aboutsummaryrefslogtreecommitdiffstats
path: root/mod/post.php
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2012-11-19 20:45:12 -0800
committerfriendica <info@friendica.com>2012-11-19 20:45:12 -0800
commitcd4e381aa146dd185021c86ac1ecc9755fa81453 (patch)
treeac04c8cd2957abf088cd118b04113d56e6489f30 /mod/post.php
parent194ef02c287edbce6b797f1411afe0bb964e8c80 (diff)
downloadvolse-hubzilla-cd4e381aa146dd185021c86ac1ecc9755fa81453.tar.gz
volse-hubzilla-cd4e381aa146dd185021c86ac1ecc9755fa81453.tar.bz2
volse-hubzilla-cd4e381aa146dd185021c86ac1ecc9755fa81453.zip
"heavy lifting" - zot messages flowing, now just need to be parsed and stored at the other end.
Diffstat (limited to 'mod/post.php')
-rw-r--r--mod/post.php93
1 files changed, 84 insertions, 9 deletions
diff --git a/mod/post.php b/mod/post.php
index 320e9fdd9..bdb50ac48 100644
--- a/mod/post.php
+++ b/mod/post.php
@@ -13,18 +13,85 @@ function post_post(&$a) {
$ret = array('result' => false);
- if(array_key_exists('iv',$_REQUEST)) {
- // hush-hush ultra top secret mode
- $data = json_decode(aes_unencapsulate($_REQUEST['data'],get_config('system','site_prvkey')),true);
- }
- else {
- $data = json_decode($_REQUEST['data'],true);
- }
+ $data = json_decode($_REQUEST['data'],true);
+ logger('mod_zot: data: ' . print_r($data,true), LOGGER_DATA);
+
+ if(array_key_exists('iv',$data)) {
+ $data = aes_unencapsulate($data,get_config('system','prvkey'));
+ logger('mod_zot: decrypt1: ' . $data);
+ $data = json_decode($data,true);
+ }
+ logger('mod_zot: decoded data: ' . print_r($data,true), LOGGER_DATA);
$msgtype = ((array_key_exists('type',$data)) ? $data['type'] : '');
+
+ if($msgtype === 'pickup') {
+
+ if((! $data['secret']) || (! $data['secret_sig'])) {
+ $ret['message'] = 'no verification signature';
+ logger('mod_zot: pickup: ' . $ret['message']);
+ json_return_and_die($ret);
+ }
+ $r = q("select hubloc_sitekey from hubloc where hubloc_url = '%s' and hubloc_callback = '%s' and hubloc_sitekey != '' limit 1",
+ dbesc($data['url']),
+ dbesc($data['callback'])
+ );
+ if(! $r) {
+ $ret['message'] = 'site not found';
+ logger('mod_zot: pickup: ' . $ret['message']);
+ json_return_and_die($ret);
+ }
+ // verify the url_sig
+ $sitekey = $r[0]['hubloc_sitekey'];
+ logger('sitekey: ' . $sitekey);
+
+ if(! rsa_verify($data['callback'],base64url_decode($data['callback_sig']),$sitekey)) {
+ $ret['message'] = 'possible site forgery';
+ logger('mod_zot: pickup: ' . $ret['message']);
+ json_return_and_die($ret);
+ }
+
+ if(! rsa_verify($data['secret'],base64url_decode($data['secret_sig']),$sitekey)) {
+ $ret['message'] = 'secret validation failed';
+ logger('mod_zot: pickup: ' . $ret['message']);
+ json_return_and_die($ret);
+ }
+
+ // If we made it to here, we've got a valid pickup. Grab everything for this host and send it.
+
+ $r = q("select outq_posturl from outq where outq_hash = '%s' and outq_posturl = '%s' limit 1",
+ dbesc($data['secret']),
+ dbesc($data['callback'])
+ );
+ if(! $r) {
+ $ret['message'] = 'nothing to pick up';
+ logger('mod_zot: pickup: ' . $ret['message']);
+ json_return_and_die($ret);
+ }
+
+ $r = q("select * from outq where outq_posturl = '%s'",
+ dbesc($data['callback'])
+ );
+ if($r) {
+ $ret['success'] = true;
+ $ret['pickup'] = array();
+ foreach($r as $rr) {
+ $ret['pickup'][] = array('notify' => $rr['outq_notify'],'message' => $rr['outq_msg']);
+
+ $x = q("delete from outq where outq_hash = '%s' limit 1",
+ dbesc($rr['outq_hash'])
+ );
+ }
+ }
+ $encrypted = aes_encapsulate(json_encode($ret),$sitekey);
+ json_return_and_die($encrypted);
+ }
+
+
+
if(array_key_exists('sender',$data)) {
$sender = $data['sender'];
}
@@ -84,8 +151,16 @@ function post_post(&$a) {
}
if($msgtype === 'notify') {
- // add to receive queue
- // qreceive_add($data);
+ $async = get_config('system','queued_fetch');
+
+
+ if($async) {
+ // add to receive queue
+ // qreceive_add($data);
+ }
+ else {
+ $x = zot_fetch($data);
+ }
$ret['result'] = true;
json_return_and_die($ret);