various diaspora issues

4 files changed, 76 insertions, 22 deletions

diff --git a/include/deliver.php b/include/deliver.php
index 2693fe165..f4fae6061 100644
--- a/include/deliver.php
+++ b/include/deliver.php
@@ -29,6 +29,7 @@ function deliver_run($argv, $argc) {
 					);
 				}
 				else {
+					logger('deliver: queue post returned ' . $result['return_code'] . ' from ' . $r[0]['outq_posturl'],LOGGER_DEBUG);
 					$y = q("update outq set outq_updated = '%s' where outq_hash = '%s' limit 1",
 						dbesc(datetime_convert()),
 						dbesc($argv[$x])
diff --git a/include/diaspora.php b/include/diaspora.php
index 352ed48e4..b544dad53 100755
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -1228,7 +1228,7 @@ function diaspora_comment($importer,$xml,$msg) {
 	     check only the parent_author_signature. Basically, they trust that the top-level post
 	     owner has already verified the authenticity of anything he/she sends out
 	   - In either case, the signature that get checked is the signature created by the person
-	     who sent the salmon
+	     who sent the psuedo-salmon
 	*/
 
 	$signed_data = $guid . ';' . $parent_guid . ';' . $text . ';' . $diaspora_handle;
@@ -1346,6 +1346,9 @@ function diaspora_comment($importer,$xml,$msg) {
 
 	$result = item_store($datarray);
 
+	if($result && $result['success'])
+		$message_id = $result['item_id'];
+
 	if(($parent_item['item_flags'] & ITEM_ORIGIN) && (! $parent_author_signature)) {
 		q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
 			intval($message_id),
@@ -2500,6 +2503,7 @@ function diaspora_send_relay($item,$owner,$contact,$public_batch = false) {
 	// Diaspora doesn't support threaded comments, but some
 	// versions of Diaspora (i.e. Diaspora-pistos) support
 	// likes on comments
+
 	if($item['verb'] === ACTIVITY_LIKE && $item['thr_parent']) {
 		$p = q("select * from item where mid = '%s' limit 1",
 				dbesc($item['thr_parent'])
@@ -2514,14 +2518,18 @@ function diaspora_send_relay($item,$owner,$contact,$public_batch = false) {
 			   intval($item['parent'])
 			  );
 	}
+
 	if($p)
 		$parent = $p[0];
-	else
+	else {
+		logger('diaspora_send_relay: no parent');
 		return;
+	}
 
 	$like = false;
 	$relay_retract = false;
 	$sql_sign_id = 'iid';
+
 	if( $item['item_restrict'] & ITEM_DELETED) {
 		$relay_retract = true;
 
@@ -2544,10 +2552,10 @@ function diaspora_send_relay($item,$owner,$contact,$public_batch = false) {
 	}
 
 
-	// fetch the original signature	if the relayable was created by a Diaspora
-	// or DFRN user. Relayables for other networks are not supported.
+	// fetch the original signature	if the relayable was created by a Diaspora, Friendica-over Diaspora,
+	// or zot user. Relayables for other networks are not supported.
 
-/*	$r = q("select * from sign where " . $sql_sign_id . " = %d limit 1",
+	$r = q("select * from sign where " . $sql_sign_id . " = %d limit 1",
 		intval($item['id'])
 	);
 	if(count($r)) { 
@@ -2557,13 +2565,12 @@ function diaspora_send_relay($item,$owner,$contact,$public_batch = false) {
 		$handle = $orig_sign['signer'];
 	}
 	else {
-
 		// Author signature information (for likes, comments, and retractions of likes or comments,
 		// whether from Diaspora or Friendica) must be placed in the `sign` table before this 
 		// function is called
 		logger('diaspora_send_relay: original author signature not found, cannot send relayable');
 		return;
-	}*/
+	}
 
 	/* Since the author signature is only checked by the parent, not by the relay recipients,
 	 * I think it may not be necessary for us to do so much work to preserve all the original
@@ -2574,14 +2581,14 @@ function diaspora_send_relay($item,$owner,$contact,$public_batch = false) {
 	 * versions of Diaspora (diaspora-pistos), but since there are a number of problems with
 	 * doing that, let's ignore it for now.
 	 *
-	 * Currently, only DFRN contacts are supported. StatusNet shouldn't be hard, but it hasn't
-	 * been done yet
+	 *
 	 */
 
 	$handle = diaspora_handle_from_contact($item['author_xchan']);
-	if(! $handle)
+	if(! $handle) {
+		logger('diaspora_send_relay: no handle');
 		return;
-
+	}
 
 	if($relay_retract)
 		$sender_signed_text = $item['guid'] . ';' . $target_type;
@@ -2601,11 +2608,11 @@ function diaspora_send_relay($item,$owner,$contact,$public_batch = false) {
 	// markup at the top of this function, which is AFTER we placed the original $signed_text
 	// in the database, it's hazardous to trust the original $signed_text.
 
-	$parentauthorsig = base64_encode(rsa_sign($sender_signed_text,$owner['uprvkey'],'sha256'));
+	$parentauthorsig = base64_encode(rsa_sign($sender_signed_text,$owner['channel_prvkey'],'sha256'));
 
 	$msg = replace_macros($tpl,array(
-		'$guid' => xmlify($item['guid']),
-		'$parent_guid' => xmlify($parent['guid']),
+		'$guid' => xmlify($item['mid']),
+		'$parent_guid' => xmlify($parent['mid']),
 		'$target_type' =>xmlify($target_type),
 		'$authorsig' => xmlify($authorsig),
 		'$parentsig' => xmlify($parentauthorsig),
@@ -2616,7 +2623,6 @@ function diaspora_send_relay($item,$owner,$contact,$public_batch = false) {
 
 	logger('diaspora_send_relay: base message: ' . $msg, LOGGER_DATA);
 
-
 	$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['channel_prvkey'],$contact['xchan_pubkey'],$public_batch)));
 
 	return(diaspora_transmit($owner,$contact,$slap,$public_batch));
@@ -2631,7 +2637,7 @@ function diaspora_send_retraction($item,$owner,$contact,$public_batch = false) {
 	$myaddr = $owner['nickname'] . '@' .  substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
 
 	// Check whether the retraction is for a top-level post or whether it's a relayable
-	if( $item['uri'] !== $item['parent-uri'] ) {
+	if( $item['mid'] !== $item['parent_mid'] ) {
 
 		$tpl = get_markup_template('diaspora_relay_retraction.tpl');
 		$target_type = (($item['verb'] === ACTIVITY_LIKE) ? 'Like' : 'Comment');
@@ -2642,13 +2648,13 @@ function diaspora_send_retraction($item,$owner,$contact,$public_batch = false) {
 		$target_type = 'StatusMessage';
 	}
 
-	$signed_text = $item['guid'] . ';' . $target_type;
+	$signed_text = $item['mid'] . ';' . $target_type;
 
 	$msg = replace_macros($tpl, array(
-		'$guid'   => xmlify($item['guid']),
+		'$guid'   => xmlify($item['mid']),
 		'$type'   => xmlify($target_type),
 		'$handle' => xmlify($myaddr),
-		'$signature' => xmlify(base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256')))
+		'$signature' => xmlify(base64_encode(rsa_sign($signed_text,$owner['channel_prvkey'],'sha256')))
 	));
 
 	$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['channel_prvkey'],$contact['xchan_pubkey'],$public_batch)));
diff --git a/include/items.php b/include/items.php
index 2a4242ea6..c0ff2ac81 100755
--- a/include/items.php
+++ b/include/items.php
@@ -1665,7 +1665,7 @@ function item_store($arr,$allow_exec = false) {
 	if(! $arr['uid']) {
 		logger('item_store: no uid');
 		$ret['message'] = 'No uid.';
-		return ret;
+		return $ret;
 	}
 
 	$uplinked_comment = false;
@@ -1843,7 +1843,7 @@ function item_store($arr,$allow_exec = false) {
 			if(comments_are_now_closed($r[0])) {
 				logger('item_store: comments closed');
 				$ret['message'] = 'Comments closed.';
-				return ret;
+				return $ret;
 			}
 
 			// is the new message multi-level threaded?
@@ -2287,6 +2287,52 @@ function item_store_update($arr,$allow_exec = false) {
 	return $ret;
 }
 
+function store_diaspora_comment_sig($datarray, $channel, $parent_item, $post_id) {
+
+	// We won't be able to sign Diaspora comments for authenticated visitors 
+	// - we don't have their private key
+
+	// since Diaspora doesn't handle edits we can only do this for the original text and not update it.
+
+	$enabled = intval(get_config('system','diaspora_enabled'));
+	if(! $enabled) {
+		logger('mod_item: diaspora support disabled, not storing comment signature', LOGGER_DEBUG);
+		return;
+	}
+
+	$body = $datarray['body'];
+	if(array_key_exists('item_flags',$datarray) && ($datarray['item_flags'] & ITEM_OBSCURED)) {
+		$key = get_config('system','prvkey');
+		if($datarray['body'])
+			$body = crypto_unencapsulate(json_decode($datarray['body'],true),$key);
+	}
+
+	logger('mod_item: storing diaspora comment signature',LOGGER_DEBUG);
+
+	require_once('include/bb2diaspora.php');
+
+	$signed_body = html_entity_decode(bb2diaspora($body));
+
+	$diaspora_handle = $channel['channel_address'] . '@' . get_app()->get_hostname();
+
+	$signed_text = $datarray['mid'] . ';' . $parent_item['mid'] . ';' . $signed_body . ';' . $diaspora_handle;
+
+	if( $uprvkey !== false )
+		$authorsig = base64_encode(rsa_sign($signed_text,$channel['channel_prvkey'],'sha256'));
+	else
+		$authorsig = '';
+
+	$r = q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
+		intval($post_id),
+		dbesc($signed_text),
+		dbesc(base64_encode($authorsig)),
+		dbesc($diaspora_handle)
+	);
+	if(! $r)
+		logger('store_diaspora_comment_sig: DB write failed');
+
+	return;
+}
 
 
 
diff --git a/include/queue.php b/include/queue.php
index cd81e2aa4..222ebada4 100644
--- a/include/queue.php
+++ b/include/queue.php
@@ -50,12 +50,13 @@ function queue_run($argv, $argc){
 		if($rr['outq_driver'] === 'post') {
 			$result = z_post_url($rr['outq_posturl'],$rr['outq_msg']); 
 			if($result['success'] && $result['return_code'] < 300) {
-				logger('deliver: queue post success to ' . $rr['outq_posturl'], LOGGER_DEBUG);
+				logger('queue: queue post success to ' . $rr['outq_posturl'], LOGGER_DEBUG);
 				$y = q("delete from outq where outq_hash = '%s' limit 1",
 					dbesc($rr['ouq_hash'])
 				);
 			}
 			else {
+				logger('queue: queue post returned ' . $result['return_code'] . ' from ' . $rr['outq_posturl'],LOGGER_DEBUG);
 				$y = q("update outq set outq_updated = '%s' where outq_hash = '%s' limit 1",
 					dbesc(datetime_convert()),
 					dbesc($rr['outq_hash'])