diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/api_auth.php | 6 | ||||
| -rw-r--r-- | include/api_zot.php | 4 | ||||
| -rw-r--r-- | include/channel.php | 4 | ||||
| -rw-r--r-- | include/dir_fns.php | 35 | ||||
| -rw-r--r-- | include/import.php | 6 | ||||
| -rwxr-xr-x | include/items.php | 19 | ||||
| -rw-r--r-- | include/network.php | 11 | ||||
| -rw-r--r-- | include/photos.php | 8 | ||||
| -rw-r--r-- | include/socgraph.php | 21 | ||||
| -rw-r--r-- | include/xchan.php | 2 | ||||
| -rw-r--r-- | include/zot.php | 5 |
11 files changed, 84 insertions, 37 deletions
diff --git a/include/api_auth.php b/include/api_auth.php index 23ab9c946..9235bd28c 100644 --- a/include/api_auth.php +++ b/include/api_auth.php @@ -96,11 +96,15 @@ function api_login(&$a){ if($sigblock) { $keyId = str_replace('acct:','',$sigblock['keyId']); if($keyId) { - $r = q("select * from hubloc where hubloc_addr = '%s' limit 1", + $r = q("select * from hubloc where ( hubloc_addr = '%s' or hubloc_id_url = '%s' ) limit 1", + dbesc($keyId), dbesc($keyId) ); if($r) { $c = channelx_by_hash($r[0]['hubloc_hash']); + if (! $c) { + $c = channelx_by_portid($r[0]['hubloc_hash']); + } if($c) { $a = q("select * from account where account_id = %d limit 1", intval($c['channel_account_id']) diff --git a/include/api_zot.php b/include/api_zot.php index b332aea71..287720484 100644 --- a/include/api_zot.php +++ b/include/api_zot.php @@ -6,8 +6,8 @@ api_register_func('api/export/basic','api_export_basic', true); api_register_func('api/red/channel/export/basic','api_export_basic', true); api_register_func('api/z/1.0/channel/export/basic','api_export_basic', true); - api_register_func('api/red/item/export/page','api_item_export_page', true); - api_register_func('api/z/1.0/item/export/page','api_item_export_page', true); + api_register_func('api/red/item/export_page','api_item_export_page', true); + api_register_func('api/z/1.0/item/export_page','api_item_export_page', true); api_register_func('api/red/channel/list','api_channel_list', true); api_register_func('api/z/1.0/channel/list','api_channel_list', true); api_register_func('api/red/channel/stream','api_channel_stream', true); diff --git a/include/channel.php b/include/channel.php index e4b6df47b..0280cd1cd 100644 --- a/include/channel.php +++ b/include/channel.php @@ -1161,7 +1161,7 @@ function channel_export_items_date($channel_id, $start, $finish) { $ret['relocate'] = [ 'channel_address' => $ch['channel_address'], 'url' => z_root()]; } - $r = q("select * from item where ( item_wall = 1 or item_type != %d ) and item_deleted = 0 and uid = %d and created >= '%s' and created <= '%s' and resource_type = '' order by created", + $r = q("select * from item where ( item_wall = 1 or item_type != %d ) and item_deleted = 0 and uid = %d and created >= '%s' and created <= '%s' and resource_type != 'photo' order by created", intval(ITEM_TYPE_POST), intval($channel_id), dbesc($start), @@ -1223,7 +1223,7 @@ function channel_export_items_page($channel_id, $start, $finish, $page = 0, $lim $ret['relocate'] = [ 'channel_address' => $ch['channel_address'], 'url' => z_root()]; } - $r = q("select * from item where ( item_wall = 1 or item_type != %d ) and item_deleted = 0 and uid = %d and resource_type = '' and created >= '%s' and created <= '%s' order by created limit %d offset %d", + $r = q("select * from item where ( item_wall = 1 or item_type != %d ) and item_deleted = 0 and uid = %d and resource_type != 'photo' and created >= '%s' and created <= '%s' order by created limit %d offset %d", intval(ITEM_TYPE_POST), intval($channel_id), dbesc($start), diff --git a/include/dir_fns.php b/include/dir_fns.php index 2bd1228ec..08a9fb653 100644 --- a/include/dir_fns.php +++ b/include/dir_fns.php @@ -329,13 +329,36 @@ function update_directory_entry($ud) { if ($ud['ud_addr'] && (! ($ud['ud_flags'] & UPDATE_FLAGS_DELETED))) { $success = false; - $x = zot_finger($ud['ud_addr'], ''); - if ($x['success']) { - $j = json_decode($x['body'], true); - if ($j) - $success = true; - $y = import_xchan($j, 0, $ud); + // directory migration phase 1 (Macgirvin - 29-JUNE-2019) + // fetch zot6 info (if available) as well as historical zot info (if available) + // Once this has been running for > 1 month on the primary directory we can deprecate the historical info and + // modify the directory search to only return zot6 entries, and also modify this function + // to *only* fetch the zot6 entries. + // Otherwise we'll be showing duplicates or have a mostly empty directory for a good chunk of + // the transition period. Directory server load will likely increase "moderately" during this transition. + // The one month counter begins when the primary directory has upgraded to a release which uses this code. + // Hubzilla channels running traditional zot which have not upgraded can or will be dropped from the directory or + // "not found" at the end of the transition period as the directory will only serve zot6 entries at that time. + + $uri = \Zotlabs\Lib\Webfinger::zot_url($ud['ud_addr']); + if($uri) { + $record = \Zotlabs\Lib\Zotfinger::exec($uri); + + // Check the HTTP signature + + $hsig = $record['signature']; + if($hsig && $hsig['signer'] === $url && $hsig['header_valid'] === true && $hsig['content_valid'] === true) { + $x = \Zotlabs\Zot\Libzot::import_xchan($record['data'], 0, $ud); + if($x['success']) { + $success = true; + } + } + } + $x = \Zotlabs\Zot\Finger::run($ud['ud_addr'], ''); + if ($x['success']) { + import_xchan($x, 0, $ud); + $success = true; } if (! $success) { q("update updates set ud_last = '%s' where ud_addr = '%s'", diff --git a/include/import.php b/include/import.php index caf25f5d2..1d3b7c035 100644 --- a/include/import.php +++ b/include/import.php @@ -2,6 +2,8 @@ use Zotlabs\Lib\IConfig; +use Zotlabs\Web\HTTPSig; + require_once('include/menu.php'); require_once('include/perm_upgrade.php'); @@ -1329,7 +1331,7 @@ function sync_files($channel, $files) { $headers = []; $headers['Accept'] = 'application/x-zot+json' ; $headers['Sigtoken'] = random_string(); - $headers = \Zotlabs\Web\HTTPSig::create_sig('',$headers,$channel['channel_prvkey'], 'acct:' . $channel['channel_address'] . '@' . \App::get_hostname(),false,true,'sha512'); + $headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'], 'acct:' . channel_reddress($channel),true,'sha512'); $x = z_post_url($fetch_url,$parr,$redirects,[ 'filep' => $fp, 'headers' => $headers]); fclose($fp); @@ -1415,7 +1417,7 @@ function sync_files($channel, $files) { $headers = []; $headers['Accept'] = 'application/x-zot+json' ; $headers['Sigtoken'] = random_string(); - $headers = \Zotlabs\Web\HTTPSig::create_sig('',$headers,$channel['channel_prvkey'], 'acct:' . $channel['channel_address'] . '@' . \App::get_hostname(),false,true,'sha512'); + $headers = HTTPSig::create_sig($headers,$channel['channel_prvkey'],'acct:' . channel_reddress($channel),true,'sha512'); $x = z_post_url($fetch_url,$parr,$redirects,[ 'filep' => $fp, 'headers' => $headers]); fclose($fp); diff --git a/include/items.php b/include/items.php index 0af119cc9..4fc659926 100755 --- a/include/items.php +++ b/include/items.php @@ -1988,11 +1988,12 @@ function item_store($arr, $allow_exec = false, $deliver = true) { unset($arr['iconfig']); } - - if(strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid) || strlen($public_policy)) - $private = 1; - else - $private = $arr['item_private']; + $private = intval($arr['item_private']); + if (! $private) { + if (strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid)) { + $private = 1; + } + } $arr['parent'] = $parent_id; $arr['allow_cid'] = $allow_cid; @@ -2011,7 +2012,7 @@ function item_store($arr, $allow_exec = false, $deliver = true) { // find the item we just created $r = q("SELECT * FROM item WHERE mid = '%s' AND uid = %d and revision = %d ORDER BY id ASC ", - $arr['mid'], // already dbesc'd + dbesc($arr['mid']), intval($arr['uid']), intval($arr['revision']) ); @@ -2032,7 +2033,7 @@ function item_store($arr, $allow_exec = false, $deliver = true) { if(count($r) > 1) { logger('item_store: duplicated post occurred. Removing duplicates.'); q("DELETE FROM item WHERE mid = '%s' AND uid = %d AND id != %d ", - $arr['mid'], + dbesc($arr['mid']), intval($arr['uid']), intval($current_post) ); @@ -4615,12 +4616,12 @@ function set_linkified_perms($linkified, &$str_contact_allow, &$str_group_allow, if(strpos($access_tag,'cid:') === 0) { $str_contact_allow .= '<' . substr($access_tag,4) . '>'; $access_tag = ''; - $private = 1; + $private = 2; } elseif(strpos($access_tag,'gid:') === 0) { $str_group_allow .= '<' . substr($access_tag,4) . '>'; $access_tag = ''; - $private = 1; + $private = 2; } } } diff --git a/include/network.php b/include/network.php index c754625cd..f6992291d 100644 --- a/include/network.php +++ b/include/network.php @@ -1183,12 +1183,12 @@ function discover_by_webbie($webbie, $protocol = '') { */ function webfinger_rfc7033($webbie, $zot = false) { - if(strpos($webbie,'@')) { + if(filter_var($webbie, FILTER_VALIDATE_EMAIL)) { $lhs = substr($webbie,0,strpos($webbie,'@')); $rhs = substr($webbie,strpos($webbie,'@')+1); $resource = urlencode('acct:' . $webbie); } - else { + elseif(filter_var($webbie, FILTER_VALIDATE_URL)) { $m = parse_url($webbie); if($m) { if($m['scheme'] !== 'https') @@ -1197,9 +1197,10 @@ function webfinger_rfc7033($webbie, $zot = false) { $rhs = $m['host'] . (($m['port']) ? ':' . $m['port'] : ''); $resource = urlencode($webbie); } - else - return false; } + else + return false; + logger('fetching url from resource: ' . $rhs . ':' . $webbie); $counter = 0; @@ -1217,7 +1218,7 @@ function webfinger_rfc7033($webbie, $zot = false) { function old_webfinger($webbie) { $host = ''; - if(strstr($webbie,'@')) + if(filter_var($webbie, FILTER_VALIDATE_EMAIL)) $host = substr($webbie,strpos($webbie,'@') + 1); if(strlen($host)) { diff --git a/include/photos.php b/include/photos.php index 7fd712f3e..ee662f707 100644 --- a/include/photos.php +++ b/include/photos.php @@ -261,7 +261,7 @@ function photo_upload($channel, $observer, $args) { $r0 = $ph->save($p); $link[0] = array( 'rel' => 'alternate', - 'type' => 'text/html', + 'type' => $type, 'href' => z_root() . '/photo/' . $photo_hash . '-0.' . $ph->getExt(), 'width' => $width, 'height' => $height @@ -280,7 +280,7 @@ function photo_upload($channel, $observer, $args) { $r1 = $ph->storeThumbnail($p, PHOTO_RES_1024); $link[1] = array( 'rel' => 'alternate', - 'type' => 'text/html', + 'type' => $type, 'href' => z_root() . '/photo/' . $photo_hash . '-1.' . $ph->getExt(), 'width' => $ph->getWidth(), 'height' => $ph->getHeight() @@ -294,7 +294,7 @@ function photo_upload($channel, $observer, $args) { $r2 = $ph->storeThumbnail($p, PHOTO_RES_640); $link[2] = array( 'rel' => 'alternate', - 'type' => 'text/html', + 'type' => $type, 'href' => z_root() . '/photo/' . $photo_hash . '-2.' . $ph->getExt(), 'width' => $ph->getWidth(), 'height' => $ph->getHeight() @@ -308,7 +308,7 @@ function photo_upload($channel, $observer, $args) { $r3 = $ph->storeThumbnail($p, PHOTO_RES_320); $link[3] = array( 'rel' => 'alternate', - 'type' => 'text/html', + 'type' => $type, 'href' => z_root() . '/photo/' . $photo_hash . '-3.' . $ph->getExt(), 'width' => $ph->getWidth(), 'height' => $ph->getHeight() diff --git a/include/socgraph.php b/include/socgraph.php index 6cddbbaac..3d26f5cfd 100644 --- a/include/socgraph.php +++ b/include/socgraph.php @@ -1,5 +1,10 @@ <?php /** @file */ + +use Zotlabs\Lib\Libzot; +use Zotlabs\Lib\Libzotdir; +use Zotlabs\Lib\Zotfinger; + require_once('include/dir_fns.php'); require_once('include/zot.php'); @@ -122,7 +127,7 @@ function poco_load($xchan = '', $url = null) { $profile_url = $url['value']; continue; } - if($url['type'] == 'zot') { + if(in_array($url['type'], ['zot','zot6'] )) { $network = $url['type']; $address = str_replace('acct:' , '', $url['value']); continue; @@ -151,6 +156,18 @@ function poco_load($xchan = '', $url = null) { if(($x !== false) && (! count($x))) { if($address) { + if($network === 'zot6') { + $j = Zotfinger::exec($profile_url); + if(is_array($j) && array_path_exists('signature/signer',$j) && $j['signature']['signer'] === $profile_url && intval($j['signature']['header_valid'])) { + Libzot::import_xchan($j['data']); + } + $x = q("select xchan_hash from xchan where xchan_hash = '%s' limit 1", + dbesc($hash) + ); + if(! $x) { + continue; + } + } if($network === 'zot') { $j = Zotlabs\Zot\Finger::run($address,null); if($j['success']) { @@ -402,7 +419,7 @@ function poco($a,$extended = false) { $sql_extra ", intval($channel_id) ); - $rooms = q("select * from menu_item where ( mitem_flags & " . intval(MENU_ITEM_CHATROOM) . " )>0 and allow_cid = '' and allow_gid = '' and deny_cid = '' and deny_gid = '' and mitem_channel_id = %d", + $rooms = q("select * from menu_item where ( mitem_flags & " . intval(MENU_ITEM_CHATROOM) . " ) > 0 and allow_cid = '' and allow_gid = '' and deny_cid = '' and deny_gid = '' and mitem_channel_id = %d", intval($channel_id) ); } diff --git a/include/xchan.php b/include/xchan.php index 4fcdf9fce..d69d707aa 100644 --- a/include/xchan.php +++ b/include/xchan.php @@ -1,6 +1,6 @@ <?php -use Zotlabs\Zot6\HTTPSig; +use Zotlabs\Web\HTTPSig; use Zotlabs\Lib\Libzot; diff --git a/include/zot.php b/include/zot.php index 5fd900765..53c3d4d86 100644 --- a/include/zot.php +++ b/include/zot.php @@ -303,9 +303,8 @@ function zot_zot($url, $data, $channel = null,$crypto = null) { if($channel) { $headers['X-Zot-Token'] = random_string(); - $hash = \Zotlabs\Web\HTTPSig::generate_digest($data,false); - $headers['X-Zot-Digest'] = 'SHA-256=' . $hash; - $h = \Zotlabs\Web\HTTPSig::create_sig('',$headers,$channel['channel_prvkey'],'acct:' . $channel['channel_address'] . '@' . \App::get_hostname(),false,false,'sha512',(($crypto) ? $crypto['hubloc_sitekey'] : ''), (($crypto) ? zot_best_algorithm($crypto['site_crypto']) : '')); + $headers['X-Zot-Digest'] = \Zotlabs\Web\HTTPSig::generate_digest_header($data); + $h = \Zotlabs\Web\HTTPSig::create_sig($headers,$channel['channel_prvkey'],'acct:' . channel_reddress($channel),false,'sha512',(($crypto) ? $crypto['hubloc_sitekey'] : ''), (($crypto) ? zot_best_algorithm($crypto['site_crypto']) : '')); } $redirects = 0; |