aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.htaccess1
-rw-r--r--mod/cloud.php107
-rw-r--r--version.inc2
3 files changed, 109 insertions, 1 deletions
diff --git a/.htaccess b/.htaccess
index 090ae6637..2f4fb1381 100644
--- a/.htaccess
+++ b/.htaccess
@@ -12,6 +12,7 @@ Deny from all
# Protect repository directory from browsing
RewriteRule "(^|/)\.git" - [F]
+
# Rewrite current-style URLs of the form 'index.php?q=x'.
# Also place auth information into REMOTE_USER for sites running
# in CGI mode.
diff --git a/mod/cloud.php b/mod/cloud.php
new file mode 100644
index 000000000..7725d5a2f
--- /dev/null
+++ b/mod/cloud.php
@@ -0,0 +1,107 @@
+<?php
+
+ // This module is currently !!!HIGHLY EXPERIMENTAL!!!
+ // You should think twice before running this on a production server
+ // as security mechanisms are not yet implemented and those that
+ // are implemented probably don't work.
+
+ // DAV mounts will probably fail if you don't use SSL, because some platforms refuse to send
+ // basic auth over non-encrypted connections.
+ // One could use digest auth - but then one has to calculate the A1 digest and store it for
+ // all acounts. We aren't doing that. We have a stored password already. We don't need another
+ // one. The login unfortunately is the channel nickname (webbie) as we have no way of passing
+ // the destination channel to DAV. You should be able to login with your account credentials
+ // and be directed to your default channel.
+
+ // This interface does not yet support Red stored files. Consider any content in your "store"
+ // directory to be throw-away until advised otherwise.
+
+ if(! get_config('system','enable_cloud'))
+ killme();
+
+
+ use Sabre\DAV;
+
+ require_once('vendor/autoload.php');
+
+
+ // workaround for HTTP-auth in CGI mode
+ if(x($_SERVER,'REDIRECT_REMOTE_USER')) {
+ $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"],6)) ;
+ if(strlen($userpass)) {
+ list($name, $password) = explode(':', $userpass);
+ $_SERVER['PHP_AUTH_USER'] = $name;
+ $_SERVER['PHP_AUTH_PW'] = $password;
+ }
+ }
+
+ if(x($_SERVER,'HTTP_AUTHORIZATION')) {
+ $userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"],6)) ;
+ if(strlen($userpass)) {
+ list($name, $password) = explode(':', $userpass);
+ $_SERVER['PHP_AUTH_USER'] = $name;
+ $_SERVER['PHP_AUTH_PW'] = $password;
+ }
+ }
+
+
+
+class RedBasicAuth extends Sabre\DAV\Auth\Backend\AbstractBasic {
+
+ protected function validateUserPass($username, $password) {
+ require_once('include/auth.php');
+ $record = account_verify_password($email,$pass);
+ if($record && $record['account_default_channel']) {
+ $r = q("select * from channel where channel_account_id = %d and channel_id = %d limit 1",
+ intval($record['account_id']),
+ intval($record['account_default_channel'])
+ );
+ if($r) {
+ $this->currentUser = $r[0]['channel_address'];
+ return true;
+ }
+ }
+ $r = q("select channel_account_id from channel where channel_address = '%s' limit 1",
+ dbesc($username)
+ );
+ if($r) {
+ $x = q("select * from account where account_id = %d limit 1",
+ intval($r[0]['channel_account_id'])
+ );
+ if($x) {
+ foreach($x as $record) {
+ if(($record['account_flags'] == ACCOUNT_OK) || ($record['account_flags'] == ACCOUNT_UNVERIFIED)
+ && (hash('whirlpool',$record['account_salt'] . $password) === $record['account_password'])) {
+ logger('(DAV) RedBasicAuth: password verified for ' . $username);
+ return true;
+ }
+ }
+ }
+ }
+ logger('(DAV) RedBasicAuth: password failed for ' . $username);
+ return false;
+ }
+}
+
+
+function cloud_init() {
+
+
+ $rootDirectory = new DAV\FS\Directory('store');
+ $server = new DAV\Server($rootDirectory);
+ $lockBackend = new DAV\Locks\Backend\File('store/data/locks');
+ $lockPlugin = new DAV\Locks\Plugin($lockBackend);
+
+ $server->addPlugin($lockPlugin);
+
+ $auth = new RedBasicAuth();
+
+ $auth->Authenticate($server,'Red Matrix');
+
+
+ // All we need to do now, is to fire up the server
+ $server->exec();
+
+ exit;
+
+} \ No newline at end of file
diff --git a/version.inc b/version.inc
index 5f3b9d095..97a5c28f4 100644
--- a/version.inc
+++ b/version.inc
@@ -1 +1 @@
-2013-10-21.473
+2013-10-22.474