod/dirsearch.php10
-rw-r--r--mod/regdir.php28
8 files changed, 68 insertions, 14 deletions
diff --git a/boot.php b/boot.php
index 4009f63dd..a93f074c4 100755
--- a/boot.php
+++ b/boot.php
@@ -49,7 +49,7 @@ define ( 'RED_PLATFORM', 'redmatrix' );
define ( 'RED_VERSION', trim(file_get_contents('version.inc')) . 'R');
define ( 'ZOT_REVISION', 1 );
-define ( 'DB_UPDATE_VERSION', 1137 );
+define ( 'DB_UPDATE_VERSION', 1138 );
/**
* Constant with a HTML line break.
diff --git a/include/dir_fns.php b/include/dir_fns.php
index 686c5140f..37a7c04e7 100644
--- a/include/dir_fns.php
+++ b/include/dir_fns.php
@@ -48,7 +48,7 @@ function check_upstream_directory() {
if($directory) {
$h = parse_url($directory);
if($h) {
- $x = zot_finger('sys@' . $h['host']);
+ $x = zot_finger('[system]@' . $h['host']);
if($x['success']) {
$j = json_decode($x['body'],true);
if(array_key_exists('site',$j) && array_key_exists('directory_mode',$j['site'])) {
@@ -166,20 +166,23 @@ function sync_directories($dirmode) {
// FIXME - what to do if we're in a different realm?
if((! $r) && (z_root() != DIRECTORY_FALLBACK_MASTER)) {
- $r = array(
+ $r = array();
+ $r[] = array(
'site_url' => DIRECTORY_FALLBACK_MASTER,
'site_flags' => DIRECTORY_MODE_PRIMARY,
'site_update' => NULL_DATE,
'site_directory' => DIRECTORY_FALLBACK_MASTER . '/dirsearch',
- 'site_realm' => DIRECTORY_REALM
+ 'site_realm' => DIRECTORY_REALM,
+ 'site_valid' => 1
);
- $x = q("insert into site ( site_url, site_flags, site_update, site_directory, site_realm )
+ $x = q("insert into site ( site_url, site_flags, site_update, site_directory, site_realm, site_valid )
values ( '%s', %d', '%s', '%s', '%s' ) ",
dbesc($r[0]['site_url']),
intval($r[0]['site_flags']),
dbesc($r[0]['site_update']),
dbesc($r[0]['site_directory']),
- dbesc($r[0]['site_realm'])
+ dbesc($r[0]['site_realm']),
+ intval($r[0]['site_valid'])
);
$r = q("select * from site where (site_flags & %d) > 0 and site_url != '%s'",
@@ -201,8 +204,11 @@ function sync_directories($dirmode) {
// It will take about a month for a new directory to obtain the full current repertoire of channels.
// FIXME - go back and pick up earlier ratings if this is a new directory server. These do not get refreshed.
+ $token = get_config('system','realm_token');
+
+
$syncdate = (($rr['site_sync'] === NULL_DATE) ? datetime_convert('UTC','UTC','now - 2 days') : $rr['site_sync']);
- $x = z_fetch_url($rr['site_directory'] . '?f=&sync=' . urlencode($syncdate));
+ $x = z_fetch_url($rr['site_directory'] . '?f=&sync=' . urlencode($syncdate) . (($token) ? '&t=' . $token : ''));
if(! $x['success'])
continue;
diff --git a/install/schema_mysql.sql b/install/schema_mysql.sql
index 247b33814..da78d9c61 100644
--- a/install/schema_mysql.sql
+++ b/install/schema_mysql.sql
@@ -1256,6 +1256,7 @@ CREATE TABLE IF NOT EXISTS `site` (
`site_sellpage` char(255) NOT NULL DEFAULT '',
`site_location` char(255) NOT NULL DEFAULT '',
`site_realm` char(255) NOT NULL DEFAULT '',
+ `site_valid` smallint NOT NULL DEFAULT '0',
PRIMARY KEY (`site_url`),
KEY `site_flags` (`site_flags`),
KEY `site_update` (`site_update`),
@@ -1264,7 +1265,8 @@ CREATE TABLE IF NOT EXISTS `site` (
KEY `site_access` (`site_access`),
KEY `site_sellpage` (`site_sellpage`),
KEY `site_pull` (`site_pull`),
- KEY `site_realm` (`site_realm`)
+ KEY `site_realm` (`site_realm`),
+ KEY `site_valid` (`site_valid`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
-- --------------------------------------------------------
diff --git a/install/schema_postgres.sql b/install/schema_postgres.sql
index d852f38e9..1370f3b8a 100644
--- a/install/schema_postgres.sql
+++ b/install/schema_postgres.sql
@@ -959,6 +959,7 @@ CREATE TABLE "site" (
"site_sellpage" text NOT NULL DEFAULT '',
"site_location" text NOT NULL DEFAULT '',
"site_realm" text NOT NULL DEFAULT '',
+ "site_valid" smallint NOT NULL DEFAULT '0',
PRIMARY KEY ("site_url")
);
create index "site_flags" on site ("site_flags");
@@ -968,6 +969,7 @@ create index "site_register" on site ("site_register");
create index "site_access" on site ("site_access");
create index "site_sellpage" on site ("site_sellpage");
create index "site_realm" on site ("site_realm");
+create index "site_valid" on site ("site_valid");
CREATE TABLE "source" (
"src_id" serial NOT NULL,
diff --git a/install/update.php b/install/update.php
index 86731e165..ee13bee78 100644
--- a/install/update.php
+++ b/install/update.php
@@ -1,6 +1,6 @@
<?php
-define( 'UPDATE_VERSION' , 1137 );
+define( 'UPDATE_VERSION' , 1138 );
/**
*
@@ -1568,3 +1568,11 @@ function update_r1136() {
return UPDATE_SUCCESS;
return UPDATE_FAILED;
}
+
+function update_r1137() {
+ $r1 = q("alter table site add site_valid smallint not null default '0' ");
+ $r2 = q("create index site_valid on site ( site_valid ) ");
+ if($r1 && $r2)
+ return UPDATE_SUCCESS;
+ return UPDATE_FAILED;
+}
diff --git a/mod/directory.php b/mod/directory.php
index 329e255cf..bc5aa41e2 100644
--- a/mod/directory.php
+++ b/mod/directory.php
@@ -92,6 +92,9 @@ function directory_content(&$a) {
$url = $directory['url'] . '/dirsearch';
}
+ $token = get_config('system','realm_token');
+
+
logger('mod_directory: URL = ' . $url, LOGGER_DEBUG);
$contacts = array();
@@ -106,8 +109,6 @@ function directory_content(&$a) {
}
}
-
-
if($url) {
// We might want to make the tagadelic count (&kw=) configurable or turn it off completely.
@@ -116,6 +117,9 @@ function directory_content(&$a) {
$kw = ((intval($numtags)) ? $numtags : 24);
$query = $url . '?f=&kw=' . $kw . (($safe_mode != 1) ? '&safe=' . $safe_mode : '');
+ if($token)
+ $query .= '&t=' . $token;
+
if($search)
$query .= '&name=' . urlencode($search) . '&keywords=' . urlencode($search);
if(strpos($search,'@'))
diff --git a/mod/dirsearch.php b/mod/dirsearch.php
index 5a0a7cee8..12abfafb8 100644
--- a/mod/dirsearch.php
+++ b/mod/dirsearch.php
@@ -13,7 +13,6 @@ function dirsearch_content(&$a) {
$ret = array('success' => false);
-
$dirmode = intval(get_config('system','directory_mode'));
if($dirmode == DIRECTORY_MODE_NORMAL) {
@@ -21,6 +20,15 @@ function dirsearch_content(&$a) {
json_return_and_die($ret);
}
+ $access_token = $_REQUEST['t'];
+
+ $token = get_config('system','realm_token');
+ if($token && $access_token != $token) {
+ $result['message'] = t('This directory server requires an access token');
+ return;
+ }
+
+
if(argc() > 1 && argv(1) === 'sites') {
$ret = list_public_sites();
json_return_and_die($ret);
diff --git a/mod/regdir.php b/mod/regdir.php
index f24ee3951..f12659dad 100644
--- a/mod/regdir.php
+++ b/mod/regdir.php
@@ -18,7 +18,8 @@ function regdir_init(&$a) {
$result = array('success' => false);
$url = $_REQUEST['url'];
-
+ $access_token = $_REQUEST['t'];
+ $valid = 0;
// we probably don't need the realm as we will find out in the probe.
// What we may want to die is throw an error if you're trying to register in a different realm
@@ -28,6 +29,18 @@ function regdir_init(&$a) {
if(! $realm)
$realm = DIRECTORY_REALM;
+ if($realm === DIRECTORY_REALM) {
+ $valid = 1;
+ }
+ else {
+ $token = get_config('system','realm_token');
+ if($token && $access_token != $token) {
+ $result['message'] = 'This realm requires an access token';
+ return;
+ }
+ $valid = 1;
+ }
+
$dirmode = intval(get_config('system','directory_mode'));
if($dirmode == DIRECTORY_MODE_NORMAL) {
@@ -56,14 +69,25 @@ function regdir_init(&$a) {
}
}
+ q("update site set site_valid = %d where site_url = '%s' limit 1",
+ intval($valid),
+ strtolower($url)
+ );
+
json_return_and_die($result);
}
else {
+
+ // We can put this in the sql without the condition after 31 march 2015 assuming
+ // most directory servers will have updated by then
+ // This just makes sure it happens if I forget
+
+ $sql_extra = ((datetime_convert() > datetime_convert('UTC','UTC','2015-03-31')) ? ' and site_valid = 1 ' : '' );
if($dirmode == DIRECTORY_MODE_STANDALONE) {
$r = array(array('site_url' => z_root()));
}
else {
- $r = q("select site_url from site where site_flags in ( 1, 2 ) and site_realm = '%s'",
+ $r = q("select site_url from site where site_flags in ( 1, 2 ) and site_realm = '%s' $sql_extra ",
dbesc(get_directory_realm())
);
}