From d13454fb84061357681e600762b470c9fc257f04 Mon Sep 17 00:00:00 2001 From: Akio Nishimura Date: Thu, 21 Jan 2016 08:10:35 +0900 Subject: [PATCH 001/415] Now we can delete a group logo. --- actions/grouplogo.php | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/actions/grouplogo.php b/actions/grouplogo.php index 0d9c135785..e3906847d3 100644 --- a/actions/grouplogo.php +++ b/actions/grouplogo.php @@ -211,6 +211,10 @@ class GrouplogoAction extends GroupAction 'height' => AVATAR_PROFILE_SIZE, 'alt' => $this->group->nickname)); $this->elementEnd('div'); + if (!empty($this->group->homepage_logo)) { + // TRANS: Button on group logo upload page to delete current group logo. + $this->submit('delete', _('Delete')); + } $this->elementEnd('li'); } @@ -315,6 +319,8 @@ class GrouplogoAction extends GroupAction $this->uploadLogo(); } else if ($this->arg('crop')) { $this->cropLogo(); + } else if ($this->arg('delete')) { + $this->deleteLogo(); } else { // TRANS: Form validation error message when an unsupported argument is used. $this->showForm(_('Unexpected form submission.')); @@ -409,6 +415,29 @@ class GrouplogoAction extends GroupAction } } + /** + * Get rid of the current group logo. + * + * @return void + */ + function deleteLogo() + { + $orig = clone($this->group); + Avatar::deleteFromProfile($this->group->getProfile()); + @unlink(Avatar::path(basename($this->group->original_logo))); + @unlink(Avatar::path(basename($this->group->homepage_logo))); + @unlink(Avatar::path(basename($this->group->stream_logo))); + @unlink(Avatar::path(basename($this->group->mini_logo))); + $this->group->original_logo=User_group::defaultLogo(AVATAR_PROFILE_SIZE); + $this->group->homepage_logo=User_group::defaultLogo(AVATAR_PROFILE_SIZE); + $this->group->stream_logo=User_group::defaultLogo(AVATAR_STREAM_SIZE); + $this->group->mini_logo=User_group::defaultLogo(AVATAR_MINI_SIZE); + $this->group->update($orig); + + // TRANS: Success message for deleting the group logo. + $this->showForm(_('Logo deleted.')); + } + function showPageNotice() { if ($this->msg) { From efd2326a29ab4ec723b4d8882c45eb70d341e1b5 Mon Sep 17 00:00:00 2001 From: hannes Date: Fri, 29 Jan 2016 00:34:32 +0000 Subject: [PATCH 002/415] the last url in the redirection chain can actually also be a redirection (e.g. if it's one of our /attachment/{file_id} links) --- classes/File_redirection.php | 88 ++++++++++++++++++++++-------------- 1 file changed, 55 insertions(+), 33 deletions(-) diff --git a/classes/File_redirection.php b/classes/File_redirection.php index 9b872f3556..32c9cc7a3a 100644 --- a/classes/File_redirection.php +++ b/classes/File_redirection.php @@ -170,56 +170,78 @@ class File_redirection extends Managed_DataObject try { $r = File_redirection::getByUrl($in_url); - if($r instanceof File_redirection) { - try { - $f = File::getKV('id',$r->file_id); - $r->file = $f; - $r->redir_url = $f->url; - } catch (NoResultException $e) { - // Invalid entry, delete and run again - common_log(LOG_ERR, "Could not find File with id=".$r->file_id." referenced in File_redirection, deleting File redirection entry and creating new File and File_redirection entries."); - $r->delete(); - return self::where($in_url); - } - return $r; + try { + $f = File::getKV('id',$r->file_id); + $r->file = $f; + $r->redir_url = $f->url; + } catch (NoResultException $e) { + // Invalid entry, delete and run again + common_log(LOG_ERR, "Could not find File with id=".$r->file_id." referenced in File_redirection, deleting File redirection entry and and trying again..."); + $r->delete(); + return self::where($in_url); } + // File_redirecion and File record found, return both + return $r; + } catch (NoResultException $e) { + // File_redirecion record not found, but this might be a direct link to a file try { $f = File::getByUrl($in_url); $redir->file_id = $f->id; $redir->file = $f; return $redir; } catch (NoResultException $e) { - // Oh well, let's keep going + // nope, this was not a direct link to a file either, let's keep going } } if ($discover) { + // try to follow redirects and get the final url $redir_info = File_redirection::lookupWhere($in_url); if(is_string($redir_info)) { $redir_info = array('url' => $redir_info); } - - // Save the file if we don't have it already - $redir->file = File::saveNew($redir_info,$redir_info['url']); - - // If this is a redirection, save it - // (if it hasn't been saved yet by some other process while we we - // were running lookupWhere()) - if($redir_info['url'] != $in_url) { - try { - $file_redir = File_redirection::getByUrl($in_url); - } catch (NoResultException $e) { - $file_redir = new File_redirection(); - $file_redir->urlhash = File::hashurl($in_url); - $file_redir->url = $in_url; - $file_redir->file_id = $redir->file->getID(); - $file_redir->insert(); - $file_redir->redir_url = $redir->file->url; - } + + // the last url in the redirection chain can actually be a redirect! + // this is the case with local /attachment/{file_id} links + // in that case we have the file id already + try { + $r = File_redirection::getByUrl($redir_info['url']); + try { + $f = File::getKV('id',$r->file_id); + $redir->file = $f; + $redir->redir_url = $f->url; + } catch (NoResultException $e) { + // Invalid entry in File_redirection, delete and run again + common_log(LOG_ERR, "Could not find File with id=".$r->file_id." referenced in File_redirection, deleting File_redirection entry and trying again..."); + $r->delete(); + return self::where($in_url); + } + } catch (NoResultException $e) { + // save the file now when we know that we don't have it in File_redirection + try { + $redir->file = File::saveNew($redir_info,$redir_info['url']); + } catch (ServerException $e) { + common_log(LOG_ERR, $e); + } + } + + // If this is a redirection and we have a file to redirect to, save it + // (if it doesn't exist in File_redirection already) + if($redir->file instanceof File && $redir_info['url'] != $in_url) { + try { + $file_redir = File_redirection::getByUrl($in_url); + } catch (NoResultException $e) { + $file_redir = new File_redirection(); + $file_redir->urlhash = File::hashurl($in_url); + $file_redir->url = $in_url; + $file_redir->file_id = $redir->file->getID(); + $file_redir->insert(); + $file_redir->redir_url = $redir->file->url; + } - $file_redir->file = $redir->file; - return $file_redir; + $file_redir->file = $redir->file; + return $file_redir; } } From f708a5b016d518b186eb0d4682152d81cb0c607c Mon Sep 17 00:00:00 2001 From: hannes Date: Fri, 29 Jan 2016 00:36:30 +0000 Subject: [PATCH 003/415] Never save our /attachment/{file_id} links as links in the file table, return the old file --- classes/File.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/classes/File.php b/classes/File.php index 6cad978a70..428eb9f285 100644 --- a/classes/File.php +++ b/classes/File.php @@ -106,6 +106,19 @@ class File extends Managed_DataObject // We don't have the file's URL since before, so let's continue. } + // if the given url is an local attachment url and the id already exists, don't + // save a new file record. This should never happen, but let's make it foolproof + $attachment_path = common_path('attachment/'); + if(strpos($given_url,$attachment_path) == 0) { + $possible_file_id = substr($given_url,strlen($attachment_path)); + if(is_numeric($possible_file_id)) { + $file = File::getKV('id',$possible_file_id); + if($file instanceof File) { + return $file; + } + } + } + $file = new File; $file->url = $given_url; if (!empty($redir_data['protected'])) $file->protected = $redir_data['protected']; From 7aca4e7463f40dc267e5bb505a9c3dcf5b784258 Mon Sep 17 00:00:00 2001 From: Chimo Date: Thu, 4 Feb 2016 15:20:37 +0000 Subject: [PATCH 004/415] CONFIGURE: Replace short urls with their target Transparency and resilience against shorteners going away. --- CONFIGURE | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/CONFIGURE b/CONFIGURE index d0b6a24484..b1141fa69e 100644 --- a/CONFIGURE +++ b/CONFIGURE @@ -116,8 +116,9 @@ db -- This section is a reference to the configuration options for -DB_DataObject (see ). The ones that you may want to -set are listed below for clarity. +DB_DataObject (see +). +The ones that you may want to set are listed below for clarity. database: a DSN (Data Source Name) for your StatusNet database. This is in the format 'protocol://username:password@hostname/databasename', @@ -318,8 +319,8 @@ server: If set, defines another server where avatars are stored in the the client to speed up page loading, either with another virtual server or with an NFS or SAMBA share. Clients typically only make 2 connections to a single server at a - time , so this can parallelize the job. - Defaults to null. + time , + so this can parallelize the job. Defaults to null. ssl: Whether to access avatars using HTTPS. Defaults to null, meaning to guess based on site-wide SSL settings. @@ -686,7 +687,7 @@ Web crawlers. See http://www.robotstxt.org/ for more information on the format of this file. crawldelay: if non-empty, this value is provided as the Crawl-Delay: - for the robots.txt file. see http://ur1.ca/l5a0 + for the robots.txt file. see https://help.yahoo.com/kb/search for more information. Default is zero, no explicit delay. disallow: Array of (virtual) directories to disallow. Default is 'main', 'search', 'message', 'settings', 'admin'. Ignored when site From 2c5cba28b6a8e13a58fe7584835340aa9779b146 Mon Sep 17 00:00:00 2001 From: Chimo Date: Fri, 22 Jan 2016 16:38:42 +0000 Subject: [PATCH 005/415] Change status.net/wiki URLs to git.gnu.io --- plugins/AccountManager/AccountManagerPlugin.php | 2 +- plugins/Activity/ActivityPlugin.php | 2 +- plugins/ActivitySpam/ActivitySpamPlugin.php | 2 +- plugins/AnonymousFave/AnonymousFavePlugin.php | 2 +- plugins/ApiLogger/ApiLoggerPlugin.php | 2 +- plugins/AuthCrypt/AuthCryptPlugin.php | 2 +- plugins/AutoSandbox/AutoSandboxPlugin.php | 2 +- plugins/Autocomplete/AutocompletePlugin.php | 2 +- plugins/Awesomeness/AwesomenessPlugin.php | 2 +- plugins/BitlyUrl/BitlyUrlPlugin.php | 2 +- plugins/Blacklist/BlacklistPlugin.php | 2 +- plugins/BlankAd/BlankAdPlugin.php | 2 +- plugins/BlogspamNet/BlogspamNetPlugin.php | 2 +- plugins/CacheLog/CacheLogPlugin.php | 2 +- plugins/CasAuthentication/CasAuthenticationPlugin.php | 2 +- plugins/ClientSideShorten/ClientSideShortenPlugin.php | 2 +- plugins/Comet/CometPlugin.php | 2 +- plugins/DirectionDetector/DirectionDetectorPlugin.php | 2 +- plugins/Directory/DirectoryPlugin.php | 2 +- plugins/DiskCache/DiskCachePlugin.php | 2 +- plugins/DomainStatusNetwork/DomainStatusNetworkPlugin.php | 2 +- plugins/DomainWhitelist/DomainWhitelistPlugin.php | 2 +- plugins/EmailAuthentication/EmailAuthenticationPlugin.php | 2 +- plugins/EmailRegistration/EmailRegistrationPlugin.php | 2 +- plugins/EmailReminder/EmailReminderPlugin.php | 2 +- plugins/EmailSummary/EmailSummaryPlugin.php | 2 +- plugins/Event/EventPlugin.php | 2 +- plugins/ExtendedProfile/ExtendedProfilePlugin.php | 2 +- plugins/FacebookBridge/FacebookBridgePlugin.php | 2 +- plugins/FollowEveryone/FollowEveryonePlugin.php | 2 +- plugins/ForceGroup/ForceGroupPlugin.php | 2 +- plugins/GeoURL/GeoURLPlugin.php | 2 +- plugins/Geonames/GeonamesPlugin.php | 2 +- plugins/GroupFavorited/GroupFavoritedPlugin.php | 2 +- plugins/GroupPrivateMessage/GroupPrivateMessagePlugin.php | 2 +- plugins/Imap/ImapPlugin.php | 2 +- plugins/InProcessCache/InProcessCachePlugin.php | 2 +- plugins/InfiniteScroll/InfiniteScrollPlugin.php | 2 +- plugins/LdapAuthentication/LdapAuthenticationPlugin.php | 2 +- plugins/LdapAuthorization/LdapAuthorizationPlugin.php | 2 +- plugins/LilUrl/LilUrlPlugin.php | 2 +- plugins/LinkPreview/LinkPreviewPlugin.php | 2 +- plugins/Linkback/LinkbackPlugin.php | 2 +- plugins/LogFilter/LogFilterPlugin.php | 2 +- plugins/Mapstraction/MapstractionPlugin.php | 2 +- plugins/Memcache/MemcachePlugin.php | 2 +- plugins/Memcached/MemcachedPlugin.php | 2 +- plugins/Meteor/MeteorPlugin.php | 2 +- plugins/Minify/MinifyPlugin.php | 2 +- plugins/MobileProfile/MobileProfilePlugin.php | 2 +- plugins/ModHelper/ModHelperPlugin.php | 2 +- plugins/ModLog/ModLogPlugin.php | 2 +- plugins/ModPlus/ModPlusPlugin.php | 2 +- plugins/NoticeTitle/NoticeTitlePlugin.php | 2 +- plugins/OStatus/OStatusPlugin.php | 2 +- plugins/OfflineBackup/OfflineBackupPlugin.php | 2 +- plugins/OpenExternalLinkTarget/OpenExternalLinkTargetPlugin.php | 2 +- plugins/OpenID/OpenIDPlugin.php | 2 +- plugins/OpenX/OpenXPlugin.php | 2 +- plugins/Orbited/OrbitedPlugin.php | 2 +- plugins/PiwikAnalytics/PiwikAnalyticsPlugin.php | 2 +- plugins/Poll/PollPlugin.php | 2 +- plugins/PostDebug/PostDebugPlugin.php | 2 +- plugins/PtitUrl/PtitUrlPlugin.php | 2 +- plugins/QnA/QnAPlugin.php | 2 +- plugins/RSSCloud/RSSCloudPlugin.php | 2 +- plugins/Recaptcha/RecaptchaPlugin.php | 2 +- plugins/RegisterThrottle/RegisterThrottlePlugin.php | 2 +- plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php | 2 +- .../ReverseUsernameAuthenticationPlugin.php | 2 +- plugins/SQLProfile/SQLProfilePlugin.php | 2 +- plugins/SQLStats/SQLStatsPlugin.php | 2 +- plugins/Sample/SamplePlugin.php | 2 +- plugins/SearchSub/SearchSubPlugin.php | 2 +- plugins/ShareNotice/ShareNoticePlugin.php | 2 +- plugins/SimpleUrl/SimpleUrlPlugin.php | 2 +- plugins/Sitemap/SitemapPlugin.php | 2 +- plugins/SlicedFavorites/SlicedFavoritesPlugin.php | 2 +- plugins/SphinxSearch/SphinxSearchPlugin.php | 2 +- .../StrictTransportSecurity/StrictTransportSecurityPlugin.php | 2 +- plugins/SubMirror/SubMirrorPlugin.php | 2 +- plugins/SubscriptionThrottle/SubscriptionThrottlePlugin.php | 2 +- plugins/TabFocus/TabFocusPlugin.php | 2 +- plugins/TagSub/TagSubPlugin.php | 2 +- plugins/TightUrl/TightUrlPlugin.php | 2 +- plugins/TwitterBridge/TwitterBridgePlugin.php | 2 +- plugins/UserFlag/UserFlagPlugin.php | 2 +- plugins/UserLimit/UserLimitPlugin.php | 2 +- plugins/WikiHashtags/WikiHashtagsPlugin.php | 2 +- plugins/WikiHowProfile/WikiHowProfilePlugin.php | 2 +- plugins/Xmpp/XmppPlugin.php | 2 +- 91 files changed, 91 insertions(+), 91 deletions(-) diff --git a/plugins/AccountManager/AccountManagerPlugin.php b/plugins/AccountManager/AccountManagerPlugin.php index 768f71510f..429e9d4e5e 100644 --- a/plugins/AccountManager/AccountManagerPlugin.php +++ b/plugins/AccountManager/AccountManagerPlugin.php @@ -92,7 +92,7 @@ class AccountManagerPlugin extends Plugin $versions[] = array('name' => 'AccountManager', 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews', - 'homepage' => 'http://status.net/wiki/Plugin:AccountManager', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/AccountManager', 'rawdescription' => // TRANS: Plugin description. _m('The Account Manager plugin implements the Account Manager specification.')); diff --git a/plugins/Activity/ActivityPlugin.php b/plugins/Activity/ActivityPlugin.php index 6805b4fe07..0f306a427c 100644 --- a/plugins/Activity/ActivityPlugin.php +++ b/plugins/Activity/ActivityPlugin.php @@ -344,7 +344,7 @@ class ActivityPlugin extends Plugin $versions[] = array('name' => 'Activity', 'version' => self::VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:Activity', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Activity', 'rawdescription' => // TRANS: Plugin description. _m('Emits notices when social activities happen.')); diff --git a/plugins/ActivitySpam/ActivitySpamPlugin.php b/plugins/ActivitySpam/ActivitySpamPlugin.php index 9d61b2dddd..d63d64c718 100644 --- a/plugins/ActivitySpam/ActivitySpamPlugin.php +++ b/plugins/ActivitySpam/ActivitySpamPlugin.php @@ -220,7 +220,7 @@ class ActivitySpamPlugin extends Plugin $versions[] = array('name' => 'ActivitySpam', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:ActivitySpam', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/ActivitySpam', 'description' => _m('Test notices against the Activity Spam service.')); return true; diff --git a/plugins/AnonymousFave/AnonymousFavePlugin.php b/plugins/AnonymousFave/AnonymousFavePlugin.php index 841b652401..ca4bdc832f 100644 --- a/plugins/AnonymousFave/AnonymousFavePlugin.php +++ b/plugins/AnonymousFave/AnonymousFavePlugin.php @@ -273,7 +273,7 @@ class AnonymousFavePlugin extends Plugin */ function onPluginVersion(array &$versions) { - $url = 'http://status.net/wiki/Plugin:AnonymousFave'; + $url = 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/AnonymousFave'; $versions[] = array('name' => 'AnonymousFave', 'version' => ANONYMOUS_FAVE_PLUGIN_VERSION, diff --git a/plugins/ApiLogger/ApiLoggerPlugin.php b/plugins/ApiLogger/ApiLoggerPlugin.php index 920009de5a..3877c464f0 100644 --- a/plugins/ApiLogger/ApiLoggerPlugin.php +++ b/plugins/ApiLogger/ApiLoggerPlugin.php @@ -80,7 +80,7 @@ class ApiLoggerPlugin extends Plugin $versions[] = array('name' => 'ApiLogger', 'version' => GNUSOCIAL_VERSION, 'author' => 'Brion Vibber', - 'homepage' => 'http://status.net/wiki/Plugin:ApiLogger', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/ApiLogger', 'rawdescription' => // TRANS: Plugin description. _m('Allows random sampling of API requests.')); diff --git a/plugins/AuthCrypt/AuthCryptPlugin.php b/plugins/AuthCrypt/AuthCryptPlugin.php index 540019f9c2..62019aa015 100644 --- a/plugins/AuthCrypt/AuthCryptPlugin.php +++ b/plugins/AuthCrypt/AuthCryptPlugin.php @@ -155,7 +155,7 @@ class AuthCryptPlugin extends AuthenticationPlugin $versions[] = array('name' => 'AuthCrypt', 'version' => GNUSOCIAL_VERSION, 'author' => 'Mikael Nordfeldth', - 'homepage' => 'http://status.net/wiki/Plugin:AuthCrypt', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/AuthCrypt', 'rawdescription' => // TRANS: Plugin description. _m('Authentication and password hashing with crypt()')); diff --git a/plugins/AutoSandbox/AutoSandboxPlugin.php b/plugins/AutoSandbox/AutoSandboxPlugin.php index e914977cc9..706523564a 100644 --- a/plugins/AutoSandbox/AutoSandboxPlugin.php +++ b/plugins/AutoSandbox/AutoSandboxPlugin.php @@ -61,7 +61,7 @@ class AutoSandboxPlugin extends Plugin $versions[] = array('name' => 'AutoSandbox', 'version' => GNUSOCIAL_VERSION, 'author' => 'Sean Carmody', - 'homepage' => 'http://status.net/wiki/Plugin:AutoSandbox', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/AutoSandbox', 'rawdescription' => // TRANS: Plugin description. _m('Automatically sandboxes newly registered members.')); diff --git a/plugins/Autocomplete/AutocompletePlugin.php b/plugins/Autocomplete/AutocompletePlugin.php index 0f0c2592c2..55bdb8894a 100644 --- a/plugins/Autocomplete/AutocompletePlugin.php +++ b/plugins/Autocomplete/AutocompletePlugin.php @@ -57,7 +57,7 @@ class AutocompletePlugin extends Plugin $versions[] = array('name' => 'Autocomplete', 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews', - 'homepage' => 'http://status.net/wiki/Plugin:Autocomplete', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Autocomplete', 'rawdescription' => // TRANS: Plugin description. _m('The autocomplete plugin adds autocompletion for @ replies.')); diff --git a/plugins/Awesomeness/AwesomenessPlugin.php b/plugins/Awesomeness/AwesomenessPlugin.php index ca3b281df6..fff833d4ee 100644 --- a/plugins/Awesomeness/AwesomenessPlugin.php +++ b/plugins/Awesomeness/AwesomenessPlugin.php @@ -50,7 +50,7 @@ class AwesomenessPlugin extends Plugin 'name' => 'Awesomeness', 'version' => self::VERSION, 'author' => 'Jeroen De Dauw', - 'homepage' => 'http://status.net/wiki/Plugin:Awesomeness', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Awesomeness', // TRANS: Plugin description for a sample plugin. 'rawdescription' => _m('The Awesomeness plugin adds additional awesomeness ' . 'to a StatusNet installation.' diff --git a/plugins/BitlyUrl/BitlyUrlPlugin.php b/plugins/BitlyUrl/BitlyUrlPlugin.php index 13a1bf2ec4..079a06a3e7 100644 --- a/plugins/BitlyUrl/BitlyUrlPlugin.php +++ b/plugins/BitlyUrl/BitlyUrlPlugin.php @@ -150,7 +150,7 @@ class BitlyUrlPlugin extends UrlShortenerPlugin $versions[] = array('name' => sprintf('BitlyUrl (%s)', $this->shortenerName), 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews, Brion Vibber', - 'homepage' => 'http://status.net/wiki/Plugin:BitlyUrl', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/BitlyUrl', 'rawdescription' => // TRANS: Plugin description. %1$s is the URL shortening service base URL (for example "bit.ly"). sprintf(_m('Uses %1$s URL-shortener service.'), diff --git a/plugins/Blacklist/BlacklistPlugin.php b/plugins/Blacklist/BlacklistPlugin.php index bad89f2457..31929fcadc 100644 --- a/plugins/Blacklist/BlacklistPlugin.php +++ b/plugins/Blacklist/BlacklistPlugin.php @@ -297,7 +297,7 @@ class BlacklistPlugin extends Plugin 'version' => self::VERSION, 'author' => 'Evan Prodromou', 'homepage' => - 'http://status.net/wiki/Plugin:Blacklist', + 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Blacklist', 'description' => // TRANS: Plugin description. _m('Keeps a blacklist of forbidden nickname '. diff --git a/plugins/BlankAd/BlankAdPlugin.php b/plugins/BlankAd/BlankAdPlugin.php index b5cd968c7f..fbcf70bb03 100644 --- a/plugins/BlankAd/BlankAdPlugin.php +++ b/plugins/BlankAd/BlankAdPlugin.php @@ -122,7 +122,7 @@ class BlankAdPlugin extends UAPPlugin $versions[] = array('name' => 'BlankAd', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:BlankAdPlugin', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/BlankAdPlugin', 'rawdescription' => // TRANS: Plugin description. _m('Plugin for testing ad layout.')); diff --git a/plugins/BlogspamNet/BlogspamNetPlugin.php b/plugins/BlogspamNet/BlogspamNetPlugin.php index 2cab69be30..30e9cffe16 100644 --- a/plugins/BlogspamNet/BlogspamNetPlugin.php +++ b/plugins/BlogspamNet/BlogspamNetPlugin.php @@ -153,7 +153,7 @@ class BlogspamNetPlugin extends Plugin $versions[] = array('name' => 'BlogspamNet', 'version' => BLOGSPAMNETPLUGIN_VERSION, 'author' => 'Evan Prodromou, Brion Vibber', - 'homepage' => 'http://status.net/wiki/Plugin:BlogspamNet', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/BlogspamNet', 'rawdescription' => // TRANS: Plugin description. _m('Plugin to check submitted notices with blogspam.net.')); diff --git a/plugins/CacheLog/CacheLogPlugin.php b/plugins/CacheLog/CacheLogPlugin.php index 5c1b57e0e6..cf7e3a9884 100644 --- a/plugins/CacheLog/CacheLogPlugin.php +++ b/plugins/CacheLog/CacheLogPlugin.php @@ -101,7 +101,7 @@ class CacheLogPlugin extends Plugin $versions[] = array('name' => 'CacheLog', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:CacheLog', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/CacheLog', 'description' => // TRANS: Plugin description. _m('Log reads and writes to the cache.')); diff --git a/plugins/CasAuthentication/CasAuthenticationPlugin.php b/plugins/CasAuthentication/CasAuthenticationPlugin.php index 461655264e..cf0bf4ac52 100644 --- a/plugins/CasAuthentication/CasAuthenticationPlugin.php +++ b/plugins/CasAuthentication/CasAuthenticationPlugin.php @@ -152,7 +152,7 @@ class CasAuthenticationPlugin extends AuthenticationPlugin $versions[] = array('name' => 'CAS Authentication', 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews', - 'homepage' => 'http://status.net/wiki/Plugin:CasAuthentication', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/CasAuthentication', // TRANS: Plugin description. CAS is Central Authentication Service. 'rawdescription' => _m('The CAS Authentication plugin allows for StatusNet to handle authentication through CAS (Central Authentication Service).')); return true; diff --git a/plugins/ClientSideShorten/ClientSideShortenPlugin.php b/plugins/ClientSideShorten/ClientSideShortenPlugin.php index 4d87ab2240..0e4e7969aa 100644 --- a/plugins/ClientSideShorten/ClientSideShortenPlugin.php +++ b/plugins/ClientSideShorten/ClientSideShortenPlugin.php @@ -59,7 +59,7 @@ class ClientSideShortenPlugin extends Plugin $versions[] = array('name' => 'Shorten', 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews', - 'homepage' => 'http://status.net/wiki/Plugin:ClientSideShorten', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/ClientSideShorten', 'rawdescription' => // TRANS: Plugin description. _m('ClientSideShorten causes the web interface\'s notice form to automatically shorten URLs as they entered, and before the notice is submitted.')); diff --git a/plugins/Comet/CometPlugin.php b/plugins/Comet/CometPlugin.php index 5b38b2ae11..83c4e70990 100644 --- a/plugins/Comet/CometPlugin.php +++ b/plugins/Comet/CometPlugin.php @@ -109,7 +109,7 @@ class CometPlugin extends RealtimePlugin $versions[] = array('name' => 'Comet', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:Comet', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Comet', 'rawdescription' => // TRANS: Plugin description message. Bayeux is a protocol for transporting asynchronous messages // TRANS: and Comet is a web application model. diff --git a/plugins/DirectionDetector/DirectionDetectorPlugin.php b/plugins/DirectionDetector/DirectionDetectorPlugin.php index b721ebb20e..1f77a61acc 100644 --- a/plugins/DirectionDetector/DirectionDetectorPlugin.php +++ b/plugins/DirectionDetector/DirectionDetectorPlugin.php @@ -246,7 +246,7 @@ class DirectionDetectorPlugin extends Plugin { * plugin details */ function onPluginVersion(array &$versions){ - $url = 'http://status.net/wiki/Plugin:DirectionDetector'; + $url = 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/DirectionDetector'; $versions[] = array( 'name' => 'Direction detector', diff --git a/plugins/Directory/DirectoryPlugin.php b/plugins/Directory/DirectoryPlugin.php index e06c1c7271..e8ef98969f 100644 --- a/plugins/Directory/DirectoryPlugin.php +++ b/plugins/Directory/DirectoryPlugin.php @@ -257,7 +257,7 @@ class DirectoryPlugin extends Plugin 'name' => 'Directory', 'version' => GNUSOCIAL_VERSION, 'author' => 'Zach Copley', - 'homepage' => 'http://status.net/wiki/Plugin:Directory', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Directory', // TRANS: Plugin description. 'rawdescription' => _m('Add a user directory.') ); diff --git a/plugins/DiskCache/DiskCachePlugin.php b/plugins/DiskCache/DiskCachePlugin.php index 967990c12f..a574bf5158 100644 --- a/plugins/DiskCache/DiskCachePlugin.php +++ b/plugins/DiskCache/DiskCachePlugin.php @@ -166,7 +166,7 @@ class DiskCachePlugin extends Plugin $versions[] = array('name' => 'DiskCache', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:DiskCache', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/DiskCache', 'rawdescription' => // TRANS: Plugin description. _m('Plugin to implement cache interface with disk files.')); diff --git a/plugins/DomainStatusNetwork/DomainStatusNetworkPlugin.php b/plugins/DomainStatusNetwork/DomainStatusNetworkPlugin.php index 062151db17..24ca6c90b0 100644 --- a/plugins/DomainStatusNetwork/DomainStatusNetworkPlugin.php +++ b/plugins/DomainStatusNetwork/DomainStatusNetworkPlugin.php @@ -195,7 +195,7 @@ class DomainStatusNetworkPlugin extends Plugin $versions[] = array('name' => 'DomainStatusNetwork', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:DomainStatusNetwork', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/DomainStatusNetwork', 'rawdescription' => // TRANS: Plugin description. _m('A plugin that maps a single status_network to an email domain.')); diff --git a/plugins/DomainWhitelist/DomainWhitelistPlugin.php b/plugins/DomainWhitelist/DomainWhitelistPlugin.php index 2e15dd809a..e965cfaa04 100644 --- a/plugins/DomainWhitelist/DomainWhitelistPlugin.php +++ b/plugins/DomainWhitelist/DomainWhitelistPlugin.php @@ -272,7 +272,7 @@ class DomainWhitelistPlugin extends Plugin $versions[] = array('name' => 'DomainWhitelist', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou, Zach Copley', - 'homepage' => 'http://status.net/wiki/Plugin:DomainWhitelist', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/DomainWhitelist', 'rawdescription' => // TRANS: Plugin description. _m('Restrict domains for email users.')); diff --git a/plugins/EmailAuthentication/EmailAuthenticationPlugin.php b/plugins/EmailAuthentication/EmailAuthenticationPlugin.php index 524f1a6411..fda99a12f8 100644 --- a/plugins/EmailAuthentication/EmailAuthenticationPlugin.php +++ b/plugins/EmailAuthentication/EmailAuthenticationPlugin.php @@ -54,7 +54,7 @@ class EmailAuthenticationPlugin extends Plugin $versions[] = array('name' => 'Email Authentication', 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews', - 'homepage' => 'http://status.net/wiki/Plugin:EmailAuthentication', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/EmailAuthentication', 'rawdescription' => // TRANS: Plugin description. _m('The Email Authentication plugin allows users to login using their email address.')); diff --git a/plugins/EmailRegistration/EmailRegistrationPlugin.php b/plugins/EmailRegistration/EmailRegistrationPlugin.php index 9e0fd58856..56e022435e 100644 --- a/plugins/EmailRegistration/EmailRegistrationPlugin.php +++ b/plugins/EmailRegistration/EmailRegistrationPlugin.php @@ -177,7 +177,7 @@ class EmailRegistrationPlugin extends Plugin $versions[] = array('name' => 'EmailRegistration', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:EmailRegistration', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/EmailRegistration', 'rawdescription' => // TRANS: Plugin description. _m('Use email only for registration.')); diff --git a/plugins/EmailReminder/EmailReminderPlugin.php b/plugins/EmailReminder/EmailReminderPlugin.php index 9ac6275537..f30e8d9273 100644 --- a/plugins/EmailReminder/EmailReminderPlugin.php +++ b/plugins/EmailReminder/EmailReminderPlugin.php @@ -185,7 +185,7 @@ class EmailReminderPlugin extends Plugin 'name' => 'EmailReminder', 'version' => GNUSOCIAL_VERSION, 'author' => 'Zach Copley', - 'homepage' => 'http://status.net/wiki/Plugin:EmailReminder', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/EmailReminder', // TRANS: Plugin description. 'rawdescription' => _m('Send email reminders for various things.') ); diff --git a/plugins/EmailSummary/EmailSummaryPlugin.php b/plugins/EmailSummary/EmailSummaryPlugin.php index bc47fdece9..75985da32e 100644 --- a/plugins/EmailSummary/EmailSummaryPlugin.php +++ b/plugins/EmailSummary/EmailSummaryPlugin.php @@ -71,7 +71,7 @@ class EmailSummaryPlugin extends Plugin $versions[] = array('name' => 'EmailSummary', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:EmailSummary', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/EmailSummary', 'rawdescription' => // TRANS: Plugin description. _m('Send an email summary of the inbox to users.')); diff --git a/plugins/Event/EventPlugin.php b/plugins/Event/EventPlugin.php index 82ba2c19cb..ed6a01e9b4 100644 --- a/plugins/Event/EventPlugin.php +++ b/plugins/Event/EventPlugin.php @@ -102,7 +102,7 @@ class EventPlugin extends ActivityVerbHandlerPlugin $versions[] = array('name' => 'Event', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:Event', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Event', 'description' => // TRANS: Plugin description. _m('Event invitations and RSVPs.')); diff --git a/plugins/ExtendedProfile/ExtendedProfilePlugin.php b/plugins/ExtendedProfile/ExtendedProfilePlugin.php index ea928b995e..a1717c897e 100644 --- a/plugins/ExtendedProfile/ExtendedProfilePlugin.php +++ b/plugins/ExtendedProfile/ExtendedProfilePlugin.php @@ -35,7 +35,7 @@ class ExtendedProfilePlugin extends Plugin 'name' => 'ExtendedProfile', 'version' => GNUSOCIAL_VERSION, 'author' => 'Brion Vibber, Samantha Doherty, Zach Copley', - 'homepage' => 'http://status.net/wiki/Plugin:ExtendedProfile', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/ExtendedProfile', // TRANS: Plugin description. 'rawdescription' => _m('UI extensions for additional profile fields.') ); diff --git a/plugins/FacebookBridge/FacebookBridgePlugin.php b/plugins/FacebookBridge/FacebookBridgePlugin.php index a19cc0349b..0f4c59fbaf 100644 --- a/plugins/FacebookBridge/FacebookBridgePlugin.php +++ b/plugins/FacebookBridge/FacebookBridgePlugin.php @@ -618,7 +618,7 @@ ENDOFSCRIPT; 'name' => 'Facebook Bridge', 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews, Zach Copley', - 'homepage' => 'http://status.net/wiki/Plugin:FacebookBridge', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/FacebookBridge', 'rawdescription' => // TRANS: Plugin description. _m('A plugin for integrating StatusNet with Facebook.') diff --git a/plugins/FollowEveryone/FollowEveryonePlugin.php b/plugins/FollowEveryone/FollowEveryonePlugin.php index 3c26963e3e..58aae85ed0 100644 --- a/plugins/FollowEveryone/FollowEveryonePlugin.php +++ b/plugins/FollowEveryone/FollowEveryonePlugin.php @@ -170,7 +170,7 @@ class FollowEveryonePlugin extends Plugin $versions[] = array('name' => 'FollowEveryone', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:FollowEveryone', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/FollowEveryone', 'rawdescription' => // TRANS: Plugin description. _m('New users follow everyone at registration and are followed in return.')); diff --git a/plugins/ForceGroup/ForceGroupPlugin.php b/plugins/ForceGroup/ForceGroupPlugin.php index 56e33355e8..e0ab59822e 100644 --- a/plugins/ForceGroup/ForceGroupPlugin.php +++ b/plugins/ForceGroup/ForceGroupPlugin.php @@ -107,7 +107,7 @@ class ForceGroupPlugin extends Plugin */ function onPluginVersion(array &$versions) { - $url = 'http://status.net/wiki/Plugin:ForceGroup'; + $url = 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/ForceGroup'; $versions[] = array('name' => 'ForceGroup', 'version' => GNUSOCIAL_VERSION, diff --git a/plugins/GeoURL/GeoURLPlugin.php b/plugins/GeoURL/GeoURLPlugin.php index a64ac7f4fd..be47bd5d27 100644 --- a/plugins/GeoURL/GeoURLPlugin.php +++ b/plugins/GeoURL/GeoURLPlugin.php @@ -121,7 +121,7 @@ class GeoURLPlugin extends Plugin $versions[] = array('name' => 'GeoURL', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:GeoURL', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/GeoURL', 'rawdescription' => // TRANS: Plugin description. _m('Ping GeoURL when '. diff --git a/plugins/Geonames/GeonamesPlugin.php b/plugins/Geonames/GeonamesPlugin.php index ff9192283f..14a95a2114 100644 --- a/plugins/Geonames/GeonamesPlugin.php +++ b/plugins/Geonames/GeonamesPlugin.php @@ -492,7 +492,7 @@ class GeonamesPlugin extends Plugin $versions[] = array('name' => 'Geonames', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:Geonames', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Geonames', 'rawdescription' => // TRANS: Plugin description. _m('Uses Geonames service to get human-readable '. diff --git a/plugins/GroupFavorited/GroupFavoritedPlugin.php b/plugins/GroupFavorited/GroupFavoritedPlugin.php index bfb7374d1d..3c6fbd3af4 100644 --- a/plugins/GroupFavorited/GroupFavoritedPlugin.php +++ b/plugins/GroupFavorited/GroupFavoritedPlugin.php @@ -67,7 +67,7 @@ class GroupFavoritedPlugin extends Plugin */ function onPluginVersion(array &$versions) { - $url = 'http://status.net/wiki/Plugin:GroupFavorited'; + $url = 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/GroupFavorited'; $versions[] = array('name' => 'GroupFavorited', 'version' => GNUSOCIAL_VERSION, diff --git a/plugins/GroupPrivateMessage/GroupPrivateMessagePlugin.php b/plugins/GroupPrivateMessage/GroupPrivateMessagePlugin.php index 61828239ca..bee504491f 100644 --- a/plugins/GroupPrivateMessage/GroupPrivateMessagePlugin.php +++ b/plugins/GroupPrivateMessage/GroupPrivateMessagePlugin.php @@ -410,7 +410,7 @@ class GroupPrivateMessagePlugin extends Plugin $versions[] = array('name' => 'GroupPrivateMessage', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:GroupPrivateMessage', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/GroupPrivateMessage', 'rawdescription' => // TRANS: Plugin description. _m('Allow posting private messages to groups.')); diff --git a/plugins/Imap/ImapPlugin.php b/plugins/Imap/ImapPlugin.php index ea6eaabef8..15bd8159d7 100644 --- a/plugins/Imap/ImapPlugin.php +++ b/plugins/Imap/ImapPlugin.php @@ -81,7 +81,7 @@ class ImapPlugin extends Plugin $versions[] = array('name' => 'IMAP', 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews', - 'homepage' => 'http://status.net/wiki/Plugin:IMAP', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/IMAP', 'rawdescription' => // TRANS: Plugin description. _m('The IMAP plugin allows for StatusNet to check a POP or IMAP mailbox for incoming mail containing user posts.')); diff --git a/plugins/InProcessCache/InProcessCachePlugin.php b/plugins/InProcessCache/InProcessCachePlugin.php index 4684d0169f..4bcfb8e2da 100644 --- a/plugins/InProcessCache/InProcessCachePlugin.php +++ b/plugins/InProcessCache/InProcessCachePlugin.php @@ -172,7 +172,7 @@ class InProcessCachePlugin extends Plugin */ function onPluginVersion(array &$versions) { - $url = 'http://status.net/wiki/Plugin:InProcessCache'; + $url = 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/InProcessCache'; $versions[] = array('name' => 'InProcessCache', 'version' => GNUSOCIAL_VERSION, diff --git a/plugins/InfiniteScroll/InfiniteScrollPlugin.php b/plugins/InfiniteScroll/InfiniteScrollPlugin.php index 986ba36075..c9107ad824 100644 --- a/plugins/InfiniteScroll/InfiniteScrollPlugin.php +++ b/plugins/InfiniteScroll/InfiniteScrollPlugin.php @@ -46,7 +46,7 @@ class InfiniteScrollPlugin extends Plugin $versions[] = array('name' => 'InfiniteScroll', 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews', - 'homepage' => 'http://status.net/wiki/Plugin:InfiniteScroll', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/InfiniteScroll', 'rawdescription' => // TRANS: Plugin dscription. _m('Infinite Scroll adds the following functionality to your StatusNet installation: When a user scrolls towards the bottom of the page, the next page of notices is automatically retrieved and appended. This means they never need to click "Next Page", which dramatically increases stickiness.')); diff --git a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php index 0efaec99b2..2a09ad7c81 100644 --- a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php +++ b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php @@ -147,7 +147,7 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin $versions[] = array('name' => 'LDAP Authentication', 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews', - 'homepage' => 'http://status.net/wiki/Plugin:LdapAuthentication', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/LdapAuthentication', 'rawdescription' => // TRANS: Plugin description. _m('The LDAP Authentication plugin allows for StatusNet to handle authentication through LDAP.')); diff --git a/plugins/LdapAuthorization/LdapAuthorizationPlugin.php b/plugins/LdapAuthorization/LdapAuthorizationPlugin.php index eca8e037a0..fb86ba57b8 100644 --- a/plugins/LdapAuthorization/LdapAuthorizationPlugin.php +++ b/plugins/LdapAuthorization/LdapAuthorizationPlugin.php @@ -123,7 +123,7 @@ class LdapAuthorizationPlugin extends AuthorizationPlugin $versions[] = array('name' => 'LDAP Authorization', 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews', - 'homepage' => 'http://status.net/wiki/Plugin:LdapAuthorization', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/LdapAuthorization', 'rawdescription' => // TRANS: Plugin description. _m('The LDAP Authorization plugin allows for StatusNet to handle authorization through LDAP.')); diff --git a/plugins/LilUrl/LilUrlPlugin.php b/plugins/LilUrl/LilUrlPlugin.php index fcbee2b56d..1e4d135cc3 100644 --- a/plugins/LilUrl/LilUrlPlugin.php +++ b/plugins/LilUrl/LilUrlPlugin.php @@ -62,7 +62,7 @@ class LilUrlPlugin extends UrlShortenerPlugin $versions[] = array('name' => sprintf('LilUrl (%s)', $this->shortenerName), 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews', - 'homepage' => 'http://status.net/wiki/Plugin:LilUrl', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/LilUrl', 'rawdescription' => // TRANS: Plugin description. // TRANS: %1$s is the service URL. diff --git a/plugins/LinkPreview/LinkPreviewPlugin.php b/plugins/LinkPreview/LinkPreviewPlugin.php index 5edf66767d..25e31f3f79 100644 --- a/plugins/LinkPreview/LinkPreviewPlugin.php +++ b/plugins/LinkPreview/LinkPreviewPlugin.php @@ -34,7 +34,7 @@ class LinkPreviewPlugin extends Plugin $versions[] = array('name' => 'LinkPreview', 'version' => GNUSOCIAL_VERSION, 'author' => 'Brion Vibber', - 'homepage' => 'http://status.net/wiki/Plugin:LinkPreview', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/LinkPreview', 'rawdescription' => // TRANS: Plugin description. _m('UI extension for previewing thumbnails from links.')); diff --git a/plugins/Linkback/LinkbackPlugin.php b/plugins/Linkback/LinkbackPlugin.php index 64165199eb..06c49b0809 100644 --- a/plugins/Linkback/LinkbackPlugin.php +++ b/plugins/Linkback/LinkbackPlugin.php @@ -337,7 +337,7 @@ class LinkbackPlugin extends Plugin $versions[] = array('name' => 'Linkback', 'version' => LINKBACKPLUGIN_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:Linkback', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Linkback', 'rawdescription' => // TRANS: Plugin description. _m('Notify blog authors when their posts have been linked in '. diff --git a/plugins/LogFilter/LogFilterPlugin.php b/plugins/LogFilter/LogFilterPlugin.php index 028af9bc9c..f0794af4a3 100644 --- a/plugins/LogFilter/LogFilterPlugin.php +++ b/plugins/LogFilter/LogFilterPlugin.php @@ -44,7 +44,7 @@ class LogFilterPlugin extends Plugin $versions[] = array('name' => 'LogFilter', 'version' => GNUSOCIAL_VERSION, 'author' => 'Brion Vibber', - 'homepage' => 'http://status.net/wiki/Plugin:LogFilter', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/LogFilter', 'rawdescription' => // TRANS: Plugin description. _m('Provides server-side setting to filter log output by type or keyword.')); diff --git a/plugins/Mapstraction/MapstractionPlugin.php b/plugins/Mapstraction/MapstractionPlugin.php index fcc9d88e56..bc43b9dff7 100644 --- a/plugins/Mapstraction/MapstractionPlugin.php +++ b/plugins/Mapstraction/MapstractionPlugin.php @@ -174,7 +174,7 @@ class MapstractionPlugin extends Plugin $versions[] = array('name' => 'Mapstraction', 'version' => self::VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:Mapstraction', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Mapstraction', 'rawdescription' => // TRANS: Plugin description. _m('Show maps of users\' and friends\' notices '. diff --git a/plugins/Memcache/MemcachePlugin.php b/plugins/Memcache/MemcachePlugin.php index 7efb5e0284..dc0f943675 100644 --- a/plugins/Memcache/MemcachePlugin.php +++ b/plugins/Memcache/MemcachePlugin.php @@ -241,7 +241,7 @@ class MemcachePlugin extends Plugin $versions[] = array('name' => 'Memcache', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou, Craig Andrews', - 'homepage' => 'http://status.net/wiki/Plugin:Memcache', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Memcache', 'rawdescription' => // TRANS: Plugin description. _m('Use Memcached to cache query results.')); diff --git a/plugins/Memcached/MemcachedPlugin.php b/plugins/Memcached/MemcachedPlugin.php index ca24b7b7d1..33b7772db4 100644 --- a/plugins/Memcached/MemcachedPlugin.php +++ b/plugins/Memcached/MemcachedPlugin.php @@ -212,7 +212,7 @@ class MemcachedPlugin extends Plugin $versions[] = array('name' => 'Memcached', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou, Craig Andrews', - 'homepage' => 'http://status.net/wiki/Plugin:Memcached', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Memcached', 'rawdescription' => // TRANS: Plugin description. _m('Use Memcached to cache query results.')); diff --git a/plugins/Meteor/MeteorPlugin.php b/plugins/Meteor/MeteorPlugin.php index 64c2fd3d69..9ce25386c1 100644 --- a/plugins/Meteor/MeteorPlugin.php +++ b/plugins/Meteor/MeteorPlugin.php @@ -165,7 +165,7 @@ class MeteorPlugin extends RealtimePlugin $versions[] = array('name' => 'Meteor', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:Meteor', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Meteor', 'rawdescription' => // TRANS: Plugin description. _m('Plugin to do "real time" updates using Meteor.')); diff --git a/plugins/Minify/MinifyPlugin.php b/plugins/Minify/MinifyPlugin.php index 1dd3bdcf34..b970cd20c6 100644 --- a/plugins/Minify/MinifyPlugin.php +++ b/plugins/Minify/MinifyPlugin.php @@ -162,7 +162,7 @@ class MinifyPlugin extends Plugin $versions[] = array('name' => 'Minify', 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews', - 'homepage' => 'http://status.net/wiki/Plugin:Minify', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Minify', 'rawdescription' => // TRANS: Plugin description. _m('The Minify plugin minifies StatusNet\'s CSS and JavaScript, removing whitespace and comments.')); diff --git a/plugins/MobileProfile/MobileProfilePlugin.php b/plugins/MobileProfile/MobileProfilePlugin.php index 4129035ebb..0e0ba170e8 100644 --- a/plugins/MobileProfile/MobileProfilePlugin.php +++ b/plugins/MobileProfile/MobileProfilePlugin.php @@ -373,7 +373,7 @@ class MobileProfilePlugin extends WAP20Plugin $versions[] = array('name' => 'MobileProfile', 'version' => GNUSOCIAL_VERSION, 'author' => 'Sarven Capadisli', - 'homepage' => 'http://status.net/wiki/Plugin:MobileProfile', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/MobileProfile', 'rawdescription' => // TRANS: Plugin description. _m('XHTML MobileProfile output for supporting user agents.')); diff --git a/plugins/ModHelper/ModHelperPlugin.php b/plugins/ModHelper/ModHelperPlugin.php index 2752a21539..1aa9dad100 100644 --- a/plugins/ModHelper/ModHelperPlugin.php +++ b/plugins/ModHelper/ModHelperPlugin.php @@ -34,7 +34,7 @@ class ModHelperPlugin extends Plugin $versions[] = array('name' => 'ModHelper', 'version' => GNUSOCIAL_VERSION, 'author' => 'Brion Vibber', - 'homepage' => 'http://status.net/wiki/Plugin:ModHelper', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/ModHelper', 'rawdescription' => // TRANS: Plugin description. _m('Lets users who have been manually marked as "modhelper"s silence accounts.')); diff --git a/plugins/ModLog/ModLogPlugin.php b/plugins/ModLog/ModLogPlugin.php index d1e01ca849..84912ac914 100644 --- a/plugins/ModLog/ModLogPlugin.php +++ b/plugins/ModLog/ModLogPlugin.php @@ -189,7 +189,7 @@ class ModLogPlugin extends Plugin $versions[] = array('name' => 'ModLog', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:ModLog', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/ModLog', 'description' => _m('Show the moderation history for a profile in the sidebar')); return true; diff --git a/plugins/ModPlus/ModPlusPlugin.php b/plugins/ModPlus/ModPlusPlugin.php index 816034f831..9facd12ef2 100644 --- a/plugins/ModPlus/ModPlusPlugin.php +++ b/plugins/ModPlus/ModPlusPlugin.php @@ -32,7 +32,7 @@ class ModPlusPlugin extends Plugin $versions[] = array('name' => 'ModPlus', 'version' => GNUSOCIAL_VERSION, 'author' => 'Brion Vibber', - 'homepage' => 'http://status.net/wiki/Plugin:ModPlus', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/ModPlus', 'rawdescription' => // TRANS: Plugin description. _m('UI extension for profile moderation actions.')); diff --git a/plugins/NoticeTitle/NoticeTitlePlugin.php b/plugins/NoticeTitle/NoticeTitlePlugin.php index 22528d0b50..7721c343dd 100644 --- a/plugins/NoticeTitle/NoticeTitlePlugin.php +++ b/plugins/NoticeTitle/NoticeTitlePlugin.php @@ -86,7 +86,7 @@ class NoticeTitlePlugin extends Plugin */ function onPluginVersion(array &$versions) { - $url = 'http://status.net/wiki/Plugin:NoticeTitle'; + $url = 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/NoticeTitle'; $versions[] = array('name' => 'NoticeTitle', 'version' => NOTICE_TITLE_PLUGIN_VERSION, diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index c108e78e6c..6e002d2805 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -1229,7 +1229,7 @@ class OStatusPlugin extends Plugin $versions[] = array('name' => 'OStatus', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou, James Walker, Brion Vibber, Zach Copley', - 'homepage' => 'http://status.net/wiki/Plugin:OStatus', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/OStatus', // TRANS: Plugin description. 'rawdescription' => _m('Follow people across social networks that implement '. 'OStatus.')); diff --git a/plugins/OfflineBackup/OfflineBackupPlugin.php b/plugins/OfflineBackup/OfflineBackupPlugin.php index 1d7a17ca2c..b1c69558ea 100644 --- a/plugins/OfflineBackup/OfflineBackupPlugin.php +++ b/plugins/OfflineBackup/OfflineBackupPlugin.php @@ -76,7 +76,7 @@ class OfflineBackupPlugin extends Plugin $versions[] = array('name' => 'OfflineBackup', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:OfflineBackup', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/OfflineBackup', 'rawdescription' => // TRANS: Plugin description. _m('Backup user data in offline queue and email when ready.')); diff --git a/plugins/OpenExternalLinkTarget/OpenExternalLinkTargetPlugin.php b/plugins/OpenExternalLinkTarget/OpenExternalLinkTargetPlugin.php index 06c75f7a93..89c7cbabfd 100644 --- a/plugins/OpenExternalLinkTarget/OpenExternalLinkTargetPlugin.php +++ b/plugins/OpenExternalLinkTarget/OpenExternalLinkTargetPlugin.php @@ -54,7 +54,7 @@ class OpenExternalLinkTargetPlugin extends Plugin $versions[] = array('name' => 'OpenExternalLinkTarget', 'version' => GNUSOCIAL_VERSION, 'author' => 'Sarven Capadisli', - 'homepage' => 'http://status.net/wiki/Plugin:OpenExternalLinkTarget', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/OpenExternalLinkTarget', 'rawdescription' => // TRANS: Plugin description. _m('Opens external links (i.e. with rel=external) on a new window or tab.')); diff --git a/plugins/OpenID/OpenIDPlugin.php b/plugins/OpenID/OpenIDPlugin.php index 4e5a0bfe0c..e3577bc4a8 100644 --- a/plugins/OpenID/OpenIDPlugin.php +++ b/plugins/OpenID/OpenIDPlugin.php @@ -620,7 +620,7 @@ class OpenIDPlugin extends Plugin $versions[] = array('name' => 'OpenID', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou, Craig Andrews', - 'homepage' => 'http://status.net/wiki/Plugin:OpenID', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/OpenID', 'rawdescription' => // TRANS: Plugin description. _m('Use OpenID to login to the site.')); diff --git a/plugins/OpenX/OpenXPlugin.php b/plugins/OpenX/OpenXPlugin.php index 8d80197be3..f0c78905aa 100644 --- a/plugins/OpenX/OpenXPlugin.php +++ b/plugins/OpenX/OpenXPlugin.php @@ -204,7 +204,7 @@ ENDOFSCRIPT; $versions[] = array('name' => 'OpenX', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:OpenX', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/OpenX', 'rawdescription' => // TRANS: Plugin description. _m('Plugin for OpenX Ad Server.')); diff --git a/plugins/Orbited/OrbitedPlugin.php b/plugins/Orbited/OrbitedPlugin.php index 5abd27e9ee..e007eebe7e 100644 --- a/plugins/Orbited/OrbitedPlugin.php +++ b/plugins/Orbited/OrbitedPlugin.php @@ -164,7 +164,7 @@ class OrbitedPlugin extends RealtimePlugin $versions[] = array('name' => 'Orbited', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:Orbited', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Orbited', 'rawdescription' => // TRANS: Plugin description. _m('Plugin to make updates using Orbited and STOMP.')); diff --git a/plugins/PiwikAnalytics/PiwikAnalyticsPlugin.php b/plugins/PiwikAnalytics/PiwikAnalyticsPlugin.php index fa5894a8f5..b700e07db4 100644 --- a/plugins/PiwikAnalytics/PiwikAnalyticsPlugin.php +++ b/plugins/PiwikAnalytics/PiwikAnalyticsPlugin.php @@ -108,7 +108,7 @@ ENDOFPIWIK; $versions[] = array('name' => 'PiwikAnalytics', 'version' => GNUSOCIAL_VERSION, 'author' => 'Tobias Diekershoff, Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:Piwik', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Piwik', 'rawdescription' => // TRANS: Plugin description. _m('Use Piwik Open Source web analytics software.')); diff --git a/plugins/Poll/PollPlugin.php b/plugins/Poll/PollPlugin.php index 53a491ef47..4f74e82a35 100644 --- a/plugins/Poll/PollPlugin.php +++ b/plugins/Poll/PollPlugin.php @@ -125,7 +125,7 @@ class PollPlugin extends MicroAppPlugin $versions[] = array('name' => 'Poll', 'version' => self::VERSION, 'author' => 'Brion Vibber', - 'homepage' => 'http://status.net/wiki/Plugin:Poll', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Poll', 'rawdescription' => // TRANS: Plugin description. _m('Simple extension for supporting basic polls.')); diff --git a/plugins/PostDebug/PostDebugPlugin.php b/plugins/PostDebug/PostDebugPlugin.php index 120feee8fe..9f87494405 100644 --- a/plugins/PostDebug/PostDebugPlugin.php +++ b/plugins/PostDebug/PostDebugPlugin.php @@ -53,7 +53,7 @@ class PostDebugPlugin extends Plugin $versions[] = array('name' => 'PostDebug', 'version' => GNUSOCIAL_VERSION, 'author' => 'Brion Vibber', - 'homepage' => 'http://status.net/wiki/Plugin:PostDebug', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/PostDebug', 'rawdescription' => // TRANS: Plugin description. _m('Debugging tool to record request details on POST.')); diff --git a/plugins/PtitUrl/PtitUrlPlugin.php b/plugins/PtitUrl/PtitUrlPlugin.php index 0e23a5f64e..031604b57f 100644 --- a/plugins/PtitUrl/PtitUrlPlugin.php +++ b/plugins/PtitUrl/PtitUrlPlugin.php @@ -62,7 +62,7 @@ class PtitUrlPlugin extends UrlShortenerPlugin $versions[] = array('name' => sprintf('PtitUrl (%s)', $this->shortenerName), 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews', - 'homepage' => 'http://status.net/wiki/Plugin:PtitUrl', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/PtitUrl', 'rawdescription' => // TRANS: Plugin description. %1$s is the URL shortening service base URL (for example "bit.ly"). sprintf(_m('Uses %1$s URL-shortener service.'), diff --git a/plugins/QnA/QnAPlugin.php b/plugins/QnA/QnAPlugin.php index e8c983eb9a..6780637009 100644 --- a/plugins/QnA/QnAPlugin.php +++ b/plugins/QnA/QnAPlugin.php @@ -130,7 +130,7 @@ class QnAPlugin extends MicroAppPlugin 'name' => 'QnA', 'version' => GNUSOCIAL_VERSION, 'author' => 'Zach Copley', - 'homepage' => 'http://status.net/wiki/Plugin:QnA', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/QnA', 'description' => // TRANS: Plugin description. _m('Question and Answers micro-app.') diff --git a/plugins/RSSCloud/RSSCloudPlugin.php b/plugins/RSSCloud/RSSCloudPlugin.php index 0fff0947a2..3a8a83749c 100644 --- a/plugins/RSSCloud/RSSCloudPlugin.php +++ b/plugins/RSSCloud/RSSCloudPlugin.php @@ -203,7 +203,7 @@ class RSSCloudPlugin extends Plugin $versions[] = array('name' => 'RSSCloud', 'version' => RSSCLOUDPLUGIN_VERSION, 'author' => 'Zach Copley', - 'homepage' => 'http://status.net/wiki/Plugin:RSSCloud', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/RSSCloud', 'rawdescription' => // TRANS: Plugin description. _m('The RSSCloud plugin enables your StatusNet instance to publish ' . diff --git a/plugins/Recaptcha/RecaptchaPlugin.php b/plugins/Recaptcha/RecaptchaPlugin.php index c039dd5350..3cf3b65203 100644 --- a/plugins/Recaptcha/RecaptchaPlugin.php +++ b/plugins/Recaptcha/RecaptchaPlugin.php @@ -109,7 +109,7 @@ class RecaptchaPlugin extends Plugin $versions[] = array('name' => 'Recaptcha', 'version' => GNUSOCIAL_VERSION, 'author' => 'Eric Helgeson', - 'homepage' => 'http://status.net/wiki/Plugin:Recaptcha', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Recaptcha', 'rawdescription' => // TRANS: Plugin description. _m('Uses Recaptcha service to add a '. diff --git a/plugins/RegisterThrottle/RegisterThrottlePlugin.php b/plugins/RegisterThrottle/RegisterThrottlePlugin.php index 9d3be3b8a2..857ce41dba 100644 --- a/plugins/RegisterThrottle/RegisterThrottlePlugin.php +++ b/plugins/RegisterThrottle/RegisterThrottlePlugin.php @@ -180,7 +180,7 @@ class RegisterThrottlePlugin extends Plugin $versions[] = array('name' => 'RegisterThrottle', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:RegisterThrottle', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/RegisterThrottle', 'description' => // TRANS: Plugin description. _m('Throttles excessive registration from a single IP address.')); diff --git a/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php b/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php index 734cabbcd5..6ca13b9097 100644 --- a/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php +++ b/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php @@ -221,7 +221,7 @@ class RequireValidatedEmailPlugin extends Plugin 'Evan Prodromou, '. 'Brion Vibber', 'homepage' => - 'http://status.net/wiki/Plugin:RequireValidatedEmail', + 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/RequireValidatedEmail', 'rawdescription' => // TRANS: Plugin description. _m('Disables posting without a validated email address.')); diff --git a/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php b/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php index 9a85a974ae..47f304414e 100644 --- a/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php +++ b/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php @@ -62,7 +62,7 @@ class ReverseUsernameAuthenticationPlugin extends AuthenticationPlugin $versions[] = array('name' => 'Reverse Username Authentication', 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews', - 'homepage' => 'http://status.net/wiki/Plugin:ReverseUsernameAuthentication', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/ReverseUsernameAuthentication', 'rawdescription' => // TRANS: Plugin description. _m('The Reverse Username Authentication plugin allows for StatusNet to handle authentication by checking if the provided password is the same as the reverse of the username.')); diff --git a/plugins/SQLProfile/SQLProfilePlugin.php b/plugins/SQLProfile/SQLProfilePlugin.php index a7912844c2..3baa91e494 100644 --- a/plugins/SQLProfile/SQLProfilePlugin.php +++ b/plugins/SQLProfile/SQLProfilePlugin.php @@ -36,7 +36,7 @@ class SQLProfilePlugin extends Plugin $versions[] = array('name' => 'SQLProfile', 'version' => GNUSOCIAL_VERSION, 'author' => 'Brion Vibber', - 'homepage' => 'http://status.net/wiki/Plugin:SQLProfile', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/SQLProfile', 'rawdescription' => // TRANS: Plugin description. _m('Debug tool to watch for poorly indexed DB queries.')); diff --git a/plugins/SQLStats/SQLStatsPlugin.php b/plugins/SQLStats/SQLStatsPlugin.php index f67ed03012..bd83ac0a32 100644 --- a/plugins/SQLStats/SQLStatsPlugin.php +++ b/plugins/SQLStats/SQLStatsPlugin.php @@ -39,7 +39,7 @@ class SQLStatsPlugin extends Plugin $versions[] = array('name' => 'SQLStats', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:SQLStats', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/SQLStats', 'rawdescription' => // TRANS: Plugin decription. _m('Debug tool to watch for poorly indexed DB queries.')); diff --git a/plugins/Sample/SamplePlugin.php b/plugins/Sample/SamplePlugin.php index 80c46d17c4..4f8351cc08 100644 --- a/plugins/Sample/SamplePlugin.php +++ b/plugins/Sample/SamplePlugin.php @@ -227,7 +227,7 @@ class SamplePlugin extends Plugin $versions[] = array('name' => 'Sample', 'version' => GNUSOCIAL_VERSION, 'author' => 'Brion Vibber, Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:Sample', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Sample', 'rawdescription' => // TRANS: Plugin description. _m('A sample plugin to show basics of development for new hackers.')); diff --git a/plugins/SearchSub/SearchSubPlugin.php b/plugins/SearchSub/SearchSubPlugin.php index 57984d0e01..06d644235e 100644 --- a/plugins/SearchSub/SearchSubPlugin.php +++ b/plugins/SearchSub/SearchSubPlugin.php @@ -93,7 +93,7 @@ class SearchSubPlugin extends Plugin $versions[] = array('name' => 'SearchSub', 'version' => self::VERSION, 'author' => 'Brion Vibber', - 'homepage' => 'http://status.net/wiki/Plugin:SearchSub', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/SearchSub', 'rawdescription' => // TRANS: Plugin description. _m('Plugin to allow following all messages with a given search.')); diff --git a/plugins/ShareNotice/ShareNoticePlugin.php b/plugins/ShareNotice/ShareNoticePlugin.php index 7a6fd28fee..fb60341e3d 100644 --- a/plugins/ShareNotice/ShareNoticePlugin.php +++ b/plugins/ShareNotice/ShareNoticePlugin.php @@ -211,7 +211,7 @@ class FacebookShareTarget extends NoticeShareTarget */ function onPluginVersion(array &$versions) { - $url = 'http://status.net/wiki/Plugin:ShareNotice'; + $url = 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/ShareNotice'; $versions[] = array('name' => 'ShareNotice', 'version' => GNUSOCIAL_VERSION, diff --git a/plugins/SimpleUrl/SimpleUrlPlugin.php b/plugins/SimpleUrl/SimpleUrlPlugin.php index 41e1998483..235a330e02 100644 --- a/plugins/SimpleUrl/SimpleUrlPlugin.php +++ b/plugins/SimpleUrl/SimpleUrlPlugin.php @@ -52,7 +52,7 @@ class SimpleUrlPlugin extends UrlShortenerPlugin $versions[] = array('name' => sprintf('SimpleUrl (%s)', $this->shortenerName), 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews', - 'homepage' => 'http://status.net/wiki/Plugin:SimpleUrl', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/SimpleUrl', 'rawdescription' => // TRANS: Plugin description. sprintf(_m('Uses %1$s URL-shortener service.'), diff --git a/plugins/Sitemap/SitemapPlugin.php b/plugins/Sitemap/SitemapPlugin.php index a1fe90b4b4..6bc5e07fef 100644 --- a/plugins/Sitemap/SitemapPlugin.php +++ b/plugins/Sitemap/SitemapPlugin.php @@ -176,7 +176,7 @@ class SitemapPlugin extends Plugin */ function onPluginVersion(array &$versions) { - $url = 'http://status.net/wiki/Plugin:Sitemap'; + $url = 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Sitemap'; $versions[] = array('name' => 'Sitemap', 'version' => GNUSOCIAL_VERSION, diff --git a/plugins/SlicedFavorites/SlicedFavoritesPlugin.php b/plugins/SlicedFavorites/SlicedFavoritesPlugin.php index 4e1129536d..fcf971de6a 100644 --- a/plugins/SlicedFavorites/SlicedFavoritesPlugin.php +++ b/plugins/SlicedFavorites/SlicedFavoritesPlugin.php @@ -97,7 +97,7 @@ class SlicedFavoritesPlugin extends Plugin */ function onPluginVersion(array &$versions) { - $url = 'http://status.net/wiki/Plugin:SlicedFavorites'; + $url = 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/SlicedFavorites'; $versions[] = array('name' => 'SlicedFavorites', 'version' => GNUSOCIAL_VERSION, diff --git a/plugins/SphinxSearch/SphinxSearchPlugin.php b/plugins/SphinxSearch/SphinxSearchPlugin.php index 74744f18e6..8345ea59e7 100644 --- a/plugins/SphinxSearch/SphinxSearchPlugin.php +++ b/plugins/SphinxSearch/SphinxSearchPlugin.php @@ -107,7 +107,7 @@ class SphinxSearchPlugin extends Plugin */ function onPluginVersion(array &$versions) { - $url = 'http://status.net/wiki/Plugin:SphinxSearch'; + $url = 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/SphinxSearch'; $versions[] = array('name' => 'SphinxSearch', 'version' => GNUSOCIAL_VERSION, diff --git a/plugins/StrictTransportSecurity/StrictTransportSecurityPlugin.php b/plugins/StrictTransportSecurity/StrictTransportSecurityPlugin.php index 74a643d6d9..8ada31a8a7 100644 --- a/plugins/StrictTransportSecurity/StrictTransportSecurityPlugin.php +++ b/plugins/StrictTransportSecurity/StrictTransportSecurityPlugin.php @@ -55,7 +55,7 @@ class StrictTransportSecurityPlugin extends Plugin $versions[] = array('name' => 'StrictTransportSecurity', 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews', - 'homepage' => 'http://status.net/wiki/Plugin:StrictTransportSecurity', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/StrictTransportSecurity', 'rawdescription' => // TRANS: Plugin description. _m('The Strict Transport Security plugin implements the Strict Transport Security header, improving the security of HTTPS only sites.')); diff --git a/plugins/SubMirror/SubMirrorPlugin.php b/plugins/SubMirror/SubMirrorPlugin.php index 27fc7c984d..83e15a9bd4 100644 --- a/plugins/SubMirror/SubMirrorPlugin.php +++ b/plugins/SubMirror/SubMirrorPlugin.php @@ -62,7 +62,7 @@ class SubMirrorPlugin extends Plugin $versions[] = array('name' => 'SubMirror', 'version' => GNUSOCIAL_VERSION, 'author' => 'Brion Vibber', - 'homepage' => 'http://status.net/wiki/Plugin:SubMirror', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/SubMirror', 'rawdescription' => // TRANS: Plugin description. _m('Pull feeds into your timeline!')); diff --git a/plugins/SubscriptionThrottle/SubscriptionThrottlePlugin.php b/plugins/SubscriptionThrottle/SubscriptionThrottlePlugin.php index fec91afdb7..30b9290273 100644 --- a/plugins/SubscriptionThrottle/SubscriptionThrottlePlugin.php +++ b/plugins/SubscriptionThrottle/SubscriptionThrottlePlugin.php @@ -162,7 +162,7 @@ class SubscriptionThrottlePlugin extends Plugin $versions[] = array('name' => 'SubscriptionThrottle', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:SubscriptionThrottle', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/SubscriptionThrottle', 'rawdescription' => // TRANS: Plugin description. _m('Configurable limits for subscriptions and group memberships.')); diff --git a/plugins/TabFocus/TabFocusPlugin.php b/plugins/TabFocus/TabFocusPlugin.php index df69298888..ff43613383 100644 --- a/plugins/TabFocus/TabFocusPlugin.php +++ b/plugins/TabFocus/TabFocusPlugin.php @@ -49,7 +49,7 @@ class TabFocusPlugin extends Plugin $versions[] = array('name' => 'TabFocus', 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews and Paul Irish', - 'homepage' => 'http://status.net/wiki/Plugin:TabFocus', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/TabFocus', 'rawdescription' => // TRANS: Plugin description. _m('TabFocus changes the notice form behavior so that, while in the text area, pressing the tab key focuses the "Send" button, matching the behavior of Twitter.')); diff --git a/plugins/TagSub/TagSubPlugin.php b/plugins/TagSub/TagSubPlugin.php index f1d1ab4622..14c0cd191b 100644 --- a/plugins/TagSub/TagSubPlugin.php +++ b/plugins/TagSub/TagSubPlugin.php @@ -94,7 +94,7 @@ class TagSubPlugin extends Plugin $versions[] = array('name' => 'TagSub', 'version' => self::VERSION, 'author' => 'Brion Vibber', - 'homepage' => 'http://status.net/wiki/Plugin:TagSub', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/TagSub', 'rawdescription' => // TRANS: Plugin description. _m('Plugin to allow following all messages with a given tag.')); diff --git a/plugins/TightUrl/TightUrlPlugin.php b/plugins/TightUrl/TightUrlPlugin.php index 52e5184392..a3bc492ad1 100644 --- a/plugins/TightUrl/TightUrlPlugin.php +++ b/plugins/TightUrl/TightUrlPlugin.php @@ -62,7 +62,7 @@ class TightUrlPlugin extends UrlShortenerPlugin $versions[] = array('name' => sprintf('TightUrl (%s)', $this->shortenerName), 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews', - 'homepage' => 'http://status.net/wiki/Plugin:TightUrl', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/TightUrl', 'rawdescription' => // TRANS: Plugin description. %s is the shortener name. sprintf(_m('Uses %1$s URL-shortener service.'), diff --git a/plugins/TwitterBridge/TwitterBridgePlugin.php b/plugins/TwitterBridge/TwitterBridgePlugin.php index 72c28d4fa4..26ddb3ceab 100644 --- a/plugins/TwitterBridge/TwitterBridgePlugin.php +++ b/plugins/TwitterBridge/TwitterBridgePlugin.php @@ -301,7 +301,7 @@ class TwitterBridgePlugin extends Plugin 'name' => 'TwitterBridge', 'version' => self::VERSION, 'author' => 'Zach Copley, Julien C, Jean Baptiste Favre', - 'homepage' => 'http://status.net/wiki/Plugin:TwitterBridge', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/TwitterBridge', // TRANS: Plugin description. 'rawdescription' => _m('The Twitter "bridge" plugin allows integration ' . 'of a StatusNet instance with ' . diff --git a/plugins/UserFlag/UserFlagPlugin.php b/plugins/UserFlag/UserFlagPlugin.php index d2afeaced8..8b2971f35e 100644 --- a/plugins/UserFlag/UserFlagPlugin.php +++ b/plugins/UserFlag/UserFlagPlugin.php @@ -229,7 +229,7 @@ class UserFlagPlugin extends Plugin */ function onPluginVersion(array &$versions) { - $url = 'http://status.net/wiki/Plugin:UserFlag'; + $url = 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/UserFlag'; $versions[] = array('name' => 'UserFlag', 'version' => GNUSOCIAL_VERSION, diff --git a/plugins/UserLimit/UserLimitPlugin.php b/plugins/UserLimit/UserLimitPlugin.php index ac4d503151..2bb1218a72 100644 --- a/plugins/UserLimit/UserLimitPlugin.php +++ b/plugins/UserLimit/UserLimitPlugin.php @@ -86,7 +86,7 @@ class UserLimitPlugin extends Plugin $versions[] = array('name' => 'UserLimit', 'version' => GNUSOCIAL_VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:UserLimit', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/UserLimit', 'description' => // TRANS: Plugin description. _m('Limit the number of users who can register.')); diff --git a/plugins/WikiHashtags/WikiHashtagsPlugin.php b/plugins/WikiHashtags/WikiHashtagsPlugin.php index db33eb801a..46d0470143 100644 --- a/plugins/WikiHashtags/WikiHashtagsPlugin.php +++ b/plugins/WikiHashtags/WikiHashtagsPlugin.php @@ -109,7 +109,7 @@ class WikiHashtagsPlugin extends Plugin $versions[] = array('name' => 'WikiHashtags', 'version' => self::VERSION, 'author' => 'Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:WikiHashtags', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/WikiHashtags', 'rawdescription' => // TRANS: Plugin description. _m('Gets hashtag descriptions from WikiHashtags.')); diff --git a/plugins/WikiHowProfile/WikiHowProfilePlugin.php b/plugins/WikiHowProfile/WikiHowProfilePlugin.php index 8656272e48..9d8daf8adb 100644 --- a/plugins/WikiHowProfile/WikiHowProfilePlugin.php +++ b/plugins/WikiHowProfile/WikiHowProfilePlugin.php @@ -54,7 +54,7 @@ class WikiHowProfilePlugin extends Plugin $versions[] = array('name' => 'WikiHow avatar fetcher', 'version' => GNUSOCIAL_VERSION, 'author' => 'Brion Vibber', - 'homepage' => 'http://status.net/wiki/Plugin:Sample', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Sample', 'rawdescription' => // TRANS: Plugin description. _m('Fetches avatar and other profile information for WikiHow users when setting up an account via OpenID.')); diff --git a/plugins/Xmpp/XmppPlugin.php b/plugins/Xmpp/XmppPlugin.php index 6867eb093e..f8476cd8f2 100644 --- a/plugins/Xmpp/XmppPlugin.php +++ b/plugins/Xmpp/XmppPlugin.php @@ -461,7 +461,7 @@ class XmppPlugin extends ImPlugin $versions[] = array('name' => 'XMPP', 'version' => GNUSOCIAL_VERSION, 'author' => 'Craig Andrews, Evan Prodromou', - 'homepage' => 'http://status.net/wiki/Plugin:XMPP', + 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/XMPP', 'rawdescription' => // TRANS: Plugin description. _m('The XMPP plugin allows users to send and receive notices over the XMPP/Jabber network.')); From a614205663408328f1b59639d346e0aa3a264341 Mon Sep 17 00:00:00 2001 From: Chimo Date: Fri, 22 Jan 2016 16:01:24 +0000 Subject: [PATCH 006/415] Add plugin READMEs --- plugins/ActivitySpam/README | 23 +++++++++++++++++ plugins/AnonymousFave/README | 14 ++++++++++ plugins/AntiBrute/README | 11 ++++++++ plugins/ApiLogger/README | 18 +++++++++++++ plugins/Awesomeness/README | 14 ++++++++++ plugins/Blacklist/README | 17 ++++++++++++ plugins/BlankAd/README | 14 ++++++++++ plugins/BlogspamNet/README | 22 ++++++++++++++++ plugins/CacheLog/README | 23 +++++++++++++++++ plugins/ClientSideShorten/README | 4 +-- plugins/ConversationTree/README | 15 +++++++++++ plugins/Cronish/README | 12 +++++++++ plugins/Diaspora/README | 17 ++++++++++++ plugins/DirectMessage/README | 10 ++++++++ plugins/DirectionDetector/README | 15 +++++++++++ plugins/Directory/README | 15 +++++++++++ plugins/DiskCache/README | 17 ++++++++++++ plugins/DomainStatusNetwork/README | 24 +++++++++++++++++ plugins/DomainWhitelist/README | 16 ++++++++++++ plugins/EmailAuthentication/README | 7 ++++- plugins/EmailRegistration/README | 25 ++++++++++++++++++ plugins/EmailReminder/README | 21 +++++++++++++++ plugins/EmailSummary/README | 22 ++++++++++++++++ plugins/Event/README | 10 ++++++++ plugins/ExtendedProfile/README | 23 +++++++++++++++++ plugins/Favorite/README | 11 ++++++++ plugins/FeedPoller/README | 16 ++++++++++++ plugins/FollowEveryone/README | 16 ++++++++++++ plugins/ForceGroup/README | 16 ++++++++++++ plugins/GNUsocialPhoto/README | 0 plugins/GNUsocialPhotos/README | 0 plugins/GNUsocialVideo/README | 0 plugins/GeoURL/README | 19 ++++++++++++++ plugins/Geonames/README | 19 ++++++++++++++ plugins/GroupFavorited/README | 15 +++++++++++ plugins/GroupPrivateMessage/README | 15 +++++++++++ plugins/ImageMagick/README | 21 +++++++++++++++ plugins/InProcessCache/README | 23 +++++++++++++++++ plugins/LRDD/README | 14 ++++++++++ plugins/LilUrl/README | 17 ++++++++++++ plugins/LinkPreview/README | 24 ++++++++++++++++- plugins/Linkback/README | 19 ++++++++++++++ plugins/LogFilter/README | 20 +++++++++++++++ plugins/Mapstraction/README | 21 +++++++++++++++ plugins/Memcache/README | 28 ++++++++++++++++++++ plugins/Memcached/README | 21 +++++++++++++++ plugins/MentionURL/README | 15 +++++++++++ plugins/Mobile/README | 10 ++++++++ plugins/MobileProfile/README | 20 +++++++++++++++ plugins/ModHelper/README | 16 ++++++++++++ plugins/ModLog/README | 15 +++++++++++ plugins/ModPlus/README | 15 +++++++++++ plugins/NoticeTitle/README | 17 ++++++++++++ plugins/Oembed/README | 30 +++++++++++++++++++++- plugins/OfflineBackup/README | 16 ++++++++++++ plugins/OpenExternalLinkTarget/README | 15 +++++++++++ plugins/OpenID/README | 21 +++++++++++++++ plugins/OpenX/README | 26 +++++++++++++++++++ plugins/Orbited/README | 37 +++++++++++++++++++++++++++ plugins/PiwikAnalytics/README | 23 +++++++++++++++++ plugins/PostDebug/README | 18 +++++++++++++ plugins/PtitUrl/README | 18 +++++++++++++ plugins/QnA/README | 10 ++++++++ plugins/RegisterThrottle/README | 24 +++++++++++++++++ plugins/SQLProfile/README | 17 ++++++++++++ plugins/SQLStats/README | 18 +++++++++++++ plugins/Sample/README | 19 ++++++++++++++ plugins/SearchSub/README | 10 ++++++++ plugins/Share/README | 10 ++++++++ plugins/ShareNotice/README | 23 +++++++++++++++++ plugins/SimpleCaptcha/README | 10 ++++++++ plugins/SimpleUrl/README | 18 +++++++++++++ plugins/SiteNoticeInSidebar/README | 16 ++++++++++++ plugins/Sitemap/README | 20 +++++++++++++++ plugins/SlicedFavorites/README | 30 ++++++++++++++++++++++ plugins/SphinxSearch/README | 6 ++--- plugins/StoreRemoteMedia/README | 22 ++++++++++++++++ plugins/SubMirror/README | 15 +++++++++++ plugins/SubscriptionThrottle/README | 26 +++++++++++++++++++ plugins/TabFocus/README | 17 ++++++++++++ plugins/TagSub/README | 10 ++++++++ plugins/TightUrl/README | 18 +++++++++++++ plugins/UserFlag/README | 18 +++++++++++++ plugins/UserLimit/README | 17 ++++++++++++ plugins/VideoThumbnails/README | 19 ++++++++++++++ plugins/WebFinger/README | 10 ++++++++ plugins/WikiHashtags/REAME | 17 ++++++++++++ 87 files changed, 1468 insertions(+), 8 deletions(-) create mode 100755 plugins/ActivitySpam/README create mode 100755 plugins/AnonymousFave/README create mode 100755 plugins/AntiBrute/README create mode 100755 plugins/ApiLogger/README create mode 100755 plugins/Awesomeness/README create mode 100755 plugins/Blacklist/README create mode 100755 plugins/BlankAd/README create mode 100755 plugins/BlogspamNet/README create mode 100755 plugins/CacheLog/README create mode 100755 plugins/ConversationTree/README create mode 100755 plugins/Cronish/README create mode 100755 plugins/Diaspora/README create mode 100755 plugins/DirectMessage/README create mode 100755 plugins/DirectionDetector/README create mode 100755 plugins/Directory/README create mode 100755 plugins/DiskCache/README create mode 100755 plugins/DomainStatusNetwork/README create mode 100755 plugins/DomainWhitelist/README create mode 100755 plugins/EmailRegistration/README create mode 100755 plugins/EmailReminder/README create mode 100755 plugins/EmailSummary/README create mode 100644 plugins/Event/README create mode 100644 plugins/ExtendedProfile/README create mode 100644 plugins/Favorite/README create mode 100644 plugins/FeedPoller/README create mode 100644 plugins/FollowEveryone/README create mode 100644 plugins/ForceGroup/README create mode 100644 plugins/GNUsocialPhoto/README create mode 100644 plugins/GNUsocialPhotos/README create mode 100644 plugins/GNUsocialVideo/README create mode 100644 plugins/GeoURL/README create mode 100644 plugins/Geonames/README create mode 100644 plugins/GroupFavorited/README create mode 100644 plugins/GroupPrivateMessage/README create mode 100644 plugins/ImageMagick/README create mode 100644 plugins/InProcessCache/README create mode 100644 plugins/LRDD/README create mode 100644 plugins/LilUrl/README create mode 100644 plugins/Linkback/README create mode 100644 plugins/LogFilter/README create mode 100644 plugins/Mapstraction/README create mode 100644 plugins/Memcache/README create mode 100644 plugins/Memcached/README create mode 100644 plugins/MentionURL/README create mode 100644 plugins/Mobile/README create mode 100644 plugins/MobileProfile/README create mode 100644 plugins/ModHelper/README create mode 100644 plugins/ModLog/README create mode 100644 plugins/ModPlus/README create mode 100644 plugins/NoticeTitle/README create mode 100644 plugins/OfflineBackup/README create mode 100644 plugins/OpenExternalLinkTarget/README create mode 100644 plugins/OpenID/README create mode 100644 plugins/OpenX/README create mode 100644 plugins/Orbited/README create mode 100644 plugins/PiwikAnalytics/README create mode 100644 plugins/PostDebug/README create mode 100644 plugins/PtitUrl/README create mode 100644 plugins/QnA/README create mode 100644 plugins/RegisterThrottle/README create mode 100644 plugins/SQLProfile/README create mode 100644 plugins/SQLStats/README create mode 100644 plugins/Sample/README create mode 100644 plugins/SearchSub/README create mode 100644 plugins/Share/README create mode 100644 plugins/ShareNotice/README create mode 100644 plugins/SimpleCaptcha/README create mode 100644 plugins/SimpleUrl/README create mode 100644 plugins/SiteNoticeInSidebar/README create mode 100644 plugins/Sitemap/README create mode 100644 plugins/SlicedFavorites/README create mode 100644 plugins/StoreRemoteMedia/README create mode 100644 plugins/SubMirror/README create mode 100644 plugins/SubscriptionThrottle/README create mode 100644 plugins/TabFocus/README create mode 100644 plugins/TagSub/README create mode 100644 plugins/TightUrl/README create mode 100644 plugins/UserFlag/README create mode 100644 plugins/UserLimit/README create mode 100644 plugins/VideoThumbnails/README create mode 100644 plugins/WebFinger/README create mode 100644 plugins/WikiHashtags/REAME diff --git a/plugins/ActivitySpam/README b/plugins/ActivitySpam/README new file mode 100755 index 0000000000..6202c64a9e --- /dev/null +++ b/plugins/ActivitySpam/README @@ -0,0 +1,23 @@ +The ActivitySpam plugin is a spam filter for GNU social. + +It needs to connect to a activityspam server. +You can run one yourself: https://github.com/e14n/activityspam +Or use a public instance ( ex: https://spamicity.info/ ) + +Installation +============ +add "addPlugin('ActivitySpam');" +to the bottom of your config.php + +Settings +======== +server: URL to the activityspam server +consumerkey: The "key" provided by the activityspam server after you've registered and configured an account. +secret: The "secret" provided by the activityspam server after you've registered and configured an account + +Example +======= +$config['activityspam']['server'] = 'https://spamicity.info/'; +$config['activityspam']['consumerkey'] = 'CONSUMER_KEY'; +$config['activityspam']['secret'] = 'SECRET'; +addPlugin('ActivitySpam'); diff --git a/plugins/AnonymousFave/README b/plugins/AnonymousFave/README new file mode 100755 index 0000000000..fbe3386775 --- /dev/null +++ b/plugins/AnonymousFave/README @@ -0,0 +1,14 @@ +The Anonymous Fave plugin allows anonymous (not logged in) users to favorite notices + +Installation +============ +add "addPlugin('AnonymousFave');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('AnonymousFave'); diff --git a/plugins/AntiBrute/README b/plugins/AntiBrute/README new file mode 100755 index 0000000000..ef1a486171 --- /dev/null +++ b/plugins/AntiBrute/README @@ -0,0 +1,11 @@ +The AntiBrute plugin implements a time delay between successive failed login +attempts to slow down brute force attacks ( https://en.wikipedia.org/wiki/Brute-force_attack#Countermeasures ). + +Installation +============ +This plugin is enabled by default + +Settings +======== +none + diff --git a/plugins/ApiLogger/README b/plugins/ApiLogger/README new file mode 100755 index 0000000000..9257ac04fd --- /dev/null +++ b/plugins/ApiLogger/README @@ -0,0 +1,18 @@ +The ApiLogger plugin allows random sampling of API requests. + +Installation +============ +add "addPlugin('ApiLogger');" +to the bottom of your config.php + +Settings +======== +frequency: How often to sample (number between 0.0 and 1.0 representing +percentage -- e.g.: 0.1 will check about 10% of hits). Default 1.0 + +Example +======= +addPlugin('ApiLogger', array( + 'frequency' => 1.0 +)); + diff --git a/plugins/Awesomeness/README b/plugins/Awesomeness/README new file mode 100755 index 0000000000..51fa7cf0c7 --- /dev/null +++ b/plugins/Awesomeness/README @@ -0,0 +1,14 @@ +Fun sample plugin: tweaks input data and adds a 'Cornify' ( http://www.cornify.com ) widget to sidebar. + +Installation +============ +add "addPlugin('Awesomeness');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('Awesomeness'); diff --git a/plugins/Blacklist/README b/plugins/Blacklist/README new file mode 100755 index 0000000000..e36dec424e --- /dev/null +++ b/plugins/Blacklist/README @@ -0,0 +1,17 @@ +Plugin to prevent use of nicknames or URLs on a blacklist + +Installation +============ +add "addPlugin('Blacklist');" +to the bottom of your config.php + +Settings +======== +nicknames: Array of nicknames to blacklist +urls: Array of URLs to blacklist + +Example +======= +$config['blacklist']['nicknames'] = array('bad_nickname', 'worse_nickname'); +$config['blacklist']['urls'] = array('http://example.org', 'http://example.net'); +addPlugin('Blacklist'); diff --git a/plugins/BlankAd/README b/plugins/BlankAd/README new file mode 100755 index 0000000000..68be82b0c8 --- /dev/null +++ b/plugins/BlankAd/README @@ -0,0 +1,14 @@ +Plugin for testing ad layout + +This plugin uses the UAPPlugin framework to output ad content. However, +its ad content is just images with one red pixel stretched to the +right size. It's mostly useful for debugging theme layout. + +To use this plugin, set the parameter for the ad size you want to use +to true (or anything non-null). + +Example +======= +To make a leaderboard: + +addPlugin('BlankAd', array('leaderboard' => true)); diff --git a/plugins/BlogspamNet/README b/plugins/BlogspamNet/README new file mode 100755 index 0000000000..d4884bb9fe --- /dev/null +++ b/plugins/BlogspamNet/README @@ -0,0 +1,22 @@ +Plugin to check submitted notices with blogspam.net + +When new notices are saved, we check their text with blogspam.net (or +a compatible service). + +Blogspam.net is supposed to catch blog comment spam. Some of its tests +(min/max size, bayesian match) gave a lot of false positives so those +tests are turned off by default. + +Installation +============ +add "addPlugin('BlogspamNet');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('BlogspamNet'); + diff --git a/plugins/CacheLog/README b/plugins/CacheLog/README new file mode 100755 index 0000000000..fea7767733 --- /dev/null +++ b/plugins/CacheLog/README @@ -0,0 +1,23 @@ +Log cache access + +Adds "Cache MISS, Cache HIT, set cache value, delete cache value" etc. +information to the log file. + +Note: entries are logged at the LOG_INFO level. + +Installation +============ +add "addPlugin('CacheLog');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +Note that since most caching plugins return false for StartCache* +methods, you should add this plugin before them, i.e. + + addPlugin('CacheLog'); + addPlugin('XCache'); diff --git a/plugins/ClientSideShorten/README b/plugins/ClientSideShorten/README index 70300a85b4..c9d6d6cb27 100644 --- a/plugins/ClientSideShorten/README +++ b/plugins/ClientSideShorten/README @@ -3,5 +3,5 @@ shorten URLs as they entered, and before the notice is submitted. Installation ============ -Add "addPlugin('ClientSideShorten');" to the bottom of your config.php -That's it! +This plugin is enabled by default + diff --git a/plugins/ConversationTree/README b/plugins/ConversationTree/README new file mode 100755 index 0000000000..5eea62afab --- /dev/null +++ b/plugins/ConversationTree/README @@ -0,0 +1,15 @@ +The ConversationTree plugin displays conversation replies in a hierarchical +manner like StatusNet pre-v1.0 used to. + +Installation +============ +add "addPlugin('ConversationTree');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('ConversationTree'); diff --git a/plugins/Cronish/README b/plugins/Cronish/README new file mode 100755 index 0000000000..9729699327 --- /dev/null +++ b/plugins/Cronish/README @@ -0,0 +1,12 @@ +The Cronish plugin executes events on a near-minutely/hour/day/week basis. + +Intervals are approximate and will vary depending on how busy +the instance is. + +Installation +============ +This plugin is enabled by default + +Settings +======== +none diff --git a/plugins/Diaspora/README b/plugins/Diaspora/README new file mode 100755 index 0000000000..a3b45328ec --- /dev/null +++ b/plugins/Diaspora/README @@ -0,0 +1,17 @@ +The Diaspora plugin allows GNU social users to subscribe to Diaspora feeds + +Note: The feeds are read-only at the moment. That is, replying to an entry +coming from Diaspora will not propagate to Diaspora. + +Installation +============ +add "addPlugin('Diaspora');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('Diaspora'); diff --git a/plugins/DirectMessage/README b/plugins/DirectMessage/README new file mode 100755 index 0000000000..b908a2472f --- /dev/null +++ b/plugins/DirectMessage/README @@ -0,0 +1,10 @@ +The DirectMessage plugin allows users to send Direct Message to other local users + +Installation +============ +This plugin is enabled by default + +Settings +======== +none + diff --git a/plugins/DirectionDetector/README b/plugins/DirectionDetector/README new file mode 100755 index 0000000000..efb0d1acc9 --- /dev/null +++ b/plugins/DirectionDetector/README @@ -0,0 +1,15 @@ +The DirectionDetector plugin detects notices with RTL content and displays them +in the correct direction. + +Installation +============ +add "addPlugin('DirectionDetector');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('DirectionDetector'); diff --git a/plugins/Directory/README b/plugins/Directory/README new file mode 100755 index 0000000000..d87185c8fe --- /dev/null +++ b/plugins/Directory/README @@ -0,0 +1,15 @@ +The Directory plugin adds a user directory (list) + +Installation +============ +This plugin is enabled by default except on single-user instances, in which +case, it can be enabled by adding "addPlugin('Directory');" to the bottom of +your config.php + +Settings +======== +none + +Example +======= +addPlugin('Directory'); diff --git a/plugins/DiskCache/README b/plugins/DiskCache/README new file mode 100755 index 0000000000..488b2c2b06 --- /dev/null +++ b/plugins/DiskCache/README @@ -0,0 +1,17 @@ +The DiskCache plugin implements cache interface with disk files. + +Installation +============ +add "addPlugin('DiskCache');" +to the bottom of your config.php + +Settings +======== +root: Directory where to save cache data. Default /tmp + +Example +======= +addPlugin('DiskCache', array( + 'root' => '/tmp' +)); + diff --git a/plugins/DomainStatusNetwork/README b/plugins/DomainStatusNetwork/README new file mode 100755 index 0000000000..00fdc7a3c5 --- /dev/null +++ b/plugins/DomainStatusNetwork/README @@ -0,0 +1,24 @@ +The DomainStatusNetwork plugin adds tools to map one status_network to one +email domain in a multi-site installation. + +Relates to "status_network": +* /scripts/setup.cfg.sample +* /scripts/setup_status_network.sh +* /scripts/settag.php +* /scripts/delete_status_network.sh +* /scripts/move_status_network.sh + + +Installation +============ +add "addPlugin('DomainStatusNetwork');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('DomainStatusNetwork'); + diff --git a/plugins/DomainWhitelist/README b/plugins/DomainWhitelist/README new file mode 100755 index 0000000000..6e5afd6785 --- /dev/null +++ b/plugins/DomainWhitelist/README @@ -0,0 +1,16 @@ +The DomainWhitelist plugin restricts the email addresses in a domain to a +select whitelist. + +Installation +============ +add "addPlugin('DomainWhitelist');" +to the bottom of your config.php + +Settings +======== +whitelist: An array of whitelisted domains + +Example +======= +$config['email']['whitelist'] = array('example.org', 'example.net'); +addPlugin('DomainWhitelist'); diff --git a/plugins/EmailAuthentication/README b/plugins/EmailAuthentication/README index 3fc40794be..780bf4648e 100644 --- a/plugins/EmailAuthentication/README +++ b/plugins/EmailAuthentication/README @@ -5,4 +5,9 @@ nickname and the provided password is checked. Installation ============ -add "addPlugin('emailAuthentication');" to the bottom of your config.php. +This plugin is enabled by default + +Settings +======== +none + diff --git a/plugins/EmailRegistration/README b/plugins/EmailRegistration/README new file mode 100755 index 0000000000..5140208240 --- /dev/null +++ b/plugins/EmailRegistration/README @@ -0,0 +1,25 @@ +The EmailRegistration plugin allows user registration with just an email +address. + +When users register, the part before '@' in their email address will become +their nickname/username (normalized). In case of collisions, a auto-increment +number will be added to the username. + +For example, if someone registers with "user@example.org", their username +will be "user". If someone else registers with "user@example.net", their +username will be user1, and so on. + +Installation +============ +add "addPlugin('EmailRegistration');" +to the bottom of your config.php + +Note: This plugin is enabled by default on private instances. + +Settings +======== +none + +Example +======= +addPlugin('EmailRegistration'); diff --git a/plugins/EmailReminder/README b/plugins/EmailReminder/README new file mode 100755 index 0000000000..3be8e77bff --- /dev/null +++ b/plugins/EmailReminder/README @@ -0,0 +1,21 @@ +The EmailReminder plugin sends email reminders about various things + +It will send reminder emails to email addresses that have been invited +but haven't registered yet. + +It will also send reminders to email addresses that have registered but +haven't verified their email address yet. + +Installation +============ +add "addPlugin('EmailReminder');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('EmailReminder'); + diff --git a/plugins/EmailSummary/README b/plugins/EmailSummary/README new file mode 100755 index 0000000000..1c648e8d43 --- /dev/null +++ b/plugins/EmailSummary/README @@ -0,0 +1,22 @@ +The EmailSummary plugin sends an email summary of the inbox to users in the +network. + +After enabling the plugin, users will have an option to enable/disable the +feature in their "Email Settings" section. + +You can run ./script/sendemailsummary.php to send emails (options are +documented in the file). You can run this script automatically via your OS's +cron mechanism to send emails regularly. + +Installation +============ +add "addPlugin('EmailSummary');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('EmailSummary'); diff --git a/plugins/Event/README b/plugins/Event/README new file mode 100644 index 0000000000..9b30dd1f5b --- /dev/null +++ b/plugins/Event/README @@ -0,0 +1,10 @@ +The Event plugin adds event invitations and RSVPs types of notices. + +Installation +============ +This plugin is enabled by default + +Settings +======== +none + diff --git a/plugins/ExtendedProfile/README b/plugins/ExtendedProfile/README new file mode 100644 index 0000000000..f1d32dd3d6 --- /dev/null +++ b/plugins/ExtendedProfile/README @@ -0,0 +1,23 @@ +The ExtendedProfile plugin adds additional profile fields such as: + +* Phone +* IM +* Website +* Work experience +* Education + +Installation +============ +add "addPlugin('ExtendedProfile');" +to the bottom of your config.php + +Note: This plugin is enabled by default on private instances. + +Settings +======== +none + +Example +======= +addPlugin('ExtendedProfile'); + diff --git a/plugins/Favorite/README b/plugins/Favorite/README new file mode 100644 index 0000000000..7032d92e70 --- /dev/null +++ b/plugins/Favorite/README @@ -0,0 +1,11 @@ +The Favorite plugin adds the ability to mark a notice as a "favorite" +(i.e. "like"). + +Installation +============ +This plugin is enabled by default + +Settings +======== +none + diff --git a/plugins/FeedPoller/README b/plugins/FeedPoller/README new file mode 100644 index 0000000000..11f28f2ba4 --- /dev/null +++ b/plugins/FeedPoller/README @@ -0,0 +1,16 @@ +The FeedPoller plugin allows users to subscribe to non-PuSH-enabled feeds +by regularly polling the source for new content. + +Installation +============ +add "addPlugin('FeedPoller');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('FeedPoller'); + diff --git a/plugins/FollowEveryone/README b/plugins/FollowEveryone/README new file mode 100644 index 0000000000..4c97f787e0 --- /dev/null +++ b/plugins/FollowEveryone/README @@ -0,0 +1,16 @@ +The FollowEveryone plugin makes it so that when a new user registers, all +existing users follow them automatically. + +Installation +============ +add "addPlugin('FollowEveryone');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('FollowEveryone'); + diff --git a/plugins/ForceGroup/README b/plugins/ForceGroup/README new file mode 100644 index 0000000000..f906a7950a --- /dev/null +++ b/plugins/ForceGroup/README @@ -0,0 +1,16 @@ +The ForceGroup plugin allows forced group memberships and forces all notices +to appear in groups that users were forced in. + +Installation +============ +add "addPlugin('ForceGroup');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('ForceGroup'); + diff --git a/plugins/GNUsocialPhoto/README b/plugins/GNUsocialPhoto/README new file mode 100644 index 0000000000..e69de29bb2 diff --git a/plugins/GNUsocialPhotos/README b/plugins/GNUsocialPhotos/README new file mode 100644 index 0000000000..e69de29bb2 diff --git a/plugins/GNUsocialVideo/README b/plugins/GNUsocialVideo/README new file mode 100644 index 0000000000..e69de29bb2 diff --git a/plugins/GeoURL/README b/plugins/GeoURL/README new file mode 100644 index 0000000000..838152d19c --- /dev/null +++ b/plugins/GeoURL/README @@ -0,0 +1,19 @@ +The GeoURL plugin add extra headers for certain pages that geourl.org +understands and pings geourl.org when those pages are created. + +Note: The third-party service that this plugin depends on (geourl.org) seems to +be dead. + +Installation +============ +add "addPlugin('GeoURL');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('GeoURL'); + diff --git a/plugins/Geonames/README b/plugins/Geonames/README new file mode 100644 index 0000000000..ff548503c9 --- /dev/null +++ b/plugins/Geonames/README @@ -0,0 +1,19 @@ +The Geonames plugin uses geonames.org to get human-readable names for locations +based on user-provided lat/long pairs. + +The human-readable names appear after notices that have a lat/long location +attached to them. + +Installation +============ +add "addPlugin('Geonames');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('Geonames'); + diff --git a/plugins/GroupFavorited/README b/plugins/GroupFavorited/README new file mode 100644 index 0000000000..2652e1c795 --- /dev/null +++ b/plugins/GroupFavorited/README @@ -0,0 +1,15 @@ +The GroupFavorited plugin adds a menu item for popular notices in groups. + +Installation +============ +add "addPlugin('GroupFavorited');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('GroupFavorited'); + diff --git a/plugins/GroupPrivateMessage/README b/plugins/GroupPrivateMessage/README new file mode 100644 index 0000000000..04801c97f6 --- /dev/null +++ b/plugins/GroupPrivateMessage/README @@ -0,0 +1,15 @@ +The GroupPrivateMessage plugin allows users to send private messages to a group. + +Installation +============ +add "addPlugin('GroupPrivateMessage');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('GroupPrivateMessage'); + diff --git a/plugins/ImageMagick/README b/plugins/ImageMagick/README new file mode 100644 index 0000000000..8994ec3583 --- /dev/null +++ b/plugins/ImageMagick/README @@ -0,0 +1,21 @@ +The ImageMagick plugin handles more kinds of image formats for thumbnails, +thanks to ImageMagick. + +Note: This plugin depends on php5-imagick + +Installation +============ +add "addPlugin('ImageMagick');" +to the bottom of your config.php + +Settings +======== +animated: Whether to resize animated GIFs. + +Note: We are not infinitely fast, so resizing animated GIFs is _not_ recommended. + +Example +======= +$config['thumbnail']['animated'] = true; +addPlugin('ImageMagick'); + diff --git a/plugins/InProcessCache/README b/plugins/InProcessCache/README new file mode 100644 index 0000000000..4efa43a4db --- /dev/null +++ b/plugins/InProcessCache/README @@ -0,0 +1,23 @@ +The InProcessCache plugin adds an extra level of in-process caching to any +regular cache system like APC, XCache, or Memcache. + +Installation +============ +add "addPlugin('InProcessCache');" +to the bottom of your config.php + +Settings +======== +stats: Whether to dump statistics (cache size, etc) in the log file. + +Note: entries are logged at the LOG_INFO level. + +Example +======= +Note: since most caching plugins return false for StartCache* methods, you +should add this plugin before them, i.e. + + $config['inprocess']['stats'] = true; + addPlugin('InProcessCache'); + addPlugin('XCache'); + diff --git a/plugins/LRDD/README b/plugins/LRDD/README new file mode 100644 index 0000000000..843ea0c35c --- /dev/null +++ b/plugins/LRDD/README @@ -0,0 +1,14 @@ +The LRDD plugin implements Link-based Resource Descriptor Discovery +based on RFC6415, Web Host Metadata, i.e. the predecessor to WebFinger resource +discovery. + +See: http://tools.ietf.org/html/rfc6415 + +Installation +============ +This plugin is enabled by default + +Settings +======== +none + diff --git a/plugins/LilUrl/README b/plugins/LilUrl/README new file mode 100644 index 0000000000..f52bdc77a2 --- /dev/null +++ b/plugins/LilUrl/README @@ -0,0 +1,17 @@ +The LilUrl plugin shortens URLs via a lilURL instance. + +See: http://lilurl.sourceforge.net/ + +Installation +============ +add "addPlugin('LilUrl', array('serviceUrl' => 'http://example.org'));" +to the bottom of your config.php + +Settings +======== +serviceUrl: The URL to the LilUrl instance. + +Example +======= +addPlugin('LilUrl', array('serviceUrl' => 'http://example.org')); + diff --git a/plugins/LinkPreview/README b/plugins/LinkPreview/README index a1b1a87303..e15c67a1a3 100644 --- a/plugins/LinkPreview/README +++ b/plugins/LinkPreview/README @@ -1 +1,23 @@ -Depends on the oEmbed plugin (Oembed) +The LinkPreview plugin adds a UI for previewing thumbnails from links. + +Note: This plugin depends on the "Oembed" plugin. + +Installation +============ +add "addPlugin('LinkPreview');" +to the bottom of your config.php + +Settings +======== +process_links: Whether to process links or not +thumbwidth: The width of the link preview +thumbheight: The height of the link preview + +Example +======= +addPlugin('Oembed'); // Dependency +$config['attachments']['process_links'] = true; +$config['attachments']['thumbwidth'] = 42; +$config['attachments']['thumbheight'] = 42; +addPlugin('LinkPreview'); + diff --git a/plugins/Linkback/README b/plugins/Linkback/README new file mode 100644 index 0000000000..29b493d54f --- /dev/null +++ b/plugins/Linkback/README @@ -0,0 +1,19 @@ +The Linkback plugin performs linkbacks (pingbacks, trackbacks, webmentions) for +notices containing links. + +See: +* https://en.wikipedia.org/wiki/Linkback + +Installation +============ +add "addPlugin('Linkback');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('Linkback'); + diff --git a/plugins/LogFilter/README b/plugins/LogFilter/README new file mode 100644 index 0000000000..fbd54e1663 --- /dev/null +++ b/plugins/LogFilter/README @@ -0,0 +1,20 @@ +The LogFilter plugin provides server-side setting to filter log output by type or keyword. + +Installation +============ +add "addPlugin('LogFilter');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +Disable all debug messages and those containing 'About to push': + +addPlugin('LogFilter', array( + 'priority' => array(LOG_DEBUG => false), + 'regex' => array('/About to push/' => false) +)); + diff --git a/plugins/Mapstraction/README b/plugins/Mapstraction/README new file mode 100644 index 0000000000..6a062cc7e9 --- /dev/null +++ b/plugins/Mapstraction/README @@ -0,0 +1,21 @@ +The Mapstraction plugin provides map visualization of location data. + +Show maps of users' and friends' notices with http://www.mapstraction.com/. + +Installation +============ +add "addPlugin('Mapstraction');" +to the bottom of your config.php + +Settings +======== +provider: Name of the service providing maps ('cloudmade', 'google', 'microsoft', 'openlayers', 'yahoo') +apikey: provider API key (or 'appid'), if required + +Example +======= +addPlugin('Mapstraction', array( + 'provider' => 'openlayers', + 'apikey' => 'API_KEY' +)); + diff --git a/plugins/Memcache/README b/plugins/Memcache/README new file mode 100644 index 0000000000..1344be8294 --- /dev/null +++ b/plugins/Memcache/README @@ -0,0 +1,28 @@ +The Memcache plugin implements cache interface for memcache. + +See: http://memcached.org/ + +Installation +============ +add "addPlugin('Memcache');" +to the bottom of your config.php + +Settings +======== +servers: Array of memcache servers addresses +defaultExpiry: How long before cache expires (in seconds) +compressThreshold: Items over this size threshold are eligible for compression (in bytes) +compressMinSaving: If the compression would save more than this ratio, items are eligible for compression + +Note: To be compressed, an item must be both over the size threshold AND save +more than the minimum ratio. + +Example +======= +addPlugin('Memcache', array( + 'servers' => array('127.0.0.1;11211'), + 'compressThreshold' => 20480, + 'compressMinSaving' => 0.2, + 'defaultExpiry' => 86400 // 24h +)); + diff --git a/plugins/Memcached/README b/plugins/Memcached/README new file mode 100644 index 0000000000..05ae884b02 --- /dev/null +++ b/plugins/Memcached/README @@ -0,0 +1,21 @@ +The Memcached plugin implements cache interface for memcached. + +See: http://memcached.org/ + +Installation +============ +add "addPlugin('Memcached');" +to the bottom of your config.php + +Settings +======== +servers: Array of memcached servers addresses +defaultExpiry: How long before cache expires (in seconds) + +Example +======= +addPlugin('Memcached', array( + 'servers' => array('127.0.0.1;11211'), + 'defaultExpiry' => 86400 // 24h +)); + diff --git a/plugins/MentionURL/README b/plugins/MentionURL/README new file mode 100644 index 0000000000..1c7475da36 --- /dev/null +++ b/plugins/MentionURL/README @@ -0,0 +1,15 @@ +The MentionURL plugin allows mentioning arbitrary URLs. + +Installation +============ +add "addPlugin('MentionURL');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('MentionURL'); + diff --git a/plugins/Mobile/README b/plugins/Mobile/README new file mode 100644 index 0000000000..04e5b43409 --- /dev/null +++ b/plugins/Mobile/README @@ -0,0 +1,10 @@ +Superclass for WAP 2.0 support + +Installation +============ +N/A + +Settings +======== +none + diff --git a/plugins/MobileProfile/README b/plugins/MobileProfile/README new file mode 100644 index 0000000000..ca6dd6a176 --- /dev/null +++ b/plugins/MobileProfile/README @@ -0,0 +1,20 @@ +The MobileProfile plugin implements XHTML MobileProfile output for supporting +user agents. + +See: https://en.wikipedia.org/wiki/XHTML_Mobile_Profile + +Installation +============ +add "addPlugin('MobileProfile');" +to the bottom of your config.php + +Note: This plugin is enabled by default on private and single-user instances. + +Settings +======== +none + +Example +======= +addPlugin('MobileProfile'); + diff --git a/plugins/ModHelper/README b/plugins/ModHelper/README new file mode 100644 index 0000000000..c968f8a827 --- /dev/null +++ b/plugins/ModHelper/README @@ -0,0 +1,16 @@ +The ModHelperPlugin plugin lets users who have been manually marked as +"modhelper"s silence accounts. + +Installation +============ +add "addPlugin('ModHelperPlugin');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('ModHelperPlugin'); + diff --git a/plugins/ModLog/README b/plugins/ModLog/README new file mode 100644 index 0000000000..263d4970fb --- /dev/null +++ b/plugins/ModLog/README @@ -0,0 +1,15 @@ +The ModLog plugin shows the moderation history for a profile in the sidebar. + +Installation +============ +add "addPlugin('ModLog');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('ModLog'); + diff --git a/plugins/ModPlus/README b/plugins/ModPlus/README new file mode 100644 index 0000000000..313453bff6 --- /dev/null +++ b/plugins/ModPlus/README @@ -0,0 +1,15 @@ +The ModPlus plugin shows UI extension for profile moderation actions. + +Installation +============ +add "addPlugin('ModPlus');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('ModPlus'); + diff --git a/plugins/NoticeTitle/README b/plugins/NoticeTitle/README new file mode 100644 index 0000000000..9f994db881 --- /dev/null +++ b/plugins/NoticeTitle/README @@ -0,0 +1,17 @@ +The NoticeTitle plugin allows users to add titles to notices. + +Installation +============ +add "addPlugin('NoticeTitle');" +to the bottom of your config.php + +Settings +======== +restricted: Whether this option is restriced to users with the "richedit" role. + +Example +======= +addPlugin('NoticeTitle', array( + 'restricted' => false +)); + diff --git a/plugins/Oembed/README b/plugins/Oembed/README index be8c09f7a6..b5e1aeae1f 100644 --- a/plugins/Oembed/README +++ b/plugins/Oembed/README @@ -1 +1,29 @@ -It's really called oEmbed. +The Oembed plugin for using and representing oEmbed data. + +See: http://www.oembed.com/ + +Installation +============ +This plugin is enabled by default + +Settings +======== +width: Maximum width of the thumbnail in pixels. +height: Maximum height of the thumbnail in pixels. +show_html: Whether to show HTML oEmbed data. +domain_whitelist: Array of regular expressions. Always escape your dots and end your strings. +check_whitelist: Whether to check the domain_whitelist. + +Example +======= +$config['thumbnail']['width'] = 42; +$config['thumbnail']['height'] = 42; +$config['attachments']['show_html'] = true; +addPlugin('Oembed', array( + 'domain_whitelist' => array( + '^i\d*\.ytimg\.com$' => 'YouTube', + '^i\d*\.vimeocdn\.com$' => 'Vimeo' + ), + 'check_whitelist' => true +)); + diff --git a/plugins/OfflineBackup/README b/plugins/OfflineBackup/README new file mode 100644 index 0000000000..17537f3561 --- /dev/null +++ b/plugins/OfflineBackup/README @@ -0,0 +1,16 @@ +The OfflineBackup plugin backups user data in offline queue and email when +ready. + +Installation +============ +add "addPlugin('OfflineBackup');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('OfflineBackup'); + diff --git a/plugins/OpenExternalLinkTarget/README b/plugins/OpenExternalLinkTarget/README new file mode 100644 index 0000000000..6d4db6437a --- /dev/null +++ b/plugins/OpenExternalLinkTarget/README @@ -0,0 +1,15 @@ +The OpenExternalLinkTarget plugin opens external links in a new window or tab. + +Installation +============ +add "addPlugin('OpenExternalLinkTarget');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('OpenExternalLinkTarget'); + diff --git a/plugins/OpenID/README b/plugins/OpenID/README new file mode 100644 index 0000000000..17114a1dc6 --- /dev/null +++ b/plugins/OpenID/README @@ -0,0 +1,21 @@ +The OpenID plugin allows users to use OpenID to login. + +See: http://openid.net/ + +Installation +============ +This plugin is enabled by default + +Settings +======== +openidonly: Whether we only allow logins through OpenID. +trusted_provider: URL to the OpenID provider. +append_username: Whether to append the username at the end of the OpenID URL + +Example +======= +$config['site']['openidonly'] = true; +$config['openid']['trusted_provider'] = "http://example.org"; +$config['openid']['append_username'] = true; +addPlugin('OpenID'); + diff --git a/plugins/OpenX/README b/plugins/OpenX/README new file mode 100644 index 0000000000..6b05e8e4a5 --- /dev/null +++ b/plugins/OpenX/README @@ -0,0 +1,26 @@ +The OpenX plugin enables support for OpenX Ad Server. + +See: http://www.openx.org/ + +Installation +============ +add "addPlugin('OpenX');" +to the bottom of your config.php + +Settings +======== +mediumRectangle: +rectangle: +leaderboard: +wideSkyscraper: +adScript: + +Example +======= +$config['openx']['mediumRectangle'] = ''; +$config['openx']['rectangle'] = ''; +$config['openx']['leaderboard'] = ''; +$config['openx']['wideSkyscraper'] = ''; +$config['openx']['adScript'] = ''; +addPlugin('OpenX'); + diff --git a/plugins/Orbited/README b/plugins/Orbited/README new file mode 100644 index 0000000000..20d0598e24 --- /dev/null +++ b/plugins/Orbited/README @@ -0,0 +1,37 @@ +The Orbited plugin enables "real time" updates using Orbited + STOMP + +See: +* https://pypi.python.org/pypi/orbited +* https://en.wikipedia.org/wiki/Streaming_Text_Oriented_Messaging_Protocol + +Installation +============ +add "addPlugin('Orbited');" +to the bottom of your config.php + +Settings +======== +webserver: +webport: +channelbase: +stompserver: +stompport: +username: +password: +webuser: +webpass: + +Example +======= +addPlugin('Orbited', array( + 'webserver' => '', + 'webport' => '', + 'channelbase' => '', + 'stompserver' => '', + 'stompport' => '', + 'username' => '', + 'password' => '', + 'webuser' => '', + 'webpass' => '' +)); + diff --git a/plugins/PiwikAnalytics/README b/plugins/PiwikAnalytics/README new file mode 100644 index 0000000000..6d47ee89ff --- /dev/null +++ b/plugins/PiwikAnalytics/README @@ -0,0 +1,23 @@ +The PiwikAnalytics plugin adds JavaScript that sends various traffic details +to a Piwik server to track web access. + +See: +* http://piwik.org/ + +Installation +============ +add "addPlugin('PiwikAnalytics');" +to the bottom of your config.php + +Settings +======== +piwikroot: The root installation URL of the Piwik instance WITHOUT the protocol +piwikId: The ID provided by the Pwiki instance. + +Example +======= +addPlugin('PiwikAnalytics', array( + 'piwikroot' => 'example.org/piwik/', + 'piwikId' => 'PIWIK_ID' +)); + diff --git a/plugins/PostDebug/README b/plugins/PostDebug/README new file mode 100644 index 0000000000..61a69725d3 --- /dev/null +++ b/plugins/PostDebug/README @@ -0,0 +1,18 @@ +The PostDebug plugin records detailed data on POSTs requests. + +Installation +============ +add "addPlugin('PostDebug');" +to the bottom of your config.php + +Settings +======== +dir: The directory where the log file will be saved + +Example +======= + +addPlugin('PostDebug', array( + 'dir' => '/tmp' +)); + diff --git a/plugins/PtitUrl/README b/plugins/PtitUrl/README new file mode 100644 index 0000000000..507b9ecc26 --- /dev/null +++ b/plugins/PtitUrl/README @@ -0,0 +1,18 @@ +The PtitUrl plugin shortens URLS via a PtitUrl URL-shortener service + +Installation +============ +add "addPlugin('PtitUrl');" +to the bottom of your config.php + +Settings +======== +serviceUrl: The URL to the PtitUrl instance + +Example +======= + +addPlugin('PtitUrl', array( + 'serviceUrl' => 'http://example.org' +)); + diff --git a/plugins/QnA/README b/plugins/QnA/README new file mode 100644 index 0000000000..c85b8d910d --- /dev/null +++ b/plugins/QnA/README @@ -0,0 +1,10 @@ +The QnA plugin enables Questions and Answers type of notices + +Installation +============ +This plugin is enabled by default + +Settings +======== +none + diff --git a/plugins/RegisterThrottle/README b/plugins/RegisterThrottle/README new file mode 100644 index 0000000000..049bfd77c6 --- /dev/null +++ b/plugins/RegisterThrottle/README @@ -0,0 +1,24 @@ +The RegisterThrottle plugin throttles registration by IP address + +Installation +============ +This plugin is enabled by default on public instances, otherwise it can be +enabled by adding "addPlugin('RegisterThrottle');" to the bottom of your +config.php + +Settings +======== +regLimits: Array of time spans in seconds to limits. Default is 3 registrations per hour, 5 per day, 10 per week. +silenced: Disallow registration if a silenced user has registered from this IP address + +Example +======= +addPlugin('RegisterThrottle', array( + 'regLimits' => array( + 604800 => 10, // per week + 86400 => 5, // per day + 3600 => 3 // per hour + ), + 'silenced' => true +)); + diff --git a/plugins/SQLProfile/README b/plugins/SQLProfile/README new file mode 100644 index 0000000000..03b42b3262 --- /dev/null +++ b/plugins/SQLProfile/README @@ -0,0 +1,17 @@ +The SQLProfile plugin watches for poorly indexed DB queries. + +Installation +============ +add "addPlugin('SQLProfile');" +to the bottom of your config.php + +Settings +======== +none + +Note: entries are logged at the LOG_DEBUG level. + +Example +======= +addPlugin('SQLProfile'); + diff --git a/plugins/SQLStats/README b/plugins/SQLStats/README new file mode 100644 index 0000000000..0f840b1af5 --- /dev/null +++ b/plugins/SQLStats/README @@ -0,0 +1,18 @@ +The SQLStats plugin logs statistics on performed SQL queries. + +Installation +============ +add "addPlugin('SQLStats');" +to the bottom of your config.php + +Settings +======== +verbose: whether to be verbose or not + +Note: entries are logged at the LOG_INFO level. + +Example +======= +$config['sqlstats']['verbose'] = false; +addPlugin('SQLStats'); + diff --git a/plugins/Sample/README b/plugins/Sample/README new file mode 100644 index 0000000000..ff1188d8af --- /dev/null +++ b/plugins/Sample/README @@ -0,0 +1,19 @@ +The Sample plugin shows best practices for development of GNU social plugins. + +It adds a "Hello" menu item to the default menu and tracks how many times it +has greeted each user. + +Installation +============ +add "addPlugin('Sample');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= + +addPlugin('Sample'); + diff --git a/plugins/SearchSub/README b/plugins/SearchSub/README new file mode 100644 index 0000000000..7e9e693a8e --- /dev/null +++ b/plugins/SearchSub/README @@ -0,0 +1,10 @@ +The SearchSub plugin allows following all messages with a given search. + +Installation +============ +This plugin is enabled by default + +Settings +======== +none + diff --git a/plugins/Share/README b/plugins/Share/README new file mode 100644 index 0000000000..6ca78ac7d0 --- /dev/null +++ b/plugins/Share/README @@ -0,0 +1,10 @@ +The Share plugin implements "Shares" (repeats) type of notices + +Installation +============ +This plugin is enabled by default + +Settings +======== +none + diff --git a/plugins/ShareNotice/README b/plugins/ShareNotice/README new file mode 100644 index 0000000000..0379c594db --- /dev/null +++ b/plugins/ShareNotice/README @@ -0,0 +1,23 @@ +The ShareNotice plugin allows sharing of notices to Twitter, Facebook and other +platforms. + +Installation +============ +add "addPlugin('ShareNotice');" +to the bottom of your config.php + +Settings +======== +targets: Array of platforms allowed to share to + +Example +======= + +addPlugin('ShareNotice', array( + 'targets' => array( + array('Twitter'), + array('Facebook'), + array('StatusNet', array('baseurl' => 'http://example.org')) + ) +)); + diff --git a/plugins/SimpleCaptcha/README b/plugins/SimpleCaptcha/README new file mode 100644 index 0000000000..754fe13c16 --- /dev/null +++ b/plugins/SimpleCaptcha/README @@ -0,0 +1,10 @@ +A simple captcha to get rid of spambots. + +Installation +============ +This plugin is enabled by default + +Settings +======== +none + diff --git a/plugins/SimpleUrl/README b/plugins/SimpleUrl/README new file mode 100644 index 0000000000..5a9f953d5d --- /dev/null +++ b/plugins/SimpleUrl/README @@ -0,0 +1,18 @@ +The SimpleUrl plugin shortens URLS via a SimpleUrl URL-shortener service + +Installation +============ +add "addPlugin('SimpleUrl');" +to the bottom of your config.php + +Settings +======== +serviceUrl: The URL to the SimpleUrl instance + +Example +======= + +addPlugin('SimpleUrl', array( + 'serviceUrl' => 'http://example.org' +)); + diff --git a/plugins/SiteNoticeInSidebar/README b/plugins/SiteNoticeInSidebar/README new file mode 100644 index 0000000000..6e70cbc40e --- /dev/null +++ b/plugins/SiteNoticeInSidebar/README @@ -0,0 +1,16 @@ +The SiteNoticeInSidebar plugin puts the site notice in the sidebar. + +Installation +============ +add "addPlugin('SiteNoticeInSidebar');" +to the bottom of your config.php + +Settings +======== +notice: The text to use in the site notice + +Example +======= +$config['site']['notice'] = 'Site notice content'; +addPlugin('SiteNoticeInSidebar'); + diff --git a/plugins/Sitemap/README b/plugins/Sitemap/README new file mode 100644 index 0000000000..b6717da622 --- /dev/null +++ b/plugins/Sitemap/README @@ -0,0 +1,20 @@ +The Sitemap plugin creates a dynamic sitemap for Bing, Yahoo! and Google + +Installation +============ +add "addPlugin('Sitemap');" +to the bottom of your config.php + +Settings +======== +googlekey: The key provided by Google +yahookey: The key provided by Yahoo! +bingkey: The key provided by Bing + +Example +======= +$config['sitemap']['googlekey'] = 'GOOGLE_KEY'; +$config['sitemap']['yahookey'] = 'YAHOO_KEY'; +$config['sitemap']['bingkey'] = 'BING_KEY'; +addPlugin('Sitemap'); + diff --git a/plugins/SlicedFavorites/README b/plugins/SlicedFavorites/README new file mode 100644 index 0000000000..550e2feeb4 --- /dev/null +++ b/plugins/SlicedFavorites/README @@ -0,0 +1,30 @@ +The SlicedFavorites plugin shows timelines of popular notices for defined +subsets of users. + +Installation +============ +add "addPlugin('SlicedFavorites');" +to the bottom of your config.php + +Settings +======== +slices: Array of subsets + +Example +======= +addPlugin('SlicedFavorites', array( + 'slices' => array( + // show only pop's notices on /favorited + 'default' => array('include' => array('pop')), + + // show only son's notices on /favorited/blog + 'blog' => array('include' => array('son')), + + // show all favorited notices except pop's and son's on /favorited/submitted + 'submitted' => array('exclude' => array('pop', 'son')), + + // show all favorited notices on /favorited/everybody + 'everybody' => array(), + ) +)); + diff --git a/plugins/SphinxSearch/README b/plugins/SphinxSearch/README index 5a2c063bd0..873a8cf692 100644 --- a/plugins/SphinxSearch/README +++ b/plugins/SphinxSearch/README @@ -8,9 +8,9 @@ Configuration In StatusNet's configuration, you can adjust the following settings under 'sphinx': -enabled: Set to true to enable. Default false. -server: a string with the hostname of the sphinx server. -port: an integer with the port number of the sphinx server. +enabled: Set to true to enable. Default true. +server: a string with the hostname of the sphinx server. Default localhost +port: an integer with the port number of the sphinx server. Default 3312 Requirements diff --git a/plugins/StoreRemoteMedia/README b/plugins/StoreRemoteMedia/README new file mode 100644 index 0000000000..a6bd91f605 --- /dev/null +++ b/plugins/StoreRemoteMedia/README @@ -0,0 +1,22 @@ +The StoreRemoteMedia plugin downloads remotely attached files to local server. + +Installation +============ +add "addPlugin('StoreRemoteMedia');" +to the bottom of your config.php + +Settings +======== +domain_whitelist: Array of regular expressions. Always escape your dots and end your strings. +check_whitelist: Whether to check the domain_whitelist. + +Example +======= +addPlugin('StoreRemoteMedia', array( + 'domain_whitelist' => array( + '^i\d*\.ytimg\.com$' => 'YouTube', + '^i\d*\.vimeocdn\.com$' => 'Vimeo' + ), + 'check_whitelist' => true +)); + diff --git a/plugins/SubMirror/README b/plugins/SubMirror/README new file mode 100644 index 0000000000..1910874d1c --- /dev/null +++ b/plugins/SubMirror/README @@ -0,0 +1,15 @@ +The SubMirror plugin pull PuSH-enabled feeds into your timeline. + +Installation +============ +add "addPlugin('SubMirror');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('SubMirror'); + diff --git a/plugins/SubscriptionThrottle/README b/plugins/SubscriptionThrottle/README new file mode 100644 index 0000000000..686ba2bc2f --- /dev/null +++ b/plugins/SubscriptionThrottle/README @@ -0,0 +1,26 @@ +The SubscriptionThrottle plugin limits how fast users can subscribe to groups +and other users. + +Installation +============ +add "addPlugin('SubscriptionThrottle');" +to the bottom of your config.php + +Settings +======== +subLimits: Array of time spans in seconds to limit subscriptions to users. +groupLimits: Array of time spans in seconds to limit subscriptions to groups. + +Example +======= +addPlugin('SubscriptionThrottle', array( + 'subLimits' => array( + 86400 => 100, // 100 subs per day + 3600 => 50; // 50 subs per hour + ), + 'groupLimits' => array( + 86400 => 50, // 50 subs per day + 3600 => 25; // 25 subs per hour + ) +)); + diff --git a/plugins/TabFocus/README b/plugins/TabFocus/README new file mode 100644 index 0000000000..61d7c60b2b --- /dev/null +++ b/plugins/TabFocus/README @@ -0,0 +1,17 @@ +The TabFocus plugin changes the notice form behavior so that, while in the text +area, pressing the tab key focuses the "Send" button, matching the behavior of +Twitter. + +Installation +============ +add "addPlugin('TabFocus');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('TabFocus'); + diff --git a/plugins/TagSub/README b/plugins/TagSub/README new file mode 100644 index 0000000000..a13d4bf471 --- /dev/null +++ b/plugins/TagSub/README @@ -0,0 +1,10 @@ +The TagSub plugin allows following all messages with a given tag. + +Installation +============ +This plugin is enabled by default + +Settings +======== +none + diff --git a/plugins/TightUrl/README b/plugins/TightUrl/README new file mode 100644 index 0000000000..35abb3bb7d --- /dev/null +++ b/plugins/TightUrl/README @@ -0,0 +1,18 @@ +The TightUrl plugin shortens URLS via a TightUrl URL-shortener service + +Installation +============ +add "addPlugin('TightUrl');" +to the bottom of your config.php + +Settings +======== +serviceUrl: The URL to the TightUrl instance + +Example +======= + +addPlugin('TightUrl', array( + 'serviceUrl' => 'http://example.org' +)); + diff --git a/plugins/UserFlag/README b/plugins/UserFlag/README new file mode 100644 index 0000000000..9fbfcc7c01 --- /dev/null +++ b/plugins/UserFlag/README @@ -0,0 +1,18 @@ +The UserFlag plugin allows flagging of profiles for review and reviewing +flagged profiles. + +Installation +============ +add "addPlugin('UserFlag');" +to the bottom of your config.php + +Settings +======== +flagOnBlock: Whether to automatically flag a profile when a user blocks it. + +Example +======= +addPlugin('UserFlag', array( + 'flagOnBlock' => true +)); + diff --git a/plugins/UserLimit/README b/plugins/UserLimit/README new file mode 100644 index 0000000000..07f32bb41e --- /dev/null +++ b/plugins/UserLimit/README @@ -0,0 +1,17 @@ +The UserLimit plugin limits the number of users who can register. + +Installation +============ +add "addPlugin('UserLimit');" +to the bottom of your config.php + +Settings +======== +maxUsers: The number of maximum users allowed. + +Example +======= +addPlugin('UserLimit', array( + 'maxUsers' => 42 +)); + diff --git a/plugins/VideoThumbnails/README b/plugins/VideoThumbnails/README new file mode 100644 index 0000000000..0967532c8c --- /dev/null +++ b/plugins/VideoThumbnails/README @@ -0,0 +1,19 @@ +The VideoThumbnails plugin enables video thumbnail preview support. + +Installation +============ +add "addPlugin('VideoThumbnails');" +to the bottom of your config.php + +Note: This plugin depends on +* avconv +* php5-gd + +Settings +======== +none + +Example +======= +addPlugin('VideoThumbnails'); + diff --git a/plugins/WebFinger/README b/plugins/WebFinger/README new file mode 100644 index 0000000000..3c49338515 --- /dev/null +++ b/plugins/WebFinger/README @@ -0,0 +1,10 @@ +The WebFinger plugin adds WebFinger lookup to GNU Social + +Installation +============ +This plugin is enabled by default except on private instances + +Settings +======== +none + diff --git a/plugins/WikiHashtags/REAME b/plugins/WikiHashtags/REAME new file mode 100644 index 0000000000..209b0c3802 --- /dev/null +++ b/plugins/WikiHashtags/REAME @@ -0,0 +1,17 @@ +The WikiHashtags plugin shows WikiHashtags content in the sidebar + +See: http://hashtags.wikia.com/wiki/WikiHashtags + +Installation +============ +add "addPlugin('WikiHashtags');" +to the bottom of your config.php + +Settings +======== +none + +Example +======= +addPlugin('WikiHashtags'); + From 70d85c58e277b53272520f54a4e6a2c0a75f121c Mon Sep 17 00:00:00 2001 From: abjectio Date: Thu, 11 Feb 2016 00:24:06 +0100 Subject: [PATCH 007/415] Enable configuration option for number of queuedaemon threads --- scripts/queuedaemon.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/queuedaemon.php b/scripts/queuedaemon.php index 582a3dd888..efc1e04e9e 100755 --- a/scripts/queuedaemon.php +++ b/scripts/queuedaemon.php @@ -169,6 +169,9 @@ if (have_option('t')) { $threads = intval(get_option_value('--threads')); } else { $threads = 0; + //If there is no argument for number of threads + //Try reading a config option for the number + $threads = common_config('queue','threads'); } if (!$threads) { $threads = getProcessorCount(); From 501d081d3ba9daddb3adf91cff4c496f1b45b3a9 Mon Sep 17 00:00:00 2001 From: hannes Date: Tue, 16 Feb 2016 19:16:05 +0000 Subject: [PATCH 008/415] getKV doesn't throw exception --- classes/File_redirection.php | 27 ++++++++++++++++----------- 1 file changed, 16 insertions(+), 11 deletions(-) diff --git a/classes/File_redirection.php b/classes/File_redirection.php index 32c9cc7a3a..8ce715e699 100644 --- a/classes/File_redirection.php +++ b/classes/File_redirection.php @@ -170,19 +170,22 @@ class File_redirection extends Managed_DataObject try { $r = File_redirection::getByUrl($in_url); - try { - $f = File::getKV('id',$r->file_id); + + $f = File::getKV('id',$r->file_id); + + if($file instanceof File) { $r->file = $f; - $r->redir_url = $f->url; - } catch (NoResultException $e) { + $r->redir_url = $f->url; + } else { // Invalid entry, delete and run again common_log(LOG_ERR, "Could not find File with id=".$r->file_id." referenced in File_redirection, deleting File redirection entry and and trying again..."); $r->delete(); - return self::where($in_url); + return self::where($in_url); } + // File_redirecion and File record found, return both return $r; - + } catch (NoResultException $e) { // File_redirecion record not found, but this might be a direct link to a file try { @@ -207,15 +210,17 @@ class File_redirection extends Managed_DataObject // in that case we have the file id already try { $r = File_redirection::getByUrl($redir_info['url']); - try { - $f = File::getKV('id',$r->file_id); + + $f = File::getKV('id',$r->file_id); + + if($f instanceof File) { $redir->file = $f; - $redir->redir_url = $f->url; - } catch (NoResultException $e) { + $redir->redir_url = $f->url; + } else { // Invalid entry in File_redirection, delete and run again common_log(LOG_ERR, "Could not find File with id=".$r->file_id." referenced in File_redirection, deleting File_redirection entry and trying again..."); $r->delete(); - return self::where($in_url); + return self::where($in_url); } } catch (NoResultException $e) { // save the file now when we know that we don't have it in File_redirection From 3ef573f67c33010c4656c546e5243f0a64b0e3bb Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 24 Feb 2016 16:42:35 +0100 Subject: [PATCH 009/415] Default to profile size in Avatar::defaultAvatar --- classes/Avatar.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/classes/Avatar.php b/classes/Avatar.php index d8cc134b80..62885f402b 100644 --- a/classes/Avatar.php +++ b/classes/Avatar.php @@ -207,7 +207,7 @@ class Avatar extends Managed_DataObject } } - static function defaultImage($size) + static function defaultImage($size=AVATAR_PROFILE_SIZE) { static $sizenames = array(AVATAR_PROFILE_SIZE => 'profile', AVATAR_STREAM_SIZE => 'stream', From 731fd011390ea3149f72de916df49d2ff8b0b0da Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 24 Feb 2016 16:42:54 +0100 Subject: [PATCH 010/415] Allow easy fetching of rel="me" values --- classes/Profile.php | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/classes/Profile.php b/classes/Profile.php index 7aae98fb5f..a5e0d092dc 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -900,6 +900,31 @@ class Profile extends Managed_DataObject return parent::update($dataObject); } + public function getRelSelf() + { + return ['href' => $this->getUrl(), + 'text' => common_config('site', 'name'), + 'image' => Avatar::urlByProfile($this)]; + } + + // All the known rel="me", used for the IndieWeb audience + public function getRelMes() + { + $relMes = array(); + try { + $relMes[] = $this->getRelSelf(); + } catch (InvalidUrlException $e) { + // no valid profile URL available + } + if (common_valid_http_url($this->getHomepage())) { + $relMes[] = ['href' => $this->getHomepage(), + 'text' => _('Homepage'), + 'image' => null]; + } + Event::handle('OtherAccountProfiles', array($this, &$relMes)); + return $relMes; + } + function delete($useWhere=false) { // just in case it hadn't been done before... (usually set before adding deluser to queue handling!) From 1d0a448e07fec01ca0b3b90d29aef2341f97febf Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 24 Feb 2016 16:43:09 +0100 Subject: [PATCH 011/415] Publish rel="me" in Link HTTP headers --- actions/showstream.php | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/actions/showstream.php b/actions/showstream.php index 3ac837a67e..33ec49df99 100644 --- a/actions/showstream.php +++ b/actions/showstream.php @@ -155,6 +155,17 @@ class ShowstreamAction extends NoticestreamAction sprintf(_('FOAF for %s'), $this->target->getNickname()))); } + public function extraHeaders() + { + parent::extraHeaders(); + // Publish all the rel="me" in the HTTP headers on our main profile page + if (get_class($this) == 'ShowstreamAction') { + foreach ($this->target->getRelMes() as $relMe) { + header('Link: <'.htmlspecialchars($relMe['href']).'>'.$type.'; rel="me"', false); + } + } + } + function extraHead() { if ($this->target->bio) { From 128a00c4ab381417ac4d3be1f72ad16569534708 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 24 Feb 2016 16:48:44 +0100 Subject: [PATCH 012/415] Include feeds in Link HTTP headers, for easier discovery --- lib/feed.php | 5 +++++ lib/noticestreamaction.php | 12 ++++++++++++ 2 files changed, 17 insertions(+) diff --git a/lib/feed.php b/lib/feed.php index e04c69be6c..d61c3e8a34 100644 --- a/lib/feed.php +++ b/lib/feed.php @@ -62,6 +62,11 @@ class Feed $this->title = $title; } + function getUrl() + { + return $this->url; + } + function mimeType() { switch ($this->type) { diff --git a/lib/noticestreamaction.php b/lib/noticestreamaction.php index fb592915a7..e668a27daf 100644 --- a/lib/noticestreamaction.php +++ b/lib/noticestreamaction.php @@ -34,6 +34,18 @@ abstract class NoticestreamAction extends ProfileAction // pass by default } + public function extraHeaders() + { + parent::extraHeaders(); + foreach ($this->getFeeds() as $feed) { + header('Link: <'.htmlspecialchars($feed->getUrl()).'>;' . + ' rel="'.htmlspecialchars($feed->rel()).'";' . + ' type="'.htmlspecialchars($feed->mimeType()).'"', + false // don't overwrite previous headers of this sort + ); + } + } + // this fetches the NoticeStream abstract public function getStream(); } From 99f2aba6e164795035326f3520979e70c22d1f10 Mon Sep 17 00:00:00 2001 From: Chimo Date: Wed, 24 Feb 2016 12:42:41 -0500 Subject: [PATCH 013/415] Fix: Cannot remove OpenID OpenidsettingsAction::removeOpenID() was comparing and int with a string so always displayed "That OpenID does not belong to you." --- plugins/OpenID/actions/openidsettings.php | 2 +- plugins/OpenID/classes/User_openid.php | 10 ++++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/plugins/OpenID/actions/openidsettings.php b/plugins/OpenID/actions/openidsettings.php index bf5d8886f1..75835ff1f1 100644 --- a/plugins/OpenID/actions/openidsettings.php +++ b/plugins/OpenID/actions/openidsettings.php @@ -287,7 +287,7 @@ class OpenidsettingsAction extends SettingsAction // TRANS: Form validation error for a non-existing OpenID. throw new ClientException(_m('No such OpenID.')); } - if ($this->scoped->getID() !== $oid->user_id) { + if ($this->scoped->getID() !== $oid->getID()) { // TRANS: Form validation error if OpenID is connected to another user. throw new ClientException(_m('That OpenID does not belong to you.')); } diff --git a/plugins/OpenID/classes/User_openid.php b/plugins/OpenID/classes/User_openid.php index 7e53d8ec95..2221a9e78a 100644 --- a/plugins/OpenID/classes/User_openid.php +++ b/plugins/OpenID/classes/User_openid.php @@ -45,6 +45,16 @@ class User_openid extends Managed_DataObject ); } + public function getID() + { + if (!isset($this->user_id)) { + throw new Exception('No ID set.'); + } elseif (empty($this->user_id)) { + throw new Exception('Empty ID for object! (not inserted yet?).'); + } + return intval($this->user_id); + } + static function hasOpenID($user_id) { $oid = new User_openid(); From 54da2526edab29c1132305d858166437ef7e25d3 Mon Sep 17 00:00:00 2001 From: Chimo Date: Mon, 22 Feb 2016 20:33:25 -0500 Subject: [PATCH 014/415] Fix !group autocomplete "Call to undefined method User_group::getFullname" --- classes/User_group.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/classes/User_group.php b/classes/User_group.php index 2484f3f265..ecec1ee663 100644 --- a/classes/User_group.php +++ b/classes/User_group.php @@ -105,6 +105,11 @@ class User_group extends Managed_DataObject return $this->getProfile()->getNickname(); } + public function getFullname() + { + return $this->getProfile()->getFullname(); + } + public static function defaultLogo($size) { static $sizenames = array(AVATAR_PROFILE_SIZE => 'profile', From e3e3a91734ba17d6d8a3f8fa36514490df3ec526 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 24 Feb 2016 19:34:12 +0100 Subject: [PATCH 015/415] Correct comment on Notice->conversation in table schema --- classes/Notice.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/classes/Notice.php b/classes/Notice.php index ccd398003d..5a37834e1a 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -88,7 +88,7 @@ class Notice extends Managed_DataObject 'reply_to' => array('type' => 'int', 'description' => 'notice replied to (usually a guess)'), 'is_local' => array('type' => 'int', 'size' => 'tiny', 'default' => 0, 'description' => 'notice was generated by a user'), 'source' => array('type' => 'varchar', 'length' => 32, 'description' => 'source of comment, like "web", "im", or "clientname"'), - 'conversation' => array('type' => 'int', 'description' => 'id of root notice in this conversation'), + 'conversation' => array('type' => 'int', 'description' => 'the local numerical conversation id'), 'repeat_of' => array('type' => 'int', 'description' => 'notice this is a repeat of'), 'object_type' => array('type' => 'varchar', 'length' => 191, 'description' => 'URI representing activity streams object type', 'default' => null), 'verb' => array('type' => 'varchar', 'length' => 191, 'description' => 'URI representing activity streams verb', 'default' => 'http://activitystrea.ms/schema/1.0/post'), From 6d3aa3276a84b949d09b31de00eeaffc22d1dfca Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 25 Feb 2016 12:32:33 +0100 Subject: [PATCH 016/415] socialfy-your-domain made people think you needed manual interaction I don't know why, but people started following those instructions for no apparent reason and it ended up causing a bunch of federation issues or homegrown cron script messes. Maybe changing the name to "another" instead of "your" domain will make people stop doing stuff randomly. --- {socialfy-your-domain => socialfy-another-domain}/README.txt | 5 +++++ .../dot-well-known/host-meta | 0 .../dot-well-known/webfinger/example@example.com.xml | 0 .../dot-well-known/webfinger/index.php | 0 4 files changed, 5 insertions(+) rename {socialfy-your-domain => socialfy-another-domain}/README.txt (85%) rename {socialfy-your-domain => socialfy-another-domain}/dot-well-known/host-meta (100%) rename {socialfy-your-domain => socialfy-another-domain}/dot-well-known/webfinger/example@example.com.xml (100%) rename {socialfy-your-domain => socialfy-another-domain}/dot-well-known/webfinger/index.php (100%) diff --git a/socialfy-your-domain/README.txt b/socialfy-another-domain/README.txt similarity index 85% rename from socialfy-your-domain/README.txt rename to socialfy-another-domain/README.txt index b7691abe8d..7cb01ed2ef 100644 --- a/socialfy-your-domain/README.txt +++ b/socialfy-another-domain/README.txt @@ -1,6 +1,11 @@ Initial simple way to Webfinger enable your domain -- needs PHP. ================================================================ +This guide needs some updating, since it will only guide you to present +XML data (while the curl command likely gives you JSON). The workaround +is to simply make curl get 'webfinger.xml' instead, and/or have another +file that contains JSON, but that requires editing the PHP file as well. + Step 1 ====== diff --git a/socialfy-your-domain/dot-well-known/host-meta b/socialfy-another-domain/dot-well-known/host-meta similarity index 100% rename from socialfy-your-domain/dot-well-known/host-meta rename to socialfy-another-domain/dot-well-known/host-meta diff --git a/socialfy-your-domain/dot-well-known/webfinger/example@example.com.xml b/socialfy-another-domain/dot-well-known/webfinger/example@example.com.xml similarity index 100% rename from socialfy-your-domain/dot-well-known/webfinger/example@example.com.xml rename to socialfy-another-domain/dot-well-known/webfinger/example@example.com.xml diff --git a/socialfy-your-domain/dot-well-known/webfinger/index.php b/socialfy-another-domain/dot-well-known/webfinger/index.php similarity index 100% rename from socialfy-your-domain/dot-well-known/webfinger/index.php rename to socialfy-another-domain/dot-well-known/webfinger/index.php From e69f87824103e4fc0e9ff412a757bfde30afd765 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 25 Feb 2016 15:48:37 +0100 Subject: [PATCH 017/415] Notice getRendered() can now be called on uninserted notices --- classes/Notice.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index 5a37834e1a..c56d68578d 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -260,7 +260,8 @@ class Notice extends Managed_DataObject public function getRendered() { - if (is_null($this->rendered) || $this->rendered === '') { + // we test $this->id because if it's not inserted yet, we can't update the field + if (!empty($this->id) && (is_null($this->rendered) || $this->rendered === '')) { // update to include rendered content on-the-fly, so we don't have to have a fix-up script in upgrade.php common_debug('Rendering notice '.$this->getID().' as it had no rendered HTML content.'); $orig = clone($this); @@ -854,8 +855,7 @@ class Notice extends Managed_DataObject } // Strip out any bad HTML $stored->rendered = common_purify($content); - // yeah, just don't use getRendered() here since it's not inserted yet ;) - $stored->content = common_strip_html($stored->rendered); + $stored->content = common_strip_html($stored->getRendered(), true, true); if (trim($stored->content) === '') { // TRANS: Error message when the plain text content of a notice has zero length. throw new ClientException(_('Empty notice content, will not save this.')); From 4239c952d21ea98cb3c834cc345a9a451ba156b1 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 25 Feb 2016 19:46:17 +0100 Subject: [PATCH 018/415] $metadata->thumbnail_url is not guaranteed to be set We should probably have a separate class for this, so we can more easily combine different technologies similar to oEmbed/OpenGraph. --- plugins/Oembed/OembedPlugin.php | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/plugins/Oembed/OembedPlugin.php b/plugins/Oembed/OembedPlugin.php index c90f57439b..44e4ac9318 100644 --- a/plugins/Oembed/OembedPlugin.php +++ b/plugins/Oembed/OembedPlugin.php @@ -73,18 +73,20 @@ class OembedPlugin extends Plugin $metadata = OpenGraphHelper::ogFromHtml($dom); } - // sometimes sites serve the path, not the full URL, for images - // let's "be liberal in what you accept from others"! - // add protocol and host if the thumbnail_url starts with / - if(substr($metadata->thumbnail_url,0,1) == '/') { - $thumbnail_url_parsed = parse_url($metadata->url); - $metadata->thumbnail_url = $thumbnail_url_parsed['scheme']."://".$thumbnail_url_parsed['host'].$metadata->thumbnail_url; - } + if (isset($metadata->thumbnail_url)) { + // sometimes sites serve the path, not the full URL, for images + // let's "be liberal in what you accept from others"! + // add protocol and host if the thumbnail_url starts with / + if(substr($metadata->thumbnail_url,0,1) == '/') { + $thumbnail_url_parsed = parse_url($metadata->url); + $metadata->thumbnail_url = $thumbnail_url_parsed['scheme']."://".$thumbnail_url_parsed['host'].$metadata->thumbnail_url; + } - // some wordpress opengraph implementations sometimes return a white blank image - // no need for us to save that! - if($metadata->thumbnail_url == 'https://s0.wp.com/i/blank.jpg') { - unset($metadata->thumbnail_url); + // some wordpress opengraph implementations sometimes return a white blank image + // no need for us to save that! + if($metadata->thumbnail_url == 'https://s0.wp.com/i/blank.jpg') { + unset($metadata->thumbnail_url); + } } } From e6e1705852d7e529b38acb3714549cb052b473e6 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 25 Feb 2016 22:15:54 +0100 Subject: [PATCH 019/415] Make uploads work properly if we accept _all_ attachment types Also introduced $config['attachments']['extblacklist'] that can disable certain file extensions (or rewrite them, for example php => phps) --- classes/File.php | 53 +++++++++++++++++++++++++++++++++++++++-------- lib/default.php | 4 ++++ lib/mediafile.php | 4 ++-- 3 files changed, 50 insertions(+), 11 deletions(-) diff --git a/classes/File.php b/classes/File.php index 6ba80eb5f6..2115313a81 100644 --- a/classes/File.php +++ b/classes/File.php @@ -237,7 +237,7 @@ class File extends Managed_DataObject static function filename(Profile $profile, $origname, $mimetype) { - $ext = self::guessMimeExtension($mimetype); + $ext = self::guessMimeExtension($mimetype, $origname); // Normalize and make the original filename more URL friendly. $origname = basename($origname, ".$ext"); @@ -258,19 +258,54 @@ class File extends Managed_DataObject return $filename; } - static function guessMimeExtension($mimetype) + /** + * @param $mimetype The mimetype we've discovered for this file. + * @param $filename An optional filename which we can use on failure. + */ + static function guessMimeExtension($mimetype, $filename=null) { + $ext = null; try { + // first see if we know the extension for our mimetype $ext = common_supported_mime_to_ext($mimetype); - } catch (Exception $e) { - // We don't support this mimetype, but let's guess the extension - $matches = array(); - if (!preg_match('/\/([a-z0-9]+)/', mb_strtolower($mimetype), $matches)) { - throw new Exception('Malformed mimetype: '.$mimetype); + // we do, so use it! + return $ext; + } catch (Exception $e) { // FIXME: Make this exception more specific to "unknown mime=>ext relation" + // We don't know the extension for this mimetype, but let's guess. + + // If we are very liberal with uploads ($config['attachments']['supported'] === true) + // then we try to do some guessing based on the filename, if it was supplied. + if (!is_null($filename) && common_config('attachments', 'supported')===true + && preg_match('/^.+\.([A-Za-z0-9]+)$/', $filename, $matches)) { + // we matched on a file extension, so let's see if it means something. + $ext = mb_strtolower($matches[1]); + + $blacklist = common_config('attachments', 'extblacklist'); + // If we got an extension from $filename we want to check if it's in a blacklist + // so we avoid people uploading .php files etc. + if (array_key_exists($ext, $blacklist)) { + if (!is_string($blacklist[$ext])) { + // we don't have a safe replacement extension + throw ClientException(_('Blacklisted file extension.')); + } + common_debug('Found replaced extension for filename '._ve($filename).': '._ve($ext)); + + // return a safe replacement extension ('php' => 'phps' for example) + return $blacklist[$ext]; + } + // the attachment extension based on its filename was not blacklisted so it's ok to use it + return $ext; } - $ext = $matches[1]; } - return mb_strtolower($ext); + + // If nothing else has given us a result, try to extract it from + // the mimetype value (this turns .jpg to .jpeg for example...) + $matches = array(); + if (!preg_match('/\/([a-z0-9]+)/', mb_strtolower($mimetype), $matches)) { + throw new Exception('Malformed mimetype: '.$mimetype); + } + $ext = mb_strtolower($matches[1]); + return $ext; } /** diff --git a/lib/default.php b/lib/default.php index f8ce3bd4fe..b945c24e20 100644 --- a/lib/default.php +++ b/lib/default.php @@ -266,6 +266,10 @@ $default = 'show_html' => false, // show (filtered) text/html attachments (and oEmbed HTML etc.). Doesn't affect AJAX calls. 'show_thumbs' => true, // show thumbnails in notice lists for uploaded images, and photos and videos linked remotely that provide oEmbed info 'process_links' => true, // check linked resources for embeddable photos and videos; this will hit referenced external web sites when processing new messages. + 'extblacklist' => [ + 'php' => 'phps', + 'exe' => false, // this would deny any uploads to keep the "exe" file extension + ], ), 'thumbnail' => array('crop' => false, // overridden to true if thumb height === null diff --git a/lib/mediafile.php b/lib/mediafile.php index 9fe5432ad5..1e0fb39769 100644 --- a/lib/mediafile.php +++ b/lib/mediafile.php @@ -253,15 +253,15 @@ class MediaFile File::respectsQuota($scoped, $_FILES[$param]['size']); $mimetype = self::getUploadedMimeType($_FILES[$param]['tmp_name'], $_FILES[$param]['name']); + $basename = basename($_FILES[$param]['name']); switch (common_config('attachments', 'filename_base')) { case 'upload': - $basename = basename($_FILES[$param]['name']); $filename = File::filename($scoped, $basename, $mimetype); break; case 'hash': default: - $filename = strtolower($filehash) . '.' . File::guessMimeExtension($mimetype); + $filename = strtolower($filehash) . '.' . File::guessMimeExtension($mimetype, $basename); } $filepath = File::path($filename); From bac37d17143f9847e82f9e2c58d1646245747d77 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 25 Feb 2016 22:17:44 +0100 Subject: [PATCH 020/415] syntax error --- classes/File.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/classes/File.php b/classes/File.php index 2115313a81..171ba9942b 100644 --- a/classes/File.php +++ b/classes/File.php @@ -286,7 +286,7 @@ class File extends Managed_DataObject if (array_key_exists($ext, $blacklist)) { if (!is_string($blacklist[$ext])) { // we don't have a safe replacement extension - throw ClientException(_('Blacklisted file extension.')); + throw new ClientException(_('Blacklisted file extension.')); } common_debug('Found replaced extension for filename '._ve($filename).': '._ve($ext)); From 4d17d9533552ea620b83109c550e250a5c236291 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 25 Feb 2016 22:31:45 +0100 Subject: [PATCH 021/415] Try to get mime data before hashing (cpu intensive) --- plugins/Oembed/OembedPlugin.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/plugins/Oembed/OembedPlugin.php b/plugins/Oembed/OembedPlugin.php index 44e4ac9318..196b07d75d 100644 --- a/plugins/Oembed/OembedPlugin.php +++ b/plugins/Oembed/OembedPlugin.php @@ -325,8 +325,10 @@ class OembedPlugin extends Plugin throw new UnsupportedMediaException(_('Image file had impossible geometry (0 width or height)')); } + $ext = File::guessMimeExtension($info['mime']); + // We'll trust sha256 (File::FILEHASH_ALG) not to have collision issues any time soon :) - $filename = hash(File::FILEHASH_ALG, $imgData) . '.' . common_supported_mime_to_ext($info['mime']); + $filename = hash(File::FILEHASH_ALG, $imgData) . ".{$ext}"; $fullpath = File_thumbnail::path($filename); // Write the file to disk. Throw Exception on failure if (!file_exists($fullpath) && file_put_contents($fullpath, $imgData) === false) { From aeb2e282db49831510b1894204718a2a7d2409b7 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 25 Feb 2016 22:32:07 +0100 Subject: [PATCH 022/415] Commented on the mime extension matching regexp --- classes/File.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/classes/File.php b/classes/File.php index 171ba9942b..5294d82c24 100644 --- a/classes/File.php +++ b/classes/File.php @@ -264,7 +264,6 @@ class File extends Managed_DataObject */ static function guessMimeExtension($mimetype, $filename=null) { - $ext = null; try { // first see if we know the extension for our mimetype $ext = common_supported_mime_to_ext($mimetype); @@ -301,11 +300,11 @@ class File extends Managed_DataObject // If nothing else has given us a result, try to extract it from // the mimetype value (this turns .jpg to .jpeg for example...) $matches = array(); + // FIXME: try to build a regexp that will get jpeg from image/jpeg as well as json from application/jrd+json if (!preg_match('/\/([a-z0-9]+)/', mb_strtolower($mimetype), $matches)) { throw new Exception('Malformed mimetype: '.$mimetype); } - $ext = mb_strtolower($matches[1]); - return $ext; + return mb_strtolower($matches[1]); } /** From 2669c5126512ac8721b886ea52144f39f1a52edf Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 26 Feb 2016 00:05:07 +0100 Subject: [PATCH 023/415] Allow sgf files if they're recognized in mime search They are Go game files used on lamatriz.org. Note that my server doesn't actually recognize these files and can identify the mime type, but my browser did for some reason. --- lib/default.php | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/default.php b/lib/default.php index b945c24e20..c78803da97 100644 --- a/lib/default.php +++ b/lib/default.php @@ -241,6 +241,7 @@ $default = 'application/vnd.oasis.opendocument.text-web' => 'oth', 'application/pdf' => 'pdf', 'application/zip' => 'zip', + 'application/x-go-sgf' => 'sgf', 'application/xml' => 'xml', 'image/png' => 'png', 'image/jpeg' => 'jpg', From 273051039385719448bc37e75aca09e7019502ac Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 26 Feb 2016 00:06:04 +0100 Subject: [PATCH 024/415] User friendlieness in scripts/delete_notice.php --- scripts/delete_notice.php | 31 ++++++++++++++----------------- 1 file changed, 14 insertions(+), 17 deletions(-) diff --git a/scripts/delete_notice.php b/scripts/delete_notice.php index bf10cbb2b2..cd29cffc15 100755 --- a/scripts/delete_notice.php +++ b/scripts/delete_notice.php @@ -20,8 +20,8 @@ define('INSTALLDIR', realpath(dirname(__FILE__) . '/..')); -$shortoptions = 'i::n::u::y'; -$longoptions = array('id=', 'nickname=', 'uri=', 'yes'); +$shortoptions = 'i::u::y'; +$longoptions = array('id=', 'uri=', 'yes'); $helptext = <<getMessage()}\n"; exit(1); } From 29662eef5e479f8ebcbff1ce3c89e15beb43f7c6 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 26 Feb 2016 00:08:51 +0100 Subject: [PATCH 025/415] Mentioning matches (@this too) now. --- lib/nickname.php | 10 ++++++++++ lib/util.php | 6 +++--- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/lib/nickname.php b/lib/nickname.php index 2dd08efc3f..5a5b515b4d 100644 --- a/lib/nickname.php +++ b/lib/nickname.php @@ -76,6 +76,16 @@ class Nickname */ const MAX_LEN = 64; + /** + * Regex with non-capturing group that matches whitespace and some + * characters which are allowed right before an @ or ! when mentioning + * other users. Like: 'This goes out to:@mmn (@chimo too) (!awwyiss).' + * + * FIXME: Make this so you can have multiple whitespace but not multiple + * parenthesis or something. '(((@n_n@)))' might as well be a smiley. + */ + const BEFORE_MENTIONS = '(?:^|[\s\.\,\:\;\[\(]+)'; + /** * Nice simple check of whether the given string is a valid input nickname, * which can be normalized into an internally canonical form. diff --git a/lib/util.php b/lib/util.php index c87b0f1bf6..f029eb429d 100644 --- a/lib/util.php +++ b/lib/util.php @@ -800,7 +800,7 @@ function common_find_mentions($text, Profile $sender, Notice $parent=null) // @#tag => mention of all subscriptions tagged 'tag' - preg_match_all('/(?:^|[\s\.\,\:\;]+)@#([\pL\pN_\-\.]{1,64})/', + preg_match_all('/'.Nickname::BEFORE_MENTIONS.'@#([\pL\pN_\-\.]{1,64})/', $text, $hmatches, PREG_OFFSET_CAPTURE); foreach ($hmatches[1] as $hmatch) { $tag = common_canonical_tag($hmatch[0]); @@ -822,7 +822,7 @@ function common_find_mentions($text, Profile $sender, Notice $parent=null) 'url' => $url); } - preg_match_all('/(?:^|[\s\.\,\:\;]+)!(' . Nickname::DISPLAY_FMT . ')/', + preg_match_all('/'.Nickname::BEFORE_MENTIONS.'!(' . Nickname::DISPLAY_FMT . ')/', $text, $hmatches, PREG_OFFSET_CAPTURE); foreach ($hmatches[1] as $hmatch) { $nickname = Nickname::normalize($hmatch[0]); @@ -866,7 +866,7 @@ function common_find_mentions_raw($text) $atmatches = array(); // the regexp's "(?!\@)" makes sure it doesn't matches the single "@remote" in "@remote@server.com" - preg_match_all('/(?:^|\s+)@(' . Nickname::DISPLAY_FMT . ')\b(?!\@)/', + preg_match_all('/'.Nickname::BEFORE_MENTIONS.'@(' . Nickname::DISPLAY_FMT . ')\b(?!\@)/', $text, $atmatches, PREG_OFFSET_CAPTURE); From 519e3308ab33048fdf51127560c67e7572e48d49 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 26 Feb 2016 01:04:59 +0100 Subject: [PATCH 026/415] Use mb_strlen to see if something is an empty string --- classes/Notice.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index c56d68578d..86eec8e3ad 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -849,11 +849,12 @@ class Notice extends Managed_DataObject $stored->url = $url; $stored->verb = $act->verb; - $content = $act->content ?: $act->summary; - if (is_null($content) && !is_null($actobj)) { - $content = $actobj->content ?: $actobj->summary; + // we use mb_strlen because it _might_ be that the content is just the string "0"... + $content = mb_strlen($act->content) ? $act->content : $act->summary; + if (mb_strlen($content)===0 && !is_null($actobj)) { + $content = mb_strlen($actobj->content) ? $actobj->content : $actobj->summary; } - // Strip out any bad HTML + // Strip out any bad HTML from $content $stored->rendered = common_purify($content); $stored->content = common_strip_html($stored->getRendered(), true, true); if (trim($stored->content) === '') { From c58228195b6e187c5370d3929c623db89ac9ee23 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 26 Feb 2016 01:11:20 +0100 Subject: [PATCH 027/415] Make sure the saved Notice has an ID --- classes/Notice.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/classes/Notice.php b/classes/Notice.php index 86eec8e3ad..892f2be30e 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -997,7 +997,9 @@ class Notice extends Managed_DataObject } } if (!$stored instanceof Notice) { - throw new ServerException('StartNoticeSave did not give back a Notice'); + throw new ServerException('StartNoticeSave did not give back a Notice.'); + } elseif (empty($stored->id)) { + throw new ServerException('Supposedly saved Notice has no ID.'); } // Only save 'attention' and metadata stuff (URLs, tags...) stuff if From 1414abfe950adaa324caf68e6f4822657e7df5e8 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 26 Feb 2016 13:34:07 +0100 Subject: [PATCH 028/415] Jean Lucas mentioned PEAR::Net_SMTP was outdated Net_SMTP updated to 1.7.1 (stable) was released on 2015-09-07 https://pear.php.net/package/Net_SMTP --- extlib/Net/SMTP.php | 945 +++++++++++++++++++++++--------------------- 1 file changed, 504 insertions(+), 441 deletions(-) diff --git a/extlib/Net/SMTP.php b/extlib/Net/SMTP.php index ea4b55e8d2..8f4e92b753 100644 --- a/extlib/Net/SMTP.php +++ b/extlib/Net/SMTP.php @@ -1,14 +1,14 @@ | // | Damian Alejandro Fernandez Sosa | // +----------------------------------------------------------------------+ -// -// $Id: SMTP.php 293948 2010-01-24 21:46:00Z jon $ require_once 'PEAR.php'; require_once 'Net/Socket.php'; /** * Provides an implementation of the SMTP protocol using PEAR's - * Net_Socket:: class. + * Net_Socket class. * * @package Net_SMTP * @author Chuck Hagenbuch * @author Jon Parise * @author Damian Alejandro Fernandez Sosa * - * @example basic.php A basic implementation of the Net_SMTP package. + * @example basic.php A basic implementation of the Net_SMTP package. */ class Net_SMTP { /** * The server to connect to. * @var string - * @access public */ - var $host = 'localhost'; + public $host = 'localhost'; /** * The port to connect to. * @var int - * @access public */ - var $port = 25; + public $port = 25; /** * The value to give when sending EHLO or HELO. * @var string - * @access public */ - var $localhost = 'localhost'; + public $localhost = 'localhost'; /** * List of supported authentication methods, in preferential order. * @var array - * @access public */ - var $auth_methods = array('DIGEST-MD5', 'CRAM-MD5', 'LOGIN', 'PLAIN'); + public $auth_methods = array(); /** * Use SMTP command pipelining (specified in RFC 2920) if the SMTP @@ -73,65 +67,69 @@ class Net_SMTP * SMTP server but return immediately. * * @var bool - * @access public */ - var $pipelining = false; + public $pipelining = false; /** * Number of pipelined commands. * @var int - * @access private */ - var $_pipelined_commands = 0; + protected $pipelined_commands = 0; /** * Should debugging output be enabled? * @var boolean - * @access private */ - var $_debug = false; + protected $debug = false; /** * Debug output handler. * @var callback - * @access private */ - var $_debug_handler = null; + protected $debug_handler = null; /** * The socket resource being used to connect to the SMTP server. * @var resource - * @access private */ - var $_socket = null; + protected $socket = null; + + /** + * Array of socket options that will be passed to Net_Socket::connect(). + * @see stream_context_create() + * @var array + */ + protected $socket_options = null; + + /** + * The socket I/O timeout value in seconds. + * @var int + */ + protected $timeout = 0; /** * The most recent server response code. * @var int - * @access private */ - var $_code = -1; + protected $code = -1; /** * The most recent server response arguments. * @var array - * @access private */ - var $_arguments = array(); + protected $arguments = array(); /** * Stores the SMTP server's greeting string. * @var string - * @access private */ - var $_greeting = null; + protected $greeting = null; /** * Stores detected features of the SMTP server. * @var array - * @access private */ - var $_esmtp = array(); + protected $esmtp = array(); /** * Instantiates a new Net_SMTP object, overriding any defaults @@ -144,16 +142,18 @@ class Net_SMTP * $smtp = new Net_SMTP('ssl://mail.host.com', 465); * $smtp->connect(); * - * @param string $host The server to connect to. - * @param integer $port The port to connect to. - * @param string $localhost The value to give when sending EHLO or HELO. - * @param boolean $pipeling Use SMTP command pipelining + * @param string $host The server to connect to. + * @param integer $port The port to connect to. + * @param string $localhost The value to give when sending EHLO or HELO. + * @param boolean $pipelining Use SMTP command pipelining + * @param integer $timeout Socket I/O timeout in seconds. + * @param array $socket_options Socket stream_context_create() options. * - * @access public - * @since 1.0 + * @since 1.0 */ - function Net_SMTP($host = null, $port = null, $localhost = null, $pipelining = false) - { + public function __construct($host = null, $port = null, $localhost = null, + $pipelining = false, $timeout = 0, $socket_options = null + ) { if (isset($host)) { $this->host = $host; } @@ -163,49 +163,65 @@ class Net_SMTP if (isset($localhost)) { $this->localhost = $localhost; } - $this->pipelining = $pipelining; - $this->_socket = new Net_Socket(); + $this->pipelining = $pipelining; + $this->socket = new Net_Socket(); + $this->socket_options = $socket_options; + $this->timeout = $timeout; - /* Include the Auth_SASL package. If the package is not - * available, we disable the authentication methods that - * depend upon it. */ - if ((@include_once 'Auth/SASL.php') === false) { - $pos = array_search('DIGEST-MD5', $this->auth_methods); - unset($this->auth_methods[$pos]); - $pos = array_search('CRAM-MD5', $this->auth_methods); - unset($this->auth_methods[$pos]); + /* Include the Auth_SASL package. If the package is available, we + * enable the authentication methods that depend upon it. */ + if (@include_once 'Auth/SASL.php') { + $this->setAuthMethod('CRAM-MD5', array($this, 'authCramMD5')); + $this->setAuthMethod('DIGEST-MD5', array($this, 'authDigestMD5')); } + + /* These standard authentication methods are always available. */ + $this->setAuthMethod('LOGIN', array($this, 'authLogin'), false); + $this->setAuthMethod('PLAIN', array($this, 'authPlain'), false); + } + + /** + * Set the socket I/O timeout value in seconds plus microseconds. + * + * @param integer $seconds Timeout value in seconds. + * @param integer $microseconds Additional value in microseconds. + * + * @since 1.5.0 + */ + public function setTimeout($seconds, $microseconds = 0) + { + return $this->socket->setTimeout($seconds, $microseconds); } /** * Set the value of the debugging flag. * - * @param boolean $debug New value for the debugging flag. + * @param boolean $debug New value for the debugging flag. + * @param callback $handler Debug handler callback * - * @access public - * @since 1.1.0 + * @since 1.1.0 */ - function setDebug($debug, $handler = null) + public function setDebug($debug, $handler = null) { - $this->_debug = $debug; - $this->_debug_handler = $handler; + $this->debug = $debug; + $this->debug_handler = $handler; } /** * Write the given debug text to the current debug output handler. * - * @param string $message Debug mesage text. + * @param string $message Debug mesage text. * - * @access private - * @since 1.3.3 + * @since 1.3.3 */ - function _debug($message) + protected function debug($message) { - if ($this->_debug) { - if ($this->_debug_handler) { - call_user_func_array($this->_debug_handler, - array(&$this, $message)); + if ($this->debug) { + if ($this->debug_handler) { + call_user_func_array( + $this->debug_handler, array(&$this, $message) + ); } else { echo "DEBUG: $message\n"; } @@ -215,24 +231,24 @@ class Net_SMTP /** * Send the given string of data to the server. * - * @param string $data The string of data to send. + * @param string $data The string of data to send. * - * @return mixed True on success or a PEAR_Error object on failure. + * @return mixed The number of bytes that were actually written, + * or a PEAR_Error object on failure. * - * @access private - * @since 1.1.0 + * @since 1.1.0 */ - function _send($data) + protected function send($data) { - $this->_debug("Send: $data"); + $this->debug("Send: $data"); - $error = $this->_socket->write($data); - if ($error === false || PEAR::isError($error)) { - $msg = ($error) ? $error->getMessage() : "unknown error"; + $result = $this->socket->write($data); + if (!$result || PEAR::isError($result)) { + $msg = $result ? $result->getMessage() : "unknown error"; return PEAR::raiseError("Failed to write to socket: $msg"); } - return true; + return $result; } /** @@ -240,19 +256,18 @@ class Net_SMTP * arguments. A carriage return / linefeed (CRLF) sequence will * be appended to each command string before it is sent to the * SMTP server - an error will be thrown if the command string - * already contains any newline characters. Use _send() for + * already contains any newline characters. Use send() for * commands that must contain newlines. * - * @param string $command The SMTP command to send to the server. - * @param string $args A string of optional arguments to append - * to the command. + * @param string $command The SMTP command to send to the server. + * @param string $args A string of optional arguments to append + * to the command. * - * @return mixed The result of the _send() call. + * @return mixed The result of the send() call. * - * @access private - * @since 1.1.0 + * @since 1.1.0 */ - function _put($command, $args = '') + protected function put($command, $args = '') { if (!empty($args)) { $command .= ' ' . $args; @@ -262,57 +277,56 @@ class Net_SMTP return PEAR::raiseError('Commands cannot contain newlines'); } - return $this->_send($command . "\r\n"); + return $this->send($command . "\r\n"); } /** * Read a reply from the SMTP server. The reply consists of a response * code and a response message. * - * @param mixed $valid The set of valid response codes. These - * may be specified as an array of integer - * values or as a single integer value. - * @param bool $later Do not parse the response now, but wait - * until the last command in the pipelined - * command group + * @param mixed $valid The set of valid response codes. These + * may be specified as an array of integer + * values or as a single integer value. + * @param bool $later Do not parse the response now, but wait + * until the last command in the pipelined + * command group * - * @return mixed True if the server returned a valid response code or - * a PEAR_Error object is an error condition is reached. + * @return mixed True if the server returned a valid response code or + * a PEAR_Error object is an error condition is reached. * - * @access private - * @since 1.1.0 + * @since 1.1.0 * - * @see getResponse + * @see getResponse */ - function _parseResponse($valid, $later = false) + protected function parseResponse($valid, $later = false) { - $this->_code = -1; - $this->_arguments = array(); + $this->code = -1; + $this->arguments = array(); if ($later) { - $this->_pipelined_commands++; + $this->pipelined_commands++; return true; } - for ($i = 0; $i <= $this->_pipelined_commands; $i++) { - while ($line = $this->_socket->readLine()) { - $this->_debug("Recv: $line"); + for ($i = 0; $i <= $this->pipelined_commands; $i++) { + while ($line = $this->socket->readLine()) { + $this->debug("Recv: $line"); - /* If we receive an empty line, the connection has been closed. */ + /* If we receive an empty line, the connection was closed. */ if (empty($line)) { $this->disconnect(); - return PEAR::raiseError('Connection was unexpectedly closed'); + return PEAR::raiseError('Connection was closed'); } /* Read the code and store the rest in the arguments array. */ $code = substr($line, 0, 3); - $this->_arguments[] = trim(substr($line, 4)); + $this->arguments[] = trim(substr($line, 4)); /* Check the syntax of the response code. */ if (is_numeric($code)) { - $this->_code = (int)$code; + $this->code = (int)$code; } else { - $this->_code = -1; + $this->code = -1; break; } @@ -323,79 +337,115 @@ class Net_SMTP } } - $this->_pipelined_commands = 0; + $this->pipelined_commands = 0; /* Compare the server's response code with the valid code/codes. */ - if (is_int($valid) && ($this->_code === $valid)) { + if (is_int($valid) && ($this->code === $valid)) { return true; - } elseif (is_array($valid) && in_array($this->_code, $valid, true)) { + } elseif (is_array($valid) && in_array($this->code, $valid, true)) { return true; } - return PEAR::raiseError('Invalid response code received from server', - $this->_code); + return PEAR::raiseError('Invalid response code received from server', $this->code); + } + + /** + * Issue an SMTP command and verify its response. + * + * @param string $command The SMTP command string or data. + * @param mixed $valid The set of valid response codes. These + * may be specified as an array of integer + * values or as a single integer value. + * + * @return mixed True on success or a PEAR_Error object on failure. + * + * @since 1.6.0 + */ + public function command($command, $valid) + { + if (PEAR::isError($error = $this->put($command))) { + return $error; + } + if (PEAR::isError($error = $this->parseResponse($valid))) { + return $error; + } + + return true; } /** * Return a 2-tuple containing the last response from the SMTP server. * - * @return array A two-element array: the first element contains the - * response code as an integer and the second element - * contains the response's arguments as a string. + * @return array A two-element array: the first element contains the + * response code as an integer and the second element + * contains the response's arguments as a string. * - * @access public - * @since 1.1.0 + * @since 1.1.0 */ - function getResponse() + public function getResponse() { - return array($this->_code, join("\n", $this->_arguments)); + return array($this->code, join("\n", $this->arguments)); } /** * Return the SMTP server's greeting string. * - * @return string A string containing the greeting string, or null if a - * greeting has not been received. + * @return string A string containing the greeting string, or null if + * a greeting has not been received. * - * @access public - * @since 1.3.3 + * @since 1.3.3 */ - function getGreeting() + public function getGreeting() { - return $this->_greeting; + return $this->greeting; } /** * Attempt to connect to the SMTP server. * - * @param int $timeout The timeout value (in seconds) for the - * socket connection. - * @param bool $persistent Should a persistent socket connection - * be used? + * @param int $timeout The timeout value (in seconds) for the + * socket connection attempt. + * @param bool $persistent Should a persistent socket connection + * be used? * * @return mixed Returns a PEAR_Error with an error message on any * kind of failure, or true on success. - * @access public - * @since 1.0 + * @since 1.0 */ - function connect($timeout = null, $persistent = false) + public function connect($timeout = null, $persistent = false) { - $this->_greeting = null; - $result = $this->_socket->connect($this->host, $this->port, - $persistent, $timeout); + $this->greeting = null; + + $result = $this->socket->connect( + $this->host, $this->port, $persistent, $timeout, $this->socket_options + ); + if (PEAR::isError($result)) { - return PEAR::raiseError('Failed to connect socket: ' . - $result->getMessage()); + return PEAR::raiseError( + 'Failed to connect socket: ' . $result->getMessage() + ); } - if (PEAR::isError($error = $this->_parseResponse(220))) { + /* + * Now that we're connected, reset the socket's timeout value for + * future I/O operations. This allows us to have different socket + * timeout values for the initial connection (our $timeout parameter) + * and all other socket operations. + */ + if ($this->timeout > 0) { + if (PEAR::isError($error = $this->setTimeout($this->timeout))) { + return $error; + } + } + + if (PEAR::isError($error = $this->parseResponse(220))) { return $error; } /* Extract and store a copy of the server's greeting string. */ - list(, $this->_greeting) = $this->getResponse(); + list(, $this->greeting) = $this->getResponse(); - if (PEAR::isError($error = $this->_negotiate())) { + if (PEAR::isError($error = $this->negotiate())) { return $error; } @@ -407,20 +457,20 @@ class Net_SMTP * * @return mixed Returns a PEAR_Error with an error message on any * kind of failure, or true on success. - * @access public - * @since 1.0 + * @since 1.0 */ - function disconnect() + public function disconnect() { - if (PEAR::isError($error = $this->_put('QUIT'))) { + if (PEAR::isError($error = $this->put('QUIT'))) { return $error; } - if (PEAR::isError($error = $this->_parseResponse(221))) { + if (PEAR::isError($error = $this->parseResponse(221))) { return $error; } - if (PEAR::isError($error = $this->_socket->disconnect())) { - return PEAR::raiseError('Failed to disconnect socket: ' . - $error->getMessage()); + if (PEAR::isError($error = $this->socket->disconnect())) { + return PEAR::raiseError( + 'Failed to disconnect socket: ' . $error->getMessage() + ); } return true; @@ -433,40 +483,34 @@ class Net_SMTP * @return mixed Returns a PEAR_Error with an error message on any * kind of failure, or true on success. * - * @access private - * @since 1.1.0 + * @since 1.1.0 */ - function _negotiate() + protected function negotiate() { - if (PEAR::isError($error = $this->_put('EHLO', $this->localhost))) { + if (PEAR::isError($error = $this->put('EHLO', $this->localhost))) { return $error; } - if (PEAR::isError($this->_parseResponse(250))) { - /* If we receive a 503 response, we're already authenticated. */ - if ($this->_code === 503) { - return true; - } - + if (PEAR::isError($this->parseResponse(250))) { /* If the EHLO failed, try the simpler HELO command. */ - if (PEAR::isError($error = $this->_put('HELO', $this->localhost))) { + if (PEAR::isError($error = $this->put('HELO', $this->localhost))) { return $error; } - if (PEAR::isError($this->_parseResponse(250))) { - return PEAR::raiseError('HELO was not accepted: ', $this->_code); + if (PEAR::isError($this->parseResponse(250))) { + return PEAR::raiseError('HELO was not accepted', $this->code); } return true; } - foreach ($this->_arguments as $argument) { - $verb = strtok($argument, ' '); - $arguments = substr($argument, strlen($verb) + 1, - strlen($argument) - strlen($verb) - 1); - $this->_esmtp[$verb] = $arguments; + foreach ($this->arguments as $argument) { + $verb = strtok($argument, ' '); + $len = strlen($verb); + $arguments = substr($argument, $len + 1, strlen($argument) - $len - 1); + $this->esmtp[$verb] = $arguments; } - if (!isset($this->_esmtp['PIPELINING'])) { + if (!isset($this->esmtp['PIPELINING'])) { $this->pipelining = false; } @@ -477,17 +521,16 @@ class Net_SMTP * Returns the name of the best authentication method that the server * has advertised. * - * @return mixed Returns a string containing the name of the best - * supported authentication method or a PEAR_Error object - * if a failure condition is encountered. - * @access private - * @since 1.1.0 + * @return mixed Returns a string containing the name of the best + * supported authentication method or a PEAR_Error object + * if a failure condition is encountered. + * @since 1.1.0 */ - function _getBestAuthMethod() + protected function getBestAuthMethod() { - $available_methods = explode(' ', $this->_esmtp['AUTH']); + $available_methods = explode(' ', $this->esmtp['AUTH']); - foreach ($this->auth_methods as $method) { + foreach ($this->auth_methods as $method => $callback) { if (in_array($method, $available_methods)) { return $method; } @@ -499,35 +542,47 @@ class Net_SMTP /** * Attempt to do SMTP authentication. * - * @param string The userid to authenticate as. - * @param string The password to authenticate with. - * @param string The requested authentication method. If none is - * specified, the best supported method will be used. - * @param bool Flag indicating whether or not TLS should be attempted. + * @param string $uid The userid to authenticate as. + * @param string $pwd The password to authenticate with. + * @param string $method The requested authentication method. If none is + * specified, the best supported method will be used. + * @param bool $tls Flag indicating whether or not TLS should be attempted. + * @param string $authz An optional authorization identifier. If specified, this + * identifier will be used as the authorization proxy. * * @return mixed Returns a PEAR_Error with an error message on any * kind of failure, or true on success. - * @access public - * @since 1.0 + * @since 1.0 */ - function auth($uid, $pwd , $method = '', $tls = true) + public function auth($uid, $pwd , $method = '', $tls = true, $authz = '') { /* We can only attempt a TLS connection if one has been requested, - * we're running PHP 5.1.0 or later, have access to the OpenSSL - * extension, are connected to an SMTP server which supports the - * STARTTLS extension, and aren't already connected over a secure + * we're running PHP 5.1.0 or later, have access to the OpenSSL + * extension, are connected to an SMTP server which supports the + * STARTTLS extension, and aren't already connected over a secure * (SSL) socket connection. */ - if ($tls && version_compare(PHP_VERSION, '5.1.0', '>=') && - extension_loaded('openssl') && isset($this->_esmtp['STARTTLS']) && - strncasecmp($this->host, 'ssl://', 6) !== 0) { + if ($tls && version_compare(PHP_VERSION, '5.1.0', '>=') + && extension_loaded('openssl') && isset($this->esmtp['STARTTLS']) + && strncasecmp($this->host, 'ssl://', 6) !== 0 + ) { /* Start the TLS connection attempt. */ - if (PEAR::isError($result = $this->_put('STARTTLS'))) { + if (PEAR::isError($result = $this->put('STARTTLS'))) { return $result; } - if (PEAR::isError($result = $this->_parseResponse(220))) { + if (PEAR::isError($result = $this->parseResponse(220))) { return $result; } - if (PEAR::isError($result = $this->_socket->enableCrypto(true, STREAM_CRYPTO_METHOD_TLS_CLIENT))) { + if (isset($this->socket_options['ssl']['crypto_method'])) { + $crypto_method = $this->socket_options['ssl']['crypto_method']; + } else { + /* STREAM_CRYPTO_METHOD_TLS_ANY_CLIENT constant does not exist + * and STREAM_CRYPTO_METHOD_SSLv23_CLIENT constant is + * inconsistent across PHP versions. */ + $crypto_method = STREAM_CRYPTO_METHOD_TLS_CLIENT + | @STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT + | @STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT; + } + if (PEAR::isError($result = $this->socket->enableCrypto(true, $crypto_method))) { return $result; } elseif ($result !== true) { return PEAR::raiseError('STARTTLS failed'); @@ -535,47 +590,41 @@ class Net_SMTP /* Send EHLO again to recieve the AUTH string from the * SMTP server. */ - $this->_negotiate(); + $this->negotiate(); } - if (empty($this->_esmtp['AUTH'])) { + if (empty($this->esmtp['AUTH'])) { return PEAR::raiseError('SMTP server does not support authentication'); } /* If no method has been specified, get the name of the best * supported method advertised by the SMTP server. */ if (empty($method)) { - if (PEAR::isError($method = $this->_getBestAuthMethod())) { + if (PEAR::isError($method = $this->getBestAuthMethod())) { /* Return the PEAR_Error object from _getBestAuthMethod(). */ return $method; } } else { $method = strtoupper($method); - if (!in_array($method, $this->auth_methods)) { + if (!array_key_exists($method, $this->auth_methods)) { return PEAR::raiseError("$method is not a supported authentication method"); } } - switch ($method) { - case 'DIGEST-MD5': - $result = $this->_authDigest_MD5($uid, $pwd); - break; + if (!isset($this->auth_methods[$method])) { + return PEAR::raiseError("$method is not a supported authentication method"); + } - case 'CRAM-MD5': - $result = $this->_authCRAM_MD5($uid, $pwd); - break; + if (!is_callable($this->auth_methods[$method], false)) { + return PEAR::raiseError("$method authentication method cannot be called"); + } - case 'LOGIN': - $result = $this->_authLogin($uid, $pwd); - break; - - case 'PLAIN': - $result = $this->_authPlain($uid, $pwd); - break; - - default: - $result = PEAR::raiseError("$method is not a supported authentication method"); - break; + if (is_array($this->auth_methods[$method])) { + list($object, $method) = $this->auth_methods[$method]; + $result = $object->{$method}($uid, $pwd, $authz, $this); + } else { + $func = $this->auth_methods[$method]; + $result = $func($uid, $pwd, $authz, $this); } /* If an error was encountered, return the PEAR_Error object. */ @@ -586,52 +635,94 @@ class Net_SMTP return true; } + /** + * Add a new authentication method. + * + * @param string $name The authentication method name (e.g. 'PLAIN') + * @param mixed $callback The authentication callback (given as the name of a + * function or as an (object, method name) array). + * @param bool $prepend Should the new method be prepended to the list of + * available methods? This is the default behavior, + * giving the new method the highest priority. + * + * @return mixed True on success or a PEAR_Error object on failure. + * + * @since 1.6.0 + */ + public function setAuthMethod($name, $callback, $prepend = true) + { + if (!is_string($name)) { + return PEAR::raiseError('Method name is not a string'); + } + + if (!is_string($callback) && !is_array($callback)) { + return PEAR::raiseError('Method callback must be string or array'); + } + + if (is_array($callback)) { + if (!is_object($callback[0]) || !is_string($callback[1])) { + return PEAR::raiseError('Bad mMethod callback array'); + } + } + + if ($prepend) { + $this->auth_methods = array_merge( + array($name => $callback), $this->auth_methods + ); + } else { + $this->auth_methods[$name] = $callback; + } + + return true; + } + /** * Authenticates the user using the DIGEST-MD5 method. * - * @param string The userid to authenticate as. - * @param string The password to authenticate with. + * @param string $uid The userid to authenticate as. + * @param string $pwd The password to authenticate with. + * @param string $authz The optional authorization proxy identifier. * * @return mixed Returns a PEAR_Error with an error message on any * kind of failure, or true on success. - * @access private - * @since 1.1.0 + * @since 1.1.0 */ - function _authDigest_MD5($uid, $pwd) + protected function authDigestMD5($uid, $pwd, $authz = '') { - if (PEAR::isError($error = $this->_put('AUTH', 'DIGEST-MD5'))) { + if (PEAR::isError($error = $this->put('AUTH', 'DIGEST-MD5'))) { return $error; } /* 334: Continue authentication request */ - if (PEAR::isError($error = $this->_parseResponse(334))) { + if (PEAR::isError($error = $this->parseResponse(334))) { /* 503: Error: already authenticated */ - if ($this->_code === 503) { + if ($this->code === 503) { return true; } return $error; } - $challenge = base64_decode($this->_arguments[0]); - $digest = &Auth_SASL::factory('digestmd5'); - $auth_str = base64_encode($digest->getResponse($uid, $pwd, $challenge, - $this->host, "smtp")); + $digest = Auth_SASL::factory('digest-md5'); + $challenge = base64_decode($this->arguments[0]); + $auth_str = base64_encode( + $digest->getResponse($uid, $pwd, $challenge, $this->host, "smtp", $authz) + ); - if (PEAR::isError($error = $this->_put($auth_str))) { + if (PEAR::isError($error = $this->put($auth_str))) { return $error; } /* 334: Continue authentication request */ - if (PEAR::isError($error = $this->_parseResponse(334))) { + if (PEAR::isError($error = $this->parseResponse(334))) { return $error; } /* We don't use the protocol's third step because SMTP doesn't * allow subsequent authentication, so we just silently ignore * it. */ - if (PEAR::isError($error = $this->_put(''))) { + if (PEAR::isError($error = $this->put(''))) { return $error; } /* 235: Authentication successful */ - if (PEAR::isError($error = $this->_parseResponse(235))) { + if (PEAR::isError($error = $this->parseResponse(235))) { return $error; } } @@ -639,38 +730,38 @@ class Net_SMTP /** * Authenticates the user using the CRAM-MD5 method. * - * @param string The userid to authenticate as. - * @param string The password to authenticate with. + * @param string $uid The userid to authenticate as. + * @param string $pwd The password to authenticate with. + * @param string $authz The optional authorization proxy identifier. * * @return mixed Returns a PEAR_Error with an error message on any * kind of failure, or true on success. - * @access private - * @since 1.1.0 + * @since 1.1.0 */ - function _authCRAM_MD5($uid, $pwd) + protected function authCRAMMD5($uid, $pwd, $authz = '') { - if (PEAR::isError($error = $this->_put('AUTH', 'CRAM-MD5'))) { + if (PEAR::isError($error = $this->put('AUTH', 'CRAM-MD5'))) { return $error; } /* 334: Continue authentication request */ - if (PEAR::isError($error = $this->_parseResponse(334))) { + if (PEAR::isError($error = $this->parseResponse(334))) { /* 503: Error: already authenticated */ - if ($this->_code === 503) { + if ($this->code === 503) { return true; } return $error; } - $challenge = base64_decode($this->_arguments[0]); - $cram = &Auth_SASL::factory('crammd5'); - $auth_str = base64_encode($cram->getResponse($uid, $pwd, $challenge)); + $challenge = base64_decode($this->arguments[0]); + $cram = Auth_SASL::factory('cram-md5'); + $auth_str = base64_encode($cram->getResponse($uid, $pwd, $challenge)); - if (PEAR::isError($error = $this->_put($auth_str))) { + if (PEAR::isError($error = $this->put($auth_str))) { return $error; } /* 235: Authentication successful */ - if (PEAR::isError($error = $this->_parseResponse(235))) { + if (PEAR::isError($error = $this->parseResponse(235))) { return $error; } } @@ -678,42 +769,42 @@ class Net_SMTP /** * Authenticates the user using the LOGIN method. * - * @param string The userid to authenticate as. - * @param string The password to authenticate with. + * @param string $uid The userid to authenticate as. + * @param string $pwd The password to authenticate with. + * @param string $authz The optional authorization proxy identifier. * * @return mixed Returns a PEAR_Error with an error message on any * kind of failure, or true on success. - * @access private - * @since 1.1.0 + * @since 1.1.0 */ - function _authLogin($uid, $pwd) + protected function authLogin($uid, $pwd, $authz = '') { - if (PEAR::isError($error = $this->_put('AUTH', 'LOGIN'))) { + if (PEAR::isError($error = $this->put('AUTH', 'LOGIN'))) { return $error; } /* 334: Continue authentication request */ - if (PEAR::isError($error = $this->_parseResponse(334))) { + if (PEAR::isError($error = $this->parseResponse(334))) { /* 503: Error: already authenticated */ - if ($this->_code === 503) { + if ($this->code === 503) { return true; } return $error; } - if (PEAR::isError($error = $this->_put(base64_encode($uid)))) { + if (PEAR::isError($error = $this->put(base64_encode($uid)))) { return $error; } /* 334: Continue authentication request */ - if (PEAR::isError($error = $this->_parseResponse(334))) { + if (PEAR::isError($error = $this->parseResponse(334))) { return $error; } - if (PEAR::isError($error = $this->_put(base64_encode($pwd)))) { + if (PEAR::isError($error = $this->put(base64_encode($pwd)))) { return $error; } /* 235: Authentication successful */ - if (PEAR::isError($error = $this->_parseResponse(235))) { + if (PEAR::isError($error = $this->parseResponse(235))) { return $error; } @@ -723,36 +814,36 @@ class Net_SMTP /** * Authenticates the user using the PLAIN method. * - * @param string The userid to authenticate as. - * @param string The password to authenticate with. + * @param string $uid The userid to authenticate as. + * @param string $pwd The password to authenticate with. + * @param string $authz The optional authorization proxy identifier. * * @return mixed Returns a PEAR_Error with an error message on any * kind of failure, or true on success. - * @access private - * @since 1.1.0 + * @since 1.1.0 */ - function _authPlain($uid, $pwd) + protected function authPlain($uid, $pwd, $authz = '') { - if (PEAR::isError($error = $this->_put('AUTH', 'PLAIN'))) { + if (PEAR::isError($error = $this->put('AUTH', 'PLAIN'))) { return $error; } /* 334: Continue authentication request */ - if (PEAR::isError($error = $this->_parseResponse(334))) { + if (PEAR::isError($error = $this->parseResponse(334))) { /* 503: Error: already authenticated */ - if ($this->_code === 503) { + if ($this->code === 503) { return true; } return $error; } - $auth_str = base64_encode(chr(0) . $uid . chr(0) . $pwd); + $auth_str = base64_encode($authz . chr(0) . $uid . chr(0) . $pwd); - if (PEAR::isError($error = $this->_put($auth_str))) { + if (PEAR::isError($error = $this->put($auth_str))) { return $error; } /* 235: Authentication successful */ - if (PEAR::isError($error = $this->_parseResponse(235))) { + if (PEAR::isError($error = $this->parseResponse(235))) { return $error; } @@ -762,19 +853,18 @@ class Net_SMTP /** * Send the HELO command. * - * @param string The domain name to say we are. + * @param string $domain The domain name to say we are. * * @return mixed Returns a PEAR_Error with an error message on any * kind of failure, or true on success. - * @access public - * @since 1.0 + * @since 1.0 */ - function helo($domain) + public function helo($domain) { - if (PEAR::isError($error = $this->_put('HELO', $domain))) { + if (PEAR::isError($error = $this->put('HELO', $domain))) { return $error; } - if (PEAR::isError($error = $this->_parseResponse(250))) { + if (PEAR::isError($error = $this->parseResponse(250))) { return $error; } @@ -785,55 +875,50 @@ class Net_SMTP * Return the list of SMTP service extensions advertised by the server. * * @return array The list of SMTP service extensions. - * @access public * @since 1.3 */ - function getServiceExtensions() + public function getServiceExtensions() { - return $this->_esmtp; + return $this->esmtp; } /** * Send the MAIL FROM: command. * - * @param string $sender The sender (reverse path) to set. - * @param string $params String containing additional MAIL parameters, - * such as the NOTIFY flags defined by RFC 1891 - * or the VERP protocol. + * @param string $sender The sender (reverse path) to set. + * @param string $params String containing additional MAIL parameters, + * such as the NOTIFY flags defined by RFC 1891 + * or the VERP protocol. * - * If $params is an array, only the 'verp' option - * is supported. If 'verp' is true, the XVERP - * parameter is appended to the MAIL command. If - * the 'verp' value is a string, the full - * XVERP=value parameter is appended. + * If $params is an array, only the 'verp' option + * is supported. If 'verp' is true, the XVERP + * parameter is appended to the MAIL command. + * If the 'verp' value is a string, the full + * XVERP=value parameter is appended. * * @return mixed Returns a PEAR_Error with an error message on any * kind of failure, or true on success. - * @access public - * @since 1.0 + * @since 1.0 */ - function mailFrom($sender, $params = null) + public function mailFrom($sender, $params = null) { $args = "FROM:<$sender>"; /* Support the deprecated array form of $params. */ if (is_array($params) && isset($params['verp'])) { - /* XVERP */ if ($params['verp'] === true) { $args .= ' XVERP'; - - /* XVERP=something */ } elseif (trim($params['verp'])) { $args .= ' XVERP=' . $params['verp']; } - } elseif (is_string($params)) { + } elseif (is_string($params) && !empty($params)) { $args .= ' ' . $params; } - if (PEAR::isError($error = $this->_put('MAIL', $args))) { + if (PEAR::isError($error = $this->put('MAIL', $args))) { return $error; } - if (PEAR::isError($error = $this->_parseResponse(250, $this->pipelining))) { + if (PEAR::isError($error = $this->parseResponse(250, $this->pipelining))) { return $error; } @@ -850,20 +935,19 @@ class Net_SMTP * @return mixed Returns a PEAR_Error with an error message on any * kind of failure, or true on success. * - * @access public - * @since 1.0 + * @since 1.0 */ - function rcptTo($recipient, $params = null) + public function rcptTo($recipient, $params = null) { $args = "TO:<$recipient>"; if (is_string($params)) { $args .= ' ' . $params; } - if (PEAR::isError($error = $this->_put('RCPT', $args))) { + if (PEAR::isError($error = $this->put('RCPT', $args))) { return $error; } - if (PEAR::isError($error = $this->_parseResponse(array(250, 251), $this->pipelining))) { + if (PEAR::isError($error = $this->parseResponse(array(250, 251), $this->pipelining))) { return $error; } @@ -877,83 +961,77 @@ class Net_SMTP * easier overloading for the cases where it is desirable to * customize the quoting behavior. * - * @param string $data The message text to quote. The string must be passed + * @param string &$data The message text to quote. The string must be passed * by reference, and the text will be modified in place. * - * @access public - * @since 1.2 + * @since 1.2 */ - function quotedata(&$data) + public function quotedata(&$data) { - /* Change Unix (\n) and Mac (\r) linefeeds into - * Internet-standard CRLF (\r\n) linefeeds. */ - $data = preg_replace(array('/(?_esmtp['SIZE']) && ($this->_esmtp['SIZE'] > 0)) { - /* Start by considering the size of the optional headers string. - * We also account for the addition 4 character "\r\n\r\n" - * separator sequence. */ - $size = (is_null($headers)) ? 0 : strlen($headers) + 4; + /* Start by considering the size of the optional headers string. We + * also account for the addition 4 character "\r\n\r\n" separator + * sequence. */ + $size = (is_null($headers)) ? 0 : strlen($headers) + 4; - if (is_resource($data)) { - $stat = fstat($data); - if ($stat === false) { - return PEAR::raiseError('Failed to get file size'); - } - $size += $stat['size']; - } else { - $size += strlen($data); + if (is_resource($data)) { + $stat = fstat($data); + if ($stat === false) { + return PEAR::raiseError('Failed to get file size'); } + $size += $stat['size']; + } else { + $size += strlen($data); + } - if ($size >= $this->_esmtp['SIZE']) { - $this->disconnect(); - return PEAR::raiseError('Message size exceeds server limit'); - } + /* RFC 1870, section 3, subsection 3 states "a value of zero indicates + * that no fixed maximum message size is in force". Furthermore, it + * says that if "the parameter is omitted no information is conveyed + * about the server's fixed maximum message size". */ + $limit = (isset($this->esmtp['SIZE'])) ? $this->esmtp['SIZE'] : 0; + if ($limit > 0 && $size >= $limit) { + $this->disconnect(); + return PEAR::raiseError('Message size exceeds server limit'); } /* Initiate the DATA command. */ - if (PEAR::isError($error = $this->_put('DATA'))) { + if (PEAR::isError($error = $this->put('DATA'))) { return $error; } - if (PEAR::isError($error = $this->_parseResponse(354))) { + if (PEAR::isError($error = $this->parseResponse(354))) { return $error; } /* If we have a separate headers string, send it first. */ if (!is_null($headers)) { $this->quotedata($headers); - if (PEAR::isError($result = $this->_send($headers . "\r\n\r\n"))) { + if (PEAR::isError($result = $this->send($headers . "\r\n\r\n"))) { return $result; } } @@ -963,28 +1041,72 @@ class Net_SMTP /* Stream the contents of the file resource out over our socket * connection, line by line. Each line must be run through the * quoting routine. */ - while ($line = fgets($data, 1024)) { + while (strlen($line = fread($data, 8192)) > 0) { + /* If the last character is an newline, we need to grab the + * next character to check to see if it is a period. */ + while (!feof($data)) { + $char = fread($data, 1); + $line .= $char; + if ($char != "\n") { + break; + } + } $this->quotedata($line); - if (PEAR::isError($result = $this->_send($line))) { + if (PEAR::isError($result = $this->send($line))) { return $result; } } - /* Finally, send the DATA terminator sequence. */ - if (PEAR::isError($result = $this->_send("\r\n.\r\n"))) { - return $result; - } + $last = $line; } else { - /* Just send the entire quoted string followed by the DATA - * terminator. */ - $this->quotedata($data); - if (PEAR::isError($result = $this->_send($data . "\r\n.\r\n"))) { - return $result; + /* + * Break up the data by sending one chunk (up to 512k) at a time. + * This approach reduces our peak memory usage. + */ + for ($offset = 0; $offset < $size;) { + $end = $offset + 512000; + + /* + * Ensure we don't read beyond our data size or span multiple + * lines. quotedata() can't properly handle character data + * that's split across two line break boundaries. + */ + if ($end >= $size) { + $end = $size; + } else { + for (; $end < $size; $end++) { + if ($data[$end] != "\n") { + break; + } + } + } + + /* Extract our chunk and run it through the quoting routine. */ + $chunk = substr($data, $offset, $end - $offset); + $this->quotedata($chunk); + + /* If we run into a problem along the way, abort. */ + if (PEAR::isError($result = $this->send($chunk))) { + return $result; + } + + /* Advance the offset to the end of this chunk. */ + $offset = $end; } + + $last = $chunk; + } + + /* Don't add another CRLF sequence if it's already in the data */ + $terminator = (substr($last, -2) == "\r\n" ? '' : "\r\n") . ".\r\n"; + + /* Finally, send the DATA terminator sequence. */ + if (PEAR::isError($result = $this->send($terminator))) { + return $result; } /* Verify that the data was successfully received by the server. */ - if (PEAR::isError($error = $this->_parseResponse(250, $this->pipelining))) { + if (PEAR::isError($error = $this->parseResponse(250, $this->pipelining))) { return $error; } @@ -994,134 +1116,79 @@ class Net_SMTP /** * Send the SEND FROM: command. * - * @param string The reverse path to send. + * @param string $path The reverse path to send. * * @return mixed Returns a PEAR_Error with an error message on any * kind of failure, or true on success. - * @access public - * @since 1.2.6 + * @since 1.2.6 */ - function sendFrom($path) + public function sendFrom($path) { - if (PEAR::isError($error = $this->_put('SEND', "FROM:<$path>"))) { + if (PEAR::isError($error = $this->put('SEND', "FROM:<$path>"))) { return $error; } - if (PEAR::isError($error = $this->_parseResponse(250, $this->pipelining))) { + if (PEAR::isError($error = $this->parseResponse(250, $this->pipelining))) { return $error; } return true; } - /** - * Backwards-compatibility wrapper for sendFrom(). - * - * @param string The reverse path to send. - * - * @return mixed Returns a PEAR_Error with an error message on any - * kind of failure, or true on success. - * - * @access public - * @since 1.0 - * @deprecated 1.2.6 - */ - function send_from($path) - { - return sendFrom($path); - } - /** * Send the SOML FROM: command. * - * @param string The reverse path to send. + * @param string $path The reverse path to send. * * @return mixed Returns a PEAR_Error with an error message on any * kind of failure, or true on success. - * @access public - * @since 1.2.6 + * @since 1.2.6 */ - function somlFrom($path) + public function somlFrom($path) { - if (PEAR::isError($error = $this->_put('SOML', "FROM:<$path>"))) { + if (PEAR::isError($error = $this->put('SOML', "FROM:<$path>"))) { return $error; } - if (PEAR::isError($error = $this->_parseResponse(250, $this->pipelining))) { + if (PEAR::isError($error = $this->parseResponse(250, $this->pipelining))) { return $error; } return true; } - /** - * Backwards-compatibility wrapper for somlFrom(). - * - * @param string The reverse path to send. - * - * @return mixed Returns a PEAR_Error with an error message on any - * kind of failure, or true on success. - * - * @access public - * @since 1.0 - * @deprecated 1.2.6 - */ - function soml_from($path) - { - return somlFrom($path); - } - /** * Send the SAML FROM: command. * - * @param string The reverse path to send. + * @param string $path The reverse path to send. * * @return mixed Returns a PEAR_Error with an error message on any * kind of failure, or true on success. - * @access public - * @since 1.2.6 + * @since 1.2.6 */ - function samlFrom($path) + public function samlFrom($path) { - if (PEAR::isError($error = $this->_put('SAML', "FROM:<$path>"))) { + if (PEAR::isError($error = $this->put('SAML', "FROM:<$path>"))) { return $error; } - if (PEAR::isError($error = $this->_parseResponse(250, $this->pipelining))) { + if (PEAR::isError($error = $this->parseResponse(250, $this->pipelining))) { return $error; } return true; } - /** - * Backwards-compatibility wrapper for samlFrom(). - * - * @param string The reverse path to send. - * - * @return mixed Returns a PEAR_Error with an error message on any - * kind of failure, or true on success. - * - * @access public - * @since 1.0 - * @deprecated 1.2.6 - */ - function saml_from($path) - { - return samlFrom($path); - } - /** * Send the RSET command. * * @return mixed Returns a PEAR_Error with an error message on any * kind of failure, or true on success. - * @access public * @since 1.0 */ - function rset() + public function rset() { - if (PEAR::isError($error = $this->_put('RSET'))) { + if (PEAR::isError($error = $this->put('RSET'))) { return $error; } - if (PEAR::isError($error = $this->_parseResponse(250, $this->pipelining))) { + if (PEAR::isError($error = $this->parseResponse(250, $this->pipelining))) { return $error; } @@ -1131,20 +1198,19 @@ class Net_SMTP /** * Send the VRFY command. * - * @param string The string to verify + * @param string $string The string to verify * * @return mixed Returns a PEAR_Error with an error message on any * kind of failure, or true on success. - * @access public - * @since 1.0 + * @since 1.0 */ - function vrfy($string) + public function vrfy($string) { /* Note: 251 is also a valid response code */ - if (PEAR::isError($error = $this->_put('VRFY', $string))) { + if (PEAR::isError($error = $this->put('VRFY', $string))) { return $error; } - if (PEAR::isError($error = $this->_parseResponse(array(250, 252)))) { + if (PEAR::isError($error = $this->parseResponse(array(250, 252)))) { return $error; } @@ -1156,15 +1222,14 @@ class Net_SMTP * * @return mixed Returns a PEAR_Error with an error message on any * kind of failure, or true on success. - * @access public - * @since 1.0 + * @since 1.0 */ - function noop() + public function noop() { - if (PEAR::isError($error = $this->_put('NOOP'))) { + if (PEAR::isError($error = $this->put('NOOP'))) { return $error; } - if (PEAR::isError($error = $this->_parseResponse(250))) { + if (PEAR::isError($error = $this->parseResponse(250))) { return $error; } @@ -1175,14 +1240,12 @@ class Net_SMTP * Backwards-compatibility method. identifySender()'s functionality is * now handled internally. * - * @return boolean This method always return true. + * @return boolean This method always return true. * - * @access public - * @since 1.0 + * @since 1.0 */ - function identifySender() + public function identifySender() { return true; } - } From 826503766e7f41dc5bb74c3932f8bad84f4d0ce3 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 26 Feb 2016 13:35:53 +0100 Subject: [PATCH 029/415] Jean Lucas mentioned that PEAR::Net_Socket was outdated Updated Net_Socket to 1.0.14 (stable) was released on 2013-05-24 https://pear.php.net/package/Net_Socket --- extlib/Net/Socket.php | 304 +++++++++++++++++++++++++++--------------- 1 file changed, 199 insertions(+), 105 deletions(-) diff --git a/extlib/Net/Socket.php b/extlib/Net/Socket.php index 73bb4dd11f..bf1d1bbcd1 100644 --- a/extlib/Net/Socket.php +++ b/extlib/Net/Socket.php @@ -1,39 +1,50 @@ | -// | Chuck Hagenbuch | -// +----------------------------------------------------------------------+ -// -// $Id: Socket.php,v 1.38 2008/02/15 18:24:17 chagenbu Exp $ +/** + * Net_Socket + * + * PHP Version 4 + * + * Copyright (c) 1997-2013 The PHP Group + * + * This source file is subject to version 2.0 of the PHP license, + * that is bundled with this package in the file LICENSE, and is + * available at through the world-wide-web at + * http://www.php.net/license/2_02.txt. + * If you did not receive a copy of the PHP license and are unable to + * obtain it through the world-wide-web, please send a note to + * license@php.net so we can mail you a copy immediately. + * + * Authors: Stig Bakken + * Chuck Hagenbuch + * + * @category Net + * @package Net_Socket + * @author Stig Bakken + * @author Chuck Hagenbuch + * @copyright 1997-2003 The PHP Group + * @license http://www.php.net/license/2_02.txt PHP 2.02 + * @link http://pear.php.net/packages/Net_Socket + */ require_once 'PEAR.php'; -define('NET_SOCKET_READ', 1); +define('NET_SOCKET_READ', 1); define('NET_SOCKET_WRITE', 2); define('NET_SOCKET_ERROR', 4); /** * Generalized Socket class. * - * @version 1.1 - * @author Stig Bakken - * @author Chuck Hagenbuch + * @category Net + * @package Net_Socket + * @author Stig Bakken + * @author Chuck Hagenbuch + * @copyright 1997-2003 The PHP Group + * @license http://www.php.net/license/2_02.txt PHP 2.02 + * @link http://pear.php.net/packages/Net_Socket */ -class Net_Socket extends PEAR { - +class Net_Socket extends PEAR +{ /** * Socket file pointer. * @var resource $fp @@ -65,11 +76,11 @@ class Net_Socket extends PEAR { var $port = 0; /** - * Number of seconds to wait on socket connections before assuming + * Number of seconds to wait on socket operations before assuming * there's no more data. Defaults to no timeout. - * @var integer $timeout + * @var integer|float $timeout */ - var $timeout = false; + var $timeout = null; /** * Number of bytes to read at a time in readLine() and @@ -78,23 +89,30 @@ class Net_Socket extends PEAR { */ var $lineLength = 2048; + /** + * The string to use as a newline terminator. Usually "\r\n" or "\n". + * @var string $newline + */ + var $newline = "\r\n"; + /** * Connect to the specified port. If called when the socket is * already connected, it disconnects and connects again. * - * @param string $addr IP address or host name. - * @param integer $port TCP port number. - * @param boolean $persistent (optional) Whether the connection is - * persistent (kept open between requests - * by the web server). - * @param integer $timeout (optional) How long to wait for data. - * @param array $options See options for stream_context_create. + * @param string $addr IP address or host name (may be with protocol prefix). + * @param integer $port TCP port number. + * @param boolean $persistent (optional) Whether the connection is + * persistent (kept open between requests + * by the web server). + * @param integer $timeout (optional) Connection socket timeout. + * @param array $options See options for stream_context_create. * * @access public * - * @return boolean | PEAR_Error True on success or a PEAR_Error on failure. + * @return boolean|PEAR_Error True on success or a PEAR_Error on failure. */ - function connect($addr, $port = 0, $persistent = null, $timeout = null, $options = null) + function connect($addr, $port = 0, $persistent = null, + $timeout = null, $options = null) { if (is_resource($this->fp)) { @fclose($this->fp); @@ -103,11 +121,10 @@ class Net_Socket extends PEAR { if (!$addr) { return $this->raiseError('$addr cannot be empty'); - } elseif (strspn($addr, '.0123456789') == strlen($addr) || - strstr($addr, '/') !== false) { - $this->addr = $addr; + } else if (strspn($addr, ':.0123456789') == strlen($addr)) { + $this->addr = strpos($addr, ':') !== false ? '['.$addr.']' : $addr; } else { - $this->addr = @gethostbyname($addr); + $this->addr = $addr; } $this->port = $port % 65536; @@ -116,40 +133,40 @@ class Net_Socket extends PEAR { $this->persistent = $persistent; } - if ($timeout !== null) { - $this->timeout = $timeout; + $openfunc = $this->persistent ? 'pfsockopen' : 'fsockopen'; + $errno = 0; + $errstr = ''; + + $old_track_errors = @ini_set('track_errors', 1); + + if ($timeout <= 0) { + $timeout = @ini_get('default_socket_timeout'); } - $openfunc = $this->persistent ? 'pfsockopen' : 'fsockopen'; - $errno = 0; - $errstr = ''; - $old_track_errors = @ini_set('track_errors', 1); if ($options && function_exists('stream_context_create')) { - if ($this->timeout) { - $timeout = $this->timeout; - } else { - $timeout = 0; - } $context = stream_context_create($options); // Since PHP 5 fsockopen doesn't allow context specification if (function_exists('stream_socket_client')) { - $flags = $this->persistent ? STREAM_CLIENT_PERSISTENT : STREAM_CLIENT_CONNECT; + $flags = STREAM_CLIENT_CONNECT; + + if ($this->persistent) { + $flags = STREAM_CLIENT_PERSISTENT; + } + $addr = $this->addr . ':' . $this->port; - $fp = stream_socket_client($addr, $errno, $errstr, $timeout, $flags, $context); + $fp = stream_socket_client($addr, $errno, $errstr, + $timeout, $flags, $context); } else { - $fp = @$openfunc($this->addr, $this->port, $errno, $errstr, $timeout, $context); + $fp = @$openfunc($this->addr, $this->port, $errno, + $errstr, $timeout, $context); } } else { - if ($this->timeout) { - $fp = @$openfunc($this->addr, $this->port, $errno, $errstr, $this->timeout); - } else { - $fp = @$openfunc($this->addr, $this->port, $errno, $errstr); - } + $fp = @$openfunc($this->addr, $this->port, $errno, $errstr, $timeout); } if (!$fp) { - if ($errno == 0 && isset($php_errormsg)) { + if ($errno == 0 && !strlen($errstr) && isset($php_errormsg)) { $errstr = $php_errormsg; } @ini_set('track_errors', $old_track_errors); @@ -158,7 +175,7 @@ class Net_Socket extends PEAR { @ini_set('track_errors', $old_track_errors); $this->fp = $fp; - + $this->setTimeout(); return $this->setBlocking($this->blocking); } @@ -179,6 +196,18 @@ class Net_Socket extends PEAR { return true; } + /** + * Set the newline character/sequence to use. + * + * @param string $newline Newline character(s) + * @return boolean True + */ + function setNewline($newline) + { + $this->newline = $newline; + return true; + } + /** * Find out if the socket is in blocking mode. * @@ -196,7 +225,8 @@ class Net_Socket extends PEAR { * if there is no data available, whereas it will block until there * is data for blocking sockets. * - * @param boolean $mode True for blocking sockets, false for nonblocking. + * @param boolean $mode True for blocking sockets, false for nonblocking. + * * @access public * @return mixed true on success or a PEAR_Error instance otherwise */ @@ -207,7 +237,7 @@ class Net_Socket extends PEAR { } $this->blocking = $mode; - socket_set_blocking($this->fp, $this->blocking); + stream_set_blocking($this->fp, (int)$this->blocking); return true; } @@ -215,25 +245,40 @@ class Net_Socket extends PEAR { * Sets the timeout value on socket descriptor, * expressed in the sum of seconds and microseconds * - * @param integer $seconds Seconds. - * @param integer $microseconds Microseconds. + * @param integer $seconds Seconds. + * @param integer $microseconds Microseconds, optional. + * * @access public - * @return mixed true on success or a PEAR_Error instance otherwise + * @return mixed True on success or false on failure or + * a PEAR_Error instance when not connected */ - function setTimeout($seconds, $microseconds) + function setTimeout($seconds = null, $microseconds = null) { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); } - return socket_set_timeout($this->fp, $seconds, $microseconds); + if ($seconds === null && $microseconds === null) { + $seconds = (int) $this->timeout; + $microseconds = (int) (($this->timeout - $seconds) * 1000000); + } else { + $this->timeout = $seconds + $microseconds/1000000; + } + + if ($this->timeout > 0) { + return stream_set_timeout($this->fp, (int) $seconds, (int) $microseconds); + } + else { + return false; + } } /** * Sets the file buffering size on the stream. * See php's stream_set_write_buffer for more information. * - * @param integer $size Write buffer size. + * @param integer $size Write buffer size. + * * @access public * @return mixed on success or an PEAR_Error object otherwise */ @@ -262,7 +307,8 @@ class Net_Socket extends PEAR { *

* * @access public - * @return mixed Array containing information about existing socket resource or a PEAR_Error instance otherwise + * @return mixed Array containing information about existing socket + * resource or a PEAR_Error instance otherwise */ function getStatus() { @@ -270,23 +316,32 @@ class Net_Socket extends PEAR { return $this->raiseError('not connected'); } - return socket_get_status($this->fp); + return stream_get_meta_data($this->fp); } /** * Get a specified line of data * + * @param int $size Reading ends when size - 1 bytes have been read, + * or a newline or an EOF (whichever comes first). + * If no size is specified, it will keep reading from + * the stream until it reaches the end of the line. + * * @access public - * @return $size bytes of data from the socket, or a PEAR_Error if - * not connected. + * @return mixed $size bytes of data from the socket, or a PEAR_Error if + * not connected. If an error occurs, FALSE is returned. */ - function gets($size) + function gets($size = null) { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); } - return @fgets($this->fp, $size); + if (is_null($size)) { + return @fgets($this->fp); + } else { + return @fgets($this->fp, $size); + } } /** @@ -295,7 +350,8 @@ class Net_Socket extends PEAR { * chunk; if you know the size of the data you're getting * beforehand, this is definitely the way to go. * - * @param integer $size The number of bytes to read from the socket. + * @param integer $size The number of bytes to read from the socket. + * * @access public * @return $size bytes of data from the socket, or a PEAR_Error if * not connected. @@ -312,14 +368,16 @@ class Net_Socket extends PEAR { /** * Write a specified amount of data. * - * @param string $data Data to write. - * @param integer $blocksize Amount of data to write at once. - * NULL means all at once. + * @param string $data Data to write. + * @param integer $blocksize Amount of data to write at once. + * NULL means all at once. * * @access public - * @return mixed If the socket is not connected, returns an instance of PEAR_Error - * If the write succeeds, returns the number of bytes written + * @return mixed If the socket is not connected, returns an instance of + * PEAR_Error. + * If the write succeeds, returns the number of bytes written. * If the write fails, returns false. + * If the socket times out, returns an instance of PEAR_Error. */ function write($data, $blocksize = null) { @@ -328,19 +386,47 @@ class Net_Socket extends PEAR { } if (is_null($blocksize) && !OS_WINDOWS) { - return @fwrite($this->fp, $data); + $written = @fwrite($this->fp, $data); + + // Check for timeout or lost connection + if (!$written) { + $meta_data = $this->getStatus(); + + if (!is_array($meta_data)) { + return $meta_data; // PEAR_Error + } + + if (!empty($meta_data['timed_out'])) { + return $this->raiseError('timed out'); + } + } + + return $written; } else { if (is_null($blocksize)) { $blocksize = 1024; } - $pos = 0; + $pos = 0; $size = strlen($data); while ($pos < $size) { $written = @fwrite($this->fp, substr($data, $pos, $blocksize)); - if ($written === false) { - return false; + + // Check for timeout or lost connection + if (!$written) { + $meta_data = $this->getStatus(); + + if (!is_array($meta_data)) { + return $meta_data; // PEAR_Error + } + + if (!empty($meta_data['timed_out'])) { + return $this->raiseError('timed out'); + } + + return $written; } + $pos += $written; } @@ -349,10 +435,12 @@ class Net_Socket extends PEAR { } /** - * Write a line of data to the socket, followed by a trailing "\r\n". + * Write a line of data to the socket, followed by a trailing newline. + * + * @param string $data Data to write * * @access public - * @return mixed fputs result, or an error + * @return mixed fwrite() result, or PEAR_Error when not connected */ function writeLine($data) { @@ -360,7 +448,7 @@ class Net_Socket extends PEAR { return $this->raiseError('not connected'); } - return fwrite($this->fp, $data . "\r\n"); + return fwrite($this->fp, $data . $this->newline); } /** @@ -441,7 +529,7 @@ class Net_Socket extends PEAR { } $string = ''; - while (($char = @fread($this->fp, 1)) != "\x00") { + while (($char = @fread($this->fp, 1)) != "\x00") { $string .= $char; } return $string; @@ -481,11 +569,13 @@ class Net_Socket extends PEAR { } $line = ''; + $timeout = time() + $this->timeout; + while (!feof($this->fp) && (!$this->timeout || time() < $timeout)) { $line .= @fgets($this->fp, $this->lineLength); if (substr($line, -1) == "\n") { - return rtrim($line, "\r\n"); + return rtrim($line, $this->newline); } } return $line; @@ -521,9 +611,9 @@ class Net_Socket extends PEAR { * Runs the equivalent of the select() system call on the socket * with a timeout specified by tv_sec and tv_usec. * - * @param integer $state Which of read/write/error to check for. - * @param integer $tv_sec Number of seconds for timeout. - * @param integer $tv_usec Number of microseconds for timeout. + * @param integer $state Which of read/write/error to check for. + * @param integer $tv_sec Number of seconds for timeout. + * @param integer $tv_usec Number of microseconds for timeout. * * @access public * @return False if select fails, integer describing which of read/write/error @@ -535,8 +625,8 @@ class Net_Socket extends PEAR { return $this->raiseError('not connected'); } - $read = null; - $write = null; + $read = null; + $write = null; $except = null; if ($state & NET_SOCKET_READ) { $read[] = $this->fp; @@ -547,7 +637,8 @@ class Net_Socket extends PEAR { if ($state & NET_SOCKET_ERROR) { $except[] = $this->fp; } - if (false === ($sr = stream_select($read, $write, $except, $tv_sec, $tv_usec))) { + if (false === ($sr = stream_select($read, $write, $except, + $tv_sec, $tv_usec))) { return false; } @@ -567,15 +658,17 @@ class Net_Socket extends PEAR { /** * Turns encryption on/off on a connected socket. * - * @param bool $enabled Set this parameter to true to enable encryption - * and false to disable encryption. - * @param integer $type Type of encryption. See - * http://se.php.net/manual/en/function.stream-socket-enable-crypto.php for values. + * @param bool $enabled Set this parameter to true to enable encryption + * and false to disable encryption. + * @param integer $type Type of encryption. See stream_socket_enable_crypto() + * for values. * + * @see http://se.php.net/manual/en/function.stream-socket-enable-crypto.php * @access public - * @return false on error, true on success and 0 if there isn't enough data and the - * user should try again (non-blocking sockets only). A PEAR_Error object - * is returned if the socket is not connected + * @return false on error, true on success and 0 if there isn't enough data + * and the user should try again (non-blocking sockets only). + * A PEAR_Error object is returned if the socket is not + * connected */ function enableCrypto($enabled, $type) { @@ -585,7 +678,8 @@ class Net_Socket extends PEAR { } return @stream_socket_enable_crypto($this->fp, $enabled, $type); } else { - return $this->raiseError('Net_Socket::enableCrypto() requires php version >= 5.1.0'); + $msg = 'Net_Socket::enableCrypto() requires php version >= 5.1.0'; + return $this->raiseError($msg); } } From a3c5ef59d6b79d91d8eceaeb2085407386182aed Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 26 Feb 2016 13:41:14 +0100 Subject: [PATCH 030/415] Fix merge #101 by replacing a non-working Yahoo! link with Wikipedia The link was meant to describe robots.txt crawl-delay info --- CONFIGURE | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONFIGURE b/CONFIGURE index 362448a3b6..b1773347d4 100644 --- a/CONFIGURE +++ b/CONFIGURE @@ -674,7 +674,7 @@ Web crawlers. See http://www.robotstxt.org/ for more information on the format of this file. crawldelay: if non-empty, this value is provided as the Crawl-Delay: - for the robots.txt file. see https://help.yahoo.com/kb/search + for the robots.txt file. see for more information. Default is zero, no explicit delay. disallow: Array of (virtual) directories to disallow. Default is 'main', 'search', 'message', 'settings', 'admin'. Ignored when site From 8356c2495cfae61e3e6bac67cfcf3cba1904364f Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 26 Feb 2016 13:52:25 +0100 Subject: [PATCH 031/415] Use mb_* and strict === comparison --- classes/File.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/classes/File.php b/classes/File.php index c6677c2fd3..4e51be4938 100644 --- a/classes/File.php +++ b/classes/File.php @@ -109,8 +109,8 @@ class File extends Managed_DataObject // if the given url is an local attachment url and the id already exists, don't // save a new file record. This should never happen, but let's make it foolproof $attachment_path = common_path('attachment/'); - if(strpos($given_url,$attachment_path) == 0) { - $possible_file_id = substr($given_url,strlen($attachment_path)); + if (mb_strpos($given_url,$attachment_path) === 0) { + $possible_file_id = mb_substr($given_url, mb_strlen($attachment_path)); if(is_numeric($possible_file_id)) { $file = File::getKV('id',$possible_file_id); if($file instanceof File) { From 6a4470912f534992e05412cb53adbeeac3978356 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 26 Feb 2016 14:10:32 +0100 Subject: [PATCH 032/415] Fiddling with merge request #98 to use internal routing functions --- classes/File.php | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/classes/File.php b/classes/File.php index 4e51be4938..8d9ecf5195 100644 --- a/classes/File.php +++ b/classes/File.php @@ -108,13 +108,20 @@ class File extends Managed_DataObject // if the given url is an local attachment url and the id already exists, don't // save a new file record. This should never happen, but let's make it foolproof - $attachment_path = common_path('attachment/'); - if (mb_strpos($given_url,$attachment_path) === 0) { - $possible_file_id = mb_substr($given_url, mb_strlen($attachment_path)); - if(is_numeric($possible_file_id)) { - $file = File::getKV('id',$possible_file_id); - if($file instanceof File) { + // FIXME: how about attachments servers? + $u = parse_url($given_url); + if (isset($u['host']) && $u['host'] === common_config('site', 'server')) { + $r = Router::get(); + $args = $r->map(mb_substr($u['path'])); + if ($args['action'] === 'attachment') { + try { + // $args['attachment'] should always be set if action===attachment, given our routing rules + $file = File::getByID($args['attachment']); return $file; + } catch (EmptyIdException $e) { + // ...but $args['attachment'] can also be 0... + } catch (NoResultException $e) { + // apparently this link goes to us, but is _not_ an existing attachment (File) ID? } } } From 1e6520fddd36a56ae501e91928cc6fab0fd41cc6 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 26 Feb 2016 14:13:46 +0100 Subject: [PATCH 033/415] Woops, forgot to skip the / in path --- classes/File.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/classes/File.php b/classes/File.php index 8d9ecf5195..ef4b2cfb3c 100644 --- a/classes/File.php +++ b/classes/File.php @@ -112,7 +112,8 @@ class File extends Managed_DataObject $u = parse_url($given_url); if (isset($u['host']) && $u['host'] === common_config('site', 'server')) { $r = Router::get(); - $args = $r->map(mb_substr($u['path'])); + // Skip the / in the beginning or $r->map won't match + $args = $r->map(mb_substr($u['path'], 1)); if ($args['action'] === 'attachment') { try { // $args['attachment'] should always be set if action===attachment, given our routing rules From 52a3764ae406f63f7177f4cbefaf5eb23375150c Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 26 Feb 2016 14:46:26 +0100 Subject: [PATCH 034/415] Resolve relative URLs (assuming URI.Base==notice URL) The real way to do this would be to get the xml:base property from the Atom feed but it's probably not there in any posts we see today. --- classes/Notice.php | 4 ++-- lib/util.php | 6 +++++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index 892f2be30e..2bae300115 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -854,8 +854,8 @@ class Notice extends Managed_DataObject if (mb_strlen($content)===0 && !is_null($actobj)) { $content = mb_strlen($actobj->content) ? $actobj->content : $actobj->summary; } - // Strip out any bad HTML from $content - $stored->rendered = common_purify($content); + // Strip out any bad HTML from $content. URI.Base is used to sort out relative URLs. + $stored->rendered = common_purify($content, ['URI.Base' => $stored->url ?: null]); $stored->content = common_strip_html($stored->getRendered(), true, true); if (trim($stored->content) === '') { // TRANS: Error message when the plain text content of a notice has zero length. diff --git a/lib/util.php b/lib/util.php index f029eb429d..9f9b3f66d4 100644 --- a/lib/util.php +++ b/lib/util.php @@ -580,7 +580,7 @@ function common_canonical_email($email) return $email; } -function common_purify($html) +function common_purify($html, array $args=array()) { require_once INSTALLDIR.'/extlib/HTMLPurifier/HTMLPurifier.auto.php'; @@ -588,6 +588,10 @@ function common_purify($html) $cfg->set('Attr.AllowedRel', ['bookmark', 'directory', 'enclosure', 'home', 'license', 'nofollow', 'payment', 'tag']); // http://microformats.org/wiki/rel $cfg->set('HTML.ForbiddenAttributes', array('style')); // id, on* etc. are already filtered by default $cfg->set('URI.AllowedSchemes', array_fill_keys(common_url_schemes(), true)); + if (isset($args['URI.Base'])) { + $cfg->set('URI.Base', $args['URI.Base']); // if null this is like unsetting it I presume + $cfg->set('URI.MakeAbsolute', !is_null($args['URI.Base'])); // if we have a URI base, convert relative URLs to absolute ones. + } // Remove more elements than what the default filter removes, default in GNU social are remotely // linked resources such as img, video, audio From ba51a696d2be4bcc63182bda364719dde104bbee Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 26 Feb 2016 14:53:12 +0100 Subject: [PATCH 035/415] Slightly more correct log message in index.php --- index.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.php b/index.php index ecbfb3eb7b..eef894effc 100644 --- a/index.php +++ b/index.php @@ -93,9 +93,9 @@ function handleError($error) return; } - $logmsg = "PEAR error: " . $error->getMessage(); + $logmsg = "Exception thrown: " . _ve($error->getMessage()); if ($error instanceof PEAR_Exception && common_config('site', 'logdebug')) { - $logmsg .= " : ". $error->toText(); + $logmsg .= " PEAR: ". $error->toText(); } // DB queries often end up with a lot of newlines; merge to a single line // for easier grepability... From b4dc060d753290eea0fdab53d52dee9e37f93342 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 26 Feb 2016 16:10:03 +0100 Subject: [PATCH 036/415] Don't auto-silence other users by IP by default --- .../RegisterThrottlePlugin.php | 27 ++++++++++++++----- 1 file changed, 20 insertions(+), 7 deletions(-) diff --git a/plugins/RegisterThrottle/RegisterThrottlePlugin.php b/plugins/RegisterThrottle/RegisterThrottlePlugin.php index d51932ba35..5b999a4370 100644 --- a/plugins/RegisterThrottle/RegisterThrottlePlugin.php +++ b/plugins/RegisterThrottle/RegisterThrottlePlugin.php @@ -60,6 +60,14 @@ class RegisterThrottlePlugin extends Plugin */ public $silenced = true; + /** + * Auto-silence all other users from the same registration_ip + * as the one being silenced. Caution: Many users may come from + * the same IP (even entire countries) without having any sort + * of relevant connection for moderation. + */ + public $auto_silence_by_ip = false; + /** * Whether we're enabled; prevents recursion. */ @@ -300,15 +308,15 @@ class RegisterThrottlePlugin extends Plugin return true; } - if ($role != Profile_role::SILENCED) { + if ($role !== Profile_role::SILENCED) { return true; } - if (!$this->silenced) { + if (!$this->auto_silence_by_ip) { return true; } - $ri = Registration_ip::getKV('user_id', $profile->id); + $ri = Registration_ip::getKV('user_id', $profile->getID()); if (empty($ri)) { return true; @@ -317,13 +325,13 @@ class RegisterThrottlePlugin extends Plugin $ids = Registration_ip::usersByIP($ri->ipaddress); foreach ($ids as $id) { - if ($id == $profile->id) { + if ($id == $profile->getID()) { continue; } - $other = Profile::getKV('id', $id); - - if (empty($other)) { + try { + $other = Profile::getByID($id); + } catch (NoResultException $e) { continue; } @@ -331,6 +339,11 @@ class RegisterThrottlePlugin extends Plugin continue; } + // 'enabled' here is used to prevent recursion, since + // we'll end up in this function again on ->silence() + // though I actually think it doesn't matter since we + // do this in onEndGrantRole and that means the above + // $other->isSilenced() test should've 'continue'd... $old = self::$enabled; self::$enabled = false; $other->silence(); From 12f1707a74f7a12449979034c737cc9e5146c39b Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 26 Feb 2016 22:37:26 +0100 Subject: [PATCH 037/415] Ostatus_source filled no purpose whatsoever --- plugins/OStatus/OStatusPlugin.php | 1 - plugins/OStatus/classes/Ostatus_profile.php | 1 - plugins/OStatus/classes/Ostatus_source.php | 77 --------------------- 3 files changed, 79 deletions(-) delete mode 100644 plugins/OStatus/classes/Ostatus_source.php diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index 17ce8e4623..292af658ed 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -476,7 +476,6 @@ class OStatusPlugin extends Plugin function onCheckSchema() { $schema = Schema::get(); $schema->ensureTable('ostatus_profile', Ostatus_profile::schemaDef()); - $schema->ensureTable('ostatus_source', Ostatus_source::schemaDef()); $schema->ensureTable('feedsub', FeedSub::schemaDef()); $schema->ensureTable('hubsub', HubSub::schemaDef()); $schema->ensureTable('magicsig', Magicsig::schemaDef()); diff --git a/plugins/OStatus/classes/Ostatus_profile.php b/plugins/OStatus/classes/Ostatus_profile.php index 8c7be80a60..2b1ab8ddd9 100644 --- a/plugins/OStatus/classes/Ostatus_profile.php +++ b/plugins/OStatus/classes/Ostatus_profile.php @@ -539,7 +539,6 @@ class Ostatus_profile extends Managed_DataObject try { $stored = Notice::saveActivity($activity, $actor, $options); - Ostatus_source::saveNew($stored, $this, $method); } catch (Exception $e) { common_log(LOG_ERR, "OStatus save of remote message $sourceUri failed: " . $e->getMessage()); throw $e; diff --git a/plugins/OStatus/classes/Ostatus_source.php b/plugins/OStatus/classes/Ostatus_source.php deleted file mode 100644 index 88a6a58383..0000000000 --- a/plugins/OStatus/classes/Ostatus_source.php +++ /dev/null @@ -1,77 +0,0 @@ -. - */ - -if (!defined('STATUSNET')) { - exit(1); -} - -/** - * @package OStatusPlugin - * @maintainer Brion Vibber - */ -class Ostatus_source extends Managed_DataObject -{ - public $__table = 'ostatus_source'; - - public $notice_id; // notice we're referring to - public $profile_uri; // uri of the ostatus_profile this came through -- may be a group feed - public $method; // push or salmon - public $created; - public $modified; - - public static function schemaDef() - { - return array( - 'fields' => array( - 'notice_id' => array('type' => 'int', 'not null' => true, 'description' => 'Notice ID relation'), - 'profile_uri' => array('type' => 'varchar', 'not null' => true, 'length' => 191, 'description' => 'Profile URI'), - 'method' => array('type' => 'enum("push","salmon")', 'not null' => true, 'description' => 'source method'), - 'created' => array('type' => 'datetime', 'not null' => true, 'description' => 'date this record was created'), - 'modified' => array('type' => 'timestamp', 'not null' => true, 'description' => 'date this record was modified'), - ), - 'primary key' => array('notice_id'), - 'foreign keys' => array( - 'ostatus_source_notice_id_fkey' => array('notice', array('notice_id' => 'id')), - // not in profile table yet 'ostatus_source_profile_uri_fkey' => array('profile', array('profile_uri' => 'uri')), - ), - 'indexes' => array( - 'ostatus_source_profile_uri_idx' => array('profile_uri'), - ), - ); - } - - /** - * Save a remote notice source record; this helps indicate how trusted we are. - * @param string $method - */ - public static function saveNew(Notice $notice, Ostatus_profile $oprofile, $method) - { - $osource = new Ostatus_source(); - $osource->notice_id = $notice->id; - $osource->profile_uri = $oprofile->uri; - $osource->method = $method; - $osource->created = common_sql_now(); - if ($osource->insert()) { - return true; - } else { - common_log_db_error($osource, 'INSERT', __FILE__); - return false; - } - } -} From 9dc4f13579c6cb6c681061ac7350e77bb0c71248 Mon Sep 17 00:00:00 2001 From: Stephen Paul Weber Date: Fri, 26 Feb 2016 22:06:04 +0000 Subject: [PATCH 038/415] Fix author fallback Previously if there was no discernable author the nickname "Array" would end up used. This was a bug, obviously. It is fixed now. --- plugins/Linkback/lib/util.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/Linkback/lib/util.php b/plugins/Linkback/lib/util.php index 2f024dd233..cd0476ceef 100644 --- a/plugins/Linkback/lib/util.php +++ b/plugins/Linkback/lib/util.php @@ -284,7 +284,7 @@ function linkback_profile($entry, $mf2, $response, $target) { } if(!$author) { - $author = array('name' => array($entry['name'])); + $author = array('name' => $entry['name']); } if(!$author['url']) { From 6a0007c41012cb9a566415080c1fb5852ade90ae Mon Sep 17 00:00:00 2001 From: hannes Date: Sat, 27 Feb 2016 01:03:24 +0000 Subject: [PATCH 039/415] moderators can delete others' notices using the api --- actions/apistatusesdestroy.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/actions/apistatusesdestroy.php b/actions/apistatusesdestroy.php index 2d32124c42..f681ee8419 100644 --- a/actions/apistatusesdestroy.php +++ b/actions/apistatusesdestroy.php @@ -69,6 +69,7 @@ class ApiStatusesDestroyAction extends ApiAuthAction parent::prepare($args); $this->user = $this->auth_user; + $this->profile = $this->auth_user->getProfile(); $this->notice_id = (int)$this->trimmed('id'); if (empty($notice_id)) { @@ -122,7 +123,7 @@ class ApiStatusesDestroyAction extends ApiAuthAction return; } - if ($this->user->id == $this->notice->profile_id) { + if ($this->user->id == $this->notice->profile_id || $this->profile->hasRight(Right::DELETEOTHERSNOTICE)) { if (Event::handle('StartDeleteOwnNotice', array($this->user, $this->notice))) { $this->notice->deleteAs($this->scoped); Event::handle('EndDeleteOwnNotice', array($this->user, $this->notice)); From cd978fa15356429ebc867493f69172cdd23b2f47 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 28 Feb 2016 13:16:52 +0100 Subject: [PATCH 040/415] Edited the list of allowed rel values --- lib/util.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/lib/util.php b/lib/util.php index 9f9b3f66d4..c175c6e9ae 100644 --- a/lib/util.php +++ b/lib/util.php @@ -585,7 +585,15 @@ function common_purify($html, array $args=array()) require_once INSTALLDIR.'/extlib/HTMLPurifier/HTMLPurifier.auto.php'; $cfg = HTMLPurifier_Config::createDefault(); - $cfg->set('Attr.AllowedRel', ['bookmark', 'directory', 'enclosure', 'home', 'license', 'nofollow', 'payment', 'tag']); // http://microformats.org/wiki/rel + /** + * rel values that should be avoided since they can be used to infer + * information about the _current_ page, not the h-entry: + * + * directory, home, license, payment + * + * Source: http://microformats.org/wiki/rel + */ + $cfg->set('Attr.AllowedRel', ['bookmark', 'enclosure', 'nofollow', 'tag']); $cfg->set('HTML.ForbiddenAttributes', array('style')); // id, on* etc. are already filtered by default $cfg->set('URI.AllowedSchemes', array_fill_keys(common_url_schemes(), true)); if (isset($args['URI.Base'])) { From 747c91210ff31d8ff42bb01d6c9f0fb5becc9085 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 28 Feb 2016 13:30:47 +0100 Subject: [PATCH 041/415] HTMLPurifier cache settings, put stuff in subdir of get_sys_temp_dir() --- lib/default.php | 8 ++++++-- lib/util.php | 3 +++ 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/lib/default.php b/lib/default.php index c78803da97..0fa8ce1678 100644 --- a/lib/default.php +++ b/lib/default.php @@ -296,11 +296,15 @@ $default = array('handle' => false, // whether to handle sessions ourselves 'debug' => false, // debugging output for sessions 'gc_limit' => 1000), // max sessions to expire at a time - 'htmlfilter' => array( // purify HTML through HTMLPurifier + 'htmlfilter' => [ // remove tags from user/remotely generated HTML if they are === true 'img' => true, 'video' => true, 'audio' => true, - ), + ], + 'htmlpurifier' => [ // configurable options for HTMLPurifier + 'Cache.DefinitionImpl' => 'Serializer', + 'Cache.SerializerPath' => implode(DIRECTORY_SEPARATOR, [sys_get_temp_dir(), 'gnusocial']), + ], 'notice' => array('contentlimit' => null, 'allowprivate' => false, // whether to allow users to "check the padlock" to publish notices available for their subscribers. diff --git a/lib/util.php b/lib/util.php index c175c6e9ae..5aeda6d750 100644 --- a/lib/util.php +++ b/lib/util.php @@ -600,6 +600,9 @@ function common_purify($html, array $args=array()) $cfg->set('URI.Base', $args['URI.Base']); // if null this is like unsetting it I presume $cfg->set('URI.MakeAbsolute', !is_null($args['URI.Base'])); // if we have a URI base, convert relative URLs to absolute ones. } + foreach (common_config('htmlpurifier') as $key=>$val) { + $cfg->set($key, $val); + } // Remove more elements than what the default filter removes, default in GNU social are remotely // linked resources such as img, video, audio From 6c43e9c2e0934a9da2cb7947024ca7e3702c3f91 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 28 Feb 2016 13:31:21 +0100 Subject: [PATCH 042/415] Verify loaded config function, must be completed further. --- lib/gnusocial.php | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/lib/gnusocial.php b/lib/gnusocial.php index 277c41e7c8..2ad688a790 100644 --- a/lib/gnusocial.php +++ b/lib/gnusocial.php @@ -141,6 +141,8 @@ class GNUsocial // Load settings from database; note we need autoload for this Config::loadSettings(); + self::verifyLoadedConfig(); + self::initPlugins(); } @@ -418,6 +420,23 @@ class GNUsocial } } + /** + * Verify that the loaded config is good. Not complete, but will + * throw exceptions on common configuration problems I hope. + * + * Might make changes to the filesystem, to created dirs, but will + * not make database changes. + */ + static function verifyLoadedConfig() + { + if (common_config('htmlpurifier', 'Cache.DefinitionImpl') === 'Serializer' + && !is_dir(common_config('htmlpurifier', 'Cache.SerializerPath'))) { + if (!mkdir(common_config('htmlpurifier', 'Cache.SerializerPath'))) { + throw new ServerException('Could not create HTMLPurifier cache dir: '._ve(common_config('htmlpurifier', 'Cache.SerializerPath'))); + } + } + } + /** * Are we running from the web with HTTPS? * From 446c930823136f1df5d0d86f135548a1aed3357c Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 28 Feb 2016 19:23:13 +0100 Subject: [PATCH 043/415] Change to more recent code style in ApiStatusesDestroyAction --- actions/apistatusesdestroy.php | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/actions/apistatusesdestroy.php b/actions/apistatusesdestroy.php index f681ee8419..2c4edbcfa4 100644 --- a/actions/apistatusesdestroy.php +++ b/actions/apistatusesdestroy.php @@ -68,8 +68,6 @@ class ApiStatusesDestroyAction extends ApiAuthAction { parent::prepare($args); - $this->user = $this->auth_user; - $this->profile = $this->auth_user->getProfile(); $this->notice_id = (int)$this->trimmed('id'); if (empty($notice_id)) { @@ -123,10 +121,10 @@ class ApiStatusesDestroyAction extends ApiAuthAction return; } - if ($this->user->id == $this->notice->profile_id || $this->profile->hasRight(Right::DELETEOTHERSNOTICE)) { - if (Event::handle('StartDeleteOwnNotice', array($this->user, $this->notice))) { + if ($this->scoped->sameAs($this->notice->getProfile()) || $this->scoped->hasRight(Right::DELETEOTHERSNOTICE)) { + if (Event::handle('StartDeleteOwnNotice', array($this->auth_user, $this->notice))) { $this->notice->deleteAs($this->scoped); - Event::handle('EndDeleteOwnNotice', array($this->user, $this->notice)); + Event::handle('EndDeleteOwnNotice', array($this->auth_user, $this->notice)); } $this->showNotice(); } else { From 2696e13b196456c898306845fcfea465a99d3050 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 28 Feb 2016 19:34:48 +0100 Subject: [PATCH 044/415] Refactoring ApiStatusesDestroyAction --- actions/apistatusesdestroy.php | 96 ++++++++++------------------------ 1 file changed, 27 insertions(+), 69 deletions(-) diff --git a/actions/apistatusesdestroy.php b/actions/apistatusesdestroy.php index 2c4edbcfa4..0bad3da5df 100644 --- a/actions/apistatusesdestroy.php +++ b/actions/apistatusesdestroy.php @@ -34,9 +34,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * Deletes one of the authenticating user's statuses (notices). @@ -55,86 +53,46 @@ if (!defined('STATUSNET')) { */ class ApiStatusesDestroyAction extends ApiAuthAction { - var $status = null; - - /** - * Take arguments for running - * - * @param array $args $_REQUEST args - * - * @return boolean success flag - */ - function prepare($args) + protected function prepare(array $args=array()) { parent::prepare($args); - $this->notice_id = (int)$this->trimmed('id'); - - if (empty($notice_id)) { - $this->notice_id = (int)$this->arg('id'); + if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { + // TRANS: Client error displayed trying to delete a status not using POST or DELETE. + // TRANS: POST and DELETE should not be translated. + throw new ClientException(_('This method requires a POST or DELETE.')); } - $this->notice = Notice::getKV((int)$this->notice_id); + // FIXME: Return with a Not Acceptable status code? + if (!in_array($this->format, array('xml', 'json'))) { + // TRANS: Client error displayed when coming across a non-supported API method. + throw new ClientException(_('API method not found.'), 404); + } + + try { + $this->notice = Notice::getByID($this->trimmed('id')); + } catch (NoResultException $e) { + // TRANS: Client error displayed trying to delete a status with an invalid ID. + throw new ClientException(_('No status found with that ID.'), 404); + } return true; } - /** - * Handle the request - * - * Delete the notice and all related replies - * - * @param array $args $_REQUEST data (unused) - * - * @return void - */ - function handle($args) + protected function handle() { - parent::handle($args); + parent::handle(); - if (!in_array($this->format, array('xml', 'json'))) { - $this->clientError( - // TRANS: Client error displayed when coming across a non-supported API method. - _('API method not found.'), - 404 - ); - return; + if (!$this->scoped->sameAs($this->notice->getProfile()) && !$this->scoped->hasRight(Right::DELETEOTHERSNOTICE)) { + // TRANS: Client error displayed trying to delete a status of another user. + throw new AuthorizationException(_('You may not delete another user\'s status.')); } - if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { - $this->clientError( - // TRANS: Client error displayed trying to delete a status not using POST or DELETE. - // TRANS: POST and DELETE should not be translated. - _('This method requires a POST or DELETE.'), - 400, - $this->format - ); - return; - } - - if (empty($this->notice)) { - $this->clientError( - // TRANS: Client error displayed trying to delete a status with an invalid ID. - _('No status found with that ID.'), - 404, $this->format - ); - return; - } - - if ($this->scoped->sameAs($this->notice->getProfile()) || $this->scoped->hasRight(Right::DELETEOTHERSNOTICE)) { - if (Event::handle('StartDeleteOwnNotice', array($this->auth_user, $this->notice))) { - $this->notice->deleteAs($this->scoped); - Event::handle('EndDeleteOwnNotice', array($this->auth_user, $this->notice)); - } - $this->showNotice(); - } else { - $this->clientError( - // TRANS: Client error displayed trying to delete a status of another user. - _('You may not delete another user\'s status.'), - 403, - $this->format - ); + if (Event::handle('StartDeleteOwnNotice', array($this->scoped->getUser(), $this->notice))) { + $this->notice->deleteAs($this->scoped); + Event::handle('EndDeleteOwnNotice', array($this->scoped->getUser(), $this->notice)); } + $this->showNotice(); } /** From b8643f73b77e811ba32e46153608d2cb2cdee5a8 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 28 Feb 2016 19:40:16 +0100 Subject: [PATCH 045/415] No need to set $threads = 0 on the line before it's set ;) --- scripts/queuedaemon.php | 1 - 1 file changed, 1 deletion(-) diff --git a/scripts/queuedaemon.php b/scripts/queuedaemon.php index efc1e04e9e..8fb0f8e0ae 100755 --- a/scripts/queuedaemon.php +++ b/scripts/queuedaemon.php @@ -168,7 +168,6 @@ if (have_option('t')) { } else if (have_option('--threads')) { $threads = intval(get_option_value('--threads')); } else { - $threads = 0; //If there is no argument for number of threads //Try reading a config option for the number $threads = common_config('queue','threads'); From da34491c59e1b92b75b9aa381a1e281b66333b48 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 28 Feb 2016 20:50:45 +0100 Subject: [PATCH 046/415] Woops, undefined $type there. --- actions/showstream.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/showstream.php b/actions/showstream.php index 33ec49df99..dbe74197dc 100644 --- a/actions/showstream.php +++ b/actions/showstream.php @@ -161,7 +161,7 @@ class ShowstreamAction extends NoticestreamAction // Publish all the rel="me" in the HTTP headers on our main profile page if (get_class($this) == 'ShowstreamAction') { foreach ($this->target->getRelMes() as $relMe) { - header('Link: <'.htmlspecialchars($relMe['href']).'>'.$type.'; rel="me"', false); + header('Link: <'.htmlspecialchars($relMe['href']).'>; rel="me"', false); } } } From 7862b853bf05908f342afd175c13bad300bd5c10 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 1 Mar 2016 13:10:18 +0100 Subject: [PATCH 047/415] Make javascript XHR timeout a variable. SN.V.xhrTimeout = [time in milliseconds]; --- js/util.js | 3 ++- lib/action.php | 8 +++++--- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/js/util.js b/js/util.js index 29650b1a4d..15bff959ee 100644 --- a/js/util.js +++ b/js/util.js @@ -57,6 +57,7 @@ var SN = { // StatusNet }, V: { // Variables + // These get set on runtime via inline scripting, so don't put anything here. }, /** @@ -358,7 +359,7 @@ var SN = { // StatusNet form.ajaxForm({ dataType: 'xml', - timeout: '60000', + timeout: SN.V.xhrTimeout, beforeSend: function (formData) { if (form.find('.notice_data-text:first').val() == '') { form.addClass(SN.C.S.Warning); diff --git a/lib/action.php b/lib/action.php index 4e629c2bc3..513666a656 100644 --- a/lib/action.php +++ b/lib/action.php @@ -492,10 +492,12 @@ class Action extends HTMLOutputter // lawsuit if (Event::handle('StartScriptVariables', array($this, &$vars))) { $vars['urlNewNotice'] = common_local_url('newnotice'); + $vars['xhrTimeout'] = ini_get('max_execution_time')*1000; // milliseconds + Event::handle('EndScriptVariables', array($this, &$vars)); } - if (!empty($vars)) { - $this->inlineScript('SN.V = ' . json_encode($vars)); - } + + $this->inlineScript('SN.V = ' . json_encode($vars) . ';'); + return $vars; } From 63c087a25500ee5d8faa6bbb5d3f72660d4cdbe5 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 1 Mar 2016 14:51:47 +0100 Subject: [PATCH 048/415] Consistent behaviour for ScopingNoticeStream $scoped We don't guess the current profile anymore if the value of the profile === -1 Also sets $this->scoped for all ScopingNoticeStream inheritors, which just like in an Action can be null if we're not scoped in any way (logged in). --- actions/allrss.php | 2 +- actions/noticesearch.php | 3 +- actions/showgroup.php | 24 +++--------- classes/File.php | 4 +- classes/Notice.php | 9 +++-- classes/Notice_tag.php | 4 +- classes/Profile.php | 4 +- classes/Profile_list.php | 4 +- classes/Reply.php | 4 +- classes/User.php | 9 +++-- classes/User_group.php | 4 +- lib/conversationnoticestream.php | 8 +--- lib/filenoticestream.php | 13 ++----- lib/groupnoticestream.php | 17 ++------- lib/inboxnoticestream.php | 3 -- lib/inboxtagcloudsection.php | 10 ++--- lib/peopletagnoticestream.php | 13 ++----- lib/profilenoticestream.php | 38 +++++++++---------- lib/publicnoticestream.php | 4 +- lib/replynoticestream.php | 7 +--- lib/scopingnoticestream.php | 18 +++------ lib/searchnoticestream.php | 16 ++------ lib/taggedprofilenoticestream.php | 13 ++----- lib/tagnoticestream.php | 8 ++-- lib/threadinggroupnoticestream.php | 4 +- plugins/ActivitySpam/actions/spam.php | 8 ++-- plugins/ActivitySpam/lib/spamnoticestream.php | 15 ++------ .../Bookmark/lib/bookmarksnoticestream.php | 11 ++---- .../lib/useremailsummaryhandler.php | 12 +++--- plugins/Event/lib/eventsnoticestream.php | 2 + plugins/Favorite/actions/favorited.php | 2 +- plugins/Favorite/actions/showfavorites.php | 3 +- plugins/Favorite/classes/Fave.php | 10 ++++- plugins/Favorite/lib/favenoticestream.php | 18 ++++----- plugins/Favorite/lib/popularnoticestream.php | 10 ++--- plugins/Mapstraction/actions/allmap.php | 4 +- .../Share/lib/repeatedbymenoticestream.php | 27 +++++-------- plugins/Share/lib/repeatsofmenoticestream.php | 25 +++++------- 38 files changed, 151 insertions(+), 239 deletions(-) diff --git a/actions/allrss.php b/actions/allrss.php index 4b6df25048..d7f11bb1eb 100644 --- a/actions/allrss.php +++ b/actions/allrss.php @@ -46,7 +46,7 @@ class AllrssAction extends TargetedRss10Action { protected function getNotices() { - $stream = new InboxNoticeStream($this->target); + $stream = new InboxNoticeStream($this->target, $this->scoped); return $stream->getNotices(0, $this->limit)->fetchAll(); } diff --git a/actions/noticesearch.php b/actions/noticesearch.php index fd8fdf68e5..d7cdeaacc6 100644 --- a/actions/noticesearch.php +++ b/actions/noticesearch.php @@ -65,8 +65,7 @@ class NoticesearchAction extends SearchAction if (!empty($this->q)) { - $profile = Profile::current(); - $stream = new SearchNoticeStream($this->q, $profile); + $stream = new SearchNoticeStream($this->q, $this->scoped); $page = $this->trimmed('page'); if (empty($page)) { diff --git a/actions/showgroup.php b/actions/showgroup.php index 46d0a227f5..8770e6cc8b 100644 --- a/actions/showgroup.php +++ b/actions/showgroup.php @@ -28,12 +28,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/noticelist.php'; -require_once INSTALLDIR.'/lib/feedlist.php'; +if (!defined('GNUSOCIAL')) { exit(1); } /** * Group main page @@ -48,7 +43,6 @@ class ShowgroupAction extends GroupAction { /** page we're viewing. */ var $page = null; - var $userProfile = null; var $notice = null; /** @@ -97,14 +91,10 @@ class ShowgroupAction extends GroupAction $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; - $this->userProfile = Profile::current(); - - $user = common_current_user(); - - if (!empty($user) && $user->streamModeOnly()) { - $stream = new GroupNoticeStream($this->group, $this->userProfile); + if ($this->scoped instanceof Profile && $this->scoped->isLocal() && $this->scoped->getUser()->streamModeOnly()) { + $stream = new GroupNoticeStream($this->group, $this->scoped); } else { - $stream = new ThreadingGroupNoticeStream($this->group, $this->userProfile); + $stream = new ThreadingGroupNoticeStream($this->group, $this->scoped); } $this->notice = $stream->getNotices(($this->page-1)*NOTICES_PER_PAGE, @@ -146,12 +136,10 @@ class ShowgroupAction extends GroupAction */ function showGroupNotices() { - $user = common_current_user(); - - if (!empty($user) && $user->streamModeOnly()) { + if ($this->scoped instanceof Profile && $this->scoped->isLocal() && $this->scoped->getUser()->streamModeOnly()) { $nl = new PrimaryNoticeList($this->notice, $this, array('show_n'=>NOTICES_PER_PAGE)); } else { - $nl = new ThreadedNoticeList($this->notice, $this, $this->userProfile); + $nl = new ThreadedNoticeList($this->notice, $this, $this->scoped); } $cnt = $nl->show(); diff --git a/classes/File.php b/classes/File.php index ef4b2cfb3c..d6dd78cbef 100644 --- a/classes/File.php +++ b/classes/File.php @@ -579,7 +579,9 @@ class File extends Managed_DataObject function stream($offset=0, $limit=NOTICES_PER_PAGE, $since_id=0, $max_id=0) { - $stream = new FileNoticeStream($this); + // FIXME: Try to get the Profile::current() here in some other way to avoid mixing + // the current session user with possibly background/queue processing. + $stream = new FileNoticeStream($this, Profile::current()); return $stream->getNotices($offset, $limit, $since_id, $max_id); } diff --git a/classes/Notice.php b/classes/Notice.php index 2bae300115..6f406472c7 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -1280,9 +1280,9 @@ class Notice extends Managed_DataObject return $stream->getNotices($offset, $limit, $since_id, $max_id); } - static function conversationStream($id, $offset=0, $limit=20, $since_id=null, $max_id=null) + static function conversationStream($id, $offset=0, $limit=20, $since_id=null, $max_id=null, Profile $scoped=null) { - $stream = new ConversationNoticeStream($id); + $stream = new ConversationNoticeStream($id, $scoped); return $stream->getNotices($offset, $limit, $since_id, $max_id); } @@ -1300,8 +1300,9 @@ class Notice extends Managed_DataObject return false; } - $stream = new ConversationNoticeStream($this->conversation); - $notice = $stream->getNotices(/*offset*/ 1, /*limit*/ 1); + //FIXME: Get the Profile::current() stuff some other way + // to avoid confusion between queue processing and session. + $notice = self::conversationStream($this->conversation, 1, 1, null, null, Profile::current()); // if our "offset 1, limit 1" query got a result, return true else false return $notice->N > 0; diff --git a/classes/Notice_tag.php b/classes/Notice_tag.php index b864de8009..9d6bec6d2f 100644 --- a/classes/Notice_tag.php +++ b/classes/Notice_tag.php @@ -55,7 +55,9 @@ class Notice_tag extends Managed_DataObject static function getStream($tag, $offset=0, $limit=20, $sinceId=0, $maxId=0) { - $stream = new TagNoticeStream($tag); + // FIXME: Get the Profile::current value some other way + // to avoid confusino between queue processing and session. + $stream = new TagNoticeStream($tag, Profile::current()); return $stream; } diff --git a/classes/Profile.php b/classes/Profile.php index a5e0d092dc..36e91c3ad0 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -266,7 +266,9 @@ class Profile extends Managed_DataObject function getTaggedNotices($tag, $offset=0, $limit=NOTICES_PER_PAGE, $since_id=0, $max_id=0) { - $stream = new TaggedProfileNoticeStream($this, $tag); + //FIXME: Get Profile::current() some other way to avoid possible + // confusion between current session profile and background processing. + $stream = new TaggedProfileNoticeStream($this, $tag, Profile::current()); return $stream->getNotices($offset, $limit, $since_id, $max_id); } diff --git a/classes/Profile_list.php b/classes/Profile_list.php index 000e10b41f..b60f4afffd 100644 --- a/classes/Profile_list.php +++ b/classes/Profile_list.php @@ -171,7 +171,9 @@ class Profile_list extends Managed_DataObject function getNotices($offset, $limit, $since_id=null, $max_id=null) { - $stream = new PeopletagNoticeStream($this); + // FIXME: Use something else than Profile::current() to avoid + // possible confusion between session user and queue processing. + $stream = new PeopletagNoticeStream($this, Profile::current()); return $stream->getNotices($offset, $limit, $since_id, $max_id); } diff --git a/classes/Reply.php b/classes/Reply.php index d3405e6581..018937ba6c 100644 --- a/classes/Reply.php +++ b/classes/Reply.php @@ -57,7 +57,9 @@ class Reply extends Managed_DataObject static function stream($user_id, $offset=0, $limit=NOTICES_PER_PAGE, $since_id=0, $max_id=0) { - $stream = new ReplyNoticeStream($user_id); + // FIXME: Use some other method to get Profile::current() in order + // to avoid confusion between background processing and session user. + $stream = new ReplyNoticeStream($user_id, Profile::current()); return $stream->getNotices($offset, $limit, $since_id, $max_id); } } diff --git a/classes/User.php b/classes/User.php index 40e1a1b644..12cc170f86 100644 --- a/classes/User.php +++ b/classes/User.php @@ -701,15 +701,18 @@ class User extends Managed_DataObject function repeatedByMe($offset=0, $limit=20, $since_id=null, $max_id=null) { - $stream = new RepeatedByMeNoticeStream($this); + // FIXME: Use another way to get Profile::current() since we + // want to avoid confusion between session user and queue processing. + $stream = new RepeatedByMeNoticeStream($this->getProfile(), Profile::current()); return $stream->getNotices($offset, $limit, $since_id, $max_id); } function repeatsOfMe($offset=0, $limit=20, $since_id=null, $max_id=null) { - $stream = new RepeatsOfMeNoticeStream($this); - + // FIXME: Use another way to get Profile::current() since we + // want to avoid confusion between session user and queue processing. + $stream = new RepeatsOfMeNoticeStream($this->getProfile(), Profile::current()); return $stream->getNotices($offset, $limit, $since_id, $max_id); } diff --git a/classes/User_group.php b/classes/User_group.php index ecec1ee663..8f736de6d0 100644 --- a/classes/User_group.php +++ b/classes/User_group.php @@ -153,7 +153,9 @@ class User_group extends Managed_DataObject function getNotices($offset, $limit, $since_id=null, $max_id=null) { - $stream = new GroupNoticeStream($this); + // FIXME: Get the Profile::current() some other way, to avoid + // possible confusion between current session and queue process. + $stream = new GroupNoticeStream($this, Profile::current()); return $stream->getNotices($offset, $limit, $since_id, $max_id); } diff --git a/lib/conversationnoticestream.php b/lib/conversationnoticestream.php index 21b2d7f0be..bcb16c2d4b 100644 --- a/lib/conversationnoticestream.php +++ b/lib/conversationnoticestream.php @@ -42,14 +42,10 @@ if (!defined('GNUSOCIAL')) { exit(1); } */ class ConversationNoticeStream extends ScopingNoticeStream { - function __construct($id, $profile = -1) + function __construct($id, Profile $scoped=null) { - if (is_int($profile) && $profile == -1) { - $profile = Profile::current(); - } - parent::__construct(new RawConversationNoticeStream($id), - $profile); + $scoped); } } diff --git a/lib/filenoticestream.php b/lib/filenoticestream.php index f7bca1ed68..49b93732fb 100644 --- a/lib/filenoticestream.php +++ b/lib/filenoticestream.php @@ -28,22 +28,15 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - // This check helps protect against security problems; - // your code file can't be executed directly from the web. - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } class FileNoticeStream extends ScopingNoticeStream { - function __construct($file, $profile = -1) + function __construct($file, Profile $scoped=null) { - if (is_int($profile) && $profile == -1) { - $profile = Profile::current(); - } parent::__construct(new CachingNoticeStream(new RawFileNoticeStream($file), 'file:notice-ids:'.$file->id), - $profile); + $scoped); } } diff --git a/lib/groupnoticestream.php b/lib/groupnoticestream.php index 723f064cb3..2d6e7b37cb 100644 --- a/lib/groupnoticestream.php +++ b/lib/groupnoticestream.php @@ -28,11 +28,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - // This check helps protect against security problems; - // your code file can't be executed directly from the web. - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * Stream of notices for a group @@ -47,19 +43,14 @@ if (!defined('STATUSNET')) { class GroupNoticeStream extends ScopingNoticeStream { var $group; - var $userProfile; - function __construct($group, $profile = -1) + function __construct($group, Profile $scoped=null) { - if (is_int($profile) && $profile == -1) { - $profile = Profile::current(); - } $this->group = $group; - $this->userProfile = $profile; parent::__construct(new CachingNoticeStream(new RawGroupNoticeStream($group), 'user_group:notice_ids:' . $group->id), - $profile); + $scoped); } function getNoticeIds($offset, $limit, $since_id, $max_id) @@ -83,7 +74,7 @@ class GroupNoticeStream extends ScopingNoticeStream function impossibleStream() { if ($this->group->force_scope && - (empty($this->userProfile) || !$this->userProfile->isMember($this->group))) { + (!$this->scoped instanceof Profile || $this->scoped->isMember($this->group))) { return true; } diff --git a/lib/inboxnoticestream.php b/lib/inboxnoticestream.php index ccf0f460c9..2b19461c57 100644 --- a/lib/inboxnoticestream.php +++ b/lib/inboxnoticestream.php @@ -54,9 +54,6 @@ class InboxNoticeStream extends ScopingNoticeStream */ function __construct(Profile $target, Profile $scoped=null) { - if ($scoped === null) { - $scoped = Profile::current(); - } // FIXME: we don't use CachingNoticeStream - but maybe we should? parent::__construct(new CachingNoticeStream(new RawInboxNoticeStream($target), 'profileall'), $scoped); } diff --git a/lib/inboxtagcloudsection.php b/lib/inboxtagcloudsection.php index d19f76366d..4268ee4854 100644 --- a/lib/inboxtagcloudsection.php +++ b/lib/inboxtagcloudsection.php @@ -27,9 +27,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * Personal tag cloud section @@ -60,9 +58,9 @@ class InboxTagCloudSection extends TagCloudSection function getTags() { - $profile = Profile::current(); - - $stream = new InboxNoticeStream($this->target, $profile); + // FIXME: Get the Profile::current() value some other way + // to avoid confusion between background stuff and session. + $stream = new InboxNoticeStream($this->target, Profile::current()); $ids = $stream->getNoticeIds(0, self::MAX_NOTICES, null, null); diff --git a/lib/peopletagnoticestream.php b/lib/peopletagnoticestream.php index 4422261ae9..cc453bf1f8 100644 --- a/lib/peopletagnoticestream.php +++ b/lib/peopletagnoticestream.php @@ -28,11 +28,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - // This check helps protect against security problems; - // your code file can't be executed directly from the web. - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * Stream of notices for a list @@ -47,14 +43,11 @@ if (!defined('STATUSNET')) { */ class PeopletagNoticeStream extends ScopingNoticeStream { - function __construct($plist, $profile = -1) + function __construct($plist, Profile $scoped=null) { - if (is_int($profile) && $profile == -1) { - $profile = Profile::current(); - } parent::__construct(new CachingNoticeStream(new RawPeopletagNoticeStream($plist), 'profile_list:notice_ids:' . $plist->id), - $profile); + $scoped); } } diff --git a/lib/profilenoticestream.php b/lib/profilenoticestream.php index 7ff4163fcb..bfe49efea5 100644 --- a/lib/profilenoticestream.php +++ b/lib/profilenoticestream.php @@ -43,19 +43,14 @@ if (!defined('GNUSOCIAL')) { exit(1); } class ProfileNoticeStream extends ScopingNoticeStream { - var $streamProfile; - var $userProfile; + protected $target; - function __construct($profile, $userProfile = -1) + function __construct(Profile $target, Profile $scoped=null) { - if (is_int($userProfile) && $userProfile == -1) { - $userProfile = Profile::current(); - } - $this->streamProfile = $profile; - $this->userProfile = $userProfile; - parent::__construct(new CachingNoticeStream(new RawProfileNoticeStream($profile), - 'profile:notice_ids:' . $profile->id), - $userProfile); + $this->target = $target; + parent::__construct(new CachingNoticeStream(new RawProfileNoticeStream($target), + 'profile:notice_ids:' . $target->getID()), + $scoped); } function getNoticeIds($offset, $limit, $since_id=null, $max_id=null) @@ -70,7 +65,7 @@ class ProfileNoticeStream extends ScopingNoticeStream function getNotices($offset, $limit, $since_id=null, $max_id=null) { if ($this->impossibleStream()) { - throw new PrivateStreamException($this->streamProfile, $this->userProfile); + throw new PrivateStreamException($this->target, $this->scoped); } else { return parent::getNotices($offset, $limit, $since_id, $max_id); } @@ -78,7 +73,7 @@ class ProfileNoticeStream extends ScopingNoticeStream function impossibleStream() { - if (!$this->streamProfile->readableBy($this->userProfile)) { + if (!$this->target->readableBy($this->scoped)) { // cannot read because it's a private stream and either noone's logged in or they are not subscribers return true; } @@ -86,8 +81,13 @@ class ProfileNoticeStream extends ScopingNoticeStream // If it's a spammy stream, and no user or not a moderator if (common_config('notice', 'hidespam')) { - if ($this->streamProfile->hasRole(Profile_role::SILENCED) && - (empty($this->userProfile) || (($this->userProfile->id !== $this->streamProfile->id) && !$this->userProfile->hasRight(Right::REVIEWSPAM)))) { + // if this is a silenced user + if ($this->target->hasRole(Profile_role::SILENCED) + // and we are either not logged in + && (!$this->scoped instanceof Profile + // or if we are, we are not logged in as the target, and we don't have right to review spam + || (!$this->scoped->sameAs($this->target) && !$this->scoped->hasRight(Right::REVIEWSPAM)) + )) { return true; } } @@ -109,20 +109,20 @@ class ProfileNoticeStream extends ScopingNoticeStream class RawProfileNoticeStream extends NoticeStream { - protected $profile; + protected $target; protected $selectVerbs = array(); // select all verbs - function __construct($profile) + function __construct(Profile $target) { parent::__construct(); - $this->profile = $profile; + $this->target = $target; } function getNoticeIds($offset, $limit, $since_id, $max_id) { $notice = new Notice(); - $notice->profile_id = $this->profile->id; + $notice->profile_id = $this->target->getID(); $notice->selectAdd(); $notice->selectAdd('id'); diff --git a/lib/publicnoticestream.php b/lib/publicnoticestream.php index 4a16cbd235..1dd59059fd 100644 --- a/lib/publicnoticestream.php +++ b/lib/publicnoticestream.php @@ -43,11 +43,11 @@ if (!defined('GNUSOCIAL')) { exit(1); } class PublicNoticeStream extends ScopingNoticeStream { - function __construct($profile=null) + function __construct(Profile $scoped=null) { parent::__construct(new CachingNoticeStream(new RawPublicNoticeStream(), 'public'), - $profile); + $scoped); } } diff --git a/lib/replynoticestream.php b/lib/replynoticestream.php index 9eb188d54d..d6b2882193 100644 --- a/lib/replynoticestream.php +++ b/lib/replynoticestream.php @@ -43,14 +43,11 @@ if (!defined('GNUSOCIAL')) { exit(1); } class ReplyNoticeStream extends ScopingNoticeStream { - function __construct($userId, $profile=-1) + function __construct($userId, Profile $scoped=null) { - if (is_int($profile) && $profile == -1) { - $profile = Profile::current(); - } parent::__construct(new CachingNoticeStream(new RawReplyNoticeStream($userId), 'reply:stream:' . $userId), - $profile); + $scoped); } } diff --git a/lib/scopingnoticestream.php b/lib/scopingnoticestream.php index c1651d5a30..84af75948d 100644 --- a/lib/scopingnoticestream.php +++ b/lib/scopingnoticestream.php @@ -28,11 +28,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - // This check helps protect against security problems; - // your code file can't be executed directly from the web. - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * Class comment @@ -49,16 +45,12 @@ class ScopingNoticeStream extends FilteringNoticeStream { protected $profile; - function __construct($upstream, $profile = -1) + function __construct(NoticeStream $upstream, Profile $scoped=null) { parent::__construct($upstream); - // Invalid but not null - if (is_int($profile) && $profile == -1) { - $profile = Profile::current(); - } - - $this->profile = $profile; + $this->profile = $scoped; // legacy + $this->scoped = $scoped; } /** @@ -71,7 +63,7 @@ class ScopingNoticeStream extends FilteringNoticeStream function filter($notice) { - return $notice->inScope($this->profile); + return $notice->inScope($this->scoped); } function prefill($notices) diff --git a/lib/searchnoticestream.php b/lib/searchnoticestream.php index 6593a4c860..9c31a709c6 100644 --- a/lib/searchnoticestream.php +++ b/lib/searchnoticestream.php @@ -28,11 +28,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - // This check helps protect against security problems; - // your code file can't be executed directly from the web. - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * Stream of notice search results @@ -47,13 +43,9 @@ if (!defined('STATUSNET')) { class SearchNoticeStream extends ScopingNoticeStream { - function __construct($q, $profile = -1) + function __construct($q, Profile $scoped=null) { - if (is_int($profile) && $profile == -1) { - $profile = Profile::current(); - } - - parent::__construct(new RawSearchNoticeStream($q), $profile); + parent::__construct(new RawSearchNoticeStream($q), $scoped); } } @@ -89,4 +81,4 @@ class RawSearchNoticeStream extends NoticeStream return $ids; } -} \ No newline at end of file +} diff --git a/lib/taggedprofilenoticestream.php b/lib/taggedprofilenoticestream.php index eec20cd8c6..f6fb476ff1 100644 --- a/lib/taggedprofilenoticestream.php +++ b/lib/taggedprofilenoticestream.php @@ -28,11 +28,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - // This check helps protect against security problems; - // your code file can't be executed directly from the web. - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * Stream of notices with a given profile and tag @@ -47,14 +43,11 @@ if (!defined('STATUSNET')) { class TaggedProfileNoticeStream extends ScopingNoticeStream { - function __construct($profile, $tag, $userProfile=-1) + function __construct($profile, $tag, Profile $scoped=null) { - if (is_int($userProfile) && $userProfile == -1) { - $userProfile = Profile::current(); - } parent::__construct(new CachingNoticeStream(new RawTaggedProfileNoticeStream($profile, $tag), 'profile:notice_ids_tagged:'.$profile->id.':'.Cache::keyize($tag)), - $userProfile); + $scoped); } } diff --git a/lib/tagnoticestream.php b/lib/tagnoticestream.php index 28f5d0e824..5a99a1aa68 100644 --- a/lib/tagnoticestream.php +++ b/lib/tagnoticestream.php @@ -43,13 +43,11 @@ if (!defined('GNUSOCIAL')) { exit(1); } class TagNoticeStream extends ScopingNoticeStream { - function __construct($tag, $profile = -1) + function __construct($tag, Profile $scoped=null) { - if (is_int($profile) && $profile == -1) { - $profile = Profile::current(); - } parent::__construct(new CachingNoticeStream(new RawTagNoticeStream($tag), - 'notice_tag:notice_ids:' . Cache::keyize($tag))); + 'notice_tag:notice_ids:' . Cache::keyize($tag)), + $scoped); } } diff --git a/lib/threadinggroupnoticestream.php b/lib/threadinggroupnoticestream.php index b026ee4714..bc42a6247a 100644 --- a/lib/threadinggroupnoticestream.php +++ b/lib/threadinggroupnoticestream.php @@ -4,8 +4,8 @@ if (!defined('GNUSOCIAL')) { exit(1); } class ThreadingGroupNoticeStream extends ThreadingNoticeStream { - function __construct($group, $profile) + function __construct($group, Profile $scoped=null) { - parent::__construct(new GroupNoticeStream($group, $profile)); + parent::__construct(new GroupNoticeStream($group, $scoped)); } } diff --git a/plugins/ActivitySpam/actions/spam.php b/plugins/ActivitySpam/actions/spam.php index a66b73a829..00a1e0b8a1 100644 --- a/plugins/ActivitySpam/actions/spam.php +++ b/plugins/ActivitySpam/actions/spam.php @@ -74,19 +74,17 @@ class SpamAction extends Action // User must be logged in. - $user = common_current_user(); - - if (empty($user)) { + if (!$this->scoped instanceof Profile) { throw new ClientException(_("You must be logged in to review."), 403); } // User must have the right to review spam - if (!$user->hasRight(ActivitySpamPlugin::REVIEWSPAM)) { + if (!$this->scoped->hasRight(ActivitySpamPlugin::REVIEWSPAM)) { throw new ClientException(_('You cannot review spam on this site.'), 403); } - $stream = new SpamNoticeStream($user->getProfile()); + $stream = new SpamNoticeStream($this->scoped); $this->notices = $stream->getNotices(($this->page-1)*NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1); diff --git a/plugins/ActivitySpam/lib/spamnoticestream.php b/plugins/ActivitySpam/lib/spamnoticestream.php index ffb8d08025..d19814509c 100644 --- a/plugins/ActivitySpam/lib/spamnoticestream.php +++ b/plugins/ActivitySpam/lib/spamnoticestream.php @@ -28,11 +28,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - // This check helps protect against security problems; - // your code file can't be executed directly from the web. - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * Spam notice stream @@ -47,13 +43,10 @@ if (!defined('STATUSNET')) { class SpamNoticeStream extends ScopingNoticeStream { - function __construct($tag, $profile = -1) + function __construct(Profile $scoped=null) { - if (is_int($profile) && $profile == -1) { - $profile = Profile::current(); - } - parent::__construct(new CachingNoticeStream(new RawSpamNoticeStream(), - 'spam_score:notice_ids')); + parent::__construct(new CachingNoticeStream(new RawSpamNoticeStream(), 'spam_score:notice_ids'), + $scoped); } } diff --git a/plugins/Bookmark/lib/bookmarksnoticestream.php b/plugins/Bookmark/lib/bookmarksnoticestream.php index a3ac0359d7..f5d384c2e5 100644 --- a/plugins/Bookmark/lib/bookmarksnoticestream.php +++ b/plugins/Bookmark/lib/bookmarksnoticestream.php @@ -1,5 +1,7 @@ getProfile(); - - if (empty($profile)) { + try { + $profile = $user->getProfile(); + } catch (UserNoProfileException $e) { common_log(LOG_WARNING, sprintf('Not sending email summary for user %s; no profile.', $user_id)); return true; } // An InboxNoticeStream for a certain user, scoped to its own view - $stream = new InboxNoticeStream($profile); + $stream = new InboxNoticeStream($profile, $profile); $notice = $stream->getNotices(0, self::MAX_NOTICES, $since_id); diff --git a/plugins/Event/lib/eventsnoticestream.php b/plugins/Event/lib/eventsnoticestream.php index c0d91060be..3dd1a81bd1 100644 --- a/plugins/Event/lib/eventsnoticestream.php +++ b/plugins/Event/lib/eventsnoticestream.php @@ -1,5 +1,7 @@ scoped); $notice = $stream->getNotices(($this->page-1)*NOTICES_PER_PAGE, NOTICES_PER_PAGE+1); $nl = new NoticeList($notice, $this); diff --git a/plugins/Favorite/actions/showfavorites.php b/plugins/Favorite/actions/showfavorites.php index cba29063c2..ea1169957c 100644 --- a/plugins/Favorite/actions/showfavorites.php +++ b/plugins/Favorite/actions/showfavorites.php @@ -57,8 +57,7 @@ class ShowfavoritesAction extends ShowstreamAction public function getStream() { - $own = $this->scoped instanceof Profile ? $this->scoped->sameAs($this->getTarget()) : false; - return new FaveNoticeStream($this->getTarget()->getID(), $own); + return new FaveNoticeStream($this->getTarget(), $this->scoped); } function getFeeds() diff --git a/plugins/Favorite/classes/Fave.php b/plugins/Favorite/classes/Fave.php index 826d34a36c..864a0fc37b 100644 --- a/plugins/Favorite/classes/Fave.php +++ b/plugins/Favorite/classes/Fave.php @@ -152,16 +152,22 @@ class Fave extends Managed_DataObject return $result; } + // FIXME: Instead of $own, send the scoped Profile so we can pass it along directly to FaveNoticeStream + // and preferrably we should get a Profile instead of $user_id static function stream($user_id, $offset=0, $limit=NOTICES_PER_PAGE, $own=false, $since_id=0, $max_id=0) { - $stream = new FaveNoticeStream($user_id, $own); + $target = Profile::getByID($user_id); + $stream = new FaveNoticeStream($target, ($own ? $target : null)); return $stream->getNotices($offset, $limit, $since_id, $max_id); } + // FIXME: Instead of $own, send the scoped Profile so we can pass it along directly to FaveNoticeStream + // and preferrably we should get a Profile instead of $user_id function idStream($user_id, $offset=0, $limit=NOTICES_PER_PAGE, $own=false, $since_id=0, $max_id=0) { - $stream = new FaveNoticeStream($user_id, $own); + $target = Profile::getByID($user_id); + $stream = new FaveNoticeStream($target, ($own ? $target : null)); return $stream->getNoticeIds($offset, $limit, $since_id, $max_id); } diff --git a/plugins/Favorite/lib/favenoticestream.php b/plugins/Favorite/lib/favenoticestream.php index d10272ac91..10a3ec83bd 100644 --- a/plugins/Favorite/lib/favenoticestream.php +++ b/plugins/Favorite/lib/favenoticestream.php @@ -42,19 +42,15 @@ if (!defined('GNUSOCIAL')) { exit(1); } */ class FaveNoticeStream extends ScopingNoticeStream { - function __construct($user_id, $own, $profile = -1) + function __construct(Profile $target, Profile $scoped=null) { - $stream = new RawFaveNoticeStream($user_id, $own); - if ($own) { + $stream = new RawFaveNoticeStream($target, $scoped); + if ($target->sameAs($scoped)) { $key = 'fave:ids_by_user_own:'.$user_id; } else { $key = 'fave:ids_by_user:'.$user_id; } - if (is_int($profile) && $profile == -1) { - $profile = Profile::current(); - } - parent::__construct(new CachingNoticeStream($stream, $key), - $profile); + parent::__construct(new CachingNoticeStream($stream, $key), $scoped); } } @@ -75,12 +71,12 @@ class RawFaveNoticeStream extends NoticeStream protected $selectVerbs = array(); - function __construct($user_id, $own) + function __construct(Profile $target, Profile $scoped=null) { parent::__construct(); - $this->user_id = $user_id; - $this->own = $own; + $this->user_id = $target->getID(); + $this->own = $target->sameAs($scoped); } /** diff --git a/plugins/Favorite/lib/popularnoticestream.php b/plugins/Favorite/lib/popularnoticestream.php index eeba541238..6ef564d32f 100644 --- a/plugins/Favorite/lib/popularnoticestream.php +++ b/plugins/Favorite/lib/popularnoticestream.php @@ -28,11 +28,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - // This check helps protect against security problems; - // your code file can't be executed directly from the web. - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * Stream of notices sorted by popularity @@ -47,12 +43,12 @@ if (!defined('STATUSNET')) { class PopularNoticeStream extends ScopingNoticeStream { - function __construct($profile=null) + function __construct(Profile $scoped=null) { parent::__construct(new CachingNoticeStream(new RawPopularNoticeStream(), 'popular', false), - $profile); + $scoped); } } diff --git a/plugins/Mapstraction/actions/allmap.php b/plugins/Mapstraction/actions/allmap.php index 21bdf62eaa..77e722e3ef 100644 --- a/plugins/Mapstraction/actions/allmap.php +++ b/plugins/Mapstraction/actions/allmap.php @@ -27,9 +27,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * Show a map of user's notices diff --git a/plugins/Share/lib/repeatedbymenoticestream.php b/plugins/Share/lib/repeatedbymenoticestream.php index 4e3e34162b..ecbbefb1cc 100644 --- a/plugins/Share/lib/repeatedbymenoticestream.php +++ b/plugins/Share/lib/repeatedbymenoticestream.php @@ -28,11 +28,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - // This check helps protect against security problems; - // your code file can't be executed directly from the web. - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * Stream of notices repeated by me @@ -47,14 +43,11 @@ if (!defined('STATUSNET')) { class RepeatedByMeNoticeStream extends ScopingNoticeStream { - function __construct($user, $profile = -1) + function __construct(Profile $target, Profile $scoped=null) { - if (is_int($profile) && $profile == -1) { - $profile = Profile::current(); - } - parent::__construct(new CachingNoticeStream(new RawRepeatedByMeNoticeStream($user), - 'user:repeated_by_me:'.$user->id), - $profile); + parent::__construct(new CachingNoticeStream(new RawRepeatedByMeNoticeStream($target), + 'user:repeated_by_me:'.$target->getID()), + $scoped); } } @@ -71,11 +64,11 @@ class RepeatedByMeNoticeStream extends ScopingNoticeStream class RawRepeatedByMeNoticeStream extends NoticeStream { - protected $user; + protected $target; - function __construct($user) + function __construct(Profile $target) { - $this->user = $user; + $this->target = $target; } function getNoticeIds($offset, $limit, $since_id, $max_id) @@ -85,7 +78,7 @@ class RawRepeatedByMeNoticeStream extends NoticeStream $notice->selectAdd(); // clears it $notice->selectAdd('id'); - $notice->profile_id = $this->user->id; + $notice->profile_id = $this->target->getID(); $notice->whereAdd('repeat_of IS NOT NULL'); $notice->orderBy('created DESC, id DESC'); @@ -110,4 +103,4 @@ class RawRepeatedByMeNoticeStream extends NoticeStream return $ids; } -} \ No newline at end of file +} diff --git a/plugins/Share/lib/repeatsofmenoticestream.php b/plugins/Share/lib/repeatsofmenoticestream.php index ec80d84314..672e3dd973 100644 --- a/plugins/Share/lib/repeatsofmenoticestream.php +++ b/plugins/Share/lib/repeatsofmenoticestream.php @@ -28,11 +28,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - // This check helps protect against security problems; - // your code file can't be executed directly from the web. - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * Stream of notices that are repeats of mine @@ -47,14 +43,11 @@ if (!defined('STATUSNET')) { class RepeatsOfMeNoticeStream extends ScopingNoticeStream { - function __construct($user, $profile=-1) + function __construct(Profile $target, Profile $scoped=null) { - if (is_int($profile) && $profile == -1) { - $profile = Profile::current(); - } - parent::__construct(new CachingNoticeStream(new RawRepeatsOfMeNoticeStream($user), - 'user:repeats_of_me:'.$user->id), - $profile); + parent::__construct(new CachingNoticeStream(new RawRepeatsOfMeNoticeStream($target), + 'user:repeats_of_me:'.$target->getID()), + $scoped); } } @@ -70,11 +63,11 @@ class RepeatsOfMeNoticeStream extends ScopingNoticeStream */ class RawRepeatsOfMeNoticeStream extends NoticeStream { - protected $user; + protected $target; - function __construct($user) + function __construct(Profile $target) { - $this->user = $user; + $this->target = $target; } function getNoticeIds($offset, $limit, $since_id, $max_id) @@ -82,7 +75,7 @@ class RawRepeatsOfMeNoticeStream extends NoticeStream $qry = 'SELECT DISTINCT original.id AS id ' . 'FROM notice original JOIN notice rept ON original.id = rept.repeat_of ' . - 'WHERE original.profile_id = ' . $this->user->id . ' '; + 'WHERE original.profile_id = ' . $this->target->getID() . ' '; $since = Notice::whereSinceId($since_id, 'original.id', 'original.created'); if ($since) { From a112e7f9a4dde566668a409a74faf723e66e5210 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 1 Mar 2016 15:00:52 +0100 Subject: [PATCH 049/415] Use another method of detecting unspecified defaultImage size --- classes/Avatar.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/classes/Avatar.php b/classes/Avatar.php index 62885f402b..516abafe25 100644 --- a/classes/Avatar.php +++ b/classes/Avatar.php @@ -207,8 +207,11 @@ class Avatar extends Managed_DataObject } } - static function defaultImage($size=AVATAR_PROFILE_SIZE) + static function defaultImage($size=null) { + if (is_null($size)) { + $size = AVATAR_PROFILE_SIZE; + } static $sizenames = array(AVATAR_PROFILE_SIZE => 'profile', AVATAR_STREAM_SIZE => 'stream', AVATAR_MINI_SIZE => 'mini'); From e41809af890694082305779891f02334d58e686a Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 1 Mar 2016 16:30:00 +0100 Subject: [PATCH 050/415] Nothing interesting was made in this commit. --- classes/Attention.php | 3 ++- classes/Notice.php | 2 -- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/classes/Attention.php b/classes/Attention.php index 5299a095ae..d048187db2 100644 --- a/classes/Attention.php +++ b/classes/Attention.php @@ -53,7 +53,7 @@ class Attention extends Managed_DataObject { try { $att = Attention::getByKeys(['notice_id'=>$notice->getID(), 'profile_id'=>$target->getID()]); - throw new AlreadyFulfilledException('Attention already exists with reason: '.var_export($att->reason,true)); + throw new AlreadyFulfilledException('Attention already exists with reason: '._ve($att->reason)); } catch (NoResultException $e) { $att = new Attention(); @@ -67,6 +67,7 @@ class Attention extends Managed_DataObject throw new Exception('Failed Attention::saveNew for notice id=='.$notice->getID().' target id=='.$target->getID().', reason=="'.$reason.'"'); } } + self::blow('attention:stream:%d', $target->getID()); return $att; } } diff --git a/classes/Notice.php b/classes/Notice.php index 6f406472c7..9bf2204747 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -1647,8 +1647,6 @@ class Notice extends Managed_DataObject } $att = Attention::saveNew($this, $target, $reason); - - self::blow('reply:stream:%d', $target->getID()); return true; } From e3431a2c91d3d4e9d9263b43cbfbdc15fb84f54d Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 1 Mar 2016 18:20:50 +0100 Subject: [PATCH 051/415] Iterate through input=file attachments (not multi yet) --- js/util.js | 39 ++++++++++++++++++++++----------------- 1 file changed, 22 insertions(+), 17 deletions(-) diff --git a/js/util.js b/js/util.js index 15bff959ee..b645e8b029 100644 --- a/js/util.js +++ b/js/util.js @@ -848,27 +848,29 @@ var SN = { // StatusNet NDA.change(function (event) { form.find('.attach-status').remove(); - var filename = $(this).val(); - if (!filename) { - // No file -- we've been tricked! - return false; - } - - var attachStatus = $('
'); - attachStatus.find('code').text(filename); - attachStatus.find('button').click(function () { - attachStatus.remove(); - NDA.val(''); - - return false; - }); - form.append(attachStatus); - if (typeof this.files === "object") { + var attachStatus = $('
    '); + form.append(attachStatus); // Some newer browsers will let us fetch the files for preview. for (i = 0; i < this.files.length; i++) { SN.U.PreviewAttach(form, this.files[i]); } + } else { + var filename = $(this).val(); + if (!filename) { + // No file -- we've been tricked! + return false; + } + + var attachStatus = $('
    '); + attachStatus.find('code').text(filename); + attachStatus.find('button').click(function () { + attachStatus.remove(); + NDA.val(''); + + return false; + }); + form.append(attachStatus); } }); }, @@ -964,12 +966,15 @@ var SN = { // StatusNet if (preview) { blobAsDataURL(file, function (url) { + var fileentry = $('
  • '); + fileentry.append($('' + file.name + '')); var img = $('') .attr('title', tooltip) .attr('alt', tooltip) .attr('src', url) .attr('style', 'height: 120px'); - form.find('.attach-status').append(img); + fileentry.append(img); + form.find('.attach-status').append(fileentry); }); } else { var img = $('
    ').text(tooltip); From 47f408ca7ce84bca62387b0fa099ec5813d5d5f4 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 1 Mar 2016 23:36:47 +0100 Subject: [PATCH 052/415] Strict typing for mail_notify_attn --- classes/Notice.php | 2 +- lib/mail.php | 30 ++++++++++++++++-------------- 2 files changed, 17 insertions(+), 15 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index 9bf2204747..fcc544e2ea 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -1834,7 +1834,7 @@ class Notice extends Managed_DataObject foreach ($recipientIds as $recipientId) { try { $user = User::getByID($recipientId); - mail_notify_attn($user, $this); + mail_notify_attn($user->getProfile(), $this); } catch (NoResultException $e) { // No such user } diff --git a/lib/mail.php b/lib/mail.php index da22eb6715..383e2670cf 100644 --- a/lib/mail.php +++ b/lib/mail.php @@ -668,20 +668,19 @@ function mail_notify_message($message, $from=null, $to=null) /** * Notify a user that they have received an "attn:" message AKA "@-reply" * - * @param User $user The user who recevied the notice + * @param Profile $rcpt The Profile who recevied the notice, should be a local user * @param Notice $notice The notice that was sent * * @return void */ -function mail_notify_attn($user, $notice) +function mail_notify_attn(Profile $rcpt, Notice $notice) { - if (!$user->receivesEmailNotifications()) { + if (!$rcpt->isLocal()) { return; } $sender = $notice->getProfile(); - - if ($sender->id == $user->id) { + if ($rcpt->sameAs($sender)) { return; } @@ -691,17 +690,20 @@ function mail_notify_attn($user, $notice) } // If the author has blocked the author, don't spam them with a notification. - if ($user->hasBlocked($sender)) { + if ($rcpt->hasBlocked($sender)) { return; } - $bestname = $sender->getBestName(); + $user = $rcpt->getUser(); + if (!$user->receivesEmailNotifications()) { + return; + } common_switch_locale($user->language); if ($notice->hasConversation()) { $conversationUrl = common_local_url('conversation', - array('id' => $notice->conversation)).'#notice-'.$notice->id; + array('id' => $notice->conversation)).'#notice-'.$notice->getID(); // TRANS: Line in @-reply notification e-mail. %s is conversation URL. $conversationEmailText = sprintf(_("The full conversation can be read here:\n\n". "\t%s"), $conversationUrl) . "\n\n"; @@ -711,7 +713,7 @@ function mail_notify_attn($user, $notice) // TRANS: E-mail subject for notice notification. // TRANS: %1$s is the sending user's long name, %2$s is the adding user's nickname. - $subject = sprintf(_('%1$s (@%2$s) sent a notice to your attention'), $bestname, $sender->nickname); + $subject = sprintf(_('%1$s (@%2$s) sent a notice to your attention'), $sender->getBestName(), $sender->getNickname()); // TRANS: Body of @-reply notification e-mail. // TRANS: %1$s is the sending user's name, $2$s is the StatusNet sitename, @@ -731,15 +733,15 @@ function mail_notify_attn($user, $notice) $sender->getFancyName(),//%1 common_config('site', 'name'),//%2 common_local_url('shownotice', - array('notice' => $notice->id)),//%3 - $notice->content,//%4 + array('notice' => $notice->getID())),//%3 + $notice->getContent(),//%4 $conversationEmailText,//%5 common_local_url('newnotice', - array('replyto' => $sender->nickname, 'inreplyto' => $notice->id)),//%6 + array('replyto' => $sender->getNickname(), 'inreplyto' => $notice->getID())),//%6 common_local_url('replies', - array('nickname' => $user->nickname))) . //%7 + array('nickname' => $rcpt->getNickname()))) . //%7 mail_footer_block(); - $headers = _mail_prepare_headers('mention', $user->nickname, $sender->nickname); + $headers = _mail_prepare_headers('mention', $rcpt->getNickname(), $sender->getNickname()); common_switch_locale(); mail_to_user($user, $subject, $body, $headers); From ddd60e7142dc0175d3cbaba5fa54430857d64e00 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 1 Mar 2016 23:37:38 +0100 Subject: [PATCH 053/415] Make Profile->getFancyName() return including the acct URI --- classes/Profile.php | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/classes/Profile.php b/classes/Profile.php index 36e91c3ad0..4fa20d7cd4 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -225,11 +225,11 @@ class Profile extends Managed_DataObject */ function getFancyName() { - if ($this->fullname) { - // TRANS: Full name of a profile or group (%1$s) followed by nickname (%2$s) in parentheses. - return sprintf(_m('FANCYNAME','%1$s (%2$s)'), $this->fullname, $this->nickname); + if ($this->getFullname()) { + // TRANS: Full name of a profile or group (%1$s) followed by acct URI (%2$s) in parentheses without acct:. + return sprintf(_m('FANCYNAME','%1$s (%2$s)'), $this->getFullname(), $this->getAcctUri()); } else { - return $this->nickname; + return $this->getAcctUri(false); } } @@ -1575,7 +1575,7 @@ class Profile extends Managed_DataObject * * @return string $uri */ - public function getAcctUri() + public function getAcctUri($scheme=true) { $acct = null; @@ -1586,11 +1586,15 @@ class Profile extends Managed_DataObject if ($acct === null) { throw new ProfileNoAcctUriException($this); } + if (parse_url($acct, PHP_URL_SCHEME) !== 'acct') { + throw new ServerException('Acct URI does not have acct: scheme'); + } - return $acct; + // if we don't return the scheme, just remove the 'acct:' in the beginning + return $scheme ? $acct : mb_substr($acct, 5); } - function hasBlocked($other) + function hasBlocked(Profile $other) { $block = Profile_block::exists($this, $other); return !empty($block); From 4abb3f19bfa76a9434d1e44e7b4ebbd6e5e65192 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 1 Mar 2016 23:48:32 +0100 Subject: [PATCH 054/415] Make Profile->getFancyUrl() somewhat better on fallback It tries to get a referential identifier apart from the fullname trying with acct: URI, profile URL and lastly URI. --- classes/Profile.php | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/classes/Profile.php b/classes/Profile.php index 4fa20d7cd4..2bcd1858fe 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -218,18 +218,30 @@ class Profile extends Managed_DataObject } /** - * Gets the full name (if filled) with nickname as a parenthetical, or the nickname alone - * if no fullname is provided. + * Gets the full name (if filled) with acct URI, URL, or URI as a + * parenthetical (in that order, for each not found). If no full + * name is found only the second part is returned, without ()s. * * @return string */ function getFancyName() { - if ($this->getFullname()) { - // TRANS: Full name of a profile or group (%1$s) followed by acct URI (%2$s) in parentheses without acct:. - return sprintf(_m('FANCYNAME','%1$s (%2$s)'), $this->getFullname(), $this->getAcctUri()); + $uri = null; + try { + $uri = $this->getAcctUri(); + } catch (ProfileNoAcctUriException $e) { + try { + $uri = $this->getUrl(); + } catch (InvalidUrlException $e) { + $uri = $this->getUri(); + } + } + + if (mb_strlen($this->getFullname()) > 0) { + // TRANS: Full name of a profile or group (%1$s) followed by some URI (%2$s) in parentheses. + return sprintf(_m('FANCYNAME','%1$s (%2$s)'), $this->getFullname(), $uri); } else { - return $this->getAcctUri(false); + return $uri; } } From 99fbb181c1ab318d690f13dad81f6bc8190a89c7 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 1 Mar 2016 23:53:36 +0100 Subject: [PATCH 055/415] Translation changes, use FancyName in email subject --- classes/Profile.php | 2 +- lib/mail.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/classes/Profile.php b/classes/Profile.php index 2bcd1858fe..0e655faa63 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -238,7 +238,7 @@ class Profile extends Managed_DataObject } if (mb_strlen($this->getFullname()) > 0) { - // TRANS: Full name of a profile or group (%1$s) followed by some URI (%2$s) in parentheses. + // TRANS: The "fancy name": Full name of a profile or group (%1$s) followed by some URI (%2$s) in parentheses. return sprintf(_m('FANCYNAME','%1$s (%2$s)'), $this->getFullname(), $uri); } else { return $uri; diff --git a/lib/mail.php b/lib/mail.php index 383e2670cf..42a756ac5d 100644 --- a/lib/mail.php +++ b/lib/mail.php @@ -712,8 +712,8 @@ function mail_notify_attn(Profile $rcpt, Notice $notice) } // TRANS: E-mail subject for notice notification. - // TRANS: %1$s is the sending user's long name, %2$s is the adding user's nickname. - $subject = sprintf(_('%1$s (@%2$s) sent a notice to your attention'), $sender->getBestName(), $sender->getNickname()); + // TRANS: %1$s is the "fancy name" for a profile. + $subject = sprintf(_('%1$s sent a notice to your attention'), $sender->getFancyName()); // TRANS: Body of @-reply notification e-mail. // TRANS: %1$s is the sending user's name, $2$s is the StatusNet sitename, From 7ec69e42152debe05c2e8e7bc3f7fac862477c36 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 2 Mar 2016 00:04:31 +0100 Subject: [PATCH 056/415] User->hasBlocked typing --- classes/User.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/classes/User.php b/classes/User.php index 12cc170f86..909cadb6eb 100644 --- a/classes/User.php +++ b/classes/User.php @@ -190,7 +190,7 @@ class User extends Managed_DataObject return Sms_carrier::getKV('id', $this->carrier); } - function hasBlocked($other) + function hasBlocked(Profile $other) { return $this->getProfile()->hasBlocked($other); } From 9a899902931b158eea9a23427623a809100d2016 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 2 Mar 2016 00:13:28 +0100 Subject: [PATCH 057/415] Some changes since getFancyName() is longer with full acct: URI --- plugins/ActivityModeration/classes/Deleted_notice.php | 4 +++- plugins/OStatus/OStatusPlugin.php | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/plugins/ActivityModeration/classes/Deleted_notice.php b/plugins/ActivityModeration/classes/Deleted_notice.php index 4ffc0c895f..05414caab2 100644 --- a/plugins/ActivityModeration/classes/Deleted_notice.php +++ b/plugins/ActivityModeration/classes/Deleted_notice.php @@ -151,9 +151,11 @@ class Deleted_notice extends Managed_DataObject $actobj->title = ActivityUtils::verbToTitle($actobj->verb); $actor = $this->getActor(); + // TRANS: Notice HTML content of a deleted notice. %1$s is the + // TRANS: actor's URL, %2$s its "fancy name" and %3$s the notice URI. $actobj->content = sprintf(_m('%2$s deleted notice {{%3$s}}.'), htmlspecialchars($actor->getUrl()), - htmlspecialchars($actor->getBestName()), + htmlspecialchars($actor->getFancyName()), htmlspecialchars($this->getUri()) ); diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index 292af658ed..d702703c81 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -312,7 +312,7 @@ class OStatusPlugin extends Plugin assert($profile instanceof Profile); $text = !empty($profile->nickname) && mb_strlen($profile->nickname) < mb_strlen($target) - ? $profile->getNickname() // TODO: we could do getFancyName() or getFullname() here + ? $profile->getNickname() // TODO: we could do getBestName() or getFullname() here : $target; $url = $profile->getUri(); if (!common_valid_http_url($url)) { From 79d68a52d086d9855bcc7c299f6ce68411c5788e Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 2 Mar 2016 10:49:33 +0100 Subject: [PATCH 058/415] No 'acct:' in FancyName please. --- classes/Profile.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/classes/Profile.php b/classes/Profile.php index 0e655faa63..3ac2effe3c 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -228,7 +228,7 @@ class Profile extends Managed_DataObject { $uri = null; try { - $uri = $this->getAcctUri(); + $uri = $this->getAcctUri(false); } catch (ProfileNoAcctUriException $e) { try { $uri = $this->getUrl(); From b4271a3533bdf12329f27dd75452c1ef2a6ee3d1 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 2 Mar 2016 11:40:43 +0100 Subject: [PATCH 059/415] Stricted typing + protected on FilteringNoticeStream->filter --- lib/filteringnoticestream.php | 4 ++-- lib/scopingnoticestream.php | 2 +- lib/threadingnoticestream.php | 8 ++------ plugins/Event/lib/eventsnoticestream.php | 2 +- 4 files changed, 6 insertions(+), 10 deletions(-) diff --git a/lib/filteringnoticestream.php b/lib/filteringnoticestream.php index b4ec6687bb..979305ad39 100644 --- a/lib/filteringnoticestream.php +++ b/lib/filteringnoticestream.php @@ -49,12 +49,12 @@ abstract class FilteringNoticeStream extends NoticeStream { protected $upstream; - function __construct($upstream) + function __construct(NoticeStream $upstream) { $this->upstream = $upstream; } - abstract function filter($notice); + abstract protected function filter(Notice $notice); function getNoticeIds($offset, $limit, $since_id, $max_id) { diff --git a/lib/scopingnoticestream.php b/lib/scopingnoticestream.php index 84af75948d..854903d33d 100644 --- a/lib/scopingnoticestream.php +++ b/lib/scopingnoticestream.php @@ -61,7 +61,7 @@ class ScopingNoticeStream extends FilteringNoticeStream * @return boolean whether to include the notice */ - function filter($notice) + protected function filter(Notice $notice) { return $notice->inScope($this->scoped); } diff --git a/lib/threadingnoticestream.php b/lib/threadingnoticestream.php index 167a9584a6..de113b2a41 100644 --- a/lib/threadingnoticestream.php +++ b/lib/threadingnoticestream.php @@ -28,11 +28,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - // This check helps protect against security problems; - // your code file can't be executed directly from the web. - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * This notice stream filters notices by whether their conversation @@ -58,7 +54,7 @@ class ThreadingNoticeStream extends FilteringNoticeStream return parent::getNotices($offset, $limit, $sinceId, $maxId); } - function filter($notice) + protected function filter(Notice $notice) { if (!array_key_exists($notice->conversation, $this->seen)) { $this->seen[$notice->conversation] = true; diff --git a/plugins/Event/lib/eventsnoticestream.php b/plugins/Event/lib/eventsnoticestream.php index 3dd1a81bd1..b9e40430e7 100644 --- a/plugins/Event/lib/eventsnoticestream.php +++ b/plugins/Event/lib/eventsnoticestream.php @@ -64,7 +64,7 @@ class EventsNoticeStream extends ScopingNoticeStream parent::__construct(new CachingNoticeStream($stream, $key), $scoped); } - function filter($notice) + protected function filter(Notice $notice) { if (!parent::filter($notice)) { // if not in our scope, return false From a3b21189068eb980ce27c1a45bcb88734ba11cc4 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 2 Mar 2016 11:50:50 +0100 Subject: [PATCH 060/415] Make the public streams ModeratedNoticeStream (hide sandboxed users etc.) Which streams should be put under ModeratedNoticeStream is probably open to debate. But at least the public ones should hide the posts from users that are sandboxed. --- lib/moderatednoticestream.php | 39 +++++++++++++++++++++++++++++++ lib/networkpublicnoticestream.php | 2 +- lib/publicnoticestream.php | 2 +- 3 files changed, 41 insertions(+), 2 deletions(-) create mode 100644 lib/moderatednoticestream.php diff --git a/lib/moderatednoticestream.php b/lib/moderatednoticestream.php new file mode 100644 index 0000000000..3c778d8a2c --- /dev/null +++ b/lib/moderatednoticestream.php @@ -0,0 +1,39 @@ +scoped from ScopingNoticeStream as the Profile + * this stream is meant for. Can be null in case we're not logged in. + * + * @category Stream + * @package GNUsocial + * @author Mikael Nordfeldth + * @copyright 2016 Free Software Foundation, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0 + * @link https://gnu.io/social + */ + +class ModeratedNoticeStream extends ScopingNoticeStream +{ + protected function filter(Notice $notice) + { + if (!parent::filter($notice)) { + return false; + } + + // If the notice author is sandboxed + if ($notice->getProfile()->isSandboxed()) { + // and we're either not logged in OR we aren't some kind of privileged user that can see spam etc. + if (!$this->scoped instanceof Profile || !$this->scoped->hasRight(Right::REVIEWSPAM)) { + return false; + } + } + + return true; + } +} diff --git a/lib/networkpublicnoticestream.php b/lib/networkpublicnoticestream.php index bd4da5d075..c722bd8c14 100644 --- a/lib/networkpublicnoticestream.php +++ b/lib/networkpublicnoticestream.php @@ -2,7 +2,7 @@ if (!defined('GNUSOCIAL')) { exit(1); } -class NetworkPublicNoticeStream extends ScopingNoticeStream +class NetworkPublicNoticeStream extends ModeratedNoticeStream { function __construct(Profile $scoped=null) { diff --git a/lib/publicnoticestream.php b/lib/publicnoticestream.php index 1dd59059fd..2638292714 100644 --- a/lib/publicnoticestream.php +++ b/lib/publicnoticestream.php @@ -41,7 +41,7 @@ if (!defined('GNUSOCIAL')) { exit(1); } * @link http://status.net/ */ -class PublicNoticeStream extends ScopingNoticeStream +class PublicNoticeStream extends ModeratedNoticeStream { function __construct(Profile $scoped=null) { From 9534969c050054cac3a9a19311cbef23d84fda54 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 2 Mar 2016 12:18:16 +0100 Subject: [PATCH 061/415] Don't set is_local=LOCAL_NONPUBLIC on sandboxed user notices Let's decide whether they are nonpublic by testing them when the notice is shown instead. --- classes/Notice.php | 17 +++++++---------- lib/filteringnoticestream.php | 3 +++ lib/moderatednoticestream.php | 7 +++++-- 3 files changed, 15 insertions(+), 12 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index fcc544e2ea..f8bdbcd340 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -508,11 +508,7 @@ class Notice extends Managed_DataObject $notice->profile_id = $profile_id; $autosource = common_config('public', 'autosource'); - - // Sandboxed are non-false, but not 1, either - - if (!$profile->hasRight(Right::PUBLICNOTICE) || - ($source && $autosource && in_array($source, $autosource))) { + if ($source && $autosource && in_array($source, $autosource)) { $notice->is_local = Notice::LOCAL_NONPUBLIC; } else { $notice->is_local = $is_local; @@ -822,12 +818,13 @@ class Notice extends Managed_DataObject } } - $autosource = common_config('public', 'autosource'); + // NOTE: Sandboxed users previously got all the notices _during_ + // sandbox period set to to is_local=Notice::LOCAL_NONPUBLIC here. + // Since then we have started just filtering _when_ it gets shown + // instead of creating a mixed jumble of differently scoped notices. - // Sandboxed are non-false, but not 1, either - if (!$actor->hasRight(Right::PUBLICNOTICE) || - ($source && $autosource && in_array($source, $autosource))) { - // FIXME: ...what about remote nonpublic? Hmmm. That is, if we sandbox remote profiles... + $autosource = common_config('public', 'autosource'); + if ($source && $autosource && in_array($source, $autosource)) { $stored->is_local = Notice::LOCAL_NONPUBLIC; } else { $stored->is_local = intval($is_local); diff --git a/lib/filteringnoticestream.php b/lib/filteringnoticestream.php index 979305ad39..c1edfc6387 100644 --- a/lib/filteringnoticestream.php +++ b/lib/filteringnoticestream.php @@ -54,6 +54,9 @@ abstract class FilteringNoticeStream extends NoticeStream $this->upstream = $upstream; } + /** + * @return boolean true if we allow it, false if we deny it + */ abstract protected function filter(Notice $notice); function getNoticeIds($offset, $limit, $since_id, $max_id) diff --git a/lib/moderatednoticestream.php b/lib/moderatednoticestream.php index 3c778d8a2c..f984256acc 100644 --- a/lib/moderatednoticestream.php +++ b/lib/moderatednoticestream.php @@ -28,8 +28,11 @@ class ModeratedNoticeStream extends ScopingNoticeStream // If the notice author is sandboxed if ($notice->getProfile()->isSandboxed()) { - // and we're either not logged in OR we aren't some kind of privileged user that can see spam etc. - if (!$this->scoped instanceof Profile || !$this->scoped->hasRight(Right::REVIEWSPAM)) { + if (!$this->scoped instanceof Profile) { + // Non-logged in users don't get to see posts by sandboxed users + return false; + } elseif (!$notice->getProfile()->sameAs($this->scoped) && !$this->scoped->hasRight(Right::REVIEWSPAM)) { + // And if we are logged in, deny if scoped user is neither the author nor has the right to review spam return false; } } From d6598e790c837ef9c827c3b2c2c81bbdab27838c Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 2 Mar 2016 12:33:06 +0100 Subject: [PATCH 062/415] Introduce a ConfigException --- classes/Notice.php | 6 ++---- lib/configexception.php | 22 ++++++++++++++++++++++ lib/gnusocial.php | 6 +++++- 3 files changed, 29 insertions(+), 5 deletions(-) create mode 100644 lib/configexception.php diff --git a/classes/Notice.php b/classes/Notice.php index f8bdbcd340..7484897679 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -507,8 +507,7 @@ class Notice extends Managed_DataObject $notice = new Notice(); $notice->profile_id = $profile_id; - $autosource = common_config('public', 'autosource'); - if ($source && $autosource && in_array($source, $autosource)) { + if ($source && in_array($source, common_config('public', 'autosource'))) { $notice->is_local = Notice::LOCAL_NONPUBLIC; } else { $notice->is_local = $is_local; @@ -823,8 +822,7 @@ class Notice extends Managed_DataObject // Since then we have started just filtering _when_ it gets shown // instead of creating a mixed jumble of differently scoped notices. - $autosource = common_config('public', 'autosource'); - if ($source && $autosource && in_array($source, $autosource)) { + if ($source && in_array($source, common_config('public', 'autosource'))) { $stored->is_local = Notice::LOCAL_NONPUBLIC; } else { $stored->is_local = intval($is_local); diff --git a/lib/configexception.php b/lib/configexception.php new file mode 100644 index 0000000000..5036a43533 --- /dev/null +++ b/lib/configexception.php @@ -0,0 +1,22 @@ + + * @license https://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link https://gnu.io/social + */ + +class ConfigException extends ServerException +{ + public function __construct($message=null) { + parent::__construct($message, 500); + } +} diff --git a/lib/gnusocial.php b/lib/gnusocial.php index 2ad688a790..aecebe2556 100644 --- a/lib/gnusocial.php +++ b/lib/gnusocial.php @@ -432,9 +432,13 @@ class GNUsocial if (common_config('htmlpurifier', 'Cache.DefinitionImpl') === 'Serializer' && !is_dir(common_config('htmlpurifier', 'Cache.SerializerPath'))) { if (!mkdir(common_config('htmlpurifier', 'Cache.SerializerPath'))) { - throw new ServerException('Could not create HTMLPurifier cache dir: '._ve(common_config('htmlpurifier', 'Cache.SerializerPath'))); + throw new ConfigException('Could not create HTMLPurifier cache dir: '._ve(common_config('htmlpurifier', 'Cache.SerializerPath'))); } } + + if (!is_array(common_config('public', 'autosource'))) { + throw new ConfigException('Configuration option public/autosource is not an array.'); + } } /** From 53772ba3058add38f8aef603aa0b433f7a81734a Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 2 Mar 2016 12:41:56 +0100 Subject: [PATCH 063/415] Some rights one does not have if either sandboxed or silenced --- classes/Profile.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/classes/Profile.php b/classes/Profile.php index 3ac2effe3c..3dbd883dd8 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -1325,7 +1325,7 @@ class Profile extends Managed_DataObject case Right::EMAILONREPLY: case Right::EMAILONSUBSCRIBE: case Right::EMAILONFAVE: - $result = !$this->isSandboxed(); + $result = !$this->isSandboxed() && !$this->isSilenced(); break; case Right::WEBLOGIN: $result = !$this->isSilenced(); From e4e0a39dad5e4ea72e462368673371f5161abffa Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 2 Mar 2016 12:42:09 +0100 Subject: [PATCH 064/415] Only OStatus distribute if profile hasRight to PUBLICNOTICE --- plugins/OStatus/OStatusPlugin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index d702703c81..583ad8ef13 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -129,7 +129,7 @@ class OStatusPlugin extends Plugin */ function onStartEnqueueNotice($notice, &$transports) { - if ($notice->inScope(null)) { + if ($notice->inScope(null) && $notice->getProfile()->hasRight(Right::PUBLICNOTICE)) { // put our transport first, in case there's any conflict (like OMB) array_unshift($transports, 'ostatus'); $this->log(LOG_INFO, "Notice {$notice->id} queued for OStatus processing"); From 6529fdd28d348a40106e7071b193b487f6e8949e Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 2 Mar 2016 13:10:02 +0100 Subject: [PATCH 065/415] Proper Microformats2 h-entry p-name + u-uid markup --- lib/noticelistitem.php | 4 ++-- theme/base/css/display.css | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/noticelistitem.php b/lib/noticelistitem.php index 4c4bde34a1..ad5962d751 100644 --- a/lib/noticelistitem.php +++ b/lib/noticelistitem.php @@ -179,8 +179,8 @@ class NoticeListItem extends Widget function showNoticeTitle() { if (Event::handle('StartShowNoticeTitle', array($this))) { - $this->element('a', array('href' => $this->notice->getUrl(true), - 'class' => 'notice-title'), + $this->element('a', array('href' => $this->notice->getUri(), + 'class' => 'p-name u-uid'), $this->notice->getTitle()); Event::handle('EndShowNoticeTitle', array($this)); } diff --git a/theme/base/css/display.css b/theme/base/css/display.css index 295916d78e..73c95c277a 100644 --- a/theme/base/css/display.css +++ b/theme/base/css/display.css @@ -1013,7 +1013,7 @@ content: ":"; clear:both; } -.notice-title { +.notice-headers > .u-uid { display:none; } From dc1ceca86ea5310bc04df21f94db68015d3b9d59 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 2 Mar 2016 13:29:54 +0100 Subject: [PATCH 066/415] Some more Microformats2 data for notices and rendering --- lib/noticelistitem.php | 10 ++++++++-- lib/util.php | 2 +- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/lib/noticelistitem.php b/lib/noticelistitem.php index ad5962d751..a0dcf6f30c 100644 --- a/lib/noticelistitem.php +++ b/lib/noticelistitem.php @@ -301,9 +301,15 @@ class NoticeListItem extends Widget foreach ($attentions as $attn) { $class = $attn->isGroup() ? 'group' : 'account'; - $this->pa[] = array('href' => $attn->profileurl, + $profileurl = $attn->getUri(); + if (common_valid_http_url($profileurl)) { + $class .= ' u-uid'; + } else { + $profileurl = $attn->getUrl(); + } + $this->pa[] = array('href' => $profileurl, 'title' => $attn->getNickname(), - 'class' => "addressee {$class}", + 'class' => "addressee {$class} p-name u-url", 'text' => $attn->getStreamName()); } diff --git a/lib/util.php b/lib/util.php index 5aeda6d750..05e3e732bd 100644 --- a/lib/util.php +++ b/lib/util.php @@ -692,7 +692,7 @@ function common_linkify_mention(array $mention) $xs = new XMLStringer(false); $attrs = array('href' => $mention['url'], - 'class' => 'h-card '.$mention['type']); + 'class' => 'h-card u-url p-nickname '.$mention['type']); if (!empty($mention['title'])) { $attrs['title'] = $mention['title']; From 97d8e4571f69479ea31ae57aa1df1e8e888d5594 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 2 Mar 2016 14:35:08 +0100 Subject: [PATCH 067/415] Fix a regression in 1f76c1e4 that stopped sending email confirmation on registration --- classes/User.php | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/classes/User.php b/classes/User.php index 909cadb6eb..26225916f1 100644 --- a/classes/User.php +++ b/classes/User.php @@ -343,7 +343,8 @@ class User extends Managed_DataObject $invite->convert($user); } - if (!empty($email) && !$user->email) { + if (!empty($email) && empty($user->email)) { + // The actual email will be sent further down, after the database COMMIT $confirm = new Confirm_address(); $confirm->code = common_confirmation_code(128); @@ -353,7 +354,7 @@ class User extends Managed_DataObject $result = $confirm->insert(); - if (!$result) { + if ($result===false) { common_log_db_error($confirm, 'INSERT', __FILE__); $profile->query('ROLLBACK'); // TRANS: Email confirmation data could not be inserted for some reason. @@ -381,11 +382,12 @@ class User extends Managed_DataObject $profile->query('COMMIT'); - if (!empty($email) && !empty($user->email)) { + if (!empty($email) && empty($user->email)) { try { - mail_confirm_address($user, $confirm->code, $profile->nickname, $email); + require_once(INSTALLDIR . '/lib/mail.php'); + mail_confirm_address($user, $confirm->code, $profile->getNickname(), $email); } catch (EmailException $e) { - common_log(LOG_ERR, "Could not send user registration email for user id=={$user->id}: {$e->getMessage()}"); + common_log(LOG_ERR, "Could not send user registration email for user id=={$profile->getID()}: {$e->getMessage()}"); if (!$accept_email_fail) { throw $e; } @@ -407,7 +409,7 @@ class User extends Managed_DataObject // TRANS: %1$s is the sitename, $2$s is the registering user's nickname. sprintf(_('Welcome to %1$s, @%2$s!'), common_config('site', 'name'), - $user->nickname), + $profile->getNickname()), 'system'); } } @@ -415,7 +417,7 @@ class User extends Managed_DataObject Event::handle('EndUserRegister', array($profile)); } - if (!$user instanceof User) { + if (!$user instanceof User || empty($user->id)) { throw new ServerException('User could not be registered. Probably an event hook that failed.'); } @@ -433,13 +435,14 @@ class User extends Managed_DataObject if ($invites->find()) { while ($invites->fetch()) { try { - $other = Profile::getKV('id', $invites->user_id); - if (!($other instanceof Profile)) { // remove when getKV throws exceptions - continue; - } + $other = Profile::getByID($invites->user_id); Subscription::start($other, $this->getProfile()); + } catch (NoResultException $e) { + // profile did not exist + } catch (AlreadyFulfilledException $e) { + // already subscribed to this profile } catch (Exception $e) { - continue; + common_log(LOG_ERR, 'On-invitation-completion subscription failed when subscribing '._ve($invites->user_id).' to '.$this->getProfile()->getID().': '._ve($e->getMessage())); } } } @@ -876,6 +879,8 @@ class User extends Managed_DataObject static function recoverPassword($nore) { + require_once(INSTALLDIR . '/lib/mail.php'); + // $confirm_email will be used as a fallback if our user doesn't have a confirmed email $confirm_email = null; From 175b7e8541f747b5f38aec2c55be6cee3138fb72 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 2 Mar 2016 15:31:48 +0100 Subject: [PATCH 068/415] Refactor some ConfirmaddressAction stuff --- actions/confirmaddress.php | 78 +++++++++++++++++-------------------- actions/emailsettings.php | 8 +--- actions/imsettings.php | 8 +--- actions/recoverpassword.php | 8 +--- actions/smssettings.php | 8 +--- classes/Confirm_address.php | 13 +++++++ 6 files changed, 52 insertions(+), 71 deletions(-) diff --git a/actions/confirmaddress.php b/actions/confirmaddress.php index 806851001e..9ac6848d7a 100644 --- a/actions/confirmaddress.php +++ b/actions/confirmaddress.php @@ -27,9 +27,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * Confirm an address @@ -44,25 +42,14 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ -class ConfirmaddressAction extends Action +class ConfirmaddressAction extends ManagedAction { /** type of confirmation. */ - var $address; + protected $address; - /** - * Accept a confirmation code - * - * Checks the code and confirms the address in the - * user record - * - * @param args $args $_REQUEST array - * - * @return void - */ - function handle($args) + protected function doPreparation() { - parent::handle($args); if (!common_logged_in()) { common_set_returnto($this->selfUrl()); common_redirect(common_local_url('login')); @@ -70,32 +57,45 @@ class ConfirmaddressAction extends Action $code = $this->trimmed('code'); if (!$code) { // TRANS: Client error displayed when not providing a confirmation code in the contact address confirmation action. - $this->clientError(_('No confirmation code.')); + throw new ClientException(_('No confirmation code.')); } $confirm = Confirm_address::getKV('code', $code); - if (!$confirm) { + if (!$confirm instanceof Confirm_address) { // TRANS: Client error displayed when providing a non-existing confirmation code in the contact address confirmation action. - $this->clientError(_('Confirmation code not found.')); + throw new ClientException(_('Confirmation code not found.'), 404); } - $cur = common_current_user(); - if ($cur->id != $confirm->user_id) { + + try { + $profile = Profile::getByID($confirm->user_id); + } catch (NoResultException $e) { + common_log(LOG_INFO, 'Tried to confirm the email for a deleted profile: '._ve(['id'=>$confirm->user_id, 'email'=>$confirm->address])); + $confirm->delete(); + throw $e; + } + if (!$profile->sameAs($this->scoped)) { // TRANS: Client error displayed when not providing a confirmation code for another user in the contact address confirmation action. - $this->clientError(_('That confirmation code is not for you!')); + throw new AuthorizationException(_('That confirmation code is not for you!')); } + $type = $confirm->address_type; $transports = array(); Event::handle('GetImTransports', array(&$transports)); if (!in_array($type, array('email', 'sms')) && !in_array($type, array_keys($transports))) { // TRANS: Server error for an unknown address type, which can be 'email', 'sms', or the name of an IM network (such as 'xmpp' or 'aim') - $this->serverError(sprintf(_('Unrecognized address type %s'), $type)); + throw new ServerException(sprintf(_('Unrecognized address type %s'), $type)); } $this->address = $confirm->address; + + $cur = $this->scoped->getUser(); + $cur->query('BEGIN'); - if (in_array($type, array('email', 'sms'))) - { + if (in_array($type, array('email', 'sms'))) { + common_debug("Confirming {$type} address for user {$this->scoped->getID()}"); if ($cur->$type == $confirm->address) { + // Already verified, so delete the confirm_address entry + $confirm->delete(); // TRANS: Client error for an already confirmed email/jabber/sms address. - $this->clientError(_('That address has already been confirmed.')); + throw new AlreadyFulfilledException(_('That address has already been confirmed.')); } $orig_user = clone($cur); @@ -122,16 +122,18 @@ class ConfirmaddressAction extends Action $user_im_prefs->user_id = $cur->id; if ($user_im_prefs->find() && $user_im_prefs->fetch()) { if($user_im_prefs->screenname == $confirm->address){ + // Already verified, so delete the confirm_address entry + $confirm->delete(); // TRANS: Client error for an already confirmed IM address. - $this->clientError(_('That address has already been confirmed.')); + throw new AlreadyFulfilledException(_('That address has already been confirmed.')); } $user_im_prefs->screenname = $confirm->address; $result = $user_im_prefs->update(); - if (!$result) { + if ($result === false) { common_log_db_error($user_im_prefs, 'UPDATE', __FILE__); // TRANS: Server error displayed when updating IM preferences fails. - $this->serverError(_('Could not update user IM preferences.')); + throw new ServerException(_('Could not update user IM preferences.')); } }else{ $user_im_prefs = new User_im_prefs(); @@ -140,26 +142,18 @@ class ConfirmaddressAction extends Action $user_im_prefs->user_id = $cur->id; $result = $user_im_prefs->insert(); - if (!$result) { + if ($result === false) { common_log_db_error($user_im_prefs, 'INSERT', __FILE__); // TRANS: Server error displayed when adding IM preferences fails. - $this->serverError(_('Could not insert user IM preferences.')); + throw new ServerException(_('Could not insert user IM preferences.')); } } } - $result = $confirm->delete(); - - if (!$result) { - common_log_db_error($confirm, 'DELETE', __FILE__); - // TRANS: Server error displayed when an address confirmation code deletion from the - // TRANS: database fails in the contact address confirmation action. - $this->serverError(_('Could not delete address confirmation.')); - } + $confirm->delete(); $cur->query('COMMIT'); - $this->showPage(); } /** @@ -180,8 +174,6 @@ class ConfirmaddressAction extends Action */ function showContent() { - $cur = common_current_user(); - $this->element('p', null, // TRANS: Success message for the contact address confirmation action. // TRANS: %s can be 'email', 'jabber', or 'sms'. diff --git a/actions/emailsettings.php b/actions/emailsettings.php index c02f1cdfad..7384b3630d 100644 --- a/actions/emailsettings.php +++ b/actions/emailsettings.php @@ -401,13 +401,7 @@ class EmailsettingsAction extends SettingsAction throw new AlreadyFulfilledException(_('No pending confirmation to cancel.')); } - $result = $confirm->delete(); - - if ($result === false) { - common_log_db_error($confirm, 'DELETE', __FILE__); - // TRANS: Server error thrown on database error canceling e-mail address confirmation. - throw new ServerException(_('Could not delete email confirmation.')); - } + $confirm->delete(); // TRANS: Message given after successfully canceling e-mail address confirmation. return _('Email confirmation cancelled.'); diff --git a/actions/imsettings.php b/actions/imsettings.php index 40bea10e68..80f7f78770 100644 --- a/actions/imsettings.php +++ b/actions/imsettings.php @@ -359,13 +359,7 @@ class ImsettingsAction extends SettingsAction throw new AlreadyFulfilledException(_('No pending confirmation to cancel.')); } - $result = $confirm->delete(); - - if ($result === false) { - common_log_db_error($confirm, 'DELETE', __FILE__); - // TRANS: Server error thrown on database error canceling IM address confirmation. - throw new ServerException(_('Could not delete confirmation.')); - } + $confirm->delete(); // TRANS: Message given after successfully canceling IM address confirmation. return _('IM confirmation cancelled.'); diff --git a/actions/recoverpassword.php b/actions/recoverpassword.php index a3a5b8e5bc..d19ed4693c 100644 --- a/actions/recoverpassword.php +++ b/actions/recoverpassword.php @@ -79,13 +79,7 @@ class RecoverpasswordAction extends Action // Burn this code - $result = $confirm->delete(); - - if (!$result) { - common_log_db_error($confirm, 'DELETE', __FILE__); - // TRANS: Server error displayed removing a password recovery code from the database. - $this->serverError(_('Error with confirmation code.')); - } + $confirm->delete(); // These should be reaped, but for now we just check mod time // Note: it's still deleted; let's avoid a second attempt! diff --git a/actions/smssettings.php b/actions/smssettings.php index ca6a7d04ef..c002474ce2 100644 --- a/actions/smssettings.php +++ b/actions/smssettings.php @@ -368,13 +368,7 @@ class SmssettingsAction extends SettingsAction throw new AlreadyFulfilledException(_('No pending confirmation to cancel.')); } - $result = $confirm->delete(); - - if ($result === false) { - common_log_db_error($confirm, 'DELETE', __FILE__); - // TRANS: Server error thrown on database error canceling SMS phone number confirmation. - throw new ServerException(_('Could not delete SMS confirmation.')); - } + $confirm->delete(); // TRANS: Message given after successfully canceling SMS phone number confirmation. return _('SMS confirmation cancelled.'); diff --git a/classes/Confirm_address.php b/classes/Confirm_address.php index 97e1a75dab..9bb56cef9c 100644 --- a/classes/Confirm_address.php +++ b/classes/Confirm_address.php @@ -66,4 +66,17 @@ class Confirm_address extends Managed_DataObject return $ca; } + + public function delete($useWhere=false) + { + $result = parent::delete($useWhere); + + if ($result === false) { + common_log_db_error($confirm, 'DELETE', __FILE__); + // TRANS: Server error displayed when an address confirmation code deletion from the + // TRANS: database fails in the contact address confirmation action. + throw new ServerException(_('Could not delete address confirmation.')); + } + return $result; + } } From a262c16f062837f1b863ee7b09e4edda530eb7d1 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 2 Mar 2016 15:37:47 +0100 Subject: [PATCH 069/415] Catch exception on delete of Confirm_address in a plugin --- plugins/EmailRegistration/actions/emailregister.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/plugins/EmailRegistration/actions/emailregister.php b/plugins/EmailRegistration/actions/emailregister.php index 7fa2aa22cf..d10b65c387 100644 --- a/plugins/EmailRegistration/actions/emailregister.php +++ b/plugins/EmailRegistration/actions/emailregister.php @@ -321,7 +321,11 @@ class EmailregisterAction extends Action common_init_language(); if (!empty($this->confirmation)) { - $this->confirmation->delete(); + try { + $this->confirmation->delete(); + } catch (ServerException $e) { + common_log(LOG_ERR, $e->getMessage()); + } } Event::handle('EndRegistrationTry', array($this)); From feb97cfc2288169fbf8f1f47393c9735c017eeb6 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 2 Mar 2016 15:48:18 +0100 Subject: [PATCH 070/415] Resend confirm_address stuff, please read its NOTE first --- scripts/resend_confirm_address.php | 91 ++++++++++++++++++++++++++++++ 1 file changed, 91 insertions(+) create mode 100755 scripts/resend_confirm_address.php diff --git a/scripts/resend_confirm_address.php b/scripts/resend_confirm_address.php new file mode 100755 index 0000000000..1d7cb55ca5 --- /dev/null +++ b/scripts/resend_confirm_address.php @@ -0,0 +1,91 @@ +#!/usr/bin/env php +address_type = 'email'; + if (!$ca->find()) { + print "confirm_address table contains no lingering email addresses\n"; + exit(0); + } +} else { + print "You must provide an email (or --all).\n"; + exit(1); +} + +if (!have_option('y', 'yes')) { + print "About to resend confirm_address email to {$ca->N} recipients. Are you sure? [y/N] "; + $response = fgets(STDIN); + if (strtolower(trim($response)) != 'y') { + print "Aborting.\n"; + exit(0); + } +} + +function mailConfirmAddress(Confirm_address $ca) +{ + try { + $user = User::getByID($ca->user_id); + if ($user->email === $ca->address) { + throw new AlreadyFulfilledException('User already has identical confirmed email address.'); + } + } catch (AlreadyFulfilledException $e) { + print "\n User already had verified email: "._ve($ca->address); + $ca->delete(); + } catch (Exception $e) { + print "\n Failed to get user with ID "._ve($user_id).', deleting confirm_address entry: '._ve($e->getMessage()); + $ca->delete(); + return; + } + mail_confirm_address($user, $ca->code, $user->getNickname(), $ca->address); +} + +require_once(INSTALLDIR . '/lib/mail.php'); + +if (!$all) { + mailConfirmAddress($ca); +} else { + while ($ca->fetch()) { + mailConfirmAddress($ca); + } +} + +print "\nDONE.\n"; From 43754c7f17937fd40582e401af0ccd4a2015b3ce Mon Sep 17 00:00:00 2001 From: Saul St John Date: Wed, 2 Mar 2016 15:41:17 +0000 Subject: [PATCH 071/415] add blacklist to StoreRemoteMedia plugin --- .../StoreRemoteMediaPlugin.php | 42 ++++++++++++++----- 1 file changed, 32 insertions(+), 10 deletions(-) diff --git a/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php b/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php index a08ae92572..f38ca4713e 100644 --- a/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php +++ b/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php @@ -15,6 +15,9 @@ class StoreRemoteMediaPlugin extends Plugin public $append_whitelist = array(); // fill this array as domain_whitelist to add more trusted sources public $check_whitelist = false; // security/abuse precaution + public $domain_blacklist = array(); + public $check_blacklist = false; + protected $imgData = array(); // these should be declared protected everywhere @@ -74,7 +77,10 @@ class StoreRemoteMediaPlugin extends Plugin return true; } - $this->checkWhitelist($file->getUrl()); + if (!$this->checkWhiteList($file->getUrl()) || + !$this->checkBlackList($file->getUrl())) { + return true; + } // First we download the file to memory and test whether it's actually an image file common_debug(sprintf('Downloading remote file id==%u with URL: %s', $file->getID(), _ve($file->getUrl()))); @@ -124,23 +130,39 @@ class StoreRemoteMediaPlugin extends Plugin } /** - * @return boolean false on no check made, provider name on success - * @throws ServerException if check is made but fails + * @return boolean true if given url passes blacklist check */ - protected function checkWhitelist($url) + protected function checkBlackList($url) { - if (!$this->check_whitelist) { - return false; // indicates "no check made" + if (!$this->check_blacklist) { + return true; } - $host = parse_url($url, PHP_URL_HOST); - foreach ($this->domain_whitelist as $regex => $provider) { + foreach ($this->domain_blacklist as $regex => $provider) { if (preg_match("/$regex/", $host)) { - return $provider; // we trust this source, return provider name + return false; } } - throw new ServerException(sprintf(_('Domain not in remote source whitelist: %s'), $host)); + return true; + } + + /*** + * @return boolean true if given url passes whitelist check + */ + protected function checkWhiteList($url) + { + if (!$this->check_whitelist) { + return true; + } + $host = parse_url($url, PHP_URL_HOST); + foreach ($this->domain_whitelist as $regex => $provider) { + if (preg_match("/$regex/", $host)) { + return true; + } + } + + return false; } public function onPluginVersion(array &$versions) From 30e70c4697ab3b987426a8ca2017107cd3d6fb3f Mon Sep 17 00:00:00 2001 From: Saul St John Date: Wed, 2 Mar 2016 16:05:40 +0000 Subject: [PATCH 072/415] update readme --- plugins/StoreRemoteMedia/README | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/plugins/StoreRemoteMedia/README b/plugins/StoreRemoteMedia/README index a6bd91f605..2de4ce4541 100644 --- a/plugins/StoreRemoteMedia/README +++ b/plugins/StoreRemoteMedia/README @@ -7,9 +7,19 @@ to the bottom of your config.php Settings ======== +domain_blacklist: Array of regular expressions. Always escape your dots and end your strings. +check_blacklist: Whether to check the domain_blacklist. + domain_whitelist: Array of regular expressions. Always escape your dots and end your strings. check_whitelist: Whether to check the domain_whitelist. +When check_whitelist is set, only images from URLs matching a regex in the +domain_whitelist array are accepted for local storage. When check_blacklist +is set, images from URLs matching any regex in the domain_blacklist are +denied local storage. When both lists are checked, only images from URLs +that match a regex in the domain_whitelist and that match no regexen in the +domain_blacklist are accepted for local storage. + Example ======= addPlugin('StoreRemoteMedia', array( @@ -17,6 +27,6 @@ addPlugin('StoreRemoteMedia', array( '^i\d*\.ytimg\.com$' => 'YouTube', '^i\d*\.vimeocdn\.com$' => 'Vimeo' ), - 'check_whitelist' => true + 'check_whitelist' => true, )); From 7d4658643d70d19d2df2f5ce21ef353e56fb4ea9 Mon Sep 17 00:00:00 2001 From: hannes Date: Fri, 4 Mar 2016 16:53:57 -0500 Subject: [PATCH 073/415] the repeated notice can be from a sandboxed user too --- lib/moderatednoticestream.php | 40 +++++++++++++++++++++++++++-------- 1 file changed, 31 insertions(+), 9 deletions(-) diff --git a/lib/moderatednoticestream.php b/lib/moderatednoticestream.php index f984256acc..b0d6601cb9 100644 --- a/lib/moderatednoticestream.php +++ b/lib/moderatednoticestream.php @@ -25,18 +25,40 @@ class ModeratedNoticeStream extends ScopingNoticeStream if (!parent::filter($notice)) { return false; } - - // If the notice author is sandboxed - if ($notice->getProfile()->isSandboxed()) { - if (!$this->scoped instanceof Profile) { - // Non-logged in users don't get to see posts by sandboxed users - return false; - } elseif (!$notice->getProfile()->sameAs($this->scoped) && !$this->scoped->hasRight(Right::REVIEWSPAM)) { - // And if we are logged in, deny if scoped user is neither the author nor has the right to review spam + + if(self::include_or_not($notice) === false) { + return false; + } + + // If this is a repeat the repeated notice is moderated + if($notice->isRepeat()) { + try { + $repeated_notice = Notice::getById($notice->repeat_of); + } catch (Exception $e) { + // if we can't get the repeated notice by id, something is seriously wrong with it, so don't include it return false; } - } + + if(self::include_or_not($repeated_notice) === false) { + return false; + } + } return true; } + + protected function include_or_not(Notice $notice) + { + $profile = $notice->getProfile(); + + if ($profile->isSandboxed()) { + if (!$this->scoped instanceof Profile) { + // Non-logged in users don't get to see posts by sandboxed users + return false; + } elseif (!$profile->sameAs($this->scoped) && !$this->scoped->hasRight(Right::REVIEWSPAM)) { + // And if we are logged in, deny if scoped user is neither the author nor has the right to review spam + return false; + } + } + } } From 952f68fed55aae6908fe1c85f1e96809d381af55 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 5 Mar 2016 00:59:39 +0100 Subject: [PATCH 074/415] File upload logging for dummies --- lib/filenotfoundexception.php | 1 + lib/mediafile.php | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/filenotfoundexception.php b/lib/filenotfoundexception.php index d3610249db..70dd2d0b5d 100644 --- a/lib/filenotfoundexception.php +++ b/lib/filenotfoundexception.php @@ -36,6 +36,7 @@ class FileNotFoundException extends ServerException public function __construct($path) { $this->path = $path; + common_debug('File not found exception for: '._ve($this->path)); parent::__construct(_('File not found in filesystem.'), 404); } } diff --git a/lib/mediafile.php b/lib/mediafile.php index 1e0fb39769..7534dc53cb 100644 --- a/lib/mediafile.php +++ b/lib/mediafile.php @@ -306,10 +306,10 @@ class MediaFile $result = copy($stream['uri'], $filepath) && chmod($filepath, 0664); if (!$result) { + common_log(LOG_ERR, 'File could not be moved (or chmodded) from '._ve($stream['uri']) . ' to ' . _ve($filepath)); // TRANS: Client exception thrown when a file upload operation fails because the file could // TRANS: not be moved from the temporary folder to the permanent file location. - throw new ClientException(_('File could not be moved to destination directory.' . - $stream['uri'] . ' ' . $filepath)); + throw new ClientException(_('File could not be moved to destination directory.' )); } } From bf34f730dd6490308b1df591ee6338a5e4975d5e Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 5 Mar 2016 01:03:48 +0100 Subject: [PATCH 075/415] Use $this->scoped in AvatarsettingsAction --- actions/avatarsettings.php | 32 ++++++-------------------------- 1 file changed, 6 insertions(+), 26 deletions(-) diff --git a/actions/avatarsettings.php b/actions/avatarsettings.php index 4b618eb9be..f77339ad70 100644 --- a/actions/avatarsettings.php +++ b/actions/avatarsettings.php @@ -92,16 +92,6 @@ class AvatarsettingsAction extends SettingsAction function showUploadForm() { - $user = common_current_user(); - - $profile = $user->getProfile(); - - if (!$profile) { - common_log_db_error($user, 'SELECT', __FILE__); - // TRANS: Error message displayed when referring to a user without a profile. - $this->serverError(_('User has no profile.')); - } - $this->elementStart('form', array('enctype' => 'multipart/form-data', 'method' => 'post', 'id' => 'form_settings_avatar', @@ -116,7 +106,7 @@ class AvatarsettingsAction extends SettingsAction if (Event::handle('StartAvatarFormData', array($this))) { $this->elementStart('ul', 'form_data'); try { - $original = Avatar::getUploaded($profile); + $original = Avatar::getUploaded($this->scoped); $this->elementStart('li', array('id' => 'avatar_original', 'class' => 'avatar_view')); @@ -126,7 +116,7 @@ class AvatarsettingsAction extends SettingsAction $this->element('img', array('src' => $original->displayUrl(), 'width' => $original->width, 'height' => $original->height, - 'alt' => $user->nickname)); + 'alt' => $this->scoped->getNickname())); $this->elementEnd('div'); $this->elementEnd('li'); } catch (NoAvatarException $e) { @@ -134,7 +124,7 @@ class AvatarsettingsAction extends SettingsAction } try { - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); + $avatar = $this->scoped->getAvatar(AVATAR_PROFILE_SIZE); $this->elementStart('li', array('id' => 'avatar_preview', 'class' => 'avatar_view')); // TRANS: Header on avatar upload page for thumbnail of to be used rendition of uploaded avatar (h2). @@ -143,7 +133,7 @@ class AvatarsettingsAction extends SettingsAction $this->element('img', array('src' => $avatar->displayUrl(), 'width' => AVATAR_PROFILE_SIZE, 'height' => AVATAR_PROFILE_SIZE, - 'alt' => $user->nickname)); + 'alt' => $this->scoped->getNickname())); $this->elementEnd('div'); if (!empty($avatar->filename)) { // TRANS: Button on avatar upload page to delete current avatar. @@ -180,16 +170,6 @@ class AvatarsettingsAction extends SettingsAction function showCropForm() { - $user = common_current_user(); - - $profile = $user->getProfile(); - - if (!$profile) { - common_log_db_error($user, 'SELECT', __FILE__); - // TRANS: Error message displayed when referring to a user without a profile. - $this->serverError(_('User has no profile.')); - } - $this->elementStart('form', array('method' => 'post', 'id' => 'form_settings_avatar', 'class' => 'form_settings', @@ -211,7 +191,7 @@ class AvatarsettingsAction extends SettingsAction $this->element('img', array('src' => Avatar::url($this->filedata['filename']), 'width' => $this->filedata['width'], 'height' => $this->filedata['height'], - 'alt' => $user->nickname)); + 'alt' => $this->scoped->getNickname())); $this->elementEnd('div'); $this->elementEnd('li'); @@ -224,7 +204,7 @@ class AvatarsettingsAction extends SettingsAction $this->element('img', array('src' => Avatar::url($this->filedata['filename']), 'width' => AVATAR_PROFILE_SIZE, 'height' => AVATAR_PROFILE_SIZE, - 'alt' => $user->nickname)); + 'alt' => $this->scoped->getNickname())); $this->elementEnd('div'); foreach (array('avatar_crop_x', 'avatar_crop_y', From 57d57b8d8f270d586f15d7bd45557362905c1ae3 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 5 Mar 2016 01:26:34 +0100 Subject: [PATCH 076/415] Handle reuploads via filehandle better if original is missing --- lib/mediafile.php | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/lib/mediafile.php b/lib/mediafile.php index 7534dc53cb..dc7000f384 100644 --- a/lib/mediafile.php +++ b/lib/mediafile.php @@ -286,8 +286,31 @@ class MediaFile try { $file = File::getByHash($filehash); // Already have it, so let's reuse the locally stored File - $filename = $file->filename; + // by using getPath we also check whether the file exists + // and throw a FileNotFoundException with the path if it doesn't. + $filename = basename($file->getPath()); $mimetype = $file->mimetype; + } catch (FileNotFoundException $e) { + // This happens if the file we have uploaded has disappeared + // from the local filesystem for some reason. Since we got the + // File object from a sha256 check in fromFilehandle, it's safe + // to just copy the uploaded data to disk! + + fseek($fh, 0); // just to be sure, go to the beginning + // dump the contents of our filehandle to the path from our exception + // and report error if it failed. + if (false === file_put_contents($e->path, fread($fh, filesize($stream['uri'])))) { + // TRANS: Client exception thrown when a file upload operation fails because the file could + // TRANS: not be moved from the temporary folder to the permanent file location. + throw new ClientException(_('File could not be moved to destination directory.')); + } + if (!chmod($e->path, 0664)) { + common_log(LOG_ERR, 'Could not chmod uploaded file: '._ve($e->path)); + } + + $filename = basename($file->getPath()); + $mimetype = $file->mimetype; + } catch (NoResultException $e) { File::respectsQuota($scoped, filesize($stream['uri'])); From 204a8f1fccc3ba6da26c61e2ec095a742eef05f1 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 5 Mar 2016 02:54:13 +0100 Subject: [PATCH 077/415] PEAR Mail package updated to 1.3.0 1.3.0 (stable) was released on 2016-01-31 Source: https://pear.php.net/package/Mail --- extlib/Mail.php | 31 +++++++-------- extlib/Mail/RFC822.php | 84 ++++++++++++++-------------------------- extlib/Mail/mail.php | 12 +++--- extlib/Mail/mock.php | 19 ++++----- extlib/Mail/null.php | 9 ++--- extlib/Mail/sendmail.php | 10 ++--- extlib/Mail/smtp.php | 43 ++++++++++---------- extlib/Mail/smtpmx.php | 10 ++--- 8 files changed, 89 insertions(+), 129 deletions(-) diff --git a/extlib/Mail.php b/extlib/Mail.php index 75132ac2a6..e7cff2f642 100644 --- a/extlib/Mail.php +++ b/extlib/Mail.php @@ -1,8 +1,8 @@ * @copyright 1997-2010 Chuck Hagenbuch * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version CVS: $Id: Mail.php 294747 2010-02-08 08:18:33Z clockwerx $ + * @version CVS: $Id$ * @link http://pear.php.net/package/Mail/ */ @@ -50,8 +50,7 @@ require_once 'PEAR.php'; * mailers under the PEAR hierarchy, and provides supporting functions * useful in multiple mailer backends. * - * @access public - * @version $Revision: 294747 $ + * @version $Revision$ * @package Mail */ class Mail @@ -60,7 +59,7 @@ class Mail * Line terminator used for separating header lines. * @var string */ - var $sep = "\r\n"; + public $sep = "\r\n"; /** * Provides an interface for generating Mail:: objects of various @@ -68,10 +67,10 @@ class Mail * * @param string $driver The kind of Mail:: object to instantiate. * @param array $params The parameters to pass to the Mail:: object. + * * @return object Mail a instance of the driver class or if fails a PEAR Error - * @access public */ - function &factory($driver, $params = array()) + public static function factory($driver, $params = array()) { $driver = strtolower($driver); @include_once 'Mail/' . $driver . '.php'; @@ -108,10 +107,9 @@ class Mail * containing a descriptive error message on * failure. * - * @access public * @deprecated use Mail_mail::send instead */ - function send($recipients, $headers, $body) + public function send($recipients, $headers, $body) { if (!is_array($headers)) { return PEAR::raiseError('$headers must be an array'); @@ -147,10 +145,8 @@ class Mail * filter is to prevent mail injection attacks. * * @param array $headers The associative array of headers to sanitize. - * - * @access private */ - function _sanitizeHeaders(&$headers) + protected function _sanitizeHeaders(&$headers) { foreach ($headers as $key => $value) { $headers[$key] = @@ -173,9 +169,8 @@ class Mail * otherwise returns an array containing two * elements: Any From: address found in the headers, * and the plain text version of the headers. - * @access private */ - function prepareHeaders($headers) + protected function prepareHeaders($headers) { $lines = array(); $from = null; @@ -235,9 +230,8 @@ class Mail * * @return mixed An array of forward paths (bare addresses) or a PEAR_Error * object if the address list could not be parsed. - * @access private */ - function parseRecipients($recipients) + protected function parseRecipients($recipients) { include_once 'Mail/RFC822.php'; @@ -250,7 +244,8 @@ class Mail // Parse recipients, leaving out all personal info. This is // for smtp recipients, etc. All relevant personal information // should already be in the headers. - $addresses = Mail_RFC822::parseAddressList($recipients, 'localhost', false); + $Mail_RFC822 = new Mail_RFC822(); + $addresses = $Mail_RFC822->parseAddressList($recipients, 'localhost', false); // If parseAddressList() returned a PEAR_Error object, just return it. if (is_a($addresses, 'PEAR_Error')) { diff --git a/extlib/Mail/RFC822.php b/extlib/Mail/RFC822.php index 58d36465cb..d010a20e8d 100644 --- a/extlib/Mail/RFC822.php +++ b/extlib/Mail/RFC822.php @@ -2,7 +2,7 @@ /** * RFC 822 Email address list validation Utility * - * PHP versions 4 and 5 + * PHP version 5 * * LICENSE: * @@ -40,7 +40,7 @@ * @author Chuck Hagenbuch * @author Chuck Hagenbuch - * @version $Revision: 294749 $ + * @version $Revision$ * @license BSD * @package Mail */ @@ -141,7 +141,6 @@ class Mail_RFC822 { * Sets up the object. The address must either be set here or when * calling parseAddressList(). One or the other. * - * @access public * @param string $address The address(es) to validate. * @param string $default_domain Default domain/host etc. If not supplied, will be set to localhost. * @param boolean $nest_groups Whether to return the structure with groups nested for easier viewing. @@ -149,7 +148,7 @@ class Mail_RFC822 { * * @return object Mail_RFC822 A new Mail_RFC822 object. */ - function Mail_RFC822($address = null, $default_domain = null, $nest_groups = null, $validate = null, $limit = null) + public function __construct($address = null, $default_domain = null, $nest_groups = null, $validate = null, $limit = null) { if (isset($address)) $this->address = $address; if (isset($default_domain)) $this->default_domain = $default_domain; @@ -162,7 +161,6 @@ class Mail_RFC822 { * Starts the whole process. The address must either be set here * or when creating the object. One or the other. * - * @access public * @param string $address The address(es) to validate. * @param string $default_domain Default domain/host etc. * @param boolean $nest_groups Whether to return the structure with groups nested for easier viewing. @@ -170,7 +168,7 @@ class Mail_RFC822 { * * @return array A structured array of addresses. */ - function parseAddressList($address = null, $default_domain = null, $nest_groups = null, $validate = null, $limit = null) + public function parseAddressList($address = null, $default_domain = null, $nest_groups = null, $validate = null, $limit = null) { if (!isset($this) || !isset($this->mailRFC822)) { $obj = new Mail_RFC822($address, $default_domain, $nest_groups, $validate, $limit); @@ -222,11 +220,10 @@ class Mail_RFC822 { /** * Splits an address into separate addresses. * - * @access private * @param string $address The addresses to split. * @return boolean Success or failure. */ - function _splitAddresses($address) + protected function _splitAddresses($address) { if (!empty($this->limit) && count($this->addresses) == $this->limit) { return ''; @@ -298,11 +295,10 @@ class Mail_RFC822 { /** * Checks for a group at the start of the string. * - * @access private * @param string $address The address to check. * @return boolean Whether or not there is a group at the start of the string. */ - function _isGroup($address) + protected function _isGroup($address) { // First comma not in quotes, angles or escaped: $parts = explode(',', $address); @@ -322,12 +318,11 @@ class Mail_RFC822 { /** * A common function that will check an exploded string. * - * @access private * @param array $parts The exloded string. * @param string $char The char that was exploded on. * @return mixed False if the string contains unclosed quotes/brackets, or the string on success. */ - function _splitCheck($parts, $char) + protected function _splitCheck($parts, $char) { $string = $parts[0]; @@ -355,12 +350,11 @@ class Mail_RFC822 { /** * Checks if a string has unclosed quotes or not. * - * @access private * @param string $string The string to check. * @return boolean True if there are unclosed quotes inside the string, * false otherwise. */ - function _hasUnclosedQuotes($string) + protected function _hasUnclosedQuotes($string) { $string = trim($string); $iMax = strlen($string); @@ -392,12 +386,11 @@ class Mail_RFC822 { * Checks if a string has an unclosed brackets or not. IMPORTANT: * This function handles both angle brackets and square brackets; * - * @access private * @param string $string The string to check. * @param string $chars The characters to check for. * @return boolean True if there are unclosed brackets inside the string, false otherwise. */ - function _hasUnclosedBrackets($string, $chars) + protected function _hasUnclosedBrackets($string, $chars) { $num_angle_start = substr_count($string, $chars[0]); $num_angle_end = substr_count($string, $chars[1]); @@ -416,13 +409,12 @@ class Mail_RFC822 { /** * Sub function that is used only by hasUnclosedBrackets(). * - * @access private * @param string $string The string to check. * @param integer &$num The number of occurences. * @param string $char The character to count. * @return integer The number of occurences of $char in $string, adjusted for backslashes. */ - function _hasUnclosedBracketsSub($string, &$num, $char) + protected function _hasUnclosedBracketsSub($string, &$num, $char) { $parts = explode($char, $string); for ($i = 0; $i < count($parts); $i++){ @@ -438,11 +430,10 @@ class Mail_RFC822 { /** * Function to begin checking the address. * - * @access private * @param string $address The address to validate. * @return mixed False on failure, or a structured array of address information on success. */ - function _validateAddress($address) + protected function _validateAddress($address) { $is_group = false; $addresses = array(); @@ -483,14 +474,6 @@ class Mail_RFC822 { $addresses[] = $address['address']; } - // Check that $addresses is set, if address like this: - // Groupname:; - // Then errors were appearing. - if (!count($addresses)){ - $this->error = 'Empty group.'; - return false; - } - // Trim the whitespace from all of the address strings. array_map('trim', $addresses); @@ -531,11 +514,10 @@ class Mail_RFC822 { /** * Function to validate a phrase. * - * @access private * @param string $phrase The phrase to check. * @return boolean Success or failure. */ - function _validatePhrase($phrase) + protected function _validatePhrase($phrase) { // Splits on one or more Tab or space. $parts = preg_split('/[ \\x09]+/', $phrase, -1, PREG_SPLIT_NO_EMPTY); @@ -572,11 +554,10 @@ class Mail_RFC822 { * can split a list of addresses up before encoding personal names * (umlauts, etc.), for example. * - * @access private * @param string $atom The string to check. * @return boolean Success or failure. */ - function _validateAtom($atom) + protected function _validateAtom($atom) { if (!$this->validate) { // Validation has been turned off; assume the atom is okay. @@ -605,11 +586,10 @@ class Mail_RFC822 { * Function to validate quoted string, which is: * quoted-string = <"> *(qtext/quoted-pair) <"> * - * @access private * @param string $qstring The string to check * @return boolean Success or failure. */ - function _validateQuotedString($qstring) + protected function _validateQuotedString($qstring) { // Leading and trailing " $qstring = substr($qstring, 1, -1); @@ -623,11 +603,10 @@ class Mail_RFC822 { * mailbox = addr-spec ; simple address * / phrase route-addr ; name and route-addr * - * @access public * @param string &$mailbox The string to check. * @return boolean Success or failure. */ - function validateMailbox(&$mailbox) + public function validateMailbox(&$mailbox) { // A couple of defaults. $phrase = ''; @@ -712,11 +691,10 @@ class Mail_RFC822 { * Angle brackets have already been removed at the point of * getting to this function. * - * @access private * @param string $route_addr The string to check. * @return mixed False on failure, or an array containing validated address/route information on success. */ - function _validateRouteAddr($route_addr) + protected function _validateRouteAddr($route_addr) { // Check for colon. if (strpos($route_addr, ':') !== false) { @@ -762,11 +740,10 @@ class Mail_RFC822 { * Function to validate a route, which is: * route = 1#("@" domain) ":" * - * @access private * @param string $route The string to check. * @return mixed False on failure, or the validated $route on success. */ - function _validateRoute($route) + protected function _validateRoute($route) { // Split on comma. $domains = explode(',', trim($route)); @@ -785,11 +762,10 @@ class Mail_RFC822 { * * domain = sub-domain *("." sub-domain) * - * @access private * @param string $domain The string to check. * @return mixed False on failure, or the validated domain on success. */ - function _validateDomain($domain) + protected function _validateDomain($domain) { // Note the different use of $subdomains and $sub_domains $subdomains = explode('.', $domain); @@ -813,11 +789,10 @@ class Mail_RFC822 { * Function to validate a subdomain: * subdomain = domain-ref / domain-literal * - * @access private * @param string $subdomain The string to check. * @return boolean Success or failure. */ - function _validateSubdomain($subdomain) + protected function _validateSubdomain($subdomain) { if (preg_match('|^\[(.*)]$|', $subdomain, $arr)){ if (!$this->_validateDliteral($arr[1])) return false; @@ -833,11 +808,10 @@ class Mail_RFC822 { * Function to validate a domain literal: * domain-literal = "[" *(dtext / quoted-pair) "]" * - * @access private * @param string $dliteral The string to check. * @return boolean Success or failure. */ - function _validateDliteral($dliteral) + protected function _validateDliteral($dliteral) { return !preg_match('/(.)[][\x0D\\\\]/', $dliteral, $matches) && $matches[1] != '\\'; } @@ -847,11 +821,10 @@ class Mail_RFC822 { * * addr-spec = local-part "@" domain * - * @access private * @param string $addr_spec The string to check. * @return mixed False on failure, or the validated addr-spec on success. */ - function _validateAddrSpec($addr_spec) + protected function _validateAddrSpec($addr_spec) { $addr_spec = trim($addr_spec); @@ -878,17 +851,16 @@ class Mail_RFC822 { * Function to validate the local part of an address: * local-part = word *("." word) * - * @access private * @param string $local_part * @return mixed False on failure, or the validated local part on success. */ - function _validateLocalPart($local_part) + protected function _validateLocalPart($local_part) { $parts = explode('.', $local_part); $words = array(); // Split the local_part into words. - while (count($parts) > 0){ + while (count($parts) > 0) { $words[] = $this->_splitCheck($parts, '.'); for ($i = 0; $i < $this->index + 1; $i++) { array_shift($parts); @@ -897,6 +869,10 @@ class Mail_RFC822 { // Validate each word. foreach ($words as $word) { + // word cannot be empty (#17317) + if ($word === '') { + return false; + } // If this word contains an unquoted space, it is invalid. (6.2.4) if (strpos($word, ' ') && $word[0] !== '"') { @@ -920,7 +896,7 @@ class Mail_RFC822 { * @param string $data Addresses to count * @return int Approximate count */ - function approximateCount($data) + public function approximateCount($data) { return count(preg_split('/(? * @copyright 2010 Chuck Hagenbuch * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version CVS: $Id: mail.php 294747 2010-02-08 08:18:33Z clockwerx $ + * @version CVS: $Id$ * @link http://pear.php.net/package/Mail/ */ /** * internal PHP-mail() implementation of the PEAR Mail:: interface. * @package Mail - * @version $Revision: 294747 $ + * @version $Revision$ */ class Mail_mail extends Mail { @@ -64,7 +64,7 @@ class Mail_mail extends Mail { * * @param array $params Extra arguments for the mail() function. */ - function Mail_mail($params = null) + public function __construct($params = null) { // The other mail implementations accept parameters as arrays. // In the interest of being consistent, explode an array into @@ -109,10 +109,8 @@ class Mail_mail extends Mail { * @return mixed Returns true on success, or a PEAR_Error * containing a descriptive error message on * failure. - * - * @access public */ - function send($recipients, $headers, $body) + public function send($recipients, $headers, $body) { if (!is_array($headers)) { return PEAR::raiseError('$headers must be an array'); diff --git a/extlib/Mail/mock.php b/extlib/Mail/mock.php index 61570ba408..e3e290bdc0 100644 --- a/extlib/Mail/mock.php +++ b/extlib/Mail/mock.php @@ -2,7 +2,7 @@ /** * Mock implementation * - * PHP versions 4 and 5 + * PHP version 5 * * LICENSE: * @@ -39,7 +39,7 @@ * @author Chuck Hagenbuch * @copyright 2010 Chuck Hagenbuch * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version CVS: $Id: mock.php 294747 2010-02-08 08:18:33Z clockwerx $ + * @version CVS: $Id$ * @link http://pear.php.net/package/Mail/ */ @@ -47,7 +47,7 @@ * Mock implementation of the PEAR Mail:: interface for testing. * @access public * @package Mail - * @version $Revision: 294747 $ + * @version $Revision$ */ class Mail_mock extends Mail { @@ -55,23 +55,22 @@ class Mail_mock extends Mail { * Array of messages that have been sent with the mock. * * @var array - * @access public */ - var $sentMessages = array(); + public $sentMessages = array(); /** * Callback before sending mail. * * @var callback */ - var $_preSendCallback; + protected $_preSendCallback; /** * Callback after sending mai. * * @var callback */ - var $_postSendCallback; + protected $_postSendCallback; /** * Constructor. @@ -82,9 +81,8 @@ class Mail_mock extends Mail { * postSendCallback Called after an email would have been sent. * * @param array Hash containing any parameters. - * @access public */ - function Mail_mock($params) + public function __construct($params) { if (isset($params['preSendCallback']) && is_callable($params['preSendCallback'])) { @@ -120,9 +118,8 @@ class Mail_mock extends Mail { * @return mixed Returns true on success, or a PEAR_Error * containing a descriptive error message on * failure. - * @access public */ - function send($recipients, $headers, $body) + public function send($recipients, $headers, $body) { if ($this->_preSendCallback) { call_user_func_array($this->_preSendCallback, diff --git a/extlib/Mail/null.php b/extlib/Mail/null.php index f8d58272ee..7896a42995 100644 --- a/extlib/Mail/null.php +++ b/extlib/Mail/null.php @@ -2,7 +2,7 @@ /** * Null implementation of the PEAR Mail interface * - * PHP versions 4 and 5 + * PHP version 5 * * LICENSE: * @@ -39,7 +39,7 @@ * @author Phil Kernick * @copyright 2010 Phil Kernick * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version CVS: $Id: null.php 294747 2010-02-08 08:18:33Z clockwerx $ + * @version CVS: $Id$ * @link http://pear.php.net/package/Mail/ */ @@ -47,7 +47,7 @@ * Null implementation of the PEAR Mail:: interface. * @access public * @package Mail - * @version $Revision: 294747 $ + * @version $Revision$ */ class Mail_null extends Mail { @@ -74,9 +74,8 @@ class Mail_null extends Mail { * @return mixed Returns true on success, or a PEAR_Error * containing a descriptive error message on * failure. - * @access public */ - function send($recipients, $headers, $body) + public function send($recipients, $headers, $body) { return true; } diff --git a/extlib/Mail/sendmail.php b/extlib/Mail/sendmail.php index b056575e99..f8866bdf3d 100644 --- a/extlib/Mail/sendmail.php +++ b/extlib/Mail/sendmail.php @@ -1,7 +1,7 @@ sendmail_path = $params['sendmail_path']; @@ -100,9 +99,8 @@ class Mail_sendmail extends Mail { * @return mixed Returns true on success, or a PEAR_Error * containing a descriptive error message on * failure. - * @access public */ - function send($recipients, $headers, $body) + public function send($recipients, $headers, $body) { if (!is_array($headers)) { return PEAR::raiseError('$headers must be an array'); diff --git a/extlib/Mail/smtp.php b/extlib/Mail/smtp.php index 52ea602086..d446b1bcda 100644 --- a/extlib/Mail/smtp.php +++ b/extlib/Mail/smtp.php @@ -2,7 +2,7 @@ /** * SMTP implementation of the PEAR Mail interface. Requires the Net_SMTP class. * - * PHP versions 4 and 5 + * PHP version 5 * * LICENSE: * @@ -40,7 +40,7 @@ * @author Chuck Hagenbuch * @copyright 2010 Chuck Hagenbuch * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version CVS: $Id: smtp.php 294747 2010-02-08 08:18:33Z clockwerx $ + * @version CVS: $Id$ * @link http://pear.php.net/package/Mail/ */ @@ -69,7 +69,7 @@ define('PEAR_MAIL_SMTP_ERROR_DATA', 10006); * SMTP implementation of the PEAR Mail interface. Requires the Net_SMTP class. * @access public * @package Mail - * @version $Revision: 294747 $ + * @version $Revision$ */ class Mail_smtp extends Mail { @@ -162,6 +162,8 @@ class Mail_smtp extends Mail { * @var bool */ var $pipelining; + + var $socket_options = array(); /** * Constructor. @@ -186,9 +188,8 @@ class Mail_smtp extends Mail { * * @param array Hash containing any parameters different from the * defaults. - * @access public */ - function Mail_smtp($params) + public function __construct($params) { if (isset($params['host'])) $this->host = $params['host']; if (isset($params['port'])) $this->port = $params['port']; @@ -200,20 +201,18 @@ class Mail_smtp extends Mail { if (isset($params['debug'])) $this->debug = (bool)$params['debug']; if (isset($params['persist'])) $this->persist = (bool)$params['persist']; if (isset($params['pipelining'])) $this->pipelining = (bool)$params['pipelining']; - + if (isset($params['socket_options'])) $this->socket_options = $params['socket_options']; // Deprecated options if (isset($params['verp'])) { $this->addServiceExtensionParameter('XVERP', is_bool($params['verp']) ? null : $params['verp']); } - - register_shutdown_function(array(&$this, '_Mail_smtp')); } /** * Destructor implementation to ensure that we disconnect from any * potentially-alive persistent SMTP connections. */ - function _Mail_smtp() + public function __destruct() { $this->disconnect(); } @@ -240,12 +239,11 @@ class Mail_smtp extends Mail { * @return mixed Returns true on success, or a PEAR_Error * containing a descriptive error message on * failure. - * @access public */ - function send($recipients, $headers, $body) + public function send($recipients, $headers, $body) { /* If we don't already have an SMTP object, create one. */ - $result = &$this->getSMTPObject(); + $result = $this->getSMTPObject(); if (PEAR::isError($result)) { return $result; } @@ -304,7 +302,7 @@ class Mail_smtp extends Mail { } /* Send the message's headers and the body as SMTP data. */ - $res = $this->_smtp->data($textHeaders . "\r\n\r\n" . $body); + $res = $this->_smtp->data($body, $textHeaders); list(,$args) = $this->_smtp->getResponse(); if (preg_match("/Ok: queued as (.*)/", $args, $queued)) { @@ -337,18 +335,20 @@ class Mail_smtp extends Mail { * failure. * * @since 1.2.0 - * @access public */ - function &getSMTPObject() + public function getSMTPObject() { if (is_object($this->_smtp) !== false) { return $this->_smtp; } include_once 'Net/SMTP.php'; - $this->_smtp = &new Net_SMTP($this->host, + $this->_smtp = new Net_SMTP($this->host, $this->port, - $this->localhost); + $this->localhost, + $this->pipelining, + 0, + $this->socket_options); /* If we still don't have an SMTP object at this point, fail. */ if (is_object($this->_smtp) === false) { @@ -393,9 +393,8 @@ class Mail_smtp extends Mail { * @param string Any value the keyword needs. * * @since 1.2.0 - * @access public */ - function addServiceExtensionParameter($keyword, $value = null) + public function addServiceExtensionParameter($keyword, $value = null) { $this->_extparams[$keyword] = $value; } @@ -406,9 +405,8 @@ class Mail_smtp extends Mail { * @return boolean True if the SMTP connection no longer exists. * * @since 1.1.9 - * @access public */ - function disconnect() + public function disconnect() { /* If we have an SMTP object, disconnect and destroy it. */ if (is_object($this->_smtp) && $this->_smtp->disconnect()) { @@ -428,9 +426,8 @@ class Mail_smtp extends Mail { * @return string A string describing the current SMTP error. * * @since 1.1.7 - * @access private */ - function _error($text, &$error) + protected function _error($text, $error) { /* Split the SMTP response into a code and a response string. */ list($code, $response) = $this->_smtp->getResponse(); diff --git a/extlib/Mail/smtpmx.php b/extlib/Mail/smtpmx.php index f0b6940868..6eb8bec2ec 100644 --- a/extlib/Mail/smtpmx.php +++ b/extlib/Mail/smtpmx.php @@ -1,4 +1,4 @@ - * @copyright 2010 gERD Schaufelberger * @license http://opensource.org/licenses/bsd-license.php New BSD License - * @version CVS: $Id: smtpmx.php 294747 2010-02-08 08:18:33Z clockwerx $ + * @version CVS: $Id$ * @link http://pear.php.net/package/Mail/ */ @@ -56,7 +56,7 @@ require_once 'Net/SMTP.php'; * @access public * @author gERD Schaufelberger * @package Mail - * @version $Revision: 294747 $ + * @version $Revision$ */ class Mail_smtpmx extends Mail { @@ -386,7 +386,7 @@ class Mail_smtpmx extends Mail { } // Send data - $res = $this->_smtp->data("$textHeaders\r\n$body"); + $res = $this->_smtp->data($body, $textHeaders); if (is_a($res, 'PEAR_Error')) { $info = array('rcpt' => $rcpt); return $this->_raiseError('failed_send_data', $info); From 1db02d7f367f47703d53f0d730a49f397305961e Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 5 Mar 2016 11:59:46 +0100 Subject: [PATCH 078/415] filename_base option isn't optimal For different "download filenames" we should use some other method. --- lib/default.php | 1 - lib/mediafile.php | 44 ++++++++++++++------------------------------ 2 files changed, 14 insertions(+), 31 deletions(-) diff --git a/lib/default.php b/lib/default.php index 0fa8ce1678..d8b291b344 100644 --- a/lib/default.php +++ b/lib/default.php @@ -263,7 +263,6 @@ $default = 'user_quota' => 50000000, 'monthly_quota' => 15000000, 'uploads' => true, - 'filename_base' => 'hash', // for new files, choose one: 'upload', 'hash' 'show_html' => false, // show (filtered) text/html attachments (and oEmbed HTML etc.). Doesn't affect AJAX calls. 'show_thumbs' => true, // show thumbnails in notice lists for uploaded images, and photos and videos linked remotely that provide oEmbed info 'process_links' => true, // check linked resources for embeddable photos and videos; this will hit referenced external web sites when processing new messages. diff --git a/lib/mediafile.php b/lib/mediafile.php index dc7000f384..be97b1cc17 100644 --- a/lib/mediafile.php +++ b/lib/mediafile.php @@ -42,10 +42,8 @@ class MediaFile var $short_fileurl = null; var $mimetype = null; - function __construct(Profile $scoped, $filename = null, $mimetype = null, $filehash = null) + function __construct($filename = null, $mimetype = null, $filehash = null) { - $this->scoped = $scoped; - $this->filename = $filename; $this->mimetype = $mimetype; $this->filehash = $filehash; @@ -189,10 +187,6 @@ class MediaFile static function fromUpload($param='media', Profile $scoped=null) { - if (is_null($scoped)) { - $scoped = Profile::current(); - } - // The existence of the "error" element means PHP has processed it properly even if it was ok. if (!isset($_FILES[$param]) || !isset($_FILES[$param]['error'])) { throw new NoUploadedMediaException($param); @@ -248,21 +242,16 @@ class MediaFile } catch (NoResultException $e) { // We have to save the upload as a new local file. This is the normal course of action. - // Throws exception if additional size does not respect quota - // This test is only needed, of course, if we're uploading something new. - File::respectsQuota($scoped, $_FILES[$param]['size']); + if ($scoped instanceof Profile) { + // Throws exception if additional size does not respect quota + // This test is only needed, of course, if we're uploading something new. + File::respectsQuota($scoped, $_FILES[$param]['size']); + } $mimetype = self::getUploadedMimeType($_FILES[$param]['tmp_name'], $_FILES[$param]['name']); $basename = basename($_FILES[$param]['name']); - switch (common_config('attachments', 'filename_base')) { - case 'upload': - $filename = File::filename($scoped, $basename, $mimetype); - break; - case 'hash': - default: - $filename = strtolower($filehash) . '.' . File::guessMimeExtension($mimetype, $basename); - } + $filename = strtolower($filehash) . '.' . File::guessMimeExtension($mimetype, $basename); $filepath = File::path($filename); $result = move_uploaded_file($_FILES[$param]['tmp_name'], $filepath); @@ -274,10 +263,10 @@ class MediaFile } } - return new MediaFile($scoped, $filename, $mimetype, $filehash); + return new MediaFile($filename, $mimetype, $filehash); } - static function fromFilehandle($fh, Profile $scoped) { + static function fromFilehandle($fh, Profile $scoped=null) { $stream = stream_get_meta_data($fh); // So far we're only handling filehandles originating from tmpfile(), // so we can always do hash_file on $stream['uri'] as far as I can tell! @@ -312,18 +301,13 @@ class MediaFile $mimetype = $file->mimetype; } catch (NoResultException $e) { - File::respectsQuota($scoped, filesize($stream['uri'])); + if ($scoped instanceof Profile) { + File::respectsQuota($scoped, filesize($stream['uri'])); + } $mimetype = self::getUploadedMimeType($stream['uri']); - switch (common_config('attachments', 'filename_base')) { - case 'upload': - $filename = File::filename($scoped, "email", $mimetype); - break; - case 'hash': - default: - $filename = strtolower($filehash) . '.' . File::guessMimeExtension($mimetype); - } + $filename = strtolower($filehash) . '.' . File::guessMimeExtension($mimetype); $filepath = File::path($filename); $result = copy($stream['uri'], $filepath) && chmod($filepath, 0664); @@ -336,7 +320,7 @@ class MediaFile } } - return new MediaFile($scoped, $filename, $mimetype, $filehash); + return new MediaFile($filename, $mimetype, $filehash); } /** From 7ca0ff9a19d1d87dadc836659aa1c02e6e7c375c Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 5 Mar 2016 12:05:12 +0100 Subject: [PATCH 079/415] MediaFile::fromUpload handles missing local file better --- lib/mediafile.php | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/lib/mediafile.php b/lib/mediafile.php index be97b1cc17..54d00b4acf 100644 --- a/lib/mediafile.php +++ b/lib/mediafile.php @@ -34,8 +34,6 @@ if (!defined('GNUSOCIAL')) { exit(1); } class MediaFile { - protected $scoped = null; - var $filename = null; var $fileRecord = null; var $fileurl = null; @@ -236,7 +234,20 @@ class MediaFile try { $file = File::getByHash($filehash); // If no exception is thrown the file exists locally, so we'll use that and just add redirections. - $filename = $file->filename; + // but if the _actual_ locally stored file doesn't exist, getPath will throw FileNotFoundException + $filename = basename($file->getPath()); + $mimetype = $file->mimetype; + + } catch (FileNotFoundException $e) { + // The file does not exist in our local filesystem, so store this upload. + + if (!move_uploaded_file($_FILES[$param]['tmp_name'], $e->path)) { + // TRANS: Client exception thrown when a file upload operation fails because the file could + // TRANS: not be moved from the temporary folder to the permanent file location. + throw new ClientException(_('File could not be moved to destination directory.')); + } + + $filename = basename($file->getPath()); $mimetype = $file->mimetype; } catch (NoResultException $e) { From 97ac722b248640e9d10053fecb9e2eb9354f5378 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 5 Mar 2016 12:42:27 +0100 Subject: [PATCH 080/415] Accessibility navigation improvement --- lib/inlineattachmentlist.php | 2 +- theme/base/css/display.css | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/inlineattachmentlist.php b/lib/inlineattachmentlist.php index 40ec114ad8..8b055a9cfc 100644 --- a/lib/inlineattachmentlist.php +++ b/lib/inlineattachmentlist.php @@ -33,7 +33,7 @@ class InlineAttachmentList extends AttachmentList { function showListStart() { - $this->out->element('h3', 'attachments-title', _('Attachments')); + $this->out->element('h4', 'attachments-title', _('Attachments')); parent::showListStart(); } diff --git a/theme/base/css/display.css b/theme/base/css/display.css index 73c95c277a..8f059faadb 100644 --- a/theme/base/css/display.css +++ b/theme/base/css/display.css @@ -1476,7 +1476,7 @@ margin-left:0; margin-left: 56px; } -.notice > footer > h3 { +.notice > footer .attachments-title { margin-bottom: 0; margin-top: 1em; } From e9516ea4dda8c2425ad0ec13a838ceb5bd8f5d3f Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 6 Mar 2016 03:39:02 +0100 Subject: [PATCH 081/415] Allow gopher: scheme in link href --- .../lib/htmlpurifier/urischeme/gopher.php | 36 +++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/gopher.php diff --git a/plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/gopher.php b/plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/gopher.php new file mode 100644 index 0000000000..735ea6217d --- /dev/null +++ b/plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/gopher.php @@ -0,0 +1,36 @@ +userinfo = null; + return true; + } +} + +// vim: et sw=4 sts=4 From 47ae21c08e3fa49a0f7049a399a7d5d335cd77f3 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 6 Mar 2016 16:45:29 +0100 Subject: [PATCH 082/415] Don't resend confirm_address if profile is silenced --- scripts/resend_confirm_address.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/scripts/resend_confirm_address.php b/scripts/resend_confirm_address.php index 1d7cb55ca5..1e5bcc1555 100755 --- a/scripts/resend_confirm_address.php +++ b/scripts/resend_confirm_address.php @@ -64,6 +64,11 @@ function mailConfirmAddress(Confirm_address $ca) { try { $user = User::getByID($ca->user_id); + $profile = $user->getProfile(); + if ($profile->isSilenced()) { + $ca->delete(); + return; + } if ($user->email === $ca->address) { throw new AlreadyFulfilledException('User already has identical confirmed email address.'); } From 6ec72b29781d30c473d7d8ed69782eec92ebddad Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 6 Mar 2016 17:27:40 +0100 Subject: [PATCH 083/415] Move mail_confirm_address out of mail.php --- actions/emailsettings.php | 3 +- classes/Confirm_address.php | 87 ++++++++++++++++++- classes/User.php | 3 +- lib/mail.php | 41 +-------- .../EmailRegistrationPlugin.php | 6 +- .../scripts/cancelemailregistration.php | 8 +- .../scripts/registerbyemail.php | 6 +- 7 files changed, 94 insertions(+), 60 deletions(-) diff --git a/actions/emailsettings.php b/actions/emailsettings.php index 7384b3630d..b5933fdb65 100644 --- a/actions/emailsettings.php +++ b/actions/emailsettings.php @@ -369,8 +369,7 @@ class EmailsettingsAction extends SettingsAction throw new ServerException(_('Could not insert confirmation code.')); } - common_debug('Sending confirmation address for user '.$user->getID().' to email '.$email); - mail_confirm_address($user, $confirm->code, $user->getNickname(), $email); + $confirm->sendConfirmation(); Event::handle('EndAddEmailAddress', array($user, $email)); } diff --git a/classes/Confirm_address.php b/classes/Confirm_address.php index 9bb56cef9c..f8b5b21124 100644 --- a/classes/Confirm_address.php +++ b/classes/Confirm_address.php @@ -35,18 +35,18 @@ class Confirm_address extends Managed_DataObject ); } - static function getAddress($address, $addressType) + static function getByAddress($address, $addressType) { $ca = new Confirm_address(); $ca->address = $address; $ca->address_type = $addressType; - if ($ca->find(true)) { - return $ca; + if (!$ca->find(true)) { + throw new NoResultException($ca); } - return null; + return $ca; } static function saveNew($user, $address, $addressType, $extra=null) @@ -67,6 +67,85 @@ class Confirm_address extends Managed_DataObject return $ca; } + public function getAddress() + { + return $this->address; + } + + public function getAddressType() + { + return $this->address_type; + } + + public function getCode() + { + return $this->code; + } + + public function getProfile() + { + return Profile::getByID($this->user_id); + } + + public function getUrl() + { + return common_local_url('confirmaddress', array('code' => $this->code)); + } + + /** + * Supply arguments in $args. Currently known args: + * headers Array with headers (only used for email) + * nickname How we great the user (defaults to nickname, but can be any string) + * sitename Name we sign the email with (defaults to sitename, but can be any string) + * url The confirmation address URL. + */ + public function sendConfirmation(array $args=array()) + { + common_debug('Sending confirmation URL for user '._ve($this->user_id).' using '._ve($this->address_type)); + + $defaults = [ + 'headers' => array(), + 'nickname' => $this->getProfile()->getNickname(), + 'sitename' => common_config('site', 'name'), + 'url' => $this->getUrl(), + ]; + foreach (array_keys($defaults) as $key) { + if (!isset($args[$key])) { + $args[$key] = $defaults[$key]; + } + } + + switch ($this->getAddressType()) { + case 'email': + $this->sendEmailConfirmation($args); + break; + default: + throw ServerException('Unable to handle confirm_address address type: '._ve($this->address_type)); + } + } + + public function sendEmailConfirmation(array $args=array()) + { + // TRANS: Subject for address confirmation email. + $subject = _('Email address confirmation'); + + // TRANS: Body for address confirmation email. + // TRANS: %1$s is the addressed user's nickname, %2$s is the StatusNet sitename, + // TRANS: %3$s is the URL to confirm at. + $body = sprintf(_("Hey, %1\$s.\n\n". + "Someone just entered this email address on %2\$s.\n\n" . + "If it was you, and you want to confirm your entry, ". + "use the URL below:\n\n\t%3\$s\n\n" . + "If not, just ignore this message.\n\n". + "Thanks for your time, \n%2\$s\n"), + $args['nickname'], + $args['sitename'], + $args['url']); + + require_once(INSTALLDIR . '/lib/mail.php'); + return mail_to_user($this->getProfile()->getUser(), $subject, $body, $args['headers'], $this->getAddress()); + } + public function delete($useWhere=false) { $result = parent::delete($useWhere); diff --git a/classes/User.php b/classes/User.php index 26225916f1..c9c61d3aed 100644 --- a/classes/User.php +++ b/classes/User.php @@ -384,8 +384,7 @@ class User extends Managed_DataObject if (!empty($email) && empty($user->email)) { try { - require_once(INSTALLDIR . '/lib/mail.php'); - mail_confirm_address($user, $confirm->code, $profile->getNickname(), $email); + $confirm->sendConfirmation(); } catch (EmailException $e) { common_log(LOG_ERR, "Could not send user registration email for user id=={$profile->getID()}: {$e->getMessage()}"); if (!$accept_email_fail) { diff --git a/lib/mail.php b/lib/mail.php index 42a756ac5d..428f876383 100644 --- a/lib/mail.php +++ b/lib/mail.php @@ -144,7 +144,7 @@ function mail_notify_from() * * @return boolean success flag */ -function mail_to_user(&$user, $subject, $body, $headers=array(), $address=null) +function mail_to_user($user, $subject, $body, $headers=array(), $address=null) { if (!$address) { $address = $user->email; @@ -161,45 +161,6 @@ function mail_to_user(&$user, $subject, $body, $headers=array(), $address=null) return mail_send($recipients, $headers, $body); } -/** - * Send an email to confirm a user's control of an email address - * - * @param User $user User claiming the email address - * @param string $code Confirmation code - * @param string $nickname Nickname of user - * @param string $address email address to confirm - * - * @see common_confirmation_code() - * - * @return success flag - */ -function mail_confirm_address($user, $code, $nickname, $address, $url=null) -{ - if (empty($url)) { - $url = common_local_url('confirmaddress', array('code' => $code)); - } - - // TRANS: Subject for address confirmation email. - $subject = _('Email address confirmation'); - - // TRANS: Body for address confirmation email. - // TRANS: %1$s is the addressed user's nickname, %2$s is the StatusNet sitename, - // TRANS: %3$s is the URL to confirm at. - $body = sprintf(_("Hey, %1\$s.\n\n". - "Someone just entered this email address on %2\$s.\n\n" . - "If it was you, and you want to confirm your entry, ". - "use the URL below:\n\n\t%3\$s\n\n" . - "If not, just ignore this message.\n\n". - "Thanks for your time, \n%2\$s\n"), - $nickname, - common_config('site', 'name'), - $url); - - $headers = array(); - - return mail_to_user($user, $subject, $body, $headers, $address); -} - /** * notify a user of subscription by another user * diff --git a/plugins/EmailRegistration/EmailRegistrationPlugin.php b/plugins/EmailRegistration/EmailRegistrationPlugin.php index 56e022435e..378cb6acd1 100644 --- a/plugins/EmailRegistration/EmailRegistrationPlugin.php +++ b/plugins/EmailRegistration/EmailRegistrationPlugin.php @@ -106,9 +106,9 @@ class EmailRegistrationPlugin extends Plugin throw new ClientException(_m('Not a valid email address.')); } - $confirm = Confirm_address::getAddress($email, self::CONFIRMTYPE); - - if (empty($confirm)) { + try { + $confirm = Confirm_address::getByAddress($email, self::CONFIRMTYPE); + } catch (NoResultException $e) { $confirm = Confirm_address::saveNew(null, $email, 'register'); } diff --git a/plugins/EmailRegistration/scripts/cancelemailregistration.php b/plugins/EmailRegistration/scripts/cancelemailregistration.php index d834aade60..b926ed9a62 100755 --- a/plugins/EmailRegistration/scripts/cancelemailregistration.php +++ b/plugins/EmailRegistration/scripts/cancelemailregistration.php @@ -41,15 +41,15 @@ if (count($args) == 0) { $email = $args[0]; -$confirm = Confirm_address::getAddress($email, EmailRegistrationPlugin::CONFIRMTYPE); +try { + $confirm = Confirm_address::getByAddress($email, EmailRegistrationPlugin::CONFIRMTYPE); -if (!empty($confirm)) { if (have_option('d', 'dryrun')) { print "[Dry run mode] Deleted confirmation code {$confirm->code} for {$confirm->address}.\n"; } else { $confirm->delete(); print "Deleted confirmation code {$confirm->code} for {$confirm->address}.\n"; } -} else { - print "Couldn't find an email registration code for {$email}.\n"; +} catch (NoResultException $e) { + print "Exception thrown for {$email}: {$e->getMessage()}"; } diff --git a/plugins/RequireValidatedEmail/scripts/registerbyemail.php b/plugins/RequireValidatedEmail/scripts/registerbyemail.php index 4d2000ab0f..c7b4a2af9e 100755 --- a/plugins/RequireValidatedEmail/scripts/registerbyemail.php +++ b/plugins/RequireValidatedEmail/scripts/registerbyemail.php @@ -73,8 +73,4 @@ $url = common_local_url('confirmfirstemail', print "$url\n"; -mail_confirm_address($user, - $confirm->code, - $user->nickname, - $email, - $url); +$confirm->sendConfirmation(['url'=>$url]); From 158b323767e4f5bc87281e027f289b76354a8840 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 6 Mar 2016 17:31:40 +0100 Subject: [PATCH 084/415] Declare AdminpanelAction::canAdmin as static, since that's how it's used. --- lib/adminpanelaction.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/adminpanelaction.php b/lib/adminpanelaction.php index 2ac92cb5c6..a7cb9fc722 100644 --- a/lib/adminpanelaction.php +++ b/lib/adminpanelaction.php @@ -246,7 +246,7 @@ class AdminPanelAction extends Action $this->clientError(_('saveSettings() not implemented.')); } - function canAdmin($name) + static function canAdmin($name) { $isOK = false; From d9538183bdb7f5d9a1c7c8a35cebd064b976c55c Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 6 Mar 2016 17:47:35 +0100 Subject: [PATCH 085/415] Use information about activityschema public mention for Notice scope --- classes/Notice.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/classes/Notice.php b/classes/Notice.php index 7484897679..67336bd3dc 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -931,7 +931,14 @@ class Notice extends Managed_DataObject $act->context = new ActivityContext(); } - $stored->scope = self::figureOutScope($actor, $groups, $scope); + if (array_key_exists('http://activityschema.org/collection/public', $act->context->attention)) { + common_debug('URI "http://activityschema.org/collection/public" was in notice attention, so we scope this public.'); + $stored->scope = Notice::PUBLIC_SCOPE; + // TODO: maybe we should actually keep this? if the saveAttentions thing wants to use it... + unset($act->context->attention['http://activityschema.org/collection/public']); + } else { + $stored->scope = self::figureOutScope($actor, $groups, $scope); + } foreach ($act->categories as $cat) { if ($cat->term) { From a0336ce48b6aa73f4b74a9f2760c01551c083ecd Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 6 Mar 2016 18:15:36 +0100 Subject: [PATCH 086/415] Unnecessary debug output --- classes/Notice.php | 5 ----- 1 file changed, 5 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index 67336bd3dc..ad589d786b 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -308,7 +308,6 @@ class Notice extends Managed_DataObject // let's generate a valid link to our locally available notice on demand return common_local_url('shownotice', array('notice' => $this->getID()), null, null, false); default: - common_debug('No URL available for notice: id='.$this->getID()); throw new InvalidUrlException($this->url); } } @@ -521,9 +520,6 @@ class Notice extends Managed_DataObject if (!$notice->isLocal()) { // Only do these checks for non-local notices. Local notices will generate these values later. - if (!common_valid_http_url($url)) { - common_debug('Bad notice URL: ['.$url.'], URI: ['.$uri.']. Cannot link back to original! This is normal for shared notices etc.'); - } if (empty($uri)) { throw new ServerException('No URI for remote notice. Cannot accept that.'); } @@ -932,7 +928,6 @@ class Notice extends Managed_DataObject } if (array_key_exists('http://activityschema.org/collection/public', $act->context->attention)) { - common_debug('URI "http://activityschema.org/collection/public" was in notice attention, so we scope this public.'); $stored->scope = Notice::PUBLIC_SCOPE; // TODO: maybe we should actually keep this? if the saveAttentions thing wants to use it... unset($act->context->attention['http://activityschema.org/collection/public']); From 41b64cb8a3ee58cf671b70fa6d54ced8ed452ce4 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 7 Mar 2016 20:09:15 +0100 Subject: [PATCH 087/415] static function declaration --- plugins/Favorite/classes/Fave.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/Favorite/classes/Fave.php b/plugins/Favorite/classes/Fave.php index 864a0fc37b..7dad591181 100644 --- a/plugins/Favorite/classes/Fave.php +++ b/plugins/Favorite/classes/Fave.php @@ -79,7 +79,7 @@ class Fave extends Managed_DataObject return $stored; } - public function removeEntry(Profile $actor, Notice $target) + static function removeEntry(Profile $actor, Notice $target) { $fave = new Fave(); $fave->user_id = $actor->getID(); From a3b265a4777e6cb217fd842e137d1b3028c7f0f8 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 7 Mar 2016 20:13:07 +0100 Subject: [PATCH 088/415] Portability for filepath in File --- classes/File.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/classes/File.php b/classes/File.php index d6dd78cbef..20e1bc8344 100644 --- a/classes/File.php +++ b/classes/File.php @@ -347,8 +347,8 @@ class File extends Managed_DataObject } $dir = common_config('attachments', 'dir'); - if ($dir[strlen($dir)-1] != '/') { - $dir .= '/'; + if (!in_array($dir[mb_strlen($dir)-1], ['/', '\\'])) { + $dir .= DIRECTORY_SEPARATOR; } return $dir . $filename; From 265fa12917132631e44dea63a70d750222867344 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 7 Mar 2016 22:33:34 +0100 Subject: [PATCH 089/415] Relatively experimental change to store thumbnails in 'file/thumb/' (by default) --- actions/attachment.php | 2 +- actions/attachment_thumbnail.php | 2 +- classes/File.php | 2 +- classes/File_thumbnail.php | 81 +++++++++++++++++++++++++++----- lib/attachmentlistitem.php | 6 +-- lib/default.php | 11 +++-- lib/gnusocial.php | 22 ++++++++- lib/imagefile.php | 21 +++++++-- plugins/Oembed/OembedPlugin.php | 2 +- 9 files changed, 118 insertions(+), 31 deletions(-) diff --git a/actions/attachment.php b/actions/attachment.php index 1126759832..3ec837a511 100644 --- a/actions/attachment.php +++ b/actions/attachment.php @@ -96,7 +96,7 @@ class AttachmentAction extends ManagedAction { if (empty($this->attachment->filename)) { // if it's not a local file, gtfo - common_redirect($this->attachment->url, 303); + common_redirect($this->attachment->getUrl(), 303); } parent::showPage(); diff --git a/actions/attachment_thumbnail.php b/actions/attachment_thumbnail.php index 3b8eec3ca6..cc1b0f09c6 100644 --- a/actions/attachment_thumbnail.php +++ b/actions/attachment_thumbnail.php @@ -62,6 +62,6 @@ class Attachment_thumbnailAction extends AttachmentAction common_redirect($e->file->getUrl(), 302); } - common_redirect(File_thumbnail::url($thumbnail->filename), 302); + common_redirect(File_thumbnail::url($thumbnail->getFilename()), 302); } } diff --git a/classes/File.php b/classes/File.php index 20e1bc8344..a1a2f78906 100644 --- a/classes/File.php +++ b/classes/File.php @@ -500,7 +500,7 @@ class File extends Managed_DataObject { if ($prefer_local && !empty($this->filename)) { // A locally stored file, so let's generate a URL for our instance. - return self::url($this->filename); + return self::url($this->getFilename()); } // No local filename available, return the URL we have stored diff --git a/classes/File_thumbnail.php b/classes/File_thumbnail.php index e028409f0f..925a3b2429 100644 --- a/classes/File_thumbnail.php +++ b/classes/File_thumbnail.php @@ -129,23 +129,76 @@ class File_thumbnail extends Managed_DataObject static function path($filename) { - // TODO: Store thumbnails in their own directory and don't use File::path here - return File::path($filename); + if (!File::validFilename($filename)) { + // TRANS: Client exception thrown if a file upload does not have a valid name. + throw new ClientException(_('Invalid filename.')); + } + + $dir = common_config('thumbnail', 'dir') ?: File::path('thumb'); + + if (!in_array($dir[mb_strlen($dir)-1], ['/', '\\'])) { + $dir .= DIRECTORY_SEPARATOR; + } + + return $dir . $filename; } static function url($filename) { - // TODO: Store thumbnails in their own directory and don't use File::url here - return File::url($filename); + if (!File::validFilename($filename)) { + // TRANS: Client exception thrown if a file upload does not have a valid name. + throw new ClientException(_('Invalid filename.')); + } + + // FIXME: private site thumbnails? + + $path = common_config('thumbnail', 'path'); + if (empty($path)) { + return File::url('thumb')."/{$filename}"; + } + + $protocol = (GNUsocial::useHTTPS() ? 'https' : 'http'); + $server = common_config('thumbnail', 'server') ?: common_config('site', 'server'); + + if ($path[mb_strlen($path)-1] != '/') { + $path .= '/'; + } + if ($path[0] != '/') { + $path = '/'.$path; + } + + return $protocol.'://'.$server.$path.$filename; + } + + public function getFilename() + { + if (!File::validFilename($this->filename)) { + // TRANS: Client exception thrown if a file upload does not have a valid name. + throw new ClientException(_("Invalid filename.")); + } + return $this->filename; } public function getPath() { - $filepath = self::path($this->filename); - if (!file_exists($filepath)) { - throw new FileNotFoundException($filepath); + $oldpath = File::path($this->getFilename()); + $thumbpath = self::path($this->getFilename()); + + // If we have a file in our old thumbnail storage path, move it to the new one + if (file_exists($oldpath) && !file_exists($thumbpath)) { + if ($this->getFilename() === $this->getFile()->filename) { + // special case where thumbnail file exactly matches stored File + common_debug('File filename and File_thumbnail filename match on '.$this->file_id); + } elseif (!rename($oldpath, $thumbpath)) { + common_log(LOG_ERR, 'Could not move thumbnail from '._ve($oldpath).' to '._ve($thumbpath)); + throw new ServerException('Could not move thumbnail from old path to new path.'); + } else { + common_log(LOG_DEBUG, 'Moved thumbnail '.$this->file_id.' from '._ve($oldpath).' to '._ve($thumbpath)); + } + } elseif (!file_exists($thumbpath)) { + throw new FileNotFoundException($thumbpath); } - return $filepath; + return $thumbpath; } public function getUrl() @@ -188,10 +241,14 @@ class File_thumbnail extends Managed_DataObject public function delete($useWhere=false) { - if (!empty($this->filename) && file_exists(File_thumbnail::path($this->filename))) { - $deleted = @unlink(self::path($this->filename)); - if (!$deleted) { - common_log(LOG_ERR, sprintf('Could not unlink existing file: "%s"', self::path($this->filename))); + if (!empty($this->filename)) { + try { + $deleted = @unlink($this->getPath()); + if (!$deleted) { + common_log(LOG_ERR, 'Could not unlink existing thumbnail file: '._ve($this->getPath())); + } + } catch (FileNotFoundException $e) { + common_log(LOG_INFO, 'Thumbnail already gone from '._ve($e->path)); } } diff --git a/lib/attachmentlistitem.php b/lib/attachmentlistitem.php index e6163ecc92..6ee3c7087b 100644 --- a/lib/attachmentlistitem.php +++ b/lib/attachmentlistitem.php @@ -204,11 +204,7 @@ class AttachmentListItem extends Widget */ protected function scrubHtmlFile(File $attachment) { - $path = File::path($attachment->filename); - if (!file_exists($path) || !is_readable($path)) { - common_log(LOG_ERR, "Missing local HTML attachment $path"); - return false; - } + $path = $attachment->getPath(); $raw = file_get_contents($path); // Normalize... diff --git a/lib/default.php b/lib/default.php index d8b291b344..bf2d37d773 100644 --- a/lib/default.php +++ b/lib/default.php @@ -271,13 +271,18 @@ $default = 'exe' => false, // this would deny any uploads to keep the "exe" file extension ], ), - 'thumbnail' => - array('crop' => false, // overridden to true if thumb height === null + 'thumbnail' => [ + 'dir' => null, // falls back to File::path('thumb') (equivalent to ['attachments']['dir'] . '/thumb/') + 'path' => null, // falls back to generating a URL with File::url('thumb/$filename') (equivalent to ['attachments']['path'] . '/thumb/') + 'server' => null, // Only used if ['thumbnail']['path'] is NOT empty, and then it falls back to ['site']['server'], schema is decided from GNUsocial::useHTTPS() + + 'crop' => false, // overridden to true if thumb height === null 'maxsize' => 1000, // thumbs with an edge larger than this will not be generated 'width' => 450, 'height' => 600, 'upscale' => false, - 'animated' => false), // null="UseFileAsThumbnail", false="can use still frame". true requires ImageMagickPlugin + 'animated' => false, // null="UseFileAsThumbnail", false="can use still frame". true requires ImageMagickPlugin + ], 'application' => array('desclimit' => null), 'group' => diff --git a/lib/gnusocial.php b/lib/gnusocial.php index aecebe2556..f07d2c2446 100644 --- a/lib/gnusocial.php +++ b/lib/gnusocial.php @@ -429,10 +429,28 @@ class GNUsocial */ static function verifyLoadedConfig() { + $mkdirs = []; + if (common_config('htmlpurifier', 'Cache.DefinitionImpl') === 'Serializer' && !is_dir(common_config('htmlpurifier', 'Cache.SerializerPath'))) { - if (!mkdir(common_config('htmlpurifier', 'Cache.SerializerPath'))) { - throw new ConfigException('Could not create HTMLPurifier cache dir: '._ve(common_config('htmlpurifier', 'Cache.SerializerPath'))); + $mkdirs[common_config('htmlpurifier', 'Cache.SerializerPath')] = 'HTMLPurifier Serializer cache'; + } + + // go through our configurable storage directories + foreach (['attachments', 'thumbnail'] as $dirtype) { + $dir = common_config($dirtype, 'dir'); + if (!empty($dir) && !is_dir($dir)) { + $mkdirs[$dir] = $dirtype; + } + } + + // try to create those that are not directories + foreach ($mkdirs as $dir=>$description) { + if (is_file($dir)) { + throw new ConfigException('Expected directory for '._ve($description).' is a file!'); + } + if (!mkdir($dir)) { + throw new ConfigException('Could not create directory for '._ve($description).': '._ve($dir)); } } diff --git a/lib/imagefile.php b/lib/imagefile.php index 9f870ae290..c707208af6 100644 --- a/lib/imagefile.php +++ b/lib/imagefile.php @@ -153,8 +153,14 @@ class ImageFile $image = new ImageFile($file->getID(), $imgPath); } catch (UnsupportedMediaException $e) { // Avoid deleting the original - if ($imgPath != $file->getPath()) { - unlink($imgPath); + try { + if ($imgPath !== $file->getPath()) { + @unlink($imgPath); + } + } catch (FileNotFoundException $e) { + // File reported (via getPath) that the original file + // doesn't exist anyway, so it's safe to delete $imgPath + @unlink($imgPath); } throw $e; } @@ -607,10 +613,15 @@ class ImageFile // Perform resize and store into file $this->resizeTo($outpath, $box); - // Avoid deleting the original - if ($this->getPath() != File_thumbnail::path($this->filename)) { - $this->unlink(); + try { + // Avoid deleting the original + if (!in_array($this->getPath(), [File::path($this->filename), File_thumbnail::path($this->filename)])) { + $this->unlink(); + } + } catch (FileNotFoundException $e) { + // $this->getPath() says the file doesn't exist anyway, so no point in trying to delete it! } + return File_thumbnail::saveThumbnail($this->fileRecord->getID(), null, // no url since we generated it ourselves and can dynamically generate the url $width, $height, diff --git a/plugins/Oembed/OembedPlugin.php b/plugins/Oembed/OembedPlugin.php index 196b07d75d..cb59bb21e5 100644 --- a/plugins/Oembed/OembedPlugin.php +++ b/plugins/Oembed/OembedPlugin.php @@ -328,7 +328,7 @@ class OembedPlugin extends Plugin $ext = File::guessMimeExtension($info['mime']); // We'll trust sha256 (File::FILEHASH_ALG) not to have collision issues any time soon :) - $filename = hash(File::FILEHASH_ALG, $imgData) . ".{$ext}"; + $filename = 'oembed-'.hash(File::FILEHASH_ALG, $imgData) . ".{$ext}"; $fullpath = File_thumbnail::path($filename); // Write the file to disk. Throw Exception on failure if (!file_exists($fullpath) && file_put_contents($fullpath, $imgData) === false) { From 4e5c0e70a6822dd1a2e438b1222f916fe4de290b Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 7 Mar 2016 22:55:52 +0100 Subject: [PATCH 090/415] fillConfigVoids to set default value of empty config options --- classes/File_thumbnail.php | 3 ++- lib/gnusocial.php | 9 +++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/classes/File_thumbnail.php b/classes/File_thumbnail.php index 925a3b2429..3f36e26563 100644 --- a/classes/File_thumbnail.php +++ b/classes/File_thumbnail.php @@ -134,7 +134,8 @@ class File_thumbnail extends Managed_DataObject throw new ClientException(_('Invalid filename.')); } - $dir = common_config('thumbnail', 'dir') ?: File::path('thumb'); + // NOTE: If this is empty, it will be set to File::path('thumb') + $dir = common_config('thumbnail', 'dir'); if (!in_array($dir[mb_strlen($dir)-1], ['/', '\\'])) { $dir .= DIRECTORY_SEPARATOR; diff --git a/lib/gnusocial.php b/lib/gnusocial.php index f07d2c2446..3450b04888 100644 --- a/lib/gnusocial.php +++ b/lib/gnusocial.php @@ -141,6 +141,7 @@ class GNUsocial // Load settings from database; note we need autoload for this Config::loadSettings(); + self::fillConfigVoids(); self::verifyLoadedConfig(); self::initPlugins(); @@ -420,6 +421,14 @@ class GNUsocial } } + static function fillConfigVoids() + { + // special cases on empty configuration options + if (!common_config('thumbnail', 'dir')) { + common_config_set('thumbnail', 'dir', File::path('thumb')); + } + } + /** * Verify that the loaded config is good. Not complete, but will * throw exceptions on common configuration problems I hope. From cfc82591daaf2e6e5acdb8cc7002e81bd2a14267 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 7 Mar 2016 23:23:32 +0100 Subject: [PATCH 091/415] chmod 0775 directories we create Security for the 'g+rx' should be handle by having the parent directory inaccessible for global users, which is usually the case. --- lib/gnusocial.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/gnusocial.php b/lib/gnusocial.php index 3450b04888..789cece2be 100644 --- a/lib/gnusocial.php +++ b/lib/gnusocial.php @@ -461,6 +461,9 @@ class GNUsocial if (!mkdir($dir)) { throw new ConfigException('Could not create directory for '._ve($description).': '._ve($dir)); } + if (!chmod($dir, 0775)) { + common_log(LOG_WARNING, 'Could not chmod 0775 on directory for '._ve($description).': '._ve($dir)); + } } if (!is_array(common_config('public', 'autosource'))) { From e43fe85454423ebc049a2dd7c8a75a44c753db77 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 7 Mar 2016 23:37:07 +0100 Subject: [PATCH 092/415] Note that you should run upgrade procedure as the PHP user --- UPGRADE | 3 +++ 1 file changed, 3 insertions(+) diff --git a/UPGRADE b/UPGRADE index aaf9109e39..c175ee4f87 100644 --- a/UPGRADE +++ b/UPGRADE @@ -11,6 +11,9 @@ and follow this procedure: 0. Backup your data. The StatusNet upgrade discussions below have some guidelines to back up the database and files (mysqldump and rsync). + MAKE SURE YOU ARE THE SAME USER THAT RUNS THE PHP FILES WHILE PERFORMING + THE COMMANDS BELOW (I usually prepend the commands with 'sudo -u social') + 1. Stop your queue daemons (you can run this command even if you do not use the queue daemons): $ bash scripts/stopdaemons.sh From 3b1181dae658ba9deec38b7804d4b3282bb843c8 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 8 Mar 2016 01:36:24 +0100 Subject: [PATCH 093/415] Display locally stored remote GIFs as thumbnails Many newspapers seem to use animated GIFs as catchy header images, which we would fail to show from oEmbed/OpenGraph fetching since they would want us to "use File as Thumbnail", but the only place the image filename was stored was in File_thumbnail, for the thumbnail of that file_id which had a URL set. --- classes/File.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/classes/File.php b/classes/File.php index a1a2f78906..66ebc26138 100644 --- a/classes/File.php +++ b/classes/File.php @@ -479,7 +479,13 @@ class File extends Managed_DataObject // null means "always use file as thumbnail" // false means you get choice between frozen frame or original when calling getThumbnail if (is_null(common_config('thumbnail', 'animated')) || !$force_still) { - throw new UseFileAsThumbnailException($this->id); + try { + // remote files with animated GIFs as thumbnails will match this + return File_thumbnail::byFile($this); + } catch (NoResultException $e) { + // and if it's not a remote file, it'll be safe to use the locally stored File + throw new UseFileAsThumbnailException($this->id); + } } } From 4360c65ed9a03633553c53857c72b0a1ef0d024b Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 8 Mar 2016 01:59:58 +0100 Subject: [PATCH 094/415] Super special case where we should copy files instead of mv --- classes/File_thumbnail.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/classes/File_thumbnail.php b/classes/File_thumbnail.php index 3f36e26563..4a4b25ff4d 100644 --- a/classes/File_thumbnail.php +++ b/classes/File_thumbnail.php @@ -188,8 +188,9 @@ class File_thumbnail extends Managed_DataObject // If we have a file in our old thumbnail storage path, move it to the new one if (file_exists($oldpath) && !file_exists($thumbpath)) { if ($this->getFilename() === $this->getFile()->filename) { - // special case where thumbnail file exactly matches stored File - common_debug('File filename and File_thumbnail filename match on '.$this->file_id); + // special case where thumbnail file exactly matches stored File filename + common_debug('File filename and File_thumbnail filename match on '.$this->file_id.', copying instead'); + copy($oldpath, $thumbpath); } elseif (!rename($oldpath, $thumbpath)) { common_log(LOG_ERR, 'Could not move thumbnail from '._ve($oldpath).' to '._ve($thumbpath)); throw new ServerException('Could not move thumbnail from old path to new path.'); From 4c7436e32852a0f36481e82aa1446cd2f5e79397 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 8 Mar 2016 02:00:34 +0100 Subject: [PATCH 095/415] Match empty on "" and not just NULL --- scripts/upgrade.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/upgrade.php b/scripts/upgrade.php index d5178e109a..c9fe4b0817 100755 --- a/scripts/upgrade.php +++ b/scripts/upgrade.php @@ -457,7 +457,7 @@ function deleteLocalFileThumbnailsWithoutFilename() while ($file->fetch()) { $thumbs = new File_thumbnail(); $thumbs->file_id = $file->id; - $thumbs->whereAdd('filename IS NULL'); + $thumbs->whereAdd('filename IS NULL OR filename = ""'); // Checking if there were any File_thumbnail entries without filename if (!$thumbs->find()) { continue; @@ -480,7 +480,7 @@ function deleteMissingLocalFileThumbnails() printfnq("Removing all local File_thumbnail entries without existing files..."); $thumbs = new File_thumbnail(); - $thumbs->whereAdd('filename IS NOT NULL'); // only fill in names where they're missing + $thumbs->whereAdd('filename IS NOT NULL AND filename != ""'); // Checking if there were any File_thumbnail entries without filename if ($thumbs->find()) { while ($thumbs->fetch()) { From e4310a57cdc335d287d13efce24814c5829a5f78 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 8 Mar 2016 19:56:25 +0100 Subject: [PATCH 096/415] Profile->noticeCount minor change --- classes/Profile.php | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/classes/Profile.php b/classes/Profile.php index 3dbd883dd8..87168ace4a 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -833,19 +833,21 @@ class Profile extends Managed_DataObject $c = Cache::instance(); if (!empty($c)) { - $cnt = $c->get(Cache::key('profile:notice_count:'.$this->id)); + $cnt = $c->get(Cache::key('profile:notice_count:'.$this->getID())); if (is_integer($cnt)) { return (int) $cnt; } } $notices = new Notice(); - $notices->profile_id = $this->id; - $notices->verb = ActivityVerb::POST; - $cnt = (int) $notices->count('distinct id'); + $notices->profile_id = $this->getID(); + $notices->whereAddIn('verb', + [ActivityUtils::resolveUri(ActivityVerb::POST, true), ActivityVerb::POST], + $notices->columnType('verb')); + $cnt = (int) $notices->count(); // we don't have to provide anything as Notice is key'd if (!empty($c)) { - $c->set(Cache::key('profile:notice_count:'.$this->id), $cnt); + $c->set(Cache::key('profile:notice_count:'.$this->getID()), $cnt); } return $cnt; From e2c6f2f96fc9b40a6c3386db56cd12d726cc82a7 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 8 Mar 2016 20:01:06 +0100 Subject: [PATCH 097/415] Let's be consistent with URL verbs --- lib/activityverb.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/activityverb.php b/lib/activityverb.php index 187962d617..c59c6371b6 100644 --- a/lib/activityverb.php +++ b/lib/activityverb.php @@ -54,7 +54,7 @@ class ActivityVerb const FRIEND = 'http://activitystrea.ms/schema/1.0/make-friend'; const JOIN = 'http://activitystrea.ms/schema/1.0/join'; const TAG = 'http://activitystrea.ms/schema/1.0/tag'; - const DELETE = 'delete'; // the url part is not used anymore, and this feature is new enough to avoid problems with legacy nodes if used without http://... + const DELETE = 'http://activitystrea.ms/schema/1.0/delete'; // Custom OStatus verbs for the flipside until they're standardized const UNFAVORITE = 'http://activitystrea.ms/schema/1.0/unfavorite'; From 723b49a22aed9acc98bca4fffb870f23a04b3bd7 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 9 Mar 2016 14:17:55 +0100 Subject: [PATCH 098/415] throw exception instead of clientError --- actions/newnotice.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/newnotice.php b/actions/newnotice.php index 6ee2092061..5aa76a94e9 100644 --- a/actions/newnotice.php +++ b/actions/newnotice.php @@ -115,7 +115,7 @@ class NewnoticeAction extends FormAction // simply no attached media to the new notice if (empty($content)) { // TRANS: Client error displayed trying to send a notice without content. - $this->clientError(_('No content!')); + throw new ClientException(_('No content!')); } } From d179afa303ce83c2e8c8a1f4dc94e093eb44bcec Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 9 Mar 2016 14:51:52 +0100 Subject: [PATCH 099/415] Save allowed path/qstring/fragment characters in constants --- lib/framework.php | 4 ++++ lib/util.php | 6 +++--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/lib/framework.php b/lib/framework.php index 620730370f..3a62bb5d68 100644 --- a/lib/framework.php +++ b/lib/framework.php @@ -57,6 +57,10 @@ define('NOTICE_INBOX_SOURCE_FORWARD', 4); define('NOTICE_INBOX_SOURCE_PROFILE_TAG', 5); define('NOTICE_INBOX_SOURCE_GATEWAY', -1); +define('URL_REGEX_VALID_PATH_CHARS', '\pN\pL\,\!\(\)\.\:\-\_\+\/\=\&\;\%\~\*\$\+\'\@'); +define('URL_REGEX_VALID_QSTRING_CHARS', URL_REGEX_VALID_PATH_CHARS); +define('URL_REGEX_VALID_FRAGMENT_CHARS', URL_REGEX_VALID_PATH_CHARS . '\?\#'); + // append our extlib dir as the last-resort place to find libs set_include_path(get_include_path() . PATH_SEPARATOR . INSTALLDIR . '/extlib/'); diff --git a/lib/util.php b/lib/util.php index 05e3e732bd..977c55f4e6 100644 --- a/lib/util.php +++ b/lib/util.php @@ -1013,9 +1013,9 @@ function common_replace_urls_callback($text, $callback, $arg = null) { ')'. '(?:'. '(?:\:\d+)?'. //:port - '(?:/[\pN\pL$\,\!\(\)\.\:\-\_\+\/\=\&\;\%\~\*\$\+\'@]*)?'. // /path - '(?:\?[\pN\pL\$\,\!\(\)\.\:\-\_\+\/\=\&\;\%\~\*\$\+\'@\/]*)?'. // ?query string - '(?:\#[\pN\pL$\,\!\(\)\.\:\-\_\+\/\=\&\;\%\~\*\$\+\'\@/\?\#]*)?'. // #fragment + '(?:/[' . URL_REGEX_VALID_PATH_CHARS . ']*)?'. // path + '(?:\?[' . URL_REGEX_VALID_QSTRING_CHARS . ']*)?'. // ?query string + '(?:\#[' . URL_REGEX_VALID_FRAGMENT_CHARS . ']*)?'. // #fragment ')(? Date: Wed, 9 Mar 2016 14:52:15 +0100 Subject: [PATCH 100/415] If our host matched in File lookup, it could throw exceptions on Router->map --- classes/File.php | 33 +++++++++++++++++++++++---------- 1 file changed, 23 insertions(+), 10 deletions(-) diff --git a/classes/File.php b/classes/File.php index 66ebc26138..0368153acd 100644 --- a/classes/File.php +++ b/classes/File.php @@ -113,17 +113,30 @@ class File extends Managed_DataObject if (isset($u['host']) && $u['host'] === common_config('site', 'server')) { $r = Router::get(); // Skip the / in the beginning or $r->map won't match - $args = $r->map(mb_substr($u['path'], 1)); - if ($args['action'] === 'attachment') { - try { - // $args['attachment'] should always be set if action===attachment, given our routing rules - $file = File::getByID($args['attachment']); - return $file; - } catch (EmptyIdException $e) { - // ...but $args['attachment'] can also be 0... - } catch (NoResultException $e) { - // apparently this link goes to us, but is _not_ an existing attachment (File) ID? + try { + $args = $r->map(mb_substr($u['path'], 1)); + if ($args['action'] === 'attachment') { + try { + // $args['attachment'] should always be set if action===attachment, given our routing rules + $file = File::getByID($args['attachment']); + return $file; + } catch (EmptyIdException $e) { + // ...but $args['attachment'] can also be 0... + } catch (NoResultException $e) { + // apparently this link goes to us, but is _not_ an existing attachment (File) ID? + } } + } catch (Exception $e) { + // Some other exception was thrown from $r->map, likely a + // ClientException (404) because of some malformed link to + // our own instance. It's still a valid URL however, so we + // won't abort anything... I noticed this when linking: + // https://social.umeahackerspace.se/mmn/foaf' (notice the + // apostrophe in the end, making it unrecognizable for our + // URL routing. + // That specific issue (the apostrophe being part of a link + // is something that may or may not have been fixed since, + // in lib/util.php in common_replace_urls_callback(). } } From c76992450510f2d6261bc7c4380151681b7d5c06 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 9 Mar 2016 15:05:36 +0100 Subject: [PATCH 101/415] Reduce the number of allowed characters in auto-linking URLs. --- lib/framework.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/lib/framework.php b/lib/framework.php index 3a62bb5d68..5017fc01ea 100644 --- a/lib/framework.php +++ b/lib/framework.php @@ -57,9 +57,14 @@ define('NOTICE_INBOX_SOURCE_FORWARD', 4); define('NOTICE_INBOX_SOURCE_PROFILE_TAG', 5); define('NOTICE_INBOX_SOURCE_GATEWAY', -1); -define('URL_REGEX_VALID_PATH_CHARS', '\pN\pL\,\!\(\)\.\:\-\_\+\/\=\&\;\%\~\*\$\+\'\@'); -define('URL_REGEX_VALID_QSTRING_CHARS', URL_REGEX_VALID_PATH_CHARS); -define('URL_REGEX_VALID_FRAGMENT_CHARS', URL_REGEX_VALID_PATH_CHARS . '\?\#'); +/** + * StatusNet had this string as valid path characters: '\pN\pL\,\!\(\)\.\:\-\_\+\/\=\&\;\%\~\*\$\'\@' + * Some of those characters can be troublesome when auto-linking plain text. Such as "http://some.com/)" + * URL encoding should be used whenever a weird character is used, the following strings are not definitive. + */ +define('URL_REGEX_VALID_PATH_CHARS', '\pN\pL\,\-\_\+\/\=\:\;\%\~\*'); +define('URL_REGEX_VALID_QSTRING_CHARS', URL_REGEX_VALID_PATH_CHARS . '\&'); +define('URL_REGEX_VALID_FRAGMENT_CHARS', URL_REGEX_VALID_QSTRING_CHARS . '\?\#'); // append our extlib dir as the last-resort place to find libs From bd753055601acd42e67136f8adc8613f462c2916 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 9 Mar 2016 15:16:47 +0100 Subject: [PATCH 102/415] Define-ify excluded end-characters of URL autolinking --- lib/framework.php | 3 ++- lib/util.php | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/framework.php b/lib/framework.php index 5017fc01ea..229de8b793 100644 --- a/lib/framework.php +++ b/lib/framework.php @@ -62,9 +62,10 @@ define('NOTICE_INBOX_SOURCE_GATEWAY', -1); * Some of those characters can be troublesome when auto-linking plain text. Such as "http://some.com/)" * URL encoding should be used whenever a weird character is used, the following strings are not definitive. */ -define('URL_REGEX_VALID_PATH_CHARS', '\pN\pL\,\-\_\+\/\=\:\;\%\~\*'); +define('URL_REGEX_VALID_PATH_CHARS', '\pN\pL\,\!\.\:\-\_\+\/\=\;\%\~\*'); define('URL_REGEX_VALID_QSTRING_CHARS', URL_REGEX_VALID_PATH_CHARS . '\&'); define('URL_REGEX_VALID_FRAGMENT_CHARS', URL_REGEX_VALID_QSTRING_CHARS . '\?\#'); +define('URL_REGEX_EXCLUDED_END_CHARS', '\?\.\,\!\#\:\''); // don't include these if they are directly after a URL // append our extlib dir as the last-resort place to find libs diff --git a/lib/util.php b/lib/util.php index 977c55f4e6..e65097c32b 100644 --- a/lib/util.php +++ b/lib/util.php @@ -1016,7 +1016,7 @@ function common_replace_urls_callback($text, $callback, $arg = null) { '(?:/[' . URL_REGEX_VALID_PATH_CHARS . ']*)?'. // path '(?:\?[' . URL_REGEX_VALID_QSTRING_CHARS . ']*)?'. // ?query string '(?:\#[' . URL_REGEX_VALID_FRAGMENT_CHARS . ']*)?'. // #fragment - ')(? Date: Wed, 9 Mar 2016 23:49:01 +0100 Subject: [PATCH 103/415] Make sure File_thumbnail->getPath() doesn't throw NoResultException --- classes/File.php | 27 +++++++++--------- classes/File_thumbnail.php | 58 ++++++++++++++++++++++---------------- scripts/upgrade.php | 2 +- 3 files changed, 49 insertions(+), 38 deletions(-) diff --git a/classes/File.php b/classes/File.php index 0368153acd..9643b78f18 100644 --- a/classes/File.php +++ b/classes/File.php @@ -260,11 +260,7 @@ class File extends Managed_DataObject public function getFilename() { - if (!self::validFilename($this->filename)) { - // TRANS: Client exception thrown if a file upload does not have a valid name. - throw new ClientException(_("Invalid filename.")); - } - return $this->filename; + return self::tryFilename($this->filename); } // where should the file go? @@ -349,15 +345,23 @@ class File extends Managed_DataObject return preg_match('/^[A-Za-z0-9._-]+$/', $filename); } + static function tryFilename($filename) + { + if (!self::validFilename($filename)) + { + throw new InvalidFilenameException($filename); + } + // if successful, return the filename for easy if-statementing + return $filename; + } + /** * @throws ClientException on invalid filename */ static function path($filename) { - if (!self::validFilename($filename)) { - // TRANS: Client exception thrown if a file upload does not have a valid name. - throw new ClientException(_("Invalid filename.")); - } + self::tryFilename($filename); + $dir = common_config('attachments', 'dir'); if (!in_array($dir[mb_strlen($dir)-1], ['/', '\\'])) { @@ -369,10 +373,7 @@ class File extends Managed_DataObject static function url($filename) { - if (!self::validFilename($filename)) { - // TRANS: Client exception thrown if a file upload does not have a valid name. - throw new ClientException(_("Invalid filename.")); - } + self::tryFilename($filename); if (common_config('site','private')) { diff --git a/classes/File_thumbnail.php b/classes/File_thumbnail.php index 4a4b25ff4d..f789a0d9a1 100644 --- a/classes/File_thumbnail.php +++ b/classes/File_thumbnail.php @@ -129,12 +129,9 @@ class File_thumbnail extends Managed_DataObject static function path($filename) { - if (!File::validFilename($filename)) { - // TRANS: Client exception thrown if a file upload does not have a valid name. - throw new ClientException(_('Invalid filename.')); - } + File::tryFilename($filename); - // NOTE: If this is empty, it will be set to File::path('thumb') + // NOTE: If this is left empty in default config, it will be set to File::path('thumb') $dir = common_config('thumbnail', 'dir'); if (!in_array($dir[mb_strlen($dir)-1], ['/', '\\'])) { @@ -146,10 +143,7 @@ class File_thumbnail extends Managed_DataObject static function url($filename) { - if (!File::validFilename($filename)) { - // TRANS: Client exception thrown if a file upload does not have a valid name. - throw new ClientException(_('Invalid filename.')); - } + File::tryFilename($filename); // FIXME: private site thumbnails? @@ -173,21 +167,36 @@ class File_thumbnail extends Managed_DataObject public function getFilename() { - if (!File::validFilename($this->filename)) { - // TRANS: Client exception thrown if a file upload does not have a valid name. - throw new ClientException(_("Invalid filename.")); - } - return $this->filename; + return File::tryFilename($this->filename); } + /** + * + * @return string full filesystem path to the locally stored thumbnail file + * @throws + */ public function getPath() { $oldpath = File::path($this->getFilename()); $thumbpath = self::path($this->getFilename()); - // If we have a file in our old thumbnail storage path, move it to the new one + // If we have a file in our old thumbnail storage path, move (or copy) it to the new one + // (if the if/elseif don't match, we have a $thumbpath just as we should and can return it) if (file_exists($oldpath) && !file_exists($thumbpath)) { - if ($this->getFilename() === $this->getFile()->filename) { + try { + // let's get the filename of the File, to check below if it happens to be identical + $file_filename = $this->getFile()->getFilename(); + } catch (NoResultException $e) { + // reasonably the function calling us will handle the following as "File_thumbnail entry should be deleted" + throw FileNotFoundException($thumbpath); + } catch (InvalidFilenameException $e) { + // invalid filename in getFile()->getFilename(), just + // means the File object isn't stored locally and that + // means it's safe to move it below. + $file_filename = null; + } + + if ($this->getFilename() === $file_filename) { // special case where thumbnail file exactly matches stored File filename common_debug('File filename and File_thumbnail filename match on '.$this->file_id.', copying instead'); copy($oldpath, $thumbpath); @@ -200,6 +209,7 @@ class File_thumbnail extends Managed_DataObject } elseif (!file_exists($thumbpath)) { throw new FileNotFoundException($thumbpath); } + return $thumbpath; } @@ -243,15 +253,15 @@ class File_thumbnail extends Managed_DataObject public function delete($useWhere=false) { - if (!empty($this->filename)) { - try { - $deleted = @unlink($this->getPath()); - if (!$deleted) { - common_log(LOG_ERR, 'Could not unlink existing thumbnail file: '._ve($this->getPath())); - } - } catch (FileNotFoundException $e) { - common_log(LOG_INFO, 'Thumbnail already gone from '._ve($e->path)); + try { + $thumbpath = self::path($this->getFilename()); + // if file does not exist, try to delete it + $deleted = !file_exists($thumbpath) || @unlink($thumbpath); + if (!$deleted) { + common_log(LOG_ERR, 'Could not unlink existing thumbnail file: '._ve($thumbpath)); } + } catch (InvalidFilenameException $e) { + common_log(LOG_ERR, 'Deleting object but not attempting deleting file: '._ve($e->getMessage())); } return parent::delete($useWhere); diff --git a/scripts/upgrade.php b/scripts/upgrade.php index c9fe4b0817..fa55cfc206 100755 --- a/scripts/upgrade.php +++ b/scripts/upgrade.php @@ -503,7 +503,7 @@ function setFilehashOnLocalFiles() printfnq('Ensuring all local files have the filehash field set...'); $file = new File(); - $file->whereAdd('filename IS NOT NULL'); // local files + $file->whereAdd('filename IS NOT NULL AND filename != ""'); // local files $file->whereAdd('filehash IS NULL', 'AND'); // without filehash value if ($file->find()) { From 566977c136547e0aac8ffc359abf8adc2f502273 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 10 Mar 2016 13:46:19 +0100 Subject: [PATCH 104/415] forgot 'new' after throw --- classes/File_thumbnail.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/classes/File_thumbnail.php b/classes/File_thumbnail.php index f789a0d9a1..968883f2b8 100644 --- a/classes/File_thumbnail.php +++ b/classes/File_thumbnail.php @@ -188,7 +188,7 @@ class File_thumbnail extends Managed_DataObject $file_filename = $this->getFile()->getFilename(); } catch (NoResultException $e) { // reasonably the function calling us will handle the following as "File_thumbnail entry should be deleted" - throw FileNotFoundException($thumbpath); + throw new FileNotFoundException($thumbpath); } catch (InvalidFilenameException $e) { // invalid filename in getFile()->getFilename(), just // means the File object isn't stored locally and that From 5ca2a28246bd1411c8a4b6226c9acf48aa4dfa7a Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 10 Mar 2016 14:20:21 +0100 Subject: [PATCH 105/415] Make oEmbed handle our http/https setting better. --- lib/util.php | 9 +++++++-- plugins/Oembed/actions/oembed.php | 31 ++++++++++++------------------- 2 files changed, 19 insertions(+), 21 deletions(-) diff --git a/lib/util.php b/lib/util.php index e65097c32b..bc4898f847 100644 --- a/lib/util.php +++ b/lib/util.php @@ -1689,10 +1689,15 @@ function common_profile_url($nickname) /** * Should make up a reasonable root URL + * + * @param bool $tls true or false to force TLS scheme, null to use server configuration */ -function common_root_url($ssl=false) +function common_root_url($tls=null) { - $url = common_path('', $ssl, false); + if (is_null($tls)) { + $tls = GNUsocial::useHTTPS(); + } + $url = common_path('', $tls, false); $i = strpos($url, '?'); if ($i !== false) { $url = substr($url, 0, $i); diff --git a/plugins/Oembed/actions/oembed.php b/plugins/Oembed/actions/oembed.php index af181ad586..c374b8b34f 100644 --- a/plugins/Oembed/actions/oembed.php +++ b/plugins/Oembed/actions/oembed.php @@ -44,21 +44,20 @@ class OembedAction extends Action parent::handle(); $url = $this->trimmed('url'); - if (substr(strtolower($url),0,strlen(common_root_url())) !== strtolower(common_root_url())) { + $tls = parse_url($url, PHP_URL_SCHEME) == 'https'; + $root_url = common_root_url($tls); + + if (substr(strtolower($url),0,mb_strlen($root_url)) !== strtolower($root_url)) { // TRANS: Error message displaying attachments. %s is the site's base URL. - $this->clientError(sprintf(_('oEmbed data will only be provided for %s URLs.'), common_root_url()), 400); + throw new ClientException(sprintf(_('oEmbed data will only be provided for %s URLs.'), $root_url)); } - $path = substr($url,strlen(common_root_url())); + $path = substr($url,strlen($root_url)); $r = Router::get(); + // $r->map will throw ClientException 404 if it fails to find a mapping $proxy_args = $r->map($path); - if (!$proxy_args) { - // TRANS: Client error displayed in oEmbed action when path not found. - // TRANS: %s is a path. - $this->clientError(sprintf(_('"%s" not found.'),$path), 404); - } $oembed=array(); $oembed['version']='1.0'; @@ -68,18 +67,12 @@ class OembedAction extends Action switch ($proxy_args['action']) { case 'shownotice': $oembed['type']='link'; - $id = $proxy_args['notice']; - $notice = Notice::getKV($id); - if(empty($notice)){ - // TRANS: Client error displayed in oEmbed action when notice not found. - // TRANS: %s is a notice. - $this->clientError(sprintf(_("Notice %s not found."),$id), 404); + try { + $notice = Notice::getByID($proxy_args['notice']); + } catch (NoResultException $e) { + throw new ClientException($e->getMessage(), 404); } $profile = $notice->getProfile(); - if (empty($profile)) { - // TRANS: Server error displayed in oEmbed action when notice has not profile. - $this->serverError(_('Notice has no profile.'), 500); - } $authorname = $profile->getFancyName(); // TRANS: oEmbed title. %1$s is the author name, %2$s is the creation date. $oembed['title'] = sprintf(_('%1$s\'s status on %2$s'), @@ -256,4 +249,4 @@ class OembedAction extends Action { return true; } -} \ No newline at end of file +} From 0f5ebb6827557eb1e2737ddabe0f97858f2b27d5 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 10 Mar 2016 15:15:06 +0100 Subject: [PATCH 106/415] Redundant font definitions in CSS --- theme/neo-gnu/css/display.css | 5 ----- 1 file changed, 5 deletions(-) diff --git a/theme/neo-gnu/css/display.css b/theme/neo-gnu/css/display.css index 334177164e..5a3be469d8 100644 --- a/theme/neo-gnu/css/display.css +++ b/theme/neo-gnu/css/display.css @@ -16,14 +16,9 @@ body { /* background-color: #C6C8CC; background-image: url(../images/bg.png); */ background-color: #e9eaed; - font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; color: #222; } -input, textarea, select, option { - font-family: "Helvetica Neue", Helvetica, Arial, sans-serif; -} - a {color: #666;} a:hover {color: #a22430;} From ca8f0f84c47d6ed33e596571b6b7c875c8feaa6f Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 14 Mar 2016 15:25:05 +0100 Subject: [PATCH 107/415] Woops, forgot to include this file! --- lib/invalidfilenameexception.php | 52 ++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 lib/invalidfilenameexception.php diff --git a/lib/invalidfilenameexception.php b/lib/invalidfilenameexception.php new file mode 100644 index 0000000000..0b398c1db3 --- /dev/null +++ b/lib/invalidfilenameexception.php @@ -0,0 +1,52 @@ +. + * + * @category Exception + * @package StatusNet + * @author Mikael Nordfeldth + * @copyright 2016 Free Software Foundation, Inc. + * @license https://www.fsf.org/licensing/licenses/agpl-3.0.html AGPLv3 + * @link https://gnu.io/social + */ + +if (!defined('GNUSOCIAL')) { exit(1); } + +/** + * Class for an exception when a filename is invalid + * + * @category Exception + * @package GNUsocial + * @author Mikael Nordfeldth + * @license https://www.fsf.org/licensing/licenses/agpl-3.0.html AGPLv3 + * @link https://gnu.io/social + */ + +class InvalidFilenameException extends ServerException +{ + public $filename = null; + + public function __construct($filename) + { + $this->filename = $filename; + // We could log an entry here with the search parameters + parent::__construct(_('Invalid filename.')); + } +} From 349e842078c5d69901df6ec9205cf7edcb4c4636 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 14 Mar 2016 15:26:03 +0100 Subject: [PATCH 108/415] UPDATE ActivityVerb --- lib/activityverb.php | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/activityverb.php b/lib/activityverb.php index c59c6371b6..c940246d15 100644 --- a/lib/activityverb.php +++ b/lib/activityverb.php @@ -55,6 +55,7 @@ class ActivityVerb const JOIN = 'http://activitystrea.ms/schema/1.0/join'; const TAG = 'http://activitystrea.ms/schema/1.0/tag'; const DELETE = 'http://activitystrea.ms/schema/1.0/delete'; + const UPDATE = 'http://activitystrea.ms/schema/1.0/update'; // Custom OStatus verbs for the flipside until they're standardized const UNFAVORITE = 'http://activitystrea.ms/schema/1.0/unfavorite'; From f32414dd93d755012ff67397f4b990d42d09b244 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 15 Mar 2016 16:52:57 +0100 Subject: [PATCH 109/415] Upgrading from 1.1.x would make uri fields have length=255 --- plugins/ActivityModeration/classes/Deleted_notice.php | 1 + plugins/Event/classes/RSVP.php | 1 + 2 files changed, 2 insertions(+) diff --git a/plugins/ActivityModeration/classes/Deleted_notice.php b/plugins/ActivityModeration/classes/Deleted_notice.php index 05414caab2..7a0c6a7f05 100644 --- a/plugins/ActivityModeration/classes/Deleted_notice.php +++ b/plugins/ActivityModeration/classes/Deleted_notice.php @@ -195,6 +195,7 @@ class Deleted_notice extends Managed_DataObject echo "\nFound old $table table, upgrading it to add 'act_created' field..."; $schemadef['fields']['act_created'] = array('type' => 'datetime', 'not null' => true, 'description' => 'datetime the notice record was created'); + $schemadef['fields']['uri']['length'] = 191; // we likely don't have to discover too long keys here $schema->ensureTable($table, $schemadef); $deleted = new Deleted_notice(); diff --git a/plugins/Event/classes/RSVP.php b/plugins/Event/classes/RSVP.php index 84cbd624dc..f2ab8f0aa3 100644 --- a/plugins/Event/classes/RSVP.php +++ b/plugins/Event/classes/RSVP.php @@ -107,6 +107,7 @@ class RSVP extends Managed_DataObject echo "\nFound old $table table, upgrading it to add 'event_uri' field..."; $schemadef['fields']['event_uri'] = array('type' => 'varchar', 'length' => 191, 'not null' => true, 'description' => 'Event URI'); + $schemadef['fields']['uri']['length'] = 191; // we likely don't have to discover too long keys here $schema->ensureTable($table, $schemadef); $rsvp = new RSVP(); From f4833c6c912cdae0f109ddbff41596f89de1740a Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 15 Mar 2016 16:53:19 +0100 Subject: [PATCH 110/415] More verbose salmon debugging --- plugins/OStatus/lib/salmonaction.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/plugins/OStatus/lib/salmonaction.php b/plugins/OStatus/lib/salmonaction.php index d1293728d2..13f49f4eff 100644 --- a/plugins/OStatus/lib/salmonaction.php +++ b/plugins/OStatus/lib/salmonaction.php @@ -83,6 +83,8 @@ class SalmonAction extends Action // Cryptographic verification test, throws exception on failure $magic_env->verify($this->actor); + common_debug('Salmon slap is carrying activity URI=='._ve($this->activity->id)); + return true; } From bf7c035f9992b2e7f1df5ca1676d51f70acb0f8d Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 16 Mar 2016 20:37:57 +0100 Subject: [PATCH 111/415] only direct .inline-attachment children --- theme/base/css/display.css | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/theme/base/css/display.css b/theme/base/css/display.css index 8f059faadb..03c1544b4d 100644 --- a/theme/base/css/display.css +++ b/theme/base/css/display.css @@ -811,7 +811,7 @@ position:static; margin-bottom: 1em; } -.notice.h-entry .attachments .inline-attachment * { +.notice.h-entry .attachments .inline-attachment > * { height: auto; max-width: 100%; } From 99a2230fdb357f2821da0c595b79437fad23768f Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 17 Mar 2016 00:31:32 +0100 Subject: [PATCH 112/415] h5 and h6 don't need margin-bottom methinks --- theme/base/css/display.css | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/theme/base/css/display.css b/theme/base/css/display.css index 03c1544b4d..19ff81407d 100644 --- a/theme/base/css/display.css +++ b/theme/base/css/display.css @@ -48,9 +48,13 @@ a img { text-decoration: none; } -h1, h2, h3, h4, h5, h6 { +h1, h2, h3, h4 { font-weight: normal; - margin-bottom: 15px; + margin-bottom: 1ex; +} +h5, h6 { + font-weight: normal; + margin-bottom: 0; } h1 {font-size: 2.0em;} From 102f7ab05954146460843a8cc3af7034ee005a85 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 17 Mar 2016 00:31:45 +0100 Subject: [PATCH 113/415] oEmbed neatifying (inspired by Qvitter) --- plugins/Oembed/OembedPlugin.php | 62 +++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) diff --git a/plugins/Oembed/OembedPlugin.php b/plugins/Oembed/OembedPlugin.php index cb59bb21e5..65d71f39c8 100644 --- a/plugins/Oembed/OembedPlugin.php +++ b/plugins/Oembed/OembedPlugin.php @@ -143,6 +143,11 @@ class OembedPlugin extends Plugin return true; } + public function onEndShowStylesheets(Action $action) { + $action->cssLink($this->path('css/oembed.css')); + return true; + } + /** * Save embedding information for a File, if applicable. * @@ -224,6 +229,63 @@ class OembedPlugin extends Plugin } return true; } + + public function onStartShowAttachmentRepresentation(HTMLOutputter $out, File $file) + { + try { + $oembed = File_oembed::getByFile($file); + } catch (NoResultException $e) { + return true; + } + + $out->elementStart('article', ['class'=>'oembed-item']); + $out->elementStart('header'); + try { + $thumb = $file->getThumbnail(128, 128); + $out->element('img', $thumb->getHtmlAttrs(['class'=>'oembed-thumb'])); + unset($thumb); + } catch (Exception $e) { + $out->element('div', ['class'=>'error'], $e->getMessage()); + } + $out->elementStart('h5', ['class'=>'oembed-title']); + $out->element('a', ['href'=>$file->getUrl()], $oembed->title); + $out->elementEnd('h5'); + $out->elementStart('div', ['class'=>'oembed-source']); + if (!empty($oembed->author_name)) { + // TRANS: text before the author name of oEmbed attachment representation + // FIXME: The whole "By x from y" should be i18n because of different language constructions. + $out->text(_('By ')); + $attrs = ['class'=>'h-card']; + if (!empty($oembed->author_url)) { + $attrs['href'] = $oembed->author_url; + $tag = 'a'; + } else { + $tag = 'span'; + } + $out->element($tag, $attrs, $oembed->author_name); + } + if (!empty($oembed->provider)) { + // TRANS: text between the oEmbed author name and provider url + // FIXME: The whole "By x from y" should be i18n because of different language constructions. + $out->text(_(' from ')); + $attrs = ['class'=>'h-card']; + if (!empty($oembed->provider_url)) { + $attrs['href'] = $oembed->provider_url; + $tag = 'a'; + } else { + $tag = 'span'; + } + $out->element($tag, $attrs, $oembed->provider); + } + $out->elementEnd('div'); + $out->elementEnd('header'); + $out->element('div', ['class'=>'oembed-item-body'], common_purify($oembed->html)); + $out->elementStart('footer'); + $out->elementEnd('footer'); + $out->elementEnd('article'); + + return false; + } public function onShowUnsupportedAttachmentRepresentation(HTMLOutputter $out, File $file) { From 365f3d2aa5ad1795deec11b6a5554d683c16585b Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 17 Mar 2016 12:58:40 +0100 Subject: [PATCH 114/415] Full-content oEmbed html doesn't take up all space (and renders properly) --- plugins/Oembed/OembedPlugin.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/plugins/Oembed/OembedPlugin.php b/plugins/Oembed/OembedPlugin.php index 65d71f39c8..4497728c4c 100644 --- a/plugins/Oembed/OembedPlugin.php +++ b/plugins/Oembed/OembedPlugin.php @@ -248,7 +248,7 @@ class OembedPlugin extends Plugin $out->element('div', ['class'=>'error'], $e->getMessage()); } $out->elementStart('h5', ['class'=>'oembed-title']); - $out->element('a', ['href'=>$file->getUrl()], $oembed->title); + $out->element('a', ['href'=>$file->getUrl()], common_strip_html($oembed->title)); $out->elementEnd('h5'); $out->elementStart('div', ['class'=>'oembed-source']); if (!empty($oembed->author_name)) { @@ -279,7 +279,9 @@ class OembedPlugin extends Plugin } $out->elementEnd('div'); $out->elementEnd('header'); - $out->element('div', ['class'=>'oembed-item-body'], common_purify($oembed->html)); + $out->elementStart('div', ['class'=>'oembed-html']); + $out->raw(common_purify($oembed->html)); + $out->elementEnd('div'); $out->elementStart('footer'); $out->elementEnd('footer'); $out->elementEnd('article'); From aa3865c303c0827408a0510020147cc2929bce68 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 21 Mar 2016 02:33:57 +0100 Subject: [PATCH 115/415] Split threaded notice list classes into own files. --- lib/threadednoticelist.php | 215 ----------------------------- lib/threadednoticelistitem.php | 106 ++++++++++++++ lib/threadednoticelistmoreitem.php | 61 ++++++++ lib/threadednoticelistsubitem.php | 57 ++++++++ 4 files changed, 224 insertions(+), 215 deletions(-) create mode 100644 lib/threadednoticelistitem.php create mode 100644 lib/threadednoticelistmoreitem.php create mode 100644 lib/threadednoticelistsubitem.php diff --git a/lib/threadednoticelist.php b/lib/threadednoticelist.php index 4b5d28de3f..a68347b904 100644 --- a/lib/threadednoticelist.php +++ b/lib/threadednoticelist.php @@ -152,218 +152,3 @@ class ThreadedNoticeList extends NoticeList return new ThreadedNoticeListItem($notice, $this->out, $this->userProfile); } } - -/** - * widget for displaying a single notice - * - * This widget has the core smarts for showing a single notice: what to display, - * where, and under which circumstances. Its key method is show(); this is a recipe - * that calls all the other show*() methods to build up a single notice. The - * ProfileNoticeListItem subclass, for example, overrides showAuthor() to skip - * author info (since that's implicit by the data in the page). - * - * @category UI - * @package StatusNet - * @author Evan Prodromou - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - * @see NoticeList - * @see ProfileNoticeListItem - */ -class ThreadedNoticeListItem extends NoticeListItem -{ - protected $userProfile = null; - - function __construct(Notice $notice, Action $out=null, $profile=null) - { - parent::__construct($notice, $out); - $this->userProfile = $profile; - } - - function initialItems() - { - return 3; - } - - /** - * finish the notice - * - * Close the last elements in the notice list item - * - * @return void - */ - function showEnd() - { - $max = $this->initialItems(); - if (!$this->repeat instanceof Notice) { - $stream = new ConversationNoticeStream($this->notice->conversation, $this->userProfile); - $notice = $stream->getNotices(0, $max + 2); - $notices = array(); - $cnt = 0; - $moreCutoff = null; - while ($notice->fetch()) { - if (Event::handle('StartAddNoticeReply', array($this, $this->notice, $notice))) { - // Don't list repeats as separate notices in a conversation - if (!empty($notice->repeat_of)) { - continue; - } - - if ($notice->id == $this->notice->id) { - // Skip! - continue; - } - $cnt++; - if ($cnt > $max) { - // boo-yah - $moreCutoff = clone($notice); - break; - } - $notices[] = clone($notice); // *grumble* inefficient as hell - Event::handle('EndAddNoticeReply', array($this, $this->notice, $notice)); - } - } - - if (Event::handle('StartShowThreadedNoticeTail', array($this, $this->notice, &$notices))) { - $threadActive = count($notices) > 0; // has this thread had any activity? - - $this->out->elementStart('ul', 'notices threaded-replies xoxo'); - - if (Event::handle('StartShowThreadedNoticeTailItems', array($this, $this->notice, &$threadActive))) { - // Repeats and Faves/Likes are handled in plugins. - Event::handle('EndShowThreadedNoticeTailItems', array($this, $this->notice, &$threadActive)); - } - - if (count($notices)>0) { - if ($moreCutoff) { - $item = new ThreadedNoticeListMoreItem($moreCutoff, $this->out, count($notices)); - $item->show(); - } - foreach (array_reverse($notices) as $notice) { - if (Event::handle('StartShowThreadedNoticeSub', array($this, $this->notice, $notice))) { - $item = new ThreadedNoticeListSubItem($notice, $this->notice, $this->out); - $item->show(); - Event::handle('EndShowThreadedNoticeSub', array($this, $this->notice, $notice)); - } - } - } - - Event::handle('EndShowThreadedNoticeTail', array($this, $this->notice, $notices)); - $this->out->elementEnd('ul'); - } - } - - parent::showEnd(); - } -} - -// @todo FIXME: needs documentation. -class ThreadedNoticeListSubItem extends NoticeListItem -{ - protected $root = null; - - function __construct(Notice $notice, $root, $out) - { - $this->root = $root; - parent::__construct($notice, $out); - } - - function avatarSize() - { - return AVATAR_STREAM_SIZE; // @fixme would like something in between - } - - function showNoticeLocation() - { - // - } - - function showNoticeSource() - { - // - } - - function getAttentionProfiles() - { - $all = parent::getAttentionProfiles(); - - $profiles = array(); - - $rootAuthor = $this->root->getProfile(); - - foreach ($all as $profile) { - if ($profile->id != $rootAuthor->id) { - $profiles[] = $profile; - } - } - - return $profiles; - } - - function showEnd() - { - $threadActive = null; // unused here for now, but maybe in the future? - if (Event::handle('StartShowThreadedNoticeTailItems', array($this, $this->notice, &$threadActive))) { - // Repeats and Faves/Likes are handled in plugins. - Event::handle('EndShowThreadedNoticeTailItems', array($this, $this->notice, &$threadActive)); - } - parent::showEnd(); - } -} - -/** - * Placeholder for loading more replies... - */ -class ThreadedNoticeListMoreItem extends NoticeListItem -{ - protected $cnt; - - function __construct(Notice $notice, Action $out, $cnt) - { - parent::__construct($notice, $out); - $this->cnt = $cnt; - } - - /** - * recipe function for displaying a single notice. - * - * This uses all the other methods to correctly display a notice. Override - * it or one of the others to fine-tune the output. - * - * @return void - */ - function show() - { - $this->showStart(); - $this->showMiniForm(); - $this->showEnd(); - } - - /** - * start a single notice. - * - * @return void - */ - function showStart() - { - $this->out->elementStart('li', array('class' => 'notice-reply-comments')); - } - - function showEnd() - { - $this->out->elementEnd('li'); - } - - function showMiniForm() - { - $id = $this->notice->conversation; - $url = common_local_url('conversation', array('id' => $id)); - - $n = Conversation::noticeCount($id) - 1; - - // TRANS: Link to show replies for a notice. - // TRANS: %d is the number of replies to a notice and used for plural. - $msg = sprintf(_m('Show reply', 'Show all %d replies', $n), $n); - - $this->out->element('a', array('href' => $url), $msg); - } -} diff --git a/lib/threadednoticelistitem.php b/lib/threadednoticelistitem.php new file mode 100644 index 0000000000..7e72f6aa23 --- /dev/null +++ b/lib/threadednoticelistitem.php @@ -0,0 +1,106 @@ + + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + * @see NoticeList + * @see ProfileNoticeListItem + */ +class ThreadedNoticeListItem extends NoticeListItem +{ + protected $userProfile = null; + + function __construct(Notice $notice, Action $out=null, $profile=null) + { + parent::__construct($notice, $out); + $this->userProfile = $profile; + } + + function initialItems() + { + return 3; + } + + /** + * finish the notice + * + * Close the last elements in the notice list item + * + * @return void + */ + function showEnd() + { + $max = $this->initialItems(); + if (!$this->repeat instanceof Notice) { + $stream = new ConversationNoticeStream($this->notice->conversation, $this->userProfile); + $notice = $stream->getNotices(0, $max + 2); + $notices = array(); + $cnt = 0; + $moreCutoff = null; + while ($notice->fetch()) { + if (Event::handle('StartAddNoticeReply', array($this, $this->notice, $notice))) { + // Don't list repeats as separate notices in a conversation + if (!empty($notice->repeat_of)) { + continue; + } + + if ($notice->id == $this->notice->id) { + // Skip! + continue; + } + $cnt++; + if ($cnt > $max) { + // boo-yah + $moreCutoff = clone($notice); + break; + } + $notices[] = clone($notice); // *grumble* inefficient as hell + Event::handle('EndAddNoticeReply', array($this, $this->notice, $notice)); + } + } + + if (Event::handle('StartShowThreadedNoticeTail', array($this, $this->notice, &$notices))) { + $threadActive = count($notices) > 0; // has this thread had any activity? + + $this->out->elementStart('ul', 'notices threaded-replies xoxo'); + + if (Event::handle('StartShowThreadedNoticeTailItems', array($this, $this->notice, &$threadActive))) { + // Repeats and Faves/Likes are handled in plugins. + Event::handle('EndShowThreadedNoticeTailItems', array($this, $this->notice, &$threadActive)); + } + + if (count($notices)>0) { + if ($moreCutoff) { + $item = new ThreadedNoticeListMoreItem($moreCutoff, $this->out, count($notices)); + $item->show(); + } + foreach (array_reverse($notices) as $notice) { + if (Event::handle('StartShowThreadedNoticeSub', array($this, $this->notice, $notice))) { + $item = new ThreadedNoticeListSubItem($notice, $this->notice, $this->out); + $item->show(); + Event::handle('EndShowThreadedNoticeSub', array($this, $this->notice, $notice)); + } + } + } + + Event::handle('EndShowThreadedNoticeTail', array($this, $this->notice, $notices)); + $this->out->elementEnd('ul'); + } + } + + parent::showEnd(); + } +} diff --git a/lib/threadednoticelistmoreitem.php b/lib/threadednoticelistmoreitem.php new file mode 100644 index 0000000000..ebd0b78c84 --- /dev/null +++ b/lib/threadednoticelistmoreitem.php @@ -0,0 +1,61 @@ +cnt = $cnt; + } + + /** + * recipe function for displaying a single notice. + * + * This uses all the other methods to correctly display a notice. Override + * it or one of the others to fine-tune the output. + * + * @return void + */ + function show() + { + $this->showStart(); + $this->showMiniForm(); + $this->showEnd(); + } + + /** + * start a single notice. + * + * @return void + */ + function showStart() + { + $this->out->elementStart('li', array('class' => 'notice-reply-comments')); + } + + function showEnd() + { + $this->out->elementEnd('li'); + } + + function showMiniForm() + { + $id = $this->notice->conversation; + $url = common_local_url('conversation', array('id' => $id)); + + $n = Conversation::noticeCount($id) - 1; + + // TRANS: Link to show replies for a notice. + // TRANS: %d is the number of replies to a notice and used for plural. + $msg = sprintf(_m('Show reply', 'Show all %d replies', $n), $n); + + $this->out->element('a', array('href' => $url), $msg); + } +} diff --git a/lib/threadednoticelistsubitem.php b/lib/threadednoticelistsubitem.php new file mode 100644 index 0000000000..99c6498d01 --- /dev/null +++ b/lib/threadednoticelistsubitem.php @@ -0,0 +1,57 @@ +root = $root; + parent::__construct($notice, $out); + } + + function avatarSize() + { + return AVATAR_STREAM_SIZE; // @fixme would like something in between + } + + function showNoticeLocation() + { + // + } + + function showNoticeSource() + { + // + } + + function getAttentionProfiles() + { + $all = parent::getAttentionProfiles(); + + $profiles = array(); + + $rootAuthor = $this->root->getProfile(); + + foreach ($all as $profile) { + if ($profile->id != $rootAuthor->id) { + $profiles[] = $profile; + } + } + + return $profiles; + } + + function showEnd() + { + $threadActive = null; // unused here for now, but maybe in the future? + if (Event::handle('StartShowThreadedNoticeTailItems', array($this, $this->notice, &$threadActive))) { + // Repeats and Faves/Likes are handled in plugins. + Event::handle('EndShowThreadedNoticeTailItems', array($this, $this->notice, &$threadActive)); + } + parent::showEnd(); + } +} From cdcf6cdb25a68a7374abf30bd9fb71655b0a3f9f Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 21 Mar 2016 02:42:28 +0100 Subject: [PATCH 116/415] Hacky method to avoid cutting conversation "more" link out --- lib/threadednoticelistitem.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lib/threadednoticelistitem.php b/lib/threadednoticelistitem.php index 7e72f6aa23..81b9d2defd 100644 --- a/lib/threadednoticelistitem.php +++ b/lib/threadednoticelistitem.php @@ -61,6 +61,11 @@ class ThreadedNoticeListItem extends NoticeListItem // Skip! continue; } + + if (!$notice->isVerb([ActivityVerb::POST])) { + continue; + } + $cnt++; if ($cnt > $max) { // boo-yah From e64c3a1d87d7747c0afc136dcabbdd579cc694ea Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 21 Mar 2016 02:46:28 +0100 Subject: [PATCH 117/415] irc and ircs schemes for HTMLPurifier --- .../lib/htmlpurifier/urischeme/irc.php | 36 ++++++++++++++++ .../lib/htmlpurifier/urischeme/ircs.php | 41 +++++++++++++++++++ 2 files changed, 77 insertions(+) create mode 100644 plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/irc.php create mode 100644 plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/ircs.php diff --git a/plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/irc.php b/plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/irc.php new file mode 100644 index 0000000000..53456e4bf1 --- /dev/null +++ b/plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/irc.php @@ -0,0 +1,36 @@ +userinfo = null; + return true; + } +} + +// vim: et sw=4 sts=4 diff --git a/plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/ircs.php b/plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/ircs.php new file mode 100644 index 0000000000..5f158862a3 --- /dev/null +++ b/plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/ircs.php @@ -0,0 +1,41 @@ +userinfo = null; + return true; + } +} + +// vim: et sw=4 sts=4 From b7c4c960e2cb966d892f248eb8dfd8462b8f6db1 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 21 Mar 2016 02:48:37 +0100 Subject: [PATCH 118/415] Don't use default_port for irc schemes --- plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/irc.php | 2 +- plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/ircs.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/irc.php b/plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/irc.php index 53456e4bf1..f44b4f2b6b 100644 --- a/plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/irc.php +++ b/plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/irc.php @@ -8,7 +8,7 @@ class HTMLPurifier_URIScheme_irc extends HTMLPurifier_URIScheme /** * @type int */ - public $default_port = 6667; +// public $default_port = 6667; /** * @type bool diff --git a/plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/ircs.php b/plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/ircs.php index 5f158862a3..d446bb7b0d 100644 --- a/plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/ircs.php +++ b/plugins/HTMLPurifierSchemes/lib/htmlpurifier/urischeme/ircs.php @@ -8,7 +8,7 @@ class HTMLPurifier_URIScheme_ircs extends HTMLPurifier_URIScheme /** * @type int */ - public $default_port = 6697; +// public $default_port = 6697; /** * @type bool From 78e23bd4ec426b61428c4aa4a89c0fc2f805d11d Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 21 Mar 2016 02:55:10 +0100 Subject: [PATCH 119/415] Fix issue #171 with latent htmLawed reference --- scripts/importtwitteratom.php | 8 +------- scripts/restoreuser.php | 1 - 2 files changed, 1 insertion(+), 8 deletions(-) diff --git a/scripts/importtwitteratom.php b/scripts/importtwitteratom.php index 1a08dd7488..2a4cb7fc41 100755 --- a/scripts/importtwitteratom.php +++ b/scripts/importtwitteratom.php @@ -34,7 +34,6 @@ import an Atom feed from Twitter as notices by a user END_OF_IMPORTTWITTERATOM_HELP; require_once INSTALLDIR.'/scripts/commandline.inc'; -require_once INSTALLDIR.'/extlib/htmLawed/htmLawed.php'; function getAtomFeedDocument() { @@ -82,12 +81,7 @@ function importActivityStream($user, $doc) if (!have_option('q', 'quiet')) { print $activity->content . "\n"; } - $html = getTweetHtml($object->link); - - $config = array('safe' => 1, - 'deny_attribute' => 'class,rel,id,style,on*'); - - $html = htmLawed($html, $config); + $html = common_purify(getTweetHtml($object->link)); $content = html_entity_decode(strip_tags($html), ENT_QUOTES, 'UTF-8'); diff --git a/scripts/restoreuser.php b/scripts/restoreuser.php index 17f007b412..6c287ad667 100644 --- a/scripts/restoreuser.php +++ b/scripts/restoreuser.php @@ -34,7 +34,6 @@ neither ID or name provided, will create a new user. END_OF_RESTOREUSER_HELP; require_once INSTALLDIR.'/scripts/commandline.inc'; -require_once INSTALLDIR.'/extlib/htmLawed/htmLawed.php'; function getActivityStreamDocument() From cd24f7d30a2e2190d2a0e6ae5e33ee6e67489249 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 21 Mar 2016 02:56:47 +0100 Subject: [PATCH 120/415] Issue #166 - we test exif data below, no need for error output --- lib/imagefile.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/imagefile.php b/lib/imagefile.php index c707208af6..a328df9852 100644 --- a/lib/imagefile.php +++ b/lib/imagefile.php @@ -95,7 +95,7 @@ class ImageFile if ($this->type == IMAGETYPE_JPEG && function_exists('exif_read_data')) { // Orientation value to rotate thumbnails properly - $exif = exif_read_data($this->filepath); + $exif = @exif_read_data($this->filepath); if (is_array($exif) && isset($exif['Orientation'])) { switch ((int)$exif['Orientation']) { case 1: // top is top From 50a10cf1615fab6c4fefc397e7637d9a19d0278c Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 21 Mar 2016 03:02:22 +0100 Subject: [PATCH 121/415] Minify is evil. --- plugins/Minify/MinifyPlugin.php | 171 -- plugins/Minify/README | 34 - plugins/Minify/actions/minify.php | 116 - plugins/Minify/extlib/minify/HISTORY.txt | 75 - plugins/Minify/extlib/minify/LICENSE.txt | 26 - plugins/Minify/extlib/minify/README.txt | 53 - plugins/Minify/extlib/minify/UPGRADING.txt | 35 - plugins/Minify/extlib/minify/min/README.txt | 132 -- .../extlib/minify/min/builder/_index.js | 242 --- .../Minify/extlib/minify/min/builder/bm.js | 36 - .../extlib/minify/min/builder/index.php | 182 -- .../extlib/minify/min/builder/ocCheck.php | 36 - .../extlib/minify/min/builder/rewriteTest.js | 1 - .../Minify/extlib/minify/min/groupsConfig.php | 34 - plugins/Minify/extlib/minify/min/index.php | 66 - .../Minify/extlib/minify/min/lib/FirePHP.php | 1370 ------------ .../minify/min/lib/HTTP/ConditionalGet.php | 348 --- .../extlib/minify/min/lib/HTTP/Encoder.php | 326 --- .../Minify/extlib/minify/min/lib/JSMin.php | 314 --- .../extlib/minify/min/lib/JSMinPlus.php | 1872 ----------------- .../Minify/extlib/minify/min/lib/Minify.php | 532 ----- .../extlib/minify/min/lib/Minify/Build.php | 103 - .../extlib/minify/min/lib/Minify/CSS.php | 83 - .../minify/min/lib/Minify/CSS/Compressor.php | 250 --- .../minify/min/lib/Minify/CSS/UriRewriter.php | 270 --- .../minify/min/lib/Minify/Cache/APC.php | 130 -- .../minify/min/lib/Minify/Cache/File.php | 125 -- .../minify/min/lib/Minify/Cache/Memcache.php | 137 -- .../min/lib/Minify/CommentPreserver.php | 90 - .../minify/min/lib/Minify/Controller/Base.php | 202 -- .../min/lib/Minify/Controller/Files.php | 78 - .../min/lib/Minify/Controller/Groups.php | 94 - .../min/lib/Minify/Controller/MinApp.php | 132 -- .../minify/min/lib/Minify/Controller/Page.php | 82 - .../min/lib/Minify/Controller/Version1.php | 118 -- .../extlib/minify/min/lib/Minify/HTML.php | 245 --- .../minify/min/lib/Minify/ImportProcessor.php | 157 -- .../extlib/minify/min/lib/Minify/Lines.php | 131 -- .../extlib/minify/min/lib/Minify/Logger.php | 45 - .../extlib/minify/min/lib/Minify/Packer.php | 37 - .../extlib/minify/min/lib/Minify/Source.php | 187 -- .../minify/min/lib/Minify/YUICompressor.php | 139 -- .../extlib/minify/min/lib/Solar/Dir.php | 199 -- plugins/Minify/extlib/minify/min/utils.php | 90 - plugins/Minify/locale/Minify.pot | 40 - .../Minify/locale/af/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/ar/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/arz/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/ast/LC_MESSAGES/Minify.po | 42 - .../locale/be-tarask/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/bg/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/bn_IN/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/br/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/ca/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/cs/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/da/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/de/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/el/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/en_GB/LC_MESSAGES/Minify.po | 43 - .../Minify/locale/eo/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/es/LC_MESSAGES/Minify.po | 43 - .../Minify/locale/eu/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/fa/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/fi/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/fr/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/fur/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/gl/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/he/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/hsb/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/hu/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/hy_AM/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/ia/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/id/LC_MESSAGES/Minify.po | 43 - .../Minify/locale/io/LC_MESSAGES/Minify.po | 43 - .../Minify/locale/is/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/it/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/ja/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/ka/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/ko/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/ksh/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/lb/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/lt/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/lv/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/mg/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/mk/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/ml/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/ms/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/my/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/nb/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/ne/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/nl/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/nn/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/pl/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/pt/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/pt_BR/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/ro_RO/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/ru/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/sl/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/sr-ec/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/sv/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/ta/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/te/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/tl/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/tr/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/uk/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/ur_PK/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/vi/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/zh/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/zh_CN/LC_MESSAGES/Minify.po | 42 - .../Minify/locale/zh_TW/LC_MESSAGES/Minify.po | 42 - 110 files changed, 11899 deletions(-) delete mode 100644 plugins/Minify/MinifyPlugin.php delete mode 100644 plugins/Minify/README delete mode 100644 plugins/Minify/actions/minify.php delete mode 100644 plugins/Minify/extlib/minify/HISTORY.txt delete mode 100644 plugins/Minify/extlib/minify/LICENSE.txt delete mode 100644 plugins/Minify/extlib/minify/README.txt delete mode 100644 plugins/Minify/extlib/minify/UPGRADING.txt delete mode 100644 plugins/Minify/extlib/minify/min/README.txt delete mode 100644 plugins/Minify/extlib/minify/min/builder/_index.js delete mode 100644 plugins/Minify/extlib/minify/min/builder/bm.js delete mode 100644 plugins/Minify/extlib/minify/min/builder/index.php delete mode 100644 plugins/Minify/extlib/minify/min/builder/ocCheck.php delete mode 100644 plugins/Minify/extlib/minify/min/builder/rewriteTest.js delete mode 100644 plugins/Minify/extlib/minify/min/groupsConfig.php delete mode 100644 plugins/Minify/extlib/minify/min/index.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/FirePHP.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/HTTP/ConditionalGet.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/HTTP/Encoder.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/JSMin.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/JSMinPlus.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/Build.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/CSS.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/CSS/Compressor.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/CSS/UriRewriter.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/Cache/APC.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/Cache/File.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/Cache/Memcache.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/CommentPreserver.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/Controller/Base.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/Controller/Files.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/Controller/Groups.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/Controller/MinApp.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/Controller/Page.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/Controller/Version1.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/HTML.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/ImportProcessor.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/Lines.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/Logger.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/Packer.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/Source.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Minify/YUICompressor.php delete mode 100644 plugins/Minify/extlib/minify/min/lib/Solar/Dir.php delete mode 100644 plugins/Minify/extlib/minify/min/utils.php delete mode 100644 plugins/Minify/locale/Minify.pot delete mode 100644 plugins/Minify/locale/af/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/ar/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/arz/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/ast/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/be-tarask/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/bg/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/bn_IN/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/br/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/ca/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/cs/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/da/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/de/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/el/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/en_GB/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/eo/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/es/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/eu/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/fa/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/fi/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/fr/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/fur/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/gl/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/he/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/hsb/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/hu/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/hy_AM/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/ia/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/id/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/io/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/is/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/it/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/ja/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/ka/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/ko/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/ksh/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/lb/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/lt/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/lv/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/mg/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/mk/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/ml/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/ms/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/my/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/nb/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/ne/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/nl/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/nn/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/pl/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/pt/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/pt_BR/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/ro_RO/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/ru/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/sl/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/sr-ec/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/sv/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/ta/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/te/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/tl/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/tr/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/uk/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/ur_PK/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/vi/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/zh/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/zh_CN/LC_MESSAGES/Minify.po delete mode 100644 plugins/Minify/locale/zh_TW/LC_MESSAGES/Minify.po diff --git a/plugins/Minify/MinifyPlugin.php b/plugins/Minify/MinifyPlugin.php deleted file mode 100644 index b970cd20c6..0000000000 --- a/plugins/Minify/MinifyPlugin.php +++ /dev/null @@ -1,171 +0,0 @@ - -Author URI: http://candrews.integralblue.com/ -*/ - -/* - * StatusNet - the distributed open-source microblogging tool - * Copyright (C) 2009, StatusNet, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - -/** - * @package MinifyPlugin - * @maintainer Craig Andrews - * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org - */ - -if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } - -// We bundle the minify library... -set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/extlib/minify/min/lib'); - -class MinifyPlugin extends Plugin -{ - private $minifyInlineJs = true; - private $minifyInlineCss = true; - - const cacheKey = 'minify'; - - /** - * Add Minification related paths to the router table - * - * Hook for RouterInitialized event. - * - * @return boolean hook return - */ - function onStartInitializeRouter($m) - { - $m->connect('main/min', - array('action' => 'minify')); - return true; - } - - function onLoginAction($action, &$login) - { - switch ($action) - { - case 'minify': - $login = true; - return false; - default: - return true; - } - } - - function onStartScriptElement($action,&$src,&$type) { - $url = parse_url($src); - if( empty($url['scheme']) && empty($url['host']) && empty($url['query']) && empty($url['fragment'])) - { - if (strpos($src, 'plugins/') === 0 || strpos($src, 'local/') === 0) { - $src = $this->minifyUrl($src); - } else { - $src = $this->minifyUrl('js/'.$src); - } - } - } - - function onStartCssLinkElement($action,&$src,&$theme,&$media) { - $allowThemeMinification = - is_null(common_config('theme', 'dir')) - && is_null(common_config('theme', 'path')) - && is_null(common_config('theme', 'server')); - $url = parse_url($src); - if( empty($url['scheme']) && empty($url['host']) && empty($url['query']) && empty($url['fragment'])) - { - if(!isset($theme)) { - $theme = common_config('site', 'theme'); - } - if($allowThemeMinification && file_exists(INSTALLDIR.'/local/theme/'.$theme.'/'.$src)) { - $src = $this->minifyUrl('local/theme/'.$theme.'/'.$src); - } else if($allowThemeMinification && file_exists(INSTALLDIR.'/theme/'.$theme.'/'.$src)) { - $src = $this->minifyUrl('theme/'.$theme.'/'.$src); - }else if(file_exists(INSTALLDIR.'/'.$src)){ - $src = $this->minifyUrl($src); - } - } - } - - function onStartInlineScriptElement($action,&$code,&$type) - { - if($this->minifyInlineJs && $type=='text/javascript'){ - $c = Cache::instance(); - if (!empty($c)) { - $cacheKey = Cache::key(self::cacheKey . ':' . crc32($code)); - $out = $c->get($cacheKey); - } - if(empty($out)) { - $out = $this->minifyJs($code); - } - if (!empty($c)) { - $c->set($cacheKey, $out); - } - if(!empty($out)) { - $code = $out; - } - } - } - - function onStartStyleElement($action,&$code,&$type,&$media) - { - if($this->minifyInlineCss && $type=='text/css'){ - $c = Cache::instance(); - if (!empty($c)) { - $cacheKey = Cache::key(self::cacheKey . ':' . crc32($code)); - $out = $c->get($cacheKey); - } - if(empty($out)) { - $out = $this->minifyCss($code); - } - if (!empty($c)) { - $c->set($cacheKey, $out); - } - if(!empty($out)) { - $code = $out; - } - } - } - - function minifyUrl($src) { - return common_local_url('minify',null,array('f' => $src ,v => GNUSOCIAL_VERSION)); - } - - static function minifyJs($code) { - require_once('JSMin.php'); - return JSMin::minify($code); - } - - static function minifyCss($code, $options = array()) { - require_once('Minify/CSS.php'); - return Minify_CSS::minify($code,$options); - } - - function onPluginVersion(array &$versions) - { - $versions[] = array('name' => 'Minify', - 'version' => GNUSOCIAL_VERSION, - 'author' => 'Craig Andrews', - 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/Minify', - 'rawdescription' => - // TRANS: Plugin description. - _m('The Minify plugin minifies StatusNet\'s CSS and JavaScript, removing whitespace and comments.')); - return true; - } -} diff --git a/plugins/Minify/README b/plugins/Minify/README deleted file mode 100644 index 97fa7dadf9..0000000000 --- a/plugins/Minify/README +++ /dev/null @@ -1,34 +0,0 @@ -The Minify plugin minifies your CSS and Javascript, removing whitespace and -comments. - -Note that if enabled this plugin and use a theme server, - (if any of $config['theme']['server'], $config['theme']['path'], - $config['theme']['dir'] are set) theme CSS will not be minified. - -This plugin will use memcache, if it is available, for storing minified inline - and file javascript and css. Because minification is non-trivial, using - memcache is recommended. - -Installation -============ -add "addPlugin('minify', - array('setting'=>'value', 'setting2'=>'value2', ...);" -to the bottom of your config.php - -Settings -======== -minifyInlineJs (true): Minify inline javascript. - Because caching isn'tas effective for inline resources (due to its more - dynamic nature) than static files, minifying inline resources may adversely - affect performance for higher volume sites. Testing (and memcache usage) - are highly recommended. -minifyInlineCss (true): Minify inline CSS. - Because caching isn'tas effective for inline resources (due to its more - dynamic nature) than static files, minifying inline resources may adversely - affect performance for higher volume sites. Testing (and memcache usage) - are highly recommended. - -Example -======= - -addPlugin('minify', array()); diff --git a/plugins/Minify/actions/minify.php b/plugins/Minify/actions/minify.php deleted file mode 100644 index d7ec5d1392..0000000000 --- a/plugins/Minify/actions/minify.php +++ /dev/null @@ -1,116 +0,0 @@ -. - */ - -if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } - -class MinifyAction extends Action -{ - const TYPE_CSS = 'text/css'; - const TYPE_HTML = 'text/html'; - // there is some debate over the ideal JS Content-Type, but this is the - // Apache default and what Yahoo! uses.. - const TYPE_JS = 'application/x-javascript'; - - var $file; - var $v; - - function isReadOnly($args) - { - return true; - } - - function prepare($args) - { - parent::prepare($args); - $this->v = $args['v']; - - $f = $this->arg('f'); - if(isset($f)) { - $this->file = INSTALLDIR.'/'.$f; - if(file_exists($this->file)) { - return true; - } else { - // TRANS: Client error displayed when not providing a valid path in parameter "f". - $this->clientError(_m('The parameter "f" is not a valid path.'),404); - } - }else{ - // TRANS: Client error displayed when not providing parameter "f". - $this->clientError(_m('The parameter "f" is required but missing.'),500); - } - } - - function etag() - { - if(isset($this->v)) { - return "\"" . crc32($this->file . $this->v) . "\""; - }else{ - $stat = stat($this->file); - return '"' . $stat['ino'] . '-' . $stat['size'] . '-' . $stat['mtime'] . '"'; - } - } - - function lastModified() - { - return filemtime($this->file); - } - - function handle($args) - { - parent::handle($args); - - $c = Cache::instance(); - if (!empty($c)) { - $cacheKey = Cache::key(MinifyPlugin::cacheKey . ':' . $this->file . '?v=' . empty($this->v)?'':$this->v); - $out = $c->get($cacheKey); - } - if(empty($out)) { - $out = $this->minify($this->file); - } - if (!empty($c)) { - $c->set($cacheKey, $out); - } - - $sec = session_cache_expire() * 60; - header('Cache-Control: public, max-age=' . $sec); - header('Pragma: public'); - $this->raw($out); - } - - function minify($file) - { - $info = pathinfo($file); - switch(strtolower($info['extension'])){ - case 'js': - $out = MinifyPlugin::minifyJs(file_get_contents($file)); - header('Content-Type: ' . self::TYPE_JS); - break; - case 'css': - $options = array(); - $options['currentDir'] = dirname($file); - $options['docRoot'] = INSTALLDIR; - $out = MinifyPlugin::minifyCss(file_get_contents($file),$options); - header('Content-Type: ' . self::TYPE_CSS); - break; - default: - // TRANS: Client error displayed when trying to minify an unsupported file type. - $this->clientError(_m('File type not supported.'),500); - } - return $out; - } -} diff --git a/plugins/Minify/extlib/minify/HISTORY.txt b/plugins/Minify/extlib/minify/HISTORY.txt deleted file mode 100644 index 95a46c87ec..0000000000 --- a/plugins/Minify/extlib/minify/HISTORY.txt +++ /dev/null @@ -1,75 +0,0 @@ -Minify Release History - -Version 2.1.3 - * HTTP fixes - * ETag generation now valid (different when gzipped) - * Vary header always sent when Accept-Encoding is sniffed - * Cache-Control no longer has "must-revalidate" due to webkit bug - See: http://mrclay.org/index.php/2009/02/24/safari-4-beta-cache-controlmust-revalidate-bug/ - * Dropped deflate encoding. Browser and proxy support could be buggy. - See: http://stackoverflow.com/questions/883841/ - * File cache now works w/o setting $min_cachePath - * Allow setting contentType in Minify_Source objects - * No more 5.3 deprecation warnings: split() removed - -Version 2.1.2 - * Javascript fixes - * Debug mode no longer confused by "*/*" in strings/RegExps (jQuery) - * quote characters inside RegExp literals no longer cause exception - * files ending in single-line comments no longer cause code loss - * CSS: data: URLs no longer mangled - * Optional error logging to Firefox's FirePHP extension - * Unit tests to check for common DOCUMENT_ROOT problems - * DOCUMENT_ROOT no longer overwritten on IIS servers - * Builder app doesn't fail on systems without gzdeflate() - * APC caching class included - -Version 2.1.1 - * Bug fix release - * Detection and workarounds for zlib.output_compression and non-PHP encoding modules - * Zlib not required (mod_rewrite, et.al., can still be used for encoding) - * HTML : More IE conditional comments preserved - * Minify_groupUri() utility fixed - -Version 2.1.0 - * "min" default application for quick deployment - * Minify URI Builder app & bookmarklet for quickly creating minify URIs - * Relative URIs in CSS file are fixed automatically by default - * "debug" mode for revealing original line #s in combined files - * Better IIS support - * Improved minifier classes: - * JS: preserves IE conditional comments - * CSS: smaller output, preserves more hacks and valid CSS syntax, - shorter line lengths, other bug fixes - * HTML: smaller output, shorter line lengths, other bug fixes - * Default Cache-Control: max-age of 30 minutes - * Conditional GETs supported even when max-age sent - * Experimental memcache cache class (default is files) - * Minify_Cache_File has flock()s (by default) - * Workaround for Windows mtime reporting bug - -Version 2.0.2 beta (2008-06-24) - * Fast new cache system. Cached files served almost 3x as fast. - * Dropped support of compress encoding (though HTTP_Encoder still supports it) - -Version 2.0.1 (2008-05-31) - * E_STRICT compliance (Cache_Lite_File). - -Version 2.0.0 (2008-05-22) - * Complete code overhaul. Minify is now a PEAR-style class and toolkit - for building customized minifying file servers. - * Content-Encoding: deflate/gzip/compress, based on request headers - * Expanded CSS and HTML minifiers with test cases - * Easily plug-in 3rd-party minifiers (like Packer) - * Plug-able front end controller allows changing the way files are chosen - * Compression & encoding modules lazy-loaded as needed (304 responses use - use minimal code) - * Separate utility classes for HTTP encoding and cache control - -Version 1.0.1 (2007-05-05) - * Fixed various problems resolving pathnames when hosted on an NFS mount. - * Fixed 'undefined constant' notice. - * Replaced old JSMin library with a much faster custom implementation. - -Version 1.0.0 (2007-05-02) - * First release. \ No newline at end of file diff --git a/plugins/Minify/extlib/minify/LICENSE.txt b/plugins/Minify/extlib/minify/LICENSE.txt deleted file mode 100644 index 8f008adb56..0000000000 --- a/plugins/Minify/extlib/minify/LICENSE.txt +++ /dev/null @@ -1,26 +0,0 @@ -Copyright (c) 2008 Ryan Grove -Copyright (c) 2008 Steve Clay -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - - * Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above copyright notice, - this list of conditions and the following disclaimer in the documentation - and/or other materials provided with the distribution. - * Neither the name of this project nor the names of its contributors may be - used to endorse or promote products derived from this software without - specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON -ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/plugins/Minify/extlib/minify/README.txt b/plugins/Minify/extlib/minify/README.txt deleted file mode 100644 index 3899b99536..0000000000 --- a/plugins/Minify/extlib/minify/README.txt +++ /dev/null @@ -1,53 +0,0 @@ -WELCOME TO MINIFY 2.1! - -Minify is an HTTP content server. It compresses sources of content -(usually files), combines the result and serves it with appropriate -HTTP headers. These headers can allow clients to perform conditional -GETs (serving content only when clients do not have a valid cache) -and tell clients to cache the file for a period of time. -More info: http://code.google.com/p/minify/ - - -UPGRADING - -See UPGRADING.txt for instructions. - - -INSTALLATION AND USAGE: - -1. Place the /min/ directory as a child of your DOCUMENT_ROOT -directory: i.e. you will have: /home/user/www/public_html/min - -2. Open http://yourdomain/min/ in a web browser. This will forward -you to the Minify URI Builder application, which will help you -quickly start using Minify to serve content on your site. - - -UNIT TESTING: - -1. Place the /min_unit_tests/ directory as a child of your DOCUMENT_ROOT -directory: i.e. you will have: /home/user/www/public_html/min_unit_tests - -2. To run unit tests, access: http://yourdomain/min_unit_tests/test_all.php - -(If you wish, the other test_*.php files can be run to test individual -components with more verbose output.) - -3. Remove /min_unit_tests/ from your DOCUMENT_ROOT when you are done. - - -EXTRAS: - -The min_extras folder contains files for benchmarking using Apache ab on Windows -and a couple single-use tools. DO NOT place this on your production server. - - -FILE ENCODINGS - -Minify *should* work fine with files encoded in UTF-8 or other 8-bit -encodings like ISO 8859/Windows-1252. By default Minify appends -";charset=utf-8" to the Content-Type headers it sends. - -Leading UTF-8 BOMs are stripped from all sources to prevent -duplication in output files, and files are converted to Unix newlines. - diff --git a/plugins/Minify/extlib/minify/UPGRADING.txt b/plugins/Minify/extlib/minify/UPGRADING.txt deleted file mode 100644 index 5025faf9b7..0000000000 --- a/plugins/Minify/extlib/minify/UPGRADING.txt +++ /dev/null @@ -1,35 +0,0 @@ -Minify Upgrade Guide - -UPGRADING FROM 2.1.* - -1. Rename the following files: - - /min/config.php --> /min/old_config.php - /min/groupsConfig.php --> /min/old_groupsConfig.php - -2. Overwrite all files in /min (and /min_unit_tests) with those from this zip. - -3. Delete /min/groupsConfig.php - -4. Rename /min/old_groupsConfig.php --> /min/groupsConfig.php - -5. Merge your settings in old_config.php into config.php. - - * If you've set $_SERVER['DOCUMENT_ROOT'], instead set the new option - $min_documentRoot. This is advantageous on IIS systems because Minify - will no longer overwrite the path you specified. - - * $min_errorLogger adds the ability to enable FirePHP logging. - -6. (optional) Delete /min/old_config.php and the Minify files from your cache - directory (specified in $min_cachePath). - - -INSTALLING FRESH - -See README.txt for instructions on installing this app for the first time. - - -SUPPORT - -Send a message to http://groups.google.com/group/minify \ No newline at end of file diff --git a/plugins/Minify/extlib/minify/min/README.txt b/plugins/Minify/extlib/minify/min/README.txt deleted file mode 100644 index a7cf774a18..0000000000 --- a/plugins/Minify/extlib/minify/min/README.txt +++ /dev/null @@ -1,132 +0,0 @@ -The files in this directory represent the default Minify setup designed to ease -integration with your site. This app will combine and minify your Javascript or -CSS files and serve them with HTTP compression and cache headers. - - -RECOMMENDED - -It's recommended to edit config.php to set $min_cachePath to a writeable -(by PHP) directory on your system. This will improve performance. - - -GETTING STARTED - -The quickest way to get started is to use the Minify URI Builder application -on your website: http://example.com/min/builder/ - - -MINIFYING A SINGLE FILE - -Let's say you want to serve this file: - http://example.com/wp-content/themes/default/default.css - -Here's the "Minify URL" for this file: - http://example.com/min/?f=wp-content/themes/default/default.css - -In other words, the "f" argument is set to the file path from root without the -initial "/". As CSS files may contain relative URIs, Minify will automatically -"fix" these by rewriting them as root relative. - - -COMBINING MULTIPLE FILES IN ONE DOWNLOAD - -Separate the paths given to "f" with commas. - -Let's say you have CSS files at these URLs: - http://example.com/scripts/jquery-1.2.6.js - http://example.com/scripts/site.js - -You can combine these files through Minify by requesting this URL: - http://example.com/min/?f=scripts/jquery-1.2.6.js,scripts/site.js - - -SIMPLIFYING URLS WITH A BASE PATH - -If you're combining files that share the same ancestor directory, you can use -the "b" argument to set the base directory for the "f" argument. Do not include -the leading or trailing "/" characters. - -E.g., the following URLs will serve the exact same content: - http://example.com/min/?f=scripts/jquery-1.2.6.js,scripts/site.js,scripts/home.js - http://example.com/min/?b=scripts&f=jquery-1.2.6.js,site.js,home.js - - -MINIFY URLS IN HTML - -In (X)HTML files, don't forget to replace any "&" characters with "&". - - -SPECIFYING ALLOWED DIRECTORIES - -By default, Minify will serve any *.css/*.js files within the DOCUMENT_ROOT. If -you'd prefer to limit Minify's access to certain directories, set the -$min_serveOptions['minApp']['allowDirs'] array in config.php. E.g. to limit -to the /js and /themes/default directories, use: - -$min_serveOptions['minApp']['allowDirs'] = array('//js', '//themes/default'); - - -GROUPS: FASTER PERFORMANCE AND BETTER URLS - -For the best performance, edit groupsConfig.php to pre-specify groups of files -to be combined under preset keys. E.g., here's an example configuration in -groupsConfig.php: - -return array( - 'js' => array('//js/Class.js', '//js/email.js') -); - -This pre-selects the following files to be combined under the key "js": - http://example.com/js/Class.js - http://example.com/js/email.js - -You can now serve these files with this simple URL: - http://example.com/min/?g=js - - -GROUPS: SPECIFYING FILES OUTSIDE THE DOC_ROOT - -In the groupsConfig.php array, the "//" in the file paths is a shortcut for -the DOCUMENT_ROOT, but you can also specify paths from the root of the filesystem -or relative to the DOC_ROOT: - -return array( - 'js' => array( - '//js/file.js' // file within DOC_ROOT - ,'//../file.js' // file in parent directory of DOC_ROOT - ,'C:/Users/Steve/file.js' // file anywhere on filesystem - ) -); - - -FAR-FUTURE EXPIRES HEADERS - -Minify can send far-future (one year) Expires headers. To enable this you must -add a number to the querystring (e.g. /min/?g=js&1234 or /min/f=file.js&1234) -and alter it whenever a source file is changed. If you have a build process you -can use a build/source control revision number. - -If you serve files as a group, you can use the utility function Minify_groupUri() -to get a "versioned" Minify URI for use in your HTML. E.g.: - -"; - - -DEBUG MODE - -In debug mode, instead of compressing files, Minify sends combined files with -comments prepended to each line to show the line number in the original source -file. To enable this, set $min_allowDebugFlag to true in config.php and append -"&debug=1" to your URIs. E.g. /min/?f=script1.js,script2.js&debug=1 - -Known issue: files with comment-like strings/regexps can cause problems in this mode. - - -QUESTIONS? - -http://groups.google.com/group/minify \ No newline at end of file diff --git a/plugins/Minify/extlib/minify/min/builder/_index.js b/plugins/Minify/extlib/minify/min/builder/_index.js deleted file mode 100644 index 8e5313a3b1..0000000000 --- a/plugins/Minify/extlib/minify/min/builder/_index.js +++ /dev/null @@ -1,242 +0,0 @@ -var MUB = { - _uid : 0 - ,_minRoot : '/min/?' - ,checkRewrite : function () { - var testUri = location.pathname.replace(/\/[^\/]*$/, '/rewriteTest.js').substr(1); - function fail() { - $('#minRewriteFailed')[0].className = 'topNote'; - }; - $.ajax({ - url : '../f=' + testUri + '&' + (new Date()).getTime() - ,success : function (data) { - if (data === '1') { - MUB._minRoot = '/min/'; - $('span.minRoot').html('/min/'); - } else - fail(); - } - ,error : fail - }); - } - /** - * Get markup for new source LI element - */ - ,newLi : function () { - return '
  • http://' + location.host + '/' - + ' ' - + '
    • '; - } - /** - * Add new empty source LI and attach handlers to buttons - */ - ,addLi : function () { - $('#sources').append(MUB.newLi()); - var li = $('#li' + MUB._uid)[0]; - $('button[title=Remove]', li).click(function () { - $('#results').hide(); - var hadValue = !!$('input', li)[0].value; - $(li).remove(); - }); - $('button[title$=Earlier]', li).click(function () { - $(li).prev('li').find('input').each(function () { - $('#results').hide(); - // this = previous li input - var tmp = this.value; - this.value = $('input', li).val(); - $('input', li).val(tmp); - MUB.updateAllTestLinks(); - }); - }); - $('button[title$=Later]', li).click(function () { - $(li).next('li').find('input').each(function () { - $('#results').hide(); - // this = next li input - var tmp = this.value; - this.value = $('input', li).val(); - $('input', li).val(tmp); - MUB.updateAllTestLinks(); - }); - }); - ++MUB._uid; - } - /** - * In the context of a source LI element, this will analyze the URI in - * the INPUT and check the URL on the site. - */ - ,liUpdateTestLink : function () { // call in context of li element - if (! $('input', this)[0].value) - return; - var li = this; - $('span', this).html(''); - var url = 'http://' + location.host + '/' - + $('input', this)[0].value.replace(/^\//, ''); - $.ajax({ - url : url - ,complete : function (xhr, stat) { - if ('success' == stat) - $('span', li).html('✓'); - else { - $('span', li).html('') - .find('button').click(function () { - MUB.liUpdateTestLink.call(li); - }); - } - } - ,dataType : 'text' - }); - } - /** - * Check all source URLs - */ - ,updateAllTestLinks : function () { - $('#sources li').each(MUB.liUpdateTestLink); - } - /** - * In a given array of strings, find the character they all have at - * a particular index - * @param Array arr array of strings - * @param Number pos index to check - * @return mixed a common char or '' if any do not match - */ - ,getCommonCharAtPos : function (arr, pos) { - var i - ,l = arr.length - ,c = arr[0].charAt(pos); - if (c === '' || l === 1) - return c; - for (i = 1; i < l; ++i) - if (arr[i].charAt(pos) !== c) - return ''; - return c; - } - /** - * Get the shortest URI to minify the set of source files - * @param Array sources URIs - */ - ,getBestUri : function (sources) { - var pos = 0 - ,base = '' - ,c; - while (true) { - c = MUB.getCommonCharAtPos(sources, pos); - if (c === '') - break; - else - base += c; - ++pos; - } - base = base.replace(/[^\/]+$/, ''); - var uri = MUB._minRoot + 'f=' + sources.join(','); - if (base.charAt(base.length - 1) === '/') { - // we have a base dir! - var basedSources = sources - ,i - ,l = sources.length; - for (i = 0; i < l; ++i) { - basedSources[i] = sources[i].substr(base.length); - } - base = base.substr(0, base.length - 1); - var bUri = MUB._minRoot + 'b=' + base + '&f=' + basedSources.join(','); - //window.console && console.log([uri, bUri]); - uri = uri.length < bUri.length - ? uri - : bUri; - } - return uri; - } - /** - * Create the Minify URI for the sources - */ - ,update : function () { - MUB.updateAllTestLinks(); - var sources = [] - ,ext = false - ,fail = false; - $('#sources input').each(function () { - var m, val; - if (! fail && this.value && (m = this.value.match(/\.(css|js)$/))) { - var thisExt = m[1]; - if (ext === false) - ext = thisExt; - else if (thisExt !== ext) { - fail = true; - return alert('extensions must match!'); - } - this.value = this.value.replace(/^\//, ''); - if (-1 != $.inArray(this.value, sources)) { - fail = true; - return alert('duplicate file!'); - } - sources.push(this.value); - } - }); - if (fail || ! sources.length) - return; - $('#groupConfig').val(" 'keyName' => array('//" + sources.join("', '//") + "'),"); - var uri = MUB.getBestUri(sources) - ,uriH = uri.replace(//, '>').replace(/&/, '&'); - $('#uriA').html(uriH)[0].href = uri; - $('#uriHtml').val( - ext === 'js' - ? '' - : '' - ); - $('#results').show(); - } - /** - * Handler for the "Add file +" button - */ - ,addButtonClick : function () { - $('#results').hide(); - MUB.addLi(); - MUB.updateAllTestLinks(); - $('#update').show().click(MUB.update); - $('#sources li:last input')[0].focus(); - } - /** - * Runs on DOMready - */ - ,init : function () { - $('#app').show(); - $('#sources').html(''); - $('#add button').click(MUB.addButtonClick); - // make easier to copy text out of - $('#uriHtml, #groupConfig').click(function () { - this.select(); - }).focus(function () { - this.select(); - }); - $('a.ext').attr({target:'_blank'}); - if (location.hash) { - // make links out of URIs from bookmarklet - $('#getBm').hide(); - $('#bmUris').html('

    Found by bookmarklet: /' - + location.hash.substr(1).split(',').join(' | /') - + '

    ' - ); - $('#bmUris a').click(function () { - MUB.addButtonClick(); - $('#sources li:last input').val(this.innerHTML) - MUB.liUpdateTestLink.call($('#sources li:last')[0]); - $('#results').hide(); - return false; - }).attr({title:'Add file +'}); - } else { - // copy bookmarklet code into href - var bmUri = location.pathname.replace(/\/[^\/]*$/, '/bm.js').substr(1); - $.ajax({ - url : '../?f=' + bmUri - ,success : function (code) { - $('#bm')[0].href = code - .replace('%BUILDER_URL%', location.href) - .replace(/\n/g, ' '); - } - ,dataType : 'text' - }); - $.browser.msie && $('#getBm p:last').append(' Sorry, not supported in MSIE!'); - MUB.addButtonClick(); - } - MUB.checkRewrite(); - } -}; -window.onload = MUB.init; \ No newline at end of file diff --git a/plugins/Minify/extlib/minify/min/builder/bm.js b/plugins/Minify/extlib/minify/min/builder/bm.js deleted file mode 100644 index 10d1943814..0000000000 --- a/plugins/Minify/extlib/minify/min/builder/bm.js +++ /dev/null @@ -1,36 +0,0 @@ -javascript:(function() { - var d = document - ,uris = [] - ,i = 0 - ,o - ,home = (location + '').split('/').splice(0, 3).join('/') + '/'; - function add(uri) { - return (0 === uri.indexOf(home)) - && (!/[\?&]/.test(uri)) - && uris.push(escape(uri.substr(home.length))); - }; - function sheet(ss) { - // we must check the domain with add() before accessing ss.cssRules - // otherwise a security exception will be thrown - if (ss.href && add(ss.href) && ss.cssRules) { - var i = 0, r; - while (r = ss.cssRules[i++]) - r.styleSheet && sheet(r.styleSheet); - } - }; - while (o = d.getElementsByTagName('script')[i++]) - o.src && !(o.type && /vbs/i.test(o.type)) && add(o.src); - i = 0; - while (o = d.styleSheets[i++]) - /* http://www.w3.org/TR/DOM-Level-2-Style/stylesheets.html#StyleSheets-DocumentStyle-styleSheets - document.styleSheet is a list property where [0] accesses the 1st element and - [outOfRange] returns null. In IE, styleSheets is a function, and also throws an - exception when you check the out of bounds index. (sigh) */ - sheet(o); - if (uris.length) - window.open('%BUILDER_URL%#' + uris.join(',')); - else - alert('No js/css files found with URLs within "' - + home.split('/')[2] - + '".\n(This tool is limited to URLs with the same domain.)'); -})(); \ No newline at end of file diff --git a/plugins/Minify/extlib/minify/min/builder/index.php b/plugins/Minify/extlib/minify/min/builder/index.php deleted file mode 100644 index 1b20982220..0000000000 --- a/plugins/Minify/extlib/minify/min/builder/index.php +++ /dev/null @@ -1,182 +0,0 @@ - - - - - Minify URI Builder - - - - -

    Note: Please set $min_cachePath -in /min/config.php to improve performance.

    - - -

    Note: Your webserver does not seem to - support mod_rewrite (used in /min/.htaccess). Your Minify URIs will contain "?", which -may reduce the benefit of proxy cache servers.

    - -

    Minify URI Builder

    - - - -
    - -

    Create a list of Javascript or CSS files (or 1 is fine) you'd like to combine -and click [Update].

    - -
    -
    - -
    - -

    - -
    - -

    Minify URI

    -

    Place this URI in your HTML to serve the files above combined, minified, compressed and -with cache headers.

    - - - -
    URI/min (opens in new window)
    HTML
    - -

    How to serve these files as a group

    -

    For the best performance you can serve these files as a pre-defined group with a URI -like: /min/?g=keyName

    -

    To do this, add a line like this to /min/groupsConfig.php:

    - -
    return array(
-    ... your existing groups here ...
-
-);
    - -

    Make sure to replace keyName with a unique key for this group.

    -
    - -
    -

    Find URIs on a Page

    -

    You can use the bookmarklet below to fetch all CSS & Javascript URIs from a page -on your site. When you active it, this page will open in a new window with a list of -available URIs to add.

    - -

    Create Minify URIs (right-click, add to bookmarks)

    -
    - -

    Combining CSS files that contain @import

    -

    If your CSS files contain @import declarations, Minify will not -remove them. Therefore, you will want to remove those that point to files already -in your list, and move any others to the top of the first file in your list -(imports below any styles will be ignored by browsers as invalid).

    -

    If you desire, you can use Minify URIs in imports and they will not be touched -by Minify. E.g. @import "/min/?g=css2";

    - -
    - -
    -

    Need help? Search or post to the Minify discussion list.

    -

    This app is minified :) view -source

    - - - - - - - ob_get_contents() - ,'id' => __FILE__ - ,'lastModifiedTime' => max( - // regenerate cache if either of these change - filemtime(__FILE__) - ,filemtime(dirname(__FILE__) . '/../config.php') - ) - ,'minifyAll' => true - ,'encodeOutput' => $encodeOutput -); -ob_end_clean(); - -set_include_path(dirname(__FILE__) . '/../lib' . PATH_SEPARATOR . get_include_path()); - -require 'Minify.php'; - -if (0 === stripos(PHP_OS, 'win')) { - Minify::setDocRoot(); // we may be on IIS -} -Minify::setCache(isset($min_cachePath) ? $min_cachePath : null); -Minify::$uploaderHoursBehind = $min_uploaderHoursBehind; - -Minify::serve('Page', $serveOpts); diff --git a/plugins/Minify/extlib/minify/min/builder/ocCheck.php b/plugins/Minify/extlib/minify/min/builder/ocCheck.php deleted file mode 100644 index c47baa33db..0000000000 --- a/plugins/Minify/extlib/minify/min/builder/ocCheck.php +++ /dev/null @@ -1,36 +0,0 @@ - 'World!' - ,'method' => 'deflate' - )); - $he->encode(); - $he->sendAll(); - -} else { - // echo status "0" or "1" - header('Content-Type: text/plain'); - echo (int)$_oc; -} diff --git a/plugins/Minify/extlib/minify/min/builder/rewriteTest.js b/plugins/Minify/extlib/minify/min/builder/rewriteTest.js deleted file mode 100644 index 56a6051ca2..0000000000 --- a/plugins/Minify/extlib/minify/min/builder/rewriteTest.js +++ /dev/null @@ -1 +0,0 @@ -1 \ No newline at end of file diff --git a/plugins/Minify/extlib/minify/min/groupsConfig.php b/plugins/Minify/extlib/minify/min/groupsConfig.php deleted file mode 100644 index 9e2514d7ad..0000000000 --- a/plugins/Minify/extlib/minify/min/groupsConfig.php +++ /dev/null @@ -1,34 +0,0 @@ - array('//js/file1.js', '//js/file2.js'), - // 'css' => array('//css/file1.css', '//css/file2.css'), - - // custom source example - /*'js2' => array( - dirname(__FILE__) . '/../min_unit_tests/_test_files/js/before.js', - // do NOT process this file - new Minify_Source(array( - 'filepath' => dirname(__FILE__) . '/../min_unit_tests/_test_files/js/before.js', - 'minifier' => create_function('$a', 'return $a;') - )) - ),//*/ - - /*'js3' => array( - dirname(__FILE__) . '/../min_unit_tests/_test_files/js/before.js', - // do NOT process this file - new Minify_Source(array( - 'filepath' => dirname(__FILE__) . '/../min_unit_tests/_test_files/js/before.js', - 'minifier' => array('Minify_Packer', 'minify') - )) - ),//*/ -); \ No newline at end of file diff --git a/plugins/Minify/extlib/minify/min/index.php b/plugins/Minify/extlib/minify/min/index.php deleted file mode 100644 index 51c352569a..0000000000 --- a/plugins/Minify/extlib/minify/min/index.php +++ /dev/null @@ -1,66 +0,0 @@ - - * @license http://www.opensource.org/licenses/bsd-license.php - * @package FirePHP - */ - - -/** - * Sends the given data to the FirePHP Firefox Extension. - * The data can be displayed in the Firebug Console or in the - * "Server" request tab. - * - * For more information see: http://www.firephp.org/ - * - * @copyright Copyright (C) 2007-2008 Christoph Dorn - * @author Christoph Dorn - * @license http://www.opensource.org/licenses/bsd-license.php - * @package FirePHP - */ -class FirePHP { - - /** - * FirePHP version - * - * @var string - */ - const VERSION = '0.2.0'; - - /** - * Firebug LOG level - * - * Logs a message to firebug console. - * - * @var string - */ - const LOG = 'LOG'; - - /** - * Firebug INFO level - * - * Logs a message to firebug console and displays an info icon before the message. - * - * @var string - */ - const INFO = 'INFO'; - - /** - * Firebug WARN level - * - * Logs a message to firebug console, displays an warning icon before the message and colors the line turquoise. - * - * @var string - */ - const WARN = 'WARN'; - - /** - * Firebug ERROR level - * - * Logs a message to firebug console, displays an error icon before the message and colors the line yellow. Also increments the firebug error count. - * - * @var string - */ - const ERROR = 'ERROR'; - - /** - * Dumps a variable to firebug's server panel - * - * @var string - */ - const DUMP = 'DUMP'; - - /** - * Displays a stack trace in firebug console - * - * @var string - */ - const TRACE = 'TRACE'; - - /** - * Displays an exception in firebug console - * - * Increments the firebug error count. - * - * @var string - */ - const EXCEPTION = 'EXCEPTION'; - - /** - * Displays an table in firebug console - * - * @var string - */ - const TABLE = 'TABLE'; - - /** - * Starts a group in firebug console - * - * @var string - */ - const GROUP_START = 'GROUP_START'; - - /** - * Ends a group in firebug console - * - * @var string - */ - const GROUP_END = 'GROUP_END'; - - /** - * Singleton instance of FirePHP - * - * @var FirePHP - */ - protected static $instance = null; - - /** - * Wildfire protocol message index - * - * @var int - */ - protected $messageIndex = 1; - - /** - * Options for the library - * - * @var array - */ - protected $options = array(); - - /** - * Filters used to exclude object members when encoding - * - * @var array - */ - protected $objectFilters = array(); - - /** - * A stack of objects used to detect recursion during object encoding - * - * @var object - */ - protected $objectStack = array(); - - /** - * Flag to enable/disable logging - * - * @var boolean - */ - protected $enabled = true; - - /** - * The object constructor - */ - function __construct() { - $this->options['maxObjectDepth'] = 10; - $this->options['maxArrayDepth'] = 20; - $this->options['useNativeJsonEncode'] = true; - $this->options['includeLineNumbers'] = true; - } - - /** - * When the object gets serialized only include specific object members. - * - * @return array - */ - public function __sleep() { - return array('options','objectFilters','enabled'); - } - - /** - * Gets singleton instance of FirePHP - * - * @param boolean $AutoCreate - * @return FirePHP - */ - public static function getInstance($AutoCreate=false) { - if($AutoCreate===true && !self::$instance) { - self::init(); - } - return self::$instance; - } - - /** - * Creates FirePHP object and stores it for singleton access - * - * @return FirePHP - */ - public static function init() { - return self::$instance = new self(); - } - - /** - * Enable and disable logging to Firebug - * - * @param boolean $Enabled TRUE to enable, FALSE to disable - * @return void - */ - public function setEnabled($Enabled) { - $this->enabled = $Enabled; - } - - /** - * Check if logging is enabled - * - * @return boolean TRUE if enabled - */ - public function getEnabled() { - return $this->enabled; - } - - /** - * Specify a filter to be used when encoding an object - * - * Filters are used to exclude object members. - * - * @param string $Class The class name of the object - * @param array $Filter An array or members to exclude - * @return void - */ - public function setObjectFilter($Class, $Filter) { - $this->objectFilters[$Class] = $Filter; - } - - /** - * Set some options for the library - * - * Options: - * - maxObjectDepth: The maximum depth to traverse objects (default: 10) - * - maxArrayDepth: The maximum depth to traverse arrays (default: 20) - * - useNativeJsonEncode: If true will use json_encode() (default: true) - * - includeLineNumbers: If true will include line numbers and filenames (default: true) - * - * @param array $Options The options to be set - * @return void - */ - public function setOptions($Options) { - $this->options = array_merge($this->options,$Options); - } - - /** - * Register FirePHP as your error handler - * - * Will throw exceptions for each php error. - */ - public function registerErrorHandler() - { - //NOTE: The following errors will not be caught by this error handler: - // E_ERROR, E_PARSE, E_CORE_ERROR, - // E_CORE_WARNING, E_COMPILE_ERROR, - // E_COMPILE_WARNING, E_STRICT - - set_error_handler(array($this,'errorHandler')); - } - - /** - * FirePHP's error handler - * - * Throws exception for each php error that will occur. - * - * @param int $errno - * @param string $errstr - * @param string $errfile - * @param int $errline - * @param array $errcontext - */ - public function errorHandler($errno, $errstr, $errfile, $errline, $errcontext) - { - // Don't throw exception if error reporting is switched off - if (error_reporting() == 0) { - return; - } - // Only throw exceptions for errors we are asking for - if (error_reporting() & $errno) { - throw new ErrorException($errstr, 0, $errno, $errfile, $errline); - } - } - - /** - * Register FirePHP as your exception handler - */ - public function registerExceptionHandler() - { - set_exception_handler(array($this,'exceptionHandler')); - } - - /** - * FirePHP's exception handler - * - * Logs all exceptions to your firebug console and then stops the script. - * - * @param Exception $Exception - * @throws Exception - */ - function exceptionHandler($Exception) { - $this->fb($Exception); - } - - /** - * Set custom processor url for FirePHP - * - * @param string $URL - */ - public function setProcessorUrl($URL) - { - $this->setHeader('X-FirePHP-ProcessorURL', $URL); - } - - /** - * Set custom renderer url for FirePHP - * - * @param string $URL - */ - public function setRendererUrl($URL) - { - $this->setHeader('X-FirePHP-RendererURL', $URL); - } - - /** - * Start a group for following messages - * - * @param string $Name - * @return true - * @throws Exception - */ - public function group($Name) { - return $this->fb(null, $Name, FirePHP::GROUP_START); - } - - /** - * Ends a group you have started before - * - * @return true - * @throws Exception - */ - public function groupEnd() { - return $this->fb(null, null, FirePHP::GROUP_END); - } - - /** - * Log object with label to firebug console - * - * @see FirePHP::LOG - * @param mixes $Object - * @param string $Label - * @return true - * @throws Exception - */ - public function log($Object, $Label=null) { - return $this->fb($Object, $Label, FirePHP::LOG); - } - - /** - * Log object with label to firebug console - * - * @see FirePHP::INFO - * @param mixes $Object - * @param string $Label - * @return true - * @throws Exception - */ - public function info($Object, $Label=null) { - return $this->fb($Object, $Label, FirePHP::INFO); - } - - /** - * Log object with label to firebug console - * - * @see FirePHP::WARN - * @param mixes $Object - * @param string $Label - * @return true - * @throws Exception - */ - public function warn($Object, $Label=null) { - return $this->fb($Object, $Label, FirePHP::WARN); - } - - /** - * Log object with label to firebug console - * - * @see FirePHP::ERROR - * @param mixes $Object - * @param string $Label - * @return true - * @throws Exception - */ - public function error($Object, $Label=null) { - return $this->fb($Object, $Label, FirePHP::ERROR); - } - - /** - * Dumps key and variable to firebug server panel - * - * @see FirePHP::DUMP - * @param string $Key - * @param mixed $Variable - * @return true - * @throws Exception - */ - public function dump($Key, $Variable) { - return $this->fb($Variable, $Key, FirePHP::DUMP); - } - - /** - * Log a trace in the firebug console - * - * @see FirePHP::TRACE - * @param string $Label - * @return true - * @throws Exception - */ - public function trace($Label) { - return $this->fb($Label, FirePHP::TRACE); - } - - /** - * Log a table in the firebug console - * - * @see FirePHP::TABLE - * @param string $Label - * @param string $Table - * @return true - * @throws Exception - */ - public function table($Label, $Table) { - return $this->fb($Table, $Label, FirePHP::TABLE); - } - - /** - * Check if FirePHP is installed on client - * - * @return boolean - */ - public function detectClientExtension() { - /* Check if FirePHP is installed on client */ - if(!@preg_match_all('/\sFirePHP\/([\.|\d]*)\s?/si',$this->getUserAgent(),$m) || - !version_compare($m[1][0],'0.0.6','>=')) { - return false; - } - return true; - } - - /** - * Log varible to Firebug - * - * @see http://www.firephp.org/Wiki/Reference/Fb - * @param mixed $Object The variable to be logged - * @return true Return TRUE if message was added to headers, FALSE otherwise - * @throws Exception - */ - public function fb($Object) { - - if(!$this->enabled) { - return false; - } - - if (headers_sent($filename, $linenum)) { - throw $this->newException('Headers already sent in '.$filename.' on line '.$linenum.'. Cannot send log data to FirePHP. You must have Output Buffering enabled via ob_start() or output_buffering ini directive.'); - } - - $Type = null; - $Label = null; - - if(func_num_args()==1) { - } else - if(func_num_args()==2) { - switch(func_get_arg(1)) { - case self::LOG: - case self::INFO: - case self::WARN: - case self::ERROR: - case self::DUMP: - case self::TRACE: - case self::EXCEPTION: - case self::TABLE: - case self::GROUP_START: - case self::GROUP_END: - $Type = func_get_arg(1); - break; - default: - $Label = func_get_arg(1); - break; - } - } else - if(func_num_args()==3) { - $Type = func_get_arg(2); - $Label = func_get_arg(1); - } else { - throw $this->newException('Wrong number of arguments to fb() function!'); - } - - - if(!$this->detectClientExtension()) { - return false; - } - - $meta = array(); - $skipFinalObjectEncode = false; - - if($Object instanceof Exception) { - - $meta['file'] = $this->_escapeTraceFile($Object->getFile()); - $meta['line'] = $Object->getLine(); - - $trace = $Object->getTrace(); - if($Object instanceof ErrorException - && isset($trace[0]['function']) - && $trace[0]['function']=='errorHandler' - && isset($trace[0]['class']) - && $trace[0]['class']=='FirePHP') { - - $severity = false; - switch($Object->getSeverity()) { - case E_WARNING: $severity = 'E_WARNING'; break; - case E_NOTICE: $severity = 'E_NOTICE'; break; - case E_USER_ERROR: $severity = 'E_USER_ERROR'; break; - case E_USER_WARNING: $severity = 'E_USER_WARNING'; break; - case E_USER_NOTICE: $severity = 'E_USER_NOTICE'; break; - case E_STRICT: $severity = 'E_STRICT'; break; - case E_RECOVERABLE_ERROR: $severity = 'E_RECOVERABLE_ERROR'; break; - case E_DEPRECATED: $severity = 'E_DEPRECATED'; break; - case E_USER_DEPRECATED: $severity = 'E_USER_DEPRECATED'; break; - } - - $Object = array('Class'=>get_class($Object), - 'Message'=>$severity.': '.$Object->getMessage(), - 'File'=>$this->_escapeTraceFile($Object->getFile()), - 'Line'=>$Object->getLine(), - 'Type'=>'trigger', - 'Trace'=>$this->_escapeTrace(array_splice($trace,2))); - $skipFinalObjectEncode = true; - } else { - $Object = array('Class'=>get_class($Object), - 'Message'=>$Object->getMessage(), - 'File'=>$this->_escapeTraceFile($Object->getFile()), - 'Line'=>$Object->getLine(), - 'Type'=>'throw', - 'Trace'=>$this->_escapeTrace($trace)); - $skipFinalObjectEncode = true; - } - $Type = self::EXCEPTION; - - } else - if($Type==self::TRACE) { - - $trace = debug_backtrace(); - if(!$trace) return false; - for( $i=0 ; $i_standardizePath($trace[$i]['file']),-18,18)=='FirePHPCore/fb.php' - || substr($this->_standardizePath($trace[$i]['file']),-29,29)=='FirePHPCore/FirePHP.class.php')) { - /* Skip - FB::trace(), FB::send(), $firephp->trace(), $firephp->fb() */ - } else - if(isset($trace[$i]['class']) - && isset($trace[$i+1]['file']) - && $trace[$i]['class']=='FirePHP' - && substr($this->_standardizePath($trace[$i+1]['file']),-18,18)=='FirePHPCore/fb.php') { - /* Skip fb() */ - } else - if($trace[$i]['function']=='fb' - || $trace[$i]['function']=='trace' - || $trace[$i]['function']=='send') { - $Object = array('Class'=>isset($trace[$i]['class'])?$trace[$i]['class']:'', - 'Type'=>isset($trace[$i]['type'])?$trace[$i]['type']:'', - 'Function'=>isset($trace[$i]['function'])?$trace[$i]['function']:'', - 'Message'=>$trace[$i]['args'][0], - 'File'=>isset($trace[$i]['file'])?$this->_escapeTraceFile($trace[$i]['file']):'', - 'Line'=>isset($trace[$i]['line'])?$trace[$i]['line']:'', - 'Args'=>isset($trace[$i]['args'])?$this->encodeObject($trace[$i]['args']):'', - 'Trace'=>$this->_escapeTrace(array_splice($trace,$i+1))); - - $skipFinalObjectEncode = true; - $meta['file'] = isset($trace[$i]['file'])?$this->_escapeTraceFile($trace[$i]['file']):''; - $meta['line'] = isset($trace[$i]['line'])?$trace[$i]['line']:''; - break; - } - } - - } else - if($Type==self::TABLE) { - - if(isset($Object[0]) && is_string($Object[0])) { - $Object[1] = $this->encodeTable($Object[1]); - } else { - $Object = $this->encodeTable($Object); - } - - $skipFinalObjectEncode = true; - - } else { - if($Type===null) { - $Type = self::LOG; - } - } - - if($this->options['includeLineNumbers']) { - if(!isset($meta['file']) || !isset($meta['line'])) { - - $trace = debug_backtrace(); - for( $i=0 ; $trace && $i_standardizePath($trace[$i]['file']),-18,18)=='FirePHPCore/fb.php' - || substr($this->_standardizePath($trace[$i]['file']),-29,29)=='FirePHPCore/FirePHP.class.php')) { - /* Skip - FB::trace(), FB::send(), $firephp->trace(), $firephp->fb() */ - } else - if(isset($trace[$i]['class']) - && isset($trace[$i+1]['file']) - && $trace[$i]['class']=='FirePHP' - && substr($this->_standardizePath($trace[$i+1]['file']),-18,18)=='FirePHPCore/fb.php') { - /* Skip fb() */ - } else - if(isset($trace[$i]['file']) - && substr($this->_standardizePath($trace[$i]['file']),-18,18)=='FirePHPCore/fb.php') { - /* Skip FB::fb() */ - } else { - $meta['file'] = isset($trace[$i]['file'])?$this->_escapeTraceFile($trace[$i]['file']):''; - $meta['line'] = isset($trace[$i]['line'])?$trace[$i]['line']:''; - break; - } - } - - } - } else { - unset($meta['file']); - unset($meta['line']); - } - - $this->setHeader('X-Wf-Protocol-1','http://meta.wildfirehq.org/Protocol/JsonStream/0.2'); - $this->setHeader('X-Wf-1-Plugin-1','http://meta.firephp.org/Wildfire/Plugin/FirePHP/Library-FirePHPCore/'.self::VERSION); - - $structure_index = 1; - if($Type==self::DUMP) { - $structure_index = 2; - $this->setHeader('X-Wf-1-Structure-2','http://meta.firephp.org/Wildfire/Structure/FirePHP/Dump/0.1'); - } else { - $this->setHeader('X-Wf-1-Structure-1','http://meta.firephp.org/Wildfire/Structure/FirePHP/FirebugConsole/0.1'); - } - - if($Type==self::DUMP) { - $msg = '{"'.$Label.'":'.$this->jsonEncode($Object, $skipFinalObjectEncode).'}'; - } else { - $msg_meta = array('Type'=>$Type); - if($Label!==null) { - $msg_meta['Label'] = $Label; - } - if(isset($meta['file'])) { - $msg_meta['File'] = $meta['file']; - } - if(isset($meta['line'])) { - $msg_meta['Line'] = $meta['line']; - } - $msg = '['.$this->jsonEncode($msg_meta).','.$this->jsonEncode($Object, $skipFinalObjectEncode).']'; - } - - $parts = explode("\n",chunk_split($msg, 5000, "\n")); - - for( $i=0 ; $i2) { - // Message needs to be split into multiple parts - $this->setHeader('X-Wf-1-'.$structure_index.'-'.'1-'.$this->messageIndex, - (($i==0)?strlen($msg):'') - . '|' . $part . '|' - . (($isetHeader('X-Wf-1-'.$structure_index.'-'.'1-'.$this->messageIndex, - strlen($part) . '|' . $part . '|'); - } - - $this->messageIndex++; - - if ($this->messageIndex > 99999) { - throw new Exception('Maximum number (99,999) of messages reached!'); - } - } - } - - $this->setHeader('X-Wf-1-Index',$this->messageIndex-1); - - return true; - } - - /** - * Standardizes path for windows systems. - * - * @param string $Path - * @return string - */ - protected function _standardizePath($Path) { - return preg_replace('/\\\\+/','/',$Path); - } - - /** - * Escape trace path for windows systems - * - * @param array $Trace - * @return array - */ - protected function _escapeTrace($Trace) { - if(!$Trace) return $Trace; - for( $i=0 ; $i_escapeTraceFile($Trace[$i]['file']); - } - if(isset($Trace[$i]['args'])) { - $Trace[$i]['args'] = $this->encodeObject($Trace[$i]['args']); - } - } - return $Trace; - } - - /** - * Escape file information of trace for windows systems - * - * @param string $File - * @return string - */ - protected function _escapeTraceFile($File) { - /* Check if we have a windows filepath */ - if(strpos($File,'\\')) { - /* First strip down to single \ */ - - $file = preg_replace('/\\\\+/','\\',$File); - - return $file; - } - return $File; - } - - /** - * Send header - * - * @param string $Name - * @param string_type $Value - */ - protected function setHeader($Name, $Value) { - return header($Name.': '.$Value); - } - - /** - * Get user agent - * - * @return string|false - */ - protected function getUserAgent() { - if(!isset($_SERVER['HTTP_USER_AGENT'])) return false; - return $_SERVER['HTTP_USER_AGENT']; - } - - /** - * Returns a new exception - * - * @param string $Message - * @return Exception - */ - protected function newException($Message) { - return new Exception($Message); - } - - /** - * Encode an object into a JSON string - * - * Uses PHP's jeson_encode() if available - * - * @param object $Object The object to be encoded - * @return string The JSON string - */ - protected function jsonEncode($Object, $skipObjectEncode=false) - { - if(!$skipObjectEncode) { - $Object = $this->encodeObject($Object); - } - - if(function_exists('json_encode') - && $this->options['useNativeJsonEncode']!=false) { - - return json_encode($Object); - } else { - return $this->json_encode($Object); - } - } - - /** - * Encodes a table by encoding each row and column with encodeObject() - * - * @param array $Table The table to be encoded - * @return array - */ - protected function encodeTable($Table) { - if(!$Table) return $Table; - for( $i=0 ; $iencodeObject($Table[$i][$j]); - } - } - } - return $Table; - } - - /** - * Encodes an object including members with - * protected and private visibility - * - * @param Object $Object The object to be encoded - * @param int $Depth The current traversal depth - * @return array All members of the object - */ - protected function encodeObject($Object, $ObjectDepth = 1, $ArrayDepth = 1) - { - $return = array(); - - if (is_object($Object)) { - - if ($ObjectDepth > $this->options['maxObjectDepth']) { - return '** Max Object Depth ('.$this->options['maxObjectDepth'].') **'; - } - - foreach ($this->objectStack as $refVal) { - if ($refVal === $Object) { - return '** Recursion ('.get_class($Object).') **'; - } - } - array_push($this->objectStack, $Object); - - $return['__className'] = $class = get_class($Object); - - $reflectionClass = new ReflectionClass($class); - $properties = array(); - foreach( $reflectionClass->getProperties() as $property) { - $properties[$property->getName()] = $property; - } - - $members = (array)$Object; - - foreach( $properties as $raw_name => $property ) { - - $name = $raw_name; - if($property->isStatic()) { - $name = 'static:'.$name; - } - if($property->isPublic()) { - $name = 'public:'.$name; - } else - if($property->isPrivate()) { - $name = 'private:'.$name; - $raw_name = "\0".$class."\0".$raw_name; - } else - if($property->isProtected()) { - $name = 'protected:'.$name; - $raw_name = "\0".'*'."\0".$raw_name; - } - - if(!(isset($this->objectFilters[$class]) - && is_array($this->objectFilters[$class]) - && in_array($raw_name,$this->objectFilters[$class]))) { - - if(array_key_exists($raw_name,$members) - && !$property->isStatic()) { - - $return[$name] = $this->encodeObject($members[$raw_name], $ObjectDepth + 1, 1); - - } else { - if(method_exists($property,'setAccessible')) { - $property->setAccessible(true); - $return[$name] = $this->encodeObject($property->getValue($Object), $ObjectDepth + 1, 1); - } else - if($property->isPublic()) { - $return[$name] = $this->encodeObject($property->getValue($Object), $ObjectDepth + 1, 1); - } else { - $return[$name] = '** Need PHP 5.3 to get value **'; - } - } - } else { - $return[$name] = '** Excluded by Filter **'; - } - } - - // Include all members that are not defined in the class - // but exist in the object - foreach( $members as $raw_name => $value ) { - - $name = $raw_name; - - if ($name{0} == "\0") { - $parts = explode("\0", $name); - $name = $parts[2]; - } - - if(!isset($properties[$name])) { - $name = 'undeclared:'.$name; - - if(!(isset($this->objectFilters[$class]) - && is_array($this->objectFilters[$class]) - && in_array($raw_name,$this->objectFilters[$class]))) { - - $return[$name] = $this->encodeObject($value, $ObjectDepth + 1, 1); - } else { - $return[$name] = '** Excluded by Filter **'; - } - } - } - - array_pop($this->objectStack); - - } elseif (is_array($Object)) { - - if ($ArrayDepth > $this->options['maxArrayDepth']) { - return '** Max Array Depth ('.$this->options['maxArrayDepth'].') **'; - } - - foreach ($Object as $key => $val) { - - // Encoding the $GLOBALS PHP array causes an infinite loop - // if the recursion is not reset here as it contains - // a reference to itself. This is the only way I have come up - // with to stop infinite recursion in this case. - if($key=='GLOBALS' - && is_array($val) - && array_key_exists('GLOBALS',$val)) { - $val['GLOBALS'] = '** Recursion (GLOBALS) **'; - } - - $return[$key] = $this->encodeObject($val, 1, $ArrayDepth + 1); - } - } else { - if(self::is_utf8($Object)) { - return $Object; - } else { - return utf8_encode($Object); - } - } - return $return; - } - - /** - * Returns true if $string is valid UTF-8 and false otherwise. - * - * @param mixed $str String to be tested - * @return boolean - */ - protected static function is_utf8($str) { - $c=0; $b=0; - $bits=0; - $len=strlen($str); - for($i=0; $i<$len; $i++){ - $c=ord($str[$i]); - if($c > 128){ - if(($c >= 254)) return false; - elseif($c >= 252) $bits=6; - elseif($c >= 248) $bits=5; - elseif($c >= 240) $bits=4; - elseif($c >= 224) $bits=3; - elseif($c >= 192) $bits=2; - else return false; - if(($i+$bits) > $len) return false; - while($bits > 1){ - $i++; - $b=ord($str[$i]); - if($b < 128 || $b > 191) return false; - $bits--; - } - } - } - return true; - } - - /** - * Converts to and from JSON format. - * - * JSON (JavaScript Object Notation) is a lightweight data-interchange - * format. It is easy for humans to read and write. It is easy for machines - * to parse and generate. It is based on a subset of the JavaScript - * Programming Language, Standard ECMA-262 3rd Edition - December 1999. - * This feature can also be found in Python. JSON is a text format that is - * completely language independent but uses conventions that are familiar - * to programmers of the C-family of languages, including C, C++, C#, Java, - * JavaScript, Perl, TCL, and many others. These properties make JSON an - * ideal data-interchange language. - * - * This package provides a simple encoder and decoder for JSON notation. It - * is intended for use with client-side Javascript applications that make - * use of HTTPRequest to perform server communication functions - data can - * be encoded into JSON notation for use in a client-side javascript, or - * decoded from incoming Javascript requests. JSON format is native to - * Javascript, and can be directly eval()'ed with no further parsing - * overhead - * - * All strings should be in ASCII or UTF-8 format! - * - * LICENSE: Redistribution and use in source and binary forms, with or - * without modification, are permitted provided that the following - * conditions are met: Redistributions of source code must retain the - * above copyright notice, this list of conditions and the following - * disclaimer. Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following disclaimer - * in the documentation and/or other materials provided with the - * distribution. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN - * NO EVENT SHALL CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, - * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS - * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND - * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR - * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE - * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH - * DAMAGE. - * - * @category - * @package Services_JSON - * @author Michal Migurski - * @author Matt Knapp - * @author Brett Stimmerman - * @author Christoph Dorn - * @copyright 2005 Michal Migurski - * @version CVS: $Id: JSON.php,v 1.31 2006/06/28 05:54:17 migurski Exp $ - * @license http://www.opensource.org/licenses/bsd-license.php - * @link http://pear.php.net/pepr/pepr-proposal-show.php?id=198 - */ - - - /** - * Keep a list of objects as we descend into the array so we can detect recursion. - */ - private $json_objectStack = array(); - - - /** - * convert a string from one UTF-8 char to one UTF-16 char - * - * Normally should be handled by mb_convert_encoding, but - * provides a slower PHP-only method for installations - * that lack the multibye string extension. - * - * @param string $utf8 UTF-8 character - * @return string UTF-16 character - * @access private - */ - private function json_utf82utf16($utf8) - { - // oh please oh please oh please oh please oh please - if(function_exists('mb_convert_encoding')) { - return mb_convert_encoding($utf8, 'UTF-16', 'UTF-8'); - } - - switch(strlen($utf8)) { - case 1: - // this case should never be reached, because we are in ASCII range - // see: http://www.cl.cam.ac.uk/~mgk25/unicode.html#utf-8 - return $utf8; - - case 2: - // return a UTF-16 character from a 2-byte UTF-8 char - // see: http://www.cl.cam.ac.uk/~mgk25/unicode.html#utf-8 - return chr(0x07 & (ord($utf8{0}) >> 2)) - . chr((0xC0 & (ord($utf8{0}) << 6)) - | (0x3F & ord($utf8{1}))); - - case 3: - // return a UTF-16 character from a 3-byte UTF-8 char - // see: http://www.cl.cam.ac.uk/~mgk25/unicode.html#utf-8 - return chr((0xF0 & (ord($utf8{0}) << 4)) - | (0x0F & (ord($utf8{1}) >> 2))) - . chr((0xC0 & (ord($utf8{1}) << 6)) - | (0x7F & ord($utf8{2}))); - } - - // ignoring UTF-32 for now, sorry - return ''; - } - - /** - * encodes an arbitrary variable into JSON format - * - * @param mixed $var any number, boolean, string, array, or object to be encoded. - * see argument 1 to Services_JSON() above for array-parsing behavior. - * if var is a strng, note that encode() always expects it - * to be in ASCII or UTF-8 format! - * - * @return mixed JSON string representation of input var or an error if a problem occurs - * @access public - */ - private function json_encode($var) - { - - if(is_object($var)) { - if(in_array($var,$this->json_objectStack)) { - return '"** Recursion **"'; - } - } - - switch (gettype($var)) { - case 'boolean': - return $var ? 'true' : 'false'; - - case 'NULL': - return 'null'; - - case 'integer': - return (int) $var; - - case 'double': - case 'float': - return (float) $var; - - case 'string': - // STRINGS ARE EXPECTED TO BE IN ASCII OR UTF-8 FORMAT - $ascii = ''; - $strlen_var = strlen($var); - - /* - * Iterate over every character in the string, - * escaping with a slash or encoding to UTF-8 where necessary - */ - for ($c = 0; $c < $strlen_var; ++$c) { - - $ord_var_c = ord($var{$c}); - - switch (true) { - case $ord_var_c == 0x08: - $ascii .= '\b'; - break; - case $ord_var_c == 0x09: - $ascii .= '\t'; - break; - case $ord_var_c == 0x0A: - $ascii .= '\n'; - break; - case $ord_var_c == 0x0C: - $ascii .= '\f'; - break; - case $ord_var_c == 0x0D: - $ascii .= '\r'; - break; - - case $ord_var_c == 0x22: - case $ord_var_c == 0x2F: - case $ord_var_c == 0x5C: - // double quote, slash, slosh - $ascii .= '\\'.$var{$c}; - break; - - case (($ord_var_c >= 0x20) && ($ord_var_c <= 0x7F)): - // characters U-00000000 - U-0000007F (same as ASCII) - $ascii .= $var{$c}; - break; - - case (($ord_var_c & 0xE0) == 0xC0): - // characters U-00000080 - U-000007FF, mask 110XXXXX - // see http://www.cl.cam.ac.uk/~mgk25/unicode.html#utf-8 - $char = pack('C*', $ord_var_c, ord($var{$c + 1})); - $c += 1; - $utf16 = $this->json_utf82utf16($char); - $ascii .= sprintf('\u%04s', bin2hex($utf16)); - break; - - case (($ord_var_c & 0xF0) == 0xE0): - // characters U-00000800 - U-0000FFFF, mask 1110XXXX - // see http://www.cl.cam.ac.uk/~mgk25/unicode.html#utf-8 - $char = pack('C*', $ord_var_c, - ord($var{$c + 1}), - ord($var{$c + 2})); - $c += 2; - $utf16 = $this->json_utf82utf16($char); - $ascii .= sprintf('\u%04s', bin2hex($utf16)); - break; - - case (($ord_var_c & 0xF8) == 0xF0): - // characters U-00010000 - U-001FFFFF, mask 11110XXX - // see http://www.cl.cam.ac.uk/~mgk25/unicode.html#utf-8 - $char = pack('C*', $ord_var_c, - ord($var{$c + 1}), - ord($var{$c + 2}), - ord($var{$c + 3})); - $c += 3; - $utf16 = $this->json_utf82utf16($char); - $ascii .= sprintf('\u%04s', bin2hex($utf16)); - break; - - case (($ord_var_c & 0xFC) == 0xF8): - // characters U-00200000 - U-03FFFFFF, mask 111110XX - // see http://www.cl.cam.ac.uk/~mgk25/unicode.html#utf-8 - $char = pack('C*', $ord_var_c, - ord($var{$c + 1}), - ord($var{$c + 2}), - ord($var{$c + 3}), - ord($var{$c + 4})); - $c += 4; - $utf16 = $this->json_utf82utf16($char); - $ascii .= sprintf('\u%04s', bin2hex($utf16)); - break; - - case (($ord_var_c & 0xFE) == 0xFC): - // characters U-04000000 - U-7FFFFFFF, mask 1111110X - // see http://www.cl.cam.ac.uk/~mgk25/unicode.html#utf-8 - $char = pack('C*', $ord_var_c, - ord($var{$c + 1}), - ord($var{$c + 2}), - ord($var{$c + 3}), - ord($var{$c + 4}), - ord($var{$c + 5})); - $c += 5; - $utf16 = $this->json_utf82utf16($char); - $ascii .= sprintf('\u%04s', bin2hex($utf16)); - break; - } - } - - return '"'.$ascii.'"'; - - case 'array': - /* - * As per JSON spec if any array key is not an integer - * we must treat the the whole array as an object. We - * also try to catch a sparsely populated associative - * array with numeric keys here because some JS engines - * will create an array with empty indexes up to - * max_index which can cause memory issues and because - * the keys, which may be relevant, will be remapped - * otherwise. - * - * As per the ECMA and JSON specification an object may - * have any string as a property. Unfortunately due to - * a hole in the ECMA specification if the key is a - * ECMA reserved word or starts with a digit the - * parameter is only accessible using ECMAScript's - * bracket notation. - */ - - // treat as a JSON object - if (is_array($var) && count($var) && (array_keys($var) !== range(0, sizeof($var) - 1))) { - - $this->json_objectStack[] = $var; - - $properties = array_map(array($this, 'json_name_value'), - array_keys($var), - array_values($var)); - - array_pop($this->json_objectStack); - - foreach($properties as $property) { - if($property instanceof Exception) { - return $property; - } - } - - return '{' . join(',', $properties) . '}'; - } - - $this->json_objectStack[] = $var; - - // treat it like a regular array - $elements = array_map(array($this, 'json_encode'), $var); - - array_pop($this->json_objectStack); - - foreach($elements as $element) { - if($element instanceof Exception) { - return $element; - } - } - - return '[' . join(',', $elements) . ']'; - - case 'object': - $vars = self::encodeObject($var); - - $this->json_objectStack[] = $var; - - $properties = array_map(array($this, 'json_name_value'), - array_keys($vars), - array_values($vars)); - - array_pop($this->json_objectStack); - - foreach($properties as $property) { - if($property instanceof Exception) { - return $property; - } - } - - return '{' . join(',', $properties) . '}'; - - default: - return null; - } - } - - /** - * array-walking function for use in generating JSON-formatted name-value pairs - * - * @param string $name name of key to use - * @param mixed $value reference to an array element to be encoded - * - * @return string JSON-formatted name-value pair, like '"name":value' - * @access private - */ - private function json_name_value($name, $value) - { - // Encoding the $GLOBALS PHP array causes an infinite loop - // if the recursion is not reset here as it contains - // a reference to itself. This is the only way I have come up - // with to stop infinite recursion in this case. - if($name=='GLOBALS' - && is_array($value) - && array_key_exists('GLOBALS',$value)) { - $value['GLOBALS'] = '** Recursion **'; - } - - $encoded_value = $this->json_encode($value); - - if($encoded_value instanceof Exception) { - return $encoded_value; - } - - return $this->json_encode(strval($name)) . ':' . $encoded_value; - } -} diff --git a/plugins/Minify/extlib/minify/min/lib/HTTP/ConditionalGet.php b/plugins/Minify/extlib/minify/min/lib/HTTP/ConditionalGet.php deleted file mode 100644 index 823db058fa..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/HTTP/ConditionalGet.php +++ /dev/null @@ -1,348 +0,0 @@ - - * list($updateTime, $content) = getDbUpdateAndContent(); - * $cg = new HTTP_ConditionalGet(array( - * 'lastModifiedTime' => $updateTime - * ,'isPublic' => true - * )); - * $cg->sendHeaders(); - * if ($cg->cacheIsValid) { - * exit(); - * } - * echo $content; - * - * - * E.g. Shortcut for the above - * - * HTTP_ConditionalGet::check($updateTime, true); // exits if client has cache - * echo $content; - * - * - * E.g. Content from DB with no update time: - * - * $content = getContentFromDB(); - * $cg = new HTTP_ConditionalGet(array( - * 'contentHash' => md5($content) - * )); - * $cg->sendHeaders(); - * if ($cg->cacheIsValid) { - * exit(); - * } - * echo $content; - * - * - * E.g. Static content with some static includes: - * - * // before content - * $cg = new HTTP_ConditionalGet(array( - * 'lastUpdateTime' => max( - * filemtime(__FILE__) - * ,filemtime('/path/to/header.inc') - * ,filemtime('/path/to/footer.inc') - * ) - * )); - * $cg->sendHeaders(); - * if ($cg->cacheIsValid) { - * exit(); - * } - * - * @package Minify - * @subpackage HTTP - * @author Stephen Clay - */ -class HTTP_ConditionalGet { - - /** - * Does the client have a valid copy of the requested resource? - * - * You'll want to check this after instantiating the object. If true, do - * not send content, just call sendHeaders() if you haven't already. - * - * @var bool - */ - public $cacheIsValid = null; - - /** - * @param array $spec options - * - * 'isPublic': (bool) if true, the Cache-Control header will contain - * "public", allowing proxies to cache the content. Otherwise "private" will - * be sent, allowing only browser caching. (default false) - * - * 'lastModifiedTime': (int) if given, both ETag AND Last-Modified headers - * will be sent with content. This is recommended. - * - * 'encoding': (string) if set, the header "Vary: Accept-Encoding" will - * always be sent and a truncated version of the encoding will be appended - * to the ETag. E.g. "pub123456;gz". This will also trigger a more lenient - * checking of the client's If-None-Match header, as the encoding portion of - * the ETag will be stripped before comparison. - * - * 'contentHash': (string) if given, only the ETag header can be sent with - * content (only HTTP1.1 clients can conditionally GET). The given string - * should be short with no quote characters and always change when the - * resource changes (recommend md5()). This is not needed/used if - * lastModifiedTime is given. - * - * 'eTag': (string) if given, this will be used as the ETag header rather - * than values based on lastModifiedTime or contentHash. Also the encoding - * string will not be appended to the given value as described above. - * - * 'invalidate': (bool) if true, the client cache will be considered invalid - * without testing. Effectively this disables conditional GET. - * (default false) - * - * 'maxAge': (int) if given, this will set the Cache-Control max-age in - * seconds, and also set the Expires header to the equivalent GMT date. - * After the max-age period has passed, the browser will again send a - * conditional GET to revalidate its cache. - * - * @return null - */ - public function __construct($spec) - { - $scope = (isset($spec['isPublic']) && $spec['isPublic']) - ? 'public' - : 'private'; - $maxAge = 0; - // backwards compatibility (can be removed later) - if (isset($spec['setExpires']) - && is_numeric($spec['setExpires']) - && ! isset($spec['maxAge'])) { - $spec['maxAge'] = $spec['setExpires'] - $_SERVER['REQUEST_TIME']; - } - if (isset($spec['maxAge'])) { - $maxAge = $spec['maxAge']; - $this->_headers['Expires'] = self::gmtDate( - $_SERVER['REQUEST_TIME'] + $spec['maxAge'] - ); - } - $etagAppend = ''; - if (isset($spec['encoding'])) { - $this->_stripEtag = true; - $this->_headers['Vary'] = 'Accept-Encoding'; - if ('' !== $spec['encoding']) { - if (0 === strpos($spec['encoding'], 'x-')) { - $spec['encoding'] = substr($spec['encoding'], 2); - } - $etagAppend = ';' . substr($spec['encoding'], 0, 2); - } - } - if (isset($spec['lastModifiedTime'])) { - $this->_setLastModified($spec['lastModifiedTime']); - if (isset($spec['eTag'])) { // Use it - $this->_setEtag($spec['eTag'], $scope); - } else { // base both headers on time - $this->_setEtag($spec['lastModifiedTime'] . $etagAppend, $scope); - } - } elseif (isset($spec['eTag'])) { // Use it - $this->_setEtag($spec['eTag'], $scope); - } elseif (isset($spec['contentHash'])) { // Use the hash as the ETag - $this->_setEtag($spec['contentHash'] . $etagAppend, $scope); - } - $this->_headers['Cache-Control'] = "max-age={$maxAge}, {$scope}"; - // invalidate cache if disabled, otherwise check - $this->cacheIsValid = (isset($spec['invalidate']) && $spec['invalidate']) - ? false - : $this->_isCacheValid(); - } - - /** - * Get array of output headers to be sent - * - * In the case of 304 responses, this array will only contain the response - * code header: array('_responseCode' => 'HTTP/1.0 304 Not Modified') - * - * Otherwise something like: - * - * array( - * 'Cache-Control' => 'max-age=0, public' - * ,'ETag' => '"foobar"' - * ) - * - * - * @return array - */ - public function getHeaders() - { - return $this->_headers; - } - - /** - * Set the Content-Length header in bytes - * - * With most PHP configs, as long as you don't flush() output, this method - * is not needed and PHP will buffer all output and set Content-Length for - * you. Otherwise you'll want to call this to let the client know up front. - * - * @param int $bytes - * - * @return int copy of input $bytes - */ - public function setContentLength($bytes) - { - return $this->_headers['Content-Length'] = $bytes; - } - - /** - * Send headers - * - * @see getHeaders() - * - * Note this doesn't "clear" the headers. Calling sendHeaders() will - * call header() again (but probably have not effect) and getHeaders() will - * still return the headers. - * - * @return null - */ - public function sendHeaders() - { - $headers = $this->_headers; - if (array_key_exists('_responseCode', $headers)) { - header($headers['_responseCode']); - unset($headers['_responseCode']); - } - foreach ($headers as $name => $val) { - header($name . ': ' . $val); - } - } - - /** - * Exit if the client's cache is valid for this resource - * - * This is a convenience method for common use of the class - * - * @param int $lastModifiedTime if given, both ETag AND Last-Modified headers - * will be sent with content. This is recommended. - * - * @param bool $isPublic (default false) if true, the Cache-Control header - * will contain "public", allowing proxies to cache the content. Otherwise - * "private" will be sent, allowing only browser caching. - * - * @param array $options (default empty) additional options for constructor - * - * @return null - */ - public static function check($lastModifiedTime = null, $isPublic = false, $options = array()) - { - if (null !== $lastModifiedTime) { - $options['lastModifiedTime'] = (int)$lastModifiedTime; - } - $options['isPublic'] = (bool)$isPublic; - $cg = new HTTP_ConditionalGet($options); - $cg->sendHeaders(); - if ($cg->cacheIsValid) { - exit(); - } - } - - - /** - * Get a GMT formatted date for use in HTTP headers - * - * - * header('Expires: ' . HTTP_ConditionalGet::gmtdate($time)); - * - * - * @param int $time unix timestamp - * - * @return string - */ - public static function gmtDate($time) - { - return gmdate('D, d M Y H:i:s \G\M\T', $time); - } - - protected $_headers = array(); - protected $_lmTime = null; - protected $_etag = null; - protected $_stripEtag = false; - - protected function _setEtag($hash, $scope) - { - $this->_etag = '"' . substr($scope, 0, 3) . $hash . '"'; - $this->_headers['ETag'] = $this->_etag; - } - - protected function _setLastModified($time) - { - $this->_lmTime = (int)$time; - $this->_headers['Last-Modified'] = self::gmtDate($time); - } - - /** - * Determine validity of client cache and queue 304 header if valid - */ - protected function _isCacheValid() - { - if (null === $this->_etag) { - // lmTime is copied to ETag, so this condition implies that the - // server sent neither ETag nor Last-Modified, so the client can't - // possibly has a valid cache. - return false; - } - $isValid = ($this->resourceMatchedEtag() || $this->resourceNotModified()); - if ($isValid) { - $this->_headers['_responseCode'] = 'HTTP/1.0 304 Not Modified'; - } - return $isValid; - } - - protected function resourceMatchedEtag() - { - if (!isset($_SERVER['HTTP_IF_NONE_MATCH'])) { - return false; - } - $clientEtagList = get_magic_quotes_gpc() - ? stripslashes($_SERVER['HTTP_IF_NONE_MATCH']) - : $_SERVER['HTTP_IF_NONE_MATCH']; - $clientEtags = explode(',', $clientEtagList); - - $compareTo = $this->normalizeEtag($this->_etag); - foreach ($clientEtags as $clientEtag) { - if ($this->normalizeEtag($clientEtag) === $compareTo) { - // respond with the client's matched ETag, even if it's not what - // we would've sent by default - $this->_headers['ETag'] = trim($clientEtag); - return true; - } - } - return false; - } - - protected function normalizeEtag($etag) { - $etag = trim($etag); - return $this->_stripEtag - ? preg_replace('/;\\w\\w"$/', '"', $etag) - : $etag; - } - - protected function resourceNotModified() - { - if (!isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) { - return false; - } - $ifModifiedSince = $_SERVER['HTTP_IF_MODIFIED_SINCE']; - if (false !== ($semicolon = strrpos($ifModifiedSince, ';'))) { - // IE has tacked on extra data to this header, strip it - $ifModifiedSince = substr($ifModifiedSince, 0, $semicolon); - } - if ($ifModifiedSince == self::gmtDate($this->_lmTime)) { - // Apache 2.2's behavior. If there was no ETag match, send the - // non-encoded version of the ETag value. - $this->_headers['ETag'] = $this->normalizeEtag($this->_etag); - return true; - } - return false; - } -} diff --git a/plugins/Minify/extlib/minify/min/lib/HTTP/Encoder.php b/plugins/Minify/extlib/minify/min/lib/HTTP/Encoder.php deleted file mode 100644 index 66c26789c3..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/HTTP/Encoder.php +++ /dev/null @@ -1,326 +0,0 @@ - - * // Send a CSS file, compressed if possible - * $he = new HTTP_Encoder(array( - * 'content' => file_get_contents($cssFile) - * ,'type' => 'text/css' - * )); - * $he->encode(); - * $he->sendAll(); - * - * - * - * // Shortcut to encoding output - * header('Content-Type: text/css'); // needed if not HTML - * HTTP_Encoder::output($css); - * - * - * - * // Just sniff for the accepted encoding - * $encoding = HTTP_Encoder::getAcceptedEncoding(); - * - * - * For more control over headers, use getHeaders() and getData() and send your - * own output. - * - * Note: If you don't need header mgmt, use PHP's native gzencode, gzdeflate, - * and gzcompress functions for gzip, deflate, and compress-encoding - * respectively. - * - * @package Minify - * @subpackage HTTP - * @author Stephen Clay - */ -class HTTP_Encoder { - - /** - * Should the encoder allow HTTP encoding to IE6? - * - * If you have many IE6 users and the bandwidth savings is worth troubling - * some of them, set this to true. - * - * By default, encoding is only offered to IE7+. When this is true, - * getAcceptedEncoding() will return an encoding for IE6 if its user agent - * string contains "SV1". This has been documented in many places as "safe", - * but there seem to be remaining, intermittent encoding bugs in patched - * IE6 on the wild web. - * - * @var bool - */ - public static $encodeToIe6 = false; - - - /** - * Default compression level for zlib operations - * - * This level is used if encode() is not given a $compressionLevel - * - * @var int - */ - public static $compressionLevel = 6; - - - /** - * Get an HTTP Encoder object - * - * @param array $spec options - * - * 'content': (string required) content to be encoded - * - * 'type': (string) if set, the Content-Type header will have this value. - * - * 'method: (string) only set this if you are forcing a particular encoding - * method. If not set, the best method will be chosen by getAcceptedEncoding() - * The available methods are 'gzip', 'deflate', 'compress', and '' (no - * encoding) - * - * @return null - */ - public function __construct($spec) - { - $this->_content = $spec['content']; - $this->_headers['Content-Length'] = (string)strlen($this->_content); - if (isset($spec['type'])) { - $this->_headers['Content-Type'] = $spec['type']; - } - if (isset($spec['method']) - && in_array($spec['method'], array('gzip', 'deflate', 'compress', ''))) - { - $this->_encodeMethod = array($spec['method'], $spec['method']); - } else { - $this->_encodeMethod = self::getAcceptedEncoding(); - } - } - - /** - * Get content in current form - * - * Call after encode() for encoded content. - * - * return string - */ - public function getContent() - { - return $this->_content; - } - - /** - * Get array of output headers to be sent - * - * E.g. - * - * array( - * 'Content-Length' => '615' - * ,'Content-Encoding' => 'x-gzip' - * ,'Vary' => 'Accept-Encoding' - * ) - * - * - * @return array - */ - public function getHeaders() - { - return $this->_headers; - } - - /** - * Send output headers - * - * You must call this before headers are sent and it probably cannot be - * used in conjunction with zlib output buffering / mod_gzip. Errors are - * not handled purposefully. - * - * @see getHeaders() - * - * @return null - */ - public function sendHeaders() - { - foreach ($this->_headers as $name => $val) { - header($name . ': ' . $val); - } - } - - /** - * Send output headers and content - * - * A shortcut for sendHeaders() and echo getContent() - * - * You must call this before headers are sent and it probably cannot be - * used in conjunction with zlib output buffering / mod_gzip. Errors are - * not handled purposefully. - * - * @return null - */ - public function sendAll() - { - $this->sendHeaders(); - echo $this->_content; - } - - /** - * Determine the client's best encoding method from the HTTP Accept-Encoding - * header. - * - * If no Accept-Encoding header is set, or the browser is IE before v6 SP2, - * this will return ('', ''), the "identity" encoding. - * - * A syntax-aware scan is done of the Accept-Encoding, so the method must - * be non 0. The methods are favored in order of gzip, deflate, then - * compress. Deflate is always smallest and generally faster, but is - * rarely sent by servers, so client support could be buggier. - * - * @param bool $allowCompress allow the older compress encoding - * - * @param bool $allowDeflate allow the more recent deflate encoding - * - * @return array two values, 1st is the actual encoding method, 2nd is the - * alias of that method to use in the Content-Encoding header (some browsers - * call gzip "x-gzip" etc.) - */ - public static function getAcceptedEncoding($allowCompress = true, $allowDeflate = true) - { - // @link http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html - - if (! isset($_SERVER['HTTP_ACCEPT_ENCODING']) - || self::_isBuggyIe()) - { - return array('', ''); - } - $ae = $_SERVER['HTTP_ACCEPT_ENCODING']; - // gzip checks (quick) - if (0 === strpos($ae, 'gzip,') // most browsers - || 0 === strpos($ae, 'deflate, gzip,') // opera - ) { - return array('gzip', 'gzip'); - } - // gzip checks (slow) - if (preg_match( - '@(?:^|,)\\s*((?:x-)?gzip)\\s*(?:$|,|;\\s*q=(?:0\\.|1))@' - ,$ae - ,$m)) { - return array('gzip', $m[1]); - } - if ($allowDeflate) { - // deflate checks - $aeRev = strrev($ae); - if (0 === strpos($aeRev, 'etalfed ,') // ie, webkit - || 0 === strpos($aeRev, 'etalfed,') // gecko - || 0 === strpos($ae, 'deflate,') // opera - // slow parsing - || preg_match( - '@(?:^|,)\\s*deflate\\s*(?:$|,|;\\s*q=(?:0\\.|1))@', $ae)) { - return array('deflate', 'deflate'); - } - } - if ($allowCompress && preg_match( - '@(?:^|,)\\s*((?:x-)?compress)\\s*(?:$|,|;\\s*q=(?:0\\.|1))@' - ,$ae - ,$m)) { - return array('compress', $m[1]); - } - return array('', ''); - } - - /** - * Encode (compress) the content - * - * If the encode method is '' (none) or compression level is 0, or the 'zlib' - * extension isn't loaded, we return false. - * - * Then the appropriate gz_* function is called to compress the content. If - * this fails, false is returned. - * - * The header "Vary: Accept-Encoding" is added. If encoding is successful, - * the Content-Length header is updated, and Content-Encoding is also added. - * - * @param int $compressionLevel given to zlib functions. If not given, the - * class default will be used. - * - * @return bool success true if the content was actually compressed - */ - public function encode($compressionLevel = null) - { - $this->_headers['Vary'] = 'Accept-Encoding'; - if (null === $compressionLevel) { - $compressionLevel = self::$compressionLevel; - } - if ('' === $this->_encodeMethod[0] - || ($compressionLevel == 0) - || !extension_loaded('zlib')) - { - return false; - } - if ($this->_encodeMethod[0] === 'deflate') { - $encoded = gzdeflate($this->_content, $compressionLevel); - } elseif ($this->_encodeMethod[0] === 'gzip') { - $encoded = gzencode($this->_content, $compressionLevel); - } else { - $encoded = gzcompress($this->_content, $compressionLevel); - } - if (false === $encoded) { - return false; - } - $this->_headers['Content-Length'] = strlen($encoded); - $this->_headers['Content-Encoding'] = $this->_encodeMethod[1]; - $this->_content = $encoded; - return true; - } - - /** - * Encode and send appropriate headers and content - * - * This is a convenience method for common use of the class - * - * @param string $content - * - * @param int $compressionLevel given to zlib functions. If not given, the - * class default will be used. - * - * @return bool success true if the content was actually compressed - */ - public static function output($content, $compressionLevel = null) - { - if (null === $compressionLevel) { - $compressionLevel = self::$compressionLevel; - } - $he = new HTTP_Encoder(array('content' => $content)); - $ret = $he->encode($compressionLevel); - $he->sendAll(); - return $ret; - } - - protected $_content = ''; - protected $_headers = array(); - protected $_encodeMethod = array('', ''); - - /** - * Is the browser an IE version earlier than 6 SP2? - */ - protected static function _isBuggyIe() - { - $ua = $_SERVER['HTTP_USER_AGENT']; - // quick escape for non-IEs - if (0 !== strpos($ua, 'Mozilla/4.0 (compatible; MSIE ') - || false !== strpos($ua, 'Opera')) { - return false; - } - // no regex = faaast - $version = (float)substr($ua, 30); - return self::$encodeToIe6 - ? ($version < 6 || ($version == 6 && false === strpos($ua, 'SV1'))) - : ($version < 7); - } -} diff --git a/plugins/Minify/extlib/minify/min/lib/JSMin.php b/plugins/Minify/extlib/minify/min/lib/JSMin.php deleted file mode 100644 index 770e1c6104..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/JSMin.php +++ /dev/null @@ -1,314 +0,0 @@ - (PHP port) - * @author Steve Clay (modifications + cleanup) - * @author Andrea Giammarchi (spaceBeforeRegExp) - * @copyright 2002 Douglas Crockford (jsmin.c) - * @copyright 2008 Ryan Grove (PHP port) - * @license http://opensource.org/licenses/mit-license.php MIT License - * @link http://code.google.com/p/jsmin-php/ - */ - -class JSMin { - const ORD_LF = 10; - const ORD_SPACE = 32; - const ACTION_KEEP_A = 1; - const ACTION_DELETE_A = 2; - const ACTION_DELETE_A_B = 3; - - protected $a = "\n"; - protected $b = ''; - protected $input = ''; - protected $inputIndex = 0; - protected $inputLength = 0; - protected $lookAhead = null; - protected $output = ''; - - /** - * Minify Javascript - * - * @param string $js Javascript to be minified - * @return string - */ - public static function minify($js) - { - $jsmin = new JSMin($js); - return $jsmin->min(); - } - - /** - * Setup process - */ - public function __construct($input) - { - $this->input = str_replace("\r\n", "\n", $input); - $this->inputLength = strlen($this->input); - } - - /** - * Perform minification, return result - */ - public function min() - { - if ($this->output !== '') { // min already run - return $this->output; - } - $this->action(self::ACTION_DELETE_A_B); - - while ($this->a !== null) { - // determine next command - $command = self::ACTION_KEEP_A; // default - if ($this->a === ' ') { - if (! $this->isAlphaNum($this->b)) { - $command = self::ACTION_DELETE_A; - } - } elseif ($this->a === "\n") { - if ($this->b === ' ') { - $command = self::ACTION_DELETE_A_B; - } elseif (false === strpos('{[(+-', $this->b) - && ! $this->isAlphaNum($this->b)) { - $command = self::ACTION_DELETE_A; - } - } elseif (! $this->isAlphaNum($this->a)) { - if ($this->b === ' ' - || ($this->b === "\n" - && (false === strpos('}])+-"\'', $this->a)))) { - $command = self::ACTION_DELETE_A_B; - } - } - $this->action($command); - } - $this->output = trim($this->output); - return $this->output; - } - - /** - * ACTION_KEEP_A = Output A. Copy B to A. Get the next B. - * ACTION_DELETE_A = Copy B to A. Get the next B. - * ACTION_DELETE_A_B = Get the next B. - */ - protected function action($command) - { - switch ($command) { - case self::ACTION_KEEP_A: - $this->output .= $this->a; - // fallthrough - case self::ACTION_DELETE_A: - $this->a = $this->b; - if ($this->a === "'" || $this->a === '"') { // string literal - $str = $this->a; // in case needed for exception - while (true) { - $this->output .= $this->a; - $this->a = $this->get(); - if ($this->a === $this->b) { // end quote - break; - } - if (ord($this->a) <= self::ORD_LF) { - throw new JSMin_UnterminatedStringException( - 'Unterminated String: ' . var_export($str, true)); - } - $str .= $this->a; - if ($this->a === '\\') { - $this->output .= $this->a; - $this->a = $this->get(); - $str .= $this->a; - } - } - } - // fallthrough - case self::ACTION_DELETE_A_B: - $this->b = $this->next(); - if ($this->b === '/' && $this->isRegexpLiteral()) { // RegExp literal - $this->output .= $this->a . $this->b; - $pattern = '/'; // in case needed for exception - while (true) { - $this->a = $this->get(); - $pattern .= $this->a; - if ($this->a === '/') { // end pattern - break; // while (true) - } elseif ($this->a === '\\') { - $this->output .= $this->a; - $this->a = $this->get(); - $pattern .= $this->a; - } elseif (ord($this->a) <= self::ORD_LF) { - throw new JSMin_UnterminatedRegExpException( - 'Unterminated RegExp: '. var_export($pattern, true)); - } - $this->output .= $this->a; - } - $this->b = $this->next(); - } - // end case ACTION_DELETE_A_B - } - } - - protected function isRegexpLiteral() - { - if (false !== strpos("\n{;(,=:[!&|?", $this->a)) { // we aren't dividing - return true; - } - if (' ' === $this->a) { - $length = strlen($this->output); - if ($length < 2) { // weird edge case - return true; - } - // you can't divide a keyword - if (preg_match('/(?:case|else|in|return|typeof)$/', $this->output, $m)) { - if ($this->output === $m[0]) { // odd but could happen - return true; - } - // make sure it's a keyword, not end of an identifier - $charBeforeKeyword = substr($this->output, $length - strlen($m[0]) - 1, 1); - if (! $this->isAlphaNum($charBeforeKeyword)) { - return true; - } - } - } - return false; - } - - /** - * Get next char. Convert ctrl char to space. - */ - protected function get() - { - $c = $this->lookAhead; - $this->lookAhead = null; - if ($c === null) { - if ($this->inputIndex < $this->inputLength) { - $c = $this->input[$this->inputIndex]; - $this->inputIndex += 1; - } else { - return null; - } - } - if ($c === "\r" || $c === "\n") { - return "\n"; - } - if (ord($c) < self::ORD_SPACE) { // control char - return ' '; - } - return $c; - } - - /** - * Get next char. If is ctrl character, translate to a space or newline. - */ - protected function peek() - { - $this->lookAhead = $this->get(); - return $this->lookAhead; - } - - /** - * Is $c a letter, digit, underscore, dollar sign, escape, or non-ASCII? - */ - protected function isAlphaNum($c) - { - return (preg_match('/^[0-9a-zA-Z_\\$\\\\]$/', $c) || ord($c) > 126); - } - - protected function singleLineComment() - { - $comment = ''; - while (true) { - $get = $this->get(); - $comment .= $get; - if (ord($get) <= self::ORD_LF) { // EOL reached - // if IE conditional comment - if (preg_match('/^\\/@(?:cc_on|if|elif|else|end)\\b/', $comment)) { - return "/{$comment}"; - } - return $get; - } - } - } - - protected function multipleLineComment() - { - $this->get(); - $comment = ''; - while (true) { - $get = $this->get(); - if ($get === '*') { - if ($this->peek() === '/') { // end of comment reached - $this->get(); - // if comment preserved by YUI Compressor - if (0 === strpos($comment, '!')) { - return "\n/*" . substr($comment, 1) . "*/\n"; - } - // if IE conditional comment - if (preg_match('/^@(?:cc_on|if|elif|else|end)\\b/', $comment)) { - return "/*{$comment}*/"; - } - return ' '; - } - } elseif ($get === null) { - throw new JSMin_UnterminatedCommentException('Unterminated Comment: ' . var_export('/*' . $comment, true)); - } - $comment .= $get; - } - } - - /** - * Get the next character, skipping over comments. - * Some comments may be preserved. - */ - protected function next() - { - $get = $this->get(); - if ($get !== '/') { - return $get; - } - switch ($this->peek()) { - case '/': return $this->singleLineComment(); - case '*': return $this->multipleLineComment(); - default: return $get; - } - } -} - -class JSMin_UnterminatedStringException extends Exception {} -class JSMin_UnterminatedCommentException extends Exception {} -class JSMin_UnterminatedRegExpException extends Exception {} diff --git a/plugins/Minify/extlib/minify/min/lib/JSMinPlus.php b/plugins/Minify/extlib/minify/min/lib/JSMinPlus.php deleted file mode 100644 index 31a1a5cb48..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/JSMinPlus.php +++ /dev/null @@ -1,1872 +0,0 @@ - - * - * Usage: $minified = JSMinPlus::minify($script [, $filename]) - * - * Versionlog (see also changelog.txt): - * 12-04-2009 - some small bugfixes and performance improvements - * 09-04-2009 - initial open sourced version 1.0 - * - * Latest version of this script: http://files.tweakers.net/jsminplus/jsminplus.zip - * - */ - -/* ***** BEGIN LICENSE BLOCK ***** - * Version: MPL 1.1/GPL 2.0/LGPL 2.1 - * - * The contents of this file are subject to the Mozilla Public License Version - * 1.1 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the - * License. - * - * The Original Code is the Narcissus JavaScript engine. - * - * The Initial Developer of the Original Code is - * Brendan Eich . - * Portions created by the Initial Developer are Copyright (C) 2004 - * the Initial Developer. All Rights Reserved. - * - * Contributor(s): Tino Zijdel - * PHP port, modifications and minifier routine are (C) 2009 - * - * Alternatively, the contents of this file may be used under the terms of - * either the GNU General Public License Version 2 or later (the "GPL"), or - * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), - * in which case the provisions of the GPL or the LGPL are applicable instead - * of those above. If you wish to allow use of your version of this file only - * under the terms of either the GPL or the LGPL, and not to allow others to - * use your version of this file under the terms of the MPL, indicate your - * decision by deleting the provisions above and replace them with the notice - * and other provisions required by the GPL or the LGPL. If you do not delete - * the provisions above, a recipient may use your version of this file under - * the terms of any one of the MPL, the GPL or the LGPL. - * - * ***** END LICENSE BLOCK ***** */ - -define('TOKEN_END', 1); -define('TOKEN_NUMBER', 2); -define('TOKEN_IDENTIFIER', 3); -define('TOKEN_STRING', 4); -define('TOKEN_REGEXP', 5); -define('TOKEN_NEWLINE', 6); -define('TOKEN_CONDCOMMENT_MULTILINE', 7); - -define('JS_SCRIPT', 100); -define('JS_BLOCK', 101); -define('JS_LABEL', 102); -define('JS_FOR_IN', 103); -define('JS_CALL', 104); -define('JS_NEW_WITH_ARGS', 105); -define('JS_INDEX', 106); -define('JS_ARRAY_INIT', 107); -define('JS_OBJECT_INIT', 108); -define('JS_PROPERTY_INIT', 109); -define('JS_GETTER', 110); -define('JS_SETTER', 111); -define('JS_GROUP', 112); -define('JS_LIST', 113); - -define('DECLARED_FORM', 0); -define('EXPRESSED_FORM', 1); -define('STATEMENT_FORM', 2); - -class JSMinPlus -{ - private $parser; - private $reserved = array( - 'break', 'case', 'catch', 'continue', 'default', 'delete', 'do', - 'else', 'finally', 'for', 'function', 'if', 'in', 'instanceof', - 'new', 'return', 'switch', 'this', 'throw', 'try', 'typeof', 'var', - 'void', 'while', 'with', - // Words reserved for future use - 'abstract', 'boolean', 'byte', 'char', 'class', 'const', 'debugger', - 'double', 'enum', 'export', 'extends', 'final', 'float', 'goto', - 'implements', 'import', 'int', 'interface', 'long', 'native', - 'package', 'private', 'protected', 'public', 'short', 'static', - 'super', 'synchronized', 'throws', 'transient', 'volatile', - // These are not reserved, but should be taken into account - // in isValidIdentifier (See jslint source code) - 'arguments', 'eval', 'true', 'false', 'Infinity', 'NaN', 'null', 'undefined' - ); - - private function __construct() - { - $this->parser = new JSParser(); - } - - public static function minify($js, $filename='') - { - static $instance; - - // this is a singleton - if(!$instance) - $instance = new JSMinPlus(); - - return $instance->min($js, $filename); - } - - private function min($js, $filename) - { - try - { - $n = $this->parser->parse($js, $filename, 1); - return $this->parseTree($n); - } - catch(Exception $e) - { - echo $e->getMessage() . "\n"; - } - - return false; - } - - private function parseTree($n, $noBlockGrouping = false) - { - $s = ''; - - switch ($n->type) - { - case KEYWORD_FUNCTION: - $s .= 'function' . ($n->name ? ' ' . $n->name : '') . '('; - $params = $n->params; - for ($i = 0, $j = count($params); $i < $j; $i++) - $s .= ($i ? ',' : '') . $params[$i]; - $s .= '){' . $this->parseTree($n->body, true) . '}'; - break; - - case JS_SCRIPT: - // we do nothing with funDecls or varDecls - $noBlockGrouping = true; - // fall through - case JS_BLOCK: - $childs = $n->treeNodes; - for ($c = 0, $i = 0, $j = count($childs); $i < $j; $i++) - { - $t = $this->parseTree($childs[$i]); - if (strlen($t)) - { - if ($c) - { - if ($childs[$i]->type == KEYWORD_FUNCTION && $childs[$i]->functionForm == DECLARED_FORM) - $s .= "\n"; // put declared functions on a new line - else - $s .= ';'; - } - - $s .= $t; - - $c++; - } - } - - if ($c > 1 && !$noBlockGrouping) - { - $s = '{' . $s . '}'; - } - break; - - case KEYWORD_IF: - $s = 'if(' . $this->parseTree($n->condition) . ')'; - $thenPart = $this->parseTree($n->thenPart); - $elsePart = $n->elsePart ? $this->parseTree($n->elsePart) : null; - - // quite a rancid hack to see if we should enclose the thenpart in brackets - if ($thenPart[0] != '{') - { - if (strpos($thenPart, 'if(') !== false) - $thenPart = '{' . $thenPart . '}'; - elseif ($elsePart) - $thenPart .= ';'; - } - - $s .= $thenPart; - - if ($elsePart) - { - $s .= 'else'; - - if ($elsePart[0] != '{') - $s .= ' '; - - $s .= $elsePart; - } - break; - - case KEYWORD_SWITCH: - $s = 'switch(' . $this->parseTree($n->discriminant) . '){'; - $cases = $n->cases; - for ($i = 0, $j = count($cases); $i < $j; $i++) - { - $case = $cases[$i]; - if ($case->type == KEYWORD_CASE) - $s .= 'case' . ($case->caseLabel->type != TOKEN_STRING ? ' ' : '') . $this->parseTree($case->caseLabel) . ':'; - else - $s .= 'default:'; - - $statement = $this->parseTree($case->statements); - if ($statement) - $s .= $statement . ';'; - } - $s = rtrim($s, ';') . '}'; - break; - - case KEYWORD_FOR: - $s = 'for(' . ($n->setup ? $this->parseTree($n->setup) : '') - . ';' . ($n->condition ? $this->parseTree($n->condition) : '') - . ';' . ($n->update ? $this->parseTree($n->update) : '') . ')' - . $this->parseTree($n->body); - break; - - case KEYWORD_WHILE: - $s = 'while(' . $this->parseTree($n->condition) . ')' . $this->parseTree($n->body); - break; - - case JS_FOR_IN: - $s = 'for(' . ($n->varDecl ? $this->parseTree($n->varDecl) : $this->parseTree($n->iterator)) . ' in ' . $this->parseTree($n->object) . ')' . $this->parseTree($n->body); - break; - - case KEYWORD_DO: - $s = 'do{' . $this->parseTree($n->body, true) . '}while(' . $this->parseTree($n->condition) . ')'; - break; - - case KEYWORD_BREAK: - case KEYWORD_CONTINUE: - $s = $n->value . ($n->label ? ' ' . $n->label : ''); - break; - - case KEYWORD_TRY: - $s = 'try{' . $this->parseTree($n->tryBlock, true) . '}'; - $catchClauses = $n->catchClauses; - for ($i = 0, $j = count($catchClauses); $i < $j; $i++) - { - $t = $catchClauses[$i]; - $s .= 'catch(' . $t->varName . ($t->guard ? ' if ' . $this->parseTree($t->guard) : '') . '){' . $this->parseTree($t->block, true) . '}'; - } - if ($n->finallyBlock) - $s .= 'finally{' . $this->parseTree($n->finallyBlock, true) . '}'; - break; - - case KEYWORD_THROW: - $s = 'throw ' . $this->parseTree($n->exception); - break; - - case KEYWORD_RETURN: - $s = 'return' . ($n->value ? ' ' . $this->parseTree($n->value) : ''); - break; - - case KEYWORD_WITH: - $s = 'with(' . $this->parseTree($n->object) . ')' . $this->parseTree($n->body); - break; - - case KEYWORD_VAR: - case KEYWORD_CONST: - $s = $n->value . ' '; - $childs = $n->treeNodes; - for ($i = 0, $j = count($childs); $i < $j; $i++) - { - $t = $childs[$i]; - $s .= ($i ? ',' : '') . $t->name; - $u = $t->initializer; - if ($u) - $s .= '=' . $this->parseTree($u); - } - break; - - case KEYWORD_DEBUGGER: - throw new Exception('NOT IMPLEMENTED: DEBUGGER'); - break; - - case TOKEN_CONDCOMMENT_MULTILINE: - $s = $n->value . ' '; - $childs = $n->treeNodes; - for ($i = 0, $j = count($childs); $i < $j; $i++) - $s .= $this->parseTree($childs[$i]); - break; - - case OP_SEMICOLON: - if ($expression = $n->expression) - $s = $this->parseTree($expression); - break; - - case JS_LABEL: - $s = $n->label . ':' . $this->parseTree($n->statement); - break; - - case OP_COMMA: - $childs = $n->treeNodes; - for ($i = 0, $j = count($childs); $i < $j; $i++) - $s .= ($i ? ',' : '') . $this->parseTree($childs[$i]); - break; - - case OP_ASSIGN: - $s = $this->parseTree($n->treeNodes[0]) . $n->value . $this->parseTree($n->treeNodes[1]); - break; - - case OP_HOOK: - $s = $this->parseTree($n->treeNodes[0]) . '?' . $this->parseTree($n->treeNodes[1]) . ':' . $this->parseTree($n->treeNodes[2]); - break; - - case OP_OR: case OP_AND: - case OP_BITWISE_OR: case OP_BITWISE_XOR: case OP_BITWISE_AND: - case OP_EQ: case OP_NE: case OP_STRICT_EQ: case OP_STRICT_NE: - case OP_LT: case OP_LE: case OP_GE: case OP_GT: - case OP_LSH: case OP_RSH: case OP_URSH: - case OP_MUL: case OP_DIV: case OP_MOD: - $s = $this->parseTree($n->treeNodes[0]) . $n->type . $this->parseTree($n->treeNodes[1]); - break; - - case OP_PLUS: - case OP_MINUS: - $s = $this->parseTree($n->treeNodes[0]) . $n->type; - $nextTokenType = $n->treeNodes[1]->type; - if ( $nextTokenType == OP_PLUS || $nextTokenType == OP_MINUS || - $nextTokenType == OP_INCREMENT || $nextTokenType == OP_DECREMENT || - $nextTokenType == OP_UNARY_PLUS || $nextTokenType == OP_UNARY_MINUS - ) - $s .= ' '; - $s .= $this->parseTree($n->treeNodes[1]); - break; - - case KEYWORD_IN: - $s = $this->parseTree($n->treeNodes[0]) . ' in ' . $this->parseTree($n->treeNodes[1]); - break; - - case KEYWORD_INSTANCEOF: - $s = $this->parseTree($n->treeNodes[0]) . ' instanceof ' . $this->parseTree($n->treeNodes[1]); - break; - - case KEYWORD_DELETE: - $s = 'delete ' . $this->parseTree($n->treeNodes[0]); - break; - - case KEYWORD_VOID: - $s = 'void(' . $this->parseTree($n->treeNodes[0]) . ')'; - break; - - case KEYWORD_TYPEOF: - $s = 'typeof ' . $this->parseTree($n->treeNodes[0]); - break; - - case OP_NOT: - case OP_BITWISE_NOT: - case OP_UNARY_PLUS: - case OP_UNARY_MINUS: - $s = $n->value . $this->parseTree($n->treeNodes[0]); - break; - - case OP_INCREMENT: - case OP_DECREMENT: - if ($n->postfix) - $s = $this->parseTree($n->treeNodes[0]) . $n->value; - else - $s = $n->value . $this->parseTree($n->treeNodes[0]); - break; - - case OP_DOT: - $s = $this->parseTree($n->treeNodes[0]) . '.' . $this->parseTree($n->treeNodes[1]); - break; - - case JS_INDEX: - $s = $this->parseTree($n->treeNodes[0]); - // See if we can replace named index with a dot saving 3 bytes - if ( $n->treeNodes[0]->type == TOKEN_IDENTIFIER && - $n->treeNodes[1]->type == TOKEN_STRING && - $this->isValidIdentifier(substr($n->treeNodes[1]->value, 1, -1)) - ) - $s .= '.' . substr($n->treeNodes[1]->value, 1, -1); - else - $s .= '[' . $this->parseTree($n->treeNodes[1]) . ']'; - break; - - case JS_LIST: - $childs = $n->treeNodes; - for ($i = 0, $j = count($childs); $i < $j; $i++) - $s .= ($i ? ',' : '') . $this->parseTree($childs[$i]); - break; - - case JS_CALL: - $s = $this->parseTree($n->treeNodes[0]) . '(' . $this->parseTree($n->treeNodes[1]) . ')'; - break; - - case KEYWORD_NEW: - case JS_NEW_WITH_ARGS: - $s = 'new ' . $this->parseTree($n->treeNodes[0]) . '(' . ($n->type == JS_NEW_WITH_ARGS ? $this->parseTree($n->treeNodes[1]) : '') . ')'; - break; - - case JS_ARRAY_INIT: - $s = '['; - $childs = $n->treeNodes; - for ($i = 0, $j = count($childs); $i < $j; $i++) - { - $s .= ($i ? ',' : '') . $this->parseTree($childs[$i]); - } - $s .= ']'; - break; - - case JS_OBJECT_INIT: - $s = '{'; - $childs = $n->treeNodes; - for ($i = 0, $j = count($childs); $i < $j; $i++) - { - $t = $childs[$i]; - if ($i) - $s .= ','; - if ($t->type == JS_PROPERTY_INIT) - { - // Ditch the quotes when the index is a valid identifier - if ( $t->treeNodes[0]->type == TOKEN_STRING && - $this->isValidIdentifier(substr($t->treeNodes[0]->value, 1, -1)) - ) - $s .= substr($t->treeNodes[0]->value, 1, -1); - else - $s .= $t->treeNodes[0]->value; - - $s .= ':' . $this->parseTree($t->treeNodes[1]); - } - else - { - $s .= $t->type == JS_GETTER ? 'get' : 'set'; - $s .= ' ' . $t->name . '('; - $params = $t->params; - for ($i = 0, $j = count($params); $i < $j; $i++) - $s .= ($i ? ',' : '') . $params[$i]; - $s .= '){' . $this->parseTree($t->body, true) . '}'; - } - } - $s .= '}'; - break; - - case KEYWORD_NULL: case KEYWORD_THIS: case KEYWORD_TRUE: case KEYWORD_FALSE: - case TOKEN_IDENTIFIER: case TOKEN_NUMBER: case TOKEN_STRING: case TOKEN_REGEXP: - $s = $n->value; - break; - - case JS_GROUP: - $s = '(' . $this->parseTree($n->treeNodes[0]) . ')'; - break; - - default: - throw new Exception('UNKNOWN TOKEN TYPE: ' . $n->type); - } - - return $s; - } - - private function isValidIdentifier($string) - { - return preg_match('/^[a-zA-Z_][a-zA-Z0-9_]*$/', $string) && !in_array($string, $this->reserved); - } -} - -class JSParser -{ - private $t; - - private $opPrecedence = array( - ';' => 0, - ',' => 1, - '=' => 2, '?' => 2, ':' => 2, - // The above all have to have the same precedence, see bug 330975. - '||' => 4, - '&&' => 5, - '|' => 6, - '^' => 7, - '&' => 8, - '==' => 9, '!=' => 9, '===' => 9, '!==' => 9, - '<' => 10, '<=' => 10, '>=' => 10, '>' => 10, 'in' => 10, 'instanceof' => 10, - '<<' => 11, '>>' => 11, '>>>' => 11, - '+' => 12, '-' => 12, - '*' => 13, '/' => 13, '%' => 13, - 'delete' => 14, 'void' => 14, 'typeof' => 14, - '!' => 14, '~' => 14, 'U+' => 14, 'U-' => 14, - '++' => 15, '--' => 15, - 'new' => 16, - '.' => 17, - JS_NEW_WITH_ARGS => 0, JS_INDEX => 0, JS_CALL => 0, - JS_ARRAY_INIT => 0, JS_OBJECT_INIT => 0, JS_GROUP => 0 - ); - - private $opArity = array( - ',' => -2, - '=' => 2, - '?' => 3, - '||' => 2, - '&&' => 2, - '|' => 2, - '^' => 2, - '&' => 2, - '==' => 2, '!=' => 2, '===' => 2, '!==' => 2, - '<' => 2, '<=' => 2, '>=' => 2, '>' => 2, 'in' => 2, 'instanceof' => 2, - '<<' => 2, '>>' => 2, '>>>' => 2, - '+' => 2, '-' => 2, - '*' => 2, '/' => 2, '%' => 2, - 'delete' => 1, 'void' => 1, 'typeof' => 1, - '!' => 1, '~' => 1, 'U+' => 1, 'U-' => 1, - '++' => 1, '--' => 1, - 'new' => 1, - '.' => 2, - JS_NEW_WITH_ARGS => 2, JS_INDEX => 2, JS_CALL => 2, - JS_ARRAY_INIT => 1, JS_OBJECT_INIT => 1, JS_GROUP => 1, - TOKEN_CONDCOMMENT_MULTILINE => 1 - ); - - public function __construct() - { - $this->t = new JSTokenizer(); - } - - public function parse($s, $f, $l) - { - // initialize tokenizer - $this->t->init($s, $f, $l); - - $x = new JSCompilerContext(false); - $n = $this->Script($x); - if (!$this->t->isDone()) - throw $this->t->newSyntaxError('Syntax error'); - - return $n; - } - - private function Script($x) - { - $n = $this->Statements($x); - $n->type = JS_SCRIPT; - $n->funDecls = $x->funDecls; - $n->varDecls = $x->varDecls; - - return $n; - } - - private function Statements($x) - { - $n = new JSNode($this->t, JS_BLOCK); - array_push($x->stmtStack, $n); - - while (!$this->t->isDone() && $this->t->peek() != OP_RIGHT_CURLY) - $n->addNode($this->Statement($x)); - - array_pop($x->stmtStack); - - return $n; - } - - private function Block($x) - { - $this->t->mustMatch(OP_LEFT_CURLY); - $n = $this->Statements($x); - $this->t->mustMatch(OP_RIGHT_CURLY); - - return $n; - } - - private function Statement($x) - { - $tt = $this->t->get(); - $n2 = null; - - // Cases for statements ending in a right curly return early, avoiding the - // common semicolon insertion magic after this switch. - switch ($tt) - { - case KEYWORD_FUNCTION: - return $this->FunctionDefinition( - $x, - true, - count($x->stmtStack) > 1 ? STATEMENT_FORM : DECLARED_FORM - ); - break; - - case OP_LEFT_CURLY: - $n = $this->Statements($x); - $this->t->mustMatch(OP_RIGHT_CURLY); - return $n; - - case KEYWORD_IF: - $n = new JSNode($this->t); - $n->condition = $this->ParenExpression($x); - array_push($x->stmtStack, $n); - $n->thenPart = $this->Statement($x); - $n->elsePart = $this->t->match(KEYWORD_ELSE) ? $this->Statement($x) : null; - array_pop($x->stmtStack); - return $n; - - case KEYWORD_SWITCH: - $n = new JSNode($this->t); - $this->t->mustMatch(OP_LEFT_PAREN); - $n->discriminant = $this->Expression($x); - $this->t->mustMatch(OP_RIGHT_PAREN); - $n->cases = array(); - $n->defaultIndex = -1; - - array_push($x->stmtStack, $n); - - $this->t->mustMatch(OP_LEFT_CURLY); - - while (($tt = $this->t->get()) != OP_RIGHT_CURLY) - { - switch ($tt) - { - case KEYWORD_DEFAULT: - if ($n->defaultIndex >= 0) - throw $this->t->newSyntaxError('More than one switch default'); - // FALL THROUGH - case KEYWORD_CASE: - $n2 = new JSNode($this->t); - if ($tt == KEYWORD_DEFAULT) - $n->defaultIndex = count($n->cases); - else - $n2->caseLabel = $this->Expression($x, OP_COLON); - break; - default: - throw $this->t->newSyntaxError('Invalid switch case'); - } - - $this->t->mustMatch(OP_COLON); - $n2->statements = new JSNode($this->t, JS_BLOCK); - while (($tt = $this->t->peek()) != KEYWORD_CASE && $tt != KEYWORD_DEFAULT && $tt != OP_RIGHT_CURLY) - $n2->statements->addNode($this->Statement($x)); - - array_push($n->cases, $n2); - } - - array_pop($x->stmtStack); - return $n; - - case KEYWORD_FOR: - $n = new JSNode($this->t); - $n->isLoop = true; - $this->t->mustMatch(OP_LEFT_PAREN); - - if (($tt = $this->t->peek()) != OP_SEMICOLON) - { - $x->inForLoopInit = true; - if ($tt == KEYWORD_VAR || $tt == KEYWORD_CONST) - { - $this->t->get(); - $n2 = $this->Variables($x); - } - else - { - $n2 = $this->Expression($x); - } - $x->inForLoopInit = false; - } - - if ($n2 && $this->t->match(KEYWORD_IN)) - { - $n->type = JS_FOR_IN; - if ($n2->type == KEYWORD_VAR) - { - if (count($n2->treeNodes) != 1) - { - throw $this->t->SyntaxError( - 'Invalid for..in left-hand side', - $this->t->filename, - $n2->lineno - ); - } - - // NB: n2[0].type == IDENTIFIER and n2[0].value == n2[0].name. - $n->iterator = $n2->treeNodes[0]; - $n->varDecl = $n2; - } - else - { - $n->iterator = $n2; - $n->varDecl = null; - } - - $n->object = $this->Expression($x); - } - else - { - $n->setup = $n2 ? $n2 : null; - $this->t->mustMatch(OP_SEMICOLON); - $n->condition = $this->t->peek() == OP_SEMICOLON ? null : $this->Expression($x); - $this->t->mustMatch(OP_SEMICOLON); - $n->update = $this->t->peek() == OP_RIGHT_PAREN ? null : $this->Expression($x); - } - - $this->t->mustMatch(OP_RIGHT_PAREN); - $n->body = $this->nest($x, $n); - return $n; - - case KEYWORD_WHILE: - $n = new JSNode($this->t); - $n->isLoop = true; - $n->condition = $this->ParenExpression($x); - $n->body = $this->nest($x, $n); - return $n; - - case KEYWORD_DO: - $n = new JSNode($this->t); - $n->isLoop = true; - $n->body = $this->nest($x, $n, KEYWORD_WHILE); - $n->condition = $this->ParenExpression($x); - if (!$x->ecmaStrictMode) - { - // "; - * $link = ""; - * - * // in min.php - * Minify::serve('Groups', array( - * 'groups' => $groupSources - * ,'setExpires' => (time() + 86400 * 365) - * )); - * - * - * @package Minify - * @author Stephen Clay - */ -class Minify_Build { - - /** - * Last modification time of all files in the build - * - * @var int - */ - public $lastModified = 0; - - /** - * String to use as ampersand in uri(). Set this to '&' if - * you are not HTML-escaping URIs. - * - * @var string - */ - public static $ampersand = '&'; - - /** - * Get a time-stamped URI - * - * - * echo $b->uri('/site.js'); - * // outputs "/site.js?1678242" - * - * echo $b->uri('/scriptaculous.js?load=effects'); - * // outputs "/scriptaculous.js?load=effects&1678242" - * - * - * @param string $uri - * @param boolean $forceAmpersand (default = false) Force the use of ampersand to - * append the timestamp to the URI. - * @return string - */ - public function uri($uri, $forceAmpersand = false) { - $sep = ($forceAmpersand || strpos($uri, '?') !== false) - ? self::$ampersand - : '?'; - return "{$uri}{$sep}{$this->lastModified}"; - } - - /** - * Create a build object - * - * @param array $sources array of Minify_Source objects and/or file paths - * - * @return null - */ - public function __construct($sources) - { - $max = 0; - foreach ((array)$sources as $source) { - if ($source instanceof Minify_Source) { - $max = max($max, $source->lastModified); - } elseif (is_string($source)) { - if (0 === strpos($source, '//')) { - $source = $_SERVER['DOCUMENT_ROOT'] . substr($source, 1); - } - if (is_file($source)) { - $max = max($max, filemtime($source)); - } - } - } - $this->lastModified = $max; - } -} diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/CSS.php b/plugins/Minify/extlib/minify/min/lib/Minify/CSS.php deleted file mode 100644 index 2220cf2211..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/CSS.php +++ /dev/null @@ -1,83 +0,0 @@ - - * @author http://code.google.com/u/1stvamp/ (Issue 64 patch) - */ -class Minify_CSS { - - /** - * Minify a CSS string - * - * @param string $css - * - * @param array $options available options: - * - * 'preserveComments': (default true) multi-line comments that begin - * with "/*!" will be preserved with newlines before and after to - * enhance readability. - * - * 'prependRelativePath': (default null) if given, this string will be - * prepended to all relative URIs in import/url declarations - * - * 'currentDir': (default null) if given, this is assumed to be the - * directory of the current CSS file. Using this, minify will rewrite - * all relative URIs in import/url declarations to correctly point to - * the desired files. For this to work, the files *must* exist and be - * visible by the PHP process. - * - * 'symlinks': (default = array()) If the CSS file is stored in - * a symlink-ed directory, provide an array of link paths to - * target paths, where the link paths are within the document root. Because - * paths need to be normalized for this to work, use "//" to substitute - * the doc root in the link paths (the array keys). E.g.: - * - * array('//symlink' => '/real/target/path') // unix - * array('//static' => 'D:\\staticStorage') // Windows - * - * - * @return string - */ - public static function minify($css, $options = array()) - { - require_once 'Minify/CSS/Compressor.php'; - if (isset($options['preserveComments']) - && !$options['preserveComments']) { - $css = Minify_CSS_Compressor::process($css, $options); - } else { - require_once 'Minify/CommentPreserver.php'; - $css = Minify_CommentPreserver::process( - $css - ,array('Minify_CSS_Compressor', 'process') - ,array($options) - ); - } - if (! isset($options['currentDir']) && ! isset($options['prependRelativePath'])) { - return $css; - } - require_once 'Minify/CSS/UriRewriter.php'; - if (isset($options['currentDir'])) { - return Minify_CSS_UriRewriter::rewrite( - $css - ,$options['currentDir'] - ,isset($options['docRoot']) ? $options['docRoot'] : $_SERVER['DOCUMENT_ROOT'] - ,isset($options['symlinks']) ? $options['symlinks'] : array() - ); - } else { - return Minify_CSS_UriRewriter::prepend( - $css - ,$options['prependRelativePath'] - ); - } - } -} diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/CSS/Compressor.php b/plugins/Minify/extlib/minify/min/lib/Minify/CSS/Compressor.php deleted file mode 100644 index a34828681d..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/CSS/Compressor.php +++ /dev/null @@ -1,250 +0,0 @@ - - * @author http://code.google.com/u/1stvamp/ (Issue 64 patch) - */ -class Minify_CSS_Compressor { - - /** - * Minify a CSS string - * - * @param string $css - * - * @param array $options (currently ignored) - * - * @return string - */ - public static function process($css, $options = array()) - { - $obj = new Minify_CSS_Compressor($options); - return $obj->_process($css); - } - - /** - * @var array options - */ - protected $_options = null; - - /** - * @var bool Are we "in" a hack? - * - * I.e. are some browsers targetted until the next comment? - */ - protected $_inHack = false; - - - /** - * Constructor - * - * @param array $options (currently ignored) - * - * @return null - */ - private function __construct($options) { - $this->_options = $options; - } - - /** - * Minify a CSS string - * - * @param string $css - * - * @return string - */ - protected function _process($css) - { - $css = str_replace("\r\n", "\n", $css); - - // preserve empty comment after '>' - // http://www.webdevout.net/css-hacks#in_css-selectors - $css = preg_replace('@>/\\*\\s*\\*/@', '>/*keep*/', $css); - - // preserve empty comment between property and value - // http://css-discuss.incutio.com/?page=BoxModelHack - $css = preg_replace('@/\\*\\s*\\*/\\s*:@', '/*keep*/:', $css); - $css = preg_replace('@:\\s*/\\*\\s*\\*/@', ':/*keep*/', $css); - - // apply callback to all valid comments (and strip out surrounding ws - $css = preg_replace_callback('@\\s*/\\*([\\s\\S]*?)\\*/\\s*@' - ,array($this, '_commentCB'), $css); - - // remove ws around { } and last semicolon in declaration block - $css = preg_replace('/\\s*{\\s*/', '{', $css); - $css = preg_replace('/;?\\s*}\\s*/', '}', $css); - - // remove ws surrounding semicolons - $css = preg_replace('/\\s*;\\s*/', ';', $css); - - // remove ws around urls - $css = preg_replace('/ - url\\( # url( - \\s* - ([^\\)]+?) # 1 = the URL (really just a bunch of non right parenthesis) - \\s* - \\) # ) - /x', 'url($1)', $css); - - // remove ws between rules and colons - $css = preg_replace('/ - \\s* - ([{;]) # 1 = beginning of block or rule separator - \\s* - ([\\*_]?[\\w\\-]+) # 2 = property (and maybe IE filter) - \\s* - : - \\s* - (\\b|[#\'"]) # 3 = first character of a value - /x', '$1$2:$3', $css); - - // remove ws in selectors - $css = preg_replace_callback('/ - (?: # non-capture - \\s* - [^~>+,\\s]+ # selector part - \\s* - [,>+~] # combinators - )+ - \\s* - [^~>+,\\s]+ # selector part - { # open declaration block - /x' - ,array($this, '_selectorsCB'), $css); - - // minimize hex colors - $css = preg_replace('/([^=])#([a-f\\d])\\2([a-f\\d])\\3([a-f\\d])\\4([\\s;\\}])/i' - , '$1#$2$3$4$5', $css); - - // remove spaces between font families - $css = preg_replace_callback('/font-family:([^;}]+)([;}])/' - ,array($this, '_fontFamilyCB'), $css); - - $css = preg_replace('/@import\\s+url/', '@import url', $css); - - // replace any ws involving newlines with a single newline - $css = preg_replace('/[ \\t]*\\n+\\s*/', "\n", $css); - - // separate common descendent selectors w/ newlines (to limit line lengths) - $css = preg_replace('/([\\w#\\.\\*]+)\\s+([\\w#\\.\\*]+){/', "$1\n$2{", $css); - - // Use newline after 1st numeric value (to limit line lengths). - $css = preg_replace('/ - ((?:padding|margin|border|outline):\\d+(?:px|em)?) # 1 = prop : 1st numeric value - \\s+ - /x' - ,"$1\n", $css); - - // prevent triggering IE6 bug: http://www.crankygeek.com/ie6pebug/ - $css = preg_replace('/:first-l(etter|ine)\\{/', ':first-l$1 {', $css); - - return trim($css); - } - - /** - * Replace what looks like a set of selectors - * - * @param array $m regex matches - * - * @return string - */ - protected function _selectorsCB($m) - { - // remove ws around the combinators - return preg_replace('/\\s*([,>+~])\\s*/', '$1', $m[0]); - } - - /** - * Process a comment and return a replacement - * - * @param array $m regex matches - * - * @return string - */ - protected function _commentCB($m) - { - $hasSurroundingWs = (trim($m[0]) !== $m[1]); - $m = $m[1]; - // $m is the comment content w/o the surrounding tokens, - // but the return value will replace the entire comment. - if ($m === 'keep') { - return '/**/'; - } - if ($m === '" "') { - // component of http://tantek.com/CSS/Examples/midpass.html - return '/*" "*/'; - } - if (preg_match('@";\\}\\s*\\}/\\*\\s+@', $m)) { - // component of http://tantek.com/CSS/Examples/midpass.html - return '/*";}}/* */'; - } - if ($this->_inHack) { - // inversion: feeding only to one browser - if (preg_match('@ - ^/ # comment started like /*/ - \\s* - (\\S[\\s\\S]+?) # has at least some non-ws content - \\s* - /\\* # ends like /*/ or /**/ - @x', $m, $n)) { - // end hack mode after this comment, but preserve the hack and comment content - $this->_inHack = false; - return "/*/{$n[1]}/**/"; - } - } - if (substr($m, -1) === '\\') { // comment ends like \*/ - // begin hack mode and preserve hack - $this->_inHack = true; - return '/*\\*/'; - } - if ($m !== '' && $m[0] === '/') { // comment looks like /*/ foo */ - // begin hack mode and preserve hack - $this->_inHack = true; - return '/*/*/'; - } - if ($this->_inHack) { - // a regular comment ends hack mode but should be preserved - $this->_inHack = false; - return '/**/'; - } - // Issue 107: if there's any surrounding whitespace, it may be important, so - // replace the comment with a single space - return $hasSurroundingWs // remove all other comments - ? ' ' - : ''; - } - - /** - * Process a font-family listing and return a replacement - * - * @param array $m regex matches - * - * @return string - */ - protected function _fontFamilyCB($m) - { - $m[1] = preg_replace('/ - \\s* - ( - "[^"]+" # 1 = family in double qutoes - |\'[^\']+\' # or 1 = family in single quotes - |[\\w\\-]+ # or 1 = unquoted family - ) - \\s* - /x', '$1', $m[1]); - return 'font-family:' . $m[1] . $m[2]; - } -} diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/CSS/UriRewriter.php b/plugins/Minify/extlib/minify/min/lib/Minify/CSS/UriRewriter.php deleted file mode 100644 index 824c6bb2a1..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/CSS/UriRewriter.php +++ /dev/null @@ -1,270 +0,0 @@ - - */ -class Minify_CSS_UriRewriter { - - /** - * Defines which class to call as part of callbacks, change this - * if you extend Minify_CSS_UriRewriter - * @var string - */ - protected static $className = 'Minify_CSS_UriRewriter'; - - /** - * rewrite() and rewriteRelative() append debugging information here - * @var string - */ - public static $debugText = ''; - - /** - * Rewrite file relative URIs as root relative in CSS files - * - * @param string $css - * - * @param string $currentDir The directory of the current CSS file. - * - * @param string $docRoot The document root of the web site in which - * the CSS file resides (default = $_SERVER['DOCUMENT_ROOT']). - * - * @param array $symlinks (default = array()) If the CSS file is stored in - * a symlink-ed directory, provide an array of link paths to - * target paths, where the link paths are within the document root. Because - * paths need to be normalized for this to work, use "//" to substitute - * the doc root in the link paths (the array keys). E.g.: - * - * array('//symlink' => '/real/target/path') // unix - * array('//static' => 'D:\\staticStorage') // Windows - * - * - * @return string - */ - public static function rewrite($css, $currentDir, $docRoot = null, $symlinks = array()) - { - self::$_docRoot = self::_realpath( - $docRoot ? $docRoot : $_SERVER['DOCUMENT_ROOT'] - ); - self::$_currentDir = self::_realpath($currentDir); - self::$_symlinks = array(); - - // normalize symlinks - foreach ($symlinks as $link => $target) { - $link = ($link === '//') - ? self::$_docRoot - : str_replace('//', self::$_docRoot . '/', $link); - $link = strtr($link, '/', DIRECTORY_SEPARATOR); - self::$_symlinks[$link] = self::_realpath($target); - } - - self::$debugText .= "docRoot : " . self::$_docRoot . "\n" - . "currentDir : " . self::$_currentDir . "\n"; - if (self::$_symlinks) { - self::$debugText .= "symlinks : " . var_export(self::$_symlinks, 1) . "\n"; - } - self::$debugText .= "\n"; - - $css = self::_trimUrls($css); - - // rewrite - $css = preg_replace_callback('/@import\\s+([\'"])(.*?)[\'"]/' - ,array(self::$className, '_processUriCB'), $css); - $css = preg_replace_callback('/url\\(\\s*([^\\)\\s]+)\\s*\\)/' - ,array(self::$className, '_processUriCB'), $css); - - return $css; - } - - /** - * Prepend a path to relative URIs in CSS files - * - * @param string $css - * - * @param string $path The path to prepend. - * - * @return string - */ - public static function prepend($css, $path) - { - self::$_prependPath = $path; - - $css = self::_trimUrls($css); - - // append - $css = preg_replace_callback('/@import\\s+([\'"])(.*?)[\'"]/' - ,array(self::$className, '_processUriCB'), $css); - $css = preg_replace_callback('/url\\(\\s*([^\\)\\s]+)\\s*\\)/' - ,array(self::$className, '_processUriCB'), $css); - - self::$_prependPath = null; - return $css; - } - - - /** - * @var string directory of this stylesheet - */ - private static $_currentDir = ''; - - /** - * @var string DOC_ROOT - */ - private static $_docRoot = ''; - - /** - * @var array directory replacements to map symlink targets back to their - * source (within the document root) E.g. '/var/www/symlink' => '/var/realpath' - */ - private static $_symlinks = array(); - - /** - * @var string path to prepend - */ - private static $_prependPath = null; - - private static function _trimUrls($css) - { - return preg_replace('/ - url\\( # url( - \\s* - ([^\\)]+?) # 1 = URI (assuming does not contain ")") - \\s* - \\) # ) - /x', 'url($1)', $css); - } - - private static function _processUriCB($m) - { - // $m matched either '/@import\\s+([\'"])(.*?)[\'"]/' or '/url\\(\\s*([^\\)\\s]+)\\s*\\)/' - $isImport = ($m[0][0] === '@'); - // determine URI and the quote character (if any) - if ($isImport) { - $quoteChar = $m[1]; - $uri = $m[2]; - } else { - // $m[1] is either quoted or not - $quoteChar = ($m[1][0] === "'" || $m[1][0] === '"') - ? $m[1][0] - : ''; - $uri = ($quoteChar === '') - ? $m[1] - : substr($m[1], 1, strlen($m[1]) - 2); - } - // analyze URI - if ('/' !== $uri[0] // root-relative - && false === strpos($uri, '//') // protocol (non-data) - && 0 !== strpos($uri, 'data:') // data protocol - ) { - // URI is file-relative: rewrite depending on options - $uri = (self::$_prependPath !== null) - ? (self::$_prependPath . $uri) - : self::rewriteRelative($uri, self::$_currentDir, self::$_docRoot, self::$_symlinks); - } - return $isImport - ? "@import {$quoteChar}{$uri}{$quoteChar}" - : "url({$quoteChar}{$uri}{$quoteChar})"; - } - - /** - * Rewrite a file relative URI as root relative - * - * - * Minify_CSS_UriRewriter::rewriteRelative( - * '../img/hello.gif' - * , '/home/user/www/css' // path of CSS file - * , '/home/user/www' // doc root - * ); - * // returns '/img/hello.gif' - * - * // example where static files are stored in a symlinked directory - * Minify_CSS_UriRewriter::rewriteRelative( - * 'hello.gif' - * , '/var/staticFiles/theme' - * , '/home/user/www' - * , array('/home/user/www/static' => '/var/staticFiles') - * ); - * // returns '/static/theme/hello.gif' - * - * - * @param string $uri file relative URI - * - * @param string $realCurrentDir realpath of the current file's directory. - * - * @param string $realDocRoot realpath of the site document root. - * - * @param array $symlinks (default = array()) If the file is stored in - * a symlink-ed directory, provide an array of link paths to - * real target paths, where the link paths "appear" to be within the document - * root. E.g.: - * - * array('/home/foo/www/not/real/path' => '/real/target/path') // unix - * array('C:\\htdocs\\not\\real' => 'D:\\real\\target\\path') // Windows - * - * - * @return string - */ - public static function rewriteRelative($uri, $realCurrentDir, $realDocRoot, $symlinks = array()) - { - // prepend path with current dir separator (OS-independent) - $path = strtr($realCurrentDir, '/', DIRECTORY_SEPARATOR) - . DIRECTORY_SEPARATOR . strtr($uri, '/', DIRECTORY_SEPARATOR); - - self::$debugText .= "file-relative URI : {$uri}\n" - . "path prepended : {$path}\n"; - - // "unresolve" a symlink back to doc root - foreach ($symlinks as $link => $target) { - if (0 === strpos($path, $target)) { - // replace $target with $link - $path = $link . substr($path, strlen($target)); - - self::$debugText .= "symlink unresolved : {$path}\n"; - - break; - } - } - // strip doc root - $path = substr($path, strlen($realDocRoot)); - - self::$debugText .= "docroot stripped : {$path}\n"; - - // fix to root-relative URI - - $uri = strtr($path, '/\\', '//'); - - // remove /./ and /../ where possible - $uri = str_replace('/./', '/', $uri); - // inspired by patch from Oleg Cherniy - do { - $uri = preg_replace('@/[^/]+/\\.\\./@', '/', $uri, 1, $changed); - } while ($changed); - - self::$debugText .= "traversals removed : {$uri}\n\n"; - - return $uri; - } - - /** - * Get realpath with any trailing slash removed. If realpath() fails, - * just remove the trailing slash. - * - * @param string $path - * - * @return mixed path with no trailing slash - */ - protected static function _realpath($path) - { - $realPath = realpath($path); - if ($realPath !== false) { - $path = $realPath; - } - return rtrim($path, '/\\'); - } -} diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/Cache/APC.php b/plugins/Minify/extlib/minify/min/lib/Minify/Cache/APC.php deleted file mode 100644 index ca84d29987..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/Cache/APC.php +++ /dev/null @@ -1,130 +0,0 @@ - - * Minify::setCache(new Minify_Cache_APC()); - * - * - * @package Minify - * @author Chris Edwards - **/ -class Minify_Cache_APC { - - /** - * Create a Minify_Cache_APC object, to be passed to - * Minify::setCache(). - * - * - * @param int $expire seconds until expiration (default = 0 - * meaning the item will not get an expiration date) - * - * @return null - */ - public function __construct($expire = 0) - { - $this->_exp = $expire; - } - - /** - * Write data to cache. - * - * @param string $id cache id - * - * @param string $data - * - * @return bool success - */ - public function store($id, $data) - { - return apc_store($id, "{$_SERVER['REQUEST_TIME']}|{$data}", $this->_exp); - } - - /** - * Get the size of a cache entry - * - * @param string $id cache id - * - * @return int size in bytes - */ - public function getSize($id) - { - return $this->_fetch($id) - ? strlen($this->_data) - : false; - } - - /** - * Does a valid cache entry exist? - * - * @param string $id cache id - * - * @param int $srcMtime mtime of the original source file(s) - * - * @return bool exists - */ - public function isValid($id, $srcMtime) - { - return ($this->_fetch($id) && ($this->_lm >= $srcMtime)); - } - - /** - * Send the cached content to output - * - * @param string $id cache id - */ - public function display($id) - { - echo $this->_fetch($id) - ? $this->_data - : ''; - } - - /** - * Fetch the cached content - * - * @param string $id cache id - * - * @return string - */ - public function fetch($id) - { - return $this->_fetch($id) - ? $this->_data - : ''; - } - - private $_exp = null; - - // cache of most recently fetched id - private $_lm = null; - private $_data = null; - private $_id = null; - - /** - * Fetch data and timestamp from apc, store in instance - * - * @param string $id - * - * @return bool success - */ - private function _fetch($id) - { - if ($this->_id === $id) { - return true; - } - $ret = apc_fetch($id); - if (false === $ret) { - $this->_id = null; - return false; - } - list($this->_lm, $this->_data) = explode('|', $ret, 2); - $this->_id = $id; - return true; - } -} diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/Cache/File.php b/plugins/Minify/extlib/minify/min/lib/Minify/Cache/File.php deleted file mode 100644 index 8744a7e04f..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/Cache/File.php +++ /dev/null @@ -1,125 +0,0 @@ -_locking = $fileLocking; - $this->_path = $path; - } - - /** - * Write data to cache. - * - * @param string $id cache id (e.g. a filename) - * - * @param string $data - * - * @return bool success - */ - public function store($id, $data) - { - $flag = $this->_locking - ? LOCK_EX - : null; - if (is_file($this->_path . '/' . $id)) { - @unlink($this->_path . '/' . $id); - } - if (! @file_put_contents($this->_path . '/' . $id, $data, $flag)) { - return false; - } - // write control - if ($data !== $this->fetch($id)) { - @unlink($file); - return false; - } - return true; - } - - /** - * Get the size of a cache entry - * - * @param string $id cache id (e.g. a filename) - * - * @return int size in bytes - */ - public function getSize($id) - { - return filesize($this->_path . '/' . $id); - } - - /** - * Does a valid cache entry exist? - * - * @param string $id cache id (e.g. a filename) - * - * @param int $srcMtime mtime of the original source file(s) - * - * @return bool exists - */ - public function isValid($id, $srcMtime) - { - $file = $this->_path . '/' . $id; - return (is_file($file) && (filemtime($file) >= $srcMtime)); - } - - /** - * Send the cached content to output - * - * @param string $id cache id (e.g. a filename) - */ - public function display($id) - { - if ($this->_locking) { - $fp = fopen($this->_path . '/' . $id, 'rb'); - flock($fp, LOCK_SH); - fpassthru($fp); - flock($fp, LOCK_UN); - fclose($fp); - } else { - readfile($this->_path . '/' . $id); - } - } - - /** - * Fetch the cached content - * - * @param string $id cache id (e.g. a filename) - * - * @return string - */ - public function fetch($id) - { - if ($this->_locking) { - $fp = fopen($this->_path . '/' . $id, 'rb'); - flock($fp, LOCK_SH); - $ret = stream_get_contents($fp); - flock($fp, LOCK_UN); - fclose($fp); - return $ret; - } else { - return file_get_contents($this->_path . '/' . $id); - } - } - - /** - * Fetch the cache path used - * - * @return string - */ - public function getPath() - { - return $this->_path; - } - - private $_path = null; - private $_locking = null; -} diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/Cache/Memcache.php b/plugins/Minify/extlib/minify/min/lib/Minify/Cache/Memcache.php deleted file mode 100644 index 2b81e7a329..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/Cache/Memcache.php +++ /dev/null @@ -1,137 +0,0 @@ - - * // fall back to disk caching if memcache can't connect - * $memcache = new Memcache; - * if ($memcache->connect('localhost', 11211)) { - * Minify::setCache(new Minify_Cache_Memcache($memcache)); - * } else { - * Minify::setCache(); - * } - * - **/ -class Minify_Cache_Memcache { - - /** - * Create a Minify_Cache_Memcache object, to be passed to - * Minify::setCache(). - * - * @param Memcache $memcache already-connected instance - * - * @param int $expire seconds until expiration (default = 0 - * meaning the item will not get an expiration date) - * - * @return null - */ - public function __construct($memcache, $expire = 0) - { - $this->_mc = $memcache; - $this->_exp = $expire; - } - - /** - * Write data to cache. - * - * @param string $id cache id - * - * @param string $data - * - * @return bool success - */ - public function store($id, $data) - { - return $this->_mc->set($id, "{$_SERVER['REQUEST_TIME']}|{$data}", 0, $this->_exp); - } - - - /** - * Get the size of a cache entry - * - * @param string $id cache id - * - * @return int size in bytes - */ - public function getSize($id) - { - return $this->_fetch($id) - ? strlen($this->_data) - : false; - } - - /** - * Does a valid cache entry exist? - * - * @param string $id cache id - * - * @param int $srcMtime mtime of the original source file(s) - * - * @return bool exists - */ - public function isValid($id, $srcMtime) - { - return ($this->_fetch($id) && ($this->_lm >= $srcMtime)); - } - - /** - * Send the cached content to output - * - * @param string $id cache id - */ - public function display($id) - { - echo $this->_fetch($id) - ? $this->_data - : ''; - } - - /** - * Fetch the cached content - * - * @param string $id cache id - * - * @return string - */ - public function fetch($id) - { - return $this->_fetch($id) - ? $this->_data - : ''; - } - - private $_mc = null; - private $_exp = null; - - // cache of most recently fetched id - private $_lm = null; - private $_data = null; - private $_id = null; - - /** - * Fetch data and timestamp from memcache, store in instance - * - * @param string $id - * - * @return bool success - */ - private function _fetch($id) - { - if ($this->_id === $id) { - return true; - } - $ret = $this->_mc->get($id); - if (false === $ret) { - $this->_id = null; - return false; - } - list($this->_lm, $this->_data) = explode('|', $ret, 2); - $this->_id = $id; - return true; - } -} diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/CommentPreserver.php b/plugins/Minify/extlib/minify/min/lib/Minify/CommentPreserver.php deleted file mode 100644 index f56eb3461c..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/CommentPreserver.php +++ /dev/null @@ -1,90 +0,0 @@ - - */ -class Minify_CommentPreserver { - - /** - * String to be prepended to each preserved comment - * - * @var string - */ - public static $prepend = "\n"; - - /** - * String to be appended to each preserved comment - * - * @var string - */ - public static $append = "\n"; - - /** - * Process a string outside of C-style comments that begin with "/*!" - * - * On each non-empty string outside these comments, the given processor - * function will be called. The first "!" will be removed from the - * preserved comments, and the comments will be surrounded by - * Minify_CommentPreserver::$preprend and Minify_CommentPreserver::$append. - * - * @param string $content - * @param callback $processor function - * @param array $args array of extra arguments to pass to the processor - * function (default = array()) - * @return string - */ - public static function process($content, $processor, $args = array()) - { - $ret = ''; - while (true) { - list($beforeComment, $comment, $afterComment) = self::_nextComment($content); - if ('' !== $beforeComment) { - $callArgs = $args; - array_unshift($callArgs, $beforeComment); - $ret .= call_user_func_array($processor, $callArgs); - } - if (false === $comment) { - break; - } - $ret .= $comment; - $content = $afterComment; - } - return $ret; - } - - /** - * Extract comments that YUI Compressor preserves. - * - * @param string $in input - * - * @return array 3 elements are returned. If a YUI comment is found, the - * 2nd element is the comment and the 1st and 2nd are the surrounding - * strings. If no comment is found, the entire string is returned as the - * 1st element and the other two are false. - */ - private static function _nextComment($in) - { - if ( - false === ($start = strpos($in, '/*!')) - || false === ($end = strpos($in, '*/', $start + 3)) - ) { - return array($in, false, false); - } - $ret = array( - substr($in, 0, $start) - ,self::$prepend . '/*' . substr($in, $start + 3, $end - $start - 1) . self::$append - ); - $endChars = (strlen($in) - $end - 2); - $ret[] = (0 === $endChars) - ? '' - : substr($in, -$endChars); - return $ret; - } -} diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/Controller/Base.php b/plugins/Minify/extlib/minify/min/lib/Minify/Controller/Base.php deleted file mode 100644 index 84889b3f0c..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/Controller/Base.php +++ /dev/null @@ -1,202 +0,0 @@ - - */ -abstract class Minify_Controller_Base { - - /** - * Setup controller sources and set an needed options for Minify::source - * - * You must override this method in your subclass controller to set - * $this->sources. If the request is NOT valid, make sure $this->sources - * is left an empty array. Then strip any controller-specific options from - * $options and return it. To serve files, $this->sources must be an array of - * Minify_Source objects. - * - * @param array $options controller and Minify options - * - * return array $options Minify::serve options - */ - abstract public function setupSources($options); - - /** - * Get default Minify options for this controller. - * - * Override in subclass to change defaults - * - * @return array options for Minify - */ - public function getDefaultMinifyOptions() { - return array( - 'isPublic' => true - ,'encodeOutput' => function_exists('gzdeflate') - ,'encodeMethod' => null // determine later - ,'encodeLevel' => 9 - ,'minifierOptions' => array() // no minifier options - ,'contentTypeCharset' => 'utf-8' - ,'maxAge' => 1800 // 30 minutes - ,'rewriteCssUris' => true - ,'bubbleCssImports' => false - ,'quiet' => false // serve() will send headers and output - ,'debug' => false - - // if you override this, the response code MUST be directly after - // the first space. - ,'badRequestHeader' => 'HTTP/1.0 400 Bad Request' - - // callback function to see/modify content of all sources - ,'postprocessor' => null - // file to require to load preprocessor - ,'postprocessorRequire' => null - ); - } - - /** - * Get default minifiers for this controller. - * - * Override in subclass to change defaults - * - * @return array minifier callbacks for common types - */ - public function getDefaultMinifers() { - $ret[Minify::TYPE_JS] = array('JSMin', 'minify'); - $ret[Minify::TYPE_CSS] = array('Minify_CSS', 'minify'); - $ret[Minify::TYPE_HTML] = array('Minify_HTML', 'minify'); - return $ret; - } - - /** - * Load any code necessary to execute the given minifier callback. - * - * The controller is responsible for loading minification code on demand - * via this method. This built-in function will only load classes for - * static method callbacks where the class isn't already defined. It uses - * the PEAR convention, so, given array('Jimmy_Minifier', 'minCss'), this - * function will include 'Jimmy/Minifier.php'. - * - * If you need code loaded on demand and this doesn't suit you, you'll need - * to override this function in your subclass. - * @see Minify_Controller_Page::loadMinifier() - * - * @param callback $minifierCallback callback of minifier function - * - * @return null - */ - public function loadMinifier($minifierCallback) - { - if (is_array($minifierCallback) - && is_string($minifierCallback[0]) - && !class_exists($minifierCallback[0], false)) { - - require str_replace('_', '/', $minifierCallback[0]) . '.php'; - } - } - - /** - * Is a user-given file within an allowable directory, existing, - * and having an extension js/css/html/txt ? - * - * This is a convenience function for controllers that have to accept - * user-given paths - * - * @param string $file full file path (already processed by realpath()) - * - * @param array $safeDirs directories where files are safe to serve. Files can also - * be in subdirectories of these directories. - * - * @return bool file is safe - */ - public static function _fileIsSafe($file, $safeDirs) - { - $pathOk = false; - foreach ((array)$safeDirs as $safeDir) { - if (strpos($file, $safeDir) === 0) { - $pathOk = true; - break; - } - } - $base = basename($file); - if (! $pathOk || ! is_file($file) || $base[0] === '.') { - return false; - } - list($revExt) = explode('.', strrev($base)); - return in_array(strrev($revExt), array('js', 'css', 'html', 'txt')); - } - - /** - * @var array instances of Minify_Source, which provide content and - * any individual minification needs. - * - * @see Minify_Source - */ - public $sources = array(); - - /** - * Mix in default controller options with user-given options - * - * @param array $options user options - * - * @return array mixed options - */ - public final function mixInDefaultOptions($options) - { - $ret = array_merge( - $this->getDefaultMinifyOptions(), $options - ); - if (! isset($options['minifiers'])) { - $options['minifiers'] = array(); - } - $ret['minifiers'] = array_merge( - $this->getDefaultMinifers(), $options['minifiers'] - ); - return $ret; - } - - /** - * Analyze sources (if there are any) and set $options 'contentType' - * and 'lastModifiedTime' if they already aren't. - * - * @param array $options options for Minify - * - * @return array options for Minify - */ - public final function analyzeSources($options = array()) - { - if ($this->sources) { - if (! isset($options['contentType'])) { - $options['contentType'] = Minify_Source::getContentType($this->sources); - } - // last modified is needed for caching, even if setExpires is set - if (! isset($options['lastModifiedTime'])) { - $max = 0; - foreach ($this->sources as $source) { - $max = max($source->lastModified, $max); - } - $options['lastModifiedTime'] = $max; - } - } - return $options; - } - - /** - * Send message to the Minify logger - * @param string $msg - * @return null - */ - protected function log($msg) { - require_once 'Minify/Logger.php'; - Minify_Logger::log($msg); - } -} diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/Controller/Files.php b/plugins/Minify/extlib/minify/min/lib/Minify/Controller/Files.php deleted file mode 100644 index 83f028adf7..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/Controller/Files.php +++ /dev/null @@ -1,78 +0,0 @@ - - * Minify::serve('Files', array( - * 'files' => array( - * '//js/jquery.js' - * ,'//js/plugins.js' - * ,'/home/username/file.js' - * ) - * )); - * - * - * As a shortcut, the controller will replace "//" at the beginning - * of a filename with $_SERVER['DOCUMENT_ROOT'] . '/'. - * - * @package Minify - * @author Stephen Clay - */ -class Minify_Controller_Files extends Minify_Controller_Base { - - /** - * Set up file sources - * - * @param array $options controller and Minify options - * @return array Minify options - * - * Controller options: - * - * 'files': (required) array of complete file paths, or a single path - */ - public function setupSources($options) { - // strip controller options - - $files = $options['files']; - // if $files is a single object, casting will break it - if (is_object($files)) { - $files = array($files); - } elseif (! is_array($files)) { - $files = (array)$files; - } - unset($options['files']); - - $sources = array(); - foreach ($files as $file) { - if ($file instanceof Minify_Source) { - $sources[] = $file; - continue; - } - if (0 === strpos($file, '//')) { - $file = $_SERVER['DOCUMENT_ROOT'] . substr($file, 1); - } - $realPath = realpath($file); - if (is_file($realPath)) { - $sources[] = new Minify_Source(array( - 'filepath' => $realPath - )); - } else { - $this->log("The path \"{$file}\" could not be found (or was not a file)"); - return $options; - } - } - if ($sources) { - $this->sources = $sources; - } - return $options; - } -} - diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/Controller/Groups.php b/plugins/Minify/extlib/minify/min/lib/Minify/Controller/Groups.php deleted file mode 100644 index 1ac57703ad..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/Controller/Groups.php +++ /dev/null @@ -1,94 +0,0 @@ - - * Minify::serve('Groups', array( - * 'groups' => array( - * 'css' => array('//css/type.css', '//css/layout.css') - * ,'js' => array('//js/jquery.js', '//js/site.js') - * ) - * )); - * - * - * If the above code were placed in /serve.php, it would enable the URLs - * /serve.php/js and /serve.php/css - * - * As a shortcut, the controller will replace "//" at the beginning - * of a filename with $_SERVER['DOCUMENT_ROOT'] . '/'. - * - * @package Minify - * @author Stephen Clay - */ -class Minify_Controller_Groups extends Minify_Controller_Base { - - /** - * Set up groups of files as sources - * - * @param array $options controller and Minify options - * @return array Minify options - * - * Controller options: - * - * 'groups': (required) array mapping PATH_INFO strings to arrays - * of complete file paths. @see Minify_Controller_Groups - */ - public function setupSources($options) { - // strip controller options - $groups = $options['groups']; - unset($options['groups']); - - // mod_fcgid places PATH_INFO in ORIG_PATH_INFO - $pi = isset($_SERVER['ORIG_PATH_INFO']) - ? substr($_SERVER['ORIG_PATH_INFO'], 1) - : (isset($_SERVER['PATH_INFO']) - ? substr($_SERVER['PATH_INFO'], 1) - : false - ); - if (false === $pi || ! isset($groups[$pi])) { - // no PATH_INFO or not a valid group - $this->log("Missing PATH_INFO or no group set for \"$pi\""); - return $options; - } - $sources = array(); - - $files = $groups[$pi]; - // if $files is a single object, casting will break it - if (is_object($files)) { - $files = array($files); - } elseif (! is_array($files)) { - $files = (array)$files; - } - foreach ($files as $file) { - if ($file instanceof Minify_Source) { - $sources[] = $file; - continue; - } - if (0 === strpos($file, '//')) { - $file = $_SERVER['DOCUMENT_ROOT'] . substr($file, 1); - } - $realPath = realpath($file); - if (is_file($realPath)) { - $sources[] = new Minify_Source(array( - 'filepath' => $realPath - )); - } else { - $this->log("The path \"{$file}\" could not be found (or was not a file)"); - return $options; - } - } - if ($sources) { - $this->sources = $sources; - } - return $options; - } -} - diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/Controller/MinApp.php b/plugins/Minify/extlib/minify/min/lib/Minify/Controller/MinApp.php deleted file mode 100644 index 9582d292ca..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/Controller/MinApp.php +++ /dev/null @@ -1,132 +0,0 @@ - - */ -class Minify_Controller_MinApp extends Minify_Controller_Base { - - /** - * Set up groups of files as sources - * - * @param array $options controller and Minify options - * @return array Minify options - * - */ - public function setupSources($options) { - // filter controller options - $cOptions = array_merge( - array( - 'allowDirs' => '//' - ,'groupsOnly' => false - ,'groups' => array() - ,'maxFiles' => 10 - ) - ,(isset($options['minApp']) ? $options['minApp'] : array()) - ); - unset($options['minApp']); - $sources = array(); - if (isset($_GET['g'])) { - // try groups - if (! isset($cOptions['groups'][$_GET['g']])) { - $this->log("A group configuration for \"{$_GET['g']}\" was not set"); - return $options; - } - - $files = $cOptions['groups'][$_GET['g']]; - // if $files is a single object, casting will break it - if (is_object($files)) { - $files = array($files); - } elseif (! is_array($files)) { - $files = (array)$files; - } - foreach ($files as $file) { - if ($file instanceof Minify_Source) { - $sources[] = $file; - continue; - } - if (0 === strpos($file, '//')) { - $file = $_SERVER['DOCUMENT_ROOT'] . substr($file, 1); - } - $file = realpath($file); - if (is_file($file)) { - $sources[] = new Minify_Source(array( - 'filepath' => $file - )); - } else { - $this->log("The path \"{$file}\" could not be found (or was not a file)"); - return $options; - } - } - } elseif (! $cOptions['groupsOnly'] && isset($_GET['f'])) { - // try user files - // The following restrictions are to limit the URLs that minify will - // respond to. Ideally there should be only one way to reference a file. - if (// verify at least one file, files are single comma separated, - // and are all same extension - ! preg_match('/^[^,]+\\.(css|js)(?:,[^,]+\\.\\1)*$/', $_GET['f']) - // no "//" - || strpos($_GET['f'], '//') !== false - // no "\" - || strpos($_GET['f'], '\\') !== false - // no "./" - || preg_match('/(?:^|[^\\.])\\.\\//', $_GET['f']) - ) { - $this->log("GET param 'f' invalid (see MinApp.php line 63)"); - return $options; - } - $files = explode(',', $_GET['f']); - if (count($files) > $cOptions['maxFiles'] || $files != array_unique($files)) { - $this->log("Too many or duplicate files specified"); - return $options; - } - if (isset($_GET['b'])) { - // check for validity - if (preg_match('@^[^/]+(?:/[^/]+)*$@', $_GET['b']) - && false === strpos($_GET['b'], '..') - && $_GET['b'] !== '.') { - // valid base - $base = "/{$_GET['b']}/"; - } else { - $this->log("GET param 'b' invalid (see MinApp.php line 84)"); - return $options; - } - } else { - $base = '/'; - } - $allowDirs = array(); - foreach ((array)$cOptions['allowDirs'] as $allowDir) { - $allowDirs[] = realpath(str_replace('//', $_SERVER['DOCUMENT_ROOT'] . '/', $allowDir)); - } - foreach ($files as $file) { - $path = $_SERVER['DOCUMENT_ROOT'] . $base . $file; - $file = realpath($path); - if (false === $file) { - $this->log("Path \"{$path}\" failed realpath()"); - return $options; - } elseif (! parent::_fileIsSafe($file, $allowDirs)) { - $this->log("Path \"{$path}\" failed Minify_Controller_Base::_fileIsSafe()"); - return $options; - } else { - $sources[] = new Minify_Source(array( - 'filepath' => $file - )); - } - } - } - if ($sources) { - $this->sources = $sources; - } else { - $this->log("No sources to serve"); - } - return $options; - } -} diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/Controller/Page.php b/plugins/Minify/extlib/minify/min/lib/Minify/Controller/Page.php deleted file mode 100644 index fa4599abd9..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/Controller/Page.php +++ /dev/null @@ -1,82 +0,0 @@ - - */ -class Minify_Controller_Page extends Minify_Controller_Base { - - /** - * Set up source of HTML content - * - * @param array $options controller and Minify options - * @return array Minify options - * - * Controller options: - * - * 'content': (required) HTML markup - * - * 'id': (required) id of page (string for use in server-side caching) - * - * 'lastModifiedTime': timestamp of when this content changed. This - * is recommended to allow both server and client-side caching. - * - * 'minifyAll': should all CSS and Javascript blocks be individually - * minified? (default false) - * - * @todo Add 'file' option to read HTML file. - */ - public function setupSources($options) { - if (isset($options['file'])) { - $sourceSpec = array( - 'filepath' => $options['file'] - ); - } else { - // strip controller options - $sourceSpec = array( - 'content' => $options['content'] - ,'id' => $options['id'] - ); - unset($options['content'], $options['id']); - } - if (isset($options['minifyAll'])) { - // this will be the 2nd argument passed to Minify_HTML::minify() - $sourceSpec['minifyOptions'] = array( - 'cssMinifier' => array('Minify_CSS', 'minify') - ,'jsMinifier' => array('JSMin', 'minify') - ); - $this->_loadCssJsMinifiers = true; - unset($options['minifyAll']); - } - $this->sources[] = new Minify_Source($sourceSpec); - - $options['contentType'] = Minify::TYPE_HTML; - return $options; - } - - protected $_loadCssJsMinifiers = false; - - /** - * @see Minify_Controller_Base::loadMinifier() - */ - public function loadMinifier($minifierCallback) - { - if ($this->_loadCssJsMinifiers) { - // Minify will not call for these so we must manually load - // them when Minify/HTML.php is called for. - require_once 'Minify/CSS.php'; - require_once 'JSMin.php'; - } - parent::loadMinifier($minifierCallback); // load Minify/HTML.php - } -} - diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/Controller/Version1.php b/plugins/Minify/extlib/minify/min/lib/Minify/Controller/Version1.php deleted file mode 100644 index 1861aabc11..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/Controller/Version1.php +++ /dev/null @@ -1,118 +0,0 @@ - - * Minify::serve('Version1'); - * - * - * @package Minify - * @author Stephen Clay - */ -class Minify_Controller_Version1 extends Minify_Controller_Base { - - /** - * Set up groups of files as sources - * - * @param array $options controller and Minify options - * @return array Minify options - * - */ - public function setupSources($options) { - self::_setupDefines(); - if (MINIFY_USE_CACHE) { - $cacheDir = defined('MINIFY_CACHE_DIR') - ? MINIFY_CACHE_DIR - : ''; - Minify::setCache($cacheDir); - } - $options['badRequestHeader'] = 'HTTP/1.0 404 Not Found'; - $options['contentTypeCharset'] = MINIFY_ENCODING; - - // The following restrictions are to limit the URLs that minify will - // respond to. Ideally there should be only one way to reference a file. - if (! isset($_GET['files']) - // verify at least one file, files are single comma separated, - // and are all same extension - || ! preg_match('/^[^,]+\\.(css|js)(,[^,]+\\.\\1)*$/', $_GET['files'], $m) - // no "//" (makes URL rewriting easier) - || strpos($_GET['files'], '//') !== false - // no "\" - || strpos($_GET['files'], '\\') !== false - // no "./" - || preg_match('/(?:^|[^\\.])\\.\\//', $_GET['files']) - ) { - return $options; - } - $extension = $m[1]; - - $files = explode(',', $_GET['files']); - if (count($files) > MINIFY_MAX_FILES) { - return $options; - } - - // strings for prepending to relative/absolute paths - $prependRelPaths = dirname($_SERVER['SCRIPT_FILENAME']) - . DIRECTORY_SEPARATOR; - $prependAbsPaths = $_SERVER['DOCUMENT_ROOT']; - - $sources = array(); - $goodFiles = array(); - $hasBadSource = false; - - $allowDirs = isset($options['allowDirs']) - ? $options['allowDirs'] - : MINIFY_BASE_DIR; - - foreach ($files as $file) { - // prepend appropriate string for abs/rel paths - $file = ($file[0] === '/' ? $prependAbsPaths : $prependRelPaths) . $file; - // make sure a real file! - $file = realpath($file); - // don't allow unsafe or duplicate files - if (parent::_fileIsSafe($file, $allowDirs) - && !in_array($file, $goodFiles)) - { - $goodFiles[] = $file; - $srcOptions = array( - 'filepath' => $file - ); - $this->sources[] = new Minify_Source($srcOptions); - } else { - $hasBadSource = true; - break; - } - } - if ($hasBadSource) { - $this->sources = array(); - } - if (! MINIFY_REWRITE_CSS_URLS) { - $options['rewriteCssUris'] = false; - } - return $options; - } - - private static function _setupDefines() - { - $defaults = array( - 'MINIFY_BASE_DIR' => realpath($_SERVER['DOCUMENT_ROOT']) - ,'MINIFY_ENCODING' => 'utf-8' - ,'MINIFY_MAX_FILES' => 16 - ,'MINIFY_REWRITE_CSS_URLS' => true - ,'MINIFY_USE_CACHE' => true - ); - foreach ($defaults as $const => $val) { - if (! defined($const)) { - define($const, $val); - } - } - } -} - diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/HTML.php b/plugins/Minify/extlib/minify/min/lib/Minify/HTML.php deleted file mode 100644 index fb5c1e9829..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/HTML.php +++ /dev/null @@ -1,245 +0,0 @@ - - */ -class Minify_HTML { - - /** - * "Minify" an HTML page - * - * @param string $html - * - * @param array $options - * - * 'cssMinifier' : (optional) callback function to process content of STYLE - * elements. - * - * 'jsMinifier' : (optional) callback function to process content of SCRIPT - * elements. Note: the type attribute is ignored. - * - * 'xhtml' : (optional boolean) should content be treated as XHTML1.0? If - * unset, minify will sniff for an XHTML doctype. - * - * @return string - */ - public static function minify($html, $options = array()) { - $min = new Minify_HTML($html, $options); - return $min->process(); - } - - - /** - * Create a minifier object - * - * @param string $html - * - * @param array $options - * - * 'cssMinifier' : (optional) callback function to process content of STYLE - * elements. - * - * 'jsMinifier' : (optional) callback function to process content of SCRIPT - * elements. Note: the type attribute is ignored. - * - * 'xhtml' : (optional boolean) should content be treated as XHTML1.0? If - * unset, minify will sniff for an XHTML doctype. - * - * @return null - */ - public function __construct($html, $options = array()) - { - $this->_html = str_replace("\r\n", "\n", trim($html)); - if (isset($options['xhtml'])) { - $this->_isXhtml = (bool)$options['xhtml']; - } - if (isset($options['cssMinifier'])) { - $this->_cssMinifier = $options['cssMinifier']; - } - if (isset($options['jsMinifier'])) { - $this->_jsMinifier = $options['jsMinifier']; - } - } - - - /** - * Minify the markeup given in the constructor - * - * @return string - */ - public function process() - { - if ($this->_isXhtml === null) { - $this->_isXhtml = (false !== strpos($this->_html, '_replacementHash = 'MINIFYHTML' . md5($_SERVER['REQUEST_TIME']); - $this->_placeholders = array(); - - // replace SCRIPTs (and minify) with placeholders - $this->_html = preg_replace_callback( - '/(\\s*)(]*?>)([\\s\\S]*?)<\\/script>(\\s*)/i' - ,array($this, '_removeScriptCB') - ,$this->_html); - - // replace STYLEs (and minify) with placeholders - $this->_html = preg_replace_callback( - '/\\s*(]*?>)([\\s\\S]*?)<\\/style>\\s*/i' - ,array($this, '_removeStyleCB') - ,$this->_html); - - // remove HTML comments (not containing IE conditional comments). - $this->_html = preg_replace_callback( - '//' - ,array($this, '_commentCB') - ,$this->_html); - - // replace PREs with placeholders - $this->_html = preg_replace_callback('/\\s*(]*?>[\\s\\S]*?<\\/pre>)\\s*/i' - ,array($this, '_removePreCB') - ,$this->_html); - - // replace TEXTAREAs with placeholders - $this->_html = preg_replace_callback( - '/\\s*(]*?>[\\s\\S]*?<\\/textarea>)\\s*/i' - ,array($this, '_removeTextareaCB') - ,$this->_html); - - // trim each line. - // @todo take into account attribute values that span multiple lines. - $this->_html = preg_replace('/^\\s+|\\s+$/m', '', $this->_html); - - // remove ws around block/undisplayed elements - $this->_html = preg_replace('/\\s+(<\\/?(?:area|base(?:font)?|blockquote|body' - .'|caption|center|cite|col(?:group)?|dd|dir|div|dl|dt|fieldset|form' - .'|frame(?:set)?|h[1-6]|head|hr|html|legend|li|link|map|menu|meta' - .'|ol|opt(?:group|ion)|p|param|t(?:able|body|head|d|h||r|foot|itle)' - .'|ul)\\b[^>]*>)/i', '$1', $this->_html); - - // remove ws outside of all elements - $this->_html = preg_replace_callback( - '/>([^<]+)_html); - - // use newlines before 1st attribute in open tags (to limit line lengths) - $this->_html = preg_replace('/(<[a-z\\-]+)\\s+([^>]+>)/i', "$1\n$2", $this->_html); - - // fill placeholders - $this->_html = str_replace( - array_keys($this->_placeholders) - ,array_values($this->_placeholders) - ,$this->_html - ); - return $this->_html; - } - - protected function _commentCB($m) - { - return (0 === strpos($m[1], '[') || false !== strpos($m[1], '_replacementHash . count($this->_placeholders) . '%'; - $this->_placeholders[$placeholder] = $content; - return $placeholder; - } - - protected $_isXhtml = null; - protected $_replacementHash = null; - protected $_placeholders = array(); - protected $_cssMinifier = null; - protected $_jsMinifier = null; - - protected function _outsideTagCB($m) - { - return '>' . preg_replace('/^\\s+|\\s+$/', ' ', $m[1]) . '<'; - } - - protected function _removePreCB($m) - { - return $this->_reservePlace($m[1]); - } - - protected function _removeTextareaCB($m) - { - return $this->_reservePlace($m[1]); - } - - protected function _removeStyleCB($m) - { - $openStyle = $m[1]; - $css = $m[2]; - // remove HTML comments - $css = preg_replace('/(?:^\\s*\\s*$)/', '', $css); - - // remove CDATA section markers - $css = $this->_removeCdata($css); - - // minify - $minifier = $this->_cssMinifier - ? $this->_cssMinifier - : 'trim'; - $css = call_user_func($minifier, $css); - - return $this->_reservePlace($this->_needsCdata($css) - ? "{$openStyle}/**/" - : "{$openStyle}{$css}" - ); - } - - protected function _removeScriptCB($m) - { - $openScript = $m[2]; - $js = $m[3]; - - // whitespace surrounding? preserve at least one space - $ws1 = ($m[1] === '') ? '' : ' '; - $ws2 = ($m[4] === '') ? '' : ' '; - - // remove HTML comments (and ending "//" if present) - $js = preg_replace('/(?:^\\s*\\s*$)/', '', $js); - - // remove CDATA section markers - $js = $this->_removeCdata($js); - - // minify - $minifier = $this->_jsMinifier - ? $this->_jsMinifier - : 'trim'; - $js = call_user_func($minifier, $js); - - return $this->_reservePlace($this->_needsCdata($js) - ? "{$ws1}{$openScript}/**/{$ws2}" - : "{$ws1}{$openScript}{$js}{$ws2}" - ); - } - - protected function _removeCdata($str) - { - return (false !== strpos($str, ''), '', $str) - : $str; - } - - protected function _needsCdata($str) - { - return ($this->_isXhtml && preg_match('/(?:[<&]|\\-\\-|\\]\\]>)/', $str)); - } -} diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/ImportProcessor.php b/plugins/Minify/extlib/minify/min/lib/Minify/ImportProcessor.php deleted file mode 100644 index 0d6d90a816..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/ImportProcessor.php +++ /dev/null @@ -1,157 +0,0 @@ - - */ -class Minify_ImportProcessor { - - public static $filesIncluded = array(); - - public static function process($file) - { - self::$filesIncluded = array(); - self::$_isCss = (strtolower(substr($file, -4)) === '.css'); - $obj = new Minify_ImportProcessor(dirname($file)); - return $obj->_getContent($file); - } - - // allows callback funcs to know the current directory - private $_currentDir = null; - - // allows _importCB to write the fetched content back to the obj - private $_importedContent = ''; - - private static $_isCss = null; - - private function __construct($currentDir) - { - $this->_currentDir = $currentDir; - } - - private function _getContent($file) - { - $file = realpath($file); - if (! $file - || in_array($file, self::$filesIncluded) - || false === ($content = @file_get_contents($file)) - ) { - // file missing, already included, or failed read - return ''; - } - self::$filesIncluded[] = realpath($file); - $this->_currentDir = dirname($file); - - // remove UTF-8 BOM if present - if (pack("CCC",0xef,0xbb,0xbf) === substr($content, 0, 3)) { - $content = substr($content, 3); - } - // ensure uniform EOLs - $content = str_replace("\r\n", "\n", $content); - - // process @imports - $content = preg_replace_callback( - '/ - @import\\s+ - (?:url\\(\\s*)? # maybe url( - [\'"]? # maybe quote - (.*?) # 1 = URI - [\'"]? # maybe end quote - (?:\\s*\\))? # maybe ) - ([a-zA-Z,\\s]*)? # 2 = media list - ; # end token - /x' - ,array($this, '_importCB') - ,$content - ); - - if (self::$_isCss) { - // rewrite remaining relative URIs - $content = preg_replace_callback( - '/url\\(\\s*([^\\)\\s]+)\\s*\\)/' - ,array($this, '_urlCB') - ,$content - ); - } - - return $this->_importedContent . $content; - } - - private function _importCB($m) - { - $url = $m[1]; - $mediaList = preg_replace('/\\s+/', '', $m[2]); - - if (strpos($url, '://') > 0) { - // protocol, leave in place for CSS, comment for JS - return self::$_isCss - ? $m[0] - : "/* Minify_ImportProcessor will not include remote content */"; - } - if ('/' === $url[0]) { - // protocol-relative or root path - $url = ltrim($url, '/'); - $file = realpath($_SERVER['DOCUMENT_ROOT']) . DIRECTORY_SEPARATOR - . strtr($url, '/', DIRECTORY_SEPARATOR); - } else { - // relative to current path - $file = $this->_currentDir . DIRECTORY_SEPARATOR - . strtr($url, '/', DIRECTORY_SEPARATOR); - } - $obj = new Minify_ImportProcessor(dirname($file)); - $content = $obj->_getContent($file); - if ('' === $content) { - // failed. leave in place for CSS, comment for JS - return self::$_isCss - ? $m[0] - : "/* Minify_ImportProcessor could not fetch '{$file}' */";; - } - return (!self::$_isCss || preg_match('@(?:^$|\\ball\\b)@', $mediaList)) - ? $content - : "@media {$mediaList} {\n{$content}\n}\n"; - } - - private function _urlCB($m) - { - // $m[1] is either quoted or not - $quote = ($m[1][0] === "'" || $m[1][0] === '"') - ? $m[1][0] - : ''; - $url = ($quote === '') - ? $m[1] - : substr($m[1], 1, strlen($m[1]) - 2); - if ('/' !== $url[0]) { - if (strpos($url, '//') > 0) { - // probably starts with protocol, do not alter - } else { - // prepend path with current dir separator (OS-independent) - $path = $this->_currentDir - . DIRECTORY_SEPARATOR . strtr($url, '/', DIRECTORY_SEPARATOR); - // strip doc root - $path = substr($path, strlen(realpath($_SERVER['DOCUMENT_ROOT']))); - // fix to absolute URL - $url = strtr($path, '/\\', '//'); - // remove /./ and /../ where possible - $url = str_replace('/./', '/', $url); - // inspired by patch from Oleg Cherniy - do { - $url = preg_replace('@/[^/]+/\\.\\./@', '/', $url, 1, $changed); - } while ($changed); - } - } - return "url({$quote}{$url}{$quote})"; - } -} diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/Lines.php b/plugins/Minify/extlib/minify/min/lib/Minify/Lines.php deleted file mode 100644 index 6f94fb63c4..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/Lines.php +++ /dev/null @@ -1,131 +0,0 @@ - - * @author Adam Pedersen (Issue 55 fix) - */ -class Minify_Lines { - - /** - * Add line numbers in C-style comments - * - * This uses a very basic parser easily fooled by comment tokens inside - * strings or regexes, but, otherwise, generally clean code will not be - * mangled. URI rewriting can also be performed. - * - * @param string $content - * - * @param array $options available options: - * - * 'id': (optional) string to identify file. E.g. file name/path - * - * 'currentDir': (default null) if given, this is assumed to be the - * directory of the current CSS file. Using this, minify will rewrite - * all relative URIs in import/url declarations to correctly point to - * the desired files, and prepend a comment with debugging information about - * this process. - * - * @return string - */ - public static function minify($content, $options = array()) - { - $id = (isset($options['id']) && $options['id']) - ? $options['id'] - : ''; - $content = str_replace("\r\n", "\n", $content); - $lines = explode("\n", $content); - $numLines = count($lines); - // determine left padding - $padTo = strlen($numLines); - $inComment = false; - $i = 0; - $newLines = array(); - while (null !== ($line = array_shift($lines))) { - if (('' !== $id) && (0 == $i % 50)) { - array_push($newLines, '', "/* {$id} */", ''); - } - ++$i; - $newLines[] = self::_addNote($line, $i, $inComment, $padTo); - $inComment = self::_eolInComment($line, $inComment); - } - $content = implode("\n", $newLines) . "\n"; - - // check for desired URI rewriting - if (isset($options['currentDir'])) { - require_once 'Minify/CSS/UriRewriter.php'; - Minify_CSS_UriRewriter::$debugText = ''; - $content = Minify_CSS_UriRewriter::rewrite( - $content - ,$options['currentDir'] - ,isset($options['docRoot']) ? $options['docRoot'] : $_SERVER['DOCUMENT_ROOT'] - ,isset($options['symlinks']) ? $options['symlinks'] : array() - ); - $content = "/* Minify_CSS_UriRewriter::\$debugText\n\n" - . Minify_CSS_UriRewriter::$debugText . "*/\n" - . $content; - } - - return $content; - } - - /** - * Is the parser within a C-style comment at the end of this line? - * - * @param string $line current line of code - * - * @param bool $inComment was the parser in a comment at the - * beginning of the line? - * - * @return bool - */ - private static function _eolInComment($line, $inComment) - { - while (strlen($line)) { - $search = $inComment - ? '*/' - : '/*'; - $pos = strpos($line, $search); - if (false === $pos) { - return $inComment; - } else { - if ($pos == 0 - || ($inComment - ? substr($line, $pos, 3) - : substr($line, $pos-1, 3)) != '*/*') - { - $inComment = ! $inComment; - } - $line = substr($line, $pos + 2); - } - } - return $inComment; - } - - /** - * Prepend a comment (or note) to the given line - * - * @param string $line current line of code - * - * @param string $note content of note/comment - * - * @param bool $inComment was the parser in a comment at the - * beginning of the line? - * - * @param int $padTo minimum width of comment - * - * @return string - */ - private static function _addNote($line, $note, $inComment, $padTo) - { - return $inComment - ? '/* ' . str_pad($note, $padTo, ' ', STR_PAD_RIGHT) . ' *| ' . $line - : '/* ' . str_pad($note, $padTo, ' ', STR_PAD_RIGHT) . ' */ ' . $line; - } -} diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/Logger.php b/plugins/Minify/extlib/minify/min/lib/Minify/Logger.php deleted file mode 100644 index 7844eea356..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/Logger.php +++ /dev/null @@ -1,45 +0,0 @@ - - */ -class Minify_Logger { - - /** - * Set logger object. - * - * The object should have a method "log" that accepts a value as 1st argument and - * an optional string label as the 2nd. - * - * @param mixed $obj or a "falsey" value to disable - * @return null - */ - public static function setLogger($obj = null) { - self::$_logger = $obj - ? $obj - : null; - } - - /** - * Pass a message to the logger (if set) - * - * @param string $msg message to log - * @return null - */ - public static function log($msg, $label = 'Minify') { - if (! self::$_logger) return; - self::$_logger->log($msg, $label); - } - - /** - * @var mixed logger object (like FirePHP) or null (i.e. no logger available) - */ - private static $_logger = null; -} diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/Packer.php b/plugins/Minify/extlib/minify/min/lib/Minify/Packer.php deleted file mode 100644 index 949c3eef04..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/Packer.php +++ /dev/null @@ -1,37 +0,0 @@ -pack()); - } -} diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/Source.php b/plugins/Minify/extlib/minify/min/lib/Minify/Source.php deleted file mode 100644 index 5a85d10d0d..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/Source.php +++ /dev/null @@ -1,187 +0,0 @@ - - */ -class Minify_Source { - - /** - * @var int time of last modification - */ - public $lastModified = null; - - /** - * @var callback minifier function specifically for this source. - */ - public $minifier = null; - - /** - * @var array minification options specific to this source. - */ - public $minifyOptions = null; - - /** - * @var string full path of file - */ - public $filepath = null; - - /** - * @var string HTTP Content Type (Minify requires one of the constants Minify::TYPE_*) - */ - public $contentType = null; - - /** - * Create a Minify_Source - * - * In the $spec array(), you can either provide a 'filepath' to an existing - * file (existence will not be checked!) or give 'id' (unique string for - * the content), 'content' (the string content) and 'lastModified' - * (unixtime of last update). - * - * As a shortcut, the controller will replace "//" at the beginning - * of a filepath with $_SERVER['DOCUMENT_ROOT'] . '/'. - * - * @param array $spec options - */ - public function __construct($spec) - { - if (isset($spec['filepath'])) { - if (0 === strpos($spec['filepath'], '//')) { - $spec['filepath'] = $_SERVER['DOCUMENT_ROOT'] . substr($spec['filepath'], 1); - } - $segments = explode('.', $spec['filepath']); - $ext = strtolower(array_pop($segments)); - switch ($ext) { - case 'js' : $this->contentType = 'application/x-javascript'; - break; - case 'css' : $this->contentType = 'text/css'; - break; - case 'htm' : // fallthrough - case 'html' : $this->contentType = 'text/html'; - break; - } - $this->filepath = $spec['filepath']; - $this->_id = $spec['filepath']; - $this->lastModified = filemtime($spec['filepath']) - // offset for Windows uploaders with out of sync clocks - + round(Minify::$uploaderHoursBehind * 3600); - } elseif (isset($spec['id'])) { - $this->_id = 'id::' . $spec['id']; - if (isset($spec['content'])) { - $this->_content = $spec['content']; - } else { - $this->_getContentFunc = $spec['getContentFunc']; - } - $this->lastModified = isset($spec['lastModified']) - ? $spec['lastModified'] - : time(); - } - if (isset($spec['contentType'])) { - $this->contentType = $spec['contentType']; - } - if (isset($spec['minifier'])) { - $this->minifier = $spec['minifier']; - } - if (isset($spec['minifyOptions'])) { - $this->minifyOptions = $spec['minifyOptions']; - } - } - - /** - * Get content - * - * @return string - */ - public function getContent() - { - $content = (null !== $this->filepath) - ? file_get_contents($this->filepath) - : ((null !== $this->_content) - ? $this->_content - : call_user_func($this->_getContentFunc, $this->_id) - ); - // remove UTF-8 BOM if present - return (pack("CCC",0xef,0xbb,0xbf) === substr($content, 0, 3)) - ? substr($content, 3) - : $content; - } - - /** - * Get id - * - * @return string - */ - public function getId() - { - return $this->_id; - } - - /** - * Verifies a single minification call can handle all sources - * - * @param array $sources Minify_Source instances - * - * @return bool true iff there no sources with specific minifier preferences. - */ - public static function haveNoMinifyPrefs($sources) - { - foreach ($sources as $source) { - if (null !== $source->minifier - || null !== $source->minifyOptions) { - return false; - } - } - return true; - } - - /** - * Get unique string for a set of sources - * - * @param array $sources Minify_Source instances - * - * @return string - */ - public static function getDigest($sources) - { - foreach ($sources as $source) { - $info[] = array( - $source->_id, $source->minifier, $source->minifyOptions - ); - } - return md5(serialize($info)); - } - - /** - * Get content type from a group of sources - * - * This is called if the user doesn't pass in a 'contentType' options - * - * @param array $sources Minify_Source instances - * - * @return string content type. e.g. 'text/css' - */ - public static function getContentType($sources) - { - foreach ($sources as $source) { - if ($source->contentType !== null) { - return $source->contentType; - } - } - return 'text/plain'; - } - - protected $_content = null; - protected $_getContentFunc = null; - protected $_id = null; -} - diff --git a/plugins/Minify/extlib/minify/min/lib/Minify/YUICompressor.php b/plugins/Minify/extlib/minify/min/lib/Minify/YUICompressor.php deleted file mode 100644 index 7cb61adbec..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Minify/YUICompressor.php +++ /dev/null @@ -1,139 +0,0 @@ - - * Minify_YUICompressor::$jarFile = '/path/to/yuicompressor-2.3.5.jar'; - * Minify_YUICompressor::$tempDir = '/tmp'; - * $code = Minify_YUICompressor::minifyJs( - * $code - * ,array('nomunge' => true, 'line-break' => 1000) - * ); - * - * - * @todo unit tests, $options docs - * - * @package Minify - * @author Stephen Clay - */ -class Minify_YUICompressor { - - /** - * Filepath of the YUI Compressor jar file. This must be set before - * calling minifyJs() or minifyCss(). - * - * @var string - */ - public static $jarFile = null; - - /** - * Writable temp directory. This must be set before calling minifyJs() - * or minifyCss(). - * - * @var string - */ - public static $tempDir = null; - - /** - * Filepath of "java" executable (may be needed if not in shell's PATH) - * - * @var string - */ - public static $javaExecutable = 'java'; - - /** - * Minify a Javascript string - * - * @param string $js - * - * @param array $options (verbose is ignored) - * - * @see http://www.julienlecomte.net/yuicompressor/README - * - * @return string - */ - public static function minifyJs($js, $options = array()) - { - return self::_minify('js', $js, $options); - } - - /** - * Minify a CSS string - * - * @param string $css - * - * @param array $options (verbose is ignored) - * - * @see http://www.julienlecomte.net/yuicompressor/README - * - * @return string - */ - public static function minifyCss($css, $options = array()) - { - return self::_minify('css', $css, $options); - } - - private static function _minify($type, $content, $options) - { - self::_prepare(); - if (! ($tmpFile = tempnam(self::$tempDir, 'yuic_'))) { - throw new Exception('Minify_YUICompressor : could not create temp file.'); - } - file_put_contents($tmpFile, $content); - exec(self::_getCmd($options, $type, $tmpFile), $output); - unlink($tmpFile); - return implode("\n", $output); - } - - private static function _getCmd($userOptions, $type, $tmpFile) - { - $o = array_merge( - array( - 'charset' => '' - ,'line-break' => 5000 - ,'type' => $type - ,'nomunge' => false - ,'preserve-semi' => false - ,'disable-optimizations' => false - ) - ,$userOptions - ); - $cmd = self::$javaExecutable . ' -jar ' . escapeshellarg(self::$jarFile) - . " --type {$type}" - . (preg_match('/^[a-zA-Z\\-]+$/', $o['charset']) - ? " --charset {$o['charset']}" - : '') - . (is_numeric($o['line-break']) && $o['line-break'] >= 0 - ? ' --line-break ' . (int)$o['line-break'] - : ''); - if ($type === 'js') { - foreach (array('nomunge', 'preserve-semi', 'disable-optimizations') as $opt) { - $cmd .= $o[$opt] - ? " --{$opt}" - : ''; - } - } - return $cmd . ' ' . escapeshellarg($tmpFile); - } - - private static function _prepare() - { - if (! is_file(self::$jarFile) - || ! is_dir(self::$tempDir) - || ! is_writable(self::$tempDir) - ) { - throw new Exception('Minify_YUICompressor : $jarFile and $tempDir must be set.'); - } - } -} - diff --git a/plugins/Minify/extlib/minify/min/lib/Solar/Dir.php b/plugins/Minify/extlib/minify/min/lib/Solar/Dir.php deleted file mode 100644 index 37f7169624..0000000000 --- a/plugins/Minify/extlib/minify/min/lib/Solar/Dir.php +++ /dev/null @@ -1,199 +0,0 @@ - - * - * @license http://opensource.org/licenses/bsd-license.php BSD - * - * @version $Id: Dir.php 2926 2007-11-09 16:25:44Z pmjones $ - * - */ -class Solar_Dir { - - /** - * - * The OS-specific temporary directory location. - * - * @var string - * - */ - protected static $_tmp; - - /** - * - * Hack for [[php::is_dir() | ]] that checks the include_path. - * - * Use this to see if a directory exists anywhere in the include_path. - * - * {{code: php - * $dir = Solar_Dir::exists('path/to/dir') - * if ($dir) { - * $files = scandir($dir); - * } else { - * echo "Not found in the include-path."; - * } - * }} - * - * @param string $dir Check for this directory in the include_path. - * - * @return mixed If the directory exists in the include_path, returns the - * absolute path; if not, returns boolean false. - * - */ - public static function exists($dir) - { - // no file requested? - $dir = trim($dir); - if (! $dir) { - return false; - } - - // using an absolute path for the file? - // dual check for Unix '/' and Windows '\', - // or Windows drive letter and a ':'. - $abs = ($dir[0] == '/' || $dir[0] == '\\' || $dir[1] == ':'); - if ($abs && is_dir($dir)) { - return $dir; - } - - // using a relative path on the file - $path = explode(PATH_SEPARATOR, ini_get('include_path')); - foreach ($path as $base) { - // strip Unix '/' and Windows '\' - $target = rtrim($base, '\\/') . DIRECTORY_SEPARATOR . $dir; - if (is_dir($target)) { - return $target; - } - } - - // never found it - return false; - } - - /** - * - * "Fixes" a directory string for the operating system. - * - * Use slashes anywhere you need a directory separator. Then run the - * string through fixdir() and the slashes will be converted to the - * proper separator (for example '\' on Windows). - * - * Always adds a final trailing separator. - * - * @param string $dir The directory string to 'fix'. - * - * @return string The "fixed" directory string. - * - */ - public static function fix($dir) - { - $dir = str_replace('/', DIRECTORY_SEPARATOR, $dir); - return rtrim($dir, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR; - } - - /** - * - * Convenience method for dirname() and higher-level directories. - * - * @param string $file Get the dirname() of this file. - * - * @param int $up Move up in the directory structure this many - * times, default 0. - * - * @return string The dirname() of the file. - * - */ - public static function name($file, $up = 0) - { - $dir = dirname($file); - while ($up --) { - $dir = dirname($dir); - } - return $dir; - } - - /** - * - * Returns the OS-specific directory for temporary files. - * - * @param string $sub Add this subdirectory to the returned temporary - * directory name. - * - * @return string The temporary directory path. - * - */ - public static function tmp($sub = '') - { - // find the tmp dir if needed - if (! Solar_Dir::$_tmp) { - - // use the system if we can - if (function_exists('sys_get_temp_dir')) { - $tmp = sys_get_temp_dir(); - } else { - $tmp = Solar_Dir::_tmp(); - } - - // remove trailing separator and save - Solar_Dir::$_tmp = rtrim($tmp, DIRECTORY_SEPARATOR); - } - - // do we have a subdirectory request? - $sub = trim($sub); - if ($sub) { - // remove leading and trailing separators, and force exactly - // one trailing separator - $sub = trim($sub, DIRECTORY_SEPARATOR) - . DIRECTORY_SEPARATOR; - } - - return Solar_Dir::$_tmp . DIRECTORY_SEPARATOR . $sub; - } - - /** - * - * Returns the OS-specific temporary directory location. - * - * @return string The temp directory path. - * - */ - protected static function _tmp() - { - // non-Windows system? - if (strtolower(substr(PHP_OS, 0, 3)) != 'win') { - $tmp = empty($_ENV['TMPDIR']) ? getenv('TMPDIR') : $_ENV['TMPDIR']; - if ($tmp) { - return $tmp; - } else { - return '/tmp'; - } - } - - // Windows 'TEMP' - $tmp = empty($_ENV['TEMP']) ? getenv('TEMP') : $_ENV['TEMP']; - if ($tmp) { - return $tmp; - } - - // Windows 'TMP' - $tmp = empty($_ENV['TMP']) ? getenv('TMP') : $_ENV['TMP']; - if ($tmp) { - return $tmp; - } - - // Windows 'windir' - $tmp = empty($_ENV['windir']) ? getenv('windir') : $_ENV['windir']; - if ($tmp) { - return $tmp; - } - - // final fallback for Windows - return getenv('SystemRoot') . '\\temp'; - } -} \ No newline at end of file diff --git a/plugins/Minify/extlib/minify/min/utils.php b/plugins/Minify/extlib/minify/min/utils.php deleted file mode 100644 index c735941520..0000000000 --- a/plugins/Minify/extlib/minify/min/utils.php +++ /dev/null @@ -1,90 +0,0 @@ - - * - * - * - * - * If you do not want ampersands as HTML entities, set Minify_Build::$ampersand = "&" - * before using this function. - * - * @param string $group a key from groupsConfig.php - * @param boolean $forceAmpersand (default false) Set to true if the RewriteRule - * directives in .htaccess are functional. This will remove the "?" from URIs, making them - * more cacheable by proxies. - * @return string - */ -function Minify_groupUri($group, $forceAmpersand = false) -{ - $path = $forceAmpersand - ? "/g={$group}" - : "/?g={$group}"; - return _Minify_getBuild($group)->uri( - '/' . basename(dirname(__FILE__)) . $path - ,$forceAmpersand - ); -} - - -/** - * Get the last modification time of the source js/css files used by Minify to - * build the page. - * - * If you're caching the output of Minify_groupUri(), you'll want to rebuild - * the cache if it's older than this timestamp. - * - * - * // simplistic HTML cache system - * $file = '/path/to/cache/file'; - * if (! file_exists($file) || filemtime($file) < Minify_groupsMtime(array('js', 'css'))) { - * // (re)build cache - * $page = buildPage(); // this calls Minify_groupUri() for js and css - * file_put_contents($file, $page); - * echo $page; - * exit(); - * } - * readfile($file); - * - * - * @param array $groups an array of keys from groupsConfig.php - * @return int Unix timestamp of the latest modification - */ -function Minify_groupsMtime($groups) -{ - $max = 0; - foreach ((array)$groups as $group) { - $max = max($max, _Minify_getBuild($group)->lastModified); - } - return $max; -} - -/** - * @param string $group a key from groupsConfig.php - * @return Minify_Build - * @private - */ -function _Minify_getBuild($group) -{ - static $builds = array(); - static $gc = false; - if (false === $gc) { - $gc = (require dirname(__FILE__) . '/groupsConfig.php'); - } - if (! isset($builds[$group])) { - $builds[$group] = new Minify_Build($gc[$group]); - } - return $builds[$group]; -} diff --git a/plugins/Minify/locale/Minify.pot b/plugins/Minify/locale/Minify.pot deleted file mode 100644 index 1adbfbf4b2..0000000000 --- a/plugins/Minify/locale/Minify.pot +++ /dev/null @@ -1,40 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# FIRST AUTHOR , YEAR. -# -#, fuzzy -msgid "" -msgstr "" -"Project-Id-Version: PACKAGE VERSION\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-27 16:31+0100\n" -"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" -"Last-Translator: FULL NAME \n" -"Language-Team: LANGUAGE \n" -"Language: \n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=CHARSET\n" -"Content-Transfer-Encoding: 8bit\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/af/LC_MESSAGES/Minify.po b/plugins/Minify/locale/af/LC_MESSAGES/Minify.po deleted file mode 100644 index f90d7a8278..0000000000 --- a/plugins/Minify/locale/af/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Afrikaans (http://www.transifex.com/gnu-social/gnu-social/language/af/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: af\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/ar/LC_MESSAGES/Minify.po b/plugins/Minify/locale/ar/LC_MESSAGES/Minify.po deleted file mode 100644 index db8d5445b2..0000000000 --- a/plugins/Minify/locale/ar/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Arabic (http://www.transifex.com/gnu-social/gnu-social/language/ar/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: ar\n" -"Plural-Forms: nplurals=6; plural=n==0 ? 0 : n==1 ? 1 : n==2 ? 2 : n%100>=3 && n%100<=10 ? 3 : n%100>=11 && n%100<=99 ? 4 : 5;\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/arz/LC_MESSAGES/Minify.po b/plugins/Minify/locale/arz/LC_MESSAGES/Minify.po deleted file mode 100644 index b22526f40c..0000000000 --- a/plugins/Minify/locale/arz/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Arabic (Egypt) (http://www.transifex.com/gnu-social/gnu-social/language/ar_EG/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: ar_EG\n" -"Plural-Forms: nplurals=6; plural=n==0 ? 0 : n==1 ? 1 : n==2 ? 2 : n%100>=3 && n%100<=10 ? 3 : n%100>=11 && n%100<=99 ? 4 : 5;\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/ast/LC_MESSAGES/Minify.po b/plugins/Minify/locale/ast/LC_MESSAGES/Minify.po deleted file mode 100644 index b50fb92bcb..0000000000 --- a/plugins/Minify/locale/ast/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Asturian (http://www.transifex.com/gnu-social/gnu-social/language/ast/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: ast\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/be-tarask/LC_MESSAGES/Minify.po b/plugins/Minify/locale/be-tarask/LC_MESSAGES/Minify.po deleted file mode 100644 index 0a31ebacac..0000000000 --- a/plugins/Minify/locale/be-tarask/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Belarusian (Tarask) (http://www.transifex.com/gnu-social/gnu-social/language/be@tarask/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: be@tarask\n" -"Plural-Forms: nplurals=4; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<12 || n%100>14) ? 1 : n%10==0 || (n%10>=5 && n%10<=9) || (n%100>=11 && n%100<=14)? 2 : 3);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/bg/LC_MESSAGES/Minify.po b/plugins/Minify/locale/bg/LC_MESSAGES/Minify.po deleted file mode 100644 index 5119c5d51f..0000000000 --- a/plugins/Minify/locale/bg/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Bulgarian (http://www.transifex.com/gnu-social/gnu-social/language/bg/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: bg\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/bn_IN/LC_MESSAGES/Minify.po b/plugins/Minify/locale/bn_IN/LC_MESSAGES/Minify.po deleted file mode 100644 index ec9c1cf81d..0000000000 --- a/plugins/Minify/locale/bn_IN/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Bengali (India) (http://www.transifex.com/gnu-social/gnu-social/language/bn_IN/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: bn_IN\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/br/LC_MESSAGES/Minify.po b/plugins/Minify/locale/br/LC_MESSAGES/Minify.po deleted file mode 100644 index bd54d72430..0000000000 --- a/plugins/Minify/locale/br/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 09:02+0000\n" -"Last-Translator: digitaldreamer \n" -"Language-Team: Breton (http://www.transifex.com/gnu-social/gnu-social/language/br/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: br\n" -"Plural-Forms: nplurals=2; plural=(n > 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "N'eo ket skoret ar seurt restroù" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/ca/LC_MESSAGES/Minify.po b/plugins/Minify/locale/ca/LC_MESSAGES/Minify.po deleted file mode 100644 index 4539488ccd..0000000000 --- a/plugins/Minify/locale/ca/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Catalan (http://www.transifex.com/gnu-social/gnu-social/language/ca/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: ca\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/cs/LC_MESSAGES/Minify.po b/plugins/Minify/locale/cs/LC_MESSAGES/Minify.po deleted file mode 100644 index d2096e8896..0000000000 --- a/plugins/Minify/locale/cs/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Czech (http://www.transifex.com/gnu-social/gnu-social/language/cs/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: cs\n" -"Plural-Forms: nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/da/LC_MESSAGES/Minify.po b/plugins/Minify/locale/da/LC_MESSAGES/Minify.po deleted file mode 100644 index 6f93787b5e..0000000000 --- a/plugins/Minify/locale/da/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Danish (http://www.transifex.com/gnu-social/gnu-social/language/da/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: da\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/de/LC_MESSAGES/Minify.po b/plugins/Minify/locale/de/LC_MESSAGES/Minify.po deleted file mode 100644 index 107c6b360e..0000000000 --- a/plugins/Minify/locale/de/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 09:02+0000\n" -"Last-Translator: digitaldreamer \n" -"Language-Team: German (http://www.transifex.com/gnu-social/gnu-social/language/de/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: de\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "Der Parameter „f“ ist keine gültige Pfadangabe." - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "Der Parameter „f“ ist erfordert, fehlt jedoch." - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "Dateityp nicht unterstützt." - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "Das Minify-Plugin minimiert das CSS und JavaScript von StatusNet durch Entfernen von Leerzeichen und Kommentaren." diff --git a/plugins/Minify/locale/el/LC_MESSAGES/Minify.po b/plugins/Minify/locale/el/LC_MESSAGES/Minify.po deleted file mode 100644 index 4042f30311..0000000000 --- a/plugins/Minify/locale/el/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Greek (http://www.transifex.com/gnu-social/gnu-social/language/el/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: el\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/en_GB/LC_MESSAGES/Minify.po b/plugins/Minify/locale/en_GB/LC_MESSAGES/Minify.po deleted file mode 100644 index b3700ff723..0000000000 --- a/plugins/Minify/locale/en_GB/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,43 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -# Luke Hollins , 2015 -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-03-07 12:52+0000\n" -"Last-Translator: Luke Hollins \n" -"Language-Team: English (United Kingdom) (http://www.transifex.com/gnu-social/gnu-social/language/en_GB/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: en_GB\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "The parameter \"f\" is not a valid path." - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "The parameter \"f\" is required but missing." - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "File type not supported." - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "The Minify plugin minifies StatusNet's CSS and JavaScript, removing whitespace and comments." diff --git a/plugins/Minify/locale/eo/LC_MESSAGES/Minify.po b/plugins/Minify/locale/eo/LC_MESSAGES/Minify.po deleted file mode 100644 index 0cd70205e0..0000000000 --- a/plugins/Minify/locale/eo/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Esperanto (http://www.transifex.com/gnu-social/gnu-social/language/eo/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: eo\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/es/LC_MESSAGES/Minify.po b/plugins/Minify/locale/es/LC_MESSAGES/Minify.po deleted file mode 100644 index 61bd0924e8..0000000000 --- a/plugins/Minify/locale/es/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,43 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -# Juan Riquelme González , 2015 -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-27 16:01+0000\n" -"Last-Translator: Juan Riquelme González \n" -"Language-Team: Spanish (http://www.transifex.com/gnu-social/gnu-social/language/es/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: es\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "El parámetro f no contiene una ruta válida." - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "No se encuentra el parámetro f (requerido)." - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "Tipo de archivo no soportado." - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "El complemento Minify minimiza los archivos CSS y JavaScript de GNU social, borrando espacios en blanco y comentarios." diff --git a/plugins/Minify/locale/eu/LC_MESSAGES/Minify.po b/plugins/Minify/locale/eu/LC_MESSAGES/Minify.po deleted file mode 100644 index 60554c7145..0000000000 --- a/plugins/Minify/locale/eu/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 09:02+0000\n" -"Last-Translator: digitaldreamer \n" -"Language-Team: Basque (http://www.transifex.com/gnu-social/gnu-social/language/eu/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: eu\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "\"f\" parametroa ez da baliozko bide bat." - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "Beharrezkoa den \"f\" parametroa falta da." - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "Fitxategi moeta ez da onartzen." - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "Minify pluginak StatusNeten CSS eta Javascripta sinplifikatzen ditu, iruzikin eta zuriuneak ezabatuz." diff --git a/plugins/Minify/locale/fa/LC_MESSAGES/Minify.po b/plugins/Minify/locale/fa/LC_MESSAGES/Minify.po deleted file mode 100644 index 766b59d729..0000000000 --- a/plugins/Minify/locale/fa/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Persian (http://www.transifex.com/gnu-social/gnu-social/language/fa/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: fa\n" -"Plural-Forms: nplurals=1; plural=0;\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/fi/LC_MESSAGES/Minify.po b/plugins/Minify/locale/fi/LC_MESSAGES/Minify.po deleted file mode 100644 index a30119c4a4..0000000000 --- a/plugins/Minify/locale/fi/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Finnish (http://www.transifex.com/gnu-social/gnu-social/language/fi/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: fi\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/fr/LC_MESSAGES/Minify.po b/plugins/Minify/locale/fr/LC_MESSAGES/Minify.po deleted file mode 100644 index e274a34014..0000000000 --- a/plugins/Minify/locale/fr/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 09:02+0000\n" -"Last-Translator: digitaldreamer \n" -"Language-Team: French (http://www.transifex.com/gnu-social/gnu-social/language/fr/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: fr\n" -"Plural-Forms: nplurals=2; plural=(n > 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "Le paramètre « f » ne contient pas un chemin valide." - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "Le paramètre « f » est nécessaire mais absent." - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "Type de fichier non pris en charge." - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "Le greffon Minify minimise vos CSS et Javascript, en supprimant les espaces et les commentaires." diff --git a/plugins/Minify/locale/fur/LC_MESSAGES/Minify.po b/plugins/Minify/locale/fur/LC_MESSAGES/Minify.po deleted file mode 100644 index 80ca1a914a..0000000000 --- a/plugins/Minify/locale/fur/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Friulian (http://www.transifex.com/gnu-social/gnu-social/language/fur/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: fur\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/gl/LC_MESSAGES/Minify.po b/plugins/Minify/locale/gl/LC_MESSAGES/Minify.po deleted file mode 100644 index 33194827ce..0000000000 --- a/plugins/Minify/locale/gl/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 09:02+0000\n" -"Last-Translator: digitaldreamer \n" -"Language-Team: Galician (http://www.transifex.com/gnu-social/gnu-social/language/gl/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: gl\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "O parámetro \"f\" non é unha ruta válida." - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "O parámetro \"f\" é necesario, pero falta." - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "Tipo de ficheiro non soportado." - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "O complemento Minify minimiza o CSS e o JavaScript de StatusNet, eliminando os espazos en branco e os comentarios." diff --git a/plugins/Minify/locale/he/LC_MESSAGES/Minify.po b/plugins/Minify/locale/he/LC_MESSAGES/Minify.po deleted file mode 100644 index ee9644fd6a..0000000000 --- a/plugins/Minify/locale/he/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Hebrew (http://www.transifex.com/gnu-social/gnu-social/language/he/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: he\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/hsb/LC_MESSAGES/Minify.po b/plugins/Minify/locale/hsb/LC_MESSAGES/Minify.po deleted file mode 100644 index f2694835e5..0000000000 --- a/plugins/Minify/locale/hsb/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Upper Sorbian (http://www.transifex.com/gnu-social/gnu-social/language/hsb/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: hsb\n" -"Plural-Forms: nplurals=4; plural=(n%100==1 ? 0 : n%100==2 ? 1 : n%100==3 || n%100==4 ? 2 : 3);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/hu/LC_MESSAGES/Minify.po b/plugins/Minify/locale/hu/LC_MESSAGES/Minify.po deleted file mode 100644 index 82df2927eb..0000000000 --- a/plugins/Minify/locale/hu/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Hungarian (http://www.transifex.com/gnu-social/gnu-social/language/hu/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: hu\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/hy_AM/LC_MESSAGES/Minify.po b/plugins/Minify/locale/hy_AM/LC_MESSAGES/Minify.po deleted file mode 100644 index 3e92943f5e..0000000000 --- a/plugins/Minify/locale/hy_AM/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Armenian (Armenia) (http://www.transifex.com/gnu-social/gnu-social/language/hy_AM/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: hy_AM\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/ia/LC_MESSAGES/Minify.po b/plugins/Minify/locale/ia/LC_MESSAGES/Minify.po deleted file mode 100644 index 5f72274228..0000000000 --- a/plugins/Minify/locale/ia/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 09:02+0000\n" -"Last-Translator: digitaldreamer \n" -"Language-Team: Interlingua (http://www.transifex.com/gnu-social/gnu-social/language/ia/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: ia\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "Le parametro \"f\" non es un cammino valide." - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "Le parametro \"f\" es necessari, ma manca." - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "Typo de file non supportate." - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "Le plug-in Minify minimisa le CSS e JavaScript de StatusNet, removente spatio blanc e commentos." diff --git a/plugins/Minify/locale/id/LC_MESSAGES/Minify.po b/plugins/Minify/locale/id/LC_MESSAGES/Minify.po deleted file mode 100644 index cbd7980dfb..0000000000 --- a/plugins/Minify/locale/id/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,43 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -# zk , 2015 -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-05-28 15:50+0000\n" -"Last-Translator: zk \n" -"Language-Team: Indonesian (http://www.transifex.com/gnu-social/gnu-social/language/id/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: id\n" -"Plural-Forms: nplurals=1; plural=0;\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "Parameter \"f\" bukan jalur yang valid." - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/io/LC_MESSAGES/Minify.po b/plugins/Minify/locale/io/LC_MESSAGES/Minify.po deleted file mode 100644 index dd7aece571..0000000000 --- a/plugins/Minify/locale/io/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,43 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -# Ciencisto Dementa , 2015 -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-06-16 23:52+0000\n" -"Last-Translator: Ciencisto Dementa \n" -"Language-Team: Ido (http://www.transifex.com/gnu-social/gnu-social/language/io/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: io\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "La parametro \"f\" ne es valida voyo." - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "La parametro \"f\" es necesa ma mankanta." - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "Dokumento-tipo nesuportata." - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "L'extensilo Minify miniaturigas la CSS e JavaScript di GNU social, per efacar vakua spaco e komenti." diff --git a/plugins/Minify/locale/is/LC_MESSAGES/Minify.po b/plugins/Minify/locale/is/LC_MESSAGES/Minify.po deleted file mode 100644 index d8a56e1a31..0000000000 --- a/plugins/Minify/locale/is/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Icelandic (http://www.transifex.com/gnu-social/gnu-social/language/is/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: is\n" -"Plural-Forms: nplurals=2; plural=(n % 10 != 1 || n % 100 == 11);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/it/LC_MESSAGES/Minify.po b/plugins/Minify/locale/it/LC_MESSAGES/Minify.po deleted file mode 100644 index 6fc817e97d..0000000000 --- a/plugins/Minify/locale/it/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 09:02+0000\n" -"Last-Translator: digitaldreamer \n" -"Language-Team: Italian (http://www.transifex.com/gnu-social/gnu-social/language/it/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: it\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "Il parametro \"f\" non contiene un percorso valido." - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "Il parametro \"f\" è richiesto ma è mancante." - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "Tipo di file non supportato." - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "L'estensione Minify minimizza il CSS e gli JavaScript utilizzati da StatusNet, rimuovendo spazi bianchi e commenti." diff --git a/plugins/Minify/locale/ja/LC_MESSAGES/Minify.po b/plugins/Minify/locale/ja/LC_MESSAGES/Minify.po deleted file mode 100644 index 91d280c3ec..0000000000 --- a/plugins/Minify/locale/ja/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Japanese (http://www.transifex.com/gnu-social/gnu-social/language/ja/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: ja\n" -"Plural-Forms: nplurals=1; plural=0;\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/ka/LC_MESSAGES/Minify.po b/plugins/Minify/locale/ka/LC_MESSAGES/Minify.po deleted file mode 100644 index bf4ac1b763..0000000000 --- a/plugins/Minify/locale/ka/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Georgian (http://www.transifex.com/gnu-social/gnu-social/language/ka/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: ka\n" -"Plural-Forms: nplurals=1; plural=0;\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/ko/LC_MESSAGES/Minify.po b/plugins/Minify/locale/ko/LC_MESSAGES/Minify.po deleted file mode 100644 index 5cfc9f5cee..0000000000 --- a/plugins/Minify/locale/ko/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Korean (http://www.transifex.com/gnu-social/gnu-social/language/ko/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: ko\n" -"Plural-Forms: nplurals=1; plural=0;\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/ksh/LC_MESSAGES/Minify.po b/plugins/Minify/locale/ksh/LC_MESSAGES/Minify.po deleted file mode 100644 index ce1df8d749..0000000000 --- a/plugins/Minify/locale/ksh/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Colognian (http://www.transifex.com/gnu-social/gnu-social/language/ksh/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: ksh\n" -"Plural-Forms: nplurals=3; plural=(n==0) ? 0 : (n==1) ? 1 : 2;\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/lb/LC_MESSAGES/Minify.po b/plugins/Minify/locale/lb/LC_MESSAGES/Minify.po deleted file mode 100644 index 631ad6d8a1..0000000000 --- a/plugins/Minify/locale/lb/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Luxembourgish (http://www.transifex.com/gnu-social/gnu-social/language/lb/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: lb\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/lt/LC_MESSAGES/Minify.po b/plugins/Minify/locale/lt/LC_MESSAGES/Minify.po deleted file mode 100644 index e6aeaddf25..0000000000 --- a/plugins/Minify/locale/lt/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Lithuanian (http://www.transifex.com/gnu-social/gnu-social/language/lt/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: lt\n" -"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && (n%100<10 || n%100>=20) ? 1 : 2);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/lv/LC_MESSAGES/Minify.po b/plugins/Minify/locale/lv/LC_MESSAGES/Minify.po deleted file mode 100644 index 7b2535ea63..0000000000 --- a/plugins/Minify/locale/lv/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 09:39+0000\n" -"Last-Translator: digitaldreamer \n" -"Language-Team: Latvian (http://www.transifex.com/gnu-social/gnu-social/language/lv/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: lv\n" -"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n != 0 ? 1 : 2);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/mg/LC_MESSAGES/Minify.po b/plugins/Minify/locale/mg/LC_MESSAGES/Minify.po deleted file mode 100644 index 5990916e9c..0000000000 --- a/plugins/Minify/locale/mg/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Malagasy (http://www.transifex.com/gnu-social/gnu-social/language/mg/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: mg\n" -"Plural-Forms: nplurals=2; plural=(n > 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/mk/LC_MESSAGES/Minify.po b/plugins/Minify/locale/mk/LC_MESSAGES/Minify.po deleted file mode 100644 index b3be7fcb2d..0000000000 --- a/plugins/Minify/locale/mk/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 09:02+0000\n" -"Last-Translator: digitaldreamer \n" -"Language-Team: Macedonian (http://www.transifex.com/gnu-social/gnu-social/language/mk/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: mk\n" -"Plural-Forms: nplurals=2; plural=(n % 10 == 1 && n % 100 != 11) ? 0 : 1;\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "Параметарот „f“ не претставува важечка патека." - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "Параметарот „f“ е задолжителен, но недостасува." - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "Овој топ на податотека не е поддржан." - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "Приклучокот Minify ги смалува CSS и JavaScript на StatusNet, отстранувајќи бели простори и коментари." diff --git a/plugins/Minify/locale/ml/LC_MESSAGES/Minify.po b/plugins/Minify/locale/ml/LC_MESSAGES/Minify.po deleted file mode 100644 index 2f913ec933..0000000000 --- a/plugins/Minify/locale/ml/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Malayalam (http://www.transifex.com/gnu-social/gnu-social/language/ml/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: ml\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/ms/LC_MESSAGES/Minify.po b/plugins/Minify/locale/ms/LC_MESSAGES/Minify.po deleted file mode 100644 index 51bab20de0..0000000000 --- a/plugins/Minify/locale/ms/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Malay (http://www.transifex.com/gnu-social/gnu-social/language/ms/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: ms\n" -"Plural-Forms: nplurals=1; plural=0;\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/my/LC_MESSAGES/Minify.po b/plugins/Minify/locale/my/LC_MESSAGES/Minify.po deleted file mode 100644 index dc341f1259..0000000000 --- a/plugins/Minify/locale/my/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Burmese (http://www.transifex.com/gnu-social/gnu-social/language/my/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: my\n" -"Plural-Forms: nplurals=1; plural=0;\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/nb/LC_MESSAGES/Minify.po b/plugins/Minify/locale/nb/LC_MESSAGES/Minify.po deleted file mode 100644 index b4b1cbbc9d..0000000000 --- a/plugins/Minify/locale/nb/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 09:02+0000\n" -"Last-Translator: digitaldreamer \n" -"Language-Team: Norwegian Bokmål (http://www.transifex.com/gnu-social/gnu-social/language/nb/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: nb\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "Parameteren «f» er ikke en gyldig sti." - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "Parameteren «f» er nødvendig, men mangler." - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "Filtype støttes ikke." - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "Utvidelsen Minify minimerer StatusNets CSS og JavaScript og fjerner mellomrom og kommentarer." diff --git a/plugins/Minify/locale/ne/LC_MESSAGES/Minify.po b/plugins/Minify/locale/ne/LC_MESSAGES/Minify.po deleted file mode 100644 index 504f645396..0000000000 --- a/plugins/Minify/locale/ne/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 09:30+0000\n" -"Last-Translator: digitaldreamer \n" -"Language-Team: Nepali (http://www.transifex.com/gnu-social/gnu-social/language/ne/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: ne\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/nl/LC_MESSAGES/Minify.po b/plugins/Minify/locale/nl/LC_MESSAGES/Minify.po deleted file mode 100644 index f53ff843b9..0000000000 --- a/plugins/Minify/locale/nl/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 09:02+0000\n" -"Last-Translator: digitaldreamer \n" -"Language-Team: Dutch (http://www.transifex.com/gnu-social/gnu-social/language/nl/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: nl\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "De parameter \"f\" is geen geldig pad." - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "De parameter \"f\" is vereist, maar ontbreekt." - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "Dit bestandstype wordt niet ondersteund" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "De plug-in Minify maakt CSS en JavaScript kleiner door witruimte en opmerkingen te verwijderen." diff --git a/plugins/Minify/locale/nn/LC_MESSAGES/Minify.po b/plugins/Minify/locale/nn/LC_MESSAGES/Minify.po deleted file mode 100644 index 80aa586139..0000000000 --- a/plugins/Minify/locale/nn/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Norwegian Nynorsk (http://www.transifex.com/gnu-social/gnu-social/language/nn/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: nn\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/pl/LC_MESSAGES/Minify.po b/plugins/Minify/locale/pl/LC_MESSAGES/Minify.po deleted file mode 100644 index 6025d136a2..0000000000 --- a/plugins/Minify/locale/pl/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Polish (http://www.transifex.com/gnu-social/gnu-social/language/pl/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: pl\n" -"Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/pt/LC_MESSAGES/Minify.po b/plugins/Minify/locale/pt/LC_MESSAGES/Minify.po deleted file mode 100644 index d897cdfc6f..0000000000 --- a/plugins/Minify/locale/pt/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Portuguese (http://www.transifex.com/gnu-social/gnu-social/language/pt/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: pt\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/pt_BR/LC_MESSAGES/Minify.po b/plugins/Minify/locale/pt_BR/LC_MESSAGES/Minify.po deleted file mode 100644 index 9a8dea10a2..0000000000 --- a/plugins/Minify/locale/pt_BR/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Portuguese (Brazil) (http://www.transifex.com/gnu-social/gnu-social/language/pt_BR/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: pt_BR\n" -"Plural-Forms: nplurals=2; plural=(n > 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/ro_RO/LC_MESSAGES/Minify.po b/plugins/Minify/locale/ro_RO/LC_MESSAGES/Minify.po deleted file mode 100644 index aa39878909..0000000000 --- a/plugins/Minify/locale/ro_RO/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Romanian (Romania) (http://www.transifex.com/gnu-social/gnu-social/language/ro_RO/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: ro_RO\n" -"Plural-Forms: nplurals=3; plural=(n==1?0:(((n%100>19)||((n%100==0)&&(n!=0)))?2:1));\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/ru/LC_MESSAGES/Minify.po b/plugins/Minify/locale/ru/LC_MESSAGES/Minify.po deleted file mode 100644 index 9e1356f405..0000000000 --- a/plugins/Minify/locale/ru/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 09:02+0000\n" -"Last-Translator: digitaldreamer \n" -"Language-Team: Russian (http://www.transifex.com/gnu-social/gnu-social/language/ru/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: ru\n" -"Plural-Forms: nplurals=4; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<12 || n%100>14) ? 1 : n%10==0 || (n%10>=5 && n%10<=9) || (n%100>=11 && n%100<=14)? 2 : 3);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "Параметр «f» содержит неправильный путь." - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "Требуется параметр «f», но он отсутствует." - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "Тип файла не поддерживается." - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "Плагин «Minify» сжимает CSS и JavaScript StatusNet'а, удаляя лишние пробелы и комментарии." diff --git a/plugins/Minify/locale/sl/LC_MESSAGES/Minify.po b/plugins/Minify/locale/sl/LC_MESSAGES/Minify.po deleted file mode 100644 index 9a93409f2f..0000000000 --- a/plugins/Minify/locale/sl/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Slovenian (http://www.transifex.com/gnu-social/gnu-social/language/sl/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: sl\n" -"Plural-Forms: nplurals=4; plural=(n%100==1 ? 0 : n%100==2 ? 1 : n%100==3 || n%100==4 ? 2 : 3);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/sr-ec/LC_MESSAGES/Minify.po b/plugins/Minify/locale/sr-ec/LC_MESSAGES/Minify.po deleted file mode 100644 index 03a895693e..0000000000 --- a/plugins/Minify/locale/sr-ec/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Serbian (http://www.transifex.com/gnu-social/gnu-social/language/sr/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: sr\n" -"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/sv/LC_MESSAGES/Minify.po b/plugins/Minify/locale/sv/LC_MESSAGES/Minify.po deleted file mode 100644 index f416f55e39..0000000000 --- a/plugins/Minify/locale/sv/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 09:02+0000\n" -"Last-Translator: digitaldreamer \n" -"Language-Team: Swedish (http://www.transifex.com/gnu-social/gnu-social/language/sv/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: sv\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "Parametern \"f\" är inte en giltig sökväg." - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "Parametern \"f\" är obligatoriska men saknas." - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "Filtypen stöds inte" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/ta/LC_MESSAGES/Minify.po b/plugins/Minify/locale/ta/LC_MESSAGES/Minify.po deleted file mode 100644 index e588fd50e6..0000000000 --- a/plugins/Minify/locale/ta/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Tamil (http://www.transifex.com/gnu-social/gnu-social/language/ta/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: ta\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/te/LC_MESSAGES/Minify.po b/plugins/Minify/locale/te/LC_MESSAGES/Minify.po deleted file mode 100644 index 6fa1fd040a..0000000000 --- a/plugins/Minify/locale/te/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Telugu (http://www.transifex.com/gnu-social/gnu-social/language/te/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: te\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/tl/LC_MESSAGES/Minify.po b/plugins/Minify/locale/tl/LC_MESSAGES/Minify.po deleted file mode 100644 index 911b6b4ca8..0000000000 --- a/plugins/Minify/locale/tl/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 09:02+0000\n" -"Last-Translator: digitaldreamer \n" -"Language-Team: Tagalog (http://www.transifex.com/gnu-social/gnu-social/language/tl/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: tl\n" -"Plural-Forms: nplurals=2; plural=(n > 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "Ang parametrong \"f\" ay hindi isang tanggap na landas." - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "Ang parametrong \"f\" ay kailangan ngunit nawawala." - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "Hindi tinatangkilik ang uri ng talaksan." - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "Ang pamasak na Minify ay nagpapaliit sa CSS at JavaScript ng StatusNet, na nagtatanggal ng puting puwang at mga puna." diff --git a/plugins/Minify/locale/tr/LC_MESSAGES/Minify.po b/plugins/Minify/locale/tr/LC_MESSAGES/Minify.po deleted file mode 100644 index 4c2f2f6ea7..0000000000 --- a/plugins/Minify/locale/tr/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Turkish (http://www.transifex.com/gnu-social/gnu-social/language/tr/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: tr\n" -"Plural-Forms: nplurals=2; plural=(n > 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/uk/LC_MESSAGES/Minify.po b/plugins/Minify/locale/uk/LC_MESSAGES/Minify.po deleted file mode 100644 index c3196917c6..0000000000 --- a/plugins/Minify/locale/uk/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 09:02+0000\n" -"Last-Translator: digitaldreamer \n" -"Language-Team: Ukrainian (http://www.transifex.com/gnu-social/gnu-social/language/uk/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: uk\n" -"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "Параметр «f» не є правильним шляхом." - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "Параметр «f» має бути зазначено, але він відсутній." - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "Тип файлу не підтримується." - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "Додаток Minify мінімізує CSS та JavaScript сайту StatusNet, усуваючи пропуски і коментарі." diff --git a/plugins/Minify/locale/ur_PK/LC_MESSAGES/Minify.po b/plugins/Minify/locale/ur_PK/LC_MESSAGES/Minify.po deleted file mode 100644 index adffb75f71..0000000000 --- a/plugins/Minify/locale/ur_PK/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Urdu (Pakistan) (http://www.transifex.com/gnu-social/gnu-social/language/ur_PK/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: ur_PK\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/vi/LC_MESSAGES/Minify.po b/plugins/Minify/locale/vi/LC_MESSAGES/Minify.po deleted file mode 100644 index 6ded091da6..0000000000 --- a/plugins/Minify/locale/vi/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Vietnamese (http://www.transifex.com/gnu-social/gnu-social/language/vi/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: vi\n" -"Plural-Forms: nplurals=1; plural=0;\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/zh/LC_MESSAGES/Minify.po b/plugins/Minify/locale/zh/LC_MESSAGES/Minify.po deleted file mode 100644 index 2cdb0d63e7..0000000000 --- a/plugins/Minify/locale/zh/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Chinese (http://www.transifex.com/gnu-social/gnu-social/language/zh/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: zh\n" -"Plural-Forms: nplurals=1; plural=0;\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" diff --git a/plugins/Minify/locale/zh_CN/LC_MESSAGES/Minify.po b/plugins/Minify/locale/zh_CN/LC_MESSAGES/Minify.po deleted file mode 100644 index 9256e7bb60..0000000000 --- a/plugins/Minify/locale/zh_CN/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 09:02+0000\n" -"Last-Translator: digitaldreamer \n" -"Language-Team: Chinese (China) (http://www.transifex.com/gnu-social/gnu-social/language/zh_CN/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: zh_CN\n" -"Plural-Forms: nplurals=1; plural=0;\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "参数 \"f\" 不是个有效的路径。" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "需要参数 \"f\" 但是丢失了。" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "文件类型不支持。" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "Minify 插件通过删除空白和注释缩小 StatusNet 的 CSS 和 JavaScript。" diff --git a/plugins/Minify/locale/zh_TW/LC_MESSAGES/Minify.po b/plugins/Minify/locale/zh_TW/LC_MESSAGES/Minify.po deleted file mode 100644 index 6ee98595d9..0000000000 --- a/plugins/Minify/locale/zh_TW/LC_MESSAGES/Minify.po +++ /dev/null @@ -1,42 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: -msgid "" -msgstr "" -"Project-Id-Version: GNU social\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-02-02 17:47+0100\n" -"PO-Revision-Date: 2015-02-07 08:50+0000\n" -"Last-Translator: FULL NAME \n" -"Language-Team: Chinese (Taiwan) (http://www.transifex.com/gnu-social/gnu-social/language/zh_TW/)\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Language: zh_TW\n" -"Plural-Forms: nplurals=1; plural=0;\n" - -#. TRANS: Client error displayed when not providing a valid path in parameter -#. "f". -#: actions/minify.php:50 -msgid "The parameter \"f\" is not a valid path." -msgstr "" - -#. TRANS: Client error displayed when not providing parameter "f". -#: actions/minify.php:54 -msgid "The parameter \"f\" is required but missing." -msgstr "" - -#. TRANS: Client error displayed when trying to minify an unsupported file -#. type. -#: actions/minify.php:112 -msgid "File type not supported." -msgstr "" - -#. TRANS: Plugin description. -#: MinifyPlugin.php:168 -msgid "" -"The Minify plugin minifies StatusNet's CSS and JavaScript, removing " -"whitespace and comments." -msgstr "" From ae681b10e7bd61743bd772f5be09ce539c26b33b Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 21 Mar 2016 03:11:22 +0100 Subject: [PATCH 122/415] geometa.js doesn't exist anymore --- lib/action.php | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/action.php b/lib/action.php index 7fffa6576b..6d6efb1cbc 100644 --- a/lib/action.php +++ b/lib/action.php @@ -434,7 +434,6 @@ class Action extends HTMLOutputter // lawsuit if (Event::handle('StartShowStatusNetScripts', array($this))) { $this->script('util.js'); $this->script('xbImportNode.js'); - $this->script('geometa.js'); // This route isn't available in single-user mode. // Not sure why, but it causes errors here. From 241b965715f3f1dba4290500110a457262a19b11 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 21 Mar 2016 03:12:24 +0100 Subject: [PATCH 123/415] oEmbed CSS file --- plugins/Oembed/css/oembed.css | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 plugins/Oembed/css/oembed.css diff --git a/plugins/Oembed/css/oembed.css b/plugins/Oembed/css/oembed.css new file mode 100644 index 0000000000..ad7b3fb9b0 --- /dev/null +++ b/plugins/Oembed/css/oembed.css @@ -0,0 +1,15 @@ +.oembed-thumb { + float: left; + margin-bottom: 1ex; + margin-right: 1em; + padding-bottom: 1ex; +} + +.oembed-source { + font-style: italic; +} + +.oembed-html { + max-height: 100px; + overflow: auto; +} From 38f7deca7859f1c70721a82ace2024d014f4654f Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 21 Mar 2016 11:17:25 +0100 Subject: [PATCH 124/415] Avoid "property of non-object" PHP notice. --- lib/peopletaggroupnav.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/peopletaggroupnav.php b/lib/peopletaggroupnav.php index fb579affe0..44e4756b81 100644 --- a/lib/peopletaggroupnav.php +++ b/lib/peopletaggroupnav.php @@ -105,7 +105,8 @@ class PeopletagGroupNav extends Widget $this->out->elementStart('ul', array('class' => 'nav')); - if (Event::handle('StartPeopletagGroupNav', array($this))) { + if (Event::handle('StartPeopletagGroupNav', array($this)) + && $tag instanceof Profile_list && $user_profile instanceof Profile) { // People tag timeline $this->out->menuItem(common_local_url('showprofiletag', array('nickname' => $user_profile->nickname, 'tag' => $tag->tag)), From 1ebd4f342e20c6a6ea517e15c4e81446f377d656 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 21 Mar 2016 12:12:24 +0100 Subject: [PATCH 125/415] woops, accidentally deleted updates-from rel on mass Google-deletion --- plugins/LRDD/lib/discovery.php | 1 + 1 file changed, 1 insertion(+) diff --git a/plugins/LRDD/lib/discovery.php b/plugins/LRDD/lib/discovery.php index 9825ea3cb7..4049113408 100644 --- a/plugins/LRDD/lib/discovery.php +++ b/plugins/LRDD/lib/discovery.php @@ -37,6 +37,7 @@ if (!defined('GNUSOCIAL')) { exit(1); } class Discovery { const LRDD_REL = 'lrdd'; + const UPDATESFROM = 'http://schemas.google.com/g/2010#updates-from'; const HCARD = 'http://microformats.org/profile/hcard'; const MF2_HCARD = 'http://microformats.org/profile/h-card'; // microformats2 h-card From 39ebb64b858b1b3e7fd21c6de82895dfcaec77b3 Mon Sep 17 00:00:00 2001 From: "Neil E. Hodges" <47hasbegun@gmail.com> Date: Sat, 19 Mar 2016 03:23:26 -0700 Subject: [PATCH 126/415] Added proper enabling and disabling of sending RTs to Twitter. --- classes/Foreign_link.php | 8 +++++++- lib/framework.php | 1 + plugins/FacebookBridge/actions/facebooksettings.php | 3 ++- plugins/TwitterBridge/actions/twitterauthorization.php | 2 +- plugins/TwitterBridge/actions/twittersettings.php | 9 ++++++++- plugins/TwitterBridge/twitter.php | 9 ++++++++- 6 files changed, 27 insertions(+), 5 deletions(-) diff --git a/classes/Foreign_link.php b/classes/Foreign_link.php index b3757448ad..8388f12e72 100644 --- a/classes/Foreign_link.php +++ b/classes/Foreign_link.php @@ -89,7 +89,7 @@ class Foreign_link extends Managed_DataObject return $flink; } - function set_flags($noticesend, $noticerecv, $replysync, $friendsync) + function set_flags($noticesend, $noticerecv, $replysync, $repeatsync, $friendsync) { if ($noticesend) { $this->noticesync |= FOREIGN_NOTICE_SEND; @@ -109,6 +109,12 @@ class Foreign_link extends Managed_DataObject $this->noticesync &= ~FOREIGN_NOTICE_SEND_REPLY; } + if ($repeatsync) { + $this->noticesync |= FOREIGN_NOTICE_SEND_REPEAT; + } else { + $this->noticesync &= ~FOREIGN_NOTICE_SEND_REPEAT; + } + if ($friendsync) { $this->friendsync |= FOREIGN_FRIEND_RECV; } else { diff --git a/lib/framework.php b/lib/framework.php index 229de8b793..79d171c698 100644 --- a/lib/framework.php +++ b/lib/framework.php @@ -46,6 +46,7 @@ define('PROFILES_PER_MINILIST', 8); define('FOREIGN_NOTICE_SEND', 1); define('FOREIGN_NOTICE_RECV', 2); define('FOREIGN_NOTICE_SEND_REPLY', 4); +define('FOREIGN_NOTICE_SEND_REPEAT', 8); define('FOREIGN_FRIEND_SEND', 1); define('FOREIGN_FRIEND_RECV', 2); diff --git a/plugins/FacebookBridge/actions/facebooksettings.php b/plugins/FacebookBridge/actions/facebooksettings.php index 67dd20e036..9073256d1d 100644 --- a/plugins/FacebookBridge/actions/facebooksettings.php +++ b/plugins/FacebookBridge/actions/facebooksettings.php @@ -213,7 +213,8 @@ class FacebooksettingsAction extends SettingsAction { $replysync = $this->boolean('replysync'); $original = clone($this->flink); - $this->flink->set_flags($noticesync, false, $replysync, false); + // TODO: Allow disabling of repeats + $this->flink->set_flags($noticesync, false, $replysync, true, false); $result = $this->flink->update($original); if ($result === false) { diff --git a/plugins/TwitterBridge/actions/twitterauthorization.php b/plugins/TwitterBridge/actions/twitterauthorization.php index c9b892b640..9ee7e6b899 100644 --- a/plugins/TwitterBridge/actions/twitterauthorization.php +++ b/plugins/TwitterBridge/actions/twitterauthorization.php @@ -237,7 +237,7 @@ class TwitterauthorizationAction extends FormAction // Defaults: noticesync on, everything else off - $flink->set_flags(true, false, false, false); + $flink->set_flags(true, false, false, false, false); $flink_id = $flink->insert(); diff --git a/plugins/TwitterBridge/actions/twittersettings.php b/plugins/TwitterBridge/actions/twittersettings.php index ccdb44fcb9..1fb0e793c6 100644 --- a/plugins/TwitterBridge/actions/twittersettings.php +++ b/plugins/TwitterBridge/actions/twittersettings.php @@ -161,6 +161,12 @@ class TwittersettingsAction extends ProfileSettingsAction $this->flink->noticesync & FOREIGN_NOTICE_SEND_REPLY); $this->elementEnd('li'); $this->elementStart('li'); + $this->checkbox('repeatsync', + // TRANS: Checkbox label. + _m('Send local repeats to Twitter.'), + $this->flink->noticesync & FOREIGN_NOTICE_SEND_REPEAT); + $this->elementEnd('li'); + $this->elementStart('li'); $this->checkbox('friendsync', // TRANS: Checkbox label. _m('Subscribe to my Twitter friends here.'), @@ -265,6 +271,7 @@ class TwittersettingsAction extends ProfileSettingsAction $noticerecv = $this->boolean('noticerecv'); $friendsync = $this->boolean('friendsync'); $replysync = $this->boolean('replysync'); + $repeatsync = $this->boolean('repeatsync'); if (!$this->flink instanceof Foreign_link) { common_log_db_error($this->flink, 'SELECT', __FILE__); @@ -274,7 +281,7 @@ class TwittersettingsAction extends ProfileSettingsAction $original = clone($this->flink); $wasReceiving = (bool)($original->noticesync & FOREIGN_NOTICE_RECV); - $this->flink->set_flags($noticesend, $noticerecv, $replysync, $friendsync); + $this->flink->set_flags($noticesend, $noticerecv, $replysync, $repeatsync, $friendsync); $result = $this->flink->update($original); if ($result === false) { diff --git a/plugins/TwitterBridge/twitter.php b/plugins/TwitterBridge/twitter.php index 6b7e2179e6..ffdee72a97 100644 --- a/plugins/TwitterBridge/twitter.php +++ b/plugins/TwitterBridge/twitter.php @@ -111,7 +111,14 @@ function is_twitter_bound($notice, $flink) { return false; } - $allowedVerbs = array(ActivityVerb::POST, ActivityVerb::SHARE); + $allowedVerbs = array(ActivityVerb::POST); + + // Default behavior: always send repeats + if (empty($flink)) + array_push($allowedVerbs, ActivityVerb::SHARE); + // Otherwise, check to see if repeats are allowed + else if (($flink->noticesync & FOREIGN_NOTICE_SEND_REPEAT) == FOREIGN_NOTICE_SEND_REPEAT) + array_push($allowedVerbs, ActivityVerb::SHARE); // Don't send things that aren't posts or repeats (at least for now) if (!in_array($notice->verb, $allowedVerbs)) { From 86ce93b376af13ad3542d831da8053d671e68743 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 21 Mar 2016 17:34:03 +0100 Subject: [PATCH 127/415] Notice->deleteRelated should be called from delete() --- classes/Notice.php | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index ad589d786b..d7fb3cb966 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -165,6 +165,18 @@ class Notice extends Managed_DataObject throw new AuthorizationException(_('You are not allowed to delete another user\'s notice.')); } + $result = null; + if (!$delete_event || Event::handle('DeleteNoticeAsProfile', array($this, $actor, &$result))) { + // If $delete_event is true, we run the event. If the Event then + // returns false it is assumed everything was handled properly + // and the notice was deleted. + $result = $this->delete(); + } + return $result; + } + + protected function deleteRelated() + { if (Event::handle('NoticeDeleteRelated', array($this))) { // Clear related records $this->clearReplies(); @@ -176,19 +188,12 @@ class Notice extends Managed_DataObject $this->clearAttentions(); // NOTE: we don't clear queue items } - - $result = null; - if (!$delete_event || Event::handle('DeleteNoticeAsProfile', array($this, $actor, &$result))) { - // If $delete_event is true, we run the event. If the Event then - // returns false it is assumed everything was handled properly - // and the notice was deleted. - $result = $this->delete(); - } - return $result; } public function delete($useWhere=false) { + $this->deleteRelated(); + $result = parent::delete($useWhere); $this->blowOnDelete(); From 55544845db799231a907cf12def0d96cd42cde93 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 21 Mar 2016 17:50:06 +0100 Subject: [PATCH 128/415] Just some comment clarification --- plugins/ActivityModeration/ActivityModerationPlugin.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/plugins/ActivityModeration/ActivityModerationPlugin.php b/plugins/ActivityModeration/ActivityModerationPlugin.php index 208a05449d..e89ae61d66 100644 --- a/plugins/ActivityModeration/ActivityModerationPlugin.php +++ b/plugins/ActivityModeration/ActivityModerationPlugin.php @@ -87,7 +87,8 @@ class ActivityModerationPlugin extends ActivityVerbHandlerPlugin } public function onDeleteNoticeAsProfile(Notice $stored, Profile $actor, &$result) { - // By adding a new 'delete' verb we will eventually trigger $this->saveObjectFromActivity + // By adding a new object with the 'delete' verb we will trigger + // $this->saveObjectFromActivity that will do the actual ->delete() if (false === Deleted_notice::addNew($stored, $actor)) { // false is returned if we did not have an error, but did not create the object // (i.e. the author is currently being deleted) @@ -95,8 +96,8 @@ class ActivityModerationPlugin extends ActivityVerbHandlerPlugin } // We return false (to stop the event) if the deleted_notice entry was - // added, which means we have run $this->saveObjectFromActivity which - // in turn has called the delete function of the notice. + // added, which means we have already run $this->saveObjectFromActivity + // which in turn has called the delete function of the notice. return false; } From 51840a66930cfbb9a11068475438f91d76021863 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 21 Mar 2016 18:07:29 +0100 Subject: [PATCH 129/415] doActionPost for delete should use deleteAs --- plugins/ActivityModeration/ActivityModerationPlugin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/ActivityModeration/ActivityModerationPlugin.php b/plugins/ActivityModeration/ActivityModerationPlugin.php index e89ae61d66..ba53a13a8a 100644 --- a/plugins/ActivityModeration/ActivityModerationPlugin.php +++ b/plugins/ActivityModeration/ActivityModerationPlugin.php @@ -74,7 +74,7 @@ class ActivityModerationPlugin extends ActivityVerbHandlerPlugin switch (true) { case ActivityUtils::compareVerbs($verb, array(ActivityVerb::DELETE)): // do whatever preparation is necessary to delete a verb - $target->delete(); + $target->deleteAs($scoped); break; default: throw new ServerException('ActivityVerb POST not handled by plugin that was supposed to do it.'); From f3f619cc41f7e77e91f0c1b93cbec93425cb53e7 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 22 Mar 2016 00:03:22 +0100 Subject: [PATCH 130/415] entry attachment css --- theme/base/css/display.css | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/theme/base/css/display.css b/theme/base/css/display.css index 19ff81407d..03cb4644ee 100644 --- a/theme/base/css/display.css +++ b/theme/base/css/display.css @@ -810,11 +810,14 @@ position:static; } .notice.h-entry .attachments { - clear: both; position: relative; margin-bottom: 1em; } +.notice.h-entry .attachments > * { + clear: both; +} + .notice.h-entry .attachments .inline-attachment > * { height: auto; max-width: 100%; From 53c1750f0df75e7992339656a3f665b8ed29d61e Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 22 Mar 2016 14:02:36 +0100 Subject: [PATCH 131/415] If the attachment is a photo, don't replace representation in oEmbed --- plugins/Oembed/OembedPlugin.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/plugins/Oembed/OembedPlugin.php b/plugins/Oembed/OembedPlugin.php index 4497728c4c..56ce3cf098 100644 --- a/plugins/Oembed/OembedPlugin.php +++ b/plugins/Oembed/OembedPlugin.php @@ -238,6 +238,11 @@ class OembedPlugin extends Plugin return true; } + // Show thumbnail as usual if it's a photo. + if ($oembed->type === 'photo') { + return true; + } + $out->elementStart('article', ['class'=>'oembed-item']); $out->elementStart('header'); try { From dafe775ffaa4438cff38a930c7dba0d6348aa4bb Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 22 Mar 2016 22:31:01 +0100 Subject: [PATCH 132/415] Microsummaries had issues and were removed in Firefox 6.0 anyway It is argued there are many better ways to get a "micro summary" of a profile or site. --- actions/microsummary.php | 82 ---------------------------------------- actions/showstream.php | 6 --- lib/router.php | 2 +- 3 files changed, 1 insertion(+), 89 deletions(-) delete mode 100644 actions/microsummary.php diff --git a/actions/microsummary.php b/actions/microsummary.php deleted file mode 100644 index 2742eb9a04..0000000000 --- a/actions/microsummary.php +++ /dev/null @@ -1,82 +0,0 @@ - - * @author Robin Millette - * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 - * @link http://status.net/ - * - * StatusNet - the distributed open-source microblogging tool - * Copyright (C) 2008, 2009, StatusNet, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); -} - -/** - * Microsummary action class. - * - * @category Action - * @package StatusNet - * @author Evan Prodromou - * @author Robin Millette - * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 - * @link http://status.net/ - */ -class MicrosummaryAction extends Action -{ - /** - * Class handler. - * - * @param array $args array of arguments - * - * @return nothing - */ - function handle($args) - { - parent::handle($args); - - $nickname = common_canonical_nickname($this->arg('nickname')); - $user = User::getKV('nickname', $nickname); - - if (!$user) { - // TRANS: Client error displayed trying to make a micro summary without providing a valid user. - $this->clientError(_('No such user.'), 404); - } - - $notice = $user->getCurrentNotice(); - - if (!$notice) { - // TRANS: Client error displayed trying to make a micro summary without providing a status. - $this->clientError(_('No current status.'), 404); - } - - header('Content-Type: text/plain'); - - print $user->nickname . ': ' . $notice->content; - } - - function isReadOnly($args) - { - return true; - } -} diff --git a/actions/showstream.php b/actions/showstream.php index dbe74197dc..ca901ce794 100644 --- a/actions/showstream.php +++ b/actions/showstream.php @@ -173,12 +173,6 @@ class ShowstreamAction extends NoticestreamAction 'content' => $this->target->getDescription())); } - // See https://wiki.mozilla.org/Microsummaries - - $this->element('link', array('rel' => 'microsummary', - 'href' => common_local_url('microsummary', - array('nickname' => $this->target->getNickname())))); - $rsd = common_local_url('rsd', array('nickname' => $this->target->getNickname())); diff --git a/lib/router.php b/lib/router.php index f66d928bcd..dc6af1e863 100644 --- a/lib/router.php +++ b/lib/router.php @@ -832,7 +832,7 @@ class Router foreach (array('subscriptions', 'subscribers', 'all', 'foaf', 'replies', - 'microsummary') as $a) { + ) as $a) { $m->connect($a, array('action' => $a, 'nickname' => $nickname)); From 8933022edcf4851ac8feb08aca9de4a4fbabc1df Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 22 Mar 2016 22:37:59 +0100 Subject: [PATCH 133/415] Forgot a microsummary route in the latest commit --- lib/router.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/router.php b/lib/router.php index dc6af1e863..5a51f3d7d4 100644 --- a/lib/router.php +++ b/lib/router.php @@ -944,7 +944,7 @@ class Router foreach (array('subscriptions', 'subscribers', 'nudge', 'all', 'foaf', 'replies', - 'inbox', 'outbox', 'microsummary') as $a) { + 'inbox', 'outbox') as $a) { $m->connect(':nickname/'.$a, array('action' => $a), array('nickname' => Nickname::DISPLAY_FMT)); From 250d99d997f6a34b90af943c5428eaffda3238cc Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 23 Mar 2016 15:19:50 +0100 Subject: [PATCH 134/415] Allow actions to be performed on updateWithKeys Avoids overloading and lets dataobject classes use onUpdateKeys() to do special stuff, like if a key is made up of a hash of other fields etc. --- classes/Managed_DataObject.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/classes/Managed_DataObject.php b/classes/Managed_DataObject.php index 0857bb11f6..5b22672d7b 100644 --- a/classes/Managed_DataObject.php +++ b/classes/Managed_DataObject.php @@ -483,6 +483,8 @@ abstract class Managed_DataObject extends Memcached_DataObject throw new ServerException('DataObject must be the result of a query (N>=1) before updateWithKeys()'); } + $this->onUpdateKeys($orig); + // do it in a transaction $this->query('BEGIN'); @@ -580,6 +582,11 @@ abstract class Managed_DataObject extends Memcached_DataObject // NOOP by default } + protected function onUpdateKeys(Managed_DataObject $orig) + { + // NOOP by default + } + public function insert() { $this->onInsert(); From f83b81b8c476229e1488571b641fa314180d81aa Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 23 Mar 2016 15:21:02 +0100 Subject: [PATCH 135/415] Change config webfinger/http_alias to fix/legacy_http Set $config['fix']['legacy_http'] to perform some actions that are needed if your site used to be served over http but now has upgraded to https! --- lib/default.php | 1 + plugins/WebFinger/WebFingerPlugin.php | 7 ------- plugins/WebFinger/lib/webfingerresource.php | 2 +- 3 files changed, 2 insertions(+), 8 deletions(-) diff --git a/lib/default.php b/lib/default.php index bf2d37d773..5c99d824dc 100644 --- a/lib/default.php +++ b/lib/default.php @@ -83,6 +83,7 @@ $default = 'mysql_foreign_keys' => false), // if set, enables experimental foreign key support on MySQL 'fix' => array('fancyurls' => true, // makes sure aliases in WebFinger etc. are not f'd by index.php/ URLs + 'legacy_http' => false, // set this to true if you have upgraded your site from http=>https ), 'syslog' => array('appname' => 'statusnet', # for syslog diff --git a/plugins/WebFinger/WebFingerPlugin.php b/plugins/WebFinger/WebFingerPlugin.php index d902947d93..5f686434f3 100644 --- a/plugins/WebFinger/WebFingerPlugin.php +++ b/plugins/WebFinger/WebFingerPlugin.php @@ -35,13 +35,6 @@ class WebFingerPlugin extends Plugin const OAUTH_REQUEST_TOKEN_REL = 'http://apinamespace.org/oauth/request_token'; const OAUTH_AUTHORIZE_REL = 'http://apinamespace.org/oauth/authorize'; - public $http_alias = false; - - public function initialize() - { - common_config_set('webfinger', 'http_alias', $this->http_alias); - } - public function onRouterInitialized($m) { $m->connect('.well-known/host-meta', array('action' => 'hostmeta')); diff --git a/plugins/WebFinger/lib/webfingerresource.php b/plugins/WebFinger/lib/webfingerresource.php index b7bace36d2..e4f14b13d5 100644 --- a/plugins/WebFinger/lib/webfingerresource.php +++ b/plugins/WebFinger/lib/webfingerresource.php @@ -37,7 +37,7 @@ abstract class WebFingerResource // (because remote sites look for it) verify that they are still // the same identity as they were on HTTP. Should NOT be used if // you've run HTTPS all the time! - if (common_config('webfinger', 'http_alias')) { + if (common_config('fix', 'legacy_http')) { foreach ($aliases as $alias=>$id) { if (!strtolower(parse_url($alias, PHP_URL_SCHEME)) === 'https') { continue; From 0767bf487e2bff3f071459e36e56802d5b07c416 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 23 Mar 2016 15:22:34 +0100 Subject: [PATCH 136/415] Use the new onUpdateKeys in dataobject for tasks on-update of keys sets the hashkey column of the row to sha1(topic + '|' + callback) --- plugins/OStatus/classes/HubSub.php | 29 ++++++++++++++++++----------- 1 file changed, 18 insertions(+), 11 deletions(-) diff --git a/plugins/OStatus/classes/HubSub.php b/plugins/OStatus/classes/HubSub.php index a2d6e2e51e..7b911d1d66 100644 --- a/plugins/OStatus/classes/HubSub.php +++ b/plugins/OStatus/classes/HubSub.php @@ -17,9 +17,7 @@ * along with this program. If not, see . */ -if (!defined('STATUSNET')) { - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * PuSH feed subscription record @@ -202,16 +200,25 @@ class HubSub extends Managed_DataObject } } - /** - * Insert wrapper; transparently set the hash key from topic and callback columns. - * @return mixed success - */ - function insert() + // set the hashkey automagically on insert + protected function onInsert() { - $this->hashkey = self::hashkey($this->getTopic(), $this->callback); + $this->setHashkey(); $this->created = common_sql_now(); $this->modified = common_sql_now(); - return parent::insert(); + } + + // update the hashkey automagically if needed + protected function onUpdateKeys(Managed_DataObject $orig) + { + if ($this->topic !== $orig->topic || $this->callback !== $orig->callback) { + $this->setHashkey(); + } + } + + protected function setHashkey() + { + $this->hashkey = self::hashkey($this->topic, $this->callback); } /** @@ -322,7 +329,7 @@ class HubSub extends Managed_DataObject if ($response->isOk()) { $orig = clone($this); $this->callback = $httpscallback; - $this->hashkey = self::hashkey($this->getTopic(), $this->callback); + // NOTE: hashkey will be set in $this->onUpdateKeys($orig) through updateWithKeys $this->updateWithKeys($orig); return true; } From 8c6d0759c7f10d87ab95b0a47a7ed96df49ade8d Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 23 Mar 2016 15:25:21 +0100 Subject: [PATCH 137/415] If upgraded from http to https, keep hubsub->topic up to date too (thanks hannes2peer) --- plugins/OStatus/lib/ostatusqueuehandler.php | 27 ++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/plugins/OStatus/lib/ostatusqueuehandler.php b/plugins/OStatus/lib/ostatusqueuehandler.php index 2358176ec2..15e67d2077 100644 --- a/plugins/OStatus/lib/ostatusqueuehandler.php +++ b/plugins/OStatus/lib/ostatusqueuehandler.php @@ -183,11 +183,37 @@ class OStatusQueueHandler extends QueueHandler */ function pushFeed($feed, $callback) { + // NOTE: external hub pings will not be fixed by + // our legacy_http thing! $hub = common_config('ostatus', 'hub'); if ($hub) { $this->pushFeedExternal($feed, $hub); } + // If we used to be http but now are https, see if we find an http entry for this feed URL + // and then upgrade it. This self-healing feature needs to be enabled manually in config. + // This code is based on a patch by @hannes2peer@quitter.se + if (common_config('fix', 'legacy_http') && parse_url($feed, PHP_URL_SCHEME) === 'https') { + common_log(LOG_DEBUG, 'OSTATUS: Searching for http scheme instead for HubSub feed topic: '._ve($feed)); + $http_feed = str_replace('https://', 'http://', $feed); + $sub = new HubSub(); + $sub->topic = $http_feed; + // If we find it we upgrade the rows in the hubsub table. + if ($sub->find()) { + common_log(LOG_INFO, 'OSTATUS: Found topic with http scheme for '._ve($feed).', will update the rows to use https instead!'); + // we found an http:// URL but we use https:// now + // so let's update the rows to reflect on this! + while ($sub->fetch()) { + common_debug('OSTATUS: Changing topic URL to https for feed callback '._ve($sub->callback)); + $orig = clone($sub); + $sub->topic = $feed; + // hashkey column will be set automagically in HubSub->onUpdateKeys through updateWithKeys + $sub->updateWithKeys($orig); + unset($orig); + } + } + } + $sub = new HubSub(); $sub->topic = $feed; if ($sub->find()) { @@ -197,7 +223,6 @@ class OStatusQueueHandler extends QueueHandler } else { common_log(LOG_INFO, "No PuSH subscribers for $feed"); } - return true; } /** From e32f2b0a39042556d84dd3b12bff2dd226d8cfd2 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 23 Mar 2016 17:51:13 +0100 Subject: [PATCH 138/415] Not really necessary in practice but makes better queries --- classes/Memcached_DataObject.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/classes/Memcached_DataObject.php b/classes/Memcached_DataObject.php index 41ce715210..3de7c16d9b 100644 --- a/classes/Memcached_DataObject.php +++ b/classes/Memcached_DataObject.php @@ -67,10 +67,11 @@ class Memcached_DataObject extends Safe_DataObject * @param string $cls Class to fetch * @param string $keyCol name of column for key * @param array $keyVals key values to fetch + * @param boolean $skipNulls skip provided null values * * @return array Array of objects, in order */ - static function multiGetClass($cls, $keyCol, array $keyVals) + static function multiGetClass($cls, $keyCol, array $keyVals, $skipNulls=true) { $obj = new $cls; @@ -83,6 +84,14 @@ class Memcached_DataObject extends Safe_DataObject throw new ServerException('Cannot do multiGet on anything but integer columns'); } + if ($skipNulls) { + foreach ($keyVals as $key=>$val) { + if (is_null($val)) { + unset($keyVals[$key]); + } + } + } + $obj->whereAddIn($keyCol, $keyVals, $colType); // Since we're inputting straight to a query: format and escape From 2759c3f0dba15957ad3d9307d5bc6f686bac9831 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 23 Mar 2016 17:52:02 +0100 Subject: [PATCH 139/415] Debugging output in OStatus for easier reading+greping --- plugins/OStatus/OStatusPlugin.php | 4 ++-- plugins/OStatus/lib/ostatusqueuehandler.php | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index 583ad8ef13..78ced64b5d 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -132,11 +132,11 @@ class OStatusPlugin extends Plugin if ($notice->inScope(null) && $notice->getProfile()->hasRight(Right::PUBLICNOTICE)) { // put our transport first, in case there's any conflict (like OMB) array_unshift($transports, 'ostatus'); - $this->log(LOG_INFO, "Notice {$notice->id} queued for OStatus processing"); + $this->log(LOG_INFO, "OSTATUS [{$notice->getID()}]: queued for OStatus processing"); } else { // FIXME: we don't do privacy-controlled OStatus updates yet. // once that happens, finer grain of control here. - $this->log(LOG_NOTICE, "Not queueing notice {$notice->id} for OStatus because of privacy; scope = {$notice->scope}"); + $this->log(LOG_NOTICE, "OSTATUS [{$notice->getID()}]: Not queueing because of privacy; scope = {$notice->scope}"); } return true; } diff --git a/plugins/OStatus/lib/ostatusqueuehandler.php b/plugins/OStatus/lib/ostatusqueuehandler.php index 15e67d2077..ac56e142f4 100644 --- a/plugins/OStatus/lib/ostatusqueuehandler.php +++ b/plugins/OStatus/lib/ostatusqueuehandler.php @@ -194,17 +194,17 @@ class OStatusQueueHandler extends QueueHandler // and then upgrade it. This self-healing feature needs to be enabled manually in config. // This code is based on a patch by @hannes2peer@quitter.se if (common_config('fix', 'legacy_http') && parse_url($feed, PHP_URL_SCHEME) === 'https') { - common_log(LOG_DEBUG, 'OSTATUS: Searching for http scheme instead for HubSub feed topic: '._ve($feed)); + common_log(LOG_DEBUG, "OSTATUS [{$this->notice->getID()}]: Searching for http scheme instead for HubSub feed topic: "._ve($feed)); $http_feed = str_replace('https://', 'http://', $feed); $sub = new HubSub(); $sub->topic = $http_feed; // If we find it we upgrade the rows in the hubsub table. if ($sub->find()) { - common_log(LOG_INFO, 'OSTATUS: Found topic with http scheme for '._ve($feed).', will update the rows to use https instead!'); + common_log(LOG_INFO, "OSTATUS [{$this->notice->getID()}]: Found topic with http scheme for "._ve($feed).", will update the rows to use https instead!"); // we found an http:// URL but we use https:// now // so let's update the rows to reflect on this! while ($sub->fetch()) { - common_debug('OSTATUS: Changing topic URL to https for feed callback '._ve($sub->callback)); + common_debug("OSTATUS [{$this->notice->getID()}]: Changing topic URL to https for feed callback "._ve($sub->callback)); $orig = clone($sub); $sub->topic = $feed; // hashkey column will be set automagically in HubSub->onUpdateKeys through updateWithKeys @@ -221,7 +221,7 @@ class OStatusQueueHandler extends QueueHandler $atom = call_user_func_array($callback, $args); $this->pushFeedInternal($atom, $sub); } else { - common_log(LOG_INFO, "No PuSH subscribers for $feed"); + common_log(LOG_INFO, "OSTATUS [{$this->notice->getID()}]: No PuSH subscribers for $feed"); } } From 6b4c33106004caa287a906bd399f9430b6aa756b Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 23 Mar 2016 17:53:38 +0100 Subject: [PATCH 140/415] Attachment and file handling since we could get NULL instead of File --- classes/Notice.php | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index d7fb3cb966..fe4cc80026 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -1266,14 +1266,12 @@ class Notice extends Managed_DataObject $ids[] = $f2p->file_id; } - $files = File::multiGet('id', $ids); - $this->_attachments[$this->id] = $files->fetchAll(); - return $this->_attachments[$this->id]; + return $this->_setAttachments(File::multiGet('id', $ids)->fetchAll()); } - function _setAttachments($attachments) + public function _setAttachments(array $attachments) { - $this->_attachments[$this->id] = $attachments; + return $this->_attachments[$this->id] = $attachments; } static function publicStream($offset=0, $limit=20, $since_id=null, $max_id=null) @@ -3024,6 +3022,19 @@ class Notice extends Managed_DataObject $files = array(); $f2ps = $f2pMap[$notice->id]; foreach ($f2ps as $f2p) { + if (!isset($fileMap[$f2p->file_id])) { + // We have probably deleted value from fileMap since + // it as a NULL entry (see the following elseif). + continue; + } elseif (is_null($fileMap[$f2p->file_id])) { + // If the file id lookup returned a NULL value, it doesn't + // exist in our file table! So this is a remnant file_to_post + // entry that is no longer valid and should be removed. + common_debug('ATTACHMENT deleting f2p for post_id='.$f2p->post_id.' file_id='.$f2p->file_id); + $f2p->delete(); + unset($fileMap[$f2p->file_id]); + continue; + } $files[] = $fileMap[$f2p->file_id]; } $notice->_setAttachments($files); From f522c0843869bd49298e2de034dc79db9a733d5c Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 24 Mar 2016 01:41:58 +0100 Subject: [PATCH 141/415] Stricter typing in Realtime plugin functions --- plugins/Realtime/RealtimePlugin.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/Realtime/RealtimePlugin.php b/plugins/Realtime/RealtimePlugin.php index 172e9272af..8b7767ac15 100644 --- a/plugins/Realtime/RealtimePlugin.php +++ b/plugins/Realtime/RealtimePlugin.php @@ -311,7 +311,7 @@ class RealtimePlugin extends Plugin return false; // No default processing } - function noticeAsJson($notice) + function noticeAsJson(Notice $notice) { // FIXME: this code should be abstracted to a neutral third // party, like Notice::asJson(). I'm not sure of the ethics @@ -347,7 +347,7 @@ class RealtimePlugin extends Plugin return $arr; } - function getNoticeTags($notice) + function getNoticeTags(Notice $notice) { $tags = null; From 49a91885c925905c02a32997dbb3a02e7099c55c Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 24 Mar 2016 01:54:33 +0100 Subject: [PATCH 142/415] Strictify Notice->isPublic() --- classes/Notice.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index fe4cc80026..dceaf50b0d 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -2749,10 +2749,10 @@ class Notice extends Managed_DataObject } } - function isPublic() + public function isPublic() { - return (($this->is_local != Notice::LOCAL_NONPUBLIC) && - ($this->is_local != Notice::GATEWAY)); + $is_local = intval($this->is_local); + return !($is_local === Notice::LOCAL_NONPUBLIC || $is_local === Notice::GATEWAY); } /** From be22886be87f34d7430c6aed5931aa343214ed71 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 24 Mar 2016 02:00:16 +0100 Subject: [PATCH 143/415] Catch some exceptions in Linkback --- plugins/Linkback/LinkbackPlugin.php | 55 ++++++++++++++++------------- 1 file changed, 30 insertions(+), 25 deletions(-) diff --git a/plugins/Linkback/LinkbackPlugin.php b/plugins/Linkback/LinkbackPlugin.php index 06c49b0809..5aeb4dc8f2 100644 --- a/plugins/Linkback/LinkbackPlugin.php +++ b/plugins/Linkback/LinkbackPlugin.php @@ -59,41 +59,46 @@ class LinkbackPlugin extends Plugin parent::__construct(); } - function onHandleQueuedNotice($notice) + function onHandleQueuedNotice(Notice $notice) { - if (intval($notice->is_local) === Notice::LOCAL_PUBLIC) { - // Try to avoid actually mucking with the - // notice content - $c = $notice->content; - $this->notice = $notice; + if (!$notice->isLocal() || !$notice->isPublic()) { + return true; + } - if(!$notice->getProfile()-> - getPref("linkbackplugin", "disable_linkbacks") - ) { - // Ignoring results - common_replace_urls_callback($c, - array($this, 'linkbackUrl')); - } + // Try to avoid actually mucking with the + // notice content + $c = $notice->content; + $this->notice = $notice; - if($notice->isRepeat()) { + if (!$notice->getProfile()->getPref('linkbackplugin', 'disable_linkbacks')) { + // Ignoring results + common_replace_urls_callback($c, array($this, 'linkbackUrl')); + } + + try { + if ($notice->isRepeat()) { $repeat = Notice::getByID($notice->repeat_of); $this->linkbackUrl($repeat->getUrl()); - } else if(!empty($notice->reply_to)) { - try { - $parent = $notice->getParent(); - $this->linkbackUrl($parent->getUrl()); - } catch (NoParentNoticeException $e) { - // can't link back to what we don't know (apparently parent notice disappeared from our db) - return true; - } + } elseif (!empty($notice->reply_to)) { + $parent = $notice->getParent(); + $this->linkbackUrl($parent->getUrl()); } + } catch (InvalidUrlException $e) { + // can't send linkback to notice if we don't have a remote HTTP(S) URL + // but we can still ping the attention-receivers below + } catch (NoParentNoticeException $e) { + // can't send linkback to non-existing parent URL + return true; + } - // doubling up getReplies and getAttentionProfileIDs because we're not entirely migrated yet - $replyProfiles = Profile::multiGet('id', array_unique(array_merge($notice->getReplies(), $notice->getAttentionProfileIDs()))); - foreach($replyProfiles->fetchAll('profileurl') as $profileurl) { + // doubling up getReplies and getAttentionProfileIDs because we're not entirely migrated yet + $replyProfiles = Profile::multiGet('id', array_unique(array_merge($notice->getReplies(), $notice->getAttentionProfileIDs()))); + foreach ($replyProfiles->fetchAll('profileurl') as $profileurl) { + if (common_valid_http_url($profileurl)) { $this->linkbackUrl($profileurl); } } + return true; } From 9fa18fa3669c6d15109b239f92f4166e4f1365f0 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 24 Mar 2016 02:44:11 +0100 Subject: [PATCH 144/415] HTTPClient::quickGet now supports headers as argument They should be in a numeric array, already formatted as headers, ready to go. (Header-Name: Content of the header) --- lib/httpclient.php | 32 ++++++++++++++++++-------------- 1 file changed, 18 insertions(+), 14 deletions(-) diff --git a/lib/httpclient.php b/lib/httpclient.php index ae2c7b0672..1e399bd83e 100644 --- a/lib/httpclient.php +++ b/lib/httpclient.php @@ -38,7 +38,7 @@ if (!defined('GNUSOCIAL')) { exit(1); } * * This extends the HTTP_Request2_Response class with methods to get info * about any followed redirects. - * + * * Originally used the name 'HTTPResponse' to match earlier code, but * this conflicts with a class in in the PECL HTTP extension. * @@ -119,7 +119,7 @@ class HTTPClient extends HTTP_Request2 $this->config['connect_timeout'] = common_config('http', 'connect_timeout') ?: $this->config['connect_timeout']; $this->config['max_redirs'] = 10; $this->config['follow_redirects'] = true; - + // We've had some issues with keepalive breaking with // HEAD requests, such as to youtube which seems to be // emitting chunked encoding info for an empty body @@ -151,7 +151,7 @@ class HTTPClient extends HTTP_Request2 foreach (array('host', 'port', 'user', 'password', 'auth_scheme') as $cf) { $k = 'proxy_'.$cf; - $v = common_config('http', $k); + $v = common_config('http', $k); if (!empty($v)) { $this->config[$k] = $v; } @@ -173,7 +173,7 @@ class HTTPClient extends HTTP_Request2 /** * Quick static function to GET a URL */ - public static function quickGet($url, $accept=null, $params=array()) + public static function quickGet($url, $accept=null, array $params=array(), array $headers=array()) { if (!empty($params)) { $params = http_build_query($params, null, '&'); @@ -188,7 +188,7 @@ class HTTPClient extends HTTP_Request2 if (!is_null($accept)) { $client->setHeader('Accept', $accept); } - $response = $client->get($url); + $response = $client->get($url, $headers); if (!$response->isOk()) { // TRANS: Exception. %s is the URL we tried to GET. throw new Exception(sprintf(_m('Could not GET URL %s.'), $url), $response->getStatus()); @@ -262,10 +262,16 @@ class HTTPClient extends HTTP_Request2 } /** + * @param string $url The URL including possible querystring + * @param string $method The HTTP method to use + * @param array $headers List of already formatted strings + * (not an associative array, to allow + * multiple same-named headers) + * * @return GNUsocial_HTTPResponse * @throws HTTP_Request2_Exception */ - protected function doRequest($url, $method, $headers) + protected function doRequest($url, $method, array $headers=array()) { $this->setUrl($url); @@ -278,10 +284,8 @@ class HTTPClient extends HTTP_Request2 } $this->setMethod($method); - if ($headers) { - foreach ($headers as $header) { - $this->setHeader($header); - } + foreach ($headers as $header) { + $this->setHeader($header); } $response = $this->send(); if (is_null($response)) { @@ -290,7 +294,7 @@ class HTTPClient extends HTTP_Request2 } return $response; } - + protected function log($level, $detail) { $method = $this->getMethod(); $url = $this->getUrl(); @@ -334,8 +338,8 @@ class HTTPClient extends HTTP_Request2 throw $e; } $code = $response->getStatus(); - $effectiveUrl = $response->getEffectiveUrl(); - $redirUrls[] = $effectiveUrl; + $effectiveUrl = $response->getEffectiveUrl(); + $redirUrls[] = $effectiveUrl; $response->redirUrls = $redirUrls; if ($code >= 200 && $code < 300) { $reason = $response->getReasonPhrase(); @@ -343,7 +347,7 @@ class HTTPClient extends HTTP_Request2 } elseif ($code >= 300 && $code < 400) { $url = $this->getUrl(); $target = $response->getHeader('Location'); - + if (++$redirs >= $maxRedirs) { common_log(LOG_ERR, __CLASS__ . ": Too many redirects: skipping $code redirect from $url to $target"); break; From 4d382a59d0da0b60c402ceb7b56c0207c1041bf2 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 24 Mar 2016 03:01:18 +0100 Subject: [PATCH 145/415] Use HTTPClient instead of Yadis HTTPFetcher in Linkback plugin --- plugins/Linkback/LinkbackPlugin.php | 92 ++++++++++++++--------------- 1 file changed, 45 insertions(+), 47 deletions(-) diff --git a/plugins/Linkback/LinkbackPlugin.php b/plugins/Linkback/LinkbackPlugin.php index 5aeb4dc8f2..701ca06fc5 100644 --- a/plugins/Linkback/LinkbackPlugin.php +++ b/plugins/Linkback/LinkbackPlugin.php @@ -31,7 +31,6 @@ if (!defined('STATUSNET')) { exit(1); } -require_once('Auth/Yadis/Yadis.php'); require_once(__DIR__ . '/lib/util.php'); define('LINKBACKPLUGIN_VERSION', '0.1'); @@ -114,34 +113,36 @@ class LinkbackPlugin extends Plugin } // XXX: Do a HEAD first to save some time/bandwidth + try { + $httpclient = new HTTPClient(); + $response = $httpclient->get($url, ["User-Agent: {$this->userAgent()}", + "Accept: application/html+xml,text/html"]); - $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); - - $result = $fetcher->get($url, - array('User-Agent: ' . $this->userAgent(), - 'Accept: application/html+xml,text/html')); - - if (!in_array($result->status, array('200', '206'))) { + if (!in_array($response->getStatus(), array(200, 206))) { + throw new Exception('Invalid response code for GET request'); + } + } catch (Exception $e) { + // something didn't work out in our GET request return $orig; } // XXX: Should handle relative-URI resolution in these detections - $wm = $this->getWebmention($result); + $wm = $this->getWebmention($response); if(!empty($wm)) { // It is the webmention receiver's job to resolve source // Ref: https://github.com/converspace/webmention/issues/43 $this->webmention($url, $wm); } else { - $pb = $this->getPingback($result); + $pb = $this->getPingback($response); if (!empty($pb)) { // Pingback still looks for exact URL in our source, so we // must send what we have $this->pingback($url, $pb); } else { - $tb = $this->getTrackback($result); + $tb = $this->getTrackback($response); if (!empty($tb)) { - $this->trackback($result->final_url, $tb); + $this->trackback($response->getEffectiveUrl(), $tb); } } } @@ -151,22 +152,23 @@ class LinkbackPlugin extends Plugin // Based on https://github.com/indieweb/mention-client-php // which is licensed Apache 2.0 - function getWebmention($result) { - if (isset($result->headers['Link'])) { - // XXX: the fetcher only gives back one of each header, so this may fail on multiple Link headers - if(preg_match('~<((?:https?://)?[^>]+)>; rel="webmention"~', $result->headers['Link'], $match)) { + function getWebmention(HTTP_Request2_Response $response) { + $link = $response->getHeader('Link'); + if (!is_null($link)) { + // XXX: the fetcher gives back a comma-separated string of all Link headers, I hope the parsing works reliably + if (preg_match('~<((?:https?://)?[^>]+)>; rel="webmention"~', $link, $match)) { return $match[1]; - } elseif(preg_match('~<((?:https?://)?[^>]+)>; rel="http://webmention.org/?"~', $result->headers['Link'], $match)) { + } elseif (preg_match('~<((?:https?://)?[^>]+)>; rel="http://webmention.org/?"~', $link, $match)) { return $match[1]; } } // FIXME: Do proper DOM traversal - if(preg_match('/<(?:link|a)[ ]+href="([^"]+)"[ ]+rel="[^" ]* ?webmention ?[^" ]*"[ ]*\/?>/i', $result->body, $match) - || preg_match('/<(?:link|a)[ ]+rel="[^" ]* ?webmention ?[^" ]*"[ ]+href="([^"]+)"[ ]*\/?>/i', $result->body, $match)) { + if(preg_match('/<(?:link|a)[ ]+href="([^"]+)"[ ]+rel="[^" ]* ?webmention ?[^" ]*"[ ]*\/?>/i', $response->getBody(), $match) + || preg_match('/<(?:link|a)[ ]+rel="[^" ]* ?webmention ?[^" ]*"[ ]+href="([^"]+)"[ ]*\/?>/i', $response->getBody(), $match)) { return $match[1]; - } elseif(preg_match('/<(?:link|a)[ ]+href="([^"]+)"[ ]+rel="http:\/\/webmention\.org\/?"[ ]*\/?>/i', $result->body, $match) - || preg_match('/<(?:link|a)[ ]+rel="http:\/\/webmention\.org\/?"[ ]+href="([^"]+)"[ ]*\/?>/i', $result->body, $match)) { + } elseif (preg_match('/<(?:link|a)[ ]+href="([^"]+)"[ ]+rel="http:\/\/webmention\.org\/?"[ ]*\/?>/i', $response->getBody(), $match) + || preg_match('/<(?:link|a)[ ]+rel="http:\/\/webmention\.org\/?"[ ]+href="([^"]+)"[ ]*\/?>/i', $response->getBody(), $match)) { return $match[1]; } } @@ -198,11 +200,11 @@ class LinkbackPlugin extends Plugin } } - function getPingback($result) { - if (array_key_exists('X-Pingback', $result->headers)) { - return $result->headers['X-Pingback']; - } else if(preg_match('/<(?:link|a)[ ]+href="([^"]+)"[ ]+rel="[^" ]* ?pingback ?[^" ]*"[ ]*\/?>/i', $result->body, $match) - || preg_match('/<(?:link|a)[ ]+rel="[^" ]* ?pingback ?[^" ]*"[ ]+href="([^"]+)"[ ]*\/?>/i', $result->body, $match)) { + function getPingback(HTTP_Request2_Response $response) { + if ($response->getHeader('X-Pingback')) { + return $response->getHeader('X-Pingback'); + } elseif (preg_match('/<(?:link|a)[ ]+href="([^"]+)"[ ]+rel="[^" ]* ?pingback ?[^" ]*"[ ]*\/?>/i', $response->getBody(), $match) + || preg_match('/<(?:link|a)[ ]+rel="[^" ]* ?pingback ?[^" ]*"[ ]+href="([^"]+)"[ ]*\/?>/i', $response->getBody(), $match)) { return $match[1]; } } @@ -242,10 +244,10 @@ class LinkbackPlugin extends Plugin // Largely cadged from trackback_cls.php by // Ran Aroussi , GPL2 or any later version // http://phptrackback.sourceforge.net/ - function getTrackback($result) + function getTrackback(HTTP_Request2_Response $response) { - $text = $result->body; - $url = $result->final_url; + $text = $response->getBody(); + $url = $response->getEffectiveUrl(); if (preg_match_all('/()/sm', $text, $match, PREG_SET_ORDER)) { for ($i = 0; $i < count($match); $i++) { @@ -296,26 +298,22 @@ class LinkbackPlugin extends Plugin // TRANS: Trackback title. // TRANS: %1$s is a profile nickname, %2$s is a timestamp. $args = array('title' => sprintf(_m('%1$s\'s status on %2$s'), - $profile->nickname, - common_exact_date($this->notice->created)), - 'excerpt' => $this->notice->content, + $profile->getNickname(), + common_exact_date($this->notice->getCreated())), + 'excerpt' => $this->notice->getContent(), 'url' => $this->notice->getUrl(), - 'blog_name' => $profile->nickname); + 'blog_name' => $profile->getNickname()); - $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); - - $result = $fetcher->post($endpoint, - http_build_query($args), - array('User-Agent: ' . $this->userAgent())); - - if ($result->status != '200') { - common_log(LOG_WARNING, - "Trackback error for '$url' ($endpoint): ". - "$result->body"); - } else { - common_log(LOG_INFO, - "Trackback success for '$url' ($endpoint): ". - "'$result->body'"); + try { + $httpclient = new HTTPClient(null, HTTPClient::METHOD_POST); + $response = $httpclient->post($endpoint, ["User-Agent: {$this->userAgent()}"], $args); + if ($response->getStatus() === 200) { + common_log(LOG_INFO, "Trackback success for '$url' ($endpoint): "._ve($response->getBody())); + } else { + common_log(LOG_WARNING, "Trackback error for '$url' ($endpoint): "._ve($response->getBody())); + } + } catch (Exception $e) { + common_log(LOG_INFO, "Trackback error for '$url' ($endpoint): "._ve($e->getMessage())); } } From 4790db348d3c377d5e5247b34204257025f7f690 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 27 Mar 2016 14:00:05 +0200 Subject: [PATCH 146/415] FetchRemoteNotice event call in Notice (not effective yet) --- classes/Notice.php | 33 ++++++++++++++++++++++++++++----- 1 file changed, 28 insertions(+), 5 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index dceaf50b0d..256eb61663 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -839,7 +839,7 @@ class Notice extends Managed_DataObject } } - $stored->profile_id = $actor->id; + $stored->profile_id = $actor->getID(); $stored->source = $source; $stored->uri = $uri; $stored->url = $url; @@ -857,6 +857,7 @@ class Notice extends Managed_DataObject // TRANS: Error message when the plain text content of a notice has zero length. throw new ClientException(_('Empty notice content, will not save this.')); } + unset($content); // garbage collect // Maybe a missing act-time should be fatal if the actor is not local? if (!empty($act->time)) { @@ -865,13 +866,31 @@ class Notice extends Managed_DataObject $stored->created = common_sql_now(); } - $reply = null; + $reply = null; // this will store the in-reply-to Notice if found + $replyUris = []; // this keeps a list of possible URIs to look up if ($act->context instanceof ActivityContext && !empty($act->context->replyToID)) { - $reply = self::getKV('uri', $act->context->replyToID); + $replyUris[] = $act->context->replyToID; } - if (!$reply instanceof Notice && $act->target instanceof ActivityObject) { - $reply = self::getKV('uri', $act->target->id); + if ($act->target instanceof ActivityObject && !empty($act->target->id)) { + $replyUris[] = $act->target->id; } + foreach (array_unique($replyUris) as $replyUri) { + $reply = self::getKV('uri', $replyUri); + // Only do remote fetching if we're not a private site + if (!common_config('site', 'private') && !$reply instanceof Notice) { + // the URI is the object we're looking for, $actor is a + // Profile that surely knows of it and &$reply where it + // will be stored when fetched + Event::handle('FetchRemoteNotice', array($replyUri, $actor, &$reply)); + } + // we got what we're in-reply-to now, so let's move on + if ($reply instanceof Notice) { + break; + } + // otherwise reset whatever we might've gotten from the event + $reply = null; + } + unset($replyUris); // garbage collect if ($reply instanceof Notice) { if (!$reply->inScope($actor)) { @@ -915,6 +934,7 @@ class Notice extends Managed_DataObject unset($conv); } } + unset($reply); // garbage collect // If it's not part of a conversation, it's the beginning of a new conversation. if (empty($stored->conversation)) { @@ -985,6 +1005,7 @@ class Notice extends Managed_DataObject if (empty($object)) { throw new NoticeSaveException('Unsuccessful call to StoreActivityObject '._ve($stored->getUri()) . ': '._ve($act->asString())); } + unset($object); // If something changed in the Notice during StoreActivityObject $stored->update($orig); @@ -998,6 +1019,8 @@ class Notice extends Managed_DataObject throw $e; } } + unset($notloc); // garbage collect + if (!$stored instanceof Notice) { throw new ServerException('StartNoticeSave did not give back a Notice.'); } elseif (empty($stored->id)) { From 7be46410409d7c30b0a3bd5eb6d9492298726c92 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 27 Mar 2016 14:54:14 +0200 Subject: [PATCH 147/415] Actually return an Ostatus_profile --- plugins/OStatus/classes/Ostatus_profile.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/plugins/OStatus/classes/Ostatus_profile.php b/plugins/OStatus/classes/Ostatus_profile.php index 2b1ab8ddd9..5673d51457 100644 --- a/plugins/OStatus/classes/Ostatus_profile.php +++ b/plugins/OStatus/classes/Ostatus_profile.php @@ -80,12 +80,13 @@ class Ostatus_profile extends Managed_DataObject return $this->uri; } - public function fromProfile(Profile $profile) + static function fromProfile(Profile $profile) { - $oprofile = Ostatus_profile::getKV('profile_id', $profile->id); + $oprofile = Ostatus_profile::getKV('profile_id', $profile->getID()); if (!$oprofile instanceof Ostatus_profile) { - throw new Exception('No Ostatus_profile for Profile ID: '.$profile->id); + throw new Exception('No Ostatus_profile for Profile ID: '.$profile->getID()); } + return $oprofile; } /** From 2d0153195e59facc8890f50b0547528bf021b161 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 27 Mar 2016 14:56:27 +0200 Subject: [PATCH 148/415] Output proper remote info on WebFinger notice resources --- plugins/OStatus/OStatusPlugin.php | 21 +++++++++++++++---- .../lib/webfingerresource/notice.php | 14 +++++++++++-- 2 files changed, 29 insertions(+), 6 deletions(-) diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index 78ced64b5d..72f246d68f 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -1307,10 +1307,23 @@ class OStatusPlugin extends Plugin function onEndWebFingerNoticeLinks(XML_XRD $xrd, Notice $target) { - $author = $target->getProfile(); - $profiletype = $this->profileTypeString($author); - $salmon_url = common_local_url("{$profiletype}salmon", array('id' => $author->id)); - $xrd->links[] = new XML_XRD_Element_Link(Salmon::REL_SALMON, $salmon_url); + $salmon_url = null; + $actor = $target->getProfile(); + if ($actor->isLocal()) { + $profiletype = $this->profileTypeString($actor); + $salmon_url = common_local_url("{$profiletype}salmon", array('id' => $actor->getID())); + } else { + try { + $oprofile = Ostatus_profile::fromProfile($actor); + $salmon_url = $oprofile->salmonuri; + } catch (Exception $e) { + // Even though it's not a local user, we couldn't get an Ostatus_profile?! + } + } + // Ostatus_profile salmon URL may be empty + if (!empty($salmon_url)) { + $xrd->links[] = new XML_XRD_Element_Link(Salmon::REL_SALMON, $salmon_url); + } return true; } diff --git a/plugins/WebFinger/lib/webfingerresource/notice.php b/plugins/WebFinger/lib/webfingerresource/notice.php index b967bd9e1c..295a856f36 100644 --- a/plugins/WebFinger/lib/webfingerresource/notice.php +++ b/plugins/WebFinger/lib/webfingerresource/notice.php @@ -20,17 +20,27 @@ class WebFingerResource_Notice extends WebFingerResource public function updateXRD(XML_XRD $xrd) { if (Event::handle('StartWebFingerNoticeLinks', array($xrd, $this->object))) { - $xrd->links[] = new XML_XRD_Element_Link('alternate', + if ($this->object->isLocal()) { + $xrd->links[] = new XML_XRD_Element_Link('alternate', common_local_url('ApiStatusesShow', array('id'=>$this->object->id, 'format'=>'atom')), 'application/atom+xml'); - $xrd->links[] = new XML_XRD_Element_Link('alternate', + $xrd->links[] = new XML_XRD_Element_Link('alternate', common_local_url('ApiStatusesShow', array('id'=>$this->object->id, 'format'=>'json')), 'application/json'); + } else { + try { + $xrd->links[] = new XML_XRD_Element_Link('alternate', + $this->object->getUrl(), + 'text/html'); + } catch (InvalidUrlException $e) { + // don't do a fallback in webfinger + } + } Event::handle('EndWebFingerNoticeLinks', array($xrd, $this->object)); } } From 97d177f42ab1e02eebb0d2ea436f09438ffc1128 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 27 Mar 2016 15:01:08 +0200 Subject: [PATCH 149/415] Matching inherited function definition --- actions/selftag.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/actions/selftag.php b/actions/selftag.php index b886c3d9f7..2df1a29253 100644 --- a/actions/selftag.php +++ b/actions/selftag.php @@ -158,9 +158,9 @@ class SelftagAction extends Action class SelfTagProfileList extends ProfileList { - function newListItem($profile) + function newListItem(Profile $target) { - return new SelfTagProfileListItem($profile, $this->action); + return new SelfTagProfileListItem($target, $this->action); } } From 327b8c863e84387ee9dde7bc497defd64ad3e9fe Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 27 Mar 2016 15:01:44 +0200 Subject: [PATCH 150/415] Initial (not yet working) fetch remote plugin --- plugins/FetchRemote/FetchRemotePlugin.php | 119 ++++++++++++++++++++++ 1 file changed, 119 insertions(+) create mode 100644 plugins/FetchRemote/FetchRemotePlugin.php diff --git a/plugins/FetchRemote/FetchRemotePlugin.php b/plugins/FetchRemote/FetchRemotePlugin.php new file mode 100644 index 0000000000..40d7550c58 --- /dev/null +++ b/plugins/FetchRemote/FetchRemotePlugin.php @@ -0,0 +1,119 @@ +. + */ + +/** + * Uses WebFinger to implement remote notice retrieval for GNU social. + * + * Depends on: WebFinger plugin + * + * @package GNUsocial + * @author Mikael Nordfeldth + */ + +if (!defined('GNUSOCIAL')) { exit(1); } + +class FetchRemotePlugin extends Plugin +{ + static function fetchNoticeFromUrl($url) + { + if (!common_valid_http_url($url)) { + throw new InvalidUrlException($url); + } + $host = parse_url($url, PHP_URL_HOST); + + // TODO: try to fetch directly, either by requesting Atom or + // Link headers/ elements with rel=alternate and compare + // the remote domain name with the notice URL's. + + if (!$stored instanceof Notice) { + common_log(LOG_INFO, 'Could not fetch remote notice from URL: '._ve($url)); + throw new ServerException('Could not fetch remote notice.'); + } + return $stored; + } + + public function onFetchRemoteNoticeWithSource($uri, Profile $source, &$stored) + { + if (common_valid_http_url($uri) && !Event::handle('FetchRemoteNoticeFromUrl', array($url, &$stored))) { + // Woopi, we got it straight from a URL-formatted URI! + return false; + } + + // Let's assume we can only do this over HTTPS and a proper + // WebFinger (RFC7033) endpoint on /.well-known/webfinger + try { + $source_url = parse_url($source->getUrl()); + } catch (InvalidUrlException $e) { + return true; + } + if ($source_url['scheme'] !== 'https') { + common_debug('Will not try to fetch remote notice from non-HTTPS capable profile source'); + return true; + } + + try { + $port = isset($source_url['port']) ? ":{$source_url['port']}" : ''; + $rfc7033 = "https://{$source_url['host']}{$port}/.well-known/webfinger"; + $params = ['resource' => $uri]; + common_debug(__METHOD__ . ": getting json data about notice from: {$rfc7033}?resource=$uri"); + $json = HTTPClient::quickGetJson($rfc7033, $params); + } catch (Exception $e) { + // NOPE NOPE NOPE NOPE + // couldn't get remote data about this notice's URI + // FIXME: try later? + return true; + } + + if (!isset($json->aliases)) { + // FIXME: malformed json for our current use, but maybe we could find rel="alternate" type="text/html"? + return true; + } + + common_debug(__METHOD__ . ": Found these aliases: "._ve($json->aliases)); + foreach ($json->aliases as $alias) { + try { + $stored = self::fetchNoticeFromUrl($url); + if ($stored instanceof Notice) { + // we're done here! all good, let's get back to business + return false; + } + } catch (InvalidUrlException $e) { + /// mmmmye, aliases might not always be HTTP(S) URLs. + } catch (Exception $e) { + // oh well, try the next one and see if it works better. + common_debug(__METHOD__ . ": {$e->getMessage()}"); + } + } + + // Nothing found, return true to continue processing the event + return true; + } + + public function onPluginVersion(array &$versions) + { + $versions[] = array('name' => 'FetchRemote', + 'version' => GNUSOCIAL_VERSION, + 'author' => 'Mikael Nordfeldth', + 'homepage' => 'http://www.gnu.org/software/social/', + // TRANS: Plugin description. + 'rawdescription' => _m('Retrieves remote notices (and serves local) via WebFinger')); + + return true; + } +} From 97f7e6632d895fa30afd03d75b505c44fa9bb505 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 27 Mar 2016 16:21:43 +0200 Subject: [PATCH 151/415] Embed attachments marked up as microformats2 (I think rather properly) --- plugins/Oembed/OembedPlugin.php | 14 +++++++------- plugins/Oembed/css/oembed.css | 9 +++++---- 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/plugins/Oembed/OembedPlugin.php b/plugins/Oembed/OembedPlugin.php index 56ce3cf098..6950fb0a9a 100644 --- a/plugins/Oembed/OembedPlugin.php +++ b/plugins/Oembed/OembedPlugin.php @@ -243,24 +243,24 @@ class OembedPlugin extends Plugin return true; } - $out->elementStart('article', ['class'=>'oembed-item']); + $out->elementStart('article', ['class'=>'h-entry oembed']); $out->elementStart('header'); try { $thumb = $file->getThumbnail(128, 128); - $out->element('img', $thumb->getHtmlAttrs(['class'=>'oembed-thumb'])); + $out->element('img', $thumb->getHtmlAttrs(['class'=>'u-photo oembed'])); unset($thumb); } catch (Exception $e) { $out->element('div', ['class'=>'error'], $e->getMessage()); } - $out->elementStart('h5', ['class'=>'oembed-title']); - $out->element('a', ['href'=>$file->getUrl()], common_strip_html($oembed->title)); + $out->elementStart('h5', ['class'=>'p-name oembed']); + $out->element('a', ['class'=>'u-url', 'href'=>$file->getUrl()], common_strip_html($oembed->title)); $out->elementEnd('h5'); - $out->elementStart('div', ['class'=>'oembed-source']); + $out->elementStart('div', ['class'=>'p-author oembed']); if (!empty($oembed->author_name)) { // TRANS: text before the author name of oEmbed attachment representation // FIXME: The whole "By x from y" should be i18n because of different language constructions. $out->text(_('By ')); - $attrs = ['class'=>'h-card']; + $attrs = ['class'=>'h-card p-author']; if (!empty($oembed->author_url)) { $attrs['href'] = $oembed->author_url; $tag = 'a'; @@ -284,7 +284,7 @@ class OembedPlugin extends Plugin } $out->elementEnd('div'); $out->elementEnd('header'); - $out->elementStart('div', ['class'=>'oembed-html']); + $out->elementStart('div', ['class'=>'p-summary oembed']); $out->raw(common_purify($oembed->html)); $out->elementEnd('div'); $out->elementStart('footer'); diff --git a/plugins/Oembed/css/oembed.css b/plugins/Oembed/css/oembed.css index ad7b3fb9b0..68227e5dab 100644 --- a/plugins/Oembed/css/oembed.css +++ b/plugins/Oembed/css/oembed.css @@ -1,15 +1,16 @@ -.oembed-thumb { +.u-photo.oembed { float: left; margin-bottom: 1ex; margin-right: 1em; padding-bottom: 1ex; } -.oembed-source { +.p-author.oembed { font-style: italic; } -.oembed-html { - max-height: 100px; +.p-summary.oembed { + line-height: 1.25em; + max-height: 5em; overflow: auto; } From f134a423f6a9e7bb61d069c4d6281c05417bbd45 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 27 Mar 2016 16:36:45 +0200 Subject: [PATCH 152/415] rename config option site/logdebug to log/debugtrace --- index.php | 4 ++-- lib/default.php | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/index.php b/index.php index eef894effc..d96f2396e4 100644 --- a/index.php +++ b/index.php @@ -94,7 +94,7 @@ function handleError($error) } $logmsg = "Exception thrown: " . _ve($error->getMessage()); - if ($error instanceof PEAR_Exception && common_config('site', 'logdebug')) { + if ($error instanceof PEAR_Exception && common_config('log', 'debugtrace')) { $logmsg .= " PEAR: ". $error->toText(); } // DB queries often end up with a lot of newlines; merge to a single line @@ -103,7 +103,7 @@ function handleError($error) common_log(LOG_ERR, $logmsg); // @fixme backtrace output should be consistent with exception handling - if (common_config('site', 'logdebug')) { + if (common_config('log', 'debugtrace')) { $bt = $error->getTrace(); foreach ($bt as $n => $line) { common_log(LOG_ERR, formatBacktraceLine($n, $line)); diff --git a/lib/default.php b/lib/default.php index 5c99d824dc..12e194f549 100644 --- a/lib/default.php +++ b/lib/default.php @@ -38,7 +38,6 @@ $default = 'logfile' => null, 'logo' => null, 'ssllogo' => null, - 'logdebug' => false, 'logperf' => false, // Enable to dump performance counters to syslog 'logperf_detail' => false, // Enable to dump every counter hit 'fancy' => false, @@ -85,6 +84,9 @@ $default = array('fancyurls' => true, // makes sure aliases in WebFinger etc. are not f'd by index.php/ URLs 'legacy_http' => false, // set this to true if you have upgraded your site from http=>https ), + 'log' => [ + 'debugtrace' => false, // index.php handleError function, whether to include exception backtrace in log + ], 'syslog' => array('appname' => 'statusnet', # for syslog 'priority' => 'debug', # XXX: currently ignored From 2e327dfcd7ea079dbd0855ce0f53e51197cc1f6b Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 28 Mar 2016 11:33:52 +0200 Subject: [PATCH 153/415] Probably fixes issue with looping XMPP queue items --- plugins/Xmpp/XmppPlugin.php | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/plugins/Xmpp/XmppPlugin.php b/plugins/Xmpp/XmppPlugin.php index f8476cd8f2..da20504329 100644 --- a/plugins/Xmpp/XmppPlugin.php +++ b/plugins/Xmpp/XmppPlugin.php @@ -315,9 +315,13 @@ class XmppPlugin extends ImPlugin function sendNotice($screenname, Notice $notice) { - $msg = $this->formatNotice($notice); - $entry = $this->format_entry($notice); - + try { + $msg = $this->formatNotice($notice); + $entry = $this->format_entry($notice); + } catch (Exception $e) { + common_log(LOG_ERR, __METHOD__ . ": Discarding outgoing stanza because of exception: {$e->getMessage()}"); + return false; // return value of sendNotice is never actually used as of now + } $this->queuedConnection()->message($screenname, $msg, 'chat', null, $entry); return true; } From a93c69d150612cb30a86f0a21303ab828a675eab Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 28 Mar 2016 15:42:41 +0200 Subject: [PATCH 154/415] OStatus update profile data script fixes --- .../OStatus/scripts/update-profile-data.php | 32 ++++++++----------- 1 file changed, 14 insertions(+), 18 deletions(-) diff --git a/plugins/OStatus/scripts/update-profile-data.php b/plugins/OStatus/scripts/update-profile-data.php index 97d44e3842..e713ee36fe 100755 --- a/plugins/OStatus/scripts/update-profile-data.php +++ b/plugins/OStatus/scripts/update-profile-data.php @@ -44,30 +44,19 @@ function showProfileInfo(Ostatus_profile $oprofile) { echo "group\n"; } else { $profile = $oprofile->localProfile(); - try { - foreach (array('nickname', 'fullname', 'bio', 'homepage', 'location') as $field) { - print " $field: {$profile->$field}\n"; - } - } catch (NoProfileException $e) { - print "local profile not found"; + foreach (array('nickname', 'fullname', 'bio', 'homepage', 'location') as $field) { + print " $field: {$profile->$field}\n"; } } echo "\n"; } -function fixProfile($uri) { - $oprofile = Ostatus_profile::getKV('uri', $uri); - - if (!$oprofile) { - print "No OStatus remote profile known for URI $uri\n"; - return false; - } - +function fixProfile(Ostatus_profile $oprofile) { echo "Before:\n"; showProfileInfo($oprofile); $feedurl = $oprofile->feeduri; - $client = new HttpClient(); + $client = new HTTPClient(); $response = $client->get($feedurl); if ($response->isOk()) { echo "Updating profile from feed: $feedurl\n"; @@ -106,7 +95,7 @@ if (have_option('all')) { echo "Found $oprofile->N profiles:\n\n"; while ($oprofile->fetch()) { try { - $ok = fixProfile($oprofile->uri) && $ok; + $ok = fixProfile($oprofile) && $ok; } catch (Exception $e) { $ok = false; echo "Failed on URI=="._ve($oprofile->uri).": {$e->getMessage()}\n"; @@ -120,7 +109,7 @@ if (have_option('all')) { echo "Found $oprofile->N matching profiles:\n\n"; while ($oprofile->fetch()) { try { - $ok = fixProfile($oprofile->uri) && $ok; + $ok = fixProfile($oprofile) && $ok; } catch (Exception $e) { $ok = false; echo "Failed on URI=="._ve($oprofile->uri).": {$e->getMessage()}\n"; @@ -128,8 +117,15 @@ if (have_option('all')) { } } else if (!empty($args[0]) && $validate->uri($args[0])) { $uri = $args[0]; + $oprofile = Ostatus_profile::getKV('uri', $uri); + + if (!$oprofile instanceof Ostatus_profile) { + print "No OStatus remote profile known for URI $uri\n"; + return false; + } + try { - $ok = fixProfile($oprofile->uri) && $ok; + $ok = fixProfile($oprofile) && $ok; } catch (Exception $e) { $ok = false; echo "Failed on URI=="._ve($oprofile->uri).": {$e->getMessage()}\n"; From 7bef2ad4ccb10a319dde1e62460d34f7ebf3242c Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 28 Mar 2016 16:19:47 +0200 Subject: [PATCH 155/415] Update Profile Data script fixes, might work for groups too now --- lib/activityutils.php | 2 +- plugins/OStatus/classes/Ostatus_profile.php | 6 ++++++ plugins/OStatus/scripts/update-profile-data.php | 15 ++++++++------- 3 files changed, 15 insertions(+), 8 deletions(-) diff --git a/lib/activityutils.php b/lib/activityutils.php index b86dd65909..dcccbb8d87 100644 --- a/lib/activityutils.php +++ b/lib/activityutils.php @@ -301,7 +301,7 @@ class ActivityUtils return false; } - static function getFeedAuthor($feedEl) + static function getFeedAuthor(DOMDocument $feedEl) { // Try old and deprecated activity:subject diff --git a/plugins/OStatus/classes/Ostatus_profile.php b/plugins/OStatus/classes/Ostatus_profile.php index 5673d51457..e8ac16fb1d 100644 --- a/plugins/OStatus/classes/Ostatus_profile.php +++ b/plugins/OStatus/classes/Ostatus_profile.php @@ -1281,6 +1281,12 @@ class Ostatus_profile extends Managed_DataObject */ public function updateFromActivityObject(ActivityObject $object, array $hints=array()) { + if (self::getActivityObjectProfileURI($actorObj) !== $this->getUri()) { + common_log(LOG_ERR, 'Trying to update profile with URI '._ve($this->getUri()).' from ActivityObject with URI: '._ve(self::getActivityObjectProfileURI($actorObj))); + // FIXME: Maybe not AuthorizationException? + throw new AuthorizationException('Trying to update profile from ActivityObject with different URI.'); + } + if ($this->isGroup()) { $group = $this->localGroup(); self::updateGroup($group, $object, $hints); diff --git a/plugins/OStatus/scripts/update-profile-data.php b/plugins/OStatus/scripts/update-profile-data.php index e713ee36fe..5b3e00e9fc 100755 --- a/plugins/OStatus/scripts/update-profile-data.php +++ b/plugins/OStatus/scripts/update-profile-data.php @@ -62,15 +62,16 @@ function fixProfile(Ostatus_profile $oprofile) { echo "Updating profile from feed: $feedurl\n"; $dom = new DOMDocument(); if ($dom->loadXML($response->getBody())) { - $feed = $dom->documentElement; - $entries = $dom->getElementsByTagNameNS(Activity::ATOM, 'entry'); - if ($entries->length) { - $entry = $entries->item(0); - $activity = new Activity($entry, $feed); - $oprofile->checkAuthorship($activity); + if ($dom->documentElement->tagName !== 'feed') { + echo " (no element in feed URL response; skipping)\n"; + return false; + } + $actorObj = ActivityUtils::getFeedAuthor($dom->documentElement); + if ($actorObj) { + $oprofile->updateFromActivityObject($actorObj); echo " (ok)\n"; } else { - echo " (no entry; skipping)\n"; + echo " (no author on feed; skipping)\n"; return false; } } else { From 88e2f739a94f14286dde6efe004289124426cd69 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 28 Mar 2016 16:23:15 +0200 Subject: [PATCH 156/415] DOMElement not DOMDocument --- lib/activityutils.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/activityutils.php b/lib/activityutils.php index dcccbb8d87..4f31648ead 100644 --- a/lib/activityutils.php +++ b/lib/activityutils.php @@ -301,7 +301,7 @@ class ActivityUtils return false; } - static function getFeedAuthor(DOMDocument $feedEl) + static function getFeedAuthor(DOMElement $feedEl) { // Try old and deprecated activity:subject From 16517f019a1b8db25d5b0fea7502b9ce09d404ae Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 28 Mar 2016 16:25:29 +0200 Subject: [PATCH 157/415] Embarrasing copy-paste gone too fast --- plugins/OStatus/classes/Ostatus_profile.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/OStatus/classes/Ostatus_profile.php b/plugins/OStatus/classes/Ostatus_profile.php index e8ac16fb1d..c370462685 100644 --- a/plugins/OStatus/classes/Ostatus_profile.php +++ b/plugins/OStatus/classes/Ostatus_profile.php @@ -1281,8 +1281,8 @@ class Ostatus_profile extends Managed_DataObject */ public function updateFromActivityObject(ActivityObject $object, array $hints=array()) { - if (self::getActivityObjectProfileURI($actorObj) !== $this->getUri()) { - common_log(LOG_ERR, 'Trying to update profile with URI '._ve($this->getUri()).' from ActivityObject with URI: '._ve(self::getActivityObjectProfileURI($actorObj))); + if (self::getActivityObjectProfileURI($object) !== $this->getUri()) { + common_log(LOG_ERR, 'Trying to update profile with URI '._ve($this->getUri()).' from ActivityObject with URI: '._ve(self::getActivityObjectProfileURI($object))); // FIXME: Maybe not AuthorizationException? throw new AuthorizationException('Trying to update profile from ActivityObject with different URI.'); } From d4041a4a1fe610d0466f7af6f14177348754d430 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 28 Mar 2016 16:41:29 +0200 Subject: [PATCH 158/415] a little bit more explicit logging --- plugins/OStatus/classes/Ostatus_profile.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/OStatus/classes/Ostatus_profile.php b/plugins/OStatus/classes/Ostatus_profile.php index c370462685..d84611ec16 100644 --- a/plugins/OStatus/classes/Ostatus_profile.php +++ b/plugins/OStatus/classes/Ostatus_profile.php @@ -1302,8 +1302,8 @@ class Ostatus_profile extends Managed_DataObject if ($avatar && !isset($ptag)) { try { $this->updateAvatar($avatar); - } catch (Exception $ex) { - common_log(LOG_WARNING, "Exception updating OStatus profile avatar: " . $ex->getMessage()); + } catch (Exception $e) { + common_log(LOG_WARNING, 'Exception ('.get_class($e).') updating OStatus profile avatar: ' . $e->getMessage()); } } } From 23bb45b845025c3715bd291798601657b97a29eb Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 29 Mar 2016 12:13:23 +0200 Subject: [PATCH 159/415] Upgrade info from Bookmark plugin --- plugins/Bookmark/BookmarkPlugin.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/plugins/Bookmark/BookmarkPlugin.php b/plugins/Bookmark/BookmarkPlugin.php index 904c7ee9c9..780acfcbbc 100644 --- a/plugins/Bookmark/BookmarkPlugin.php +++ b/plugins/Bookmark/BookmarkPlugin.php @@ -347,6 +347,8 @@ class BookmarkPlugin extends MicroAppPlugin function onEndUpgrade() { + printfnq('Making sure Bookmark notices have correct verb and object_type...'); + // Version 0.9.x of the plugin didn't stamp notices // with verb and object-type (for obvious reasons). Update // those notices here. @@ -364,6 +366,8 @@ class BookmarkPlugin extends MicroAppPlugin $notice->object_type = ActivityObject::BOOKMARK; $notice->update($original); } + + printfnq("DONE.\n"); } public function activityObjectOutputJson(ActivityObject $obj, array &$out) From 4e2be07234bc0c8fcda47b7a18f9b3b43a7372f3 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 29 Mar 2016 12:13:33 +0200 Subject: [PATCH 160/415] Better indexing for Notice (performance++) --- classes/Notice.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/classes/Notice.php b/classes/Notice.php index 256eb61663..6a747e5f5f 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -111,6 +111,8 @@ class Notice extends Managed_DataObject 'notice_repeat_of_created_id_idx' => array('repeat_of', 'created', 'id'), 'notice_conversation_created_id_idx' => array('conversation', 'created', 'id'), 'notice_verb_idx' => array('verb'), + 'notice_profile_id_verb_idx' => array('profile_id', 'verb'), + 'notice_url_idx' => array('url'), // Qvitter wants this 'notice_replyto_idx' => array('reply_to') ) ); From dcffe5d992979a7ecd5ff7a83e8de3ececfb1b89 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 29 Mar 2016 12:13:53 +0200 Subject: [PATCH 161/415] Forgotten File::getByUrl conversations (performance++) --- lib/action.php | 12 ++++++++---- plugins/Oembed/classes/File_oembed.php | 6 +++--- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/lib/action.php b/lib/action.php index 6d6efb1cbc..86b4908b3d 100644 --- a/lib/action.php +++ b/lib/action.php @@ -661,10 +661,14 @@ class Action extends HTMLOutputter // lawsuit // if logo is an uploaded file, try to fall back to HTTPS file URL $httpUrl = common_config('site', 'logo'); if (!empty($httpUrl)) { - $f = File::getKV('url', $httpUrl); - if (!empty($f) && !empty($f->filename)) { - // this will handle the HTTPS case - $logoUrl = File::url($f->filename); + try { + $f = File::getByUrl('url', $httpUrl); + if (!empty($f->filename)) { + // this will handle the HTTPS case + $logoUrl = File::url($f->filename); + } + } catch (NoResultException $e) { + // no match } } } diff --git a/plugins/Oembed/classes/File_oembed.php b/plugins/Oembed/classes/File_oembed.php index 246a74fea0..95aa91ff4c 100644 --- a/plugins/Oembed/classes/File_oembed.php +++ b/plugins/Oembed/classes/File_oembed.php @@ -120,10 +120,10 @@ class File_oembed extends Managed_DataObject $file_oembed->url = $data->url; $given_url = File_redirection::_canonUrl($file_oembed->url); if (! empty($given_url)){ - $file = File::getKV('url', $given_url); - if ($file instanceof File) { + try { + $file = File::getByUrl($given_url); $file_oembed->mimetype = $file->mimetype; - } else { + } catch (NoResultException $e) { $redir = File_redirection::where($given_url); if (empty($redir->file_id)) { $f = $redir->getFile(); From f8765c6166601811a60cc6dbea43f654d594fe4d Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 29 Mar 2016 12:48:00 +0200 Subject: [PATCH 162/415] Upgrade script for Bookmark uses joins instead of exists (performance++) --- plugins/Bookmark/BookmarkPlugin.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/Bookmark/BookmarkPlugin.php b/plugins/Bookmark/BookmarkPlugin.php index 780acfcbbc..050e529e0d 100644 --- a/plugins/Bookmark/BookmarkPlugin.php +++ b/plugins/Bookmark/BookmarkPlugin.php @@ -355,8 +355,8 @@ class BookmarkPlugin extends MicroAppPlugin $notice = new Notice(); - $notice->whereAdd('exists (select uri from bookmark where bookmark.uri = notice.uri)'); - $notice->whereAdd('((object_type is null) or (object_type = "' .ActivityObject::NOTE.'"))'); + $notice->joinAdd(array('uri', 'bookmark:uri')); + $notice->whereAdd('object_type IS NULL OR object_type = '.$notice->escape(ActivityObject::NOTE)); $notice->find(); From 72cafe03e9331d97307aebab69e07f0294ddfc58 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 29 Mar 2016 12:48:25 +0200 Subject: [PATCH 163/415] Index object_type too... --- classes/Notice.php | 1 + 1 file changed, 1 insertion(+) diff --git a/classes/Notice.php b/classes/Notice.php index 6a747e5f5f..b387b627bf 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -110,6 +110,7 @@ class Notice extends Managed_DataObject 'notice_profile_id_idx' => array('profile_id', 'created', 'id'), 'notice_repeat_of_created_id_idx' => array('repeat_of', 'created', 'id'), 'notice_conversation_created_id_idx' => array('conversation', 'created', 'id'), + 'notice_object_type_idx' => array('object_type'), 'notice_verb_idx' => array('verb'), 'notice_profile_id_verb_idx' => array('profile_id', 'verb'), 'notice_url_idx' => array('url'), // Qvitter wants this From cb212ba41c20412aabab5e7077f308bf8bfe3c07 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 29 Mar 2016 12:55:50 +0200 Subject: [PATCH 164/415] Gah, bad syntax --- plugins/Bookmark/BookmarkPlugin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/Bookmark/BookmarkPlugin.php b/plugins/Bookmark/BookmarkPlugin.php index 050e529e0d..e6afa0b6da 100644 --- a/plugins/Bookmark/BookmarkPlugin.php +++ b/plugins/Bookmark/BookmarkPlugin.php @@ -356,7 +356,7 @@ class BookmarkPlugin extends MicroAppPlugin $notice = new Notice(); $notice->joinAdd(array('uri', 'bookmark:uri')); - $notice->whereAdd('object_type IS NULL OR object_type = '.$notice->escape(ActivityObject::NOTE)); + $notice->whereAdd('object_type IS NULL OR object_type = '.$notice->_quote(ActivityObject::NOTE)); $notice->find(); From 2f91cb0df7de37fd62588c6484b9f94bcd227c1d Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 29 Mar 2016 12:57:52 +0200 Subject: [PATCH 165/415] We should assume all verbs and such are their full URIs in our db --- classes/Profile.php | 6 ++---- lib/noticestream.php | 4 ++-- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/classes/Profile.php b/classes/Profile.php index 87168ace4a..fb6a621273 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -841,10 +841,8 @@ class Profile extends Managed_DataObject $notices = new Notice(); $notices->profile_id = $this->getID(); - $notices->whereAddIn('verb', - [ActivityUtils::resolveUri(ActivityVerb::POST, true), ActivityVerb::POST], - $notices->columnType('verb')); - $cnt = (int) $notices->count(); // we don't have to provide anything as Notice is key'd + $notices->verb = ActivityVerb::POST; + $cnt = (int) $notices->count('id'); // Not sure if I imagine this, but 'id' was faster than the defaulting 'uri'? if (!empty($c)) { $c->set(Cache::key('profile:notice_count:'.$this->getID()), $cnt); diff --git a/lib/noticestream.php b/lib/noticestream.php index 2b04a89ca4..72325a0fe4 100644 --- a/lib/noticestream.php +++ b/lib/noticestream.php @@ -48,9 +48,9 @@ abstract class NoticeStream public function __construct() { foreach ($this->selectVerbs as $key=>$val) { - // to avoid database inconsistency issues we select both relative and absolute verbs $this->selectVerbs[ActivityUtils::resolveUri($key)] = $val; - $this->selectVerbs[ActivityUtils::resolveUri($key, true)] = $val; + // to avoid database inconsistency issues we can select both relative and absolute verbs + //$this->selectVerbs[ActivityUtils::resolveUri($key, true)] = $val; } } From 4ea79bc396a16a5687f017ee5f4ebe442bdcf8f6 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 29 Mar 2016 14:33:40 +0200 Subject: [PATCH 166/415] I was too quick to save that file (File::getByUrl takes 1 arg) --- lib/action.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/action.php b/lib/action.php index 86b4908b3d..bab8a6dbcc 100644 --- a/lib/action.php +++ b/lib/action.php @@ -662,7 +662,7 @@ class Action extends HTMLOutputter // lawsuit $httpUrl = common_config('site', 'logo'); if (!empty($httpUrl)) { try { - $f = File::getByUrl('url', $httpUrl); + $f = File::getByUrl($httpUrl); if (!empty($f->filename)) { // this will handle the HTTPS case $logoUrl = File::url($f->filename); From 0177c8f1cf5550a57e1ed3a29aff1660fdf6627d Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 29 Mar 2016 14:36:27 +0200 Subject: [PATCH 167/415] Use join instead of exists in SQL --- scripts/upgrade.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/scripts/upgrade.php b/scripts/upgrade.php index fa55cfc206..f29c9f10bf 100755 --- a/scripts/upgrade.php +++ b/scripts/upgrade.php @@ -171,9 +171,14 @@ function initConversation() printfnq("Ensuring all conversations have a row in conversation table..."); $notice = new Notice(); - $notice->query('select distinct notice.conversation from notice '. - 'where notice.conversation is not null '. - 'and not exists (select conversation.id from conversation where id = notice.conversation)'); + $notice->selectAdd(); + $notice->selectAdd('DISTINCT conversation'); + $notice->joinAdd(['conversation', 'conversation:id'], 'LEFT'); // LEFT to get the null values for conversation.id + $notice->whereAdd('conversation.id IS NULL'); + + if ($notice->find()) { + printfnq(" fixing {$notice->N} missing conversation entries..."); + } while ($notice->fetch()) { From df3bcbb6cb1f129b60b69a5b8fe63e57e539e17e Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 30 Mar 2016 01:31:17 +0200 Subject: [PATCH 168/415] Possibly replace weirdly capitalized htTPs: too --- plugins/WebFinger/lib/webfingerresource.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/WebFinger/lib/webfingerresource.php b/plugins/WebFinger/lib/webfingerresource.php index e4f14b13d5..a1ebda6a33 100644 --- a/plugins/WebFinger/lib/webfingerresource.php +++ b/plugins/WebFinger/lib/webfingerresource.php @@ -42,7 +42,7 @@ abstract class WebFingerResource if (!strtolower(parse_url($alias, PHP_URL_SCHEME)) === 'https') { continue; } - $aliases[preg_replace('/^https:/', 'http:', $alias, 1)] = $id; + $aliases[preg_replace('/^https:/i', 'http:', $alias, 1)] = $id; } } From 299949b156cdd7542167dda10706c09c3f7ac3e3 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 30 Mar 2016 01:32:11 +0200 Subject: [PATCH 169/415] fix/legacy_http for WebFinger + some minor fixes Now won't match possibly maliciously named remote profile URLs (where the profile URL could be a notice URL for example, which would mean the response would be incorrect) When looking up remote entities, we should _only_ use the stored URI, but that's for the future to do... --- plugins/WebFinger/WebFingerPlugin.php | 97 ++++++++++++++++++--------- 1 file changed, 67 insertions(+), 30 deletions(-) diff --git a/plugins/WebFinger/WebFingerPlugin.php b/plugins/WebFinger/WebFingerPlugin.php index 5f686434f3..b41db564c3 100644 --- a/plugins/WebFinger/WebFingerPlugin.php +++ b/plugins/WebFinger/WebFingerPlugin.php @@ -81,49 +81,86 @@ class WebFingerPlugin extends Plugin $parts = explode('@', substr(urldecode($resource), 5)); // 5 is strlen of 'acct:' if (count($parts) == 2) { list($nick, $domain) = $parts; - if ($domain === common_config('site', 'server')) { - $nick = common_canonical_nickname($nick); - $user = User::getKV('nickname', $nick); - if (!($user instanceof User)) { - throw new NoSuchUserException(array('nickname'=>$nick)); - } - $profile = $user->getProfile(); - } else { + if ($domain !== common_config('site', 'server')) { throw new Exception(_('Remote profiles not supported via WebFinger yet.')); } + + $nick = common_canonical_nickname($nick); + $user = User::getKV('nickname', $nick); + if (!($user instanceof User)) { + throw new NoSuchUserException(array('nickname'=>$nick)); + } + $profile = $user->getProfile(); } - } else { + } elseif (!common_valid_http_url($resource)) { + // If it's not a URL, we can't do our http<->https legacy fix thingie anyway, + // so just try the User URI lookup! try { $user = User::getByUri($resource); $profile = $user->getProfile(); } catch (NoResultException $e) { - if (common_config('fix', 'fancyurls')) { - try { - try { // if it's a /index.php/ url - // common_fake_local_fancy_url can throw an exception - $alt_url = common_fake_local_fancy_url($resource); - } catch (Exception $e) { // let's try to create a fake local /index.php/ url - // this too if it can't do anything about the URL - $alt_url = common_fake_local_nonfancy_url($resource); - } - - // and this will throw a NoResultException if not found - $user = User::getByUri($alt_url); - $profile = $user->getProfile(); - } catch (Exception $e) { - // apparently we didn't get any matches with that, so continue... + // not a User, maybe a Notice? we'll try that further down... + } + } else { + // this means $resource is a common_valid_http_url (or https) + // First build up a set of alternative resource URLs that we can use. + $alt_urls = [$resource => true]; + if (strtolower(parse_url($resource, PHP_URL_SCHEME)) === 'https' + && common_config('fix', 'legacy_http')) { + $alt_urls[preg_replace('/^https:/i', 'http:', $resource, 1)] = true; + } + if (common_config('fix', 'fancyurls')) { + foreach (array_keys($alt_urls) as $url) { + try { // if it's a /index.php/ url + // common_fake_local_fancy_url can throw an exception + $alt_url = common_fake_local_fancy_url($url); + } catch (Exception $e) { // let's try to create a fake local /index.php/ url + // this too if it can't do anything about the URL + $alt_url = common_fake_local_nonfancy_url($url); } + + $alt_urls[$alt_url] = true; + } + } + common_debug(__METHOD__.': Generated these alternative URLs for various federation fixes: '._ve(array_keys($alt_urls))); + + try { + common_debug(__METHOD__.': Finding User URI for WebFinger lookup on resource=='._ve($resource)); + $user = new User(); + $user->whereAddIn('uri', array_keys($alt_urls), $user->columnType('uri')); + $user->limit(1); + if ($user->find(true)) { + $profile = $user->getProfile(); + } + unset($user); + } catch (Exception $e) { + // Most likely a UserNoProfileException, if it ever happens + // and then we need to do some debugging and perhaps fixes. + common_log(LOG_ERR, get_class($e).': '._ve($e->getMessage())); + throw $e; + } + + // User URI did not match, so let's try our alt_urls as Profile URL values + if (!$profile instanceof Profile) { + common_debug(__METHOD__.': Finding Profile URLs for WebFinger lookup on resource=='._ve($resource)); + // if our rewrite hack didn't work, try to get something by profile URL + $profile = new Profile(); + $profile->whereAddIn('profileurl', array_keys($alt_urls), $profile->columnType('profileurl')); + $profile->limit(1); + if (!$profile->find(true) || !$profile->isLocal()) { + // * Either we didn't find the profile, then we want to make + // the $profile variable null for clarity. + // * Or we did find it but for a possibly malicious remote + // user who might've set their profile URL to a Notice URL + // which would've caused a sort of DoS unless we continue + // our search here by discarding the remote profile. + $profile = null; } } } - // if we still haven't found a match... - if (!$profile instanceof Profile) { - // if our rewrite hack didn't work, try to get something by profile URL - $profile = Profile::getKV('profileurl', $resource); - } - if ($profile instanceof Profile) { + common_debug(__METHOD__.': Found Profile with ID=='._ve($profile->getID()).' for resource=='._ve($resource)); $target = new WebFingerResource_Profile($profile); return false; // We got our target, stop handler execution } From 8de3469957b60d7938217611f9dd3afbdac1455d Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 31 Mar 2016 17:57:01 +0200 Subject: [PATCH 170/415] Constraint check Notice table, need to get foreign key array! --- classes/Notice.php | 64 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) diff --git a/classes/Notice.php b/classes/Notice.php index b387b627bf..81c3df6336 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -3087,6 +3087,70 @@ class Notice extends Managed_DataObject $schema = Schema::get(); $schemadef = $schema->getTableDef($table); + printfnq("\nConstraint checking Notice table...\n"); + /** + * Improve typing and make sure no NULL values in any id-related columns are 0 + * 2016-03-31 + */ + foreach (['reply_to', 'repeat_of'] as $field) { + $notice = new Notice(); // reset the object + $notice->query(sprintf('UPDATE %1$s SET %2$s=NULL WHERE %2$s=0', $notice->escapedTableName(), $field)); + // Now we're sure that no Notice entries have repeat_of=0, only an id > 0 or NULL + unset($notice); + } + + /** + * Make sure constraints are met before upgrading. + * 2016-03-31 + * + * Will find foreign keys which do not fulfill the constraints and fix + * where appropriate, such as delete when "repeat_of" ID not found in notice.id + * or set to NULL for "reply_to" in the same case. + * + * XXX: How does this work if we would use multicolumn foreign keys? + */ + foreach (['reply_to' => 'reset', 'repeat_of' => 'delete', 'profile' => 'delete'] as $field=>$action) { + $notice = new Notice(); + + $fkeyname = $notice->tableName().'_'.$field.'_fkey'; + assert(isset($schemadef['foreign keys'][$fkeyname]) && $schemadef['foreign keys'][$fkeyname]); + $foreign_key = $schemadef['foreign keys'][$fkeyname]; + printfnq("\n"._ve($schemadef)); + $fkeytable = $foreign_key[0]; + assert(isset($foreign_key[1][$field])); + $fkeycol = $foreign_key[1][$field]; + + // NOTE: Above we set all repeat_of to NULL if they were 0, so this really gets them all. + $notice->whereAdd(sprintf('%1$s NOT IN (SELECT %2$s FROM %3$s)', $field, $fkeycol, $fkeytable)); + if ($notice->find()) { + printfnq("\tFound {$notice->N} notices with {$field} NOT IN notice.id, {$action}ing..."); + switch ($action) { + case 'delete': // since it's a directly dependant notice for an unknown ID we don't want it in our DB + while ($notice->fetch()) { + // $notice->delete(); + printfnq("\n deleting {$notice->id}"); + } + break; + case 'reset': // just set it to NULL to be compatible with our constraints, if it was related to an unknown ID + $ids = []; + foreach ($notice->fetchAll('id') as $id) { + settype($id, 'int'); + $ids[] = $id; + } + $notice = new Notice(); + $notice->query(sprintf('UPDATE %1$s SET %2$s=NULL WHERE id IN (%3$s)', + $notice->escapedTableName(), + $field, + implode(',', $ids))); + break; + default: + throw new ServerException('The programmer sucks, invalid action name when fixing table.'); + } + printfnq("DONE.\n"); + } + unset($notice); + } + // 2015-09-04 We move Notice location data to Notice_location // First we see if we have to do this at all if (!isset($schemadef['fields']['lat']) From 44ea8aa681132475f253960c694b8c001cdc5c0e Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 31 Mar 2016 20:51:50 +0200 Subject: [PATCH 171/415] Make sure $_SERVER['HTTP_REFERER'] isset when testing value --- lib/util.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/util.php b/lib/util.php index bc4898f847..b35eff84d8 100644 --- a/lib/util.php +++ b/lib/util.php @@ -266,7 +266,8 @@ function common_logged_in() function common_local_referer() { - return parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) === common_config('site', 'server'); + return isset($_SERVER['HTTP_REFERER']) + && parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) === common_config('site', 'server'); } function common_have_session() From 195285ac2f74d343979a0f7d520942e32d2df2cb Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 1 Apr 2016 06:24:11 +0200 Subject: [PATCH 172/415] Fix constraint checking and only run it if not already constrained --- classes/Notice.php | 125 ++++++++++++++++++++++++--------------------- 1 file changed, 67 insertions(+), 58 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index 81c3df6336..1b09c01a79 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -3087,68 +3087,77 @@ class Notice extends Managed_DataObject $schema = Schema::get(); $schemadef = $schema->getTableDef($table); - printfnq("\nConstraint checking Notice table...\n"); /** - * Improve typing and make sure no NULL values in any id-related columns are 0 + * Make sure constraints are met before upgrading, if foreign keys + * are not already in use. * 2016-03-31 */ - foreach (['reply_to', 'repeat_of'] as $field) { - $notice = new Notice(); // reset the object - $notice->query(sprintf('UPDATE %1$s SET %2$s=NULL WHERE %2$s=0', $notice->escapedTableName(), $field)); - // Now we're sure that no Notice entries have repeat_of=0, only an id > 0 or NULL - unset($notice); - } - - /** - * Make sure constraints are met before upgrading. - * 2016-03-31 - * - * Will find foreign keys which do not fulfill the constraints and fix - * where appropriate, such as delete when "repeat_of" ID not found in notice.id - * or set to NULL for "reply_to" in the same case. - * - * XXX: How does this work if we would use multicolumn foreign keys? - */ - foreach (['reply_to' => 'reset', 'repeat_of' => 'delete', 'profile' => 'delete'] as $field=>$action) { - $notice = new Notice(); - - $fkeyname = $notice->tableName().'_'.$field.'_fkey'; - assert(isset($schemadef['foreign keys'][$fkeyname]) && $schemadef['foreign keys'][$fkeyname]); - $foreign_key = $schemadef['foreign keys'][$fkeyname]; - printfnq("\n"._ve($schemadef)); - $fkeytable = $foreign_key[0]; - assert(isset($foreign_key[1][$field])); - $fkeycol = $foreign_key[1][$field]; - - // NOTE: Above we set all repeat_of to NULL if they were 0, so this really gets them all. - $notice->whereAdd(sprintf('%1$s NOT IN (SELECT %2$s FROM %3$s)', $field, $fkeycol, $fkeytable)); - if ($notice->find()) { - printfnq("\tFound {$notice->N} notices with {$field} NOT IN notice.id, {$action}ing..."); - switch ($action) { - case 'delete': // since it's a directly dependant notice for an unknown ID we don't want it in our DB - while ($notice->fetch()) { - // $notice->delete(); - printfnq("\n deleting {$notice->id}"); - } - break; - case 'reset': // just set it to NULL to be compatible with our constraints, if it was related to an unknown ID - $ids = []; - foreach ($notice->fetchAll('id') as $id) { - settype($id, 'int'); - $ids[] = $id; - } - $notice = new Notice(); - $notice->query(sprintf('UPDATE %1$s SET %2$s=NULL WHERE id IN (%3$s)', - $notice->escapedTableName(), - $field, - implode(',', $ids))); - break; - default: - throw new ServerException('The programmer sucks, invalid action name when fixing table.'); - } - printfnq("DONE.\n"); + if (!isset($schemadef['foreign keys'])) { + $newschemadef = self::schemaDef(); + printfnq("\nConstraint checking Notice table...\n"); + /** + * Improve typing and make sure no NULL values in any id-related columns are 0 + * 2016-03-31 + */ + foreach (['reply_to', 'repeat_of'] as $field) { + $notice = new Notice(); // reset the object + $notice->query(sprintf('UPDATE %1$s SET %2$s=NULL WHERE %2$s=0', $notice->escapedTableName(), $field)); + // Now we're sure that no Notice entries have repeat_of=0, only an id > 0 or NULL + unset($notice); + } + + /** + * This Will find foreign keys which do not fulfill the constraints and fix + * where appropriate, such as delete when "repeat_of" ID not found in notice.id + * or set to NULL for "reply_to" in the same case. + * 2016-03-31 + * + * XXX: How does this work if we would use multicolumn foreign keys? + */ + foreach (['reply_to' => 'reset', 'repeat_of' => 'delete', 'profile_id' => 'delete'] as $field=>$action) { + $notice = new Notice(); + + $fkeyname = $notice->tableName().'_'.$field.'_fkey'; + assert(isset($newschemadef['foreign keys'][$fkeyname])); + assert($newschemadef['foreign keys'][$fkeyname]); + + $foreign_key = $newschemadef['foreign keys'][$fkeyname]; + $fkeytable = $foreign_key[0]; + assert(isset($foreign_key[1][$field])); + $fkeycol = $foreign_key[1][$field]; + + printfnq("* {$fkeyname} ({$field} => {$fkeytable}.{$fkeycol})\n"); + + // NOTE: Above we set all repeat_of to NULL if they were 0, so this really gets them all. + $notice->whereAdd(sprintf('%1$s NOT IN (SELECT %2$s FROM %3$s)', $field, $fkeycol, $fkeytable)); + if ($notice->find()) { + printfnq("\tFound {$notice->N} notices with {$field} NOT IN notice.id, {$action}ing..."); + switch ($action) { + case 'delete': // since it's a directly dependant notice for an unknown ID we don't want it in our DB + while ($notice->fetch()) { + $notice->delete(); + } + break; + case 'reset': // just set it to NULL to be compatible with our constraints, if it was related to an unknown ID + $ids = []; + foreach ($notice->fetchAll('id') as $id) { + settype($id, 'int'); + $ids[] = $id; + } + unset($notice); + $notice = new Notice(); + $notice->query(sprintf('UPDATE %1$s SET %2$s=NULL WHERE id IN (%3$s)', + $notice->escapedTableName(), + $field, + implode(',', $ids))); + break; + default: + throw new ServerException('The programmer sucks, invalid action name when fixing table.'); + } + printfnq("DONE.\n"); + } + unset($notice); } - unset($notice); } // 2015-09-04 We move Notice location data to Notice_location From 547f92de070f425b9b0415c7aa87b173c630a2b0 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 1 Apr 2016 06:51:19 +0200 Subject: [PATCH 173/415] Don't fail deleteRelated on NoProfileException --- lib/activityhandlerplugin.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/activityhandlerplugin.php b/lib/activityhandlerplugin.php index 8f28da85d6..c06f723a36 100644 --- a/lib/activityhandlerplugin.php +++ b/lib/activityhandlerplugin.php @@ -279,6 +279,10 @@ abstract class ActivityHandlerPlugin extends Plugin if ($this->isMyNotice($notice)) { try { $this->deleteRelated($notice); + } catch (NoProfileException $e) { + // we failed because of database lookup failure, Notice has no recognized profile as creator + // so we skip this. If we want to remove missing notices we should do a SQL constraints check + // in the affected plugin. } catch (AlreadyFulfilledException $e) { // Nothing to see here, it's obviously already gone... } From 922b65d2318bfedcac3fd076dae996187055470b Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 1 Apr 2016 23:10:34 +0200 Subject: [PATCH 174/415] More debugging in Salmon since we get situations which can't find inReplyToID --- plugins/OStatus/actions/usersalmon.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/plugins/OStatus/actions/usersalmon.php b/plugins/OStatus/actions/usersalmon.php index ea5262aa3b..fd7b12317d 100644 --- a/plugins/OStatus/actions/usersalmon.php +++ b/plugins/OStatus/actions/usersalmon.php @@ -43,7 +43,9 @@ class UsersalmonAction extends SalmonAction if (!empty($this->activity->context->replyToID)) { try { $notice = Notice::getByUri($this->activity->context->replyToID); + common_debug('Referenced Notice object found with URI: '.$notice->getUri()); } catch (NoResultException $e) { + common_debug('Referenced Notice object NOT found with URI: '.$this->activity->context->replyToID); $notice = false; } } From b1de90fe0866fa30e72df6b2df6a937c39bebe28 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 1 Apr 2016 23:21:57 +0200 Subject: [PATCH 175/415] Send thr:in-reply-to as well, for clarity... --- plugins/Favorite/classes/Fave.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/plugins/Favorite/classes/Fave.php b/plugins/Favorite/classes/Fave.php index 7dad591181..c9bb7a6dd2 100644 --- a/plugins/Favorite/classes/Fave.php +++ b/plugins/Favorite/classes/Fave.php @@ -193,6 +193,13 @@ class Fave extends Managed_DataObject $act->content = sprintf(_('%1$s favorited something by %2$s: %3$s'), $actor->getNickname(), $target->getProfile()->getNickname(), $target->getRendered()); + $act->context = new ActivityContext(); + $act->context->replyToID = $target->getUri(); + try { + $act->context->replyToURL = $target->getUrl(); + } catch (InvalidUrlException $e) { + // ok, no replyToURL, i.e. the href="" in + } $act->actor = $actor->asActivityObject(); $act->target = $target->asActivityObject(); From 6d33c003fc8d8b09097549307305eb6e73f1d627 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 4 Apr 2016 12:04:20 +0200 Subject: [PATCH 176/415] Maybe stop deleteRelated from failing on constraint checking --- classes/Notice.php | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index 1b09c01a79..6501a83adb 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -1537,12 +1537,16 @@ class Notice extends Managed_DataObject function getProfileTags() { - $profile = $this->getProfile(); - $list = $profile->getOtherTags($profile); $ptags = array(); + try { + $profile = $this->getProfile(); + $list = $profile->getOtherTags($profile); - while($list->fetch()) { - $ptags[] = clone($list); + while($list->fetch()) { + $ptags[] = clone($list); + } + } catch (Exception $e) { + common_log(LOG_ERR, "Error during Notice->getProfileTags() for id=={$this->getID()}: {$e->getMessage()}"); } return $ptags; From 4645033b98833f083767f3a8aabfcd44b97e9b14 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 8 Apr 2016 13:44:22 +0200 Subject: [PATCH 177/415] "In conversation" text in noticelistitem --- lib/noticelistitem.php | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/lib/noticelistitem.php b/lib/noticelistitem.php index a0dcf6f30c..cbff03d973 100644 --- a/lib/noticelistitem.php +++ b/lib/noticelistitem.php @@ -189,6 +189,7 @@ class NoticeListItem extends Widget function showNoticeInfo() { if (Event::handle('StartShowNoticeInfo', array($this))) { + $this->showContextLink(); $this->showNoticeLink(); $this->showNoticeSource(); $this->showNoticeLocation(); @@ -375,14 +376,10 @@ class NoticeListItem extends Widget */ function showNoticeLink() { - $this->out->elementStart('a', array('rel' => 'bookmark', - 'class' => 'timestamp', - 'href' => Conversation::getUrlFromNotice($this->notice))); $this->out->element('time', array('class' => 'dt-published', 'datetime' => common_date_iso8601($this->notice->created), 'title' => common_exact_date($this->notice->created)), common_date_string($this->notice->created)); - $this->out->elementEnd('a'); } /** @@ -568,6 +565,18 @@ class NoticeListItem extends Widget } } + /** + * Show link to conversation view. + */ + function showContextLink() + { + $this->out->element('a', array('rel' => 'bookmark', + 'class' => 'timestamp', + 'href' => Conversation::getUrlFromNotice($this->notice)), + // TRANS: A link to the conversation view of a notice, on the local server. + _('In conversation')); + } + /** * show a link to reply to the current notice * From 107f612384a0a17897bc4b1cda3f521fc4e29324 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 18 Apr 2016 15:04:03 +0200 Subject: [PATCH 178/415] strict type comparison --- lib/imagefile.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/imagefile.php b/lib/imagefile.php index a328df9852..85fc597126 100644 --- a/lib/imagefile.php +++ b/lib/imagefile.php @@ -93,7 +93,7 @@ class ImageFile $this->type = $info[2]; $this->mimetype = $info['mime']; - if ($this->type == IMAGETYPE_JPEG && function_exists('exif_read_data')) { + if ($this->type === IMAGETYPE_JPEG && function_exists('exif_read_data')) { // Orientation value to rotate thumbnails properly $exif = @exif_read_data($this->filepath); if (is_array($exif) && isset($exif['Orientation'])) { From c48508d5905ae3f26ddaa6e65f6e7da15b764ee1 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 18 Apr 2016 15:08:47 +0200 Subject: [PATCH 179/415] use getByID (also bad variable reference) --- classes/File_redirection.php | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/classes/File_redirection.php b/classes/File_redirection.php index 8a490fb18a..d1b266c90b 100644 --- a/classes/File_redirection.php +++ b/classes/File_redirection.php @@ -173,12 +173,11 @@ class File_redirection extends Managed_DataObject try { $r = File_redirection::getByUrl($in_url); - $f = File::getKV('id',$r->file_id); - - if($file instanceof File) { + try { + $f = File::getByID($r->file_id); $r->file = $f; - $r->redir_url = $f->url; - } else { + $r->redir_url = $f->url; + } catch (NoResultException $e) { // Invalid entry, delete and run again common_log(LOG_ERR, "Could not find File with id=".$r->file_id." referenced in File_redirection, deleting File redirection entry and and trying again..."); $r->delete(); From 5ccf3ed71497ffd02d8aac906e0a11d07e1cdefd Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 18 Apr 2016 15:21:05 +0200 Subject: [PATCH 180/415] function declaration to match parent --- actions/apihelptest.php | 36 +++++------------------------------- 1 file changed, 5 insertions(+), 31 deletions(-) diff --git a/actions/apihelptest.php b/actions/apihelptest.php index a9cd7394c9..e57ebb710f 100644 --- a/actions/apihelptest.php +++ b/actions/apihelptest.php @@ -28,9 +28,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * Returns the string "ok" in the requested format with a 200 OK HTTP status code. @@ -44,29 +42,9 @@ if (!defined('STATUSNET')) { */ class ApiHelpTestAction extends ApiPrivateAuthAction { - /** - * Take arguments for running - * - * @param array $args $_REQUEST args - * - * @return boolean success flag - */ - function prepare($args) + protected function handle() { - parent::prepare($args); - return true; - } - - /** - * Handle the request - * - * @param array $args $_REQUEST data (unused) - * - * @return void - */ - function handle($args) - { - parent::handle($args); + parent::handle(); if ($this->format == 'xml') { $this->initDocument('xml'); @@ -77,12 +55,8 @@ class ApiHelpTestAction extends ApiPrivateAuthAction print '"ok"'; $this->endDocument('json'); } else { - $this->clientError( - // TRANS: Client error displayed when coming across a non-supported API method. - _('API method not found.'), - 404, - $this->format - ); + // TRANS: Client error displayed when coming across a non-supported API method. + throw new ClientException(_('API method not found.'), 404); } } From ce65fe96ad5450ad748fc69c60611c0c5fb22154 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 18 Apr 2016 15:33:20 +0200 Subject: [PATCH 181/415] Oembed bugs with thumbnail generation. --- plugins/Oembed/actions/oembed.php | 39 +++++++++++++++---------------- 1 file changed, 19 insertions(+), 20 deletions(-) diff --git a/plugins/Oembed/actions/oembed.php b/plugins/Oembed/actions/oembed.php index c374b8b34f..564e492e4a 100644 --- a/plugins/Oembed/actions/oembed.php +++ b/plugins/Oembed/actions/oembed.php @@ -84,26 +84,25 @@ class OembedAction extends Action $oembed['html']=$notice->getRendered(); // maybe add thumbnail - $attachments = $notice->attachments(); - if (!empty($attachments)) { - foreach ($attachments as $attachment) { - if(is_object($attachment)) { - try { - $thumb = $attachment->getThumbnail(); - } catch (ServerException $e) { - // - } - try { - $thumb_url = File_thumbnail::url($thumb->filename); - $oembed['thumbnail_url'] = $thumb_url; - break; // only first one - } catch (ClientException $e) { - // - } - } - } - } - + foreach ($notice->attachments() as $attachment) { + if (!$attachment instanceof File) { + common_debug('ATTACHMENTS array entry from notice id=='._ve($notice->getID()).' is something else than a File dataobject: '._ve($attachment)); + continue; + } + try { + $thumb = $attachment->getThumbnail(); + $thumb_url = File_thumbnail::url($thumb->filename); + $oembed['thumbnail_url'] = $thumb_url; + break; // only first one + } catch (UseFileAsThumbnailException $e) { + $oembed['thumbnail_url'] = $attachment->getUrl(); + break; // we're happy with that + } catch (ServerException $e) { + // + } catch (ClientException $e) { + // + } + } break; case 'attachment': From 0959efd7be98df62fda4ef9ec3fc1e8de42c8464 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 18 Apr 2016 15:56:52 +0200 Subject: [PATCH 182/415] Use constant for ATTN_PUBLIC (public collection) --- classes/Notice.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index 6501a83adb..f38de37167 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -955,10 +955,10 @@ class Notice extends Managed_DataObject $act->context = new ActivityContext(); } - if (array_key_exists('http://activityschema.org/collection/public', $act->context->attention)) { + if (array_key_exists(ActivityContext::ATTN_PUBLIC, $act->context->attention)) { $stored->scope = Notice::PUBLIC_SCOPE; // TODO: maybe we should actually keep this? if the saveAttentions thing wants to use it... - unset($act->context->attention['http://activityschema.org/collection/public']); + unset($act->context->attention[ActivityContext::ATTN_PUBLIC]); } else { $stored->scope = self::figureOutScope($actor, $groups, $scope); } From 58274c99d48f29d05f0a29474dc922ef42a3648b Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 26 Apr 2016 01:50:40 +0200 Subject: [PATCH 183/415] Some PHP7 related package names --- INSTALL | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/INSTALL b/INSTALL index f7c2d21caf..ff755f2471 100644 --- a/INSTALL +++ b/INSTALL @@ -49,6 +49,19 @@ functional setup of GNU Social: - php5-mysqlnd The native driver for PHP5 MariaDB connections. If you use MySQL, 'php5-mysql' or 'php5-mysqli' may be enough. +Or, for PHP7, some or all of these will be necessary. PHP7 support is still +experimental and not necessarily working: + php7.0-bcmath + php7.0-curl + php7.0-exif + php7.0-gd + php7.0-intl + php7.0-mbstring + php7.0-mysqlnd + php7.0-opcache + php7.0-readline + php7.0-xmlwriter + The above package names are for Debian based systems. In the case of Arch Linux, PHP is compiled with support for most extensions but they require manual enabling in the relevant php.ini file (mostly php5-gmp). From af281606794358b05199f5b50fefd7fc4ec5b52a Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 26 Apr 2016 02:41:04 +0200 Subject: [PATCH 184/415] Naughty fix for extlib XMPPHP (PHP7) I shouldn't fix extlibs, but here goes anyway. I will see if there's an upstream library we can track which has fixed this themselves. --- plugins/Xmpp/extlib/XMPPHP/Roster.php | 4 ++-- plugins/Xmpp/extlib/XMPPHP/XMLStream.php | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/plugins/Xmpp/extlib/XMPPHP/Roster.php b/plugins/Xmpp/extlib/XMPPHP/Roster.php index 2e459e2a2f..69457b22a1 100644 --- a/plugins/Xmpp/extlib/XMPPHP/Roster.php +++ b/plugins/Xmpp/extlib/XMPPHP/Roster.php @@ -118,7 +118,7 @@ class Roster { * @param string $status */ public function setPresence($presence, $priority, $show, $status) { - list($jid, $resource) = split("/", $presence); + list($jid, $resource) = explode("/", $presence); if ($show != 'unavailable') { if (!$this->isContact($jid)) { $this->addContact($jid, 'not-in-roster'); @@ -137,7 +137,7 @@ class Roster { * @param string $jid */ public function getPresence($jid) { - $split = split("/", $jid); + $split = explode("/", $jid); $jid = $split[0]; if($this->isContact($jid)) { $current = array('resource' => '', 'active' => '', 'priority' => -129, 'show' => '', 'status' => ''); //Priorities can only be -128 = 127 diff --git a/plugins/Xmpp/extlib/XMPPHP/XMLStream.php b/plugins/Xmpp/extlib/XMPPHP/XMLStream.php index d33411ec54..5c71426200 100644 --- a/plugins/Xmpp/extlib/XMPPHP/XMLStream.php +++ b/plugins/Xmpp/extlib/XMPPHP/XMLStream.php @@ -263,7 +263,7 @@ class XMPPHP_XMLStream { $ns_tags = array($xpath); } foreach($ns_tags as $ns_tag) { - list($l, $r) = split("}", $ns_tag); + list($l, $r) = explode("}", $ns_tag); if ($r != null) { $xpart = array(substr($l, 1), $r); } else { @@ -564,7 +564,7 @@ class XMPPHP_XMLStream { if ($searchxml !== null) { if($handler[2] === null) $handler[2] = $this; $this->log->log("Calling {$handler[1]}", XMPPHP_Log::LEVEL_DEBUG); - $handler[2]->$handler[1]($this->xmlobj[2]); + $handler[2]->{$handler[1]}($this->xmlobj[2]); } } } @@ -578,13 +578,13 @@ class XMPPHP_XMLStream { if($searchxml !== null and $searchxml->name == $handler[0] and ($searchxml->ns == $handler[1] or (!$handler[1] and $searchxml->ns == $this->default_ns))) { if($handler[3] === null) $handler[3] = $this; $this->log->log("Calling {$handler[2]}", XMPPHP_Log::LEVEL_DEBUG); - $handler[3]->$handler[2]($this->xmlobj[2]); + $handler[3]->{$handler[2]}($this->xmlobj[2]); } } foreach($this->idhandlers as $id => $handler) { if(array_key_exists('id', $this->xmlobj[2]->attrs) and $this->xmlobj[2]->attrs['id'] == $id) { if($handler[1] === null) $handler[1] = $this; - $handler[1]->$handler[0]($this->xmlobj[2]); + $handler[1]->{$handler[0]}($this->xmlobj[2]); #id handlers are only used once unset($this->idhandlers[$id]); break; @@ -640,7 +640,7 @@ class XMPPHP_XMLStream { if($handler[2] === null) { $handler[2] = $this; } - $handler[2]->$handler[1]($payload); + $handler[2]->{$handler[1]}($payload); } } foreach($this->until as $key => $until) { From 3e9b0d6018dc5ce7328cd2b8281dafaef930ce10 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 26 Apr 2016 02:41:56 +0200 Subject: [PATCH 185/415] split is gone, use explode. PHP7 extlib fix --- plugins/DomainStatusNetwork/extlib/regDomain.inc.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/DomainStatusNetwork/extlib/regDomain.inc.php b/plugins/DomainStatusNetwork/extlib/regDomain.inc.php index 389f6c4295..076c7b8714 100644 --- a/plugins/DomainStatusNetwork/extlib/regDomain.inc.php +++ b/plugins/DomainStatusNetwork/extlib/regDomain.inc.php @@ -37,7 +37,7 @@ function getRegisteredDomain($signingDomain) { global $tldTree; - $signingDomainParts = split('\.', $signingDomain); + $signingDomainParts = explode('.', $signingDomain); $result = findRegisteredDomain($signingDomainParts, $tldTree); @@ -80,4 +80,4 @@ function findRegisteredDomain($remainingSigningDomainParts, &$treeNode) { return NULL; } -?> \ No newline at end of file +?> From e4f688fcfdbe997dae4777d7280559c3e9f50dca Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 26 Apr 2016 02:57:14 +0200 Subject: [PATCH 186/415] naughty extlib fix (PHP7) The explode function didn't return empty elements (which split did) --- plugins/Xmpp/extlib/XMPPHP/Roster.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/plugins/Xmpp/extlib/XMPPHP/Roster.php b/plugins/Xmpp/extlib/XMPPHP/Roster.php index 69457b22a1..500ff6dcc1 100644 --- a/plugins/Xmpp/extlib/XMPPHP/Roster.php +++ b/plugins/Xmpp/extlib/XMPPHP/Roster.php @@ -118,12 +118,13 @@ class Roster { * @param string $status */ public function setPresence($presence, $priority, $show, $status) { - list($jid, $resource) = explode("/", $presence); + $parts = explode('/', $presence); + $jid = $parts[0]; + $resource = isset($parts[1]) ? $parts[1] : ''; // apparently we can do '' as an associative array index if ($show != 'unavailable') { if (!$this->isContact($jid)) { $this->addContact($jid, 'not-in-roster'); } - $resource = $resource ? $resource : ''; $this->roster_array[$jid]['presence'][$resource] = array('priority' => $priority, 'show' => $show, 'status' => $status); } else { //Nuke unavailable resources to save memory unset($this->roster_array[$jid]['resource'][$resource]); From 7aa9a69c2fcccc79ace8cdffa4765fec1ece5d77 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 1 May 2016 11:26:28 +0200 Subject: [PATCH 187/415] Link to attachment page instead of big-ass image --- classes/File.php | 5 +++++ lib/activityobject.php | 2 +- lib/attachmentlistitem.php | 4 ++-- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/classes/File.php b/classes/File.php index 9643b78f18..46d4d5498d 100644 --- a/classes/File.php +++ b/classes/File.php @@ -516,6 +516,11 @@ class File extends Managed_DataObject return $filepath; } + public function getAttachmentUrl() + { + return common_local_url('attachment', array('attachment'=>$this->getID())); + } + public function getUrl($prefer_local=true) { if ($prefer_local && !empty($this->filename)) { diff --git a/lib/activityobject.php b/lib/activityobject.php index 87eea13727..ca6390b725 100644 --- a/lib/activityobject.php +++ b/lib/activityobject.php @@ -491,7 +491,7 @@ class ActivityObject $object->type = self::mimeTypeToObjectType($file->mimetype); $object->id = TagURI::mint(sprintf("file:%d", $file->id)); - $object->link = common_local_url('attachment', array('attachment' => $file->id)); + $object->link = $file->getAttachmentUrl(); if ($file->title) { $object->title = $file->title; diff --git a/lib/attachmentlistitem.php b/lib/attachmentlistitem.php index 6ee3c7087b..dc22c8af29 100644 --- a/lib/attachmentlistitem.php +++ b/lib/attachmentlistitem.php @@ -87,8 +87,8 @@ class AttachmentListItem extends Widget function linkAttr() { return array('class' => 'attachment', - 'href' => $this->attachment->getUrl(false), - 'id' => 'attachment-' . $this->attachment->id, + 'href' => $this->attachment->getAttachmentUrl(), + 'id' => 'attachment-' . $this->attachment->getID(), 'title' => $this->linkTitle()); } From 60130633f008b6d52ff426367122a3088cb4a84d Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 1 May 2016 11:36:07 +0200 Subject: [PATCH 188/415] Linkback references to unset indexes + spelling error --- plugins/Linkback/lib/util.php | 27 +++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/plugins/Linkback/lib/util.php b/plugins/Linkback/lib/util.php index cd0476ceef..b0e99cbc94 100644 --- a/plugins/Linkback/lib/util.php +++ b/plugins/Linkback/lib/util.php @@ -201,13 +201,13 @@ function linkback_hcard($mf2, $url) { } function linkback_notice($source, $notice_or_user, $entry, $author, $mf2) { - $content = $entry['content'] ? $entry['content'][0]['html'] : - ($entry['summary'] ? $entry['sumary'][0] : $entry['name'][0]); + $content = isset($entry['content']) ? $entry['content'][0]['html'] : + (isset($entry['summary']) ? $entry['summary'][0] : $entry['name'][0]); $rendered = common_purify($content); if($notice_or_user instanceof Notice && $entry['type'] == 'mention') { - $name = $entry['name'] ? $entry['name'][0] : substr(common_strip_html($content), 0, 20).'…'; + $name = isset($entry['name']) ? $entry['name'][0] : substr(common_strip_html($content), 0, 20).'…'; $rendered = _m('linked to this from '.htmlspecialchars($name).''); } @@ -241,12 +241,16 @@ function linkback_notice($source, $notice_or_user, $entry, $author, $mf2) { } } - if($entry['published'] || $entry['updated']) { - $options['created'] = $entry['published'] ? common_sql_date($entry['published'][0]) : common_sql_date($entry['updated'][0]); + if (isset($entry['published']) || isset($entry['updated'])) { + $options['created'] = isset($entry['published']) + ? common_sql_date($entry['published'][0]) + : common_sql_date($entry['updated'][0]); } - if($entry['photo']) { + if (isset($entry['photo']) && common_valid_http_url($entry['photo'])) { $options['urls'][] = $entry['photo'][0]; + } elseif (isset($entry['photo'])) { + common_debug('Linkback got invalid HTTP URL for photo: '._ve($entry['photo'])); } foreach((array)$entry['category'] as $tag) { @@ -287,7 +291,7 @@ function linkback_profile($entry, $mf2, $response, $target) { $author = array('name' => $entry['name']); } - if(!$author['url']) { + if (!isset($author['url']) || empty($author['url'])) { $author['url'] = array($response->getEffectiveUrl()); } @@ -299,17 +303,16 @@ function linkback_profile($entry, $mf2, $response, $target) { try { $profile = Profile::fromUri($author['url'][0]); - } catch(UnknownUriException $ex) {} - - if(!($profile instanceof Profile)) { + } catch(UnknownUriException $ex) { $profile = Profile::getKV('profileurl', $author['url'][0]); } - if(!($profile instanceof Profile)) { + // XXX: Is this a good way to create the profile? + if (!$profile instanceof Profile) { $profile = new Profile(); $profile->profileurl = $author['url'][0]; $profile->fullname = $author['name'][0]; - $profile->nickname = $author['nickname'] ? $author['nickname'][0] : str_replace(' ', '', $author['name'][0]); + $profile->nickname = isset($author['nickname']) ? $author['nickname'][0] : str_replace(' ', '', $author['name'][0]); $profile->created = common_sql_now(); $profile->insert(); } From 87dd0fbdb65f53b1cacabd1eedf3c3e14625fffe Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 4 May 2016 11:34:50 +0200 Subject: [PATCH 189/415] UseFileAsThumbnailException uses direct File object now --- classes/File.php | 2 +- lib/imagefile.php | 8 ++++++-- lib/usefileasthumbnailexception.php | 8 ++------ 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/classes/File.php b/classes/File.php index 46d4d5498d..4489b4ecc1 100644 --- a/classes/File.php +++ b/classes/File.php @@ -498,7 +498,7 @@ class File extends Managed_DataObject return File_thumbnail::byFile($this); } catch (NoResultException $e) { // and if it's not a remote file, it'll be safe to use the locally stored File - throw new UseFileAsThumbnailException($this->id); + throw new UseFileAsThumbnailException($this); } } } diff --git a/lib/imagefile.php b/lib/imagefile.php index 85fc597126..156e3c6fd2 100644 --- a/lib/imagefile.php +++ b/lib/imagefile.php @@ -132,7 +132,7 @@ class ImageFile // First some mimetype specific exceptions switch ($file->mimetype) { case 'image/svg+xml': - throw new UseFileAsThumbnailException($file->id); + throw new UseFileAsThumbnailException($file); } // And we'll only consider it an image if it has such a media type @@ -282,7 +282,11 @@ class ImageFile } if (!file_exists($outpath)) { - throw new UseFileAsThumbnailException($this->id); + if ($this->fileRecord instanceof File) { + throw new UseFileAsThumbnailException($this->fileRecord); + } else { + throw new UnsupportedMediaException('No local File object exists for ImageFile.'); + } } return $outpath; diff --git a/lib/usefileasthumbnailexception.php b/lib/usefileasthumbnailexception.php index cafbe692b2..5ad33cb0a9 100644 --- a/lib/usefileasthumbnailexception.php +++ b/lib/usefileasthumbnailexception.php @@ -34,13 +34,9 @@ class UseFileAsThumbnailException extends UnsupportedMediaException { public $file = null; - public function __construct($file_id) + public function __construct(File $file) { - $this->file = File::getKV('id', $file_id); - if (!$this->file instanceof File) { - throw new ServerException('No File ID supplied to exception'); - } - + $this->file = $file; parent::__construct('Thumbnail not generated', $this->file->getPath()); } } From a5a96dd857574ba6bc21fa7d2c6057ea3f6d5a94 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 4 May 2016 11:44:00 +0200 Subject: [PATCH 190/415] Misplaced break/continue statements. --- lib/accountmover.php | 1 - lib/useractivitystream.php | 1 - 2 files changed, 2 deletions(-) diff --git a/lib/accountmover.php b/lib/accountmover.php index 83314b4997..f8fb4512bd 100644 --- a/lib/accountmover.php +++ b/lib/accountmover.php @@ -114,7 +114,6 @@ class AccountMover extends QueueHandler $svcDocUrl = $link->href; if (isset($link['http://apinamespace.org/atom/username'])) { $username = $link['http://apinamespace.org/atom/username']; - break; } } diff --git a/lib/useractivitystream.php b/lib/useractivitystream.php index bb60485164..cc0e4297e6 100644 --- a/lib/useractivitystream.php +++ b/lib/useractivitystream.php @@ -219,7 +219,6 @@ class UserActivityStream extends AtomUserNoticeFeed } } catch (Exception $e) { common_log(LOG_ERR, $e->getMessage()); - continue; } } } From 6d6db77f06ab00b05ab3cf5aaecc2a931dc8a319 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 4 May 2016 11:44:14 +0200 Subject: [PATCH 191/415] Documentation update in File class file --- classes/File.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/classes/File.php b/classes/File.php index 4489b4ecc1..c85d919fd7 100644 --- a/classes/File.php +++ b/classes/File.php @@ -478,6 +478,8 @@ class File extends Managed_DataObject * @param $width int Max width of thumbnail in pixels. (if null, use common_config values) * @param $height int Max height of thumbnail in pixels. (if null, square-crop to $width) * @param $crop bool Crop to the max-values' aspect ratio + * @param $force_still bool Don't allow fallback to showing original (such as animated GIF) + * @param $upscale mixed Whether or not to scale smaller images up to larger thumbnail sizes. (null = site default) * * @return File_thumbnail * From 3a6733dc982c879ee728f2f001f13ab69e2e0ab9 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 4 May 2016 11:57:55 +0200 Subject: [PATCH 192/415] 2-frame GIF animations weren't recognised as animated --- lib/imagefile.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/imagefile.php b/lib/imagefile.php index 156e3c6fd2..b0cd13089f 100644 --- a/lib/imagefile.php +++ b/lib/imagefile.php @@ -548,7 +548,7 @@ class ImageFile } fclose($fh); - return $count > 1; + return $count >= 1; // number of animated frames apart from the original image } public function getFileThumbnail($width, $height, $crop, $upscale=false) From bc70ec1263baa5d90cb8db4a574b271b4c06fdcc Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 4 May 2016 11:59:52 +0200 Subject: [PATCH 193/415] Don't warp attachment page thumbnails --- theme/base/css/display.css | 2 ++ 1 file changed, 2 insertions(+) diff --git a/theme/base/css/display.css b/theme/base/css/display.css index 03cb4644ee..e87e87fbf8 100644 --- a/theme/base/css/display.css +++ b/theme/base/css/display.css @@ -851,6 +851,8 @@ clear:both; } #attachment_view img, #attachment_view .attachment_player { +height: auto; +width: auto; max-width:480px; max-height:480px; } From bd306bdb9fb43e80f9092784602a9508a7d52031 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 9 May 2016 22:08:36 +0200 Subject: [PATCH 194/415] Add /download action for attachments --- actions/attachment_download.php | 20 ++++++++++++++++++++ lib/router.php | 4 ++++ 2 files changed, 24 insertions(+) create mode 100644 actions/attachment_download.php diff --git a/actions/attachment_download.php b/actions/attachment_download.php new file mode 100644 index 0000000000..6792c45993 --- /dev/null +++ b/actions/attachment_download.php @@ -0,0 +1,20 @@ + + * @license https://www.gnu.org/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link https:/gnu.io/social + */ +class Attachment_downloadAction extends AttachmentAction +{ + public function showPage() + { + common_redirect($this->attachment->getUrl(), 302); + } +} diff --git a/lib/router.php b/lib/router.php index 5a51f3d7d4..b01c9a7677 100644 --- a/lib/router.php +++ b/lib/router.php @@ -223,6 +223,10 @@ class Router array('action' => 'attachment'), array('attachment' => '[0-9]+')); + $m->connect('attachment/:attachment/download', + array('action' => 'attachment_download'), + array('attachment' => '[0-9]+')); + $m->connect('attachment/:attachment/thumbnail', array('action' => 'attachment_thumbnail'), array('attachment' => '[0-9]+')); From ba2975aac859ca9aebf809b1dd567585da69df37 Mon Sep 17 00:00:00 2001 From: Chimo Date: Wed, 1 Jun 2016 02:05:11 +0000 Subject: [PATCH 195/415] Update handle() method on Action subclasses. Fixes handle()-related strict warnings such as "Strict Standards: Declaration of AdminPanelAction::handle() should be compatible with Action::handle()" Ref. #190 --- actions/addpeopletag.php | 2 +- actions/apiaccountupdatedeliverydevice.php | 4 ++-- actions/apiatomservice.php | 4 ++-- actions/apigrouplistall.php | 4 ++-- actions/apilistsubscriber.php | 4 ++-- actions/apioauthaccesstoken.php | 4 ++-- actions/apioauthauthorize.php | 4 ++-- actions/apioauthrequesttoken.php | 4 ++-- actions/apisearchatom.php | 4 ++-- actions/apisearchjson.php | 4 ++-- actions/apitrends.php | 4 ++-- actions/approvegroup.php | 4 ++-- actions/approvesub.php | 4 ++-- actions/block.php | 2 +- actions/cancelgroup.php | 4 ++-- actions/deleteapplication.php | 2 +- actions/deletegroup.php | 4 ++-- actions/deleteuser.php | 2 +- actions/editapplication.php | 4 ++-- actions/editpeopletag.php | 4 ++-- actions/featured.php | 4 ++-- actions/foafgroup.php | 4 ++-- actions/geocode.php | 2 +- actions/groupblock.php | 4 ++-- actions/groups.php | 4 ++-- actions/groupunblock.php | 4 ++-- actions/invite.php | 4 ++-- actions/makeadmin.php | 4 ++-- actions/nudge.php | 4 ++-- actions/opensearch.php | 4 ++-- actions/otp.php | 4 ++-- actions/peopletag.php | 4 ++-- actions/peopletagautocomplete.php | 2 +- actions/peopletagged.php | 4 ++-- actions/peopletagsbyuser.php | 4 ++-- actions/peopletagsforuser.php | 4 ++-- actions/peopletagsubscribers.php | 4 ++-- actions/peopletagsubscriptions.php | 4 ++-- actions/pluginenable.php | 2 +- actions/profilecompletion.php | 2 +- actions/profiletagbyid.php | 2 +- actions/publictagcloud.php | 4 ++-- actions/recoverpassword.php | 4 ++-- actions/redirect.php | 2 +- actions/register.php | 4 ++-- actions/removepeopletag.php | 2 +- actions/rsd.php | 2 +- actions/showapplication.php | 4 ++-- actions/subedit.php | 4 ++-- actions/subscribe.php | 2 +- actions/subscribepeopletag.php | 4 ++-- actions/sup.php | 4 ++-- actions/unsubscribe.php | 4 ++-- actions/unsubscribepeopletag.php | 4 ++-- lib/adminpanelaction.php | 2 +- lib/profileformaction.php | 4 ++-- lib/searchaction.php | 4 ++-- .../actions/accountmanagementcontroldocument.php | 4 ++-- .../AccountManager/actions/accountmanagementsessionstatus.php | 4 ++-- plugins/ActivitySpam/actions/spam.php | 2 +- plugins/AnonymousFave/actions/anondisfavor.php | 4 ++-- plugins/AnonymousFave/actions/anonfavor.php | 4 ++-- plugins/Bookmark/actions/apitimelinebookmarks.php | 4 ++-- plugins/Bookmark/actions/bookmarks.php | 4 ++-- plugins/CasAuthentication/actions/caslogin.php | 4 ++-- plugins/ClientSideShorten/actions/shorten.php | 2 +- plugins/DirectMessage/actions/showmessage.php | 2 +- plugins/DirectMessage/lib/mailboxaction.php | 4 ++-- plugins/Event/actions/timelist.php | 4 ++-- plugins/ExtendedProfile/actions/userautocomplete.php | 4 ++-- plugins/FacebookBridge/actions/facebookdeauthorize.php | 4 ++-- plugins/FacebookBridge/actions/facebookfinishlogin.php | 4 ++-- plugins/FacebookBridge/actions/facebooklogin.php | 4 ++-- plugins/Favorite/actions/apifavoritedestroy.php | 4 ++-- plugins/Favorite/actions/favorited.php | 4 ++-- plugins/GNUsocialPhoto/actions/newphoto.php | 4 ++-- plugins/GNUsocialPhotos/actions/editphoto.php | 4 ++-- plugins/GNUsocialPhotos/actions/photos.php | 4 ++-- plugins/GNUsocialPhotos/actions/photoupload.php | 4 ++-- plugins/GNUsocialProfileExtensions/actions/bio.php | 4 ++-- plugins/GNUsocialVideo/actions/postvideo.php | 4 ++-- plugins/LinkPreview/actions/oembedproxy.php | 2 +- plugins/Mapstraction/actions/map.php | 4 ++-- plugins/OpenID/actions/finishaddopenid.php | 4 ++-- plugins/OpenID/actions/finishopenidlogin.php | 4 ++-- plugins/OpenID/actions/openidlogin.php | 4 ++-- plugins/OpenID/actions/openidserver.php | 4 ++-- plugins/OpenID/actions/openidtrust.php | 4 ++-- plugins/OpenID/openid.php | 4 ++-- plugins/RSSCloud/actions/loggingaggregator.php | 4 ++-- plugins/RSSCloud/actions/rsscloudrequestnotify.php | 4 ++-- plugins/Sample/actions/hello.php | 4 ++-- plugins/SearchSub/actions/searchsub.php | 2 +- plugins/SearchSub/actions/searchunsub.php | 2 +- plugins/Share/actions/apistatusesretweets.php | 4 ++-- plugins/Share/actions/apitimelineretweetsofme.php | 4 ++-- plugins/Sitemap/actions/sitemap.php | 4 ++-- plugins/Sitemap/actions/sitemapindex.php | 2 +- plugins/TagSub/actions/tagsub.php | 2 +- plugins/TagSub/actions/tagunsub.php | 2 +- plugins/UserFlag/actions/adminprofileflag.php | 4 ++-- plugins/UserFlag/actions/clearflag.php | 2 +- plugins/UserFlag/actions/flagprofile.php | 2 +- 103 files changed, 181 insertions(+), 181 deletions(-) diff --git a/actions/addpeopletag.php b/actions/addpeopletag.php index b501ce0fd9..3de29d54a2 100644 --- a/actions/addpeopletag.php +++ b/actions/addpeopletag.php @@ -119,7 +119,7 @@ class AddpeopletagAction extends Action * * @return void */ - function handle($args) + function handle() { // Throws exception on error $ptag = Profile_tag::setTag($this->user->id, $this->tagged->id, diff --git a/actions/apiaccountupdatedeliverydevice.php b/actions/apiaccountupdatedeliverydevice.php index a3cbb418b6..d2f137077d 100644 --- a/actions/apiaccountupdatedeliverydevice.php +++ b/actions/apiaccountupdatedeliverydevice.php @@ -73,9 +73,9 @@ class ApiAccountUpdateDeliveryDeviceAction extends ApiAuthAction * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if (!in_array($this->format, array('xml', 'json'))) { $this->clientError( diff --git a/actions/apiatomservice.php b/actions/apiatomservice.php index 9e45a30fcc..87a39b56a3 100644 --- a/actions/apiatomservice.php +++ b/actions/apiatomservice.php @@ -71,9 +71,9 @@ class ApiAtomServiceAction extends ApiBareAuthAction * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); header('Content-Type: application/atomsvc+xml'); diff --git a/actions/apigrouplistall.php b/actions/apigrouplistall.php index 2fb3714257..932e524ae1 100644 --- a/actions/apigrouplistall.php +++ b/actions/apigrouplistall.php @@ -77,9 +77,9 @@ class ApiGroupListAllAction extends ApiPrivateAuthAction * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $sitename = common_config('site', 'name'); // TRANS: Message is used as a title when listing the lastest 20 groups. %s is a site name. diff --git a/actions/apilistsubscriber.php b/actions/apilistsubscriber.php index f5cda15ae9..21c0b20b74 100644 --- a/actions/apilistsubscriber.php +++ b/actions/apilistsubscriber.php @@ -52,9 +52,9 @@ class ApiListSubscriberAction extends ApiBareAuthAction return true; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $arr = array('profile_tag_id' => $this->list->id, 'profile_id' => $this->target->id); diff --git a/actions/apioauthaccesstoken.php b/actions/apioauthaccesstoken.php index a1a70a9b9e..8dd0a40b22 100644 --- a/actions/apioauthaccesstoken.php +++ b/actions/apioauthaccesstoken.php @@ -52,9 +52,9 @@ class ApiOAuthAccessTokenAction extends ApiOAuthAction * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $datastore = new ApiGNUsocialOAuthDataStore(); $server = new OAuthServer($datastore); diff --git a/actions/apioauthauthorize.php b/actions/apioauthauthorize.php index d0dcf9c9c7..6c93d47ccd 100644 --- a/actions/apioauthauthorize.php +++ b/actions/apioauthauthorize.php @@ -88,9 +88,9 @@ class ApiOAuthAuthorizeAction extends ApiOAuthAction * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { diff --git a/actions/apioauthrequesttoken.php b/actions/apioauthrequesttoken.php index e961f4f464..b85ca70c47 100644 --- a/actions/apioauthrequesttoken.php +++ b/actions/apioauthrequesttoken.php @@ -69,9 +69,9 @@ class ApiOAuthRequestTokenAction extends ApiOAuthAction * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $datastore = new ApiGNUsocialOAuthDataStore(); $server = new OAuthServer($datastore); diff --git a/actions/apisearchatom.php b/actions/apisearchatom.php index 7e79808a96..fca745c1fd 100644 --- a/actions/apisearchatom.php +++ b/actions/apisearchatom.php @@ -128,9 +128,9 @@ class ApiSearchAtomAction extends ApiPrivateAuthAction * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); common_debug("In apisearchatom handle()"); $this->showAtom(); } diff --git a/actions/apisearchjson.php b/actions/apisearchjson.php index 794f23077b..cec826c016 100644 --- a/actions/apisearchjson.php +++ b/actions/apisearchjson.php @@ -95,9 +95,9 @@ class ApiSearchJSONAction extends ApiPrivateAuthAction * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showResults(); } diff --git a/actions/apitrends.php b/actions/apitrends.php index a39769a34e..79bd452dba 100644 --- a/actions/apitrends.php +++ b/actions/apitrends.php @@ -66,9 +66,9 @@ class ApiTrendsAction extends ApiPrivateAuthAction * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showTrends(); } diff --git a/actions/approvegroup.php b/actions/approvegroup.php index 2c8b354d34..18f62d28b1 100644 --- a/actions/approvegroup.php +++ b/actions/approvegroup.php @@ -139,9 +139,9 @@ class ApprovegroupAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); try { if ($this->approve) { diff --git a/actions/approvesub.php b/actions/approvesub.php index c9fa804412..aa8c23bf7d 100644 --- a/actions/approvesub.php +++ b/actions/approvesub.php @@ -97,9 +97,9 @@ class ApprovesubAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $cur = common_current_user(); try { diff --git a/actions/block.php b/actions/block.php index 53d8ae7ae0..5a8996f807 100644 --- a/actions/block.php +++ b/actions/block.php @@ -78,7 +78,7 @@ class BlockAction extends ProfileFormAction * * @return void */ - function handle($args) + function handle() { if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($this->arg('no')) { diff --git a/actions/cancelgroup.php b/actions/cancelgroup.php index 93f630e060..02e9493551 100644 --- a/actions/cancelgroup.php +++ b/actions/cancelgroup.php @@ -127,9 +127,9 @@ class CancelgroupAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); try { $this->request->abort(); diff --git a/actions/deleteapplication.php b/actions/deleteapplication.php index 5d7441098c..297ddc54bc 100644 --- a/actions/deleteapplication.php +++ b/actions/deleteapplication.php @@ -89,7 +89,7 @@ class DeleteapplicationAction extends Action * * @return void */ - function handle($args) + function handle() { if ($_SERVER['REQUEST_METHOD'] == 'POST') { diff --git a/actions/deletegroup.php b/actions/deletegroup.php index c64bc1d8e9..aacfe35bde 100644 --- a/actions/deletegroup.php +++ b/actions/deletegroup.php @@ -114,9 +114,9 @@ class DeletegroupAction extends RedirectingAction * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($this->arg('no')) { $this->returnToPrevious(); diff --git a/actions/deleteuser.php b/actions/deleteuser.php index 6e0c6ebf7f..d1b73f4746 100644 --- a/actions/deleteuser.php +++ b/actions/deleteuser.php @@ -80,7 +80,7 @@ class DeleteuserAction extends ProfileFormAction * * @return void */ - function handle($args) + function handle() { if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($this->arg('no')) { diff --git a/actions/editapplication.php b/actions/editapplication.php index c7e5f9052c..c0e27d86fb 100644 --- a/actions/editapplication.php +++ b/actions/editapplication.php @@ -94,9 +94,9 @@ class EditApplicationAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->handlePost($args); diff --git a/actions/editpeopletag.php b/actions/editpeopletag.php index 45c8adaa7d..02dc06180d 100644 --- a/actions/editpeopletag.php +++ b/actions/editpeopletag.php @@ -135,9 +135,9 @@ class EditpeopletagAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->trySave(); } else { diff --git a/actions/featured.php b/actions/featured.php index 394cfe6a8b..a30d5867a4 100644 --- a/actions/featured.php +++ b/actions/featured.php @@ -74,9 +74,9 @@ class FeaturedAction extends Action } } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showPage(); } diff --git a/actions/foafgroup.php b/actions/foafgroup.php index f9c61ac5dc..57303cf362 100644 --- a/actions/foafgroup.php +++ b/actions/foafgroup.php @@ -76,9 +76,9 @@ class FoafGroupAction extends Action return true; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); header('Content-Type: application/rdf+xml'); diff --git a/actions/geocode.php b/actions/geocode.php index 9e208914c1..6e4d1ce0f4 100644 --- a/actions/geocode.php +++ b/actions/geocode.php @@ -70,7 +70,7 @@ class GeocodeAction extends Action * @return nothing * */ - function handle($args) + function handle() { header('Content-Type: application/json; charset=utf-8'); $location_object = array(); diff --git a/actions/groupblock.php b/actions/groupblock.php index d65b62bdff..4bf5d74c20 100644 --- a/actions/groupblock.php +++ b/actions/groupblock.php @@ -110,9 +110,9 @@ class GroupblockAction extends RedirectingAction * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($this->arg('no')) { $this->returnToPrevious(); diff --git a/actions/groups.php b/actions/groups.php index d1bc8d9458..258fee262b 100644 --- a/actions/groups.php +++ b/actions/groups.php @@ -74,9 +74,9 @@ class GroupsAction extends Action return true; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showPage(); } diff --git a/actions/groupunblock.php b/actions/groupunblock.php index a24177f64c..7a4853aa37 100644 --- a/actions/groupunblock.php +++ b/actions/groupunblock.php @@ -103,9 +103,9 @@ class GroupunblockAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->unblockProfile(); } diff --git a/actions/invite.php b/actions/invite.php index 89b7e83bf6..827e026696 100644 --- a/actions/invite.php +++ b/actions/invite.php @@ -38,9 +38,9 @@ class InviteAction extends Action return false; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if (!common_config('invite', 'enabled')) { // TRANS: Client error displayed when trying to sent invites while they have been disabled. $this->clientError(_('Invites have been disabled.')); diff --git a/actions/makeadmin.php b/actions/makeadmin.php index 05912e150c..8c88d4cd69 100644 --- a/actions/makeadmin.php +++ b/actions/makeadmin.php @@ -111,9 +111,9 @@ class MakeadminAction extends RedirectingAction * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->makeAdmin(); } diff --git a/actions/nudge.php b/actions/nudge.php index 801d1f0681..8ade7fa272 100644 --- a/actions/nudge.php +++ b/actions/nudge.php @@ -55,9 +55,9 @@ class NudgeAction extends Action * * @return nothing */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if (!common_logged_in()) { // TRANS: Error message displayed when trying to perform an action that requires a logged in user. diff --git a/actions/opensearch.php b/actions/opensearch.php index b1529860a8..b7ed3212c2 100644 --- a/actions/opensearch.php +++ b/actions/opensearch.php @@ -53,9 +53,9 @@ class OpensearchAction extends Action * * @return boolean false if user doesn't exist */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $type = $this->trimmed('type'); $short_name = ''; if ($type == 'people') { diff --git a/actions/otp.php b/actions/otp.php index c44f3673ae..c5f3e70b26 100644 --- a/actions/otp.php +++ b/actions/otp.php @@ -110,9 +110,9 @@ class OtpAction extends Action return true; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); // success! if (!common_set_user($this->user)) { diff --git a/actions/peopletag.php b/actions/peopletag.php index b0a6e2635d..007e722a0b 100644 --- a/actions/peopletag.php +++ b/actions/peopletag.php @@ -84,9 +84,9 @@ class PeopletagAction extends Action return true; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showPage(); } diff --git a/actions/peopletagautocomplete.php b/actions/peopletagautocomplete.php index c239c03bfb..c165b40805 100644 --- a/actions/peopletagautocomplete.php +++ b/actions/peopletagautocomplete.php @@ -112,7 +112,7 @@ class PeopletagautocompleteAction extends Action * * @return void */ - function handle($args) + function handle() { //common_log(LOG_DEBUG, 'Autocomplete data: ' . json_encode($this->tags)); if ($this->tags) { diff --git a/actions/peopletagged.php b/actions/peopletagged.php index cf9ec053ed..d82a448ce5 100644 --- a/actions/peopletagged.php +++ b/actions/peopletagged.php @@ -117,9 +117,9 @@ class PeopletaggedAction extends Action } } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showPage(); } diff --git a/actions/peopletagsbyuser.php b/actions/peopletagsbyuser.php index 4a04ea2fbb..0b85bf2956 100644 --- a/actions/peopletagsbyuser.php +++ b/actions/peopletagsbyuser.php @@ -135,9 +135,9 @@ class PeopletagsbyuserAction extends Action return true; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); # Post from the tag dropdown; redirect to a GET diff --git a/actions/peopletagsforuser.php b/actions/peopletagsforuser.php index 7679be0b86..909969db22 100644 --- a/actions/peopletagsforuser.php +++ b/actions/peopletagsforuser.php @@ -95,9 +95,9 @@ class PeopletagsforuserAction extends Action return true; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showPage(); } diff --git a/actions/peopletagsubscribers.php b/actions/peopletagsubscribers.php index 589d49caa3..354f2deb0e 100644 --- a/actions/peopletagsubscribers.php +++ b/actions/peopletagsubscribers.php @@ -117,9 +117,9 @@ class PeopletagsubscribersAction extends Action } } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showPage(); } diff --git a/actions/peopletagsubscriptions.php b/actions/peopletagsubscriptions.php index 64edd09290..2be9187b9e 100644 --- a/actions/peopletagsubscriptions.php +++ b/actions/peopletagsubscriptions.php @@ -97,9 +97,9 @@ class PeopletagsubscriptionsAction extends Action return true; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showPage(); } diff --git a/actions/pluginenable.php b/actions/pluginenable.php index 707cbdecaa..da36f0995f 100644 --- a/actions/pluginenable.php +++ b/actions/pluginenable.php @@ -121,7 +121,7 @@ class PluginEnableAction extends Action * * @return void */ - function handle($args) + function handle() { $key = 'disable-' . $this->plugin; Config::save('plugins', $key, $this->overrideValue()); diff --git a/actions/profilecompletion.php b/actions/profilecompletion.php index aaf6026eb5..a931d6aead 100644 --- a/actions/profilecompletion.php +++ b/actions/profilecompletion.php @@ -120,7 +120,7 @@ class ProfilecompletionAction extends Action * @return void */ - function handle($args) + function handle() { $this->msg = null; diff --git a/actions/profiletagbyid.php b/actions/profiletagbyid.php index ce7298a2f6..4804e35c83 100644 --- a/actions/profiletagbyid.php +++ b/actions/profiletagbyid.php @@ -83,7 +83,7 @@ class ProfiletagbyidAction extends Action * * @return void */ - function handle($args) + function handle() { common_redirect($this->peopletag->homeUrl(), 303); } diff --git a/actions/publictagcloud.php b/actions/publictagcloud.php index db8185bb13..e557b75fd0 100644 --- a/actions/publictagcloud.php +++ b/actions/publictagcloud.php @@ -92,9 +92,9 @@ class PublictagcloudAction extends Action $this->elementEnd('div'); } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showPage(); } diff --git a/actions/recoverpassword.php b/actions/recoverpassword.php index d19ed4693c..f3192b5dd3 100644 --- a/actions/recoverpassword.php +++ b/actions/recoverpassword.php @@ -29,9 +29,9 @@ class RecoverpasswordAction extends Action var $msg = null; var $success = null; - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if (common_logged_in()) { // TRANS: Client error displayed trying to recover password while already logged in. $this->clientError(_('You are already logged in!')); diff --git a/actions/redirect.php b/actions/redirect.php index 9cb03708db..1fb952da41 100644 --- a/actions/redirect.php +++ b/actions/redirect.php @@ -63,7 +63,7 @@ class RedirectAction extends Action * * @return nothing */ - function handle($args) + function handle() { common_redirect(common_local_url($this->arg('nextAction'), $this->arg('args'))); } diff --git a/actions/register.php b/actions/register.php index 97f0e19cfd..6f23244d13 100644 --- a/actions/register.php +++ b/actions/register.php @@ -120,9 +120,9 @@ class RegisterAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if (common_config('site', 'closed')) { // TRANS: Client error displayed when trying to register to a closed site. diff --git a/actions/removepeopletag.php b/actions/removepeopletag.php index 8192e86b44..529bcbcb17 100644 --- a/actions/removepeopletag.php +++ b/actions/removepeopletag.php @@ -120,7 +120,7 @@ class RemovepeopletagAction extends Action * * @return void */ - function handle($args) + function handle() { // Throws exception on error diff --git a/actions/rsd.php b/actions/rsd.php index bd8042f0cd..92cf8b95e3 100644 --- a/actions/rsd.php +++ b/actions/rsd.php @@ -126,7 +126,7 @@ class RsdAction extends Action * * @return nothing */ - function handle($args) + function handle() { header('Content-Type: application/rsd+xml'); diff --git a/actions/showapplication.php b/actions/showapplication.php index d8ac293d40..ecc3b268fe 100644 --- a/actions/showapplication.php +++ b/actions/showapplication.php @@ -101,9 +101,9 @@ class ShowApplicationAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { diff --git a/actions/subedit.php b/actions/subedit.php index 47fe19ea24..9e779c4f06 100644 --- a/actions/subedit.php +++ b/actions/subedit.php @@ -58,9 +58,9 @@ class SubeditAction extends Action return true; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $cur = common_current_user(); diff --git a/actions/subscribe.php b/actions/subscribe.php index 320409afa0..f8b6093bbd 100644 --- a/actions/subscribe.php +++ b/actions/subscribe.php @@ -118,7 +118,7 @@ class SubscribeAction extends Action * * @return void */ - function handle($args) + function handle() { // Throws exception on error diff --git a/actions/subscribepeopletag.php b/actions/subscribepeopletag.php index b83ff70010..e9d4cbcc37 100644 --- a/actions/subscribepeopletag.php +++ b/actions/subscribepeopletag.php @@ -106,9 +106,9 @@ class SubscribepeopletagAction extends Action * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $cur = common_current_user(); diff --git a/actions/sup.php b/actions/sup.php index 911f0d9e55..5e26e8b106 100644 --- a/actions/sup.php +++ b/actions/sup.php @@ -22,9 +22,9 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } // @todo FIXME: documentation needed. class SupAction extends Action { - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $seconds = $this->trimmed('seconds'); diff --git a/actions/unsubscribe.php b/actions/unsubscribe.php index 4b85ba427c..524fbea284 100644 --- a/actions/unsubscribe.php +++ b/actions/unsubscribe.php @@ -44,9 +44,9 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { */ class UnsubscribeAction extends Action { - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if (!common_logged_in()) { // TRANS: Error message displayed when trying to perform an action that requires a logged in user. $this->clientError(_('Not logged in.')); diff --git a/actions/unsubscribepeopletag.php b/actions/unsubscribepeopletag.php index b5757ad6fd..7d9925720d 100644 --- a/actions/unsubscribepeopletag.php +++ b/actions/unsubscribepeopletag.php @@ -106,9 +106,9 @@ class UnsubscribepeopletagAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $cur = common_current_user(); diff --git a/lib/adminpanelaction.php b/lib/adminpanelaction.php index a7cb9fc722..322c6d7358 100644 --- a/lib/adminpanelaction.php +++ b/lib/adminpanelaction.php @@ -119,7 +119,7 @@ class AdminPanelAction extends Action * * @return void */ - function handle($args) + function handle() { if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->checkSessionToken(); diff --git a/lib/profileformaction.php b/lib/profileformaction.php index 1e00e6f12b..e340627e9d 100644 --- a/lib/profileformaction.php +++ b/lib/profileformaction.php @@ -96,9 +96,9 @@ class ProfileFormAction extends RedirectingAction * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { try { diff --git a/lib/searchaction.php b/lib/searchaction.php index aea8860356..5ede78d414 100644 --- a/lib/searchaction.php +++ b/lib/searchaction.php @@ -56,9 +56,9 @@ class SearchAction extends Action return true; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showPage(); } diff --git a/plugins/AccountManager/actions/accountmanagementcontroldocument.php b/plugins/AccountManager/actions/accountmanagementcontroldocument.php index 955779b4ee..8f9eca61de 100644 --- a/plugins/AccountManager/actions/accountmanagementcontroldocument.php +++ b/plugins/AccountManager/actions/accountmanagementcontroldocument.php @@ -49,9 +49,9 @@ class AccountManagementControlDocumentAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); header('Content-Type: application/json; charset=utf-8'); diff --git a/plugins/AccountManager/actions/accountmanagementsessionstatus.php b/plugins/AccountManager/actions/accountmanagementsessionstatus.php index 9eeff72402..af8dbffc93 100644 --- a/plugins/AccountManager/actions/accountmanagementsessionstatus.php +++ b/plugins/AccountManager/actions/accountmanagementsessionstatus.php @@ -49,9 +49,9 @@ class AccountManagementSessionStatusAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $cur = common_current_user(); if(empty($cur)) { diff --git a/plugins/ActivitySpam/actions/spam.php b/plugins/ActivitySpam/actions/spam.php index 00a1e0b8a1..fa2e5737c7 100644 --- a/plugins/ActivitySpam/actions/spam.php +++ b/plugins/ActivitySpam/actions/spam.php @@ -106,7 +106,7 @@ class SpamAction extends Action function handle($argarray=null) { - parent::handle($args); + parent::handle(); $this->showPage(); } diff --git a/plugins/AnonymousFave/actions/anondisfavor.php b/plugins/AnonymousFave/actions/anondisfavor.php index 6b0fae82c1..82b9ac5917 100644 --- a/plugins/AnonymousFave/actions/anondisfavor.php +++ b/plugins/AnonymousFave/actions/anondisfavor.php @@ -47,9 +47,9 @@ class AnonDisfavorAction extends RedirectingAction * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $profile = AnonymousFavePlugin::getAnonProfile(); diff --git a/plugins/AnonymousFave/actions/anonfavor.php b/plugins/AnonymousFave/actions/anonfavor.php index 287c25cbe9..114810ae71 100644 --- a/plugins/AnonymousFave/actions/anonfavor.php +++ b/plugins/AnonymousFave/actions/anonfavor.php @@ -47,9 +47,9 @@ class AnonFavorAction extends RedirectingAction * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $profile = AnonymousFavePlugin::getAnonProfile(); diff --git a/plugins/Bookmark/actions/apitimelinebookmarks.php b/plugins/Bookmark/actions/apitimelinebookmarks.php index ee43617127..2376e994ac 100644 --- a/plugins/Bookmark/actions/apitimelinebookmarks.php +++ b/plugins/Bookmark/actions/apitimelinebookmarks.php @@ -82,9 +82,9 @@ class ApiTimelineBookmarksAction extends ApiBareAuthAction * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showTimeline(); } diff --git a/plugins/Bookmark/actions/bookmarks.php b/plugins/Bookmark/actions/bookmarks.php index 6c79fa1d02..0c908a2ca8 100644 --- a/plugins/Bookmark/actions/bookmarks.php +++ b/plugins/Bookmark/actions/bookmarks.php @@ -107,9 +107,9 @@ class BookmarksAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showPage(); } diff --git a/plugins/CasAuthentication/actions/caslogin.php b/plugins/CasAuthentication/actions/caslogin.php index 09377c62eb..7310072d92 100644 --- a/plugins/CasAuthentication/actions/caslogin.php +++ b/plugins/CasAuthentication/actions/caslogin.php @@ -21,9 +21,9 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } class CasloginAction extends Action { - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if (common_is_real_login()) { // TRANS: Client error displayed when trying to log in while already logged on. $this->clientError(_m('Already logged in.')); diff --git a/plugins/ClientSideShorten/actions/shorten.php b/plugins/ClientSideShorten/actions/shorten.php index 6840d532aa..8351839cdb 100644 --- a/plugins/ClientSideShorten/actions/shorten.php +++ b/plugins/ClientSideShorten/actions/shorten.php @@ -60,7 +60,7 @@ class ShortenAction extends Action function handle($args=null) { - parent::handle($args); + parent::handle(); header('Content-Type: text/plain'); $shortened_text = common_shorten_links($this->text); print $shortened_text; diff --git a/plugins/DirectMessage/actions/showmessage.php b/plugins/DirectMessage/actions/showmessage.php index 86fbee8b73..f7dc3731b4 100644 --- a/plugins/DirectMessage/actions/showmessage.php +++ b/plugins/DirectMessage/actions/showmessage.php @@ -89,7 +89,7 @@ class ShowmessageAction extends Action return true; } - function handle($args) + function handle() { $this->showPage(); } diff --git a/plugins/DirectMessage/lib/mailboxaction.php b/plugins/DirectMessage/lib/mailboxaction.php index 3c7281e985..fd2e1fabc4 100644 --- a/plugins/DirectMessage/lib/mailboxaction.php +++ b/plugins/DirectMessage/lib/mailboxaction.php @@ -70,9 +70,9 @@ class MailboxAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if (!$this->user) { // TRANS: Client error displayed when trying to access a mailbox without providing a user. diff --git a/plugins/Event/actions/timelist.php b/plugins/Event/actions/timelist.php index 092fa6bda5..c24613a8d4 100644 --- a/plugins/Event/actions/timelist.php +++ b/plugins/Event/actions/timelist.php @@ -56,9 +56,9 @@ class TimelistAction extends Action { * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if (!common_logged_in()) { // TRANS: Error message displayed when trying to perform an action that requires a logged in user. diff --git a/plugins/ExtendedProfile/actions/userautocomplete.php b/plugins/ExtendedProfile/actions/userautocomplete.php index d4857429e0..9c3afbd106 100644 --- a/plugins/ExtendedProfile/actions/userautocomplete.php +++ b/plugins/ExtendedProfile/actions/userautocomplete.php @@ -57,9 +57,9 @@ class UserautocompleteAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showResults(); } diff --git a/plugins/FacebookBridge/actions/facebookdeauthorize.php b/plugins/FacebookBridge/actions/facebookdeauthorize.php index 443b768f5c..9173850ca5 100644 --- a/plugins/FacebookBridge/actions/facebookdeauthorize.php +++ b/plugins/FacebookBridge/actions/facebookdeauthorize.php @@ -60,9 +60,9 @@ class FacebookdeauthorizeAction extends Action * * @param array $args is ignored since it's now passed in in prepare() */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $data = $this->facebook->getSignedRequest(); diff --git a/plugins/FacebookBridge/actions/facebookfinishlogin.php b/plugins/FacebookBridge/actions/facebookfinishlogin.php index 7cf493a994..93d4aaeacd 100644 --- a/plugins/FacebookBridge/actions/facebookfinishlogin.php +++ b/plugins/FacebookBridge/actions/facebookfinishlogin.php @@ -79,9 +79,9 @@ class FacebookfinishloginAction extends Action return true; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if (common_is_real_login()) { diff --git a/plugins/FacebookBridge/actions/facebooklogin.php b/plugins/FacebookBridge/actions/facebooklogin.php index f30822b63f..c79b74654f 100644 --- a/plugins/FacebookBridge/actions/facebooklogin.php +++ b/plugins/FacebookBridge/actions/facebooklogin.php @@ -34,9 +34,9 @@ if (!defined('STATUSNET')) { class FacebookloginAction extends Action { - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if (common_is_real_login()) { // TRANS: Client error displayed when trying to login while already logged in. diff --git a/plugins/Favorite/actions/apifavoritedestroy.php b/plugins/Favorite/actions/apifavoritedestroy.php index 1c63ad2628..cf5659978a 100644 --- a/plugins/Favorite/actions/apifavoritedestroy.php +++ b/plugins/Favorite/actions/apifavoritedestroy.php @@ -82,9 +82,9 @@ class ApiFavoriteDestroyAction extends ApiAuthAction * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if ($_SERVER['REQUEST_METHOD'] != 'POST') { $this->clientError( diff --git a/plugins/Favorite/actions/favorited.php b/plugins/Favorite/actions/favorited.php index 8c2871dc3c..dbd0ebe5bf 100644 --- a/plugins/Favorite/actions/favorited.php +++ b/plugins/Favorite/actions/favorited.php @@ -114,9 +114,9 @@ class FavoritedAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showPage(); } diff --git a/plugins/GNUsocialPhoto/actions/newphoto.php b/plugins/GNUsocialPhoto/actions/newphoto.php index 18ae5523a0..4f9f293e96 100644 --- a/plugins/GNUsocialPhoto/actions/newphoto.php +++ b/plugins/GNUsocialPhoto/actions/newphoto.php @@ -50,9 +50,9 @@ class NewphotoAction extends Action return true; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if ($this->isPost()) { $this->handlePost($args); diff --git a/plugins/GNUsocialPhotos/actions/editphoto.php b/plugins/GNUsocialPhotos/actions/editphoto.php index 35dac7bf3f..db36813f27 100644 --- a/plugins/GNUsocialPhotos/actions/editphoto.php +++ b/plugins/GNUsocialPhotos/actions/editphoto.php @@ -46,9 +46,9 @@ class EditphotoAction extends Action return true; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if($_SERVER['REQUEST_METHOD'] == 'POST') { $this->handlePost(); } diff --git a/plugins/GNUsocialPhotos/actions/photos.php b/plugins/GNUsocialPhotos/actions/photos.php index b1e1b73ff1..082736cd21 100644 --- a/plugins/GNUsocialPhotos/actions/photos.php +++ b/plugins/GNUsocialPhotos/actions/photos.php @@ -53,9 +53,9 @@ class PhotosAction extends Action return true; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showPage(); } diff --git a/plugins/GNUsocialPhotos/actions/photoupload.php b/plugins/GNUsocialPhotos/actions/photoupload.php index 25bd4f84d0..6dd5f9aef1 100644 --- a/plugins/GNUsocialPhotos/actions/photoupload.php +++ b/plugins/GNUsocialPhotos/actions/photoupload.php @@ -43,9 +43,9 @@ class PhotouploadAction extends Action return true; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if($_SERVER['REQUEST_METHOD'] == 'POST') { $this->handlePost(); } diff --git a/plugins/GNUsocialProfileExtensions/actions/bio.php b/plugins/GNUsocialProfileExtensions/actions/bio.php index 269389e07d..3022e6e761 100644 --- a/plugins/GNUsocialProfileExtensions/actions/bio.php +++ b/plugins/GNUsocialProfileExtensions/actions/bio.php @@ -51,9 +51,9 @@ class BioAction extends Action } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showPage(); } diff --git a/plugins/GNUsocialVideo/actions/postvideo.php b/plugins/GNUsocialVideo/actions/postvideo.php index bdd86abc9e..729afc5d2d 100644 --- a/plugins/GNUsocialVideo/actions/postvideo.php +++ b/plugins/GNUsocialVideo/actions/postvideo.php @@ -54,9 +54,9 @@ class PostvideoAction extends Action { return true; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if ($this->isPost()) { $this->handlePost($args); diff --git a/plugins/LinkPreview/actions/oembedproxy.php b/plugins/LinkPreview/actions/oembedproxy.php index 97b0942441..e36239216a 100644 --- a/plugins/LinkPreview/actions/oembedproxy.php +++ b/plugins/LinkPreview/actions/oembedproxy.php @@ -46,7 +46,7 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { */ class OembedproxyAction extends OembedAction { - function handle($args) + function handle() { // Trigger short error responses; not a human-readable web page. GNUsocial::setApi(true); diff --git a/plugins/Mapstraction/actions/map.php b/plugins/Mapstraction/actions/map.php index 75a065a26a..0a5334103e 100644 --- a/plugins/Mapstraction/actions/map.php +++ b/plugins/Mapstraction/actions/map.php @@ -94,9 +94,9 @@ class MapAction extends Action return true; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showPage(); } diff --git a/plugins/OpenID/actions/finishaddopenid.php b/plugins/OpenID/actions/finishaddopenid.php index 5182e50778..e3e100c9e4 100644 --- a/plugins/OpenID/actions/finishaddopenid.php +++ b/plugins/OpenID/actions/finishaddopenid.php @@ -58,9 +58,9 @@ class FinishaddopenidAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if (!common_logged_in()) { // TRANS: Error message displayed when trying to perform an action that requires a logged in user. $this->clientError(_m('Not logged in.')); diff --git a/plugins/OpenID/actions/finishopenidlogin.php b/plugins/OpenID/actions/finishopenidlogin.php index 3a99988fb5..f91d10d252 100644 --- a/plugins/OpenID/actions/finishopenidlogin.php +++ b/plugins/OpenID/actions/finishopenidlogin.php @@ -29,9 +29,9 @@ class FinishopenidloginAction extends Action var $username = null; var $message = null; - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if (common_is_real_login()) { // TRANS: Client error message trying to log on with OpenID while already logged on. $this->clientError(_m('Already logged in.')); diff --git a/plugins/OpenID/actions/openidlogin.php b/plugins/OpenID/actions/openidlogin.php index 86ebcae2e1..b06189e2fd 100644 --- a/plugins/OpenID/actions/openidlogin.php +++ b/plugins/OpenID/actions/openidlogin.php @@ -25,9 +25,9 @@ require_once INSTALLDIR.'/plugins/OpenID/openid.php'; class OpenidloginAction extends Action { - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if (common_is_real_login()) { // TRANS: Client error message trying to log on with OpenID while already logged on. $this->clientError(_m('Already logged in.')); diff --git a/plugins/OpenID/actions/openidserver.php b/plugins/OpenID/actions/openidserver.php index d4bb6e25f4..acab0938b8 100644 --- a/plugins/OpenID/actions/openidserver.php +++ b/plugins/OpenID/actions/openidserver.php @@ -57,9 +57,9 @@ class OpenidserverAction extends Action return true; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $request = $this->oserver->decodeRequest(); if (in_array($request->mode, array('checkid_immediate', 'checkid_setup'))) { diff --git a/plugins/OpenID/actions/openidtrust.php b/plugins/OpenID/actions/openidtrust.php index 3f8a3a93b7..3c0e24981f 100644 --- a/plugins/OpenID/actions/openidtrust.php +++ b/plugins/OpenID/actions/openidtrust.php @@ -71,9 +71,9 @@ class OpenidtrustAction extends Action return true; } - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if($_SERVER['REQUEST_METHOD'] == 'POST'){ $this->handleSubmit(); }else{ diff --git a/plugins/OpenID/openid.php b/plugins/OpenID/openid.php index ee854e8140..c96248ad0f 100644 --- a/plugins/OpenID/openid.php +++ b/plugins/OpenID/openid.php @@ -359,9 +359,9 @@ class AutosubmitAction extends Action var $form_html = null; var $form_id = null; - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showPage(); } diff --git a/plugins/RSSCloud/actions/loggingaggregator.php b/plugins/RSSCloud/actions/loggingaggregator.php index 824fa9ee9c..a50e99011c 100644 --- a/plugins/RSSCloud/actions/loggingaggregator.php +++ b/plugins/RSSCloud/actions/loggingaggregator.php @@ -77,9 +77,9 @@ class LoggingAggregatorAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if (empty($this->url)) { // TRANS: Form validation error displayed when a URL parameter is missing. diff --git a/plugins/RSSCloud/actions/rsscloudrequestnotify.php b/plugins/RSSCloud/actions/rsscloudrequestnotify.php index 7fd6da0509..4656fc9650 100644 --- a/plugins/RSSCloud/actions/rsscloudrequestnotify.php +++ b/plugins/RSSCloud/actions/rsscloudrequestnotify.php @@ -82,9 +82,9 @@ class RSSCloudRequestNotifyAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); if ($_SERVER['REQUEST_METHOD'] != 'POST') { // TRANS: Form validation error displayed when POST is not used. diff --git a/plugins/Sample/actions/hello.php b/plugins/Sample/actions/hello.php index da5682b332..c0bde93d7d 100644 --- a/plugins/Sample/actions/hello.php +++ b/plugins/Sample/actions/hello.php @@ -91,9 +91,9 @@ class HelloAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showPage(); } diff --git a/plugins/SearchSub/actions/searchsub.php b/plugins/SearchSub/actions/searchsub.php index 586f2252f6..ae1e1550ae 100644 --- a/plugins/SearchSub/actions/searchsub.php +++ b/plugins/SearchSub/actions/searchsub.php @@ -118,7 +118,7 @@ class SearchsubAction extends Action * * @return void */ - function handle($args) + function handle() { // Throws exception on error diff --git a/plugins/SearchSub/actions/searchunsub.php b/plugins/SearchSub/actions/searchunsub.php index a6ce0f07c5..1bc3a1c95b 100644 --- a/plugins/SearchSub/actions/searchunsub.php +++ b/plugins/SearchSub/actions/searchunsub.php @@ -62,7 +62,7 @@ class SearchunsubAction extends SearchsubAction * * @return void */ - function handle($args) + function handle() { // Throws exception on error diff --git a/plugins/Share/actions/apistatusesretweets.php b/plugins/Share/actions/apistatusesretweets.php index 7af4cd3ec6..9a75aa8918 100644 --- a/plugins/Share/actions/apistatusesretweets.php +++ b/plugins/Share/actions/apistatusesretweets.php @@ -89,9 +89,9 @@ class ApiStatusesRetweetsAction extends ApiAuthAction * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $strm = $this->original->repeatStream($this->cnt); diff --git a/plugins/Share/actions/apitimelineretweetsofme.php b/plugins/Share/actions/apitimelineretweetsofme.php index fe90213665..58c6886af6 100644 --- a/plugins/Share/actions/apitimelineretweetsofme.php +++ b/plugins/Share/actions/apitimelineretweetsofme.php @@ -83,9 +83,9 @@ class ApiTimelineRetweetsOfMeAction extends ApiAuthAction * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $offset = ($this->page-1) * $this->cnt; $limit = $this->cnt; diff --git a/plugins/Sitemap/actions/sitemap.php b/plugins/Sitemap/actions/sitemap.php index ef77645c31..16c2014efd 100644 --- a/plugins/Sitemap/actions/sitemap.php +++ b/plugins/Sitemap/actions/sitemap.php @@ -49,9 +49,9 @@ class SitemapAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); header('Content-Type: text/xml; charset=UTF-8'); $this->startXML(); diff --git a/plugins/Sitemap/actions/sitemapindex.php b/plugins/Sitemap/actions/sitemapindex.php index ab89c2156c..09e3c805e0 100644 --- a/plugins/Sitemap/actions/sitemapindex.php +++ b/plugins/Sitemap/actions/sitemapindex.php @@ -49,7 +49,7 @@ class SitemapindexAction extends Action * * @return void */ - function handle($args) + function handle() { header('Content-Type: text/xml; charset=UTF-8'); $this->startXML(); diff --git a/plugins/TagSub/actions/tagsub.php b/plugins/TagSub/actions/tagsub.php index de333c8f58..f9ecaa94af 100644 --- a/plugins/TagSub/actions/tagsub.php +++ b/plugins/TagSub/actions/tagsub.php @@ -118,7 +118,7 @@ class TagsubAction extends Action * * @return void */ - function handle($args) + function handle() { // Throws exception on error diff --git a/plugins/TagSub/actions/tagunsub.php b/plugins/TagSub/actions/tagunsub.php index 43afab08e3..4e04a55b95 100644 --- a/plugins/TagSub/actions/tagunsub.php +++ b/plugins/TagSub/actions/tagunsub.php @@ -62,7 +62,7 @@ class TagunsubAction extends TagsubAction * * @return void */ - function handle($args) + function handle() { // Throws exception on error diff --git a/plugins/UserFlag/actions/adminprofileflag.php b/plugins/UserFlag/actions/adminprofileflag.php index 9b5b4088bf..708bd99d29 100644 --- a/plugins/UserFlag/actions/adminprofileflag.php +++ b/plugins/UserFlag/actions/adminprofileflag.php @@ -107,9 +107,9 @@ class AdminprofileflagAction extends Action * * @return void */ - function handle($args) + function handle() { - parent::handle($args); + parent::handle(); $this->showPage(); } diff --git a/plugins/UserFlag/actions/clearflag.php b/plugins/UserFlag/actions/clearflag.php index c2443d6d58..28152fb079 100644 --- a/plugins/UserFlag/actions/clearflag.php +++ b/plugins/UserFlag/actions/clearflag.php @@ -73,7 +73,7 @@ class ClearflagAction extends ProfileFormAction * * @return void */ - function handle($args) + function handle() { if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->handlePost(); diff --git a/plugins/UserFlag/actions/flagprofile.php b/plugins/UserFlag/actions/flagprofile.php index 4c4dc46f60..ec036fc064 100644 --- a/plugins/UserFlag/actions/flagprofile.php +++ b/plugins/UserFlag/actions/flagprofile.php @@ -73,7 +73,7 @@ class FlagprofileAction extends ProfileFormAction * * @return void */ - function handle($args) + function handle() { if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->handlePost(); From 9de79f0a3643cd186b46d68894b4fc9ff40e494e Mon Sep 17 00:00:00 2001 From: Chimo Date: Wed, 1 Jun 2016 02:21:50 +0000 Subject: [PATCH 196/415] Update prepare() method on Action subclasses. Fixes handle()-related strict warnings such as "Strict Standards: Declaration of AdminPanelAction::prepare() should be compatible with Action::prepare(array $args = Array) Ref. #190 --- actions/addpeopletag.php | 2 +- actions/apiaccountupdatedeliverydevice.php | 2 +- actions/apiatomservice.php | 2 +- actions/apigrouplistall.php | 2 +- actions/apilistsubscriber.php | 2 +- actions/apioauthauthorize.php | 2 +- actions/apioauthrequesttoken.php | 2 +- actions/apisearchatom.php | 2 +- actions/apisearchjson.php | 2 +- actions/apitrends.php | 2 +- actions/approvegroup.php | 2 +- actions/approvesub.php | 2 +- actions/block.php | 2 +- actions/cancelgroup.php | 2 +- actions/deleteapplication.php | 2 +- actions/deletegroup.php | 2 +- actions/editapplication.php | 2 +- actions/editpeopletag.php | 2 +- actions/featured.php | 2 +- actions/foafgroup.php | 2 +- actions/geocode.php | 2 +- actions/grantrole.php | 2 +- actions/groupblock.php | 2 +- actions/groups.php | 2 +- actions/groupunblock.php | 2 +- actions/makeadmin.php | 2 +- actions/noticesearch.php | 2 +- actions/otp.php | 2 +- actions/peopletag.php | 2 +- actions/peopletagautocomplete.php | 2 +- actions/peopletagged.php | 2 +- actions/peopletagsbyuser.php | 2 +- actions/peopletagsforuser.php | 2 +- actions/peopletagsubscribers.php | 2 +- actions/peopletagsubscriptions.php | 2 +- actions/pluginenable.php | 2 +- actions/profilecompletion.php | 2 +- actions/profiletagbyid.php | 2 +- actions/removepeopletag.php | 2 +- actions/revokerole.php | 2 +- actions/rsd.php | 2 +- actions/sandbox.php | 2 +- actions/showapplication.php | 2 +- actions/subedit.php | 2 +- actions/subscribe.php | 2 +- actions/subscribepeopletag.php | 2 +- actions/unblock.php | 2 +- actions/unsandbox.php | 2 +- actions/unsubscribepeopletag.php | 2 +- lib/adminpanelaction.php | 2 +- lib/profileformaction.php | 2 +- plugins/Bookmark/actions/apitimelinebookmarks.php | 2 +- plugins/Bookmark/actions/bookmarkforurl.php | 2 +- plugins/Bookmark/actions/bookmarks.php | 2 +- plugins/ClientSideShorten/actions/shorten.php | 2 +- plugins/DirectMessage/actions/showmessage.php | 2 +- plugins/DirectMessage/lib/mailboxaction.php | 2 +- plugins/DomainStatusNetwork/actions/globalapi.php | 2 +- plugins/Event/actions/timelist.php | 2 +- plugins/ExtendedProfile/actions/userautocomplete.php | 2 +- plugins/FacebookBridge/actions/facebookdeauthorize.php | 2 +- plugins/FacebookBridge/actions/facebookfinishlogin.php | 2 +- plugins/Favorite/actions/apifavoritedestroy.php | 2 +- plugins/Favorite/actions/favorited.php | 2 +- plugins/GNUsocialPhoto/actions/newphoto.php | 2 +- plugins/GNUsocialPhotos/actions/editphoto.php | 2 +- plugins/GNUsocialPhotos/actions/photos.php | 2 +- plugins/GNUsocialPhotos/actions/photoupload.php | 2 +- plugins/GNUsocialProfileExtensions/actions/bio.php | 2 +- plugins/GNUsocialVideo/actions/postvideo.php | 2 +- plugins/GNUsocialVideo/actions/showvideo.php | 2 +- plugins/Mapstraction/actions/allmap.php | 2 +- plugins/Mapstraction/actions/map.php | 2 +- plugins/Mapstraction/actions/usermap.php | 2 +- plugins/OStatus/actions/ostatustag.php | 2 +- plugins/OpenID/actions/openidserver.php | 2 +- plugins/OpenID/actions/openidtrust.php | 2 +- plugins/RSSCloud/actions/loggingaggregator.php | 2 +- plugins/RSSCloud/actions/rsscloudrequestnotify.php | 2 +- plugins/Sample/actions/hello.php | 2 +- plugins/SearchSub/actions/searchsub.php | 2 +- plugins/Share/actions/apistatusesretweets.php | 2 +- plugins/Share/actions/apitimelineretweetedbyme.php | 2 +- plugins/Share/actions/apitimelineretweetsofme.php | 2 +- plugins/Sitemap/actions/noticesitemap.php | 2 +- plugins/Sitemap/actions/usersitemap.php | 2 +- plugins/SlicedFavorites/actions/favoritedslice.php | 2 +- plugins/TagSub/actions/tagsub.php | 2 +- plugins/UserFlag/actions/adminprofileflag.php | 2 +- plugins/UserFlag/actions/clearflag.php | 2 +- plugins/UserFlag/actions/flagprofile.php | 2 +- 91 files changed, 91 insertions(+), 91 deletions(-) diff --git a/actions/addpeopletag.php b/actions/addpeopletag.php index 3de29d54a2..94a2cddfb0 100644 --- a/actions/addpeopletag.php +++ b/actions/addpeopletag.php @@ -65,7 +65,7 @@ class AddpeopletagAction extends Action * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/apiaccountupdatedeliverydevice.php b/actions/apiaccountupdatedeliverydevice.php index d2f137077d..549ab5243a 100644 --- a/actions/apiaccountupdatedeliverydevice.php +++ b/actions/apiaccountupdatedeliverydevice.php @@ -54,7 +54,7 @@ class ApiAccountUpdateDeliveryDeviceAction extends ApiAuthAction * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/apiatomservice.php b/actions/apiatomservice.php index 87a39b56a3..7673cee043 100644 --- a/actions/apiatomservice.php +++ b/actions/apiatomservice.php @@ -51,7 +51,7 @@ class ApiAtomServiceAction extends ApiBareAuthAction * @return boolean success flag * */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); $this->user = $this->getTargetUser($this->arg('id')); diff --git a/actions/apigrouplistall.php b/actions/apigrouplistall.php index 932e524ae1..90f8eed8fa 100644 --- a/actions/apigrouplistall.php +++ b/actions/apigrouplistall.php @@ -58,7 +58,7 @@ class ApiGroupListAllAction extends ApiPrivateAuthAction * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/apilistsubscriber.php b/actions/apilistsubscriber.php index 21c0b20b74..f0391cc445 100644 --- a/actions/apilistsubscriber.php +++ b/actions/apilistsubscriber.php @@ -33,7 +33,7 @@ class ApiListSubscriberAction extends ApiBareAuthAction { var $list = null; - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/apioauthauthorize.php b/actions/apioauthauthorize.php index 6c93d47ccd..8f0329cb80 100644 --- a/actions/apioauthauthorize.php +++ b/actions/apioauthauthorize.php @@ -60,7 +60,7 @@ class ApiOAuthAuthorizeAction extends ApiOAuthAction return false; } - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/apioauthrequesttoken.php b/actions/apioauthrequesttoken.php index b85ca70c47..1279d5e092 100644 --- a/actions/apioauthrequesttoken.php +++ b/actions/apioauthrequesttoken.php @@ -49,7 +49,7 @@ class ApiOAuthRequestTokenAction extends ApiOAuthAction * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/apisearchatom.php b/actions/apisearchatom.php index fca745c1fd..3a24b771ea 100644 --- a/actions/apisearchatom.php +++ b/actions/apisearchatom.php @@ -88,7 +88,7 @@ class ApiSearchAtomAction extends ApiPrivateAuthAction * * @return boolean success */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/apisearchjson.php b/actions/apisearchjson.php index cec826c016..d49444369d 100644 --- a/actions/apisearchjson.php +++ b/actions/apisearchjson.php @@ -57,7 +57,7 @@ class ApiSearchJSONAction extends ApiPrivateAuthAction * * @return boolean true if nothing goes wrong */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/apitrends.php b/actions/apitrends.php index 79bd452dba..996ad66301 100644 --- a/actions/apitrends.php +++ b/actions/apitrends.php @@ -53,7 +53,7 @@ class ApiTrendsAction extends ApiPrivateAuthAction * * @return boolean false if user doesn't exist */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); return true; diff --git a/actions/approvegroup.php b/actions/approvegroup.php index 18f62d28b1..e080be6474 100644 --- a/actions/approvegroup.php +++ b/actions/approvegroup.php @@ -50,7 +50,7 @@ class ApprovegroupAction extends Action /** * Prepare to run */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/approvesub.php b/actions/approvesub.php index aa8c23bf7d..147d37f297 100644 --- a/actions/approvesub.php +++ b/actions/approvesub.php @@ -50,7 +50,7 @@ class ApprovesubAction extends Action /** * Prepare to run */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/block.php b/actions/block.php index 5a8996f807..1d2910dc19 100644 --- a/actions/block.php +++ b/actions/block.php @@ -53,7 +53,7 @@ class BlockAction extends ProfileFormAction * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { if (!parent::prepare($args)) { return false; diff --git a/actions/cancelgroup.php b/actions/cancelgroup.php index 02e9493551..5688b5c451 100644 --- a/actions/cancelgroup.php +++ b/actions/cancelgroup.php @@ -50,7 +50,7 @@ class CancelgroupAction extends Action /** * Prepare to run */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/deleteapplication.php b/actions/deleteapplication.php index 297ddc54bc..0a9af4cfb9 100644 --- a/actions/deleteapplication.php +++ b/actions/deleteapplication.php @@ -51,7 +51,7 @@ class DeleteapplicationAction extends Action * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { if (!parent::prepare($args)) { return false; diff --git a/actions/deletegroup.php b/actions/deletegroup.php index aacfe35bde..2a4343b06e 100644 --- a/actions/deletegroup.php +++ b/actions/deletegroup.php @@ -55,7 +55,7 @@ class DeletegroupAction extends RedirectingAction * @fixme merge common setup code with other group actions * @fixme allow group admins to delete their own groups */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/editapplication.php b/actions/editapplication.php index c0e27d86fb..d492afb08f 100644 --- a/actions/editapplication.php +++ b/actions/editapplication.php @@ -57,7 +57,7 @@ class EditApplicationAction extends Action /** * Prepare to run */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/editpeopletag.php b/actions/editpeopletag.php index 02dc06180d..0fbba56224 100644 --- a/actions/editpeopletag.php +++ b/actions/editpeopletag.php @@ -60,7 +60,7 @@ class EditpeopletagAction extends Action * Prepare to run */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/featured.php b/actions/featured.php index a30d5867a4..5609d6bace 100644 --- a/actions/featured.php +++ b/actions/featured.php @@ -54,7 +54,7 @@ class FeaturedAction extends Action return true; } - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; diff --git a/actions/foafgroup.php b/actions/foafgroup.php index 57303cf362..e0cec8866c 100644 --- a/actions/foafgroup.php +++ b/actions/foafgroup.php @@ -35,7 +35,7 @@ class FoafGroupAction extends Action return true; } - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/geocode.php b/actions/geocode.php index 6e4d1ce0f4..dc547f2c36 100644 --- a/actions/geocode.php +++ b/actions/geocode.php @@ -47,7 +47,7 @@ class GeocodeAction extends Action var $lon = null; var $location = null; - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); $token = $this->trimmed('token'); diff --git a/actions/grantrole.php b/actions/grantrole.php index 35f0dcf961..2fc4907cfc 100644 --- a/actions/grantrole.php +++ b/actions/grantrole.php @@ -49,7 +49,7 @@ class GrantRoleAction extends ProfileFormAction * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { if (!parent::prepare($args)) { return false; diff --git a/actions/groupblock.php b/actions/groupblock.php index 4bf5d74c20..43fa1f52d5 100644 --- a/actions/groupblock.php +++ b/actions/groupblock.php @@ -52,7 +52,7 @@ class GroupblockAction extends RedirectingAction * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); if (!common_logged_in()) { diff --git a/actions/groups.php b/actions/groups.php index 258fee262b..2e88d0a960 100644 --- a/actions/groups.php +++ b/actions/groups.php @@ -67,7 +67,7 @@ class GroupsAction extends Action } } - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; diff --git a/actions/groupunblock.php b/actions/groupunblock.php index 7a4853aa37..42c68b7abd 100644 --- a/actions/groupunblock.php +++ b/actions/groupunblock.php @@ -52,7 +52,7 @@ class GroupunblockAction extends Action * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); if (!common_logged_in()) { diff --git a/actions/makeadmin.php b/actions/makeadmin.php index 8c88d4cd69..1bb830f81e 100644 --- a/actions/makeadmin.php +++ b/actions/makeadmin.php @@ -54,7 +54,7 @@ class MakeadminAction extends RedirectingAction * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); if (!common_logged_in()) { diff --git a/actions/noticesearch.php b/actions/noticesearch.php index d7cdeaacc6..2886700f6a 100644 --- a/actions/noticesearch.php +++ b/actions/noticesearch.php @@ -50,7 +50,7 @@ class NoticesearchAction extends SearchAction { protected $q = null; - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/otp.php b/actions/otp.php index c5f3e70b26..bb888acb6a 100644 --- a/actions/otp.php +++ b/actions/otp.php @@ -53,7 +53,7 @@ class OtpAction extends Action var $returnto; var $lt; - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/peopletag.php b/actions/peopletag.php index 007e722a0b..ed811ce262 100644 --- a/actions/peopletag.php +++ b/actions/peopletag.php @@ -62,7 +62,7 @@ class PeopletagAction extends Action } } - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; diff --git a/actions/peopletagautocomplete.php b/actions/peopletagautocomplete.php index c165b40805..3daac8e868 100644 --- a/actions/peopletagautocomplete.php +++ b/actions/peopletagautocomplete.php @@ -44,7 +44,7 @@ class PeopletagautocompleteAction extends Action * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/peopletagged.php b/actions/peopletagged.php index d82a448ce5..1b0f897c11 100644 --- a/actions/peopletagged.php +++ b/actions/peopletagged.php @@ -53,7 +53,7 @@ class PeopletaggedAction extends Action return true; } - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; diff --git a/actions/peopletagsbyuser.php b/actions/peopletagsbyuser.php index 0b85bf2956..7463108774 100644 --- a/actions/peopletagsbyuser.php +++ b/actions/peopletagsbyuser.php @@ -68,7 +68,7 @@ class PeopletagsbyuserAction extends Action } } - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/peopletagsforuser.php b/actions/peopletagsforuser.php index 909969db22..a930328156 100644 --- a/actions/peopletagsforuser.php +++ b/actions/peopletagsforuser.php @@ -54,7 +54,7 @@ class PeopletagsforuserAction extends Action } } - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/peopletagsubscribers.php b/actions/peopletagsubscribers.php index 354f2deb0e..e5be8a3ff4 100644 --- a/actions/peopletagsubscribers.php +++ b/actions/peopletagsubscribers.php @@ -53,7 +53,7 @@ class PeopletagsubscribersAction extends Action return true; } - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; diff --git a/actions/peopletagsubscriptions.php b/actions/peopletagsubscriptions.php index 2be9187b9e..ae491bbe59 100644 --- a/actions/peopletagsubscriptions.php +++ b/actions/peopletagsubscriptions.php @@ -56,7 +56,7 @@ class PeopletagsubscriptionsAction extends Action } } - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/pluginenable.php b/actions/pluginenable.php index da36f0995f..d0467ec2d8 100644 --- a/actions/pluginenable.php +++ b/actions/pluginenable.php @@ -64,7 +64,7 @@ class PluginEnableAction extends Action * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/profilecompletion.php b/actions/profilecompletion.php index a931d6aead..4b0c4607e7 100644 --- a/actions/profilecompletion.php +++ b/actions/profilecompletion.php @@ -68,7 +68,7 @@ class ProfilecompletionAction extends Action * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/profiletagbyid.php b/actions/profiletagbyid.php index 4804e35c83..4c333ae9b6 100644 --- a/actions/profiletagbyid.php +++ b/actions/profiletagbyid.php @@ -45,7 +45,7 @@ class ProfiletagbyidAction extends Action return true; } - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/removepeopletag.php b/actions/removepeopletag.php index 529bcbcb17..20fd80bc7a 100644 --- a/actions/removepeopletag.php +++ b/actions/removepeopletag.php @@ -66,7 +66,7 @@ class RemovepeopletagAction extends Action * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/revokerole.php b/actions/revokerole.php index b55399598e..42aa2a7fa5 100644 --- a/actions/revokerole.php +++ b/actions/revokerole.php @@ -49,7 +49,7 @@ class RevokeRoleAction extends ProfileFormAction * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { if (!parent::prepare($args)) { return false; diff --git a/actions/rsd.php b/actions/rsd.php index 92cf8b95e3..0feab73c28 100644 --- a/actions/rsd.php +++ b/actions/rsd.php @@ -85,7 +85,7 @@ class RsdAction extends Action * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/sandbox.php b/actions/sandbox.php index af2eab3842..37a1af8c19 100644 --- a/actions/sandbox.php +++ b/actions/sandbox.php @@ -49,7 +49,7 @@ class SandboxAction extends ProfileFormAction * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { if (!parent::prepare($args)) { return false; diff --git a/actions/showapplication.php b/actions/showapplication.php index ecc3b268fe..8696cb3caf 100644 --- a/actions/showapplication.php +++ b/actions/showapplication.php @@ -65,7 +65,7 @@ class ShowApplicationAction extends Action * * @return success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/subedit.php b/actions/subedit.php index 9e779c4f06..d6a0e95468 100644 --- a/actions/subedit.php +++ b/actions/subedit.php @@ -24,7 +24,7 @@ class SubeditAction extends Action { var $profile = null; - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/subscribe.php b/actions/subscribe.php index f8b6093bbd..7e8c8178eb 100644 --- a/actions/subscribe.php +++ b/actions/subscribe.php @@ -64,7 +64,7 @@ class SubscribeAction extends Action * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/subscribepeopletag.php b/actions/subscribepeopletag.php index e9d4cbcc37..3d2654dd04 100644 --- a/actions/subscribepeopletag.php +++ b/actions/subscribepeopletag.php @@ -50,7 +50,7 @@ class SubscribepeopletagAction extends Action /** * Prepare to run */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/actions/unblock.php b/actions/unblock.php index 82d0d32c10..1da6ece4ba 100644 --- a/actions/unblock.php +++ b/actions/unblock.php @@ -44,7 +44,7 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { */ class UnblockAction extends ProfileFormAction { - function prepare($args) + function prepare(array $args = array()) { if (!parent::prepare($args)) { return false; diff --git a/actions/unsandbox.php b/actions/unsandbox.php index b87736fcff..1311b13f3e 100644 --- a/actions/unsandbox.php +++ b/actions/unsandbox.php @@ -49,7 +49,7 @@ class UnsandboxAction extends ProfileFormAction * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { if (!parent::prepare($args)) { return false; diff --git a/actions/unsubscribepeopletag.php b/actions/unsubscribepeopletag.php index 7d9925720d..5448661354 100644 --- a/actions/unsubscribepeopletag.php +++ b/actions/unsubscribepeopletag.php @@ -51,7 +51,7 @@ class UnsubscribepeopletagAction extends Action * Prepare to run */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/lib/adminpanelaction.php b/lib/adminpanelaction.php index 322c6d7358..36b697b302 100644 --- a/lib/adminpanelaction.php +++ b/lib/adminpanelaction.php @@ -60,7 +60,7 @@ class AdminPanelAction extends Action * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/lib/profileformaction.php b/lib/profileformaction.php index e340627e9d..a42df95bd6 100644 --- a/lib/profileformaction.php +++ b/lib/profileformaction.php @@ -51,7 +51,7 @@ class ProfileFormAction extends RedirectingAction * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/Bookmark/actions/apitimelinebookmarks.php b/plugins/Bookmark/actions/apitimelinebookmarks.php index 2376e994ac..39c0e7a0ee 100644 --- a/plugins/Bookmark/actions/apitimelinebookmarks.php +++ b/plugins/Bookmark/actions/apitimelinebookmarks.php @@ -57,7 +57,7 @@ class ApiTimelineBookmarksAction extends ApiBareAuthAction * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/Bookmark/actions/bookmarkforurl.php b/plugins/Bookmark/actions/bookmarkforurl.php index c4cc4a8487..f4393dd193 100644 --- a/plugins/Bookmark/actions/bookmarkforurl.php +++ b/plugins/Bookmark/actions/bookmarkforurl.php @@ -59,7 +59,7 @@ class BookmarkforurlAction extends Action * * @return boolean true */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/Bookmark/actions/bookmarks.php b/plugins/Bookmark/actions/bookmarks.php index 0c908a2ca8..68fa34a0db 100644 --- a/plugins/Bookmark/actions/bookmarks.php +++ b/plugins/Bookmark/actions/bookmarks.php @@ -60,7 +60,7 @@ class BookmarksAction extends Action * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/ClientSideShorten/actions/shorten.php b/plugins/ClientSideShorten/actions/shorten.php index 8351839cdb..72ed5624b5 100644 --- a/plugins/ClientSideShorten/actions/shorten.php +++ b/plugins/ClientSideShorten/actions/shorten.php @@ -45,7 +45,7 @@ class ShortenAction extends Action { private $text; - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); $this->groups=array(); diff --git a/plugins/DirectMessage/actions/showmessage.php b/plugins/DirectMessage/actions/showmessage.php index f7dc3731b4..7c4b2a0f73 100644 --- a/plugins/DirectMessage/actions/showmessage.php +++ b/plugins/DirectMessage/actions/showmessage.php @@ -62,7 +62,7 @@ class ShowmessageAction extends Action * * @return success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/DirectMessage/lib/mailboxaction.php b/plugins/DirectMessage/lib/mailboxaction.php index fd2e1fabc4..3b7fb52c6a 100644 --- a/plugins/DirectMessage/lib/mailboxaction.php +++ b/plugins/DirectMessage/lib/mailboxaction.php @@ -46,7 +46,7 @@ class MailboxAction extends Action { var $page = null; - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/DomainStatusNetwork/actions/globalapi.php b/plugins/DomainStatusNetwork/actions/globalapi.php index d47a254940..7a9e4fe92d 100644 --- a/plugins/DomainStatusNetwork/actions/globalapi.php +++ b/plugins/DomainStatusNetwork/actions/globalapi.php @@ -57,7 +57,7 @@ class GlobalApiAction extends Action * @return boolean continuation flag */ - function prepare($args) + function prepare(array $args = array()) { GNUsocial::setApi(true); // reduce exception reports to aid in debugging diff --git a/plugins/Event/actions/timelist.php b/plugins/Event/actions/timelist.php index c24613a8d4..f766ab8496 100644 --- a/plugins/Event/actions/timelist.php +++ b/plugins/Event/actions/timelist.php @@ -42,7 +42,7 @@ class TimelistAction extends Action { * * @return boolean true */ - function prepare($args) { + function prepare(array $args = array()) { parent::prepare($args); $this->start = $this->arg('start'); $this->duration = $this->boolean('duration', false); diff --git a/plugins/ExtendedProfile/actions/userautocomplete.php b/plugins/ExtendedProfile/actions/userautocomplete.php index 9c3afbd106..345988f8ba 100644 --- a/plugins/ExtendedProfile/actions/userautocomplete.php +++ b/plugins/ExtendedProfile/actions/userautocomplete.php @@ -43,7 +43,7 @@ class UserautocompleteAction extends Action * * @return boolean true if nothing goes wrong */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); $this->query = $this->trimmed('term'); diff --git a/plugins/FacebookBridge/actions/facebookdeauthorize.php b/plugins/FacebookBridge/actions/facebookdeauthorize.php index 9173850ca5..aefa9c010c 100644 --- a/plugins/FacebookBridge/actions/facebookdeauthorize.php +++ b/plugins/FacebookBridge/actions/facebookdeauthorize.php @@ -48,7 +48,7 @@ class FacebookdeauthorizeAction extends Action * * @return boolean true */ - function prepare($args) + function prepare(array $args = array()) { $this->facebook = Facebookclient::getFacebook(); diff --git a/plugins/FacebookBridge/actions/facebookfinishlogin.php b/plugins/FacebookBridge/actions/facebookfinishlogin.php index 93d4aaeacd..605d922f27 100644 --- a/plugins/FacebookBridge/actions/facebookfinishlogin.php +++ b/plugins/FacebookBridge/actions/facebookfinishlogin.php @@ -37,7 +37,7 @@ class FacebookfinishloginAction extends Action private $fbuser = null; // Facebook user object (JSON) private $accessToken = null; // Access token provided by Facebook JS API - function prepare($args) { + function prepare(array $args = array()) { parent::prepare($args); // Check cookie for a valid access_token diff --git a/plugins/Favorite/actions/apifavoritedestroy.php b/plugins/Favorite/actions/apifavoritedestroy.php index cf5659978a..70273a0f33 100644 --- a/plugins/Favorite/actions/apifavoritedestroy.php +++ b/plugins/Favorite/actions/apifavoritedestroy.php @@ -57,7 +57,7 @@ class ApiFavoriteDestroyAction extends ApiAuthAction * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/Favorite/actions/favorited.php b/plugins/Favorite/actions/favorited.php index dbd0ebe5bf..7ab9e19e1d 100644 --- a/plugins/Favorite/actions/favorited.php +++ b/plugins/Favorite/actions/favorited.php @@ -95,7 +95,7 @@ class FavoritedAction extends Action * * @todo move queries from showContent() to here */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; diff --git a/plugins/GNUsocialPhoto/actions/newphoto.php b/plugins/GNUsocialPhoto/actions/newphoto.php index 4f9f293e96..e92a64b3dd 100644 --- a/plugins/GNUsocialPhoto/actions/newphoto.php +++ b/plugins/GNUsocialPhoto/actions/newphoto.php @@ -33,7 +33,7 @@ class NewphotoAction extends Action { var $user = null; - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); $this->user = common_current_user(); diff --git a/plugins/GNUsocialPhotos/actions/editphoto.php b/plugins/GNUsocialPhotos/actions/editphoto.php index db36813f27..30bd64b2ca 100644 --- a/plugins/GNUsocialPhotos/actions/editphoto.php +++ b/plugins/GNUsocialPhotos/actions/editphoto.php @@ -36,7 +36,7 @@ class EditphotoAction extends Action { var $user = null; - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); $args = $this->returnToArgs(); diff --git a/plugins/GNUsocialPhotos/actions/photos.php b/plugins/GNUsocialPhotos/actions/photos.php index 082736cd21..95d5e12b36 100644 --- a/plugins/GNUsocialPhotos/actions/photos.php +++ b/plugins/GNUsocialPhotos/actions/photos.php @@ -38,7 +38,7 @@ class PhotosAction extends Action { var $user = null; - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/GNUsocialPhotos/actions/photoupload.php b/plugins/GNUsocialPhotos/actions/photoupload.php index 6dd5f9aef1..3fea9f492b 100644 --- a/plugins/GNUsocialPhotos/actions/photoupload.php +++ b/plugins/GNUsocialPhotos/actions/photoupload.php @@ -36,7 +36,7 @@ class PhotouploadAction extends Action { var $user = null; - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); $this->user = common_current_user(); diff --git a/plugins/GNUsocialProfileExtensions/actions/bio.php b/plugins/GNUsocialProfileExtensions/actions/bio.php index 3022e6e761..948a30ea8e 100644 --- a/plugins/GNUsocialProfileExtensions/actions/bio.php +++ b/plugins/GNUsocialProfileExtensions/actions/bio.php @@ -38,7 +38,7 @@ class BioAction extends Action { var $user = null; - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/GNUsocialVideo/actions/postvideo.php b/plugins/GNUsocialVideo/actions/postvideo.php index 729afc5d2d..1be201d00f 100644 --- a/plugins/GNUsocialVideo/actions/postvideo.php +++ b/plugins/GNUsocialVideo/actions/postvideo.php @@ -34,7 +34,7 @@ class PostvideoAction extends Action { var $user = null; var $url = null; - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); $this->user = common_current_user(); diff --git a/plugins/GNUsocialVideo/actions/showvideo.php b/plugins/GNUsocialVideo/actions/showvideo.php index 628d08642a..06c80b8abf 100644 --- a/plugins/GNUsocialVideo/actions/showvideo.php +++ b/plugins/GNUsocialVideo/actions/showvideo.php @@ -34,7 +34,7 @@ class ShowvideoAction extends ShownoticeAction protected $id = null; protected $vid = null; - function prepare($args) + function prepare(array $args = array()) { OwnerDesignAction::prepare($args); $this->id = $this->trimmed('id'); diff --git a/plugins/Mapstraction/actions/allmap.php b/plugins/Mapstraction/actions/allmap.php index 77e722e3ef..6fd2215ad9 100644 --- a/plugins/Mapstraction/actions/allmap.php +++ b/plugins/Mapstraction/actions/allmap.php @@ -42,7 +42,7 @@ if (!defined('GNUSOCIAL')) { exit(1); } */ class AllmapAction extends MapAction { - function prepare($args) + function prepare(array $args = array()) { if (parent::prepare($args)) { $stream = new InboxNoticeStream($this->user->getProfile(), $this->scoped); diff --git a/plugins/Mapstraction/actions/map.php b/plugins/Mapstraction/actions/map.php index 0a5334103e..0dbf417dce 100644 --- a/plugins/Mapstraction/actions/map.php +++ b/plugins/Mapstraction/actions/map.php @@ -48,7 +48,7 @@ class MapAction extends Action var $page = null; var $notices = null; - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/Mapstraction/actions/usermap.php b/plugins/Mapstraction/actions/usermap.php index 99a43e538a..5fd170925a 100644 --- a/plugins/Mapstraction/actions/usermap.php +++ b/plugins/Mapstraction/actions/usermap.php @@ -44,7 +44,7 @@ if (!defined('STATUSNET')) { */ class UsermapAction extends MapAction { - function prepare($args) + function prepare(array $args = array()) { if(parent::prepare($args)) { $this->notice = empty($this->tag) diff --git a/plugins/OStatus/actions/ostatustag.php b/plugins/OStatus/actions/ostatustag.php index fa999fe09a..99d4a6735c 100644 --- a/plugins/OStatus/actions/ostatustag.php +++ b/plugins/OStatus/actions/ostatustag.php @@ -31,7 +31,7 @@ class OStatusTagAction extends OStatusInitAction var $profile; var $err; - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/OpenID/actions/openidserver.php b/plugins/OpenID/actions/openidserver.php index acab0938b8..6cc3061edd 100644 --- a/plugins/OpenID/actions/openidserver.php +++ b/plugins/OpenID/actions/openidserver.php @@ -50,7 +50,7 @@ class OpenidserverAction extends Action { var $oserver; - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); $this->oserver = oid_server(); diff --git a/plugins/OpenID/actions/openidtrust.php b/plugins/OpenID/actions/openidtrust.php index 3c0e24981f..734b35bae2 100644 --- a/plugins/OpenID/actions/openidtrust.php +++ b/plugins/OpenID/actions/openidtrust.php @@ -51,7 +51,7 @@ class OpenidtrustAction extends Action return _m('OpenID Identity Verification'); } - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); common_ensure_session(); diff --git a/plugins/RSSCloud/actions/loggingaggregator.php b/plugins/RSSCloud/actions/loggingaggregator.php index a50e99011c..7ef9e65cbf 100644 --- a/plugins/RSSCloud/actions/loggingaggregator.php +++ b/plugins/RSSCloud/actions/loggingaggregator.php @@ -57,7 +57,7 @@ class LoggingAggregatorAction extends Action * * @return boolean false if user doesn't exist */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/RSSCloud/actions/rsscloudrequestnotify.php b/plugins/RSSCloud/actions/rsscloudrequestnotify.php index 4656fc9650..1d294fef68 100644 --- a/plugins/RSSCloud/actions/rsscloudrequestnotify.php +++ b/plugins/RSSCloud/actions/rsscloudrequestnotify.php @@ -50,7 +50,7 @@ class RSSCloudRequestNotifyAction extends Action * * @return boolean false if user doesn't exist */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/Sample/actions/hello.php b/plugins/Sample/actions/hello.php index c0bde93d7d..37bae3a4dd 100644 --- a/plugins/Sample/actions/hello.php +++ b/plugins/Sample/actions/hello.php @@ -66,7 +66,7 @@ class HelloAction extends Action * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/SearchSub/actions/searchsub.php b/plugins/SearchSub/actions/searchsub.php index ae1e1550ae..98c218b8e5 100644 --- a/plugins/SearchSub/actions/searchsub.php +++ b/plugins/SearchSub/actions/searchsub.php @@ -63,7 +63,7 @@ class SearchsubAction extends Action * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); if ($this->boolean('ajax')) { diff --git a/plugins/Share/actions/apistatusesretweets.php b/plugins/Share/actions/apistatusesretweets.php index 9a75aa8918..51a7a0be2f 100644 --- a/plugins/Share/actions/apistatusesretweets.php +++ b/plugins/Share/actions/apistatusesretweets.php @@ -54,7 +54,7 @@ class ApiStatusesRetweetsAction extends ApiAuthAction * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/Share/actions/apitimelineretweetedbyme.php b/plugins/Share/actions/apitimelineretweetedbyme.php index 01f3fe378b..cb7edfc0d0 100644 --- a/plugins/Share/actions/apitimelineretweetedbyme.php +++ b/plugins/Share/actions/apitimelineretweetedbyme.php @@ -60,7 +60,7 @@ class ApiTimelineRetweetedByMeAction extends ApiAuthAction * @return boolean success flag * */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/Share/actions/apitimelineretweetsofme.php b/plugins/Share/actions/apitimelineretweetsofme.php index 58c6886af6..890c5f4d85 100644 --- a/plugins/Share/actions/apitimelineretweetsofme.php +++ b/plugins/Share/actions/apitimelineretweetsofme.php @@ -59,7 +59,7 @@ class ApiTimelineRetweetsOfMeAction extends ApiAuthAction * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/Sitemap/actions/noticesitemap.php b/plugins/Sitemap/actions/noticesitemap.php index efa23b9401..fe43f1b331 100644 --- a/plugins/Sitemap/actions/noticesitemap.php +++ b/plugins/Sitemap/actions/noticesitemap.php @@ -45,7 +45,7 @@ class NoticesitemapAction extends SitemapAction var $notices = null; var $j = 0; - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/Sitemap/actions/usersitemap.php b/plugins/Sitemap/actions/usersitemap.php index c39165d0ed..42a9d8e237 100644 --- a/plugins/Sitemap/actions/usersitemap.php +++ b/plugins/Sitemap/actions/usersitemap.php @@ -45,7 +45,7 @@ class UsersitemapAction extends SitemapAction var $users = null; var $j = 0; - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/SlicedFavorites/actions/favoritedslice.php b/plugins/SlicedFavorites/actions/favoritedslice.php index 5c9fb31f8f..31e93cd396 100644 --- a/plugins/SlicedFavorites/actions/favoritedslice.php +++ b/plugins/SlicedFavorites/actions/favoritedslice.php @@ -45,7 +45,7 @@ class FavoritedSliceAction extends FavoritedAction * * @todo move queries from showContent() to here */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/TagSub/actions/tagsub.php b/plugins/TagSub/actions/tagsub.php index f9ecaa94af..d3e359099d 100644 --- a/plugins/TagSub/actions/tagsub.php +++ b/plugins/TagSub/actions/tagsub.php @@ -63,7 +63,7 @@ class TagsubAction extends Action * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); if ($this->boolean('ajax')) { diff --git a/plugins/UserFlag/actions/adminprofileflag.php b/plugins/UserFlag/actions/adminprofileflag.php index 708bd99d29..a4d97031ac 100644 --- a/plugins/UserFlag/actions/adminprofileflag.php +++ b/plugins/UserFlag/actions/adminprofileflag.php @@ -52,7 +52,7 @@ class AdminprofileflagAction extends Action * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { parent::prepare($args); diff --git a/plugins/UserFlag/actions/clearflag.php b/plugins/UserFlag/actions/clearflag.php index 28152fb079..040385ed61 100644 --- a/plugins/UserFlag/actions/clearflag.php +++ b/plugins/UserFlag/actions/clearflag.php @@ -49,7 +49,7 @@ class ClearflagAction extends ProfileFormAction * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { if (!parent::prepare($args)) { return false; diff --git a/plugins/UserFlag/actions/flagprofile.php b/plugins/UserFlag/actions/flagprofile.php index ec036fc064..af02663aae 100644 --- a/plugins/UserFlag/actions/flagprofile.php +++ b/plugins/UserFlag/actions/flagprofile.php @@ -49,7 +49,7 @@ class FlagprofileAction extends ProfileFormAction * * @return boolean success flag */ - function prepare($args) + function prepare(array $args = array()) { if (!parent::prepare($args)) { return false; From e98d5d0c0cee37acae440c15b3ea62ba036d4c82 Mon Sep 17 00:00:00 2001 From: Chimo Date: Wed, 1 Jun 2016 03:54:28 +0000 Subject: [PATCH 197/415] Site Notice: common_purify instead of HTMLPurifier So that we can use our custom settings (e.g: extra URI schemes) in the site notice textbox. Ref. #170 --- actions/sitenoticeadminpanel.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/actions/sitenoticeadminpanel.php b/actions/sitenoticeadminpanel.php index 72c9f9a128..a0a8b03b64 100644 --- a/actions/sitenoticeadminpanel.php +++ b/actions/sitenoticeadminpanel.php @@ -110,9 +110,7 @@ class SitenoticeadminpanelAction extends AdminPanelAction } // scrub HTML input - require_once INSTALLDIR.'/extlib/HTMLPurifier/HTMLPurifier.auto.php'; - $purifier = new HTMLPurifier(); - $siteNotice = $purifier->purify($siteNotice); + $siteNotice = common_purify($siteNotice); } } From d02c75d019af3dd407abd2fd3b84af0c31120a7e Mon Sep 17 00:00:00 2001 From: Chimo Date: Wed, 1 Jun 2016 21:56:42 -0400 Subject: [PATCH 198/415] Re-enable notice locations Removed a stray 'return' statement. --- lib/noticelistitem.php | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/noticelistitem.php b/lib/noticelistitem.php index cbff03d973..687a645e97 100644 --- a/lib/noticelistitem.php +++ b/lib/noticelistitem.php @@ -393,7 +393,6 @@ class NoticeListItem extends Widget */ function showNoticeLocation() { - return; try { $location = Notice_location::locFromStored($this->notice); } catch (NoResultException $e) { From c81322d51af47535818e84336c40321602d4dad3 Mon Sep 17 00:00:00 2001 From: Chimo Date: Sat, 4 Jun 2016 14:52:49 +0000 Subject: [PATCH 199/415] WIP: Display error if wrong perms on 'avatar' dir If the 'avatar' folder isn't writeable, don't let users try to upload/delete one (and fail). Instead, print an error message about the misconfigured folder permission. Ref. #196 --- actions/avatarsettings.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/actions/avatarsettings.php b/actions/avatarsettings.php index f77339ad70..6c9f3fc3d0 100644 --- a/actions/avatarsettings.php +++ b/actions/avatarsettings.php @@ -49,6 +49,20 @@ class AvatarsettingsAction extends SettingsAction var $imagefile = null; var $filename = null; + function prepare(array $args=array()) + { + $avatarpath = Avatar::path(''); + + if (!is_writable($avatarpath)) { + throw new Exception(_("The administrator of your site needs to + add write permissions on the avatar upload folder before + you're able to set one.")); + } + + parent::prepare($args); + return true; + } + /** * Title of the page * From c1537a1e82434a2fa11c27fac8df9b52200e2a39 Mon Sep 17 00:00:00 2001 From: Thomas Karpiniec Date: Thu, 9 Jun 2016 19:56:36 +1000 Subject: [PATCH 200/415] Use noreferrer when linkifying attachments and allow this value in purifier --- lib/util.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/lib/util.php b/lib/util.php index b35eff84d8..a2415945f1 100644 --- a/lib/util.php +++ b/lib/util.php @@ -594,7 +594,7 @@ function common_purify($html, array $args=array()) * * Source: http://microformats.org/wiki/rel */ - $cfg->set('Attr.AllowedRel', ['bookmark', 'enclosure', 'nofollow', 'tag']); + $cfg->set('Attr.AllowedRel', ['bookmark', 'enclosure', 'nofollow', 'tag', 'noreferrer']); $cfg->set('HTML.ForbiddenAttributes', array('style')); // id, on* etc. are already filtered by default $cfg->set('URI.AllowedSchemes', array_fill_keys(common_url_schemes(), true)); if (isset($args['URI.Base'])) { @@ -1140,6 +1140,15 @@ function common_linkify($url) { } } + // Whether to nofollow + $nf = common_config('nofollow', 'external'); + + if ($nf == 'never') { + $attrs['rel'] = 'external'; + } else { + $attrs['rel'] = 'nofollow external'; + } + // Add clippy if ($is_attachment) { $attrs['class'] = 'attachment'; @@ -1147,16 +1156,7 @@ function common_linkify($url) { $attrs['class'] = 'attachment thumbnail'; } $attrs['id'] = "attachment-{$attachment_id}"; - } - - // Whether to nofollow - - $nf = common_config('nofollow', 'external'); - - if ($nf == 'never') { - $attrs['rel'] = 'external'; - } else { - $attrs['rel'] = 'nofollow external'; + $attrs['rel'] .= ' noreferrer'; } return XMLStringer::estring('a', $attrs, $url); From 47e541eaec6dc20d965e033d0af6e468b4d3f572 Mon Sep 17 00:00:00 2001 From: Stephen Paul Weber Date: Fri, 10 Jun 2016 21:00:01 +0000 Subject: [PATCH 201/415] Allow getting notice title without implying one Sometimes I just want explicit titles, and not the generated "blah posted on date" text --- classes/Notice.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index f38de37167..c130cccc26 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -248,10 +248,10 @@ class Notice extends Managed_DataObject return common_local_url('shownotice', array('notice' => $this->id), null, null, false); } - public function getTitle() + public function getTitle($imply=true) { $title = null; - if (Event::handle('GetNoticeTitle', array($this, &$title))) { + if (Event::handle('GetNoticeTitle', array($this, &$title)) && $imply) { // TRANS: Title of a notice posted without a title value. // TRANS: %1$s is a user name, %2$s is the notice creation date/time. $title = sprintf(_('%1$s\'s status on %2$s'), From 83e7ade714ed806d136720a55f392f270598514e Mon Sep 17 00:00:00 2001 From: Stephen Paul Weber Date: Fri, 10 Jun 2016 21:00:48 +0000 Subject: [PATCH 202/415] When there is no useful title, class="p-name e-content" --- lib/noticelistitem.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/noticelistitem.php b/lib/noticelistitem.php index cbff03d973..b9ae0be5a0 100644 --- a/lib/noticelistitem.php +++ b/lib/noticelistitem.php @@ -179,8 +179,9 @@ class NoticeListItem extends Widget function showNoticeTitle() { if (Event::handle('StartShowNoticeTitle', array($this))) { + $nameClass = $this->notice->getTitle(false) ? 'p-name ' : ''; $this->element('a', array('href' => $this->notice->getUri(), - 'class' => 'p-name u-uid'), + 'class' => $nameClass . 'u-uid'), $this->notice->getTitle()); Event::handle('EndShowNoticeTitle', array($this)); } @@ -348,7 +349,8 @@ class NoticeListItem extends Widget function showContent() { // FIXME: URL, image, video, audio - $this->out->elementStart('article', array('class' => 'e-content')); + $nameClass = $this->notice->getTitle(false) ? '' : 'p-name '; + $this->out->elementStart('article', array('class' => $nameClass . 'e-content')); if (Event::handle('StartShowNoticeContent', array($this->notice, $this->out, $this->out->getScoped()))) { if ($this->maxchars > 0 && mb_strlen($this->notice->content) > $this->maxchars) { $this->out->text(mb_substr($this->notice->content, 0, $this->maxchars) . '[…]'); From e96d7d48f5250778b303ce5d59b312def1fa7061 Mon Sep 17 00:00:00 2001 From: Stephen Paul Weber Date: Fri, 10 Jun 2016 21:01:23 +0000 Subject: [PATCH 203/415] 400 code needs ClientException --- plugins/Linkback/actions/webmention.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/plugins/Linkback/actions/webmention.php b/plugins/Linkback/actions/webmention.php index 30bc42cea9..7a80dfef77 100644 --- a/plugins/Linkback/actions/webmention.php +++ b/plugins/Linkback/actions/webmention.php @@ -40,30 +40,30 @@ class WebmentionAction extends Action if(!$source) { echo _m('"source" is missing')."\n"; - throw new ServerException(_m('"source" is missing'), 400); + throw new ClientException(_m('"source" is missing'), 400); } if(!$target) { echo _m('"target" is missing')."\n"; - throw new ServerException(_m('"target" is missing'), 400); + throw new ClientException(_m('"target" is missing'), 400); } $response = linkback_get_source($source, $target); if(!$response) { echo _m('Source does not link to target.')."\n"; - throw new ServerException(_m('Source does not link to target.'), 400); + throw new ClientException(_m('Source does not link to target.'), 400); } $notice = linkback_get_target($target); if(!$notice) { echo _m('Target not found')."\n"; - throw new ServerException(_m('Target not found'), 404); + throw new ClientException(_m('Target not found'), 404); } $url = linkback_save($source, $target, $response, $notice); if(!$url) { echo _m('An error occured while saving.')."\n"; - throw new ServerException(_m('An error occured while saving.'), 500); + throw new ClientException(_m('An error occured while saving.'), 500); } echo $url."\n"; From 4f3a03178640814fb04c0942cdbf695320fdbf3f Mon Sep 17 00:00:00 2001 From: Stephen Paul Weber Date: Fri, 10 Jun 2016 21:01:53 +0000 Subject: [PATCH 204/415] Use strpos check properly --- plugins/Linkback/lib/util.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/plugins/Linkback/lib/util.php b/plugins/Linkback/lib/util.php index b0e99cbc94..894935b8b5 100644 --- a/plugins/Linkback/lib/util.php +++ b/plugins/Linkback/lib/util.php @@ -7,7 +7,7 @@ function linkback_lenient_target_match($body, $target) { function linkback_get_source($source, $target) { // Check if we are pinging ourselves and ignore $localprefix = common_config('site', 'server') . '/' . common_config('site', 'path'); - if(linkback_lenient_target_match($source, $localprefix)) { + if(linkback_lenient_target_match($source, $localprefix) === 0) { common_debug('Ignoring self ping from ' . $source . ' to ' . $target); return NULL; } @@ -22,7 +22,7 @@ function linkback_get_source($source, $target) { $body = htmlspecialchars_decode($response->getBody()); // We're slightly more lenient in our link detection than the spec requires - if(!linkback_lenient_target_match($body, $target)) { + if(linkback_lenient_target_match($body, $target) === FALSE) { return NULL; } @@ -56,7 +56,7 @@ function linkback_get_target($target) { } if(!$user) { preg_match('/\/([^\/\?#]+)(?:#.*)?$/', $response->getEffectiveUrl(), $match); - if(linkback_lenient_target_match(common_profile_url($match[1]), $response->getEffectiveUrl())) { + if(linkback_lenient_target_match(common_profile_url($match[1]), $response->getEffectiveUrl()) !== FALSE) { $user = User::getKV('nickname', $match[1]); } } @@ -70,7 +70,7 @@ function linkback_get_target($target) { function linkback_is_contained_in($entry, $target) { foreach ((array)$entry['properties'] as $key => $values) { - if(count(array_filter($values, function($x) use ($target) { return linkback_lenient_target_match($x, $target); })) > 0) { + if(count(array_filter($values, function($x) use ($target) { return linkback_lenient_target_match($x, $target) !== FALSE; })) > 0) { return $entry['properties']; } @@ -79,7 +79,7 @@ function linkback_is_contained_in($entry, $target) { if(isset($obj['type']) && array_intersect(array('h-cite', 'h-entry'), $obj['type']) && isset($obj['properties']) && isset($obj['properties']['url']) && count(array_filter($obj['properties']['url'], - function($x) use ($target) { return linkback_lenient_target_match($x, $target); })) > 0 + function($x) use ($target) { return linkback_lenient_target_match($x, $target) !== FALSE; })) > 0 ) { return $entry['properties']; } @@ -130,7 +130,7 @@ function linkback_entry_type($entry, $mf2, $target) { if($mf2['rels'] && $mf2['rels']['in-reply-to']) { foreach($mf2['rels']['in-reply-to'] as $url) { - if(linkback_lenient_target_match($url, $target)) { + if(linkback_lenient_target_match($url, $target) !== FALSE) { return 'reply'; } } @@ -144,7 +144,7 @@ function linkback_entry_type($entry, $mf2, $target) { ); foreach((array)$entry as $key => $values) { - if(count(array_filter($values, function($x) use ($target) { return linkback_lenient_target_match($x, $target); })) > 0) { + if(count(array_filter($values, function($x) use ($target) { return linkback_lenient_target_match($x, $target) != FALSE; })) > 0) { if($classes[$key]) { return $classes[$key]; } } @@ -152,7 +152,7 @@ function linkback_entry_type($entry, $mf2, $target) { if(isset($obj['type']) && array_intersect(array('h-cite', 'h-entry'), $obj['type']) && isset($obj['properties']) && isset($obj['properties']['url']) && count(array_filter($obj['properties']['url'], - function($x) use ($target) { return linkback_lenient_target_match($x, $target); })) > 0 + function($x) use ($target) { return linkback_lenient_target_match($x, $target) != FALSE; })) > 0 ) { if($classes[$key]) { return $classes[$key]; } } From 624584f9df8988144f4df219db343d7b295e1444 Mon Sep 17 00:00:00 2001 From: Stephen Paul Weber Date: Fri, 10 Jun 2016 21:02:08 +0000 Subject: [PATCH 205/415] Need to strtotime before we can format the date --- plugins/Linkback/lib/util.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/Linkback/lib/util.php b/plugins/Linkback/lib/util.php index 894935b8b5..f89389fc62 100644 --- a/plugins/Linkback/lib/util.php +++ b/plugins/Linkback/lib/util.php @@ -243,8 +243,8 @@ function linkback_notice($source, $notice_or_user, $entry, $author, $mf2) { if (isset($entry['published']) || isset($entry['updated'])) { $options['created'] = isset($entry['published']) - ? common_sql_date($entry['published'][0]) - : common_sql_date($entry['updated'][0]); + ? common_sql_date(strtotime($entry['published'][0])) + : common_sql_date(strtotime($entry['updated'][0])); } if (isset($entry['photo']) && common_valid_http_url($entry['photo'])) { From 6861d2f3a1e6e2bd15b884fb217b45d9b625ee10 Mon Sep 17 00:00:00 2001 From: Stephen Paul Weber Date: Fri, 10 Jun 2016 21:02:34 +0000 Subject: [PATCH 206/415] Get avatar out of entry properly --- plugins/Linkback/lib/util.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/Linkback/lib/util.php b/plugins/Linkback/lib/util.php index f89389fc62..62b80ec19f 100644 --- a/plugins/Linkback/lib/util.php +++ b/plugins/Linkback/lib/util.php @@ -281,8 +281,8 @@ function linkback_notice($source, $notice_or_user, $entry, $author, $mf2) { } function linkback_profile($entry, $mf2, $response, $target) { - if(isset($entry['properties']['author']) && isset($entry['properties']['author'][0]['properties'])) { - $author = $entry['properties']['author'][0]['properties']; + if(isset($entry['author']) && isset($entry['author'][0]['properties'])) { + $author = $entry['author'][0]['properties']; } else { $author = linkback_hcard($mf2, $response->getEffectiveUrl()); } From 1e9077f5291b06dae8099dc33af9402c11e9c6aa Mon Sep 17 00:00:00 2001 From: Stephen Paul Weber Date: Fri, 10 Jun 2016 21:02:50 +0000 Subject: [PATCH 207/415] Set avatar where available --- plugins/Linkback/lib/util.php | 37 +++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/plugins/Linkback/lib/util.php b/plugins/Linkback/lib/util.php index 62b80ec19f..74dedf8840 100644 --- a/plugins/Linkback/lib/util.php +++ b/plugins/Linkback/lib/util.php @@ -280,6 +280,39 @@ function linkback_notice($source, $notice_or_user, $entry, $author, $mf2) { return array($content, $options); } +function linkback_avatar($profile, $url) { + // Ripped from OStatus plugin for now + $temp_filename = tempnam(sys_get_temp_dir(), 'linback_avatar'); + try { + $imgData = HTTPClient::quickGet($url); + // Make sure it's at least an image file. ImageFile can do the rest. + if (false === getimagesizefromstring($imgData)) { + return false; + } + file_put_contents($temp_filename, $imgData); + unset($imgData); // No need to carry this in memory. + + $imagefile = new ImageFile(null, $temp_filename); + $filename = Avatar::filename($profile->id, + image_type_to_extension($imagefile->type), + null, + common_timestamp()); + rename($temp_filename, Avatar::path($filename)); + } catch (Exception $e) { + unlink($temp_filename); + throw $e; + } + // @todo FIXME: Hardcoded chmod is lame, but seems to be necessary to + // keep from accidentally saving images from command-line (queues) + // that can't be read from web server, which causes hard-to-notice + // problems later on: + // + // http://status.net/open-source/issues/2663 + chmod(Avatar::path($filename), 0644); + + $profile->setOriginal($filename); +} + function linkback_profile($entry, $mf2, $response, $target) { if(isset($entry['author']) && isset($entry['author'][0]['properties'])) { $author = $entry['author'][0]['properties']; @@ -315,6 +348,10 @@ function linkback_profile($entry, $mf2, $response, $target) { $profile->nickname = isset($author['nickname']) ? $author['nickname'][0] : str_replace(' ', '', $author['name'][0]); $profile->created = common_sql_now(); $profile->insert(); + + if($author['photo'] && $author['photo'][0]) { + linkback_avatar($profile, $author['photo'][0]); + } } return array($profile, $author); From 274e394d8ed036206648834a817466d63781924b Mon Sep 17 00:00:00 2001 From: Stephen Paul Weber Date: Fri, 10 Jun 2016 21:03:16 +0000 Subject: [PATCH 208/415] Pass all but two webmention.rocks tests --- plugins/Linkback/LinkbackPlugin.php | 46 ++++++++++++++++++++--------- 1 file changed, 32 insertions(+), 14 deletions(-) diff --git a/plugins/Linkback/LinkbackPlugin.php b/plugins/Linkback/LinkbackPlugin.php index 701ca06fc5..da7174bdc6 100644 --- a/plugins/Linkback/LinkbackPlugin.php +++ b/plugins/Linkback/LinkbackPlugin.php @@ -101,14 +101,28 @@ class LinkbackPlugin extends Plugin return true; } + function unparse_url($parsed_url) + { + $scheme = isset($parsed_url['scheme']) ? $parsed_url['scheme'] . '://' : ''; + $host = isset($parsed_url['host']) ? $parsed_url['host'] : ''; + $port = isset($parsed_url['port']) ? ':' . $parsed_url['port'] : ''; + $user = isset($parsed_url['user']) ? $parsed_url['user'] : ''; + $pass = isset($parsed_url['pass']) ? ':' . $parsed_url['pass'] : ''; + $pass = ($user || $pass) ? "$pass@" : ''; + $path = isset($parsed_url['path']) ? $parsed_url['path'] : ''; + $query = isset($parsed_url['query']) ? '?' . $parsed_url['query'] : ''; + $fragment = isset($parsed_url['fragment']) ? '#' . $parsed_url['fragment'] : ''; + return "$scheme$user$pass$host$port$path$query$fragment"; + } + function linkbackUrl($url) { common_log(LOG_DEBUG,"Attempting linkback for " . $url); $orig = $url; $url = htmlspecialchars_decode($orig); - $scheme = parse_url($url, PHP_URL_SCHEME); - if (!in_array($scheme, array('http', 'https'))) { + $base = parse_url($url); + if (!in_array($base['scheme'], array('http', 'https'))) { return $orig; } @@ -126,13 +140,17 @@ class LinkbackPlugin extends Plugin return $orig; } - // XXX: Should handle relative-URI resolution in these detections - $wm = $this->getWebmention($response); - if(!empty($wm)) { + if(!is_null($wm)) { + $wm = parse_url($wm); + if(!$wm) $wm = array(); + if(!$wm['host']) $wm['host'] = $base['host']; + if(!$wm['scheme']) $wm['scheme'] = $base['scheme']; + if(!$wm['path']) $wm['path'] = $base['path']; + // It is the webmention receiver's job to resolve source // Ref: https://github.com/converspace/webmention/issues/43 - $this->webmention($url, $wm); + $this->webmention($url, $this->unparse_url($wm)); } else { $pb = $this->getPingback($response); if (!empty($pb)) { @@ -156,26 +174,26 @@ class LinkbackPlugin extends Plugin $link = $response->getHeader('Link'); if (!is_null($link)) { // XXX: the fetcher gives back a comma-separated string of all Link headers, I hope the parsing works reliably - if (preg_match('~<((?:https?://)?[^>]+)>; rel="webmention"~', $link, $match)) { - return $match[1]; - } elseif (preg_match('~<((?:https?://)?[^>]+)>; rel="http://webmention.org/?"~', $link, $match)) { + if (preg_match('~<([^>]+)>; rel="?(?:[^" ]* )*(?:http://webmention.org/|webmention)(?: [^" ]*)*"?~', $link, $match)) { return $match[1]; } } // FIXME: Do proper DOM traversal - if(preg_match('/<(?:link|a)[ ]+href="([^"]+)"[ ]+rel="[^" ]* ?webmention ?[^" ]*"[ ]*\/?>/i', $response->getBody(), $match) - || preg_match('/<(?:link|a)[ ]+rel="[^" ]* ?webmention ?[^" ]*"[ ]+href="([^"]+)"[ ]*\/?>/i', $response->getBody(), $match)) { - return $match[1]; - } elseif (preg_match('/<(?:link|a)[ ]+href="([^"]+)"[ ]+rel="http:\/\/webmention\.org\/?"[ ]*\/?>/i', $response->getBody(), $match) - || preg_match('/<(?:link|a)[ ]+rel="http:\/\/webmention\.org\/?"[ ]+href="([^"]+)"[ ]*\/?>/i', $response->getBody(), $match)) { + // Currently fails https://webmention.rocks/test/13, https://webmention.rocks/test/17 + if(preg_match('~<(?:link|a)[ ]+href="([^"]*)"[ ]+rel="(?:[^" ]* )*(?:http://webmention.org/|webmention)(?: [^" ]*)*"[ ]*/?>~i', $response->getBody(), $match) + || preg_match('~<(?:link|a)[ ]+rel="(?:[^" ]* )*(?:http://webmention.org/|webmention)(?: [^" ]*)*"[ ]+href="([^"]*)"[ ]*/?>~i', $response->getBody(), $match)) { return $match[1]; } + + return NULL; } function webmention($url, $endpoint) { $source = $this->notice->getUrl(); + common_log(LOG_DEBUG,"Attempting webmention to $endpoint for $url from $source"); + $payload = array( 'source' => $source, 'target' => $url From 97243c8a915259c6beae56959956c9e5b9dd4f8f Mon Sep 17 00:00:00 2001 From: Stephen Paul Weber Date: Fri, 10 Jun 2016 21:13:10 +0000 Subject: [PATCH 209/415] Allow 201 as well, because spec says so --- plugins/Linkback/LinkbackPlugin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/Linkback/LinkbackPlugin.php b/plugins/Linkback/LinkbackPlugin.php index da7174bdc6..10006fa030 100644 --- a/plugins/Linkback/LinkbackPlugin.php +++ b/plugins/Linkback/LinkbackPlugin.php @@ -209,7 +209,7 @@ class LinkbackPlugin extends Plugin $payload ); - if(!in_array($response->getStatus(), array(200,202))) { + if(!in_array($response->getStatus(), array(200,201,202))) { common_log(LOG_WARNING, "Webmention request failed for '$url' ($endpoint)"); } From 5e131aed802074164aa0c3d431dbd97440cf8b5a Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 17 Jun 2016 11:20:36 +0200 Subject: [PATCH 210/415] Apparently medium.com uses @ frequently i URLs and we skipped them because we assumed they were urlencoded when copied. --- lib/framework.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/framework.php b/lib/framework.php index 229de8b793..d21bb994b8 100644 --- a/lib/framework.php +++ b/lib/framework.php @@ -62,7 +62,7 @@ define('NOTICE_INBOX_SOURCE_GATEWAY', -1); * Some of those characters can be troublesome when auto-linking plain text. Such as "http://some.com/)" * URL encoding should be used whenever a weird character is used, the following strings are not definitive. */ -define('URL_REGEX_VALID_PATH_CHARS', '\pN\pL\,\!\.\:\-\_\+\/\=\;\%\~\*'); +define('URL_REGEX_VALID_PATH_CHARS', '\pN\pL\,\!\.\:\-\_\+\/\@\=\;\%\~\*'); define('URL_REGEX_VALID_QSTRING_CHARS', URL_REGEX_VALID_PATH_CHARS . '\&'); define('URL_REGEX_VALID_FRAGMENT_CHARS', URL_REGEX_VALID_QSTRING_CHARS . '\?\#'); define('URL_REGEX_EXCLUDED_END_CHARS', '\?\.\,\!\#\:\''); // don't include these if they are directly after a URL From 28ca5d90d97831dee5ff193234db72a4b93b16c5 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 17 Jun 2016 22:44:12 +0200 Subject: [PATCH 211/415] phpseclib updated, some new features that we won't use --- .../OStatus/extlib/phpseclib/Crypt/AES.php | 215 +- .../OStatus/extlib/phpseclib/Crypt/Base.php | 1548 ++++-- .../extlib/phpseclib/Crypt/Blowfish.php | 292 +- .../OStatus/extlib/phpseclib/Crypt/DES.php | 429 +- .../OStatus/extlib/phpseclib/Crypt/Hash.php | 718 +-- .../OStatus/extlib/phpseclib/Crypt/RC2.php | 420 +- .../OStatus/extlib/phpseclib/Crypt/RC4.php | 290 +- .../OStatus/extlib/phpseclib/Crypt/RSA.php | 2266 ++++---- .../extlib/phpseclib/Crypt/RSA/MSBLOB.php | 224 + .../extlib/phpseclib/Crypt/RSA/OpenSSH.php | 141 + .../extlib/phpseclib/Crypt/RSA/PKCS.php | 487 ++ .../extlib/phpseclib/Crypt/RSA/PKCS1.php | 174 + .../extlib/phpseclib/Crypt/RSA/PKCS8.php | 209 + .../extlib/phpseclib/Crypt/RSA/PuTTY.php | 313 ++ .../extlib/phpseclib/Crypt/RSA/Raw.php | 103 + .../extlib/phpseclib/Crypt/RSA/XML.php | 147 + .../OStatus/extlib/phpseclib/Crypt/Random.php | 384 +- .../extlib/phpseclib/Crypt/Rijndael.php | 1219 ++--- .../extlib/phpseclib/Crypt/TripleDES.php | 340 +- .../extlib/phpseclib/Crypt/Twofish.php | 316 +- .../Exception/BadConfigurationException.php | 26 + .../Exception/FileNotFoundException.php | 26 + .../NoSupportedAlgorithmsException.php | 26 + .../UnsupportedAlgorithmException.php | 26 + .../OStatus/extlib/phpseclib/File/ANSI.php | 574 ++ .../OStatus/extlib/phpseclib/File/ASN1.php | 1310 +++++ .../extlib/phpseclib/File/ASN1/Element.php | 47 + .../OStatus/extlib/phpseclib/File/X509.php | 4746 +++++++++++++++++ .../extlib/phpseclib/Math/BigInteger.php | 2169 ++++---- plugins/OStatus/extlib/phpseclib/Net/SCP.php | 338 ++ plugins/OStatus/extlib/phpseclib/Net/SFTP.php | 2943 ++++++++++ .../extlib/phpseclib/Net/SFTP/Stream.php | 795 +++ plugins/OStatus/extlib/phpseclib/Net/SSH1.php | 1607 ++++++ plugins/OStatus/extlib/phpseclib/Net/SSH2.php | 4224 +++++++++++++++ .../extlib/phpseclib/System/SSH/Agent.php | 313 ++ .../phpseclib/System/SSH/Agent/Identity.php | 170 + .../OStatus/extlib/phpseclib/bootstrap.php | 20 + plugins/OStatus/extlib/phpseclib/openssl.cnf | 2 +- 38 files changed, 23836 insertions(+), 5761 deletions(-) create mode 100644 plugins/OStatus/extlib/phpseclib/Crypt/RSA/MSBLOB.php create mode 100644 plugins/OStatus/extlib/phpseclib/Crypt/RSA/OpenSSH.php create mode 100644 plugins/OStatus/extlib/phpseclib/Crypt/RSA/PKCS.php create mode 100644 plugins/OStatus/extlib/phpseclib/Crypt/RSA/PKCS1.php create mode 100644 plugins/OStatus/extlib/phpseclib/Crypt/RSA/PKCS8.php create mode 100644 plugins/OStatus/extlib/phpseclib/Crypt/RSA/PuTTY.php create mode 100644 plugins/OStatus/extlib/phpseclib/Crypt/RSA/Raw.php create mode 100644 plugins/OStatus/extlib/phpseclib/Crypt/RSA/XML.php create mode 100644 plugins/OStatus/extlib/phpseclib/Exception/BadConfigurationException.php create mode 100644 plugins/OStatus/extlib/phpseclib/Exception/FileNotFoundException.php create mode 100644 plugins/OStatus/extlib/phpseclib/Exception/NoSupportedAlgorithmsException.php create mode 100644 plugins/OStatus/extlib/phpseclib/Exception/UnsupportedAlgorithmException.php create mode 100644 plugins/OStatus/extlib/phpseclib/File/ANSI.php create mode 100644 plugins/OStatus/extlib/phpseclib/File/ASN1.php create mode 100644 plugins/OStatus/extlib/phpseclib/File/ASN1/Element.php create mode 100644 plugins/OStatus/extlib/phpseclib/File/X509.php create mode 100644 plugins/OStatus/extlib/phpseclib/Net/SCP.php create mode 100644 plugins/OStatus/extlib/phpseclib/Net/SFTP.php create mode 100644 plugins/OStatus/extlib/phpseclib/Net/SFTP/Stream.php create mode 100644 plugins/OStatus/extlib/phpseclib/Net/SSH1.php create mode 100644 plugins/OStatus/extlib/phpseclib/Net/SSH2.php create mode 100644 plugins/OStatus/extlib/phpseclib/System/SSH/Agent.php create mode 100644 plugins/OStatus/extlib/phpseclib/System/SSH/Agent/Identity.php create mode 100644 plugins/OStatus/extlib/phpseclib/bootstrap.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/AES.php b/plugins/OStatus/extlib/phpseclib/Crypt/AES.php index 81fa2feab6..8521eb5e5c 100644 --- a/plugins/OStatus/extlib/phpseclib/Crypt/AES.php +++ b/plugins/OStatus/extlib/phpseclib/Crypt/AES.php @@ -1,28 +1,31 @@ * setKey('abcdefghijklmnop'); * @@ -36,153 +39,85 @@ * ?> * * - * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @category Crypt - * @package Crypt_AES - * @author Jim Wigginton - * @copyright MMVIII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package AES + * @author Jim Wigginton + * @copyright 2008 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ -/** - * Include Crypt_Rijndael - */ -if (!class_exists('Crypt_Rijndael')) { - require_once('Rijndael.php'); -} - -/**#@+ - * @access public - * @see Crypt_AES::encrypt() - * @see Crypt_AES::decrypt() - */ -/** - * Encrypt / decrypt using the Counter mode. - * - * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 - */ -define('CRYPT_AES_MODE_CTR', CRYPT_MODE_CTR); -/** - * Encrypt / decrypt using the Electronic Code Book mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 - */ -define('CRYPT_AES_MODE_ECB', CRYPT_MODE_ECB); -/** - * Encrypt / decrypt using the Code Book Chaining mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 - */ -define('CRYPT_AES_MODE_CBC', CRYPT_MODE_CBC); -/** - * Encrypt / decrypt using the Cipher Feedback mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 - */ -define('CRYPT_AES_MODE_CFB', CRYPT_MODE_CFB); -/** - * Encrypt / decrypt using the Cipher Feedback mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 - */ -define('CRYPT_AES_MODE_OFB', CRYPT_MODE_OFB); -/**#@-*/ - -/**#@+ - * @access private - * @see Crypt_AES::Crypt_AES() - */ -/** - * Toggles the internal implementation - */ -define('CRYPT_AES_MODE_INTERNAL', CRYPT_MODE_INTERNAL); -/** - * Toggles the mcrypt implementation - */ -define('CRYPT_AES_MODE_MCRYPT', CRYPT_MODE_MCRYPT); -/**#@-*/ +namespace phpseclib\Crypt; /** * Pure-PHP implementation of AES. * + * @package AES * @author Jim Wigginton - * @version 0.1.0 * @access public - * @package Crypt_AES */ -class Crypt_AES extends Crypt_Rijndael { - /** - * The namespace used by the cipher for its constants. - * - * @see Crypt_Base::const_namespace - * @var String - * @access private - */ - var $const_namespace = 'AES'; - - /** - * Default Constructor. - * - * Determines whether or not the mcrypt extension should be used. - * - * $mode could be: - * - * - CRYPT_AES_MODE_ECB - * - * - CRYPT_AES_MODE_CBC - * - * - CRYPT_AES_MODE_CTR - * - * - CRYPT_AES_MODE_CFB - * - * - CRYPT_AES_MODE_OFB - * - * If not explictly set, CRYPT_AES_MODE_CBC will be used. - * - * @see Crypt_Rijndael::Crypt_Rijndael() - * @see Crypt_Base::Crypt_Base() - * @param optional Integer $mode - * @access public - */ - function Crypt_AES($mode = CRYPT_AES_MODE_CBC) - { - parent::Crypt_Rijndael($mode); - } - +class AES extends Rijndael +{ /** * Dummy function * - * Since Crypt_AES extends Crypt_Rijndael, this function is, technically, available, but it doesn't do anything. + * Since \phpseclib\Crypt\AES extends \phpseclib\Crypt\Rijndael, this function is, technically, available, but it doesn't do anything. * - * @see Crypt_Rijndael::setBlockLength() + * @see \phpseclib\Crypt\Rijndael::setBlockLength() * @access public - * @param Integer $length + * @param int $length + * @throws \BadMethodCallException anytime it's called */ function setBlockLength($length) { - return; + throw new \BadMethodCallException('The block length cannot be set for AES.'); + } + + /** + * Sets the key length + * + * Valid key lengths are 128, 192, and 256. Set the link to bool(false) to disable a fixed key length + * + * @see \phpseclib\Crypt\Rijndael:setKeyLength() + * @access public + * @param int $length + * @throws \LengthException if the key length isn't supported + */ + function setKeyLength($length) + { + switch ($length) { + case 128: + case 192: + case 256: + break; + default: + throw new \LengthException('Key of size ' . $length . ' not supported by this algorithm. Only keys of sizes 128, 192 or 256 supported'); + } + parent::setKeyLength($length); + } + + /** + * Sets the key. + * + * Rijndael supports five different key lengths, AES only supports three. + * + * @see \phpseclib\Crypt\Rijndael:setKey() + * @see setKeyLength() + * @access public + * @param string $key + * @throws \LengthException if the key length isn't supported + */ + function setKey($key) + { + switch (strlen($key)) { + case 16: + case 24: + case 32: + break; + default: + throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16, 24 or 32 supported'); + } + + parent::setKey($key); } } - -// vim: ts=4:sw=4:et: -// vim6: fdl=1: diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/Base.php b/plugins/OStatus/extlib/phpseclib/Crypt/Base.php index 7c650ca729..e3cc7b87bb 100644 --- a/plugins/OStatus/extlib/phpseclib/Crypt/Base.php +++ b/plugins/OStatus/extlib/phpseclib/Crypt/Base.php @@ -1,15 +1,14 @@ - * @author Hans-Juergen Petrich - * @copyright MMVII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @version 1.0.1 - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package Base + * @author Jim Wigginton + * @author Hans-Juergen Petrich + * @copyright 2007 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ -/**#@+ - * @access public - * @see Crypt_Base::encrypt() - * @see Crypt_Base::decrypt() - */ -/** - * Encrypt / decrypt using the Counter mode. - * - * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 - */ -define('CRYPT_MODE_CTR', -1); -/** - * Encrypt / decrypt using the Electronic Code Book mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 - */ -define('CRYPT_MODE_ECB', 1); -/** - * Encrypt / decrypt using the Code Book Chaining mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 - */ -define('CRYPT_MODE_CBC', 2); -/** - * Encrypt / decrypt using the Cipher Feedback mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 - */ -define('CRYPT_MODE_CFB', 3); -/** - * Encrypt / decrypt using the Output Feedback mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 - */ -define('CRYPT_MODE_OFB', 4); -/** - * Encrypt / decrypt using streaming mode. - * - */ -define('CRYPT_MODE_STREAM', 5); -/**#@-*/ - -/**#@+ - * @access private - * @see Crypt_Base::Crypt_Base() - */ -/** - * Base value for the internal implementation $engine switch - */ -define('CRYPT_MODE_INTERNAL', 1); -/** - * Base value for the mcrypt implementation $engine switch - */ -define('CRYPT_MODE_MCRYPT', 2); -/**#@-*/ +namespace phpseclib\Crypt; /** - * Base Class for all Crypt_* cipher classes + * Base Class for all \phpseclib\Crypt\* cipher classes * + * @package Base * @author Jim Wigginton * @author Hans-Juergen Petrich - * @version 1.0.0 - * @access public - * @package Crypt_Base */ -class Crypt_Base { +abstract class Base +{ + /**#@+ + * @access public + * @see \phpseclib\Crypt\Base::encrypt() + * @see \phpseclib\Crypt\Base::decrypt() + */ + /** + * Encrypt / decrypt using the Counter mode. + * + * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 + */ + const MODE_CTR = -1; + /** + * Encrypt / decrypt using the Electronic Code Book mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 + */ + const MODE_ECB = 1; + /** + * Encrypt / decrypt using the Code Book Chaining mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 + */ + const MODE_CBC = 2; + /** + * Encrypt / decrypt using the Cipher Feedback mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 + */ + const MODE_CFB = 3; + /** + * Encrypt / decrypt using the Output Feedback mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 + */ + const MODE_OFB = 4; + /** + * Encrypt / decrypt using streaming mode. + */ + const MODE_STREAM = 5; + /**#@-*/ + + /** + * Whirlpool available flag + * + * @see \phpseclib\Crypt\Base::_hashInlineCryptFunction() + * @var bool + * @access private + */ + static $WHIRLPOOL_AVAILABLE; + + /**#@+ + * @access private + * @see \phpseclib\Crypt\Base::__construct() + */ + /** + * Base value for the internal implementation $engine switch + */ + const ENGINE_INTERNAL = 1; + /** + * Base value for the mcrypt implementation $engine switch + */ + const ENGINE_MCRYPT = 2; + /** + * Base value for the mcrypt implementation $engine switch + */ + const ENGINE_OPENSSL = 3; + /**#@-*/ + /** * The Encryption Mode * - * @see Crypt_Base::Crypt_Base() - * @var Integer + * @see self::__construct() + * @var int * @access private */ var $mode; @@ -134,7 +127,7 @@ class Crypt_Base { /** * The Block Length of the block cipher * - * @var Integer + * @var int * @access private */ var $block_size = 16; @@ -142,27 +135,27 @@ class Crypt_Base { /** * The Key * - * @see Crypt_Base::setKey() - * @var String + * @see self::setKey() + * @var string * @access private */ - var $key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; + var $key = false; /** * The Initialization Vector * - * @see Crypt_Base::setIV() - * @var String + * @see self::setIV() + * @var string * @access private */ - var $iv; + var $iv = false; /** * A "sliding" Initialization Vector * - * @see Crypt_Base::enableContinuousBuffer() - * @see Crypt_Base::_clearBuffers() - * @var String + * @see self::enableContinuousBuffer() + * @see self::_clearBuffers() + * @var string * @access private */ var $encryptIV; @@ -170,9 +163,9 @@ class Crypt_Base { /** * A "sliding" Initialization Vector * - * @see Crypt_Base::enableContinuousBuffer() - * @see Crypt_Base::_clearBuffers() - * @var String + * @see self::enableContinuousBuffer() + * @see self::_clearBuffers() + * @var string * @access private */ var $decryptIV; @@ -180,8 +173,8 @@ class Crypt_Base { /** * Continuous Buffer status * - * @see Crypt_Base::enableContinuousBuffer() - * @var Boolean + * @see self::enableContinuousBuffer() + * @var bool * @access private */ var $continuousBuffer = false; @@ -189,9 +182,9 @@ class Crypt_Base { /** * Encryption buffer for CTR, OFB and CFB modes * - * @see Crypt_Base::encrypt() - * @see Crypt_Base::_clearBuffers() - * @var Array + * @see self::encrypt() + * @see self::_clearBuffers() + * @var array * @access private */ var $enbuffer; @@ -199,9 +192,9 @@ class Crypt_Base { /** * Decryption buffer for CTR, OFB and CFB modes * - * @see Crypt_Base::decrypt() - * @see Crypt_Base::_clearBuffers() - * @var Array + * @see self::decrypt() + * @see self::_clearBuffers() + * @var array * @access private */ var $debuffer; @@ -212,8 +205,8 @@ class Crypt_Base { * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. * - * @see Crypt_Base::encrypt() - * @var Resource + * @see self::encrypt() + * @var resource * @access private */ var $enmcrypt; @@ -224,8 +217,8 @@ class Crypt_Base { * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. * - * @see Crypt_Base::decrypt() - * @var Resource + * @see self::decrypt() + * @var resource * @access private */ var $demcrypt; @@ -233,9 +226,9 @@ class Crypt_Base { /** * Does the enmcrypt resource need to be (re)initialized? * - * @see Crypt_Twofish::setKey() - * @see Crypt_Twofish::setIV() - * @var Boolean + * @see \phpseclib\Crypt\Twofish::setKey() + * @see \phpseclib\Crypt\Twofish::setIV() + * @var bool * @access private */ var $enchanged = true; @@ -243,9 +236,9 @@ class Crypt_Base { /** * Does the demcrypt resource need to be (re)initialized? * - * @see Crypt_Twofish::setKey() - * @see Crypt_Twofish::setIV() - * @var Boolean + * @see \phpseclib\Crypt\Twofish::setKey() + * @see \phpseclib\Crypt\Twofish::setIV() + * @var bool * @access private */ var $dechanged = true; @@ -261,10 +254,10 @@ class Crypt_Base { * use a separate ECB-mode mcrypt resource. * * @link http://phpseclib.sourceforge.net/cfb-demo.phps - * @see Crypt_Base::encrypt() - * @see Crypt_Base::decrypt() - * @see Crypt_Base::_setupMcrypt() - * @var Resource + * @see self::encrypt() + * @see self::decrypt() + * @see self::_setupMcrypt() + * @var resource * @access private */ var $ecb; @@ -273,20 +266,20 @@ class Crypt_Base { * Optimizing value while CFB-encrypting * * Only relevant if $continuousBuffer enabled - * and $engine == CRYPT_MODE_MCRYPT + * and $engine == self::ENGINE_MCRYPT * * It's faster to re-init $enmcrypt if * $buffer bytes > $cfb_init_len than * using the $ecb resource furthermore. * - * This value depends of the choosen cipher + * This value depends of the chosen cipher * and the time it would be needed for it's * initialization [by mcrypt_generic_init()] * which, typically, depends on the complexity * on its internaly Key-expanding algorithm. * - * @see Crypt_Base::encrypt() - * @var Integer + * @see self::encrypt() + * @var int * @access private */ var $cfb_init_len = 600; @@ -294,10 +287,10 @@ class Crypt_Base { /** * Does internal cipher state need to be (re)initialized? * - * @see setKey() - * @see setIV() - * @see disableContinuousBuffer() - * @var Boolean + * @see self::setKey() + * @see self::setIV() + * @see self::disableContinuousBuffer() + * @var bool * @access private */ var $changed = true; @@ -305,8 +298,8 @@ class Crypt_Base { /** * Padding status * - * @see Crypt_Base::enablePadding() - * @var Boolean + * @see self::enablePadding() + * @var bool * @access private */ var $padding = true; @@ -314,8 +307,8 @@ class Crypt_Base { /** * Is the mode one that is paddable? * - * @see Crypt_Base::Crypt_Base() - * @var Boolean + * @see self::__construct() + * @var bool * @access private */ var $paddable = false; @@ -325,86 +318,83 @@ class Crypt_Base { * which will be determined automatically on __construct() * * Currently available $engines are: - * - CRYPT_MODE_MCRYPT (fast, php-extension: mcrypt, extension_loaded('mcrypt') required) - * - CRYPT_MODE_INTERNAL (slower, pure php-engine, no php-extension required) + * - self::ENGINE_OPENSSL (very fast, php-extension: openssl, extension_loaded('openssl') required) + * - self::ENGINE_MCRYPT (fast, php-extension: mcrypt, extension_loaded('mcrypt') required) + * - self::ENGINE_INTERNAL (slower, pure php-engine, no php-extension required) * - * In the pipeline... maybe. But currently not available: - * - CRYPT_MODE_OPENSSL (very fast, php-extension: openssl, extension_loaded('openssl') required) - * - * If possible, CRYPT_MODE_MCRYPT will be used for each cipher. - * Otherwise CRYPT_MODE_INTERNAL - * - * @see Crypt_Base::encrypt() - * @see Crypt_Base::decrypt() - * @var Integer + * @see self::_setEngine() + * @see self::encrypt() + * @see self::decrypt() + * @var int * @access private */ var $engine; + /** + * Holds the preferred crypt engine + * + * @see self::_setEngine() + * @see self::setPreferredEngine() + * @var int + * @access private + */ + var $preferredEngine; + /** * The mcrypt specific name of the cipher * - * Only used if $engine == CRYPT_MODE_MCRYPT + * Only used if $engine == self::ENGINE_MCRYPT * * @link http://www.php.net/mcrypt_module_open * @link http://www.php.net/mcrypt_list_algorithms - * @see Crypt_Base::_setupMcrypt() - * @var String + * @see self::_setupMcrypt() + * @var string * @access private */ var $cipher_name_mcrypt; /** - * The default password key_size used by setPassword() + * The openssl specific name of the cipher * - * @see Crypt_Base::setPassword() - * @var Integer + * Only used if $engine == self::ENGINE_OPENSSL + * + * @link http://www.php.net/openssl-get-cipher-methods + * @var string * @access private */ - var $password_key_size = 32; + var $cipher_name_openssl; + + /** + * The openssl specific name of the cipher in ECB mode + * + * If OpenSSL does not support the mode we're trying to use (CTR) + * it can still be emulated with ECB mode. + * + * @link http://www.php.net/openssl-get-cipher-methods + * @var string + * @access private + */ + var $cipher_name_openssl_ecb; /** * The default salt used by setPassword() * - * @see Crypt_Base::setPassword() - * @var String + * @see self::setPassword() + * @var string * @access private */ var $password_default_salt = 'phpseclib/salt'; - /** - * The namespace used by the cipher for its constants. - * - * ie: AES.php is using CRYPT_AES_MODE_* for its constants - * so $const_namespace is AES - * - * DES.php is using CRYPT_DES_MODE_* for its constants - * so $const_namespace is DES... and so on - * - * All CRYPT_<$const_namespace>_MODE_* are aliases of - * the generic CRYPT_MODE_* constants, so both could be used - * for each cipher. - * - * Example: - * $aes = new Crypt_AES(CRYPT_AES_MODE_CFB); // $aes will operate in cfb mode - * $aes = new Crypt_AES(CRYPT_MODE_CFB); // identical - * - * @see Crypt_Base::Crypt_Base() - * @var String - * @access private - */ - var $const_namespace; - /** * The name of the performance-optimized callback function * * Used by encrypt() / decrypt() - * only if $engine == CRYPT_MODE_INTERNAL + * only if $engine == self::ENGINE_INTERNAL * - * @see Crypt_Base::encrypt() - * @see Crypt_Base::decrypt() - * @see Crypt_Base::_setupInlineCrypt() - * @see Crypt_Base::$use_inline_crypt + * @see self::encrypt() + * @see self::decrypt() + * @see self::_setupInlineCrypt() + * @see self::$use_inline_crypt * @var Callback * @access private */ @@ -413,84 +403,89 @@ class Crypt_Base { /** * Holds whether performance-optimized $inline_crypt() can/should be used. * - * @see Crypt_Base::encrypt() - * @see Crypt_Base::decrypt() - * @see Crypt_Base::inline_crypt + * @see self::encrypt() + * @see self::decrypt() + * @see self::inline_crypt * @var mixed * @access private */ var $use_inline_crypt; /** - * Default Constructor. + * If OpenSSL can be used in ECB but not in CTR we can emulate CTR * - * Determines whether or not the mcrypt extension should be used. + * @see self::_openssl_ctr_process() + * @var bool + * @access private + */ + var $openssl_emulate_ctr = false; + + /** + * Determines what options are passed to openssl_encrypt/decrypt + * + * @see self::isValidEngine() + * @var mixed + * @access private + */ + var $openssl_options; + + /** + * Don't truncate / null pad key + * + * @see self::_clearBuffers() + * @var bool + * @access private + */ + var $skip_key_adjustment = false; + + /** + * Has the key length explicitly been set or should it be derived from the key, itself? + * + * @see self::setKeyLength() + * @var bool + * @access private + */ + var $explicit_key_length = false; + + /** + * Default Constructor. * * $mode could be: * - * - CRYPT_MODE_ECB + * - self::MODE_ECB * - * - CRYPT_MODE_CBC + * - self::MODE_CBC * - * - CRYPT_MODE_CTR + * - self::MODE_CTR * - * - CRYPT_MODE_CFB + * - self::MODE_CFB * - * - CRYPT_MODE_OFB + * - self::MODE_OFB * - * (or the alias constants of the choosen cipher, for example for AES: CRYPT_AES_MODE_ECB or CRYPT_AES_MODE_CBC ...) - * - * If not explictly set, CRYPT_MODE_CBC will be used. - * - * @param optional Integer $mode + * @param int $mode * @access public + * @throws \InvalidArgumentException if an invalid / unsupported mode is provided */ - function Crypt_Base($mode = CRYPT_MODE_CBC) + function __construct($mode) { - $const_crypt_mode = 'CRYPT_' . $this->const_namespace . '_MODE'; - - // Determining the availibility of mcrypt support for the cipher - if (!defined($const_crypt_mode)) { - switch (true) { - case extension_loaded('mcrypt') && in_array($this->cipher_name_mcrypt, mcrypt_list_algorithms()): - define($const_crypt_mode, CRYPT_MODE_MCRYPT); - break; - default: - define($const_crypt_mode, CRYPT_MODE_INTERNAL); - } - } - - // Determining which internal $engine should be used. - // The fastes possible first. - switch (true) { - case empty($this->cipher_name_mcrypt): // The cipher module has no mcrypt-engine support at all so we force CRYPT_MODE_INTERNAL - $this->engine = CRYPT_MODE_INTERNAL; - break; - case constant($const_crypt_mode) == CRYPT_MODE_MCRYPT: - $this->engine = CRYPT_MODE_MCRYPT; - break; - default: - $this->engine = CRYPT_MODE_INTERNAL; - } - // $mode dependent settings switch ($mode) { - case CRYPT_MODE_ECB: + case self::MODE_ECB: + case self::MODE_CBC: $this->paddable = true; - $this->mode = $mode; break; - case CRYPT_MODE_CTR: - case CRYPT_MODE_CFB: - case CRYPT_MODE_OFB: - case CRYPT_MODE_STREAM: - $this->mode = $mode; + case self::MODE_CTR: + case self::MODE_CFB: + case self::MODE_OFB: + case self::MODE_STREAM: + $this->paddable = false; break; - case CRYPT_MODE_CBC: default: - $this->paddable = true; - $this->mode = CRYPT_MODE_CBC; + throw new \InvalidArgumentException('No valid mode has been specified'); } + $this->mode = $mode; + // Determining whether inline crypting can be used by the cipher if ($this->use_inline_crypt !== false && function_exists('create_function')) { $this->use_inline_crypt = true; @@ -498,26 +493,85 @@ class Crypt_Base { } /** - * Sets the initialization vector. (optional) + * Sets the initialization vector. * - * SetIV is not required when CRYPT_MODE_ECB (or ie for AES: CRYPT_AES_MODE_ECB) is being used. If not explictly set, it'll be assumed - * to be all zero's. - * - * Note: Could, but not must, extend by the child Crypt_* class + * setIV() is not required when self::MODE_ECB (or ie for AES: \phpseclib\Crypt\AES::MODE_ECB) is being used. * * @access public - * @param String $iv + * @param string $iv + * @throws \LengthException if the IV length isn't equal to the block size + * @throws \InvalidArgumentException if an IV is provided when one shouldn't be + * @internal Can be overwritten by a sub class, but does not have to be */ function setIV($iv) { - if ($this->mode == CRYPT_MODE_ECB) { - return; + if ($this->mode == self::MODE_ECB) { + throw new \InvalidArgumentException('This mode does not require an IV.'); + } + + if ($this->mode == self::MODE_STREAM && $this->usesIV()) { + throw new \InvalidArgumentException('This algorithm does not use an IV.'); + } + + if (strlen($iv) != $this->block_size) { + throw new \LengthException('Received initialization vector of size ' . strlen($iv) . ', but size ' . $this->block_size . ' is required'); } $this->iv = $iv; $this->changed = true; } + /** + * Returns whether or not the algorithm uses an IV + * + * @access public + * @return bool + */ + function usesIV() + { + return true; + } + + /** + * Returns the current key length in bits + * + * @access public + * @return int + */ + function getKeyLength() + { + return $this->key_length << 3; + } + + /** + * Returns the current block length in bits + * + * @access public + * @return int + */ + function getBlockLength() + { + return $this->block_size << 3; + } + + /** + * Sets the key length. + * + * Keys with explicitly set lengths need to be treated accordingly + * + * @access public + * @param int $length + */ + function setKeyLength($length) + { + $this->explicit_key_length = $length >> 3; + + if (is_string($this->key) && strlen($this->key) != $this->explicit_key_length) { + $this->key = false; + throw new \LengthException('Key has already been set and is not ' .$this->explicit_key_length . ' bytes long'); + } + } + /** * Sets the key. * @@ -528,39 +582,45 @@ class Crypt_Base { * * If the key is not explicitly set, it'll be assumed to be all null bytes. * - * Note: Could, but not must, extend by the child Crypt_* class - * * @access public - * @param String $key + * @param string $key + * @internal Could, but not must, extend by the child Crypt_* class */ function setKey($key) { + if ($this->explicit_key_length !== false && strlen($key) != $this->explicit_key_length) { + throw new \LengthException('Key length has already been set to ' . $this->explicit_key_length . ' bytes and this key is ' . strlen($key) . ' bytes'); + } + $this->key = $key; + $this->key_length = strlen($key); $this->changed = true; + $this->_setEngine(); } /** * Sets the password. * * Depending on what $method is set to, setPassword()'s (optional) parameters are as follows: - * {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2}: + * {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2} or pbkdf1: * $hash, $salt, $count, $dkLen * * Where $hash (default = sha1) currently supports the following hashes: see: Crypt/Hash.php * - * Note: Could, but not must, extend by the child Crypt_* class - * * @see Crypt/Hash.php - * @param String $password - * @param optional String $method + * @param string $password + * @param string $method + * @throws \LengthException if pbkdf1 is being used and the derived key length exceeds the hash length + * @return bool * @access public + * @internal Could, but not must, extend by the child Crypt_* class */ function setPassword($password, $method = 'pbkdf2') { $key = ''; switch ($method) { - default: // 'pbkdf2' + default: // 'pbkdf2' or 'pbkdf1' $func_args = func_get_args(); // Hash function @@ -574,19 +634,37 @@ class Crypt_Base { $count = isset($func_args[4]) ? $func_args[4] : 1000; // Keylength - $dkLen = isset($func_args[5]) ? $func_args[5] : $this->password_key_size; + if (isset($func_args[5])) { + $dkLen = $func_args[5]; + } else { + $key_length = $this->explicit_key_length !== false ? $this->explicit_key_length : $this->key_length; + $dkLen = $method == 'pbkdf1' ? 2 * $key_length : $key_length; + } - // Determining if php[>=5.5.0]'s hash_pbkdf2() function avail- and useable switch (true) { + case $method == 'pbkdf1': + $hashObj = new Hash(); + $hashObj->setHash($hash); + if ($dkLen > $hashObj->getLength()) { + throw new \LengthException('Derived key length cannot be longer than the hash length'); + } + $t = $password . $salt; + for ($i = 0; $i < $count; ++$i) { + $t = $hashObj->hash($t); + } + $key = substr($t, 0, $dkLen); + + $this->setKey(substr($key, 0, $dkLen >> 1)); + $this->setIV(substr($key, $dkLen >> 1)); + + return true; + // Determining if php[>=5.5.0]'s hash_pbkdf2() function avail- and useable case !function_exists('hash_pbkdf2'): case !function_exists('hash_algos'): case !in_array($hash, hash_algos()): - if (!class_exists('Crypt_Hash')) { - require_once('Crypt/Hash.php'); - } $i = 1; while (strlen($key) < $dkLen) { - $hmac = new Crypt_Hash(); + $hmac = new Hash(); $hmac->setHash($hash); $hmac->setKey($password); $f = $u = $hmac->hash($salt . pack('N', $i++)); @@ -604,6 +682,8 @@ class Crypt_Base { } $this->setKey($key); + + return true; } /** @@ -620,29 +700,107 @@ class Crypt_Base { * strlen($plaintext) will still need to be a multiple of the block size, however, arbitrary values can be added to make it that * length. * - * Note: Could, but not must, extend by the child Crypt_* class - * - * @see Crypt_Base::decrypt() + * @see self::decrypt() * @access public - * @param String $plaintext - * @return String $cipertext + * @param string $plaintext + * @return string $ciphertext + * @internal Could, but not must, extend by the child Crypt_* class */ function encrypt($plaintext) { - if ($this->engine == CRYPT_MODE_MCRYPT) { + if ($this->paddable) { + $plaintext = $this->_pad($plaintext); + } + + if ($this->engine === self::ENGINE_OPENSSL) { + if ($this->changed) { + $this->_clearBuffers(); + $this->changed = false; + } + switch ($this->mode) { + case self::MODE_STREAM: + return openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, $this->openssl_options); + case self::MODE_ECB: + $result = openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, $this->openssl_options); + return !defined('OPENSSL_RAW_DATA') ? substr($result, 0, -$this->block_size) : $result; + case self::MODE_CBC: + $result = openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, $this->openssl_options, $this->encryptIV); + if (!defined('OPENSSL_RAW_DATA')) { + $result = substr($result, 0, -$this->block_size); + } + if ($this->continuousBuffer) { + $this->encryptIV = substr($result, -$this->block_size); + } + return $result; + case self::MODE_CTR: + return $this->_openssl_ctr_process($plaintext, $this->encryptIV, $this->enbuffer); + case self::MODE_CFB: + // cfb loosely routines inspired by openssl's: + // {@link http://cvs.openssl.org/fileview?f=openssl/crypto/modes/cfb128.c&v=1.3.2.2.2.1} + $ciphertext = ''; + if ($this->continuousBuffer) { + $iv = &$this->encryptIV; + $pos = &$this->enbuffer['pos']; + } else { + $iv = $this->encryptIV; + $pos = 0; + } + $len = strlen($plaintext); + $i = 0; + if ($pos) { + $orig_pos = $pos; + $max = $this->block_size - $pos; + if ($len >= $max) { + $i = $max; + $len-= $max; + $pos = 0; + } else { + $i = $len; + $pos+= $len; + $len = 0; + } + // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize + $ciphertext = substr($iv, $orig_pos) ^ $plaintext; + $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); + $plaintext = substr($plaintext, $i); + } + + $overflow = $len % $this->block_size; + + if ($overflow) { + $ciphertext.= openssl_encrypt(substr($plaintext, 0, -$overflow) . str_repeat("\0", $this->block_size), $this->cipher_name_openssl, $this->key, $this->openssl_options, $iv); + $iv = $this->_string_pop($ciphertext, $this->block_size); + + $size = $len - $overflow; + $block = $iv ^ substr($plaintext, -$overflow); + $iv = substr_replace($iv, $block, 0, $overflow); + $ciphertext.= $block; + $pos = $overflow; + } elseif ($len) { + $ciphertext = openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, $this->openssl_options, $iv); + $iv = substr($ciphertext, -$this->block_size); + } + + return $ciphertext; + case self::MODE_OFB: + return $this->_openssl_ofb_process($plaintext, $this->encryptIV, $this->enbuffer); + } + } + + if ($this->engine === self::ENGINE_MCRYPT) { if ($this->changed) { $this->_setupMcrypt(); $this->changed = false; } if ($this->enchanged) { - mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV); + mcrypt_generic_init($this->enmcrypt, $this->key, $this->_getIV($this->encryptIV)); $this->enchanged = false; } // re: {@link http://phpseclib.sourceforge.net/cfb-demo.phps} // using mcrypt's default handing of CFB the above would output two different things. using phpseclib's // rewritten CFB implementation the above outputs the same thing twice. - if ($this->mode == CRYPT_MODE_CFB && $this->continuousBuffer) { + if ($this->mode == self::MODE_CFB && $this->continuousBuffer) { $block_size = $this->block_size; $iv = &$this->encryptIV; $pos = &$this->enbuffer['pos']; @@ -695,14 +853,10 @@ class Crypt_Base { return $ciphertext; } - if ($this->paddable) { - $plaintext = $this->_pad($plaintext); - } - $ciphertext = mcrypt_generic($this->enmcrypt, $plaintext); if (!$this->continuousBuffer) { - mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV); + mcrypt_generic_init($this->enmcrypt, $this->key, $this->_getIV($this->encryptIV)); } return $ciphertext; @@ -716,20 +870,17 @@ class Crypt_Base { $inline = $this->inline_crypt; return $inline('encrypt', $this, $plaintext); } - if ($this->paddable) { - $plaintext = $this->_pad($plaintext); - } $buffer = &$this->enbuffer; $block_size = $this->block_size; $ciphertext = ''; switch ($this->mode) { - case CRYPT_MODE_ECB: + case self::MODE_ECB: for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { $ciphertext.= $this->_encryptBlock(substr($plaintext, $i, $block_size)); } break; - case CRYPT_MODE_CBC: + case self::MODE_CBC: $xor = $this->encryptIV; for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { $block = substr($plaintext, $i, $block_size); @@ -741,32 +892,34 @@ class Crypt_Base { $this->encryptIV = $xor; } break; - case CRYPT_MODE_CTR: + case self::MODE_CTR: $xor = $this->encryptIV; - if (strlen($buffer['encrypted'])) { + if (strlen($buffer['ciphertext'])) { for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { $block = substr($plaintext, $i, $block_size); - if (strlen($block) > strlen($buffer['encrypted'])) { - $buffer['encrypted'].= $this->_encryptBlock($this->_generateXor($xor, $block_size)); + if (strlen($block) > strlen($buffer['ciphertext'])) { + $buffer['ciphertext'].= $this->_encryptBlock($xor); } - $key = $this->_stringShift($buffer['encrypted'], $block_size); + $this->_increment_str($xor); + $key = $this->_string_shift($buffer['ciphertext'], $block_size); $ciphertext.= $block ^ $key; } } else { for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { $block = substr($plaintext, $i, $block_size); - $key = $this->_encryptBlock($this->_generateXor($xor, $block_size)); + $key = $this->_encryptBlock($xor); + $this->_increment_str($xor); $ciphertext.= $block ^ $key; } } if ($this->continuousBuffer) { $this->encryptIV = $xor; if ($start = strlen($plaintext) % $block_size) { - $buffer['encrypted'] = substr($key, $start) . $buffer['encrypted']; + $buffer['ciphertext'] = substr($key, $start) . $buffer['ciphertext']; } } break; - case CRYPT_MODE_CFB: + case self::MODE_CFB: // cfb loosely routines inspired by openssl's: // {@link http://cvs.openssl.org/fileview?f=openssl/crypto/modes/cfb128.c&v=1.3.2.2.2.1} if ($this->continuousBuffer) { @@ -808,7 +961,7 @@ class Crypt_Base { $pos = $len; } break; - case CRYPT_MODE_OFB: + case self::MODE_OFB: $xor = $this->encryptIV; if (strlen($buffer['xor'])) { for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { @@ -817,7 +970,7 @@ class Crypt_Base { $xor = $this->_encryptBlock($xor); $buffer['xor'].= $xor; } - $key = $this->_stringShift($buffer['xor'], $block_size); + $key = $this->_string_shift($buffer['xor'], $block_size); $ciphertext.= $block ^ $key; } } else { @@ -830,11 +983,11 @@ class Crypt_Base { if ($this->continuousBuffer) { $this->encryptIV = $xor; if ($start = strlen($plaintext) % $block_size) { - $buffer['xor'] = substr($key, $start) . $buffer['xor']; + $buffer['xor'] = substr($key, $start) . $buffer['xor']; } } break; - case CRYPT_MODE_STREAM: + case self::MODE_STREAM: $ciphertext = $this->_encryptBlock($plaintext); break; } @@ -848,27 +1001,114 @@ class Crypt_Base { * If strlen($ciphertext) is not a multiple of the block size, null bytes will be added to the end of the string until * it is. * - * Note: Could, but not must, extend by the child Crypt_* class - * - * @see Crypt_Base::encrypt() + * @see self::encrypt() * @access public - * @param String $ciphertext - * @return String $plaintext + * @param string $ciphertext + * @return string $plaintext + * @throws \LengthException if we're inside a block cipher and the ciphertext length is not a multiple of the block size + * @internal Could, but not must, extend by the child Crypt_* class */ function decrypt($ciphertext) { - if ($this->engine == CRYPT_MODE_MCRYPT) { + if ($this->paddable && strlen($ciphertext) % $this->block_size) { + throw new \LengthException('The ciphertext length (' . strlen($ciphertext) . ') needs to be a multiple of the block size (' . $this->block_size . ')'); + } + + if ($this->engine === self::ENGINE_OPENSSL) { + if ($this->changed) { + $this->_clearBuffers(); + $this->changed = false; + } + switch ($this->mode) { + case self::MODE_STREAM: + $plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, $this->openssl_options); + break; + case self::MODE_ECB: + if (!defined('OPENSSL_RAW_DATA')) { + $ciphertext.= openssl_encrypt('', $this->cipher_name_openssl_ecb, $this->key, true); + } + $plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, $this->openssl_options); + break; + case self::MODE_CBC: + if (!defined('OPENSSL_RAW_DATA')) { + $padding = str_repeat(chr($this->block_size), $this->block_size) ^ substr($ciphertext, -$this->block_size); + $ciphertext.= substr(openssl_encrypt($padding, $this->cipher_name_openssl_ecb, $this->key, true), 0, $this->block_size); + $offset = 2 * $this->block_size; + } else { + $offset = $this->block_size; + } + $plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, $this->openssl_options, $this->decryptIV); + if ($this->continuousBuffer) { + $this->decryptIV = substr($ciphertext, -$offset, $this->block_size); + } + break; + case self::MODE_CTR: + $plaintext = $this->_openssl_ctr_process($ciphertext, $this->decryptIV, $this->debuffer); + break; + case self::MODE_CFB: + // cfb loosely routines inspired by openssl's: + // {@link http://cvs.openssl.org/fileview?f=openssl/crypto/modes/cfb128.c&v=1.3.2.2.2.1} + $plaintext = ''; + if ($this->continuousBuffer) { + $iv = &$this->decryptIV; + $pos = &$this->buffer['pos']; + } else { + $iv = $this->decryptIV; + $pos = 0; + } + $len = strlen($ciphertext); + $i = 0; + if ($pos) { + $orig_pos = $pos; + $max = $this->block_size - $pos; + if ($len >= $max) { + $i = $max; + $len-= $max; + $pos = 0; + } else { + $i = $len; + $pos+= $len; + $len = 0; + } + // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $this->blocksize + $plaintext = substr($iv, $orig_pos) ^ $ciphertext; + $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i); + $ciphertext = substr($ciphertext, $i); + } + $overflow = $len % $this->block_size; + if ($overflow) { + $plaintext.= openssl_decrypt(substr($ciphertext, 0, -$overflow), $this->cipher_name_openssl, $this->key, $this->openssl_options, $iv); + if ($len - $overflow) { + $iv = substr($ciphertext, -$overflow - $this->block_size, -$overflow); + } + $iv = openssl_encrypt(str_repeat("\0", $this->block_size), $this->cipher_name_openssl, $this->key, $this->openssl_options, $iv); + $plaintext.= $iv ^ substr($ciphertext, -$overflow); + $iv = substr_replace($iv, substr($ciphertext, -$overflow), 0, $overflow); + $pos = $overflow; + } elseif ($len) { + $plaintext.= openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, $this->openssl_options, $iv); + $iv = substr($ciphertext, -$this->block_size); + } + break; + case self::MODE_OFB: + $plaintext = $this->_openssl_ofb_process($ciphertext, $this->decryptIV, $this->debuffer); + } + + return $this->paddable ? $this->_unpad($plaintext) : $plaintext; + } + + if ($this->engine === self::ENGINE_MCRYPT) { $block_size = $this->block_size; if ($this->changed) { $this->_setupMcrypt(); $this->changed = false; } if ($this->dechanged) { - mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV); + mcrypt_generic_init($this->demcrypt, $this->key, $this->_getIV($this->decryptIV)); $this->dechanged = false; } - if ($this->mode == CRYPT_MODE_CFB && $this->continuousBuffer) { + if ($this->mode == self::MODE_CFB && $this->continuousBuffer) { $iv = &$this->decryptIV; $pos = &$this->debuffer['pos']; $len = strlen($ciphertext); @@ -906,16 +1146,10 @@ class Crypt_Base { return $plaintext; } - if ($this->paddable) { - // we pad with chr(0) since that's what mcrypt_generic does. to quote from {@link http://www.php.net/function.mcrypt-generic}: - // "The data is padded with "\0" to make sure the length of the data is n * blocksize." - $ciphertext = str_pad($ciphertext, strlen($ciphertext) + ($block_size - strlen($ciphertext) % $block_size) % $block_size, chr(0)); - } - $plaintext = mdecrypt_generic($this->demcrypt, $ciphertext); if (!$this->continuousBuffer) { - mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV); + mcrypt_generic_init($this->demcrypt, $this->key, $this->_getIV($this->decryptIV)); } return $this->paddable ? $this->_unpad($plaintext) : $plaintext; @@ -931,20 +1165,16 @@ class Crypt_Base { } $block_size = $this->block_size; - if ($this->paddable) { - // we pad with chr(0) since that's what mcrypt_generic does [...] - $ciphertext = str_pad($ciphertext, strlen($ciphertext) + ($block_size - strlen($ciphertext) % $block_size) % $block_size, chr(0)); - } $buffer = &$this->debuffer; $plaintext = ''; switch ($this->mode) { - case CRYPT_MODE_ECB: + case self::MODE_ECB: for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { $plaintext.= $this->_decryptBlock(substr($ciphertext, $i, $block_size)); } break; - case CRYPT_MODE_CBC: + case self::MODE_CBC: $xor = $this->decryptIV; for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { $block = substr($ciphertext, $i, $block_size); @@ -955,21 +1185,23 @@ class Crypt_Base { $this->decryptIV = $xor; } break; - case CRYPT_MODE_CTR: + case self::MODE_CTR: $xor = $this->decryptIV; if (strlen($buffer['ciphertext'])) { for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { $block = substr($ciphertext, $i, $block_size); if (strlen($block) > strlen($buffer['ciphertext'])) { - $buffer['ciphertext'].= $this->_encryptBlock($this->_generateXor($xor, $block_size)); + $buffer['ciphertext'].= $this->_encryptBlock($xor); + $this->_increment_str($xor); } - $key = $this->_stringShift($buffer['ciphertext'], $block_size); + $key = $this->_string_shift($buffer['ciphertext'], $block_size); $plaintext.= $block ^ $key; } } else { for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { $block = substr($ciphertext, $i, $block_size); - $key = $this->_encryptBlock($this->_generateXor($xor, $block_size)); + $key = $this->_encryptBlock($xor); + $this->_increment_str($xor); $plaintext.= $block ^ $key; } } @@ -980,7 +1212,7 @@ class Crypt_Base { } } break; - case CRYPT_MODE_CFB: + case self::MODE_CFB: if ($this->continuousBuffer) { $iv = &$this->decryptIV; $pos = &$buffer['pos']; @@ -1021,7 +1253,7 @@ class Crypt_Base { $pos = $len; } break; - case CRYPT_MODE_OFB: + case self::MODE_OFB: $xor = $this->decryptIV; if (strlen($buffer['xor'])) { for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { @@ -1030,7 +1262,7 @@ class Crypt_Base { $xor = $this->_encryptBlock($xor); $buffer['xor'].= $xor; } - $key = $this->_stringShift($buffer['xor'], $block_size); + $key = $this->_string_shift($buffer['xor'], $block_size); $plaintext.= $block ^ $key; } } else { @@ -1043,17 +1275,205 @@ class Crypt_Base { if ($this->continuousBuffer) { $this->decryptIV = $xor; if ($start = strlen($ciphertext) % $block_size) { - $buffer['xor'] = substr($key, $start) . $buffer['xor']; + $buffer['xor'] = substr($key, $start) . $buffer['xor']; } } break; - case CRYPT_MODE_STREAM: + case self::MODE_STREAM: $plaintext = $this->_decryptBlock($ciphertext); break; } return $this->paddable ? $this->_unpad($plaintext) : $plaintext; } + /** + * Get the IV + * + * mcrypt requires an IV even if ECB is used + * + * @see self::encrypt() + * @see self::decrypt() + * @param string $iv + * @return string + * @access private + */ + function _getIV($iv) + { + return $this->mode == self::MODE_ECB ? str_repeat("\0", $this->block_size) : $iv; + } + + /** + * OpenSSL CTR Processor + * + * PHP's OpenSSL bindings do not operate in continuous mode so we'll wrap around it. Since the keystream + * for CTR is the same for both encrypting and decrypting this function is re-used by both Base::encrypt() + * and Base::decrypt(). Also, OpenSSL doesn't implement CTR for all of it's symmetric ciphers so this + * function will emulate CTR with ECB when necesary. + * + * @see self::encrypt() + * @see self::decrypt() + * @param string $plaintext + * @param string $encryptIV + * @param array $buffer + * @return string + * @access private + */ + function _openssl_ctr_process($plaintext, &$encryptIV, &$buffer) + { + $ciphertext = ''; + + $block_size = $this->block_size; + $key = $this->key; + + if ($this->openssl_emulate_ctr) { + $xor = $encryptIV; + if (strlen($buffer['ciphertext'])) { + for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { + $block = substr($plaintext, $i, $block_size); + if (strlen($block) > strlen($buffer['ciphertext'])) { + $result = openssl_encrypt($xor, $this->cipher_name_openssl_ecb, $key, $this->openssl_options); + $result = !defined('OPENSSL_RAW_DATA') ? substr($result, 0, -$this->block_size) : $result; + $buffer['ciphertext'].= $result; + } + $this->_increment_str($xor); + $otp = $this->_string_shift($buffer['ciphertext'], $block_size); + $ciphertext.= $block ^ $otp; + } + } else { + for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { + $block = substr($plaintext, $i, $block_size); + $otp = openssl_encrypt($xor, $this->cipher_name_openssl_ecb, $key, $this->openssl_options); + $otp = !defined('OPENSSL_RAW_DATA') ? substr($otp, 0, -$this->block_size) : $otp; + $this->_increment_str($xor); + $ciphertext.= $block ^ $otp; + } + } + if ($this->continuousBuffer) { + $encryptIV = $xor; + if ($start = strlen($plaintext) % $block_size) { + $buffer['ciphertext'] = substr($key, $start) . $buffer['ciphertext']; + } + } + + return $ciphertext; + } + + if (strlen($buffer['ciphertext'])) { + $ciphertext = $plaintext ^ $this->_string_shift($buffer['ciphertext'], strlen($plaintext)); + $plaintext = substr($plaintext, strlen($ciphertext)); + + if (!strlen($plaintext)) { + return $ciphertext; + } + } + + $overflow = strlen($plaintext) % $block_size; + if ($overflow) { + $plaintext2 = $this->_string_pop($plaintext, $overflow); // ie. trim $plaintext to a multiple of $block_size and put rest of $plaintext in $plaintext2 + $encrypted = openssl_encrypt($plaintext . str_repeat("\0", $block_size), $this->cipher_name_openssl, $key, $this->openssl_options, $encryptIV); + $temp = $this->_string_pop($encrypted, $block_size); + $ciphertext.= $encrypted . ($plaintext2 ^ $temp); + if ($this->continuousBuffer) { + $buffer['ciphertext'] = substr($temp, $overflow); + $encryptIV = $temp; + } + } elseif (!strlen($buffer['ciphertext'])) { + $ciphertext.= openssl_encrypt($plaintext . str_repeat("\0", $block_size), $this->cipher_name_openssl, $key, $this->openssl_options, $encryptIV); + $temp = $this->_string_pop($ciphertext, $block_size); + if ($this->continuousBuffer) { + $encryptIV = $temp; + } + } + if ($this->continuousBuffer) { + if (!defined('OPENSSL_RAW_DATA')) { + $encryptIV.= openssl_encrypt('', $this->cipher_name_openssl_ecb, $key, $this->openssl_options); + } + $encryptIV = openssl_decrypt($encryptIV, $this->cipher_name_openssl_ecb, $key, $this->openssl_options); + if ($overflow) { + $this->_increment_str($encryptIV); + } + } + + return $ciphertext; + } + + /** + * OpenSSL OFB Processor + * + * PHP's OpenSSL bindings do not operate in continuous mode so we'll wrap around it. Since the keystream + * for OFB is the same for both encrypting and decrypting this function is re-used by both Base::encrypt() + * and Base::decrypt(). + * + * @see self::encrypt() + * @see self::decrypt() + * @param string $plaintext + * @param string $encryptIV + * @param array $buffer + * @return string + * @access private + */ + function _openssl_ofb_process($plaintext, &$encryptIV, &$buffer) + { + if (strlen($buffer['xor'])) { + $ciphertext = $plaintext ^ $buffer['xor']; + $buffer['xor'] = substr($buffer['xor'], strlen($ciphertext)); + $plaintext = substr($plaintext, strlen($ciphertext)); + } else { + $ciphertext = ''; + } + + $block_size = $this->block_size; + + $len = strlen($plaintext); + $key = $this->key; + $overflow = $len % $block_size; + + if (strlen($plaintext)) { + if ($overflow) { + $ciphertext.= openssl_encrypt(substr($plaintext, 0, -$overflow) . str_repeat("\0", $block_size), $this->cipher_name_openssl, $key, $this->openssl_options, $encryptIV); + $xor = $this->_string_pop($ciphertext, $block_size); + if ($this->continuousBuffer) { + $encryptIV = $xor; + } + $ciphertext.= $this->_string_shift($xor, $overflow) ^ substr($plaintext, -$overflow); + if ($this->continuousBuffer) { + $buffer['xor'] = $xor; + } + } else { + $ciphertext = openssl_encrypt($plaintext, $this->cipher_name_openssl, $key, $this->openssl_options, $encryptIV); + if ($this->continuousBuffer) { + $encryptIV = substr($ciphertext, -$block_size) ^ substr($plaintext, -$block_size); + } + } + } + + return $ciphertext; + } + + /** + * phpseclib <-> OpenSSL Mode Mapper + * + * May need to be overwritten by classes extending this one in some cases + * + * @return int + * @access private + */ + function _openssl_translate_mode() + { + switch ($this->mode) { + case self::MODE_ECB: + return 'ecb'; + case self::MODE_CBC: + return 'cbc'; + case self::MODE_CTR: + return 'ctr'; + case self::MODE_CFB: + return 'cfb'; + case self::MODE_OFB: + return 'ofb'; + } + } + /** * Pad "packets". * @@ -1066,7 +1486,7 @@ class Crypt_Base { * away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is * transmitted separately) * - * @see Crypt_Base::disablePadding() + * @see self::disablePadding() * @access public */ function enablePadding() @@ -1077,7 +1497,7 @@ class Crypt_Base { /** * Do not pad packets. * - * @see Crypt_Base::enablePadding() + * @see self::enablePadding() * @access public */ function disablePadding() @@ -1114,23 +1534,24 @@ class Crypt_Base { * outputs. The reason is due to the fact that the initialization vector's change after every encryption / * decryption round when the continuous buffer is enabled. When it's disabled, they remain constant. * - * Put another way, when the continuous buffer is enabled, the state of the Crypt_*() object changes after each + * Put another way, when the continuous buffer is enabled, the state of the \phpseclib\Crypt\*() object changes after each * encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them), * however, they are also less intuitive and more likely to cause you problems. * - * Note: Could, but not must, extend by the child Crypt_* class - * - * @see Crypt_Base::disableContinuousBuffer() + * @see self::disableContinuousBuffer() * @access public + * @internal Could, but not must, extend by the child Crypt_* class */ function enableContinuousBuffer() { - if ($this->mode == CRYPT_MODE_ECB) { + if ($this->mode == self::MODE_ECB) { return; } $this->continuousBuffer = true; + + $this->_setEngine(); } /** @@ -1138,14 +1559,13 @@ class Crypt_Base { * * The default behavior. * - * Note: Could, but not must, extend by the child Crypt_* class - * - * @see Crypt_Base::enableContinuousBuffer() + * @see self::enableContinuousBuffer() * @access public + * @internal Could, but not must, extend by the child Crypt_* class */ function disableContinuousBuffer() { - if ($this->mode == CRYPT_MODE_ECB) { + if ($this->mode == self::MODE_ECB) { return; } if (!$this->continuousBuffer) { @@ -1154,56 +1574,191 @@ class Crypt_Base { $this->continuousBuffer = false; $this->changed = true; + + $this->_setEngine(); + } + + /** + * Test for engine validity + * + * @see self::__construct() + * @param int $engine + * @access public + * @return bool + */ + function isValidEngine($engine) + { + switch ($engine) { + case self::ENGINE_OPENSSL: + if ($this->mode == self::MODE_STREAM && $this->continuousBuffer) { + return false; + } + $this->openssl_emulate_ctr = false; + $result = $this->cipher_name_openssl && + extension_loaded('openssl') && + // PHP 5.3.0 - 5.3.2 did not let you set IV's + version_compare(PHP_VERSION, '5.3.3', '>='); + if (!$result) { + return false; + } + + // prior to PHP 5.4.0 OPENSSL_RAW_DATA and OPENSSL_ZERO_PADDING were not defined. instead of expecting an integer + // $options openssl_encrypt expected a boolean $raw_data. + if (!defined('OPENSSL_RAW_DATA')) { + $this->openssl_options = true; + } else { + $this->openssl_options = OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING; + } + + $methods = openssl_get_cipher_methods(); + if (in_array($this->cipher_name_openssl, $methods)) { + return true; + } + // not all of openssl's symmetric cipher's support ctr. for those + // that don't we'll emulate it + switch ($this->mode) { + case self::MODE_CTR: + if (in_array($this->cipher_name_openssl_ecb, $methods)) { + $this->openssl_emulate_ctr = true; + return true; + } + } + return false; + case self::ENGINE_MCRYPT: + return $this->cipher_name_mcrypt && + extension_loaded('mcrypt') && + in_array($this->cipher_name_mcrypt, mcrypt_list_algorithms()); + case self::ENGINE_INTERNAL: + return true; + } + + return false; + } + + /** + * Sets the preferred crypt engine + * + * Currently, $engine could be: + * + * - \phpseclib\Crypt\Base::ENGINE_OPENSSL [very fast] + * + * - \phpseclib\Crypt\Base::ENGINE_MCRYPT [fast] + * + * - \phpseclib\Crypt\Base::ENGINE_INTERNAL [slow] + * + * If the preferred crypt engine is not available the fastest available one will be used + * + * @see self::__construct() + * @param int $engine + * @access public + */ + function setPreferredEngine($engine) + { + switch ($engine) { + //case self::ENGINE_OPENSSL; + case self::ENGINE_MCRYPT: + case self::ENGINE_INTERNAL: + $this->preferredEngine = $engine; + break; + default: + $this->preferredEngine = self::ENGINE_OPENSSL; + } + + $this->_setEngine(); + } + + /** + * Returns the engine currently being utilized + * + * @see self::_setEngine() + * @access public + */ + function getEngine() + { + return $this->engine; + } + + /** + * Sets the engine as appropriate + * + * @see self::__construct() + * @access private + */ + function _setEngine() + { + $this->engine = null; + + $candidateEngines = array( + $this->preferredEngine, + self::ENGINE_OPENSSL, + self::ENGINE_MCRYPT + ); + foreach ($candidateEngines as $engine) { + if ($this->isValidEngine($engine)) { + $this->engine = $engine; + break; + } + } + if (!$this->engine) { + $this->engine = self::ENGINE_INTERNAL; + } + + if ($this->engine != self::ENGINE_MCRYPT && $this->enmcrypt) { + // Closing the current mcrypt resource(s). _mcryptSetup() will, if needed, + // (re)open them with the module named in $this->cipher_name_mcrypt + mcrypt_module_close($this->enmcrypt); + mcrypt_module_close($this->demcrypt); + $this->enmcrypt = null; + $this->demcrypt = null; + + if ($this->ecb) { + mcrypt_module_close($this->ecb); + $this->ecb = null; + } + } + + $this->changed = true; } /** * Encrypts a block * - * Note: Must extend by the child Crypt_* class + * Note: Must be extended by the child \phpseclib\Crypt\* class * * @access private - * @param String $in - * @return String + * @param string $in + * @return string */ - function _encryptBlock($in) - { - user_error((version_compare(PHP_VERSION, '5.0.0', '>=') ? __METHOD__ : __FUNCTION__) . '() must extend by class ' . get_class($this), E_USER_ERROR); - } + abstract function _encryptBlock($in); /** * Decrypts a block * - * Note: Must extend by the child Crypt_* class + * Note: Must be extended by the child \phpseclib\Crypt\* class * * @access private - * @param String $in - * @return String + * @param string $in + * @return string */ - function _decryptBlock($in) - { - user_error((version_compare(PHP_VERSION, '5.0.0', '>=') ? __METHOD__ : __FUNCTION__) . '() must extend by class ' . get_class($this), E_USER_ERROR); - } + abstract function _decryptBlock($in); /** * Setup the key (expansion) * - * Only used if $engine == CRYPT_MODE_INTERNAL + * Only used if $engine == self::ENGINE_INTERNAL * - * Note: Must extend by the child Crypt_* class + * Note: Must extend by the child \phpseclib\Crypt\* class * - * @see Crypt_Base::_setup() + * @see self::_setup() * @access private */ - function _setupKey() - { - user_error((version_compare(PHP_VERSION, '5.0.0', '>=') ? __METHOD__ : __FUNCTION__) . '() must extend by class ' . get_class($this), E_USER_ERROR); - } + abstract function _setupKey(); /** - * Setup the CRYPT_MODE_INTERNAL $engine + * Setup the self::ENGINE_INTERNAL $engine * * (re)init, if necessary, the internal cipher $engine and flush all $buffers - * Used (only) if $engine == CRYPT_MODE_INTERNAL + * Used (only) if $engine == self::ENGINE_INTERNAL * * _setup() will be called each time if $changed === true * typically this happens when using one or more of following public methods: @@ -1216,14 +1771,12 @@ class Crypt_Base { * * - First run of encrypt() / decrypt() with no init-settings * - * Internally: _setup() is called always before(!) en/decryption. - * - * Note: Could, but not must, extend by the child Crypt_* class - * - * @see setKey() - * @see setIV() - * @see disableContinuousBuffer() + * @see self::setKey() + * @see self::setIV() + * @see self::disableContinuousBuffer() * @access private + * @internal _setup() is always called before en/decryption. + * @internal Could, but not must, extend by the child Crypt_* class */ function _setup() { @@ -1236,10 +1789,10 @@ class Crypt_Base { } /** - * Setup the CRYPT_MODE_MCRYPT $engine + * Setup the self::ENGINE_MCRYPT $engine * * (re)init, if necessary, the (ext)mcrypt resources and flush all $buffers - * Used (only) if $engine = CRYPT_MODE_MCRYPT + * Used (only) if $engine = self::ENGINE_MCRYPT * * _setupMcrypt() will be called each time if $changed === true * typically this happens when using one or more of following public methods: @@ -1252,13 +1805,11 @@ class Crypt_Base { * * - First run of encrypt() / decrypt() * - * - * Note: Could, but not must, extend by the child Crypt_* class - * - * @see setKey() - * @see setIV() - * @see disableContinuousBuffer() + * @see self::setKey() + * @see self::setIV() + * @see self::disableContinuousBuffer() * @access private + * @internal Could, but not must, extend by the child Crypt_* class */ function _setupMcrypt() { @@ -1267,12 +1818,12 @@ class Crypt_Base { if (!isset($this->enmcrypt)) { static $mcrypt_modes = array( - CRYPT_MODE_CTR => 'ctr', - CRYPT_MODE_ECB => MCRYPT_MODE_ECB, - CRYPT_MODE_CBC => MCRYPT_MODE_CBC, - CRYPT_MODE_CFB => 'ncfb', - CRYPT_MODE_OFB => MCRYPT_MODE_NOFB, - CRYPT_MODE_STREAM => MCRYPT_MODE_STREAM, + self::MODE_CTR => 'ctr', + self::MODE_ECB => MCRYPT_MODE_ECB, + self::MODE_CBC => MCRYPT_MODE_CBC, + self::MODE_CFB => 'ncfb', + self::MODE_OFB => MCRYPT_MODE_NOFB, + self::MODE_STREAM => MCRYPT_MODE_STREAM, ); $this->demcrypt = mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], ''); @@ -1281,13 +1832,12 @@ class Crypt_Base { // we need the $ecb mcrypt resource (only) in MODE_CFB with enableContinuousBuffer() // to workaround mcrypt's broken ncfb implementation in buffered mode // see: {@link http://phpseclib.sourceforge.net/cfb-demo.phps} - if ($this->mode == CRYPT_MODE_CFB) { + if ($this->mode == self::MODE_CFB) { $this->ecb = mcrypt_module_open($this->cipher_name_mcrypt, '', MCRYPT_MODE_ECB, ''); } - } // else should mcrypt_generic_deinit be called? - if ($this->mode == CRYPT_MODE_CFB) { + if ($this->mode == self::MODE_CFB) { mcrypt_generic_init($this->ecb, $this->key, str_repeat("\0", $this->block_size)); } } @@ -1302,10 +1852,11 @@ class Crypt_Base { * If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless * and padding will, hence forth, be enabled. * - * @see Crypt_Base::_unpad() - * @param String $text + * @see self::_unpad() + * @param string $text + * @throws \LengthException if padding is disabled and the plaintext's length is not a multiple of the block size * @access private - * @return String + * @return string */ function _pad($text) { @@ -1315,8 +1866,7 @@ class Crypt_Base { if ($length % $this->block_size == 0) { return $text; } else { - user_error("The plaintext's length ($length) is not a multiple of the block size ({$this->block_size})"); - $this->padding = true; + throw new \LengthException("The plaintext's length ($length) is not a multiple of the block size ({$this->block_size}). Try enabling padding."); } } @@ -1331,10 +1881,11 @@ class Crypt_Base { * If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong * and false will be returned. * - * @see Crypt_Base::_pad() - * @param String $text + * @see self::_pad() + * @param string $text + * @throws \LengthException if the ciphertext's length is not a multiple of the block size * @access private - * @return String + * @return string */ function _unpad($text) { @@ -1345,7 +1896,7 @@ class Crypt_Base { $length = ord($text[strlen($text) - 1]); if (!$length || $length > $this->block_size) { - return false; + throw new \LengthException("The ciphertext has an invalid padding length ($length) compared to the block size ({$this->block_size})"); } return substr($text, 0, -$length); @@ -1358,18 +1909,19 @@ class Crypt_Base { * after disableContinuousBuffer() or on cipher $engine (re)init * ie after setKey() or setIV() * - * Note: Could, but not must, extend by the child Crypt_* class - * - * @access public + * @access private + * @internal Could, but not must, extend by the child Crypt_* class + * @throws \UnexpectedValueException when an IV is required but not defined */ function _clearBuffers() { - $this->enbuffer = array('encrypted' => '', 'xor' => '', 'pos' => 0, 'enmcrypt_init' => true); - $this->debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0, 'demcrypt_init' => true); + $this->enbuffer = $this->debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0, 'enmcrypt_init' => true); - // mcrypt's handling of invalid's $iv: - // $this->encryptIV = $this->decryptIV = strlen($this->iv) == $this->block_size ? $this->iv : str_repeat("\0", $this->block_size); - $this->encryptIV = $this->decryptIV = str_pad(substr($this->iv, 0, $this->block_size), $this->block_size, "\0"); + if ($this->iv === false && !in_array($this->mode, array(self::MODE_STREAM, self::MODE_ECB))) { + throw new \UnexpectedValueException('No IV has been defined'); + } + + $this->encryptIV = $this->decryptIV = $this->iv; } /** @@ -1377,12 +1929,12 @@ class Crypt_Base { * * Inspired by array_shift * - * @param String $string - * @param optional Integer $index + * @param string $string + * @param int $index * @access private - * @return String + * @return string */ - function _stringShift(&$string, $index = 1) + function _string_shift(&$string, $index = 1) { $substr = substr($string, 0, $index); $string = substr($string, $index); @@ -1390,43 +1942,57 @@ class Crypt_Base { } /** - * Generate CTR XOR encryption key + * String Pop * - * Encrypt the output of this and XOR it against the ciphertext / plaintext to get the - * plaintext / ciphertext in CTR mode. + * Inspired by array_pop * - * @see Crypt_Base::decrypt() - * @see Crypt_Base::encrypt() - * @param String $iv - * @param Integer $length + * @param string $string + * @param int $index * @access private - * @return String $xor + * @return string */ - function _generateXor(&$iv, $length) + function _string_pop(&$string, $index = 1) { - $xor = ''; - $block_size = $this->block_size; - $num_blocks = floor(($length + ($block_size - 1)) / $block_size); - for ($i = 0; $i < $num_blocks; $i++) { - $xor.= $iv; - for ($j = 4; $j <= $block_size; $j+= 4) { - $temp = substr($iv, -$j, 4); - switch ($temp) { - case "\xFF\xFF\xFF\xFF": - $iv = substr_replace($iv, "\x00\x00\x00\x00", -$j, 4); - break; - case "\x7F\xFF\xFF\xFF": - $iv = substr_replace($iv, "\x80\x00\x00\x00", -$j, 4); - break 2; - default: - extract(unpack('Ncount', $temp)); - $iv = substr_replace($iv, pack('N', $count + 1), -$j, 4); - break 2; - } + $substr = substr($string, -$index); + $string = substr($string, 0, -$index); + return $substr; + } + + /** + * Increment the current string + * + * @see self::decrypt() + * @see self::encrypt() + * @param string $var + * @access private + */ + function _increment_str(&$var) + { + for ($i = 4; $i <= strlen($var); $i+= 4) { + $temp = substr($var, -$i, 4); + switch ($temp) { + case "\xFF\xFF\xFF\xFF": + $var = substr_replace($var, "\x00\x00\x00\x00", -$i, 4); + break; + case "\x7F\xFF\xFF\xFF": + $var = substr_replace($var, "\x80\x00\x00\x00", -$i, 4); + return; + default: + $temp = unpack('Nnum', $temp); + $var = substr_replace($var, pack('N', $temp['num'] + 1), -$i, 4); + return; } } - return $xor; + $remainder = strlen($var) % 4; + + if ($remainder == 0) { + return; + } + + $temp = unpack('Nnum', str_pad(substr($var, 0, $remainder), 4, "\0", STR_PAD_LEFT)); + $temp = substr(pack('N', $temp['num'] + 1), -$remainder); + $var = substr_replace($var, $temp, 0, $remainder); } /** @@ -1439,14 +2005,14 @@ class Crypt_Base { * * _setupInlineCrypt() would be called only if: * - * - $engine == CRYPT_MODE_INTERNAL and + * - $engine == self::ENGINE_INTERNAL and * * - $use_inline_crypt === true * * - each time on _setup(), after(!) _setupKey() * * - * This ensures that _setupInlineCrypt() has allways a + * This ensures that _setupInlineCrypt() has always a * full ready2go initializated internal cipher $engine state * where, for example, the keys allready expanded, * keys/block_size calculated and such. @@ -1474,7 +2040,7 @@ class Crypt_Base { * - short (as good as possible) * * Note: - _setupInlineCrypt() is using _createInlineCryptFunction() to create the full callback function code. - * - In case of using inline crypting, _setupInlineCrypt() must extend by the child Crypt_* class. + * - In case of using inline crypting, _setupInlineCrypt() must extend by the child \phpseclib\Crypt\* class. * - The following variable names are reserved: * - $_* (all variable names prefixed with an underscore) * - $self (object reference to it self. Do not use $this, but $self instead) @@ -1482,19 +2048,18 @@ class Crypt_Base { * - The callback function should not use the 'return' statement, but en/decrypt'ing the content of $in only * * - * @see Crypt_Base::_setup() - * @see Crypt_Base::_createInlineCryptFunction() - * @see Crypt_Base::encrypt() - * @see Crypt_Base::decrypt() + * @see self::_setup() + * @see self::_createInlineCryptFunction() + * @see self::encrypt() + * @see self::decrypt() * @access private + * @internal If a Crypt_* class providing inline crypting it must extend _setupInlineCrypt() */ function _setupInlineCrypt() { - // If a Crypt_* class providing inline crypting it must extend _setupInlineCrypt() - - // If, for any reason, an extending Crypt_Base() Crypt_* class + // If, for any reason, an extending \phpseclib\Crypt\Base() \phpseclib\Crypt\* class // not using inline crypting then it must be ensured that: $this->use_inline_crypt = false - // ie in the class var declaration of $use_inline_crypt in general for the Crypt_* class, + // ie in the class var declaration of $use_inline_crypt in general for the \phpseclib\Crypt\* class, // in the constructor at object instance-time // or, if it's runtime-specific, at runtime @@ -1591,7 +2156,7 @@ class Crypt_Base { * +----------------------------------------------------------------------------------------------+ * * - * See also the Crypt_*::_setupInlineCrypt()'s for + * See also the \phpseclib\Crypt\*::_setupInlineCrypt()'s for * productive inline $cipher_code's how they works. * * Structure of: @@ -1605,12 +2170,12 @@ class Crypt_Base { * ); * * - * @see Crypt_Base::_setupInlineCrypt() - * @see Crypt_Base::encrypt() - * @see Crypt_Base::decrypt() - * @param Array $cipher_code + * @see self::_setupInlineCrypt() + * @see self::encrypt() + * @see self::decrypt() + * @param array $cipher_code * @access private - * @return String (the name of the created callback function) + * @return string (the name of the created callback function) */ function _createInlineCryptFunction($cipher_code) { @@ -1628,10 +2193,9 @@ class Crypt_Base { // merged with the $cipher_code algorithm // for encrypt- and decryption. switch ($this->mode) { - case CRYPT_MODE_ECB: + case self::MODE_ECB: $encrypt = $init_encrypt . ' $_ciphertext = ""; - $_text = $self->_pad($_text); $_plaintext_len = strlen($_text); for ($_i = 0; $_i < $_plaintext_len; $_i+= '.$block_size.') { @@ -1657,29 +2221,30 @@ class Crypt_Base { return $self->_unpad($_plaintext); '; break; - case CRYPT_MODE_CTR: + case self::MODE_CTR: $encrypt = $init_encrypt . ' $_ciphertext = ""; $_plaintext_len = strlen($_text); $_xor = $self->encryptIV; $_buffer = &$self->enbuffer; - - if (strlen($_buffer["encrypted"])) { + if (strlen($_buffer["ciphertext"])) { for ($_i = 0; $_i < $_plaintext_len; $_i+= '.$block_size.') { $_block = substr($_text, $_i, '.$block_size.'); - if (strlen($_block) > strlen($_buffer["encrypted"])) { - $in = $self->_generateXor($_xor, '.$block_size.'); + if (strlen($_block) > strlen($_buffer["ciphertext"])) { + $in = $_xor; '.$encrypt_block.' - $_buffer["encrypted"].= $in; + $self->_increment_str($_xor); + $_buffer["ciphertext"].= $in; } - $_key = $self->_stringShift($_buffer["encrypted"], '.$block_size.'); + $_key = $self->_string_shift($_buffer["ciphertext"], '.$block_size.'); $_ciphertext.= $_block ^ $_key; } } else { for ($_i = 0; $_i < $_plaintext_len; $_i+= '.$block_size.') { $_block = substr($_text, $_i, '.$block_size.'); - $in = $self->_generateXor($_xor, '.$block_size.'); + $in = $_xor; '.$encrypt_block.' + $self->_increment_str($_xor); $_key = $in; $_ciphertext.= $_block ^ $_key; } @@ -1687,7 +2252,7 @@ class Crypt_Base { if ($self->continuousBuffer) { $self->encryptIV = $_xor; if ($_start = $_plaintext_len % '.$block_size.') { - $_buffer["encrypted"] = substr($_key, $_start) . $_buffer["encrypted"]; + $_buffer["ciphertext"] = substr($_key, $_start) . $_buffer["ciphertext"]; } } @@ -1704,18 +2269,20 @@ class Crypt_Base { for ($_i = 0; $_i < $_ciphertext_len; $_i+= '.$block_size.') { $_block = substr($_text, $_i, '.$block_size.'); if (strlen($_block) > strlen($_buffer["ciphertext"])) { - $in = $self->_generateXor($_xor, '.$block_size.'); + $in = $_xor; '.$encrypt_block.' + $self->_increment_str($_xor); $_buffer["ciphertext"].= $in; } - $_key = $self->_stringShift($_buffer["ciphertext"], '.$block_size.'); + $_key = $self->_string_shift($_buffer["ciphertext"], '.$block_size.'); $_plaintext.= $_block ^ $_key; } } else { for ($_i = 0; $_i < $_ciphertext_len; $_i+= '.$block_size.') { $_block = substr($_text, $_i, '.$block_size.'); - $in = $self->_generateXor($_xor, '.$block_size.'); + $in = $_xor; '.$encrypt_block.' + $self->_increment_str($_xor); $_key = $in; $_plaintext.= $_block ^ $_key; } @@ -1730,7 +2297,7 @@ class Crypt_Base { return $_plaintext; '; break; - case CRYPT_MODE_CFB: + case self::MODE_CFB: $encrypt = $init_encrypt . ' $_ciphertext = ""; $_buffer = &$self->enbuffer; @@ -1829,7 +2396,7 @@ class Crypt_Base { return $_plaintext; '; break; - case CRYPT_MODE_OFB: + case self::MODE_OFB: $encrypt = $init_encrypt . ' $_ciphertext = ""; $_plaintext_len = strlen($_text); @@ -1845,7 +2412,7 @@ class Crypt_Base { $_xor = $in; $_buffer["xor"].= $_xor; } - $_key = $self->_stringShift($_buffer["xor"], '.$block_size.'); + $_key = $self->_string_shift($_buffer["xor"], '.$block_size.'); $_ciphertext.= $_block ^ $_key; } } else { @@ -1881,7 +2448,7 @@ class Crypt_Base { $_xor = $in; $_buffer["xor"].= $_xor; } - $_key = $self->_stringShift($_buffer["xor"], '.$block_size.'); + $_key = $self->_string_shift($_buffer["xor"], '.$block_size.'); $_plaintext.= $_block ^ $_key; } } else { @@ -1902,7 +2469,7 @@ class Crypt_Base { return $_plaintext; '; break; - case CRYPT_MODE_STREAM: + case self::MODE_STREAM: $encrypt = $init_encrypt . ' $_ciphertext = ""; '.$encrypt_block.' @@ -1914,11 +2481,10 @@ class Crypt_Base { return $_plaintext; '; break; - // case CRYPT_MODE_CBC: + // case self::MODE_CBC: default: $encrypt = $init_encrypt . ' $_ciphertext = ""; - $_text = $self->_pad($_text); $_plaintext_len = strlen($_text); $in = $self->encryptIV; @@ -1976,14 +2542,46 @@ class Crypt_Base { * for which $mode the lambda function was created. * * @access private - * @return &Array + * @return array &$functions */ function &_getLambdaFunctions() { static $functions = array(); return $functions; } -} -// vim: ts=4:sw=4:et: -// vim6: fdl=1: + /** + * Generates a digest from $bytes + * + * @see self::_setupInlineCrypt() + * @access private + * @param $bytes + * @return string + */ + function _hashInlineCryptFunction($bytes) + { + if (!isset(self::$WHIRLPOOL_AVAILABLE)) { + self::$WHIRLPOOL_AVAILABLE = extension_loaded('hash') && in_array('whirlpool', hash_algos()); + } + + $result = ''; + $hash = $bytes; + + switch (true) { + case self::$WHIRLPOOL_AVAILABLE: + foreach (str_split($bytes, 64) as $t) { + $hash = hash('whirlpool', $hash, true); + $result .= $t ^ $hash; + } + return $result . hash('whirlpool', $hash, true); + default: + $len = strlen($bytes); + for ($i = 0; $i < $len; $i+=20) { + $t = substr($bytes, $i, 20); + $hash = sha1($hash, true); + $result .= $t ^ $hash; + } + return $result . sha1($hash, true); + } + } +} diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/Blowfish.php b/plugins/OStatus/extlib/phpseclib/Crypt/Blowfish.php index c8ef67e8f7..3500df595b 100644 --- a/plugins/OStatus/extlib/phpseclib/Crypt/Blowfish.php +++ b/plugins/OStatus/extlib/phpseclib/Crypt/Blowfish.php @@ -1,12 +1,11 @@ * setKey('12345678901234567890123456789012'); * @@ -27,139 +26,41 @@ * ?> * * - * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @category Crypt - * @package Crypt_Blowfish - * @author Jim Wigginton - * @author Hans-Juergen Petrich - * @copyright MMVII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @version 1.0 - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package Blowfish + * @author Jim Wigginton + * @author Hans-Juergen Petrich + * @copyright 2007 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ -/** - * Include Crypt_Base - * - * Base cipher class - */ -if (!class_exists('Crypt_Base')) { - require_once('Base.php'); -} - -/**#@+ - * @access public - * @see Crypt_Blowfish::encrypt() - * @see Crypt_Blowfish::decrypt() - */ -/** - * Encrypt / decrypt using the Counter mode. - * - * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 - */ -define('CRYPT_BLOWFISH_MODE_CTR', CRYPT_MODE_CTR); -/** - * Encrypt / decrypt using the Electronic Code Book mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 - */ -define('CRYPT_BLOWFISH_MODE_ECB', CRYPT_MODE_ECB); -/** - * Encrypt / decrypt using the Code Book Chaining mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 - */ -define('CRYPT_BLOWFISH_MODE_CBC', CRYPT_MODE_CBC); -/** - * Encrypt / decrypt using the Cipher Feedback mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 - */ -define('CRYPT_BLOWFISH_MODE_CFB', CRYPT_MODE_CFB); -/** - * Encrypt / decrypt using the Cipher Feedback mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 - */ -define('CRYPT_BLOWFISH_MODE_OFB', CRYPT_MODE_OFB); -/**#@-*/ - -/**#@+ - * @access private - * @see Crypt_Blowfish::Crypt_Blowfish() - */ -/** - * Toggles the internal implementation - */ -define('CRYPT_BLOWFISH_MODE_INTERNAL', CRYPT_MODE_INTERNAL); -/** - * Toggles the mcrypt implementation - */ -define('CRYPT_BLOWFISH_MODE_MCRYPT', CRYPT_MODE_MCRYPT); -/**#@-*/ +namespace phpseclib\Crypt; /** * Pure-PHP implementation of Blowfish. * + * @package Blowfish * @author Jim Wigginton * @author Hans-Juergen Petrich - * @version 1.0 * @access public - * @package Crypt_Blowfish */ -class Crypt_Blowfish extends Crypt_Base { +class Blowfish extends Base +{ /** * Block Length of the cipher * - * @see Crypt_Base::block_size - * @var Integer + * @see \phpseclib\Crypt\Base::block_size + * @var int * @access private */ var $block_size = 8; - /** - * The default password key_size used by setPassword() - * - * @see Crypt_Base::password_key_size - * @see Crypt_Base::setPassword() - * @var Integer - * @access private - */ - var $password_key_size = 56; - - /** - * The namespace used by the cipher for its constants. - * - * @see Crypt_Base::const_namespace - * @var String - * @access private - */ - var $const_namespace = 'BLOWFISH'; - /** * The mcrypt specific name of the cipher * - * @see Crypt_Base::cipher_name_mcrypt - * @var String + * @see \phpseclib\Crypt\Base::cipher_name_mcrypt + * @var string * @access private */ var $cipher_name_mcrypt = 'blowfish'; @@ -167,8 +68,8 @@ class Crypt_Blowfish extends Crypt_Base { /** * Optimizing value while CFB-encrypting * - * @see Crypt_Base::cfb_init_len - * @var Integer + * @see \phpseclib\Crypt\Base::cfb_init_len + * @var int * @access private */ var $cfb_init_len = 500; @@ -176,12 +77,12 @@ class Crypt_Blowfish extends Crypt_Base { /** * The fixed subkeys boxes ($sbox0 - $sbox3) with 256 entries each * - * S-Box 1 + * S-Box 0 * * @access private * @var array */ - var $sbox0 = array ( + var $sbox0 = array( 0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7, 0xb8e1afed, 0x6a267e96, 0xba7c9045, 0xf12c7f99, 0x24a19947, 0xb3916cf7, 0x0801f2e2, 0x858efc16, 0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e, 0x0d95748f, 0x728eb658, 0x718bcd58, 0x82154aee, 0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013, @@ -342,7 +243,7 @@ class Crypt_Blowfish extends Crypt_Base { /** * P-Array consists of 18 32-bit subkeys * - * @var array $parray + * @var array * @access private */ var $parray = array( @@ -356,7 +257,7 @@ class Crypt_Blowfish extends Crypt_Base { * * Holds the expanded key [p] and the key-depended s-boxes [sb] * - * @var array $bctx + * @var array * @access private */ var $bctx; @@ -364,72 +265,86 @@ class Crypt_Blowfish extends Crypt_Base { /** * Holds the last used key * - * @var Array + * @var array * @access private */ var $kl; + /** + * The Key Length (in bytes) + * + * @see \phpseclib\Crypt\Base::setKeyLength() + * @var int + * @access private + * @internal The max value is 256 / 8 = 32, the min value is 128 / 8 = 16. Exists in conjunction with $Nk + * because the encryption / decryption / key schedule creation requires this number and not $key_length. We could + * derive this from $key_length or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu + * of that, we'll just precompute it once. + */ + var $key_length = 16; + /** * Default Constructor. * - * Determines whether or not the mcrypt extension should be used. - * - * $mode could be: - * - * - CRYPT_BLOWFISH_MODE_ECB - * - * - CRYPT_BLOWFISH_MODE_CBC - * - * - CRYPT_BLOWFISH_MODE_CTR - * - * - CRYPT_BLOWFISH_MODE_CFB - * - * - CRYPT_BLOWFISH_MODE_OFB - * - * If not explictly set, CRYPT_BLOWFISH_MODE_CBC will be used. - * - * @see Crypt_Base::Crypt_Base() - * @param optional Integer $mode + * @param int $mode * @access public + * @throws \InvalidArgumentException if an invalid / unsupported mode is provided */ - function Crypt_Blowfish($mode = CRYPT_BLOWFISH_MODE_CBC) + function __construct($mode) { - parent::Crypt_Base($mode); + if ($mode == self::MODE_STREAM) { + throw new \InvalidArgumentException('Block ciphers cannot be ran in stream mode'); + } + + parent::__construct($mode); } /** - * Sets the key. + * Sets the key length. * - * Keys can be of any length. Blowfish, itself, requires the use of a key between 32 and max. 448-bits long. - * If the key is less than 32-bits we NOT fill the key to 32bit but let the key as it is to be compatible - * with mcrypt because mcrypt act this way with blowfish key's < 32 bits. - * - * If the key is more than 448-bits, we trim the excess bits. - * - * If the key is not explicitly set, or empty, it'll be assumed a 128 bits key to be all null bytes. + * Key lengths can be between 32 and 448 bits. * * @access public - * @see Crypt_Base::setKey() - * @param String $key + * @param int $length */ - function setKey($key) + function setKeyLength($length) { - $keylength = strlen($key); - - if (!$keylength) { - $key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; - } - elseif ($keylength > 56) { - $key = substr($key, 0, 56); + if ($length < 32 || $length > 448) { + throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys of sizes between 32 and 448 bits are supported'); } - parent::setKey($key); + $this->key_length = $length >> 3; + + parent::setKeyLength($length); + } + + /** + * Test for engine validity + * + * This is mainly just a wrapper to set things up for \phpseclib\Crypt\Base::isValidEngine() + * + * @see \phpseclib\Crypt\Base::isValidEngine() + * @param int $engine + * @access public + * @return bool + */ + function isValidEngine($engine) + { + if ($engine == self::ENGINE_OPENSSL) { + if ($this->key_length != 16) { + return false; + } + $this->cipher_name_openssl_ecb = 'bf-ecb'; + $this->cipher_name_openssl = 'bf-' . $this->_openssl_translate_mode(); + } + + return parent::isValidEngine($engine); } /** * Setup the key (expansion) * - * @see Crypt_Base::_setupKey() + * @see \phpseclib\Crypt\Base::_setupKey() * @access private */ function _setupKey() @@ -486,8 +401,8 @@ class Crypt_Blowfish extends Crypt_Base { * Encrypts a block * * @access private - * @param String $in - * @return String + * @param string $in + * @return string */ function _encryptBlock($in) { @@ -503,17 +418,17 @@ class Crypt_Blowfish extends Crypt_Base { $r = $in[2]; for ($i = 0; $i < 16; $i+= 2) { - $l^= $p[$i]; - $r^= ($sb_0[$l >> 24 & 0xff] + - $sb_1[$l >> 16 & 0xff] ^ - $sb_2[$l >> 8 & 0xff]) + - $sb_3[$l & 0xff]; + $l^= $p[$i]; + $r^= ($sb_0[$l >> 24 & 0xff] + + $sb_1[$l >> 16 & 0xff] ^ + $sb_2[$l >> 8 & 0xff]) + + $sb_3[$l & 0xff]; - $r^= $p[$i + 1]; - $l^= ($sb_0[$r >> 24 & 0xff] + - $sb_1[$r >> 16 & 0xff] ^ - $sb_2[$r >> 8 & 0xff]) + - $sb_3[$r & 0xff]; + $r^= $p[$i + 1]; + $l^= ($sb_0[$r >> 24 & 0xff] + + $sb_1[$r >> 16 & 0xff] ^ + $sb_2[$r >> 8 & 0xff]) + + $sb_3[$r & 0xff]; } return pack("N*", $r ^ $p[17], $l ^ $p[16]); } @@ -522,8 +437,8 @@ class Crypt_Blowfish extends Crypt_Base { * Decrypts a block * * @access private - * @param String $in - * @return String + * @param string $in + * @return string */ function _decryptBlock($in) { @@ -550,30 +465,28 @@ class Crypt_Blowfish extends Crypt_Base { $sb_2[$r >> 8 & 0xff]) + $sb_3[$r & 0xff]; } - return pack("N*", $r ^ $p[0], $l ^ $p[1]); } /** * Setup the performance-optimized function for de/encrypt() * - * @see Crypt_Base::_setupInlineCrypt() + * @see \phpseclib\Crypt\Base::_setupInlineCrypt() * @access private */ function _setupInlineCrypt() { - $lambda_functions =& Crypt_Blowfish::_getLambdaFunctions(); + $lambda_functions =& self::_getLambdaFunctions(); // We create max. 10 hi-optimized code for memory reason. Means: For each $key one ultra fast inline-crypt function. + // (Currently, for Blowfish, one generated $lambda_function cost on php5.5@32bit ~100kb unfreeable mem and ~180kb on php5.5@64bit) // After that, we'll still create very fast optimized code but not the hi-ultimative code, for each $mode one. - $gen_hi_opt_code = (bool)( count($lambda_functions) < 10); + $gen_hi_opt_code = (bool)(count($lambda_functions) < 10); - switch (true) { - case $gen_hi_opt_code: - $code_hash = md5(str_pad("Crypt_Blowfish, {$this->mode}, ", 32, "\0") . $this->key); - break; - default: - $code_hash = "Crypt_Blowfish, {$this->mode}"; + // Generation of a unique hash for our generated code + $code_hash = "Crypt_Blowfish, {$this->mode}"; + if ($gen_hi_opt_code) { + $code_hash = str_pad($code_hash, 32) . $this->_hashInlineCryptFunction($this->key); } if (!isset($lambda_functions[$code_hash])) { @@ -673,6 +586,3 @@ class Crypt_Blowfish extends Crypt_Base { $this->inline_crypt = $lambda_functions[$code_hash]; } } - -// vim: ts=4:sw=4:et: -// vim6: fdl=1: diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/DES.php b/plugins/OStatus/extlib/phpseclib/Crypt/DES.php index 8b04210659..14273d2889 100644 --- a/plugins/OStatus/extlib/phpseclib/Crypt/DES.php +++ b/plugins/OStatus/extlib/phpseclib/Crypt/DES.php @@ -1,12 +1,11 @@ * setKey('abcdefgh'); * @@ -33,170 +32,87 @@ * ?> * * - * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @category Crypt - * @package Crypt_DES - * @author Jim Wigginton - * @copyright MMVII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package DES + * @author Jim Wigginton + * @copyright 2007 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ -/** - * Include Crypt_Base - * - * Base cipher class - */ -if (!class_exists('Crypt_Base')) { - require_once('Base.php'); -} - -/**#@+ - * @access private - * @see Crypt_DES::_setupKey() - * @see Crypt_DES::_processBlock() - */ -/** - * Contains $keys[CRYPT_DES_ENCRYPT] - */ -define('CRYPT_DES_ENCRYPT', 0); -/** - * Contains $keys[CRYPT_DES_DECRYPT] - */ -define('CRYPT_DES_DECRYPT', 1); -/**#@-*/ - -/**#@+ - * @access public - * @see Crypt_DES::encrypt() - * @see Crypt_DES::decrypt() - */ -/** - * Encrypt / decrypt using the Counter mode. - * - * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 - */ -define('CRYPT_DES_MODE_CTR', CRYPT_MODE_CTR); -/** - * Encrypt / decrypt using the Electronic Code Book mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 - */ -define('CRYPT_DES_MODE_ECB', CRYPT_MODE_ECB); -/** - * Encrypt / decrypt using the Code Book Chaining mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 - */ -define('CRYPT_DES_MODE_CBC', CRYPT_MODE_CBC); -/** - * Encrypt / decrypt using the Cipher Feedback mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 - */ -define('CRYPT_DES_MODE_CFB', CRYPT_MODE_CFB); -/** - * Encrypt / decrypt using the Cipher Feedback mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 - */ -define('CRYPT_DES_MODE_OFB', CRYPT_MODE_OFB); -/**#@-*/ - -/**#@+ - * @access private - * @see Crypt_DES::Crypt_DES() - */ -/** - * Toggles the internal implementation - */ -define('CRYPT_DES_MODE_INTERNAL', CRYPT_MODE_INTERNAL); -/** - * Toggles the mcrypt implementation - */ -define('CRYPT_DES_MODE_MCRYPT', CRYPT_MODE_MCRYPT); -/**#@-*/ +namespace phpseclib\Crypt; /** * Pure-PHP implementation of DES. * + * @package DES * @author Jim Wigginton - * @version 0.1.0 * @access public - * @package Crypt_DES */ -class Crypt_DES extends Crypt_Base { +class DES extends Base +{ + /**#@+ + * @access private + * @see \phpseclib\Crypt\DES::_setupKey() + * @see \phpseclib\Crypt\DES::_processBlock() + */ + /** + * Contains $keys[self::ENCRYPT] + */ + const ENCRYPT = 0; + /** + * Contains $keys[self::DECRYPT] + */ + const DECRYPT = 1; + /**#@-*/ + /** * Block Length of the cipher * - * @see Crypt_Base::block_size - * @var Integer + * @see \phpseclib\Crypt\Base::block_size + * @var int * @access private */ var $block_size = 8; /** - * The Key + * Key Length (in bytes) * - * @see Crypt_Base::key - * @see setKey() - * @var String + * @see \phpseclib\Crypt\Base::setKeyLength() + * @var int * @access private */ - var $key = "\0\0\0\0\0\0\0\0"; - - /** - * The default password key_size used by setPassword() - * - * @see Crypt_Base::password_key_size - * @see Crypt_Base::setPassword() - * @var Integer - * @access private - */ - var $password_key_size = 8; - - /** - * The namespace used by the cipher for its constants. - * - * @see Crypt_Base::const_namespace - * @var String - * @access private - */ - var $const_namespace = 'DES'; + var $key_length = 8; /** * The mcrypt specific name of the cipher * - * @see Crypt_Base::cipher_name_mcrypt - * @var String + * @see \phpseclib\Crypt\Base::cipher_name_mcrypt + * @var string * @access private */ var $cipher_name_mcrypt = 'des'; + /** + * The OpenSSL names of the cipher / modes + * + * @see \phpseclib\Crypt\Base::openssl_mode_names + * @var array + * @access private + */ + var $openssl_mode_names = array( + self::MODE_ECB => 'des-ecb', + self::MODE_CBC => 'des-cbc', + self::MODE_CFB => 'des-cfb', + self::MODE_OFB => 'des-ofb' + // self::MODE_CTR is undefined for DES + ); + /** * Optimizing value while CFB-encrypting * - * @see Crypt_Base::cfb_init_len - * @var Integer + * @see \phpseclib\Crypt\Base::cfb_init_len + * @var int * @access private */ var $cfb_init_len = 500; @@ -204,11 +120,11 @@ class Crypt_DES extends Crypt_Base { /** * Switch for DES/3DES encryption * - * Used only if $engine == CRYPT_DES_MODE_INTERNAL + * Used only if $engine == self::ENGINE_INTERNAL * - * @see Crypt_DES::_setupKey() - * @see Crypt_DES::_processBlock() - * @var Integer + * @see self::_setupKey() + * @see self::_processBlock() + * @var int * @access private */ var $des_rounds = 1; @@ -216,17 +132,17 @@ class Crypt_DES extends Crypt_Base { /** * max possible size of $key * - * @see Crypt_DES::setKey() - * @var String + * @see self::setKey() + * @var string * @access private */ - var $key_size_max = 8; + var $key_length_max = 8; /** * The Key Schedule * - * @see Crypt_DES::_setupKey() - * @var Array + * @see self::_setupKey() + * @var array * @access private */ var $keys; @@ -238,9 +154,9 @@ class Crypt_DES extends Crypt_Base { * with each byte containing all bits in the same state as the * corresponding bit in the index value. * - * @see Crypt_DES::_processBlock() - * @see Crypt_DES::_setupKey() - * @var Array + * @see self::_processBlock() + * @see self::_setupKey() + * @var array * @access private */ var $shuffle = array( @@ -379,7 +295,7 @@ class Crypt_DES extends Crypt_Base { * * Indexing this table with each source byte performs the initial bit permutation. * - * @var Array + * @var array * @access private */ var $ipmap = array( @@ -421,7 +337,7 @@ class Crypt_DES extends Crypt_Base { * Inverse IP mapping helper table. * Indexing this table with a byte value reverses the bit order. * - * @var Array + * @var array * @access private */ var $invipmap = array( @@ -465,7 +381,7 @@ class Crypt_DES extends Crypt_Base { * Each box ($sbox1-$sbox8) has been vectorized, then each value pre-permuted using the * P table: concatenation can then be replaced by exclusive ORs. * - * @var Array + * @var array * @access private */ var $sbox1 = array( @@ -490,7 +406,7 @@ class Crypt_DES extends Crypt_Base { /** * Pre-permuted S-box2 * - * @var Array + * @var array * @access private */ var $sbox2 = array( @@ -515,7 +431,7 @@ class Crypt_DES extends Crypt_Base { /** * Pre-permuted S-box3 * - * @var Array + * @var array * @access private */ var $sbox3 = array( @@ -540,7 +456,7 @@ class Crypt_DES extends Crypt_Base { /** * Pre-permuted S-box4 * - * @var Array + * @var array * @access private */ var $sbox4 = array( @@ -565,7 +481,7 @@ class Crypt_DES extends Crypt_Base { /** * Pre-permuted S-box5 * - * @var Array + * @var array * @access private */ var $sbox5 = array( @@ -590,7 +506,7 @@ class Crypt_DES extends Crypt_Base { /** * Pre-permuted S-box6 * - * @var Array + * @var array * @access private */ var $sbox6 = array( @@ -615,7 +531,7 @@ class Crypt_DES extends Crypt_Base { /** * Pre-permuted S-box7 * - * @var Array + * @var array * @access private */ var $sbox7 = array( @@ -640,7 +556,7 @@ class Crypt_DES extends Crypt_Base { /** * Pre-permuted S-box8 * - * @var Array + * @var array * @access private */ var $sbox8 = array( @@ -665,52 +581,56 @@ class Crypt_DES extends Crypt_Base { /** * Default Constructor. * - * Determines whether or not the mcrypt extension should be used. - * - * $mode could be: - * - * - CRYPT_DES_MODE_ECB - * - * - CRYPT_DES_MODE_CBC - * - * - CRYPT_DES_MODE_CTR - * - * - CRYPT_DES_MODE_CFB - * - * - CRYPT_DES_MODE_OFB - * - * If not explictly set, CRYPT_DES_MODE_CBC will be used. - * - * @see Crypt_Base::Crypt_Base() - * @param optional Integer $mode + * @param int $mode * @access public + * @throws \InvalidArgumentException if an invalid / unsupported mode is provided */ - function Crypt_DES($mode = CRYPT_DES_MODE_CBC) + function __construct($mode) { - parent::Crypt_Base($mode); + if ($mode == self::MODE_STREAM) { + throw new \InvalidArgumentException('Block ciphers cannot be ran in stream mode'); + } + + parent::__construct($mode); + } + + /** + * Test for engine validity + * + * This is mainly just a wrapper to set things up for \phpseclib\Crypt\Base::isValidEngine() + * + * @see \phpseclib\Crypt\Base::isValidEngine() + * @param int $engine + * @access public + * @return bool + */ + function isValidEngine($engine) + { + if ($this->key_length_max == 8) { + if ($engine == self::ENGINE_OPENSSL) { + $this->cipher_name_openssl_ecb = 'des-ecb'; + $this->cipher_name_openssl = 'des-' . $this->_openssl_translate_mode(); + } + } + + return parent::isValidEngine($engine); } /** * Sets the key. * - * Keys can be of any length. DES, itself, uses 64-bit keys (eg. strlen($key) == 8), however, we - * only use the first eight, if $key has more then eight characters in it, and pad $key with the - * null byte if it is less then eight characters long. + * Keys must be 64-bits long or 8 bytes long. * * DES also requires that every eighth bit be a parity bit, however, we'll ignore that. * - * If the key is not explicitly set, it'll be assumed to be all zero's. - * - * @see Crypt_Base::setKey() + * @see \phpseclib\Crypt\Base::setKey() * @access public - * @param String $key + * @param string $key */ function setKey($key) { - // We check/cut here only up to max length of the key. - // Key padding to the proper length will be done in _setupKey() - if (strlen($key) > $this->key_size_max) { - $key = substr($key, 0, $this->key_size_max); + if (!($this instanceof TripleDES) && strlen($key) != 8) { + throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of size 8 are supported'); } // Sets the key @@ -720,46 +640,46 @@ class Crypt_DES extends Crypt_Base { /** * Encrypts a block * - * @see Crypt_Base::_encryptBlock() - * @see Crypt_Base::encrypt() - * @see Crypt_DES::encrypt() + * @see \phpseclib\Crypt\Base::_encryptBlock() + * @see \phpseclib\Crypt\Base::encrypt() + * @see self::encrypt() * @access private - * @param String $in - * @return String + * @param string $in + * @return string */ function _encryptBlock($in) { - return $this->_processBlock($in, CRYPT_DES_ENCRYPT); + return $this->_processBlock($in, self::ENCRYPT); } /** * Decrypts a block * - * @see Crypt_Base::_decryptBlock() - * @see Crypt_Base::decrypt() - * @see Crypt_DES::decrypt() + * @see \phpseclib\Crypt\Base::_decryptBlock() + * @see \phpseclib\Crypt\Base::decrypt() + * @see self::decrypt() * @access private - * @param String $in - * @return String + * @param string $in + * @return string */ function _decryptBlock($in) { - return $this->_processBlock($in, CRYPT_DES_DECRYPT); + return $this->_processBlock($in, self::DECRYPT); } /** * Encrypts or decrypts a 64-bit block * - * $mode should be either CRYPT_DES_ENCRYPT or CRYPT_DES_DECRYPT. See + * $mode should be either self::ENCRYPT or self::DECRYPT. See * {@link http://en.wikipedia.org/wiki/Image:Feistel.png Feistel.png} to get a general * idea of what this function does. * - * @see Crypt_DES::_encryptBlock() - * @see Crypt_DES::_decryptBlock() + * @see self::_encryptBlock() + * @see self::_decryptBlock() * @access private - * @param String $block - * @param Integer $mode - * @return String + * @param string $block + * @param int $mode + * @return string */ function _processBlock($block, $mode) { @@ -839,7 +759,7 @@ class Crypt_DES extends Crypt_Base { /** * Creates the key schedule * - * @see Crypt_Base::_setupKey() + * @see \phpseclib\Crypt\Base::_setupKey() * @access private */ function _setupKey() @@ -1320,8 +1240,8 @@ class Crypt_DES extends Crypt_Base { $d = (($key['d'] >> 4) & 0x0FFFFFF0) | ($key['c'] & 0x0F); $keys[$des_round] = array( - CRYPT_DES_ENCRYPT => array(), - CRYPT_DES_DECRYPT => array_fill(0, 32, 0) + self::ENCRYPT => array(), + self::DECRYPT => array_fill(0, 32, 0) ); for ($i = 0, $ki = 31; $i < 16; ++$i, $ki-= 2) { $c <<= $shifts[$i]; @@ -1336,35 +1256,37 @@ class Crypt_DES extends Crypt_Base { $pc2mapd3[($d >> 8) & 0xFF] | $pc2mapd4[ $d & 0xFF]; // Reorder: odd bytes/even bytes. Push the result in key schedule. - $keys[$des_round][CRYPT_DES_ENCRYPT][ ] = - $keys[$des_round][CRYPT_DES_DECRYPT][$ki - 1] = ( $cp & 0xFF000000) | (($cp << 8) & 0x00FF0000) | - (($dp >> 16) & 0x0000FF00) | (($dp >> 8) & 0x000000FF); - $keys[$des_round][CRYPT_DES_ENCRYPT][ ] = - $keys[$des_round][CRYPT_DES_DECRYPT][$ki ] = (($cp << 8) & 0xFF000000) | (($cp << 16) & 0x00FF0000) | - (($dp >> 8) & 0x0000FF00) | ( $dp & 0x000000FF); + $val1 = ( $cp & 0xFF000000) | (($cp << 8) & 0x00FF0000) | + (($dp >> 16) & 0x0000FF00) | (($dp >> 8) & 0x000000FF); + $val2 = (($cp << 8) & 0xFF000000) | (($cp << 16) & 0x00FF0000) | + (($dp >> 8) & 0x0000FF00) | ( $dp & 0x000000FF); + $keys[$des_round][self::ENCRYPT][ ] = $val1; + $keys[$des_round][self::DECRYPT][$ki - 1] = $val1; + $keys[$des_round][self::ENCRYPT][ ] = $val2; + $keys[$des_round][self::DECRYPT][$ki ] = $val2; } } switch ($this->des_rounds) { case 3: // 3DES keys $this->keys = array( - CRYPT_DES_ENCRYPT => array_merge( - $keys[0][CRYPT_DES_ENCRYPT], - $keys[1][CRYPT_DES_DECRYPT], - $keys[2][CRYPT_DES_ENCRYPT] + self::ENCRYPT => array_merge( + $keys[0][self::ENCRYPT], + $keys[1][self::DECRYPT], + $keys[2][self::ENCRYPT] ), - CRYPT_DES_DECRYPT => array_merge( - $keys[2][CRYPT_DES_DECRYPT], - $keys[1][CRYPT_DES_ENCRYPT], - $keys[0][CRYPT_DES_DECRYPT] + self::DECRYPT => array_merge( + $keys[2][self::DECRYPT], + $keys[1][self::ENCRYPT], + $keys[0][self::DECRYPT] ) ); break; // case 1: // DES keys default: $this->keys = array( - CRYPT_DES_ENCRYPT => $keys[0][CRYPT_DES_ENCRYPT], - CRYPT_DES_DECRYPT => $keys[0][CRYPT_DES_DECRYPT] + self::ENCRYPT => $keys[0][self::ENCRYPT], + self::DECRYPT => $keys[0][self::DECRYPT] ); } } @@ -1372,12 +1294,12 @@ class Crypt_DES extends Crypt_Base { /** * Setup the performance-optimized function for de/encrypt() * - * @see Crypt_Base::_setupInlineCrypt() + * @see \phpseclib\Crypt\Base::_setupInlineCrypt() * @access private */ function _setupInlineCrypt() { - $lambda_functions =& Crypt_DES::_getLambdaFunctions(); + $lambda_functions =& self::_getLambdaFunctions(); // Engine configuration for: // - DES ($des_rounds == 1) or @@ -1385,21 +1307,20 @@ class Crypt_DES extends Crypt_Base { $des_rounds = $this->des_rounds; // We create max. 10 hi-optimized code for memory reason. Means: For each $key one ultra fast inline-crypt function. + // (Currently, for DES, one generated $lambda_function cost on php5.5@32bit ~135kb unfreeable mem and ~230kb on php5.5@64bit) + // (Currently, for TripleDES, one generated $lambda_function cost on php5.5@32bit ~240kb unfreeable mem and ~340kb on php5.5@64bit) // After that, we'll still create very fast optimized code but not the hi-ultimative code, for each $mode one $gen_hi_opt_code = (bool)( count($lambda_functions) < 10 ); // Generation of a uniqe hash for our generated code - switch (true) { - case $gen_hi_opt_code: - // For hi-optimized code, we create for each combination of - // $mode, $des_rounds and $this->key its own encrypt/decrypt function. - $code_hash = md5(str_pad("Crypt_DES, $des_rounds, {$this->mode}, ", 32, "\0") . $this->key); - break; - default: - // After max 10 hi-optimized functions, we create generic - // (still very fast.. but not ultra) functions for each $mode/$des_rounds - // Currently 2 * 5 generic functions will be then max. possible. - $code_hash = "Crypt_DES, $des_rounds, {$this->mode}"; + $code_hash = "Crypt_DES, $des_rounds, {$this->mode}"; + if ($gen_hi_opt_code) { + // For hi-optimized code, we create for each combination of + // $mode, $des_rounds and $this->key its own encrypt/decrypt function. + // After max 10 hi-optimized functions, we create generic + // (still very fast.. but not ultra) functions for each $mode/$des_rounds + // Currently 2 * 5 generic functions will be then max. possible. + $code_hash = str_pad($code_hash, 32) . $this->_hashInlineCryptFunction($this->key); } // Is there a re-usable $lambda_functions in there? If not, we have to create it. @@ -1429,8 +1350,8 @@ class Crypt_DES extends Crypt_Base { // No futher initialisation of the $keys schedule is necessary. // That is the extra performance boost. $k = array( - CRYPT_DES_ENCRYPT => $this->keys[CRYPT_DES_ENCRYPT], - CRYPT_DES_DECRYPT => $this->keys[CRYPT_DES_DECRYPT] + self::ENCRYPT => $this->keys[self::ENCRYPT], + self::DECRYPT => $this->keys[self::DECRYPT] ); $init_encrypt = ''; $init_decrypt = ''; @@ -1439,22 +1360,21 @@ class Crypt_DES extends Crypt_Base { // In generic optimized code mode, we have to use, as the best compromise [currently], // our key schedule as $ke/$kd arrays. (with hardcoded indexes...) $k = array( - CRYPT_DES_ENCRYPT => array(), - CRYPT_DES_DECRYPT => array() + self::ENCRYPT => array(), + self::DECRYPT => array() ); - for ($i = 0, $c = count($this->keys[CRYPT_DES_ENCRYPT]); $i < $c; ++$i) { - $k[CRYPT_DES_ENCRYPT][$i] = '$ke[' . $i . ']'; - $k[CRYPT_DES_DECRYPT][$i] = '$kd[' . $i . ']'; + for ($i = 0, $c = count($this->keys[self::ENCRYPT]); $i < $c; ++$i) { + $k[self::ENCRYPT][$i] = '$ke[' . $i . ']'; + $k[self::DECRYPT][$i] = '$kd[' . $i . ']'; } - $init_encrypt = '$ke = $self->keys[CRYPT_DES_ENCRYPT];'; - $init_decrypt = '$kd = $self->keys[CRYPT_DES_DECRYPT];'; + $init_encrypt = '$ke = $self->keys[self::ENCRYPT];'; + $init_decrypt = '$kd = $self->keys[self::DECRYPT];'; break; } // Creating code for en- and decryption. $crypt_block = array(); - foreach (array(CRYPT_DES_ENCRYPT, CRYPT_DES_DECRYPT) as $c) { - + foreach (array(self::ENCRYPT, self::DECRYPT) as $c) { /* Do the initial IP permutation. */ $crypt_block[$c] = ' $in = unpack("N*", $in); @@ -1521,8 +1441,8 @@ class Crypt_DES extends Crypt_Base { 'init_crypt' => $init_crypt, 'init_encrypt' => $init_encrypt, 'init_decrypt' => $init_decrypt, - 'encrypt_block' => $crypt_block[CRYPT_DES_ENCRYPT], - 'decrypt_block' => $crypt_block[CRYPT_DES_DECRYPT] + 'encrypt_block' => $crypt_block[self::ENCRYPT], + 'decrypt_block' => $crypt_block[self::DECRYPT] ) ); } @@ -1531,6 +1451,3 @@ class Crypt_DES extends Crypt_Base { $this->inline_crypt = $lambda_functions[$code_hash]; } } - -// vim: ts=4:sw=4:et: -// vim6: fdl=1: diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/Hash.php b/plugins/OStatus/extlib/phpseclib/Crypt/Hash.php index 840fcd5088..080e8cd210 100644 --- a/plugins/OStatus/extlib/phpseclib/Crypt/Hash.php +++ b/plugins/OStatus/extlib/phpseclib/Crypt/Hash.php @@ -1,27 +1,19 @@ * setKey('abcdefg'); * @@ -29,82 +21,52 @@ * ?> * * - * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @category Crypt - * @package Crypt_Hash - * @author Jim Wigginton - * @copyright MMVII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package Hash + * @author Jim Wigginton + * @copyright 2015 Jim Wigginton + * @author Andreas Fischer + * @copyright 2015 Andreas Fischer + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ -/**#@+ - * @access private - * @see Crypt_Hash::Crypt_Hash() - */ -/** - * Toggles the internal implementation - */ -define('CRYPT_HASH_MODE_INTERNAL', 1); -/** - * Toggles the mhash() implementation, which has been deprecated on PHP 5.3.0+. - */ -define('CRYPT_HASH_MODE_MHASH', 2); -/** - * Toggles the hash() implementation, which works on PHP 5.1.2+. - */ -define('CRYPT_HASH_MODE_HASH', 3); -/**#@-*/ +namespace phpseclib\Crypt; + +use phpseclib\Math\BigInteger; +use phpseclib\Exception\UnsupportedAlgorithmException; /** - * Pure-PHP implementations of keyed-hash message authentication codes (HMACs) and various cryptographic hashing functions. - * + * @package Hash * @author Jim Wigginton - * @version 0.1.0 + * @author Andreas Fischer * @access public - * @package Crypt_Hash */ -class Crypt_Hash { +class Hash +{ /** - * Byte-length of compression blocks / key (Internal HMAC) + * Hash Parameter * - * @see Crypt_Hash::setAlgorithm() - * @var Integer + * @see self::setHash() + * @var int * @access private */ - var $b; + var $hashParam; /** * Byte-length of hash output (Internal HMAC) * - * @see Crypt_Hash::setHash() - * @var Integer + * @see self::setHash() + * @var int * @access private */ - var $l = false; + var $length; /** * Hash Algorithm * - * @see Crypt_Hash::setHash() - * @var String + * @see self::setHash() + * @var string * @access private */ var $hash; @@ -112,17 +74,30 @@ class Crypt_Hash { /** * Key * - * @see Crypt_Hash::setKey() - * @var String + * @see self::setKey() + * @var string * @access private */ var $key = false; + /** + * Initial Hash + * + * Used only for sha512/* + * + * @see self::_sha512() + * @var array + * @access private + */ + var $initial = false; + /** * Outer XOR (Internal HMAC) * - * @see Crypt_Hash::setKey() - * @var String + * Used only for sha512/* + * + * @see self::hash() + * @var string * @access private */ var $opad; @@ -130,8 +105,10 @@ class Crypt_Hash { /** * Inner XOR (Internal HMAC) * - * @see Crypt_Hash::setKey() - * @var String + * Used only for sha512/* + * + * @see self::hash() + * @var string * @access private */ var $ipad; @@ -139,26 +116,15 @@ class Crypt_Hash { /** * Default Constructor. * - * @param optional String $hash - * @return Crypt_Hash + * @param string $hash * @access public */ - function Crypt_Hash($hash = 'sha1') + function __construct($hash = 'sha256') { - if ( !defined('CRYPT_HASH_MODE') ) { - switch (true) { - case extension_loaded('hash'): - define('CRYPT_HASH_MODE', CRYPT_HASH_MODE_HASH); - break; - case extension_loaded('mhash'): - define('CRYPT_HASH_MODE', CRYPT_HASH_MODE_MHASH); - break; - default: - define('CRYPT_HASH_MODE', CRYPT_HASH_MODE_INTERNAL); - } - } - $this->setHash($hash); + + $this->ipad = str_repeat(chr(0x36), 128); + $this->opad = str_repeat(chr(0x5C), 128); } /** @@ -167,421 +133,171 @@ class Crypt_Hash { * Keys can be of any length. * * @access public - * @param optional String $key + * @param string $key */ function setKey($key = false) { $this->key = $key; } + /** + * Gets the hash function. + * + * As set by the constructor or by the setHash() method. + * + * @access public + * @return string + */ + function getHash() + { + return $this->hashParam; + } + /** * Sets the hash function. * * @access public - * @param String $hash + * @param string $hash */ function setHash($hash) { - $hash = strtolower($hash); + $this->hashParam = $hash = strtolower($hash); switch ($hash) { + case 'md2-96': case 'md5-96': case 'sha1-96': - $this->l = 12; // 96 / 8 = 12 + case 'sha256-96': + case 'sha512-96': + case 'sha512/224-96': + case 'sha512/256-96': + $hash = substr($hash, 0, -3); + $this->length = 12; // 96 / 8 = 12 break; case 'md2': case 'md5': - $this->l = 16; + $this->length = 16; break; case 'sha1': - $this->l = 20; + $this->length = 20; + break; + case 'sha224': + case 'sha512/224': + $this->length = 28; break; case 'sha256': - $this->l = 32; + case 'sha512/256': + $this->length = 32; break; case 'sha384': - $this->l = 48; + $this->length = 48; break; case 'sha512': - $this->l = 64; - } - - switch ($hash) { - case 'md2': - $mode = CRYPT_HASH_MODE == CRYPT_HASH_MODE_HASH && in_array('md2', hash_algos()) ? - CRYPT_HASH_MODE_HASH : CRYPT_HASH_MODE_INTERNAL; - break; - case 'sha384': - case 'sha512': - $mode = CRYPT_HASH_MODE == CRYPT_HASH_MODE_MHASH ? CRYPT_HASH_MODE_INTERNAL : CRYPT_HASH_MODE; + $this->length = 64; break; default: - $mode = CRYPT_HASH_MODE; - } - - switch ( $mode ) { - case CRYPT_HASH_MODE_MHASH: - switch ($hash) { - case 'md5': - case 'md5-96': - $this->hash = MHASH_MD5; - break; - case 'sha256': - $this->hash = MHASH_SHA256; - break; - case 'sha1': - case 'sha1-96': - default: - $this->hash = MHASH_SHA1; + // see if the hash isn't "officially" supported see if it can + // be "unofficially" supported and calculate the length + // accordingly. + if (in_array($hash, hash_algos())) { + $this->length = strlen(hash($hash, '', true)); + break; } - return; - case CRYPT_HASH_MODE_HASH: - switch ($hash) { - case 'md5': - case 'md5-96': - $this->hash = 'md5'; - return; - case 'md2': - case 'sha256': - case 'sha384': - case 'sha512': - $this->hash = $hash; - return; - case 'sha1': - case 'sha1-96': - default: - $this->hash = 'sha1'; + // if the hash algorithm doens't exist maybe it's a truncated + // hash, e.g. whirlpool-12 or some such. + if (preg_match('#(-\d+)$#', $hash, $matches)) { + $hash = substr($hash, 0, -strlen($matches[1])); + if (in_array($hash, hash_algos())) { + $this->length = abs($matches[1]) >> 3; + break; + } } - return; + throw new UnsupportedAlgorithmException( + "$hash is not a supported algorithm" + ); } - switch ($hash) { - case 'md2': - $this->b = 16; - $this->hash = array($this, '_md2'); - break; - case 'md5': - case 'md5-96': - $this->b = 64; - $this->hash = array($this, '_md5'); - break; - case 'sha256': - $this->b = 64; - $this->hash = array($this, '_sha256'); - break; - case 'sha384': - case 'sha512': - $this->b = 128; - $this->hash = array($this, '_sha512'); - break; - case 'sha1': - case 'sha1-96': - default: - $this->b = 64; - $this->hash = array($this, '_sha1'); + if ($hash == 'sha512/224' || $hash == 'sha512/256') { + // from http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf#page=24 + $this->initial = $hash == 'sha512/256' ? + array( + '22312194FC2BF72C', '9F555FA3C84C64C2', '2393B86B6F53B151', '963877195940EABD', + '96283EE2A88EFFE3', 'BE5E1E2553863992', '2B0199FC2C85B8AA', '0EB72DDC81C52CA2' + ) : + array( + '8C3D37C819544DA2', '73E1996689DCD4D6', '1DFAB7AE32FF9C82', '679DD514582F9FCF', + '0F6D2B697BD44DA8', '77E36F7304C48942', '3F9D85A86A1D36C8', '1112E6AD91D692A1' + ); + for ($i = 0; $i < 8; $i++) { + $this->initial[$i] = new BigInteger($this->initial[$i], 16); + $this->initial[$i]->setPrecision(64); + } } - $this->ipad = str_repeat(chr(0x36), $this->b); - $this->opad = str_repeat(chr(0x5C), $this->b); + $this->hash = $hash; } /** * Compute the HMAC. * * @access public - * @param String $text - * @return String + * @param string $text + * @return string */ function hash($text) { - $mode = is_array($this->hash) ? CRYPT_HASH_MODE_INTERNAL : CRYPT_HASH_MODE; + switch ($this->hash) { + case 'sha512/224': + case 'sha512/256': + if (empty($this->key) || !is_string($this->key)) { + return substr(self::_sha512($text, $this->initial), 0, $this->length); + } + /* "Applications that use keys longer than B bytes will first hash the key using H and then use the + resultant L byte string as the actual key to HMAC." - if (!empty($this->key) || is_string($this->key)) { - switch ( $mode ) { - case CRYPT_HASH_MODE_MHASH: - $output = mhash($this->hash, $text, $this->key); - break; - case CRYPT_HASH_MODE_HASH: - $output = hash_hmac($this->hash, $text, $this->key, true); - break; - case CRYPT_HASH_MODE_INTERNAL: - /* "Applications that use keys longer than B bytes will first hash the key using H and then use the - resultant L byte string as the actual key to HMAC." + -- http://tools.ietf.org/html/rfc2104#section-2 */ + $key = strlen($this->key) > $this->b ? self::_sha512($this->key, $this->initial) : $this->key; - -- http://tools.ietf.org/html/rfc2104#section-2 */ - $key = strlen($this->key) > $this->b ? call_user_func($this->hash, $this->key) : $this->key; + $key = str_pad($this->key, 128, chr(0)); // step 1 + $temp = $this->ipad ^ $this->key; // step 2 + $temp .= $text; // step 3 + $temp = self::_sha512($temp, $this->initial); // step 4 + $output = $this->opad ^ $this->key; // step 5 + $output.= $temp; // step 6 + $output = self::_sha512($output, $this->initial); // step 7 - $key = str_pad($key, $this->b, chr(0)); // step 1 - $temp = $this->ipad ^ $key; // step 2 - $temp .= $text; // step 3 - $temp = call_user_func($this->hash, $temp); // step 4 - $output = $this->opad ^ $key; // step 5 - $output.= $temp; // step 6 - $output = call_user_func($this->hash, $output); // step 7 - } - } else { - switch ( $mode ) { - case CRYPT_HASH_MODE_MHASH: - $output = mhash($this->hash, $text); - break; - case CRYPT_HASH_MODE_HASH: - $output = hash($this->hash, $text, true); - break; - case CRYPT_HASH_MODE_INTERNAL: - $output = call_user_func($this->hash, $text); - } + return substr($output, 0, $this->length); } + $output = !empty($this->key) || is_string($this->key) ? + hash_hmac($this->hash, $text, $this->key, true) : + hash($this->hash, $text, true); - return substr($output, 0, $this->l); + return strlen($output) > $this->length + ? substr($output, 0, $this->length) + : $output; } /** * Returns the hash length (in bytes) * * @access public - * @return Integer + * @return int */ function getLength() { - return $this->l; + return $this->length; } /** - * Wrapper for MD5 + * Pure-PHP implementation of SHA512 * * @access private - * @param String $m + * @param string $m */ - function _md5($m) + static function _sha512($m, $hash) { - return pack('H*', md5($m)); - } - - /** - * Wrapper for SHA1 - * - * @access private - * @param String $m - */ - function _sha1($m) - { - return pack('H*', sha1($m)); - } - - /** - * Pure-PHP implementation of MD2 - * - * See {@link http://tools.ietf.org/html/rfc1319 RFC1319}. - * - * @access private - * @param String $m - */ - function _md2($m) - { - static $s = array( - 41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6, - 19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188, - 76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24, - 138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251, - 245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63, - 148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50, - 39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165, - 181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210, - 150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157, - 112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27, - 96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15, - 85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197, - 234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65, - 129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123, - 8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233, - 203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228, - 166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237, - 31, 26, 219, 153, 141, 51, 159, 17, 131, 20 - ); - - // Step 1. Append Padding Bytes - $pad = 16 - (strlen($m) & 0xF); - $m.= str_repeat(chr($pad), $pad); - - $length = strlen($m); - - // Step 2. Append Checksum - $c = str_repeat(chr(0), 16); - $l = chr(0); - for ($i = 0; $i < $length; $i+= 16) { - for ($j = 0; $j < 16; $j++) { - // RFC1319 incorrectly states that C[j] should be set to S[c xor L] - //$c[$j] = chr($s[ord($m[$i + $j] ^ $l)]); - // per , however, C[j] should be set to S[c xor L] xor C[j] - $c[$j] = chr($s[ord($m[$i + $j] ^ $l)] ^ ord($c[$j])); - $l = $c[$j]; - } - } - $m.= $c; - - $length+= 16; - - // Step 3. Initialize MD Buffer - $x = str_repeat(chr(0), 48); - - // Step 4. Process Message in 16-Byte Blocks - for ($i = 0; $i < $length; $i+= 16) { - for ($j = 0; $j < 16; $j++) { - $x[$j + 16] = $m[$i + $j]; - $x[$j + 32] = $x[$j + 16] ^ $x[$j]; - } - $t = chr(0); - for ($j = 0; $j < 18; $j++) { - for ($k = 0; $k < 48; $k++) { - $x[$k] = $t = $x[$k] ^ chr($s[ord($t)]); - //$t = $x[$k] = $x[$k] ^ chr($s[ord($t)]); - } - $t = chr(ord($t) + $j); - } - } - - // Step 5. Output - return substr($x, 0, 16); - } - - /** - * Pure-PHP implementation of SHA256 - * - * See {@link http://en.wikipedia.org/wiki/SHA_hash_functions#SHA-256_.28a_SHA-2_variant.29_pseudocode SHA-256 (a SHA-2 variant) pseudocode - Wikipedia}. - * - * @access private - * @param String $m - */ - function _sha256($m) - { - if (extension_loaded('suhosin')) { - return pack('H*', sha256($m)); - } - - // Initialize variables - $hash = array( - 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 - ); - // Initialize table of round constants - // (first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311) - static $k = array( - 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, - 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, - 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, - 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, - 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, - 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, - 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, - 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 - ); - - // Pre-processing - $length = strlen($m); - // to round to nearest 56 mod 64, we'll add 64 - (length + (64 - 56)) % 64 - $m.= str_repeat(chr(0), 64 - (($length + 8) & 0x3F)); - $m[$length] = chr(0x80); - // we don't support hashing strings 512MB long - $m.= pack('N2', 0, $length << 3); - - // Process the message in successive 512-bit chunks - $chunks = str_split($m, 64); - foreach ($chunks as $chunk) { - $w = array(); - for ($i = 0; $i < 16; $i++) { - extract(unpack('Ntemp', $this->_string_shift($chunk, 4))); - $w[] = $temp; - } - - // Extend the sixteen 32-bit words into sixty-four 32-bit words - for ($i = 16; $i < 64; $i++) { - $s0 = $this->_rightRotate($w[$i - 15], 7) ^ - $this->_rightRotate($w[$i - 15], 18) ^ - $this->_rightShift( $w[$i - 15], 3); - $s1 = $this->_rightRotate($w[$i - 2], 17) ^ - $this->_rightRotate($w[$i - 2], 19) ^ - $this->_rightShift( $w[$i - 2], 10); - $w[$i] = $this->_add($w[$i - 16], $s0, $w[$i - 7], $s1); - - } - - // Initialize hash value for this chunk - list($a, $b, $c, $d, $e, $f, $g, $h) = $hash; - - // Main loop - for ($i = 0; $i < 64; $i++) { - $s0 = $this->_rightRotate($a, 2) ^ - $this->_rightRotate($a, 13) ^ - $this->_rightRotate($a, 22); - $maj = ($a & $b) ^ - ($a & $c) ^ - ($b & $c); - $t2 = $this->_add($s0, $maj); - - $s1 = $this->_rightRotate($e, 6) ^ - $this->_rightRotate($e, 11) ^ - $this->_rightRotate($e, 25); - $ch = ($e & $f) ^ - ($this->_not($e) & $g); - $t1 = $this->_add($h, $s1, $ch, $k[$i], $w[$i]); - - $h = $g; - $g = $f; - $f = $e; - $e = $this->_add($d, $t1); - $d = $c; - $c = $b; - $b = $a; - $a = $this->_add($t1, $t2); - } - - // Add this chunk's hash to result so far - $hash = array( - $this->_add($hash[0], $a), - $this->_add($hash[1], $b), - $this->_add($hash[2], $c), - $this->_add($hash[3], $d), - $this->_add($hash[4], $e), - $this->_add($hash[5], $f), - $this->_add($hash[6], $g), - $this->_add($hash[7], $h) - ); - } - - // Produce the final hash value (big-endian) - return pack('N8', $hash[0], $hash[1], $hash[2], $hash[3], $hash[4], $hash[5], $hash[6], $hash[7]); - } - - /** - * Pure-PHP implementation of SHA384 and SHA512 - * - * @access private - * @param String $m - */ - function _sha512($m) - { - if (!class_exists('Math_BigInteger')) { - require_once('Math/BigInteger.php'); - } - - static $init384, $init512, $k; + static $k; if (!isset($k)) { - // Initialize variables - $init384 = array( // initial values for SHA384 - 'cbbb9d5dc1059ed8', '629a292a367cd507', '9159015a3070dd17', '152fecd8f70e5939', - '67332667ffc00b31', '8eb44a8768581511', 'db0c2e0d64f98fa7', '47b5481dbefa4fa4' - ); - $init512 = array( // initial values for SHA512 - '6a09e667f3bcc908', 'bb67ae8584caa73b', '3c6ef372fe94f82b', 'a54ff53a5f1d36f1', - '510e527fade682d1', '9b05688c2b3e6c1f', '1f83d9abfb41bd6b', '5be0cd19137e2179' - ); - - for ($i = 0; $i < 8; $i++) { - $init384[$i] = new Math_BigInteger($init384[$i], 16); - $init384[$i]->setPrecision(64); - $init512[$i] = new Math_BigInteger($init512[$i], 16); - $init512[$i]->setPrecision(64); - } - // Initialize table of round constants // (first 64 bits of the fractional parts of the cube roots of the first 80 primes 2..409) $k = array( @@ -608,12 +324,10 @@ class Crypt_Hash { ); for ($i = 0; $i < 80; $i++) { - $k[$i] = new Math_BigInteger($k[$i], 16); + $k[$i] = new BigInteger($k[$i], 16); } } - $hash = $this->l == 48 ? $init384 : $init512; - // Pre-processing $length = strlen($m); // to round to nearest 112 mod 128, we'll add 128 - (length + (128 - 112)) % 128 @@ -627,7 +341,7 @@ class Crypt_Hash { foreach ($chunks as $chunk) { $w = array(); for ($i = 0; $i < 16; $i++) { - $temp = new Math_BigInteger($this->_string_shift($chunk, 8), 256); + $temp = new BigInteger(self::_string_shift($chunk, 8), 256); $temp->setPrecision(64); $w[] = $temp; } @@ -648,21 +362,21 @@ class Crypt_Hash { ); $s1 = $temp[0]->bitwise_xor($temp[1]); $s1 = $s1->bitwise_xor($temp[2]); - $w[$i] = $w[$i - 16]->copy(); + $w[$i] = clone $w[$i - 16]; $w[$i] = $w[$i]->add($s0); $w[$i] = $w[$i]->add($w[$i - 7]); $w[$i] = $w[$i]->add($s1); } // Initialize hash value for this chunk - $a = $hash[0]->copy(); - $b = $hash[1]->copy(); - $c = $hash[2]->copy(); - $d = $hash[3]->copy(); - $e = $hash[4]->copy(); - $f = $hash[5]->copy(); - $g = $hash[6]->copy(); - $h = $hash[7]->copy(); + $a = clone $hash[0]; + $b = clone $hash[1]; + $c = clone $hash[2]; + $d = clone $hash[3]; + $e = clone $hash[4]; + $f = clone $hash[5]; + $g = clone $hash[6]; + $h = clone $hash[7]; // Main loop for ($i = 0; $i < 80; $i++) { @@ -699,13 +413,13 @@ class Crypt_Hash { $t1 = $t1->add($k[$i]); $t1 = $t1->add($w[$i]); - $h = $g->copy(); - $g = $f->copy(); - $f = $e->copy(); + $h = clone $g; + $g = clone $f; + $f = clone $e; $e = $d->add($t1); - $d = $c->copy(); - $c = $b->copy(); - $b = $a->copy(); + $d = clone $c; + $c = clone $b; + $b = clone $a; $a = $t1->add($t2); } @@ -723,98 +437,24 @@ class Crypt_Hash { } // Produce the final hash value (big-endian) - // (Crypt_Hash::hash() trims the output for hashes but not for HMACs. as such, we trim the output here) + // (\phpseclib\Crypt\Hash::hash() trims the output for hashes but not for HMACs. as such, we trim the output here) $temp = $hash[0]->toBytes() . $hash[1]->toBytes() . $hash[2]->toBytes() . $hash[3]->toBytes() . - $hash[4]->toBytes() . $hash[5]->toBytes(); - if ($this->l != 48) { - $temp.= $hash[6]->toBytes() . $hash[7]->toBytes(); - } + $hash[4]->toBytes() . $hash[5]->toBytes() . $hash[6]->toBytes() . $hash[7]->toBytes(); return $temp; } - /** - * Right Rotate - * - * @access private - * @param Integer $int - * @param Integer $amt - * @see _sha256() - * @return Integer - */ - function _rightRotate($int, $amt) - { - $invamt = 32 - $amt; - $mask = (1 << $invamt) - 1; - return (($int << $invamt) & 0xFFFFFFFF) | (($int >> $amt) & $mask); - } - - /** - * Right Shift - * - * @access private - * @param Integer $int - * @param Integer $amt - * @see _sha256() - * @return Integer - */ - function _rightShift($int, $amt) - { - $mask = (1 << (32 - $amt)) - 1; - return ($int >> $amt) & $mask; - } - - /** - * Not - * - * @access private - * @param Integer $int - * @see _sha256() - * @return Integer - */ - function _not($int) - { - return ~$int & 0xFFFFFFFF; - } - - /** - * Add - * - * _sha256() adds multiple unsigned 32-bit integers. Since PHP doesn't support unsigned integers and since the - * possibility of overflow exists, care has to be taken. Math_BigInteger() could be used but this should be faster. - * - * @param Integer $... - * @return Integer - * @see _sha256() - * @access private - */ - function _add() - { - static $mod; - if (!isset($mod)) { - $mod = pow(2, 32); - } - - $result = 0; - $arguments = func_get_args(); - foreach ($arguments as $argument) { - $result+= $argument < 0 ? ($argument & 0x7FFFFFFF) + 0x80000000 : $argument; - } - - return fmod($result, $mod); - } - /** * String Shift * * Inspired by array_shift * - * @param String $string - * @param optional Integer $index - * @return String + * @param string $string + * @param int $index + * @return string * @access private */ - function _string_shift(&$string, $index = 1) + static function _string_shift(&$string, $index = 1) { $substr = substr($string, 0, $index); $string = substr($string, $index); diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RC2.php b/plugins/OStatus/extlib/phpseclib/Crypt/RC2.php index 5e0ca88c8f..648cf96a7c 100644 --- a/plugins/OStatus/extlib/phpseclib/Crypt/RC2.php +++ b/plugins/OStatus/extlib/phpseclib/Crypt/RC2.php @@ -1,12 +1,11 @@ * setKey('abcdefgh'); * @@ -27,106 +26,28 @@ * ?> * * - * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @category Crypt - * @package Crypt_RC2 - * @author Patrick Monnerat - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package RC2 + * @author Patrick Monnerat + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ -/** - * Include Crypt_Base - * - * Base cipher class - */ -if (!class_exists('Crypt_Base')) { - require_once('Base.php'); -} - -/**#@+ - * @access public - * @see Crypt_RC2::encrypt() - * @see Crypt_RC2::decrypt() - */ -/** - * Encrypt / decrypt using the Counter mode. - * - * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 - */ -define('CRYPT_RC2_MODE_CTR', CRYPT_MODE_CTR); -/** - * Encrypt / decrypt using the Electronic Code Book mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 - */ -define('CRYPT_RC2_MODE_ECB', CRYPT_MODE_ECB); -/** - * Encrypt / decrypt using the Code Book Chaining mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 - */ -define('CRYPT_RC2_MODE_CBC', CRYPT_MODE_CBC); -/** - * Encrypt / decrypt using the Cipher Feedback mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 - */ -define('CRYPT_RC2_MODE_CFB', CRYPT_MODE_CFB); -/** - * Encrypt / decrypt using the Cipher Feedback mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 - */ -define('CRYPT_RC2_MODE_OFB', CRYPT_MODE_OFB); -/**#@-*/ - -/**#@+ - * @access private - * @see Crypt_RC2::Crypt_RC2() - */ -/** - * Toggles the internal implementation - */ -define('CRYPT_RC2_MODE_INTERNAL', CRYPT_MODE_INTERNAL); -/** - * Toggles the mcrypt implementation - */ -define('CRYPT_RC2_MODE_MCRYPT', CRYPT_MODE_MCRYPT); -/**#@-*/ +namespace phpseclib\Crypt; /** * Pure-PHP implementation of RC2. * - * @version 0.1.1 + * @package RC2 * @access public - * @package Crypt_RC2 */ -class Crypt_RC2 extends Crypt_Base { +class RC2 extends Base +{ /** * Block Length of the cipher * - * @see Crypt_Base::block_size - * @var Integer + * @see \phpseclib\Crypt\Base::block_size + * @var int * @access private */ var $block_size = 8; @@ -134,37 +55,48 @@ class Crypt_RC2 extends Crypt_Base { /** * The Key * - * @see Crypt_Base::key - * @see setKey() - * @var String + * @see \phpseclib\Crypt\Base::key + * @see self::setKey() + * @var string * @access private */ - var $key = "\0"; + var $key; /** - * The default password key_size used by setPassword() + * The Original (unpadded) Key * - * @see Crypt_Base::password_key_size - * @see Crypt_Base::setPassword() - * @var Integer + * @see \phpseclib\Crypt\Base::key + * @see self::setKey() + * @see self::encrypt() + * @see self::decrypt() + * @var string * @access private */ - var $password_key_size = 16; // = 128 bits + var $orig_key; /** - * The namespace used by the cipher for its constants. + * Don't truncate / null pad key * - * @see Crypt_Base::const_namespace - * @var String + * @see \phpseclib\Crypt\Base::_clearBuffers() + * @var bool * @access private */ - var $const_namespace = 'RC2'; + var $skip_key_adjustment = true; + + /** + * Key Length (in bytes) + * + * @see \phpseclib\Crypt\RC2::setKeyLength() + * @var int + * @access private + */ + var $key_length = 16; // = 128 bits /** * The mcrypt specific name of the cipher * - * @see Crypt_Base::cipher_name_mcrypt - * @var String + * @see \phpseclib\Crypt\Base::cipher_name_mcrypt + * @var string * @access private */ var $cipher_name_mcrypt = 'rc2'; @@ -172,29 +104,40 @@ class Crypt_RC2 extends Crypt_Base { /** * Optimizing value while CFB-encrypting * - * @see Crypt_Base::cfb_init_len - * @var Integer + * @see \phpseclib\Crypt\Base::cfb_init_len + * @var int * @access private */ var $cfb_init_len = 500; -/** + /** * The key length in bits. * - * @see Crypt_RC2::setKeyLength() - * @see Crypt_RC2::setKey() - * @var Integer + * @see self::setKeyLength() + * @see self::setKey() + * @var int * @access private * @internal Should be in range [1..1024]. * @internal Changing this value after setting the key has no effect. */ var $default_key_length = 1024; + /** + * The key length in bits. + * + * @see self::isValidEnine() + * @see self::setKey() + * @var int + * @access private + * @internal Should be in range [1..1024]. + */ + var $current_key_length; + /** * The Key Schedule * - * @see Crypt_RC2::_setupKey() - * @var Array + * @see self::_setupKey() + * @var array * @access private */ var $keys; @@ -203,8 +146,8 @@ class Crypt_RC2 extends Crypt_Base { * Key expansion randomization table. * Twice the same 256-value sequence to save a modulus in key expansion. * - * @see Crypt_RC2::setKey() - * @var Array + * @see self::setKey() + * @var array * @access private */ var $pitable = array( @@ -277,8 +220,8 @@ class Crypt_RC2 extends Crypt_Base { /** * Inverse key expansion randomization table. * - * @see Crypt_RC2::setKey() - * @var Array + * @see self::setKey() + * @var array * @access private */ var $invpitable = array( @@ -319,53 +262,78 @@ class Crypt_RC2 extends Crypt_Base { /** * Default Constructor. * - * Determines whether or not the mcrypt extension should be used. - * - * $mode could be: - * - * - CRYPT_RC2_MODE_ECB - * - * - CRYPT_RC2_MODE_CBC - * - * - CRYPT_RC2_MODE_CTR - * - * - CRYPT_RC2_MODE_CFB - * - * - CRYPT_RC2_MODE_OFB - * - * If not explictly set, CRYPT_RC2_MODE_CBC will be used. - * - * @see Crypt_Base::Crypt_Base() - * @param optional Integer $mode + * @param int $mode * @access public + * @throws \InvalidArgumentException if an invalid / unsupported mode is provided */ - function Crypt_RC2($mode = CRYPT_RC2_MODE_CBC) + function __construct($mode) { - parent::Crypt_Base($mode); - $this->setKey(''); + if ($mode == self::MODE_STREAM) { + throw new \InvalidArgumentException('Block ciphers cannot be ran in stream mode'); + } + + parent::__construct($mode); } /** - * Sets the key length + * Test for engine validity * - * Valid key lengths are 1 to 1024. + * This is mainly just a wrapper to set things up for \phpseclib\Crypt\Base::isValidEngine() + * + * @see \phpseclib\Crypt\Base::__construct() + * @param int $engine + * @access public + * @return bool + */ + function isValidEngine($engine) + { + switch ($engine) { + case self::ENGINE_OPENSSL: + if ($this->current_key_length != 128 || strlen($this->orig_key) < 16) { + return false; + } + $this->cipher_name_openssl_ecb = 'rc2-ecb'; + $this->cipher_name_openssl = 'rc2-' . $this->_openssl_translate_mode(); + } + + return parent::isValidEngine($engine); + } + + /** + * Sets the key length. + * + * Valid key lengths are 8 to 1024. * Calling this function after setting the key has no effect until the next - * Crypt_RC2::setKey() call. + * \phpseclib\Crypt\RC2::setKey() call. * * @access public - * @param Integer $length in bits + * @param int $length in bits + * @throws \LengthException if the key length isn't supported */ function setKeyLength($length) { - if ($length >= 1 && $length <= 1024) { - $this->default_key_length = $length; + if ($length < 8 || $length > 1024) { + throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys between 1 and 1024 bits, inclusive, are supported'); } + + $this->default_key_length = $this->current_key_length = $length; + } + + /** + * Returns the current key length + * + * @access public + * @return int + */ + function getKeyLength() + { + return $this->current_key_length; } /** * Sets the key. * - * Keys can be of any length. RC2, itself, uses 1 to 1024 bit keys (eg. + * Keys can be of any length. RC2, itself, uses 8 to 1024 bit keys (eg. * strlen($key) <= 128), however, we only use the first 128 bytes if $key * has more then 128 bytes in it, and set $key to a single null byte if * it is empty. @@ -373,20 +341,27 @@ class Crypt_RC2 extends Crypt_Base { * If the key is not explicitly set, it'll be assumed to be a single * null byte. * - * @see Crypt_Base::setKey() + * @see \phpseclib\Crypt\Base::setKey() * @access public - * @param String $key - * @param Integer $t1 optional Effective key length in bits. + * @param string $key + * @param int $t1 optional Effective key length in bits. + * @throws \LengthException if the key length isn't supported */ - function setKey($key, $t1 = 0) + function setKey($key, $t1 = false) { - if ($t1 <= 0) { + $this->orig_key = $key; + + if ($t1 === false) { $t1 = $this->default_key_length; - } else if ($t1 > 1024) { - $t1 = 1024; } + + if ($t1 < 1 || $t1 > 1024) { + throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys between 1 and 1024 bits, inclusive, are supported'); + } + + $this->current_key_length = $t1; // Key byte count should be 1..128. - $key = strlen($key) ? substr($key, 0, 128): "\x00"; + $key = strlen($key) ? substr($key, 0, 128) : "\x00"; $t = strlen($key); // The mcrypt RC2 implementation only supports effective key length @@ -414,17 +389,64 @@ class Crypt_RC2 extends Crypt_Base { // Prepare the key for mcrypt. $l[0] = $this->invpitable[$l[0]]; array_unshift($l, 'C*'); + parent::setKey(call_user_func_array('pack', $l)); } + /** + * Encrypts a message. + * + * Mostly a wrapper for \phpseclib\Crypt\Base::encrypt, with some additional OpenSSL handling code + * + * @see self::decrypt() + * @access public + * @param string $plaintext + * @return string $ciphertext + */ + function encrypt($plaintext) + { + if ($this->engine == self::ENGINE_OPENSSL) { + $temp = $this->key; + $this->key = $this->orig_key; + $result = parent::encrypt($plaintext); + $this->key = $temp; + return $result; + } + + return parent::encrypt($plaintext); + } + + /** + * Decrypts a message. + * + * Mostly a wrapper for \phpseclib\Crypt\Base::decrypt, with some additional OpenSSL handling code + * + * @see self::encrypt() + * @access public + * @param string $ciphertext + * @return string $plaintext + */ + function decrypt($ciphertext) + { + if ($this->engine == self::ENGINE_OPENSSL) { + $temp = $this->key; + $this->key = $this->orig_key; + $result = parent::decrypt($ciphertext); + $this->key = $temp; + return $result; + } + + return parent::decrypt($ciphertext); + } + /** * Encrypts a block * - * @see Crypt_Base::_encryptBlock() - * @see Crypt_Base::encrypt() + * @see \phpseclib\Crypt\Base::_encryptBlock() + * @see \phpseclib\Crypt\Base::encrypt() * @access private - * @param String $in - * @return String + * @param string $in + * @return string */ function _encryptBlock($in) { @@ -445,8 +467,8 @@ class Crypt_RC2 extends Crypt_Base { $r3 = (($r3 + $keys[$j++] + ((($r0 ^ $r1) & $r2) ^ $r0)) & 0xFFFF) << 5; $r3 |= $r3 >> 16; - if ($j == $limit) { - if ($limit == 64) { + if ($j === $limit) { + if ($limit === 64) { break; } @@ -465,11 +487,11 @@ class Crypt_RC2 extends Crypt_Base { /** * Decrypts a block * - * @see Crypt_Base::_decryptBlock() - * @see Crypt_Base::decrypt() + * @see \phpseclib\Crypt\Base::_decryptBlock() + * @see \phpseclib\Crypt\Base::decrypt() * @access private - * @param String $in - * @return String + * @param string $in + * @return string */ function _decryptBlock($in) { @@ -490,8 +512,8 @@ class Crypt_RC2 extends Crypt_Base { $r0 = ($r0 | ($r0 << 16)) >> 1; $r0 = ($r0 - $keys[--$j] - ((($r1 ^ $r2) & $r3) ^ $r1)) & 0xFFFF; - if ($j == $limit) { - if (!$limit) { + if ($j === $limit) { + if ($limit === 0) { break; } @@ -507,15 +529,34 @@ class Crypt_RC2 extends Crypt_Base { return pack('vvvv', $r0, $r1, $r2, $r3); } + /** + * Setup the \phpseclib\Crypt\Base::ENGINE_MCRYPT $engine + * + * @see \phpseclib\Crypt\Base::_setupMcrypt() + * @access private + */ + function _setupMcrypt() + { + if (!isset($this->key)) { + $this->setKey(''); + } + + parent::_setupMcrypt(); + } + /** * Creates the key schedule * - * @see Crypt_Base::_setupKey() + * @see \phpseclib\Crypt\Base::_setupKey() * @access private */ function _setupKey() { - // Key has already been expanded in Crypt_RC2::setKey(): + if (!isset($this->key)) { + $this->setKey(''); + } + + // Key has already been expanded in \phpseclib\Crypt\RC2::setKey(): // Only the first value must be altered. $l = unpack('Ca/Cb/v*', $this->key); array_unshift($l, $this->pitable[$l['a']] | ($l['b'] << 8)); @@ -527,24 +568,24 @@ class Crypt_RC2 extends Crypt_Base { /** * Setup the performance-optimized function for de/encrypt() * - * @see Crypt_Base::_setupInlineCrypt() + * @see \phpseclib\Crypt\Base::_setupInlineCrypt() * @access private */ function _setupInlineCrypt() { - $lambda_functions = &Crypt_RC2::_getLambdaFunctions(); + $lambda_functions =& self::_getLambdaFunctions(); // The first 10 generated $lambda_functions will use the $keys hardcoded as integers // for the mixing rounds, for better inline crypt performance [~20% faster]. // But for memory reason we have to limit those ultra-optimized $lambda_functions to an amount of 10. - $keys = $this->keys; - if (count($lambda_functions) >= 10) { - foreach ($this->keys as $k => $v) { - $keys[$k] = '$keys[' . $k . ']'; - } - } + // (Currently, for Crypt_RC2, one generated $lambda_function cost on php5.5@32bit ~60kb unfreeable mem and ~100kb on php5.5@64bit) + $gen_hi_opt_code = (bool)(count($lambda_functions) < 10); - $code_hash = md5(str_pad("Crypt_RC2, {$this->mode}, ", 32, "\0") . implode(',', $keys)); + // Generation of a uniqe hash for our generated code + $code_hash = "Crypt_RC2, {$this->mode}"; + if ($gen_hi_opt_code) { + $code_hash = str_pad($code_hash, 32) . $this->_hashInlineCryptFunction($this->key); + } // Is there a re-usable $lambda_functions in there? // If not, we have to create it. @@ -552,6 +593,16 @@ class Crypt_RC2 extends Crypt_Base { // Init code for both, encrypt and decrypt. $init_crypt = '$keys = $self->keys;'; + switch (true) { + case $gen_hi_opt_code: + $keys = $this->keys; + default: + $keys = array(); + foreach ($this->keys as $k => $v) { + $keys[$k] = '$keys[' . $k . ']'; + } + } + // $in is the current 8 bytes block which has to be en/decrypt $encrypt_block = $decrypt_block = ' $in = unpack("v4", $in); @@ -582,8 +633,8 @@ class Crypt_RC2 extends Crypt_Base { ((($r0 ^ $r1) & $r2) ^ $r0)) & 0xFFFF) << 5; $r3 |= $r3 >> 16;'; - if ($j == $limit) { - if ($limit == 64) { + if ($j === $limit) { + if ($limit === 64) { break; } @@ -620,8 +671,8 @@ class Crypt_RC2 extends Crypt_Base { $r0 = ($r0 - ' . $keys[--$j] . ' - ((($r1 ^ $r2) & $r3) ^ $r1)) & 0xFFFF;'; - if ($j == $limit) { - if (!$limit) { + if ($j === $limit) { + if ($limit === 0) { break; } @@ -651,6 +702,3 @@ class Crypt_RC2 extends Crypt_Base { $this->inline_crypt = $lambda_functions[$code_hash]; } } - -// vim: ts=4:sw=4:et: -// vim6: fdl=1: diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RC4.php b/plugins/OStatus/extlib/phpseclib/Crypt/RC4.php index f6a9eae2fb..3da70b6ea0 100644 --- a/plugins/OStatus/extlib/phpseclib/Crypt/RC4.php +++ b/plugins/OStatus/extlib/phpseclib/Crypt/RC4.php @@ -1,12 +1,11 @@ * setKey('abcdefgh'); * @@ -35,109 +34,59 @@ * ?> * * - * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @category Crypt - * @package Crypt_RC4 - * @author Jim Wigginton - * @copyright MMVII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package RC4 + * @author Jim Wigginton + * @copyright 2007 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ -/** - * Include Crypt_Base - * - * Base cipher class - */ -if (!class_exists('Crypt_Base')) { - require_once('Base.php'); -} - -/**#@+ - * @access private - * @see Crypt_RC4::Crypt_RC4() - */ -/** - * Toggles the internal implementation - */ -define('CRYPT_RC4_MODE_INTERNAL', CRYPT_MODE_INTERNAL); -/** - * Toggles the mcrypt implementation - */ -define('CRYPT_RC4_MODE_MCRYPT', CRYPT_MODE_MCRYPT); -/**#@-*/ - -/**#@+ - * @access private - * @see Crypt_RC4::_crypt() - */ -define('CRYPT_RC4_ENCRYPT', 0); -define('CRYPT_RC4_DECRYPT', 1); -/**#@-*/ +namespace phpseclib\Crypt; /** * Pure-PHP implementation of RC4. * + * @package RC4 * @author Jim Wigginton - * @version 0.1.0 * @access public - * @package Crypt_RC4 */ -class Crypt_RC4 extends Crypt_Base { +class RC4 extends Base +{ + /**#@+ + * @access private + * @see \phpseclib\Crypt\RC4::_crypt() + */ + const ENCRYPT = 0; + const DECRYPT = 1; + /**#@-*/ + /** * Block Length of the cipher * - * RC4 is a stream cipher + * RC4 is a stream cipher * so we the block_size to 0 * - * @see Crypt_Base::block_size - * @var Integer + * @see \phpseclib\Crypt\Base::block_size + * @var int * @access private */ var $block_size = 0; /** - * The default password key_size used by setPassword() + * Key Length (in bytes) * - * @see Crypt_Base::password_key_size - * @see Crypt_Base::setPassword() - * @var Integer + * @see \phpseclib\Crypt\RC4::setKeyLength() + * @var int * @access private */ - var $password_key_size = 128; // = 1024 bits - - /** - * The namespace used by the cipher for its constants. - * - * @see Crypt_Base::const_namespace - * @var String - * @access private - */ - var $const_namespace = 'RC4'; - + var $key_length = 128; // = 1024 bits /** * The mcrypt specific name of the cipher * - * @see Crypt_Base::cipher_name_mcrypt - * @var String + * @see \phpseclib\Crypt\Base::cipher_name_mcrypt + * @var string * @access private */ var $cipher_name_mcrypt = 'arcfour'; @@ -145,7 +94,7 @@ class Crypt_RC4 extends Crypt_Base { /** * Holds whether performance-optimized $inline_crypt() can/should be used. * - * @see Crypt_Base::inline_crypt + * @see \phpseclib\Crypt\Base::inline_crypt * @var mixed * @access private */ @@ -154,8 +103,8 @@ class Crypt_RC4 extends Crypt_Base { /** * The Key * - * @see Crypt_RC4::setKey() - * @var String + * @see self::setKey() + * @var string * @access private */ var $key = "\0"; @@ -163,8 +112,8 @@ class Crypt_RC4 extends Crypt_Base { /** * The Key Stream for decryption and encryption * - * @see Crypt_RC4::setKey() - * @var Array + * @see self::setKey() + * @var array * @access private */ var $stream; @@ -172,107 +121,167 @@ class Crypt_RC4 extends Crypt_Base { /** * Default Constructor. * - * Determines whether or not the mcrypt extension should be used. - * - * @see Crypt_Base::Crypt_Base() - * @return Crypt_RC4 + * @see \phpseclib\Crypt\Base::__construct() + * @return \phpseclib\Crypt\RC4 * @access public */ - function Crypt_RC4() + function __construct() { - parent::Crypt_Base(CRYPT_MODE_STREAM); + parent::__construct(Base::MODE_STREAM); } /** - * Dummy function. + * Test for engine validity * - * Some protocols, such as WEP, prepend an "initialization vector" to the key, effectively creating a new key [1]. - * If you need to use an initialization vector in this manner, feel free to prepend it to the key, yourself, before - * calling setKey(). + * This is mainly just a wrapper to set things up for \phpseclib\Crypt\Base::isValidEngine() * - * [1] WEP's initialization vectors (IV's) are used in a somewhat insecure way. Since, in that protocol, - * the IV's are relatively easy to predict, an attack described by - * {@link http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf Scott Fluhrer, Itsik Mantin, and Adi Shamir} - * can be used to quickly guess at the rest of the key. The following links elaborate: - * - * {@link http://www.rsa.com/rsalabs/node.asp?id=2009 http://www.rsa.com/rsalabs/node.asp?id=2009} - * {@link http://en.wikipedia.org/wiki/Related_key_attack http://en.wikipedia.org/wiki/Related_key_attack} - * - * @param String $iv - * @see Crypt_RC4::setKey() + * @see \phpseclib\Crypt\Base::__construct() + * @param int $engine * @access public + * @return bool */ - function setIV($iv) + function isValidEngine($engine) { + switch ($engine) { + case Base::ENGINE_OPENSSL: + switch (strlen($this->key)) { + case 5: + $this->cipher_name_openssl = 'rc4-40'; + break; + case 8: + $this->cipher_name_openssl = 'rc4-64'; + break; + case 16: + $this->cipher_name_openssl = 'rc4'; + break; + default: + return false; + } + } + + return parent::isValidEngine($engine); } /** - * Sets the key. - * - * Keys can be between 1 and 256 bytes long. If they are longer then 256 bytes, the first 256 bytes will - * be used. If no key is explicitly set, it'll be assumed to be a single null byte. + * RC4 does not use an IV * * @access public - * @see Crypt_Base::setKey() - * @param String $key + * @return bool + */ + function usesIV() + { + return false; + } + + /** + * Sets the key length + * + * Keys can be between 1 and 256 bytes long. + * + * @access public + * @param int $length + * @throws \LengthException if the key length is invalid + */ + function setKeyLength($length) + { + if ($length < 8 || $length > 2048) { + throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys between 1 and 256 bytes are supported'); + } + + $this->key_length = $length >> 3; + + parent::setKeyLength($length); + } + + /** + * Sets the key length + * + * Keys can be between 1 and 256 bytes long. + * + * @access public + * @param int $length + * @throws \LengthException if the key length is invalid */ function setKey($key) { - parent::setKey(substr($key, 0, 256)); + $length = strlen($key); + if ($length < 1 || $length > 256) { + throw new \LengthException('Key size of ' . $length . ' bytes is not supported by RC4. Keys must be between 1 and 256 bytes long'); + } + + parent::setKey($key); } /** * Encrypts a message. * - * @see Crypt_Base::decrypt() - * @see Crypt_RC4::_crypt() + * @see \phpseclib\Crypt\Base::decrypt() + * @see self::_crypt() * @access public - * @param String $plaintext - * @return String $ciphertext + * @param string $plaintext + * @return string $ciphertext */ function encrypt($plaintext) { - if ($this->engine == CRYPT_MODE_MCRYPT) { + if ($this->engine != Base::ENGINE_INTERNAL) { return parent::encrypt($plaintext); } - return $this->_crypt($plaintext, CRYPT_RC4_ENCRYPT); + return $this->_crypt($plaintext, self::ENCRYPT); } /** * Decrypts a message. * * $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)). - * Atleast if the continuous buffer is disabled. + * At least if the continuous buffer is disabled. * - * @see Crypt_Base::encrypt() - * @see Crypt_RC4::_crypt() + * @see \phpseclib\Crypt\Base::encrypt() + * @see self::_crypt() * @access public - * @param String $ciphertext - * @return String $plaintext + * @param string $ciphertext + * @return string $plaintext */ function decrypt($ciphertext) { - if ($this->engine == CRYPT_MODE_MCRYPT) { + if ($this->engine != Base::ENGINE_INTERNAL) { return parent::decrypt($ciphertext); } - return $this->_crypt($ciphertext, CRYPT_RC4_DECRYPT); + return $this->_crypt($ciphertext, self::DECRYPT); } + /** + * Encrypts a block + * + * @access private + * @param string $in + */ + function _encryptBlock($in) + { + // RC4 does not utilize this method + } + + /** + * Decrypts a block + * + * @access private + * @param string $in + */ + function _decryptBlock($in) + { + // RC4 does not utilize this method + } /** * Setup the key (expansion) * - * @see Crypt_Base::_setupKey() + * @see \phpseclib\Crypt\Base::_setupKey() * @access private */ function _setupKey() { $key = $this->key; $keyLength = strlen($key); - $keyStream = array(); - for ($i = 0; $i < 256; $i++) { - $keyStream[$i] = $i; - } + $keyStream = range(0, 255); $j = 0; for ($i = 0; $i < 256; $i++) { $j = ($j + $keyStream[$i] + ord($key[$i % $keyLength])) & 255; @@ -282,7 +291,7 @@ class Crypt_RC4 extends Crypt_Base { } $this->stream = array(); - $this->stream[CRYPT_RC4_DECRYPT] = $this->stream[CRYPT_RC4_ENCRYPT] = array( + $this->stream[self::DECRYPT] = $this->stream[self::ENCRYPT] = array( 0, // index $i 0, // index $j $keyStream @@ -292,12 +301,12 @@ class Crypt_RC4 extends Crypt_Base { /** * Encrypts or decrypts a message. * - * @see Crypt_RC4::encrypt() - * @see Crypt_RC4::decrypt() + * @see self::encrypt() + * @see self::decrypt() * @access private - * @param String $text - * @param Integer $mode - * @return String $text + * @param string $text + * @param int $mode + * @return string $text */ function _crypt($text, $mode) { @@ -326,12 +335,9 @@ class Crypt_RC4 extends Crypt_Base { $keyStream[$i] = $ksj; $keyStream[$j] = $ksi; - $text[$k] = chr(ord($text[$k]) ^ $keyStream[($ksj + $ksi) & 255]); + $text[$k] = $text[$k] ^ chr($keyStream[($ksj + $ksi) & 255]); } return $text; } } - -// vim: ts=4:sw=4:et: -// vim6: fdl=1: diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RSA.php b/plugins/OStatus/extlib/phpseclib/Crypt/RSA.php index 50642eb7ea..38c2d390f3 100644 --- a/plugins/OStatus/extlib/phpseclib/Crypt/RSA.php +++ b/plugins/OStatus/extlib/phpseclib/Crypt/RSA.php @@ -1,287 +1,200 @@ * createKey()); + * extract(\phpseclib\Crypt\RSA::createKey()); * - * $plaintext = 'terrafrost'; + * $plaintext = 'terrafrost'; * - * $rsa->loadKey($privatekey); - * $ciphertext = $rsa->encrypt($plaintext); + * $ciphertext = $publickey->encrypt($plaintext); * - * $rsa->loadKey($publickey); - * echo $rsa->decrypt($ciphertext); + * echo $privatekey->decrypt($ciphertext); * ?> * * * Here's an example of how to create signatures and verify signatures with this library: * * createKey()); + * extract(\phpseclib\Crypt\RSA::createKey()); * - * $plaintext = 'terrafrost'; + * $plaintext = 'terrafrost'; * - * $rsa->loadKey($privatekey); - * $signature = $rsa->sign($plaintext); + * $signature = $privatekey->sign($plaintext); * - * $rsa->loadKey($publickey); - * echo $rsa->verify($plaintext, $signature) ? 'verified' : 'unverified'; + * echo $publickey->verify($plaintext, $signature) ? 'verified' : 'unverified'; * ?> * * - * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @category Crypt - * @package Crypt_RSA - * @author Jim Wigginton - * @copyright MMIX Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package RSA + * @author Jim Wigginton + * @copyright 2009 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ -/** - * Include Crypt_Random - */ -// the class_exists() will only be called if the crypt_random_string function hasn't been defined and -// will trigger a call to __autoload() if you're wanting to auto-load classes -// call function_exists() a second time to stop the require_once from being called outside -// of the auto loader -if (!function_exists('crypt_random_string')) { - require_once('Random.php'); -} +namespace phpseclib\Crypt; -/** - * Include Crypt_Hash - */ -if (!class_exists('Crypt_Hash')) { - require_once('Hash.php'); -} - -/**#@+ - * @access public - * @see Crypt_RSA::encrypt() - * @see Crypt_RSA::decrypt() - */ -/** - * Use {@link http://en.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding Optimal Asymmetric Encryption Padding} - * (OAEP) for encryption / decryption. - * - * Uses sha1 by default. - * - * @see Crypt_RSA::setHash() - * @see Crypt_RSA::setMGFHash() - */ -define('CRYPT_RSA_ENCRYPTION_OAEP', 1); -/** - * Use PKCS#1 padding. - * - * Although CRYPT_RSA_ENCRYPTION_OAEP offers more security, including PKCS#1 padding is necessary for purposes of backwards - * compatability with protocols (like SSH-1) written before OAEP's introduction. - */ -define('CRYPT_RSA_ENCRYPTION_PKCS1', 2); -/**#@-*/ - -/**#@+ - * @access public - * @see Crypt_RSA::sign() - * @see Crypt_RSA::verify() - * @see Crypt_RSA::setHash() - */ -/** - * Use the Probabilistic Signature Scheme for signing - * - * Uses sha1 by default. - * - * @see Crypt_RSA::setSaltLength() - * @see Crypt_RSA::setMGFHash() - */ -define('CRYPT_RSA_SIGNATURE_PSS', 1); -/** - * Use the PKCS#1 scheme by default. - * - * Although CRYPT_RSA_SIGNATURE_PSS offers more security, including PKCS#1 signing is necessary for purposes of backwards - * compatability with protocols (like SSH-2) written before PSS's introduction. - */ -define('CRYPT_RSA_SIGNATURE_PKCS1', 2); -/**#@-*/ - -/**#@+ - * @access private - * @see Crypt_RSA::createKey() - */ -/** - * ASN1 Integer - */ -define('CRYPT_RSA_ASN1_INTEGER', 2); -/** - * ASN1 Bit String - */ -define('CRYPT_RSA_ASN1_BITSTRING', 3); -/** - * ASN1 Sequence (with the constucted bit set) - */ -define('CRYPT_RSA_ASN1_SEQUENCE', 48); -/**#@-*/ - -/**#@+ - * @access private - * @see Crypt_RSA::Crypt_RSA() - */ -/** - * To use the pure-PHP implementation - */ -define('CRYPT_RSA_MODE_INTERNAL', 1); -/** - * To use the OpenSSL library - * - * (if enabled; otherwise, the internal implementation will be used) - */ -define('CRYPT_RSA_MODE_OPENSSL', 2); -/**#@-*/ - -/** - * Default openSSL configuration file. - */ -define('CRYPT_RSA_OPENSSL_CONFIG', dirname(__FILE__) . '/../openssl.cnf'); - -/**#@+ - * @access public - * @see Crypt_RSA::createKey() - * @see Crypt_RSA::setPrivateKeyFormat() - */ -/** - * PKCS#1 formatted private key - * - * Used by OpenSSH - */ -define('CRYPT_RSA_PRIVATE_FORMAT_PKCS1', 0); -/** - * PuTTY formatted private key - */ -define('CRYPT_RSA_PRIVATE_FORMAT_PUTTY', 1); -/** - * XML formatted private key - */ -define('CRYPT_RSA_PRIVATE_FORMAT_XML', 2); -/**#@-*/ - -/**#@+ - * @access public - * @see Crypt_RSA::createKey() - * @see Crypt_RSA::setPublicKeyFormat() - */ -/** - * Raw public key - * - * An array containing two Math_BigInteger objects. - * - * The exponent can be indexed with any of the following: - * - * 0, e, exponent, publicExponent - * - * The modulus can be indexed with any of the following: - * - * 1, n, modulo, modulus - */ -define('CRYPT_RSA_PUBLIC_FORMAT_RAW', 3); -/** - * PKCS#1 formatted public key (raw) - * - * Used by File/X509.php - */ -define('CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW', 4); -/** - * XML formatted public key - */ -define('CRYPT_RSA_PUBLIC_FORMAT_XML', 5); -/** - * OpenSSH formatted public key - * - * Place in $HOME/.ssh/authorized_keys - */ -define('CRYPT_RSA_PUBLIC_FORMAT_OPENSSH', 6); -/** - * PKCS#1 formatted public key (encapsulated) - * - * Used by PHP's openssl_public_encrypt() and openssl's rsautl (when -pubin is set) - */ -define('CRYPT_RSA_PUBLIC_FORMAT_PKCS1', 7); -/**#@-*/ +use ParagonIE\ConstantTime\Base64; +use phpseclib\File\ASN1; +use phpseclib\Math\BigInteger; /** * Pure-PHP PKCS#1 compliant implementation of RSA. * + * @package RSA * @author Jim Wigginton - * @version 0.1.0 * @access public - * @package Crypt_RSA */ -class Crypt_RSA { +class RSA +{ + /**#@+ + * @access public + * @see self::encrypt() + * @see self::decrypt() + */ + /** + * Use {@link http://en.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding Optimal Asymmetric Encryption Padding} + * (OAEP) for encryption / decryption. + * + * Uses sha256 by default + * + * @see self::setHash() + * @see self::setMGFHash() + */ + const PADDING_OAEP = 1; + /** + * Use PKCS#1 padding. + * + * Although self::PADDING_OAEP / self::PADDING_PSS offers more security, including PKCS#1 padding is necessary for purposes of backwards + * compatibility with protocols (like SSH-1) written before OAEP's introduction. + */ + const PADDING_PKCS1 = 2; + /** + * Do not use any padding + * + * Although this method is not recommended it can none-the-less sometimes be useful if you're trying to decrypt some legacy + * stuff, if you're trying to diagnose why an encrypted message isn't decrypting, etc. + */ + const PADDING_NONE = 3; + /** + * Use PKCS#1 padding with PKCS1 v1.5 compatability + * + * A PKCS1 v2.1 encrypted message may not successfully decrypt with a PKCS1 v1.5 implementation (such as OpenSSL). + */ + const PADDING_PKCS15_COMPAT = 6; + /**#@-*/ + + /**#@+ + * @access public + * @see self::sign() + * @see self::verify() + * @see self::setHash() + */ + /** + * Use the Probabilistic Signature Scheme for signing + * + * Uses sha256 and 0 as the salt length + * + * @see self::setSaltLength() + * @see self::setMGFHash() + * @see self::setHash() + */ + const PADDING_PSS = 4; + /** + * Use a relaxed version of PKCS#1 padding for signature verification + */ + const PADDING_RELAXED_PKCS1 = 5; + /**#@-*/ + + /**#@+ + * @access private + * @see self::createKey() + */ + /** + * ASN1 Integer + */ + const ASN1_INTEGER = 2; + /** + * ASN1 Bit String + */ + const ASN1_BITSTRING = 3; + /** + * ASN1 Octet String + */ + const ASN1_OCTETSTRING = 4; + /** + * ASN1 Object Identifier + */ + const ASN1_OBJECT = 6; + /** + * ASN1 Sequence (with the constucted bit set) + */ + const ASN1_SEQUENCE = 48; + /**#@-*/ + + /**#@+ + * @access private + * @see self::__construct() + */ + /** + * To use the pure-PHP implementation + */ + const MODE_INTERNAL = 1; + /** + * To use the OpenSSL library + * + * (if enabled; otherwise, the internal implementation will be used) + */ + const MODE_OPENSSL = 2; + /**#@-*/ + /** * Precomputed Zero * - * @var Array + * @var array * @access private */ - var $zero; + static $zero; /** * Precomputed One * - * @var Array + * @var array * @access private */ - var $one; + static $one; /** * Private Key Format * - * @var Integer + * @var string * @access private */ - var $privateKeyFormat = CRYPT_RSA_PRIVATE_FORMAT_PKCS1; + var $privateKeyFormat = 'PKCS1'; /** * Public Key Format * - * @var Integer - * @access public + * @var string + * @access private */ - var $publicKeyFormat = CRYPT_RSA_PUBLIC_FORMAT_PKCS1; + var $publicKeyFormat = 'PKCS8'; /** * Modulus (ie. n) * - * @var Math_BigInteger + * @var \phpseclib\Math\BigInteger * @access private */ var $modulus; @@ -289,7 +202,7 @@ class Crypt_RSA { /** * Modulus length * - * @var Math_BigInteger + * @var \phpseclib\Math\BigInteger * @access private */ var $k; @@ -297,7 +210,7 @@ class Crypt_RSA { /** * Exponent (ie. e or d) * - * @var Math_BigInteger + * @var \phpseclib\Math\BigInteger * @access private */ var $exponent; @@ -305,7 +218,7 @@ class Crypt_RSA { /** * Primes for Chinese Remainder Theorem (ie. p and q) * - * @var Array + * @var array * @access private */ var $primes; @@ -313,7 +226,7 @@ class Crypt_RSA { /** * Exponents for Chinese Remainder Theorem (ie. dP and dQ) * - * @var Array + * @var array * @access private */ var $exponents; @@ -321,7 +234,7 @@ class Crypt_RSA { /** * Coefficients for Chinese Remainder Theorem (ie. qInv) * - * @var Array + * @var array * @access private */ var $coefficients; @@ -329,7 +242,7 @@ class Crypt_RSA { /** * Hash name * - * @var String + * @var string * @access private */ var $hashName; @@ -337,7 +250,7 @@ class Crypt_RSA { /** * Hash function * - * @var Crypt_Hash + * @var \phpseclib\Crypt\Hash * @access private */ var $hash; @@ -345,7 +258,7 @@ class Crypt_RSA { /** * Length of hash function output * - * @var Integer + * @var int * @access private */ var $hLen; @@ -353,7 +266,7 @@ class Crypt_RSA { /** * Length of salt * - * @var Integer + * @var int * @access private */ var $sLen; @@ -361,7 +274,7 @@ class Crypt_RSA { /** * Hash function for the Mask Generation Function * - * @var Crypt_Hash + * @var \phpseclib\Crypt\Hash * @access private */ var $mgfHash; @@ -369,31 +282,15 @@ class Crypt_RSA { /** * Length of MGF hash function output * - * @var Integer + * @var int * @access private */ var $mgfHLen; - /** - * Encryption mode - * - * @var Integer - * @access private - */ - var $encryptionMode = CRYPT_RSA_ENCRYPTION_OAEP; - - /** - * Signature mode - * - * @var Integer - * @access private - */ - var $signatureMode = CRYPT_RSA_SIGNATURE_PSS; - /** * Public Exponent * - * @var Mixed + * @var mixed * @access private */ var $publicExponent = false; @@ -401,120 +298,94 @@ class Crypt_RSA { /** * Password * - * @var String + * @var string * @access private */ var $password = false; /** - * Components + * Loaded File Format * - * For use with parsing XML formatted keys. PHP's XML Parser functions use utilized - instead of PHP's DOM functions - - * because PHP's XML Parser functions work on PHP4 whereas PHP's DOM functions - although surperior - don't. - * - * @see Crypt_RSA::_start_element_handler() - * @var Array + * @var string * @access private */ - var $components = array(); - - /** - * Current String - * - * For use with parsing XML formatted keys. - * - * @see Crypt_RSA::_character_handler() - * @see Crypt_RSA::_stop_element_handler() - * @var Mixed - * @access private - */ - var $current; + var $format = false; /** * OpenSSL configuration file name. * - * Set to NULL to use system configuration file. - * @see Crypt_RSA::createKey() - * @var Mixed - * @Access public + * Set to null to use system configuration file. + * + * @see self::createKey() + * @var mixed + * @access public */ - var $configFile; + static $configFile; /** - * Public key comment field. + * Supported file formats (lower case) * - * @var String + * @see self::_initialize_static_variables() + * @var array * @access private */ - var $comment = 'phpseclib-generated-key'; + static $fileFormats = false; + + /** + * Supported file formats (original case) + * + * @see self::_initialize_static_variables() + * @var array + * @access private + */ + static $origFileFormats = false; + + + /** + * Initialize static variables + * + * @access private + */ + static function _initialize_static_variables() + { + if (!isset(self::$zero)) { + self::$zero= new BigInteger(0); + self::$one = new BigInteger(1); + self::$configFile = __DIR__ . '/../openssl.cnf'; + + if (self::$fileFormats === false) { + self::$fileFormats = array(); + foreach (glob(__DIR__ . '/RSA/*.php') as $file) { + $name = pathinfo($file, PATHINFO_FILENAME); + $type = 'phpseclib\Crypt\RSA\\' . $name; + $meta = new \ReflectionClass($type); + if (!$meta->isAbstract()) { + self::$fileFormats[strtolower($name)] = $type; + self::$origFileFormats[] = $name; + } + } + } + } + } /** * The constructor * * If you want to make use of the openssl extension, you'll need to set the mode manually, yourself. The reason - * Crypt_RSA doesn't do it is because OpenSSL doesn't fail gracefully. openssl_pkey_new(), in particular, requires + * \phpseclib\Crypt\RSA doesn't do it is because OpenSSL doesn't fail gracefully. openssl_pkey_new(), in particular, requires * openssl.cnf be present somewhere and, unfortunately, the only real way to find out is too late. * - * @return Crypt_RSA + * @return \phpseclib\Crypt\RSA * @access public */ - function Crypt_RSA() + function __construct() { - if (!class_exists('Math_BigInteger')) { - require_once('Math/BigInteger.php'); - } + self::_initialize_static_variables(); - $this->configFile = CRYPT_RSA_OPENSSL_CONFIG; - - if ( !defined('CRYPT_RSA_MODE') ) { - // Math/BigInteger's openssl requirements are a little less stringent than Crypt/RSA's. in particular, - // Math/BigInteger doesn't require an openssl.cfg file whereas Crypt/RSA does. so if Math/BigInteger - // can't use OpenSSL it can be pretty trivially assumed, then, that Crypt/RSA can't either. - if ( defined('MATH_BIGINTEGER_OPENSSL_DISABLE') ) { - define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL); - } - - switch ( !defined('CRYPT_RSA_MODE') ) { // ie. only run this if the above didn't set CRYPT_RSA_MODE already - case extension_loaded('openssl') && version_compare(PHP_VERSION, '4.2.0', '>=') && file_exists($this->configFile): - // some versions of XAMPP have mismatched versions of OpenSSL which causes it not to work - ob_start(); - phpinfo(); - $content = ob_get_contents(); - ob_end_clean(); - - preg_match_all('#OpenSSL (Header|Library) Version(.*)#im', $content, $matches); - - $versions = array(); - if (!empty($matches[1])) { - for ($i = 0; $i < count($matches[1]); $i++) { - $versions[$matches[1][$i]] = trim(str_replace('=>', '', strip_tags($matches[2][$i]))); - } - } - - // it doesn't appear that OpenSSL versions were reported upon until PHP 5.3+ - switch (true) { - case !isset($versions['Header']): - case !isset($versions['Library']): - case $versions['Header'] == $versions['Library']: - define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_OPENSSL); - break; - default: - define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL); - define('MATH_BIGINTEGER_OPENSSL_DISABLE', true); - } - break; - case true: - define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL); - } - } - - $this->zero = new Math_BigInteger(); - $this->one = new Math_BigInteger(1); - - $this->hash = new Crypt_Hash('sha1'); + $this->hash = new Hash('sha256'); $this->hLen = $this->hash->getLength(); - $this->hashName = 'sha1'; - $this->mgfHash = new Crypt_Hash('sha1'); + $this->hashName = 'sha256'; + $this->mgfHash = new Hash('sha256'); $this->mgfHLen = $this->mgfHash->getLength(); } @@ -525,15 +396,33 @@ class Crypt_RSA { * - 'privatekey': The private key. * - 'publickey': The public key. * - 'partialkey': A partially computed key (if the execution time exceeded $timeout). - * Will need to be passed back to Crypt_RSA::createKey() as the third parameter for further processing. + * Will need to be passed back to \phpseclib\Crypt\RSA::createKey() as the third parameter for further processing. * * @access public - * @param optional Integer $bits - * @param optional Integer $timeout - * @param optional Math_BigInteger $p + * @param int $bits + * @param int $timeout + * @param array $p */ - function createKey($bits = 1024, $timeout = false, $partial = array()) + static function createKey($bits = 2048, $timeout = false, $partial = array()) { + self::_initialize_static_variables(); + + if (!defined('CRYPT_RSA_MODE')) { + switch (true) { + // Math/BigInteger's openssl requirements are a little less stringent than Crypt/RSA's. in particular, + // Math/BigInteger doesn't require an openssl.cfg file whereas Crypt/RSA does. so if Math/BigInteger + // can't use OpenSSL it can be pretty trivially assumed, then, that Crypt/RSA can't either. + case defined('MATH_BIGINTEGER_OPENSSL_DISABLE'): + define('CRYPT_RSA_MODE', self::MODE_INTERNAL); + break; + case extension_loaded('openssl') && file_exists(self::$configFile): + define('CRYPT_RSA_MODE', self::MODE_OPENSSL); + break; + default: + define('CRYPT_RSA_MODE', self::MODE_INTERNAL); + } + } + if (!defined('CRYPT_RSA_EXPONENT')) { // http://en.wikipedia.org/wiki/65537_%28number%29 define('CRYPT_RSA_EXPONENT', '65537'); @@ -541,7 +430,7 @@ class Crypt_RSA { // per , this number ought not result in primes smaller // than 256 bits. as a consequence if the key you're trying to create is 1024 bits and you've set CRYPT_RSA_SMALLEST_PRIME // to 384 bits then you're going to get a 384 bit prime and a 640 bit prime (384 + 1024 % 384). at least if - // CRYPT_RSA_MODE is set to CRYPT_RSA_MODE_INTERNAL. if CRYPT_RSA_MODE is set to CRYPT_RSA_MODE_OPENSSL then + // CRYPT_RSA_MODE is set to self::MODE_INTERNAL. if CRYPT_RSA_MODE is set to self::MODE_OPENSSL then // CRYPT_RSA_SMALLEST_PRIME is ignored (ie. multi-prime RSA support is more intended as a way to speed up RSA key // generation when there's a chance neither gmp nor OpenSSL are installed) if (!defined('CRYPT_RSA_SMALLEST_PRIME')) { @@ -549,21 +438,23 @@ class Crypt_RSA { } // OpenSSL uses 65537 as the exponent and requires RSA keys be 384 bits minimum - if ( CRYPT_RSA_MODE == CRYPT_RSA_MODE_OPENSSL && $bits >= 384 && CRYPT_RSA_EXPONENT == 65537) { + if (CRYPT_RSA_MODE == self::MODE_OPENSSL && $bits >= 384 && CRYPT_RSA_EXPONENT == 65537) { $config = array(); - if (isset($this->configFile)) { - $config['config'] = $this->configFile; + if (isset(self::$configFile)) { + $config['config'] = self::$configFile; } $rsa = openssl_pkey_new(array('private_key_bits' => $bits) + $config); - openssl_pkey_export($rsa, $privatekey, NULL, $config); - $publickey = openssl_pkey_get_details($rsa); - $publickey = $publickey['key']; + openssl_pkey_export($rsa, $privatekeystr, null, $config); + $privatekey = new RSA(); + $privatekey->load($privatekeystr); - $privatekey = call_user_func_array(array($this, '_convertPrivateKey'), array_values($this->_parseKey($privatekey, CRYPT_RSA_PRIVATE_FORMAT_PKCS1))); - $publickey = call_user_func_array(array($this, '_convertPublicKey'), array_values($this->_parseKey($publickey, CRYPT_RSA_PUBLIC_FORMAT_PKCS1))); + $publickeyarr = openssl_pkey_get_details($rsa); + $publickey = new RSA(); + $publickey->load($publickeyarr['key']); // clear the buffer of error strings stemming from a minimalistic openssl.cnf - while (openssl_error_string() !== false); + while (openssl_error_string() !== false) { + } return array( 'privatekey' => $privatekey, @@ -574,10 +465,10 @@ class Crypt_RSA { static $e; if (!isset($e)) { - $e = new Math_BigInteger(CRYPT_RSA_EXPONENT); + $e = new BigInteger(CRYPT_RSA_EXPONENT); } - extract($this->_generateMinMax($bits)); + extract(self::_generateMinMax($bits)); $absoluteMin = $min; $temp = $bits >> 1; // divide by two to see how many bits P and Q would be if ($temp > CRYPT_RSA_SMALLEST_PRIME) { @@ -586,19 +477,17 @@ class Crypt_RSA { } else { $num_primes = 2; } - extract($this->_generateMinMax($temp + $bits % $temp)); + extract(self::_generateMinMax($temp + $bits % $temp)); $finalMax = $max; - extract($this->_generateMinMax($temp)); + extract(self::_generateMinMax($temp)); - $generator = new Math_BigInteger(); - - $n = $this->one->copy(); + $n = clone self::$one; if (!empty($partial)) { extract(unserialize($partial)); } else { $exponents = $coefficients = $primes = array(); $lcm = array( - 'top' => $this->one->copy(), + 'top' => clone self::$one, 'bottom' => false ); } @@ -627,12 +516,12 @@ class Crypt_RSA { if ($i == $num_primes) { list($min, $temp) = $absoluteMin->divide($n); - if (!$temp->equals($this->zero)) { - $min = $min->add($this->one); // ie. ceil() + if (!$temp->equals(self::$zero)) { + $min = $min->add(self::$one); // ie. ceil() } - $primes[$i] = $generator->randomPrime($min, $finalMax, $timeout); + $primes[$i] = BigInteger::randomPrime($min, $finalMax, $timeout); } else { - $primes[$i] = $generator->randomPrime($min, $max, $timeout); + $primes[$i] = BigInteger::randomPrime($min, $max, $timeout); } if ($primes[$i] === false) { // if we've reached the timeout @@ -649,8 +538,8 @@ class Crypt_RSA { } return array( - 'privatekey' => '', - 'publickey' => '', + 'privatekey' => false, + 'publickey' => false, 'partialkey' => $partialkey ); } @@ -663,7 +552,7 @@ class Crypt_RSA { $n = $n->multiply($primes[$i]); - $temp = $primes[$i]->subtract($this->one); + $temp = $primes[$i]->subtract(self::$one); // textbook RSA implementations use Euler's totient function instead of the least common multiple. // see http://en.wikipedia.org/wiki/Euler%27s_totient_function @@ -676,7 +565,7 @@ class Crypt_RSA { list($temp) = $lcm['top']->divide($lcm['bottom']); $gcd = $temp->gcd($e); $i0 = 1; - } while (!$gcd->equals($this->one)); + } while (!$gcd->equals(self::$one)); $d = $e->modInverse($temp); @@ -695,691 +584,62 @@ class Crypt_RSA { // coefficient INTEGER, -- (inverse of q) mod p // otherPrimeInfos OtherPrimeInfos OPTIONAL // } + $privatekey = new RSA(); + $privatekey->modulus = $n; + $privatekey->k = $bits >> 3; + $privatekey->publicExponent = $e; + $privatekey->exponent = $d; + $privatekey->privateExponent = $e; + $privatekey->primes = $primes; + $privatekey->exponents = $exponents; + $privatekey->coefficients = $coefficients; + + $publickey = new RSA(); + $publickey->modulus = $n; + $publickey->k = $bits >> 3; + $publickey->exponent = $e; return array( - 'privatekey' => $this->_convertPrivateKey($n, $e, $d, $primes, $exponents, $coefficients), - 'publickey' => $this->_convertPublicKey($n, $e), + 'privatekey' => $privatekey, + 'publickey' => $publickey, 'partialkey' => false ); } /** - * Convert a private key to the appropriate format. + * Add a fileformat plugin * - * @access private - * @see setPrivateKeyFormat() - * @param String $RSAPrivateKey - * @return String + * The plugin needs to either already be loaded or be auto-loadable. + * Loading a plugin whose shortname overwrite an existing shortname will overwrite the old plugin. + * + * @see self::load() + * @param string $fullname + * @access public + * @return bool */ - function _convertPrivateKey($n, $e, $d, $primes, $exponents, $coefficients) + static function addFileFormat($fullname) { - $num_primes = count($primes); - $raw = array( - 'version' => $num_primes == 2 ? chr(0) : chr(1), // two-prime vs. multi - 'modulus' => $n->toBytes(true), - 'publicExponent' => $e->toBytes(true), - 'privateExponent' => $d->toBytes(true), - 'prime1' => $primes[1]->toBytes(true), - 'prime2' => $primes[2]->toBytes(true), - 'exponent1' => $exponents[1]->toBytes(true), - 'exponent2' => $exponents[2]->toBytes(true), - 'coefficient' => $coefficients[2]->toBytes(true) - ); + self::_initialize_static_variables(); - // if the format in question does not support multi-prime rsa and multi-prime rsa was used, - // call _convertPublicKey() instead. - switch ($this->privateKeyFormat) { - case CRYPT_RSA_PRIVATE_FORMAT_XML: - if ($num_primes != 2) { - return false; - } - return "\r\n" . - ' ' . base64_encode($raw['modulus']) . "\r\n" . - ' ' . base64_encode($raw['publicExponent']) . "\r\n" . - '

    ' . base64_encode($raw['prime1']) . "

    \r\n" . - ' ' . base64_encode($raw['prime2']) . "\r\n" . - ' ' . base64_encode($raw['exponent1']) . "\r\n" . - ' ' . base64_encode($raw['exponent2']) . "\r\n" . - ' ' . base64_encode($raw['coefficient']) . "\r\n" . - ' ' . base64_encode($raw['privateExponent']) . "\r\n" . - '    '; - break; - case CRYPT_RSA_PRIVATE_FORMAT_PUTTY: - if ($num_primes != 2) { - return false; - } - $key = "PuTTY-User-Key-File-2: ssh-rsa\r\nEncryption: "; - $encryption = (!empty($this->password) || is_string($this->password)) ? 'aes256-cbc' : 'none'; - $key.= $encryption; - $key.= "\r\nComment: " . $this->comment . "\r\n"; - $public = pack('Na*Na*Na*', - strlen('ssh-rsa'), 'ssh-rsa', strlen($raw['publicExponent']), $raw['publicExponent'], strlen($raw['modulus']), $raw['modulus'] - ); - $source = pack('Na*Na*Na*Na*', - strlen('ssh-rsa'), 'ssh-rsa', strlen($encryption), $encryption, - strlen($this->comment), $this->comment, strlen($public), $public - ); - $public = base64_encode($public); - $key.= "Public-Lines: " . ((strlen($public) + 32) >> 6) . "\r\n"; - $key.= chunk_split($public, 64); - $private = pack('Na*Na*Na*Na*', - strlen($raw['privateExponent']), $raw['privateExponent'], strlen($raw['prime1']), $raw['prime1'], - strlen($raw['prime2']), $raw['prime2'], strlen($raw['coefficient']), $raw['coefficient'] - ); - if (empty($this->password) && !is_string($this->password)) { - $source.= pack('Na*', strlen($private), $private); - $hashkey = 'putty-private-key-file-mac-key'; - } else { - $private.= crypt_random_string(16 - (strlen($private) & 15)); - $source.= pack('Na*', strlen($private), $private); - if (!class_exists('Crypt_AES')) { - require_once('Crypt/AES.php'); - } - $sequence = 0; - $symkey = ''; - while (strlen($symkey) < 32) { - $temp = pack('Na*', $sequence++, $this->password); - $symkey.= pack('H*', sha1($temp)); - } - $symkey = substr($symkey, 0, 32); - $crypto = new Crypt_AES(); - - $crypto->setKey($symkey); - $crypto->disablePadding(); - $private = $crypto->encrypt($private); - $hashkey = 'putty-private-key-file-mac-key' . $this->password; - } - - $private = base64_encode($private); - $key.= 'Private-Lines: ' . ((strlen($private) + 32) >> 6) . "\r\n"; - $key.= chunk_split($private, 64); - if (!class_exists('Crypt_Hash')) { - require_once('Crypt/Hash.php'); - } - $hash = new Crypt_Hash('sha1'); - $hash->setKey(pack('H*', sha1($hashkey))); - $key.= 'Private-MAC: ' . bin2hex($hash->hash($source)) . "\r\n"; - - return $key; - default: // eg. CRYPT_RSA_PRIVATE_FORMAT_PKCS1 - $components = array(); - foreach ($raw as $name => $value) { - $components[$name] = pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($value)), $value); - } - - $RSAPrivateKey = implode('', $components); - - if ($num_primes > 2) { - $OtherPrimeInfos = ''; - for ($i = 3; $i <= $num_primes; $i++) { - // OtherPrimeInfos ::= SEQUENCE SIZE(1..MAX) OF OtherPrimeInfo - // - // OtherPrimeInfo ::= SEQUENCE { - // prime INTEGER, -- ri - // exponent INTEGER, -- di - // coefficient INTEGER -- ti - // } - $OtherPrimeInfo = pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($primes[$i]->toBytes(true))), $primes[$i]->toBytes(true)); - $OtherPrimeInfo.= pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($exponents[$i]->toBytes(true))), $exponents[$i]->toBytes(true)); - $OtherPrimeInfo.= pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($coefficients[$i]->toBytes(true))), $coefficients[$i]->toBytes(true)); - $OtherPrimeInfos.= pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($OtherPrimeInfo)), $OtherPrimeInfo); - } - $RSAPrivateKey.= pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($OtherPrimeInfos)), $OtherPrimeInfos); - } - - $RSAPrivateKey = pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey); - - if (!empty($this->password) || is_string($this->password)) { - $iv = crypt_random_string(8); - $symkey = pack('H*', md5($this->password . $iv)); // symkey is short for symmetric key - $symkey.= substr(pack('H*', md5($symkey . $this->password . $iv)), 0, 8); - if (!class_exists('Crypt_TripleDES')) { - require_once('Crypt/TripleDES.php'); - } - $des = new Crypt_TripleDES(); - $des->setKey($symkey); - $des->setIV($iv); - $iv = strtoupper(bin2hex($iv)); - $RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" . - "Proc-Type: 4,ENCRYPTED\r\n" . - "DEK-Info: DES-EDE3-CBC,$iv\r\n" . - "\r\n" . - chunk_split(base64_encode($des->encrypt($RSAPrivateKey)), 64) . - '-----END RSA PRIVATE KEY-----'; - } else { - $RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" . - chunk_split(base64_encode($RSAPrivateKey), 64) . - '-----END RSA PRIVATE KEY-----'; - } - - return $RSAPrivateKey; + if (class_exists($fullname)) { + $meta = new \ReflectionClass($path); + $shortname = $meta->getShortName(); + self::$fileFormats[strtolower($shortname)] = $fullname; + self::$origFileFormats[] = $shortname; } } /** - * Convert a public key to the appropriate format - * - * @access private - * @see setPublicKeyFormat() - * @param String $RSAPrivateKey - * @return String - */ - function _convertPublicKey($n, $e) - { - $modulus = $n->toBytes(true); - $publicExponent = $e->toBytes(true); - - switch ($this->publicKeyFormat) { - case CRYPT_RSA_PUBLIC_FORMAT_RAW: - return array('e' => $e->copy(), 'n' => $n->copy()); - case CRYPT_RSA_PUBLIC_FORMAT_XML: - return "\r\n" . - ' ' . base64_encode($modulus) . "\r\n" . - ' ' . base64_encode($publicExponent) . "\r\n" . - ''; - break; - case CRYPT_RSA_PUBLIC_FORMAT_OPENSSH: - // from : - // string "ssh-rsa" - // mpint e - // mpint n - $RSAPublicKey = pack('Na*Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($publicExponent), $publicExponent, strlen($modulus), $modulus); - $RSAPublicKey = 'ssh-rsa ' . base64_encode($RSAPublicKey) . ' ' . $this->comment; - - return $RSAPublicKey; - default: // eg. CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW or CRYPT_RSA_PUBLIC_FORMAT_PKCS1 - // from : - // RSAPublicKey ::= SEQUENCE { - // modulus INTEGER, -- n - // publicExponent INTEGER -- e - // } - $components = array( - 'modulus' => pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($modulus)), $modulus), - 'publicExponent' => pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($publicExponent)), $publicExponent) - ); - - $RSAPublicKey = pack('Ca*a*a*', - CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($components['modulus']) + strlen($components['publicExponent'])), - $components['modulus'], $components['publicExponent'] - ); - - if ($this->publicKeyFormat == CRYPT_RSA_PUBLIC_FORMAT_PKCS1) { - // sequence(oid(1.2.840.113549.1.1.1), null)) = rsaEncryption. - $rsaOID = pack('H*', '300d06092a864886f70d0101010500'); // hex version of MA0GCSqGSIb3DQEBAQUA - $RSAPublicKey = chr(0) . $RSAPublicKey; - $RSAPublicKey = chr(3) . $this->_encodeLength(strlen($RSAPublicKey)) . $RSAPublicKey; - - $RSAPublicKey = pack('Ca*a*', - CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($rsaOID . $RSAPublicKey)), $rsaOID . $RSAPublicKey - ); - } - - $RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" . - chunk_split(base64_encode($RSAPublicKey), 64) . - '-----END PUBLIC KEY-----'; - - return $RSAPublicKey; - } - } - - /** - * Break a public or private key down into its constituant components - * - * @access private - * @see _convertPublicKey() - * @see _convertPrivateKey() - * @param String $key - * @param Integer $type - * @return Array - */ - function _parseKey($key, $type) - { - if ($type != CRYPT_RSA_PUBLIC_FORMAT_RAW && !is_string($key)) { - return false; - } - - switch ($type) { - case CRYPT_RSA_PUBLIC_FORMAT_RAW: - if (!is_array($key)) { - return false; - } - $components = array(); - switch (true) { - case isset($key['e']): - $components['publicExponent'] = $key['e']->copy(); - break; - case isset($key['exponent']): - $components['publicExponent'] = $key['exponent']->copy(); - break; - case isset($key['publicExponent']): - $components['publicExponent'] = $key['publicExponent']->copy(); - break; - case isset($key[0]): - $components['publicExponent'] = $key[0]->copy(); - } - switch (true) { - case isset($key['n']): - $components['modulus'] = $key['n']->copy(); - break; - case isset($key['modulo']): - $components['modulus'] = $key['modulo']->copy(); - break; - case isset($key['modulus']): - $components['modulus'] = $key['modulus']->copy(); - break; - case isset($key[1]): - $components['modulus'] = $key[1]->copy(); - } - return isset($components['modulus']) && isset($components['publicExponent']) ? $components : false; - case CRYPT_RSA_PRIVATE_FORMAT_PKCS1: - case CRYPT_RSA_PUBLIC_FORMAT_PKCS1: - /* Although PKCS#1 proposes a format that public and private keys can use, encrypting them is - "outside the scope" of PKCS#1. PKCS#1 then refers you to PKCS#12 and PKCS#15 if you're wanting to - protect private keys, however, that's not what OpenSSL* does. OpenSSL protects private keys by adding - two new "fields" to the key - DEK-Info and Proc-Type. These fields are discussed here: - - http://tools.ietf.org/html/rfc1421#section-4.6.1.1 - http://tools.ietf.org/html/rfc1421#section-4.6.1.3 - - DES-EDE3-CBC as an algorithm, however, is not discussed anywhere, near as I can tell. - DES-CBC and DES-EDE are discussed in RFC1423, however, DES-EDE3-CBC isn't, nor is its key derivation - function. As is, the definitive authority on this encoding scheme isn't the IETF but rather OpenSSL's - own implementation. ie. the implementation *is* the standard and any bugs that may exist in that - implementation are part of the standard, as well. - - * OpenSSL is the de facto standard. It's utilized by OpenSSH and other projects */ - if (preg_match('#DEK-Info: (.+),(.+)#', $key, $matches)) { - $iv = pack('H*', trim($matches[2])); - $symkey = pack('H*', md5($this->password . substr($iv, 0, 8))); // symkey is short for symmetric key - $symkey.= pack('H*', md5($symkey . $this->password . substr($iv, 0, 8))); - $ciphertext = preg_replace('#.+(\r|\n|\r\n)\1|[\r\n]|-.+-| #s', '', $key); - $ciphertext = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $ciphertext) ? base64_decode($ciphertext) : false; - if ($ciphertext === false) { - $ciphertext = $key; - } - switch ($matches[1]) { - case 'AES-256-CBC': - if (!class_exists('Crypt_AES')) { - require_once('Crypt/AES.php'); - } - $crypto = new Crypt_AES(); - break; - case 'AES-128-CBC': - if (!class_exists('Crypt_AES')) { - require_once('Crypt/AES.php'); - } - $symkey = substr($symkey, 0, 16); - $crypto = new Crypt_AES(); - break; - case 'DES-EDE3-CFB': - if (!class_exists('Crypt_TripleDES')) { - require_once('Crypt/TripleDES.php'); - } - $crypto = new Crypt_TripleDES(CRYPT_DES_MODE_CFB); - break; - case 'DES-EDE3-CBC': - if (!class_exists('Crypt_TripleDES')) { - require_once('Crypt/TripleDES.php'); - } - $symkey = substr($symkey, 0, 24); - $crypto = new Crypt_TripleDES(); - break; - case 'DES-CBC': - if (!class_exists('Crypt_DES')) { - require_once('Crypt/DES.php'); - } - $crypto = new Crypt_DES(); - break; - default: - return false; - } - $crypto->setKey($symkey); - $crypto->setIV($iv); - $decoded = $crypto->decrypt($ciphertext); - } else { - $decoded = preg_replace('#-.+-|[\r\n]| #', '', $key); - $decoded = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $decoded) ? base64_decode($decoded) : false; - } - - if ($decoded !== false) { - $key = $decoded; - } - - $components = array(); - - if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) { - return false; - } - if ($this->_decodeLength($key) != strlen($key)) { - return false; - } - - $tag = ord($this->_string_shift($key)); - /* intended for keys for which OpenSSL's asn1parse returns the following: - - 0:d=0 hl=4 l= 631 cons: SEQUENCE - 4:d=1 hl=2 l= 1 prim: INTEGER :00 - 7:d=1 hl=2 l= 13 cons: SEQUENCE - 9:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption - 20:d=2 hl=2 l= 0 prim: NULL - 22:d=1 hl=4 l= 609 prim: OCTET STRING */ - - if ($tag == CRYPT_RSA_ASN1_INTEGER && substr($key, 0, 3) == "\x01\x00\x30") { - $this->_string_shift($key, 3); - $tag = CRYPT_RSA_ASN1_SEQUENCE; - } - - if ($tag == CRYPT_RSA_ASN1_SEQUENCE) { - /* intended for keys for which OpenSSL's asn1parse returns the following: - - 0:d=0 hl=4 l= 290 cons: SEQUENCE - 4:d=1 hl=2 l= 13 cons: SEQUENCE - 6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption - 17:d=2 hl=2 l= 0 prim: NULL - 19:d=1 hl=4 l= 271 prim: BIT STRING */ - $this->_string_shift($key, $this->_decodeLength($key)); - $tag = ord($this->_string_shift($key)); // skip over the BIT STRING / OCTET STRING tag - $this->_decodeLength($key); // skip over the BIT STRING / OCTET STRING length - // "The initial octet shall encode, as an unsigned binary integer wtih bit 1 as the least significant bit, the number of - // unused bits in the final subsequent octet. The number shall be in the range zero to seven." - // -- http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf (section 8.6.2.2) - if ($tag == CRYPT_RSA_ASN1_BITSTRING) { - $this->_string_shift($key); - } - if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) { - return false; - } - if ($this->_decodeLength($key) != strlen($key)) { - return false; - } - $tag = ord($this->_string_shift($key)); - } - if ($tag != CRYPT_RSA_ASN1_INTEGER) { - return false; - } - - $length = $this->_decodeLength($key); - $temp = $this->_string_shift($key, $length); - if (strlen($temp) != 1 || ord($temp) > 2) { - $components['modulus'] = new Math_BigInteger($temp, 256); - $this->_string_shift($key); // skip over CRYPT_RSA_ASN1_INTEGER - $length = $this->_decodeLength($key); - $components[$type == CRYPT_RSA_PUBLIC_FORMAT_PKCS1 ? 'publicExponent' : 'privateExponent'] = new Math_BigInteger($this->_string_shift($key, $length), 256); - - return $components; - } - if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_INTEGER) { - return false; - } - $length = $this->_decodeLength($key); - $components['modulus'] = new Math_BigInteger($this->_string_shift($key, $length), 256); - $this->_string_shift($key); - $length = $this->_decodeLength($key); - $components['publicExponent'] = new Math_BigInteger($this->_string_shift($key, $length), 256); - $this->_string_shift($key); - $length = $this->_decodeLength($key); - $components['privateExponent'] = new Math_BigInteger($this->_string_shift($key, $length), 256); - $this->_string_shift($key); - $length = $this->_decodeLength($key); - $components['primes'] = array(1 => new Math_BigInteger($this->_string_shift($key, $length), 256)); - $this->_string_shift($key); - $length = $this->_decodeLength($key); - $components['primes'][] = new Math_BigInteger($this->_string_shift($key, $length), 256); - $this->_string_shift($key); - $length = $this->_decodeLength($key); - $components['exponents'] = array(1 => new Math_BigInteger($this->_string_shift($key, $length), 256)); - $this->_string_shift($key); - $length = $this->_decodeLength($key); - $components['exponents'][] = new Math_BigInteger($this->_string_shift($key, $length), 256); - $this->_string_shift($key); - $length = $this->_decodeLength($key); - $components['coefficients'] = array(2 => new Math_BigInteger($this->_string_shift($key, $length), 256)); - - if (!empty($key)) { - if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) { - return false; - } - $this->_decodeLength($key); - while (!empty($key)) { - if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) { - return false; - } - $this->_decodeLength($key); - $key = substr($key, 1); - $length = $this->_decodeLength($key); - $components['primes'][] = new Math_BigInteger($this->_string_shift($key, $length), 256); - $this->_string_shift($key); - $length = $this->_decodeLength($key); - $components['exponents'][] = new Math_BigInteger($this->_string_shift($key, $length), 256); - $this->_string_shift($key); - $length = $this->_decodeLength($key); - $components['coefficients'][] = new Math_BigInteger($this->_string_shift($key, $length), 256); - } - } - - return $components; - case CRYPT_RSA_PUBLIC_FORMAT_OPENSSH: - $parts = explode(' ', $key, 3); - - $key = isset($parts[1]) ? base64_decode($parts[1]) : false; - if ($key === false) { - return false; - } - - $comment = isset($parts[2]) ? $parts[2] : false; - - $cleanup = substr($key, 0, 11) == "\0\0\0\7ssh-rsa"; - - if (strlen($key) <= 4) { - return false; - } - extract(unpack('Nlength', $this->_string_shift($key, 4))); - $publicExponent = new Math_BigInteger($this->_string_shift($key, $length), -256); - if (strlen($key) <= 4) { - return false; - } - extract(unpack('Nlength', $this->_string_shift($key, 4))); - $modulus = new Math_BigInteger($this->_string_shift($key, $length), -256); - - if ($cleanup && strlen($key)) { - if (strlen($key) <= 4) { - return false; - } - extract(unpack('Nlength', $this->_string_shift($key, 4))); - $realModulus = new Math_BigInteger($this->_string_shift($key, $length), -256); - return strlen($key) ? false : array( - 'modulus' => $realModulus, - 'publicExponent' => $modulus, - 'comment' => $comment - ); - } else { - return strlen($key) ? false : array( - 'modulus' => $modulus, - 'publicExponent' => $publicExponent, - 'comment' => $comment - ); - } - // http://www.w3.org/TR/xmldsig-core/#sec-RSAKeyValue - // http://en.wikipedia.org/wiki/XML_Signature - case CRYPT_RSA_PRIVATE_FORMAT_XML: - case CRYPT_RSA_PUBLIC_FORMAT_XML: - $this->components = array(); - - $xml = xml_parser_create('UTF-8'); - xml_set_object($xml, $this); - xml_set_element_handler($xml, '_start_element_handler', '_stop_element_handler'); - xml_set_character_data_handler($xml, '_data_handler'); - // add to account for "dangling" tags like ... that are sometimes added - if (!xml_parse($xml, '' . $key . '')) { - return false; - } - - return isset($this->components['modulus']) && isset($this->components['publicExponent']) ? $this->components : false; - // from PuTTY's SSHPUBK.C - case CRYPT_RSA_PRIVATE_FORMAT_PUTTY: - $components = array(); - $key = preg_split('#\r\n|\r|\n#', $key); - $type = trim(preg_replace('#PuTTY-User-Key-File-2: (.+)#', '$1', $key[0])); - if ($type != 'ssh-rsa') { - return false; - } - $encryption = trim(preg_replace('#Encryption: (.+)#', '$1', $key[1])); - $comment = trim(preg_replace('#Comment: (.+)#', '$1', $key[2])); - - $publicLength = trim(preg_replace('#Public-Lines: (\d+)#', '$1', $key[3])); - $public = base64_decode(implode('', array_map('trim', array_slice($key, 4, $publicLength)))); - $public = substr($public, 11); - extract(unpack('Nlength', $this->_string_shift($public, 4))); - $components['publicExponent'] = new Math_BigInteger($this->_string_shift($public, $length), -256); - extract(unpack('Nlength', $this->_string_shift($public, 4))); - $components['modulus'] = new Math_BigInteger($this->_string_shift($public, $length), -256); - - $privateLength = trim(preg_replace('#Private-Lines: (\d+)#', '$1', $key[$publicLength + 4])); - $private = base64_decode(implode('', array_map('trim', array_slice($key, $publicLength + 5, $privateLength)))); - - switch ($encryption) { - case 'aes256-cbc': - if (!class_exists('Crypt_AES')) { - require_once('Crypt/AES.php'); - } - $symkey = ''; - $sequence = 0; - while (strlen($symkey) < 32) { - $temp = pack('Na*', $sequence++, $this->password); - $symkey.= pack('H*', sha1($temp)); - } - $symkey = substr($symkey, 0, 32); - $crypto = new Crypt_AES(); - } - - if ($encryption != 'none') { - $crypto->setKey($symkey); - $crypto->disablePadding(); - $private = $crypto->decrypt($private); - if ($private === false) { - return false; - } - } - - extract(unpack('Nlength', $this->_string_shift($private, 4))); - if (strlen($private) < $length) { - return false; - } - $components['privateExponent'] = new Math_BigInteger($this->_string_shift($private, $length), -256); - extract(unpack('Nlength', $this->_string_shift($private, 4))); - if (strlen($private) < $length) { - return false; - } - $components['primes'] = array(1 => new Math_BigInteger($this->_string_shift($private, $length), -256)); - extract(unpack('Nlength', $this->_string_shift($private, 4))); - if (strlen($private) < $length) { - return false; - } - $components['primes'][] = new Math_BigInteger($this->_string_shift($private, $length), -256); - - $temp = $components['primes'][1]->subtract($this->one); - $components['exponents'] = array(1 => $components['publicExponent']->modInverse($temp)); - $temp = $components['primes'][2]->subtract($this->one); - $components['exponents'][] = $components['publicExponent']->modInverse($temp); - - extract(unpack('Nlength', $this->_string_shift($private, 4))); - if (strlen($private) < $length) { - return false; - } - $components['coefficients'] = array(2 => new Math_BigInteger($this->_string_shift($private, $length), -256)); - - return $components; - } - } - - /** - * Returns the key size - * - * More specifically, this returns the size of the modulo in bits. + * Returns a list of supported formats. * * @access public - * @return Integer + * @return array */ - function getSize() + static function getSupportedFormats() { - return !isset($this->modulus) ? 0 : strlen($this->modulus->toBits()); - } + self::_initialize_static_variables(); - /** - * Start Element Handler - * - * Called by xml_set_element_handler() - * - * @access private - * @param Resource $parser - * @param String $name - * @param Array $attribs - */ - function _start_element_handler($parser, $name, $attribs) - { - //$name = strtoupper($name); - switch ($name) { - case 'MODULUS': - $this->current = &$this->components['modulus']; - break; - case 'EXPONENT': - $this->current = &$this->components['publicExponent']; - break; - case 'P': - $this->current = &$this->components['primes'][1]; - break; - case 'Q': - $this->current = &$this->components['primes'][2]; - break; - case 'DP': - $this->current = &$this->components['exponents'][1]; - break; - case 'DQ': - $this->current = &$this->components['exponents'][2]; - break; - case 'INVERSEQ': - $this->current = &$this->components['coefficients'][2]; - break; - case 'D': - $this->current = &$this->components['privateExponent']; - } - $this->current = ''; - } - - /** - * Stop Element Handler - * - * Called by xml_set_element_handler() - * - * @access private - * @param Resource $parser - * @param String $name - */ - function _stop_element_handler($parser, $name) - { - //$name = strtoupper($name); - if ($name == 'RSAKEYVALUE') { - return; - } - $this->current = new Math_BigInteger(base64_decode($this->current), 256); - unset($this->current); - } - - /** - * Data Handler - * - * Called by xml_set_character_data_handler() - * - * @access private - * @param Resource $parser - * @param String $data - */ - function _data_handler($parser, $data) - { - if (!isset($this->current) || is_object($this->current)) { - return; - } - $this->current.= trim($data); + return self::$origFileFormats; } /** @@ -1388,37 +648,85 @@ class Crypt_RSA { * Returns true on success and false on failure (ie. an incorrect password was provided or the key was malformed) * * @access public - * @param String $key - * @param Integer $type optional + * @param string $key + * @param int $type optional */ - function loadKey($key, $type = false) + function load($key, $type = false) { + if ($key instanceof RSA) { + $this->privateKeyFormat = $key->privateKeyFormat; + $this->publicKeyFormat = $key->publicKeyFormat; + $this->k = $key->k; + $this->hLen = $key->hLen; + $this->sLen = $key->sLen; + $this->mgfHLen = $key->mgfHLen; + $this->password = $key->password; + + if (is_object($key->hash)) { + $this->hash = new Hash($key->hash->getHash()); + } + if (is_object($key->mgfHash)) { + $this->mgfHash = new Hash($key->mgfHash->getHash()); + } + + if (is_object($key->modulus)) { + $this->modulus = clone $key->modulus; + } + if (is_object($key->exponent)) { + $this->exponent = clone $key->exponent; + } + if (is_object($key->publicExponent)) { + $this->publicExponent = clone $key->publicExponent; + } + + $this->primes = array(); + $this->exponents = array(); + $this->coefficients = array(); + + foreach ($this->primes as $prime) { + $this->primes[] = clone $prime; + } + foreach ($this->exponents as $exponent) { + $this->exponents[] = clone $exponent; + } + foreach ($this->coefficients as $coefficient) { + $this->coefficients[] = clone $coefficient; + } + + return true; + } + + $components = false; if ($type === false) { - $types = array( - CRYPT_RSA_PUBLIC_FORMAT_RAW, - CRYPT_RSA_PRIVATE_FORMAT_PKCS1, - CRYPT_RSA_PRIVATE_FORMAT_XML, - CRYPT_RSA_PRIVATE_FORMAT_PUTTY, - CRYPT_RSA_PUBLIC_FORMAT_OPENSSH - ); - foreach ($types as $type) { - $components = $this->_parseKey($key, $type); + foreach (self::$fileFormats as $format) { + try { + $components = $format::load($key, $this->password); + } catch (\Exception $e) { + $components = false; + } if ($components !== false) { break; } } - } else { - $components = $this->_parseKey($key, $type); + $format = strtolower($type); + if (isset(self::$fileFormats[$format])) { + $format = self::$fileFormats[$format]; + try { + $components = $format::load($key, $this->password); + } catch (\Exception $e) { + $components = false; + } + } } if ($components === false) { + $this->format = false; return false; } - if (isset($components['comment']) && $components['comment'] !== false) { - $this->comment = $components['comment']; - } + $this->format = $format; + $this->modulus = $components['modulus']; $this->k = strlen($this->modulus->toBytes()); $this->exponent = isset($components['privateExponent']) ? $components['privateExponent'] : $components['publicExponent']; @@ -1434,19 +742,88 @@ class Crypt_RSA { $this->publicExponent = false; } + if ($components['isPublicKey']) { + $this->setPublicKey(); + } + return true; } + /** + * Returns the format of the loaded key. + * + * If the key that was loaded wasn't in a valid or if the key was auto-generated + * with RSA::createKey() then this will return false. + * + * @see self::load() + * @access public + * @return mixed + */ + function getLoadedFormat() + { + if ($this->format === false) { + return false; + } + + $meta = new \ReflectionClass($this->format); + return $meta->getShortName(); + } + + /** + * Returns the private key + * + * The private key is only returned if the currently loaded key contains the constituent prime numbers. + * + * @see self::getPublicKey() + * @access public + * @param string $type optional + * @return mixed + */ + function getPrivateKey($type = 'PKCS1') + { + $type = strtolower($type); + if (!isset(self::$fileFormats[$type])) { + return false; + } + $type = self::$fileFormats[$type]; + if (!method_exists($type, 'savePrivateKey')) { + return false; + } + + if (empty($this->primes)) { + return false; + } + + $oldFormat = $this->privateKeyFormat; + $this->privateKeyFormat = $type; + $temp = $type::savePrivateKey($this->modulus, $this->publicExponent, $this->exponent, $this->primes, $this->exponents, $this->coefficients, $this->password); + $this->privateKeyFormat = $oldFormat; + return $temp; + } + + /** + * Returns the key size + * + * More specifically, this returns the size of the modulo in bits. + * + * @access public + * @return int + */ + function getSize() + { + return !isset($this->modulus) ? 0 : strlen($this->modulus->toBits()); + } + /** * Sets the password * * Private keys can be encrypted with a password. To unset the password, pass in the empty string or false. * Or rather, pass in $password such that empty($password) && !is_string($password) is true. * - * @see createKey() - * @see loadKey() + * @see self::createKey() + * @see self::load() * @access public - * @param String $password + * @param string $password */ function setPassword($password = false) { @@ -1460,46 +837,66 @@ class Crypt_RSA { * used in certain contexts. For example, in SSH-2, RSA authentication works by sending the public key along with a * message signed by the private key to the server. The SSH-2 server looks the public key up in an index of public keys * and if it's present then proceeds to verify the signature. Problem is, if your private key doesn't include the public - * exponent this won't work unless you manually add the public exponent. + * exponent this won't work unless you manually add the public exponent. phpseclib tries to guess if the key being used + * is the public key but in the event that it guesses incorrectly you might still want to explicitly set the key as being + * public. * * Do note that when a new key is loaded the index will be cleared. * * Returns true on success, false on failure * - * @see getPublicKey() + * @see self::getPublicKey() * @access public - * @param String $key optional - * @param Integer $type optional - * @return Boolean + * @param string $key optional + * @param int $type optional + * @return bool */ function setPublicKey($key = false, $type = false) { + // if a public key has already been loaded return false + if (!empty($this->publicExponent)) { + return false; + } + if ($key === false && !empty($this->modulus)) { $this->publicExponent = $this->exponent; return true; } + $components = false; if ($type === false) { - $types = array( - CRYPT_RSA_PUBLIC_FORMAT_RAW, - CRYPT_RSA_PUBLIC_FORMAT_PKCS1, - CRYPT_RSA_PUBLIC_FORMAT_XML, - CRYPT_RSA_PUBLIC_FORMAT_OPENSSH - ); - foreach ($types as $type) { - $components = $this->_parseKey($key, $type); + foreach (self::$fileFormats as $format) { + if (!method_exists($format, 'savePublicKey')) { + continue; + } + try { + $components = $format::load($key, $this->password); + } catch (\Exception $e) { + $components = false; + } if ($components !== false) { break; } } } else { - $components = $this->_parseKey($key, $type); + $format = strtolower($type); + if (isset(self::$fileFormats[$format])) { + $format = self::$fileFormats[$format]; + try { + $components = $format::load($key, $this->password); + } catch (\Exception $e) { + $components = false; + } + } } if ($components === false) { + $this->format = false; return false; } + $this->format = $format; + if (empty($this->modulus) || !$this->modulus->equals($components['modulus'])) { $this->modulus = $components['modulus']; $this->exponent = $this->publicExponent = $components['publicExponent']; @@ -1511,6 +908,40 @@ class Crypt_RSA { return true; } + /** + * Defines the private key + * + * If phpseclib guessed a private key was a public key and loaded it as such it might be desirable to force + * phpseclib to treat the key as a private key. This function will do that. + * + * Do note that when a new key is loaded the index will be cleared. + * + * Returns true on success, false on failure + * + * @see self::getPublicKey() + * @access public + * @param string $key optional + * @param int $type optional + * @return bool + */ + function setPrivateKey($key = false, $type = false) + { + if ($key === false && !empty($this->publicExponent)) { + $this->publicExponent = false; + return true; + } + + $rsa = new RSA(); + if (!$rsa->load($key, $type)) { + return false; + } + $rsa->publicExponent = false; + + // don't overwrite the old key if the new key is invalid + $this->load($rsa); + return true; + } + /** * Returns the public key * @@ -1518,45 +949,66 @@ class Crypt_RSA { * or if the public key was set via setPublicKey(). If the currently loaded key is supposed to be the public key this * function won't return it since this library, for the most part, doesn't distinguish between public and private keys. * - * @see getPublicKey() + * @see self::getPrivateKey() * @access public - * @param String $key - * @param Integer $type optional + * @param string $type optional + * @return mixed */ - function getPublicKey($type = CRYPT_RSA_PUBLIC_FORMAT_PKCS1) + function getPublicKey($type = 'PKCS8') { + $type = strtolower($type); + if (!isset(self::$fileFormats[$type])) { + return false; + } + $type = self::$fileFormats[$type]; + if (!method_exists($type, 'savePublicKey')) { + return false; + } + if (empty($this->modulus) || empty($this->publicExponent)) { return false; } $oldFormat = $this->publicKeyFormat; $this->publicKeyFormat = $type; - $temp = $this->_convertPublicKey($this->modulus, $this->publicExponent); + $temp = $type::savePublicKey($this->modulus, $this->publicExponent); $this->publicKeyFormat = $oldFormat; return $temp; } /** - * Returns the private key + * Returns the public key's fingerprint * - * The private key is only returned if the currently loaded key contains the constituent prime numbers. + * The public key's fingerprint is returned, which is equivalent to running `ssh-keygen -lf rsa.pub`. If there is + * no public key currently loaded, false is returned. + * Example output (md5): "c1:b1:30:29:d7:b8:de:6c:97:77:10:d7:46:41:63:87" (as specified by RFC 4716) * - * @see getPublicKey() * @access public - * @param String $key - * @param Integer $type optional + * @param string $algorithm The hashing algorithm to be used. Valid options are 'md5' and 'sha256'. False is returned + * for invalid values. + * @return mixed */ - function getPrivateKey($type = CRYPT_RSA_PUBLIC_FORMAT_PKCS1) + function getPublicKeyFingerprint($algorithm = 'md5') { - if (empty($this->primes)) { + if (empty($this->modulus) || empty($this->publicExponent)) { return false; } - $oldFormat = $this->privateKeyFormat; - $this->privateKeyFormat = $type; - $temp = $this->_convertPrivateKey($this->modulus, $this->publicExponent, $this->exponent, $this->primes, $this->exponents, $this->coefficients); - $this->privateKeyFormat = $oldFormat; - return $temp; + $modulus = $this->modulus->toBytes(true); + $publicExponent = $this->publicExponent->toBytes(true); + + $RSAPublicKey = pack('Na*Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($publicExponent), $publicExponent, strlen($modulus), $modulus); + + switch ($algorithm) { + case 'sha256': + $hash = new Hash('sha256'); + $base = Base64::encode($hash->hash($RSAPublicKey)); + return substr($base, 0, strlen($base) - 1); + case 'md5': + return substr(chunk_split(md5($RSAPublicKey), 2, ':'), 0, -1); + default: + return false; + } } /** @@ -1565,47 +1017,71 @@ class Crypt_RSA { * Returns the private key without the prime number constituants. Structurally identical to a public key that * hasn't been set as the public key * - * @see getPrivateKey() + * @see self::getPrivateKey() * @access private - * @param String $key - * @param Integer $type optional + * @param string $type optional + * @return mixed */ - function _getPrivatePublicKey($mode = CRYPT_RSA_PUBLIC_FORMAT_PKCS1) + function _getPrivatePublicKey($type = 'PKCS8') { + $type = strtolower($type); + if (!isset(self::$fileFormats[$type])) { + return false; + } + $type = self::$fileFormats[$type]; + if (!method_exists($type, 'savePublicKey')) { + return false; + } + if (empty($this->modulus) || empty($this->exponent)) { return false; } $oldFormat = $this->publicKeyFormat; - $this->publicKeyFormat = $mode; - $temp = $this->_convertPublicKey($this->modulus, $this->exponent); + $this->publicKeyFormat = $type; + $temp = $type::savePublicKey($this->modulus, $this->exponent); $this->publicKeyFormat = $oldFormat; return $temp; } + /** - * __toString() magic method + * __toString() magic method * * @access public + * @return string */ function __toString() { $key = $this->getPrivateKey($this->privateKeyFormat); - if ($key !== false) { + if (is_string($key)) { return $key; } $key = $this->_getPrivatePublicKey($this->publicKeyFormat); - return $key !== false ? $key : ''; + return is_string($key) ? $key : ''; + } + + /** + * __clone() magic method + * + * @access public + * @return \phpseclib\Crypt\RSA + */ + function __clone() + { + $key = new RSA(); + $key->load($this); + return $key; } /** * Generates the smallest and largest numbers requiring $bits bits * * @access private - * @param Integer $bits - * @return Array + * @param int $bits + * @return array */ - function _generateMinMax($bits) + static function _generateMinMax($bits) { $bytes = $bits >> 3; $min = str_repeat(chr(0), $bytes); @@ -1619,8 +1095,8 @@ class Crypt_RSA { } return array( - 'min' => new Math_BigInteger($min, 256), - 'max' => new Math_BigInteger($max, 256) + 'min' => new BigInteger($min, 256), + 'max' => new BigInteger($max, 256) ); } @@ -1631,13 +1107,13 @@ class Crypt_RSA { * {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information. * * @access private - * @param String $string - * @return Integer + * @param string $string + * @return int */ function _decodeLength(&$string) { $length = ord($this->_string_shift($string)); - if ( $length & 0x80 ) { // definite length, long form + if ($length & 0x80) { // definite length, long form $length&= 0x7F; $temp = $this->_string_shift($string, $length); list(, $length) = unpack('N', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4)); @@ -1652,8 +1128,8 @@ class Crypt_RSA { * {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information. * * @access private - * @param Integer $length - * @return String + * @param int $length + * @return string */ function _encodeLength($length) { @@ -1670,9 +1146,9 @@ class Crypt_RSA { * * Inspired by array_shift * - * @param String $string - * @param optional Integer $index - * @return String + * @param string $string + * @param int $index + * @return string * @access private */ function _string_shift(&$string, $index = 1) @@ -1685,9 +1161,9 @@ class Crypt_RSA { /** * Determines the private key format * - * @see createKey() + * @see self::createKey() * @access public - * @param Integer $format + * @param int $format */ function setPrivateKeyFormat($format) { @@ -1697,9 +1173,9 @@ class Crypt_RSA { /** * Determines the public key format * - * @see createKey() + * @see self::createKey() * @access public - * @param Integer $format + * @param int $format */ function setPublicKeyFormat($format) { @@ -1709,15 +1185,15 @@ class Crypt_RSA { /** * Determines which hashing function should be used * - * Used with signature production / verification and (if the encryption mode is CRYPT_RSA_ENCRYPTION_OAEP) encryption and - * decryption. If $hash isn't supported, sha1 is used. + * Used with signature production / verification and (if the encryption mode is self::PADDING_OAEP) encryption and + * decryption. If $hash isn't supported, sha256 is used. * * @access public - * @param String $hash + * @param string $hash */ function setHash($hash) { - // Crypt_Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example. + // \phpseclib\Crypt\Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example. switch ($hash) { case 'md2': case 'md5': @@ -1725,12 +1201,15 @@ class Crypt_RSA { case 'sha256': case 'sha384': case 'sha512': - $this->hash = new Crypt_Hash($hash); + case 'sha224': + case 'sha512/224': + case 'sha512/256': + $this->hash = new Hash($hash); $this->hashName = $hash; break; default: - $this->hash = new Crypt_Hash('sha1'); - $this->hashName = 'sha1'; + $this->hash = new Hash('sha256'); + $this->hashName = 'sha256'; } $this->hLen = $this->hash->getLength(); } @@ -1738,15 +1217,15 @@ class Crypt_RSA { /** * Determines which hashing function should be used for the mask generation function * - * The mask generation function is used by CRYPT_RSA_ENCRYPTION_OAEP and CRYPT_RSA_SIGNATURE_PSS and although it's + * The mask generation function is used by self::PADDING_OAEP and self::PADDING_PSS and although it's * best if Hash and MGFHash are set to the same thing this is not a requirement. * * @access public - * @param String $hash + * @param string $hash */ function setMGFHash($hash) { - // Crypt_Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example. + // \phpseclib\Crypt\Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example. switch ($hash) { case 'md2': case 'md5': @@ -1754,10 +1233,13 @@ class Crypt_RSA { case 'sha256': case 'sha384': case 'sha512': - $this->mgfHash = new Crypt_Hash($hash); + case 'sha224': + case 'sha512/224': + case 'sha512/256': + $this->mgfHash = new Hash($hash); break; default: - $this->mgfHash = new Crypt_Hash('sha1'); + $this->mgfHash = new Hash('sha256'); } $this->mgfHLen = $this->mgfHash->getLength(); } @@ -1771,7 +1253,7 @@ class Crypt_RSA { * of the hash function Hash) and 0. * * @access public - * @param Integer $format + * @param int $format */ function setSaltLength($sLen) { @@ -1784,15 +1266,17 @@ class Crypt_RSA { * See {@link http://tools.ietf.org/html/rfc3447#section-4.1 RFC3447#section-4.1}. * * @access private - * @param Math_BigInteger $x - * @param Integer $xLen - * @return String + * @param bool|\phpseclib\Math\BigInteger $x + * @param int $xLen + * @return bool|string */ function _i2osp($x, $xLen) { + if ($x === false) { + return false; + } $x = $x->toBytes(); if (strlen($x) > $xLen) { - user_error('Integer too large'); return false; } return str_pad($x, $xLen, chr(0), STR_PAD_LEFT); @@ -1804,12 +1288,12 @@ class Crypt_RSA { * See {@link http://tools.ietf.org/html/rfc3447#section-4.2 RFC3447#section-4.2}. * * @access private - * @param String $x - * @return Math_BigInteger + * @param string $x + * @return \phpseclib\Math\BigInteger */ function _os2ip($x) { - return new Math_BigInteger($x, 256); + return new BigInteger($x, 256); } /** @@ -1818,13 +1302,19 @@ class Crypt_RSA { * See {@link http://tools.ietf.org/html/rfc3447#section-5.1.1 RFC3447#section-5.1.2}. * * @access private - * @param Math_BigInteger $x - * @return Math_BigInteger + * @param \phpseclib\Math\BigInteger $x + * @return \phpseclib\Math\BigInteger */ function _exponentiate($x) { - if (empty($this->primes) || empty($this->coefficients) || empty($this->exponents)) { - return $x->modPow($this->exponent, $this->modulus); + switch (true) { + case empty($this->primes): + case $this->primes[1]->equals(self::$zero): + case empty($this->coefficients): + case $this->coefficients[2]->equals(self::$zero): + case empty($this->exponents): + case $this->exponents[1]->equals(self::$zero): + return $x->modPow($this->exponent, $this->modulus); } $num_primes = count($this->primes); @@ -1859,9 +1349,7 @@ class Crypt_RSA { } } - $one = new Math_BigInteger(1); - - $r = $one->random($one, $smallest->subtract($one)); + $r = BigInteger::random(self::$one, $smallest->subtract(self::$one)); $m_i = array( 1 => $this->_blind($x, $r, 1), @@ -1896,10 +1384,10 @@ class Crypt_RSA { * Returns $x->modPow($this->exponents[$i], $this->primes[$i]) * * @access private - * @param Math_BigInteger $x - * @param Math_BigInteger $r - * @param Integer $i - * @return Math_BigInteger + * @param \phpseclib\Math\BigInteger $x + * @param \phpseclib\Math\BigInteger $r + * @param int $i + * @return \phpseclib\Math\BigInteger */ function _blind($x, $r, $i) { @@ -1923,9 +1411,9 @@ class Crypt_RSA { * Thanks for the heads up singpolyma! * * @access private - * @param String $x - * @param String $y - * @return Boolean + * @param string $x + * @param string $y + * @return bool */ function _equals($x, $y) { @@ -1947,13 +1435,12 @@ class Crypt_RSA { * See {@link http://tools.ietf.org/html/rfc3447#section-5.1.1 RFC3447#section-5.1.1}. * * @access private - * @param Math_BigInteger $m - * @return Math_BigInteger + * @param \phpseclib\Math\BigInteger $m + * @return bool|\phpseclib\Math\BigInteger */ function _rsaep($m) { - if ($m->compare($this->zero) < 0 || $m->compare($this->modulus) > 0) { - user_error('Message representative out of range'); + if ($m->compare(self::$zero) < 0 || $m->compare($this->modulus) > 0) { return false; } return $this->_exponentiate($m); @@ -1965,13 +1452,12 @@ class Crypt_RSA { * See {@link http://tools.ietf.org/html/rfc3447#section-5.1.2 RFC3447#section-5.1.2}. * * @access private - * @param Math_BigInteger $c - * @return Math_BigInteger + * @param \phpseclib\Math\BigInteger $c + * @return bool|\phpseclib\Math\BigInteger */ function _rsadp($c) { - if ($c->compare($this->zero) < 0 || $c->compare($this->modulus) > 0) { - user_error('Ciphertext representative out of range'); + if ($c->compare(self::$zero) < 0 || $c->compare($this->modulus) > 0) { return false; } return $this->_exponentiate($c); @@ -1983,13 +1469,12 @@ class Crypt_RSA { * See {@link http://tools.ietf.org/html/rfc3447#section-5.2.1 RFC3447#section-5.2.1}. * * @access private - * @param Math_BigInteger $m - * @return Math_BigInteger + * @param \phpseclib\Math\BigInteger $m + * @return bool|\phpseclib\Math\BigInteger */ function _rsasp1($m) { - if ($m->compare($this->zero) < 0 || $m->compare($this->modulus) > 0) { - user_error('Message representative out of range'); + if ($m->compare(self::$zero) < 0 || $m->compare($this->modulus) > 0) { return false; } return $this->_exponentiate($m); @@ -2001,13 +1486,12 @@ class Crypt_RSA { * See {@link http://tools.ietf.org/html/rfc3447#section-5.2.2 RFC3447#section-5.2.2}. * * @access private - * @param Math_BigInteger $s - * @return Math_BigInteger + * @param \phpseclib\Math\BigInteger $s + * @return bool|\phpseclib\Math\BigInteger */ function _rsavp1($s) { - if ($s->compare($this->zero) < 0 || $s->compare($this->modulus) > 0) { - user_error('Signature representative out of range'); + if ($s->compare(self::$zero) < 0 || $s->compare($this->modulus) > 0) { return false; } return $this->_exponentiate($s); @@ -2019,9 +1503,9 @@ class Crypt_RSA { * See {@link http://tools.ietf.org/html/rfc3447#appendix-B.2.1 RFC3447#appendix-B.2.1}. * * @access private - * @param String $mgfSeed - * @param Integer $mgfLen - * @return String + * @param string $mgfSeed + * @param int $mgfLen + * @return string */ function _mgf1($mgfSeed, $maskLen) { @@ -2044,9 +1528,10 @@ class Crypt_RSA { * {http://en.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding OAES}. * * @access private - * @param String $m - * @param String $l - * @return String + * @param string $m + * @param string $l + * @throws \OutOfBoundsException if strlen($m) > $this->k - 2 * $this->hLen - 2 + * @return string */ function _rsaes_oaep_encrypt($m, $l = '') { @@ -2058,8 +1543,7 @@ class Crypt_RSA { // be output. if ($mLen > $this->k - 2 * $this->hLen - 2) { - user_error('Message too long'); - return false; + throw new \OutOfBoundsException('Message too long'); } // EME-OAEP encoding @@ -2067,7 +1551,7 @@ class Crypt_RSA { $lHash = $this->hash->hash($l); $ps = str_repeat(chr(0), $this->k - $mLen - 2 * $this->hLen - 2); $db = $lHash . $ps . chr(1) . $m; - $seed = crypt_random_string($this->hLen); + $seed = Random::string($this->hLen); $dbMask = $this->_mgf1($seed, $this->k - $this->hLen - 1); $maskedDB = $db ^ $dbMask; $seedMask = $this->_mgf1($maskedDB, $this->hLen); @@ -2090,7 +1574,7 @@ class Crypt_RSA { * * See {@link http://tools.ietf.org/html/rfc3447#section-7.1.2 RFC3447#section-7.1.2}. The fact that the error * messages aren't distinguishable from one another hinders debugging, but, to quote from RFC3447#section-7.1.2: - * + * * Note. Care must be taken to ensure that an opponent cannot * distinguish the different error conditions in Step 3.g, whether by * error message or timing, or, more generally, learn partial @@ -2107,9 +1591,9 @@ class Crypt_RSA { * this document. * * @access private - * @param String $c - * @param String $l - * @return String + * @param string $c + * @param string $l + * @return bool|string */ function _rsaes_oaep_decrypt($c, $l = '') { @@ -2119,7 +1603,6 @@ class Crypt_RSA { // be output. if (strlen($c) != $this->k || $this->k < 2 * $this->hLen + 2) { - user_error('Decryption error'); return false; } @@ -2127,11 +1610,10 @@ class Crypt_RSA { $c = $this->_os2ip($c); $m = $this->_rsadp($c); - if ($m === false) { - user_error('Decryption error'); + $em = $this->_i2osp($m, $this->k); + if ($em === false) { return false; } - $em = $this->_i2osp($m, $this->k); // EME-OAEP decoding @@ -2146,12 +1628,10 @@ class Crypt_RSA { $lHash2 = substr($db, 0, $this->hLen); $m = substr($db, $this->hLen); if ($lHash != $lHash2) { - user_error('Decryption error'); return false; } $m = ltrim($m, chr(0)); if (ord($m[0]) != 1) { - user_error('Decryption error'); return false; } @@ -2160,24 +1640,46 @@ class Crypt_RSA { return substr($m, 1); } + /** + * Raw Encryption / Decryption + * + * Doesn't use padding and is not recommended. + * + * @access private + * @param string $m + * @return bool|string + * @throws \OutOfBoundsException if strlen($m) > $this->k + */ + function _raw_encrypt($m) + { + if (strlen($m) > $this->k) { + throw new \OutOfBoundsException('Message too long'); + } + + $temp = $this->_os2ip($m); + $temp = $this->_rsaep($temp); + return $this->_i2osp($temp, $this->k); + } + /** * RSAES-PKCS1-V1_5-ENCRYPT * * See {@link http://tools.ietf.org/html/rfc3447#section-7.2.1 RFC3447#section-7.2.1}. * * @access private - * @param String $m - * @return String + * @param string $m + * @param bool $pkcs15_compat optional + * @throws \OutOfBoundsException if strlen($m) > $this->k - 11 + * @return bool|string */ - function _rsaes_pkcs1_v1_5_encrypt($m) + function _rsaes_pkcs1_v1_5_encrypt($m, $pkcs15_compat = false) { $mLen = strlen($m); // Length checking if ($mLen > $this->k - 11) { - user_error('Message too long'); - return false; + throw new \OutOfBoundsException('Message too long'); } // EME-PKCS1-v1_5 encoding @@ -2185,13 +1687,13 @@ class Crypt_RSA { $psLen = $this->k - $mLen - 3; $ps = ''; while (strlen($ps) != $psLen) { - $temp = crypt_random_string($psLen - strlen($ps)); + $temp = Random::string($psLen - strlen($ps)); $temp = str_replace("\x00", '', $temp); $ps.= $temp; } $type = 2; // see the comments of _rsaes_pkcs1_v1_5_decrypt() to understand why this is being done - if (defined('CRYPT_RSA_PKCS15_COMPAT') && (!isset($this->publicExponent) || $this->exponent !== $this->publicExponent)) { + if ($pkcs15_compat && (!isset($this->publicExponent) || $this->exponent !== $this->publicExponent)) { $type = 1; // "The padding string PS shall consist of k-3-||D|| octets. ... for block type 01, they shall have value FF" $ps = str_repeat("\xFF", $psLen); @@ -2213,27 +1715,26 @@ class Crypt_RSA { * * See {@link http://tools.ietf.org/html/rfc3447#section-7.2.2 RFC3447#section-7.2.2}. * - * For compatability purposes, this function departs slightly from the description given in RFC3447. + * For compatibility purposes, this function departs slightly from the description given in RFC3447. * The reason being that RFC2313#section-8.1 (PKCS#1 v1.5) states that ciphertext's encrypted by the * private key should have the second byte set to either 0 or 1 and that ciphertext's encrypted by the * public key should have the second byte set to 2. In RFC3447 (PKCS#1 v2.1), the second byte is supposed - * to be 2 regardless of which key is used. For compatability purposes, we'll just check to make sure the + * to be 2 regardless of which key is used. For compatibility purposes, we'll just check to make sure the * second byte is 2 or less. If it is, we'll accept the decrypted string as valid. * - * As a consequence of this, a private key encrypted ciphertext produced with Crypt_RSA may not decrypt + * As a consequence of this, a private key encrypted ciphertext produced with \phpseclib\Crypt\RSA may not decrypt * with a strictly PKCS#1 v1.5 compliant RSA implementation. Public key encrypted ciphertext's should but * not private key encrypted ciphertext's. * * @access private - * @param String $c - * @return String + * @param string $c + * @return bool|string */ function _rsaes_pkcs1_v1_5_decrypt($c) { // Length checking if (strlen($c) != $this->k) { // or if k < 11 - user_error('Decryption error'); return false; } @@ -2241,17 +1742,14 @@ class Crypt_RSA { $c = $this->_os2ip($c); $m = $this->_rsadp($c); - - if ($m === false) { - user_error('Decryption error'); + $em = $this->_i2osp($m, $this->k); + if ($em === false) { return false; } - $em = $this->_i2osp($m, $this->k); // EME-PKCS1-v1_5 decoding if (ord($em[0]) != 0 || ord($em[1]) > 2) { - user_error('Decryption error'); return false; } @@ -2259,7 +1757,6 @@ class Crypt_RSA { $m = substr($em, strlen($ps) + 3); if (strlen($ps) < 8) { - user_error('Decryption error'); return false; } @@ -2274,8 +1771,9 @@ class Crypt_RSA { * See {@link http://tools.ietf.org/html/rfc3447#section-9.1.1 RFC3447#section-9.1.1}. * * @access private - * @param String $m - * @param Integer $emBits + * @param string $m + * @throws \RuntimeException on encoding error + * @param int $emBits */ function _emsa_pss_encode($m, $emBits) { @@ -2283,15 +1781,14 @@ class Crypt_RSA { // be output. $emLen = ($emBits + 1) >> 3; // ie. ceil($emBits / 8) - $sLen = $this->sLen == false ? $this->hLen : $this->sLen; + $sLen = $this->sLen ? $this->sLen : $this->hLen; $mHash = $this->hash->hash($m); if ($emLen < $this->hLen + $sLen + 2) { - user_error('Encoding error'); return false; } - $salt = crypt_random_string($sLen); + $salt = Random::string($sLen); $m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt; $h = $this->hash->hash($m2); $ps = str_repeat(chr(0), $emLen - $sLen - $this->hLen - 2); @@ -2310,10 +1807,10 @@ class Crypt_RSA { * See {@link http://tools.ietf.org/html/rfc3447#section-9.1.2 RFC3447#section-9.1.2}. * * @access private - * @param String $m - * @param String $em - * @param Integer $emBits - * @return String + * @param string $m + * @param string $em + * @param int $emBits + * @return string */ function _emsa_pss_verify($m, $em, $emBits) { @@ -2321,7 +1818,7 @@ class Crypt_RSA { // be output. $emLen = ($emBits + 1) >> 3; // ie. ceil($emBits / 8); - $sLen = $this->sLen == false ? $this->hLen : $this->sLen; + $sLen = $this->sLen ? $this->sLen : $this->hLen; $mHash = $this->hash->hash($m); if ($emLen < $this->hLen + $sLen + 2) { @@ -2357,8 +1854,8 @@ class Crypt_RSA { * See {@link http://tools.ietf.org/html/rfc3447#section-8.1.1 RFC3447#section-8.1.1}. * * @access private - * @param String $m - * @return String + * @param string $m + * @return bool|string */ function _rsassa_pss_sign($m) { @@ -2383,16 +1880,15 @@ class Crypt_RSA { * See {@link http://tools.ietf.org/html/rfc3447#section-8.1.2 RFC3447#section-8.1.2}. * * @access private - * @param String $m - * @param String $s - * @return String + * @param string $m + * @param string $s + * @return bool|string */ function _rsassa_pss_verify($m, $s) { // Length checking if (strlen($s) != $this->k) { - user_error('Invalid signature'); return false; } @@ -2402,13 +1898,8 @@ class Crypt_RSA { $s2 = $this->_os2ip($s); $m2 = $this->_rsavp1($s2); - if ($m2 === false) { - user_error('Invalid signature'); - return false; - } $em = $this->_i2osp($m2, $modBits >> 3); if ($em === false) { - user_error('Invalid signature'); return false; } @@ -2423,43 +1914,50 @@ class Crypt_RSA { * See {@link http://tools.ietf.org/html/rfc3447#section-9.2 RFC3447#section-9.2}. * * @access private - * @param String $m - * @param Integer $emLen - * @return String + * @param string $m + * @param int $emLen + * @throws \LengthException if the intended encoded message length is too short + * @return string */ function _emsa_pkcs1_v1_5_encode($m, $emLen) { $h = $this->hash->hash($m); - if ($h === false) { - return false; - } // see http://tools.ietf.org/html/rfc3447#page-43 switch ($this->hashName) { case 'md2': - $t = pack('H*', '3020300c06082a864886f70d020205000410'); + $t = "\x30\x20\x30\x0c\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x02\x05\x00\x04\x10"; break; case 'md5': - $t = pack('H*', '3020300c06082a864886f70d020505000410'); + $t = "\x30\x20\x30\x0c\x06\x08\x2a\x86\x48\x86\xf7\x0d\x02\x05\x05\x00\x04\x10"; break; case 'sha1': - $t = pack('H*', '3021300906052b0e03021a05000414'); + $t = "\x30\x21\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14"; break; case 'sha256': - $t = pack('H*', '3031300d060960864801650304020105000420'); + $t = "\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01\x05\x00\x04\x20"; break; case 'sha384': - $t = pack('H*', '3041300d060960864801650304020205000430'); + $t = "\x30\x41\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x02\x05\x00\x04\x30"; break; case 'sha512': - $t = pack('H*', '3051300d060960864801650304020305000440'); + $t = "\x30\x51\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x03\x05\x00\x04\x40"; + break; + // from https://www.emc.com/collateral/white-papers/h11300-pkcs-1v2-2-rsa-cryptography-standard-wp.pdf#page=40 + case 'sha224': + $t = "\x30\x2d\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x04\x05\x00\x04\x1c"; + break; + case 'sha512/224': + $t = "\x30\x2d\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x05\x05\x00\x04\x1c"; + break; + case 'sha512/256': + $t = "\x30\x31\x30\x0d\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x06\x05\x00\x04\x20"; } $t.= $h; $tLen = strlen($t); if ($emLen < $tLen + 11) { - user_error('Intended encoded message length too short'); - return false; + throw new \LengthException('Intended encoded message length too short'); } $ps = str_repeat(chr(0xFF), $emLen - $tLen - 3); @@ -2475,17 +1973,20 @@ class Crypt_RSA { * See {@link http://tools.ietf.org/html/rfc3447#section-8.2.1 RFC3447#section-8.2.1}. * * @access private - * @param String $m - * @return String + * @param string $m + * @throws \LengthException if the RSA modulus is too short + * @return bool|string */ function _rsassa_pkcs1_v1_5_sign($m) { // EMSA-PKCS1-v1_5 encoding - $em = $this->_emsa_pkcs1_v1_5_encode($m, $this->k); - if ($em === false) { - user_error('RSA modulus too short'); - return false; + // If the encoding operation outputs "intended encoded message length too short," output "RSA modulus + // too short" and stop. + try { + $em = $this->_emsa_pkcs1_v1_5_encode($m, $this->k); + } catch (\LengthException $e) { + throw new \LengthException('RSA modulus too short'); } // RSA signature @@ -2505,15 +2006,65 @@ class Crypt_RSA { * See {@link http://tools.ietf.org/html/rfc3447#section-8.2.2 RFC3447#section-8.2.2}. * * @access private - * @param String $m - * @return String + * @param string $m + * @param string $s + * @throws \LengthException if the RSA modulus is too short + * @return bool */ function _rsassa_pkcs1_v1_5_verify($m, $s) { // Length checking if (strlen($s) != $this->k) { - user_error('Invalid signature'); + return false; + } + + // RSA verification + + $s = $this->_os2ip($s); + $m2 = $this->_rsavp1($s); + $em = $this->_i2osp($m2, $this->k); + if ($em === false) { + return false; + } + + // EMSA-PKCS1-v1_5 encoding + + // If the encoding operation outputs "intended encoded message length too short," output "RSA modulus + // too short" and stop. + try { + $em2 = $this->_emsa_pkcs1_v1_5_encode($m, $this->k); + } catch (\LengthException $e) { + throw new \LengthException('RSA modulus too short'); + } + + // Compare + return $this->_equals($em, $em2); + } + + /** + * RSASSA-PKCS1-V1_5-VERIFY (relaxed matching) + * + * Per {@link http://tools.ietf.org/html/rfc3447#page-43 RFC3447#page-43} PKCS1 v1.5 + * specified the use BER encoding rather than DER encoding that PKCS1 v2.0 specified. + * This means that under rare conditions you can have a perfectly valid v1.5 signature + * that fails to validate with _rsassa_pkcs1_v1_5_verify(). PKCS1 v2.1 also recommends + * that if you're going to validate these types of signatures you "should indicate + * whether the underlying BER encoding is a DER encoding and hence whether the signature + * is valid with respect to the specification given in [PKCS1 v2.0+]". so if you do + * $rsa->getLastPadding() and get RSA::PADDING_RELAXED_PKCS1 back instead of + * RSA::PADDING_PKCS1... that means BER encoding was used. + * + * @access private + * @param string $m + * @param string $s + * @return bool + */ + function _rsassa_pkcs1_v1_5_relaxed_verify($m, $s) + { + // Length checking + + if (strlen($s) != $this->k) { return false; } @@ -2522,175 +2073,149 @@ class Crypt_RSA { $s = $this->_os2ip($s); $m2 = $this->_rsavp1($s); if ($m2 === false) { - user_error('Invalid signature'); return false; } $em = $this->_i2osp($m2, $this->k); if ($em === false) { - user_error('Invalid signature'); return false; } - // EMSA-PKCS1-v1_5 encoding - - $em2 = $this->_emsa_pkcs1_v1_5_encode($m, $this->k); - if ($em2 === false) { - user_error('RSA modulus too short'); + if ($this->_string_shift($em, 2) != "\0\1") { return false; } - // Compare + $em = ltrim($em, "\xFF"); + if ($this->_string_shift($em) != "\0") { + return false; + } + + $asn1 = new ASN1(); + $decoded = $asn1->decodeBER($em); + if (!is_array($decoded) || empty($decoded[0]) || strlen($em) > $decoded[0]['length']) { + return false; + } + + $AlgorithmIdentifier = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'algorithm' => array('type' => ASN1::TYPE_OBJECT_IDENTIFIER), + 'parameters' => array( + 'type' => ASN1::TYPE_ANY, + 'optional' => true + ) + ) + ); + + $DigestInfo = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'digestAlgorithm' => $AlgorithmIdentifier, + 'digest' => array('type' => ASN1::TYPE_OCTET_STRING) + ) + ); + + $oids = array( + '1.2.840.113549.2.2' => 'md2', + '1.2.840.113549.2.4' => 'md4', // from PKCS1 v1.5 + '1.2.840.113549.2.5' => 'md5', + '1.3.14.3.2.26' => 'sha1', + '2.16.840.1.101.3.4.2.1' => 'sha256', + '2.16.840.1.101.3.4.2.2' => 'sha384', + '2.16.840.1.101.3.4.2.3' => 'sha512', + // from PKCS1 v2.2 + '2.16.840.1.101.3.4.2.4' => 'sha224', + '2.16.840.1.101.3.4.2.5' => 'sha512/224', + '2.16.840.1.101.3.4.2.6' => 'sha512/256', + ); + + $asn1->loadOIDs($oids); + + $decoded = $asn1->asn1map($decoded[0], $DigestInfo); + if (!isset($decoded) || $decoded === false) { + return false; + } + + if (!in_array($decoded['digestAlgorithm']['algorithm'], $oids)) { + return false; + } + + $hash = new Hash($decoded['digestAlgorithm']['algorithm']); + $em = $hash->hash($m); + $em2 = Base64::decode($decoded['digest']); + return $this->_equals($em, $em2); } - /** - * Set Encryption Mode - * - * Valid values include CRYPT_RSA_ENCRYPTION_OAEP and CRYPT_RSA_ENCRYPTION_PKCS1. - * - * @access public - * @param Integer $mode - */ - function setEncryptionMode($mode) - { - $this->encryptionMode = $mode; - } - - /** - * Set Signature Mode - * - * Valid values include CRYPT_RSA_SIGNATURE_PSS and CRYPT_RSA_SIGNATURE_PKCS1 - * - * @access public - * @param Integer $mode - */ - function setSignatureMode($mode) - { - $this->signatureMode = $mode; - } - - /** - * Set public key comment. - * - * @access public - * @param String $comment - */ - function setComment($comment) - { - $this->comment = $comment; - } - - /** - * Get public key comment. - * - * @access public - * @return String - */ - function getComment() - { - return $this->comment; - } - /** * Encryption * - * Both CRYPT_RSA_ENCRYPTION_OAEP and CRYPT_RSA_ENCRYPTION_PKCS1 both place limits on how long $plaintext can be. + * Both self::PADDING_OAEP and self::PADDING_PKCS1 both place limits on how long $plaintext can be. * If $plaintext exceeds those limits it will be broken up so that it does and the resultant ciphertext's will * be concatenated together. * - * @see decrypt() + * @see self::decrypt() * @access public - * @param String $plaintext - * @return String + * @param string $plaintext + * @param int $padding optional + * @return bool|string + * @throws \LengthException if the RSA modulus is too short */ - function encrypt($plaintext) + function encrypt($plaintext, $padding = self::PADDING_OAEP) { - switch ($this->encryptionMode) { - case CRYPT_RSA_ENCRYPTION_PKCS1: - $length = $this->k - 11; - if ($length <= 0) { - return false; - } - - $plaintext = str_split($plaintext, $length); - $ciphertext = ''; - foreach ($plaintext as $m) { - $ciphertext.= $this->_rsaes_pkcs1_v1_5_encrypt($m); - } - return $ciphertext; - //case CRYPT_RSA_ENCRYPTION_OAEP: + switch ($padding) { + case self::PADDING_NONE: + return $this->_raw_encrypt($plaintext); + case self::PADDING_PKCS15_COMPAT: + case self::PADDING_PKCS1: + return $this->_rsaes_pkcs1_v1_5_encrypt($plaintext, $padding == self::PADDING_PKCS15_COMPAT); + //case self::PADDING_OAEP: default: - $length = $this->k - 2 * $this->hLen - 2; - if ($length <= 0) { - return false; - } - - $plaintext = str_split($plaintext, $length); - $ciphertext = ''; - foreach ($plaintext as $m) { - $ciphertext.= $this->_rsaes_oaep_encrypt($m); - } - return $ciphertext; + return $this->_rsaes_oaep_encrypt($plaintext); } } /** * Decryption * - * @see encrypt() + * @see self::encrypt() * @access public - * @param String $plaintext - * @return String + * @param string $plaintext + * @param int $padding optional + * @return bool|string */ - function decrypt($ciphertext) + function decrypt($ciphertext, $padding = self::PADDING_OAEP) { - if ($this->k <= 0) { - return false; - } - - $ciphertext = str_split($ciphertext, $this->k); - $ciphertext[count($ciphertext) - 1] = str_pad($ciphertext[count($ciphertext) - 1], $this->k, chr(0), STR_PAD_LEFT); - - $plaintext = ''; - - switch ($this->encryptionMode) { - case CRYPT_RSA_ENCRYPTION_PKCS1: - $decrypt = '_rsaes_pkcs1_v1_5_decrypt'; - break; - //case CRYPT_RSA_ENCRYPTION_OAEP: + switch ($padding) { + case self::PADDING_NONE: + return $this->_raw_encrypt($ciphertext); + case self::PADDING_PKCS1: + return $this->_rsaes_pkcs1_v1_5_decrypt($ciphertext); + //case self::PADDING_OAEP: default: - $decrypt = '_rsaes_oaep_decrypt'; + return $this->_rsaes_oaep_decrypt($ciphertext); } - - foreach ($ciphertext as $c) { - $temp = $this->$decrypt($c); - if ($temp === false) { - return false; - } - $plaintext.= $temp; - } - - return $plaintext; } /** * Create a signature * - * @see verify() + * @see self::verify() * @access public - * @param String $message - * @return String + * @param string $message + * @param int $padding optional + * @return string */ - function sign($message) + function sign($message, $padding = self::PADDING_PSS) { if (empty($this->modulus) || empty($this->exponent)) { return false; } - switch ($this->signatureMode) { - case CRYPT_RSA_SIGNATURE_PKCS1: + switch ($padding) { + case self::PADDING_PKCS1: + case self::PADDING_RELAXED_PKCS1: return $this->_rsassa_pkcs1_v1_5_sign($message); - //case CRYPT_RSA_SIGNATURE_PSS: + //case self::PADDING_PSS: default: return $this->_rsassa_pss_sign($message); } @@ -2699,22 +2224,25 @@ class Crypt_RSA { /** * Verifies a signature * - * @see sign() + * @see self::sign() * @access public - * @param String $message - * @param String $signature - * @return Boolean + * @param string $message + * @param string $signature + * @param int $padding optional + * @return bool */ - function verify($message, $signature) + function verify($message, $signature, $padding = self::PADDING_PSS) { if (empty($this->modulus) || empty($this->exponent)) { return false; } - switch ($this->signatureMode) { - case CRYPT_RSA_SIGNATURE_PKCS1: + switch ($padding) { + case self::PADDING_RELAXED_PKCS1: + return $this->_rsassa_pkcs1_v1_5_relaxed_verify($message, $signature); + case self::PADDING_PKCS1: return $this->_rsassa_pkcs1_v1_5_verify($message, $signature); - //case CRYPT_RSA_SIGNATURE_PSS: + //case self::PADDING_PSS: default: return $this->_rsassa_pss_verify($message, $signature); } diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RSA/MSBLOB.php b/plugins/OStatus/extlib/phpseclib/Crypt/RSA/MSBLOB.php new file mode 100644 index 0000000000..b99dc2f068 --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/Crypt/RSA/MSBLOB.php @@ -0,0 +1,224 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\Crypt\RSA; + +use ParagonIE\ConstantTime\Base64; +use phpseclib\Math\BigInteger; + +/** + * Microsoft BLOB Formatted RSA Key Handler + * + * @package RSA + * @author Jim Wigginton + * @access public + */ +class MSBLOB +{ + /**#@+ + * @access private + */ + /** + * Public/Private Key Pair + */ + const PRIVATEKEYBLOB = 0x7; + /** + * Public Key + */ + const PUBLICKEYBLOB = 0x6; + /** + * Public Key + */ + const PUBLICKEYBLOBEX = 0xA; + /** + * RSA public key exchange algorithm + */ + const CALG_RSA_KEYX = 0x0000A400; + /** + * RSA public key exchange algorithm + */ + const CALG_RSA_SIGN = 0x00002400; + /** + * Public Key + */ + const RSA1 = 0x31415352; + /** + * Private Key + */ + const RSA2 = 0x32415352; + /**#@-*/ + + /** + * Break a public or private key down into its constituent components + * + * @access public + * @param string $key + * @param string $password optional + * @return array + */ + static function load($key, $password = '') + { + if (!is_string($key)) { + return false; + } + + $key = Base64::decode($key); + + if (!is_string($key) || strlen($key) < 20) { + return false; + } + + // PUBLICKEYSTRUC publickeystruc + // https://msdn.microsoft.com/en-us/library/windows/desktop/aa387453(v=vs.85).aspx + extract(unpack('atype/aversion/vreserved/Valgo', self::_string_shift($key, 8))); + switch (ord($type)) { + case self::PUBLICKEYBLOB: + case self::PUBLICKEYBLOBEX: + $publickey = true; + break; + case self::PRIVATEKEYBLOB: + $publickey = false; + break; + default: + return false; + } + + $components = array('isPublicKey' => $publickey); + + // https://msdn.microsoft.com/en-us/library/windows/desktop/aa375549(v=vs.85).aspx + switch ($algo) { + case self::CALG_RSA_KEYX: + case self::CALG_RSA_SIGN: + break; + default: + return false; + } + + // RSAPUBKEY rsapubkey + // https://msdn.microsoft.com/en-us/library/windows/desktop/aa387685(v=vs.85).aspx + // could do V for pubexp but that's unsigned 32-bit whereas some PHP installs only do signed 32-bit + extract(unpack('Vmagic/Vbitlen/a4pubexp', self::_string_shift($key, 12))); + switch ($magic) { + case self::RSA2: + $components['isPublicKey'] = false; + case self::RSA1: + break; + default: + return false; + } + + $baseLength = $bitlen / 16; + if (strlen($key) != 2 * $baseLength && strlen($key) != 9 * $baseLength) { + return false; + } + + $components[$components['isPublicKey'] ? 'publicExponent' : 'privateExponent'] = new BigInteger(strrev($pubexp), 256); + // BYTE modulus[rsapubkey.bitlen/8] + $components['modulus'] = new BigInteger(strrev(self::_string_shift($key, $bitlen / 8)), 256); + + if ($publickey) { + return $components; + } + + $components['isPublicKey'] = false; + + // BYTE prime1[rsapubkey.bitlen/16] + $components['primes'] = array(1 => new BigInteger(strrev(self::_string_shift($key, $bitlen / 16)), 256)); + // BYTE prime2[rsapubkey.bitlen/16] + $components['primes'][] = new BigInteger(strrev(self::_string_shift($key, $bitlen / 16)), 256); + // BYTE exponent1[rsapubkey.bitlen/16] + $components['exponents'] = array(1 => new BigInteger(strrev(self::_string_shift($key, $bitlen / 16)), 256)); + // BYTE exponent2[rsapubkey.bitlen/16] + $components['exponents'][] = new BigInteger(strrev(self::_string_shift($key, $bitlen / 16)), 256); + // BYTE coefficient[rsapubkey.bitlen/16] + $components['coefficients'] = array(2 => new BigInteger(strrev(self::_string_shift($key, $bitlen / 16)), 256)); + if (isset($components['privateExponent'])) { + $components['publicExponent'] = $components['privateExponent']; + } + // BYTE privateExponent[rsapubkey.bitlen/8] + $components['privateExponent'] = new BigInteger(strrev(self::_string_shift($key, $bitlen / 8)), 256); + + return $components; + } + + /** + * Convert a private key to the appropriate format. + * + * @access public + * @param \phpseclib\Math\BigInteger $n + * @param \phpseclib\Math\BigInteger $e + * @param \phpseclib\Math\BigInteger $d + * @param array $primes + * @param array $exponents + * @param array $coefficients + * @param string $password optional + * @return string + */ + static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') + { + $n = strrev($n->toBytes()); + $e = str_pad(strrev($e->toBytes()), 4, "\0"); + $key = pack('aavV', chr(self::PRIVATEKEYBLOB), chr(2), 0, self::CALG_RSA_KEYX); + $key.= pack('VVa*', self::RSA2, 8 * strlen($n), $e); + $key.= $n; + $key.= strrev($primes[1]->toBytes()); + $key.= strrev($primes[2]->toBytes()); + $key.= strrev($exponents[1]->toBytes()); + $key.= strrev($exponents[2]->toBytes()); + $key.= strrev($coefficients[1]->toBytes()); + $key.= strrev($d->toBytes()); + + return Base64::encode($key); + } + + /** + * Convert a public key to the appropriate format + * + * @access public + * @param \phpseclib\Math\BigInteger $n + * @param \phpseclib\Math\BigInteger $e + * @return string + */ + static function savePublicKey(BigInteger $n, BigInteger $e) + { + $n = strrev($n->toBytes()); + $e = str_pad(strrev($e->toBytes()), 4, "\0"); + $key = pack('aavV', chr(self::PUBLICKEYBLOB), chr(2), 0, self::CALG_RSA_KEYX); + $key.= pack('VVa*', self::RSA1, 8 * strlen($n), $e); + $key.= $n; + + return Base64::encode($key); + } + + /** + * String Shift + * + * Inspired by array_shift + * + * @param string $string + * @param int $index + * @return string + * @access private + */ + static function _string_shift(&$string, $index = 1) + { + $substr = substr($string, 0, $index); + $string = substr($string, $index); + return $substr; + } +} diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RSA/OpenSSH.php b/plugins/OStatus/extlib/phpseclib/Crypt/RSA/OpenSSH.php new file mode 100644 index 0000000000..8cd5328282 --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/Crypt/RSA/OpenSSH.php @@ -0,0 +1,141 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\Crypt\RSA; + +use ParagonIE\ConstantTime\Base64; +use phpseclib\Math\BigInteger; + +/** + * OpenSSH Formatted RSA Key Handler + * + * @package RSA + * @author Jim Wigginton + * @access public + */ +class OpenSSH +{ + /** + * Default comment + * + * @var string + * @access private + */ + static $comment = 'phpseclib-generated-key'; + + /** + * Sets the default comment + * + * @access public + * @param string $comment + */ + static function setComment($comment) + { + self::$comment = str_replace(array("\r", "\n"), '', $comment); + } + + /** + * Break a public or private key down into its constituent components + * + * @access public + * @param string $key + * @param string $password optional + * @return array + */ + static function load($key, $password = '') + { + if (!is_string($key)) { + return false; + } + + $parts = explode(' ', $key, 3); + + $key = isset($parts[1]) ? Base64::decode($parts[1]) : Base64::decode($parts[0]); + if ($key === false) { + return false; + } + + $comment = isset($parts[2]) ? $parts[2] : false; + + if (substr($key, 0, 11) != "\0\0\0\7ssh-rsa") { + return false; + } + self::_string_shift($key, 11); + if (strlen($key) <= 4) { + return false; + } + extract(unpack('Nlength', self::_string_shift($key, 4))); + if (strlen($key) <= $length) { + return false; + } + $publicExponent = new BigInteger(self::_string_shift($key, $length), -256); + if (strlen($key) <= 4) { + return false; + } + extract(unpack('Nlength', self::_string_shift($key, 4))); + if (strlen($key) != $length) { + return false; + } + $modulus = new BigInteger(self::_string_shift($key, $length), -256); + + return array( + 'isPublicKey' => true, + 'modulus' => $modulus, + 'publicExponent' => $publicExponent, + 'comment' => $comment + ); + } + + /** + * Convert a public key to the appropriate format + * + * @access public + * @param \phpseclib\Math\BigInteger $n + * @param \phpseclib\Math\BigInteger $e + * @return string + */ + static function savePublicKey(BigInteger $n, BigInteger $e) + { + $publicExponent = $e->toBytes(true); + $modulus = $n->toBytes(true); + + // from : + // string "ssh-rsa" + // mpint e + // mpint n + $RSAPublicKey = pack('Na*Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($publicExponent), $publicExponent, strlen($modulus), $modulus); + $RSAPublicKey = 'ssh-rsa ' . Base64::encode($RSAPublicKey) . ' ' . self::$comment; + + return $RSAPublicKey; + } + + /** + * String Shift + * + * Inspired by array_shift + * + * @param string $string + * @param int $index + * @return string + * @access private + */ + static function _string_shift(&$string, $index = 1) + { + $substr = substr($string, 0, $index); + $string = substr($string, $index); + return $substr; + } +} diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RSA/PKCS.php b/plugins/OStatus/extlib/phpseclib/Crypt/RSA/PKCS.php new file mode 100644 index 0000000000..b0ff2559ed --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/Crypt/RSA/PKCS.php @@ -0,0 +1,487 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\Crypt\RSA; + +use ParagonIE\ConstantTime\Base64; +use ParagonIE\ConstantTime\Hex; +use phpseclib\Crypt\AES; +use phpseclib\Crypt\Base; +use phpseclib\Crypt\DES; +use phpseclib\Crypt\TripleDES; +use phpseclib\Math\BigInteger; + +/** + * PKCS Formatted RSA Key Handler + * + * @package RSA + * @author Jim Wigginton + * @access public + */ +abstract class PKCS +{ + /**#@+ + * @access private + * @see \phpseclib\Crypt\RSA::createKey() + */ + /** + * ASN1 Integer + */ + const ASN1_INTEGER = 2; + /** + * ASN1 Bit String + */ + const ASN1_BITSTRING = 3; + /** + * ASN1 Octet String + */ + const ASN1_OCTETSTRING = 4; + /** + * ASN1 Object Identifier + */ + const ASN1_OBJECT = 6; + /** + * ASN1 Sequence (with the constucted bit set) + */ + const ASN1_SEQUENCE = 48; + /**#@-*/ + + /**#@+ + * @access private + */ + /** + * Auto-detect the format + */ + const MODE_ANY = 0; + /** + * Require base64-encoded PEM's be supplied + */ + const MODE_PEM = 1; + /** + * Require raw DER's be supplied + */ + const MODE_DER = 2; + /**#@-*/ + + /** + * Is the key a base-64 encoded PEM, DER or should it be auto-detected? + * + * @access private + * @param int + */ + static $format = self::MODE_ANY; + + /** + * Returns the mode constant corresponding to the mode string + * + * @access public + * @param string $mode + * @return int + * @throws \UnexpectedValueException if the block cipher mode is unsupported + */ + static function getEncryptionMode($mode) + { + switch ($mode) { + case 'CBC': + return Base::MODE_CBC; + case 'ECB': + return Base::MODE_ECB; + case 'CFB': + return Base::MODE_CFB; + case 'OFB': + return Base::MODE_OFB; + case 'CTR': + return Base::MODE_CTR; + } + throw new \UnexpectedValueException('Unsupported block cipher mode of operation'); + } + + /** + * Returns a cipher object corresponding to a string + * + * @access public + * @param string $algo + * @return string + * @throws \UnexpectedValueException if the encryption algorithm is unsupported + */ + static function getEncryptionObject($algo) + { + $modes = '(CBC|ECB|CFB|OFB|CTR)'; + switch (true) { + case preg_match("#^AES-(128|192|256)-$modes$#", $algo, $matches): + $cipher = new AES(self::getEncryptionMode($matches[2])); + $cipher->setKeyLength($matches[1]); + return $cipher; + case preg_match("#^DES-EDE3-$modes$#", $algo, $matches): + return new TripleDES(self::getEncryptionMode($matches[1])); + case preg_match("#^DES-$modes$#", $algo, $matches): + return new DES(self::getEncryptionMode($matches[1])); + default: + throw new \UnexpectedValueException('Unsupported encryption algorithmn'); + } + } + + /** + * Generate a symmetric key for PKCS#1 keys + * + * @access public + * @param string $password + * @param string $iv + * @param int $length + * @return string + */ + static function generateSymmetricKey($password, $iv, $length) + { + $symkey = ''; + $iv = substr($iv, 0, 8); + while (strlen($symkey) < $length) { + $symkey.= md5($symkey . $password . $iv, true); + } + return substr($symkey, 0, $length); + } + + /** + * Break a public or private key down into its constituent components + * + * @access public + * @param string $key + * @param string $password optional + * @return array + */ + static function load($key, $password = '') + { + if (!is_string($key)) { + return false; + } + + $components = array('isPublicKey' => strpos($key, 'PUBLIC') !== false); + + /* Although PKCS#1 proposes a format that public and private keys can use, encrypting them is + "outside the scope" of PKCS#1. PKCS#1 then refers you to PKCS#12 and PKCS#15 if you're wanting to + protect private keys, however, that's not what OpenSSL* does. OpenSSL protects private keys by adding + two new "fields" to the key - DEK-Info and Proc-Type. These fields are discussed here: + + http://tools.ietf.org/html/rfc1421#section-4.6.1.1 + http://tools.ietf.org/html/rfc1421#section-4.6.1.3 + + DES-EDE3-CBC as an algorithm, however, is not discussed anywhere, near as I can tell. + DES-CBC and DES-EDE are discussed in RFC1423, however, DES-EDE3-CBC isn't, nor is its key derivation + function. As is, the definitive authority on this encoding scheme isn't the IETF but rather OpenSSL's + own implementation. ie. the implementation *is* the standard and any bugs that may exist in that + implementation are part of the standard, as well. + + * OpenSSL is the de facto standard. It's utilized by OpenSSH and other projects */ + if (preg_match('#DEK-Info: (.+),(.+)#', $key, $matches)) { + $iv = Hex::decode(trim($matches[2])); + // remove the Proc-Type / DEK-Info sections as they're no longer needed + $key = preg_replace('#^(?:Proc-Type|DEK-Info): .*#m', '', $key); + $ciphertext = self::_extractBER($key); + if ($ciphertext === false) { + $ciphertext = $key; + } + $crypto = self::getEncryptionObject($matches[1]); + $crypto->setKey(self::generateSymmetricKey($password, $iv, $crypto->getKeyLength() >> 3)); + $crypto->setIV($iv); + $key = $crypto->decrypt($ciphertext); + if ($key === false) { + return false; + } + } else { + if (self::$format != self::MODE_DER) { + $decoded = self::_extractBER($key); + if ($decoded !== false) { + $key = $decoded; + } elseif (self::$format == self::MODE_PEM) { + return false; + } + } + } + + if (ord(self::_string_shift($key)) != self::ASN1_SEQUENCE) { + return false; + } + if (self::_decodeLength($key) != strlen($key)) { + return false; + } + + $tag = ord(self::_string_shift($key)); + /* intended for keys for which OpenSSL's asn1parse returns the following: + + 0:d=0 hl=4 l= 631 cons: SEQUENCE + 4:d=1 hl=2 l= 1 prim: INTEGER :00 + 7:d=1 hl=2 l= 13 cons: SEQUENCE + 9:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption + 20:d=2 hl=2 l= 0 prim: NULL + 22:d=1 hl=4 l= 609 prim: OCTET STRING + + ie. PKCS8 keys */ + + if ($tag == self::ASN1_INTEGER && substr($key, 0, 3) == "\x01\x00\x30") { + self::_string_shift($key, 3); + $tag = self::ASN1_SEQUENCE; + } + + if ($tag == self::ASN1_SEQUENCE) { + $temp = self::_string_shift($key, self::_decodeLength($key)); + if (ord(self::_string_shift($temp)) != self::ASN1_OBJECT) { + return false; + } + $length = self::_decodeLength($temp); + switch (self::_string_shift($temp, $length)) { + case "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01": // rsaEncryption + break; + case "\x2a\x86\x48\x86\xf7\x0d\x01\x05\x03": // pbeWithMD5AndDES-CBC + /* + PBEParameter ::= SEQUENCE { + salt OCTET STRING (SIZE(8)), + iterationCount INTEGER } + */ + if (ord(self::_string_shift($temp)) != self::ASN1_SEQUENCE) { + return false; + } + if (self::_decodeLength($temp) != strlen($temp)) { + return false; + } + self::_string_shift($temp); // assume it's an octet string + $salt = self::_string_shift($temp, self::_decodeLength($temp)); + if (ord(self::_string_shift($temp)) != self::ASN1_INTEGER) { + return false; + } + self::_decodeLength($temp); + list(, $iterationCount) = unpack('N', str_pad($temp, 4, chr(0), STR_PAD_LEFT)); + self::_string_shift($key); // assume it's an octet string + $length = self::_decodeLength($key); + if (strlen($key) != $length) { + return false; + } + + $crypto = new DES(DES::MODE_CBC); + $crypto->setPassword($password, 'pbkdf1', 'md5', $salt, $iterationCount); + $key = $crypto->decrypt($key); + if ($key === false) { + return false; + } + return self::load($key); + default: + return false; + } + /* intended for keys for which OpenSSL's asn1parse returns the following: + + 0:d=0 hl=4 l= 290 cons: SEQUENCE + 4:d=1 hl=2 l= 13 cons: SEQUENCE + 6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption + 17:d=2 hl=2 l= 0 prim: NULL + 19:d=1 hl=4 l= 271 prim: BIT STRING */ + $tag = ord(self::_string_shift($key)); // skip over the BIT STRING / OCTET STRING tag + self::_decodeLength($key); // skip over the BIT STRING / OCTET STRING length + // "The initial octet shall encode, as an unsigned binary integer wtih bit 1 as the least significant bit, the number of + // unused bits in the final subsequent octet. The number shall be in the range zero to seven." + // -- http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf (section 8.6.2.2) + if ($tag == self::ASN1_BITSTRING) { + self::_string_shift($key); + } + if (ord(self::_string_shift($key)) != self::ASN1_SEQUENCE) { + return false; + } + if (self::_decodeLength($key) != strlen($key)) { + return false; + } + $tag = ord(self::_string_shift($key)); + } + if ($tag != self::ASN1_INTEGER) { + return false; + } + + $length = self::_decodeLength($key); + $temp = self::_string_shift($key, $length); + if (strlen($temp) != 1 || ord($temp) > 2) { + $components['modulus'] = new BigInteger($temp, 256); + self::_string_shift($key); // skip over self::ASN1_INTEGER + $length = self::_decodeLength($key); + $components[$components['isPublicKey'] ? 'publicExponent' : 'privateExponent'] = new BigInteger(self::_string_shift($key, $length), 256); + + return $components; + } + if (ord(self::_string_shift($key)) != self::ASN1_INTEGER) { + return false; + } + $length = self::_decodeLength($key); + $components['modulus'] = new BigInteger(self::_string_shift($key, $length), 256); + self::_string_shift($key); + $length = self::_decodeLength($key); + $components['publicExponent'] = new BigInteger(self::_string_shift($key, $length), 256); + self::_string_shift($key); + $length = self::_decodeLength($key); + $components['privateExponent'] = new BigInteger(self::_string_shift($key, $length), 256); + self::_string_shift($key); + $length = self::_decodeLength($key); + $components['primes'] = array(1 => new BigInteger(self::_string_shift($key, $length), 256)); + self::_string_shift($key); + $length = self::_decodeLength($key); + $components['primes'][] = new BigInteger(self::_string_shift($key, $length), 256); + self::_string_shift($key); + $length = self::_decodeLength($key); + $components['exponents'] = array(1 => new BigInteger(self::_string_shift($key, $length), 256)); + self::_string_shift($key); + $length = self::_decodeLength($key); + $components['exponents'][] = new BigInteger(self::_string_shift($key, $length), 256); + self::_string_shift($key); + $length = self::_decodeLength($key); + $components['coefficients'] = array(2 => new BigInteger(self::_string_shift($key, $length), 256)); + + if (!empty($key)) { + if (ord(self::_string_shift($key)) != self::ASN1_SEQUENCE) { + return false; + } + self::_decodeLength($key); + while (!empty($key)) { + if (ord(self::_string_shift($key)) != self::ASN1_SEQUENCE) { + return false; + } + self::_decodeLength($key); + $key = substr($key, 1); + $length = self::_decodeLength($key); + $components['primes'][] = new BigInteger(self::_string_shift($key, $length), 256); + self::_string_shift($key); + $length = self::_decodeLength($key); + $components['exponents'][] = new BigInteger(self::_string_shift($key, $length), 256); + self::_string_shift($key); + $length = self::_decodeLength($key); + $components['coefficients'][] = new BigInteger(self::_string_shift($key, $length), 256); + } + } + + return $components; + } + + /** + * Require base64-encoded PEM's be supplied + * + * @see self::load() + * @access public + */ + static function requirePEM() + { + self::$format = self::MODE_PEM; + } + + /** + * Require raw DER's be supplied + * + * @see self::load() + * @access public + */ + static function requireDER() + { + self::$format = self::MODE_DER; + } + + /** + * Accept any format and auto detect the format + * + * This is the default setting + * + * @see self::load() + * @access public + */ + static function requireAny() + { + self::$format = self::MODE_ANY; + } + + /** + * DER-decode the length + * + * DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See + * {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information. + * + * @access private + * @param string $string + * @return int + */ + static function _decodeLength(&$string) + { + $length = ord(self::_string_shift($string)); + if ($length & 0x80) { // definite length, long form + $length&= 0x7F; + $temp = self::_string_shift($string, $length); + list(, $length) = unpack('N', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4)); + } + return $length; + } + + /** + * DER-encode the length + * + * DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See + * {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information. + * + * @access private + * @param int $length + * @return string + */ + static function _encodeLength($length) + { + if ($length <= 0x7F) { + return chr($length); + } + + $temp = ltrim(pack('N', $length), chr(0)); + return pack('Ca*', 0x80 | strlen($temp), $temp); + } + + /** + * String Shift + * + * Inspired by array_shift + * + * @param string $string + * @param int $index + * @return string + * @access private + */ + static function _string_shift(&$string, $index = 1) + { + $substr = substr($string, 0, $index); + $string = substr($string, $index); + return $substr; + } + + /** + * Extract raw BER from Base64 encoding + * + * @access private + * @param string $str + * @return string + */ + static function _extractBER($str) + { + /* X.509 certs are assumed to be base64 encoded but sometimes they'll have additional things in them + * above and beyond the ceritificate. + * ie. some may have the following preceding the -----BEGIN CERTIFICATE----- line: + * + * Bag Attributes + * localKeyID: 01 00 00 00 + * subject=/O=organization/OU=org unit/CN=common name + * issuer=/O=organization/CN=common name + */ + $temp = preg_replace('#.*?^-+[^-]+-+[\r\n ]*$#ms', '', $str, 1); + // remove the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- stuff + $temp = preg_replace('#-+[^-]+-+#', '', $temp); + // remove new lines + $temp = str_replace(array("\r", "\n", ' '), '', $temp); + $temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? Base64::decode($temp) : false; + return $temp != false ? $temp : $str; + } +} diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RSA/PKCS1.php b/plugins/OStatus/extlib/phpseclib/Crypt/RSA/PKCS1.php new file mode 100644 index 0000000000..e5d6e1d64f --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/Crypt/RSA/PKCS1.php @@ -0,0 +1,174 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\Crypt\RSA; + +use ParagonIE\ConstantTime\Base64; +use ParagonIE\ConstantTime\Hex; +use phpseclib\Crypt\AES; +use phpseclib\Crypt\DES; +use phpseclib\Crypt\Random; +use phpseclib\Crypt\TripleDES; +use phpseclib\Math\BigInteger; + +/** + * PKCS#1 Formatted RSA Key Handler + * + * @package RSA + * @author Jim Wigginton + * @access public + */ +class PKCS1 extends PKCS +{ + /** + * Default encryption algorithm + * + * @var string + * @access private + */ + static $defaultEncryptionAlgorithm = 'DES-EDE3-CBC'; + + /** + * Sets the default encryption algorithm + * + * @access public + * @param string $algo + */ + static function setEncryptionAlgorithm($algo) + { + self::$defaultEncryptionAlgorithm = $algo; + } + + /** + * Convert a private key to the appropriate format. + * + * @access public + * @param \phpseclib\Math\BigInteger $n + * @param \phpseclib\Math\BigInteger $e + * @param \phpseclib\Math\BigInteger $d + * @param array $primes + * @param array $exponents + * @param array $coefficients + * @param string $password optional + * @return string + */ + static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') + { + $num_primes = count($primes); + $raw = array( + 'version' => $num_primes == 2 ? chr(0) : chr(1), // two-prime vs. multi + 'modulus' => $n->toBytes(true), + 'publicExponent' => $e->toBytes(true), + 'privateExponent' => $d->toBytes(true), + 'prime1' => $primes[1]->toBytes(true), + 'prime2' => $primes[2]->toBytes(true), + 'exponent1' => $exponents[1]->toBytes(true), + 'exponent2' => $exponents[2]->toBytes(true), + 'coefficient' => $coefficients[2]->toBytes(true) + ); + + $components = array(); + foreach ($raw as $name => $value) { + $components[$name] = pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($value)), $value); + } + + $RSAPrivateKey = implode('', $components); + + if ($num_primes > 2) { + $OtherPrimeInfos = ''; + for ($i = 3; $i <= $num_primes; $i++) { + // OtherPrimeInfos ::= SEQUENCE SIZE(1..MAX) OF OtherPrimeInfo + // + // OtherPrimeInfo ::= SEQUENCE { + // prime INTEGER, -- ri + // exponent INTEGER, -- di + // coefficient INTEGER -- ti + // } + $OtherPrimeInfo = pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($primes[$i]->toBytes(true))), $primes[$i]->toBytes(true)); + $OtherPrimeInfo.= pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($exponents[$i]->toBytes(true))), $exponents[$i]->toBytes(true)); + $OtherPrimeInfo.= pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($coefficients[$i]->toBytes(true))), $coefficients[$i]->toBytes(true)); + $OtherPrimeInfos.= pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($OtherPrimeInfo)), $OtherPrimeInfo); + } + $RSAPrivateKey.= pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($OtherPrimeInfos)), $OtherPrimeInfos); + } + + $RSAPrivateKey = pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey); + + if (!empty($password) || is_string($password)) { + $cipher = self::getEncryptionObject(self::$defaultEncryptionAlgorithm); + $iv = Random::string($cipher->getBlockLength() >> 3); + $cipher->setKey(self::generateSymmetricKey($password, $iv, $cipher->getKeyLength() >> 3)); + $cipher->setIV($iv); + $iv = strtoupper(Hex::encode($iv)); + $RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" . + "Proc-Type: 4,ENCRYPTED\r\n" . + "DEK-Info: " . self::$defaultEncryptionAlgorithm . ",$iv\r\n" . + "\r\n" . + chunk_split(Base64::encode($cipher->encrypt($RSAPrivateKey)), 64) . + '-----END RSA PRIVATE KEY-----'; + } else { + $RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" . + chunk_split(Base64::encode($RSAPrivateKey), 64) . + '-----END RSA PRIVATE KEY-----'; + } + + return $RSAPrivateKey; + } + + /** + * Convert a public key to the appropriate format + * + * @access public + * @param \phpseclib\Math\BigInteger $n + * @param \phpseclib\Math\BigInteger $e + * @return string + */ + static function savePublicKey(BigInteger $n, BigInteger $e) + { + $modulus = $n->toBytes(true); + $publicExponent = $e->toBytes(true); + + // from : + // RSAPublicKey ::= SEQUENCE { + // modulus INTEGER, -- n + // publicExponent INTEGER -- e + // } + $components = array( + 'modulus' => pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($modulus)), $modulus), + 'publicExponent' => pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($publicExponent)), $publicExponent) + ); + + $RSAPublicKey = pack( + 'Ca*a*a*', + self::ASN1_SEQUENCE, + self::_encodeLength(strlen($components['modulus']) + strlen($components['publicExponent'])), + $components['modulus'], + $components['publicExponent'] + ); + + $RSAPublicKey = "-----BEGIN RSA PUBLIC KEY-----\r\n" . + chunk_split(Base64::encode($RSAPublicKey), 64) . + '-----END RSA PUBLIC KEY-----'; + + return $RSAPublicKey; + } +} diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RSA/PKCS8.php b/plugins/OStatus/extlib/phpseclib/Crypt/RSA/PKCS8.php new file mode 100644 index 0000000000..787c89a58a --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/Crypt/RSA/PKCS8.php @@ -0,0 +1,209 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\Crypt\RSA; + +use ParagonIE\ConstantTime\Base64; +use phpseclib\Crypt\DES; +use phpseclib\Crypt\Random; +use phpseclib\Math\BigInteger; + +/** + * PKCS#8 Formatted RSA Key Handler + * + * @package RSA + * @author Jim Wigginton + * @access public + */ +class PKCS8 extends PKCS +{ + /** + * Convert a private key to the appropriate format. + * + * @access public + * @param \phpseclib\Math\BigInteger $n + * @param \phpseclib\Math\BigInteger $e + * @param \phpseclib\Math\BigInteger $d + * @param array $primes + * @param array $exponents + * @param array $coefficients + * @param string $password optional + * @return string + */ + static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') + { + $num_primes = count($primes); + $raw = array( + 'version' => $num_primes == 2 ? chr(0) : chr(1), // two-prime vs. multi + 'modulus' => $n->toBytes(true), + 'publicExponent' => $e->toBytes(true), + 'privateExponent' => $d->toBytes(true), + 'prime1' => $primes[1]->toBytes(true), + 'prime2' => $primes[2]->toBytes(true), + 'exponent1' => $exponents[1]->toBytes(true), + 'exponent2' => $exponents[2]->toBytes(true), + 'coefficient' => $coefficients[2]->toBytes(true) + ); + + $components = array(); + foreach ($raw as $name => $value) { + $components[$name] = pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($value)), $value); + } + + $RSAPrivateKey = implode('', $components); + + if ($num_primes > 2) { + $OtherPrimeInfos = ''; + for ($i = 3; $i <= $num_primes; $i++) { + // OtherPrimeInfos ::= SEQUENCE SIZE(1..MAX) OF OtherPrimeInfo + // + // OtherPrimeInfo ::= SEQUENCE { + // prime INTEGER, -- ri + // exponent INTEGER, -- di + // coefficient INTEGER -- ti + // } + $OtherPrimeInfo = pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($primes[$i]->toBytes(true))), $primes[$i]->toBytes(true)); + $OtherPrimeInfo.= pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($exponents[$i]->toBytes(true))), $exponents[$i]->toBytes(true)); + $OtherPrimeInfo.= pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($coefficients[$i]->toBytes(true))), $coefficients[$i]->toBytes(true)); + $OtherPrimeInfos.= pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($OtherPrimeInfo)), $OtherPrimeInfo); + } + $RSAPrivateKey.= pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($OtherPrimeInfos)), $OtherPrimeInfos); + } + + $RSAPrivateKey = pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey); + + $rsaOID = "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00"; // hex version of MA0GCSqGSIb3DQEBAQUA + $RSAPrivateKey = pack( + 'Ca*a*Ca*a*', + self::ASN1_INTEGER, + "\01\00", + $rsaOID, + 4, + self::_encodeLength(strlen($RSAPrivateKey)), + $RSAPrivateKey + ); + $RSAPrivateKey = pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey); + if (!empty($password) || is_string($password)) { + $salt = Random::string(8); + $iterationCount = 2048; + + $crypto = new DES(DES::MODE_CBC); + $crypto->setPassword($password, 'pbkdf1', 'md5', $salt, $iterationCount); + $RSAPrivateKey = $crypto->encrypt($RSAPrivateKey); + + $parameters = pack( + 'Ca*a*Ca*N', + self::ASN1_OCTETSTRING, + self::_encodeLength(strlen($salt)), + $salt, + self::ASN1_INTEGER, + self::_encodeLength(4), + $iterationCount + ); + $pbeWithMD5AndDES_CBC = "\x2a\x86\x48\x86\xf7\x0d\x01\x05\x03"; + + $encryptionAlgorithm = pack( + 'Ca*a*Ca*a*', + self::ASN1_OBJECT, + self::_encodeLength(strlen($pbeWithMD5AndDES_CBC)), + $pbeWithMD5AndDES_CBC, + self::ASN1_SEQUENCE, + self::_encodeLength(strlen($parameters)), + $parameters + ); + + $RSAPrivateKey = pack( + 'Ca*a*Ca*a*', + self::ASN1_SEQUENCE, + self::_encodeLength(strlen($encryptionAlgorithm)), + $encryptionAlgorithm, + self::ASN1_OCTETSTRING, + self::_encodeLength(strlen($RSAPrivateKey)), + $RSAPrivateKey + ); + + $RSAPrivateKey = pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey); + + $RSAPrivateKey = "-----BEGIN ENCRYPTED PRIVATE KEY-----\r\n" . + chunk_split(Base64::encode($RSAPrivateKey), 64) . + '-----END ENCRYPTED PRIVATE KEY-----'; + } else { + $RSAPrivateKey = "-----BEGIN PRIVATE KEY-----\r\n" . + chunk_split(Base64::encode($RSAPrivateKey), 64) . + '-----END PRIVATE KEY-----'; + } + + return $RSAPrivateKey; + } + + /** + * Convert a public key to the appropriate format + * + * @access public + * @param \phpseclib\Math\BigInteger $n + * @param \phpseclib\Math\BigInteger $e + * @return string + */ + static function savePublicKey(BigInteger $n, BigInteger $e) + { + $modulus = $n->toBytes(true); + $publicExponent = $e->toBytes(true); + + // from : + // RSAPublicKey ::= SEQUENCE { + // modulus INTEGER, -- n + // publicExponent INTEGER -- e + // } + $components = array( + 'modulus' => pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($modulus)), $modulus), + 'publicExponent' => pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($publicExponent)), $publicExponent) + ); + + $RSAPublicKey = pack( + 'Ca*a*a*', + self::ASN1_SEQUENCE, + self::_encodeLength(strlen($components['modulus']) + strlen($components['publicExponent'])), + $components['modulus'], + $components['publicExponent'] + ); + + // sequence(oid(1.2.840.113549.1.1.1), null)) = rsaEncryption. + $rsaOID = "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00"; // hex version of MA0GCSqGSIb3DQEBAQUA + $RSAPublicKey = chr(0) . $RSAPublicKey; + $RSAPublicKey = chr(3) . self::_encodeLength(strlen($RSAPublicKey)) . $RSAPublicKey; + + $RSAPublicKey = pack( + 'Ca*a*', + self::ASN1_SEQUENCE, + self::_encodeLength(strlen($rsaOID . $RSAPublicKey)), + $rsaOID . $RSAPublicKey + ); + + $RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" . + chunk_split(Base64::encode($RSAPublicKey), 64) . + '-----END PUBLIC KEY-----'; + + return $RSAPublicKey; + } +} diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RSA/PuTTY.php b/plugins/OStatus/extlib/phpseclib/Crypt/RSA/PuTTY.php new file mode 100644 index 0000000000..04c4ae20dc --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/Crypt/RSA/PuTTY.php @@ -0,0 +1,313 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\Crypt\RSA; + +use ParagonIE\ConstantTime\Base64; +use ParagonIE\ConstantTime\Hex; +use phpseclib\Crypt\AES; +use phpseclib\Crypt\Hash; +use phpseclib\Math\BigInteger; + +/** + * PuTTY Formatted RSA Key Handler + * + * @package RSA + * @author Jim Wigginton + * @access public + */ +class PuTTY +{ + /** + * Default comment + * + * @var string + * @access private + */ + static $comment = 'phpseclib-generated-key'; + + /** + * Sets the default comment + * + * @access public + * @param string $comment + */ + static function setComment($comment) + { + self::$comment = str_replace(array("\r", "\n"), '', $comment); + } + + /** + * Generate a symmetric key for PuTTY keys + * + * @access public + * @param string $password + * @param string $iv + * @param int $length + * @return string + */ + static function generateSymmetricKey($password, $length) + { + $symkey = ''; + $sequence = 0; + while (strlen($symkey) < $length) { + $temp = pack('Na*', $sequence++, $password); + $symkey.= Hex::decode(sha1($temp)); + } + return substr($symkey, 0, $length); + } + + /** + * Break a public or private key down into its constituent components + * + * @access public + * @param string $key + * @param string $password optional + * @return array + */ + static function load($key, $password = '') + { + if (!is_string($key)) { + return false; + } + + static $one; + if (!isset($one)) { + $one = new BigInteger(1); + } + + if (strpos($key, 'BEGIN SSH2 PUBLIC KEY')) { + $data = preg_split('#[\r\n]+#', $key); + $data = array_splice($data, 2, -1); + $data = implode('', $data); + + $components = OpenSSH::load($data); + if ($components === false) { + return false; + } + + if (!preg_match('#Comment: "(.+)"#', $key, $matches)) { + return false; + } + $components['comment'] = str_replace(array('\\\\', '\"'), array('\\', '"'), $matches[1]); + + return $components; + } + + $components = array('isPublicKey' => false); + $key = preg_split('#\r\n|\r|\n#', $key); + $type = trim(preg_replace('#PuTTY-User-Key-File-2: (.+)#', '$1', $key[0])); + if ($type != 'ssh-rsa') { + return false; + } + $encryption = trim(preg_replace('#Encryption: (.+)#', '$1', $key[1])); + $components['comment'] = trim(preg_replace('#Comment: (.+)#', '$1', $key[2])); + + $publicLength = trim(preg_replace('#Public-Lines: (\d+)#', '$1', $key[3])); + $public = Base64::decode(implode('', array_map('trim', array_slice($key, 4, $publicLength)))); + $public = substr($public, 11); + extract(unpack('Nlength', self::_string_shift($public, 4))); + $components['publicExponent'] = new BigInteger(self::_string_shift($public, $length), -256); + extract(unpack('Nlength', self::_string_shift($public, 4))); + $components['modulus'] = new BigInteger(self::_string_shift($public, $length), -256); + + $privateLength = trim(preg_replace('#Private-Lines: (\d+)#', '$1', $key[$publicLength + 4])); + $private = Base64::decode(implode('', array_map('trim', array_slice($key, $publicLength + 5, $privateLength)))); + + switch ($encryption) { + case 'aes256-cbc': + $symkey = static::generateSymmetricKey($password, 32); + $crypto = new AES(AES::MODE_CBC); + } + + if ($encryption != 'none') { + $crypto->setKey($symkey); + $crypto->setIV(str_repeat("\0", $crypto->getBlockLength() >> 3)); + $crypto->disablePadding(); + $private = $crypto->decrypt($private); + if ($private === false) { + return false; + } + } + + extract(unpack('Nlength', self::_string_shift($private, 4))); + if (strlen($private) < $length) { + return false; + } + $components['privateExponent'] = new BigInteger(self::_string_shift($private, $length), -256); + extract(unpack('Nlength', self::_string_shift($private, 4))); + if (strlen($private) < $length) { + return false; + } + $components['primes'] = array(1 => new BigInteger(self::_string_shift($private, $length), -256)); + extract(unpack('Nlength', self::_string_shift($private, 4))); + if (strlen($private) < $length) { + return false; + } + $components['primes'][] = new BigInteger(self::_string_shift($private, $length), -256); + + $temp = $components['primes'][1]->subtract($one); + $components['exponents'] = array(1 => $components['publicExponent']->modInverse($temp)); + $temp = $components['primes'][2]->subtract($one); + $components['exponents'][] = $components['publicExponent']->modInverse($temp); + + extract(unpack('Nlength', self::_string_shift($private, 4))); + if (strlen($private) < $length) { + return false; + } + $components['coefficients'] = array(2 => new BigInteger(self::_string_shift($private, $length), -256)); + + return $components; + } + + /** + * String Shift + * + * Inspired by array_shift + * + * @param string $string + * @param int $index + * @return string + * @access private + */ + static function _string_shift(&$string, $index = 1) + { + $substr = substr($string, 0, $index); + $string = substr($string, $index); + return $substr; + } + + /** + * Convert a private key to the appropriate format. + * + * @access public + * @param \phpseclib\Math\BigInteger $n + * @param \phpseclib\Math\BigInteger $e + * @param \phpseclib\Math\BigInteger $d + * @param array $primes + * @param array $exponents + * @param array $coefficients + * @param string $password optional + * @return string + */ + static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') + { + if (count($primes) != 2) { + return false; + } + + $raw = array( + 'modulus' => $n->toBytes(true), + 'publicExponent' => $e->toBytes(true), + 'privateExponent' => $d->toBytes(true), + 'prime1' => $primes[1]->toBytes(true), + 'prime2' => $primes[2]->toBytes(true), + 'exponent1' => $exponents[1]->toBytes(true), + 'exponent2' => $exponents[2]->toBytes(true), + 'coefficient' => $coefficients[2]->toBytes(true) + ); + + $key = "PuTTY-User-Key-File-2: ssh-rsa\r\nEncryption: "; + $encryption = (!empty($password) || is_string($password)) ? 'aes256-cbc' : 'none'; + $key.= $encryption; + $key.= "\r\nComment: " . self::$comment . "\r\n"; + $public = pack( + 'Na*Na*Na*', + strlen('ssh-rsa'), + 'ssh-rsa', + strlen($raw['publicExponent']), + $raw['publicExponent'], + strlen($raw['modulus']), + $raw['modulus'] + ); + $source = pack( + 'Na*Na*Na*Na*', + strlen('ssh-rsa'), + 'ssh-rsa', + strlen($encryption), + $encryption, + strlen(self::$comment), + self::$comment, + strlen($public), + $public + ); + $public = Base64::encode($public); + $key.= "Public-Lines: " . ((strlen($public) + 63) >> 6) . "\r\n"; + $key.= chunk_split($public, 64); + $private = pack( + 'Na*Na*Na*Na*', + strlen($raw['privateExponent']), + $raw['privateExponent'], + strlen($raw['prime1']), + $raw['prime1'], + strlen($raw['prime2']), + $raw['prime2'], + strlen($raw['coefficient']), + $raw['coefficient'] + ); + if (empty($password) && !is_string($password)) { + $source.= pack('Na*', strlen($private), $private); + $hashkey = 'putty-private-key-file-mac-key'; + } else { + $private.= Random::string(16 - (strlen($private) & 15)); + $source.= pack('Na*', strlen($private), $private); + $crypto = new AES(); + + $crypto->setKey(static::generateSymmetricKey($password, 32)); + $crypto->setIV(str_repeat("\0", $crypto->getBlockLength() >> 3)); + $crypto->disablePadding(); + $private = $crypto->encrypt($private); + $hashkey = 'putty-private-key-file-mac-key' . $password; + } + + $private = Base64::encode($private); + $key.= 'Private-Lines: ' . ((strlen($private) + 63) >> 6) . "\r\n"; + $key.= chunk_split($private, 64); + $hash = new Hash('sha1'); + $hash->setKey(sha1($hashkey, true)); + $key.= 'Private-MAC: ' . Hex::encode($hash->hash($source)) . "\r\n"; + + return $key; + } + + /** + * Convert a public key to the appropriate format + * + * @access public + * @param \phpseclib\Math\BigInteger $n + * @param \phpseclib\Math\BigInteger $e + * @return string + */ + static function savePublicKey(BigInteger $n, BigInteger $e) + { + $n = $n->toBytes(true); + $e = $e->toBytes(true); + + $key = pack( + 'Na*Na*Na*', + strlen('ssh-rsa'), + 'ssh-rsa', + strlen($e), + $e, + strlen($n), + $n + ); + $key = "---- BEGIN SSH2 PUBLIC KEY ----\r\n" . + 'Comment: "' . str_replace(array('\\', '"'), array('\\\\', '\"'), self::$comment) . "\"\r\n"; + chunk_split(Base64::encode($key), 64) . + '---- END SSH2 PUBLIC KEY ----'; + + return $key; + } +} diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RSA/Raw.php b/plugins/OStatus/extlib/phpseclib/Crypt/RSA/Raw.php new file mode 100644 index 0000000000..d399252163 --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/Crypt/RSA/Raw.php @@ -0,0 +1,103 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\Crypt\RSA; + +use phpseclib\Math\BigInteger; + +/** + * Raw RSA Key Handler + * + * @package RSA + * @author Jim Wigginton + * @access public + */ +class Raw +{ + /** + * Break a public or private key down into its constituent components + * + * @access public + * @param string $key + * @param string $password optional + * @return array + */ + static function load($key, $password = '') + { + if (!is_array($key)) { + return false; + } + if (isset($key['isPublicKey']) && isset($key['modulus'])) { + if (isset($key['privateExponent']) || isset($key['publicExponent'])) { + if (!isset($key['primes'])) { + return $key; + } + if (isset($key['exponents']) && isset($key['coefficients']) && isset($key['publicExponent']) && isset($key['privateExponent'])) { + return $key; + } + } + } + $components = array('isPublicKey' => true); + switch (true) { + case isset($key['e']): + $components['publicExponent'] = $key['e']; + break; + case isset($key['exponent']): + $components['publicExponent'] = $key['exponent']; + break; + case isset($key['publicExponent']): + $components['publicExponent'] = $key['publicExponent']; + break; + case isset($key[0]): + $components['publicExponent'] = $key[0]; + } + switch (true) { + case isset($key['n']): + $components['modulus'] = $key['n']; + break; + case isset($key['modulo']): + $components['modulus'] = $key['modulo']; + break; + case isset($key['modulus']): + $components['modulus'] = $key['modulus']; + break; + case isset($key[1]): + $components['modulus'] = $key[1]; + } + return isset($components['modulus']) && isset($components['publicExponent']) ? $components : false; + } + + /** + * Convert a public key to the appropriate format + * + * @access public + * @param \phpseclib\Math\BigInteger $n + * @param \phpseclib\Math\BigInteger $e + * @return string + */ + static function savePublicKey(BigInteger $n, BigInteger $e) + { + return array('e' => clone $e, 'n' => clone $n); + } +} diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RSA/XML.php b/plugins/OStatus/extlib/phpseclib/Crypt/RSA/XML.php new file mode 100644 index 0000000000..a257033b88 --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/Crypt/RSA/XML.php @@ -0,0 +1,147 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\Crypt\RSA; + +use ParagonIE\ConstantTime\Base64; +use phpseclib\Math\BigInteger; + +/** + * XML Formatted RSA Key Handler + * + * @package RSA + * @author Jim Wigginton + * @access public + */ +class XML +{ + /** + * Break a public or private key down into its constituent components + * + * @access public + * @param string $key + * @param string $password optional + * @return array + */ + static function load($key, $password = '') + { + if (!is_string($key)) { + return false; + } + + $components = array( + 'isPublicKey' => false, + 'primes' => array(), + 'exponents' => array(), + 'coefficients' => array() + ); + + $use_errors = libxml_use_internal_errors(true); + + $dom = new \DOMDocument(); + if (!$dom->loadXML('' . $key . '')) { + return false; + } + $xpath = new \DOMXPath($dom); + $keys = array('modulus', 'exponent', 'p', 'q', 'dp', 'dq', 'inverseq', 'd'); + foreach ($keys as $key) { + // $dom->getElementsByTagName($key) is case-sensitive + $temp = $xpath->query("//*[translate(local-name(), 'ABCDEFGHIJKLMNOPQRSTUVWXYZ','abcdefghijklmnopqrstuvwxyz')='$key']"); + if (!$temp->length) { + continue; + } + $value = new BigInteger(Base64::decode($temp->item(0)->nodeValue), 256); + switch ($key) { + case 'modulus': + $components['modulus'] = $value; + break; + case 'exponent': + $components['publicExponent'] = $value; + break; + case 'p': + $components['primes'][1] = $value; + break; + case 'q': + $components['primes'][2] = $value; + break; + case 'dp': + $components['exponents'][1] = $value; + break; + case 'dq': + $components['exponents'][2] = $value; + break; + case 'inverseq': + $components['coefficients'][2] = $value; + break; + case 'd': + $components['privateExponent'] = $value; + } + } + + libxml_use_internal_errors($use_errors); + + return isset($components['modulus']) && isset($components['publicExponent']) ? $components : false; + } + + /** + * Convert a private key to the appropriate format. + * + * @access public + * @param \phpseclib\Math\BigInteger $n + * @param \phpseclib\Math\BigInteger $e + * @param \phpseclib\Math\BigInteger $d + * @param array $primes + * @param array $exponents + * @param array $coefficients + * @param string $password optional + * @return string + */ + static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') + { + if (count($primes) != 2) { + return false; + } + return "\r\n" . + ' ' . Base64::encode($n->toBytes()) . "\r\n" . + ' ' . Base64::encode($e->toBytes()) . "\r\n" . + '

    ' . Base64::encode($primes[1]->toBytes()) . "

    \r\n" . + ' ' . Base64::encode($primes[2]->toBytes()) . "\r\n" . + ' ' . Base64::encode($exponents[1]->toBytes()) . "\r\n" . + ' ' . Base64::encode($exponents[2]->toBytes()) . "\r\n" . + ' ' . Base64::encode($coefficients[2]->toBytes()) . "\r\n" . + ' ' . Base64::encode($d->toBytes()) . "\r\n" . + '    '; + } + + /** + * Convert a public key to the appropriate format + * + * @access public + * @param \phpseclib\Math\BigInteger $n + * @param \phpseclib\Math\BigInteger $e + * @return string + */ + static function savePublicKey(BigInteger $n, BigInteger $e) + { + return "\r\n" . + ' ' . Base64::encode($n->toBytes()) . "\r\n" . + ' ' . Base64::encode($e->toBytes()) . "\r\n" . + ''; + } +} diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/Random.php b/plugins/OStatus/extlib/phpseclib/Crypt/Random.php index 948512da7f..5e412e8fb8 100644 --- a/plugins/OStatus/extlib/phpseclib/Crypt/Random.php +++ b/plugins/OStatus/extlib/phpseclib/Crypt/Random.php @@ -1,218 +1,172 @@ * * * - * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @category Crypt - * @package Crypt_Random - * @author Jim Wigginton - * @copyright MMVII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package Random + * @author Jim Wigginton + * @copyright 2007 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ -/** - * "Is Windows" test - * - * @access private - */ -define('CRYPT_RANDOM_IS_WINDOWS', strtoupper(substr(PHP_OS, 0, 3)) === 'WIN'); +namespace phpseclib\Crypt; /** - * Generate a random string. + * Pure-PHP Random Number Generator * - * Although microoptimizations are generally discouraged as they impair readability this function is ripe with - * microoptimizations because this function has the potential of being called a huge number of times. - * eg. for RSA key generation. - * - * @param Integer $length - * @return String - * @access public + * @package Random + * @author Jim Wigginton + * @access public */ -function crypt_random_string($length) +class Random { - if (CRYPT_RANDOM_IS_WINDOWS) { - // method 1. prior to PHP 5.3 this would call rand() on windows hence the function_exists('class_alias') call. - // ie. class_alias is a function that was introduced in PHP 5.3 - if (function_exists('mcrypt_create_iv') && function_exists('class_alias')) { - return mcrypt_create_iv($length); + /** + * Generate a random string. + * + * Although microoptimizations are generally discouraged as they impair readability this function is ripe with + * microoptimizations because this function has the potential of being called a huge number of times. + * eg. for RSA key generation. + * + * @param int $length + * @throws \RuntimeException if a symmetric cipher is needed but not loaded + * @return string + */ + static function string($length) + { + try { + return \random_bytes($length); + } catch (\Exception $e) { + // random_compat will throw an Exception, which in PHP 5 does not implement Throwable + } catch (\Throwable $e) { + // If a sufficient source of randomness is unavailable, random_bytes() will throw an + // object that implements the Throwable interface (Exception, TypeError, Error). + // We don't actually need to do anything here. The string() method should just continue + // as normal. Note, however, that if we don't have a sufficient source of randomness for + // random_bytes(), most of the other calls here will fail too, so we'll end up using + // the PHP implementation. } - // method 2. openssl_random_pseudo_bytes was introduced in PHP 5.3.0 but prior to PHP 5.3.4 there was, - // to quote , "possible blocking behavior". as of 5.3.4 - // openssl_random_pseudo_bytes and mcrypt_create_iv do the exact same thing on Windows. ie. they both - // call php_win32_get_random_bytes(): + // at this point we have no choice but to use a pure-PHP CSPRNG + + // cascade entropy across multiple PHP instances by fixing the session and collecting all + // environmental variables, including the previous session data and the current session + // data. // - // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/openssl/openssl.c#L5008 - // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1392 - // - // php_win32_get_random_bytes() is defined thusly: - // - // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/win32/winutil.c#L80 - // - // we're calling it, all the same, in the off chance that the mcrypt extension is not available - if (function_exists('openssl_random_pseudo_bytes') && version_compare(PHP_VERSION, '5.3.4', '>=')) { - return openssl_random_pseudo_bytes($length); - } - } else { - // method 1. the fastest - if (function_exists('openssl_random_pseudo_bytes')) { - return openssl_random_pseudo_bytes($length); - } - // method 2 - static $fp = true; - if ($fp === true) { - // warning's will be output unles the error suppression operator is used. errors such as - // "open_basedir restriction in effect", "Permission denied", "No such file or directory", etc. - $fp = @fopen('/dev/urandom', 'rb'); - } - if ($fp !== true && $fp !== false) { // surprisingly faster than !is_bool() or is_resource() - return fread($fp, $length); - } - // method 3. pretty much does the same thing as method 2 per the following url: - // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1391 - // surprisingly slower than method 2. maybe that's because mcrypt_create_iv does a bunch of error checking that we're - // not doing. regardless, this'll only be called if this PHP script couldn't open /dev/urandom due to open_basedir - // restrictions or some such - if (function_exists('mcrypt_create_iv')) { - return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM); - } - } - // at this point we have no choice but to use a pure-PHP CSPRNG - - // cascade entropy across multiple PHP instances by fixing the session and collecting all - // environmental variables, including the previous session data and the current session - // data. - // - // mt_rand seeds itself by looking at the PID and the time, both of which are (relatively) - // easy to guess at. linux uses mouse clicks, keyboard timings, etc, as entropy sources, but - // PHP isn't low level to be able to use those as sources and on a web server there's not likely - // going to be a ton of keyboard or mouse action. web servers do have one thing that we can use - // however. a ton of people visiting the website. obviously you don't want to base your seeding - // soley on parameters a potential attacker sends but (1) not everything in $_SERVER is controlled - // by the user and (2) this isn't just looking at the data sent by the current user - it's based - // on the data sent by all users. one user requests the page and a hash of their info is saved. - // another user visits the page and the serialization of their data is utilized along with the - // server envirnment stuff and a hash of the previous http request data (which itself utilizes - // a hash of the session data before that). certainly an attacker should be assumed to have - // full control over his own http requests. he, however, is not going to have control over - // everyone's http requests. - static $crypto = false, $v; - if ($crypto === false) { - // save old session data - $old_session_id = session_id(); - $old_use_cookies = ini_get('session.use_cookies'); - $old_session_cache_limiter = session_cache_limiter(); - if (isset($_SESSION)) { - $_OLD_SESSION = $_SESSION; - } - if ($old_session_id != '') { - session_write_close(); - } - - session_id(1); - ini_set('session.use_cookies', 0); - session_cache_limiter(''); - session_start(); - - $v = $seed = $_SESSION['seed'] = pack('H*', sha1( - serialize($_SERVER) . - serialize($_POST) . - serialize($_GET) . - serialize($_COOKIE) . - serialize($GLOBALS) . - serialize($_SESSION) . - serialize($_OLD_SESSION) - )); - if (!isset($_SESSION['count'])) { - $_SESSION['count'] = 0; - } - $_SESSION['count']++; - - session_write_close(); - - // restore old session data - if ($old_session_id != '') { - session_id($old_session_id); - session_start(); - ini_set('session.use_cookies', $old_use_cookies); - session_cache_limiter($old_session_cache_limiter); - } else { - if (isset($_OLD_SESSION)) { - $_SESSION = $_OLD_SESSION; - unset($_OLD_SESSION); - } else { - unset($_SESSION); + // mt_rand seeds itself by looking at the PID and the time, both of which are (relatively) + // easy to guess at. linux uses mouse clicks, keyboard timings, etc, as entropy sources, but + // PHP isn't low level to be able to use those as sources and on a web server there's not likely + // going to be a ton of keyboard or mouse action. web servers do have one thing that we can use + // however, a ton of people visiting the website. obviously you don't want to base your seeding + // soley on parameters a potential attacker sends but (1) not everything in $_SERVER is controlled + // by the user and (2) this isn't just looking at the data sent by the current user - it's based + // on the data sent by all users. one user requests the page and a hash of their info is saved. + // another user visits the page and the serialization of their data is utilized along with the + // server envirnment stuff and a hash of the previous http request data (which itself utilizes + // a hash of the session data before that). certainly an attacker should be assumed to have + // full control over his own http requests. he, however, is not going to have control over + // everyone's http requests. + static $crypto = false, $v; + if ($crypto === false) { + // save old session data + $old_session_id = session_id(); + $old_use_cookies = ini_get('session.use_cookies'); + $old_session_cache_limiter = session_cache_limiter(); + $_OLD_SESSION = isset($_SESSION) ? $_SESSION : false; + if ($old_session_id != '') { + session_write_close(); } + + session_id(1); + ini_set('session.use_cookies', 0); + session_cache_limiter(''); + session_start(); + + $v = (isset($_SERVER) ? self::safe_serialize($_SERVER) : '') . + (isset($_POST) ? self::safe_serialize($_POST) : '') . + (isset($_GET) ? self::safe_serialize($_GET) : '') . + (isset($_COOKIE) ? self::safe_serialize($_COOKIE) : '') . + self::safe_serialize($GLOBALS) . + self::safe_serialize($_SESSION) . + self::safe_serialize($_OLD_SESSION); + $v = $seed = $_SESSION['seed'] = sha1($v, true); + if (!isset($_SESSION['count'])) { + $_SESSION['count'] = 0; + } + $_SESSION['count']++; + + session_write_close(); + + // restore old session data + if ($old_session_id != '') { + session_id($old_session_id); + session_start(); + ini_set('session.use_cookies', $old_use_cookies); + session_cache_limiter($old_session_cache_limiter); + } else { + if ($_OLD_SESSION !== false) { + $_SESSION = $_OLD_SESSION; + unset($_OLD_SESSION); + } else { + unset($_SESSION); + } + } + + // in SSH2 a shared secret and an exchange hash are generated through the key exchange process. + // the IV client to server is the hash of that "nonce" with the letter A and for the encryption key it's the letter C. + // if the hash doesn't produce enough a key or an IV that's long enough concat successive hashes of the + // original hash and the current hash. we'll be emulating that. for more info see the following URL: + // + // http://tools.ietf.org/html/rfc4253#section-7.2 + // + // see the is_string($crypto) part for an example of how to expand the keys + $key = sha1($seed . 'A', true); + $iv = sha1($seed . 'C', true); + + // ciphers are used as per the nist.gov link below. also, see this link: + // + // http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator#Designs_based_on_cryptographic_primitives + switch (true) { + case class_exists('\phpseclib\Crypt\AES'): + $crypto = new AES(Base::MODE_CTR); + break; + case class_exists('\phpseclib\Crypt\Twofish'): + $crypto = new Twofish(Base::MODE_CTR); + break; + case class_exists('\phpseclib\Crypt\Blowfish'): + $crypto = new Blowfish(Base::MODE_CTR); + break; + case class_exists('\phpseclib\Crypt\TripleDES'): + $crypto = new TripleDES(Base::MODE_CTR); + break; + case class_exists('\phpseclib\Crypt\DES'): + $crypto = new DES(Base::MODE_CTR); + break; + case class_exists('\phpseclib\Crypt\RC4'): + $crypto = new RC4(); + break; + default: + throw new \RuntimeException(__CLASS__ . ' requires at least one symmetric cipher be loaded'); + } + + $crypto->setKey($key); + $crypto->setIV($iv); + $crypto->enableContinuousBuffer(); } - // in SSH2 a shared secret and an exchange hash are generated through the key exchange process. - // the IV client to server is the hash of that "nonce" with the letter A and for the encryption key it's the letter C. - // if the hash doesn't produce enough a key or an IV that's long enough concat successive hashes of the - // original hash and the current hash. we'll be emulating that. for more info see the following URL: - // - // http://tools.ietf.org/html/rfc4253#section-7.2 - // - // see the is_string($crypto) part for an example of how to expand the keys - $key = pack('H*', sha1($seed . 'A')); - $iv = pack('H*', sha1($seed . 'C')); + //return $crypto->encrypt(str_repeat("\0", $length)); - // ciphers are used as per the nist.gov link below. also, see this link: - // - // http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator#Designs_based_on_cryptographic_primitives - switch (true) { - case class_exists('Crypt_AES'): - $crypto = new Crypt_AES(CRYPT_AES_MODE_CTR); - break; - case class_exists('Crypt_TripleDES'): - $crypto = new Crypt_TripleDES(CRYPT_DES_MODE_CTR); - break; - case class_exists('Crypt_DES'): - $crypto = new Crypt_DES(CRYPT_DES_MODE_CTR); - break; - case class_exists('Crypt_RC4'): - $crypto = new Crypt_RC4(); - break; - default: - $crypto = $seed; - return crypt_random_string($length); - } - - $crypto->setKey($key); - $crypto->setIV($iv); - $crypto->enableContinuousBuffer(); - } - - if (is_string($crypto)) { // the following is based off of ANSI X9.31: // // http://csrc.nist.gov/groups/STM/cavp/documents/rng/931rngext.pdf @@ -221,29 +175,45 @@ function crypt_random_string($length) // // http://www.opensource.apple.com/source/OpenSSL/OpenSSL-38/openssl/fips-1.0/rand/fips_rand.c // (do a search for "ANS X9.31 A.2.4") - // - // ANSI X9.31 recommends ciphers be used and phpseclib does use them if they're available (see - // later on in the code) but if they're not we'll use sha1 $result = ''; - while (strlen($result) < $length) { // each loop adds 20 bytes - // microtime() isn't packed as "densely" as it could be but then neither is that the idea. - // the idea is simply to ensure that each "block" has a unique element to it. - $i = pack('H*', sha1(microtime())); - $r = pack('H*', sha1($i ^ $v)); - $v = pack('H*', sha1($r ^ $i)); + while (strlen($result) < $length) { + $i = $crypto->encrypt(microtime()); // strlen(microtime()) == 21 + $r = $crypto->encrypt($i ^ $v); // strlen($v) == 20 + $v = $crypto->encrypt($r ^ $i); // strlen($r) == 20 $result.= $r; } return substr($result, 0, $length); } - //return $crypto->encrypt(str_repeat("\0", $length)); - - $result = ''; - while (strlen($result) < $length) { - $i = $crypto->encrypt(microtime()); - $r = $crypto->encrypt($i ^ $v); - $v = $crypto->encrypt($r ^ $i); - $result.= $r; + /** + * Safely serialize variables + * + * If a class has a private __sleep() it'll emit a warning + * + * @param mixed $arr + * @access public + */ + function safe_serialize(&$arr) + { + if (is_object($arr)) { + return ''; + } + if (!is_array($arr)) { + return serialize($arr); + } + // prevent circular array recursion + if (isset($arr['__phpseclib_marker'])) { + return ''; + } + $safearr = array(); + $arr['__phpseclib_marker'] = true; + foreach (array_keys($arr) as $key) { + // do not recurse on the '__phpseclib_marker' key itself, for smaller memory usage + if ($key !== '__phpseclib_marker') { + $safearr[$key] = self::safe_serialize($arr[$key]); + } + } + unset($arr['__phpseclib_marker']); + return serialize($safearr); } - return substr($result, 0, $length); } diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/Rijndael.php b/plugins/OStatus/extlib/phpseclib/Crypt/Rijndael.php index c63e0ff7e3..c98f02e252 100644 --- a/plugins/OStatus/extlib/phpseclib/Crypt/Rijndael.php +++ b/plugins/OStatus/extlib/phpseclib/Crypt/Rijndael.php @@ -1,18 +1,17 @@ * setKey('abcdefghijklmnop'); * @@ -45,134 +44,37 @@ * ?> * * - * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @category Crypt - * @package Crypt_Rijndael - * @author Jim Wigginton - * @copyright MMVIII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package Rijndael + * @author Jim Wigginton + * @copyright 2008 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ -/** - * Include Crypt_Base - * - * Base cipher class - */ -if (!class_exists('Crypt_Base')) { - require_once('Base.php'); -} - -/**#@+ - * @access public - * @see Crypt_Rijndael::encrypt() - * @see Crypt_Rijndael::decrypt() - */ -/** - * Encrypt / decrypt using the Counter mode. - * - * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 - */ -define('CRYPT_RIJNDAEL_MODE_CTR', CRYPT_MODE_CTR); -/** - * Encrypt / decrypt using the Electronic Code Book mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 - */ -define('CRYPT_RIJNDAEL_MODE_ECB', CRYPT_MODE_ECB); -/** - * Encrypt / decrypt using the Code Book Chaining mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 - */ -define('CRYPT_RIJNDAEL_MODE_CBC', CRYPT_MODE_CBC); -/** - * Encrypt / decrypt using the Cipher Feedback mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 - */ -define('CRYPT_RIJNDAEL_MODE_CFB', CRYPT_MODE_CFB); -/** - * Encrypt / decrypt using the Cipher Feedback mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 - */ -define('CRYPT_RIJNDAEL_MODE_OFB', CRYPT_MODE_OFB); -/**#@-*/ - -/**#@+ - * @access private - * @see Crypt_Rijndael::Crypt_Rijndael() - */ -/** - * Toggles the internal implementation - */ -define('CRYPT_RIJNDAEL_MODE_INTERNAL', CRYPT_MODE_INTERNAL); -/** - * Toggles the mcrypt implementation - */ -define('CRYPT_RIJNDAEL_MODE_MCRYPT', CRYPT_MODE_MCRYPT); -/**#@-*/ +namespace phpseclib\Crypt; /** * Pure-PHP implementation of Rijndael. * + * @package Rijndael * @author Jim Wigginton - * @version 0.1.0 * @access public - * @package Crypt_Rijndael */ -class Crypt_Rijndael extends Crypt_Base { - /** - * The default password key_size used by setPassword() - * - * @see Crypt_Base::password_key_size - * @see Crypt_Base::setPassword() - * @var Integer - * @access private - */ - var $password_key_size = 16; - - /** - * The namespace used by the cipher for its constants. - * - * @see Crypt_Base::const_namespace - * @var String - * @access private - */ - var $const_namespace = 'RIJNDAEL'; - +class Rijndael extends Base +{ /** * The mcrypt specific name of the cipher * - * Mcrypt is useable for 128/192/256-bit $block_size/$key_size. For 160/224 not. - * Crypt_Rijndael determines automatically whether mcrypt is useable - * or not for the current $block_size/$key_size. - * In case of, $cipher_name_mcrypt will be set dynamicaly at run time accordingly. + * Mcrypt is useable for 128/192/256-bit $block_size/$key_length. For 160/224 not. + * \phpseclib\Crypt\Rijndael determines automatically whether mcrypt is useable + * or not for the current $block_size/$key_length. + * In case of, $cipher_name_mcrypt will be set dynamically at run time accordingly. * - * @see Crypt_Base::cipher_name_mcrypt - * @see Crypt_Base::engine - * @see _setupEngine() - * @var String + * @see \phpseclib\Crypt\Base::cipher_name_mcrypt + * @see \phpseclib\Crypt\Base::engine + * @see self::isValidEngine() + * @var string * @access private */ var $cipher_name_mcrypt = 'rijndael-128'; @@ -180,27 +82,18 @@ class Crypt_Rijndael extends Crypt_Base { /** * The default salt used by setPassword() * - * @see Crypt_Base::password_default_salt - * @see Crypt_Base::setPassword() - * @var String + * @see \phpseclib\Crypt\Base::password_default_salt + * @see \phpseclib\Crypt\Base::setPassword() + * @var string * @access private */ var $password_default_salt = 'phpseclib'; - /** - * Has the key length explicitly been set or should it be derived from the key, itself? - * - * @see setKeyLength() - * @var Boolean - * @access private - */ - var $explicit_key_length = false; - /** * The Key Schedule * - * @see _setup() - * @var Array + * @see self::_setup() + * @var array * @access private */ var $w; @@ -208,8 +101,8 @@ class Crypt_Rijndael extends Crypt_Base { /** * The Inverse Key Schedule * - * @see _setup() - * @var Array + * @see self::_setup() + * @var array * @access private */ var $dw; @@ -217,35 +110,34 @@ class Crypt_Rijndael extends Crypt_Base { /** * The Block Length divided by 32 * - * @see setBlockLength() - * @var Integer + * @see self::setBlockLength() + * @var int * @access private * @internal The max value is 256 / 32 = 8, the min value is 128 / 32 = 4. Exists in conjunction with $block_size * because the encryption / decryption / key schedule creation requires this number and not $block_size. We could * derive this from $block_size or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu * of that, we'll just precompute it once. - * */ var $Nb = 4; /** - * The Key Length + * The Key Length (in bytes) * - * @see setKeyLength() - * @var Integer + * @see self::setKeyLength() + * @var int * @access private * @internal The max value is 256 / 8 = 32, the min value is 128 / 8 = 16. Exists in conjunction with $Nk - * because the encryption / decryption / key schedule creation requires this number and not $key_size. We could - * derive this from $key_size or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu + * because the encryption / decryption / key schedule creation requires this number and not $key_length. We could + * derive this from $key_length or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu * of that, we'll just precompute it once. */ - var $key_size = 16; + var $key_length = 16; /** * The Key Length divided by 32 * - * @see setKeyLength() - * @var Integer + * @see self::setKeyLength() + * @var int * @access private * @internal The max value is 256 / 32 = 8, the min value is 128 / 32 = 4 */ @@ -254,7 +146,7 @@ class Crypt_Rijndael extends Crypt_Base { /** * The Number of Rounds * - * @var Integer + * @var int * @access private * @internal The max value is 14, the min value is 10. */ @@ -263,7 +155,7 @@ class Crypt_Rijndael extends Crypt_Base { /** * Shift offsets * - * @var Array + * @var array * @access private */ var $c; @@ -271,481 +163,31 @@ class Crypt_Rijndael extends Crypt_Base { /** * Holds the last used key- and block_size information * - * @var Array + * @var array * @access private */ var $kl; - /** - * Precomputed mixColumns table - * - * According to (section 5.2.1), - * precomputed tables can be used in the mixColumns phase. in that example, they're assigned t0...t3, so - * those are the names we'll use. - * - * @see Crypt_Rijndael:_encryptBlock() - * @see Crypt_Rijndael:_decryptBlock() - * @var Array - * @access private - */ - var $t0 = array( - 0xC66363A5, 0xF87C7C84, 0xEE777799, 0xF67B7B8D, 0xFFF2F20D, 0xD66B6BBD, 0xDE6F6FB1, 0x91C5C554, - 0x60303050, 0x02010103, 0xCE6767A9, 0x562B2B7D, 0xE7FEFE19, 0xB5D7D762, 0x4DABABE6, 0xEC76769A, - 0x8FCACA45, 0x1F82829D, 0x89C9C940, 0xFA7D7D87, 0xEFFAFA15, 0xB25959EB, 0x8E4747C9, 0xFBF0F00B, - 0x41ADADEC, 0xB3D4D467, 0x5FA2A2FD, 0x45AFAFEA, 0x239C9CBF, 0x53A4A4F7, 0xE4727296, 0x9BC0C05B, - 0x75B7B7C2, 0xE1FDFD1C, 0x3D9393AE, 0x4C26266A, 0x6C36365A, 0x7E3F3F41, 0xF5F7F702, 0x83CCCC4F, - 0x6834345C, 0x51A5A5F4, 0xD1E5E534, 0xF9F1F108, 0xE2717193, 0xABD8D873, 0x62313153, 0x2A15153F, - 0x0804040C, 0x95C7C752, 0x46232365, 0x9DC3C35E, 0x30181828, 0x379696A1, 0x0A05050F, 0x2F9A9AB5, - 0x0E070709, 0x24121236, 0x1B80809B, 0xDFE2E23D, 0xCDEBEB26, 0x4E272769, 0x7FB2B2CD, 0xEA75759F, - 0x1209091B, 0x1D83839E, 0x582C2C74, 0x341A1A2E, 0x361B1B2D, 0xDC6E6EB2, 0xB45A5AEE, 0x5BA0A0FB, - 0xA45252F6, 0x763B3B4D, 0xB7D6D661, 0x7DB3B3CE, 0x5229297B, 0xDDE3E33E, 0x5E2F2F71, 0x13848497, - 0xA65353F5, 0xB9D1D168, 0x00000000, 0xC1EDED2C, 0x40202060, 0xE3FCFC1F, 0x79B1B1C8, 0xB65B5BED, - 0xD46A6ABE, 0x8DCBCB46, 0x67BEBED9, 0x7239394B, 0x944A4ADE, 0x984C4CD4, 0xB05858E8, 0x85CFCF4A, - 0xBBD0D06B, 0xC5EFEF2A, 0x4FAAAAE5, 0xEDFBFB16, 0x864343C5, 0x9A4D4DD7, 0x66333355, 0x11858594, - 0x8A4545CF, 0xE9F9F910, 0x04020206, 0xFE7F7F81, 0xA05050F0, 0x783C3C44, 0x259F9FBA, 0x4BA8A8E3, - 0xA25151F3, 0x5DA3A3FE, 0x804040C0, 0x058F8F8A, 0x3F9292AD, 0x219D9DBC, 0x70383848, 0xF1F5F504, - 0x63BCBCDF, 0x77B6B6C1, 0xAFDADA75, 0x42212163, 0x20101030, 0xE5FFFF1A, 0xFDF3F30E, 0xBFD2D26D, - 0x81CDCD4C, 0x180C0C14, 0x26131335, 0xC3ECEC2F, 0xBE5F5FE1, 0x359797A2, 0x884444CC, 0x2E171739, - 0x93C4C457, 0x55A7A7F2, 0xFC7E7E82, 0x7A3D3D47, 0xC86464AC, 0xBA5D5DE7, 0x3219192B, 0xE6737395, - 0xC06060A0, 0x19818198, 0x9E4F4FD1, 0xA3DCDC7F, 0x44222266, 0x542A2A7E, 0x3B9090AB, 0x0B888883, - 0x8C4646CA, 0xC7EEEE29, 0x6BB8B8D3, 0x2814143C, 0xA7DEDE79, 0xBC5E5EE2, 0x160B0B1D, 0xADDBDB76, - 0xDBE0E03B, 0x64323256, 0x743A3A4E, 0x140A0A1E, 0x924949DB, 0x0C06060A, 0x4824246C, 0xB85C5CE4, - 0x9FC2C25D, 0xBDD3D36E, 0x43ACACEF, 0xC46262A6, 0x399191A8, 0x319595A4, 0xD3E4E437, 0xF279798B, - 0xD5E7E732, 0x8BC8C843, 0x6E373759, 0xDA6D6DB7, 0x018D8D8C, 0xB1D5D564, 0x9C4E4ED2, 0x49A9A9E0, - 0xD86C6CB4, 0xAC5656FA, 0xF3F4F407, 0xCFEAEA25, 0xCA6565AF, 0xF47A7A8E, 0x47AEAEE9, 0x10080818, - 0x6FBABAD5, 0xF0787888, 0x4A25256F, 0x5C2E2E72, 0x381C1C24, 0x57A6A6F1, 0x73B4B4C7, 0x97C6C651, - 0xCBE8E823, 0xA1DDDD7C, 0xE874749C, 0x3E1F1F21, 0x964B4BDD, 0x61BDBDDC, 0x0D8B8B86, 0x0F8A8A85, - 0xE0707090, 0x7C3E3E42, 0x71B5B5C4, 0xCC6666AA, 0x904848D8, 0x06030305, 0xF7F6F601, 0x1C0E0E12, - 0xC26161A3, 0x6A35355F, 0xAE5757F9, 0x69B9B9D0, 0x17868691, 0x99C1C158, 0x3A1D1D27, 0x279E9EB9, - 0xD9E1E138, 0xEBF8F813, 0x2B9898B3, 0x22111133, 0xD26969BB, 0xA9D9D970, 0x078E8E89, 0x339494A7, - 0x2D9B9BB6, 0x3C1E1E22, 0x15878792, 0xC9E9E920, 0x87CECE49, 0xAA5555FF, 0x50282878, 0xA5DFDF7A, - 0x038C8C8F, 0x59A1A1F8, 0x09898980, 0x1A0D0D17, 0x65BFBFDA, 0xD7E6E631, 0x844242C6, 0xD06868B8, - 0x824141C3, 0x299999B0, 0x5A2D2D77, 0x1E0F0F11, 0x7BB0B0CB, 0xA85454FC, 0x6DBBBBD6, 0x2C16163A - ); - - /** - * Precomputed mixColumns table - * - * @see Crypt_Rijndael:_encryptBlock() - * @see Crypt_Rijndael:_decryptBlock() - * @var Array - * @access private - */ - var $t1 = array( - 0xA5C66363, 0x84F87C7C, 0x99EE7777, 0x8DF67B7B, 0x0DFFF2F2, 0xBDD66B6B, 0xB1DE6F6F, 0x5491C5C5, - 0x50603030, 0x03020101, 0xA9CE6767, 0x7D562B2B, 0x19E7FEFE, 0x62B5D7D7, 0xE64DABAB, 0x9AEC7676, - 0x458FCACA, 0x9D1F8282, 0x4089C9C9, 0x87FA7D7D, 0x15EFFAFA, 0xEBB25959, 0xC98E4747, 0x0BFBF0F0, - 0xEC41ADAD, 0x67B3D4D4, 0xFD5FA2A2, 0xEA45AFAF, 0xBF239C9C, 0xF753A4A4, 0x96E47272, 0x5B9BC0C0, - 0xC275B7B7, 0x1CE1FDFD, 0xAE3D9393, 0x6A4C2626, 0x5A6C3636, 0x417E3F3F, 0x02F5F7F7, 0x4F83CCCC, - 0x5C683434, 0xF451A5A5, 0x34D1E5E5, 0x08F9F1F1, 0x93E27171, 0x73ABD8D8, 0x53623131, 0x3F2A1515, - 0x0C080404, 0x5295C7C7, 0x65462323, 0x5E9DC3C3, 0x28301818, 0xA1379696, 0x0F0A0505, 0xB52F9A9A, - 0x090E0707, 0x36241212, 0x9B1B8080, 0x3DDFE2E2, 0x26CDEBEB, 0x694E2727, 0xCD7FB2B2, 0x9FEA7575, - 0x1B120909, 0x9E1D8383, 0x74582C2C, 0x2E341A1A, 0x2D361B1B, 0xB2DC6E6E, 0xEEB45A5A, 0xFB5BA0A0, - 0xF6A45252, 0x4D763B3B, 0x61B7D6D6, 0xCE7DB3B3, 0x7B522929, 0x3EDDE3E3, 0x715E2F2F, 0x97138484, - 0xF5A65353, 0x68B9D1D1, 0x00000000, 0x2CC1EDED, 0x60402020, 0x1FE3FCFC, 0xC879B1B1, 0xEDB65B5B, - 0xBED46A6A, 0x468DCBCB, 0xD967BEBE, 0x4B723939, 0xDE944A4A, 0xD4984C4C, 0xE8B05858, 0x4A85CFCF, - 0x6BBBD0D0, 0x2AC5EFEF, 0xE54FAAAA, 0x16EDFBFB, 0xC5864343, 0xD79A4D4D, 0x55663333, 0x94118585, - 0xCF8A4545, 0x10E9F9F9, 0x06040202, 0x81FE7F7F, 0xF0A05050, 0x44783C3C, 0xBA259F9F, 0xE34BA8A8, - 0xF3A25151, 0xFE5DA3A3, 0xC0804040, 0x8A058F8F, 0xAD3F9292, 0xBC219D9D, 0x48703838, 0x04F1F5F5, - 0xDF63BCBC, 0xC177B6B6, 0x75AFDADA, 0x63422121, 0x30201010, 0x1AE5FFFF, 0x0EFDF3F3, 0x6DBFD2D2, - 0x4C81CDCD, 0x14180C0C, 0x35261313, 0x2FC3ECEC, 0xE1BE5F5F, 0xA2359797, 0xCC884444, 0x392E1717, - 0x5793C4C4, 0xF255A7A7, 0x82FC7E7E, 0x477A3D3D, 0xACC86464, 0xE7BA5D5D, 0x2B321919, 0x95E67373, - 0xA0C06060, 0x98198181, 0xD19E4F4F, 0x7FA3DCDC, 0x66442222, 0x7E542A2A, 0xAB3B9090, 0x830B8888, - 0xCA8C4646, 0x29C7EEEE, 0xD36BB8B8, 0x3C281414, 0x79A7DEDE, 0xE2BC5E5E, 0x1D160B0B, 0x76ADDBDB, - 0x3BDBE0E0, 0x56643232, 0x4E743A3A, 0x1E140A0A, 0xDB924949, 0x0A0C0606, 0x6C482424, 0xE4B85C5C, - 0x5D9FC2C2, 0x6EBDD3D3, 0xEF43ACAC, 0xA6C46262, 0xA8399191, 0xA4319595, 0x37D3E4E4, 0x8BF27979, - 0x32D5E7E7, 0x438BC8C8, 0x596E3737, 0xB7DA6D6D, 0x8C018D8D, 0x64B1D5D5, 0xD29C4E4E, 0xE049A9A9, - 0xB4D86C6C, 0xFAAC5656, 0x07F3F4F4, 0x25CFEAEA, 0xAFCA6565, 0x8EF47A7A, 0xE947AEAE, 0x18100808, - 0xD56FBABA, 0x88F07878, 0x6F4A2525, 0x725C2E2E, 0x24381C1C, 0xF157A6A6, 0xC773B4B4, 0x5197C6C6, - 0x23CBE8E8, 0x7CA1DDDD, 0x9CE87474, 0x213E1F1F, 0xDD964B4B, 0xDC61BDBD, 0x860D8B8B, 0x850F8A8A, - 0x90E07070, 0x427C3E3E, 0xC471B5B5, 0xAACC6666, 0xD8904848, 0x05060303, 0x01F7F6F6, 0x121C0E0E, - 0xA3C26161, 0x5F6A3535, 0xF9AE5757, 0xD069B9B9, 0x91178686, 0x5899C1C1, 0x273A1D1D, 0xB9279E9E, - 0x38D9E1E1, 0x13EBF8F8, 0xB32B9898, 0x33221111, 0xBBD26969, 0x70A9D9D9, 0x89078E8E, 0xA7339494, - 0xB62D9B9B, 0x223C1E1E, 0x92158787, 0x20C9E9E9, 0x4987CECE, 0xFFAA5555, 0x78502828, 0x7AA5DFDF, - 0x8F038C8C, 0xF859A1A1, 0x80098989, 0x171A0D0D, 0xDA65BFBF, 0x31D7E6E6, 0xC6844242, 0xB8D06868, - 0xC3824141, 0xB0299999, 0x775A2D2D, 0x111E0F0F, 0xCB7BB0B0, 0xFCA85454, 0xD66DBBBB, 0x3A2C1616 - ); - - /** - * Precomputed mixColumns table - * - * @see Crypt_Rijndael:_encryptBlock() - * @see Crypt_Rijndael:_decryptBlock() - * @var Array - * @access private - */ - var $t2 = array( - 0x63A5C663, 0x7C84F87C, 0x7799EE77, 0x7B8DF67B, 0xF20DFFF2, 0x6BBDD66B, 0x6FB1DE6F, 0xC55491C5, - 0x30506030, 0x01030201, 0x67A9CE67, 0x2B7D562B, 0xFE19E7FE, 0xD762B5D7, 0xABE64DAB, 0x769AEC76, - 0xCA458FCA, 0x829D1F82, 0xC94089C9, 0x7D87FA7D, 0xFA15EFFA, 0x59EBB259, 0x47C98E47, 0xF00BFBF0, - 0xADEC41AD, 0xD467B3D4, 0xA2FD5FA2, 0xAFEA45AF, 0x9CBF239C, 0xA4F753A4, 0x7296E472, 0xC05B9BC0, - 0xB7C275B7, 0xFD1CE1FD, 0x93AE3D93, 0x266A4C26, 0x365A6C36, 0x3F417E3F, 0xF702F5F7, 0xCC4F83CC, - 0x345C6834, 0xA5F451A5, 0xE534D1E5, 0xF108F9F1, 0x7193E271, 0xD873ABD8, 0x31536231, 0x153F2A15, - 0x040C0804, 0xC75295C7, 0x23654623, 0xC35E9DC3, 0x18283018, 0x96A13796, 0x050F0A05, 0x9AB52F9A, - 0x07090E07, 0x12362412, 0x809B1B80, 0xE23DDFE2, 0xEB26CDEB, 0x27694E27, 0xB2CD7FB2, 0x759FEA75, - 0x091B1209, 0x839E1D83, 0x2C74582C, 0x1A2E341A, 0x1B2D361B, 0x6EB2DC6E, 0x5AEEB45A, 0xA0FB5BA0, - 0x52F6A452, 0x3B4D763B, 0xD661B7D6, 0xB3CE7DB3, 0x297B5229, 0xE33EDDE3, 0x2F715E2F, 0x84971384, - 0x53F5A653, 0xD168B9D1, 0x00000000, 0xED2CC1ED, 0x20604020, 0xFC1FE3FC, 0xB1C879B1, 0x5BEDB65B, - 0x6ABED46A, 0xCB468DCB, 0xBED967BE, 0x394B7239, 0x4ADE944A, 0x4CD4984C, 0x58E8B058, 0xCF4A85CF, - 0xD06BBBD0, 0xEF2AC5EF, 0xAAE54FAA, 0xFB16EDFB, 0x43C58643, 0x4DD79A4D, 0x33556633, 0x85941185, - 0x45CF8A45, 0xF910E9F9, 0x02060402, 0x7F81FE7F, 0x50F0A050, 0x3C44783C, 0x9FBA259F, 0xA8E34BA8, - 0x51F3A251, 0xA3FE5DA3, 0x40C08040, 0x8F8A058F, 0x92AD3F92, 0x9DBC219D, 0x38487038, 0xF504F1F5, - 0xBCDF63BC, 0xB6C177B6, 0xDA75AFDA, 0x21634221, 0x10302010, 0xFF1AE5FF, 0xF30EFDF3, 0xD26DBFD2, - 0xCD4C81CD, 0x0C14180C, 0x13352613, 0xEC2FC3EC, 0x5FE1BE5F, 0x97A23597, 0x44CC8844, 0x17392E17, - 0xC45793C4, 0xA7F255A7, 0x7E82FC7E, 0x3D477A3D, 0x64ACC864, 0x5DE7BA5D, 0x192B3219, 0x7395E673, - 0x60A0C060, 0x81981981, 0x4FD19E4F, 0xDC7FA3DC, 0x22664422, 0x2A7E542A, 0x90AB3B90, 0x88830B88, - 0x46CA8C46, 0xEE29C7EE, 0xB8D36BB8, 0x143C2814, 0xDE79A7DE, 0x5EE2BC5E, 0x0B1D160B, 0xDB76ADDB, - 0xE03BDBE0, 0x32566432, 0x3A4E743A, 0x0A1E140A, 0x49DB9249, 0x060A0C06, 0x246C4824, 0x5CE4B85C, - 0xC25D9FC2, 0xD36EBDD3, 0xACEF43AC, 0x62A6C462, 0x91A83991, 0x95A43195, 0xE437D3E4, 0x798BF279, - 0xE732D5E7, 0xC8438BC8, 0x37596E37, 0x6DB7DA6D, 0x8D8C018D, 0xD564B1D5, 0x4ED29C4E, 0xA9E049A9, - 0x6CB4D86C, 0x56FAAC56, 0xF407F3F4, 0xEA25CFEA, 0x65AFCA65, 0x7A8EF47A, 0xAEE947AE, 0x08181008, - 0xBAD56FBA, 0x7888F078, 0x256F4A25, 0x2E725C2E, 0x1C24381C, 0xA6F157A6, 0xB4C773B4, 0xC65197C6, - 0xE823CBE8, 0xDD7CA1DD, 0x749CE874, 0x1F213E1F, 0x4BDD964B, 0xBDDC61BD, 0x8B860D8B, 0x8A850F8A, - 0x7090E070, 0x3E427C3E, 0xB5C471B5, 0x66AACC66, 0x48D89048, 0x03050603, 0xF601F7F6, 0x0E121C0E, - 0x61A3C261, 0x355F6A35, 0x57F9AE57, 0xB9D069B9, 0x86911786, 0xC15899C1, 0x1D273A1D, 0x9EB9279E, - 0xE138D9E1, 0xF813EBF8, 0x98B32B98, 0x11332211, 0x69BBD269, 0xD970A9D9, 0x8E89078E, 0x94A73394, - 0x9BB62D9B, 0x1E223C1E, 0x87921587, 0xE920C9E9, 0xCE4987CE, 0x55FFAA55, 0x28785028, 0xDF7AA5DF, - 0x8C8F038C, 0xA1F859A1, 0x89800989, 0x0D171A0D, 0xBFDA65BF, 0xE631D7E6, 0x42C68442, 0x68B8D068, - 0x41C38241, 0x99B02999, 0x2D775A2D, 0x0F111E0F, 0xB0CB7BB0, 0x54FCA854, 0xBBD66DBB, 0x163A2C16 - ); - - /** - * Precomputed mixColumns table - * - * @see Crypt_Rijndael:_encryptBlock() - * @see Crypt_Rijndael:_decryptBlock() - * @var Array - * @access private - */ - var $t3 = array( - 0x6363A5C6, 0x7C7C84F8, 0x777799EE, 0x7B7B8DF6, 0xF2F20DFF, 0x6B6BBDD6, 0x6F6FB1DE, 0xC5C55491, - 0x30305060, 0x01010302, 0x6767A9CE, 0x2B2B7D56, 0xFEFE19E7, 0xD7D762B5, 0xABABE64D, 0x76769AEC, - 0xCACA458F, 0x82829D1F, 0xC9C94089, 0x7D7D87FA, 0xFAFA15EF, 0x5959EBB2, 0x4747C98E, 0xF0F00BFB, - 0xADADEC41, 0xD4D467B3, 0xA2A2FD5F, 0xAFAFEA45, 0x9C9CBF23, 0xA4A4F753, 0x727296E4, 0xC0C05B9B, - 0xB7B7C275, 0xFDFD1CE1, 0x9393AE3D, 0x26266A4C, 0x36365A6C, 0x3F3F417E, 0xF7F702F5, 0xCCCC4F83, - 0x34345C68, 0xA5A5F451, 0xE5E534D1, 0xF1F108F9, 0x717193E2, 0xD8D873AB, 0x31315362, 0x15153F2A, - 0x04040C08, 0xC7C75295, 0x23236546, 0xC3C35E9D, 0x18182830, 0x9696A137, 0x05050F0A, 0x9A9AB52F, - 0x0707090E, 0x12123624, 0x80809B1B, 0xE2E23DDF, 0xEBEB26CD, 0x2727694E, 0xB2B2CD7F, 0x75759FEA, - 0x09091B12, 0x83839E1D, 0x2C2C7458, 0x1A1A2E34, 0x1B1B2D36, 0x6E6EB2DC, 0x5A5AEEB4, 0xA0A0FB5B, - 0x5252F6A4, 0x3B3B4D76, 0xD6D661B7, 0xB3B3CE7D, 0x29297B52, 0xE3E33EDD, 0x2F2F715E, 0x84849713, - 0x5353F5A6, 0xD1D168B9, 0x00000000, 0xEDED2CC1, 0x20206040, 0xFCFC1FE3, 0xB1B1C879, 0x5B5BEDB6, - 0x6A6ABED4, 0xCBCB468D, 0xBEBED967, 0x39394B72, 0x4A4ADE94, 0x4C4CD498, 0x5858E8B0, 0xCFCF4A85, - 0xD0D06BBB, 0xEFEF2AC5, 0xAAAAE54F, 0xFBFB16ED, 0x4343C586, 0x4D4DD79A, 0x33335566, 0x85859411, - 0x4545CF8A, 0xF9F910E9, 0x02020604, 0x7F7F81FE, 0x5050F0A0, 0x3C3C4478, 0x9F9FBA25, 0xA8A8E34B, - 0x5151F3A2, 0xA3A3FE5D, 0x4040C080, 0x8F8F8A05, 0x9292AD3F, 0x9D9DBC21, 0x38384870, 0xF5F504F1, - 0xBCBCDF63, 0xB6B6C177, 0xDADA75AF, 0x21216342, 0x10103020, 0xFFFF1AE5, 0xF3F30EFD, 0xD2D26DBF, - 0xCDCD4C81, 0x0C0C1418, 0x13133526, 0xECEC2FC3, 0x5F5FE1BE, 0x9797A235, 0x4444CC88, 0x1717392E, - 0xC4C45793, 0xA7A7F255, 0x7E7E82FC, 0x3D3D477A, 0x6464ACC8, 0x5D5DE7BA, 0x19192B32, 0x737395E6, - 0x6060A0C0, 0x81819819, 0x4F4FD19E, 0xDCDC7FA3, 0x22226644, 0x2A2A7E54, 0x9090AB3B, 0x8888830B, - 0x4646CA8C, 0xEEEE29C7, 0xB8B8D36B, 0x14143C28, 0xDEDE79A7, 0x5E5EE2BC, 0x0B0B1D16, 0xDBDB76AD, - 0xE0E03BDB, 0x32325664, 0x3A3A4E74, 0x0A0A1E14, 0x4949DB92, 0x06060A0C, 0x24246C48, 0x5C5CE4B8, - 0xC2C25D9F, 0xD3D36EBD, 0xACACEF43, 0x6262A6C4, 0x9191A839, 0x9595A431, 0xE4E437D3, 0x79798BF2, - 0xE7E732D5, 0xC8C8438B, 0x3737596E, 0x6D6DB7DA, 0x8D8D8C01, 0xD5D564B1, 0x4E4ED29C, 0xA9A9E049, - 0x6C6CB4D8, 0x5656FAAC, 0xF4F407F3, 0xEAEA25CF, 0x6565AFCA, 0x7A7A8EF4, 0xAEAEE947, 0x08081810, - 0xBABAD56F, 0x787888F0, 0x25256F4A, 0x2E2E725C, 0x1C1C2438, 0xA6A6F157, 0xB4B4C773, 0xC6C65197, - 0xE8E823CB, 0xDDDD7CA1, 0x74749CE8, 0x1F1F213E, 0x4B4BDD96, 0xBDBDDC61, 0x8B8B860D, 0x8A8A850F, - 0x707090E0, 0x3E3E427C, 0xB5B5C471, 0x6666AACC, 0x4848D890, 0x03030506, 0xF6F601F7, 0x0E0E121C, - 0x6161A3C2, 0x35355F6A, 0x5757F9AE, 0xB9B9D069, 0x86869117, 0xC1C15899, 0x1D1D273A, 0x9E9EB927, - 0xE1E138D9, 0xF8F813EB, 0x9898B32B, 0x11113322, 0x6969BBD2, 0xD9D970A9, 0x8E8E8907, 0x9494A733, - 0x9B9BB62D, 0x1E1E223C, 0x87879215, 0xE9E920C9, 0xCECE4987, 0x5555FFAA, 0x28287850, 0xDFDF7AA5, - 0x8C8C8F03, 0xA1A1F859, 0x89898009, 0x0D0D171A, 0xBFBFDA65, 0xE6E631D7, 0x4242C684, 0x6868B8D0, - 0x4141C382, 0x9999B029, 0x2D2D775A, 0x0F0F111E, 0xB0B0CB7B, 0x5454FCA8, 0xBBBBD66D, 0x16163A2C - ); - - /** - * Precomputed invMixColumns table - * - * @see Crypt_Rijndael:_encryptBlock() - * @see Crypt_Rijndael:_decryptBlock() - * @var Array - * @access private - */ - var $dt0 = array( - 0x51F4A750, 0x7E416553, 0x1A17A4C3, 0x3A275E96, 0x3BAB6BCB, 0x1F9D45F1, 0xACFA58AB, 0x4BE30393, - 0x2030FA55, 0xAD766DF6, 0x88CC7691, 0xF5024C25, 0x4FE5D7FC, 0xC52ACBD7, 0x26354480, 0xB562A38F, - 0xDEB15A49, 0x25BA1B67, 0x45EA0E98, 0x5DFEC0E1, 0xC32F7502, 0x814CF012, 0x8D4697A3, 0x6BD3F9C6, - 0x038F5FE7, 0x15929C95, 0xBF6D7AEB, 0x955259DA, 0xD4BE832D, 0x587421D3, 0x49E06929, 0x8EC9C844, - 0x75C2896A, 0xF48E7978, 0x99583E6B, 0x27B971DD, 0xBEE14FB6, 0xF088AD17, 0xC920AC66, 0x7DCE3AB4, - 0x63DF4A18, 0xE51A3182, 0x97513360, 0x62537F45, 0xB16477E0, 0xBB6BAE84, 0xFE81A01C, 0xF9082B94, - 0x70486858, 0x8F45FD19, 0x94DE6C87, 0x527BF8B7, 0xAB73D323, 0x724B02E2, 0xE31F8F57, 0x6655AB2A, - 0xB2EB2807, 0x2FB5C203, 0x86C57B9A, 0xD33708A5, 0x302887F2, 0x23BFA5B2, 0x02036ABA, 0xED16825C, - 0x8ACF1C2B, 0xA779B492, 0xF307F2F0, 0x4E69E2A1, 0x65DAF4CD, 0x0605BED5, 0xD134621F, 0xC4A6FE8A, - 0x342E539D, 0xA2F355A0, 0x058AE132, 0xA4F6EB75, 0x0B83EC39, 0x4060EFAA, 0x5E719F06, 0xBD6E1051, - 0x3E218AF9, 0x96DD063D, 0xDD3E05AE, 0x4DE6BD46, 0x91548DB5, 0x71C45D05, 0x0406D46F, 0x605015FF, - 0x1998FB24, 0xD6BDE997, 0x894043CC, 0x67D99E77, 0xB0E842BD, 0x07898B88, 0xE7195B38, 0x79C8EEDB, - 0xA17C0A47, 0x7C420FE9, 0xF8841EC9, 0x00000000, 0x09808683, 0x322BED48, 0x1E1170AC, 0x6C5A724E, - 0xFD0EFFFB, 0x0F853856, 0x3DAED51E, 0x362D3927, 0x0A0FD964, 0x685CA621, 0x9B5B54D1, 0x24362E3A, - 0x0C0A67B1, 0x9357E70F, 0xB4EE96D2, 0x1B9B919E, 0x80C0C54F, 0x61DC20A2, 0x5A774B69, 0x1C121A16, - 0xE293BA0A, 0xC0A02AE5, 0x3C22E043, 0x121B171D, 0x0E090D0B, 0xF28BC7AD, 0x2DB6A8B9, 0x141EA9C8, - 0x57F11985, 0xAF75074C, 0xEE99DDBB, 0xA37F60FD, 0xF701269F, 0x5C72F5BC, 0x44663BC5, 0x5BFB7E34, - 0x8B432976, 0xCB23C6DC, 0xB6EDFC68, 0xB8E4F163, 0xD731DCCA, 0x42638510, 0x13972240, 0x84C61120, - 0x854A247D, 0xD2BB3DF8, 0xAEF93211, 0xC729A16D, 0x1D9E2F4B, 0xDCB230F3, 0x0D8652EC, 0x77C1E3D0, - 0x2BB3166C, 0xA970B999, 0x119448FA, 0x47E96422, 0xA8FC8CC4, 0xA0F03F1A, 0x567D2CD8, 0x223390EF, - 0x87494EC7, 0xD938D1C1, 0x8CCAA2FE, 0x98D40B36, 0xA6F581CF, 0xA57ADE28, 0xDAB78E26, 0x3FADBFA4, - 0x2C3A9DE4, 0x5078920D, 0x6A5FCC9B, 0x547E4662, 0xF68D13C2, 0x90D8B8E8, 0x2E39F75E, 0x82C3AFF5, - 0x9F5D80BE, 0x69D0937C, 0x6FD52DA9, 0xCF2512B3, 0xC8AC993B, 0x10187DA7, 0xE89C636E, 0xDB3BBB7B, - 0xCD267809, 0x6E5918F4, 0xEC9AB701, 0x834F9AA8, 0xE6956E65, 0xAAFFE67E, 0x21BCCF08, 0xEF15E8E6, - 0xBAE79BD9, 0x4A6F36CE, 0xEA9F09D4, 0x29B07CD6, 0x31A4B2AF, 0x2A3F2331, 0xC6A59430, 0x35A266C0, - 0x744EBC37, 0xFC82CAA6, 0xE090D0B0, 0x33A7D815, 0xF104984A, 0x41ECDAF7, 0x7FCD500E, 0x1791F62F, - 0x764DD68D, 0x43EFB04D, 0xCCAA4D54, 0xE49604DF, 0x9ED1B5E3, 0x4C6A881B, 0xC12C1FB8, 0x4665517F, - 0x9D5EEA04, 0x018C355D, 0xFA877473, 0xFB0B412E, 0xB3671D5A, 0x92DBD252, 0xE9105633, 0x6DD64713, - 0x9AD7618C, 0x37A10C7A, 0x59F8148E, 0xEB133C89, 0xCEA927EE, 0xB761C935, 0xE11CE5ED, 0x7A47B13C, - 0x9CD2DF59, 0x55F2733F, 0x1814CE79, 0x73C737BF, 0x53F7CDEA, 0x5FFDAA5B, 0xDF3D6F14, 0x7844DB86, - 0xCAAFF381, 0xB968C43E, 0x3824342C, 0xC2A3405F, 0x161DC372, 0xBCE2250C, 0x283C498B, 0xFF0D9541, - 0x39A80171, 0x080CB3DE, 0xD8B4E49C, 0x6456C190, 0x7BCB8461, 0xD532B670, 0x486C5C74, 0xD0B85742 - ); - - /** - * Precomputed invMixColumns table - * - * @see Crypt_Rijndael:_encryptBlock() - * @see Crypt_Rijndael:_decryptBlock() - * @var Array - * @access private - */ - var $dt1 = array( - 0x5051F4A7, 0x537E4165, 0xC31A17A4, 0x963A275E, 0xCB3BAB6B, 0xF11F9D45, 0xABACFA58, 0x934BE303, - 0x552030FA, 0xF6AD766D, 0x9188CC76, 0x25F5024C, 0xFC4FE5D7, 0xD7C52ACB, 0x80263544, 0x8FB562A3, - 0x49DEB15A, 0x6725BA1B, 0x9845EA0E, 0xE15DFEC0, 0x02C32F75, 0x12814CF0, 0xA38D4697, 0xC66BD3F9, - 0xE7038F5F, 0x9515929C, 0xEBBF6D7A, 0xDA955259, 0x2DD4BE83, 0xD3587421, 0x2949E069, 0x448EC9C8, - 0x6A75C289, 0x78F48E79, 0x6B99583E, 0xDD27B971, 0xB6BEE14F, 0x17F088AD, 0x66C920AC, 0xB47DCE3A, - 0x1863DF4A, 0x82E51A31, 0x60975133, 0x4562537F, 0xE0B16477, 0x84BB6BAE, 0x1CFE81A0, 0x94F9082B, - 0x58704868, 0x198F45FD, 0x8794DE6C, 0xB7527BF8, 0x23AB73D3, 0xE2724B02, 0x57E31F8F, 0x2A6655AB, - 0x07B2EB28, 0x032FB5C2, 0x9A86C57B, 0xA5D33708, 0xF2302887, 0xB223BFA5, 0xBA02036A, 0x5CED1682, - 0x2B8ACF1C, 0x92A779B4, 0xF0F307F2, 0xA14E69E2, 0xCD65DAF4, 0xD50605BE, 0x1FD13462, 0x8AC4A6FE, - 0x9D342E53, 0xA0A2F355, 0x32058AE1, 0x75A4F6EB, 0x390B83EC, 0xAA4060EF, 0x065E719F, 0x51BD6E10, - 0xF93E218A, 0x3D96DD06, 0xAEDD3E05, 0x464DE6BD, 0xB591548D, 0x0571C45D, 0x6F0406D4, 0xFF605015, - 0x241998FB, 0x97D6BDE9, 0xCC894043, 0x7767D99E, 0xBDB0E842, 0x8807898B, 0x38E7195B, 0xDB79C8EE, - 0x47A17C0A, 0xE97C420F, 0xC9F8841E, 0x00000000, 0x83098086, 0x48322BED, 0xAC1E1170, 0x4E6C5A72, - 0xFBFD0EFF, 0x560F8538, 0x1E3DAED5, 0x27362D39, 0x640A0FD9, 0x21685CA6, 0xD19B5B54, 0x3A24362E, - 0xB10C0A67, 0x0F9357E7, 0xD2B4EE96, 0x9E1B9B91, 0x4F80C0C5, 0xA261DC20, 0x695A774B, 0x161C121A, - 0x0AE293BA, 0xE5C0A02A, 0x433C22E0, 0x1D121B17, 0x0B0E090D, 0xADF28BC7, 0xB92DB6A8, 0xC8141EA9, - 0x8557F119, 0x4CAF7507, 0xBBEE99DD, 0xFDA37F60, 0x9FF70126, 0xBC5C72F5, 0xC544663B, 0x345BFB7E, - 0x768B4329, 0xDCCB23C6, 0x68B6EDFC, 0x63B8E4F1, 0xCAD731DC, 0x10426385, 0x40139722, 0x2084C611, - 0x7D854A24, 0xF8D2BB3D, 0x11AEF932, 0x6DC729A1, 0x4B1D9E2F, 0xF3DCB230, 0xEC0D8652, 0xD077C1E3, - 0x6C2BB316, 0x99A970B9, 0xFA119448, 0x2247E964, 0xC4A8FC8C, 0x1AA0F03F, 0xD8567D2C, 0xEF223390, - 0xC787494E, 0xC1D938D1, 0xFE8CCAA2, 0x3698D40B, 0xCFA6F581, 0x28A57ADE, 0x26DAB78E, 0xA43FADBF, - 0xE42C3A9D, 0x0D507892, 0x9B6A5FCC, 0x62547E46, 0xC2F68D13, 0xE890D8B8, 0x5E2E39F7, 0xF582C3AF, - 0xBE9F5D80, 0x7C69D093, 0xA96FD52D, 0xB3CF2512, 0x3BC8AC99, 0xA710187D, 0x6EE89C63, 0x7BDB3BBB, - 0x09CD2678, 0xF46E5918, 0x01EC9AB7, 0xA8834F9A, 0x65E6956E, 0x7EAAFFE6, 0x0821BCCF, 0xE6EF15E8, - 0xD9BAE79B, 0xCE4A6F36, 0xD4EA9F09, 0xD629B07C, 0xAF31A4B2, 0x312A3F23, 0x30C6A594, 0xC035A266, - 0x37744EBC, 0xA6FC82CA, 0xB0E090D0, 0x1533A7D8, 0x4AF10498, 0xF741ECDA, 0x0E7FCD50, 0x2F1791F6, - 0x8D764DD6, 0x4D43EFB0, 0x54CCAA4D, 0xDFE49604, 0xE39ED1B5, 0x1B4C6A88, 0xB8C12C1F, 0x7F466551, - 0x049D5EEA, 0x5D018C35, 0x73FA8774, 0x2EFB0B41, 0x5AB3671D, 0x5292DBD2, 0x33E91056, 0x136DD647, - 0x8C9AD761, 0x7A37A10C, 0x8E59F814, 0x89EB133C, 0xEECEA927, 0x35B761C9, 0xEDE11CE5, 0x3C7A47B1, - 0x599CD2DF, 0x3F55F273, 0x791814CE, 0xBF73C737, 0xEA53F7CD, 0x5B5FFDAA, 0x14DF3D6F, 0x867844DB, - 0x81CAAFF3, 0x3EB968C4, 0x2C382434, 0x5FC2A340, 0x72161DC3, 0x0CBCE225, 0x8B283C49, 0x41FF0D95, - 0x7139A801, 0xDE080CB3, 0x9CD8B4E4, 0x906456C1, 0x617BCB84, 0x70D532B6, 0x74486C5C, 0x42D0B857 - ); - - /** - * Precomputed invMixColumns table - * - * @see Crypt_Rijndael:_encryptBlock() - * @see Crypt_Rijndael:_decryptBlock() - * @var Array - * @access private - */ - var $dt2 = array( - 0xA75051F4, 0x65537E41, 0xA4C31A17, 0x5E963A27, 0x6BCB3BAB, 0x45F11F9D, 0x58ABACFA, 0x03934BE3, - 0xFA552030, 0x6DF6AD76, 0x769188CC, 0x4C25F502, 0xD7FC4FE5, 0xCBD7C52A, 0x44802635, 0xA38FB562, - 0x5A49DEB1, 0x1B6725BA, 0x0E9845EA, 0xC0E15DFE, 0x7502C32F, 0xF012814C, 0x97A38D46, 0xF9C66BD3, - 0x5FE7038F, 0x9C951592, 0x7AEBBF6D, 0x59DA9552, 0x832DD4BE, 0x21D35874, 0x692949E0, 0xC8448EC9, - 0x896A75C2, 0x7978F48E, 0x3E6B9958, 0x71DD27B9, 0x4FB6BEE1, 0xAD17F088, 0xAC66C920, 0x3AB47DCE, - 0x4A1863DF, 0x3182E51A, 0x33609751, 0x7F456253, 0x77E0B164, 0xAE84BB6B, 0xA01CFE81, 0x2B94F908, - 0x68587048, 0xFD198F45, 0x6C8794DE, 0xF8B7527B, 0xD323AB73, 0x02E2724B, 0x8F57E31F, 0xAB2A6655, - 0x2807B2EB, 0xC2032FB5, 0x7B9A86C5, 0x08A5D337, 0x87F23028, 0xA5B223BF, 0x6ABA0203, 0x825CED16, - 0x1C2B8ACF, 0xB492A779, 0xF2F0F307, 0xE2A14E69, 0xF4CD65DA, 0xBED50605, 0x621FD134, 0xFE8AC4A6, - 0x539D342E, 0x55A0A2F3, 0xE132058A, 0xEB75A4F6, 0xEC390B83, 0xEFAA4060, 0x9F065E71, 0x1051BD6E, - 0x8AF93E21, 0x063D96DD, 0x05AEDD3E, 0xBD464DE6, 0x8DB59154, 0x5D0571C4, 0xD46F0406, 0x15FF6050, - 0xFB241998, 0xE997D6BD, 0x43CC8940, 0x9E7767D9, 0x42BDB0E8, 0x8B880789, 0x5B38E719, 0xEEDB79C8, - 0x0A47A17C, 0x0FE97C42, 0x1EC9F884, 0x00000000, 0x86830980, 0xED48322B, 0x70AC1E11, 0x724E6C5A, - 0xFFFBFD0E, 0x38560F85, 0xD51E3DAE, 0x3927362D, 0xD9640A0F, 0xA621685C, 0x54D19B5B, 0x2E3A2436, - 0x67B10C0A, 0xE70F9357, 0x96D2B4EE, 0x919E1B9B, 0xC54F80C0, 0x20A261DC, 0x4B695A77, 0x1A161C12, - 0xBA0AE293, 0x2AE5C0A0, 0xE0433C22, 0x171D121B, 0x0D0B0E09, 0xC7ADF28B, 0xA8B92DB6, 0xA9C8141E, - 0x198557F1, 0x074CAF75, 0xDDBBEE99, 0x60FDA37F, 0x269FF701, 0xF5BC5C72, 0x3BC54466, 0x7E345BFB, - 0x29768B43, 0xC6DCCB23, 0xFC68B6ED, 0xF163B8E4, 0xDCCAD731, 0x85104263, 0x22401397, 0x112084C6, - 0x247D854A, 0x3DF8D2BB, 0x3211AEF9, 0xA16DC729, 0x2F4B1D9E, 0x30F3DCB2, 0x52EC0D86, 0xE3D077C1, - 0x166C2BB3, 0xB999A970, 0x48FA1194, 0x642247E9, 0x8CC4A8FC, 0x3F1AA0F0, 0x2CD8567D, 0x90EF2233, - 0x4EC78749, 0xD1C1D938, 0xA2FE8CCA, 0x0B3698D4, 0x81CFA6F5, 0xDE28A57A, 0x8E26DAB7, 0xBFA43FAD, - 0x9DE42C3A, 0x920D5078, 0xCC9B6A5F, 0x4662547E, 0x13C2F68D, 0xB8E890D8, 0xF75E2E39, 0xAFF582C3, - 0x80BE9F5D, 0x937C69D0, 0x2DA96FD5, 0x12B3CF25, 0x993BC8AC, 0x7DA71018, 0x636EE89C, 0xBB7BDB3B, - 0x7809CD26, 0x18F46E59, 0xB701EC9A, 0x9AA8834F, 0x6E65E695, 0xE67EAAFF, 0xCF0821BC, 0xE8E6EF15, - 0x9BD9BAE7, 0x36CE4A6F, 0x09D4EA9F, 0x7CD629B0, 0xB2AF31A4, 0x23312A3F, 0x9430C6A5, 0x66C035A2, - 0xBC37744E, 0xCAA6FC82, 0xD0B0E090, 0xD81533A7, 0x984AF104, 0xDAF741EC, 0x500E7FCD, 0xF62F1791, - 0xD68D764D, 0xB04D43EF, 0x4D54CCAA, 0x04DFE496, 0xB5E39ED1, 0x881B4C6A, 0x1FB8C12C, 0x517F4665, - 0xEA049D5E, 0x355D018C, 0x7473FA87, 0x412EFB0B, 0x1D5AB367, 0xD25292DB, 0x5633E910, 0x47136DD6, - 0x618C9AD7, 0x0C7A37A1, 0x148E59F8, 0x3C89EB13, 0x27EECEA9, 0xC935B761, 0xE5EDE11C, 0xB13C7A47, - 0xDF599CD2, 0x733F55F2, 0xCE791814, 0x37BF73C7, 0xCDEA53F7, 0xAA5B5FFD, 0x6F14DF3D, 0xDB867844, - 0xF381CAAF, 0xC43EB968, 0x342C3824, 0x405FC2A3, 0xC372161D, 0x250CBCE2, 0x498B283C, 0x9541FF0D, - 0x017139A8, 0xB3DE080C, 0xE49CD8B4, 0xC1906456, 0x84617BCB, 0xB670D532, 0x5C74486C, 0x5742D0B8 - ); - - /** - * Precomputed invMixColumns table - * - * @see Crypt_Rijndael:_encryptBlock() - * @see Crypt_Rijndael:_decryptBlock() - * @var Array - * @access private - */ - var $dt3 = array( - 0xF4A75051, 0x4165537E, 0x17A4C31A, 0x275E963A, 0xAB6BCB3B, 0x9D45F11F, 0xFA58ABAC, 0xE303934B, - 0x30FA5520, 0x766DF6AD, 0xCC769188, 0x024C25F5, 0xE5D7FC4F, 0x2ACBD7C5, 0x35448026, 0x62A38FB5, - 0xB15A49DE, 0xBA1B6725, 0xEA0E9845, 0xFEC0E15D, 0x2F7502C3, 0x4CF01281, 0x4697A38D, 0xD3F9C66B, - 0x8F5FE703, 0x929C9515, 0x6D7AEBBF, 0x5259DA95, 0xBE832DD4, 0x7421D358, 0xE0692949, 0xC9C8448E, - 0xC2896A75, 0x8E7978F4, 0x583E6B99, 0xB971DD27, 0xE14FB6BE, 0x88AD17F0, 0x20AC66C9, 0xCE3AB47D, - 0xDF4A1863, 0x1A3182E5, 0x51336097, 0x537F4562, 0x6477E0B1, 0x6BAE84BB, 0x81A01CFE, 0x082B94F9, - 0x48685870, 0x45FD198F, 0xDE6C8794, 0x7BF8B752, 0x73D323AB, 0x4B02E272, 0x1F8F57E3, 0x55AB2A66, - 0xEB2807B2, 0xB5C2032F, 0xC57B9A86, 0x3708A5D3, 0x2887F230, 0xBFA5B223, 0x036ABA02, 0x16825CED, - 0xCF1C2B8A, 0x79B492A7, 0x07F2F0F3, 0x69E2A14E, 0xDAF4CD65, 0x05BED506, 0x34621FD1, 0xA6FE8AC4, - 0x2E539D34, 0xF355A0A2, 0x8AE13205, 0xF6EB75A4, 0x83EC390B, 0x60EFAA40, 0x719F065E, 0x6E1051BD, - 0x218AF93E, 0xDD063D96, 0x3E05AEDD, 0xE6BD464D, 0x548DB591, 0xC45D0571, 0x06D46F04, 0x5015FF60, - 0x98FB2419, 0xBDE997D6, 0x4043CC89, 0xD99E7767, 0xE842BDB0, 0x898B8807, 0x195B38E7, 0xC8EEDB79, - 0x7C0A47A1, 0x420FE97C, 0x841EC9F8, 0x00000000, 0x80868309, 0x2BED4832, 0x1170AC1E, 0x5A724E6C, - 0x0EFFFBFD, 0x8538560F, 0xAED51E3D, 0x2D392736, 0x0FD9640A, 0x5CA62168, 0x5B54D19B, 0x362E3A24, - 0x0A67B10C, 0x57E70F93, 0xEE96D2B4, 0x9B919E1B, 0xC0C54F80, 0xDC20A261, 0x774B695A, 0x121A161C, - 0x93BA0AE2, 0xA02AE5C0, 0x22E0433C, 0x1B171D12, 0x090D0B0E, 0x8BC7ADF2, 0xB6A8B92D, 0x1EA9C814, - 0xF1198557, 0x75074CAF, 0x99DDBBEE, 0x7F60FDA3, 0x01269FF7, 0x72F5BC5C, 0x663BC544, 0xFB7E345B, - 0x4329768B, 0x23C6DCCB, 0xEDFC68B6, 0xE4F163B8, 0x31DCCAD7, 0x63851042, 0x97224013, 0xC6112084, - 0x4A247D85, 0xBB3DF8D2, 0xF93211AE, 0x29A16DC7, 0x9E2F4B1D, 0xB230F3DC, 0x8652EC0D, 0xC1E3D077, - 0xB3166C2B, 0x70B999A9, 0x9448FA11, 0xE9642247, 0xFC8CC4A8, 0xF03F1AA0, 0x7D2CD856, 0x3390EF22, - 0x494EC787, 0x38D1C1D9, 0xCAA2FE8C, 0xD40B3698, 0xF581CFA6, 0x7ADE28A5, 0xB78E26DA, 0xADBFA43F, - 0x3A9DE42C, 0x78920D50, 0x5FCC9B6A, 0x7E466254, 0x8D13C2F6, 0xD8B8E890, 0x39F75E2E, 0xC3AFF582, - 0x5D80BE9F, 0xD0937C69, 0xD52DA96F, 0x2512B3CF, 0xAC993BC8, 0x187DA710, 0x9C636EE8, 0x3BBB7BDB, - 0x267809CD, 0x5918F46E, 0x9AB701EC, 0x4F9AA883, 0x956E65E6, 0xFFE67EAA, 0xBCCF0821, 0x15E8E6EF, - 0xE79BD9BA, 0x6F36CE4A, 0x9F09D4EA, 0xB07CD629, 0xA4B2AF31, 0x3F23312A, 0xA59430C6, 0xA266C035, - 0x4EBC3774, 0x82CAA6FC, 0x90D0B0E0, 0xA7D81533, 0x04984AF1, 0xECDAF741, 0xCD500E7F, 0x91F62F17, - 0x4DD68D76, 0xEFB04D43, 0xAA4D54CC, 0x9604DFE4, 0xD1B5E39E, 0x6A881B4C, 0x2C1FB8C1, 0x65517F46, - 0x5EEA049D, 0x8C355D01, 0x877473FA, 0x0B412EFB, 0x671D5AB3, 0xDBD25292, 0x105633E9, 0xD647136D, - 0xD7618C9A, 0xA10C7A37, 0xF8148E59, 0x133C89EB, 0xA927EECE, 0x61C935B7, 0x1CE5EDE1, 0x47B13C7A, - 0xD2DF599C, 0xF2733F55, 0x14CE7918, 0xC737BF73, 0xF7CDEA53, 0xFDAA5B5F, 0x3D6F14DF, 0x44DB8678, - 0xAFF381CA, 0x68C43EB9, 0x24342C38, 0xA3405FC2, 0x1DC37216, 0xE2250CBC, 0x3C498B28, 0x0D9541FF, - 0xA8017139, 0x0CB3DE08, 0xB4E49CD8, 0x56C19064, 0xCB84617B, 0x32B670D5, 0x6C5C7448, 0xB85742D0 - ); - - /** - * The SubByte S-Box - * - * @see Crypt_Rijndael::_encryptBlock() - * @var Array - * @access private - */ - var $sbox = array( - 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76, - 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0, - 0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC, 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15, - 0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75, - 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84, - 0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B, 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF, - 0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8, - 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2, - 0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17, 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73, - 0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB, - 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79, - 0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9, 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08, - 0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A, - 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E, - 0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94, 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF, - 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 - ); - - /** - * The inverse SubByte S-Box - * - * @see Crypt_Rijndael::_decryptBlock() - * @var Array - * @access private - */ - var $isbox = array( - 0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, 0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB, - 0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87, 0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB, - 0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D, 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E, - 0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, 0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25, - 0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92, - 0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA, 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84, - 0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, 0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06, - 0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02, 0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B, - 0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA, 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73, - 0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, 0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E, - 0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89, 0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B, - 0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20, 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4, - 0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, 0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F, - 0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D, 0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF, - 0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0, 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61, - 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D - ); - /** * Default Constructor. * - * Determines whether or not the mcrypt extension should be used. - * - * $mode could be: - * - * - CRYPT_RIJNDAEL_MODE_ECB - * - * - CRYPT_RIJNDAEL_MODE_CBC - * - * - CRYPT_RIJNDAEL_MODE_CTR - * - * - CRYPT_RIJNDAEL_MODE_CFB - * - * - CRYPT_RIJNDAEL_MODE_OFB - * - * If not explictly set, CRYPT_RIJNDAEL_MODE_CBC will be used. - * - * @see Crypt_Base::Crypt_Base() - * @param optional Integer $mode + * @param int $mode * @access public + * @throws \InvalidArgumentException if an invalid / unsupported mode is provided */ - function Crypt_Rijndael($mode = CRYPT_RIJNDAEL_MODE_CBC) + function __construct($mode) { - parent::Crypt_Base($mode); - } - - /** - * Sets the key. - * - * Keys can be of any length. Rijndael, itself, requires the use of a key that's between 128-bits and 256-bits long and - * whose length is a multiple of 32. If the key is less than 256-bits and the key length isn't set, we round the length - * up to the closest valid key length, padding $key with null bytes. If the key is more than 256-bits, we trim the - * excess bits. - * - * If the key is not explicitly set, it'll be assumed to be all null bytes. - * - * Note: 160/224-bit keys must explicitly set by setKeyLength(), otherwise they will be round/pad up to 192/256 bits. - * - * @see Crypt_Base:setKey() - * @see setKeyLength() - * @access public - * @param String $key - */ - function setKey($key) - { - parent::setKey($key); - - if (!$this->explicit_key_length) { - $length = strlen($key); - switch (true) { - case $length <= 16: - $this->key_size = 16; - break; - case $length <= 24: - $this->key_size = 24; - break; - default: - $this->key_size = 32; - } - $this->_setupEngine(); + if ($mode == self::MODE_STREAM) { + throw new \InvalidArgumentException('Block ciphers cannot be ran in stream mode'); } + + parent::__construct($mode); } /** - * Sets the key length + * Sets the key length. * - * Valid key lengths are 128, 160, 192, 224, and 256. If the length is less than 128, it will be rounded up to - * 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount. + * Valid key lengths are 128, 160, 192, 224, and 256. * * Note: phpseclib extends Rijndael (and AES) for using 160- and 224-bit keys but they are officially not defined * and the most (if not all) implementations are not able using 160/224-bit keys but round/pad them up to @@ -755,147 +197,132 @@ class Crypt_Rijndael extends Crypt_Base { * you should not setKeyLength(160) or setKeyLength(224). * * Additional: In case of 160- and 224-bit keys, phpseclib will/can, for that reason, not use - * the mcrypt php extention, even if available. + * the mcrypt php extension, even if available. * This results then in slower encryption. * * @access public - * @param Integer $length + * @throws \LengthException if the key length is invalid + * @param int $length */ function setKeyLength($length) { - switch (true) { - case $length == 160: - $this->key_size = 20; - break; - case $length == 224: - $this->key_size = 28; - break; - case $length <= 128: - $this->key_size = 16; - break; - case $length <= 192: - $this->key_size = 24; + switch ($length) { + case 128: + case 160: + case 192: + case 224: + case 256: + $this->key_length = $length >> 3; break; default: - $this->key_size = 32; + throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys of sizes 128, 160, 192, 224 or 256 bits are supported'); } - $this->explicit_key_length = true; - $this->changed = true; - $this->_setupEngine(); + parent::setKeyLength($length); + } + + /** + * Sets the key. + * + * Rijndael supports five different key lengths + * + * @see setKeyLength() + * @access public + * @param string $key + * @throws \LengthException if the key length isn't supported + */ + function setKey($key) + { + switch (strlen($key)) { + case 16: + case 20: + case 24: + case 28: + case 32: + break; + default: + throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16, 20, 24, 28 or 32 are supported'); + } + + parent::setKey($key); } /** * Sets the block length * - * Valid block lengths are 128, 160, 192, 224, and 256. If the length is less than 128, it will be rounded up to - * 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount. + * Valid block lengths are 128, 160, 192, 224, and 256. * * @access public - * @param Integer $length + * @param int $length */ function setBlockLength($length) { - $length >>= 5; - if ($length > 8) { - $length = 8; - } else if ($length < 4) { - $length = 4; - } - $this->Nb = $length; - $this->block_size = $length << 2; - $this->changed = true; - $this->_setupEngine(); - } - - /** - * Setup the fastest possible $engine - * - * Determines if the mcrypt (MODE_MCRYPT) $engine available - * and usable for the current $block_size and $key_size. - * - * If not, the slower MODE_INTERNAL $engine will be set. - * - * @see setKey() - * @see setKeyLength() - * @see setBlockLength() - * @access private - */ - function _setupEngine() - { - if (constant('CRYPT_' . $this->const_namespace . '_MODE') == CRYPT_MODE_INTERNAL) { - // No mcrypt support at all for rijndael - return; - } - - // The required mcrypt module name for the current $block_size of rijndael - $cipher_name_mcrypt = 'rijndael-' . ($this->block_size << 3); - - // Determining the availibility/usability of $cipher_name_mcrypt - switch (true) { - case $this->key_size % 8: // mcrypt is not usable for 160/224-bit keys, only for 128/192/256-bit keys - case !in_array($cipher_name_mcrypt, mcrypt_list_algorithms()): // $cipher_name_mcrypt is not available for the current $block_size - $engine = CRYPT_MODE_INTERNAL; + switch ($length) { + case 128: + case 160: + case 192: + case 224: + case 256: break; default: - $engine = CRYPT_MODE_MCRYPT; + throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys of sizes 128, 160, 192, 224 or 256 bits are supported'); } - if ($this->engine == $engine && $this->cipher_name_mcrypt == $cipher_name_mcrypt) { - // allready set, so we not unnecessary close $this->enmcrypt/demcrypt/ecb - return; - } - - // Set the $engine - $this->engine = $engine; - $this->cipher_name_mcrypt = $cipher_name_mcrypt; - - if ($this->enmcrypt) { - // Closing the current mcrypt resource(s). _mcryptSetup() will, if needed, - // (re)open them with the module named in $this->cipher_name_mcrypt - mcrypt_module_close($this->enmcrypt); - mcrypt_module_close($this->demcrypt); - $this->enmcrypt = null; - $this->demcrypt = null; - - if ($this->ecb) { - mcrypt_module_close($this->ecb); - $this->ecb = null; - } - } + $this->Nb = $length >> 5; + $this->block_size = $length >> 3; + $this->changed = true; + $this->_setEngine(); } /** - * Setup the CRYPT_MODE_MCRYPT $engine + * Test for engine validity * - * @see Crypt_Base::_setupMcrypt() - * @access private + * This is mainly just a wrapper to set things up for \phpseclib\Crypt\Base::isValidEngine() + * + * @see \phpseclib\Crypt\Base::__construct() + * @param int $engine + * @access public + * @return bool */ - function _setupMcrypt() + function isValidEngine($engine) { - $this->key = str_pad(substr($this->key, 0, $this->key_size), $this->key_size, "\0"); - parent::_setupMcrypt(); + switch ($engine) { + case self::ENGINE_OPENSSL: + if ($this->block_size != 16) { + return false; + } + $this->cipher_name_openssl_ecb = 'aes-' . ($this->key_length << 3) . '-ecb'; + $this->cipher_name_openssl = 'aes-' . ($this->key_length << 3) . '-' . $this->_openssl_translate_mode(); + break; + case self::ENGINE_MCRYPT: + $this->cipher_name_mcrypt = 'rijndael-' . ($this->block_size << 3); + if ($this->key_length % 8) { // is it a 160/224-bit key? + // mcrypt is not usable for them, only for 128/192/256-bit keys + return false; + } + } + + return parent::isValidEngine($engine); } /** * Encrypts a block * * @access private - * @param String $in - * @return String + * @param string $in + * @return string */ function _encryptBlock($in) { - static $t0, $t1, $t2, $t3, $sbox; - if (!$t0) { - for ($i = 0; $i < 256; ++$i) { - $t0[] = (int)$this->t0[$i]; - $t1[] = (int)$this->t1[$i]; - $t2[] = (int)$this->t2[$i]; - $t3[] = (int)$this->t3[$i]; - $sbox[] = (int)$this->sbox[$i]; - } + static $tables; + if (empty($tables)) { + $tables = &$this->_getTables(); } + $t0 = $tables[0]; + $t1 = $tables[1]; + $t2 = $tables[2]; + $t3 = $tables[3]; + $sbox = $tables[4]; $state = array(); $words = unpack('N*', $in); @@ -906,9 +333,9 @@ class Crypt_Rijndael extends Crypt_Base { $Nr = $this->Nr; // addRoundKey - $i = -1; + $wc = $Nb - 1; foreach ($words as $word) { - $state[] = $word ^ $w[0][++$i]; + $state[] = $word ^ $w[++$wc]; } // fips-197.pdf#page=19, "Figure 5. Pseudo Code for the Cipher", states that this loop has four components - @@ -931,7 +358,7 @@ class Crypt_Rijndael extends Crypt_Base { $t1[$state[$j] >> 16 & 0x000000FF] ^ $t2[$state[$k] >> 8 & 0x000000FF] ^ $t3[$state[$l] & 0x000000FF] ^ - $w[$round][$i]; + $w[++$wc]; ++$i; $j = ($j + 1) % $Nb; $k = ($k + 1) % $Nb; @@ -958,7 +385,7 @@ class Crypt_Rijndael extends Crypt_Base { ($state[$j] & 0x00FF0000) ^ ($state[$k] & 0x0000FF00) ^ ($state[$l] & 0x000000FF) ^ - $w[$Nr][$i]; + $w[$i]; ++$i; $j = ($j + 1) % $Nb; $k = ($k + 1) % $Nb; @@ -983,21 +410,20 @@ class Crypt_Rijndael extends Crypt_Base { * Decrypts a block * * @access private - * @param String $in - * @return String + * @param string $in + * @return string */ function _decryptBlock($in) { - static $dt0, $dt1, $dt2, $dt3, $isbox; - if (!$dt0) { - for ($i = 0; $i < 256; ++$i) { - $dt0[] = (int)$this->dt0[$i]; - $dt1[] = (int)$this->dt1[$i]; - $dt2[] = (int)$this->dt2[$i]; - $dt3[] = (int)$this->dt3[$i]; - $isbox[] = (int)$this->isbox[$i]; - } + static $invtables; + if (empty($invtables)) { + $invtables = &$this->_getInvTables(); } + $dt0 = $invtables[0]; + $dt1 = $invtables[1]; + $dt2 = $invtables[2]; + $dt3 = $invtables[3]; + $isbox = $invtables[4]; $state = array(); $words = unpack('N*', $in); @@ -1008,9 +434,9 @@ class Crypt_Rijndael extends Crypt_Base { $Nr = $this->Nr; // addRoundKey - $i = -1; + $wc = $Nb - 1; foreach ($words as $word) { - $state[] = $word ^ $dw[$Nr][++$i]; + $state[] = $word ^ $dw[++$wc]; } $temp = array(); @@ -1025,7 +451,7 @@ class Crypt_Rijndael extends Crypt_Base { $dt1[$state[$j] >> 16 & 0x000000FF] ^ $dt2[$state[$k] >> 8 & 0x000000FF] ^ $dt3[$state[$l] & 0x000000FF] ^ - $dw[$round][$i]; + $dw[++$wc]; ++$i; $j = ($j + 1) % $Nb; $k = ($k + 1) % $Nb; @@ -1046,10 +472,10 @@ class Crypt_Rijndael extends Crypt_Base { ($state[$k] & 0x0000FF00) | ($state[$l] & 0x000000FF); - $temp[$i] = $dw[0][$i] ^ ($isbox[$word & 0x000000FF] | - ($isbox[$word >> 8 & 0x000000FF] << 8) | - ($isbox[$word >> 16 & 0x000000FF] << 16) | - ($isbox[$word >> 24 & 0x000000FF] << 24)); + $temp[$i] = $dw[$i] ^ ($isbox[$word & 0x000000FF] | + ($isbox[$word >> 8 & 0x000000FF] << 8) | + ($isbox[$word >> 16 & 0x000000FF] << 16) | + ($isbox[$word >> 24 & 0x000000FF] << 24)); ++$i; $j = ($j + 1) % $Nb; $k = ($k + 1) % $Nb; @@ -1073,7 +499,7 @@ class Crypt_Rijndael extends Crypt_Base { /** * Setup the key (expansion) * - * @see Crypt_Base::_setupKey() + * @see \phpseclib\Crypt\Base::_setupKey() * @access private */ function _setupKey() @@ -1089,15 +515,13 @@ class Crypt_Rijndael extends Crypt_Base { 0x7D000000, 0xFA000000, 0xEF000000, 0xC5000000, 0x91000000 ); - $this->key = str_pad(substr($this->key, 0, $this->key_size), $this->key_size, "\0"); - - if (isset($this->kl['key']) && $this->key === $this->kl['key'] && $this->key_size === $this->kl['key_size'] && $this->block_size === $this->kl['block_size']) { + if (isset($this->kl['key']) && $this->key === $this->kl['key'] && $this->key_length === $this->kl['key_length'] && $this->block_size === $this->kl['block_size']) { // already expanded return; } - $this->kl = array('key' => $this->key, 'key_size' => $this->key_size, 'block_size' => $this->block_size); + $this->kl = array('key' => $this->key, 'key_length' => $this->key_length, 'block_size' => $this->block_size); - $this->Nk = $this->key_size >> 2; + $this->Nk = $this->key_length >> 2; // see Rijndael-ammended.pdf#page=44 $this->Nr = max($this->Nk, $this->Nb) + 6; @@ -1130,7 +554,7 @@ class Crypt_Rijndael extends Crypt_Base { // with 0xFFFFFFFF (or 0xFFFFFF00) on a 32-bit machine is unnecessary, but on a 64-bit machine, it is. $temp = (($temp << 8) & 0xFFFFFF00) | (($temp >> 24) & 0x000000FF); // rotWord $temp = $this->_subWord($temp) ^ $rcon[$i / $this->Nk]; - } else if ($this->Nk > 6 && $i % $this->Nk == 4) { + } elseif ($this->Nk > 6 && $i % $this->Nk == 4) { $temp = $this->_subWord($temp); } $w[$i] = $w[$i - $this->Nk] ^ $temp; @@ -1143,6 +567,7 @@ class Crypt_Rijndael extends Crypt_Base { // 1. Apply the Key Expansion. // 2. Apply InvMixColumn to all Round Keys except the first and the last one." // also, see fips-197.pdf#page=27, "5.3.5 Equivalent Inverse Cipher" + list($dt0, $dt1, $dt2, $dt3) = $this->_getInvTables(); $temp = $this->w = $this->dw = array(); for ($i = $row = $col = 0; $i < $length; $i++, $col++) { if ($col == $this->Nb) { @@ -1153,10 +578,10 @@ class Crypt_Rijndael extends Crypt_Base { $j = 0; while ($j < $this->Nb) { $dw = $this->_subWord($this->w[$row][$j]); - $temp[$j] = $this->dt0[$dw >> 24 & 0x000000FF] ^ - $this->dt1[$dw >> 16 & 0x000000FF] ^ - $this->dt2[$dw >> 8 & 0x000000FF] ^ - $this->dt3[$dw & 0x000000FF]; + $temp[$j] = $dt0[$dw >> 24 & 0x000000FF] ^ + $dt1[$dw >> 16 & 0x000000FF] ^ + $dt2[$dw >> 8 & 0x000000FF] ^ + $dt3[$dw & 0x000000FF]; $j++; } $this->dw[$row] = $temp; @@ -1170,31 +595,32 @@ class Crypt_Rijndael extends Crypt_Base { $this->dw[$row] = $this->w[$row]; - // In case of $this->use_inline_crypt === true we have to use 1-dim key arrays (both ascending) - if ($this->use_inline_crypt) { - $this->dw = array_reverse($this->dw); - $w = array_pop($this->w); - $dw = array_pop($this->dw); - foreach ($this->w as $r => $wr) { - foreach ($wr as $c => $wc) { - $w[] = $wc; - $dw[] = $this->dw[$r][$c]; - } + // Converting to 1-dim key arrays (both ascending) + $this->dw = array_reverse($this->dw); + $w = array_pop($this->w); + $dw = array_pop($this->dw); + foreach ($this->w as $r => $wr) { + foreach ($wr as $c => $wc) { + $w[] = $wc; + $dw[] = $this->dw[$r][$c]; } - $this->w = $w; - $this->dw = $dw; } + $this->w = $w; + $this->dw = $dw; } /** * Performs S-Box substitutions * * @access private - * @param Integer $word + * @param int $word */ function _subWord($word) { - $sbox = $this->sbox; + static $sbox; + if (empty($sbox)) { + list(, , , , $sbox) = $this->_getTables(); + } return $sbox[$word & 0x000000FF] | ($sbox[$word >> 8 & 0x000000FF] << 8) | @@ -1202,10 +628,183 @@ class Crypt_Rijndael extends Crypt_Base { ($sbox[$word >> 24 & 0x000000FF] << 24); } + /** + * Provides the mixColumns and sboxes tables + * + * @see self::_encryptBlock() + * @see self::_setupInlineCrypt() + * @see self::_subWord() + * @access private + * @return array &$tables + */ + function &_getTables() + { + static $tables; + if (empty($tables)) { + // according to (section 5.2.1), + // precomputed tables can be used in the mixColumns phase. in that example, they're assigned t0...t3, so + // those are the names we'll use. + $t3 = array_map('intval', array( + // with array_map('intval', ...) we ensure we have only int's and not + // some slower floats converted by php automatically on high values + 0x6363A5C6, 0x7C7C84F8, 0x777799EE, 0x7B7B8DF6, 0xF2F20DFF, 0x6B6BBDD6, 0x6F6FB1DE, 0xC5C55491, + 0x30305060, 0x01010302, 0x6767A9CE, 0x2B2B7D56, 0xFEFE19E7, 0xD7D762B5, 0xABABE64D, 0x76769AEC, + 0xCACA458F, 0x82829D1F, 0xC9C94089, 0x7D7D87FA, 0xFAFA15EF, 0x5959EBB2, 0x4747C98E, 0xF0F00BFB, + 0xADADEC41, 0xD4D467B3, 0xA2A2FD5F, 0xAFAFEA45, 0x9C9CBF23, 0xA4A4F753, 0x727296E4, 0xC0C05B9B, + 0xB7B7C275, 0xFDFD1CE1, 0x9393AE3D, 0x26266A4C, 0x36365A6C, 0x3F3F417E, 0xF7F702F5, 0xCCCC4F83, + 0x34345C68, 0xA5A5F451, 0xE5E534D1, 0xF1F108F9, 0x717193E2, 0xD8D873AB, 0x31315362, 0x15153F2A, + 0x04040C08, 0xC7C75295, 0x23236546, 0xC3C35E9D, 0x18182830, 0x9696A137, 0x05050F0A, 0x9A9AB52F, + 0x0707090E, 0x12123624, 0x80809B1B, 0xE2E23DDF, 0xEBEB26CD, 0x2727694E, 0xB2B2CD7F, 0x75759FEA, + 0x09091B12, 0x83839E1D, 0x2C2C7458, 0x1A1A2E34, 0x1B1B2D36, 0x6E6EB2DC, 0x5A5AEEB4, 0xA0A0FB5B, + 0x5252F6A4, 0x3B3B4D76, 0xD6D661B7, 0xB3B3CE7D, 0x29297B52, 0xE3E33EDD, 0x2F2F715E, 0x84849713, + 0x5353F5A6, 0xD1D168B9, 0x00000000, 0xEDED2CC1, 0x20206040, 0xFCFC1FE3, 0xB1B1C879, 0x5B5BEDB6, + 0x6A6ABED4, 0xCBCB468D, 0xBEBED967, 0x39394B72, 0x4A4ADE94, 0x4C4CD498, 0x5858E8B0, 0xCFCF4A85, + 0xD0D06BBB, 0xEFEF2AC5, 0xAAAAE54F, 0xFBFB16ED, 0x4343C586, 0x4D4DD79A, 0x33335566, 0x85859411, + 0x4545CF8A, 0xF9F910E9, 0x02020604, 0x7F7F81FE, 0x5050F0A0, 0x3C3C4478, 0x9F9FBA25, 0xA8A8E34B, + 0x5151F3A2, 0xA3A3FE5D, 0x4040C080, 0x8F8F8A05, 0x9292AD3F, 0x9D9DBC21, 0x38384870, 0xF5F504F1, + 0xBCBCDF63, 0xB6B6C177, 0xDADA75AF, 0x21216342, 0x10103020, 0xFFFF1AE5, 0xF3F30EFD, 0xD2D26DBF, + 0xCDCD4C81, 0x0C0C1418, 0x13133526, 0xECEC2FC3, 0x5F5FE1BE, 0x9797A235, 0x4444CC88, 0x1717392E, + 0xC4C45793, 0xA7A7F255, 0x7E7E82FC, 0x3D3D477A, 0x6464ACC8, 0x5D5DE7BA, 0x19192B32, 0x737395E6, + 0x6060A0C0, 0x81819819, 0x4F4FD19E, 0xDCDC7FA3, 0x22226644, 0x2A2A7E54, 0x9090AB3B, 0x8888830B, + 0x4646CA8C, 0xEEEE29C7, 0xB8B8D36B, 0x14143C28, 0xDEDE79A7, 0x5E5EE2BC, 0x0B0B1D16, 0xDBDB76AD, + 0xE0E03BDB, 0x32325664, 0x3A3A4E74, 0x0A0A1E14, 0x4949DB92, 0x06060A0C, 0x24246C48, 0x5C5CE4B8, + 0xC2C25D9F, 0xD3D36EBD, 0xACACEF43, 0x6262A6C4, 0x9191A839, 0x9595A431, 0xE4E437D3, 0x79798BF2, + 0xE7E732D5, 0xC8C8438B, 0x3737596E, 0x6D6DB7DA, 0x8D8D8C01, 0xD5D564B1, 0x4E4ED29C, 0xA9A9E049, + 0x6C6CB4D8, 0x5656FAAC, 0xF4F407F3, 0xEAEA25CF, 0x6565AFCA, 0x7A7A8EF4, 0xAEAEE947, 0x08081810, + 0xBABAD56F, 0x787888F0, 0x25256F4A, 0x2E2E725C, 0x1C1C2438, 0xA6A6F157, 0xB4B4C773, 0xC6C65197, + 0xE8E823CB, 0xDDDD7CA1, 0x74749CE8, 0x1F1F213E, 0x4B4BDD96, 0xBDBDDC61, 0x8B8B860D, 0x8A8A850F, + 0x707090E0, 0x3E3E427C, 0xB5B5C471, 0x6666AACC, 0x4848D890, 0x03030506, 0xF6F601F7, 0x0E0E121C, + 0x6161A3C2, 0x35355F6A, 0x5757F9AE, 0xB9B9D069, 0x86869117, 0xC1C15899, 0x1D1D273A, 0x9E9EB927, + 0xE1E138D9, 0xF8F813EB, 0x9898B32B, 0x11113322, 0x6969BBD2, 0xD9D970A9, 0x8E8E8907, 0x9494A733, + 0x9B9BB62D, 0x1E1E223C, 0x87879215, 0xE9E920C9, 0xCECE4987, 0x5555FFAA, 0x28287850, 0xDFDF7AA5, + 0x8C8C8F03, 0xA1A1F859, 0x89898009, 0x0D0D171A, 0xBFBFDA65, 0xE6E631D7, 0x4242C684, 0x6868B8D0, + 0x4141C382, 0x9999B029, 0x2D2D775A, 0x0F0F111E, 0xB0B0CB7B, 0x5454FCA8, 0xBBBBD66D, 0x16163A2C + )); + + foreach ($t3 as $t3i) { + $t0[] = (($t3i << 24) & 0xFF000000) | (($t3i >> 8) & 0x00FFFFFF); + $t1[] = (($t3i << 16) & 0xFFFF0000) | (($t3i >> 16) & 0x0000FFFF); + $t2[] = (($t3i << 8) & 0xFFFFFF00) | (($t3i >> 24) & 0x000000FF); + } + + $tables = array( + // The Precomputed mixColumns tables t0 - t3 + $t0, + $t1, + $t2, + $t3, + // The SubByte S-Box + array( + 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76, + 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0, + 0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC, 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15, + 0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75, + 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84, + 0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B, 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF, + 0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8, + 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2, + 0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17, 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73, + 0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB, + 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79, + 0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9, 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08, + 0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A, + 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E, + 0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94, 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF, + 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 + ) + ); + } + return $tables; + } + + /** + * Provides the inverse mixColumns and inverse sboxes tables + * + * @see self::_decryptBlock() + * @see self::_setupInlineCrypt() + * @see self::_setupKey() + * @access private + * @return array &$tables + */ + function &_getInvTables() + { + static $tables; + if (empty($tables)) { + $dt3 = array_map('intval', array( + 0xF4A75051, 0x4165537E, 0x17A4C31A, 0x275E963A, 0xAB6BCB3B, 0x9D45F11F, 0xFA58ABAC, 0xE303934B, + 0x30FA5520, 0x766DF6AD, 0xCC769188, 0x024C25F5, 0xE5D7FC4F, 0x2ACBD7C5, 0x35448026, 0x62A38FB5, + 0xB15A49DE, 0xBA1B6725, 0xEA0E9845, 0xFEC0E15D, 0x2F7502C3, 0x4CF01281, 0x4697A38D, 0xD3F9C66B, + 0x8F5FE703, 0x929C9515, 0x6D7AEBBF, 0x5259DA95, 0xBE832DD4, 0x7421D358, 0xE0692949, 0xC9C8448E, + 0xC2896A75, 0x8E7978F4, 0x583E6B99, 0xB971DD27, 0xE14FB6BE, 0x88AD17F0, 0x20AC66C9, 0xCE3AB47D, + 0xDF4A1863, 0x1A3182E5, 0x51336097, 0x537F4562, 0x6477E0B1, 0x6BAE84BB, 0x81A01CFE, 0x082B94F9, + 0x48685870, 0x45FD198F, 0xDE6C8794, 0x7BF8B752, 0x73D323AB, 0x4B02E272, 0x1F8F57E3, 0x55AB2A66, + 0xEB2807B2, 0xB5C2032F, 0xC57B9A86, 0x3708A5D3, 0x2887F230, 0xBFA5B223, 0x036ABA02, 0x16825CED, + 0xCF1C2B8A, 0x79B492A7, 0x07F2F0F3, 0x69E2A14E, 0xDAF4CD65, 0x05BED506, 0x34621FD1, 0xA6FE8AC4, + 0x2E539D34, 0xF355A0A2, 0x8AE13205, 0xF6EB75A4, 0x83EC390B, 0x60EFAA40, 0x719F065E, 0x6E1051BD, + 0x218AF93E, 0xDD063D96, 0x3E05AEDD, 0xE6BD464D, 0x548DB591, 0xC45D0571, 0x06D46F04, 0x5015FF60, + 0x98FB2419, 0xBDE997D6, 0x4043CC89, 0xD99E7767, 0xE842BDB0, 0x898B8807, 0x195B38E7, 0xC8EEDB79, + 0x7C0A47A1, 0x420FE97C, 0x841EC9F8, 0x00000000, 0x80868309, 0x2BED4832, 0x1170AC1E, 0x5A724E6C, + 0x0EFFFBFD, 0x8538560F, 0xAED51E3D, 0x2D392736, 0x0FD9640A, 0x5CA62168, 0x5B54D19B, 0x362E3A24, + 0x0A67B10C, 0x57E70F93, 0xEE96D2B4, 0x9B919E1B, 0xC0C54F80, 0xDC20A261, 0x774B695A, 0x121A161C, + 0x93BA0AE2, 0xA02AE5C0, 0x22E0433C, 0x1B171D12, 0x090D0B0E, 0x8BC7ADF2, 0xB6A8B92D, 0x1EA9C814, + 0xF1198557, 0x75074CAF, 0x99DDBBEE, 0x7F60FDA3, 0x01269FF7, 0x72F5BC5C, 0x663BC544, 0xFB7E345B, + 0x4329768B, 0x23C6DCCB, 0xEDFC68B6, 0xE4F163B8, 0x31DCCAD7, 0x63851042, 0x97224013, 0xC6112084, + 0x4A247D85, 0xBB3DF8D2, 0xF93211AE, 0x29A16DC7, 0x9E2F4B1D, 0xB230F3DC, 0x8652EC0D, 0xC1E3D077, + 0xB3166C2B, 0x70B999A9, 0x9448FA11, 0xE9642247, 0xFC8CC4A8, 0xF03F1AA0, 0x7D2CD856, 0x3390EF22, + 0x494EC787, 0x38D1C1D9, 0xCAA2FE8C, 0xD40B3698, 0xF581CFA6, 0x7ADE28A5, 0xB78E26DA, 0xADBFA43F, + 0x3A9DE42C, 0x78920D50, 0x5FCC9B6A, 0x7E466254, 0x8D13C2F6, 0xD8B8E890, 0x39F75E2E, 0xC3AFF582, + 0x5D80BE9F, 0xD0937C69, 0xD52DA96F, 0x2512B3CF, 0xAC993BC8, 0x187DA710, 0x9C636EE8, 0x3BBB7BDB, + 0x267809CD, 0x5918F46E, 0x9AB701EC, 0x4F9AA883, 0x956E65E6, 0xFFE67EAA, 0xBCCF0821, 0x15E8E6EF, + 0xE79BD9BA, 0x6F36CE4A, 0x9F09D4EA, 0xB07CD629, 0xA4B2AF31, 0x3F23312A, 0xA59430C6, 0xA266C035, + 0x4EBC3774, 0x82CAA6FC, 0x90D0B0E0, 0xA7D81533, 0x04984AF1, 0xECDAF741, 0xCD500E7F, 0x91F62F17, + 0x4DD68D76, 0xEFB04D43, 0xAA4D54CC, 0x9604DFE4, 0xD1B5E39E, 0x6A881B4C, 0x2C1FB8C1, 0x65517F46, + 0x5EEA049D, 0x8C355D01, 0x877473FA, 0x0B412EFB, 0x671D5AB3, 0xDBD25292, 0x105633E9, 0xD647136D, + 0xD7618C9A, 0xA10C7A37, 0xF8148E59, 0x133C89EB, 0xA927EECE, 0x61C935B7, 0x1CE5EDE1, 0x47B13C7A, + 0xD2DF599C, 0xF2733F55, 0x14CE7918, 0xC737BF73, 0xF7CDEA53, 0xFDAA5B5F, 0x3D6F14DF, 0x44DB8678, + 0xAFF381CA, 0x68C43EB9, 0x24342C38, 0xA3405FC2, 0x1DC37216, 0xE2250CBC, 0x3C498B28, 0x0D9541FF, + 0xA8017139, 0x0CB3DE08, 0xB4E49CD8, 0x56C19064, 0xCB84617B, 0x32B670D5, 0x6C5C7448, 0xB85742D0 + )); + + foreach ($dt3 as $dt3i) { + $dt0[] = (($dt3i << 24) & 0xFF000000) | (($dt3i >> 8) & 0x00FFFFFF); + $dt1[] = (($dt3i << 16) & 0xFFFF0000) | (($dt3i >> 16) & 0x0000FFFF); + $dt2[] = (($dt3i << 8) & 0xFFFFFF00) | (($dt3i >> 24) & 0x000000FF); + }; + + $tables = array( + // The Precomputed inverse mixColumns tables dt0 - dt3 + $dt0, + $dt1, + $dt2, + $dt3, + // The inverse SubByte S-Box + array( + 0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, 0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB, + 0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87, 0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB, + 0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D, 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E, + 0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, 0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25, + 0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92, + 0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA, 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84, + 0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, 0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06, + 0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02, 0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B, + 0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA, 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73, + 0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, 0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E, + 0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89, 0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B, + 0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20, 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4, + 0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, 0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F, + 0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D, 0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF, + 0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0, 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61, + 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D + ) + ); + } + return $tables; + } + /** * Setup the performance-optimized function for de/encrypt() * - * @see Crypt_Base::_setupInlineCrypt() + * @see \phpseclib\Crypt\Base::_setupInlineCrypt() * @access private */ function _setupInlineCrypt() @@ -1214,44 +813,52 @@ class Crypt_Rijndael extends Crypt_Base { // So here we are'nt under the same heavy timing-stress as we are in _de/encryptBlock() or de/encrypt(). // However...the here generated function- $code, stored as php callback in $this->inline_crypt, must work as fast as even possible. - $lambda_functions =& Crypt_Rijndael::_getLambdaFunctions(); + $lambda_functions =& self::_getLambdaFunctions(); - // The first 10 generated $lambda_functions will use the key-words hardcoded for better performance. - // For memory reason we limit those ultra-optimized functions. - // After that, we use pure (extracted) integer vars for the key-words which is faster than accessing them via array. - if (count($lambda_functions) < 10) { - $w = $this->w; - $dw = $this->dw; - $init_encrypt = ''; - $init_decrypt = ''; - } else { - for ($i = 0, $cw = count($this->w); $i < $cw; ++$i) { - $w[] = '$w[' . $i . ']'; - $dw[] = '$dw[' . $i . ']'; - } - $init_encrypt = '$w = $self->w;'; - $init_decrypt = '$dw = $self->dw;'; + // We create max. 10 hi-optimized code for memory reason. Means: For each $key one ultra fast inline-crypt function. + // (Currently, for Crypt_Rijndael/AES, one generated $lambda_function cost on php5.5@32bit ~80kb unfreeable mem and ~130kb on php5.5@64bit) + // After that, we'll still create very fast optimized code but not the hi-ultimative code, for each $mode one. + $gen_hi_opt_code = (bool)(count($lambda_functions) < 10); + + // Generation of a uniqe hash for our generated code + $code_hash = "Crypt_Rijndael, {$this->mode}, {$this->Nr}, {$this->Nb}"; + if ($gen_hi_opt_code) { + $code_hash = str_pad($code_hash, 32) . $this->_hashInlineCryptFunction($this->key); } - $code_hash = md5(str_pad("Crypt_Rijndael, {$this->mode}, {$this->block_size}, ", 32, "\0") . implode(',', $w)); - if (!isset($lambda_functions[$code_hash])) { + switch (true) { + case $gen_hi_opt_code: + // The hi-optimized $lambda_functions will use the key-words hardcoded for better performance. + $w = $this->w; + $dw = $this->dw; + $init_encrypt = ''; + $init_decrypt = ''; + break; + default: + for ($i = 0, $cw = count($this->w); $i < $cw; ++$i) { + $w[] = '$w[' . $i . ']'; + $dw[] = '$dw[' . $i . ']'; + } + $init_encrypt = '$w = $self->w;'; + $init_decrypt = '$dw = $self->dw;'; + } + $Nr = $this->Nr; $Nb = $this->Nb; $c = $this->c; // Generating encrypt code: $init_encrypt.= ' - static $t0, $t1, $t2, $t3, $sbox; - if (!$t0) { - for ($i = 0; $i < 256; ++$i) { - $t0[$i] = (int)$self->t0[$i]; - $t1[$i] = (int)$self->t1[$i]; - $t2[$i] = (int)$self->t2[$i]; - $t3[$i] = (int)$self->t3[$i]; - $sbox[$i] = (int)$self->sbox[$i]; - } + static $tables; + if (empty($tables)) { + $tables = &$self->_getTables(); } + $t0 = $tables[0]; + $t1 = $tables[1]; + $t2 = $tables[2]; + $t3 = $tables[3]; + $sbox = $tables[4]; '; $s = 'e'; @@ -1290,26 +897,25 @@ class Crypt_Rijndael extends Crypt_Base { $encrypt_block .= '$in = pack("N*"'."\n"; for ($i = 0; $i < $Nb; ++$i) { $encrypt_block.= ', - ($'.$e.$i .' & 0xFF000000) ^ - ($'.$e.(($i + $c[1]) % $Nb).' & 0x00FF0000) ^ - ($'.$e.(($i + $c[2]) % $Nb).' & 0x0000FF00) ^ - ($'.$e.(($i + $c[3]) % $Nb).' & 0x000000FF) ^ + ($'.$e.$i .' & '.((int)0xFF000000).') ^ + ($'.$e.(($i + $c[1]) % $Nb).' & 0x00FF0000 ) ^ + ($'.$e.(($i + $c[2]) % $Nb).' & 0x0000FF00 ) ^ + ($'.$e.(($i + $c[3]) % $Nb).' & 0x000000FF ) ^ '.$w[$i]."\n"; } $encrypt_block .= ');'; // Generating decrypt code: $init_decrypt.= ' - static $dt0, $dt1, $dt2, $dt3, $isbox; - if (!$dt0) { - for ($i = 0; $i < 256; ++$i) { - $dt0[$i] = (int)$self->dt0[$i]; - $dt1[$i] = (int)$self->dt1[$i]; - $dt2[$i] = (int)$self->dt2[$i]; - $dt3[$i] = (int)$self->dt3[$i]; - $isbox[$i] = (int)$self->isbox[$i]; - } + static $invtables; + if (empty($invtables)) { + $invtables = &$self->_getInvTables(); } + $dt0 = $invtables[0]; + $dt1 = $invtables[1]; + $dt2 = $invtables[2]; + $dt3 = $invtables[3]; + $isbox = $invtables[4]; '; $s = 'e'; @@ -1348,10 +954,10 @@ class Crypt_Rijndael extends Crypt_Base { $decrypt_block .= '$in = pack("N*"'."\n"; for ($i = 0; $i < $Nb; ++$i) { $decrypt_block.= ', - ($'.$e.$i. ' & 0xFF000000) ^ - ($'.$e.(($Nb + $i - $c[1]) % $Nb).' & 0x00FF0000) ^ - ($'.$e.(($Nb + $i - $c[2]) % $Nb).' & 0x0000FF00) ^ - ($'.$e.(($Nb + $i - $c[3]) % $Nb).' & 0x000000FF) ^ + ($'.$e.$i. ' & '.((int)0xFF000000).') ^ + ($'.$e.(($Nb + $i - $c[1]) % $Nb).' & 0x00FF0000 ) ^ + ($'.$e.(($Nb + $i - $c[2]) % $Nb).' & 0x0000FF00 ) ^ + ($'.$e.(($Nb + $i - $c[3]) % $Nb).' & 0x000000FF ) ^ '.$dw[$i]."\n"; } $decrypt_block .= ');'; @@ -1369,6 +975,3 @@ class Crypt_Rijndael extends Crypt_Base { $this->inline_crypt = $lambda_functions[$code_hash]; } } - -// vim: ts=4:sw=4:et: -// vim6: fdl=1: diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/TripleDES.php b/plugins/OStatus/extlib/phpseclib/Crypt/TripleDES.php index 4030c6c9fb..29c6eb9d0d 100644 --- a/plugins/OStatus/extlib/phpseclib/Crypt/TripleDES.php +++ b/plugins/OStatus/extlib/phpseclib/Crypt/TripleDES.php @@ -1,19 +1,18 @@ * setKey('abcdefghijklmnopqrstuvwx'); * @@ -27,99 +26,64 @@ * ?> * * - * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @category Crypt - * @package Crypt_TripleDES - * @author Jim Wigginton - * @copyright MMVII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package TripleDES + * @author Jim Wigginton + * @copyright 2007 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ -/** - * Include Crypt_DES - */ -if (!class_exists('Crypt_DES')) { - require_once('DES.php'); -} - -/** - * Encrypt / decrypt using inner chaining - * - * Inner chaining is used by SSH-1 and is generally considered to be less secure then outer chaining (CRYPT_DES_MODE_CBC3). - */ -define('CRYPT_DES_MODE_3CBC', -2); - -/** - * Encrypt / decrypt using outer chaining - * - * Outer chaining is used by SSH-2 and when the mode is set to CRYPT_DES_MODE_CBC. - */ -define('CRYPT_DES_MODE_CBC3', CRYPT_DES_MODE_CBC); +namespace phpseclib\Crypt; /** * Pure-PHP implementation of Triple DES. * + * @package TripleDES * @author Jim Wigginton - * @version 0.1.0 * @access public - * @package Crypt_TripleDES */ -class Crypt_TripleDES extends Crypt_DES { +class TripleDES extends DES +{ /** - * The default password key_size used by setPassword() + * Encrypt / decrypt using inner chaining * - * @see Crypt_DES::password_key_size - * @see Crypt_Base::password_key_size - * @see Crypt_Base::setPassword() - * @var Integer + * Inner chaining is used by SSH-1 and is generally considered to be less secure then outer chaining (self::MODE_CBC3). + */ + const MODE_3CBC = -2; + + /** + * Encrypt / decrypt using outer chaining + * + * Outer chaining is used by SSH-2 and when the mode is set to \phpseclib\Crypt\Base::MODE_CBC. + */ + const MODE_CBC3 = Base::MODE_CBC; + + /** + * Key Length (in bytes) + * + * @see \phpseclib\Crypt\TripleDES::setKeyLength() + * @var int * @access private */ - var $password_key_size = 24; + var $key_length = 24; /** * The default salt used by setPassword() * - * @see Crypt_Base::password_default_salt - * @see Crypt_Base::setPassword() - * @var String + * @see \phpseclib\Crypt\Base::password_default_salt + * @see \phpseclib\Crypt\Base::setPassword() + * @var string * @access private */ var $password_default_salt = 'phpseclib'; - /** - * The namespace used by the cipher for its constants. - * - * @see Crypt_DES::const_namespace - * @see Crypt_Base::const_namespace - * @var String - * @access private - */ - var $const_namespace = 'DES'; - /** * The mcrypt specific name of the cipher * - * @see Crypt_DES::cipher_name_mcrypt - * @see Crypt_Base::cipher_name_mcrypt - * @var String + * @see \phpseclib\Crypt\DES::cipher_name_mcrypt + * @see \phpseclib\Crypt\Base::cipher_name_mcrypt + * @var string * @access private */ var $cipher_name_mcrypt = 'tripledes'; @@ -127,8 +91,8 @@ class Crypt_TripleDES extends Crypt_DES { /** * Optimizing value while CFB-encrypting * - * @see Crypt_Base::cfb_init_len - * @var Integer + * @see \phpseclib\Crypt\Base::cfb_init_len + * @var int * @access private */ var $cfb_init_len = 750; @@ -136,27 +100,27 @@ class Crypt_TripleDES extends Crypt_DES { /** * max possible size of $key * - * @see Crypt_TripleDES::setKey() - * @see Crypt_DES::setKey() - * @var String + * @see self::setKey() + * @see \phpseclib\Crypt\DES::setKey() + * @var string * @access private */ - var $key_size_max = 24; + var $key_length_max = 24; /** - * Internal flag whether using CRYPT_DES_MODE_3CBC or not + * Internal flag whether using self::MODE_3CBC or not * - * @var Boolean + * @var bool * @access private */ var $mode_3cbc; /** - * The Crypt_DES objects + * The \phpseclib\Crypt\DES objects * * Used only if $mode_3cbc === true * - * @var Array + * @var array * @access private */ var $des; @@ -164,65 +128,83 @@ class Crypt_TripleDES extends Crypt_DES { /** * Default Constructor. * - * Determines whether or not the mcrypt extension should be used. + * Determines whether or not the mcrypt or OpenSSL extensions should be used. * * $mode could be: * - * - CRYPT_DES_MODE_ECB + * - \phpseclib\Crypt\Base::MODE_ECB * - * - CRYPT_DES_MODE_CBC + * - \phpseclib\Crypt\Base::MODE_CBC * - * - CRYPT_DES_MODE_CTR + * - \phpseclib\Crypt\Base::MODE_CTR * - * - CRYPT_DES_MODE_CFB + * - \phpseclib\Crypt\Base::MODE_CFB * - * - CRYPT_DES_MODE_OFB + * - \phpseclib\Crypt\Base::MODE_OFB * - * - CRYPT_DES_MODE_3CBC + * - \phpseclib\Crypt\TripleDES::MODE_3CB * - * If not explictly set, CRYPT_DES_MODE_CBC will be used. - * - * @see Crypt_DES::Crypt_DES() - * @see Crypt_Base::Crypt_Base() - * @param optional Integer $mode + * @see \phpseclib\Crypt\DES::__construct() + * @see \phpseclib\Crypt\Base::__construct() + * @param int $mode * @access public */ - function Crypt_TripleDES($mode = CRYPT_DES_MODE_CBC) + function __construct($mode) { switch ($mode) { - // In case of CRYPT_DES_MODE_3CBC, we init as CRYPT_DES_MODE_CBC + // In case of self::MODE_3CBC, we init as CRYPT_DES_MODE_CBC // and additional flag us internally as 3CBC - case CRYPT_DES_MODE_3CBC: - parent::Crypt_DES(CRYPT_DES_MODE_CBC); + case self::MODE_3CBC: + parent::__construct(Base::MODE_CBC); $this->mode_3cbc = true; // This three $des'es will do the 3CBC work (if $key > 64bits) $this->des = array( - new Crypt_DES(CRYPT_DES_MODE_CBC), - new Crypt_DES(CRYPT_DES_MODE_CBC), - new Crypt_DES(CRYPT_DES_MODE_CBC), + new DES(Base::MODE_CBC), + new DES(Base::MODE_CBC), + new DES(Base::MODE_CBC), ); - // we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects + // we're going to be doing the padding, ourselves, so disable it in the \phpseclib\Crypt\DES objects $this->des[0]->disablePadding(); $this->des[1]->disablePadding(); $this->des[2]->disablePadding(); break; // If not 3CBC, we init as usual default: - parent::Crypt_DES($mode); + parent::__construct($mode); } } /** - * Sets the initialization vector. (optional) + * Test for engine validity * - * SetIV is not required when CRYPT_DES_MODE_ECB is being used. If not explictly set, it'll be assumed - * to be all zero's. + * This is mainly just a wrapper to set things up for \phpseclib\Crypt\Base::isValidEngine() * - * @see Crypt_Base::setIV() + * @see \phpseclib\Crypt\Base::__construct() + * @param int $engine * @access public - * @param String $iv + * @return bool + */ + function isValidEngine($engine) + { + if ($engine == self::ENGINE_OPENSSL) { + $this->cipher_name_openssl_ecb = 'des-ede3'; + $mode = $this->_openssl_translate_mode(); + $this->cipher_name_openssl = $mode == 'ecb' ? 'des-ede3' : 'des-ede3-' . $mode; + } + + return parent::isValidEngine($engine); + } + + /** + * Sets the initialization vector. + * + * SetIV is not required when \phpseclib\Crypt\Base::MODE_ECB is being used. + * + * @see \phpseclib\Crypt\Base::setIV() + * @access public + * @param string $iv */ function setIV($iv) { @@ -234,39 +216,66 @@ class Crypt_TripleDES extends Crypt_DES { } } + /** + * Sets the key length. + * + * Valid key lengths are 128 and 192 bits. + * + * If you want to use a 64-bit key use DES.php + * + * @see \phpseclib\Crypt\Base:setKeyLength() + * @access public + * @throws \LengthException if the key length is invalid + * @param int $length + */ + function setKeyLength($length) + { + switch ($length) { + case 128: + case 192: + break; + default: + throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys of sizes 128 or 192 bits are supported'); + } + + parent::setKeyLength($length); + } + /** * Sets the key. * - * Keys can be of any length. Triple DES, itself, can use 128-bit (eg. strlen($key) == 16) or - * 192-bit (eg. strlen($key) == 24) keys. This function pads and truncates $key as appropriate. + * Triple DES can use 128-bit (eg. strlen($key) == 16) or 192-bit (eg. strlen($key) == 24) keys. * * DES also requires that every eighth bit be a parity bit, however, we'll ignore that. * - * If the key is not explicitly set, it'll be assumed to be all null bytes. - * * @access public - * @see Crypt_DES::setKey() - * @see Crypt_Base::setKey() - * @param String $key + * @see \phpseclib\Crypt\DES::setKey() + * @see \phpseclib\Crypt\Base::setKey() + * @throws \LengthException if the key length is invalid + * @param string $key */ function setKey($key) { - $length = strlen($key); - if ($length > 8) { - $key = str_pad(substr($key, 0, 24), 24, chr(0)); - // if $key is between 64 and 128-bits, use the first 64-bits as the last, per this: - // http://php.net/function.mcrypt-encrypt#47973 - //$key = $length <= 16 ? substr_replace($key, substr($key, 0, 8), 16) : substr($key, 0, 24); - } else { - $key = str_pad($key, 8, chr(0)); + if ($this->explicit_key_length !== false && strlen($key) != $this->explicit_key_length) { + throw new \LengthException('Key length has already been set to ' . $this->explicit_key_length . ' bytes and this key is ' . strlen($key) . ' bytes'); } - parent::setKey($key); - // And in case of CRYPT_DES_MODE_3CBC: - // if key <= 64bits we not need the 3 $des to work, - // because we will then act as regular DES-CBC with just a <= 64bit key. - // So only if the key > 64bits (> 8 bytes) we will call setKey() for the 3 $des. - if ($this->mode_3cbc && $length > 8) { + switch (strlen($key)) { + case 16: + $key.= substr($key, 0, 8); + case 24: + break; + default: + throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16 or 24 are supported'); + } + + // copied from Base::setKey() + $this->key = $key; + $this->key_length = strlen($key); + $this->changed = true; + $this->_setEngine(); + + if ($this->mode_3cbc) { $this->des[0]->setKey(substr($key, 0, 8)); $this->des[1]->setKey(substr($key, 8, 8)); $this->des[2]->setKey(substr($key, 16, 8)); @@ -276,21 +285,25 @@ class Crypt_TripleDES extends Crypt_DES { /** * Encrypts a message. * - * @see Crypt_Base::encrypt() + * @see \phpseclib\Crypt\Base::encrypt() * @access public - * @param String $plaintext - * @return String $cipertext + * @param string $plaintext + * @return string $cipertext */ function encrypt($plaintext) { // parent::en/decrypt() is able to do all the work for all modes and keylengths, - // except for: CRYPT_DES_MODE_3CBC (inner chaining CBC) with a key > 64bits + // except for: self::MODE_3CBC (inner chaining CBC) with a key > 64bits // if the key is smaller then 8, do what we'd normally do if ($this->mode_3cbc && strlen($this->key) > 8) { return $this->des[2]->encrypt( - $this->des[1]->decrypt( - $this->des[0]->encrypt($this->_pad($plaintext)))); + $this->des[1]->decrypt( + $this->des[0]->encrypt( + $this->_pad($plaintext) + ) + ) + ); } return parent::encrypt($plaintext); @@ -299,17 +312,23 @@ class Crypt_TripleDES extends Crypt_DES { /** * Decrypts a message. * - * @see Crypt_Base::decrypt() + * @see \phpseclib\Crypt\Base::decrypt() * @access public - * @param String $ciphertext - * @return String $plaintext + * @param string $ciphertext + * @return string $plaintext */ function decrypt($ciphertext) { if ($this->mode_3cbc && strlen($this->key) > 8) { - return $this->_unpad($this->des[0]->decrypt( - $this->des[1]->encrypt( - $this->des[2]->decrypt(str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, "\0"))))); + return $this->_unpad( + $this->des[0]->decrypt( + $this->des[1]->encrypt( + $this->des[2]->decrypt( + str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, "\0") + ) + ) + ) + ); } return parent::decrypt($ciphertext); @@ -344,13 +363,13 @@ class Crypt_TripleDES extends Crypt_DES { * outputs. The reason is due to the fact that the initialization vector's change after every encryption / * decryption round when the continuous buffer is enabled. When it's disabled, they remain constant. * - * Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each + * Put another way, when the continuous buffer is enabled, the state of the \phpseclib\Crypt\DES() object changes after each * encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them), * however, they are also less intuitive and more likely to cause you problems. * - * @see Crypt_Base::enableContinuousBuffer() - * @see Crypt_TripleDES::disableContinuousBuffer() + * @see \phpseclib\Crypt\Base::enableContinuousBuffer() + * @see self::disableContinuousBuffer() * @access public */ function enableContinuousBuffer() @@ -368,8 +387,8 @@ class Crypt_TripleDES extends Crypt_DES { * * The default behavior. * - * @see Crypt_Base::disableContinuousBuffer() - * @see Crypt_TripleDES::enableContinuousBuffer() + * @see \phpseclib\Crypt\Base::disableContinuousBuffer() + * @see self::enableContinuousBuffer() * @access public */ function disableContinuousBuffer() @@ -385,8 +404,8 @@ class Crypt_TripleDES extends Crypt_DES { /** * Creates the key schedule * - * @see Crypt_DES::_setupKey() - * @see Crypt_Base::_setupKey() + * @see \phpseclib\Crypt\DES::_setupKey() + * @see \phpseclib\Crypt\Base::_setupKey() * @access private */ function _setupKey() @@ -416,7 +435,24 @@ class Crypt_TripleDES extends Crypt_DES { // setup our key parent::_setupKey(); } -} -// vim: ts=4:sw=4:et: -// vim6: fdl=1: + /** + * Sets the internal crypt engine + * + * @see \phpseclib\Crypt\Base::__construct() + * @see \phpseclib\Crypt\Base::setPreferredEngine() + * @param int $engine + * @access public + * @return int + */ + function setPreferredEngine($engine) + { + if ($this->mode_3cbc) { + $this->des[0]->setPreferredEngine($engine); + $this->des[1]->setPreferredEngine($engine); + $this->des[2]->setPreferredEngine($engine); + } + + return parent::setPreferredEngine($engine); + } +} diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/Twofish.php b/plugins/OStatus/extlib/phpseclib/Crypt/Twofish.php index 6342298d1a..e4d910db94 100644 --- a/plugins/OStatus/extlib/phpseclib/Crypt/Twofish.php +++ b/plugins/OStatus/extlib/phpseclib/Crypt/Twofish.php @@ -1,12 +1,11 @@ * setKey('12345678901234567890123456789012'); * @@ -27,120 +26,32 @@ * ?> * * - * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @category Crypt - * @package Crypt_Twofish - * @author Jim Wigginton - * @author Hans-Juergen Petrich - * @copyright MMVII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @version 1.0 - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package Twofish + * @author Jim Wigginton + * @author Hans-Juergen Petrich + * @copyright 2007 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ -/** - * Include Crypt_Base - * - * Base cipher class - */ -if (!class_exists('Crypt_Base')) { - require_once('Base.php'); -} - -/**#@+ - * @access public - * @see Crypt_Twofish::encrypt() - * @see Crypt_Twofish::decrypt() - */ -/** - * Encrypt / decrypt using the Counter mode. - * - * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 - */ -define('CRYPT_TWOFISH_MODE_CTR', CRYPT_MODE_CTR); -/** - * Encrypt / decrypt using the Electronic Code Book mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 - */ -define('CRYPT_TWOFISH_MODE_ECB', CRYPT_MODE_ECB); -/** - * Encrypt / decrypt using the Code Book Chaining mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 - */ -define('CRYPT_TWOFISH_MODE_CBC', CRYPT_MODE_CBC); -/** - * Encrypt / decrypt using the Cipher Feedback mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 - */ -define('CRYPT_TWOFISH_MODE_CFB', CRYPT_MODE_CFB); -/** - * Encrypt / decrypt using the Cipher Feedback mode. - * - * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 - */ -define('CRYPT_TWOFISH_MODE_OFB', CRYPT_MODE_OFB); -/**#@-*/ - -/**#@+ - * @access private - * @see Crypt_Twofish::Crypt_Twofish() - */ -/** - * Toggles the internal implementation - */ -define('CRYPT_TWOFISH_MODE_INTERNAL', CRYPT_MODE_INTERNAL); -/** - * Toggles the mcrypt implementation - */ -define('CRYPT_TWOFISH_MODE_MCRYPT', CRYPT_MODE_MCRYPT); -/**#@-*/ +namespace phpseclib\Crypt; /** * Pure-PHP implementation of Twofish. * + * @package Twofish * @author Jim Wigginton * @author Hans-Juergen Petrich - * @version 1.0 * @access public - * @package Crypt_Twofish */ -class Crypt_Twofish extends Crypt_Base { - /** - * The namespace used by the cipher for its constants. - * - * @see Crypt_Base::const_namespace - * @var String - * @access private - */ - var $const_namespace = 'TWOFISH'; - +class Twofish extends Base +{ /** * The mcrypt specific name of the cipher * - * @see Crypt_Base::cipher_name_mcrypt - * @var String + * @see \phpseclib\Crypt\Base::cipher_name_mcrypt + * @var string * @access private */ var $cipher_name_mcrypt = 'twofish'; @@ -148,8 +59,8 @@ class Crypt_Twofish extends Crypt_Base { /** * Optimizing value while CFB-encrypting * - * @see Crypt_Base::cfb_init_len - * @var Integer + * @see \phpseclib\Crypt\Base::cfb_init_len + * @var int * @access private */ var $cfb_init_len = 800; @@ -157,10 +68,10 @@ class Crypt_Twofish extends Crypt_Base { /** * Q-Table * - * @var Array + * @var array * @access private */ - var $q0 = array ( + var $q0 = array( 0xA9, 0x67, 0xB3, 0xE8, 0x04, 0xFD, 0xA3, 0x76, 0x9A, 0x92, 0x80, 0x78, 0xE4, 0xDD, 0xD1, 0x38, 0x0D, 0xC6, 0x35, 0x98, 0x18, 0xF7, 0xEC, 0x6C, @@ -198,10 +109,10 @@ class Crypt_Twofish extends Crypt_Base { /** * Q-Table * - * @var Array + * @var array * @access private */ - var $q1 = array ( + var $q1 = array( 0x75, 0xF3, 0xC6, 0xF4, 0xDB, 0x7B, 0xFB, 0xC8, 0x4A, 0xD3, 0xE6, 0x6B, 0x45, 0x7D, 0xE8, 0x4B, 0xD6, 0x32, 0xD8, 0xFD, 0x37, 0x71, 0xF1, 0xE1, @@ -239,10 +150,10 @@ class Crypt_Twofish extends Crypt_Base { /** * M-Table * - * @var Array + * @var array * @access private */ - var $m0 = array ( + var $m0 = array( 0xBCBC3275, 0xECEC21F3, 0x202043C6, 0xB3B3C9F4, 0xDADA03DB, 0x02028B7B, 0xE2E22BFB, 0x9E9EFAC8, 0xC9C9EC4A, 0xD4D409D3, 0x18186BE6, 0x1E1E9F6B, 0x98980E45, 0xB2B2387D, 0xA6A6D2E8, 0x2626B74B, 0x3C3C57D6, 0x93938A32, 0x8282EED8, 0x525298FD, 0x7B7BD437, 0xBBBB3771, 0x5B5B97F1, 0x474783E1, @@ -280,10 +191,10 @@ class Crypt_Twofish extends Crypt_Base { /** * M-Table * - * @var Array + * @var array * @access private */ - var $m1 = array ( + var $m1 = array( 0xA9D93939, 0x67901717, 0xB3719C9C, 0xE8D2A6A6, 0x04050707, 0xFD985252, 0xA3658080, 0x76DFE4E4, 0x9A084545, 0x92024B4B, 0x80A0E0E0, 0x78665A5A, 0xE4DDAFAF, 0xDDB06A6A, 0xD1BF6363, 0x38362A2A, 0x0D54E6E6, 0xC6432020, 0x3562CCCC, 0x98BEF2F2, 0x181E1212, 0xF724EBEB, 0xECD7A1A1, 0x6C774141, @@ -321,10 +232,10 @@ class Crypt_Twofish extends Crypt_Base { /** * M-Table * - * @var Array + * @var array * @access private */ - var $m2 = array ( + var $m2 = array( 0xBC75BC32, 0xECF3EC21, 0x20C62043, 0xB3F4B3C9, 0xDADBDA03, 0x027B028B, 0xE2FBE22B, 0x9EC89EFA, 0xC94AC9EC, 0xD4D3D409, 0x18E6186B, 0x1E6B1E9F, 0x9845980E, 0xB27DB238, 0xA6E8A6D2, 0x264B26B7, 0x3CD63C57, 0x9332938A, 0x82D882EE, 0x52FD5298, 0x7B377BD4, 0xBB71BB37, 0x5BF15B97, 0x47E14783, @@ -362,10 +273,10 @@ class Crypt_Twofish extends Crypt_Base { /** * M-Table * - * @var Array + * @var array * @access private */ - var $m3 = array ( + var $m3 = array( 0xD939A9D9, 0x90176790, 0x719CB371, 0xD2A6E8D2, 0x05070405, 0x9852FD98, 0x6580A365, 0xDFE476DF, 0x08459A08, 0x024B9202, 0xA0E080A0, 0x665A7866, 0xDDAFE4DD, 0xB06ADDB0, 0xBF63D1BF, 0x362A3836, 0x54E60D54, 0x4320C643, 0x62CC3562, 0xBEF298BE, 0x1E12181E, 0x24EBF724, 0xD7A1ECD7, 0x77416C77, @@ -403,7 +314,7 @@ class Crypt_Twofish extends Crypt_Base { /** * The Key Schedule Array * - * @var Array + * @var array * @access private */ var $K = array(); @@ -411,7 +322,7 @@ class Crypt_Twofish extends Crypt_Base { /** * The Key depended S-Table 0 * - * @var Array + * @var array * @access private */ var $S0 = array(); @@ -419,7 +330,7 @@ class Crypt_Twofish extends Crypt_Base { /** * The Key depended S-Table 1 * - * @var Array + * @var array * @access private */ var $S1 = array(); @@ -427,7 +338,7 @@ class Crypt_Twofish extends Crypt_Base { /** * The Key depended S-Table 2 * - * @var Array + * @var array * @access private */ var $S2 = array(); @@ -435,7 +346,7 @@ class Crypt_Twofish extends Crypt_Base { /** * The Key depended S-Table 3 * - * @var Array + * @var array * @access private */ var $S3 = array(); @@ -443,75 +354,86 @@ class Crypt_Twofish extends Crypt_Base { /** * Holds the last used key * - * @var Array + * @var array * @access private */ var $kl; + /** + * The Key Length (in bytes) + * + * @see Crypt_Twofish::setKeyLength() + * @var int + * @access private + */ + var $key_length = 16; + /** * Default Constructor. * - * Determines whether or not the mcrypt extension should be used. - * - * $mode could be: - * - * - CRYPT_TWOFISH_MODE_ECB - * - * - CRYPT_TWOFISH_MODE_CBC - * - * - CRYPT_TWOFISH_MODE_CTR - * - * - CRYPT_TWOFISH_MODE_CFB - * - * - CRYPT_TWOFISH_MODE_OFB - * - * If not explictly set, CRYPT_TWOFISH_MODE_CBC will be used. - * - * @see Crypt_Base::Crypt_Base() - * @param optional Integer $mode + * @param int $mode * @access public + * @throws \InvalidArgumentException if an invalid / unsupported mode is provided */ - function Crypt_Twofish($mode = CRYPT_TWOFISH_MODE_CBC) + function __construct($mode) { - parent::Crypt_Base($mode); + if ($mode == self::MODE_STREAM) { + throw new \InvalidArgumentException('Block ciphers cannot be ran in stream mode'); + } + + parent::__construct($mode); + } + + /** + * Sets the key length. + * + * Valid key lengths are 128, 192 or 256 bits + * + * @access public + * @param int $length + */ + function setKeyLength($length) + { + switch ($length) { + case 128: + case 192: + case 256: + break; + default: + throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16, 24 or 32 supported'); + } + + parent::setKeyLength($length); } /** * Sets the key. * - * Keys can be of any length. Twofish, itself, requires the use of a key that's 128, 192 or 256-bits long. - * If the key is less than 256-bits we round the length up to the closest valid key length, - * padding $key with null bytes. If the key is more than 256-bits, we trim the excess bits. - * - * If the key is not explicitly set, it'll be assumed a 128 bits key to be all null bytes. + * Rijndael supports five different key lengths * + * @see setKeyLength() * @access public - * @see Crypt_Base::setKey() - * @param String $key + * @param string $key + * @throws \LengthException if the key length isn't supported */ function setKey($key) { - $keylength = strlen($key); - switch (true) { - case $keylength <= 16: - $key = str_pad($key, 16, "\0"); + switch (strlen($key)) { + case 16: + case 24: + case 32: break; - case $keylength <= 24: - $key = str_pad($key, 24, "\0"); - break; - case $keylength < 32: - $key = str_pad($key, 32, "\0"); - break; - case $keylength > 32: - $key = substr($key, 0, 32); + default: + throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16, 24 or 32 supported'); } + parent::setKey($key); } /** * Setup the key (expansion) * - * @see Crypt_Base::_setupKey() + * @see \phpseclib\Crypt\Base::_setupKey() * @access private */ function _setupKey() @@ -536,9 +458,9 @@ class Crypt_Twofish extends Crypt_Base { switch (strlen($this->key)) { case 16: - list ($s7, $s6, $s5, $s4) = $this->_mdsrem($le_longs[1], $le_longs[2]); - list ($s3, $s2, $s1, $s0) = $this->_mdsrem($le_longs[3], $le_longs[4]); - for ($i = 0, $j = 1; $i < 40; $i+= 2,$j+= 2) { + list($s7, $s6, $s5, $s4) = $this->_mdsrem($le_longs[1], $le_longs[2]); + list($s3, $s2, $s1, $s0) = $this->_mdsrem($le_longs[3], $le_longs[4]); + for ($i = 0, $j = 1; $i < 40; $i+= 2, $j+= 2) { $A = $m0[$q0[$q0[$i] ^ $key[ 9]] ^ $key[1]] ^ $m1[$q0[$q1[$i] ^ $key[10]] ^ $key[2]] ^ $m2[$q1[$q0[$i] ^ $key[11]] ^ $key[3]] ^ @@ -559,9 +481,9 @@ class Crypt_Twofish extends Crypt_Base { } break; case 24: - list ($sb, $sa, $s9, $s8) = $this->_mdsrem($le_longs[1], $le_longs[2]); - list ($s7, $s6, $s5, $s4) = $this->_mdsrem($le_longs[3], $le_longs[4]); - list ($s3, $s2, $s1, $s0) = $this->_mdsrem($le_longs[5], $le_longs[6]); + list($sb, $sa, $s9, $s8) = $this->_mdsrem($le_longs[1], $le_longs[2]); + list($s7, $s6, $s5, $s4) = $this->_mdsrem($le_longs[3], $le_longs[4]); + list($s3, $s2, $s1, $s0) = $this->_mdsrem($le_longs[5], $le_longs[6]); for ($i = 0, $j = 1; $i < 40; $i+= 2, $j+= 2) { $A = $m0[$q0[$q0[$q1[$i] ^ $key[17]] ^ $key[ 9]] ^ $key[1]] ^ $m1[$q0[$q1[$q1[$i] ^ $key[18]] ^ $key[10]] ^ $key[2]] ^ @@ -583,10 +505,10 @@ class Crypt_Twofish extends Crypt_Base { } break; default: // 32 - list ($sf, $se, $sd, $sc) = $this->_mdsrem($le_longs[1], $le_longs[2]); - list ($sb, $sa, $s9, $s8) = $this->_mdsrem($le_longs[3], $le_longs[4]); - list ($s7, $s6, $s5, $s4) = $this->_mdsrem($le_longs[5], $le_longs[6]); - list ($s3, $s2, $s1, $s0) = $this->_mdsrem($le_longs[7], $le_longs[8]); + list($sf, $se, $sd, $sc) = $this->_mdsrem($le_longs[1], $le_longs[2]); + list($sb, $sa, $s9, $s8) = $this->_mdsrem($le_longs[3], $le_longs[4]); + list($s7, $s6, $s5, $s4) = $this->_mdsrem($le_longs[5], $le_longs[6]); + list($s3, $s2, $s1, $s0) = $this->_mdsrem($le_longs[7], $le_longs[8]); for ($i = 0, $j = 1; $i < 40; $i+= 2, $j+= 2) { $A = $m0[$q0[$q0[$q1[$q1[$i] ^ $key[25]] ^ $key[17]] ^ $key[ 9]] ^ $key[1]] ^ $m1[$q0[$q1[$q1[$q0[$i] ^ $key[26]] ^ $key[18]] ^ $key[10]] ^ $key[2]] ^ @@ -619,9 +541,9 @@ class Crypt_Twofish extends Crypt_Base { * _mdsrem function using by the twofish cipher algorithm * * @access private - * @param String $A - * @param String $B - * @return Array + * @param string $A + * @param string $B + * @return array */ function _mdsrem($A, $B) { @@ -648,7 +570,9 @@ class Crypt_Twofish extends Crypt_Base { $u^= 0x7fffffff & ($t >> 1); // Add the modular polynomial on underflow. - if ($t & 0x01) $u^= 0xa6 ; + if ($t & 0x01) { + $u^= 0xa6 ; + } // Remove t * (a + 1/a) * (x^3 + x). $B^= ($u << 24) | ($u << 8); @@ -665,8 +589,8 @@ class Crypt_Twofish extends Crypt_Base { * Encrypts a block * * @access private - * @param String $in - * @return String + * @param string $in + * @return string */ function _encryptBlock($in) { @@ -709,18 +633,20 @@ class Crypt_Twofish extends Crypt_Base { $R1 = ((($R1 >> 31) & 1) | ($R1 << 1)) ^ ($t0 + ($t1 << 1) + $K[++$ki]); } + // @codingStandardsIgnoreStart return pack("V4", $K[4] ^ $R2, $K[5] ^ $R3, $K[6] ^ $R0, $K[7] ^ $R1); + // @codingStandardsIgnoreEnd } /** * Decrypts a block * * @access private - * @param String $in - * @return String + * @param string $in + * @return string */ function _decryptBlock($in) { @@ -763,38 +689,38 @@ class Crypt_Twofish extends Crypt_Base { $R0 = ($R0 >> 31 & 0x1 | $R0 << 1) ^ ($t0 + $t1 + $K[--$ki]); } + // @codingStandardsIgnoreStart return pack("V4", $K[0] ^ $R2, $K[1] ^ $R3, $K[2] ^ $R0, $K[3] ^ $R1); + // @codingStandardsIgnoreEnd } /** * Setup the performance-optimized function for de/encrypt() * - * @see Crypt_Base::_setupInlineCrypt() + * @see \phpseclib\Crypt\Base::_setupInlineCrypt() * @access private */ function _setupInlineCrypt() { - $lambda_functions =& Crypt_Twofish::_getLambdaFunctions(); + $lambda_functions =& self::_getLambdaFunctions(); // Max. 10 Ultra-Hi-optimized inline-crypt functions. After that, we'll (still) create very fast code, but not the ultimate fast one. - $gen_hi_opt_code = (bool)( count($lambda_functions) < 10 ); + // (Currently, for Crypt_Twofish, one generated $lambda_function cost on php5.5@32bit ~140kb unfreeable mem and ~240kb on php5.5@64bit) + $gen_hi_opt_code = (bool)(count($lambda_functions) < 10); - switch (true) { - case $gen_hi_opt_code: - $code_hash = md5(str_pad("Crypt_Twofish, {$this->mode}, ", 32, "\0") . $this->key); - break; - default: - $code_hash = "Crypt_Twofish, {$this->mode}"; + // Generation of a uniqe hash for our generated code + $code_hash = "Crypt_Twofish, {$this->mode}"; + if ($gen_hi_opt_code) { + $code_hash = str_pad($code_hash, 32) . $this->_hashInlineCryptFunction($this->key); } if (!isset($lambda_functions[$code_hash])) { switch (true) { case $gen_hi_opt_code: $K = $this->K; - $init_crypt = ' static $S0, $S1, $S2, $S3; if (!$S0) { @@ -812,7 +738,6 @@ class Crypt_Twofish extends Crypt_Base { for ($i = 0; $i < 40; ++$i) { $K[] = '$K_' . $i; } - $init_crypt = ' $S0 = $self->S0; $S1 = $self->S1; @@ -919,6 +844,3 @@ class Crypt_Twofish extends Crypt_Base { $this->inline_crypt = $lambda_functions[$code_hash]; } } - -// vim: ts=4:sw=4:et: -// vim6: fdl=1: diff --git a/plugins/OStatus/extlib/phpseclib/Exception/BadConfigurationException.php b/plugins/OStatus/extlib/phpseclib/Exception/BadConfigurationException.php new file mode 100644 index 0000000000..096148a0df --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/Exception/BadConfigurationException.php @@ -0,0 +1,26 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\Exception; + +/** + * BadConfigurationException + * + * @package BadConfigurationException + * @author Jim Wigginton + */ +class BadConfigurationException extends \RuntimeException +{ +} diff --git a/plugins/OStatus/extlib/phpseclib/Exception/FileNotFoundException.php b/plugins/OStatus/extlib/phpseclib/Exception/FileNotFoundException.php new file mode 100644 index 0000000000..984edfcc7a --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/Exception/FileNotFoundException.php @@ -0,0 +1,26 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\Exception; + +/** + * FileNotFoundException + * + * @package FileNotFoundException + * @author Jim Wigginton + */ +class FileNotFoundException extends \RuntimeException +{ +} diff --git a/plugins/OStatus/extlib/phpseclib/Exception/NoSupportedAlgorithmsException.php b/plugins/OStatus/extlib/phpseclib/Exception/NoSupportedAlgorithmsException.php new file mode 100644 index 0000000000..bca9a753b5 --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/Exception/NoSupportedAlgorithmsException.php @@ -0,0 +1,26 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\Exception; + +/** + * NoSupportedAlgorithmsException + * + * @package NoSupportedAlgorithmsException + * @author Jim Wigginton + */ +class NoSupportedAlgorithmsException extends \RuntimeException +{ +} diff --git a/plugins/OStatus/extlib/phpseclib/Exception/UnsupportedAlgorithmException.php b/plugins/OStatus/extlib/phpseclib/Exception/UnsupportedAlgorithmException.php new file mode 100644 index 0000000000..47cc41d4d3 --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/Exception/UnsupportedAlgorithmException.php @@ -0,0 +1,26 @@ + + * @copyright 2015 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\Exception; + +/** + * UnsupportedAlgorithmException + * + * @package UnsupportedAlgorithmException + * @author Jim Wigginton + */ +class UnsupportedAlgorithmException extends \RuntimeException +{ +} diff --git a/plugins/OStatus/extlib/phpseclib/File/ANSI.php b/plugins/OStatus/extlib/phpseclib/File/ANSI.php new file mode 100644 index 0000000000..1f3eecb30a --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/File/ANSI.php @@ -0,0 +1,574 @@ + + * @copyright 2012 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File; + +/** + * Pure-PHP ANSI Decoder + * + * @package ANSI + * @author Jim Wigginton + * @access public + */ +class ANSI +{ + /** + * Max Width + * + * @var int + * @access private + */ + var $max_x; + + /** + * Max Height + * + * @var int + * @access private + */ + var $max_y; + + /** + * Max History + * + * @var int + * @access private + */ + var $max_history; + + /** + * History + * + * @var array + * @access private + */ + var $history; + + /** + * History Attributes + * + * @var array + * @access private + */ + var $history_attrs; + + /** + * Current Column + * + * @var int + * @access private + */ + var $x; + + /** + * Current Row + * + * @var int + * @access private + */ + var $y; + + /** + * Old Column + * + * @var int + * @access private + */ + var $old_x; + + /** + * Old Row + * + * @var int + * @access private + */ + var $old_y; + + /** + * An empty attribute cell + * + * @var object + * @access private + */ + var $base_attr_cell; + + /** + * The current attribute cell + * + * @var object + * @access private + */ + var $attr_cell; + + /** + * An empty attribute row + * + * @var array + * @access private + */ + var $attr_row; + + /** + * The current screen text + * + * @var array + * @access private + */ + var $screen; + + /** + * The current screen attributes + * + * @var array + * @access private + */ + var $attrs; + + /** + * Current ANSI code + * + * @var string + * @access private + */ + var $ansi; + + /** + * Tokenization + * + * @var array + * @access private + */ + var $tokenization; + + /** + * Default Constructor. + * + * @return \phpseclib\File\ANSI + * @access public + */ + function __construct() + { + $attr_cell = new \stdClass(); + $attr_cell->bold = false; + $attr_cell->underline = false; + $attr_cell->blink = false; + $attr_cell->background = 'black'; + $attr_cell->foreground = 'white'; + $attr_cell->reverse = false; + $this->base_attr_cell = clone $attr_cell; + $this->attr_cell = clone $attr_cell; + + $this->setHistory(200); + $this->setDimensions(80, 24); + } + + /** + * Set terminal width and height + * + * Resets the screen as well + * + * @param int $x + * @param int $y + * @access public + */ + function setDimensions($x, $y) + { + $this->max_x = $x - 1; + $this->max_y = $y - 1; + $this->x = $this->y = 0; + $this->history = $this->history_attrs = array(); + $this->attr_row = array_fill(0, $this->max_x + 2, $this->base_attr_cell); + $this->screen = array_fill(0, $this->max_y + 1, ''); + $this->attrs = array_fill(0, $this->max_y + 1, $this->attr_row); + $this->ansi = ''; + } + + /** + * Set the number of lines that should be logged past the terminal height + * + * @param int $x + * @param int $y + * @access public + */ + function setHistory($history) + { + $this->max_history = $history; + } + + /** + * Load a string + * + * @param string $source + * @access public + */ + function loadString($source) + { + $this->setDimensions($this->max_x + 1, $this->max_y + 1); + $this->appendString($source); + } + + /** + * Appdend a string + * + * @param string $source + * @access public + */ + function appendString($source) + { + $this->tokenization = array(''); + for ($i = 0; $i < strlen($source); $i++) { + if (strlen($this->ansi)) { + $this->ansi.= $source[$i]; + $chr = ord($source[$i]); + // http://en.wikipedia.org/wiki/ANSI_escape_code#Sequence_elements + // single character CSI's not currently supported + switch (true) { + case $this->ansi == "\x1B=": + $this->ansi = ''; + continue 2; + case strlen($this->ansi) == 2 && $chr >= 64 && $chr <= 95 && $chr != ord('['): + case strlen($this->ansi) > 2 && $chr >= 64 && $chr <= 126: + break; + default: + continue 2; + } + $this->tokenization[] = $this->ansi; + $this->tokenization[] = ''; + // http://ascii-table.com/ansi-escape-sequences-vt-100.php + switch ($this->ansi) { + case "\x1B[H": // Move cursor to upper left corner + $this->old_x = $this->x; + $this->old_y = $this->y; + $this->x = $this->y = 0; + break; + case "\x1B[J": // Clear screen from cursor down + $this->history = array_merge($this->history, array_slice(array_splice($this->screen, $this->y + 1), 0, $this->old_y)); + $this->screen = array_merge($this->screen, array_fill($this->y, $this->max_y, '')); + + $this->history_attrs = array_merge($this->history_attrs, array_slice(array_splice($this->attrs, $this->y + 1), 0, $this->old_y)); + $this->attrs = array_merge($this->attrs, array_fill($this->y, $this->max_y, $this->attr_row)); + + if (count($this->history) == $this->max_history) { + array_shift($this->history); + array_shift($this->history_attrs); + } + case "\x1B[K": // Clear screen from cursor right + $this->screen[$this->y] = substr($this->screen[$this->y], 0, $this->x); + + array_splice($this->attrs[$this->y], $this->x + 1, $this->max_x - $this->x, array_fill($this->x, $this->max_x - $this->x - 1, $this->base_attr_cell)); + break; + case "\x1B[2K": // Clear entire line + $this->screen[$this->y] = str_repeat(' ', $this->x); + $this->attrs[$this->y] = $this->attr_row; + break; + case "\x1B[?1h": // set cursor key to application + case "\x1B[?25h": // show the cursor + case "\x1B(B": // set united states g0 character set + break; + case "\x1BE": // Move to next line + $this->_newLine(); + $this->x = 0; + break; + default: + switch (true) { + case preg_match('#\x1B\[(\d+)B#', $this->ansi, $match): // Move cursor down n lines + $this->old_y = $this->y; + $this->y+= $match[1]; + break; + case preg_match('#\x1B\[(\d+);(\d+)H#', $this->ansi, $match): // Move cursor to screen location v,h + $this->old_x = $this->x; + $this->old_y = $this->y; + $this->x = $match[2] - 1; + $this->y = $match[1] - 1; + break; + case preg_match('#\x1B\[(\d+)C#', $this->ansi, $match): // Move cursor right n lines + $this->old_x = $this->x; + $this->x+= $match[1]; + break; + case preg_match('#\x1B\[(\d+)D#', $this->ansi, $match): // Move cursor left n lines + $this->old_x = $this->x; + $this->x-= $match[1]; + break; + case preg_match('#\x1B\[(\d+);(\d+)r#', $this->ansi, $match): // Set top and bottom lines of a window + break; + case preg_match('#\x1B\[(\d*(?:;\d*)*)m#', $this->ansi, $match): // character attributes + $attr_cell = &$this->attr_cell; + $mods = explode(';', $match[1]); + foreach ($mods as $mod) { + switch ($mod) { + case 0: // Turn off character attributes + $attr_cell = clone $this->base_attr_cell; + break; + case 1: // Turn bold mode on + $attr_cell->bold = true; + break; + case 4: // Turn underline mode on + $attr_cell->underline = true; + break; + case 5: // Turn blinking mode on + $attr_cell->blink = true; + break; + case 7: // Turn reverse video on + $attr_cell->reverse = !$attr_cell->reverse; + $temp = $attr_cell->background; + $attr_cell->background = $attr_cell->foreground; + $attr_cell->foreground = $temp; + break; + default: // set colors + //$front = $attr_cell->reverse ? &$attr_cell->background : &$attr_cell->foreground; + $front = &$attr_cell->{ $attr_cell->reverse ? 'background' : 'foreground' }; + //$back = $attr_cell->reverse ? &$attr_cell->foreground : &$attr_cell->background; + $back = &$attr_cell->{ $attr_cell->reverse ? 'foreground' : 'background' }; + switch ($mod) { + // @codingStandardsIgnoreStart + case 30: $front = 'black'; break; + case 31: $front = 'red'; break; + case 32: $front = 'green'; break; + case 33: $front = 'yellow'; break; + case 34: $front = 'blue'; break; + case 35: $front = 'magenta'; break; + case 36: $front = 'cyan'; break; + case 37: $front = 'white'; break; + + case 40: $back = 'black'; break; + case 41: $back = 'red'; break; + case 42: $back = 'green'; break; + case 43: $back = 'yellow'; break; + case 44: $back = 'blue'; break; + case 45: $back = 'magenta'; break; + case 46: $back = 'cyan'; break; + case 47: $back = 'white'; break; + // @codingStandardsIgnoreEnd + + default: + //user_error('Unsupported attribute: ' . $mod); + $this->ansi = ''; + break 2; + } + } + } + break; + default: + //user_error("{$this->ansi} is unsupported\r\n"); + } + } + $this->ansi = ''; + continue; + } + + $this->tokenization[count($this->tokenization) - 1].= $source[$i]; + switch ($source[$i]) { + case "\r": + $this->x = 0; + break; + case "\n": + $this->_newLine(); + break; + case "\x08": // backspace + if ($this->x) { + $this->x--; + $this->attrs[$this->y][$this->x] = clone $this->base_attr_cell; + $this->screen[$this->y] = substr_replace( + $this->screen[$this->y], + $source[$i], + $this->x, + 1 + ); + } + break; + case "\x0F": // shift + break; + case "\x1B": // start ANSI escape code + $this->tokenization[count($this->tokenization) - 1] = substr($this->tokenization[count($this->tokenization) - 1], 0, -1); + //if (!strlen($this->tokenization[count($this->tokenization) - 1])) { + // array_pop($this->tokenization); + //} + $this->ansi.= "\x1B"; + break; + default: + $this->attrs[$this->y][$this->x] = clone $this->attr_cell; + if ($this->x > strlen($this->screen[$this->y])) { + $this->screen[$this->y] = str_repeat(' ', $this->x); + } + $this->screen[$this->y] = substr_replace( + $this->screen[$this->y], + $source[$i], + $this->x, + 1 + ); + + if ($this->x > $this->max_x) { + $this->x = 0; + $this->y++; + } else { + $this->x++; + } + } + } + } + + /** + * Add a new line + * + * Also update the $this->screen and $this->history buffers + * + * @access private + */ + function _newLine() + { + //if ($this->y < $this->max_y) { + // $this->y++; + //} + + while ($this->y >= $this->max_y) { + $this->history = array_merge($this->history, array(array_shift($this->screen))); + $this->screen[] = ''; + + $this->history_attrs = array_merge($this->history_attrs, array(array_shift($this->attrs))); + $this->attrs[] = $this->attr_row; + + if (count($this->history) >= $this->max_history) { + array_shift($this->history); + array_shift($this->history_attrs); + } + + $this->y--; + } + $this->y++; + } + + /** + * Returns the current coordinate without preformating + * + * @access private + * @return string + */ + function _processCoordinate($last_attr, $cur_attr, $char) + { + $output = ''; + + if ($last_attr != $cur_attr) { + $close = $open = ''; + if ($last_attr->foreground != $cur_attr->foreground) { + if ($cur_attr->foreground != 'white') { + $open.= ''; + } + if ($last_attr->foreground != 'white') { + $close = '' . $close; + } + } + if ($last_attr->background != $cur_attr->background) { + if ($cur_attr->background != 'black') { + $open.= ''; + } + if ($last_attr->background != 'black') { + $close = '' . $close; + } + } + if ($last_attr->bold != $cur_attr->bold) { + if ($cur_attr->bold) { + $open.= ''; + } else { + $close = '' . $close; + } + } + if ($last_attr->underline != $cur_attr->underline) { + if ($cur_attr->underline) { + $open.= ''; + } else { + $close = '' . $close; + } + } + if ($last_attr->blink != $cur_attr->blink) { + if ($cur_attr->blink) { + $open.= ''; + } else { + $close = '' . $close; + } + } + $output.= $close . $open; + } + + $output.= htmlspecialchars($char); + + return $output; + } + + /** + * Returns the current screen without preformating + * + * @access private + * @return string + */ + function _getScreen() + { + $output = ''; + $last_attr = $this->base_attr_cell; + for ($i = 0; $i <= $this->max_y; $i++) { + for ($j = 0; $j <= $this->max_x; $j++) { + $cur_attr = $this->attrs[$i][$j]; + $output.= $this->_processCoordinate($last_attr, $cur_attr, isset($this->screen[$i][$j]) ? $this->screen[$i][$j] : ''); + $last_attr = $this->attrs[$i][$j]; + } + $output.= "\r\n"; + } + $output = substr($output, 0, -2); + // close any remaining open tags + $output.= $this->_processCoordinate($last_attr, $this->base_attr_cell, ''); + return rtrim($output); + } + + /** + * Returns the current screen + * + * @access public + * @return string + */ + function getScreen() + { + return '
    ' . $this->_getScreen() . '
    '; + } + + /** + * Returns the current screen and the x previous lines + * + * @access public + * @return string + */ + function getHistory() + { + $scrollback = ''; + $last_attr = $this->base_attr_cell; + for ($i = 0; $i < count($this->history); $i++) { + for ($j = 0; $j <= $this->max_x + 1; $j++) { + $cur_attr = $this->history_attrs[$i][$j]; + $scrollback.= $this->_processCoordinate($last_attr, $cur_attr, isset($this->history[$i][$j]) ? $this->history[$i][$j] : ''); + $last_attr = $this->history_attrs[$i][$j]; + } + $scrollback.= "\r\n"; + } + $base_attr_cell = $this->base_attr_cell; + $this->base_attr_cell = $last_attr; + $scrollback.= $this->_getScreen(); + $this->base_attr_cell = $base_attr_cell; + + return '
    ' . $scrollback . '
    '; + } +} diff --git a/plugins/OStatus/extlib/phpseclib/File/ASN1.php b/plugins/OStatus/extlib/phpseclib/File/ASN1.php new file mode 100644 index 0000000000..ad59f69bdb --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/File/ASN1.php @@ -0,0 +1,1310 @@ + + * @copyright 2012 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File; + +use ParagonIE\ConstantTime\Base64; +use phpseclib\File\ASN1\Element; +use phpseclib\Math\BigInteger; + +/** + * Pure-PHP ASN.1 Parser + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class ASN1 +{ + /**#@+ + * Tag Classes + * + * @access private + * @link http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=12 + */ + const CLASS_UNIVERSAL = 0; + const CLASS_APPLICATION = 1; + const CLASS_CONTEXT_SPECIFIC = 2; + const CLASS_PRIVATE = 3; + /**#@-*/ + + /**#@+ + * Tag Classes + * + * @access private + * @link http://www.obj-sys.com/asn1tutorial/node124.html + */ + const TYPE_BOOLEAN = 1; + const TYPE_INTEGER = 2; + const TYPE_BIT_STRING = 3; + const TYPE_OCTET_STRING = 4; + const TYPE_NULL = 5; + const TYPE_OBJECT_IDENTIFIER = 6; + //const TYPE_OBJECT_DESCRIPTOR = 7; + //const TYPE_INSTANCE_OF = 8; // EXTERNAL + const TYPE_REAL = 9; + const TYPE_ENUMERATED = 10; + //const TYPE_EMBEDDED = 11; + const TYPE_UTF8_STRING = 12; + //const TYPE_RELATIVE_OID = 13; + const TYPE_SEQUENCE = 16; // SEQUENCE OF + const TYPE_SET = 17; // SET OF + /**#@-*/ + /**#@+ + * More Tag Classes + * + * @access private + * @link http://www.obj-sys.com/asn1tutorial/node10.html + */ + const TYPE_NUMERIC_STRING = 18; + const TYPE_PRINTABLE_STRING = 19; + const TYPE_TELETEX_STRING = 20; // T61String + const TYPE_VIDEOTEX_STRING = 21; + const TYPE_IA5_STRING = 22; + const TYPE_UTC_TIME = 23; + const TYPE_GENERALIZED_TIME = 24; + const TYPE_GRAPHIC_STRING = 25; + const TYPE_VISIBLE_STRING = 26; // ISO646String + const TYPE_GENERAL_STRING = 27; + const TYPE_UNIVERSAL_STRING = 28; + //const TYPE_CHARACTER_STRING = 29; + const TYPE_BMP_STRING = 30; + /**#@-*/ + + /**#@+ + * Tag Aliases + * + * These tags are kinda place holders for other tags. + * + * @access private + */ + const TYPE_CHOICE = -1; + const TYPE_ANY = -2; + /**#@-*/ + + /** + * ASN.1 object identifier + * + * @var array + * @access private + * @link http://en.wikipedia.org/wiki/Object_identifier + */ + var $oids = array(); + + /** + * Default date format + * + * @var string + * @access private + * @link http://php.net/class.datetime + */ + var $format = 'D, d M Y H:i:s O'; + + /** + * Default date format + * + * @var array + * @access private + * @see self::setTimeFormat() + * @see self::asn1map() + * @link http://php.net/class.datetime + */ + var $encoded; + + /** + * Filters + * + * If the mapping type is self::TYPE_ANY what do we actually encode it as? + * + * @var array + * @access private + * @see self::_encode_der() + */ + var $filters; + + /** + * Type mapping table for the ANY type. + * + * Structured or unknown types are mapped to a \phpseclib\File\ASN1\Element. + * Unambiguous types get the direct mapping (int/real/bool). + * Others are mapped as a choice, with an extra indexing level. + * + * @var array + * @access public + */ + var $ANYmap = array( + self::TYPE_BOOLEAN => true, + self::TYPE_INTEGER => true, + self::TYPE_BIT_STRING => 'bitString', + self::TYPE_OCTET_STRING => 'octetString', + self::TYPE_NULL => 'null', + self::TYPE_OBJECT_IDENTIFIER => 'objectIdentifier', + self::TYPE_REAL => true, + self::TYPE_ENUMERATED => 'enumerated', + self::TYPE_UTF8_STRING => 'utf8String', + self::TYPE_NUMERIC_STRING => 'numericString', + self::TYPE_PRINTABLE_STRING => 'printableString', + self::TYPE_TELETEX_STRING => 'teletexString', + self::TYPE_VIDEOTEX_STRING => 'videotexString', + self::TYPE_IA5_STRING => 'ia5String', + self::TYPE_UTC_TIME => 'utcTime', + self::TYPE_GENERALIZED_TIME => 'generalTime', + self::TYPE_GRAPHIC_STRING => 'graphicString', + self::TYPE_VISIBLE_STRING => 'visibleString', + self::TYPE_GENERAL_STRING => 'generalString', + self::TYPE_UNIVERSAL_STRING => 'universalString', + //self::TYPE_CHARACTER_STRING => 'characterString', + self::TYPE_BMP_STRING => 'bmpString' + ); + + /** + * String type to character size mapping table. + * + * Non-convertable types are absent from this table. + * size == 0 indicates variable length encoding. + * + * @var array + * @access public + */ + var $stringTypeSize = array( + self::TYPE_UTF8_STRING => 0, + self::TYPE_BMP_STRING => 2, + self::TYPE_UNIVERSAL_STRING => 4, + self::TYPE_PRINTABLE_STRING => 1, + self::TYPE_TELETEX_STRING => 1, + self::TYPE_IA5_STRING => 1, + self::TYPE_VISIBLE_STRING => 1, + ); + + /** + * Parse BER-encoding + * + * Serves a similar purpose to openssl's asn1parse + * + * @param string $encoded + * @return array + * @access public + */ + function decodeBER($encoded) + { + if ($encoded instanceof Element) { + $encoded = $encoded->element; + } + + $this->encoded = $encoded; + // encapsulate in an array for BC with the old decodeBER + return array($this->_decode_ber($encoded)); + } + + /** + * Parse BER-encoding (Helper function) + * + * Sometimes we want to get the BER encoding of a particular tag. $start lets us do that without having to reencode. + * $encoded is passed by reference for the recursive calls done for self::TYPE_BIT_STRING and + * self::TYPE_OCTET_STRING. In those cases, the indefinite length is used. + * + * @param string $encoded + * @param int $start + * @return array + * @access private + */ + function _decode_ber($encoded, $start = 0) + { + $current = array('start' => $start); + + $type = ord($this->_string_shift($encoded)); + $start++; + + $constructed = ($type >> 5) & 1; + + $tag = $type & 0x1F; + if ($tag == 0x1F) { + $tag = 0; + // process septets (since the eighth bit is ignored, it's not an octet) + do { + $loop = ord($encoded[0]) >> 7; + $tag <<= 7; + $tag |= ord($this->_string_shift($encoded)) & 0x7F; + $start++; + } while ($loop); + } + + // Length, as discussed in paragraph 8.1.3 of X.690-0207.pdf#page=13 + $length = ord($this->_string_shift($encoded)); + $start++; + if ($length == 0x80) { // indefinite length + // "[A sender shall] use the indefinite form (see 8.1.3.6) if the encoding is constructed and is not all + // immediately available." -- paragraph 8.1.3.2.c + $length = strlen($encoded); + } elseif ($length & 0x80) { // definite length, long form + // technically, the long form of the length can be represented by up to 126 octets (bytes), but we'll only + // support it up to four. + $length&= 0x7F; + $temp = $this->_string_shift($encoded, $length); + // tags of indefinte length don't really have a header length; this length includes the tag + $current+= array('headerlength' => $length + 2); + $start+= $length; + extract(unpack('Nlength', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4))); + } else { + $current+= array('headerlength' => 2); + } + + if ($length > strlen($encoded)) { + return false; + } + + $content = $this->_string_shift($encoded, $length); + + // at this point $length can be overwritten. it's only accurate for definite length things as is + + /* Class is UNIVERSAL, APPLICATION, PRIVATE, or CONTEXT-SPECIFIC. The UNIVERSAL class is restricted to the ASN.1 + built-in types. It defines an application-independent data type that must be distinguishable from all other + data types. The other three classes are user defined. The APPLICATION class distinguishes data types that + have a wide, scattered use within a particular presentation context. PRIVATE distinguishes data types within + a particular organization or country. CONTEXT-SPECIFIC distinguishes members of a sequence or set, the + alternatives of a CHOICE, or universally tagged set members. Only the class number appears in braces for this + data type; the term CONTEXT-SPECIFIC does not appear. + + -- http://www.obj-sys.com/asn1tutorial/node12.html */ + $class = ($type >> 6) & 3; + switch ($class) { + case self::CLASS_APPLICATION: + case self::CLASS_PRIVATE: + case self::CLASS_CONTEXT_SPECIFIC: + if (!$constructed) { + return array( + 'type' => $class, + 'constant' => $tag, + 'content' => $content, + 'length' => $length + $start - $current['start'] + ); + } + + $newcontent = array(); + $remainingLength = $length; + while ($remainingLength > 0) { + $temp = $this->_decode_ber($content, $start); + $length = $temp['length']; + // end-of-content octets - see paragraph 8.1.5 + if (substr($content, $length, 2) == "\0\0") { + $length+= 2; + $start+= $length; + $newcontent[] = $temp; + break; + } + $start+= $length; + $remainingLength-= $length; + $newcontent[] = $temp; + $this->_string_shift($content, $length); + } + + return array( + 'type' => $class, + 'constant' => $tag, + // the array encapsulation is for BC with the old format + 'content' => $newcontent, + // the only time when $content['headerlength'] isn't defined is when the length is indefinite. + // the absence of $content['headerlength'] is how we know if something is indefinite or not. + // technically, it could be defined to be 2 and then another indicator could be used but whatever. + 'length' => $start - $current['start'] + ) + $current; + } + + $current+= array('type' => $tag); + + // decode UNIVERSAL tags + switch ($tag) { + case self::TYPE_BOOLEAN: + // "The contents octets shall consist of a single octet." -- paragraph 8.2.1 + //if (strlen($content) != 1) { + // return false; + //} + $current['content'] = (bool) ord($content[0]); + break; + case self::TYPE_INTEGER: + case self::TYPE_ENUMERATED: + $current['content'] = new BigInteger($content, -256); + break; + case self::TYPE_REAL: // not currently supported + return false; + case self::TYPE_BIT_STRING: + // The initial octet shall encode, as an unsigned binary integer with bit 1 as the least significant bit, + // the number of unused bits in the final subsequent octet. The number shall be in the range zero to + // seven. + if (!$constructed) { + $current['content'] = $content; + } else { + $temp = $this->_decode_ber($content, $start); + $length-= strlen($content); + $last = count($temp) - 1; + for ($i = 0; $i < $last; $i++) { + // all subtags should be bit strings + //if ($temp[$i]['type'] != self::TYPE_BIT_STRING) { + // return false; + //} + $current['content'].= substr($temp[$i]['content'], 1); + } + // all subtags should be bit strings + //if ($temp[$last]['type'] != self::TYPE_BIT_STRING) { + // return false; + //} + $current['content'] = $temp[$last]['content'][0] . $current['content'] . substr($temp[$i]['content'], 1); + } + break; + case self::TYPE_OCTET_STRING: + if (!$constructed) { + $current['content'] = $content; + } else { + $current['content'] = ''; + $length = 0; + while (substr($content, 0, 2) != "\0\0") { + $temp = $this->_decode_ber($content, $length + $start); + $this->_string_shift($content, $temp['length']); + // all subtags should be octet strings + //if ($temp['type'] != self::TYPE_OCTET_STRING) { + // return false; + //} + $current['content'].= $temp['content']; + $length+= $temp['length']; + } + if (substr($content, 0, 2) == "\0\0") { + $length+= 2; // +2 for the EOC + } + } + break; + case self::TYPE_NULL: + // "The contents octets shall not contain any octets." -- paragraph 8.8.2 + //if (strlen($content)) { + // return false; + //} + break; + case self::TYPE_SEQUENCE: + case self::TYPE_SET: + $offset = 0; + $current['content'] = array(); + while (strlen($content)) { + // if indefinite length construction was used and we have an end-of-content string next + // see paragraphs 8.1.1.3, 8.1.3.2, 8.1.3.6, 8.1.5, and (for an example) 8.6.4.2 + if (!isset($current['headerlength']) && substr($content, 0, 2) == "\0\0") { + $length = $offset + 2; // +2 for the EOC + break 2; + } + $temp = $this->_decode_ber($content, $start + $offset); + $this->_string_shift($content, $temp['length']); + $current['content'][] = $temp; + $offset+= $temp['length']; + } + break; + case self::TYPE_OBJECT_IDENTIFIER: + $temp = ord($this->_string_shift($content)); + $current['content'] = sprintf('%d.%d', floor($temp / 40), $temp % 40); + $valuen = 0; + // process septets + while (strlen($content)) { + $temp = ord($this->_string_shift($content)); + $valuen <<= 7; + $valuen |= $temp & 0x7F; + if (~$temp & 0x80) { + $current['content'].= ".$valuen"; + $valuen = 0; + } + } + // the eighth bit of the last byte should not be 1 + //if ($temp >> 7) { + // return false; + //} + break; + /* Each character string type shall be encoded as if it had been declared: + [UNIVERSAL x] IMPLICIT OCTET STRING + + -- X.690-0207.pdf#page=23 (paragraph 8.21.3) + + Per that, we're not going to do any validation. If there are any illegal characters in the string, + we don't really care */ + case self::TYPE_NUMERIC_STRING: + // 0,1,2,3,4,5,6,7,8,9, and space + case self::TYPE_PRINTABLE_STRING: + // Upper and lower case letters, digits, space, apostrophe, left/right parenthesis, plus sign, comma, + // hyphen, full stop, solidus, colon, equal sign, question mark + case self::TYPE_TELETEX_STRING: + // The Teletex character set in CCITT's T61, space, and delete + // see http://en.wikipedia.org/wiki/Teletex#Character_sets + case self::TYPE_VIDEOTEX_STRING: + // The Videotex character set in CCITT's T.100 and T.101, space, and delete + case self::TYPE_VISIBLE_STRING: + // Printing character sets of international ASCII, and space + case self::TYPE_IA5_STRING: + // International Alphabet 5 (International ASCII) + case self::TYPE_GRAPHIC_STRING: + // All registered G sets, and space + case self::TYPE_GENERAL_STRING: + // All registered C and G sets, space and delete + case self::TYPE_UTF8_STRING: + // ???? + case self::TYPE_BMP_STRING: + $current['content'] = $content; + break; + case self::TYPE_UTC_TIME: + case self::TYPE_GENERALIZED_TIME: + $current['content'] = $this->_decodeTime($content, $tag); + default: + } + + $start+= $length; + + // ie. length is the length of the full TLV encoding - it's not just the length of the value + return $current + array('length' => $start - $current['start']); + } + + /** + * ASN.1 Map + * + * Provides an ASN.1 semantic mapping ($mapping) from a parsed BER-encoding to a human readable format. + * + * "Special" mappings may be applied on a per tag-name basis via $special. + * + * @param array $decoded + * @param array $mapping + * @param array $special + * @return array + * @access public + */ + function asn1map($decoded, $mapping, $special = array()) + { + if (isset($mapping['explicit']) && is_array($decoded['content'])) { + $decoded = $decoded['content'][0]; + } + + switch (true) { + case $mapping['type'] == self::TYPE_ANY: + $intype = $decoded['type']; + if (isset($decoded['constant']) || !isset($this->ANYmap[$intype]) || ($this->encoded[$decoded['start']] & 0x20)) { + return new Element(substr($this->encoded, $decoded['start'], $decoded['length'])); + } + $inmap = $this->ANYmap[$intype]; + if (is_string($inmap)) { + return array($inmap => $this->asn1map($decoded, array('type' => $intype) + $mapping, $special)); + } + break; + case $mapping['type'] == self::TYPE_CHOICE: + foreach ($mapping['children'] as $key => $option) { + switch (true) { + case isset($option['constant']) && $option['constant'] == $decoded['constant']: + case !isset($option['constant']) && $option['type'] == $decoded['type']: + $value = $this->asn1map($decoded, $option, $special); + break; + case !isset($option['constant']) && $option['type'] == self::TYPE_CHOICE: + $v = $this->asn1map($decoded, $option, $special); + if (isset($v)) { + $value = $v; + } + } + if (isset($value)) { + if (isset($special[$key])) { + $value = call_user_func($special[$key], $value); + } + return array($key => $value); + } + } + return null; + case isset($mapping['implicit']): + case isset($mapping['explicit']): + case $decoded['type'] == $mapping['type']: + break; + default: + // if $decoded['type'] and $mapping['type'] are both strings, but different types of strings, + // let it through + switch (true) { + case $decoded['type'] < 18: // self::TYPE_NUMERIC_STRING == 18 + case $decoded['type'] > 30: // self::TYPE_BMP_STRING == 30 + case $mapping['type'] < 18: + case $mapping['type'] > 30: + return null; + } + } + + if (isset($mapping['implicit'])) { + $decoded['type'] = $mapping['type']; + } + + switch ($decoded['type']) { + case self::TYPE_SEQUENCE: + $map = array(); + + // ignore the min and max + if (isset($mapping['min']) && isset($mapping['max'])) { + $child = $mapping['children']; + foreach ($decoded['content'] as $content) { + if (($map[] = $this->asn1map($content, $child, $special)) === null) { + return null; + } + } + + return $map; + } + + $n = count($decoded['content']); + $i = 0; + + foreach ($mapping['children'] as $key => $child) { + $maymatch = $i < $n; // Match only existing input. + if ($maymatch) { + $temp = $decoded['content'][$i]; + + if ($child['type'] != self::TYPE_CHOICE) { + // Get the mapping and input class & constant. + $childClass = $tempClass = self::CLASS_UNIVERSAL; + $constant = null; + if (isset($temp['constant'])) { + $tempClass = isset($temp['class']) ? $temp['class'] : self::CLASS_CONTEXT_SPECIFIC; + } + if (isset($child['class'])) { + $childClass = $child['class']; + $constant = $child['cast']; + } elseif (isset($child['constant'])) { + $childClass = self::CLASS_CONTEXT_SPECIFIC; + $constant = $child['constant']; + } + + if (isset($constant) && isset($temp['constant'])) { + // Can only match if constants and class match. + $maymatch = $constant == $temp['constant'] && $childClass == $tempClass; + } else { + // Can only match if no constant expected and type matches or is generic. + $maymatch = !isset($child['constant']) && array_search($child['type'], array($temp['type'], self::TYPE_ANY, self::TYPE_CHOICE)) !== false; + } + } + } + + if ($maymatch) { + // Attempt submapping. + $candidate = $this->asn1map($temp, $child, $special); + $maymatch = $candidate !== null; + } + + if ($maymatch) { + // Got the match: use it. + if (isset($special[$key])) { + $candidate = call_user_func($special[$key], $candidate); + } + $map[$key] = $candidate; + $i++; + } elseif (isset($child['default'])) { + $map[$key] = $child['default']; // Use default. + } elseif (!isset($child['optional'])) { + return null; // Syntax error. + } + } + + // Fail mapping if all input items have not been consumed. + return $i < $n ? null: $map; + + // the main diff between sets and sequences is the encapsulation of the foreach in another for loop + case self::TYPE_SET: + $map = array(); + + // ignore the min and max + if (isset($mapping['min']) && isset($mapping['max'])) { + $child = $mapping['children']; + foreach ($decoded['content'] as $content) { + if (($map[] = $this->asn1map($content, $child, $special)) === null) { + return null; + } + } + + return $map; + } + + for ($i = 0; $i < count($decoded['content']); $i++) { + $temp = $decoded['content'][$i]; + $tempClass = self::CLASS_UNIVERSAL; + if (isset($temp['constant'])) { + $tempClass = isset($temp['class']) ? $temp['class'] : self::CLASS_CONTEXT_SPECIFIC; + } + + foreach ($mapping['children'] as $key => $child) { + if (isset($map[$key])) { + continue; + } + $maymatch = true; + if ($child['type'] != self::TYPE_CHOICE) { + $childClass = self::CLASS_UNIVERSAL; + $constant = null; + if (isset($child['class'])) { + $childClass = $child['class']; + $constant = $child['cast']; + } elseif (isset($child['constant'])) { + $childClass = self::CLASS_CONTEXT_SPECIFIC; + $constant = $child['constant']; + } + + if (isset($constant) && isset($temp['constant'])) { + // Can only match if constants and class match. + $maymatch = $constant == $temp['constant'] && $childClass == $tempClass; + } else { + // Can only match if no constant expected and type matches or is generic. + $maymatch = !isset($child['constant']) && array_search($child['type'], array($temp['type'], self::TYPE_ANY, self::TYPE_CHOICE)) !== false; + } + } + + if ($maymatch) { + // Attempt submapping. + $candidate = $this->asn1map($temp, $child, $special); + $maymatch = $candidate !== null; + } + + if (!$maymatch) { + break; + } + + // Got the match: use it. + if (isset($special[$key])) { + $candidate = call_user_func($special[$key], $candidate); + } + $map[$key] = $candidate; + break; + } + } + + foreach ($mapping['children'] as $key => $child) { + if (!isset($map[$key])) { + if (isset($child['default'])) { + $map[$key] = $child['default']; + } elseif (!isset($child['optional'])) { + return null; + } + } + } + return $map; + case self::TYPE_OBJECT_IDENTIFIER: + return isset($this->oids[$decoded['content']]) ? $this->oids[$decoded['content']] : $decoded['content']; + case self::TYPE_UTC_TIME: + case self::TYPE_GENERALIZED_TIME: + if (isset($mapping['implicit'])) { + $decoded['content'] = $this->_decodeTime($decoded['content'], $decoded['type']); + } + return @date($this->format, $decoded['content']); + case self::TYPE_BIT_STRING: + if (isset($mapping['mapping'])) { + $offset = ord($decoded['content'][0]); + $size = (strlen($decoded['content']) - 1) * 8 - $offset; + /* + From X.680-0207.pdf#page=46 (21.7): + + "When a "NamedBitList" is used in defining a bitstring type ASN.1 encoding rules are free to add (or remove) + arbitrarily any trailing 0 bits to (or from) values that are being encoded or decoded. Application designers should + therefore ensure that different semantics are not associated with such values which differ only in the number of trailing + 0 bits." + */ + $bits = count($mapping['mapping']) == $size ? array() : array_fill(0, count($mapping['mapping']) - $size, false); + for ($i = strlen($decoded['content']) - 1; $i > 0; $i--) { + $current = ord($decoded['content'][$i]); + for ($j = $offset; $j < 8; $j++) { + $bits[] = (bool) ($current & (1 << $j)); + } + $offset = 0; + } + $values = array(); + $map = array_reverse($mapping['mapping']); + foreach ($map as $i => $value) { + if ($bits[$i]) { + $values[] = $value; + } + } + return $values; + } + case self::TYPE_OCTET_STRING: + return Base64::encode($decoded['content']); + case self::TYPE_NULL: + return ''; + case self::TYPE_BOOLEAN: + return $decoded['content']; + case self::TYPE_NUMERIC_STRING: + case self::TYPE_PRINTABLE_STRING: + case self::TYPE_TELETEX_STRING: + case self::TYPE_VIDEOTEX_STRING: + case self::TYPE_IA5_STRING: + case self::TYPE_GRAPHIC_STRING: + case self::TYPE_VISIBLE_STRING: + case self::TYPE_GENERAL_STRING: + case self::TYPE_UNIVERSAL_STRING: + case self::TYPE_UTF8_STRING: + case self::TYPE_BMP_STRING: + return $decoded['content']; + case self::TYPE_INTEGER: + case self::TYPE_ENUMERATED: + $temp = $decoded['content']; + if (isset($mapping['implicit'])) { + $temp = new BigInteger($decoded['content'], -256); + } + if (isset($mapping['mapping'])) { + $temp = (int) $temp->toString(); + return isset($mapping['mapping'][$temp]) ? + $mapping['mapping'][$temp] : + false; + } + return $temp; + } + } + + /** + * ASN.1 Encode + * + * DER-encodes an ASN.1 semantic mapping ($mapping). Some libraries would probably call this function + * an ASN.1 compiler. + * + * "Special" mappings can be applied via $special. + * + * @param string $source + * @param string $mapping + * @param int $idx + * @return string + * @access public + */ + function encodeDER($source, $mapping, $special = array()) + { + $this->location = array(); + return $this->_encode_der($source, $mapping, null, $special); + } + + /** + * ASN.1 Encode (Helper function) + * + * @param string $source + * @param string $mapping + * @param int $idx + * @return string + * @throws \RuntimeException if the input has an error in it + * @access private + */ + function _encode_der($source, $mapping, $idx = null, $special = array()) + { + if ($source instanceof Element) { + return $source->element; + } + + // do not encode (implicitly optional) fields with value set to default + if (isset($mapping['default']) && $source === $mapping['default']) { + return ''; + } + + if (isset($idx)) { + if (isset($special[$idx])) { + $source = call_user_func($special[$idx], $source); + } + $this->location[] = $idx; + } + + $tag = $mapping['type']; + + switch ($tag) { + case self::TYPE_SET: // Children order is not important, thus process in sequence. + case self::TYPE_SEQUENCE: + $tag|= 0x20; // set the constructed bit + $value = ''; + + // ignore the min and max + if (isset($mapping['min']) && isset($mapping['max'])) { + $child = $mapping['children']; + + foreach ($source as $content) { + $temp = $this->_encode_der($content, $child, null, $special); + if ($temp === false) { + return false; + } + $value.= $temp; + } + break; + } + + foreach ($mapping['children'] as $key => $child) { + if (!array_key_exists($key, $source)) { + if (!isset($child['optional'])) { + return false; + } + continue; + } + + $temp = $this->_encode_der($source[$key], $child, $key, $special); + if ($temp === false) { + return false; + } + + // An empty child encoding means it has been optimized out. + // Else we should have at least one tag byte. + if ($temp === '') { + continue; + } + + // if isset($child['constant']) is true then isset($child['optional']) should be true as well + if (isset($child['constant'])) { + /* + From X.680-0207.pdf#page=58 (30.6): + + "The tagging construction specifies explicit tagging if any of the following holds: + ... + c) the "Tag Type" alternative is used and the value of "TagDefault" for the module is IMPLICIT TAGS or + AUTOMATIC TAGS, but the type defined by "Type" is an untagged choice type, an untagged open type, or + an untagged "DummyReference" (see ITU-T Rec. X.683 | ISO/IEC 8824-4, 8.3)." + */ + if (isset($child['explicit']) || $child['type'] == self::TYPE_CHOICE) { + $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | 0x20 | $child['constant']); + $temp = $subtag . $this->_encodeLength(strlen($temp)) . $temp; + } else { + $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | (ord($temp[0]) & 0x20) | $child['constant']); + $temp = $subtag . substr($temp, 1); + } + } + $value.= $temp; + } + break; + case self::TYPE_CHOICE: + $temp = false; + + foreach ($mapping['children'] as $key => $child) { + if (!isset($source[$key])) { + continue; + } + + $temp = $this->_encode_der($source[$key], $child, $key, $special); + if ($temp === false) { + return false; + } + + // An empty child encoding means it has been optimized out. + // Else we should have at least one tag byte. + if ($temp === '') { + continue; + } + + $tag = ord($temp[0]); + + // if isset($child['constant']) is true then isset($child['optional']) should be true as well + if (isset($child['constant'])) { + if (isset($child['explicit']) || $child['type'] == self::TYPE_CHOICE) { + $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | 0x20 | $child['constant']); + $temp = $subtag . $this->_encodeLength(strlen($temp)) . $temp; + } else { + $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | (ord($temp[0]) & 0x20) | $child['constant']); + $temp = $subtag . substr($temp, 1); + } + } + } + + if (isset($idx)) { + array_pop($this->location); + } + + if ($temp && isset($mapping['cast'])) { + $temp[0] = chr(($mapping['class'] << 6) | ($tag & 0x20) | $mapping['cast']); + } + + return $temp; + case self::TYPE_INTEGER: + case self::TYPE_ENUMERATED: + if (!isset($mapping['mapping'])) { + if (is_numeric($source)) { + $source = new BigInteger($source); + } + $value = $source->toBytes(true); + } else { + $value = array_search($source, $mapping['mapping']); + if ($value === false) { + return false; + } + $value = new BigInteger($value); + $value = $value->toBytes(true); + } + if (!strlen($value)) { + $value = chr(0); + } + break; + case self::TYPE_UTC_TIME: + case self::TYPE_GENERALIZED_TIME: + $format = $mapping['type'] == self::TYPE_UTC_TIME ? 'y' : 'Y'; + $format.= 'mdHis'; + $value = @gmdate($format, strtotime($source)) . 'Z'; + break; + case self::TYPE_BIT_STRING: + if (isset($mapping['mapping'])) { + $bits = array_fill(0, count($mapping['mapping']), 0); + $size = 0; + for ($i = 0; $i < count($mapping['mapping']); $i++) { + if (in_array($mapping['mapping'][$i], $source)) { + $bits[$i] = 1; + $size = $i; + } + } + + if (isset($mapping['min']) && $mapping['min'] >= 1 && $size < $mapping['min']) { + $size = $mapping['min'] - 1; + } + + $offset = 8 - (($size + 1) & 7); + $offset = $offset !== 8 ? $offset : 0; + + $value = chr($offset); + + for ($i = $size + 1; $i < count($mapping['mapping']); $i++) { + unset($bits[$i]); + } + + $bits = implode('', array_pad($bits, $size + $offset + 1, 0)); + $bytes = explode(' ', rtrim(chunk_split($bits, 8, ' '))); + foreach ($bytes as $byte) { + $value.= chr(bindec($byte)); + } + + break; + } + case self::TYPE_OCTET_STRING: + /* The initial octet shall encode, as an unsigned binary integer with bit 1 as the least significant bit, + the number of unused bits in the final subsequent octet. The number shall be in the range zero to seven. + + -- http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=16 */ + $value = Base64::decode($source); + break; + case self::TYPE_OBJECT_IDENTIFIER: + $oid = preg_match('#(?:\d+\.)+#', $source) ? $source : array_search($source, $this->oids); + if ($oid === false) { + throw new \RuntimeException('Invalid OID'); + return false; + } + $value = ''; + $parts = explode('.', $oid); + $value = chr(40 * $parts[0] + $parts[1]); + for ($i = 2; $i < count($parts); $i++) { + $temp = ''; + if (!$parts[$i]) { + $temp = "\0"; + } else { + while ($parts[$i]) { + $temp = chr(0x80 | ($parts[$i] & 0x7F)) . $temp; + $parts[$i] >>= 7; + } + $temp[strlen($temp) - 1] = $temp[strlen($temp) - 1] & chr(0x7F); + } + $value.= $temp; + } + break; + case self::TYPE_ANY: + $loc = $this->location; + if (isset($idx)) { + array_pop($this->location); + } + + switch (true) { + case !isset($source): + return $this->_encode_der(null, array('type' => self::TYPE_NULL) + $mapping, null, $special); + case is_int($source): + case $source instanceof BigInteger: + return $this->_encode_der($source, array('type' => self::TYPE_INTEGER) + $mapping, null, $special); + case is_float($source): + return $this->_encode_der($source, array('type' => self::TYPE_REAL) + $mapping, null, $special); + case is_bool($source): + return $this->_encode_der($source, array('type' => self::TYPE_BOOLEAN) + $mapping, null, $special); + case is_array($source) && count($source) == 1: + $typename = implode('', array_keys($source)); + $outtype = array_search($typename, $this->ANYmap, true); + if ($outtype !== false) { + return $this->_encode_der($source[$typename], array('type' => $outtype) + $mapping, null, $special); + } + } + + $filters = $this->filters; + foreach ($loc as $part) { + if (!isset($filters[$part])) { + $filters = false; + break; + } + $filters = $filters[$part]; + } + if ($filters === false) { + throw new \RuntimeException('No filters defined for ' . implode('/', $loc)); + return false; + } + return $this->_encode_der($source, $filters + $mapping, null, $special); + case self::TYPE_NULL: + $value = ''; + break; + case self::TYPE_NUMERIC_STRING: + case self::TYPE_TELETEX_STRING: + case self::TYPE_PRINTABLE_STRING: + case self::TYPE_UNIVERSAL_STRING: + case self::TYPE_UTF8_STRING: + case self::TYPE_BMP_STRING: + case self::TYPE_IA5_STRING: + case self::TYPE_VISIBLE_STRING: + case self::TYPE_VIDEOTEX_STRING: + case self::TYPE_GRAPHIC_STRING: + case self::TYPE_GENERAL_STRING: + $value = $source; + break; + case self::TYPE_BOOLEAN: + $value = $source ? "\xFF" : "\x00"; + break; + default: + throw new \RuntimeException('Mapping provides no type definition for ' . implode('/', $this->location)); + return false; + } + + if (isset($idx)) { + array_pop($this->location); + } + + if (isset($mapping['cast'])) { + if (isset($mapping['explicit']) || $mapping['type'] == self::TYPE_CHOICE) { + $value = chr($tag) . $this->_encodeLength(strlen($value)) . $value; + $tag = ($mapping['class'] << 6) | 0x20 | $mapping['cast']; + } else { + $tag = ($mapping['class'] << 6) | (ord($temp[0]) & 0x20) | $mapping['cast']; + } + } + + return chr($tag) . $this->_encodeLength(strlen($value)) . $value; + } + + /** + * DER-encode the length + * + * DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See + * {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information. + * + * @access private + * @param int $length + * @return string + */ + function _encodeLength($length) + { + if ($length <= 0x7F) { + return chr($length); + } + + $temp = ltrim(pack('N', $length), chr(0)); + return pack('Ca*', 0x80 | strlen($temp), $temp); + } + + /** + * BER-decode the time + * + * Called by _decode_ber() and in the case of implicit tags asn1map(). + * + * @access private + * @param string $content + * @param int $tag + * @return string + */ + function _decodeTime($content, $tag) + { + /* UTCTime: + http://tools.ietf.org/html/rfc5280#section-4.1.2.5.1 + http://www.obj-sys.com/asn1tutorial/node15.html + + GeneralizedTime: + http://tools.ietf.org/html/rfc5280#section-4.1.2.5.2 + http://www.obj-sys.com/asn1tutorial/node14.html */ + + $pattern = $tag == self::TYPE_UTC_TIME ? + '#(..)(..)(..)(..)(..)(..)(.*)#' : + '#(....)(..)(..)(..)(..)(..).*([Z+-].*)$#'; + + preg_match($pattern, $content, $matches); + + list(, $year, $month, $day, $hour, $minute, $second, $timezone) = $matches; + + if ($tag == self::TYPE_UTC_TIME) { + $year = $year >= 50 ? "19$year" : "20$year"; + } + + if ($timezone == 'Z') { + $mktime = 'gmmktime'; + $timezone = 0; + } elseif (preg_match('#([+-])(\d\d)(\d\d)#', $timezone, $matches)) { + $mktime = 'gmmktime'; + $timezone = 60 * $matches[3] + 3600 * $matches[2]; + if ($matches[1] == '-') { + $timezone = -$timezone; + } + } else { + $mktime = 'mktime'; + $timezone = 0; + } + + return @$mktime($hour, $minute, $second, $month, $day, $year) + $timezone; + } + + /** + * Set the time format + * + * Sets the time / date format for asn1map(). + * + * @access public + * @param string $format + */ + function setTimeFormat($format) + { + $this->format = $format; + } + + /** + * Load OIDs + * + * Load the relevant OIDs for a particular ASN.1 semantic mapping. + * + * @access public + * @param array $oids + */ + function loadOIDs($oids) + { + $this->oids = $oids; + } + + /** + * Load filters + * + * See \phpseclib\File\X509, etc, for an example. + * + * @access public + * @param array $filters + */ + function loadFilters($filters) + { + $this->filters = $filters; + } + + /** + * String Shift + * + * Inspired by array_shift + * + * @param string $string + * @param int $index + * @return string + * @access private + */ + function _string_shift(&$string, $index = 1) + { + $substr = substr($string, 0, $index); + $string = substr($string, $index); + return $substr; + } + + /** + * String type conversion + * + * This is a lazy conversion, dealing only with character size. + * No real conversion table is used. + * + * @param string $in + * @param int $from + * @param int $to + * @return string + * @access public + */ + function convert($in, $from = self::TYPE_UTF8_STRING, $to = self::TYPE_UTF8_STRING) + { + if (!isset($this->stringTypeSize[$from]) || !isset($this->stringTypeSize[$to])) { + return false; + } + $insize = $this->stringTypeSize[$from]; + $outsize = $this->stringTypeSize[$to]; + $inlength = strlen($in); + $out = ''; + + for ($i = 0; $i < $inlength;) { + if ($inlength - $i < $insize) { + return false; + } + + // Get an input character as a 32-bit value. + $c = ord($in[$i++]); + switch (true) { + case $insize == 4: + $c = ($c << 8) | ord($in[$i++]); + $c = ($c << 8) | ord($in[$i++]); + case $insize == 2: + $c = ($c << 8) | ord($in[$i++]); + case $insize == 1: + break; + case ($c & 0x80) == 0x00: + break; + case ($c & 0x40) == 0x00: + return false; + default: + $bit = 6; + do { + if ($bit > 25 || $i >= $inlength || (ord($in[$i]) & 0xC0) != 0x80) { + return false; + } + $c = ($c << 6) | (ord($in[$i++]) & 0x3F); + $bit += 5; + $mask = 1 << $bit; + } while ($c & $bit); + $c &= $mask - 1; + break; + } + + // Convert and append the character to output string. + $v = ''; + switch (true) { + case $outsize == 4: + $v .= chr($c & 0xFF); + $c >>= 8; + $v .= chr($c & 0xFF); + $c >>= 8; + case $outsize == 2: + $v .= chr($c & 0xFF); + $c >>= 8; + case $outsize == 1: + $v .= chr($c & 0xFF); + $c >>= 8; + if ($c) { + return false; + } + break; + case ($c & 0x80000000) != 0: + return false; + case $c >= 0x04000000: + $v .= chr(0x80 | ($c & 0x3F)); + $c = ($c >> 6) | 0x04000000; + case $c >= 0x00200000: + $v .= chr(0x80 | ($c & 0x3F)); + $c = ($c >> 6) | 0x00200000; + case $c >= 0x00010000: + $v .= chr(0x80 | ($c & 0x3F)); + $c = ($c >> 6) | 0x00010000; + case $c >= 0x00000800: + $v .= chr(0x80 | ($c & 0x3F)); + $c = ($c >> 6) | 0x00000800; + case $c >= 0x00000080: + $v .= chr(0x80 | ($c & 0x3F)); + $c = ($c >> 6) | 0x000000C0; + default: + $v .= chr($c); + break; + } + $out .= strrev($v); + } + return $out; + } +} diff --git a/plugins/OStatus/extlib/phpseclib/File/ASN1/Element.php b/plugins/OStatus/extlib/phpseclib/File/ASN1/Element.php new file mode 100644 index 0000000000..68246e2b5c --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/File/ASN1/Element.php @@ -0,0 +1,47 @@ + + * @copyright 2012 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File\ASN1; + +/** + * ASN.1 Element + * + * Bypass normal encoding rules in phpseclib\File\ASN1::encodeDER() + * + * @package ASN1 + * @author Jim Wigginton + * @access public + */ +class Element +{ + /** + * Raw element value + * + * @var string + * @access private + */ + var $element; + + /** + * Constructor + * + * @param string $encoded + * @return \phpseclib\File\ASN1\Element + * @access public + */ + function __construct($encoded) + { + $this->element = $encoded; + } +} diff --git a/plugins/OStatus/extlib/phpseclib/File/X509.php b/plugins/OStatus/extlib/phpseclib/File/X509.php new file mode 100644 index 0000000000..984d1e678b --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/File/X509.php @@ -0,0 +1,4746 @@ + + * @copyright 2012 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\File; + +use ParagonIE\ConstantTime\Base64; +use ParagonIE\ConstantTime\Hex; +use phpseclib\Crypt\Hash; +use phpseclib\Crypt\Random; +use phpseclib\Crypt\RSA; +use phpseclib\Exception\UnsupportedAlgorithmException; +use phpseclib\File\ASN1\Element; +use phpseclib\Math\BigInteger; + +/** + * Pure-PHP X.509 Parser + * + * @package X509 + * @author Jim Wigginton + * @access public + */ +class X509 +{ + /** + * Flag to only accept signatures signed by certificate authorities + * + * Not really used anymore but retained all the same to suppress E_NOTICEs from old installs + * + * @access public + */ + const VALIDATE_SIGNATURE_BY_CA = 1; + + /**#@+ + * @access public + * @see \phpseclib\File\X509::getDN() + */ + /** + * Return internal array representation + */ + const DN_ARRAY = 0; + /** + * Return string + */ + const DN_STRING = 1; + /** + * Return ASN.1 name string + */ + const DN_ASN1 = 2; + /** + * Return OpenSSL compatible array + */ + const DN_OPENSSL = 3; + /** + * Return canonical ASN.1 RDNs string + */ + const DN_CANON = 4; + /** + * Return name hash for file indexing + */ + const DN_HASH = 5; + /**#@-*/ + + /**#@+ + * @access public + * @see \phpseclib\File\X509::saveX509() + * @see \phpseclib\File\X509::saveCSR() + * @see \phpseclib\File\X509::saveCRL() + */ + /** + * Save as PEM + * + * ie. a base64-encoded PEM with a header and a footer + */ + const FORMAT_PEM = 0; + /** + * Save as DER + */ + const FORMAT_DER = 1; + /** + * Save as a SPKAC + * + * Only works on CSRs. Not currently supported. + */ + const FORMAT_SPKAC = 2; + /** + * Auto-detect the format + * + * Used only by the load*() functions + */ + const FORMAT_AUTO_DETECT = 3; + /**#@-*/ + + /** + * Attribute value disposition. + * If disposition is >= 0, this is the index of the target value. + */ + const ATTR_ALL = -1; // All attribute values (array). + const ATTR_APPEND = -2; // Add a value. + const ATTR_REPLACE = -3; // Clear first, then add a value. + + /** + * ASN.1 syntax for X.509 certificates + * + * @var array + * @access private + */ + var $Certificate; + + /**#@+ + * ASN.1 syntax for various extensions + * + * @access private + */ + var $DirectoryString; + var $PKCS9String; + var $AttributeValue; + var $Extensions; + var $KeyUsage; + var $ExtKeyUsageSyntax; + var $BasicConstraints; + var $KeyIdentifier; + var $CRLDistributionPoints; + var $AuthorityKeyIdentifier; + var $CertificatePolicies; + var $AuthorityInfoAccessSyntax; + var $SubjectAltName; + var $SubjectDirectoryAttributes; + var $PrivateKeyUsagePeriod; + var $IssuerAltName; + var $PolicyMappings; + var $NameConstraints; + + var $CPSuri; + var $UserNotice; + + var $netscape_cert_type; + var $netscape_comment; + var $netscape_ca_policy_url; + + var $Name; + var $RelativeDistinguishedName; + var $CRLNumber; + var $CRLReason; + var $IssuingDistributionPoint; + var $InvalidityDate; + var $CertificateIssuer; + var $HoldInstructionCode; + var $SignedPublicKeyAndChallenge; + /**#@-*/ + + /**#@+ + * ASN.1 syntax for various DN attributes + * + * @access private + */ + var $PostalAddress; + /**#@-*/ + + /** + * ASN.1 syntax for Certificate Signing Requests (RFC2986) + * + * @var array + * @access private + */ + var $CertificationRequest; + + /** + * ASN.1 syntax for Certificate Revocation Lists (RFC5280) + * + * @var array + * @access private + */ + var $CertificateList; + + /** + * Distinguished Name + * + * @var array + * @access private + */ + var $dn; + + /** + * Public key + * + * @var string + * @access private + */ + var $publicKey; + + /** + * Private key + * + * @var string + * @access private + */ + var $privateKey; + + /** + * Object identifiers for X.509 certificates + * + * @var array + * @access private + * @link http://en.wikipedia.org/wiki/Object_identifier + */ + var $oids; + + /** + * The certificate authorities + * + * @var array + * @access private + */ + var $CAs; + + /** + * The currently loaded certificate + * + * @var array + * @access private + */ + var $currentCert; + + /** + * The signature subject + * + * There's no guarantee \phpseclib\File\X509 is going to reencode an X.509 cert in the same way it was originally + * encoded so we take save the portion of the original cert that the signature would have made for. + * + * @var string + * @access private + */ + var $signatureSubject; + + /** + * Certificate Start Date + * + * @var string + * @access private + */ + var $startDate; + + /** + * Certificate End Date + * + * @var string + * @access private + */ + var $endDate; + + /** + * Serial Number + * + * @var string + * @access private + */ + var $serialNumber; + + /** + * Key Identifier + * + * See {@link http://tools.ietf.org/html/rfc5280#section-4.2.1.1 RFC5280#section-4.2.1.1} and + * {@link http://tools.ietf.org/html/rfc5280#section-4.2.1.2 RFC5280#section-4.2.1.2}. + * + * @var string + * @access private + */ + var $currentKeyIdentifier; + + /** + * CA Flag + * + * @var bool + * @access private + */ + var $caFlag = false; + + /** + * SPKAC Challenge + * + * @var string + * @access private + */ + var $challenge; + + /** + * Default Constructor. + * + * @return \phpseclib\File\X509 + * @access public + */ + function __construct() + { + // Explicitly Tagged Module, 1988 Syntax + // http://tools.ietf.org/html/rfc5280#appendix-A.1 + + $this->DirectoryString = array( + 'type' => ASN1::TYPE_CHOICE, + 'children' => array( + 'teletexString' => array('type' => ASN1::TYPE_TELETEX_STRING), + 'printableString' => array('type' => ASN1::TYPE_PRINTABLE_STRING), + 'universalString' => array('type' => ASN1::TYPE_UNIVERSAL_STRING), + 'utf8String' => array('type' => ASN1::TYPE_UTF8_STRING), + 'bmpString' => array('type' => ASN1::TYPE_BMP_STRING) + ) + ); + + $this->PKCS9String = array( + 'type' => ASN1::TYPE_CHOICE, + 'children' => array( + 'ia5String' => array('type' => ASN1::TYPE_IA5_STRING), + 'directoryString' => $this->DirectoryString + ) + ); + + $this->AttributeValue = array('type' => ASN1::TYPE_ANY); + + $AttributeType = array('type' => ASN1::TYPE_OBJECT_IDENTIFIER); + + $AttributeTypeAndValue = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'type' => $AttributeType, + 'value'=> $this->AttributeValue + ) + ); + + /* + In practice, RDNs containing multiple name-value pairs (called "multivalued RDNs") are rare, + but they can be useful at times when either there is no unique attribute in the entry or you + want to ensure that the entry's DN contains some useful identifying information. + + - https://www.opends.org/wiki/page/DefinitionRelativeDistinguishedName + */ + $this->RelativeDistinguishedName = array( + 'type' => ASN1::TYPE_SET, + 'min' => 1, + 'max' => -1, + 'children' => $AttributeTypeAndValue + ); + + // http://tools.ietf.org/html/rfc5280#section-4.1.2.4 + $RDNSequence = array( + 'type' => ASN1::TYPE_SEQUENCE, + // RDNSequence does not define a min or a max, which means it doesn't have one + 'min' => 0, + 'max' => -1, + 'children' => $this->RelativeDistinguishedName + ); + + $this->Name = array( + 'type' => ASN1::TYPE_CHOICE, + 'children' => array( + 'rdnSequence' => $RDNSequence + ) + ); + + // http://tools.ietf.org/html/rfc5280#section-4.1.1.2 + $AlgorithmIdentifier = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'algorithm' => array('type' => ASN1::TYPE_OBJECT_IDENTIFIER), + 'parameters' => array( + 'type' => ASN1::TYPE_ANY, + 'optional' => true + ) + ) + ); + + /* + A certificate using system MUST reject the certificate if it encounters + a critical extension it does not recognize; however, a non-critical + extension may be ignored if it is not recognized. + + http://tools.ietf.org/html/rfc5280#section-4.2 + */ + $Extension = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'extnId' => array('type' => ASN1::TYPE_OBJECT_IDENTIFIER), + 'critical' => array( + 'type' => ASN1::TYPE_BOOLEAN, + 'optional' => true, + 'default' => false + ), + 'extnValue' => array('type' => ASN1::TYPE_OCTET_STRING) + ) + ); + + $this->Extensions = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + // technically, it's MAX, but we'll assume anything < 0 is MAX + 'max' => -1, + // if 'children' isn't an array then 'min' and 'max' must be defined + 'children' => $Extension + ); + + $SubjectPublicKeyInfo = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'algorithm' => $AlgorithmIdentifier, + 'subjectPublicKey' => array('type' => ASN1::TYPE_BIT_STRING) + ) + ); + + $UniqueIdentifier = array('type' => ASN1::TYPE_BIT_STRING); + + $Time = array( + 'type' => ASN1::TYPE_CHOICE, + 'children' => array( + 'utcTime' => array('type' => ASN1::TYPE_UTC_TIME), + 'generalTime' => array('type' => ASN1::TYPE_GENERALIZED_TIME) + ) + ); + + // http://tools.ietf.org/html/rfc5280#section-4.1.2.5 + $Validity = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'notBefore' => $Time, + 'notAfter' => $Time + ) + ); + + $CertificateSerialNumber = array('type' => ASN1::TYPE_INTEGER); + + $Version = array( + 'type' => ASN1::TYPE_INTEGER, + 'mapping' => array('v1', 'v2', 'v3') + ); + + // assert($TBSCertificate['children']['signature'] == $Certificate['children']['signatureAlgorithm']) + $TBSCertificate = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + // technically, default implies optional, but we'll define it as being optional, none-the-less, just to + // reenforce that fact + 'version' => array( + 'constant' => 0, + 'optional' => true, + 'explicit' => true, + 'default' => 'v1' + ) + $Version, + 'serialNumber' => $CertificateSerialNumber, + 'signature' => $AlgorithmIdentifier, + 'issuer' => $this->Name, + 'validity' => $Validity, + 'subject' => $this->Name, + 'subjectPublicKeyInfo' => $SubjectPublicKeyInfo, + // implicit means that the T in the TLV structure is to be rewritten, regardless of the type + 'issuerUniqueID' => array( + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ) + $UniqueIdentifier, + 'subjectUniqueID' => array( + 'constant' => 2, + 'optional' => true, + 'implicit' => true + ) + $UniqueIdentifier, + // doesn't use the EXPLICIT keyword but if + // it's not IMPLICIT, it's EXPLICIT + 'extensions' => array( + 'constant' => 3, + 'optional' => true, + 'explicit' => true + ) + $this->Extensions + ) + ); + + $this->Certificate = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'tbsCertificate' => $TBSCertificate, + 'signatureAlgorithm' => $AlgorithmIdentifier, + 'signature' => array('type' => ASN1::TYPE_BIT_STRING) + ) + ); + + $this->KeyUsage = array( + 'type' => ASN1::TYPE_BIT_STRING, + 'mapping' => array( + 'digitalSignature', + 'nonRepudiation', + 'keyEncipherment', + 'dataEncipherment', + 'keyAgreement', + 'keyCertSign', + 'cRLSign', + 'encipherOnly', + 'decipherOnly' + ) + ); + + $this->BasicConstraints = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'cA' => array( + 'type' => ASN1::TYPE_BOOLEAN, + 'optional' => true, + 'default' => false + ), + 'pathLenConstraint' => array( + 'type' => ASN1::TYPE_INTEGER, + 'optional' => true + ) + ) + ); + + $this->KeyIdentifier = array('type' => ASN1::TYPE_OCTET_STRING); + + $OrganizationalUnitNames = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => 4, // ub-organizational-units + 'children' => array('type' => ASN1::TYPE_PRINTABLE_STRING) + ); + + $PersonalName = array( + 'type' => ASN1::TYPE_SET, + 'children' => array( + 'surname' => array( + 'type' => ASN1::TYPE_PRINTABLE_STRING, + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ), + 'given-name' => array( + 'type' => ASN1::TYPE_PRINTABLE_STRING, + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ), + 'initials' => array( + 'type' => ASN1::TYPE_PRINTABLE_STRING, + 'constant' => 2, + 'optional' => true, + 'implicit' => true + ), + 'generation-qualifier' => array( + 'type' => ASN1::TYPE_PRINTABLE_STRING, + 'constant' => 3, + 'optional' => true, + 'implicit' => true + ) + ) + ); + + $NumericUserIdentifier = array('type' => ASN1::TYPE_NUMERIC_STRING); + + $OrganizationName = array('type' => ASN1::TYPE_PRINTABLE_STRING); + + $PrivateDomainName = array( + 'type' => ASN1::TYPE_CHOICE, + 'children' => array( + 'numeric' => array('type' => ASN1::TYPE_NUMERIC_STRING), + 'printable' => array('type' => ASN1::TYPE_PRINTABLE_STRING) + ) + ); + + $TerminalIdentifier = array('type' => ASN1::TYPE_PRINTABLE_STRING); + + $NetworkAddress = array('type' => ASN1::TYPE_NUMERIC_STRING); + + $AdministrationDomainName = array( + 'type' => ASN1::TYPE_CHOICE, + // if class isn't present it's assumed to be \phpseclib\File\ASN1::CLASS_UNIVERSAL or + // (if constant is present) \phpseclib\File\ASN1::CLASS_CONTEXT_SPECIFIC + 'class' => ASN1::CLASS_APPLICATION, + 'cast' => 2, + 'children' => array( + 'numeric' => array('type' => ASN1::TYPE_NUMERIC_STRING), + 'printable' => array('type' => ASN1::TYPE_PRINTABLE_STRING) + ) + ); + + $CountryName = array( + 'type' => ASN1::TYPE_CHOICE, + // if class isn't present it's assumed to be \phpseclib\File\ASN1::CLASS_UNIVERSAL or + // (if constant is present) \phpseclib\File\ASN1::CLASS_CONTEXT_SPECIFIC + 'class' => ASN1::CLASS_APPLICATION, + 'cast' => 1, + 'children' => array( + 'x121-dcc-code' => array('type' => ASN1::TYPE_NUMERIC_STRING), + 'iso-3166-alpha2-code' => array('type' => ASN1::TYPE_PRINTABLE_STRING) + ) + ); + + $AnotherName = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'type-id' => array('type' => ASN1::TYPE_OBJECT_IDENTIFIER), + 'value' => array( + 'type' => ASN1::TYPE_ANY, + 'constant' => 0, + 'optional' => true, + 'explicit' => true + ) + ) + ); + + $ExtensionAttribute = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'extension-attribute-type' => array( + 'type' => ASN1::TYPE_PRINTABLE_STRING, + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ), + 'extension-attribute-value' => array( + 'type' => ASN1::TYPE_ANY, + 'constant' => 1, + 'optional' => true, + 'explicit' => true + ) + ) + ); + + $ExtensionAttributes = array( + 'type' => ASN1::TYPE_SET, + 'min' => 1, + 'max' => 256, // ub-extension-attributes + 'children' => $ExtensionAttribute + ); + + $BuiltInDomainDefinedAttribute = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'type' => array('type' => ASN1::TYPE_PRINTABLE_STRING), + 'value' => array('type' => ASN1::TYPE_PRINTABLE_STRING) + ) + ); + + $BuiltInDomainDefinedAttributes = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => 4, // ub-domain-defined-attributes + 'children' => $BuiltInDomainDefinedAttribute + ); + + $BuiltInStandardAttributes = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'country-name' => array('optional' => true) + $CountryName, + 'administration-domain-name' => array('optional' => true) + $AdministrationDomainName, + 'network-address' => array( + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ) + $NetworkAddress, + 'terminal-identifier' => array( + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ) + $TerminalIdentifier, + 'private-domain-name' => array( + 'constant' => 2, + 'optional' => true, + 'explicit' => true + ) + $PrivateDomainName, + 'organization-name' => array( + 'constant' => 3, + 'optional' => true, + 'implicit' => true + ) + $OrganizationName, + 'numeric-user-identifier' => array( + 'constant' => 4, + 'optional' => true, + 'implicit' => true + ) + $NumericUserIdentifier, + 'personal-name' => array( + 'constant' => 5, + 'optional' => true, + 'implicit' => true + ) + $PersonalName, + 'organizational-unit-names' => array( + 'constant' => 6, + 'optional' => true, + 'implicit' => true + ) + $OrganizationalUnitNames + ) + ); + + $ORAddress = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'built-in-standard-attributes' => $BuiltInStandardAttributes, + 'built-in-domain-defined-attributes' => array('optional' => true) + $BuiltInDomainDefinedAttributes, + 'extension-attributes' => array('optional' => true) + $ExtensionAttributes + ) + ); + + $EDIPartyName = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'nameAssigner' => array( + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ) + $this->DirectoryString, + // partyName is technically required but \phpseclib\File\ASN1 doesn't currently support non-optional constants and + // setting it to optional gets the job done in any event. + 'partyName' => array( + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ) + $this->DirectoryString + ) + ); + + $GeneralName = array( + 'type' => ASN1::TYPE_CHOICE, + 'children' => array( + 'otherName' => array( + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ) + $AnotherName, + 'rfc822Name' => array( + 'type' => ASN1::TYPE_IA5_STRING, + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ), + 'dNSName' => array( + 'type' => ASN1::TYPE_IA5_STRING, + 'constant' => 2, + 'optional' => true, + 'implicit' => true + ), + 'x400Address' => array( + 'constant' => 3, + 'optional' => true, + 'implicit' => true + ) + $ORAddress, + 'directoryName' => array( + 'constant' => 4, + 'optional' => true, + 'explicit' => true + ) + $this->Name, + 'ediPartyName' => array( + 'constant' => 5, + 'optional' => true, + 'implicit' => true + ) + $EDIPartyName, + 'uniformResourceIdentifier' => array( + 'type' => ASN1::TYPE_IA5_STRING, + 'constant' => 6, + 'optional' => true, + 'implicit' => true + ), + 'iPAddress' => array( + 'type' => ASN1::TYPE_OCTET_STRING, + 'constant' => 7, + 'optional' => true, + 'implicit' => true + ), + 'registeredID' => array( + 'type' => ASN1::TYPE_OBJECT_IDENTIFIER, + 'constant' => 8, + 'optional' => true, + 'implicit' => true + ) + ) + ); + + $GeneralNames = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => $GeneralName + ); + + $this->IssuerAltName = $GeneralNames; + + $ReasonFlags = array( + 'type' => ASN1::TYPE_BIT_STRING, + 'mapping' => array( + 'unused', + 'keyCompromise', + 'cACompromise', + 'affiliationChanged', + 'superseded', + 'cessationOfOperation', + 'certificateHold', + 'privilegeWithdrawn', + 'aACompromise' + ) + ); + + $DistributionPointName = array( + 'type' => ASN1::TYPE_CHOICE, + 'children' => array( + 'fullName' => array( + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ) + $GeneralNames, + 'nameRelativeToCRLIssuer' => array( + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ) + $this->RelativeDistinguishedName + ) + ); + + $DistributionPoint = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'distributionPoint' => array( + 'constant' => 0, + 'optional' => true, + 'explicit' => true + ) + $DistributionPointName, + 'reasons' => array( + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ) + $ReasonFlags, + 'cRLIssuer' => array( + 'constant' => 2, + 'optional' => true, + 'implicit' => true + ) + $GeneralNames + ) + ); + + $this->CRLDistributionPoints = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => $DistributionPoint + ); + + $this->AuthorityKeyIdentifier = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'keyIdentifier' => array( + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ) + $this->KeyIdentifier, + 'authorityCertIssuer' => array( + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ) + $GeneralNames, + 'authorityCertSerialNumber' => array( + 'constant' => 2, + 'optional' => true, + 'implicit' => true + ) + $CertificateSerialNumber + ) + ); + + $PolicyQualifierId = array('type' => ASN1::TYPE_OBJECT_IDENTIFIER); + + $PolicyQualifierInfo = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'policyQualifierId' => $PolicyQualifierId, + 'qualifier' => array('type' => ASN1::TYPE_ANY) + ) + ); + + $CertPolicyId = array('type' => ASN1::TYPE_OBJECT_IDENTIFIER); + + $PolicyInformation = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'policyIdentifier' => $CertPolicyId, + 'policyQualifiers' => array( + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 0, + 'max' => -1, + 'optional' => true, + 'children' => $PolicyQualifierInfo + ) + ) + ); + + $this->CertificatePolicies = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => $PolicyInformation + ); + + $this->PolicyMappings = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'issuerDomainPolicy' => $CertPolicyId, + 'subjectDomainPolicy' => $CertPolicyId + ) + ) + ); + + $KeyPurposeId = array('type' => ASN1::TYPE_OBJECT_IDENTIFIER); + + $this->ExtKeyUsageSyntax = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => $KeyPurposeId + ); + + $AccessDescription = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'accessMethod' => array('type' => ASN1::TYPE_OBJECT_IDENTIFIER), + 'accessLocation' => $GeneralName + ) + ); + + $this->AuthorityInfoAccessSyntax = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => $AccessDescription + ); + + $this->SubjectAltName = $GeneralNames; + + $this->PrivateKeyUsagePeriod = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'notBefore' => array( + 'constant' => 0, + 'optional' => true, + 'implicit' => true, + 'type' => ASN1::TYPE_GENERALIZED_TIME), + 'notAfter' => array( + 'constant' => 1, + 'optional' => true, + 'implicit' => true, + 'type' => ASN1::TYPE_GENERALIZED_TIME) + ) + ); + + $BaseDistance = array('type' => ASN1::TYPE_INTEGER); + + $GeneralSubtree = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'base' => $GeneralName, + 'minimum' => array( + 'constant' => 0, + 'optional' => true, + 'implicit' => true, + 'default' => new BigInteger(0) + ) + $BaseDistance, + 'maximum' => array( + 'constant' => 1, + 'optional' => true, + 'implicit' => true, + ) + $BaseDistance + ) + ); + + $GeneralSubtrees = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => $GeneralSubtree + ); + + $this->NameConstraints = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'permittedSubtrees' => array( + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ) + $GeneralSubtrees, + 'excludedSubtrees' => array( + 'constant' => 1, + 'optional' => true, + 'implicit' => true + ) + $GeneralSubtrees + ) + ); + + $this->CPSuri = array('type' => ASN1::TYPE_IA5_STRING); + + $DisplayText = array( + 'type' => ASN1::TYPE_CHOICE, + 'children' => array( + 'ia5String' => array('type' => ASN1::TYPE_IA5_STRING), + 'visibleString' => array('type' => ASN1::TYPE_VISIBLE_STRING), + 'bmpString' => array('type' => ASN1::TYPE_BMP_STRING), + 'utf8String' => array('type' => ASN1::TYPE_UTF8_STRING) + ) + ); + + $NoticeReference = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'organization' => $DisplayText, + 'noticeNumbers' => array( + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => 200, + 'children' => array('type' => ASN1::TYPE_INTEGER) + ) + ) + ); + + $this->UserNotice = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'noticeRef' => array( + 'optional' => true, + 'implicit' => true + ) + $NoticeReference, + 'explicitText' => array( + 'optional' => true, + 'implicit' => true + ) + $DisplayText + ) + ); + + // mapping is from + $this->netscape_cert_type = array( + 'type' => ASN1::TYPE_BIT_STRING, + 'mapping' => array( + 'SSLClient', + 'SSLServer', + 'Email', + 'ObjectSigning', + 'Reserved', + 'SSLCA', + 'EmailCA', + 'ObjectSigningCA' + ) + ); + + $this->netscape_comment = array('type' => ASN1::TYPE_IA5_STRING); + $this->netscape_ca_policy_url = array('type' => ASN1::TYPE_IA5_STRING); + + // attribute is used in RFC2986 but we're using the RFC5280 definition + + $Attribute = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'type' => $AttributeType, + 'value'=> array( + 'type' => ASN1::TYPE_SET, + 'min' => 1, + 'max' => -1, + 'children' => $this->AttributeValue + ) + ) + ); + + $this->SubjectDirectoryAttributes = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'min' => 1, + 'max' => -1, + 'children' => $Attribute + ); + + // adapted from + + $Attributes = array( + 'type' => ASN1::TYPE_SET, + 'min' => 1, + 'max' => -1, + 'children' => $Attribute + ); + + $CertificationRequestInfo = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'version' => array( + 'type' => ASN1::TYPE_INTEGER, + 'mapping' => array('v1') + ), + 'subject' => $this->Name, + 'subjectPKInfo' => $SubjectPublicKeyInfo, + 'attributes' => array( + 'constant' => 0, + 'optional' => true, + 'implicit' => true + ) + $Attributes, + ) + ); + + $this->CertificationRequest = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'certificationRequestInfo' => $CertificationRequestInfo, + 'signatureAlgorithm' => $AlgorithmIdentifier, + 'signature' => array('type' => ASN1::TYPE_BIT_STRING) + ) + ); + + $RevokedCertificate = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'userCertificate' => $CertificateSerialNumber, + 'revocationDate' => $Time, + 'crlEntryExtensions' => array( + 'optional' => true + ) + $this->Extensions + ) + ); + + $TBSCertList = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'version' => array( + 'optional' => true, + 'default' => 'v1' + ) + $Version, + 'signature' => $AlgorithmIdentifier, + 'issuer' => $this->Name, + 'thisUpdate' => $Time, + 'nextUpdate' => array( + 'optional' => true + ) + $Time, + 'revokedCertificates' => array( + 'type' => ASN1::TYPE_SEQUENCE, + 'optional' => true, + 'min' => 0, + 'max' => -1, + 'children' => $RevokedCertificate + ), + 'crlExtensions' => array( + 'constant' => 0, + 'optional' => true, + 'explicit' => true + ) + $this->Extensions + ) + ); + + $this->CertificateList = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'tbsCertList' => $TBSCertList, + 'signatureAlgorithm' => $AlgorithmIdentifier, + 'signature' => array('type' => ASN1::TYPE_BIT_STRING) + ) + ); + + $this->CRLNumber = array('type' => ASN1::TYPE_INTEGER); + + $this->CRLReason = array('type' => ASN1::TYPE_ENUMERATED, + 'mapping' => array( + 'unspecified', + 'keyCompromise', + 'cACompromise', + 'affiliationChanged', + 'superseded', + 'cessationOfOperation', + 'certificateHold', + // Value 7 is not used. + 8 => 'removeFromCRL', + 'privilegeWithdrawn', + 'aACompromise' + ) + ); + + $this->IssuingDistributionPoint = array('type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'distributionPoint' => array( + 'constant' => 0, + 'optional' => true, + 'explicit' => true + ) + $DistributionPointName, + 'onlyContainsUserCerts' => array( + 'type' => ASN1::TYPE_BOOLEAN, + 'constant' => 1, + 'optional' => true, + 'default' => false, + 'implicit' => true + ), + 'onlyContainsCACerts' => array( + 'type' => ASN1::TYPE_BOOLEAN, + 'constant' => 2, + 'optional' => true, + 'default' => false, + 'implicit' => true + ), + 'onlySomeReasons' => array( + 'constant' => 3, + 'optional' => true, + 'implicit' => true + ) + $ReasonFlags, + 'indirectCRL' => array( + 'type' => ASN1::TYPE_BOOLEAN, + 'constant' => 4, + 'optional' => true, + 'default' => false, + 'implicit' => true + ), + 'onlyContainsAttributeCerts' => array( + 'type' => ASN1::TYPE_BOOLEAN, + 'constant' => 5, + 'optional' => true, + 'default' => false, + 'implicit' => true + ) + ) + ); + + $this->InvalidityDate = array('type' => ASN1::TYPE_GENERALIZED_TIME); + + $this->CertificateIssuer = $GeneralNames; + + $this->HoldInstructionCode = array('type' => ASN1::TYPE_OBJECT_IDENTIFIER); + + $PublicKeyAndChallenge = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'spki' => $SubjectPublicKeyInfo, + 'challenge' => array('type' => ASN1::TYPE_IA5_STRING) + ) + ); + + $this->SignedPublicKeyAndChallenge = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'children' => array( + 'publicKeyAndChallenge' => $PublicKeyAndChallenge, + 'signatureAlgorithm' => $AlgorithmIdentifier, + 'signature' => array('type' => ASN1::TYPE_BIT_STRING) + ) + ); + + $this->PostalAddress = array( + 'type' => ASN1::TYPE_SEQUENCE, + 'optional' => true, + 'min' => 1, + 'max' => -1, + 'children' => $this->DirectoryString + ); + + // OIDs from RFC5280 and those RFCs mentioned in RFC5280#section-4.1.1.2 + $this->oids = array( + '1.3.6.1.5.5.7' => 'id-pkix', + '1.3.6.1.5.5.7.1' => 'id-pe', + '1.3.6.1.5.5.7.2' => 'id-qt', + '1.3.6.1.5.5.7.3' => 'id-kp', + '1.3.6.1.5.5.7.48' => 'id-ad', + '1.3.6.1.5.5.7.2.1' => 'id-qt-cps', + '1.3.6.1.5.5.7.2.2' => 'id-qt-unotice', + '1.3.6.1.5.5.7.48.1' =>'id-ad-ocsp', + '1.3.6.1.5.5.7.48.2' => 'id-ad-caIssuers', + '1.3.6.1.5.5.7.48.3' => 'id-ad-timeStamping', + '1.3.6.1.5.5.7.48.5' => 'id-ad-caRepository', + '2.5.4' => 'id-at', + '2.5.4.41' => 'id-at-name', + '2.5.4.4' => 'id-at-surname', + '2.5.4.42' => 'id-at-givenName', + '2.5.4.43' => 'id-at-initials', + '2.5.4.44' => 'id-at-generationQualifier', + '2.5.4.3' => 'id-at-commonName', + '2.5.4.7' => 'id-at-localityName', + '2.5.4.8' => 'id-at-stateOrProvinceName', + '2.5.4.10' => 'id-at-organizationName', + '2.5.4.11' => 'id-at-organizationalUnitName', + '2.5.4.12' => 'id-at-title', + '2.5.4.13' => 'id-at-description', + '2.5.4.46' => 'id-at-dnQualifier', + '2.5.4.6' => 'id-at-countryName', + '2.5.4.5' => 'id-at-serialNumber', + '2.5.4.65' => 'id-at-pseudonym', + '2.5.4.17' => 'id-at-postalCode', + '2.5.4.9' => 'id-at-streetAddress', + '2.5.4.45' => 'id-at-uniqueIdentifier', + '2.5.4.72' => 'id-at-role', + '2.5.4.16' => 'id-at-postalAddress', + + '0.9.2342.19200300.100.1.25' => 'id-domainComponent', + '1.2.840.113549.1.9' => 'pkcs-9', + '1.2.840.113549.1.9.1' => 'pkcs-9-at-emailAddress', + '2.5.29' => 'id-ce', + '2.5.29.35' => 'id-ce-authorityKeyIdentifier', + '2.5.29.14' => 'id-ce-subjectKeyIdentifier', + '2.5.29.15' => 'id-ce-keyUsage', + '2.5.29.16' => 'id-ce-privateKeyUsagePeriod', + '2.5.29.32' => 'id-ce-certificatePolicies', + '2.5.29.32.0' => 'anyPolicy', + + '2.5.29.33' => 'id-ce-policyMappings', + '2.5.29.17' => 'id-ce-subjectAltName', + '2.5.29.18' => 'id-ce-issuerAltName', + '2.5.29.9' => 'id-ce-subjectDirectoryAttributes', + '2.5.29.19' => 'id-ce-basicConstraints', + '2.5.29.30' => 'id-ce-nameConstraints', + '2.5.29.36' => 'id-ce-policyConstraints', + '2.5.29.31' => 'id-ce-cRLDistributionPoints', + '2.5.29.37' => 'id-ce-extKeyUsage', + '2.5.29.37.0' => 'anyExtendedKeyUsage', + '1.3.6.1.5.5.7.3.1' => 'id-kp-serverAuth', + '1.3.6.1.5.5.7.3.2' => 'id-kp-clientAuth', + '1.3.6.1.5.5.7.3.3' => 'id-kp-codeSigning', + '1.3.6.1.5.5.7.3.4' => 'id-kp-emailProtection', + '1.3.6.1.5.5.7.3.8' => 'id-kp-timeStamping', + '1.3.6.1.5.5.7.3.9' => 'id-kp-OCSPSigning', + '2.5.29.54' => 'id-ce-inhibitAnyPolicy', + '2.5.29.46' => 'id-ce-freshestCRL', + '1.3.6.1.5.5.7.1.1' => 'id-pe-authorityInfoAccess', + '1.3.6.1.5.5.7.1.11' => 'id-pe-subjectInfoAccess', + '2.5.29.20' => 'id-ce-cRLNumber', + '2.5.29.28' => 'id-ce-issuingDistributionPoint', + '2.5.29.27' => 'id-ce-deltaCRLIndicator', + '2.5.29.21' => 'id-ce-cRLReasons', + '2.5.29.29' => 'id-ce-certificateIssuer', + '2.5.29.23' => 'id-ce-holdInstructionCode', + '1.2.840.10040.2' => 'holdInstruction', + '1.2.840.10040.2.1' => 'id-holdinstruction-none', + '1.2.840.10040.2.2' => 'id-holdinstruction-callissuer', + '1.2.840.10040.2.3' => 'id-holdinstruction-reject', + '2.5.29.24' => 'id-ce-invalidityDate', + + '1.2.840.113549.2.2' => 'md2', + '1.2.840.113549.2.5' => 'md5', + '1.3.14.3.2.26' => 'id-sha1', + '1.2.840.10040.4.1' => 'id-dsa', + '1.2.840.10040.4.3' => 'id-dsa-with-sha1', + '1.2.840.113549.1.1' => 'pkcs-1', + '1.2.840.113549.1.1.1' => 'rsaEncryption', + '1.2.840.113549.1.1.2' => 'md2WithRSAEncryption', + '1.2.840.113549.1.1.4' => 'md5WithRSAEncryption', + '1.2.840.113549.1.1.5' => 'sha1WithRSAEncryption', + '1.2.840.10046.2.1' => 'dhpublicnumber', + '2.16.840.1.101.2.1.1.22' => 'id-keyExchangeAlgorithm', + '1.2.840.10045' => 'ansi-X9-62', + '1.2.840.10045.4' => 'id-ecSigType', + '1.2.840.10045.4.1' => 'ecdsa-with-SHA1', + '1.2.840.10045.1' => 'id-fieldType', + '1.2.840.10045.1.1' => 'prime-field', + '1.2.840.10045.1.2' => 'characteristic-two-field', + '1.2.840.10045.1.2.3' => 'id-characteristic-two-basis', + '1.2.840.10045.1.2.3.1' => 'gnBasis', + '1.2.840.10045.1.2.3.2' => 'tpBasis', + '1.2.840.10045.1.2.3.3' => 'ppBasis', + '1.2.840.10045.2' => 'id-publicKeyType', + '1.2.840.10045.2.1' => 'id-ecPublicKey', + '1.2.840.10045.3' => 'ellipticCurve', + '1.2.840.10045.3.0' => 'c-TwoCurve', + '1.2.840.10045.3.0.1' => 'c2pnb163v1', + '1.2.840.10045.3.0.2' => 'c2pnb163v2', + '1.2.840.10045.3.0.3' => 'c2pnb163v3', + '1.2.840.10045.3.0.4' => 'c2pnb176w1', + '1.2.840.10045.3.0.5' => 'c2pnb191v1', + '1.2.840.10045.3.0.6' => 'c2pnb191v2', + '1.2.840.10045.3.0.7' => 'c2pnb191v3', + '1.2.840.10045.3.0.8' => 'c2pnb191v4', + '1.2.840.10045.3.0.9' => 'c2pnb191v5', + '1.2.840.10045.3.0.10' => 'c2pnb208w1', + '1.2.840.10045.3.0.11' => 'c2pnb239v1', + '1.2.840.10045.3.0.12' => 'c2pnb239v2', + '1.2.840.10045.3.0.13' => 'c2pnb239v3', + '1.2.840.10045.3.0.14' => 'c2pnb239v4', + '1.2.840.10045.3.0.15' => 'c2pnb239v5', + '1.2.840.10045.3.0.16' => 'c2pnb272w1', + '1.2.840.10045.3.0.17' => 'c2pnb304w1', + '1.2.840.10045.3.0.18' => 'c2pnb359v1', + '1.2.840.10045.3.0.19' => 'c2pnb368w1', + '1.2.840.10045.3.0.20' => 'c2pnb431r1', + '1.2.840.10045.3.1' => 'primeCurve', + '1.2.840.10045.3.1.1' => 'prime192v1', + '1.2.840.10045.3.1.2' => 'prime192v2', + '1.2.840.10045.3.1.3' => 'prime192v3', + '1.2.840.10045.3.1.4' => 'prime239v1', + '1.2.840.10045.3.1.5' => 'prime239v2', + '1.2.840.10045.3.1.6' => 'prime239v3', + '1.2.840.10045.3.1.7' => 'prime256v1', + '1.2.840.113549.1.1.7' => 'id-RSAES-OAEP', + '1.2.840.113549.1.1.9' => 'id-pSpecified', + '1.2.840.113549.1.1.10' => 'id-RSASSA-PSS', + '1.2.840.113549.1.1.8' => 'id-mgf1', + '1.2.840.113549.1.1.14' => 'sha224WithRSAEncryption', + '1.2.840.113549.1.1.11' => 'sha256WithRSAEncryption', + '1.2.840.113549.1.1.12' => 'sha384WithRSAEncryption', + '1.2.840.113549.1.1.13' => 'sha512WithRSAEncryption', + '2.16.840.1.101.3.4.2.4' => 'id-sha224', + '2.16.840.1.101.3.4.2.1' => 'id-sha256', + '2.16.840.1.101.3.4.2.2' => 'id-sha384', + '2.16.840.1.101.3.4.2.3' => 'id-sha512', + '1.2.643.2.2.4' => 'id-GostR3411-94-with-GostR3410-94', + '1.2.643.2.2.3' => 'id-GostR3411-94-with-GostR3410-2001', + '1.2.643.2.2.20' => 'id-GostR3410-2001', + '1.2.643.2.2.19' => 'id-GostR3410-94', + // Netscape Object Identifiers from "Netscape Certificate Extensions" + '2.16.840.1.113730' => 'netscape', + '2.16.840.1.113730.1' => 'netscape-cert-extension', + '2.16.840.1.113730.1.1' => 'netscape-cert-type', + '2.16.840.1.113730.1.13' => 'netscape-comment', + '2.16.840.1.113730.1.8' => 'netscape-ca-policy-url', + // the following are X.509 extensions not supported by phpseclib + '1.3.6.1.5.5.7.1.12' => 'id-pe-logotype', + '1.2.840.113533.7.65.0' => 'entrustVersInfo', + '2.16.840.1.113733.1.6.9' => 'verisignPrivate', + // for Certificate Signing Requests + // see http://tools.ietf.org/html/rfc2985 + '1.2.840.113549.1.9.2' => 'pkcs-9-at-unstructuredName', // PKCS #9 unstructured name + '1.2.840.113549.1.9.7' => 'pkcs-9-at-challengePassword', // Challenge password for certificate revocations + '1.2.840.113549.1.9.14' => 'pkcs-9-at-extensionRequest' // Certificate extension request + ); + } + + /** + * Load X.509 certificate + * + * Returns an associative array describing the X.509 cert or a false if the cert failed to load + * + * @param string $cert + * @param int $mode + * @access public + * @return mixed + */ + function loadX509($cert, $mode = self::FORMAT_AUTO_DETECT) + { + if (is_array($cert) && isset($cert['tbsCertificate'])) { + unset($this->currentCert); + unset($this->currentKeyIdentifier); + $this->dn = $cert['tbsCertificate']['subject']; + if (!isset($this->dn)) { + return false; + } + $this->currentCert = $cert; + + $currentKeyIdentifier = $this->getExtension('id-ce-subjectKeyIdentifier'); + $this->currentKeyIdentifier = is_string($currentKeyIdentifier) ? $currentKeyIdentifier : null; + + unset($this->signatureSubject); + + return $cert; + } + + $asn1 = new ASN1(); + + if ($mode != self::FORMAT_DER) { + $newcert = $this->_extractBER($cert); + if ($mode == self::FORMAT_PEM && $cert == $newcert) { + return false; + } + $cert = $newcert; + } + + if ($cert === false) { + $this->currentCert = false; + return false; + } + + $asn1->loadOIDs($this->oids); + $decoded = $asn1->decodeBER($cert); + + if (!empty($decoded)) { + $x509 = $asn1->asn1map($decoded[0], $this->Certificate); + } + if (!isset($x509) || $x509 === false) { + $this->currentCert = false; + return false; + } + + $this->signatureSubject = substr($cert, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']); + + $this->_mapInExtensions($x509, 'tbsCertificate/extensions', $asn1); + $this->_mapInDNs($x509, 'tbsCertificate/issuer/rdnSequence', $asn1); + $this->_mapInDNs($x509, 'tbsCertificate/subject/rdnSequence', $asn1); + + $key = &$x509['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']; + $key = $this->_reformatKey($x509['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'], $key); + + $this->currentCert = $x509; + $this->dn = $x509['tbsCertificate']['subject']; + + $currentKeyIdentifier = $this->getExtension('id-ce-subjectKeyIdentifier'); + $this->currentKeyIdentifier = is_string($currentKeyIdentifier) ? $currentKeyIdentifier : null; + + return $x509; + } + + /** + * Save X.509 certificate + * + * @param array $cert + * @param int $format optional + * @access public + * @return string + */ + function saveX509($cert, $format = self::FORMAT_PEM) + { + if (!is_array($cert) || !isset($cert['tbsCertificate'])) { + return false; + } + + switch (true) { + // "case !$a: case !$b: break; default: whatever();" is the same thing as "if ($a && $b) whatever()" + case !($algorithm = $this->_subArray($cert, 'tbsCertificate/subjectPublicKeyInfo/algorithm/algorithm')): + case is_object($cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']): + break; + default: + switch ($algorithm) { + case 'rsaEncryption': + $cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'] + = Base64::encode("\0" . Base64::decode(preg_replace('#-.+-|[\r\n]#', '', $cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']))); + /* "[For RSA keys] the parameters field MUST have ASN.1 type NULL for this algorithm identifier." + -- https://tools.ietf.org/html/rfc3279#section-2.3.1 + + given that and the fact that RSA keys appear ot be the only key type for which the parameters field can be blank, + it seems like perhaps the ASN.1 description ought not say the parameters field is OPTIONAL, but whatever. + */ + $cert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['parameters'] = null; + // https://tools.ietf.org/html/rfc3279#section-2.2.1 + $cert['signatureAlgorithm']['parameters'] = null; + $cert['tbsCertificate']['signature']['parameters'] = null; + } + } + + $asn1 = new ASN1(); + $asn1->loadOIDs($this->oids); + + $filters = array(); + $type_utf8_string = array('type' => ASN1::TYPE_UTF8_STRING); + $filters['tbsCertificate']['signature']['parameters'] = $type_utf8_string; + $filters['tbsCertificate']['signature']['issuer']['rdnSequence']['value'] = $type_utf8_string; + $filters['tbsCertificate']['issuer']['rdnSequence']['value'] = $type_utf8_string; + $filters['tbsCertificate']['subject']['rdnSequence']['value'] = $type_utf8_string; + $filters['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['parameters'] = $type_utf8_string; + $filters['signatureAlgorithm']['parameters'] = $type_utf8_string; + $filters['authorityCertIssuer']['directoryName']['rdnSequence']['value'] = $type_utf8_string; + //$filters['policyQualifiers']['qualifier'] = $type_utf8_string; + $filters['distributionPoint']['fullName']['directoryName']['rdnSequence']['value'] = $type_utf8_string; + $filters['directoryName']['rdnSequence']['value'] = $type_utf8_string; + + /* in the case of policyQualifiers/qualifier, the type has to be \phpseclib\File\ASN1::TYPE_IA5_STRING. + \phpseclib\File\ASN1::TYPE_PRINTABLE_STRING will cause OpenSSL's X.509 parser to spit out random + characters. + */ + $filters['policyQualifiers']['qualifier'] + = array('type' => ASN1::TYPE_IA5_STRING); + + $asn1->loadFilters($filters); + + $this->_mapOutExtensions($cert, 'tbsCertificate/extensions', $asn1); + $this->_mapOutDNs($cert, 'tbsCertificate/issuer/rdnSequence', $asn1); + $this->_mapOutDNs($cert, 'tbsCertificate/subject/rdnSequence', $asn1); + + $cert = $asn1->encodeDER($cert, $this->Certificate); + + switch ($format) { + case self::FORMAT_DER: + return $cert; + // case self::FORMAT_PEM: + default: + return "-----BEGIN CERTIFICATE-----\r\n" . chunk_split(Base64::encode($cert), 64) . '-----END CERTIFICATE-----'; + } + } + + /** + * Map extension values from octet string to extension-specific internal + * format. + * + * @param array ref $root + * @param string $path + * @param object $asn1 + * @access private + */ + function _mapInExtensions(&$root, $path, $asn1) + { + $extensions = &$this->_subArray($root, $path); + + if (is_array($extensions)) { + for ($i = 0; $i < count($extensions); $i++) { + $id = $extensions[$i]['extnId']; + $value = &$extensions[$i]['extnValue']; + $value = Base64::decode($value); + $decoded = $asn1->decodeBER($value); + /* [extnValue] contains the DER encoding of an ASN.1 value + corresponding to the extension type identified by extnID */ + $map = $this->_getMapping($id); + if (!is_bool($map)) { + $mapped = $asn1->asn1map($decoded[0], $map, array('iPAddress' => array($this, '_decodeIP'))); + $value = $mapped === false ? $decoded[0] : $mapped; + + if ($id == 'id-ce-certificatePolicies') { + for ($j = 0; $j < count($value); $j++) { + if (!isset($value[$j]['policyQualifiers'])) { + continue; + } + for ($k = 0; $k < count($value[$j]['policyQualifiers']); $k++) { + $subid = $value[$j]['policyQualifiers'][$k]['policyQualifierId']; + $map = $this->_getMapping($subid); + $subvalue = &$value[$j]['policyQualifiers'][$k]['qualifier']; + if ($map !== false) { + $decoded = $asn1->decodeBER($subvalue); + $mapped = $asn1->asn1map($decoded[0], $map); + $subvalue = $mapped === false ? $decoded[0] : $mapped; + } + } + } + } + } else { + $value = Base64::encode($value); + } + } + } + } + + /** + * Map extension values from extension-specific internal format to + * octet string. + * + * @param array ref $root + * @param string $path + * @param object $asn1 + * @access private + */ + function _mapOutExtensions(&$root, $path, $asn1) + { + $extensions = &$this->_subArray($root, $path); + + if (is_array($extensions)) { + $size = count($extensions); + for ($i = 0; $i < $size; $i++) { + if ($extensions[$i] instanceof Element) { + continue; + } + + $id = $extensions[$i]['extnId']; + $value = &$extensions[$i]['extnValue']; + + switch ($id) { + case 'id-ce-certificatePolicies': + for ($j = 0; $j < count($value); $j++) { + if (!isset($value[$j]['policyQualifiers'])) { + continue; + } + for ($k = 0; $k < count($value[$j]['policyQualifiers']); $k++) { + $subid = $value[$j]['policyQualifiers'][$k]['policyQualifierId']; + $map = $this->_getMapping($subid); + $subvalue = &$value[$j]['policyQualifiers'][$k]['qualifier']; + if ($map !== false) { + // by default \phpseclib\File\ASN1 will try to render qualifier as a \phpseclib\File\ASN1::TYPE_IA5_STRING since it's + // actual type is \phpseclib\File\ASN1::TYPE_ANY + $subvalue = new Element($asn1->encodeDER($subvalue, $map)); + } + } + } + break; + case 'id-ce-authorityKeyIdentifier': // use 00 as the serial number instead of an empty string + if (isset($value['authorityCertSerialNumber'])) { + if ($value['authorityCertSerialNumber']->toBytes() == '') { + $temp = chr((ASN1::CLASS_CONTEXT_SPECIFIC << 6) | 2) . "\1\0"; + $value['authorityCertSerialNumber'] = new Element($temp); + } + } + } + + /* [extnValue] contains the DER encoding of an ASN.1 value + corresponding to the extension type identified by extnID */ + $map = $this->_getMapping($id); + if (is_bool($map)) { + if (!$map) { + //user_error($id . ' is not a currently supported extension'); + unset($extensions[$i]); + } + } else { + $temp = $asn1->encodeDER($value, $map, array('iPAddress' => array($this, '_encodeIP'))); + $value = Base64::encode($temp); + } + } + } + } + + /** + * Map attribute values from ANY type to attribute-specific internal + * format. + * + * @param array ref $root + * @param string $path + * @param object $asn1 + * @access private + */ + function _mapInAttributes(&$root, $path, $asn1) + { + $attributes = &$this->_subArray($root, $path); + + if (is_array($attributes)) { + for ($i = 0; $i < count($attributes); $i++) { + $id = $attributes[$i]['type']; + /* $value contains the DER encoding of an ASN.1 value + corresponding to the attribute type identified by type */ + $map = $this->_getMapping($id); + if (is_array($attributes[$i]['value'])) { + $values = &$attributes[$i]['value']; + for ($j = 0; $j < count($values); $j++) { + $value = $asn1->encodeDER($values[$j], $this->AttributeValue); + $decoded = $asn1->decodeBER($value); + if (!is_bool($map)) { + $mapped = $asn1->asn1map($decoded[0], $map); + if ($mapped !== false) { + $values[$j] = $mapped; + } + if ($id == 'pkcs-9-at-extensionRequest') { + $this->_mapInExtensions($values, $j, $asn1); + } + } elseif ($map) { + $values[$j] = Base64::encode($value); + } + } + } + } + } + } + + /** + * Map attribute values from attribute-specific internal format to + * ANY type. + * + * @param array ref $root + * @param string $path + * @param object $asn1 + * @access private + */ + function _mapOutAttributes(&$root, $path, $asn1) + { + $attributes = &$this->_subArray($root, $path); + + if (is_array($attributes)) { + $size = count($attributes); + for ($i = 0; $i < $size; $i++) { + /* [value] contains the DER encoding of an ASN.1 value + corresponding to the attribute type identified by type */ + $id = $attributes[$i]['type']; + $map = $this->_getMapping($id); + if ($map === false) { + //user_error($id . ' is not a currently supported attribute', E_USER_NOTICE); + unset($attributes[$i]); + } elseif (is_array($attributes[$i]['value'])) { + $values = &$attributes[$i]['value']; + for ($j = 0; $j < count($values); $j++) { + switch ($id) { + case 'pkcs-9-at-extensionRequest': + $this->_mapOutExtensions($values, $j, $asn1); + break; + } + + if (!is_bool($map)) { + $temp = $asn1->encodeDER($values[$j], $map); + $decoded = $asn1->decodeBER($temp); + $values[$j] = $asn1->asn1map($decoded[0], $this->AttributeValue); + } + } + } + } + } + } + + /** + * Map DN values from ANY type to DN-specific internal + * format. + * + * @param array ref $root + * @param string $path + * @param object $asn1 + * @access private + */ + function _mapInDNs(&$root, $path, $asn1) + { + $dns = &$this->_subArray($root, $path); + + if (is_array($dns)) { + for ($i = 0; $i < count($dns); $i++) { + for ($j = 0; $j < count($dns[$i]); $j++) { + $type = $dns[$i][$j]['type']; + $value = &$dns[$i][$j]['value']; + if (is_object($value) && $value instanceof Element) { + $map = $this->_getMapping($type); + if (!is_bool($map)) { + $decoded = $asn1->decodeBER($value); + $value = $asn1->asn1map($decoded[0], $map); + } + } + } + } + } + } + + /** + * Map DN values from DN-specific internal format to + * ANY type. + * + * @param array ref $root + * @param string $path + * @param object $asn1 + * @access private + */ + function _mapOutDNs(&$root, $path, $asn1) + { + $dns = &$this->_subArray($root, $path); + + if (is_array($dns)) { + $size = count($dns); + for ($i = 0; $i < $size; $i++) { + for ($j = 0; $j < count($dns[$i]); $j++) { + $type = $dns[$i][$j]['type']; + $value = &$dns[$i][$j]['value']; + if (is_object($value) && $value instanceof Element) { + continue; + } + + $map = $this->_getMapping($type); + if (!is_bool($map)) { + $value = new Element($asn1->encodeDER($value, $map)); + } + } + } + } + } + + /** + * Associate an extension ID to an extension mapping + * + * @param string $extnId + * @access private + * @return mixed + */ + function _getMapping($extnId) + { + if (!is_string($extnId)) { // eg. if it's a \phpseclib\File\ASN1\Element object + return true; + } + + switch ($extnId) { + case 'id-ce-keyUsage': + return $this->KeyUsage; + case 'id-ce-basicConstraints': + return $this->BasicConstraints; + case 'id-ce-subjectKeyIdentifier': + return $this->KeyIdentifier; + case 'id-ce-cRLDistributionPoints': + return $this->CRLDistributionPoints; + case 'id-ce-authorityKeyIdentifier': + return $this->AuthorityKeyIdentifier; + case 'id-ce-certificatePolicies': + return $this->CertificatePolicies; + case 'id-ce-extKeyUsage': + return $this->ExtKeyUsageSyntax; + case 'id-pe-authorityInfoAccess': + return $this->AuthorityInfoAccessSyntax; + case 'id-ce-subjectAltName': + return $this->SubjectAltName; + case 'id-ce-subjectDirectoryAttributes': + return $this->SubjectDirectoryAttributes; + case 'id-ce-privateKeyUsagePeriod': + return $this->PrivateKeyUsagePeriod; + case 'id-ce-issuerAltName': + return $this->IssuerAltName; + case 'id-ce-policyMappings': + return $this->PolicyMappings; + case 'id-ce-nameConstraints': + return $this->NameConstraints; + + case 'netscape-cert-type': + return $this->netscape_cert_type; + case 'netscape-comment': + return $this->netscape_comment; + case 'netscape-ca-policy-url': + return $this->netscape_ca_policy_url; + + // since id-qt-cps isn't a constructed type it will have already been decoded as a string by the time it gets + // back around to asn1map() and we don't want it decoded again. + //case 'id-qt-cps': + // return $this->CPSuri; + case 'id-qt-unotice': + return $this->UserNotice; + + // the following OIDs are unsupported but we don't want them to give notices when calling saveX509(). + case 'id-pe-logotype': // http://www.ietf.org/rfc/rfc3709.txt + case 'entrustVersInfo': + // http://support.microsoft.com/kb/287547 + case '1.3.6.1.4.1.311.20.2': // szOID_ENROLL_CERTTYPE_EXTENSION + case '1.3.6.1.4.1.311.21.1': // szOID_CERTSRV_CA_VERSION + // "SET Secure Electronic Transaction Specification" + // http://www.maithean.com/docs/set_bk3.pdf + case '2.23.42.7.0': // id-set-hashedRootKey + return true; + + // CSR attributes + case 'pkcs-9-at-unstructuredName': + return $this->PKCS9String; + case 'pkcs-9-at-challengePassword': + return $this->DirectoryString; + case 'pkcs-9-at-extensionRequest': + return $this->Extensions; + + // CRL extensions. + case 'id-ce-cRLNumber': + return $this->CRLNumber; + case 'id-ce-deltaCRLIndicator': + return $this->CRLNumber; + case 'id-ce-issuingDistributionPoint': + return $this->IssuingDistributionPoint; + case 'id-ce-freshestCRL': + return $this->CRLDistributionPoints; + case 'id-ce-cRLReasons': + return $this->CRLReason; + case 'id-ce-invalidityDate': + return $this->InvalidityDate; + case 'id-ce-certificateIssuer': + return $this->CertificateIssuer; + case 'id-ce-holdInstructionCode': + return $this->HoldInstructionCode; + case 'id-at-postalAddress': + return $this->PostalAddress; + } + + return false; + } + + /** + * Load an X.509 certificate as a certificate authority + * + * @param string $cert + * @access public + * @return bool + */ + function loadCA($cert) + { + $olddn = $this->dn; + $oldcert = $this->currentCert; + $oldsigsubj = $this->signatureSubject; + $oldkeyid = $this->currentKeyIdentifier; + + $cert = $this->loadX509($cert); + if (!$cert) { + $this->dn = $olddn; + $this->currentCert = $oldcert; + $this->signatureSubject = $oldsigsubj; + $this->currentKeyIdentifier = $oldkeyid; + + return false; + } + + /* From RFC5280 "PKIX Certificate and CRL Profile": + + If the keyUsage extension is present, then the subject public key + MUST NOT be used to verify signatures on certificates or CRLs unless + the corresponding keyCertSign or cRLSign bit is set. */ + //$keyUsage = $this->getExtension('id-ce-keyUsage'); + //if ($keyUsage && !in_array('keyCertSign', $keyUsage)) { + // return false; + //} + + /* From RFC5280 "PKIX Certificate and CRL Profile": + + The cA boolean indicates whether the certified public key may be used + to verify certificate signatures. If the cA boolean is not asserted, + then the keyCertSign bit in the key usage extension MUST NOT be + asserted. If the basic constraints extension is not present in a + version 3 certificate, or the extension is present but the cA boolean + is not asserted, then the certified public key MUST NOT be used to + verify certificate signatures. */ + //$basicConstraints = $this->getExtension('id-ce-basicConstraints'); + //if (!$basicConstraints || !$basicConstraints['cA']) { + // return false; + //} + + $this->CAs[] = $cert; + + $this->dn = $olddn; + $this->currentCert = $oldcert; + $this->signatureSubject = $oldsigsubj; + + return true; + } + + /** + * Validate an X.509 certificate against a URL + * + * From RFC2818 "HTTP over TLS": + * + * Matching is performed using the matching rules specified by + * [RFC2459]. If more than one identity of a given type is present in + * the certificate (e.g., more than one dNSName name, a match in any one + * of the set is considered acceptable.) Names may contain the wildcard + * character * which is considered to match any single domain name + * component or component fragment. E.g., *.a.com matches foo.a.com but + * not bar.foo.a.com. f*.com matches foo.com but not bar.com. + * + * @param string $url + * @access public + * @return bool + */ + function validateURL($url) + { + if (!is_array($this->currentCert) || !isset($this->currentCert['tbsCertificate'])) { + return false; + } + + $components = parse_url($url); + if (!isset($components['host'])) { + return false; + } + + if ($names = $this->getExtension('id-ce-subjectAltName')) { + foreach ($names as $key => $value) { + $value = str_replace(array('.', '*'), array('\.', '[^.]*'), $value); + switch ($key) { + case 'dNSName': + /* From RFC2818 "HTTP over TLS": + + If a subjectAltName extension of type dNSName is present, that MUST + be used as the identity. Otherwise, the (most specific) Common Name + field in the Subject field of the certificate MUST be used. Although + the use of the Common Name is existing practice, it is deprecated and + Certification Authorities are encouraged to use the dNSName instead. */ + if (preg_match('#^' . $value . '$#', $components['host'])) { + return true; + } + break; + case 'iPAddress': + /* From RFC2818 "HTTP over TLS": + + In some cases, the URI is specified as an IP address rather than a + hostname. In this case, the iPAddress subjectAltName must be present + in the certificate and must exactly match the IP in the URI. */ + if (preg_match('#(?:\d{1-3}\.){4}#', $components['host'] . '.') && preg_match('#^' . $value . '$#', $components['host'])) { + return true; + } + } + } + return false; + } + + if ($value = $this->getDNProp('id-at-commonName')) { + $value = str_replace(array('.', '*'), array('\.', '[^.]*'), $value[0]); + return preg_match('#^' . $value . '$#', $components['host']); + } + + return false; + } + + /** + * Validate a date + * + * If $date isn't defined it is assumed to be the current date. + * + * @param int $date optional + * @access public + */ + function validateDate($date = null) + { + if (!is_array($this->currentCert) || !isset($this->currentCert['tbsCertificate'])) { + return false; + } + + if (!isset($date)) { + $date = time(); + } + + $notBefore = $this->currentCert['tbsCertificate']['validity']['notBefore']; + $notBefore = isset($notBefore['generalTime']) ? $notBefore['generalTime'] : $notBefore['utcTime']; + + $notAfter = $this->currentCert['tbsCertificate']['validity']['notAfter']; + $notAfter = isset($notAfter['generalTime']) ? $notAfter['generalTime'] : $notAfter['utcTime']; + + switch (true) { + case $date < @strtotime($notBefore): + case $date > @strtotime($notAfter): + return false; + } + + return true; + } + + /** + * Validate a signature + * + * Works on X.509 certs, CSR's and CRL's. + * Returns true if the signature is verified, false if it is not correct or null on error + * + * By default returns false for self-signed certs. Call validateSignature(false) to make this support + * self-signed. + * + * The behavior of this function is inspired by {@link http://php.net/openssl-verify openssl_verify}. + * + * @param bool $caonly optional + * @access public + * @return mixed + */ + function validateSignature($caonly = true) + { + if (!is_array($this->currentCert) || !isset($this->signatureSubject)) { + return null; + } + + /* TODO: + "emailAddress attribute values are not case-sensitive (e.g., "subscriber@example.com" is the same as "SUBSCRIBER@EXAMPLE.COM")." + -- http://tools.ietf.org/html/rfc5280#section-4.1.2.6 + + implement pathLenConstraint in the id-ce-basicConstraints extension */ + + switch (true) { + case isset($this->currentCert['tbsCertificate']): + // self-signed cert + switch (true) { + case !defined('FILE_X509_IGNORE_TYPE') && $this->currentCert['tbsCertificate']['issuer'] === $this->currentCert['tbsCertificate']['subject']: + case defined('FILE_X509_IGNORE_TYPE') && $this->getIssuerDN(self::DN_STRING) === $this->getDN(self::DN_STRING): + $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier'); + $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier'); + switch (true) { + case !is_array($authorityKey): + case is_array($authorityKey) && isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID: + $signingCert = $this->currentCert; // working cert + } + } + + if (!empty($this->CAs)) { + for ($i = 0; $i < count($this->CAs); $i++) { + // even if the cert is a self-signed one we still want to see if it's a CA; + // if not, we'll conditionally return an error + $ca = $this->CAs[$i]; + switch (true) { + case !defined('FILE_X509_IGNORE_TYPE') && $this->currentCert['tbsCertificate']['issuer'] === $ca['tbsCertificate']['subject']: + case defined('FILE_X509_IGNORE_TYPE') && $this->getDN(self::DN_STRING, $this->currentCert['tbsCertificate']['issuer']) === $this->getDN(self::DN_STRING, $ca['tbsCertificate']['subject']): + $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier'); + $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier', $ca); + switch (true) { + case !is_array($authorityKey): + case is_array($authorityKey) && isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID: + $signingCert = $ca; // working cert + break 3; + } + } + } + if (count($this->CAs) == $i && $caonly) { + return false; + } + } elseif (!isset($signingCert) || $caonly) { + return false; + } + return $this->_validateSignature( + $signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'], + $signingCert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'], + $this->currentCert['signatureAlgorithm']['algorithm'], + substr(Base64::decode($this->currentCert['signature']), 1), + $this->signatureSubject + ); + case isset($this->currentCert['certificationRequestInfo']): + return $this->_validateSignature( + $this->currentCert['certificationRequestInfo']['subjectPKInfo']['algorithm']['algorithm'], + $this->currentCert['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'], + $this->currentCert['signatureAlgorithm']['algorithm'], + substr(Base64::decode($this->currentCert['signature']), 1), + $this->signatureSubject + ); + case isset($this->currentCert['publicKeyAndChallenge']): + return $this->_validateSignature( + $this->currentCert['publicKeyAndChallenge']['spki']['algorithm']['algorithm'], + $this->currentCert['publicKeyAndChallenge']['spki']['subjectPublicKey'], + $this->currentCert['signatureAlgorithm']['algorithm'], + substr(Base64::decode($this->currentCert['signature']), 1), + $this->signatureSubject + ); + case isset($this->currentCert['tbsCertList']): + if (!empty($this->CAs)) { + for ($i = 0; $i < count($this->CAs); $i++) { + $ca = $this->CAs[$i]; + switch (true) { + case !defined('FILE_X509_IGNORE_TYPE') && $this->currentCert['tbsCertList']['issuer'] === $ca['tbsCertificate']['subject']: + case defined('FILE_X509_IGNORE_TYPE') && $this->getDN(self::DN_STRING, $this->currentCert['tbsCertList']['issuer']) === $this->getDN(self::DN_STRING, $ca['tbsCertificate']['subject']): + $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier'); + $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier', $ca); + switch (true) { + case !is_array($authorityKey): + case is_array($authorityKey) && isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID: + $signingCert = $ca; // working cert + break 3; + } + } + } + } + if (!isset($signingCert)) { + return false; + } + return $this->_validateSignature( + $signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'], + $signingCert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'], + $this->currentCert['signatureAlgorithm']['algorithm'], + substr(Base64::decode($this->currentCert['signature']), 1), + $this->signatureSubject + ); + default: + return false; + } + } + + /** + * Validates a signature + * + * Returns true if the signature is verified and false if it is not correct. + * If the algorithms are unsupposed an exception is thrown. + * + * @param string $publicKeyAlgorithm + * @param string $publicKey + * @param string $signatureAlgorithm + * @param string $signature + * @param string $signatureSubject + * @access private + * @throws \phpseclib\Exception\UnsupportedAlgorithmException if the algorithm is unsupported + * @return bool + */ + function _validateSignature($publicKeyAlgorithm, $publicKey, $signatureAlgorithm, $signature, $signatureSubject) + { + switch ($publicKeyAlgorithm) { + case 'rsaEncryption': + $rsa = new RSA(); + $rsa->load($publicKey); + + switch ($signatureAlgorithm) { + case 'md2WithRSAEncryption': + case 'md5WithRSAEncryption': + case 'sha1WithRSAEncryption': + case 'sha224WithRSAEncryption': + case 'sha256WithRSAEncryption': + case 'sha384WithRSAEncryption': + case 'sha512WithRSAEncryption': + $rsa->setHash(preg_replace('#WithRSAEncryption$#', '', $signatureAlgorithm)); + if (!@$rsa->verify($signatureSubject, $signature, RSA::PADDING_PKCS1)) { + return false; + } + break; + default: + throw new UnsupportedAlgorithmException('Signature algorithm unsupported'); + } + break; + default: + throw new UnsupportedAlgorithmException('Public key algorithm unsupported'); + } + + return true; + } + + /** + * Reformat public keys + * + * Reformats a public key to a format supported by phpseclib (if applicable) + * + * @param string $algorithm + * @param string $key + * @access private + * @return string + */ + function _reformatKey($algorithm, $key) + { + switch ($algorithm) { + case 'rsaEncryption': + return + "-----BEGIN RSA PUBLIC KEY-----\r\n" . + // subjectPublicKey is stored as a bit string in X.509 certs. the first byte of a bit string represents how many bits + // in the last byte should be ignored. the following only supports non-zero stuff but as none of the X.509 certs Firefox + // uses as a cert authority actually use a non-zero bit I think it's safe to assume that none do. + chunk_split(Base64::encode(substr(Base64::decode($key), 1)), 64) . + '-----END RSA PUBLIC KEY-----'; + default: + return $key; + } + } + + /** + * Decodes an IP address + * + * Takes in a base64 encoded "blob" and returns a human readable IP address + * + * @param string $ip + * @access private + * @return string + */ + function _decodeIP($ip) + { + return inet_ntop(Base64::decode($ip)); + } + + /** + * Encodes an IP address + * + * Takes a human readable IP address into a base64-encoded "blob" + * + * @param string $ip + * @access private + * @return string + */ + function _encodeIP($ip) + { + return Base64::encode(inet_pton($ip)); + } + + /** + * "Normalizes" a Distinguished Name property + * + * @param string $propName + * @access private + * @return mixed + */ + function _translateDNProp($propName) + { + switch (strtolower($propName)) { + case 'id-at-countryname': + case 'countryname': + case 'c': + return 'id-at-countryName'; + case 'id-at-organizationname': + case 'organizationname': + case 'o': + return 'id-at-organizationName'; + case 'id-at-dnqualifier': + case 'dnqualifier': + return 'id-at-dnQualifier'; + case 'id-at-commonname': + case 'commonname': + case 'cn': + return 'id-at-commonName'; + case 'id-at-stateorprovincename': + case 'stateorprovincename': + case 'state': + case 'province': + case 'provincename': + case 'st': + return 'id-at-stateOrProvinceName'; + case 'id-at-localityname': + case 'localityname': + case 'l': + return 'id-at-localityName'; + case 'id-emailaddress': + case 'emailaddress': + return 'pkcs-9-at-emailAddress'; + case 'id-at-serialnumber': + case 'serialnumber': + return 'id-at-serialNumber'; + case 'id-at-postalcode': + case 'postalcode': + return 'id-at-postalCode'; + case 'id-at-streetaddress': + case 'streetaddress': + return 'id-at-streetAddress'; + case 'id-at-name': + case 'name': + return 'id-at-name'; + case 'id-at-givenname': + case 'givenname': + return 'id-at-givenName'; + case 'id-at-surname': + case 'surname': + case 'sn': + return 'id-at-surname'; + case 'id-at-initials': + case 'initials': + return 'id-at-initials'; + case 'id-at-generationqualifier': + case 'generationqualifier': + return 'id-at-generationQualifier'; + case 'id-at-organizationalunitname': + case 'organizationalunitname': + case 'ou': + return 'id-at-organizationalUnitName'; + case 'id-at-pseudonym': + case 'pseudonym': + return 'id-at-pseudonym'; + case 'id-at-title': + case 'title': + return 'id-at-title'; + case 'id-at-description': + case 'description': + return 'id-at-description'; + case 'id-at-role': + case 'role': + return 'id-at-role'; + case 'id-at-uniqueidentifier': + case 'uniqueidentifier': + case 'x500uniqueidentifier': + return 'id-at-uniqueIdentifier'; + case 'postaladdress': + case 'id-at-postaladdress': + return 'id-at-postalAddress'; + default: + return false; + } + } + + /** + * Set a Distinguished Name property + * + * @param string $propName + * @param mixed $propValue + * @param string $type optional + * @access public + * @return bool + */ + function setDNProp($propName, $propValue, $type = 'utf8String') + { + if (empty($this->dn)) { + $this->dn = array('rdnSequence' => array()); + } + + if (($propName = $this->_translateDNProp($propName)) === false) { + return false; + } + + foreach ((array) $propValue as $v) { + if (!is_array($v) && isset($type)) { + $v = array($type => $v); + } + $this->dn['rdnSequence'][] = array( + array( + 'type' => $propName, + 'value'=> $v + ) + ); + } + + return true; + } + + /** + * Remove Distinguished Name properties + * + * @param string $propName + * @access public + */ + function removeDNProp($propName) + { + if (empty($this->dn)) { + return; + } + + if (($propName = $this->_translateDNProp($propName)) === false) { + return; + } + + $dn = &$this->dn['rdnSequence']; + $size = count($dn); + for ($i = 0; $i < $size; $i++) { + if ($dn[$i][0]['type'] == $propName) { + unset($dn[$i]); + } + } + + $dn = array_values($dn); + } + + /** + * Get Distinguished Name properties + * + * @param string $propName + * @param array $dn optional + * @param bool $withType optional + * @return mixed + * @access public + */ + function getDNProp($propName, $dn = null, $withType = false) + { + if (!isset($dn)) { + $dn = $this->dn; + } + + if (empty($dn)) { + return false; + } + + if (($propName = $this->_translateDNProp($propName)) === false) { + return false; + } + + $asn1 = new ASN1(); + $asn1->loadOIDs($this->oids); + $filters = array(); + $filters['value'] = array('type' => ASN1::TYPE_UTF8_STRING); + $asn1->loadFilters($filters); + $this->_mapOutDNs($dn, 'rdnSequence', $asn1); + $dn = $dn['rdnSequence']; + $result = array(); + for ($i = 0; $i < count($dn); $i++) { + if ($dn[$i][0]['type'] == $propName) { + $v = $dn[$i][0]['value']; + if (!$withType) { + if (is_array($v)) { + foreach ($v as $type => $s) { + $type = array_search($type, $asn1->ANYmap, true); + if ($type !== false && isset($asn1->stringTypeSize[$type])) { + $s = $asn1->convert($s, $type); + if ($s !== false) { + $v = $s; + break; + } + } + } + if (is_array($v)) { + $v = array_pop($v); // Always strip data type. + } + } elseif (is_object($v) && $v instanceof Element) { + $map = $this->_getMapping($propName); + if (!is_bool($map)) { + $decoded = $asn1->decodeBER($v); + $v = $asn1->asn1map($decoded[0], $map); + } + } + } + $result[] = $v; + } + } + + return $result; + } + + /** + * Set a Distinguished Name + * + * @param mixed $dn + * @param bool $merge optional + * @param string $type optional + * @access public + * @return bool + */ + function setDN($dn, $merge = false, $type = 'utf8String') + { + if (!$merge) { + $this->dn = null; + } + + if (is_array($dn)) { + if (isset($dn['rdnSequence'])) { + $this->dn = $dn; // No merge here. + return true; + } + + // handles stuff generated by openssl_x509_parse() + foreach ($dn as $prop => $value) { + if (!$this->setDNProp($prop, $value, $type)) { + return false; + } + } + return true; + } + + // handles everything else + $results = preg_split('#((?:^|, *|/)(?:C=|O=|OU=|CN=|L=|ST=|SN=|postalCode=|streetAddress=|emailAddress=|serialNumber=|organizationalUnitName=|title=|description=|role=|x500UniqueIdentifier=|postalAddress=))#', $dn, -1, PREG_SPLIT_DELIM_CAPTURE); + for ($i = 1; $i < count($results); $i+=2) { + $prop = trim($results[$i], ', =/'); + $value = $results[$i + 1]; + if (!$this->setDNProp($prop, $value, $type)) { + return false; + } + } + + return true; + } + + /** + * Get the Distinguished Name for a certificates subject + * + * @param mixed $format optional + * @param array $dn optional + * @access public + * @return bool + */ + function getDN($format = self::DN_ARRAY, $dn = null) + { + if (!isset($dn)) { + $dn = isset($this->currentCert['tbsCertList']) ? $this->currentCert['tbsCertList']['issuer'] : $this->dn; + } + + switch ((int) $format) { + case self::DN_ARRAY: + return $dn; + case self::DN_ASN1: + $asn1 = new ASN1(); + $asn1->loadOIDs($this->oids); + $filters = array(); + $filters['rdnSequence']['value'] = array('type' => ASN1::TYPE_UTF8_STRING); + $asn1->loadFilters($filters); + $this->_mapOutDNs($dn, 'rdnSequence', $asn1); + return $asn1->encodeDER($dn, $this->Name); + case self::DN_CANON: + // No SEQUENCE around RDNs and all string values normalized as + // trimmed lowercase UTF-8 with all spacing as one blank. + // constructed RDNs will not be canonicalized + $asn1 = new ASN1(); + $asn1->loadOIDs($this->oids); + $filters = array(); + $filters['value'] = array('type' => ASN1::TYPE_UTF8_STRING); + $asn1->loadFilters($filters); + $result = ''; + $this->_mapOutDNs($dn, 'rdnSequence', $asn1); + foreach ($dn['rdnSequence'] as $rdn) { + foreach ($rdn as $i => $attr) { + $attr = &$rdn[$i]; + if (is_array($attr['value'])) { + foreach ($attr['value'] as $type => $v) { + $type = array_search($type, $asn1->ANYmap, true); + if ($type !== false && isset($asn1->stringTypeSize[$type])) { + $v = $asn1->convert($v, $type); + if ($v !== false) { + $v = preg_replace('/\s+/', ' ', $v); + $attr['value'] = strtolower(trim($v)); + break; + } + } + } + } + } + $result .= $asn1->encodeDER($rdn, $this->RelativeDistinguishedName); + } + return $result; + case self::DN_HASH: + $dn = $this->getDN(self::DN_CANON, $dn); + $hash = new Hash('sha1'); + $hash = $hash->hash($dn); + extract(unpack('Vhash', $hash)); + return strtolower(Hex::encode(pack('N', $hash))); + } + + // Default is to return a string. + $start = true; + $output = ''; + + $result = array(); + $asn1 = new ASN1(); + $asn1->loadOIDs($this->oids); + $filters = array(); + $filters['rdnSequence']['value'] = array('type' => ASN1::TYPE_UTF8_STRING); + $asn1->loadFilters($filters); + $this->_mapOutDNs($dn, 'rdnSequence', $asn1); + + foreach ($dn['rdnSequence'] as $field) { + $prop = $field[0]['type']; + $value = $field[0]['value']; + + $delim = ', '; + switch ($prop) { + case 'id-at-countryName': + $desc = 'C'; + break; + case 'id-at-stateOrProvinceName': + $desc = 'ST'; + break; + case 'id-at-organizationName': + $desc = 'O'; + break; + case 'id-at-organizationalUnitName': + $desc = 'OU'; + break; + case 'id-at-commonName': + $desc = 'CN'; + break; + case 'id-at-localityName': + $desc = 'L'; + break; + case 'id-at-surname': + $desc = 'SN'; + break; + case 'id-at-uniqueIdentifier': + $delim = '/'; + $desc = 'x500UniqueIdentifier'; + break; + case 'id-at-postalAddress': + $delim = '/'; + $desc = 'postalAddress'; + break; + default: + $delim = '/'; + $desc = preg_replace('#.+-([^-]+)$#', '$1', $prop); + } + + if (!$start) { + $output.= $delim; + } + if (is_array($value)) { + foreach ($value as $type => $v) { + $type = array_search($type, $asn1->ANYmap, true); + if ($type !== false && isset($asn1->stringTypeSize[$type])) { + $v = $asn1->convert($v, $type); + if ($v !== false) { + $value = $v; + break; + } + } + } + if (is_array($value)) { + $value = array_pop($value); // Always strip data type. + } + } elseif (is_object($value) && $value instanceof Element) { + $callback = create_function('$x', 'return "\x" . bin2hex($x[0]);'); + $value = strtoupper(preg_replace_callback('#[^\x20-\x7E]#', $callback, $value->element)); + } + $output.= $desc . '=' . $value; + $result[$desc] = isset($result[$desc]) ? + array_merge((array) $dn[$prop], array($value)) : + $value; + $start = false; + } + + return $format == self::DN_OPENSSL ? $result : $output; + } + + /** + * Get the Distinguished Name for a certificate/crl issuer + * + * @param int $format optional + * @access public + * @return mixed + */ + function getIssuerDN($format = self::DN_ARRAY) + { + switch (true) { + case !isset($this->currentCert) || !is_array($this->currentCert): + break; + case isset($this->currentCert['tbsCertificate']): + return $this->getDN($format, $this->currentCert['tbsCertificate']['issuer']); + case isset($this->currentCert['tbsCertList']): + return $this->getDN($format, $this->currentCert['tbsCertList']['issuer']); + } + + return false; + } + + /** + * Get the Distinguished Name for a certificate/csr subject + * Alias of getDN() + * + * @param int $format optional + * @access public + * @return mixed + */ + function getSubjectDN($format = self::DN_ARRAY) + { + switch (true) { + case !empty($this->dn): + return $this->getDN($format); + case !isset($this->currentCert) || !is_array($this->currentCert): + break; + case isset($this->currentCert['tbsCertificate']): + return $this->getDN($format, $this->currentCert['tbsCertificate']['subject']); + case isset($this->currentCert['certificationRequestInfo']): + return $this->getDN($format, $this->currentCert['certificationRequestInfo']['subject']); + } + + return false; + } + + /** + * Get an individual Distinguished Name property for a certificate/crl issuer + * + * @param string $propName + * @param bool $withType optional + * @access public + * @return mixed + */ + function getIssuerDNProp($propName, $withType = false) + { + switch (true) { + case !isset($this->currentCert) || !is_array($this->currentCert): + break; + case isset($this->currentCert['tbsCertificate']): + return $this->getDNProp($propName, $this->currentCert['tbsCertificate']['issuer'], $withType); + case isset($this->currentCert['tbsCertList']): + return $this->getDNProp($propName, $this->currentCert['tbsCertList']['issuer'], $withType); + } + + return false; + } + + /** + * Get an individual Distinguished Name property for a certificate/csr subject + * + * @param string $propName + * @param bool $withType optional + * @access public + * @return mixed + */ + function getSubjectDNProp($propName, $withType = false) + { + switch (true) { + case !empty($this->dn): + return $this->getDNProp($propName, null, $withType); + case !isset($this->currentCert) || !is_array($this->currentCert): + break; + case isset($this->currentCert['tbsCertificate']): + return $this->getDNProp($propName, $this->currentCert['tbsCertificate']['subject'], $withType); + case isset($this->currentCert['certificationRequestInfo']): + return $this->getDNProp($propName, $this->currentCert['certificationRequestInfo']['subject'], $withType); + } + + return false; + } + + /** + * Get the certificate chain for the current cert + * + * @access public + * @return mixed + */ + function getChain() + { + $chain = array($this->currentCert); + + if (!is_array($this->currentCert) || !isset($this->currentCert['tbsCertificate'])) { + return false; + } + if (empty($this->CAs)) { + return $chain; + } + while (true) { + $currentCert = $chain[count($chain) - 1]; + for ($i = 0; $i < count($this->CAs); $i++) { + $ca = $this->CAs[$i]; + if ($currentCert['tbsCertificate']['issuer'] === $ca['tbsCertificate']['subject']) { + $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier', $currentCert); + $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier', $ca); + switch (true) { + case !is_array($authorityKey): + case is_array($authorityKey) && isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID: + if ($currentCert === $ca) { + break 3; + } + $chain[] = $ca; + break 2; + } + } + } + if ($i == count($this->CAs)) { + break; + } + } + foreach ($chain as $key => $value) { + $chain[$key] = new X509(); + $chain[$key]->loadX509($value); + } + return $chain; + } + + /** + * Set public key + * + * Key needs to be a \phpseclib\Crypt\RSA object + * + * @param object $key + * @access public + * @return bool + */ + function setPublicKey($key) + { + $key->setPublicKey(); + $this->publicKey = $key; + } + + /** + * Set private key + * + * Key needs to be a \phpseclib\Crypt\RSA object + * + * @param object $key + * @access public + */ + function setPrivateKey($key) + { + $this->privateKey = $key; + } + + /** + * Set challenge + * + * Used for SPKAC CSR's + * + * @param string $challenge + * @access public + */ + function setChallenge($challenge) + { + $this->challenge = $challenge; + } + + /** + * Gets the public key + * + * Returns a \phpseclib\Crypt\RSA object or a false. + * + * @access public + * @return mixed + */ + function getPublicKey() + { + if (isset($this->publicKey)) { + return $this->publicKey; + } + + if (isset($this->currentCert) && is_array($this->currentCert)) { + foreach (array('tbsCertificate/subjectPublicKeyInfo', 'certificationRequestInfo/subjectPKInfo') as $path) { + $keyinfo = $this->_subArray($this->currentCert, $path); + if (!empty($keyinfo)) { + break; + } + } + } + if (empty($keyinfo)) { + return false; + } + + $key = $keyinfo['subjectPublicKey']; + + switch ($keyinfo['algorithm']['algorithm']) { + case 'rsaEncryption': + $publicKey = new RSA(); + $publicKey->load($key); + $publicKey->setPublicKey(); + break; + default: + return false; + } + + return $publicKey; + } + + /** + * Load a Certificate Signing Request + * + * @param string $csr + * @access public + * @return mixed + */ + function loadCSR($csr, $mode = self::FORMAT_AUTO_DETECT) + { + if (is_array($csr) && isset($csr['certificationRequestInfo'])) { + unset($this->currentCert); + unset($this->currentKeyIdentifier); + unset($this->signatureSubject); + $this->dn = $csr['certificationRequestInfo']['subject']; + if (!isset($this->dn)) { + return false; + } + + $this->currentCert = $csr; + return $csr; + } + + // see http://tools.ietf.org/html/rfc2986 + + $asn1 = new ASN1(); + + if ($mode != self::FORMAT_DER) { + $newcsr = $this->_extractBER($csr); + if ($mode == self::FORMAT_PEM && $csr == $newcsr) { + return false; + } + $csr = $newcsr; + } + $orig = $csr; + + if ($csr === false) { + $this->currentCert = false; + return false; + } + + $asn1->loadOIDs($this->oids); + $decoded = $asn1->decodeBER($csr); + + if (empty($decoded)) { + $this->currentCert = false; + return false; + } + + $csr = $asn1->asn1map($decoded[0], $this->CertificationRequest); + if (!isset($csr) || $csr === false) { + $this->currentCert = false; + return false; + } + + $this->_mapInAttributes($csr, 'certificationRequestInfo/attributes', $asn1); + $this->_mapInDNs($csr, 'certificationRequestInfo/subject/rdnSequence', $asn1); + + $this->dn = $csr['certificationRequestInfo']['subject']; + + $this->signatureSubject = substr($orig, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']); + + $algorithm = &$csr['certificationRequestInfo']['subjectPKInfo']['algorithm']['algorithm']; + $key = &$csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey']; + $key = $this->_reformatKey($algorithm, $key); + + switch ($algorithm) { + case 'rsaEncryption': + $this->publicKey = new RSA(); + $this->publicKey->load($key); + $this->publicKey->setPublicKey(); + break; + default: + $this->publicKey = null; + } + + $this->currentKeyIdentifier = null; + $this->currentCert = $csr; + + return $csr; + } + + /** + * Save CSR request + * + * @param array $csr + * @param int $format optional + * @access public + * @return string + */ + function saveCSR($csr, $format = self::FORMAT_PEM) + { + if (!is_array($csr) || !isset($csr['certificationRequestInfo'])) { + return false; + } + + switch (true) { + case !($algorithm = $this->_subArray($csr, 'certificationRequestInfo/subjectPKInfo/algorithm/algorithm')): + case is_object($csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey']): + break; + default: + switch ($algorithm) { + case 'rsaEncryption': + $csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'] + = Base64::encode("\0" . Base64::decode(preg_replace('#-.+-|[\r\n]#', '', $csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey']))); + } + } + + $asn1 = new ASN1(); + + $asn1->loadOIDs($this->oids); + + $filters = array(); + $filters['certificationRequestInfo']['subject']['rdnSequence']['value'] + = array('type' => ASN1::TYPE_UTF8_STRING); + + $asn1->loadFilters($filters); + + $this->_mapOutDNs($csr, 'certificationRequestInfo/subject/rdnSequence', $asn1); + $this->_mapOutAttributes($csr, 'certificationRequestInfo/attributes', $asn1); + $csr = $asn1->encodeDER($csr, $this->CertificationRequest); + + switch ($format) { + case self::FORMAT_DER: + return $csr; + // case self::FORMAT_PEM: + default: + return "-----BEGIN CERTIFICATE REQUEST-----\r\n" . chunk_split(Base64::encode($csr), 64) . '-----END CERTIFICATE REQUEST-----'; + } + } + + /** + * Load a SPKAC CSR + * + * SPKAC's are produced by the HTML5 keygen element: + * + * https://developer.mozilla.org/en-US/docs/HTML/Element/keygen + * + * @param string $csr + * @access public + * @return mixed + */ + function loadSPKAC($spkac) + { + if (is_array($spkac) && isset($spkac['publicKeyAndChallenge'])) { + unset($this->currentCert); + unset($this->currentKeyIdentifier); + unset($this->signatureSubject); + $this->currentCert = $spkac; + return $spkac; + } + + // see http://www.w3.org/html/wg/drafts/html/master/forms.html#signedpublickeyandchallenge + + $asn1 = new ASN1(); + + // OpenSSL produces SPKAC's that are preceeded by the string SPKAC= + $temp = preg_replace('#(?:SPKAC=)|[ \r\n\\\]#', '', $spkac); + $temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? Base64::decode($temp) : false; + if ($temp != false) { + $spkac = $temp; + } + $orig = $spkac; + + if ($spkac === false) { + $this->currentCert = false; + return false; + } + + $asn1->loadOIDs($this->oids); + $decoded = $asn1->decodeBER($spkac); + + if (empty($decoded)) { + $this->currentCert = false; + return false; + } + + $spkac = $asn1->asn1map($decoded[0], $this->SignedPublicKeyAndChallenge); + + if (!isset($spkac) || $spkac === false) { + $this->currentCert = false; + return false; + } + + $this->signatureSubject = substr($orig, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']); + + $algorithm = &$spkac['publicKeyAndChallenge']['spki']['algorithm']['algorithm']; + $key = &$spkac['publicKeyAndChallenge']['spki']['subjectPublicKey']; + $key = $this->_reformatKey($algorithm, $key); + + switch ($algorithm) { + case 'rsaEncryption': + $this->publicKey = new RSA(); + $this->publicKey->load($key); + $this->publicKey->setPublicKey(); + break; + default: + $this->publicKey = null; + } + + $this->currentKeyIdentifier = null; + $this->currentCert = $spkac; + + return $spkac; + } + + /** + * Save a SPKAC CSR request + * + * @param array $csr + * @param int $format optional + * @access public + * @return string + */ + function saveSPKAC($spkac, $format = self::FORMAT_PEM) + { + if (!is_array($spkac) || !isset($spkac['publicKeyAndChallenge'])) { + return false; + } + + $algorithm = $this->_subArray($spkac, 'publicKeyAndChallenge/spki/algorithm/algorithm'); + switch (true) { + case !$algorithm: + case is_object($spkac['publicKeyAndChallenge']['spki']['subjectPublicKey']): + break; + default: + switch ($algorithm) { + case 'rsaEncryption': + $spkac['publicKeyAndChallenge']['spki']['subjectPublicKey'] + = Base64::encode("\0" . Base64::decode(preg_replace('#-.+-|[\r\n]#', '', $spkac['publicKeyAndChallenge']['spki']['subjectPublicKey']))); + } + } + + $asn1 = new ASN1(); + + $asn1->loadOIDs($this->oids); + $spkac = $asn1->encodeDER($spkac, $this->SignedPublicKeyAndChallenge); + + switch ($format) { + case self::FORMAT_DER: + return $spkac; + // case self::FORMAT_PEM: + default: + // OpenSSL's implementation of SPKAC requires the SPKAC be preceeded by SPKAC= and since there are pretty much + // no other SPKAC decoders phpseclib will use that same format + return 'SPKAC=' . Base64::encode($spkac); + } + } + + /** + * Load a Certificate Revocation List + * + * @param string $crl + * @access public + * @return mixed + */ + function loadCRL($crl, $mode = self::FORMAT_AUTO_DETECT) + { + if (is_array($crl) && isset($crl['tbsCertList'])) { + $this->currentCert = $crl; + unset($this->signatureSubject); + return $crl; + } + + $asn1 = new ASN1(); + + if ($mode != self::FORMAT_DER) { + $newcrl = $this->_extractBER($crl); + if ($mode == self::FORMAT_PEM && $crl == $newcrl) { + return false; + } + $crl = $newcrl; + } + $orig = $crl; + + if ($crl === false) { + $this->currentCert = false; + return false; + } + + $asn1->loadOIDs($this->oids); + $decoded = $asn1->decodeBER($crl); + + if (empty($decoded)) { + $this->currentCert = false; + return false; + } + + $crl = $asn1->asn1map($decoded[0], $this->CertificateList); + if (!isset($crl) || $crl === false) { + $this->currentCert = false; + return false; + } + + $this->signatureSubject = substr($orig, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']); + + $this->_mapInDNs($crl, 'tbsCertList/issuer/rdnSequence', $asn1); + $this->_mapInExtensions($crl, 'tbsCertList/crlExtensions', $asn1); + $rclist = &$this->_subArray($crl, 'tbsCertList/revokedCertificates'); + if (is_array($rclist)) { + foreach ($rclist as $i => $extension) { + $this->_mapInExtensions($rclist, "$i/crlEntryExtensions", $asn1); + } + } + + $this->currentKeyIdentifier = null; + $this->currentCert = $crl; + + return $crl; + } + + /** + * Save Certificate Revocation List. + * + * @param array $crl + * @param int $format optional + * @access public + * @return string + */ + function saveCRL($crl, $format = self::FORMAT_PEM) + { + if (!is_array($crl) || !isset($crl['tbsCertList'])) { + return false; + } + + $asn1 = new ASN1(); + + $asn1->loadOIDs($this->oids); + + $filters = array(); + $filters['tbsCertList']['issuer']['rdnSequence']['value'] + = array('type' => ASN1::TYPE_UTF8_STRING); + $filters['tbsCertList']['signature']['parameters'] + = array('type' => ASN1::TYPE_UTF8_STRING); + $filters['signatureAlgorithm']['parameters'] + = array('type' => ASN1::TYPE_UTF8_STRING); + + if (empty($crl['tbsCertList']['signature']['parameters'])) { + $filters['tbsCertList']['signature']['parameters'] + = array('type' => ASN1::TYPE_NULL); + } + + if (empty($crl['signatureAlgorithm']['parameters'])) { + $filters['signatureAlgorithm']['parameters'] + = array('type' => ASN1::TYPE_NULL); + } + + $asn1->loadFilters($filters); + + $this->_mapOutDNs($crl, 'tbsCertList/issuer/rdnSequence', $asn1); + $this->_mapOutExtensions($crl, 'tbsCertList/crlExtensions', $asn1); + $rclist = &$this->_subArray($crl, 'tbsCertList/revokedCertificates'); + if (is_array($rclist)) { + foreach ($rclist as $i => $extension) { + $this->_mapOutExtensions($rclist, "$i/crlEntryExtensions", $asn1); + } + } + + $crl = $asn1->encodeDER($crl, $this->CertificateList); + + switch ($format) { + case self::FORMAT_DER: + return $crl; + // case self::FORMAT_PEM: + default: + return "-----BEGIN X509 CRL-----\r\n" . chunk_split(Base64::encode($crl), 64) . '-----END X509 CRL-----'; + } + } + + /** + * Helper function to build a time field according to RFC 3280 section + * - 4.1.2.5 Validity + * - 5.1.2.4 This Update + * - 5.1.2.5 Next Update + * - 5.1.2.6 Revoked Certificates + * by choosing utcTime iff year of date given is before 2050 and generalTime else. + * + * @param string $date in format date('D, d M Y H:i:s O') + * @access private + * @return array + */ + function _timeField($date) + { + $year = @gmdate("Y", @strtotime($date)); // the same way ASN1.php parses this + if ($year < 2050) { + return array('utcTime' => $date); + } else { + return array('generalTime' => $date); + } + } + + /** + * Sign an X.509 certificate + * + * $issuer's private key needs to be loaded. + * $subject can be either an existing X.509 cert (if you want to resign it), + * a CSR or something with the DN and public key explicitly set. + * + * @param \phpseclib\File\X509 $issuer + * @param \phpseclib\File\X509 $subject + * @param string $signatureAlgorithm optional + * @access public + * @return mixed + */ + function sign($issuer, $subject, $signatureAlgorithm = 'sha256WithRSAEncryption') + { + if (!is_object($issuer->privateKey) || empty($issuer->dn)) { + return false; + } + + if (isset($subject->publicKey) && !($subjectPublicKey = $subject->_formatSubjectPublicKey())) { + return false; + } + + $currentCert = isset($this->currentCert) ? $this->currentCert : null; + $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject: null; + + if (isset($subject->currentCert) && is_array($subject->currentCert) && isset($subject->currentCert['tbsCertificate'])) { + $this->currentCert = $subject->currentCert; + $this->currentCert['tbsCertificate']['signature']['algorithm'] = $signatureAlgorithm; + $this->currentCert['signatureAlgorithm']['algorithm'] = $signatureAlgorithm; + + if (!empty($this->startDate)) { + $this->currentCert['tbsCertificate']['validity']['notBefore'] = $this->_timeField($this->startDate); + } + if (!empty($this->endDate)) { + $this->currentCert['tbsCertificate']['validity']['notAfter'] = $this->_timeField($this->endDate); + } + if (!empty($this->serialNumber)) { + $this->currentCert['tbsCertificate']['serialNumber'] = $this->serialNumber; + } + if (!empty($subject->dn)) { + $this->currentCert['tbsCertificate']['subject'] = $subject->dn; + } + if (!empty($subject->publicKey)) { + $this->currentCert['tbsCertificate']['subjectPublicKeyInfo'] = $subjectPublicKey; + } + $this->removeExtension('id-ce-authorityKeyIdentifier'); + if (isset($subject->domains)) { + $this->removeExtension('id-ce-subjectAltName'); + } + } elseif (isset($subject->currentCert) && is_array($subject->currentCert) && isset($subject->currentCert['tbsCertList'])) { + return false; + } else { + if (!isset($subject->publicKey)) { + return false; + } + + $startDate = !empty($this->startDate) ? $this->startDate : @date('D, d M Y H:i:s O'); + $endDate = !empty($this->endDate) ? $this->endDate : @date('D, d M Y H:i:s O', strtotime('+1 year')); + /* "The serial number MUST be a positive integer" + "Conforming CAs MUST NOT use serialNumber values longer than 20 octets." + -- https://tools.ietf.org/html/rfc5280#section-4.1.2.2 + + for the integer to be positive the leading bit needs to be 0 hence the + application of a bitmap + */ + $serialNumber = !empty($this->serialNumber) ? + $this->serialNumber : + new BigInteger(Random::string(20) & ("\x7F" . str_repeat("\xFF", 19)), 256); + + $this->currentCert = array( + 'tbsCertificate' => + array( + 'version' => 'v3', + 'serialNumber' => $serialNumber, // $this->setserialNumber() + 'signature' => array('algorithm' => $signatureAlgorithm), + 'issuer' => false, // this is going to be overwritten later + 'validity' => array( + 'notBefore' => $this->_timeField($startDate), // $this->setStartDate() + 'notAfter' => $this->_timeField($endDate) // $this->setEndDate() + ), + 'subject' => $subject->dn, + 'subjectPublicKeyInfo' => $subjectPublicKey + ), + 'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm), + 'signature' => false // this is going to be overwritten later + ); + + // Copy extensions from CSR. + $csrexts = $subject->getAttribute('pkcs-9-at-extensionRequest', 0); + + if (!empty($csrexts)) { + $this->currentCert['tbsCertificate']['extensions'] = $csrexts; + } + } + + $this->currentCert['tbsCertificate']['issuer'] = $issuer->dn; + + if (isset($issuer->currentKeyIdentifier)) { + $this->setExtension('id-ce-authorityKeyIdentifier', array( + //'authorityCertIssuer' => array( + // array( + // 'directoryName' => $issuer->dn + // ) + //), + 'keyIdentifier' => $issuer->currentKeyIdentifier + )); + //$extensions = &$this->currentCert['tbsCertificate']['extensions']; + //if (isset($issuer->serialNumber)) { + // $extensions[count($extensions) - 1]['authorityCertSerialNumber'] = $issuer->serialNumber; + //} + //unset($extensions); + } + + if (isset($subject->currentKeyIdentifier)) { + $this->setExtension('id-ce-subjectKeyIdentifier', $subject->currentKeyIdentifier); + } + + $altName = array(); + + if (isset($subject->domains) && count($subject->domains) > 1) { + $altName = array_map(array('X509', '_dnsName'), $subject->domains); + } + + if (isset($subject->ipAddresses) && count($subject->ipAddresses)) { + // should an IP address appear as the CN if no domain name is specified? idk + //$ips = count($subject->domains) ? $subject->ipAddresses : array_slice($subject->ipAddresses, 1); + $ipAddresses = array(); + foreach ($subject->ipAddresses as $ipAddress) { + $encoded = $subject->_ipAddress($ipAddress); + if ($encoded !== false) { + $ipAddresses[] = $encoded; + } + } + if (count($ipAddresses)) { + $altName = array_merge($altName, $ipAddresses); + } + } + + if (!empty($altName)) { + $this->setExtension('id-ce-subjectAltName', $altName); + } + + if ($this->caFlag) { + $keyUsage = $this->getExtension('id-ce-keyUsage'); + if (!$keyUsage) { + $keyUsage = array(); + } + + $this->setExtension( + 'id-ce-keyUsage', + array_values(array_unique(array_merge($keyUsage, array('cRLSign', 'keyCertSign')))) + ); + + $basicConstraints = $this->getExtension('id-ce-basicConstraints'); + if (!$basicConstraints) { + $basicConstraints = array(); + } + + $this->setExtension( + 'id-ce-basicConstraints', + array_unique(array_merge(array('cA' => true), $basicConstraints)), + true + ); + + if (!isset($subject->currentKeyIdentifier)) { + $this->setExtension('id-ce-subjectKeyIdentifier', Base64::encode($this->computeKeyIdentifier($this->currentCert)), false, false); + } + } + + // resync $this->signatureSubject + // save $tbsCertificate in case there are any \phpseclib\File\ASN1\Element objects in it + $tbsCertificate = $this->currentCert['tbsCertificate']; + $this->loadX509($this->saveX509($this->currentCert)); + + $result = $this->_sign($issuer->privateKey, $signatureAlgorithm); + $result['tbsCertificate'] = $tbsCertificate; + + $this->currentCert = $currentCert; + $this->signatureSubject = $signatureSubject; + + return $result; + } + + /** + * Sign a CSR + * + * @access public + * @return mixed + */ + function signCSR($signatureAlgorithm = 'sha1WithRSAEncryption') + { + if (!is_object($this->privateKey) || empty($this->dn)) { + return false; + } + + $origPublicKey = $this->publicKey; + $class = get_class($this->privateKey); + $this->publicKey = new $class(); + $this->publicKey->load($this->privateKey->getPublicKey()); + $this->publicKey->setPublicKey(); + if (!($publicKey = $this->_formatSubjectPublicKey())) { + return false; + } + $this->publicKey = $origPublicKey; + + $currentCert = isset($this->currentCert) ? $this->currentCert : null; + $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject: null; + + if (isset($this->currentCert) && is_array($this->currentCert) && isset($this->currentCert['certificationRequestInfo'])) { + $this->currentCert['signatureAlgorithm']['algorithm'] = $signatureAlgorithm; + if (!empty($this->dn)) { + $this->currentCert['certificationRequestInfo']['subject'] = $this->dn; + } + $this->currentCert['certificationRequestInfo']['subjectPKInfo'] = $publicKey; + } else { + $this->currentCert = array( + 'certificationRequestInfo' => + array( + 'version' => 'v1', + 'subject' => $this->dn, + 'subjectPKInfo' => $publicKey + ), + 'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm), + 'signature' => false // this is going to be overwritten later + ); + } + + // resync $this->signatureSubject + // save $certificationRequestInfo in case there are any \phpseclib\File\ASN1\Element objects in it + $certificationRequestInfo = $this->currentCert['certificationRequestInfo']; + $this->loadCSR($this->saveCSR($this->currentCert)); + + $result = $this->_sign($this->privateKey, $signatureAlgorithm); + $result['certificationRequestInfo'] = $certificationRequestInfo; + + $this->currentCert = $currentCert; + $this->signatureSubject = $signatureSubject; + + return $result; + } + + /** + * Sign a SPKAC + * + * @access public + * @return mixed + */ + function signSPKAC($signatureAlgorithm = 'sha1WithRSAEncryption') + { + if (!is_object($this->privateKey)) { + return false; + } + + $origPublicKey = $this->publicKey; + $class = get_class($this->privateKey); + $this->publicKey = new $class(); + $this->publicKey->load($this->privateKey->getPublicKey()); + $this->publicKey->setPublicKey(); + $publicKey = $this->_formatSubjectPublicKey(); + if (!$publicKey) { + return false; + } + $this->publicKey = $origPublicKey; + + $currentCert = isset($this->currentCert) ? $this->currentCert : null; + $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject: null; + + // re-signing a SPKAC seems silly but since everything else supports re-signing why not? + if (isset($this->currentCert) && is_array($this->currentCert) && isset($this->currentCert['publicKeyAndChallenge'])) { + $this->currentCert['signatureAlgorithm']['algorithm'] = $signatureAlgorithm; + $this->currentCert['publicKeyAndChallenge']['spki'] = $publicKey; + if (!empty($this->challenge)) { + // the bitwise AND ensures that the output is a valid IA5String + $this->currentCert['publicKeyAndChallenge']['challenge'] = $this->challenge & str_repeat("\x7F", strlen($this->challenge)); + } + } else { + $this->currentCert = array( + 'publicKeyAndChallenge' => + array( + 'spki' => $publicKey, + // quoting , + // "A challenge string that is submitted along with the public key. Defaults to an empty string if not specified." + // both Firefox and OpenSSL ("openssl spkac -key private.key") behave this way + // we could alternatively do this instead if we ignored the specs: + // Random::string(8) & str_repeat("\x7F", 8) + 'challenge' => !empty($this->challenge) ? $this->challenge : '' + ), + 'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm), + 'signature' => false // this is going to be overwritten later + ); + } + + // resync $this->signatureSubject + // save $publicKeyAndChallenge in case there are any \phpseclib\File\ASN1\Element objects in it + $publicKeyAndChallenge = $this->currentCert['publicKeyAndChallenge']; + $this->loadSPKAC($this->saveSPKAC($this->currentCert)); + + $result = $this->_sign($this->privateKey, $signatureAlgorithm); + $result['publicKeyAndChallenge'] = $publicKeyAndChallenge; + + $this->currentCert = $currentCert; + $this->signatureSubject = $signatureSubject; + + return $result; + } + + /** + * Sign a CRL + * + * $issuer's private key needs to be loaded. + * + * @param \phpseclib\File\X509 $issuer + * @param \phpseclib\File\X509 $crl + * @param string $signatureAlgorithm optional + * @access public + * @return mixed + */ + function signCRL($issuer, $crl, $signatureAlgorithm = 'sha1WithRSAEncryption') + { + if (!is_object($issuer->privateKey) || empty($issuer->dn)) { + return false; + } + + $currentCert = isset($this->currentCert) ? $this->currentCert : null; + $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject : null; + $thisUpdate = !empty($this->startDate) ? $this->startDate : @date('D, d M Y H:i:s O'); + + if (isset($crl->currentCert) && is_array($crl->currentCert) && isset($crl->currentCert['tbsCertList'])) { + $this->currentCert = $crl->currentCert; + $this->currentCert['tbsCertList']['signature']['algorithm'] = $signatureAlgorithm; + $this->currentCert['signatureAlgorithm']['algorithm'] = $signatureAlgorithm; + } else { + $this->currentCert = array( + 'tbsCertList' => + array( + 'version' => 'v2', + 'signature' => array('algorithm' => $signatureAlgorithm), + 'issuer' => false, // this is going to be overwritten later + 'thisUpdate' => $this->_timeField($thisUpdate) // $this->setStartDate() + ), + 'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm), + 'signature' => false // this is going to be overwritten later + ); + } + + $tbsCertList = &$this->currentCert['tbsCertList']; + $tbsCertList['issuer'] = $issuer->dn; + $tbsCertList['thisUpdate'] = $this->_timeField($thisUpdate); + + if (!empty($this->endDate)) { + $tbsCertList['nextUpdate'] = $this->_timeField($this->endDate); // $this->setEndDate() + } else { + unset($tbsCertList['nextUpdate']); + } + + if (!empty($this->serialNumber)) { + $crlNumber = $this->serialNumber; + } else { + $crlNumber = $this->getExtension('id-ce-cRLNumber'); + // "The CRL number is a non-critical CRL extension that conveys a + // monotonically increasing sequence number for a given CRL scope and + // CRL issuer. This extension allows users to easily determine when a + // particular CRL supersedes another CRL." + // -- https://tools.ietf.org/html/rfc5280#section-5.2.3 + $crlNumber = $crlNumber !== false ? $crlNumber->add(new BigInteger(1)) : null; + } + + $this->removeExtension('id-ce-authorityKeyIdentifier'); + $this->removeExtension('id-ce-issuerAltName'); + + // Be sure version >= v2 if some extension found. + $version = isset($tbsCertList['version']) ? $tbsCertList['version'] : 0; + if (!$version) { + if (!empty($tbsCertList['crlExtensions'])) { + $version = 1; // v2. + } elseif (!empty($tbsCertList['revokedCertificates'])) { + foreach ($tbsCertList['revokedCertificates'] as $cert) { + if (!empty($cert['crlEntryExtensions'])) { + $version = 1; // v2. + } + } + } + + if ($version) { + $tbsCertList['version'] = $version; + } + } + + // Store additional extensions. + if (!empty($tbsCertList['version'])) { // At least v2. + if (!empty($crlNumber)) { + $this->setExtension('id-ce-cRLNumber', $crlNumber); + } + + if (isset($issuer->currentKeyIdentifier)) { + $this->setExtension('id-ce-authorityKeyIdentifier', array( + //'authorityCertIssuer' => array( + // array( + // 'directoryName' => $issuer->dn + // ) + //), + 'keyIdentifier' => $issuer->currentKeyIdentifier + )); + //$extensions = &$tbsCertList['crlExtensions']; + //if (isset($issuer->serialNumber)) { + // $extensions[count($extensions) - 1]['authorityCertSerialNumber'] = $issuer->serialNumber; + //} + //unset($extensions); + } + + $issuerAltName = $this->getExtension('id-ce-subjectAltName', $issuer->currentCert); + + if ($issuerAltName !== false) { + $this->setExtension('id-ce-issuerAltName', $issuerAltName); + } + } + + if (empty($tbsCertList['revokedCertificates'])) { + unset($tbsCertList['revokedCertificates']); + } + + unset($tbsCertList); + + // resync $this->signatureSubject + // save $tbsCertList in case there are any \phpseclib\File\ASN1\Element objects in it + $tbsCertList = $this->currentCert['tbsCertList']; + $this->loadCRL($this->saveCRL($this->currentCert)); + + $result = $this->_sign($issuer->privateKey, $signatureAlgorithm); + $result['tbsCertList'] = $tbsCertList; + + $this->currentCert = $currentCert; + $this->signatureSubject = $signatureSubject; + + return $result; + } + + /** + * X.509 certificate signing helper function. + * + * @param object $key + * @param \phpseclib\File\X509 $subject + * @param string $signatureAlgorithm + * @access public + * @throws \phpseclib\Exception\UnsupportedAlgorithmException if the algorithm is unsupported + * @return mixed + */ + function _sign($key, $signatureAlgorithm) + { + if ($key instanceof RSA) { + switch ($signatureAlgorithm) { + case 'md2WithRSAEncryption': + case 'md5WithRSAEncryption': + case 'sha1WithRSAEncryption': + case 'sha224WithRSAEncryption': + case 'sha256WithRSAEncryption': + case 'sha384WithRSAEncryption': + case 'sha512WithRSAEncryption': + $key->setHash(preg_replace('#WithRSAEncryption$#', '', $signatureAlgorithm)); + + $this->currentCert['signature'] = Base64::encode("\0" . $key->sign($this->signatureSubject, RSA::PADDING_PKCS1)); + return $this->currentCert; + default: + throw new UnsupportedAlgorithmException('Signature algorithm unsupported'); + } + } + + throw new UnsupportedAlgorithmException('Unsupported public key algorithm'); + } + + /** + * Set certificate start date + * + * @param string $date + * @access public + */ + function setStartDate($date) + { + $this->startDate = @date('D, d M Y H:i:s O', @strtotime($date)); + } + + /** + * Set certificate end date + * + * @param string $date + * @access public + */ + function setEndDate($date) + { + /* + To indicate that a certificate has no well-defined expiration date, + the notAfter SHOULD be assigned the GeneralizedTime value of + 99991231235959Z. + + -- http://tools.ietf.org/html/rfc5280#section-4.1.2.5 + */ + if (strtolower($date) == 'lifetime') { + $temp = '99991231235959Z'; + $asn1 = new ASN1(); + $temp = chr(ASN1::TYPE_GENERALIZED_TIME) . $asn1->_encodeLength(strlen($temp)) . $temp; + $this->endDate = new Element($temp); + } else { + $this->endDate = @date('D, d M Y H:i:s O', @strtotime($date)); + } + } + + /** + * Set Serial Number + * + * @param string $serial + * @param $base optional + * @access public + */ + function setSerialNumber($serial, $base = -256) + { + $this->serialNumber = new BigInteger($serial, $base); + } + + /** + * Turns the certificate into a certificate authority + * + * @access public + */ + function makeCA() + { + $this->caFlag = true; + } + + /** + * Get a reference to a subarray + * + * @param array $root + * @param string $path absolute path with / as component separator + * @param bool $create optional + * @access private + * @return array|false + */ + function &_subArray(&$root, $path, $create = false) + { + $false = false; + + if (!is_array($root)) { + return $false; + } + + foreach (explode('/', $path) as $i) { + if (!is_array($root)) { + return $false; + } + + if (!isset($root[$i])) { + if (!$create) { + return $false; + } + + $root[$i] = array(); + } + + $root = &$root[$i]; + } + + return $root; + } + + /** + * Get a reference to an extension subarray + * + * @param array $root + * @param string $path optional absolute path with / as component separator + * @param bool $create optional + * @access private + * @return array|false + */ + function &_extensions(&$root, $path = null, $create = false) + { + if (!isset($root)) { + $root = $this->currentCert; + } + + switch (true) { + case !empty($path): + case !is_array($root): + break; + case isset($root['tbsCertificate']): + $path = 'tbsCertificate/extensions'; + break; + case isset($root['tbsCertList']): + $path = 'tbsCertList/crlExtensions'; + break; + case isset($root['certificationRequestInfo']): + $pth = 'certificationRequestInfo/attributes'; + $attributes = &$this->_subArray($root, $pth, $create); + + if (is_array($attributes)) { + foreach ($attributes as $key => $value) { + if ($value['type'] == 'pkcs-9-at-extensionRequest') { + $path = "$pth/$key/value/0"; + break 2; + } + } + if ($create) { + $key = count($attributes); + $attributes[] = array('type' => 'pkcs-9-at-extensionRequest', 'value' => array()); + $path = "$pth/$key/value/0"; + } + } + break; + } + + $extensions = &$this->_subArray($root, $path, $create); + + if (!is_array($extensions)) { + $false = false; + return $false; + } + + return $extensions; + } + + /** + * Remove an Extension + * + * @param string $id + * @param string $path optional + * @access private + * @return bool + */ + function _removeExtension($id, $path = null) + { + $extensions = &$this->_extensions($this->currentCert, $path); + + if (!is_array($extensions)) { + return false; + } + + $result = false; + foreach ($extensions as $key => $value) { + if ($value['extnId'] == $id) { + unset($extensions[$key]); + $result = true; + } + } + + $extensions = array_values($extensions); + return $result; + } + + /** + * Get an Extension + * + * Returns the extension if it exists and false if not + * + * @param string $id + * @param array $cert optional + * @param string $path optional + * @access private + * @return mixed + */ + function _getExtension($id, $cert = null, $path = null) + { + $extensions = $this->_extensions($cert, $path); + + if (!is_array($extensions)) { + return false; + } + + foreach ($extensions as $key => $value) { + if ($value['extnId'] == $id) { + return $value['extnValue']; + } + } + + return false; + } + + /** + * Returns a list of all extensions in use + * + * @param array $cert optional + * @param string $path optional + * @access private + * @return array + */ + function _getExtensions($cert = null, $path = null) + { + $exts = $this->_extensions($cert, $path); + $extensions = array(); + + if (is_array($exts)) { + foreach ($exts as $extension) { + $extensions[] = $extension['extnId']; + } + } + + return $extensions; + } + + /** + * Set an Extension + * + * @param string $id + * @param mixed $value + * @param bool $critical optional + * @param bool $replace optional + * @param string $path optional + * @access private + * @return bool + */ + function _setExtension($id, $value, $critical = false, $replace = true, $path = null) + { + $extensions = &$this->_extensions($this->currentCert, $path, true); + + if (!is_array($extensions)) { + return false; + } + + $newext = array('extnId' => $id, 'critical' => $critical, 'extnValue' => $value); + + foreach ($extensions as $key => $value) { + if ($value['extnId'] == $id) { + if (!$replace) { + return false; + } + + $extensions[$key] = $newext; + return true; + } + } + + $extensions[] = $newext; + return true; + } + + /** + * Remove a certificate, CSR or CRL Extension + * + * @param string $id + * @access public + * @return bool + */ + function removeExtension($id) + { + return $this->_removeExtension($id); + } + + /** + * Get a certificate, CSR or CRL Extension + * + * Returns the extension if it exists and false if not + * + * @param string $id + * @param array $cert optional + * @access public + * @return mixed + */ + function getExtension($id, $cert = null) + { + return $this->_getExtension($id, $cert); + } + + /** + * Returns a list of all extensions in use in certificate, CSR or CRL + * + * @param array $cert optional + * @access public + * @return array + */ + function getExtensions($cert = null) + { + return $this->_getExtensions($cert); + } + + /** + * Set a certificate, CSR or CRL Extension + * + * @param string $id + * @param mixed $value + * @param bool $critical optional + * @param bool $replace optional + * @access public + * @return bool + */ + function setExtension($id, $value, $critical = false, $replace = true) + { + return $this->_setExtension($id, $value, $critical, $replace); + } + + /** + * Remove a CSR attribute. + * + * @param string $id + * @param int $disposition optional + * @access public + * @return bool + */ + function removeAttribute($id, $disposition = self::ATTR_ALL) + { + $attributes = &$this->_subArray($this->currentCert, 'certificationRequestInfo/attributes'); + + if (!is_array($attributes)) { + return false; + } + + $result = false; + foreach ($attributes as $key => $attribute) { + if ($attribute['type'] == $id) { + $n = count($attribute['value']); + switch (true) { + case $disposition == self::ATTR_APPEND: + case $disposition == self::ATTR_REPLACE: + return false; + case $disposition >= $n: + $disposition -= $n; + break; + case $disposition == self::ATTR_ALL: + case $n == 1: + unset($attributes[$key]); + $result = true; + break; + default: + unset($attributes[$key]['value'][$disposition]); + $attributes[$key]['value'] = array_values($attributes[$key]['value']); + $result = true; + break; + } + if ($result && $disposition != self::ATTR_ALL) { + break; + } + } + } + + $attributes = array_values($attributes); + return $result; + } + + /** + * Get a CSR attribute + * + * Returns the attribute if it exists and false if not + * + * @param string $id + * @param int $disposition optional + * @param array $csr optional + * @access public + * @return mixed + */ + function getAttribute($id, $disposition = self::ATTR_ALL, $csr = null) + { + if (empty($csr)) { + $csr = $this->currentCert; + } + + $attributes = $this->_subArray($csr, 'certificationRequestInfo/attributes'); + + if (!is_array($attributes)) { + return false; + } + + foreach ($attributes as $key => $attribute) { + if ($attribute['type'] == $id) { + $n = count($attribute['value']); + switch (true) { + case $disposition == self::ATTR_APPEND: + case $disposition == self::ATTR_REPLACE: + return false; + case $disposition == self::ATTR_ALL: + return $attribute['value']; + case $disposition >= $n: + $disposition -= $n; + break; + default: + return $attribute['value'][$disposition]; + } + } + } + + return false; + } + + /** + * Returns a list of all CSR attributes in use + * + * @param array $csr optional + * @access public + * @return array + */ + function getAttributes($csr = null) + { + if (empty($csr)) { + $csr = $this->currentCert; + } + + $attributes = $this->_subArray($csr, 'certificationRequestInfo/attributes'); + $attrs = array(); + + if (is_array($attributes)) { + foreach ($attributes as $attribute) { + $attrs[] = $attribute['type']; + } + } + + return $attrs; + } + + /** + * Set a CSR attribute + * + * @param string $id + * @param mixed $value + * @param bool $disposition optional + * @access public + * @return bool + */ + function setAttribute($id, $value, $disposition = self::ATTR_ALL) + { + $attributes = &$this->_subArray($this->currentCert, 'certificationRequestInfo/attributes', true); + + if (!is_array($attributes)) { + return false; + } + + switch ($disposition) { + case self::ATTR_REPLACE: + $disposition = self::ATTR_APPEND; + case self::ATTR_ALL: + $this->removeAttribute($id); + break; + } + + foreach ($attributes as $key => $attribute) { + if ($attribute['type'] == $id) { + $n = count($attribute['value']); + switch (true) { + case $disposition == self::ATTR_APPEND: + $last = $key; + break; + case $disposition >= $n: + $disposition -= $n; + break; + default: + $attributes[$key]['value'][$disposition] = $value; + return true; + } + } + } + + switch (true) { + case $disposition >= 0: + return false; + case isset($last): + $attributes[$last]['value'][] = $value; + break; + default: + $attributes[] = array('type' => $id, 'value' => $disposition == self::ATTR_ALL ? $value: array($value)); + break; + } + + return true; + } + + /** + * Sets the subject key identifier + * + * This is used by the id-ce-authorityKeyIdentifier and the id-ce-subjectKeyIdentifier extensions. + * + * @param string $value + * @access public + */ + function setKeyIdentifier($value) + { + if (empty($value)) { + unset($this->currentKeyIdentifier); + } else { + $this->currentKeyIdentifier = Base64::encode($value); + } + } + + /** + * Compute a public key identifier. + * + * Although key identifiers may be set to any unique value, this function + * computes key identifiers from public key according to the two + * recommended methods (4.2.1.2 RFC 3280). + * Highly polymorphic: try to accept all possible forms of key: + * - Key object + * - \phpseclib\File\X509 object with public or private key defined + * - Certificate or CSR array + * - \phpseclib\File\ASN1\Element object + * - PEM or DER string + * + * @param mixed $key optional + * @param int $method optional + * @access public + * @return string binary key identifier + */ + function computeKeyIdentifier($key = null, $method = 1) + { + if (is_null($key)) { + $key = $this; + } + + switch (true) { + case is_string($key): + break; + case is_array($key) && isset($key['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']): + return $this->computeKeyIdentifier($key['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'], $method); + case is_array($key) && isset($key['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey']): + return $this->computeKeyIdentifier($key['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'], $method); + case !is_object($key): + return false; + case $key instanceof Element: + // Assume the element is a bitstring-packed key. + $asn1 = new ASN1(); + $decoded = $asn1->decodeBER($key->element); + if (empty($decoded)) { + return false; + } + $raw = $asn1->asn1map($decoded[0], array('type' => ASN1::TYPE_BIT_STRING)); + if (empty($raw)) { + return false; + } + $raw = Base64::decode($raw); + // If the key is private, compute identifier from its corresponding public key. + $key = new RSA(); + if (!$key->load($raw)) { + return false; // Not an unencrypted RSA key. + } + if ($key->getPrivateKey() !== false) { // If private. + return $this->computeKeyIdentifier($key, $method); + } + $key = $raw; // Is a public key. + break; + case $key instanceof X509: + if (isset($key->publicKey)) { + return $this->computeKeyIdentifier($key->publicKey, $method); + } + if (isset($key->privateKey)) { + return $this->computeKeyIdentifier($key->privateKey, $method); + } + if (isset($key->currentCert['tbsCertificate']) || isset($key->currentCert['certificationRequestInfo'])) { + return $this->computeKeyIdentifier($key->currentCert, $method); + } + return false; + default: // Should be a key object (i.e.: \phpseclib\Crypt\RSA). + $key = $key->getPublicKey('PKCS1'); + break; + } + + // If in PEM format, convert to binary. + $key = $this->_extractBER($key); + + // Now we have the key string: compute its sha-1 sum. + $hash = new Hash('sha1'); + $hash = $hash->hash($key); + + if ($method == 2) { + $hash = substr($hash, -8); + $hash[0] = chr((ord($hash[0]) & 0x0F) | 0x40); + } + + return $hash; + } + + /** + * Format a public key as appropriate + * + * @access private + * @return array + */ + function _formatSubjectPublicKey() + { + if ($this->publicKey instanceof RSA) { + // the following two return statements do the same thing. i dunno.. i just prefer the later for some reason. + // the former is a good example of how to do fuzzing on the public key + //return new Element(Base64::decode(preg_replace('#-.+-|[\r\n]#', '', $this->publicKey->getPublicKey()))); + return array( + 'algorithm' => array('algorithm' => 'rsaEncryption'), + 'subjectPublicKey' => $this->publicKey->getPublicKey('PKCS1') + ); + } + + return false; + } + + /** + * Set the domain name's which the cert is to be valid for + * + * @access public + * @return array + */ + function setDomain() + { + $this->domains = func_get_args(); + $this->removeDNProp('id-at-commonName'); + $this->setDNProp('id-at-commonName', $this->domains[0]); + } + + /** + * Set the IP Addresses's which the cert is to be valid for + * + * @access public + * @param string $ipAddress optional + */ + function setIPAddress() + { + $this->ipAddresses = func_get_args(); + /* + if (!isset($this->domains)) { + $this->removeDNProp('id-at-commonName'); + $this->setDNProp('id-at-commonName', $this->ipAddresses[0]); + } + */ + } + + /** + * Helper function to build domain array + * + * @access private + * @param string $domain + * @return array + */ + function _dnsName($domain) + { + return array('dNSName' => $domain); + } + + /** + * Helper function to build IP Address array + * + * (IPv6 is not currently supported) + * + * @access private + * @param string $address + * @return array + */ + function _iPAddress($address) + { + return array('iPAddress' => $address); + } + + /** + * Get the index of a revoked certificate. + * + * @param array $rclist + * @param string $serial + * @param bool $create optional + * @access private + * @return int|false + */ + function _revokedCertificate(&$rclist, $serial, $create = false) + { + $serial = new BigInteger($serial); + + foreach ($rclist as $i => $rc) { + if (!($serial->compare($rc['userCertificate']))) { + return $i; + } + } + + if (!$create) { + return false; + } + + $i = count($rclist); + $rclist[] = array('userCertificate' => $serial, + 'revocationDate' => $this->_timeField(@date('D, d M Y H:i:s O'))); + return $i; + } + + /** + * Revoke a certificate. + * + * @param string $serial + * @param string $date optional + * @access public + * @return bool + */ + function revoke($serial, $date = null) + { + if (isset($this->currentCert['tbsCertList'])) { + if (is_array($rclist = &$this->_subArray($this->currentCert, 'tbsCertList/revokedCertificates', true))) { + if ($this->_revokedCertificate($rclist, $serial) === false) { // If not yet revoked + if (($i = $this->_revokedCertificate($rclist, $serial, true)) !== false) { + if (!empty($date)) { + $rclist[$i]['revocationDate'] = $this->_timeField($date); + } + + return true; + } + } + } + } + + return false; + } + + /** + * Unrevoke a certificate. + * + * @param string $serial + * @access public + * @return bool + */ + function unrevoke($serial) + { + if (is_array($rclist = &$this->_subArray($this->currentCert, 'tbsCertList/revokedCertificates'))) { + if (($i = $this->_revokedCertificate($rclist, $serial)) !== false) { + unset($rclist[$i]); + $rclist = array_values($rclist); + return true; + } + } + + return false; + } + + /** + * Get a revoked certificate. + * + * @param string $serial + * @access public + * @return mixed + */ + function getRevoked($serial) + { + if (is_array($rclist = $this->_subArray($this->currentCert, 'tbsCertList/revokedCertificates'))) { + if (($i = $this->_revokedCertificate($rclist, $serial)) !== false) { + return $rclist[$i]; + } + } + + return false; + } + + /** + * List revoked certificates + * + * @param array $crl optional + * @access public + * @return array + */ + function listRevoked($crl = null) + { + if (!isset($crl)) { + $crl = $this->currentCert; + } + + if (!isset($crl['tbsCertList'])) { + return false; + } + + $result = array(); + + if (is_array($rclist = $this->_subArray($crl, 'tbsCertList/revokedCertificates'))) { + foreach ($rclist as $rc) { + $result[] = $rc['userCertificate']->toString(); + } + } + + return $result; + } + + /** + * Remove a Revoked Certificate Extension + * + * @param string $serial + * @param string $id + * @access public + * @return bool + */ + function removeRevokedCertificateExtension($serial, $id) + { + if (is_array($rclist = &$this->_subArray($this->currentCert, 'tbsCertList/revokedCertificates'))) { + if (($i = $this->_revokedCertificate($rclist, $serial)) !== false) { + return $this->_removeExtension($id, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); + } + } + + return false; + } + + /** + * Get a Revoked Certificate Extension + * + * Returns the extension if it exists and false if not + * + * @param string $serial + * @param string $id + * @param array $crl optional + * @access public + * @return mixed + */ + function getRevokedCertificateExtension($serial, $id, $crl = null) + { + if (!isset($crl)) { + $crl = $this->currentCert; + } + + if (is_array($rclist = $this->_subArray($crl, 'tbsCertList/revokedCertificates'))) { + if (($i = $this->_revokedCertificate($rclist, $serial)) !== false) { + return $this->_getExtension($id, $crl, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); + } + } + + return false; + } + + /** + * Returns a list of all extensions in use for a given revoked certificate + * + * @param string $serial + * @param array $crl optional + * @access public + * @return array + */ + function getRevokedCertificateExtensions($serial, $crl = null) + { + if (!isset($crl)) { + $crl = $this->currentCert; + } + + if (is_array($rclist = $this->_subArray($crl, 'tbsCertList/revokedCertificates'))) { + if (($i = $this->_revokedCertificate($rclist, $serial)) !== false) { + return $this->_getExtensions($crl, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); + } + } + + return false; + } + + /** + * Set a Revoked Certificate Extension + * + * @param string $serial + * @param string $id + * @param mixed $value + * @param bool $critical optional + * @param bool $replace optional + * @access public + * @return bool + */ + function setRevokedCertificateExtension($serial, $id, $value, $critical = false, $replace = true) + { + if (isset($this->currentCert['tbsCertList'])) { + if (is_array($rclist = &$this->_subArray($this->currentCert, 'tbsCertList/revokedCertificates', true))) { + if (($i = $this->_revokedCertificate($rclist, $serial, true)) !== false) { + return $this->_setExtension($id, $value, $critical, $replace, "tbsCertList/revokedCertificates/$i/crlEntryExtensions"); + } + } + } + + return false; + } + + /** + * Extract raw BER from Base64 encoding + * + * @access private + * @param string $str + * @return string + */ + function _extractBER($str) + { + /* X.509 certs are assumed to be base64 encoded but sometimes they'll have additional things in them + * above and beyond the ceritificate. + * ie. some may have the following preceding the -----BEGIN CERTIFICATE----- line: + * + * Bag Attributes + * localKeyID: 01 00 00 00 + * subject=/O=organization/OU=org unit/CN=common name + * issuer=/O=organization/CN=common name + */ + $temp = preg_replace('#.*?^-+[^-]+-+[\r\n ]*$#ms', '', $str, 1); + // remove the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- stuff + $temp = preg_replace('#-+[^-]+-+#', '', $temp); + // remove new lines + $temp = str_replace(array("\r", "\n", ' '), '', $temp); + $temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? Base64::decode($temp) : false; + return $temp != false ? $temp : $str; + } + + /** + * Returns the OID corresponding to a name + * + * What's returned in the associative array returned by loadX509() (or load*()) is either a name or an OID if + * no OID to name mapping is available. The problem with this is that what may be an unmapped OID in one version + * of phpseclib may not be unmapped in the next version, so apps that are looking at this OID may not be able + * to work from version to version. + * + * This method will return the OID if a name is passed to it and if no mapping is avialable it'll assume that + * what's being passed to it already is an OID and return that instead. A few examples. + * + * getOID('2.16.840.1.101.3.4.2.1') == '2.16.840.1.101.3.4.2.1' + * getOID('id-sha256') == '2.16.840.1.101.3.4.2.1' + * getOID('zzz') == 'zzz' + * + * @access public + * @return string + */ + function getOID($name) + { + static $reverseMap; + if (!isset($reverseMap)) { + $reverseMap = array_flip($this->oids); + } + return isset($reverseMap[$name]) ? $reverseMap[$name] : $name; + } +} diff --git a/plugins/OStatus/extlib/phpseclib/Math/BigInteger.php b/plugins/OStatus/extlib/phpseclib/Math/BigInteger.php index e40433de5b..66fb48e426 100644 --- a/plugins/OStatus/extlib/phpseclib/Math/BigInteger.php +++ b/plugins/OStatus/extlib/phpseclib/Math/BigInteger.php @@ -1,5 +1,4 @@ value = array(0, 1) + * (new \phpseclib\Math\BigInteger(pow(2, 26)))->value = array(0, 1) * * Useful resources are as follows: * @@ -36,10 +31,8 @@ * Here's an example of how to use this library: * * add($b); * @@ -47,143 +40,155 @@ * ?> * * - * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy - * of this software and associated documentation files (the "Software"), to deal - * in the Software without restriction, including without limitation the rights - * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - * copies of the Software, and to permit persons to whom the Software is - * furnished to do so, subject to the following conditions: - * - * The above copyright notice and this permission notice shall be included in - * all copies or substantial portions of the Software. - * - * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN - * THE SOFTWARE. - * - * @category Math - * @package Math_BigInteger - * @author Jim Wigginton - * @copyright MMVI Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger + * @category Math + * @package BigInteger + * @author Jim Wigginton + * @copyright 2006 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger */ -/**#@+ - * Reduction constants - * - * @access private - * @see Math_BigInteger::_reduce() - */ -/** - * @see Math_BigInteger::_montgomery() - * @see Math_BigInteger::_prepMontgomery() - */ -define('MATH_BIGINTEGER_MONTGOMERY', 0); -/** - * @see Math_BigInteger::_barrett() - */ -define('MATH_BIGINTEGER_BARRETT', 1); -/** - * @see Math_BigInteger::_mod2() - */ -define('MATH_BIGINTEGER_POWEROF2', 2); -/** - * @see Math_BigInteger::_remainder() - */ -define('MATH_BIGINTEGER_CLASSIC', 3); -/** - * @see Math_BigInteger::__clone() - */ -define('MATH_BIGINTEGER_NONE', 4); -/**#@-*/ +namespace phpseclib\Math; -/**#@+ - * Array constants - * - * Rather than create a thousands and thousands of new Math_BigInteger objects in repeated function calls to add() and - * multiply() or whatever, we'll just work directly on arrays, taking them in as parameters and returning them. - * - * @access private - */ -/** - * $result[MATH_BIGINTEGER_VALUE] contains the value. - */ -define('MATH_BIGINTEGER_VALUE', 0); -/** - * $result[MATH_BIGINTEGER_SIGN] contains the sign. - */ -define('MATH_BIGINTEGER_SIGN', 1); -/**#@-*/ - -/**#@+ - * @access private - * @see Math_BigInteger::_montgomery() - * @see Math_BigInteger::_barrett() - */ -/** - * Cache constants - * - * $cache[MATH_BIGINTEGER_VARIABLE] tells us whether or not the cached data is still valid. - */ -define('MATH_BIGINTEGER_VARIABLE', 0); -/** - * $cache[MATH_BIGINTEGER_DATA] contains the cached data. - */ -define('MATH_BIGINTEGER_DATA', 1); -/**#@-*/ - -/**#@+ - * Mode constants. - * - * @access private - * @see Math_BigInteger::Math_BigInteger() - */ -/** - * To use the pure-PHP implementation - */ -define('MATH_BIGINTEGER_MODE_INTERNAL', 1); -/** - * To use the BCMath library - * - * (if enabled; otherwise, the internal implementation will be used) - */ -define('MATH_BIGINTEGER_MODE_BCMATH', 2); -/** - * To use the GMP library - * - * (if present; otherwise, either the BCMath or the internal implementation will be used) - */ -define('MATH_BIGINTEGER_MODE_GMP', 3); -/**#@-*/ - -/** - * Karatsuba Cutoff - * - * At what point do we switch between Karatsuba multiplication and schoolbook long multiplication? - * - * @access private - */ -define('MATH_BIGINTEGER_KARATSUBA_CUTOFF', 25); +use ParagonIE\ConstantTime\Base64; +use ParagonIE\ConstantTime\Hex; +use phpseclib\Crypt\Random; /** * Pure-PHP arbitrary precision integer arithmetic library. Supports base-2, base-10, base-16, and base-256 * numbers. * + * @package BigInteger * @author Jim Wigginton - * @version 1.0.0RC4 * @access public - * @package Math_BigInteger */ -class Math_BigInteger { +class BigInteger +{ + /**#@+ + * Reduction constants + * + * @access private + * @see BigInteger::_reduce() + */ + /** + * @see BigInteger::_montgomery() + * @see BigInteger::_prepMontgomery() + */ + const MONTGOMERY = 0; + /** + * @see BigInteger::_barrett() + */ + const BARRETT = 1; + /** + * @see BigInteger::_mod2() + */ + const POWEROF2 = 2; + /** + * @see BigInteger::_remainder() + */ + const CLASSIC = 3; + /** + * @see BigInteger::__clone() + */ + const NONE = 4; + /**#@-*/ + + /**#@+ + * Array constants + * + * Rather than create a thousands and thousands of new BigInteger objects in repeated function calls to add() and + * multiply() or whatever, we'll just work directly on arrays, taking them in as parameters and returning them. + * + * @access private + */ + /** + * $result[self::VALUE] contains the value. + */ + const VALUE = 0; + /** + * $result[self::SIGN] contains the sign. + */ + const SIGN = 1; + /**#@-*/ + + /**#@+ + * @access private + * @see BigInteger::_montgomery() + * @see BigInteger::_barrett() + */ + /** + * Cache constants + * + * $cache[self::VARIABLE] tells us whether or not the cached data is still valid. + */ + const VARIABLE = 0; + /** + * $cache[self::DATA] contains the cached data. + */ + const DATA = 1; + /**#@-*/ + + /**#@+ + * Mode constants. + * + * @access private + * @see BigInteger::__construct() + */ + /** + * To use the pure-PHP implementation + */ + const MODE_INTERNAL = 1; + /** + * To use the BCMath library + * + * (if enabled; otherwise, the internal implementation will be used) + */ + const MODE_BCMATH = 2; + /** + * To use the GMP library + * + * (if present; otherwise, either the BCMath or the internal implementation will be used) + */ + const MODE_GMP = 3; + /**#@-*/ + + /** + * Karatsuba Cutoff + * + * At what point do we switch between Karatsuba multiplication and schoolbook long multiplication? + * + * @access private + */ + const KARATSUBA_CUTOFF = 25; + + /**#@+ + * Static properties used by the pure-PHP implementation. + * + * @see __construct() + */ + protected static $base; + protected static $baseFull; + protected static $maxDigit; + protected static $msb; + + /** + * $max10 in greatest $max10Len satisfying + * $max10 = 10**$max10Len <= 2**$base. + */ + protected static $max10; + + /** + * $max10Len in greatest $max10Len satisfying + * $max10 = 10**$max10Len <= 2**$base. + */ + protected static $max10Len; + protected static $maxDigit2; + /**#@-*/ + /** * Holds the BigInteger's value. * - * @var Array + * @var array * @access private */ var $value; @@ -191,23 +196,15 @@ class Math_BigInteger { /** * Holds the BigInteger's magnitude. * - * @var Boolean + * @var bool * @access private */ var $is_negative = false; - /** - * Random number generator function - * - * @see setRandomGenerator() - * @access private - */ - var $generator = 'mt_rand'; - /** * Precision * - * @see setPrecision() + * @see self::setPrecision() * @access private */ var $precision = -1; @@ -215,7 +212,7 @@ class Math_BigInteger { /** * Precision Bitmask * - * @see setPrecision() + * @see self::setPrecision() * @access private */ var $bitmask = false; @@ -223,13 +220,13 @@ class Math_BigInteger { /** * Mode independent value used for serialization. * - * If the bcmath or gmp extensions are installed $this->value will be a non-serializable resource, hence the need for + * If the bcmath or gmp extensions are installed $this->value will be a non-serializable resource, hence the need for * a variable that'll be serializable regardless of whether or not extensions are being used. Unlike $this->value, * however, $this->hex is only calculated when $this->__sleep() is called. * - * @see __sleep() - * @see __wakeup() - * @var String + * @see self::__sleep() + * @see self::__wakeup() + * @var string * @access private */ var $hex; @@ -242,105 +239,76 @@ class Math_BigInteger { * * Here's an example: * - * <?php - * include('Math/BigInteger.php'); - * - * $a = new Math_BigInteger('0x32', 16); // 50 in base-16 + * toString(); // outputs 50 - * ?> + * ?> * * - * @param optional $x base-10 number or base-$base number if $base set. - * @param optional integer $base - * @return Math_BigInteger + * @param $x base-10 number or base-$base number if $base set. + * @param int $base + * @return \phpseclib\Math\BigInteger * @access public */ - function Math_BigInteger($x = 0, $base = 10) + function __construct($x = 0, $base = 10) { - if ( !defined('MATH_BIGINTEGER_MODE') ) { + if (!defined('MATH_BIGINTEGER_MODE')) { switch (true) { case extension_loaded('gmp'): - define('MATH_BIGINTEGER_MODE', MATH_BIGINTEGER_MODE_GMP); + define('MATH_BIGINTEGER_MODE', self::MODE_GMP); break; case extension_loaded('bcmath'): - define('MATH_BIGINTEGER_MODE', MATH_BIGINTEGER_MODE_BCMATH); + define('MATH_BIGINTEGER_MODE', self::MODE_BCMATH); break; default: - define('MATH_BIGINTEGER_MODE', MATH_BIGINTEGER_MODE_INTERNAL); + define('MATH_BIGINTEGER_MODE', self::MODE_INTERNAL); } } - if (function_exists('openssl_public_encrypt') && !defined('MATH_BIGINTEGER_OPENSSL_DISABLE') && !defined('MATH_BIGINTEGER_OPENSSL_ENABLED')) { - // some versions of XAMPP have mismatched versions of OpenSSL which causes it not to work - ob_start(); - phpinfo(); - $content = ob_get_contents(); - ob_end_clean(); - - preg_match_all('#OpenSSL (Header|Library) Version(.*)#im', $content, $matches); - - $versions = array(); - if (!empty($matches[1])) { - for ($i = 0; $i < count($matches[1]); $i++) { - $versions[$matches[1][$i]] = trim(str_replace('=>', '', strip_tags($matches[2][$i]))); - } - } - - // it doesn't appear that OpenSSL versions were reported upon until PHP 5.3+ - switch (true) { - case !isset($versions['Header']): - case !isset($versions['Library']): - case $versions['Header'] == $versions['Library']: - define('MATH_BIGINTEGER_OPENSSL_ENABLED', true); - break; - default: - define('MATH_BIGINTEGER_OPENSSL_DISABLE', true); - } + if (extension_loaded('openssl') && !defined('MATH_BIGINTEGER_OPENSSL_DISABLE') && !defined('MATH_BIGINTEGER_OPENSSL_ENABLED')) { + define('MATH_BIGINTEGER_OPENSSL_ENABLED', true); } if (!defined('PHP_INT_SIZE')) { define('PHP_INT_SIZE', 4); } - if (!defined('MATH_BIGINTEGER_BASE') && MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_INTERNAL) { + if (empty(self::$base) && MATH_BIGINTEGER_MODE == self::MODE_INTERNAL) { switch (PHP_INT_SIZE) { case 8: // use 64-bit integers if int size is 8 bytes - define('MATH_BIGINTEGER_BASE', 31); - define('MATH_BIGINTEGER_BASE_FULL', 0x80000000); - define('MATH_BIGINTEGER_MAX_DIGIT', 0x7FFFFFFF); - define('MATH_BIGINTEGER_MSB', 0x40000000); - // 10**9 is the closest we can get to 2**31 without passing it - define('MATH_BIGINTEGER_MAX10', 1000000000); - define('MATH_BIGINTEGER_MAX10_LEN', 9); - // the largest digit that may be used in addition / subtraction - define('MATH_BIGINTEGER_MAX_DIGIT2', pow(2, 62)); + self::$base = 31; + self::$baseFull = 0x80000000; + self::$maxDigit = 0x7FFFFFFF; + self::$msb = 0x40000000; + self::$max10 = 1000000000; + self::$max10Len = 9; + self::$maxDigit2 = pow(2, 62); break; //case 4: // use 64-bit floats if int size is 4 bytes default: - define('MATH_BIGINTEGER_BASE', 26); - define('MATH_BIGINTEGER_BASE_FULL', 0x4000000); - define('MATH_BIGINTEGER_MAX_DIGIT', 0x3FFFFFF); - define('MATH_BIGINTEGER_MSB', 0x2000000); - // 10**7 is the closest to 2**26 without passing it - define('MATH_BIGINTEGER_MAX10', 10000000); - define('MATH_BIGINTEGER_MAX10_LEN', 7); - // the largest digit that may be used in addition / subtraction - // we do pow(2, 52) instead of using 4503599627370496 directly because some - // PHP installations will truncate 4503599627370496. - define('MATH_BIGINTEGER_MAX_DIGIT2', pow(2, 52)); + self::$base = 26; + self::$baseFull = 0x4000000; + self::$maxDigit = 0x3FFFFFF; + self::$msb = 0x2000000; + self::$max10 = 10000000; + self::$max10Len = 7; + self::$maxDigit2 = pow(2, 52); // pow() prevents truncation } } - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: - if (is_resource($x) && get_resource_type($x) == 'GMP integer') { - $this->value = $x; - return; + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: + switch (true) { + case is_resource($x) && get_resource_type($x) == 'GMP integer': + // PHP 5.6 switched GMP from using resources to objects + case $x instanceof \GMP: + $this->value = $x; + return; } $this->value = gmp_init(0); break; - case MATH_BIGINTEGER_MODE_BCMATH: + case self::MODE_BCMATH: $this->value = '0'; break; default: @@ -359,13 +327,13 @@ class Math_BigInteger { $x = ~$x; $this->is_negative = true; } - case 256: - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: + case 256: + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: $sign = $this->is_negative ? '-' : ''; - $this->value = gmp_init($sign . '0x' . bin2hex($x)); + $this->value = gmp_init($sign . '0x' . Hex::encode($x)); break; - case MATH_BIGINTEGER_MODE_BCMATH: + case self::MODE_BCMATH: // round $len to the nearest 4 (thanks, DavidMJ!) $len = (strlen($x) + 3) & 0xFFFFFFFC; @@ -384,19 +352,19 @@ class Math_BigInteger { // converts a base-2**8 (big endian / msb) number to base-2**26 (little endian / lsb) default: while (strlen($x)) { - $this->value[] = $this->_bytes2int($this->_base256_rshift($x, MATH_BIGINTEGER_BASE)); + $this->value[] = $this->_bytes2int($this->_base256_rshift($x, self::$base)); } } if ($this->is_negative) { - if (MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL) { + if (MATH_BIGINTEGER_MODE != self::MODE_INTERNAL) { $this->is_negative = false; } - $temp = $this->add(new Math_BigInteger('-1')); + $temp = $this->add(new static('-1')); $this->value = $temp->value; } break; - case 16: + case 16: case -16: if ($base > 0 && $x[0] == '-') { $this->is_negative = true; @@ -408,70 +376,70 @@ class Math_BigInteger { $is_negative = false; if ($base < 0 && hexdec($x[0]) >= 8) { $this->is_negative = $is_negative = true; - $x = bin2hex(~pack('H*', $x)); + $x = Hex::encode(~Hex::decode($x)); } - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: $temp = $this->is_negative ? '-0x' . $x : '0x' . $x; $this->value = gmp_init($temp); $this->is_negative = false; break; - case MATH_BIGINTEGER_MODE_BCMATH: - $x = ( strlen($x) & 1 ) ? '0' . $x : $x; - $temp = new Math_BigInteger(pack('H*', $x), 256); + case self::MODE_BCMATH: + $x = (strlen($x) & 1) ? '0' . $x : $x; + $temp = new static(Hex::decode($x), 256); $this->value = $this->is_negative ? '-' . $temp->value : $temp->value; $this->is_negative = false; break; default: - $x = ( strlen($x) & 1 ) ? '0' . $x : $x; - $temp = new Math_BigInteger(pack('H*', $x), 256); + $x = (strlen($x) & 1) ? '0' . $x : $x; + $temp = new static(Hex::decode($x), 256); $this->value = $temp->value; } if ($is_negative) { - $temp = $this->add(new Math_BigInteger('-1')); + $temp = $this->add(new static('-1')); $this->value = $temp->value; } break; - case 10: + case 10: case -10: // (?value = gmp_init($x); break; - case MATH_BIGINTEGER_MODE_BCMATH: + case self::MODE_BCMATH: // explicitly casting $x to a string is necessary, here, since doing $x[0] on -1 yields different // results then doing it on '-1' does (modInverse does $x[0]) $this->value = $x === '-' ? '0' : (string) $x; break; default: - $temp = new Math_BigInteger(); + $temp = new static(); - $multiplier = new Math_BigInteger(); - $multiplier->value = array(MATH_BIGINTEGER_MAX10); + $multiplier = new static(); + $multiplier->value = array(self::$max10); if ($x[0] == '-') { $this->is_negative = true; $x = substr($x, 1); } - $x = str_pad($x, strlen($x) + ((MATH_BIGINTEGER_MAX10_LEN - 1) * strlen($x)) % MATH_BIGINTEGER_MAX10_LEN, 0, STR_PAD_LEFT); + $x = str_pad($x, strlen($x) + ((self::$max10Len - 1) * strlen($x)) % self::$max10Len, 0, STR_PAD_LEFT); while (strlen($x)) { $temp = $temp->multiply($multiplier); - $temp = $temp->add(new Math_BigInteger($this->_int2bytes(substr($x, 0, MATH_BIGINTEGER_MAX10_LEN)), 256)); - $x = substr($x, MATH_BIGINTEGER_MAX10_LEN); + $temp = $temp->add(new static($this->_int2bytes(substr($x, 0, self::$max10Len)), 256)); + $x = substr($x, self::$max10Len); } $this->value = $temp->value; } break; - case 2: // base-2 support originally implemented by Lluis Pamies - thanks! + case 2: // base-2 support originally implemented by Lluis Pamies - thanks! case -2: if ($base > 0 && $x[0] == '-') { $this->is_negative = true; @@ -492,7 +460,7 @@ class Math_BigInteger { $str = '-' . $str; } - $temp = new Math_BigInteger($str, 8 * $base); // ie. either -16 or +16 + $temp = new static($str, 8 * $base); // ie. either -16 or +16 $this->value = $temp->value; $this->is_negative = $temp->is_negative; @@ -511,28 +479,26 @@ class Math_BigInteger { * Here's an example: * * toBytes(); // outputs chr(65) * ?> * * - * @param Boolean $twos_compliment - * @return String + * @param bool $twos_compliment + * @return string * @access public * @internal Converts a base-2**26 number to base-2**8 */ function toBytes($twos_compliment = false) { if ($twos_compliment) { - $comparison = $this->compare(new Math_BigInteger()); + $comparison = $this->compare(new static()); if ($comparison == 0) { return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : ''; } - $temp = $comparison < 0 ? $this->add(new Math_BigInteger(1)) : $this->copy(); + $temp = $comparison < 0 ? $this->add(new static(1)) : $this; $bytes = $temp->toBytes(); if (empty($bytes)) { // eg. if the number we're trying to convert is -1 @@ -546,20 +512,20 @@ class Math_BigInteger { return $comparison < 0 ? ~$bytes : $bytes; } - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: if (gmp_cmp($this->value, gmp_init(0)) == 0) { return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : ''; } $temp = gmp_strval(gmp_abs($this->value), 16); - $temp = ( strlen($temp) & 1 ) ? '0' . $temp : $temp; - $temp = pack('H*', $temp); + $temp = (strlen($temp) & 1) ? '0' . $temp : $temp; + $temp = Hex::decode($temp); return $this->precision > 0 ? substr(str_pad($temp, $this->precision >> 3, chr(0), STR_PAD_LEFT), -($this->precision >> 3)) : ltrim($temp, chr(0)); - case MATH_BIGINTEGER_MODE_BCMATH: + case self::MODE_BCMATH: if ($this->value === '0') { return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : ''; } @@ -585,13 +551,11 @@ class Math_BigInteger { if (!count($this->value)) { return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : ''; } - $result = $this->_int2bytes($this->value[count($this->value) - 1]); + $result = self::_int2bytes($this->value[count($this->value) - 1]); - $temp = $this->copy(); - - for ($i = count($temp->value) - 2; $i >= 0; --$i) { - $temp->_base256_lshift($result, MATH_BIGINTEGER_BASE); - $result = $result | str_pad($temp->_int2bytes($temp->value[$i]), strlen($result), chr(0), STR_PAD_LEFT); + for ($i = count($this->value) - 2; $i >= 0; --$i) { + self::_base256_lshift($result, self::$base); + $result = $result | str_pad(self::_int2bytes($this->value[$i]), strlen($result), chr(0), STR_PAD_LEFT); } return $this->precision > 0 ? @@ -608,22 +572,20 @@ class Math_BigInteger { * Here's an example: * * toHex(); // outputs '41' * ?> * * - * @param Boolean $twos_compliment - * @return String + * @param bool $twos_compliment + * @return string * @access public * @internal Converts a base-2**26 number to base-2**8 */ function toHex($twos_compliment = false) { - return bin2hex($this->toBytes($twos_compliment)); + return Hex::encode($this->toBytes($twos_compliment)); } /** @@ -635,16 +597,14 @@ class Math_BigInteger { * Here's an example: * * toBits(); // outputs '1000001' * ?> * * - * @param Boolean $twos_compliment - * @return String + * @param bool $twos_compliment + * @return string * @access public * @internal Converts a base-2**26 number to base-2**2 */ @@ -660,7 +620,7 @@ class Math_BigInteger { } $result = $this->precision > 0 ? substr($bits, -$this->precision) : ltrim($bits, '0'); - if ($twos_compliment && $this->compare(new Math_BigInteger()) > 0 && $this->precision <= 0) { + if ($twos_compliment && $this->compare(new static()) > 0 && $this->precision <= 0) { return '0' . $result; } @@ -673,24 +633,22 @@ class Math_BigInteger { * Here's an example: * * toString(); // outputs 50 * ?> * * - * @return String + * @return string * @access public * @internal Converts a base-2**26 number to base-10**7 (which is pretty much base-10) */ function toString() { - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: return gmp_strval($this->value); - case MATH_BIGINTEGER_MODE_BCMATH: + case self::MODE_BCMATH: if ($this->value === '0') { return '0'; } @@ -702,15 +660,15 @@ class Math_BigInteger { return '0'; } - $temp = $this->copy(); + $temp = clone $this; $temp->is_negative = false; - $divisor = new Math_BigInteger(); - $divisor->value = array(MATH_BIGINTEGER_MAX10); + $divisor = new static(); + $divisor->value = array(self::$max10); $result = ''; while (count($temp->value)) { list($temp, $mod) = $temp->divide($divisor); - $result = str_pad(isset($mod->value[0]) ? $mod->value[0] : '', MATH_BIGINTEGER_MAX10_LEN, '0', STR_PAD_LEFT) . $result; + $result = str_pad(isset($mod->value[0]) ? $mod->value[0] : '', self::$max10Len, '0', STR_PAD_LEFT) . $result; } $result = ltrim($result, '0'); if (empty($result)) { @@ -724,29 +682,6 @@ class Math_BigInteger { return $result; } - /** - * Copy an object - * - * PHP5 passes objects by reference while PHP4 passes by value. As such, we need a function to guarantee - * that all objects are passed by value, when appropriate. More information can be found here: - * - * {@link http://php.net/language.oop5.basic#51624} - * - * @access public - * @see __clone() - * @return Math_BigInteger - */ - function copy() - { - $temp = new Math_BigInteger(); - $temp->value = $this->value; - $temp->is_negative = $this->is_negative; - $temp->generator = $this->generator; - $temp->precision = $this->precision; - $temp->bitmask = $this->bitmask; - return $temp; - } - /** * __toString() magic method * @@ -761,75 +696,84 @@ class Math_BigInteger { return $this->toString(); } - /** - * __clone() magic method - * - * Although you can call Math_BigInteger::__toString() directly in PHP5, you cannot call Math_BigInteger::__clone() - * directly in PHP5. You can in PHP4 since it's not a magic method, but in PHP5, you have to call it by using the PHP5 - * only syntax of $y = clone $x. As such, if you're trying to write an application that works on both PHP4 and PHP5, - * call Math_BigInteger::copy(), instead. - * - * @access public - * @see copy() - * @return Math_BigInteger - */ - function __clone() - { - return $this->copy(); - } - /** * __sleep() magic method * - * Will be called, automatically, when serialize() is called on a Math_BigInteger object. + * Will be called, automatically, when serialize() is called on a BigInteger object. * - * @see __wakeup() + * @see self::__wakeup() * @access public */ function __sleep() { $this->hex = $this->toHex(true); $vars = array('hex'); - if ($this->generator != 'mt_rand') { - $vars[] = 'generator'; - } if ($this->precision > 0) { $vars[] = 'precision'; } return $vars; - } /** * __wakeup() magic method * - * Will be called, automatically, when unserialize() is called on a Math_BigInteger object. + * Will be called, automatically, when unserialize() is called on a BigInteger object. * - * @see __sleep() + * @see self::__sleep() * @access public */ function __wakeup() { - $temp = new Math_BigInteger($this->hex, -16); + $temp = new static($this->hex, -16); $this->value = $temp->value; $this->is_negative = $temp->is_negative; - $this->setRandomGenerator($this->generator); if ($this->precision > 0) { // recalculate $this->bitmask $this->setPrecision($this->precision); } } + /** + * __debugInfo() magic method + * + * Will be called, automatically, when print_r() or var_dump() are called + * + * @access public + */ + function __debugInfo() + { + $opts = array(); + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: + $engine = 'gmp'; + break; + case self::MODE_BCMATH: + $engine = 'bcmath'; + break; + case self::MODE_INTERNAL: + $engine = 'internal'; + $opts[] = PHP_INT_SIZE == 8 ? '64-bit' : '32-bit'; + } + if (MATH_BIGINTEGER_MODE != self::MODE_GMP && defined('MATH_BIGINTEGER_OPENSSL_ENABLED')) { + $opts[] = 'OpenSSL'; + } + if (!empty($opts)) { + $engine.= ' (' . implode($opts, ', ') . ')'; + } + return array( + 'value' => '0x' . $this->toHex(true), + 'engine' => $engine + ); + } + /** * Adds two BigIntegers. * * Here's an example: * * add($b); * @@ -837,31 +781,31 @@ class Math_BigInteger { * ?> * * - * @param Math_BigInteger $y - * @return Math_BigInteger + * @param \phpseclib\Math\BigInteger $y + * @return \phpseclib\Math\BigInteger * @access public * @internal Performs base-2**52 addition */ - function add($y) + function add(BigInteger $y) { - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: - $temp = new Math_BigInteger(); + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: + $temp = new static(); $temp->value = gmp_add($this->value, $y->value); return $this->_normalize($temp); - case MATH_BIGINTEGER_MODE_BCMATH: - $temp = new Math_BigInteger(); + case self::MODE_BCMATH: + $temp = new static(); $temp->value = bcadd($this->value, $y->value, 0); return $this->_normalize($temp); } - $temp = $this->_add($this->value, $this->is_negative, $y->value, $y->is_negative); + $temp = self::_add($this->value, $this->is_negative, $y->value, $y->is_negative); - $result = new Math_BigInteger(); - $result->value = $temp[MATH_BIGINTEGER_VALUE]; - $result->is_negative = $temp[MATH_BIGINTEGER_SIGN]; + $result = new static(); + $result->value = $temp[self::VALUE]; + $result->is_negative = $temp[self::SIGN]; return $this->_normalize($result); } @@ -869,41 +813,41 @@ class Math_BigInteger { /** * Performs addition. * - * @param Array $x_value - * @param Boolean $x_negative - * @param Array $y_value - * @param Boolean $y_negative - * @return Array + * @param array $x_value + * @param bool $x_negative + * @param array $y_value + * @param bool $y_negative + * @return array * @access private */ - function _add($x_value, $x_negative, $y_value, $y_negative) + static function _add($x_value, $x_negative, $y_value, $y_negative) { $x_size = count($x_value); $y_size = count($y_value); if ($x_size == 0) { return array( - MATH_BIGINTEGER_VALUE => $y_value, - MATH_BIGINTEGER_SIGN => $y_negative + self::VALUE => $y_value, + self::SIGN => $y_negative ); - } else if ($y_size == 0) { + } elseif ($y_size == 0) { return array( - MATH_BIGINTEGER_VALUE => $x_value, - MATH_BIGINTEGER_SIGN => $x_negative + self::VALUE => $x_value, + self::SIGN => $x_negative ); } // subtract, if appropriate - if ( $x_negative != $y_negative ) { - if ( $x_value == $y_value ) { + if ($x_negative != $y_negative) { + if ($x_value == $y_value) { return array( - MATH_BIGINTEGER_VALUE => array(), - MATH_BIGINTEGER_SIGN => false + self::VALUE => array(), + self::SIGN => false ); } - $temp = $this->_subtract($x_value, false, $y_value, false); - $temp[MATH_BIGINTEGER_SIGN] = $this->_compare($x_value, false, $y_value, false) > 0 ? + $temp = self::_subtract($x_value, false, $y_value, false); + $temp[self::SIGN] = self::_compare($x_value, false, $y_value, false) > 0 ? $x_negative : $y_negative; return $temp; @@ -917,37 +861,37 @@ class Math_BigInteger { $value = $x_value; } - $value[] = 0; // just in case the carry adds an extra digit + $value[count($value)] = 0; // just in case the carry adds an extra digit $carry = 0; for ($i = 0, $j = 1; $j < $size; $i+=2, $j+=2) { - $sum = $x_value[$j] * MATH_BIGINTEGER_BASE_FULL + $x_value[$i] + $y_value[$j] * MATH_BIGINTEGER_BASE_FULL + $y_value[$i] + $carry; - $carry = $sum >= MATH_BIGINTEGER_MAX_DIGIT2; // eg. floor($sum / 2**52); only possible values (in any base) are 0 and 1 - $sum = $carry ? $sum - MATH_BIGINTEGER_MAX_DIGIT2 : $sum; + $sum = $x_value[$j] * self::$baseFull + $x_value[$i] + $y_value[$j] * self::$baseFull + $y_value[$i] + $carry; + $carry = $sum >= self::$maxDigit2; // eg. floor($sum / 2**52); only possible values (in any base) are 0 and 1 + $sum = $carry ? $sum - self::$maxDigit2 : $sum; - $temp = (int) ($sum / MATH_BIGINTEGER_BASE_FULL); + $temp = self::$base === 26 ? intval($sum / 0x4000000) : ($sum >> 31); - $value[$i] = (int) ($sum - MATH_BIGINTEGER_BASE_FULL * $temp); // eg. a faster alternative to fmod($sum, 0x4000000) + $value[$i] = (int) ($sum - self::$baseFull * $temp); // eg. a faster alternative to fmod($sum, 0x4000000) $value[$j] = $temp; } if ($j == $size) { // ie. if $y_size is odd $sum = $x_value[$i] + $y_value[$i] + $carry; - $carry = $sum >= MATH_BIGINTEGER_BASE_FULL; - $value[$i] = $carry ? $sum - MATH_BIGINTEGER_BASE_FULL : $sum; + $carry = $sum >= self::$baseFull; + $value[$i] = $carry ? $sum - self::$baseFull : $sum; ++$i; // ie. let $i = $j since we've just done $value[$i] } if ($carry) { - for (; $value[$i] == MATH_BIGINTEGER_MAX_DIGIT; ++$i) { + for (; $value[$i] == self::$maxDigit; ++$i) { $value[$i] = 0; } ++$value[$i]; } return array( - MATH_BIGINTEGER_VALUE => $this->_trim($value), - MATH_BIGINTEGER_SIGN => $x_negative + self::VALUE => self::_trim($value), + self::SIGN => $x_negative ); } @@ -957,10 +901,8 @@ class Math_BigInteger { * Here's an example: * * subtract($b); * @@ -968,31 +910,31 @@ class Math_BigInteger { * ?> * * - * @param Math_BigInteger $y - * @return Math_BigInteger + * @param \phpseclib\Math\BigInteger $y + * @return \phpseclib\Math\BigInteger * @access public * @internal Performs base-2**52 subtraction */ - function subtract($y) + function subtract(BigInteger $y) { - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: - $temp = new Math_BigInteger(); + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: + $temp = new static(); $temp->value = gmp_sub($this->value, $y->value); return $this->_normalize($temp); - case MATH_BIGINTEGER_MODE_BCMATH: - $temp = new Math_BigInteger(); + case self::MODE_BCMATH: + $temp = new static(); $temp->value = bcsub($this->value, $y->value, 0); return $this->_normalize($temp); } - $temp = $this->_subtract($this->value, $this->is_negative, $y->value, $y->is_negative); + $temp = self::_subtract($this->value, $this->is_negative, $y->value, $y->is_negative); - $result = new Math_BigInteger(); - $result->value = $temp[MATH_BIGINTEGER_VALUE]; - $result->is_negative = $temp[MATH_BIGINTEGER_SIGN]; + $result = new static(); + $result->value = $temp[self::VALUE]; + $result->is_negative = $temp[self::SIGN]; return $this->_normalize($result); } @@ -1000,49 +942,49 @@ class Math_BigInteger { /** * Performs subtraction. * - * @param Array $x_value - * @param Boolean $x_negative - * @param Array $y_value - * @param Boolean $y_negative - * @return Array + * @param array $x_value + * @param bool $x_negative + * @param array $y_value + * @param bool $y_negative + * @return array * @access private */ - function _subtract($x_value, $x_negative, $y_value, $y_negative) + static function _subtract($x_value, $x_negative, $y_value, $y_negative) { $x_size = count($x_value); $y_size = count($y_value); if ($x_size == 0) { return array( - MATH_BIGINTEGER_VALUE => $y_value, - MATH_BIGINTEGER_SIGN => !$y_negative + self::VALUE => $y_value, + self::SIGN => !$y_negative ); - } else if ($y_size == 0) { + } elseif ($y_size == 0) { return array( - MATH_BIGINTEGER_VALUE => $x_value, - MATH_BIGINTEGER_SIGN => $x_negative + self::VALUE => $x_value, + self::SIGN => $x_negative ); } // add, if appropriate (ie. -$x - +$y or +$x - -$y) - if ( $x_negative != $y_negative ) { - $temp = $this->_add($x_value, false, $y_value, false); - $temp[MATH_BIGINTEGER_SIGN] = $x_negative; + if ($x_negative != $y_negative) { + $temp = self::_add($x_value, false, $y_value, false); + $temp[self::SIGN] = $x_negative; return $temp; } - $diff = $this->_compare($x_value, $x_negative, $y_value, $y_negative); + $diff = self::_compare($x_value, $x_negative, $y_value, $y_negative); - if ( !$diff ) { + if (!$diff) { return array( - MATH_BIGINTEGER_VALUE => array(), - MATH_BIGINTEGER_SIGN => false + self::VALUE => array(), + self::SIGN => false ); } // switch $x and $y around, if appropriate. - if ( (!$x_negative && $diff < 0) || ($x_negative && $diff > 0) ) { + if ((!$x_negative && $diff < 0) || ($x_negative && $diff > 0)) { $temp = $x_value; $x_value = $y_value; $y_value = $temp; @@ -1057,33 +999,33 @@ class Math_BigInteger { $carry = 0; for ($i = 0, $j = 1; $j < $y_size; $i+=2, $j+=2) { - $sum = $x_value[$j] * MATH_BIGINTEGER_BASE_FULL + $x_value[$i] - $y_value[$j] * MATH_BIGINTEGER_BASE_FULL - $y_value[$i] - $carry; + $sum = $x_value[$j] * self::$baseFull + $x_value[$i] - $y_value[$j] * self::$baseFull - $y_value[$i] - $carry; $carry = $sum < 0; // eg. floor($sum / 2**52); only possible values (in any base) are 0 and 1 - $sum = $carry ? $sum + MATH_BIGINTEGER_MAX_DIGIT2 : $sum; + $sum = $carry ? $sum + self::$maxDigit2 : $sum; - $temp = (int) ($sum / MATH_BIGINTEGER_BASE_FULL); + $temp = self::$base === 26 ? intval($sum / 0x4000000) : ($sum >> 31); - $x_value[$i] = (int) ($sum - MATH_BIGINTEGER_BASE_FULL * $temp); + $x_value[$i] = (int) ($sum - self::$baseFull * $temp); $x_value[$j] = $temp; } if ($j == $y_size) { // ie. if $y_size is odd $sum = $x_value[$i] - $y_value[$i] - $carry; $carry = $sum < 0; - $x_value[$i] = $carry ? $sum + MATH_BIGINTEGER_BASE_FULL : $sum; + $x_value[$i] = $carry ? $sum + self::$baseFull : $sum; ++$i; } if ($carry) { for (; !$x_value[$i]; ++$i) { - $x_value[$i] = MATH_BIGINTEGER_MAX_DIGIT; + $x_value[$i] = self::$maxDigit; } --$x_value[$i]; } return array( - MATH_BIGINTEGER_VALUE => $this->_trim($x_value), - MATH_BIGINTEGER_SIGN => $x_negative + self::VALUE => self::_trim($x_value), + self::SIGN => $x_negative ); } @@ -1093,10 +1035,8 @@ class Math_BigInteger { * Here's an example: * * multiply($b); * @@ -1104,30 +1044,30 @@ class Math_BigInteger { * ?> * * - * @param Math_BigInteger $x - * @return Math_BigInteger + * @param \phpseclib\Math\BigInteger $x + * @return \phpseclib\Math\BigInteger * @access public */ - function multiply($x) + function multiply(BigInteger $x) { - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: - $temp = new Math_BigInteger(); + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: + $temp = new static(); $temp->value = gmp_mul($this->value, $x->value); return $this->_normalize($temp); - case MATH_BIGINTEGER_MODE_BCMATH: - $temp = new Math_BigInteger(); + case self::MODE_BCMATH: + $temp = new static(); $temp->value = bcmul($this->value, $x->value, 0); return $this->_normalize($temp); } - $temp = $this->_multiply($this->value, $this->is_negative, $x->value, $x->is_negative); + $temp = self::_multiply($this->value, $this->is_negative, $x->value, $x->is_negative); - $product = new Math_BigInteger(); - $product->value = $temp[MATH_BIGINTEGER_VALUE]; - $product->is_negative = $temp[MATH_BIGINTEGER_SIGN]; + $product = new static(); + $product->value = $temp[self::VALUE]; + $product->is_negative = $temp[self::SIGN]; return $this->_normalize($product); } @@ -1135,37 +1075,37 @@ class Math_BigInteger { /** * Performs multiplication. * - * @param Array $x_value - * @param Boolean $x_negative - * @param Array $y_value - * @param Boolean $y_negative - * @return Array + * @param array $x_value + * @param bool $x_negative + * @param array $y_value + * @param bool $y_negative + * @return array * @access private */ - function _multiply($x_value, $x_negative, $y_value, $y_negative) + static function _multiply($x_value, $x_negative, $y_value, $y_negative) { //if ( $x_value == $y_value ) { // return array( - // MATH_BIGINTEGER_VALUE => $this->_square($x_value), - // MATH_BIGINTEGER_SIGN => $x_sign != $y_value + // self::VALUE => $this->_square($x_value), + // self::SIGN => $x_sign != $y_value // ); //} $x_length = count($x_value); $y_length = count($y_value); - if ( !$x_length || !$y_length ) { // a 0 is being multiplied + if (!$x_length || !$y_length) { // a 0 is being multiplied return array( - MATH_BIGINTEGER_VALUE => array(), - MATH_BIGINTEGER_SIGN => false + self::VALUE => array(), + self::SIGN => false ); } return array( - MATH_BIGINTEGER_VALUE => min($x_length, $y_length) < 2 * MATH_BIGINTEGER_KARATSUBA_CUTOFF ? - $this->_trim($this->_regularMultiply($x_value, $y_value)) : - $this->_trim($this->_karatsuba($x_value, $y_value)), - MATH_BIGINTEGER_SIGN => $x_negative != $y_negative + self::VALUE => min($x_length, $y_length) < 2 * self::KARATSUBA_CUTOFF ? + self::_trim(self::_regularMultiply($x_value, $y_value)) : + self::_trim(self::_karatsuba($x_value, $y_value)), + self::SIGN => $x_negative != $y_negative ); } @@ -1174,21 +1114,21 @@ class Math_BigInteger { * * Modeled after 'multiply' in MutableBigInteger.java. * - * @param Array $x_value - * @param Array $y_value - * @return Array + * @param array $x_value + * @param array $y_value + * @return array * @access private */ - function _regularMultiply($x_value, $y_value) + static function _regularMultiply($x_value, $y_value) { $x_length = count($x_value); $y_length = count($y_value); - if ( !$x_length || !$y_length ) { // a 0 is being multiplied + if (!$x_length || !$y_length) { // a 0 is being multiplied return array(); } - if ( $x_length < $y_length ) { + if ($x_length < $y_length) { $temp = $x_value; $x_value = $y_value; $y_value = $temp; @@ -1197,7 +1137,7 @@ class Math_BigInteger { $y_length = count($y_value); } - $product_value = $this->_array_repeat(0, $x_length + $y_length); + $product_value = self::_array_repeat(0, $x_length + $y_length); // the following for loop could be removed if the for loop following it // (the one with nested for loops) initially set $i to 0, but @@ -1209,8 +1149,8 @@ class Math_BigInteger { for ($j = 0; $j < $x_length; ++$j) { // ie. $i = 0 $temp = $x_value[$j] * $y_value[0] + $carry; // $product_value[$k] == 0 - $carry = (int) ($temp / MATH_BIGINTEGER_BASE_FULL); - $product_value[$j] = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * $carry); + $carry = self::$base === 26 ? intval($temp / 0x4000000) : ($temp >> 31); + $product_value[$j] = (int) ($temp - self::$baseFull * $carry); } $product_value[$j] = $carry; @@ -1222,8 +1162,8 @@ class Math_BigInteger { for ($j = 0, $k = $i; $j < $x_length; ++$j, ++$k) { $temp = $product_value[$k] + $x_value[$j] * $y_value[$i] + $carry; - $carry = (int) ($temp / MATH_BIGINTEGER_BASE_FULL); - $product_value[$k] = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * $carry); + $carry = self::$base === 26 ? intval($temp / 0x4000000) : ($temp >> 31); + $product_value[$k] = (int) ($temp - self::$baseFull * $carry); } $product_value[$k] = $carry; @@ -1238,17 +1178,17 @@ class Math_BigInteger { * See {@link http://en.wikipedia.org/wiki/Karatsuba_algorithm Karatsuba algorithm} and * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=120 MPM 5.2.3}. * - * @param Array $x_value - * @param Array $y_value - * @return Array + * @param array $x_value + * @param array $y_value + * @return array * @access private */ - function _karatsuba($x_value, $y_value) + static function _karatsuba($x_value, $y_value) { $m = min(count($x_value) >> 1, count($y_value) >> 1); - if ($m < MATH_BIGINTEGER_KARATSUBA_CUTOFF) { - return $this->_regularMultiply($x_value, $y_value); + if ($m < self::KARATSUBA_CUTOFF) { + return self::_regularMultiply($x_value, $y_value); } $x1 = array_slice($x_value, $m); @@ -1256,36 +1196,36 @@ class Math_BigInteger { $y1 = array_slice($y_value, $m); $y0 = array_slice($y_value, 0, $m); - $z2 = $this->_karatsuba($x1, $y1); - $z0 = $this->_karatsuba($x0, $y0); + $z2 = self::_karatsuba($x1, $y1); + $z0 = self::_karatsuba($x0, $y0); - $z1 = $this->_add($x1, false, $x0, false); - $temp = $this->_add($y1, false, $y0, false); - $z1 = $this->_karatsuba($z1[MATH_BIGINTEGER_VALUE], $temp[MATH_BIGINTEGER_VALUE]); - $temp = $this->_add($z2, false, $z0, false); - $z1 = $this->_subtract($z1, false, $temp[MATH_BIGINTEGER_VALUE], false); + $z1 = self::_add($x1, false, $x0, false); + $temp = self::_add($y1, false, $y0, false); + $z1 = self::_karatsuba($z1[self::VALUE], $temp[self::VALUE]); + $temp = self::_add($z2, false, $z0, false); + $z1 = self::_subtract($z1, false, $temp[self::VALUE], false); $z2 = array_merge(array_fill(0, 2 * $m, 0), $z2); - $z1[MATH_BIGINTEGER_VALUE] = array_merge(array_fill(0, $m, 0), $z1[MATH_BIGINTEGER_VALUE]); + $z1[self::VALUE] = array_merge(array_fill(0, $m, 0), $z1[self::VALUE]); - $xy = $this->_add($z2, false, $z1[MATH_BIGINTEGER_VALUE], $z1[MATH_BIGINTEGER_SIGN]); - $xy = $this->_add($xy[MATH_BIGINTEGER_VALUE], $xy[MATH_BIGINTEGER_SIGN], $z0, false); + $xy = self::_add($z2, false, $z1[self::VALUE], $z1[self::SIGN]); + $xy = self::_add($xy[self::VALUE], $xy[self::SIGN], $z0, false); - return $xy[MATH_BIGINTEGER_VALUE]; + return $xy[self::VALUE]; } /** * Performs squaring * - * @param Array $x - * @return Array + * @param array $x + * @return array * @access private */ - function _square($x = false) + static function _square($x = false) { - return count($x) < 2 * MATH_BIGINTEGER_KARATSUBA_CUTOFF ? - $this->_trim($this->_baseSquare($x)) : - $this->_trim($this->_karatsubaSquare($x)); + return count($x) < 2 * self::KARATSUBA_CUTOFF ? + self::_trim(self::_baseSquare($x)) : + self::_trim(self::_karatsubaSquare($x)); } /** @@ -1295,29 +1235,29 @@ class Math_BigInteger { * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=7 HAC 14.2.4} / * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=141 MPM 5.3} for more information. * - * @param Array $value - * @return Array + * @param array $value + * @return array * @access private */ - function _baseSquare($value) + static function _baseSquare($value) { - if ( empty($value) ) { + if (empty($value)) { return array(); } - $square_value = $this->_array_repeat(0, 2 * count($value)); + $square_value = self::_array_repeat(0, 2 * count($value)); for ($i = 0, $max_index = count($value) - 1; $i <= $max_index; ++$i) { $i2 = $i << 1; $temp = $square_value[$i2] + $value[$i] * $value[$i]; - $carry = (int) ($temp / MATH_BIGINTEGER_BASE_FULL); - $square_value[$i2] = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * $carry); + $carry = self::$base === 26 ? intval($temp / 0x4000000) : ($temp >> 31); + $square_value[$i2] = (int) ($temp - self::$baseFull * $carry); // note how we start from $i+1 instead of 0 as we do in multiplication. for ($j = $i + 1, $k = $i2 + 1; $j <= $max_index; ++$j, ++$k) { $temp = $square_value[$k] + 2 * $value[$j] * $value[$i] + $carry; - $carry = (int) ($temp / MATH_BIGINTEGER_BASE_FULL); - $square_value[$k] = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * $carry); + $carry = self::$base === 26 ? intval($temp / 0x4000000) : ($temp >> 31); + $square_value[$k] = (int) ($temp - self::$baseFull * $carry); } // the following line can yield values larger 2**15. at this point, PHP should switch @@ -1334,36 +1274,36 @@ class Math_BigInteger { * See {@link http://en.wikipedia.org/wiki/Karatsuba_algorithm Karatsuba algorithm} and * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=151 MPM 5.3.4}. * - * @param Array $value - * @return Array + * @param array $value + * @return array * @access private */ - function _karatsubaSquare($value) + static function _karatsubaSquare($value) { $m = count($value) >> 1; - if ($m < MATH_BIGINTEGER_KARATSUBA_CUTOFF) { - return $this->_baseSquare($value); + if ($m < self::KARATSUBA_CUTOFF) { + return self::_baseSquare($value); } $x1 = array_slice($value, $m); $x0 = array_slice($value, 0, $m); - $z2 = $this->_karatsubaSquare($x1); - $z0 = $this->_karatsubaSquare($x0); + $z2 = self::_karatsubaSquare($x1); + $z0 = self::_karatsubaSquare($x0); - $z1 = $this->_add($x1, false, $x0, false); - $z1 = $this->_karatsubaSquare($z1[MATH_BIGINTEGER_VALUE]); - $temp = $this->_add($z2, false, $z0, false); - $z1 = $this->_subtract($z1, false, $temp[MATH_BIGINTEGER_VALUE], false); + $z1 = self::_add($x1, false, $x0, false); + $z1 = self::_karatsubaSquare($z1[self::VALUE]); + $temp = self::_add($z2, false, $z0, false); + $z1 = self::_subtract($z1, false, $temp[self::VALUE], false); $z2 = array_merge(array_fill(0, 2 * $m, 0), $z2); - $z1[MATH_BIGINTEGER_VALUE] = array_merge(array_fill(0, $m, 0), $z1[MATH_BIGINTEGER_VALUE]); + $z1[self::VALUE] = array_merge(array_fill(0, $m, 0), $z1[self::VALUE]); - $xx = $this->_add($z2, false, $z1[MATH_BIGINTEGER_VALUE], $z1[MATH_BIGINTEGER_SIGN]); - $xx = $this->_add($xx[MATH_BIGINTEGER_VALUE], $xx[MATH_BIGINTEGER_SIGN], $z0, false); + $xx = self::_add($z2, false, $z1[self::VALUE], $z1[self::SIGN]); + $xx = self::_add($xx[self::VALUE], $xx[self::SIGN], $z0, false); - return $xx[MATH_BIGINTEGER_VALUE]; + return $xx[self::VALUE]; } /** @@ -1377,10 +1317,8 @@ class Math_BigInteger { * Here's an example: * * divide($b); * @@ -1390,17 +1328,17 @@ class Math_BigInteger { * ?> * * - * @param Math_BigInteger $y - * @return Array + * @param \phpseclib\Math\BigInteger $y + * @return array * @access public * @internal This function is based off of {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=9 HAC 14.20}. */ - function divide($y) + function divide(BigInteger $y) { - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: - $quotient = new Math_BigInteger(); - $remainder = new Math_BigInteger(); + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: + $quotient = new static(); + $remainder = new static(); list($quotient->value, $remainder->value) = gmp_div_qr($this->value, $y->value); @@ -1409,9 +1347,9 @@ class Math_BigInteger { } return array($this->_normalize($quotient), $this->_normalize($remainder)); - case MATH_BIGINTEGER_MODE_BCMATH: - $quotient = new Math_BigInteger(); - $remainder = new Math_BigInteger(); + case self::MODE_BCMATH: + $quotient = new static(); + $remainder = new static(); $quotient->value = bcdiv($this->value, $y->value, 0); $remainder->value = bcmod($this->value, $y->value); @@ -1425,8 +1363,8 @@ class Math_BigInteger { if (count($y->value) == 1) { list($q, $r) = $this->_divide_digit($this->value, $y->value[0]); - $quotient = new Math_BigInteger(); - $remainder = new Math_BigInteger(); + $quotient = new static(); + $remainder = new static(); $quotient->value = $q; $remainder->value = array($r); $quotient->is_negative = $this->is_negative != $y->is_negative; @@ -1434,12 +1372,12 @@ class Math_BigInteger { } static $zero; - if ( !isset($zero) ) { - $zero = new Math_BigInteger(); + if (!isset($zero)) { + $zero = new static(); } - $x = $this->copy(); - $y = $y->copy(); + $x = clone $this; + $y = clone $y; $x_sign = $x->is_negative; $y_sign = $y->is_negative; @@ -1448,24 +1386,24 @@ class Math_BigInteger { $diff = $x->compare($y); - if ( !$diff ) { - $temp = new Math_BigInteger(); + if (!$diff) { + $temp = new static(); $temp->value = array(1); $temp->is_negative = $x_sign != $y_sign; - return array($this->_normalize($temp), $this->_normalize(new Math_BigInteger())); + return array($this->_normalize($temp), $this->_normalize(new static())); } - if ( $diff < 0 ) { + if ($diff < 0) { // if $x is negative, "add" $y. - if ( $x_sign ) { + if ($x_sign) { $x = $y->subtract($x); } - return array($this->_normalize(new Math_BigInteger()), $this->_normalize($x)); + return array($this->_normalize(new static()), $this->_normalize($x)); } // normalize $x and $y as described in HAC 14.23 / 14.24 $msb = $y->value[count($y->value) - 1]; - for ($shift = 0; !($msb & MATH_BIGINTEGER_MSB); ++$shift) { + for ($shift = 0; !($msb & self::$msb); ++$shift) { $msb <<= 1; } $x->_lshift($shift); @@ -1475,15 +1413,15 @@ class Math_BigInteger { $x_max = count($x->value) - 1; $y_max = count($y->value) - 1; - $quotient = new Math_BigInteger(); + $quotient = new static(); $quotient_value = &$quotient->value; $quotient_value = $this->_array_repeat(0, $x_max - $y_max + 1); static $temp, $lhs, $rhs; if (!isset($temp)) { - $temp = new Math_BigInteger(); - $lhs = new Math_BigInteger(); - $rhs = new Math_BigInteger(); + $temp = new static(); + $lhs = new static(); + $rhs = new static(); } $temp_value = &$temp->value; $rhs_value = &$rhs->value; @@ -1491,7 +1429,7 @@ class Math_BigInteger { // $temp = $y << ($x_max - $y_max-1) in base 2**26 $temp_value = array_merge($this->_array_repeat(0, $x_max - $y_max), $y_value); - while ( $x->compare($temp) >= 0 ) { + while ($x->compare($temp) >= 0) { // calculate the "common residue" ++$quotient_value[$x_max - $y_max]; $x = $x->subtract($temp); @@ -1507,16 +1445,15 @@ class Math_BigInteger { ); $y_window = array( $y_value[$y_max], - ( $y_max > 0 ) ? $y_value[$y_max - 1] : 0 + ($y_max > 0) ? $y_value[$y_max - 1] : 0 ); $q_index = $i - $y_max - 1; if ($x_window[0] == $y_window[0]) { - $quotient_value[$q_index] = MATH_BIGINTEGER_MAX_DIGIT; + $quotient_value[$q_index] = self::$maxDigit; } else { - $quotient_value[$q_index] = (int) ( - ($x_window[0] * MATH_BIGINTEGER_BASE_FULL + $x_window[1]) - / + $quotient_value[$q_index] = $this->_safe_divide( + $x_window[0] * self::$baseFull + $x_window[1], $y_window[0] ); } @@ -1528,7 +1465,7 @@ class Math_BigInteger { $rhs_value = array($x_window[2], $x_window[1], $x_window[0]); - while ( $lhs->compare($rhs) > 0 ) { + while ($lhs->compare($rhs) > 0) { --$quotient_value[$q_index]; $lhs->value = array($quotient_value[$q_index]); @@ -1559,7 +1496,7 @@ class Math_BigInteger { $quotient->is_negative = $x_sign != $y_sign; // calculate the "common residue", if appropriate - if ( $x_sign ) { + if ($x_sign) { $y->_rshift($shift); $x = $y->subtract($x); } @@ -1572,19 +1509,19 @@ class Math_BigInteger { * * abc / x = a00 / x + b0 / x + c / x * - * @param Array $dividend - * @param Array $divisor - * @return Array + * @param array $dividend + * @param array $divisor + * @return array * @access private */ - function _divide_digit($dividend, $divisor) + static function _divide_digit($dividend, $divisor) { $carry = 0; $result = array(); for ($i = count($dividend) - 1; $i >= 0; --$i) { - $temp = MATH_BIGINTEGER_BASE_FULL * $carry + $dividend[$i]; - $result[$i] = (int) ($temp / $divisor); + $temp = self::$baseFull * $carry + $dividend[$i]; + $result[$i] = self::_safe_divide($temp, $divisor); $carry = (int) ($temp - $divisor * $result[$i]); } @@ -1597,11 +1534,9 @@ class Math_BigInteger { * Here's an example: * * modPow($b, $c); * @@ -1609,9 +1544,9 @@ class Math_BigInteger { * ?> * * - * @param Math_BigInteger $e - * @param Math_BigInteger $n - * @return Math_BigInteger + * @param \phpseclib\Math\BigInteger $e + * @param \phpseclib\Math\BigInteger $n + * @return \phpseclib\Math\BigInteger * @access public * @internal The most naive approach to modular exponentiation has very unreasonable requirements, and * and although the approach involving repeated squaring does vastly better, it, too, is impractical @@ -1633,11 +1568,11 @@ class Math_BigInteger { * the other, a power of two - and recombine them, later. This is the method that this modPow function uses. * {@link http://islab.oregonstate.edu/papers/j34monex.pdf Montgomery Reduction with Even Modulus} elaborates. */ - function modPow($e, $n) + function modPow(BigInteger $e, BigInteger $n) { $n = $this->bitmask !== false && $this->bitmask->compare($n) < 0 ? $this->bitmask : $n->abs(); - if ($e->compare(new Math_BigInteger()) < 0) { + if ($e->compare(new static()) < 0) { $e = $e->abs(); $temp = $this->modInverse($n); @@ -1648,14 +1583,14 @@ class Math_BigInteger { return $this->_normalize($temp->modPow($e, $n)); } - if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_GMP ) { - $temp = new Math_BigInteger(); + if (MATH_BIGINTEGER_MODE == self::MODE_GMP) { + $temp = new static(); $temp->value = gmp_powm($this->value, $e->value, $n->value); return $this->_normalize($temp); } - if ($this->compare(new Math_BigInteger()) < 0 || $this->compare($n) > 0) { + if ($this->compare(new static()) < 0 || $this->compare($n) > 0) { list(, $temp) = $this->divide($n); return $temp->modPow($e, $n); } @@ -1667,70 +1602,81 @@ class Math_BigInteger { ); $components = array( - 'modulus' => pack('Ca*a*', 2, $this->_encodeASN1Length(strlen($components['modulus'])), $components['modulus']), - 'publicExponent' => pack('Ca*a*', 2, $this->_encodeASN1Length(strlen($components['publicExponent'])), $components['publicExponent']) + 'modulus' => pack('Ca*a*', 2, self::_encodeASN1Length(strlen($components['modulus'])), $components['modulus']), + 'publicExponent' => pack('Ca*a*', 2, self::_encodeASN1Length(strlen($components['publicExponent'])), $components['publicExponent']) ); - $RSAPublicKey = pack('Ca*a*a*', - 48, $this->_encodeASN1Length(strlen($components['modulus']) + strlen($components['publicExponent'])), - $components['modulus'], $components['publicExponent'] + $RSAPublicKey = pack( + 'Ca*a*a*', + 48, + self::_encodeASN1Length(strlen($components['modulus']) + strlen($components['publicExponent'])), + $components['modulus'], + $components['publicExponent'] ); - $rsaOID = pack('H*', '300d06092a864886f70d0101010500'); // hex version of MA0GCSqGSIb3DQEBAQUA + $rsaOID = "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00"; // hex version of MA0GCSqGSIb3DQEBAQUA $RSAPublicKey = chr(0) . $RSAPublicKey; - $RSAPublicKey = chr(3) . $this->_encodeASN1Length(strlen($RSAPublicKey)) . $RSAPublicKey; + $RSAPublicKey = chr(3) . self::_encodeASN1Length(strlen($RSAPublicKey)) . $RSAPublicKey; - $encapsulated = pack('Ca*a*', - 48, $this->_encodeASN1Length(strlen($rsaOID . $RSAPublicKey)), $rsaOID . $RSAPublicKey + $encapsulated = pack( + 'Ca*a*', + 48, + self::_encodeASN1Length(strlen($rsaOID . $RSAPublicKey)), + $rsaOID . $RSAPublicKey ); $RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" . - chunk_split(base64_encode($encapsulated)) . + chunk_split(Base64::encode($encapsulated)) . '-----END PUBLIC KEY-----'; $plaintext = str_pad($this->toBytes(), strlen($n->toBytes(true)) - 1, "\0", STR_PAD_LEFT); if (openssl_public_encrypt($plaintext, $result, $RSAPublicKey, OPENSSL_NO_PADDING)) { - return new Math_BigInteger($result, 256); + return new static($result, 256); } } - if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_BCMATH ) { - $temp = new Math_BigInteger(); - $temp->value = bcpowmod($this->value, $e->value, $n->value, 0); + if (MATH_BIGINTEGER_MODE == self::MODE_BCMATH) { + $temp = new static(); + $temp->value = bcpowmod($this->value, $e->value, $n->value, 0); - return $this->_normalize($temp); + return $this->_normalize($temp); } - if ( empty($e->value) ) { - $temp = new Math_BigInteger(); + if (empty($e->value)) { + $temp = new static(); $temp->value = array(1); return $this->_normalize($temp); } - if ( $e->value == array(1) ) { + if ($e->value == array(1)) { list(, $temp) = $this->divide($n); return $this->_normalize($temp); } - if ( $e->value == array(2) ) { - $temp = new Math_BigInteger(); - $temp->value = $this->_square($this->value); + if ($e->value == array(2)) { + $temp = new static(); + $temp->value = self::_square($this->value); list(, $temp) = $temp->divide($n); return $this->_normalize($temp); } - return $this->_normalize($this->_slidingWindow($e, $n, MATH_BIGINTEGER_BARRETT)); + return $this->_normalize($this->_slidingWindow($e, $n, self::BARRETT)); + + // the following code, although not callable, can be run independently of the above code + // although the above code performed better in my benchmarks the following could might + // perform better under different circumstances. in lieu of deleting it it's just been + // made uncallable // is the modulo odd? - if ( $n->value[0] & 1 ) { - return $this->_normalize($this->_slidingWindow($e, $n, MATH_BIGINTEGER_MONTGOMERY)); + if ($n->value[0] & 1) { + return $this->_normalize($this->_slidingWindow($e, $n, self::MONTGOMERY)); } // if it's not, it's even // find the lowest set bit (eg. the max pow of 2 that divides $n) for ($i = 0; $i < count($n->value); ++$i) { - if ( $n->value[$i] ) { + if ($n->value[$i]) { $temp = decbin($n->value[$i]); $j = strlen($temp) - strrpos($temp, '1') - 1; $j+= 26 * $i; @@ -1739,14 +1685,14 @@ class Math_BigInteger { } // at this point, 2^$j * $n/(2^$j) == $n - $mod1 = $n->copy(); + $mod1 = clone $n; $mod1->_rshift($j); - $mod2 = new Math_BigInteger(); + $mod2 = new static(); $mod2->value = array(1); $mod2->_lshift($j); - $part1 = ( $mod1->value != array(1) ) ? $this->_slidingWindow($e, $mod1, MATH_BIGINTEGER_MONTGOMERY) : new Math_BigInteger(); - $part2 = $this->_slidingWindow($e, $mod2, MATH_BIGINTEGER_POWEROF2); + $part1 = ($mod1->value != array(1)) ? $this->_slidingWindow($e, $mod1, self::MONTGOMERY) : new static(); + $part2 = $this->_slidingWindow($e, $mod2, self::POWEROF2); $y1 = $mod2->modInverse($mod1); $y2 = $mod1->modInverse($mod2); @@ -1766,14 +1712,14 @@ class Math_BigInteger { /** * Performs modular exponentiation. * - * Alias for Math_BigInteger::modPow() + * Alias for modPow(). * - * @param Math_BigInteger $e - * @param Math_BigInteger $n - * @return Math_BigInteger + * @param \phpseclib\Math\BigInteger $e + * @param \phpseclib\Math\BigInteger $n + * @return \phpseclib\Math\BigInteger * @access public */ - function powMod($e, $n) + function powMod(BigInteger $e, BigInteger $n) { return $this->modPow($e, $n); } @@ -1786,10 +1732,10 @@ class Math_BigInteger { * however, this function performs a modular reduction after every multiplication and squaring operation. * As such, this function has the same preconditions that the reductions being used do. * - * @param Math_BigInteger $e - * @param Math_BigInteger $n - * @param Integer $mode - * @return Math_BigInteger + * @param \phpseclib\Math\BigInteger $e + * @param \phpseclib\Math\BigInteger $n + * @param int $mode + * @return \phpseclib\Math\BigInteger * @access private */ function _slidingWindow($e, $n, $mode) @@ -1801,56 +1747,58 @@ class Math_BigInteger { $e_length = count($e_value) - 1; $e_bits = decbin($e_value[$e_length]); for ($i = $e_length - 1; $i >= 0; --$i) { - $e_bits.= str_pad(decbin($e_value[$i]), MATH_BIGINTEGER_BASE, '0', STR_PAD_LEFT); + $e_bits.= str_pad(decbin($e_value[$i]), self::$base, '0', STR_PAD_LEFT); } $e_length = strlen($e_bits); // calculate the appropriate window size. // $window_size == 3 if $window_ranges is between 25 and 81, for example. - for ($i = 0, $window_size = 1; $e_length > $window_ranges[$i] && $i < count($window_ranges); ++$window_size, ++$i); + for ($i = 0, $window_size = 1; $i < count($window_ranges) && $e_length > $window_ranges[$i]; ++$window_size, ++$i) { + } $n_value = $n->value; // precompute $this^0 through $this^$window_size $powers = array(); - $powers[1] = $this->_prepareReduce($this->value, $n_value, $mode); - $powers[2] = $this->_squareReduce($powers[1], $n_value, $mode); + $powers[1] = self::_prepareReduce($this->value, $n_value, $mode); + $powers[2] = self::_squareReduce($powers[1], $n_value, $mode); // we do every other number since substr($e_bits, $i, $j+1) (see below) is supposed to end // in a 1. ie. it's supposed to be odd. $temp = 1 << ($window_size - 1); for ($i = 1; $i < $temp; ++$i) { $i2 = $i << 1; - $powers[$i2 + 1] = $this->_multiplyReduce($powers[$i2 - 1], $powers[2], $n_value, $mode); + $powers[$i2 + 1] = self::_multiplyReduce($powers[$i2 - 1], $powers[2], $n_value, $mode); } $result = array(1); - $result = $this->_prepareReduce($result, $n_value, $mode); + $result = self::_prepareReduce($result, $n_value, $mode); - for ($i = 0; $i < $e_length; ) { - if ( !$e_bits[$i] ) { - $result = $this->_squareReduce($result, $n_value, $mode); + for ($i = 0; $i < $e_length;) { + if (!$e_bits[$i]) { + $result = self::_squareReduce($result, $n_value, $mode); ++$i; } else { for ($j = $window_size - 1; $j > 0; --$j) { - if ( !empty($e_bits[$i + $j]) ) { + if (!empty($e_bits[$i + $j])) { break; } } - for ($k = 0; $k <= $j; ++$k) {// eg. the length of substr($e_bits, $i, $j+1) - $result = $this->_squareReduce($result, $n_value, $mode); + // eg. the length of substr($e_bits, $i, $j + 1) + for ($k = 0; $k <= $j; ++$k) { + $result = self::_squareReduce($result, $n_value, $mode); } - $result = $this->_multiplyReduce($result, $powers[bindec(substr($e_bits, $i, $j + 1))], $n_value, $mode); + $result = self::_multiplyReduce($result, $powers[bindec(substr($e_bits, $i, $j + 1))], $n_value, $mode); - $i+=$j + 1; + $i += $j + 1; } } - $temp = new Math_BigInteger(); - $temp->value = $this->_reduce($result, $n_value, $mode); + $temp = new static(); + $temp->value = self::_reduce($result, $n_value, $mode); return $temp; } @@ -1860,34 +1808,34 @@ class Math_BigInteger { * * For most $modes this will return the remainder. * - * @see _slidingWindow() + * @see self::_slidingWindow() * @access private - * @param Array $x - * @param Array $n - * @param Integer $mode - * @return Array + * @param array $x + * @param array $n + * @param int $mode + * @return array */ - function _reduce($x, $n, $mode) + static function _reduce($x, $n, $mode) { switch ($mode) { - case MATH_BIGINTEGER_MONTGOMERY: - return $this->_montgomery($x, $n); - case MATH_BIGINTEGER_BARRETT: - return $this->_barrett($x, $n); - case MATH_BIGINTEGER_POWEROF2: - $lhs = new Math_BigInteger(); + case self::MONTGOMERY: + return self::_montgomery($x, $n); + case self::BARRETT: + return self::_barrett($x, $n); + case self::POWEROF2: + $lhs = new static(); $lhs->value = $x; - $rhs = new Math_BigInteger(); + $rhs = new static(); $rhs->value = $n; return $x->_mod2($n); - case MATH_BIGINTEGER_CLASSIC: - $lhs = new Math_BigInteger(); + case self::CLASSIC: + $lhs = new static(); $lhs->value = $x; - $rhs = new Math_BigInteger(); + $rhs = new static(); $rhs->value = $n; list(, $temp) = $lhs->divide($rhs); return $temp->value; - case MATH_BIGINTEGER_NONE: + case self::NONE: return $x; default: // an invalid $mode was provided @@ -1897,57 +1845,57 @@ class Math_BigInteger { /** * Modular reduction preperation * - * @see _slidingWindow() + * @see self::_slidingWindow() * @access private - * @param Array $x - * @param Array $n - * @param Integer $mode - * @return Array + * @param array $x + * @param array $n + * @param int $mode + * @return array */ - function _prepareReduce($x, $n, $mode) + static function _prepareReduce($x, $n, $mode) { - if ($mode == MATH_BIGINTEGER_MONTGOMERY) { - return $this->_prepMontgomery($x, $n); + if ($mode == self::MONTGOMERY) { + return self::_prepMontgomery($x, $n); } - return $this->_reduce($x, $n, $mode); + return self::_reduce($x, $n, $mode); } /** * Modular multiply * - * @see _slidingWindow() + * @see self::_slidingWindow() * @access private - * @param Array $x - * @param Array $y - * @param Array $n - * @param Integer $mode - * @return Array + * @param array $x + * @param array $y + * @param array $n + * @param int $mode + * @return array */ - function _multiplyReduce($x, $y, $n, $mode) + static function _multiplyReduce($x, $y, $n, $mode) { - if ($mode == MATH_BIGINTEGER_MONTGOMERY) { - return $this->_montgomeryMultiply($x, $y, $n); + if ($mode == self::MONTGOMERY) { + return self::_montgomeryMultiply($x, $y, $n); } - $temp = $this->_multiply($x, false, $y, false); - return $this->_reduce($temp[MATH_BIGINTEGER_VALUE], $n, $mode); + $temp = self::_multiply($x, false, $y, false); + return self::_reduce($temp[self::VALUE], $n, $mode); } /** * Modular square * - * @see _slidingWindow() + * @see self::_slidingWindow() * @access private - * @param Array $x - * @param Array $n - * @param Integer $mode - * @return Array + * @param array $x + * @param array $n + * @param int $mode + * @return array */ - function _squareReduce($x, $n, $mode) + static function _squareReduce($x, $n, $mode) { - if ($mode == MATH_BIGINTEGER_MONTGOMERY) { - return $this->_montgomeryMultiply($x, $x, $n); + if ($mode == self::MONTGOMERY) { + return self::_montgomeryMultiply($x, $x, $n); } - return $this->_reduce($this->_square($x), $n, $mode); + return self::_reduce(self::_square($x), $n, $mode); } /** @@ -1956,14 +1904,14 @@ class Math_BigInteger { * Calculates $x%$n, where $n = 2**$e, for some $e. Since this is basically the same as doing $x & ($n-1), * we'll just use this function as a wrapper for doing that. * - * @see _slidingWindow() + * @see self::_slidingWindow() * @access private - * @param Math_BigInteger - * @return Math_BigInteger + * @param \phpseclib\Math\BigInteger + * @return \phpseclib\Math\BigInteger */ function _mod2($n) { - $temp = new Math_BigInteger(); + $temp = new static(); $temp->value = array(1); return $this->bitwise_and($n->subtract($temp)); } @@ -1986,25 +1934,25 @@ class Math_BigInteger { * (x >> 1) + (x >> 1) != x / 2 + x / 2. If x is even, they're the same, but if x is odd, they're not. See the in-line * comments for details. * - * @see _slidingWindow() + * @see self::_slidingWindow() * @access private - * @param Array $n - * @param Array $m - * @return Array + * @param array $n + * @param array $m + * @return array */ - function _barrett($n, $m) + static function _barrett($n, $m) { static $cache = array( - MATH_BIGINTEGER_VARIABLE => array(), - MATH_BIGINTEGER_DATA => array() + self::VARIABLE => array(), + self::DATA => array() ); $m_length = count($m); - // if ($this->_compare($n, $this->_square($m)) >= 0) { + // if (self::_compare($n, self::_square($m)) >= 0) { if (count($n) > 2 * $m_length) { - $lhs = new Math_BigInteger(); - $rhs = new Math_BigInteger(); + $lhs = new static(); + $rhs = new static(); $lhs->value = $n; $rhs->value = $m; list(, $temp) = $lhs->divide($rhs); @@ -2013,140 +1961,140 @@ class Math_BigInteger { // if (m.length >> 1) + 2 <= m.length then m is too small and n can't be reduced if ($m_length < 5) { - return $this->_regularBarrett($n, $m); + return self::_regularBarrett($n, $m); } // n = 2 * m.length - if ( ($key = array_search($m, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) { - $key = count($cache[MATH_BIGINTEGER_VARIABLE]); - $cache[MATH_BIGINTEGER_VARIABLE][] = $m; + if (($key = array_search($m, $cache[self::VARIABLE])) === false) { + $key = count($cache[self::VARIABLE]); + $cache[self::VARIABLE][] = $m; - $lhs = new Math_BigInteger(); + $lhs = new static(); $lhs_value = &$lhs->value; - $lhs_value = $this->_array_repeat(0, $m_length + ($m_length >> 1)); + $lhs_value = self::_array_repeat(0, $m_length + ($m_length >> 1)); $lhs_value[] = 1; - $rhs = new Math_BigInteger(); + $rhs = new static(); $rhs->value = $m; list($u, $m1) = $lhs->divide($rhs); $u = $u->value; $m1 = $m1->value; - $cache[MATH_BIGINTEGER_DATA][] = array( + $cache[self::DATA][] = array( 'u' => $u, // m.length >> 1 (technically (m.length >> 1) + 1) 'm1'=> $m1 // m.length ); } else { - extract($cache[MATH_BIGINTEGER_DATA][$key]); + extract($cache[self::DATA][$key]); } $cutoff = $m_length + ($m_length >> 1); $lsd = array_slice($n, 0, $cutoff); // m.length + (m.length >> 1) $msd = array_slice($n, $cutoff); // m.length >> 1 - $lsd = $this->_trim($lsd); - $temp = $this->_multiply($msd, false, $m1, false); - $n = $this->_add($lsd, false, $temp[MATH_BIGINTEGER_VALUE], false); // m.length + (m.length >> 1) + 1 + $lsd = self::_trim($lsd); + $temp = self::_multiply($msd, false, $m1, false); + $n = self::_add($lsd, false, $temp[self::VALUE], false); // m.length + (m.length >> 1) + 1 if ($m_length & 1) { - return $this->_regularBarrett($n[MATH_BIGINTEGER_VALUE], $m); + return self::_regularBarrett($n[self::VALUE], $m); } // (m.length + (m.length >> 1) + 1) - (m.length - 1) == (m.length >> 1) + 2 - $temp = array_slice($n[MATH_BIGINTEGER_VALUE], $m_length - 1); + $temp = array_slice($n[self::VALUE], $m_length - 1); // if even: ((m.length >> 1) + 2) + (m.length >> 1) == m.length + 2 // if odd: ((m.length >> 1) + 2) + (m.length >> 1) == (m.length - 1) + 2 == m.length + 1 - $temp = $this->_multiply($temp, false, $u, false); + $temp = self::_multiply($temp, false, $u, false); // if even: (m.length + 2) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) + 1 // if odd: (m.length + 1) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) - $temp = array_slice($temp[MATH_BIGINTEGER_VALUE], ($m_length >> 1) + 1); + $temp = array_slice($temp[self::VALUE], ($m_length >> 1) + 1); // if even: (m.length - (m.length >> 1) + 1) + m.length = 2 * m.length - (m.length >> 1) + 1 // if odd: (m.length - (m.length >> 1)) + m.length = 2 * m.length - (m.length >> 1) - $temp = $this->_multiply($temp, false, $m, false); + $temp = self::_multiply($temp, false, $m, false); // at this point, if m had an odd number of digits, we'd be subtracting a 2 * m.length - (m.length >> 1) digit // number from a m.length + (m.length >> 1) + 1 digit number. ie. there'd be an extra digit and the while loop // following this comment would loop a lot (hence our calling _regularBarrett() in that situation). - $result = $this->_subtract($n[MATH_BIGINTEGER_VALUE], false, $temp[MATH_BIGINTEGER_VALUE], false); + $result = self::_subtract($n[self::VALUE], false, $temp[self::VALUE], false); - while ($this->_compare($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $m, false) >= 0) { - $result = $this->_subtract($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $m, false); + while (self::_compare($result[self::VALUE], $result[self::SIGN], $m, false) >= 0) { + $result = self::_subtract($result[self::VALUE], $result[self::SIGN], $m, false); } - return $result[MATH_BIGINTEGER_VALUE]; + return $result[self::VALUE]; } /** * (Regular) Barrett Modular Reduction * - * For numbers with more than four digits Math_BigInteger::_barrett() is faster. The difference between that and this + * For numbers with more than four digits BigInteger::_barrett() is faster. The difference between that and this * is that this function does not fold the denominator into a smaller form. * - * @see _slidingWindow() + * @see self::_slidingWindow() * @access private - * @param Array $x - * @param Array $n - * @return Array + * @param array $x + * @param array $n + * @return array */ - function _regularBarrett($x, $n) + static function _regularBarrett($x, $n) { static $cache = array( - MATH_BIGINTEGER_VARIABLE => array(), - MATH_BIGINTEGER_DATA => array() + self::VARIABLE => array(), + self::DATA => array() ); $n_length = count($n); if (count($x) > 2 * $n_length) { - $lhs = new Math_BigInteger(); - $rhs = new Math_BigInteger(); + $lhs = new static(); + $rhs = new static(); $lhs->value = $x; $rhs->value = $n; list(, $temp) = $lhs->divide($rhs); return $temp->value; } - if ( ($key = array_search($n, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) { - $key = count($cache[MATH_BIGINTEGER_VARIABLE]); - $cache[MATH_BIGINTEGER_VARIABLE][] = $n; - $lhs = new Math_BigInteger(); + if (($key = array_search($n, $cache[self::VARIABLE])) === false) { + $key = count($cache[self::VARIABLE]); + $cache[self::VARIABLE][] = $n; + $lhs = new static(); $lhs_value = &$lhs->value; - $lhs_value = $this->_array_repeat(0, 2 * $n_length); + $lhs_value = self::_array_repeat(0, 2 * $n_length); $lhs_value[] = 1; - $rhs = new Math_BigInteger(); + $rhs = new static(); $rhs->value = $n; list($temp, ) = $lhs->divide($rhs); // m.length - $cache[MATH_BIGINTEGER_DATA][] = $temp->value; + $cache[self::DATA][] = $temp->value; } // 2 * m.length - (m.length - 1) = m.length + 1 $temp = array_slice($x, $n_length - 1); // (m.length + 1) + m.length = 2 * m.length + 1 - $temp = $this->_multiply($temp, false, $cache[MATH_BIGINTEGER_DATA][$key], false); + $temp = self::_multiply($temp, false, $cache[self::DATA][$key], false); // (2 * m.length + 1) - (m.length - 1) = m.length + 2 - $temp = array_slice($temp[MATH_BIGINTEGER_VALUE], $n_length + 1); + $temp = array_slice($temp[self::VALUE], $n_length + 1); // m.length + 1 $result = array_slice($x, 0, $n_length + 1); // m.length + 1 - $temp = $this->_multiplyLower($temp, false, $n, false, $n_length + 1); - // $temp == array_slice($temp->_multiply($temp, false, $n, false)->value, 0, $n_length + 1) + $temp = self::_multiplyLower($temp, false, $n, false, $n_length + 1); + // $temp == array_slice(self::_multiply($temp, false, $n, false)->value, 0, $n_length + 1) - if ($this->_compare($result, false, $temp[MATH_BIGINTEGER_VALUE], $temp[MATH_BIGINTEGER_SIGN]) < 0) { - $corrector_value = $this->_array_repeat(0, $n_length + 1); - $corrector_value[] = 1; - $result = $this->_add($result, false, $corrector_value, false); - $result = $result[MATH_BIGINTEGER_VALUE]; + if (self::_compare($result, false, $temp[self::VALUE], $temp[self::SIGN]) < 0) { + $corrector_value = self::_array_repeat(0, $n_length + 1); + $corrector_value[count($corrector_value)] = 1; + $result = self::_add($result, false, $corrector_value, false); + $result = $result[self::VALUE]; } // at this point, we're subtracting a number with m.length + 1 digits from another number with m.length + 1 digits - $result = $this->_subtract($result, false, $temp[MATH_BIGINTEGER_VALUE], $temp[MATH_BIGINTEGER_SIGN]); - while ($this->_compare($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $n, false) > 0) { - $result = $this->_subtract($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $n, false); + $result = self::_subtract($result, false, $temp[self::VALUE], $temp[self::SIGN]); + while (self::_compare($result[self::VALUE], $result[self::SIGN], $n, false) > 0) { + $result = self::_subtract($result[self::VALUE], $result[self::SIGN], $n, false); } - return $result[MATH_BIGINTEGER_VALUE]; + return $result[self::VALUE]; } /** @@ -2154,28 +2102,28 @@ class Math_BigInteger { * * If you're going to be doing array_slice($product->value, 0, $stop), some cycles can be saved. * - * @see _regularBarrett() - * @param Array $x_value - * @param Boolean $x_negative - * @param Array $y_value - * @param Boolean $y_negative - * @param Integer $stop - * @return Array + * @see self::_regularBarrett() + * @param array $x_value + * @param bool $x_negative + * @param array $y_value + * @param bool $y_negative + * @param int $stop + * @return array * @access private */ - function _multiplyLower($x_value, $x_negative, $y_value, $y_negative, $stop) + static function _multiplyLower($x_value, $x_negative, $y_value, $y_negative, $stop) { $x_length = count($x_value); $y_length = count($y_value); - if ( !$x_length || !$y_length ) { // a 0 is being multiplied + if (!$x_length || !$y_length) { // a 0 is being multiplied return array( - MATH_BIGINTEGER_VALUE => array(), - MATH_BIGINTEGER_SIGN => false + self::VALUE => array(), + self::SIGN => false ); } - if ( $x_length < $y_length ) { + if ($x_length < $y_length) { $temp = $x_value; $x_value = $y_value; $y_value = $temp; @@ -2184,7 +2132,7 @@ class Math_BigInteger { $y_length = count($y_value); } - $product_value = $this->_array_repeat(0, $x_length + $y_length); + $product_value = self::_array_repeat(0, $x_length + $y_length); // the following for loop could be removed if the for loop following it // (the one with nested for loops) initially set $i to 0, but @@ -2196,8 +2144,8 @@ class Math_BigInteger { for ($j = 0; $j < $x_length; ++$j) { // ie. $i = 0, $k = $i $temp = $x_value[$j] * $y_value[0] + $carry; // $product_value[$k] == 0 - $carry = (int) ($temp / MATH_BIGINTEGER_BASE_FULL); - $product_value[$j] = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * $carry); + $carry = self::$base === 26 ? intval($temp / 0x4000000) : ($temp >> 31); + $product_value[$j] = (int) ($temp - self::$baseFull * $carry); } if ($j < $stop) { @@ -2212,8 +2160,8 @@ class Math_BigInteger { for ($j = 0, $k = $i; $j < $x_length && $k < $stop; ++$j, ++$k) { $temp = $product_value[$k] + $x_value[$j] * $y_value[$i] + $carry; - $carry = (int) ($temp / MATH_BIGINTEGER_BASE_FULL); - $product_value[$k] = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * $carry); + $carry = self::$base === 26 ? intval($temp / 0x4000000) : ($temp >> 31); + $product_value[$k] = (int) ($temp - self::$baseFull * $carry); } if ($k < $stop) { @@ -2222,8 +2170,8 @@ class Math_BigInteger { } return array( - MATH_BIGINTEGER_VALUE => $this->_trim($product_value), - MATH_BIGINTEGER_SIGN => $x_negative != $y_negative + self::VALUE => self::_trim($product_value), + self::SIGN => $x_negative != $y_negative ); } @@ -2235,112 +2183,117 @@ class Math_BigInteger { * improved upon (basically, by using the comba method). gcd($n, 2) must be equal to one for this function * to work correctly. * - * @see _prepMontgomery() - * @see _slidingWindow() + * @see self::_prepMontgomery() + * @see self::_slidingWindow() * @access private - * @param Array $x - * @param Array $n - * @return Array + * @param array $x + * @param array $n + * @return array */ - function _montgomery($x, $n) + static function _montgomery($x, $n) { static $cache = array( - MATH_BIGINTEGER_VARIABLE => array(), - MATH_BIGINTEGER_DATA => array() + self::VARIABLE => array(), + self::DATA => array() ); - if ( ($key = array_search($n, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) { - $key = count($cache[MATH_BIGINTEGER_VARIABLE]); - $cache[MATH_BIGINTEGER_VARIABLE][] = $x; - $cache[MATH_BIGINTEGER_DATA][] = $this->_modInverse67108864($n); + if (($key = array_search($n, $cache[self::VARIABLE])) === false) { + $key = count($cache[self::VARIABLE]); + $cache[self::VARIABLE][] = $x; + $cache[self::DATA][] = self::_modInverse67108864($n); } $k = count($n); - $result = array(MATH_BIGINTEGER_VALUE => $x); + $result = array(self::VALUE => $x); for ($i = 0; $i < $k; ++$i) { - $temp = $result[MATH_BIGINTEGER_VALUE][$i] * $cache[MATH_BIGINTEGER_DATA][$key]; - $temp = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * ((int) ($temp / MATH_BIGINTEGER_BASE_FULL))); - $temp = $this->_regularMultiply(array($temp), $n); + $temp = $result[self::VALUE][$i] * $cache[self::DATA][$key]; + $temp = $temp - self::$baseFull * (self::$base === 26 ? intval($temp / 0x4000000) : ($temp >> 31)); + $temp = self::_regularMultiply(array($temp), $n); $temp = array_merge($this->_array_repeat(0, $i), $temp); - $result = $this->_add($result[MATH_BIGINTEGER_VALUE], false, $temp, false); + $result = self::_add($result[self::VALUE], false, $temp, false); } - $result[MATH_BIGINTEGER_VALUE] = array_slice($result[MATH_BIGINTEGER_VALUE], $k); + $result[self::VALUE] = array_slice($result[self::VALUE], $k); - if ($this->_compare($result, false, $n, false) >= 0) { - $result = $this->_subtract($result[MATH_BIGINTEGER_VALUE], false, $n, false); + if (self::_compare($result, false, $n, false) >= 0) { + $result = self::_subtract($result[self::VALUE], false, $n, false); } - return $result[MATH_BIGINTEGER_VALUE]; + return $result[self::VALUE]; } /** * Montgomery Multiply * - * Interleaves the montgomery reduction and long multiplication algorithms together as described in + * Interleaves the montgomery reduction and long multiplication algorithms together as described in * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=13 HAC 14.36} * - * @see _prepMontgomery() - * @see _montgomery() + * @see self::_prepMontgomery() + * @see self::_montgomery() * @access private - * @param Array $x - * @param Array $y - * @param Array $m - * @return Array + * @param array $x + * @param array $y + * @param array $m + * @return array */ - function _montgomeryMultiply($x, $y, $m) + static function _montgomeryMultiply($x, $y, $m) { - $temp = $this->_multiply($x, false, $y, false); - return $this->_montgomery($temp[MATH_BIGINTEGER_VALUE], $m); + $temp = self::_multiply($x, false, $y, false); + return self::_montgomery($temp[self::VALUE], $m); + + // the following code, although not callable, can be run independently of the above code + // although the above code performed better in my benchmarks the following could might + // perform better under different circumstances. in lieu of deleting it it's just been + // made uncallable static $cache = array( - MATH_BIGINTEGER_VARIABLE => array(), - MATH_BIGINTEGER_DATA => array() + self::VARIABLE => array(), + self::DATA => array() ); - if ( ($key = array_search($m, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) { - $key = count($cache[MATH_BIGINTEGER_VARIABLE]); - $cache[MATH_BIGINTEGER_VARIABLE][] = $m; - $cache[MATH_BIGINTEGER_DATA][] = $this->_modInverse67108864($m); + if (($key = array_search($m, $cache[self::VARIABLE])) === false) { + $key = count($cache[self::VARIABLE]); + $cache[self::VARIABLE][] = $m; + $cache[self::DATA][] = self::_modInverse67108864($m); } $n = max(count($x), count($y), count($m)); $x = array_pad($x, $n, 0); $y = array_pad($y, $n, 0); $m = array_pad($m, $n, 0); - $a = array(MATH_BIGINTEGER_VALUE => $this->_array_repeat(0, $n + 1)); + $a = array(self::VALUE => self::_array_repeat(0, $n + 1)); for ($i = 0; $i < $n; ++$i) { - $temp = $a[MATH_BIGINTEGER_VALUE][0] + $x[$i] * $y[0]; - $temp = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * ((int) ($temp / MATH_BIGINTEGER_BASE_FULL))); - $temp = $temp * $cache[MATH_BIGINTEGER_DATA][$key]; - $temp = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * ((int) ($temp / MATH_BIGINTEGER_BASE_FULL))); - $temp = $this->_add($this->_regularMultiply(array($x[$i]), $y), false, $this->_regularMultiply(array($temp), $m), false); - $a = $this->_add($a[MATH_BIGINTEGER_VALUE], false, $temp[MATH_BIGINTEGER_VALUE], false); - $a[MATH_BIGINTEGER_VALUE] = array_slice($a[MATH_BIGINTEGER_VALUE], 1); + $temp = $a[self::VALUE][0] + $x[$i] * $y[0]; + $temp = $temp - self::$baseFull * (self::$base === 26 ? intval($temp / 0x4000000) : ($temp >> 31)); + $temp = $temp * $cache[self::DATA][$key]; + $temp = $temp - self::$baseFull * (self::$base === 26 ? intval($temp / 0x4000000) : ($temp >> 31)); + $temp = self::_add(self::_regularMultiply(array($x[$i]), $y), false, self::_regularMultiply(array($temp), $m), false); + $a = self::_add($a[self::VALUE], false, $temp[self::VALUE], false); + $a[self::VALUE] = array_slice($a[self::VALUE], 1); } - if ($this->_compare($a[MATH_BIGINTEGER_VALUE], false, $m, false) >= 0) { - $a = $this->_subtract($a[MATH_BIGINTEGER_VALUE], false, $m, false); + if (self::_compare($a[self::VALUE], false, $m, false) >= 0) { + $a = self::_subtract($a[self::VALUE], false, $m, false); } - return $a[MATH_BIGINTEGER_VALUE]; + return $a[self::VALUE]; } /** * Prepare a number for use in Montgomery Modular Reductions * - * @see _montgomery() - * @see _slidingWindow() + * @see self::_montgomery() + * @see self::_slidingWindow() * @access private - * @param Array $x - * @param Array $n - * @return Array + * @param array $x + * @param array $n + * @return array */ - function _prepMontgomery($x, $n) + static function _prepMontgomery($x, $n) { - $lhs = new Math_BigInteger(); - $lhs->value = array_merge($this->_array_repeat(0, count($n)), $x); - $rhs = new Math_BigInteger(); + $lhs = new static(); + $lhs->value = array_merge(self::_array_repeat(0, count($n)), $x); + $rhs = new static(); $rhs->value = $n; list(, $temp) = $lhs->divide($rhs); @@ -2359,7 +2312,7 @@ class Math_BigInteger { * {@link http://groups.google.com/group/sci.crypt/msg/7a137205c1be7d85} * * As for why we do all the bitmasking... strange things can happen when converting from floats to ints. For - * instance, on some computers, var_dump((int) -4294967297) yields int(-1) and on others, it yields + * instance, on some computers, var_dump((int) -4294967297) yields int(-1) and on others, it yields * int(-2147483648). To avoid problems stemming from this, we use bitmasks to guarantee that ints aren't * auto-converted to floats. The outermost bitmask is present because without it, there's no guarantee that * the "residue" returned would be the so-called "common residue". We use fmod, in the last step, because the @@ -2368,10 +2321,10 @@ class Math_BigInteger { * * Thanks to Pedro Gimeno Fortea for input! * - * @see _montgomery() + * @see self::_montgomery() * @access private - * @param Array $x - * @return Integer + * @param array $x + * @return int */ function _modInverse67108864($x) // 2**26 == 67,108,864 { @@ -2380,8 +2333,8 @@ class Math_BigInteger { $result = ($result * (2 - $x * $result)) & 0xF; // x**-1 mod 2**4 $result = ($result * (2 - ($x & 0xFF) * $result)) & 0xFF; // x**-1 mod 2**8 $result = ($result * ((2 - ($x & 0xFFFF) * $result) & 0xFFFF)) & 0xFFFF; // x**-1 mod 2**16 - $result = fmod($result * (2 - fmod($x * $result, MATH_BIGINTEGER_BASE_FULL)), MATH_BIGINTEGER_BASE_FULL); // x**-1 mod 2**26 - return $result & MATH_BIGINTEGER_MAX_DIGIT; + $result = fmod($result * (2 - fmod($x * $result, self::$baseFull)), self::$baseFull); // x**-1 mod 2**26 + return $result & self::$maxDigit; } /** @@ -2392,10 +2345,8 @@ class Math_BigInteger { * Here's an example: * * modInverse($b); * echo $c->toString(); // outputs 4 @@ -2408,25 +2359,25 @@ class Math_BigInteger { * ?> * * - * @param Math_BigInteger $n - * @return mixed false, if no modular inverse exists, Math_BigInteger, otherwise. + * @param \phpseclib\Math\BigInteger $n + * @return \phpseclib\Math\BigInteger|false * @access public * @internal See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=21 HAC 14.64} for more information. */ - function modInverse($n) + function modInverse(BigInteger $n) { - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: - $temp = new Math_BigInteger(); + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: + $temp = new static(); $temp->value = gmp_invert($this->value, $n->value); - return ( $temp->value === false ) ? false : $this->_normalize($temp); + return ($temp->value === false) ? false : $this->_normalize($temp); } static $zero, $one; if (!isset($zero)) { - $zero = new Math_BigInteger(); - $one = new Math_BigInteger(1); + $zero = new static(); + $one = new static(1); } // $x mod -$n == $x mod $n. @@ -2460,10 +2411,8 @@ class Math_BigInteger { * Here's an example: * * extendedGCD($b)); * @@ -2472,25 +2421,25 @@ class Math_BigInteger { * ?> * * - * @param Math_BigInteger $n - * @return Math_BigInteger + * @param \phpseclib\Math\BigInteger $n + * @return \phpseclib\Math\BigInteger * @access public * @internal Calculates the GCD using the binary xGCD algorithim described in * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=19 HAC 14.61}. As the text above 14.61 notes, * the more traditional algorithim requires "relatively costly multiple-precision divisions". */ - function extendedGCD($n) + function extendedGCD(BigInteger $n) { - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: extract(gmp_gcdext($this->value, $n->value)); return array( - 'gcd' => $this->_normalize(new Math_BigInteger($g)), - 'x' => $this->_normalize(new Math_BigInteger($s)), - 'y' => $this->_normalize(new Math_BigInteger($t)) + 'gcd' => $this->_normalize(new static($g)), + 'x' => $this->_normalize(new static($s)), + 'y' => $this->_normalize(new static($t)) ); - case MATH_BIGINTEGER_MODE_BCMATH: + case self::MODE_BCMATH: // it might be faster to use the binary xGCD algorithim here, as well, but (1) that algorithim works // best when the base is a power of 2 and (2) i don't think it'd make much difference, anyway. as is, // the basic extended euclidean algorithim is what we're using. @@ -2520,38 +2469,38 @@ class Math_BigInteger { } return array( - 'gcd' => $this->_normalize(new Math_BigInteger($u)), - 'x' => $this->_normalize(new Math_BigInteger($a)), - 'y' => $this->_normalize(new Math_BigInteger($b)) + 'gcd' => $this->_normalize(new static($u)), + 'x' => $this->_normalize(new static($a)), + 'y' => $this->_normalize(new static($b)) ); } - $y = $n->copy(); - $x = $this->copy(); - $g = new Math_BigInteger(); + $y = clone $n; + $x = clone $this; + $g = new static(); $g->value = array(1); - while ( !(($x->value[0] & 1)|| ($y->value[0] & 1)) ) { + while (!(($x->value[0] & 1)|| ($y->value[0] & 1))) { $x->_rshift(1); $y->_rshift(1); $g->_lshift(1); } - $u = $x->copy(); - $v = $y->copy(); + $u = clone $x; + $v = clone $y; - $a = new Math_BigInteger(); - $b = new Math_BigInteger(); - $c = new Math_BigInteger(); - $d = new Math_BigInteger(); + $a = new static(); + $b = new static(); + $c = new static(); + $d = new static(); $a->value = $d->value = $g->value = array(1); $b->value = $c->value = array(); - while ( !empty($u->value) ) { - while ( !($u->value[0] & 1) ) { + while (!empty($u->value)) { + while (!($u->value[0] & 1)) { $u->_rshift(1); - if ( (!empty($a->value) && ($a->value[0] & 1)) || (!empty($b->value) && ($b->value[0] & 1)) ) { + if ((!empty($a->value) && ($a->value[0] & 1)) || (!empty($b->value) && ($b->value[0] & 1))) { $a = $a->add($y); $b = $b->subtract($x); } @@ -2559,9 +2508,9 @@ class Math_BigInteger { $b->_rshift(1); } - while ( !($v->value[0] & 1) ) { + while (!($v->value[0] & 1)) { $v->_rshift(1); - if ( (!empty($d->value) && ($d->value[0] & 1)) || (!empty($c->value) && ($c->value[0] & 1)) ) { + if ((!empty($d->value) && ($d->value[0] & 1)) || (!empty($c->value) && ($c->value[0] & 1))) { $c = $c->add($y); $d = $d->subtract($x); } @@ -2595,10 +2544,8 @@ class Math_BigInteger { * Here's an example: * * extendedGCD($b); * @@ -2606,11 +2553,11 @@ class Math_BigInteger { * ?> * * - * @param Math_BigInteger $n - * @return Math_BigInteger + * @param \phpseclib\Math\BigInteger $n + * @return \phpseclib\Math\BigInteger * @access public */ - function gcd($n) + function gcd(BigInteger $n) { extract($this->extendedGCD($n)); return $gcd; @@ -2619,18 +2566,18 @@ class Math_BigInteger { /** * Absolute value. * - * @return Math_BigInteger + * @return \phpseclib\Math\BigInteger * @access public */ function abs() { - $temp = new Math_BigInteger(); + $temp = new static(); - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: $temp->value = gmp_abs($this->value); break; - case MATH_BIGINTEGER_MODE_BCMATH: + case self::MODE_BCMATH: $temp->value = (bccomp($this->value, '0', 0) < 0) ? substr($this->value, 1) : $this->value; break; default: @@ -2652,45 +2599,45 @@ class Math_BigInteger { * * Note how the same comparison operator is used. If you want to test for equality, use $x->equals($y). * - * @param Math_BigInteger $y - * @return Integer < 0 if $this is less than $y; > 0 if $this is greater than $y, and 0 if they are equal. + * @param \phpseclib\Math\BigInteger $y + * @return int < 0 if $this is less than $y; > 0 if $this is greater than $y, and 0 if they are equal. * @access public - * @see equals() + * @see self::equals() * @internal Could return $this->subtract($x), but that's not as fast as what we do do. */ - function compare($y) + function compare(BigInteger $y) { - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: return gmp_cmp($this->value, $y->value); - case MATH_BIGINTEGER_MODE_BCMATH: + case self::MODE_BCMATH: return bccomp($this->value, $y->value, 0); } - return $this->_compare($this->value, $this->is_negative, $y->value, $y->is_negative); + return self::_compare($this->value, $this->is_negative, $y->value, $y->is_negative); } /** * Compares two numbers. * - * @param Array $x_value - * @param Boolean $x_negative - * @param Array $y_value - * @param Boolean $y_negative - * @return Integer - * @see compare() + * @param array $x_value + * @param bool $x_negative + * @param array $y_value + * @param bool $y_negative + * @return int + * @see self::compare() * @access private */ - function _compare($x_value, $x_negative, $y_value, $y_negative) + static function _compare($x_value, $x_negative, $y_value, $y_negative) { - if ( $x_negative != $y_negative ) { - return ( !$x_negative && $y_negative ) ? 1 : -1; + if ($x_negative != $y_negative) { + return (!$x_negative && $y_negative) ? 1 : -1; } $result = $x_negative ? -1 : 1; - if ( count($x_value) != count($y_value) ) { - return ( count($x_value) > count($y_value) ) ? $result : -$result; + if (count($x_value) != count($y_value)) { + return (count($x_value) > count($y_value)) ? $result : -$result; } $size = max(count($x_value), count($y_value)); @@ -2699,7 +2646,7 @@ class Math_BigInteger { for ($i = count($x_value) - 1; $i >= 0; --$i) { if ($x_value[$i] != $y_value[$i]) { - return ( $x_value[$i] > $y_value[$i] ) ? $result : -$result; + return ($x_value[$i] > $y_value[$i]) ? $result : -$result; } } @@ -2709,17 +2656,17 @@ class Math_BigInteger { /** * Tests the equality of two numbers. * - * If you need to see if one number is greater than or less than another number, use Math_BigInteger::compare() + * If you need to see if one number is greater than or less than another number, use BigInteger::compare() * - * @param Math_BigInteger $x - * @return Boolean + * @param \phpseclib\Math\BigInteger $x + * @return bool * @access public - * @see compare() + * @see self::compare() */ - function equals($x) + function equals(BigInteger $x) { - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: return gmp_cmp($this->value, $x->value) == 0; default: return $this->value === $x->value && $this->is_negative == $x->is_negative; @@ -2732,39 +2679,57 @@ class Math_BigInteger { * Some bitwise operations give different results depending on the precision being used. Examples include left * shift, not, and rotates. * - * @param Integer $bits + * @param int $bits * @access public */ function setPrecision($bits) { + if ($bits < 1) { + $this->precision = -1; + $this->bitmask = false; + + return; + } $this->precision = $bits; - if ( MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_BCMATH ) { - $this->bitmask = new Math_BigInteger(chr((1 << ($bits & 0x7)) - 1) . str_repeat(chr(0xFF), $bits >> 3), 256); + if (MATH_BIGINTEGER_MODE != self::MODE_BCMATH) { + $this->bitmask = new static(chr((1 << ($bits & 0x7)) - 1) . str_repeat(chr(0xFF), $bits >> 3), 256); } else { - $this->bitmask = new Math_BigInteger(bcpow('2', $bits, 0)); + $this->bitmask = new static(bcpow('2', $bits, 0)); } $temp = $this->_normalize($this); $this->value = $temp->value; } + /** + * Get Precision + * + * @return int + * @see self::setPrecision() + * @access public + */ + function getPrecision() + { + return $this->precision; + } + /** * Logical And * - * @param Math_BigInteger $x + * @param \phpseclib\Math\BigInteger $x * @access public * @internal Implemented per a request by Lluis Pamies i Juarez - * @return Math_BigInteger + * @return \phpseclib\Math\BigInteger */ - function bitwise_and($x) + function bitwise_and(BigInteger $x) { - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: - $temp = new Math_BigInteger(); + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: + $temp = new static(); $temp->value = gmp_and($this->value, $x->value); return $this->_normalize($temp); - case MATH_BIGINTEGER_MODE_BCMATH: + case self::MODE_BCMATH: $left = $this->toBytes(); $right = $x->toBytes(); @@ -2773,10 +2738,10 @@ class Math_BigInteger { $left = str_pad($left, $length, chr(0), STR_PAD_LEFT); $right = str_pad($right, $length, chr(0), STR_PAD_LEFT); - return $this->_normalize(new Math_BigInteger($left & $right, 256)); + return $this->_normalize(new static($left & $right, 256)); } - $result = $this->copy(); + $result = clone $this; $length = min(count($x->value), count($this->value)); @@ -2792,20 +2757,20 @@ class Math_BigInteger { /** * Logical Or * - * @param Math_BigInteger $x + * @param \phpseclib\Math\BigInteger $x * @access public * @internal Implemented per a request by Lluis Pamies i Juarez - * @return Math_BigInteger + * @return \phpseclib\Math\BigInteger */ - function bitwise_or($x) + function bitwise_or(BigInteger $x) { - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: - $temp = new Math_BigInteger(); + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: + $temp = new static(); $temp->value = gmp_or($this->value, $x->value); return $this->_normalize($temp); - case MATH_BIGINTEGER_MODE_BCMATH: + case self::MODE_BCMATH: $left = $this->toBytes(); $right = $x->toBytes(); @@ -2814,11 +2779,11 @@ class Math_BigInteger { $left = str_pad($left, $length, chr(0), STR_PAD_LEFT); $right = str_pad($right, $length, chr(0), STR_PAD_LEFT); - return $this->_normalize(new Math_BigInteger($left | $right, 256)); + return $this->_normalize(new static($left | $right, 256)); } $length = max(count($this->value), count($x->value)); - $result = $this->copy(); + $result = clone $this; $result->value = array_pad($result->value, $length, 0); $x->value = array_pad($x->value, $length, 0); @@ -2832,20 +2797,20 @@ class Math_BigInteger { /** * Logical Exclusive-Or * - * @param Math_BigInteger $x + * @param \phpseclib\Math\BigInteger $x * @access public * @internal Implemented per a request by Lluis Pamies i Juarez - * @return Math_BigInteger + * @return \phpseclib\Math\BigInteger */ - function bitwise_xor($x) + function bitwise_xor(BigInteger $x) { - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: - $temp = new Math_BigInteger(); + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: + $temp = new static(); $temp->value = gmp_xor($this->value, $x->value); return $this->_normalize($temp); - case MATH_BIGINTEGER_MODE_BCMATH: + case self::MODE_BCMATH: $left = $this->toBytes(); $right = $x->toBytes(); @@ -2854,11 +2819,11 @@ class Math_BigInteger { $left = str_pad($left, $length, chr(0), STR_PAD_LEFT); $right = str_pad($right, $length, chr(0), STR_PAD_LEFT); - return $this->_normalize(new Math_BigInteger($left ^ $right, 256)); + return $this->_normalize(new static($left ^ $right, 256)); } $length = max(count($this->value), count($x->value)); - $result = $this->copy(); + $result = clone $this; $result->value = array_pad($result->value, $length, 0); $x->value = array_pad($x->value, $length, 0); @@ -2874,13 +2839,16 @@ class Math_BigInteger { * * @access public * @internal Implemented per a request by Lluis Pamies i Juarez - * @return Math_BigInteger + * @return \phpseclib\Math\BigInteger */ function bitwise_not() { // calculuate "not" without regard to $this->precision // (will always result in a smaller number. ie. ~1 isn't 1111 1110 - it's 0) $temp = $this->toBytes(); + if ($temp == '') { + return ''; + } $pre_msb = decbin(ord($temp[0])); $temp = ~$temp; $msb = decbin(ord($temp[0])); @@ -2893,16 +2861,17 @@ class Math_BigInteger { $current_bits = strlen($pre_msb) + 8 * strlen($temp) - 8; $new_bits = $this->precision - $current_bits; if ($new_bits <= 0) { - return $this->_normalize(new Math_BigInteger($temp, 256)); + return $this->_normalize(new static($temp, 256)); } // generate as many leading 1's as we need to. $leading_ones = chr((1 << ($new_bits & 0x7)) - 1) . str_repeat(chr(0xFF), $new_bits >> 3); - $this->_base256_lshift($leading_ones, $current_bits); - $temp = str_pad($temp, ceil($this->bits / 8), chr(0), STR_PAD_LEFT); + self::_base256_lshift($leading_ones, $current_bits); - return $this->_normalize(new Math_BigInteger($leading_ones | $temp, 256)); + $temp = str_pad($temp, strlen($leading_ones), chr(0), STR_PAD_LEFT); + + return $this->_normalize(new static($leading_ones | $temp, 256)); } /** @@ -2910,17 +2879,17 @@ class Math_BigInteger { * * Shifts BigInteger's by $shift bits, effectively dividing by 2**$shift. * - * @param Integer $shift - * @return Math_BigInteger + * @param int $shift + * @return \phpseclib\Math\BigInteger * @access public * @internal The only version that yields any speed increases is the internal version. */ function bitwise_rightShift($shift) { - $temp = new Math_BigInteger(); + $temp = new static(); - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: static $two; if (!isset($two)) { @@ -2930,7 +2899,7 @@ class Math_BigInteger { $temp->value = gmp_div_q($this->value, gmp_pow($two, $shift)); break; - case MATH_BIGINTEGER_MODE_BCMATH: + case self::MODE_BCMATH: $temp->value = bcdiv($this->value, bcpow('2', $shift, 0), 0); break; @@ -2948,17 +2917,17 @@ class Math_BigInteger { * * Shifts BigInteger's by $shift bits, effectively multiplying by 2**$shift. * - * @param Integer $shift - * @return Math_BigInteger + * @param int $shift + * @return \phpseclib\Math\BigInteger * @access public * @internal The only version that yields any speed increases is the internal version. */ function bitwise_leftShift($shift) { - $temp = new Math_BigInteger(); + $temp = new static(); - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: static $two; if (!isset($two)) { @@ -2968,7 +2937,7 @@ class Math_BigInteger { $temp->value = gmp_mul($this->value, gmp_pow($two, $shift)); break; - case MATH_BIGINTEGER_MODE_BCMATH: + case self::MODE_BCMATH: $temp->value = bcmul($this->value, bcpow('2', $shift, 0), 0); break; @@ -2986,8 +2955,8 @@ class Math_BigInteger { * * Instead of the top x bits being dropped they're appended to the shifted bit string. * - * @param Integer $shift - * @return Math_BigInteger + * @param int $shift + * @return \phpseclib\Math\BigInteger * @access public */ function bitwise_leftRotate($shift) @@ -2996,15 +2965,16 @@ class Math_BigInteger { if ($this->precision > 0) { $precision = $this->precision; - if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_BCMATH ) { - $mask = $this->bitmask->subtract(new Math_BigInteger(1)); + if (MATH_BIGINTEGER_MODE == self::MODE_BCMATH) { + $mask = $this->bitmask->subtract(new static(1)); $mask = $mask->toBytes(); } else { $mask = $this->bitmask->toBytes(); } } else { $temp = ord($bits[0]); - for ($i = 0; $temp >> $i; ++$i); + for ($i = 0; $temp >> $i; ++$i) { + } $precision = 8 * strlen($bits) - 8 + $i; $mask = chr((1 << ($precision & 0x7)) - 1) . str_repeat(chr(0xFF), $precision >> 3); } @@ -3015,13 +2985,13 @@ class Math_BigInteger { $shift%= $precision; if (!$shift) { - return $this->copy(); + return clone $this; } $left = $this->bitwise_leftShift($shift); - $left = $left->bitwise_and(new Math_BigInteger($mask, 256)); + $left = $left->bitwise_and(new static($mask, 256)); $right = $this->bitwise_rightShift($precision - $shift); - $result = MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_BCMATH ? $left->bitwise_or($right) : $left->add($right); + $result = MATH_BIGINTEGER_MODE != self::MODE_BCMATH ? $left->bitwise_or($right) : $left->add($right); return $this->_normalize($result); } @@ -3030,8 +3000,8 @@ class Math_BigInteger { * * Instead of the bottom x bits being dropped they're prepended to the shifted bit string. * - * @param Integer $shift - * @return Math_BigInteger + * @param int $shift + * @return \phpseclib\Math\BigInteger * @access public */ function bitwise_rightRotate($shift) @@ -3039,32 +3009,19 @@ class Math_BigInteger { return $this->bitwise_leftRotate(-$shift); } - /** - * Set random number generator function - * - * This function is deprecated. - * - * @param String $generator - * @access public - */ - function setRandomGenerator($generator) - { - } - /** * Generates a random BigInteger * - * Byte length is equal to $length. Uses crypt_random if it's loaded and mt_rand if it's not. + * Byte length is equal to $length. Uses \phpseclib\Crypt\Random if it's loaded and mt_rand if it's not. * - * @param Integer $length - * @return Math_BigInteger + * @param int $length + * @return \phpseclib\Math\BigInteger * @access private */ - function _random_number_helper($size) + static function _random_number_helper($size) { - $crypt_random = function_exists('crypt_random_string') || (!class_exists('Crypt_Random') && function_exists('crypt_random_string')); - if ($crypt_random) { - $random = crypt_random_string($size); + if (class_exists('\phpseclib\Crypt\Random')) { + $random = Random::string($size); } else { $random = ''; @@ -3079,32 +3036,30 @@ class Math_BigInteger { } } - return new Math_BigInteger($random, 256); + return new static($random, 256); } /** * Generate a random number * - * @param optional Integer $min - * @param optional Integer $max - * @return Math_BigInteger + * Returns a random number between $min and $max where $min and $max + * can be defined using one of the two methods: + * + * BigInteger::random($min, $max) + * BigInteger::random($max, $min) + * + * @param \phpseclib\Math\BigInteger $arg1 + * @param \phpseclib\Math\BigInteger $arg2 + * @return \phpseclib\Math\BigInteger * @access public */ - function random($min = false, $max = false) + static function random(BigInteger $min, BigInteger $max) { - if ($min === false) { - $min = new Math_BigInteger(0); - } - - if ($max === false) { - $max = new Math_BigInteger(0x7FFFFFFF); - } - $compare = $max->compare($min); if (!$compare) { return $this->_normalize($min); - } else if ($compare < 0) { + } elseif ($compare < 0) { // if $min is bigger then $max, swap $min and $max $temp = $max; $max = $min; @@ -3113,7 +3068,7 @@ class Math_BigInteger { static $one; if (!isset($one)) { - $one = new Math_BigInteger(1); + $one = new static(1); } $max = $max->subtract($min->subtract($one)); @@ -3134,8 +3089,8 @@ class Math_BigInteger { http://crypto.stackexchange.com/questions/5708/creating-a-small-number-from-a-cryptographically-secure-random-string */ - $random_max = new Math_BigInteger(chr(1) . str_repeat("\0", $size), 256); - $random = $this->_random_number_helper($size); + $random_max = new static(chr(1) . str_repeat("\0", $size), 256); + $random = static::_random_number_helper($size); list($max_multiple) = $random_max->divide($max); $max_multiple = $max_multiple->multiply($max); @@ -3144,44 +3099,36 @@ class Math_BigInteger { $random = $random->subtract($max_multiple); $random_max = $random_max->subtract($max_multiple); $random = $random->bitwise_leftShift(8); - $random = $random->add($this->_random_number_helper(1)); + $random = $random->add(self::_random_number_helper(1)); $random_max = $random_max->bitwise_leftShift(8); list($max_multiple) = $random_max->divide($max); $max_multiple = $max_multiple->multiply($max); } list(, $random) = $random->divide($max); - return $this->_normalize($random->add($min)); + return $random->add($min); } /** * Generate a random prime number. * - * If there's not a prime within the given range, false will be returned. If more than $timeout seconds have elapsed, - * give up and return false. + * If there's not a prime within the given range, false will be returned. + * If more than $timeout seconds have elapsed, give up and return false. * - * @param optional Integer $min - * @param optional Integer $max - * @param optional Integer $timeout - * @return Math_BigInteger + * @param \phpseclib\Math\BigInteger $min + * @param \phpseclib\Math\BigInteger $max + * @param int $timeout + * @return Math_BigInteger|false * @access public * @internal See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap4.pdf#page=15 HAC 4.44}. */ - function randomPrime($min = false, $max = false, $timeout = false) + static function randomPrime(BigInteger $min, BigInteger $max, $timeout = false) { - if ($min === false) { - $min = new Math_BigInteger(0); - } - - if ($max === false) { - $max = new Math_BigInteger(0x7FFFFFFF); - } - $compare = $max->compare($min); if (!$compare) { return $min->isPrime() ? $min : false; - } else if ($compare < 0) { + } elseif ($compare < 0) { // if $min is bigger then $max, swap $min and $max $temp = $max; $max = $min; @@ -3190,17 +3137,17 @@ class Math_BigInteger { static $one, $two; if (!isset($one)) { - $one = new Math_BigInteger(1); - $two = new Math_BigInteger(2); + $one = new static(1); + $two = new static(2); } $start = time(); - $x = $this->random($min, $max); + $x = self::random($min, $max); // gmp_nextprime() requires PHP 5 >= 5.2.0 per . - if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_GMP && function_exists('gmp_nextprime') ) { - $p = new Math_BigInteger(); + if (MATH_BIGINTEGER_MODE == self::MODE_GMP && extension_loaded('gmp')) { + $p = new static(); $p->value = gmp_nextprime($x->value); if ($p->compare($max) <= 0) { @@ -3211,7 +3158,7 @@ class Math_BigInteger { $x = $x->subtract($one); } - return $x->randomPrime($min, $x); + return self::randomPrime($min, $x); } if ($x->equals($two)) { @@ -3224,11 +3171,11 @@ class Math_BigInteger { if ($min->equals($max)) { return false; } - $x = $min->copy(); + $x = clone $min; $x->_make_odd(); } - $initial_x = $x->copy(); + $initial_x = clone $x; while (true) { if ($timeout !== false && time() - $start > $timeout) { @@ -3242,7 +3189,7 @@ class Math_BigInteger { $x = $x->add($two); if ($x->compare($max) > 0) { - $x = $min->copy(); + $x = clone $min; if ($x->equals($two)) { return $x; } @@ -3260,16 +3207,16 @@ class Math_BigInteger { * * If the current number is odd it'll be unchanged. If it's even, one will be added to it. * - * @see randomPrime() + * @see self::randomPrime() * @access private */ function _make_odd() { - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: gmp_setbit($this->value, 0); break; - case MATH_BIGINTEGER_MODE_BCMATH: + case self::MODE_BCMATH: if ($this->value[strlen($this->value) - 1] % 2 == 0) { $this->value = bcadd($this->value, '1'); } @@ -3283,14 +3230,14 @@ class Math_BigInteger { * Checks a numer to see if it's prime * * Assuming the $t parameter is not set, this function has an error rate of 2**-80. The main motivation for the - * $t parameter is distributability. Math_BigInteger::randomPrime() can be distributed accross multiple pageloads + * $t parameter is distributability. BigInteger::randomPrime() can be distributed across multiple pageloads * on a website instead of just one. * - * @param optional Integer $t - * @return Boolean + * @param \phpseclib\Math\BigInteger $t + * @return bool * @access public * @internal Uses the - * {@link http://en.wikipedia.org/wiki/Miller%E2%80%93Rabin_primality_test Miller-Rabin primality test}. See + * {@link http://en.wikipedia.org/wiki/Miller%E2%80%93Rabin_primality_test Miller-Rabin primality test}. See * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap4.pdf#page=8 HAC 4.24}. */ function isPrime($t = false) @@ -3299,6 +3246,7 @@ class Math_BigInteger { if (!$t) { // see HAC 4.49 "Note (controlling the error probability)" + // @codingStandardsIgnoreStart if ($length >= 163) { $t = 2; } // floor(1300 / 8) else if ($length >= 106) { $t = 3; } // floor( 850 / 8) else if ($length >= 81 ) { $t = 4; } // floor( 650 / 8) @@ -3311,14 +3259,15 @@ class Math_BigInteger { else if ($length >= 25 ) { $t = 15; } // floor( 200 / 8) else if ($length >= 18 ) { $t = 18; } // floor( 150 / 8) else { $t = 27; } + // @codingStandardsIgnoreEnd } // ie. gmp_testbit($this, 0) // ie. isEven() or !isOdd() - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: return gmp_prob_prime($this->value, $t) != 0; - case MATH_BIGINTEGER_MODE_BCMATH: + case self::MODE_BCMATH: if ($this->value === '2') { return true; } @@ -3339,28 +3288,28 @@ class Math_BigInteger { if (!isset($primes)) { $primes = array( - 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, - 61, 67, 71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, - 139, 149, 151, 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227, - 229, 233, 239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313, - 317, 331, 337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419, - 421, 431, 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503, 509, - 521, 523, 541, 547, 557, 563, 569, 571, 577, 587, 593, 599, 601, 607, 613, 617, - 619, 631, 641, 643, 647, 653, 659, 661, 673, 677, 683, 691, 701, 709, 719, 727, - 733, 739, 743, 751, 757, 761, 769, 773, 787, 797, 809, 811, 821, 823, 827, 829, - 839, 853, 857, 859, 863, 877, 881, 883, 887, 907, 911, 919, 929, 937, 941, 947, + 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, + 61, 67, 71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, + 139, 149, 151, 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227, + 229, 233, 239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313, + 317, 331, 337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419, + 421, 431, 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503, 509, + 521, 523, 541, 547, 557, 563, 569, 571, 577, 587, 593, 599, 601, 607, 613, 617, + 619, 631, 641, 643, 647, 653, 659, 661, 673, 677, 683, 691, 701, 709, 719, 727, + 733, 739, 743, 751, 757, 761, 769, 773, 787, 797, 809, 811, 821, 823, 827, 829, + 839, 853, 857, 859, 863, 877, 881, 883, 887, 907, 911, 919, 929, 937, 941, 947, 953, 967, 971, 977, 983, 991, 997 ); - if ( MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL ) { + if (MATH_BIGINTEGER_MODE != self::MODE_INTERNAL) { for ($i = 0; $i < count($primes); ++$i) { - $primes[$i] = new Math_BigInteger($primes[$i]); + $primes[$i] = new static($primes[$i]); } } - $zero = new Math_BigInteger(); - $one = new Math_BigInteger(1); - $two = new Math_BigInteger(2); + $zero = new static(); + $one = new static(1); + $two = new static(2); } if ($this->equals($one)) { @@ -3368,7 +3317,7 @@ class Math_BigInteger { } // see HAC 4.4.1 "Random search for probable primes" - if ( MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL ) { + if (MATH_BIGINTEGER_MODE != self::MODE_INTERNAL) { foreach ($primes as $prime) { list(, $r) = $this->divide($prime); if ($r->equals($zero)) { @@ -3378,21 +3327,21 @@ class Math_BigInteger { } else { $value = $this->value; foreach ($primes as $prime) { - list(, $r) = $this->_divide_digit($value, $prime); + list(, $r) = self::_divide_digit($value, $prime); if (!$r) { return count($value) == 1 && $value[0] == $prime; } } } - $n = $this->copy(); + $n = clone $this; $n_1 = $n->subtract($one); $n_2 = $n->subtract($two); - $r = $n_1->copy(); + $r = clone $n_1; $r_value = $r->value; // ie. $s = gmp_scan1($n, 0) and $r = gmp_div_q($n, gmp_pow(gmp_init('2'), $s)); - if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_BCMATH ) { + if (MATH_BIGINTEGER_MODE == self::MODE_BCMATH) { $s = 0; // if $n was 1, $r would be 0 and this would be an infinite loop, hence our $this->equals($one) check earlier while ($r->value[strlen($r->value) - 1] % 2 == 0) { @@ -3402,7 +3351,8 @@ class Math_BigInteger { } else { for ($i = 0, $r_length = count($r_value); $i < $r_length; ++$i) { $temp = ~$r_value[$i] & 0xFFFFFF; - for ($j = 1; ($temp >> $j) & 1; ++$j); + for ($j = 1; ($temp >> $j) & 1; ++$j) { + } if ($j != 25) { break; } @@ -3412,7 +3362,7 @@ class Math_BigInteger { } for ($i = 0; $i < $t; ++$i) { - $a = $this->random($two, $n_2); + $a = self::random($two, $n_2); $y = $a->modPow($r, $n); if (!$y->equals($one) && !$y->equals($n_1)) { @@ -3436,29 +3386,29 @@ class Math_BigInteger { * * Shifts BigInteger's by $shift bits. * - * @param Integer $shift + * @param int $shift * @access private */ function _lshift($shift) { - if ( $shift == 0 ) { + if ($shift == 0) { return; } - $num_digits = (int) ($shift / MATH_BIGINTEGER_BASE); - $shift %= MATH_BIGINTEGER_BASE; + $num_digits = (int) ($shift / self::$base); + $shift %= self::$base; $shift = 1 << $shift; $carry = 0; for ($i = 0; $i < count($this->value); ++$i) { $temp = $this->value[$i] * $shift + $carry; - $carry = (int) ($temp / MATH_BIGINTEGER_BASE_FULL); - $this->value[$i] = (int) ($temp - $carry * MATH_BIGINTEGER_BASE_FULL); + $carry = self::$base === 26 ? intval($temp / 0x4000000) : ($temp >> 31); + $this->value[$i] = (int) ($temp - $carry * self::$baseFull); } - if ( $carry ) { - $this->value[] = $carry; + if ($carry) { + $this->value[count($this->value)] = $carry; } while ($num_digits--) { @@ -3471,7 +3421,7 @@ class Math_BigInteger { * * Shifts BigInteger's by $shift bits. * - * @param Integer $shift + * @param int $shift * @access private */ function _rshift($shift) @@ -3480,12 +3430,12 @@ class Math_BigInteger { return; } - $num_digits = (int) ($shift / MATH_BIGINTEGER_BASE); - $shift %= MATH_BIGINTEGER_BASE; - $carry_shift = MATH_BIGINTEGER_BASE - $shift; + $num_digits = (int) ($shift / self::$base); + $shift %= self::$base; + $carry_shift = self::$base - $shift; $carry_mask = (1 << $shift) - 1; - if ( $num_digits ) { + if ($num_digits) { $this->value = array_slice($this->value, $num_digits); } @@ -3505,9 +3455,9 @@ class Math_BigInteger { * * Removes leading zeros and truncates (if necessary) to maintain the appropriate precision * - * @param Math_BigInteger - * @return Math_BigInteger - * @see _trim() + * @param \phpseclib\Math\BigInteger + * @return \phpseclib\Math\BigInteger + * @see self::_trim() * @access private */ function _normalize($result) @@ -3515,14 +3465,14 @@ class Math_BigInteger { $result->precision = $this->precision; $result->bitmask = $this->bitmask; - switch ( MATH_BIGINTEGER_MODE ) { - case MATH_BIGINTEGER_MODE_GMP: - if (!empty($result->bitmask->value)) { + switch (MATH_BIGINTEGER_MODE) { + case self::MODE_GMP: + if ($this->bitmask !== false) { $result->value = gmp_and($result->value, $result->bitmask->value); } return $result; - case MATH_BIGINTEGER_MODE_BCMATH: + case self::MODE_BCMATH: if (!empty($result->bitmask->value)) { $result->value = bcmod($result->value, $result->bitmask->value); } @@ -3532,7 +3482,7 @@ class Math_BigInteger { $value = &$result->value; - if ( !count($value) ) { + if (!count($value)) { return $result; } @@ -3555,14 +3505,14 @@ class Math_BigInteger { * * Removes leading zeros * - * @param Array $value - * @return Math_BigInteger + * @param array $value + * @return \phpseclib\Math\BigInteger * @access private */ - function _trim($value) + static function _trim($value) { for ($i = count($value) - 1; $i >= 0; --$i) { - if ( $value[$i] ) { + if ($value[$i]) { break; } unset($value[$i]); @@ -3576,10 +3526,10 @@ class Math_BigInteger { * * @param $input Array * @param $multiplier mixed - * @return Array + * @return array * @access private */ - function _array_repeat($input, $multiplier) + static function _array_repeat($input, $multiplier) { return ($multiplier) ? array_fill(0, $multiplier, $input) : array(); } @@ -3591,10 +3541,10 @@ class Math_BigInteger { * * @param $x String * @param $shift Integer - * @return String + * @return string * @access private */ - function _base256_lshift(&$x, $shift) + static function _base256_lshift(&$x, $shift) { if ($shift == 0) { return; @@ -3620,10 +3570,10 @@ class Math_BigInteger { * * @param $x String * @param $shift Integer - * @return String + * @return string * @access private */ - function _base256_rshift(&$x, $shift) + static function _base256_rshift(&$x, $shift) { if ($shift == 0) { $x = ltrim($x, chr(0)); @@ -3660,11 +3610,11 @@ class Math_BigInteger { /** * Converts 32-bit integers to bytes. * - * @param Integer $x - * @return String + * @param int $x + * @return string * @access private */ - function _int2bytes($x) + static function _int2bytes($x) { return ltrim(pack('N', $x), chr(0)); } @@ -3672,11 +3622,11 @@ class Math_BigInteger { /** * Converts bytes to 32-bit integers * - * @param String $x - * @return Integer + * @param string $x + * @return int * @access private */ - function _bytes2int($x) + static function _bytes2int($x) { $temp = unpack('Nint', str_pad($x, 4, chr(0), STR_PAD_LEFT)); return $temp['int']; @@ -3687,12 +3637,12 @@ class Math_BigInteger { * * The ability to DER-encode integers is needed to create RSA public keys for use with OpenSSL * - * @see modPow() + * @see self::modPow() * @access private - * @param Integer $length - * @return String + * @param int $length + * @return string */ - function _encodeASN1Length($length) + static function _encodeASN1Length($length) { if ($length <= 0x7F) { return chr($length); @@ -3701,4 +3651,27 @@ class Math_BigInteger { $temp = ltrim(pack('N', $length), chr(0)); return pack('Ca*', 0x80 | strlen($temp), $temp); } + + /** + * Single digit division + * + * Even if int64 is being used the division operator will return a float64 value + * if the dividend is not evenly divisible by the divisor. Since a float64 doesn't + * have the precision of int64 this is a problem so, when int64 is being used, + * we'll guarantee that the dividend is divisible by first subtracting the remainder. + * + * @access private + * @param int $x + * @param int $y + * @return int + */ + static function _safe_divide($x, $y) + { + if (self::$base === 26) { + return (int) ($x / $y); + } + + // self::$base === 31 + return ($x - ($x % $y)) / $y; + } } diff --git a/plugins/OStatus/extlib/phpseclib/Net/SCP.php b/plugins/OStatus/extlib/phpseclib/Net/SCP.php new file mode 100644 index 0000000000..4c28d8b0ef --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/Net/SCP.php @@ -0,0 +1,338 @@ + + * login('username', 'password')) { + * exit('bad login'); + * } + * $scp = new \phpseclib\Net\SCP($ssh); + * + * $scp->put('abcd', str_repeat('x', 1024*1024)); + * ?> + * + * + * @category Net + * @package SCP + * @author Jim Wigginton + * @copyright 2010 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\Net; + +use phpseclib\Exception\FileNotFoundException; + +/** + * Pure-PHP implementations of SCP. + * + * @package SCP + * @author Jim Wigginton + * @access public + */ +class SCP +{ + /**#@+ + * @access public + * @see \phpseclib\Net\SCP::put() + */ + /** + * Reads data from a local file. + */ + const SOURCE_LOCAL_FILE = 1; + /** + * Reads data from a string. + */ + const SOURCE_STRING = 2; + /**#@-*/ + + /**#@+ + * @access private + * @see \phpseclib\Net\SCP::_send() + * @see \phpseclib\Net\SCP::_receive() + */ + /** + * SSH1 is being used. + */ + const MODE_SSH1 = 1; + /** + * SSH2 is being used. + */ + const MODE_SSH2 = 2; + /**#@-*/ + + /** + * SSH Object + * + * @var object + * @access private + */ + var $ssh; + + /** + * Packet Size + * + * @var int + * @access private + */ + var $packet_size; + + /** + * Mode + * + * @var int + * @access private + */ + var $mode; + + /** + * Default Constructor. + * + * Connects to an SSH server + * + * @param string $host + * @param int $port + * @param int $timeout + * @return \phpseclib\Net\SCP + * @access public + */ + function __construct($ssh) + { + if ($ssh instanceof SSH2) { + $this->mode = self::MODE_SSH2; + } elseif ($ssh instanceof SSH1) { + $this->packet_size = 50000; + $this->mode = self::MODE_SSH1; + } else { + return; + } + + $this->ssh = $ssh; + } + + /** + * Uploads a file to the SCP server. + * + * By default, \phpseclib\Net\SCP::put() does not read from the local filesystem. $data is dumped directly into $remote_file. + * So, for example, if you set $data to 'filename.ext' and then do \phpseclib\Net\SCP::get(), you will get a file, twelve bytes + * long, containing 'filename.ext' as its contents. + * + * Setting $mode to self::SOURCE_LOCAL_FILE will change the above behavior. With self::SOURCE_LOCAL_FILE, $remote_file will + * contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how + * large $remote_file will be, as well. + * + * Currently, only binary mode is supported. As such, if the line endings need to be adjusted, you will need to take + * care of that, yourself. + * + * @param string $remote_file + * @param string $data + * @param int $mode + * @param callable $callback + * @throws \phpseclib\Exception\FileNotFoundException if you're uploading via a file and the file doesn't exist + * @return bool + * @access public + */ + function put($remote_file, $data, $mode = self::SOURCE_STRING, $callback = null) + { + if (!isset($this->ssh)) { + return false; + } + + if (!$this->ssh->exec('scp -t ' . escapeshellarg($remote_file), false)) { // -t = to + return false; + } + + $temp = $this->_receive(); + if ($temp !== chr(0)) { + return false; + } + + if ($this->mode == self::MODE_SSH2) { + $this->packet_size = $this->ssh->packet_size_client_to_server[SSH2::CHANNEL_EXEC] - 4; + } + + $remote_file = basename($remote_file); + + if ($mode == self::SOURCE_STRING) { + $size = strlen($data); + } else { + if (!is_file($data)) { + throw new FileNotFoundException("$data is not a valid file"); + } + + $fp = @fopen($data, 'rb'); + if (!$fp) { + return false; + } + $size = filesize($data); + } + + $this->_send('C0644 ' . $size . ' ' . $remote_file . "\n"); + + $temp = $this->_receive(); + if ($temp !== chr(0)) { + return false; + } + + $sent = 0; + while ($sent < $size) { + $temp = $mode & self::SOURCE_STRING ? substr($data, $sent, $this->packet_size) : fread($fp, $this->packet_size); + $this->_send($temp); + $sent+= strlen($temp); + + if (is_callable($callback)) { + call_user_func($callback, $sent); + } + } + $this->_close(); + + if ($mode != self::SOURCE_STRING) { + fclose($fp); + } + + return true; + } + + /** + * Downloads a file from the SCP server. + * + * Returns a string containing the contents of $remote_file if $local_file is left undefined or a boolean false if + * the operation was unsuccessful. If $local_file is defined, returns true or false depending on the success of the + * operation + * + * @param string $remote_file + * @param string $local_file + * @return mixed + * @access public + */ + function get($remote_file, $local_file = false) + { + if (!isset($this->ssh)) { + return false; + } + + if (!$this->ssh->exec('scp -f ' . escapeshellarg($remote_file), false)) { // -f = from + return false; + } + + $this->_send("\0"); + + if (!preg_match('#(?[^ ]+) (?\d+) (?.+)#', rtrim($this->_receive()), $info)) { + return false; + } + + $this->_send("\0"); + + $size = 0; + + if ($local_file !== false) { + $fp = @fopen($local_file, 'wb'); + if (!$fp) { + return false; + } + } + + $content = ''; + while ($size < $info['size']) { + $data = $this->_receive(); + // SCP usually seems to split stuff out into 16k chunks + $size+= strlen($data); + + if ($local_file === false) { + $content.= $data; + } else { + fputs($fp, $data); + } + } + + $this->_close(); + + if ($local_file !== false) { + fclose($fp); + return true; + } + + return $content; + } + + /** + * Sends a packet to an SSH server + * + * @param string $data + * @access private + */ + function _send($data) + { + switch ($this->mode) { + case self::MODE_SSH2: + $this->ssh->_send_channel_packet(SSH2::CHANNEL_EXEC, $data); + break; + case self::MODE_SSH1: + $data = pack('CNa*', NET_SSH1_CMSG_STDIN_DATA, strlen($data), $data); + $this->ssh->_send_binary_packet($data); + } + } + + /** + * Receives a packet from an SSH server + * + * @return string + * @throws \UnexpectedValueException on receipt of an unexpected packet + * @access private + */ + function _receive() + { + switch ($this->mode) { + case self::MODE_SSH2: + return $this->ssh->_get_channel_packet(SSH2::CHANNEL_EXEC, true); + case self::MODE_SSH1: + if (!$this->ssh->bitmap) { + return false; + } + while (true) { + $response = $this->ssh->_get_binary_packet(); + switch ($response[SSH1::RESPONSE_TYPE]) { + case NET_SSH1_SMSG_STDOUT_DATA: + extract(unpack('Nlength', $response[SSH1::RESPONSE_DATA])); + return $this->ssh->_string_shift($response[SSH1::RESPONSE_DATA], $length); + case NET_SSH1_SMSG_STDERR_DATA: + break; + case NET_SSH1_SMSG_EXITSTATUS: + $this->ssh->_send_binary_packet(chr(NET_SSH1_CMSG_EXIT_CONFIRMATION)); + fclose($this->ssh->fsock); + $this->ssh->bitmap = 0; + return false; + default: + throw new \UnexpectedValueException('Unknown packet received'); + } + } + } + } + + /** + * Closes the connection to an SSH server + * + * @access private + */ + function _close() + { + switch ($this->mode) { + case self::MODE_SSH2: + $this->ssh->_close_channel(SSH2::CHANNEL_EXEC, true); + break; + case self::MODE_SSH1: + $this->ssh->disconnect(); + } + } +} diff --git a/plugins/OStatus/extlib/phpseclib/Net/SFTP.php b/plugins/OStatus/extlib/phpseclib/Net/SFTP.php new file mode 100644 index 0000000000..a4d8c9e42e --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/Net/SFTP.php @@ -0,0 +1,2943 @@ + + * login('username', 'password')) { + * exit('Login Failed'); + * } + * + * echo $sftp->pwd() . "\r\n"; + * $sftp->put('filename.ext', 'hello, world!'); + * print_r($sftp->nlist()); + * ?> + * + * + * @category Net + * @package SFTP + * @author Jim Wigginton + * @copyright 2009 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\Net; + +use ParagonIE\ConstantTime\Hex; +use phpseclib\Exception\FileNotFoundException; + +/** + * Pure-PHP implementations of SFTP. + * + * @package SFTP + * @author Jim Wigginton + * @access public + */ +class SFTP extends SSH2 +{ + /** + * SFTP channel constant + * + * \phpseclib\Net\SSH2::exec() uses 0 and \phpseclib\Net\SSH2::read() / \phpseclib\Net\SSH2::write() use 1. + * + * @see \phpseclib\Net\SSH2::_send_channel_packet() + * @see \phpseclib\Net\SSH2::_get_channel_packet() + * @access private + */ + const CHANNEL = 0x100; + + /**#@+ + * @access public + * @see \phpseclib\Net\SFTP::put() + */ + /** + * Reads data from a local file. + */ + const SOURCE_LOCAL_FILE = 1; + /** + * Reads data from a string. + */ + // this value isn't really used anymore but i'm keeping it reserved for historical reasons + const SOURCE_STRING = 2; + /** + * Reads data from callback: + * function callback($length) returns string to proceed, null for EOF + */ + const SOURCE_CALLBACK = 16; + /** + * Resumes an upload + */ + const RESUME = 4; + /** + * Append a local file to an already existing remote file + */ + const RESUME_START = 8; + /**#@-*/ + + /** + * Packet Types + * + * @see self::__construct() + * @var array + * @access private + */ + var $packet_types = array(); + + /** + * Status Codes + * + * @see self::__construct() + * @var array + * @access private + */ + var $status_codes = array(); + + /** + * The Request ID + * + * The request ID exists in the off chance that a packet is sent out-of-order. Of course, this library doesn't support + * concurrent actions, so it's somewhat academic, here. + * + * @var int + * @see self::_send_sftp_packet() + * @access private + */ + var $request_id = false; + + /** + * The Packet Type + * + * The request ID exists in the off chance that a packet is sent out-of-order. Of course, this library doesn't support + * concurrent actions, so it's somewhat academic, here. + * + * @var int + * @see self::_get_sftp_packet() + * @access private + */ + var $packet_type = -1; + + /** + * Packet Buffer + * + * @var string + * @see self::_get_sftp_packet() + * @access private + */ + var $packet_buffer = ''; + + /** + * Extensions supported by the server + * + * @var array + * @see self::_initChannel() + * @access private + */ + var $extensions = array(); + + /** + * Server SFTP version + * + * @var int + * @see self::_initChannel() + * @access private + */ + var $version; + + /** + * Current working directory + * + * @var string + * @see self::_realpath() + * @see self::chdir() + * @access private + */ + var $pwd = false; + + /** + * Packet Type Log + * + * @see self::getLog() + * @var array + * @access private + */ + var $packet_type_log = array(); + + /** + * Packet Log + * + * @see self::getLog() + * @var array + * @access private + */ + var $packet_log = array(); + + /** + * Error information + * + * @see self::getSFTPErrors() + * @see self::getLastSFTPError() + * @var string + * @access private + */ + var $sftp_errors = array(); + + /** + * Stat Cache + * + * Rather than always having to open a directory and close it immediately there after to see if a file is a directory + * we'll cache the results. + * + * @see self::_update_stat_cache() + * @see self::_remove_from_stat_cache() + * @see self::_query_stat_cache() + * @var array + * @access private + */ + var $stat_cache = array(); + + /** + * Max SFTP Packet Size + * + * @see self::__construct() + * @see self::get() + * @var array + * @access private + */ + var $max_sftp_packet; + + /** + * Stat Cache Flag + * + * @see self::disableStatCache() + * @see self::enableStatCache() + * @var bool + * @access private + */ + var $use_stat_cache = true; + + /** + * Sort Options + * + * @see self::_comparator() + * @see self::setListOrder() + * @var array + * @access private + */ + var $sortOptions = array(); + + /** + * Default Constructor. + * + * Connects to an SFTP server + * + * @param string $host + * @param int $port + * @param int $timeout + * @return \phpseclib\Net\SFTP + * @access public + */ + function __construct($host, $port = 22, $timeout = 10) + { + parent::__construct($host, $port, $timeout); + + $this->max_sftp_packet = 1 << 15; + + $this->packet_types = array( + 1 => 'NET_SFTP_INIT', + 2 => 'NET_SFTP_VERSION', + /* the format of SSH_FXP_OPEN changed between SFTPv4 and SFTPv5+: + SFTPv5+: http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.1 + pre-SFTPv5 : http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.3 */ + 3 => 'NET_SFTP_OPEN', + 4 => 'NET_SFTP_CLOSE', + 5 => 'NET_SFTP_READ', + 6 => 'NET_SFTP_WRITE', + 7 => 'NET_SFTP_LSTAT', + 9 => 'NET_SFTP_SETSTAT', + 11 => 'NET_SFTP_OPENDIR', + 12 => 'NET_SFTP_READDIR', + 13 => 'NET_SFTP_REMOVE', + 14 => 'NET_SFTP_MKDIR', + 15 => 'NET_SFTP_RMDIR', + 16 => 'NET_SFTP_REALPATH', + 17 => 'NET_SFTP_STAT', + /* the format of SSH_FXP_RENAME changed between SFTPv4 and SFTPv5+: + SFTPv5+: http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3 + pre-SFTPv5 : http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.5 */ + 18 => 'NET_SFTP_RENAME', + 19 => 'NET_SFTP_READLINK', + 20 => 'NET_SFTP_SYMLINK', + + 101=> 'NET_SFTP_STATUS', + 102=> 'NET_SFTP_HANDLE', + /* the format of SSH_FXP_NAME changed between SFTPv3 and SFTPv4+: + SFTPv4+: http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-9.4 + pre-SFTPv4 : http://tools.ietf.org/html/draft-ietf-secsh-filexfer-02#section-7 */ + 103=> 'NET_SFTP_DATA', + 104=> 'NET_SFTP_NAME', + 105=> 'NET_SFTP_ATTRS', + + 200=> 'NET_SFTP_EXTENDED' + ); + $this->status_codes = array( + 0 => 'NET_SFTP_STATUS_OK', + 1 => 'NET_SFTP_STATUS_EOF', + 2 => 'NET_SFTP_STATUS_NO_SUCH_FILE', + 3 => 'NET_SFTP_STATUS_PERMISSION_DENIED', + 4 => 'NET_SFTP_STATUS_FAILURE', + 5 => 'NET_SFTP_STATUS_BAD_MESSAGE', + 6 => 'NET_SFTP_STATUS_NO_CONNECTION', + 7 => 'NET_SFTP_STATUS_CONNECTION_LOST', + 8 => 'NET_SFTP_STATUS_OP_UNSUPPORTED', + 9 => 'NET_SFTP_STATUS_INVALID_HANDLE', + 10 => 'NET_SFTP_STATUS_NO_SUCH_PATH', + 11 => 'NET_SFTP_STATUS_FILE_ALREADY_EXISTS', + 12 => 'NET_SFTP_STATUS_WRITE_PROTECT', + 13 => 'NET_SFTP_STATUS_NO_MEDIA', + 14 => 'NET_SFTP_STATUS_NO_SPACE_ON_FILESYSTEM', + 15 => 'NET_SFTP_STATUS_QUOTA_EXCEEDED', + 16 => 'NET_SFTP_STATUS_UNKNOWN_PRINCIPAL', + 17 => 'NET_SFTP_STATUS_LOCK_CONFLICT', + 18 => 'NET_SFTP_STATUS_DIR_NOT_EMPTY', + 19 => 'NET_SFTP_STATUS_NOT_A_DIRECTORY', + 20 => 'NET_SFTP_STATUS_INVALID_FILENAME', + 21 => 'NET_SFTP_STATUS_LINK_LOOP', + 22 => 'NET_SFTP_STATUS_CANNOT_DELETE', + 23 => 'NET_SFTP_STATUS_INVALID_PARAMETER', + 24 => 'NET_SFTP_STATUS_FILE_IS_A_DIRECTORY', + 25 => 'NET_SFTP_STATUS_BYTE_RANGE_LOCK_CONFLICT', + 26 => 'NET_SFTP_STATUS_BYTE_RANGE_LOCK_REFUSED', + 27 => 'NET_SFTP_STATUS_DELETE_PENDING', + 28 => 'NET_SFTP_STATUS_FILE_CORRUPT', + 29 => 'NET_SFTP_STATUS_OWNER_INVALID', + 30 => 'NET_SFTP_STATUS_GROUP_INVALID', + 31 => 'NET_SFTP_STATUS_NO_MATCHING_BYTE_RANGE_LOCK' + ); + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-7.1 + // the order, in this case, matters quite a lot - see \phpseclib\Net\SFTP::_parseAttributes() to understand why + $this->attributes = array( + 0x00000001 => 'NET_SFTP_ATTR_SIZE', + 0x00000002 => 'NET_SFTP_ATTR_UIDGID', // defined in SFTPv3, removed in SFTPv4+ + 0x00000004 => 'NET_SFTP_ATTR_PERMISSIONS', + 0x00000008 => 'NET_SFTP_ATTR_ACCESSTIME', + // 0x80000000 will yield a floating point on 32-bit systems and converting floating points to integers + // yields inconsistent behavior depending on how php is compiled. so we left shift -1 (which, in + // two's compliment, consists of all 1 bits) by 31. on 64-bit systems this'll yield 0xFFFFFFFF80000000. + // that's not a problem, however, and 'anded' and a 32-bit number, as all the leading 1 bits are ignored. + -1 << 31 => 'NET_SFTP_ATTR_EXTENDED' + ); + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.3 + // the flag definitions change somewhat in SFTPv5+. if SFTPv5+ support is added to this library, maybe name + // the array for that $this->open5_flags and similarily alter the constant names. + $this->open_flags = array( + 0x00000001 => 'NET_SFTP_OPEN_READ', + 0x00000002 => 'NET_SFTP_OPEN_WRITE', + 0x00000004 => 'NET_SFTP_OPEN_APPEND', + 0x00000008 => 'NET_SFTP_OPEN_CREATE', + 0x00000010 => 'NET_SFTP_OPEN_TRUNCATE', + 0x00000020 => 'NET_SFTP_OPEN_EXCL' + ); + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-5.2 + // see \phpseclib\Net\SFTP::_parseLongname() for an explanation + $this->file_types = array( + 1 => 'NET_SFTP_TYPE_REGULAR', + 2 => 'NET_SFTP_TYPE_DIRECTORY', + 3 => 'NET_SFTP_TYPE_SYMLINK', + 4 => 'NET_SFTP_TYPE_SPECIAL', + 5 => 'NET_SFTP_TYPE_UNKNOWN', + // the followin types were first defined for use in SFTPv5+ + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-05#section-5.2 + 6 => 'NET_SFTP_TYPE_SOCKET', + 7 => 'NET_SFTP_TYPE_CHAR_DEVICE', + 8 => 'NET_SFTP_TYPE_BLOCK_DEVICE', + 9 => 'NET_SFTP_TYPE_FIFO' + ); + $this->_define_array( + $this->packet_types, + $this->status_codes, + $this->attributes, + $this->open_flags, + $this->file_types + ); + + if (!defined('NET_SFTP_QUEUE_SIZE')) { + define('NET_SFTP_QUEUE_SIZE', 50); + } + } + + /** + * Login + * + * @param string $username + * @param string $password + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return bool + * @access public + */ + function login($username) + { + $args = func_get_args(); + if (!call_user_func_array(array(&$this, '_login'), $args)) { + return false; + } + + $this->window_size_server_to_client[self::CHANNEL] = $this->window_size; + + $packet = pack( + 'CNa*N3', + NET_SSH2_MSG_CHANNEL_OPEN, + strlen('session'), + 'session', + self::CHANNEL, + $this->window_size, + 0x4000 + ); + + if (!$this->_send_binary_packet($packet)) { + return false; + } + + $this->channel_status[self::CHANNEL] = NET_SSH2_MSG_CHANNEL_OPEN; + + $response = $this->_get_channel_packet(self::CHANNEL); + if ($response === false) { + return false; + } + + $packet = pack( + 'CNNa*CNa*', + NET_SSH2_MSG_CHANNEL_REQUEST, + $this->server_channels[self::CHANNEL], + strlen('subsystem'), + 'subsystem', + 1, + strlen('sftp'), + 'sftp' + ); + if (!$this->_send_binary_packet($packet)) { + return false; + } + + $this->channel_status[self::CHANNEL] = NET_SSH2_MSG_CHANNEL_REQUEST; + + $response = $this->_get_channel_packet(self::CHANNEL); + if ($response === false) { + // from PuTTY's psftp.exe + $command = "test -x /usr/lib/sftp-server && exec /usr/lib/sftp-server\n" . + "test -x /usr/local/lib/sftp-server && exec /usr/local/lib/sftp-server\n" . + "exec sftp-server"; + // we don't do $this->exec($command, false) because exec() operates on a different channel and plus the SSH_MSG_CHANNEL_OPEN that exec() does + // is redundant + $packet = pack( + 'CNNa*CNa*', + NET_SSH2_MSG_CHANNEL_REQUEST, + $this->server_channels[self::CHANNEL], + strlen('exec'), + 'exec', + 1, + strlen($command), + $command + ); + if (!$this->_send_binary_packet($packet)) { + return false; + } + + $this->channel_status[self::CHANNEL] = NET_SSH2_MSG_CHANNEL_REQUEST; + + $response = $this->_get_channel_packet(self::CHANNEL); + if ($response === false) { + return false; + } + } + + $this->channel_status[self::CHANNEL] = NET_SSH2_MSG_CHANNEL_DATA; + + if (!$this->_send_sftp_packet(NET_SFTP_INIT, "\0\0\0\3")) { + return false; + } + + $response = $this->_get_sftp_packet(); + if ($this->packet_type != NET_SFTP_VERSION) { + throw new \UnexpectedValueException('Expected SSH_FXP_VERSION'); + } + + extract(unpack('Nversion', $this->_string_shift($response, 4))); + $this->version = $version; + while (!empty($response)) { + extract(unpack('Nlength', $this->_string_shift($response, 4))); + $key = $this->_string_shift($response, $length); + extract(unpack('Nlength', $this->_string_shift($response, 4))); + $value = $this->_string_shift($response, $length); + $this->extensions[$key] = $value; + } + + /* + SFTPv4+ defines a 'newline' extension. SFTPv3 seems to have unofficial support for it via 'newline@vandyke.com', + however, I'm not sure what 'newline@vandyke.com' is supposed to do (the fact that it's unofficial means that it's + not in the official SFTPv3 specs) and 'newline@vandyke.com' / 'newline' are likely not drop-in substitutes for + one another due to the fact that 'newline' comes with a SSH_FXF_TEXT bitmask whereas it seems unlikely that + 'newline@vandyke.com' would. + */ + /* + if (isset($this->extensions['newline@vandyke.com'])) { + $this->extensions['newline'] = $this->extensions['newline@vandyke.com']; + unset($this->extensions['newline@vandyke.com']); + } + */ + + $this->request_id = 1; + + /* + A Note on SFTPv4/5/6 support: + states the following: + + "If the client wishes to interoperate with servers that support noncontiguous version + numbers it SHOULD send '3'" + + Given that the server only sends its version number after the client has already done so, the above + seems to be suggesting that v3 should be the default version. This makes sense given that v3 is the + most popular. + + states the following; + + "If the server did not send the "versions" extension, or the version-from-list was not included, the + server MAY send a status response describing the failure, but MUST then close the channel without + processing any further requests." + + So what do you do if you have a client whose initial SSH_FXP_INIT packet says it implements v3 and + a server whose initial SSH_FXP_VERSION reply says it implements v4 and only v4? If it only implements + v4, the "versions" extension is likely not going to have been sent so version re-negotiation as discussed + in draft-ietf-secsh-filexfer-13 would be quite impossible. As such, what \phpseclib\Net\SFTP would do is close the + channel and reopen it with a new and updated SSH_FXP_INIT packet. + */ + switch ($this->version) { + case 2: + case 3: + break; + default: + return false; + } + + $this->pwd = $this->_realpath('.'); + + $this->_update_stat_cache($this->pwd, array()); + + return true; + } + + /** + * Disable the stat cache + * + * @access public + */ + function disableStatCache() + { + $this->use_stat_cache = false; + } + + /** + * Enable the stat cache + * + * @access public + */ + function enableStatCache() + { + $this->use_stat_cache = true; + } + + /** + * Clear the stat cache + * + * @access public + */ + function clearStatCache() + { + $this->stat_cache = array(); + } + + /** + * Returns the current directory name + * + * @return mixed + * @access public + */ + function pwd() + { + return $this->pwd; + } + + /** + * Logs errors + * + * @param string $response + * @param int $status + * @access public + */ + function _logError($response, $status = -1) + { + if ($status == -1) { + extract(unpack('Nstatus', $this->_string_shift($response, 4))); + } + + $error = $this->status_codes[$status]; + + if ($this->version > 2) { + extract(unpack('Nlength', $this->_string_shift($response, 4))); + $this->sftp_errors[] = $error . ': ' . $this->_string_shift($response, $length); + } else { + $this->sftp_errors[] = $error; + } + } + + /** + * Canonicalize the Server-Side Path Name + * + * SFTP doesn't provide a mechanism by which the current working directory can be changed, so we'll emulate it. Returns + * the absolute (canonicalized) path. + * + * @see self::chdir() + * @param string $path + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return mixed + * @access private + */ + function _realpath($path) + { + if ($this->pwd === false) { + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.9 + if (!$this->_send_sftp_packet(NET_SFTP_REALPATH, pack('Na*', strlen($path), $path))) { + return false; + } + + $response = $this->_get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_NAME: + // although SSH_FXP_NAME is implemented differently in SFTPv3 than it is in SFTPv4+, the following + // should work on all SFTP versions since the only part of the SSH_FXP_NAME packet the following looks + // at is the first part and that part is defined the same in SFTP versions 3 through 6. + $this->_string_shift($response, 4); // skip over the count - it should be 1, anyway + extract(unpack('Nlength', $this->_string_shift($response, 4))); + return $this->_string_shift($response, $length); + case NET_SFTP_STATUS: + $this->_logError($response); + return false; + default: + throw new \UnexpectedValueException('Expected SSH_FXP_NAME or SSH_FXP_STATUS'); + } + } + + if ($path[0] != '/') { + $path = $this->pwd . '/' . $path; + } + + $path = explode('/', $path); + $new = array(); + foreach ($path as $dir) { + if (!strlen($dir)) { + continue; + } + switch ($dir) { + case '..': + array_pop($new); + case '.': + break; + default: + $new[] = $dir; + } + } + + return '/' . implode('/', $new); + } + + /** + * Changes the current directory + * + * @param string $dir + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return bool + * @access public + */ + function chdir($dir) + { + if (!($this->bitmap & SSH2::MASK_LOGIN)) { + return false; + } + + // assume current dir if $dir is empty + if ($dir === '') { + $dir = './'; + // suffix a slash if needed + } elseif ($dir[strlen($dir) - 1] != '/') { + $dir.= '/'; + } + + $dir = $this->_realpath($dir); + + // confirm that $dir is, in fact, a valid directory + if ($this->use_stat_cache && is_array($this->_query_stat_cache($dir))) { + $this->pwd = $dir; + return true; + } + + // we could do a stat on the alleged $dir to see if it's a directory but that doesn't tell us + // the currently logged in user has the appropriate permissions or not. maybe you could see if + // the file's uid / gid match the currently logged in user's uid / gid but how there's no easy + // way to get those with SFTP + + if (!$this->_send_sftp_packet(NET_SFTP_OPENDIR, pack('Na*', strlen($dir), $dir))) { + return false; + } + + // see \phpseclib\Net\SFTP::nlist() for a more thorough explanation of the following + $response = $this->_get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_HANDLE: + $handle = substr($response, 4); + break; + case NET_SFTP_STATUS: + $this->_logError($response); + return false; + default: + throw new \UnexpectedValueException('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS'); + } + + if (!$this->_close_handle($handle)) { + return false; + } + + $this->_update_stat_cache($dir, array()); + + $this->pwd = $dir; + return true; + } + + /** + * Returns a list of files in the given directory + * + * @param string $dir + * @param bool $recursive + * @return mixed + * @access public + */ + function nlist($dir = '.', $recursive = false) + { + return $this->_nlist_helper($dir, $recursive, ''); + } + + /** + * Helper method for nlist + * + * @param string $dir + * @param bool $recursive + * @param string $relativeDir + * @return mixed + * @access private + */ + function _nlist_helper($dir, $recursive, $relativeDir) + { + $files = $this->_list($dir, false); + + if (!$recursive || $files === false) { + return $files; + } + + $result = array(); + foreach ($files as $value) { + if ($value == '.' || $value == '..') { + if ($relativeDir == '') { + $result[] = $value; + } + continue; + } + if (is_array($this->_query_stat_cache($this->_realpath($dir . '/' . $value)))) { + $temp = $this->_nlist_helper($dir . '/' . $value, true, $relativeDir . $value . '/'); + $result = array_merge($result, $temp); + } else { + $result[] = $relativeDir . $value; + } + } + + return $result; + } + + /** + * Returns a detailed list of files in the given directory + * + * @param string $dir + * @param bool $recursive + * @return mixed + * @access public + */ + function rawlist($dir = '.', $recursive = false) + { + $files = $this->_list($dir, true); + if (!$recursive || $files === false) { + return $files; + } + + static $depth = 0; + + foreach ($files as $key => $value) { + if ($depth != 0 && $key == '..') { + unset($files[$key]); + continue; + } + if ($key != '.' && $key != '..' && is_array($this->_query_stat_cache($this->_realpath($dir . '/' . $key)))) { + $depth++; + $files[$key] = $this->rawlist($dir . '/' . $key, true); + $depth--; + } else { + $files[$key] = (object) $value; + } + } + + return $files; + } + + /** + * Reads a list, be it detailed or not, of files in the given directory + * + * @param string $dir + * @param bool $raw + * @return mixed + * @throws \UnexpectedValueException on receipt of unexpected packets + * @access private + */ + function _list($dir, $raw = true) + { + if (!($this->bitmap & SSH2::MASK_LOGIN)) { + return false; + } + + $dir = $this->_realpath($dir . '/'); + if ($dir === false) { + return false; + } + + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.2 + if (!$this->_send_sftp_packet(NET_SFTP_OPENDIR, pack('Na*', strlen($dir), $dir))) { + return false; + } + + $response = $this->_get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_HANDLE: + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-9.2 + // since 'handle' is the last field in the SSH_FXP_HANDLE packet, we'll just remove the first four bytes that + // represent the length of the string and leave it at that + $handle = substr($response, 4); + break; + case NET_SFTP_STATUS: + // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED + $this->_logError($response); + return false; + default: + throw new \UnexpectedValueException('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS'); + } + + $this->_update_stat_cache($dir, array()); + + $contents = array(); + while (true) { + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.2.2 + // why multiple SSH_FXP_READDIR packets would be sent when the response to a single one can span arbitrarily many + // SSH_MSG_CHANNEL_DATA messages is not known to me. + if (!$this->_send_sftp_packet(NET_SFTP_READDIR, pack('Na*', strlen($handle), $handle))) { + return false; + } + + $response = $this->_get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_NAME: + extract(unpack('Ncount', $this->_string_shift($response, 4))); + for ($i = 0; $i < $count; $i++) { + extract(unpack('Nlength', $this->_string_shift($response, 4))); + $shortname = $this->_string_shift($response, $length); + extract(unpack('Nlength', $this->_string_shift($response, 4))); + $longname = $this->_string_shift($response, $length); + $attributes = $this->_parseAttributes($response); + if (!isset($attributes['type'])) { + $fileType = $this->_parseLongname($longname); + if ($fileType) { + $attributes['type'] = $fileType; + } + } + $contents[$shortname] = $attributes + array('filename' => $shortname); + + if (isset($attributes['type']) && $attributes['type'] == NET_SFTP_TYPE_DIRECTORY && ($shortname != '.' && $shortname != '..')) { + $this->_update_stat_cache($dir . '/' . $shortname, array()); + } else { + if ($shortname == '..') { + $temp = $this->_realpath($dir . '/..') . '/.'; + } else { + $temp = $dir . '/' . $shortname; + } + $this->_update_stat_cache($temp, (object) array('lstat' => $attributes)); + } + // SFTPv6 has an optional boolean end-of-list field, but we'll ignore that, since the + // final SSH_FXP_STATUS packet should tell us that, already. + } + break; + case NET_SFTP_STATUS: + extract(unpack('Nstatus', $this->_string_shift($response, 4))); + if ($status != NET_SFTP_STATUS_EOF) { + $this->_logError($response, $status); + return false; + } + break 2; + default: + throw new \UnexpectedValueException('Expected SSH_FXP_NAME or SSH_FXP_STATUS'); + } + } + + if (!$this->_close_handle($handle)) { + return false; + } + + if (count($this->sortOptions)) { + uasort($contents, array(&$this, '_comparator')); + } + + return $raw ? $contents : array_keys($contents); + } + + /** + * Compares two rawlist entries using parameters set by setListOrder() + * + * Intended for use with uasort() + * + * @param array $a + * @param array $b + * @return int + * @access private + */ + function _comparator($a, $b) + { + switch (true) { + case $a['filename'] === '.' || $b['filename'] === '.': + if ($a['filename'] === $b['filename']) { + return 0; + } + return $a['filename'] === '.' ? -1 : 1; + case $a['filename'] === '..' || $b['filename'] === '..': + if ($a['filename'] === $b['filename']) { + return 0; + } + return $a['filename'] === '..' ? -1 : 1; + case isset($a['type']) && $a['type'] === NET_SFTP_TYPE_DIRECTORY: + if (!isset($b['type'])) { + return 1; + } + if ($b['type'] !== $a['type']) { + return -1; + } + break; + case isset($b['type']) && $b['type'] === NET_SFTP_TYPE_DIRECTORY: + return 1; + } + foreach ($this->sortOptions as $sort => $order) { + if (!isset($a[$sort]) || !isset($b[$sort])) { + if (isset($a[$sort])) { + return -1; + } + if (isset($b[$sort])) { + return 1; + } + return 0; + } + switch ($sort) { + case 'filename': + $result = strcasecmp($a['filename'], $b['filename']); + if ($result) { + return $order === SORT_DESC ? -$result : $result; + } + break; + case 'permissions': + case 'mode': + $a[$sort]&= 07777; + $b[$sort]&= 07777; + default: + if ($a[$sort] === $b[$sort]) { + break; + } + return $order === SORT_ASC ? $a[$sort] - $b[$sort] : $b[$sort] - $a[$sort]; + } + } + } + + /** + * Defines how nlist() and rawlist() will be sorted - if at all. + * + * If sorting is enabled directories and files will be sorted independently with + * directories appearing before files in the resultant array that is returned. + * + * Any parameter returned by stat is a valid sort parameter for this function. + * Filename comparisons are case insensitive. + * + * Examples: + * + * $sftp->setListOrder('filename', SORT_ASC); + * $sftp->setListOrder('size', SORT_DESC, 'filename', SORT_ASC); + * $sftp->setListOrder(true); + * Separates directories from files but doesn't do any sorting beyond that + * $sftp->setListOrder(); + * Don't do any sort of sorting + * + * @access public + */ + function setListOrder() + { + $this->sortOptions = array(); + $args = func_get_args(); + if (empty($args)) { + return; + } + $len = count($args) & 0x7FFFFFFE; + for ($i = 0; $i < $len; $i+=2) { + $this->sortOptions[$args[$i]] = $args[$i + 1]; + } + if (!count($this->sortOptions)) { + $this->sortOptions = array('bogus' => true); + } + } + + /** + * Returns the file size, in bytes, or false, on failure + * + * Files larger than 4GB will show up as being exactly 4GB. + * + * @param string $filename + * @return mixed + * @access public + */ + function size($filename) + { + if (!($this->bitmap & SSH2::MASK_LOGIN)) { + return false; + } + + $result = $this->stat($filename); + if ($result === false) { + return false; + } + return isset($result['size']) ? $result['size'] : -1; + } + + /** + * Save files / directories to cache + * + * @param string $path + * @param mixed $value + * @access private + */ + function _update_stat_cache($path, $value) + { + if ($this->use_stat_cache === false) { + return; + } + + // preg_replace('#^/|/(?=/)|/$#', '', $dir) == str_replace('//', '/', trim($path, '/')) + $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $path)); + + $temp = &$this->stat_cache; + $max = count($dirs) - 1; + foreach ($dirs as $i => $dir) { + // if $temp is an object that means one of two things. + // 1. a file was deleted and changed to a directory behind phpseclib's back + // 2. it's a symlink. when lstat is done it's unclear what it's a symlink to + if (is_object($temp)) { + $temp = array(); + } + if (!isset($temp[$dir])) { + $temp[$dir] = array(); + } + if ($i === $max) { + if (is_object($temp[$dir])) { + if (!isset($value->stat) && isset($temp[$dir]->stat)) { + $value->stat = $temp[$dir]->stat; + } + if (!isset($value->lstat) && isset($temp[$dir]->lstat)) { + $value->lstat = $temp[$dir]->lstat; + } + } + $temp[$dir] = $value; + break; + } + $temp = &$temp[$dir]; + } + } + + /** + * Remove files / directories from cache + * + * @param string $path + * @return bool + * @access private + */ + function _remove_from_stat_cache($path) + { + $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $path)); + + $temp = &$this->stat_cache; + $max = count($dirs) - 1; + foreach ($dirs as $i => $dir) { + if ($i === $max) { + unset($temp[$dir]); + return true; + } + if (!isset($temp[$dir])) { + return false; + } + $temp = &$temp[$dir]; + } + } + + /** + * Checks cache for path + * + * Mainly used by file_exists + * + * @param string $dir + * @return mixed + * @access private + */ + function _query_stat_cache($path) + { + $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $path)); + + $temp = &$this->stat_cache; + foreach ($dirs as $dir) { + if (!isset($temp[$dir])) { + return null; + } + $temp = &$temp[$dir]; + } + return $temp; + } + + /** + * Returns general information about a file. + * + * Returns an array on success and false otherwise. + * + * @param string $filename + * @return mixed + * @access public + */ + function stat($filename) + { + if (!($this->bitmap & SSH2::MASK_LOGIN)) { + return false; + } + + $filename = $this->_realpath($filename); + if ($filename === false) { + return false; + } + + if ($this->use_stat_cache) { + $result = $this->_query_stat_cache($filename); + if (is_array($result) && isset($result['.']) && isset($result['.']->stat)) { + return $result['.']->stat; + } + if (is_object($result) && isset($result->stat)) { + return $result->stat; + } + } + + $stat = $this->_stat($filename, NET_SFTP_STAT); + if ($stat === false) { + $this->_remove_from_stat_cache($filename); + return false; + } + if (isset($stat['type'])) { + if ($stat['type'] == NET_SFTP_TYPE_DIRECTORY) { + $filename.= '/.'; + } + $this->_update_stat_cache($filename, (object) array('stat' => $stat)); + return $stat; + } + + $pwd = $this->pwd; + $stat['type'] = $this->chdir($filename) ? + NET_SFTP_TYPE_DIRECTORY : + NET_SFTP_TYPE_REGULAR; + $this->pwd = $pwd; + + if ($stat['type'] == NET_SFTP_TYPE_DIRECTORY) { + $filename.= '/.'; + } + $this->_update_stat_cache($filename, (object) array('stat' => $stat)); + + return $stat; + } + + /** + * Returns general information about a file or symbolic link. + * + * Returns an array on success and false otherwise. + * + * @param string $filename + * @return mixed + * @access public + */ + function lstat($filename) + { + if (!($this->bitmap & SSH2::MASK_LOGIN)) { + return false; + } + + $filename = $this->_realpath($filename); + if ($filename === false) { + return false; + } + + if ($this->use_stat_cache) { + $result = $this->_query_stat_cache($filename); + if (is_array($result) && isset($result['.']) && isset($result['.']->lstat)) { + return $result['.']->lstat; + } + if (is_object($result) && isset($result->lstat)) { + return $result->lstat; + } + } + + $lstat = $this->_stat($filename, NET_SFTP_LSTAT); + if ($lstat === false) { + $this->_remove_from_stat_cache($filename); + return false; + } + if (isset($lstat['type'])) { + if ($lstat['type'] == NET_SFTP_TYPE_DIRECTORY) { + $filename.= '/.'; + } + $this->_update_stat_cache($filename, (object) array('lstat' => $lstat)); + return $lstat; + } + + $stat = $this->_stat($filename, NET_SFTP_STAT); + + if ($lstat != $stat) { + $lstat = array_merge($lstat, array('type' => NET_SFTP_TYPE_SYMLINK)); + $this->_update_stat_cache($filename, (object) array('lstat' => $lstat)); + return $stat; + } + + $pwd = $this->pwd; + $lstat['type'] = $this->chdir($filename) ? + NET_SFTP_TYPE_DIRECTORY : + NET_SFTP_TYPE_REGULAR; + $this->pwd = $pwd; + + if ($lstat['type'] == NET_SFTP_TYPE_DIRECTORY) { + $filename.= '/.'; + } + $this->_update_stat_cache($filename, (object) array('lstat' => $lstat)); + + return $lstat; + } + + /** + * Returns general information about a file or symbolic link + * + * Determines information without calling \phpseclib\Net\SFTP::_realpath(). + * The second parameter can be either NET_SFTP_STAT or NET_SFTP_LSTAT. + * + * @param string $filename + * @param int $type + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return mixed + * @access private + */ + function _stat($filename, $type) + { + // SFTPv4+ adds an additional 32-bit integer field - flags - to the following: + $packet = pack('Na*', strlen($filename), $filename); + if (!$this->_send_sftp_packet($type, $packet)) { + return false; + } + + $response = $this->_get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_ATTRS: + return $this->_parseAttributes($response); + case NET_SFTP_STATUS: + $this->_logError($response); + return false; + } + + throw new \UnexpectedValueException('Expected SSH_FXP_ATTRS or SSH_FXP_STATUS'); + } + + /** + * Truncates a file to a given length + * + * @param string $filename + * @param int $new_size + * @return bool + * @access public + */ + function truncate($filename, $new_size) + { + $attr = pack('N3', NET_SFTP_ATTR_SIZE, $new_size / 4294967296, $new_size); // 4294967296 == 0x100000000 == 1<<32 + + return $this->_setstat($filename, $attr, false); + } + + /** + * Sets access and modification time of file. + * + * If the file does not exist, it will be created. + * + * @param string $filename + * @param int $time + * @param int $atime + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return bool + * @access public + */ + function touch($filename, $time = null, $atime = null) + { + if (!($this->bitmap & SSH2::MASK_LOGIN)) { + return false; + } + + $filename = $this->_realpath($filename); + if ($filename === false) { + return false; + } + + if (!isset($time)) { + $time = time(); + } + if (!isset($atime)) { + $atime = $time; + } + + $flags = NET_SFTP_OPEN_WRITE | NET_SFTP_OPEN_CREATE | NET_SFTP_OPEN_EXCL; + $attr = pack('N3', NET_SFTP_ATTR_ACCESSTIME, $time, $atime); + $packet = pack('Na*Na*', strlen($filename), $filename, $flags, $attr); + if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) { + return false; + } + + $response = $this->_get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_HANDLE: + return $this->_close_handle(substr($response, 4)); + case NET_SFTP_STATUS: + $this->_logError($response); + break; + default: + throw new \UnexpectedValueException('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS'); + } + + return $this->_setstat($filename, $attr, false); + } + + /** + * Changes file or directory owner + * + * Returns true on success or false on error. + * + * @param string $filename + * @param int $uid + * @param bool $recursive + * @return bool + * @access public + */ + function chown($filename, $uid, $recursive = false) + { + // quoting from , + // "if the owner or group is specified as -1, then that ID is not changed" + $attr = pack('N3', NET_SFTP_ATTR_UIDGID, $uid, -1); + + return $this->_setstat($filename, $attr, $recursive); + } + + /** + * Changes file or directory group + * + * Returns true on success or false on error. + * + * @param string $filename + * @param int $gid + * @param bool $recursive + * @return bool + * @access public + */ + function chgrp($filename, $gid, $recursive = false) + { + $attr = pack('N3', NET_SFTP_ATTR_UIDGID, -1, $gid); + + return $this->_setstat($filename, $attr, $recursive); + } + + /** + * Set permissions on a file. + * + * Returns the new file permissions on success or false on error. + * If $recursive is true than this just returns true or false. + * + * @param int $mode + * @param string $filename + * @param bool $recursive + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return mixed + * @access public + */ + function chmod($mode, $filename, $recursive = false) + { + if (is_string($mode) && is_int($filename)) { + $temp = $mode; + $mode = $filename; + $filename = $temp; + } + + $attr = pack('N2', NET_SFTP_ATTR_PERMISSIONS, $mode & 07777); + if (!$this->_setstat($filename, $attr, $recursive)) { + return false; + } + if ($recursive) { + return true; + } + + $filename = $this->_realPath($filename); + // rather than return what the permissions *should* be, we'll return what they actually are. this will also + // tell us if the file actually exists. + // incidentally, SFTPv4+ adds an additional 32-bit integer field - flags - to the following: + $packet = pack('Na*', strlen($filename), $filename); + if (!$this->_send_sftp_packet(NET_SFTP_STAT, $packet)) { + return false; + } + + $response = $this->_get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_ATTRS: + $attrs = $this->_parseAttributes($response); + return $attrs['permissions']; + case NET_SFTP_STATUS: + $this->_logError($response); + return false; + } + + throw new \UnexpectedValueException('Expected SSH_FXP_ATTRS or SSH_FXP_STATUS'); + } + + /** + * Sets information about a file + * + * @param string $filename + * @param string $attr + * @param bool $recursive + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return bool + * @access private + */ + function _setstat($filename, $attr, $recursive) + { + if (!($this->bitmap & SSH2::MASK_LOGIN)) { + return false; + } + + $filename = $this->_realpath($filename); + if ($filename === false) { + return false; + } + + $this->_remove_from_stat_cache($filename); + + if ($recursive) { + $i = 0; + $result = $this->_setstat_recursive($filename, $attr, $i); + $this->_read_put_responses($i); + return $result; + } + + // SFTPv4+ has an additional byte field - type - that would need to be sent, as well. setting it to + // SSH_FILEXFER_TYPE_UNKNOWN might work. if not, we'd have to do an SSH_FXP_STAT before doing an SSH_FXP_SETSTAT. + if (!$this->_send_sftp_packet(NET_SFTP_SETSTAT, pack('Na*a*', strlen($filename), $filename, $attr))) { + return false; + } + + /* + "Because some systems must use separate system calls to set various attributes, it is possible that a failure + response will be returned, but yet some of the attributes may be have been successfully modified. If possible, + servers SHOULD avoid this situation; however, clients MUST be aware that this is possible." + + -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.6 + */ + $response = $this->_get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); + } + + extract(unpack('Nstatus', $this->_string_shift($response, 4))); + if ($status != NET_SFTP_STATUS_OK) { + $this->_logError($response, $status); + return false; + } + + return true; + } + + /** + * Recursively sets information on directories on the SFTP server + * + * Minimizes directory lookups and SSH_FXP_STATUS requests for speed. + * + * @param string $path + * @param string $attr + * @param int $i + * @return bool + * @access private + */ + function _setstat_recursive($path, $attr, &$i) + { + if (!$this->_read_put_responses($i)) { + return false; + } + $i = 0; + $entries = $this->_list($path, true); + + if ($entries === false) { + return $this->_setstat($path, $attr, false); + } + + // normally $entries would have at least . and .. but it might not if the directories + // permissions didn't allow reading + if (empty($entries)) { + return false; + } + + unset($entries['.'], $entries['..']); + foreach ($entries as $filename => $props) { + if (!isset($props['type'])) { + return false; + } + + $temp = $path . '/' . $filename; + if ($props['type'] == NET_SFTP_TYPE_DIRECTORY) { + if (!$this->_setstat_recursive($temp, $attr, $i)) { + return false; + } + } else { + if (!$this->_send_sftp_packet(NET_SFTP_SETSTAT, pack('Na*a*', strlen($temp), $temp, $attr))) { + return false; + } + + $i++; + + if ($i >= NET_SFTP_QUEUE_SIZE) { + if (!$this->_read_put_responses($i)) { + return false; + } + $i = 0; + } + } + } + + if (!$this->_send_sftp_packet(NET_SFTP_SETSTAT, pack('Na*a*', strlen($path), $path, $attr))) { + return false; + } + + $i++; + + if ($i >= NET_SFTP_QUEUE_SIZE) { + if (!$this->_read_put_responses($i)) { + return false; + } + $i = 0; + } + + return true; + } + + /** + * Return the target of a symbolic link + * + * @param string $link + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return mixed + * @access public + */ + function readlink($link) + { + if (!($this->bitmap & SSH2::MASK_LOGIN)) { + return false; + } + + $link = $this->_realpath($link); + + if (!$this->_send_sftp_packet(NET_SFTP_READLINK, pack('Na*', strlen($link), $link))) { + return false; + } + + $response = $this->_get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_NAME: + break; + case NET_SFTP_STATUS: + $this->_logError($response); + return false; + default: + throw new \UnexpectedValueException('Expected SSH_FXP_NAME or SSH_FXP_STATUS'); + } + + extract(unpack('Ncount', $this->_string_shift($response, 4))); + // the file isn't a symlink + if (!$count) { + return false; + } + + extract(unpack('Nlength', $this->_string_shift($response, 4))); + return $this->_string_shift($response, $length); + } + + /** + * Create a symlink + * + * symlink() creates a symbolic link to the existing target with the specified name link. + * + * @param string $target + * @param string $link + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return bool + * @access public + */ + function symlink($target, $link) + { + if (!($this->bitmap & SSH2::MASK_LOGIN)) { + return false; + } + + $target = $this->_realpath($target); + $link = $this->_realpath($link); + + $packet = pack('Na*Na*', strlen($target), $target, strlen($link), $link); + if (!$this->_send_sftp_packet(NET_SFTP_SYMLINK, $packet)) { + return false; + } + + $response = $this->_get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); + } + + extract(unpack('Nstatus', $this->_string_shift($response, 4))); + if ($status != NET_SFTP_STATUS_OK) { + $this->_logError($response, $status); + return false; + } + + return true; + } + + /** + * Creates a directory. + * + * @param string $dir + * @return bool + * @access public + */ + function mkdir($dir, $mode = -1, $recursive = false) + { + if (!($this->bitmap & SSH2::MASK_LOGIN)) { + return false; + } + + $dir = $this->_realpath($dir); + // by not providing any permissions, hopefully the server will use the logged in users umask - their + // default permissions. + $attr = $mode == -1 ? "\0\0\0\0" : pack('N2', NET_SFTP_ATTR_PERMISSIONS, $mode & 07777); + + if ($recursive) { + $dirs = explode('/', preg_replace('#/(?=/)|/$#', '', $dir)); + if (empty($dirs[0])) { + array_shift($dirs); + $dirs[0] = '/' . $dirs[0]; + } + for ($i = 0; $i < count($dirs); $i++) { + $temp = array_slice($dirs, 0, $i + 1); + $temp = implode('/', $temp); + $result = $this->_mkdir_helper($temp, $attr); + } + return $result; + } + + return $this->_mkdir_helper($dir, $attr); + } + + /** + * Helper function for directory creation + * + * @param string $dir + * @return bool + * @throws \UnexpectedValueException on receipt of unexpected packets + * @access private + */ + function _mkdir_helper($dir, $attr) + { + if (!$this->_send_sftp_packet(NET_SFTP_MKDIR, pack('Na*a*', strlen($dir), $dir, $attr))) { + return false; + } + + $response = $this->_get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); + } + + extract(unpack('Nstatus', $this->_string_shift($response, 4))); + if ($status != NET_SFTP_STATUS_OK) { + $this->_logError($response, $status); + return false; + } + + return true; + } + + /** + * Removes a directory. + * + * @param string $dir + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return bool + * @access public + */ + function rmdir($dir) + { + if (!($this->bitmap & SSH2::MASK_LOGIN)) { + return false; + } + + $dir = $this->_realpath($dir); + if ($dir === false) { + return false; + } + + if (!$this->_send_sftp_packet(NET_SFTP_RMDIR, pack('Na*', strlen($dir), $dir))) { + return false; + } + + $response = $this->_get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); + } + + extract(unpack('Nstatus', $this->_string_shift($response, 4))); + if ($status != NET_SFTP_STATUS_OK) { + // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED? + $this->_logError($response, $status); + return false; + } + + $this->_remove_from_stat_cache($dir); + // the following will do a soft delete, which would be useful if you deleted a file + // and then tried to do a stat on the deleted file. the above, in contrast, does + // a hard delete + //$this->_update_stat_cache($dir, false); + + return true; + } + + /** + * Uploads a file to the SFTP server. + * + * By default, \phpseclib\Net\SFTP::put() does not read from the local filesystem. $data is dumped directly into $remote_file. + * So, for example, if you set $data to 'filename.ext' and then do \phpseclib\Net\SFTP::get(), you will get a file, twelve bytes + * long, containing 'filename.ext' as its contents. + * + * Setting $mode to self::SOURCE_LOCAL_FILE will change the above behavior. With self::SOURCE_LOCAL_FILE, $remote_file will + * contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how + * large $remote_file will be, as well. + * + * Setting $mode to self::SOURCE_CALLBACK will use $data as callback function, which gets only one parameter -- number of bytes to return, and returns a string if there is some data or null if there is no more data + * + * If $data is a resource then it'll be used as a resource instead. + * + * Currently, only binary mode is supported. As such, if the line endings need to be adjusted, you will need to take + * care of that, yourself. + * + * $mode can take an additional two parameters - self::RESUME and self::RESUME_START. These are bitwise AND'd with + * $mode. So if you want to resume upload of a 300mb file on the local file system you'd set $mode to the following: + * + * self::SOURCE_LOCAL_FILE | self::RESUME + * + * If you wanted to simply append the full contents of a local file to the full contents of a remote file you'd replace + * self::RESUME with self::RESUME_START. + * + * If $mode & (self::RESUME | self::RESUME_START) then self::RESUME_START will be assumed. + * + * $start and $local_start give you more fine grained control over this process and take precident over self::RESUME + * when they're non-negative. ie. $start could let you write at the end of a file (like self::RESUME) or in the middle + * of one. $local_start could let you start your reading from the end of a file (like self::RESUME_START) or in the + * middle of one. + * + * Setting $local_start to > 0 or $mode | self::RESUME_START doesn't do anything unless $mode | self::SOURCE_LOCAL_FILE. + * + * @param string $remote_file + * @param string|resource $data + * @param int $mode + * @param int $start + * @param int $local_start + * @param callable|null $progressCallback + * @throws \UnexpectedValueException on receipt of unexpected packets + * @throws \BadFunctionCallException if you're uploading via a callback and the callback function is invalid + * @throws \phpseclib\Exception\FileNotFoundException if you're uploading via a file and the file doesn't exist + * @return bool + * @access public + * @internal ASCII mode for SFTPv4/5/6 can be supported by adding a new function - \phpseclib\Net\SFTP::setMode(). + */ + function put($remote_file, $data, $mode = self::SOURCE_STRING, $start = -1, $local_start = -1, $progressCallback = null) + { + if (!($this->bitmap & SSH2::MASK_LOGIN)) { + return false; + } + + $remote_file = $this->_realpath($remote_file); + if ($remote_file === false) { + return false; + } + + $this->_remove_from_stat_cache($remote_file); + + $flags = NET_SFTP_OPEN_WRITE | NET_SFTP_OPEN_CREATE; + // according to the SFTP specs, NET_SFTP_OPEN_APPEND should "force all writes to append data at the end of the file." + // in practice, it doesn't seem to do that. + //$flags|= ($mode & self::RESUME) ? NET_SFTP_OPEN_APPEND : NET_SFTP_OPEN_TRUNCATE; + + if ($start >= 0) { + $offset = $start; + } elseif ($mode & self::RESUME) { + // if NET_SFTP_OPEN_APPEND worked as it should _size() wouldn't need to be called + $size = $this->size($remote_file); + $offset = $size !== false ? $size : 0; + } else { + $offset = 0; + $flags|= NET_SFTP_OPEN_TRUNCATE; + } + + $packet = pack('Na*N2', strlen($remote_file), $remote_file, $flags, 0); + if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) { + return false; + } + + $response = $this->_get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_HANDLE: + $handle = substr($response, 4); + break; + case NET_SFTP_STATUS: + $this->_logError($response); + return false; + default: + throw new \UnexpectedValueException('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS'); + } + + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.2.3 + $dataCallback = false; + switch (true) { + case $mode & self::SOURCE_CALLBACK: + if (!is_callable($data)) { + throw new \BadFunctionCallException("\$data should be is_callable() if you specify SOURCE_CALLBACK flag"); + } + $dataCallback = $data; + // do nothing + break; + case is_resource($data): + $mode = $mode & ~self::SOURCE_LOCAL_FILE; + $fp = $data; + break; + case $mode & self::SOURCE_LOCAL_FILE: + if (!is_file($data)) { + throw new FileNotFoundException("$data is not a valid file"); + } + $fp = @fopen($data, 'rb'); + if (!$fp) { + return false; + } + } + + if (isset($fp)) { + $stat = fstat($fp); + $size = $stat['size']; + + if ($local_start >= 0) { + fseek($fp, $local_start); + $size-= $local_start; + } + } elseif ($dataCallback) { + $size = 0; + } else { + $size = strlen($data); + } + + $sent = 0; + $size = $size < 0 ? ($size & 0x7FFFFFFF) + 0x80000000 : $size; + + $sftp_packet_size = 4096; // PuTTY uses 4096 + // make the SFTP packet be exactly 4096 bytes by including the bytes in the NET_SFTP_WRITE packets "header" + $sftp_packet_size-= strlen($handle) + 25; + $i = 0; + while ($dataCallback || $sent < $size) { + if ($dataCallback) { + $temp = call_user_func($dataCallback, $sftp_packet_size); + if (is_null($temp)) { + break; + } + } else { + $temp = isset($fp) ? fread($fp, $sftp_packet_size) : substr($data, $sent, $sftp_packet_size); + } + $subtemp = $offset + $sent; + $packet = pack('Na*N3a*', strlen($handle), $handle, $subtemp / 4294967296, $subtemp, strlen($temp), $temp); + if (!$this->_send_sftp_packet(NET_SFTP_WRITE, $packet)) { + if ($mode & self::SOURCE_LOCAL_FILE) { + fclose($fp); + } + return false; + } + $sent+= strlen($temp); + if (is_callable($progressCallback)) { + call_user_func($progressCallback, $sent); + } + + $i++; + + if ($i == NET_SFTP_QUEUE_SIZE) { + if (!$this->_read_put_responses($i)) { + $i = 0; + break; + } + $i = 0; + } + } + + if (!$this->_read_put_responses($i)) { + if ($mode & self::SOURCE_LOCAL_FILE) { + fclose($fp); + } + $this->_close_handle($handle); + return false; + } + + if ($mode & self::SOURCE_LOCAL_FILE) { + fclose($fp); + } + + return $this->_close_handle($handle); + } + + /** + * Reads multiple successive SSH_FXP_WRITE responses + * + * Sending an SSH_FXP_WRITE packet and immediately reading its response isn't as efficient as blindly sending out $i + * SSH_FXP_WRITEs, in succession, and then reading $i responses. + * + * @param int $i + * @return bool + * @throws \UnexpectedValueException on receipt of unexpected packets + * @access private + */ + function _read_put_responses($i) + { + while ($i--) { + $response = $this->_get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); + } + + extract(unpack('Nstatus', $this->_string_shift($response, 4))); + if ($status != NET_SFTP_STATUS_OK) { + $this->_logError($response, $status); + break; + } + } + + return $i < 0; + } + + /** + * Close handle + * + * @param string $handle + * @return bool + * @throws \UnexpectedValueException on receipt of unexpected packets + * @access private + */ + function _close_handle($handle) + { + if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) { + return false; + } + + // "The client MUST release all resources associated with the handle regardless of the status." + // -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.3 + $response = $this->_get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); + } + + extract(unpack('Nstatus', $this->_string_shift($response, 4))); + if ($status != NET_SFTP_STATUS_OK) { + $this->_logError($response, $status); + return false; + } + + return true; + } + + /** + * Downloads a file from the SFTP server. + * + * Returns a string containing the contents of $remote_file if $local_file is left undefined or a boolean false if + * the operation was unsuccessful. If $local_file is defined, returns true or false depending on the success of the + * operation. + * + * $offset and $length can be used to download files in chunks. + * + * @param string $remote_file + * @param string $local_file + * @param int $offset + * @param int $length + * @throws \UnexpectedValueException on receipt of unexpected packets + * @return mixed + * @access public + */ + function get($remote_file, $local_file = false, $offset = 0, $length = -1) + { + if (!($this->bitmap & SSH2::MASK_LOGIN)) { + return false; + } + + $remote_file = $this->_realpath($remote_file); + if ($remote_file === false) { + return false; + } + + $packet = pack('Na*N2', strlen($remote_file), $remote_file, NET_SFTP_OPEN_READ, 0); + if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) { + return false; + } + + $response = $this->_get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_HANDLE: + $handle = substr($response, 4); + break; + case NET_SFTP_STATUS: // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED + $this->_logError($response); + return false; + default: + throw new \UnexpectedValueException('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS'); + } + + if (is_resource($local_file)) { + $fp = $local_file; + $stat = fstat($fp); + $res_offset = $stat['size']; + } else { + $res_offset = 0; + if ($local_file !== false) { + $fp = fopen($local_file, 'wb'); + if (!$fp) { + return false; + } + } else { + $content = ''; + } + } + + $fclose_check = $local_file !== false && !is_resource($local_file); + + $start = $offset; + $read = 0; + while (true) { + $i = 0; + + while ($i < NET_SFTP_QUEUE_SIZE && ($length < 0 || $read < $length)) { + $tempoffset = $start + $read; + + $packet_size = $length > 0 ? min($this->max_sftp_packet, $length - $read) : $this->max_sftp_packet; + + $packet = pack('Na*N3', strlen($handle), $handle, $tempoffset / 4294967296, $tempoffset, $packet_size); + if (!$this->_send_sftp_packet(NET_SFTP_READ, $packet)) { + if ($fclose_check) { + fclose($fp); + } + return false; + } + $packet = null; + $read+= $packet_size; + $i++; + } + + if (!$i) { + break; + } + + $clear_responses = false; + while ($i > 0) { + $i--; + + if ($clear_responses) { + $this->_get_sftp_packet(); + continue; + } else { + $response = $this->_get_sftp_packet(); + } + + switch ($this->packet_type) { + case NET_SFTP_DATA: + $temp = substr($response, 4); + $offset+= strlen($temp); + if ($local_file === false) { + $content.= $temp; + } else { + fputs($fp, $temp); + } + $temp = null; + break; + case NET_SFTP_STATUS: + // could, in theory, return false if !strlen($content) but we'll hold off for the time being + $this->_logError($response); + $clear_responses = true; // don't break out of the loop yet, so we can read the remaining responses + break; + default: + if ($fclose_check) { + fclose($fp); + } + throw new \UnexpectedValueException('Expected SSH_FXP_DATA or SSH_FXP_STATUS'); + } + $response = null; + } + + if ($clear_responses) { + break; + } + } + + if ($length > 0 && $length <= $offset - $start) { + if ($local_file === false) { + $content = substr($content, 0, $length); + } else { + ftruncate($fp, $length + $res_offset); + } + } + + if ($fclose_check) { + fclose($fp); + } + + if (!$this->_close_handle($handle)) { + return false; + } + + // if $content isn't set that means a file was written to + return isset($content) ? $content : true; + } + + /** + * Deletes a file on the SFTP server. + * + * @param string $path + * @param bool $recursive + * @return bool + * @throws \UnexpectedValueException on receipt of unexpected packets + * @access public + */ + function delete($path, $recursive = true) + { + if (!($this->bitmap & SSH2::MASK_LOGIN)) { + return false; + } + + $path = $this->_realpath($path); + if ($path === false) { + return false; + } + + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3 + if (!$this->_send_sftp_packet(NET_SFTP_REMOVE, pack('Na*', strlen($path), $path))) { + return false; + } + + $response = $this->_get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); + } + + // if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED + extract(unpack('Nstatus', $this->_string_shift($response, 4))); + if ($status != NET_SFTP_STATUS_OK) { + $this->_logError($response, $status); + if (!$recursive) { + return false; + } + $i = 0; + $result = $this->_delete_recursive($path, $i); + $this->_read_put_responses($i); + return $result; + } + + $this->_remove_from_stat_cache($path); + + return true; + } + + /** + * Recursively deletes directories on the SFTP server + * + * Minimizes directory lookups and SSH_FXP_STATUS requests for speed. + * + * @param string $path + * @param int $i + * @return bool + * @access private + */ + function _delete_recursive($path, &$i) + { + if (!$this->_read_put_responses($i)) { + return false; + } + $i = 0; + $entries = $this->_list($path, true); + + // normally $entries would have at least . and .. but it might not if the directories + // permissions didn't allow reading + if (empty($entries)) { + return false; + } + + unset($entries['.'], $entries['..']); + foreach ($entries as $filename => $props) { + if (!isset($props['type'])) { + return false; + } + + $temp = $path . '/' . $filename; + if ($props['type'] == NET_SFTP_TYPE_DIRECTORY) { + if (!$this->_delete_recursive($temp, $i)) { + return false; + } + } else { + if (!$this->_send_sftp_packet(NET_SFTP_REMOVE, pack('Na*', strlen($temp), $temp))) { + return false; + } + $this->_remove_from_stat_cache($temp); + + $i++; + + if ($i >= NET_SFTP_QUEUE_SIZE) { + if (!$this->_read_put_responses($i)) { + return false; + } + $i = 0; + } + } + } + + if (!$this->_send_sftp_packet(NET_SFTP_RMDIR, pack('Na*', strlen($path), $path))) { + return false; + } + $this->_remove_from_stat_cache($path); + + $i++; + + if ($i >= NET_SFTP_QUEUE_SIZE) { + if (!$this->_read_put_responses($i)) { + return false; + } + $i = 0; + } + + return true; + } + + /** + * Checks whether a file or directory exists + * + * @param string $path + * @return bool + * @access public + */ + function file_exists($path) + { + if ($this->use_stat_cache) { + $path = $this->_realpath($path); + + $result = $this->_query_stat_cache($path); + + if (isset($result)) { + // return true if $result is an array or if it's an stdClass object + return $result !== false; + } + } + + return $this->stat($path) !== false; + } + + /** + * Tells whether the filename is a directory + * + * @param string $path + * @return bool + * @access public + */ + function is_dir($path) + { + $result = $this->_get_stat_cache_prop($path, 'type'); + if ($result === false) { + return false; + } + return $result === NET_SFTP_TYPE_DIRECTORY; + } + + /** + * Tells whether the filename is a regular file + * + * @param string $path + * @return bool + * @access public + */ + function is_file($path) + { + $result = $this->_get_stat_cache_prop($path, 'type'); + if ($result === false) { + return false; + } + return $result === NET_SFTP_TYPE_REGULAR; + } + + /** + * Tells whether the filename is a symbolic link + * + * @param string $path + * @return bool + * @access public + */ + function is_link($path) + { + $result = $this->_get_lstat_cache_prop($path, 'type'); + if ($result === false) { + return false; + } + return $result === NET_SFTP_TYPE_SYMLINK; + } + + /** + * Tells whether a file exists and is readable + * + * @param string $path + * @return bool + * @access public + */ + function is_readable($path) + { + $path = $this->_realpath($path); + + $packet = pack('Na*N2', strlen($path), $path, NET_SFTP_OPEN_READ, 0); + if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) { + return false; + } + + $response = $this->_get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_HANDLE: + return true; + case NET_SFTP_STATUS: // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED + return false; + default: + user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS'); + return false; + } + } + + /** + * Tells whether the filename is writable + * + * @param string $path + * @return bool + * @access public + */ + function is_writable($path) + { + $path = $this->_realpath($path); + + $packet = pack('Na*N2', strlen($path), $path, NET_SFTP_OPEN_WRITE, 0); + if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) { + return false; + } + + $response = $this->_get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_HANDLE: + return true; + case NET_SFTP_STATUS: // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED + return false; + default: + user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS'); + return false; + } + } + + /** + * Tells whether the filename is writeable + * + * Alias of is_writable + * + * @param string $path + * @return bool + * @access public + */ + function is_writeable($path) + { + return $this->is_writable($path); + } + + /** + * Gets last access time of file + * + * @param string $path + * @return mixed + * @access public + */ + function fileatime($path) + { + return $this->_get_stat_cache_prop($path, 'atime'); + } + + /** + * Gets file modification time + * + * @param string $path + * @return mixed + * @access public + */ + function filemtime($path) + { + return $this->_get_stat_cache_prop($path, 'mtime'); + } + + /** + * Gets file permissions + * + * @param string $path + * @return mixed + * @access public + */ + function fileperms($path) + { + return $this->_get_stat_cache_prop($path, 'permissions'); + } + + /** + * Gets file owner + * + * @param string $path + * @return mixed + * @access public + */ + function fileowner($path) + { + return $this->_get_stat_cache_prop($path, 'uid'); + } + + /** + * Gets file group + * + * @param string $path + * @return mixed + * @access public + */ + function filegroup($path) + { + return $this->_get_stat_cache_prop($path, 'gid'); + } + + /** + * Gets file size + * + * @param string $path + * @return mixed + * @access public + */ + function filesize($path) + { + return $this->_get_stat_cache_prop($path, 'size'); + } + + /** + * Gets file type + * + * @param string $path + * @return mixed + * @access public + */ + function filetype($path) + { + $type = $this->_get_stat_cache_prop($path, 'type'); + if ($type === false) { + return false; + } + + switch ($type) { + case NET_SFTP_TYPE_BLOCK_DEVICE: + return 'block'; + case NET_SFTP_TYPE_CHAR_DEVICE: + return 'char'; + case NET_SFTP_TYPE_DIRECTORY: + return 'dir'; + case NET_SFTP_TYPE_FIFO: + return 'fifo'; + case NET_SFTP_TYPE_REGULAR: + return 'file'; + case NET_SFTP_TYPE_SYMLINK: + return 'link'; + default: + return false; + } + } + + /** + * Return a stat properity + * + * Uses cache if appropriate. + * + * @param string $path + * @param string $prop + * @return mixed + * @access private + */ + function _get_stat_cache_prop($path, $prop) + { + return $this->_get_xstat_cache_prop($path, $prop, 'stat'); + } + + /** + * Return an lstat properity + * + * Uses cache if appropriate. + * + * @param string $path + * @param string $prop + * @return mixed + * @access private + */ + function _get_lstat_cache_prop($path, $prop) + { + return $this->_get_xstat_cache_prop($path, $prop, 'lstat'); + } + + /** + * Return a stat or lstat properity + * + * Uses cache if appropriate. + * + * @param string $path + * @param string $prop + * @return mixed + * @access private + */ + function _get_xstat_cache_prop($path, $prop, $type) + { + if ($this->use_stat_cache) { + $path = $this->_realpath($path); + + $result = $this->_query_stat_cache($path); + + if (is_object($result) && isset($result->$type)) { + return $result->{$type}[$prop]; + } + } + + $result = $this->$type($path); + + if ($result === false || !isset($result[$prop])) { + return false; + } + + return $result[$prop]; + } + + /** + * Renames a file or a directory on the SFTP server + * + * @param string $oldname + * @param string $newname + * @return bool + * @throws \UnexpectedValueException on receipt of unexpected packets + * @access public + */ + function rename($oldname, $newname) + { + if (!($this->bitmap & SSH2::MASK_LOGIN)) { + return false; + } + + $oldname = $this->_realpath($oldname); + $newname = $this->_realpath($newname); + if ($oldname === false || $newname === false) { + return false; + } + + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3 + $packet = pack('Na*Na*', strlen($oldname), $oldname, strlen($newname), $newname); + if (!$this->_send_sftp_packet(NET_SFTP_RENAME, $packet)) { + return false; + } + + $response = $this->_get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); + } + + // if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED + extract(unpack('Nstatus', $this->_string_shift($response, 4))); + if ($status != NET_SFTP_STATUS_OK) { + $this->_logError($response, $status); + return false; + } + + // don't move the stat cache entry over since this operation could very well change the + // atime and mtime attributes + //$this->_update_stat_cache($newname, $this->_query_stat_cache($oldname)); + $this->_remove_from_stat_cache($oldname); + $this->_remove_from_stat_cache($newname); + + return true; + } + + /** + * Parse Attributes + * + * See '7. File Attributes' of draft-ietf-secsh-filexfer-13 for more info. + * + * @param string $response + * @return array + * @access private + */ + function _parseAttributes(&$response) + { + $attr = array(); + extract(unpack('Nflags', $this->_string_shift($response, 4))); + // SFTPv4+ have a type field (a byte) that follows the above flag field + foreach ($this->attributes as $key => $value) { + switch ($flags & $key) { + case NET_SFTP_ATTR_SIZE: // 0x00000001 + // The size attribute is defined as an unsigned 64-bit integer. + // The following will use floats on 32-bit platforms, if necessary. + // As can be seen in the BigInteger class, floats are generally + // IEEE 754 binary64 "double precision" on such platforms and + // as such can represent integers of at least 2^50 without loss + // of precision. Interpreted in filesize, 2^50 bytes = 1024 TiB. + $attr['size'] = hexdec(Hex::encode($this->_string_shift($response, 8))); + break; + case NET_SFTP_ATTR_UIDGID: // 0x00000002 (SFTPv3 only) + $attr+= unpack('Nuid/Ngid', $this->_string_shift($response, 8)); + break; + case NET_SFTP_ATTR_PERMISSIONS: // 0x00000004 + $attr+= unpack('Npermissions', $this->_string_shift($response, 4)); + // mode == permissions; permissions was the original array key and is retained for bc purposes. + // mode was added because that's the more industry standard terminology + $attr+= array('mode' => $attr['permissions']); + $fileType = $this->_parseMode($attr['permissions']); + if ($fileType !== false) { + $attr+= array('type' => $fileType); + } + break; + case NET_SFTP_ATTR_ACCESSTIME: // 0x00000008 + $attr+= unpack('Natime/Nmtime', $this->_string_shift($response, 8)); + break; + case NET_SFTP_ATTR_EXTENDED: // 0x80000000 + extract(unpack('Ncount', $this->_string_shift($response, 4))); + for ($i = 0; $i < $count; $i++) { + extract(unpack('Nlength', $this->_string_shift($response, 4))); + $key = $this->_string_shift($response, $length); + extract(unpack('Nlength', $this->_string_shift($response, 4))); + $attr[$key] = $this->_string_shift($response, $length); + } + } + } + return $attr; + } + + /** + * Attempt to identify the file type + * + * Quoting the SFTP RFC, "Implementations MUST NOT send bits that are not defined" but they seem to anyway + * + * @param int $mode + * @return int + * @access private + */ + function _parseMode($mode) + { + // values come from http://lxr.free-electrons.com/source/include/uapi/linux/stat.h#L12 + // see, also, http://linux.die.net/man/2/stat + switch ($mode & 0170000) {// ie. 1111 0000 0000 0000 + case 0000000: // no file type specified - figure out the file type using alternative means + return false; + case 0040000: + return NET_SFTP_TYPE_DIRECTORY; + case 0100000: + return NET_SFTP_TYPE_REGULAR; + case 0120000: + return NET_SFTP_TYPE_SYMLINK; + // new types introduced in SFTPv5+ + // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-05#section-5.2 + case 0010000: // named pipe (fifo) + return NET_SFTP_TYPE_FIFO; + case 0020000: // character special + return NET_SFTP_TYPE_CHAR_DEVICE; + case 0060000: // block special + return NET_SFTP_TYPE_BLOCK_DEVICE; + case 0140000: // socket + return NET_SFTP_TYPE_SOCKET; + case 0160000: // whiteout + // "SPECIAL should be used for files that are of + // a known type which cannot be expressed in the protocol" + return NET_SFTP_TYPE_SPECIAL; + default: + return NET_SFTP_TYPE_UNKNOWN; + } + } + + /** + * Parse Longname + * + * SFTPv3 doesn't provide any easy way of identifying a file type. You could try to open + * a file as a directory and see if an error is returned or you could try to parse the + * SFTPv3-specific longname field of the SSH_FXP_NAME packet. That's what this function does. + * The result is returned using the + * {@link http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-5.2 SFTPv4 type constants}. + * + * If the longname is in an unrecognized format bool(false) is returned. + * + * @param string $longname + * @return mixed + * @access private + */ + function _parseLongname($longname) + { + // http://en.wikipedia.org/wiki/Unix_file_types + // http://en.wikipedia.org/wiki/Filesystem_permissions#Notation_of_traditional_Unix_permissions + if (preg_match('#^[^/]([r-][w-][xstST-]){3}#', $longname)) { + switch ($longname[0]) { + case '-': + return NET_SFTP_TYPE_REGULAR; + case 'd': + return NET_SFTP_TYPE_DIRECTORY; + case 'l': + return NET_SFTP_TYPE_SYMLINK; + default: + return NET_SFTP_TYPE_SPECIAL; + } + } + + return false; + } + + /** + * Sends SFTP Packets + * + * See '6. General Packet Format' of draft-ietf-secsh-filexfer-13 for more info. + * + * @param int $type + * @param string $data + * @see self::_get_sftp_packet() + * @see self::_send_channel_packet() + * @return bool + * @access private + */ + function _send_sftp_packet($type, $data) + { + $packet = $this->request_id !== false ? + pack('NCNa*', strlen($data) + 5, $type, $this->request_id, $data) : + pack('NCa*', strlen($data) + 1, $type, $data); + + $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 + $result = $this->_send_channel_packet(self::CHANNEL, $packet); + $stop = strtok(microtime(), ' ') + strtok(''); + + if (defined('NET_SFTP_LOGGING')) { + $packet_type = '-> ' . $this->packet_types[$type] . + ' (' . round($stop - $start, 4) . 's)'; + if (NET_SFTP_LOGGING == self::LOG_REALTIME) { + echo "
    \r\n" . $this->_format_log(array($data), array($packet_type)) . "\r\n
    \r\n"; + flush(); + ob_flush(); + } else { + $this->packet_type_log[] = $packet_type; + if (NET_SFTP_LOGGING == self::LOG_COMPLEX) { + $this->packet_log[] = $data; + } + } + } + + return $result; + } + + /** + * Receives SFTP Packets + * + * See '6. General Packet Format' of draft-ietf-secsh-filexfer-13 for more info. + * + * Incidentally, the number of SSH_MSG_CHANNEL_DATA messages has no bearing on the number of SFTP packets present. + * There can be one SSH_MSG_CHANNEL_DATA messages containing two SFTP packets or there can be two SSH_MSG_CHANNEL_DATA + * messages containing one SFTP packet. + * + * @see self::_send_sftp_packet() + * @return string + * @access private + */ + function _get_sftp_packet() + { + $this->curTimeout = false; + + $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 + + // SFTP packet length + while (strlen($this->packet_buffer) < 4) { + $temp = $this->_get_channel_packet(self::CHANNEL); + if (is_bool($temp)) { + $this->packet_type = false; + $this->packet_buffer = ''; + return false; + } + $this->packet_buffer.= $temp; + } + extract(unpack('Nlength', $this->_string_shift($this->packet_buffer, 4))); + $tempLength = $length; + $tempLength-= strlen($this->packet_buffer); + + // SFTP packet type and data payload + while ($tempLength > 0) { + $temp = $this->_get_channel_packet(self::CHANNEL); + if (is_bool($temp)) { + $this->packet_type = false; + $this->packet_buffer = ''; + return false; + } + $this->packet_buffer.= $temp; + $tempLength-= strlen($temp); + } + + $stop = strtok(microtime(), ' ') + strtok(''); + + $this->packet_type = ord($this->_string_shift($this->packet_buffer)); + + if ($this->request_id !== false) { + $this->_string_shift($this->packet_buffer, 4); // remove the request id + $length-= 5; // account for the request id and the packet type + } else { + $length-= 1; // account for the packet type + } + + $packet = $this->_string_shift($this->packet_buffer, $length); + + if (defined('NET_SFTP_LOGGING')) { + $packet_type = '<- ' . $this->packet_types[$this->packet_type] . + ' (' . round($stop - $start, 4) . 's)'; + if (NET_SFTP_LOGGING == self::LOG_REALTIME) { + echo "
    \r\n" . $this->_format_log(array($packet), array($packet_type)) . "\r\n
    \r\n"; + flush(); + ob_flush(); + } else { + $this->packet_type_log[] = $packet_type; + if (NET_SFTP_LOGGING == self::LOG_COMPLEX) { + $this->packet_log[] = $packet; + } + } + } + + return $packet; + } + + /** + * Returns a log of the packets that have been sent and received. + * + * Returns a string if NET_SFTP_LOGGING == self::LOG_COMPLEX, an array if NET_SFTP_LOGGING == self::LOG_SIMPLE and false if !defined('NET_SFTP_LOGGING') + * + * @access public + * @return string or Array + */ + function getSFTPLog() + { + if (!defined('NET_SFTP_LOGGING')) { + return false; + } + + switch (NET_SFTP_LOGGING) { + case self::LOG_COMPLEX: + return $this->_format_log($this->packet_log, $this->packet_type_log); + break; + //case self::LOG_SIMPLE: + default: + return $this->packet_type_log; + } + } + + /** + * Returns all errors + * + * @return string + * @access public + */ + function getSFTPErrors() + { + return $this->sftp_errors; + } + + /** + * Returns the last error + * + * @return string + * @access public + */ + function getLastSFTPError() + { + return count($this->sftp_errors) ? $this->sftp_errors[count($this->sftp_errors) - 1] : ''; + } + + /** + * Get supported SFTP versions + * + * @return array + * @access public + */ + function getSupportedVersions() + { + $temp = array('version' => $this->version); + if (isset($this->extensions['versions'])) { + $temp['extensions'] = $this->extensions['versions']; + } + return $temp; + } + + /** + * Disconnect + * + * @param int $reason + * @return bool + * @access private + */ + function _disconnect($reason) + { + $this->pwd = false; + parent::_disconnect($reason); + } +} diff --git a/plugins/OStatus/extlib/phpseclib/Net/SFTP/Stream.php b/plugins/OStatus/extlib/phpseclib/Net/SFTP/Stream.php new file mode 100644 index 0000000000..d19d08b837 --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/Net/SFTP/Stream.php @@ -0,0 +1,795 @@ + + * @copyright 2013 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\Net\SFTP; + +use phpseclib\Crypt\RSA; +use phpseclib\Net\SFTP; +use phpseclib\Net\SSH2; + +/** + * SFTP Stream Wrapper + * + * @package SFTP + * @author Jim Wigginton + * @access public + */ +class Stream +{ + /** + * SFTP instances + * + * Rather than re-create the connection we re-use instances if possible + * + * @var array + */ + static $instances; + + /** + * SFTP instance + * + * @var object + * @access private + */ + var $sftp; + + /** + * Path + * + * @var string + * @access private + */ + var $path; + + /** + * Mode + * + * @var string + * @access private + */ + var $mode; + + /** + * Position + * + * @var int + * @access private + */ + var $pos; + + /** + * Size + * + * @var int + * @access private + */ + var $size; + + /** + * Directory entries + * + * @var array + * @access private + */ + var $entries; + + /** + * EOF flag + * + * @var bool + * @access private + */ + var $eof; + + /** + * Context resource + * + * Technically this needs to be publically accessible so PHP can set it directly + * + * @var resource + * @access public + */ + var $context; + + /** + * Notification callback function + * + * @var callable + * @access public + */ + var $notification; + + /** + * Registers this class as a URL wrapper. + * + * @param string $protocol The wrapper name to be registered. + * @return bool True on success, false otherwise. + * @access public + */ + static function register($protocol = 'sftp') + { + if (in_array($protocol, stream_get_wrappers(), true)) { + return false; + } + return stream_wrapper_register($protocol, get_called_class()); + } + + /** + * The Constructor + * + * @access public + */ + function __construct() + { + if (defined('NET_SFTP_STREAM_LOGGING')) { + echo "__construct()\r\n"; + } + } + + /** + * Path Parser + * + * Extract a path from a URI and actually connect to an SSH server if appropriate + * + * If "notification" is set as a context parameter the message code for successful login is + * NET_SSH2_MSG_USERAUTH_SUCCESS. For a failed login it's NET_SSH2_MSG_USERAUTH_FAILURE. + * + * @param string $path + * @return string + * @access private + */ + function _parse_path($path) + { + $orig = $path; + extract(parse_url($path) + array('port' => 22)); + if (isset($query)) { + $path.= '?' . $query; + } elseif (preg_match('/(\?|\?#)$/', $orig)) { + $path.= '?'; + } + if (isset($fragment)) { + $path.= '#' . $fragment; + } elseif ($orig[strlen($orig) - 1] == '#') { + $path.= '#'; + } + + if (!isset($host)) { + return false; + } + + if (isset($this->context)) { + $context = stream_context_get_params($this->context); + if (isset($context['notification'])) { + $this->notification = $context['notification']; + } + } + + if (preg_match('/^{[a-z0-9]+}$/i', $host)) { + $host = SSH2::getConnectionByResourceId($host); + if ($host === false) { + return false; + } + $this->sftp = $host; + } else { + if (isset($this->context)) { + $context = stream_context_get_options($this->context); + } + if (isset($context[$scheme]['session'])) { + $sftp = $context[$scheme]['session']; + } + if (isset($context[$scheme]['sftp'])) { + $sftp = $context[$scheme]['sftp']; + } + if (isset($sftp) && $sftp instanceof SFTP) { + $this->sftp = $sftp; + return $path; + } + if (isset($context[$scheme]['username'])) { + $user = $context[$scheme]['username']; + } + if (isset($context[$scheme]['password'])) { + $pass = $context[$scheme]['password']; + } + if (isset($context[$scheme]['privkey']) && $context[$scheme]['privkey'] instanceof RSA) { + $pass = $context[$scheme]['privkey']; + } + + if (!isset($user) || !isset($pass)) { + return false; + } + + // casting $pass to a string is necessary in the event that it's a \phpseclib\Crypt\RSA object + if (isset(self::$instances[$host][$port][$user][(string) $pass])) { + $this->sftp = self::$instances[$host][$port][$user][(string) $pass]; + } else { + $this->sftp = new SFTP($host, $port); + $this->sftp->disableStatCache(); + if (isset($this->notification) && is_callable($this->notification)) { + /* if !is_callable($this->notification) we could do this: + + user_error('fopen(): failed to call user notifier', E_USER_WARNING); + + the ftp wrapper gives errors like that when the notifier isn't callable. + i've opted not to do that, however, since the ftp wrapper gives the line + on which the fopen occurred as the line number - not the line that the + user_error is on. + */ + call_user_func($this->notification, STREAM_NOTIFY_CONNECT, STREAM_NOTIFY_SEVERITY_INFO, '', 0, 0, 0); + call_user_func($this->notification, STREAM_NOTIFY_AUTH_REQUIRED, STREAM_NOTIFY_SEVERITY_INFO, '', 0, 0, 0); + if (!$this->sftp->login($user, $pass)) { + call_user_func($this->notification, STREAM_NOTIFY_AUTH_RESULT, STREAM_NOTIFY_SEVERITY_ERR, 'Login Failure', NET_SSH2_MSG_USERAUTH_FAILURE, 0, 0); + return false; + } + call_user_func($this->notification, STREAM_NOTIFY_AUTH_RESULT, STREAM_NOTIFY_SEVERITY_INFO, 'Login Success', NET_SSH2_MSG_USERAUTH_SUCCESS, 0, 0); + } else { + if (!$this->sftp->login($user, $pass)) { + return false; + } + } + self::$instances[$host][$port][$user][(string) $pass] = $this->sftp; + } + } + + return $path; + } + + /** + * Opens file or URL + * + * @param string $path + * @param string $mode + * @param int $options + * @param string $opened_path + * @return bool + * @access public + */ + function _stream_open($path, $mode, $options, &$opened_path) + { + $path = $this->_parse_path($path); + + if ($path === false) { + return false; + } + $this->path = $path; + + $this->size = $this->sftp->size($path); + $this->mode = preg_replace('#[bt]$#', '', $mode); + $this->eof = false; + + if ($this->size === false) { + if ($this->mode[0] == 'r') { + return false; + } else { + $this->sftp->touch($path); + $this->size = 0; + } + } else { + switch ($this->mode[0]) { + case 'x': + return false; + case 'w': + $this->sftp->truncate($path, 0); + $this->size = 0; + } + } + + $this->pos = $this->mode[0] != 'a' ? 0 : $this->size; + + return true; + } + + /** + * Read from stream + * + * @param int $count + * @return mixed + * @access public + */ + function _stream_read($count) + { + switch ($this->mode) { + case 'w': + case 'a': + case 'x': + case 'c': + return false; + } + + // commented out because some files - eg. /dev/urandom - will say their size is 0 when in fact it's kinda infinite + //if ($this->pos >= $this->size) { + // $this->eof = true; + // return false; + //} + + $result = $this->sftp->get($this->path, false, $this->pos, $count); + if (isset($this->notification) && is_callable($this->notification)) { + if ($result === false) { + call_user_func($this->notification, STREAM_NOTIFY_FAILURE, STREAM_NOTIFY_SEVERITY_ERR, $this->sftp->getLastSFTPError(), NET_SFTP_OPEN, 0, 0); + return 0; + } + // seems that PHP calls stream_read in 8k chunks + call_user_func($this->notification, STREAM_NOTIFY_PROGRESS, STREAM_NOTIFY_SEVERITY_INFO, '', 0, strlen($result), $this->size); + } + + if (empty($result)) { // ie. false or empty string + $this->eof = true; + return false; + } + $this->pos+= strlen($result); + + return $result; + } + + /** + * Write to stream + * + * @param string $data + * @return mixed + * @access public + */ + function _stream_write($data) + { + switch ($this->mode) { + case 'r': + return false; + } + + $result = $this->sftp->put($this->path, $data, SFTP::SOURCE_STRING, $this->pos); + if (isset($this->notification) && is_callable($this->notification)) { + if (!$result) { + call_user_func($this->notification, STREAM_NOTIFY_FAILURE, STREAM_NOTIFY_SEVERITY_ERR, $this->sftp->getLastSFTPError(), NET_SFTP_OPEN, 0, 0); + return 0; + } + // seems that PHP splits up strings into 8k blocks before calling stream_write + call_user_func($this->notification, STREAM_NOTIFY_PROGRESS, STREAM_NOTIFY_SEVERITY_INFO, '', 0, strlen($data), strlen($data)); + } + + if ($result === false) { + return false; + } + $this->pos+= strlen($data); + if ($this->pos > $this->size) { + $this->size = $this->pos; + } + $this->eof = false; + return strlen($data); + } + + /** + * Retrieve the current position of a stream + * + * @return int + * @access public + */ + function _stream_tell() + { + return $this->pos; + } + + /** + * Tests for end-of-file on a file pointer + * + * In my testing there are four classes functions that normally effect the pointer: + * fseek, fputs / fwrite, fgets / fread and ftruncate. + * + * Only fgets / fread, however, results in feof() returning true. do fputs($fp, 'aaa') on a blank file and feof() + * will return false. do fread($fp, 1) and feof() will then return true. do fseek($fp, 10) on ablank file and feof() + * will return false. do fread($fp, 1) and feof() will then return true. + * + * @return bool + * @access public + */ + function _stream_eof() + { + return $this->eof; + } + + /** + * Seeks to specific location in a stream + * + * @param int $offset + * @param int $whence + * @return bool + * @access public + */ + function _stream_seek($offset, $whence) + { + switch ($whence) { + case SEEK_SET: + if ($offset >= $this->size || $offset < 0) { + return false; + } + break; + case SEEK_CUR: + $offset+= $this->pos; + break; + case SEEK_END: + $offset+= $this->size; + } + + $this->pos = $offset; + $this->eof = false; + return true; + } + + /** + * Change stream options + * + * @param string $path + * @param int $option + * @param mixed $var + * @return bool + * @access public + */ + function _stream_metadata($path, $option, $var) + { + $path = $this->_parse_path($path); + if ($path === false) { + return false; + } + + // stream_metadata was introduced in PHP 5.4.0 but as of 5.4.11 the constants haven't been defined + // see http://www.php.net/streamwrapper.stream-metadata and https://bugs.php.net/64246 + // and https://github.com/php/php-src/blob/master/main/php_streams.h#L592 + switch ($option) { + case 1: // PHP_STREAM_META_TOUCH + return $this->sftp->touch($path, $var[0], $var[1]); + case 2: // PHP_STREAM_OWNER_NAME + case 3: // PHP_STREAM_GROUP_NAME + return false; + case 4: // PHP_STREAM_META_OWNER + return $this->sftp->chown($path, $var); + case 5: // PHP_STREAM_META_GROUP + return $this->sftp->chgrp($path, $var); + case 6: // PHP_STREAM_META_ACCESS + return $this->sftp->chmod($path, $var) !== false; + } + } + + /** + * Retrieve the underlaying resource + * + * @param int $cast_as + * @return resource + * @access public + */ + function _stream_cast($cast_as) + { + return $this->sftp->fsock; + } + + /** + * Advisory file locking + * + * @param int $operation + * @return bool + * @access public + */ + function _stream_lock($operation) + { + return false; + } + + /** + * Renames a file or directory + * + * Attempts to rename oldname to newname, moving it between directories if necessary. + * If newname exists, it will be overwritten. This is a departure from what \phpseclib\Net\SFTP + * does. + * + * @param string $path_from + * @param string $path_to + * @return bool + * @access public + */ + function _rename($path_from, $path_to) + { + $path1 = parse_url($path_from); + $path2 = parse_url($path_to); + unset($path1['path'], $path2['path']); + if ($path1 != $path2) { + return false; + } + + $path_from = $this->_parse_path($path_from); + $path_to = parse_url($path_to); + if ($path_from === false) { + return false; + } + + $path_to = $path_to['path']; // the $component part of parse_url() was added in PHP 5.1.2 + // "It is an error if there already exists a file with the name specified by newpath." + // -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-02#section-6.5 + if (!$this->sftp->rename($path_from, $path_to)) { + if ($this->sftp->stat($path_to)) { + return $this->sftp->delete($path_to, true) && $this->sftp->rename($path_from, $path_to); + } + return false; + } + + return true; + } + + /** + * Open directory handle + * + * The only $options is "whether or not to enforce safe_mode (0x04)". Since safe mode was deprecated in 5.3 and + * removed in 5.4 I'm just going to ignore it. + * + * Also, nlist() is the best that this function is realistically going to be able to do. When an SFTP client + * sends a SSH_FXP_READDIR packet you don't generally get info on just one file but on multiple files. Quoting + * the SFTP specs: + * + * The SSH_FXP_NAME response has the following format: + * + * uint32 id + * uint32 count + * repeats count times: + * string filename + * string longname + * ATTRS attrs + * + * @param string $path + * @param int $options + * @return bool + * @access public + */ + function _dir_opendir($path, $options) + { + $path = $this->_parse_path($path); + if ($path === false) { + return false; + } + $this->pos = 0; + $this->entries = $this->sftp->nlist($path); + return $this->entries !== false; + } + + /** + * Read entry from directory handle + * + * @return mixed + * @access public + */ + function _dir_readdir() + { + if (isset($this->entries[$this->pos])) { + return $this->entries[$this->pos++]; + } + return false; + } + + /** + * Rewind directory handle + * + * @return bool + * @access public + */ + function _dir_rewinddir() + { + $this->pos = 0; + return true; + } + + /** + * Close directory handle + * + * @return bool + * @access public + */ + function _dir_closedir() + { + return true; + } + + /** + * Create a directory + * + * Only valid $options is STREAM_MKDIR_RECURSIVE + * + * @param string $path + * @param int $mode + * @param int $options + * @return bool + * @access public + */ + function _mkdir($path, $mode, $options) + { + $path = $this->_parse_path($path); + if ($path === false) { + return false; + } + + return $this->sftp->mkdir($path, $mode, $options & STREAM_MKDIR_RECURSIVE); + } + + /** + * Removes a directory + * + * Only valid $options is STREAM_MKDIR_RECURSIVE per , however, + * does not have a $recursive parameter as mkdir() does so I don't know how + * STREAM_MKDIR_RECURSIVE is supposed to be set. Also, when I try it out with rmdir() I get 8 as + * $options. What does 8 correspond to? + * + * @param string $path + * @param int $mode + * @param int $options + * @return bool + * @access public + */ + function _rmdir($path, $options) + { + $path = $this->_parse_path($path); + if ($path === false) { + return false; + } + + return $this->sftp->rmdir($path); + } + + /** + * Flushes the output + * + * See . Always returns true because \phpseclib\Net\SFTP doesn't cache stuff before writing + * + * @return bool + * @access public + */ + function _stream_flush() + { + return true; + } + + /** + * Retrieve information about a file resource + * + * @return mixed + * @access public + */ + function _stream_stat() + { + $results = $this->sftp->stat($this->path); + if ($results === false) { + return false; + } + return $results; + } + + /** + * Delete a file + * + * @param string $path + * @return bool + * @access public + */ + function _unlink($path) + { + $path = $this->_parse_path($path); + if ($path === false) { + return false; + } + + return $this->sftp->delete($path, false); + } + + /** + * Retrieve information about a file + * + * Ignores the STREAM_URL_STAT_QUIET flag because the entirety of \phpseclib\Net\SFTP\Stream is quiet by default + * might be worthwhile to reconstruct bits 12-16 (ie. the file type) if mode doesn't have them but we'll + * cross that bridge when and if it's reached + * + * @param string $path + * @param int $flags + * @return mixed + * @access public + */ + function _url_stat($path, $flags) + { + $path = $this->_parse_path($path); + if ($path === false) { + return false; + } + + $results = $flags & STREAM_URL_STAT_LINK ? $this->sftp->lstat($path) : $this->sftp->stat($path); + if ($results === false) { + return false; + } + + return $results; + } + + /** + * Truncate stream + * + * @param int $new_size + * @return bool + * @access public + */ + function _stream_truncate($new_size) + { + if (!$this->sftp->truncate($this->path, $new_size)) { + return false; + } + + $this->eof = false; + $this->size = $new_size; + + return true; + } + + /** + * Change stream options + * + * STREAM_OPTION_WRITE_BUFFER isn't supported for the same reason stream_flush isn't. + * The other two aren't supported because of limitations in \phpseclib\Net\SFTP. + * + * @param int $option + * @param int $arg1 + * @param int $arg2 + * @return bool + * @access public + */ + function _stream_set_option($option, $arg1, $arg2) + { + return false; + } + + /** + * Close an resource + * + * @access public + */ + function _stream_close() + { + } + + /** + * __call Magic Method + * + * When you're utilizing an SFTP stream you're not calling the methods in this class directly - PHP is calling them for you. + * Which kinda begs the question... what methods is PHP calling and what parameters is it passing to them? This function + * lets you figure that out. + * + * If NET_SFTP_STREAM_LOGGING is defined all calls will be output on the screen and then (regardless of whether or not + * NET_SFTP_STREAM_LOGGING is enabled) the parameters will be passed through to the appropriate method. + * + * @param string + * @param array + * @return mixed + * @access public + */ + function __call($name, $arguments) + { + if (defined('NET_SFTP_STREAM_LOGGING')) { + echo $name . '('; + $last = count($arguments) - 1; + foreach ($arguments as $i => $argument) { + var_export($argument); + if ($i != $last) { + echo ','; + } + } + echo ")\r\n"; + } + $name = '_' . $name; + if (!method_exists($this, $name)) { + return false; + } + return call_user_func_array(array($this, $name), $arguments); + } +} diff --git a/plugins/OStatus/extlib/phpseclib/Net/SSH1.php b/plugins/OStatus/extlib/phpseclib/Net/SSH1.php new file mode 100644 index 0000000000..2ed4a002a0 --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/Net/SSH1.php @@ -0,0 +1,1607 @@ + + * login('username', 'password')) { + * exit('Login Failed'); + * } + * + * echo $ssh->exec('ls -la'); + * ?> + * + * + * Here's another short example: + * + * login('username', 'password')) { + * exit('Login Failed'); + * } + * + * echo $ssh->read('username@username:~$'); + * $ssh->write("ls -la\n"); + * echo $ssh->read('username@username:~$'); + * ?> + * + * + * More information on the SSHv1 specification can be found by reading + * {@link http://www.snailbook.com/docs/protocol-1.5.txt protocol-1.5.txt}. + * + * @category Net + * @package SSH1 + * @author Jim Wigginton + * @copyright 2007 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\Net; + +use ParagonIE\ConstantTime\Hex; +use phpseclib\Crypt\DES; +use phpseclib\Crypt\Random; +use phpseclib\Crypt\TripleDES; +use phpseclib\Math\BigInteger; + +/** + * Pure-PHP implementation of SSHv1. + * + * @package SSH1 + * @author Jim Wigginton + * @access public + */ +class SSH1 +{ + /**#@+ + * Encryption Methods + * + * @see \phpseclib\Net\SSH1::getSupportedCiphers() + * @access public + */ + /** + * No encryption + * + * Not supported. + */ + const CIPHER_NONE = 0; + /** + * IDEA in CFB mode + * + * Not supported. + */ + const CIPHER_IDEA = 1; + /** + * DES in CBC mode + */ + const CIPHER_DES = 2; + /** + * Triple-DES in CBC mode + * + * All implementations are required to support this + */ + const CIPHER_3DES = 3; + /** + * TRI's Simple Stream encryption CBC + * + * Not supported nor is it defined in the official SSH1 specs. OpenSSH, however, does define it (see cipher.h), + * although it doesn't use it (see cipher.c) + */ + const CIPHER_BROKEN_TSS = 4; + /** + * RC4 + * + * Not supported. + * + * @internal According to the SSH1 specs: + * + * "The first 16 bytes of the session key are used as the key for + * the server to client direction. The remaining 16 bytes are used + * as the key for the client to server direction. This gives + * independent 128-bit keys for each direction." + * + * This library currently only supports encryption when the same key is being used for both directions. This is + * because there's only one $crypto object. Two could be added ($encrypt and $decrypt, perhaps). + */ + const CIPHER_RC4 = 5; + /** + * Blowfish + * + * Not supported nor is it defined in the official SSH1 specs. OpenSSH, however, defines it (see cipher.h) and + * uses it (see cipher.c) + */ + const CIPHER_BLOWFISH = 6; + /**#@-*/ + + /**#@+ + * Authentication Methods + * + * @see \phpseclib\Net\SSH1::getSupportedAuthentications() + * @access public + */ + /** + * .rhosts or /etc/hosts.equiv + */ + const AUTH_RHOSTS = 1; + /** + * pure RSA authentication + */ + const AUTH_RSA = 2; + /** + * password authentication + * + * This is the only method that is supported by this library. + */ + const AUTH_PASSWORD = 3; + /** + * .rhosts with RSA host authentication + */ + const AUTH_RHOSTS_RSA = 4; + /**#@-*/ + + /**#@+ + * Terminal Modes + * + * @link http://3sp.com/content/developer/maverick-net/docs/Maverick.SSH.PseudoTerminalModesMembers.html + * @access private + */ + const TTY_OP_END = 0; + /**#@-*/ + + /** + * The Response Type + * + * @see \phpseclib\Net\SSH1::_get_binary_packet() + * @access private + */ + const RESPONSE_TYPE = 1; + + /** + * The Response Data + * + * @see \phpseclib\Net\SSH1::_get_binary_packet() + * @access private + */ + const RESPONSE_DATA = 2; + + /**#@+ + * Execution Bitmap Masks + * + * @see \phpseclib\Net\SSH1::bitmap + * @access private + */ + const MASK_CONSTRUCTOR = 0x00000001; + const MASK_CONNECTED = 0x00000002; + const MASK_LOGIN = 0x00000004; + const MASK_SHELL = 0x00000008; + /**#@-*/ + + /**#@+ + * @access public + * @see \phpseclib\Net\SSH1::getLog() + */ + /** + * Returns the message numbers + */ + const LOG_SIMPLE = 1; + /** + * Returns the message content + */ + const LOG_COMPLEX = 2; + /** + * Outputs the content real-time + */ + const LOG_REALTIME = 3; + /** + * Dumps the content real-time to a file + */ + const LOG_REALTIME_FILE = 4; + /**#@-*/ + + /**#@+ + * @access public + * @see \phpseclib\Net\SSH1::read() + */ + /** + * Returns when a string matching $expect exactly is found + */ + const READ_SIMPLE = 1; + /** + * Returns when a string matching the regular expression $expect is found + */ + const READ_REGEX = 2; + /**#@-*/ + + /** + * The SSH identifier + * + * @var string + * @access private + */ + var $identifier = 'SSH-1.5-phpseclib'; + + /** + * The Socket Object + * + * @var object + * @access private + */ + var $fsock; + + /** + * The cryptography object + * + * @var object + * @access private + */ + var $crypto = false; + + /** + * Execution Bitmap + * + * The bits that are set represent functions that have been called already. This is used to determine + * if a requisite function has been successfully executed. If not, an error should be thrown. + * + * @var int + * @access private + */ + var $bitmap = 0; + + /** + * The Server Key Public Exponent + * + * Logged for debug purposes + * + * @see self::getServerKeyPublicExponent() + * @var string + * @access private + */ + var $server_key_public_exponent; + + /** + * The Server Key Public Modulus + * + * Logged for debug purposes + * + * @see self::getServerKeyPublicModulus() + * @var string + * @access private + */ + var $server_key_public_modulus; + + /** + * The Host Key Public Exponent + * + * Logged for debug purposes + * + * @see self::getHostKeyPublicExponent() + * @var string + * @access private + */ + var $host_key_public_exponent; + + /** + * The Host Key Public Modulus + * + * Logged for debug purposes + * + * @see self::getHostKeyPublicModulus() + * @var string + * @access private + */ + var $host_key_public_modulus; + + /** + * Supported Ciphers + * + * Logged for debug purposes + * + * @see self::getSupportedCiphers() + * @var array + * @access private + */ + var $supported_ciphers = array( + self::CIPHER_NONE => 'No encryption', + self::CIPHER_IDEA => 'IDEA in CFB mode', + self::CIPHER_DES => 'DES in CBC mode', + self::CIPHER_3DES => 'Triple-DES in CBC mode', + self::CIPHER_BROKEN_TSS => 'TRI\'s Simple Stream encryption CBC', + self::CIPHER_RC4 => 'RC4', + self::CIPHER_BLOWFISH => 'Blowfish' + ); + + /** + * Supported Authentications + * + * Logged for debug purposes + * + * @see self::getSupportedAuthentications() + * @var array + * @access private + */ + var $supported_authentications = array( + self::AUTH_RHOSTS => '.rhosts or /etc/hosts.equiv', + self::AUTH_RSA => 'pure RSA authentication', + self::AUTH_PASSWORD => 'password authentication', + self::AUTH_RHOSTS_RSA => '.rhosts with RSA host authentication' + ); + + /** + * Server Identification + * + * @see self::getServerIdentification() + * @var string + * @access private + */ + var $server_identification = ''; + + /** + * Protocol Flags + * + * @see self::__construct() + * @var array + * @access private + */ + var $protocol_flags = array(); + + /** + * Protocol Flag Log + * + * @see self::getLog() + * @var array + * @access private + */ + var $protocol_flag_log = array(); + + /** + * Message Log + * + * @see self::getLog() + * @var array + * @access private + */ + var $message_log = array(); + + /** + * Real-time log file pointer + * + * @see self::_append_log() + * @var resource + * @access private + */ + var $realtime_log_file; + + /** + * Real-time log file size + * + * @see self::_append_log() + * @var int + * @access private + */ + var $realtime_log_size; + + /** + * Real-time log file wrap boolean + * + * @see self::_append_log() + * @var bool + * @access private + */ + var $realtime_log_wrap; + + /** + * Interactive Buffer + * + * @see self::read() + * @var array + * @access private + */ + var $interactiveBuffer = ''; + + /** + * Timeout + * + * @see self::setTimeout() + * @access private + */ + var $timeout; + + /** + * Current Timeout + * + * @see self::_get_channel_packet() + * @access private + */ + var $curTimeout; + + /** + * Log Boundary + * + * @see self::_format_log() + * @access private + */ + var $log_boundary = ':'; + + /** + * Log Long Width + * + * @see self::_format_log() + * @access private + */ + var $log_long_width = 65; + + /** + * Log Short Width + * + * @see self::_format_log() + * @access private + */ + var $log_short_width = 16; + + /** + * Hostname + * + * @see self::__construct() + * @see self::_connect() + * @var string + * @access private + */ + var $host; + + /** + * Port Number + * + * @see self::__construct() + * @see self::_connect() + * @var int + * @access private + */ + var $port; + + /** + * Timeout for initial connection + * + * Set by the constructor call. Calling setTimeout() is optional. If it's not called functions like + * exec() won't timeout unless some PHP setting forces it too. The timeout specified in the constructor, + * however, is non-optional. There will be a timeout, whether or not you set it. If you don't it'll be + * 10 seconds. It is used by fsockopen() in that function. + * + * @see self::__construct() + * @see self::_connect() + * @var int + * @access private + */ + var $connectionTimeout; + + /** + * Default cipher + * + * @see self::__construct() + * @see self::_connect() + * @var int + * @access private + */ + var $cipher; + + /** + * Default Constructor. + * + * Connects to an SSHv1 server + * + * @param string $host + * @param int $port + * @param int $timeout + * @param int $cipher + * @return \phpseclib\Net\SSH1 + * @access public + */ + function __construct($host, $port = 22, $timeout = 10, $cipher = self::CIPHER_3DES) + { + $this->protocol_flags = array( + 1 => 'NET_SSH1_MSG_DISCONNECT', + 2 => 'NET_SSH1_SMSG_PUBLIC_KEY', + 3 => 'NET_SSH1_CMSG_SESSION_KEY', + 4 => 'NET_SSH1_CMSG_USER', + 9 => 'NET_SSH1_CMSG_AUTH_PASSWORD', + 10 => 'NET_SSH1_CMSG_REQUEST_PTY', + 12 => 'NET_SSH1_CMSG_EXEC_SHELL', + 13 => 'NET_SSH1_CMSG_EXEC_CMD', + 14 => 'NET_SSH1_SMSG_SUCCESS', + 15 => 'NET_SSH1_SMSG_FAILURE', + 16 => 'NET_SSH1_CMSG_STDIN_DATA', + 17 => 'NET_SSH1_SMSG_STDOUT_DATA', + 18 => 'NET_SSH1_SMSG_STDERR_DATA', + 19 => 'NET_SSH1_CMSG_EOF', + 20 => 'NET_SSH1_SMSG_EXITSTATUS', + 33 => 'NET_SSH1_CMSG_EXIT_CONFIRMATION' + ); + + $this->_define_array($this->protocol_flags); + + $this->host = $host; + $this->port = $port; + $this->connectionTimeout = $timeout; + $this->cipher = $cipher; + } + + /** + * Connect to an SSHv1 server + * + * @return bool + * @throws \UnexpectedValueException on receipt of unexpected packets + * @throws \RuntimeException on other errors + * @access private + */ + function _connect() + { + $this->fsock = @fsockopen($this->host, $this->port, $errno, $errstr, $this->connectionTimeout); + if (!$this->fsock) { + throw new \RuntimeException(rtrim("Cannot connect to $host. Error $errno. $errstr")); + } + + $this->server_identification = $init_line = fgets($this->fsock, 255); + + if (defined('NET_SSH1_LOGGING')) { + $this->_append_log('<-', $this->server_identification); + $this->_append_log('->', $this->identifier . "\r\n"); + } + + if (!preg_match('#SSH-([0-9\.]+)-(.+)#', $init_line, $parts)) { + throw new \RuntimeException('Can only connect to SSH servers'); + } + if ($parts[1][0] != 1) { + throw new \RuntimeException("Cannot connect to $parts[1] servers"); + } + + fputs($this->fsock, $this->identifier."\r\n"); + + $response = $this->_get_binary_packet(); + if ($response[self::RESPONSE_TYPE] != NET_SSH1_SMSG_PUBLIC_KEY) { + throw new \UnexpectedValueException('Expected SSH_SMSG_PUBLIC_KEY'); + } + + $anti_spoofing_cookie = $this->_string_shift($response[self::RESPONSE_DATA], 8); + + $this->_string_shift($response[self::RESPONSE_DATA], 4); + + $temp = unpack('nlen', $this->_string_shift($response[self::RESPONSE_DATA], 2)); + $server_key_public_exponent = new BigInteger($this->_string_shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256); + $this->server_key_public_exponent = $server_key_public_exponent; + + $temp = unpack('nlen', $this->_string_shift($response[self::RESPONSE_DATA], 2)); + $server_key_public_modulus = new BigInteger($this->_string_shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256); + $this->server_key_public_modulus = $server_key_public_modulus; + + $this->_string_shift($response[self::RESPONSE_DATA], 4); + + $temp = unpack('nlen', $this->_string_shift($response[self::RESPONSE_DATA], 2)); + $host_key_public_exponent = new BigInteger($this->_string_shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256); + $this->host_key_public_exponent = $host_key_public_exponent; + + $temp = unpack('nlen', $this->_string_shift($response[self::RESPONSE_DATA], 2)); + $host_key_public_modulus = new BigInteger($this->_string_shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256); + $this->host_key_public_modulus = $host_key_public_modulus; + + $this->_string_shift($response[self::RESPONSE_DATA], 4); + + // get a list of the supported ciphers + extract(unpack('Nsupported_ciphers_mask', $this->_string_shift($response[self::RESPONSE_DATA], 4))); + foreach ($this->supported_ciphers as $mask => $name) { + if (($supported_ciphers_mask & (1 << $mask)) == 0) { + unset($this->supported_ciphers[$mask]); + } + } + + // get a list of the supported authentications + extract(unpack('Nsupported_authentications_mask', $this->_string_shift($response[self::RESPONSE_DATA], 4))); + foreach ($this->supported_authentications as $mask => $name) { + if (($supported_authentications_mask & (1 << $mask)) == 0) { + unset($this->supported_authentications[$mask]); + } + } + + $session_id = md5($host_key_public_modulus->toBytes() . $server_key_public_modulus->toBytes() . $anti_spoofing_cookie, true); + + $session_key = Random::string(32); + $double_encrypted_session_key = $session_key ^ str_pad($session_id, 32, chr(0)); + + if ($server_key_public_modulus->compare($host_key_public_modulus) < 0) { + $double_encrypted_session_key = $this->_rsa_crypt( + $double_encrypted_session_key, + array( + $server_key_public_exponent, + $server_key_public_modulus + ) + ); + $double_encrypted_session_key = $this->_rsa_crypt( + $double_encrypted_session_key, + array( + $host_key_public_exponent, + $host_key_public_modulus + ) + ); + } else { + $double_encrypted_session_key = $this->_rsa_crypt( + $double_encrypted_session_key, + array( + $host_key_public_exponent, + $host_key_public_modulus + ) + ); + $double_encrypted_session_key = $this->_rsa_crypt( + $double_encrypted_session_key, + array( + $server_key_public_exponent, + $server_key_public_modulus + ) + ); + } + + $cipher = isset($this->supported_ciphers[$this->cipher]) ? $this->cipher : self::CIPHER_3DES; + $data = pack('C2a*na*N', NET_SSH1_CMSG_SESSION_KEY, $cipher, $anti_spoofing_cookie, 8 * strlen($double_encrypted_session_key), $double_encrypted_session_key, 0); + + if (!$this->_send_binary_packet($data)) { + throw new \RuntimeException('Error sending SSH_CMSG_SESSION_KEY'); + } + + switch ($cipher) { + //case self::CIPHER_NONE: + // $this->crypto = new \phpseclib\Crypt\Null(); + // break; + case self::CIPHER_DES: + $this->crypto = new DES(DES::MODE_CBC); + $this->crypto->disablePadding(); + $this->crypto->enableContinuousBuffer(); + $this->crypto->setKey(substr($session_key, 0, 8)); + // "The iv (initialization vector) is initialized to all zeroes." + $this->crypto->setIV(str_repeat("\0", 8)); + break; + case self::CIPHER_3DES: + $this->crypto = new TripleDES(TripleDES::MODE_3CBC); + $this->crypto->disablePadding(); + $this->crypto->enableContinuousBuffer(); + $this->crypto->setKey(substr($session_key, 0, 24)); + // "All three initialization vectors are initialized to zero." + $this->crypto->setIV(str_repeat("\0", 8)); + break; + //case self::CIPHER_RC4: + // $this->crypto = new RC4(); + // $this->crypto->enableContinuousBuffer(); + // $this->crypto->setKey(substr($session_key, 0, 16)); + // break; + } + + $response = $this->_get_binary_packet(); + + if ($response[self::RESPONSE_TYPE] != NET_SSH1_SMSG_SUCCESS) { + throw new \UnexpectedValueException('Expected SSH_SMSG_SUCCESS'); + } + + $this->bitmap = self::MASK_CONNECTED; + + return true; + } + + /** + * Login + * + * @param string $username + * @param string $password + * @return bool + * @throws \UnexpectedValueException on receipt of unexpected packets + * @throws \RuntimeException on other errors + * @access public + */ + function login($username, $password = '') + { + if (!($this->bitmap & self::MASK_CONSTRUCTOR)) { + $this->bitmap |= self::MASK_CONSTRUCTOR; + if (!$this->_connect()) { + return false; + } + } + + if (!($this->bitmap & self::MASK_CONNECTED)) { + return false; + } + + $data = pack('CNa*', NET_SSH1_CMSG_USER, strlen($username), $username); + + if (!$this->_send_binary_packet($data)) { + throw new \RuntimeException('Error sending SSH_CMSG_USER'); + } + + $response = $this->_get_binary_packet(); + + if ($response === true) { + return false; + } + if ($response[self::RESPONSE_TYPE] == NET_SSH1_SMSG_SUCCESS) { + $this->bitmap |= self::MASK_LOGIN; + return true; + } elseif ($response[self::RESPONSE_TYPE] != NET_SSH1_SMSG_FAILURE) { + throw new \UnexpectedValueException('Expected SSH_SMSG_SUCCESS or SSH_SMSG_FAILURE'); + } + + $data = pack('CNa*', NET_SSH1_CMSG_AUTH_PASSWORD, strlen($password), $password); + + if (!$this->_send_binary_packet($data)) { + throw new \RuntimeException('Error sending SSH_CMSG_AUTH_PASSWORD'); + } + + // remove the username and password from the last logged packet + if (defined('NET_SSH1_LOGGING') && NET_SSH1_LOGGING == self::LOG_COMPLEX) { + $data = pack('CNa*', NET_SSH1_CMSG_AUTH_PASSWORD, strlen('password'), 'password'); + $this->message_log[count($this->message_log) - 1] = $data; + } + + $response = $this->_get_binary_packet(); + + if ($response === true) { + return false; + } + if ($response[self::RESPONSE_TYPE] == NET_SSH1_SMSG_SUCCESS) { + $this->bitmap |= self::MASK_LOGIN; + return true; + } elseif ($response[self::RESPONSE_TYPE] == NET_SSH1_SMSG_FAILURE) { + return false; + } else { + throw new \UnexpectedValueException('Expected SSH_SMSG_SUCCESS or SSH_SMSG_FAILURE'); + } + } + + /** + * Set Timeout + * + * $ssh->exec('ping 127.0.0.1'); on a Linux host will never return and will run indefinitely. setTimeout() makes it so it'll timeout. + * Setting $timeout to false or 0 will mean there is no timeout. + * + * @param mixed $timeout + */ + function setTimeout($timeout) + { + $this->timeout = $this->curTimeout = $timeout; + } + + /** + * Executes a command on a non-interactive shell, returns the output, and quits. + * + * An SSH1 server will close the connection after a command has been executed on a non-interactive shell. SSH2 + * servers don't, however, this isn't an SSH2 client. The way this works, on the server, is by initiating a + * shell with the -s option, as discussed in the following links: + * + * {@link http://www.faqs.org/docs/bashman/bashref_65.html http://www.faqs.org/docs/bashman/bashref_65.html} + * {@link http://www.faqs.org/docs/bashman/bashref_62.html http://www.faqs.org/docs/bashman/bashref_62.html} + * + * To execute further commands, a new \phpseclib\Net\SSH1 object will need to be created. + * + * Returns false on failure and the output, otherwise. + * + * @see self::interactiveRead() + * @see self::interactiveWrite() + * @param string $cmd + * @return mixed + * @throws \RuntimeException on error sending command + * @access public + */ + function exec($cmd, $block = true) + { + if (!($this->bitmap & self::MASK_LOGIN)) { + throw new \RuntimeException('Operation disallowed prior to login()'); + } + + $data = pack('CNa*', NET_SSH1_CMSG_EXEC_CMD, strlen($cmd), $cmd); + + if (!$this->_send_binary_packet($data)) { + throw new \RuntimeException('Error sending SSH_CMSG_EXEC_CMD'); + } + + if (!$block) { + return true; + } + + $output = ''; + $response = $this->_get_binary_packet(); + + if ($response !== false) { + do { + $output.= substr($response[self::RESPONSE_DATA], 4); + $response = $this->_get_binary_packet(); + } while (is_array($response) && $response[self::RESPONSE_TYPE] != NET_SSH1_SMSG_EXITSTATUS); + } + + $data = pack('C', NET_SSH1_CMSG_EXIT_CONFIRMATION); + + // i don't think it's really all that important if this packet gets sent or not. + $this->_send_binary_packet($data); + + fclose($this->fsock); + + // reset the execution bitmap - a new \phpseclib\Net\SSH1 object needs to be created. + $this->bitmap = 0; + + return $output; + } + + /** + * Creates an interactive shell + * + * @see self::interactiveRead() + * @see self::interactiveWrite() + * @return bool + * @throws \UnexpectedValueException on receipt of unexpected packets + * @throws \RuntimeException on other errors + * @access private + */ + function _initShell() + { + // connect using the sample parameters in protocol-1.5.txt. + // according to wikipedia.org's entry on text terminals, "the fundamental type of application running on a text + // terminal is a command line interpreter or shell". thus, opening a terminal session to run the shell. + $data = pack('CNa*N4C', NET_SSH1_CMSG_REQUEST_PTY, strlen('vt100'), 'vt100', 24, 80, 0, 0, self::TTY_OP_END); + + if (!$this->_send_binary_packet($data)) { + throw new \RuntimeException('Error sending SSH_CMSG_REQUEST_PTY'); + } + + $response = $this->_get_binary_packet(); + + if ($response === true) { + return false; + } + if ($response[self::RESPONSE_TYPE] != NET_SSH1_SMSG_SUCCESS) { + throw new \UnexpectedValueException('Expected SSH_SMSG_SUCCESS'); + } + + $data = pack('C', NET_SSH1_CMSG_EXEC_SHELL); + + if (!$this->_send_binary_packet($data)) { + throw new \RuntimeException('Error sending SSH_CMSG_EXEC_SHELL'); + } + + $this->bitmap |= self::MASK_SHELL; + + //stream_set_blocking($this->fsock, 0); + + return true; + } + + /** + * Inputs a command into an interactive shell. + * + * @see self::interactiveWrite() + * @param string $cmd + * @return bool + * @access public + */ + function write($cmd) + { + return $this->interactiveWrite($cmd); + } + + /** + * Returns the output of an interactive shell when there's a match for $expect + * + * $expect can take the form of a string literal or, if $mode == self::READ__REGEX, + * a regular expression. + * + * @see self::write() + * @param string $expect + * @param int $mode + * @return bool + * @throws \RuntimeException on connection error + * @access public + */ + function read($expect, $mode = self::READ__SIMPLE) + { + if (!($this->bitmap & self::MASK_LOGIN)) { + throw new \RuntimeException('Operation disallowed prior to login()'); + } + + if (!($this->bitmap & self::MASK_SHELL) && !$this->_initShell()) { + throw new \RuntimeException('Unable to initiate an interactive shell session'); + } + + $match = $expect; + while (true) { + if ($mode == self::READ__REGEX) { + preg_match($expect, $this->interactiveBuffer, $matches); + $match = isset($matches[0]) ? $matches[0] : ''; + } + $pos = strlen($match) ? strpos($this->interactiveBuffer, $match) : false; + if ($pos !== false) { + return $this->_string_shift($this->interactiveBuffer, $pos + strlen($match)); + } + $response = $this->_get_binary_packet(); + + if ($response === true) { + return $this->_string_shift($this->interactiveBuffer, strlen($this->interactiveBuffer)); + } + $this->interactiveBuffer.= substr($response[self::RESPONSE_DATA], 4); + } + } + + /** + * Inputs a command into an interactive shell. + * + * @see self::interactiveRead() + * @param string $cmd + * @return bool + * @throws \RuntimeException on connection error + * @access public + */ + function interactiveWrite($cmd) + { + if (!($this->bitmap & self::MASK_LOGIN)) { + throw new \RuntimeException('Operation disallowed prior to login()'); + } + + if (!($this->bitmap & self::MASK_SHELL) && !$this->_initShell()) { + throw new \RuntimeException('Unable to initiate an interactive shell session'); + } + + $data = pack('CNa*', NET_SSH1_CMSG_STDIN_DATA, strlen($cmd), $cmd); + + if (!$this->_send_binary_packet($data)) { + throw new \RuntimeException('Error sending SSH_CMSG_STDIN'); + } + + return true; + } + + /** + * Returns the output of an interactive shell when no more output is available. + * + * Requires PHP 4.3.0 or later due to the use of the stream_select() function. If you see stuff like + * "^[[00m", you're seeing ANSI escape codes. According to + * {@link http://support.microsoft.com/kb/101875 How to Enable ANSI.SYS in a Command Window}, "Windows NT + * does not support ANSI escape sequences in Win32 Console applications", so if you're a Windows user, + * there's not going to be much recourse. + * + * @see self::interactiveRead() + * @return string + * @throws \RuntimeException on connection error + * @access public + */ + function interactiveRead() + { + if (!($this->bitmap & self::MASK_LOGIN)) { + throw new \RuntimeException('Operation disallowed prior to login()'); + } + + if (!($this->bitmap & self::MASK_SHELL) && !$this->_initShell()) { + throw new \RuntimeException('Unable to initiate an interactive shell session'); + } + + $read = array($this->fsock); + $write = $except = null; + if (stream_select($read, $write, $except, 0)) { + $response = $this->_get_binary_packet(); + return substr($response[self::RESPONSE_DATA], 4); + } else { + return ''; + } + } + + /** + * Disconnect + * + * @access public + */ + function disconnect() + { + $this->_disconnect(); + } + + /** + * Destructor. + * + * Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call + * disconnect(). + * + * @access public + */ + function __destruct() + { + $this->_disconnect(); + } + + /** + * Disconnect + * + * @param string $msg + * @access private + */ + function _disconnect($msg = 'Client Quit') + { + if ($this->bitmap) { + $data = pack('C', NET_SSH1_CMSG_EOF); + $this->_send_binary_packet($data); + /* + $response = $this->_get_binary_packet(); + if ($response === true) { + $response = array(self::RESPONSE_TYPE => -1); + } + switch ($response[self::RESPONSE_TYPE]) { + case NET_SSH1_SMSG_EXITSTATUS: + $data = pack('C', NET_SSH1_CMSG_EXIT_CONFIRMATION); + break; + default: + $data = pack('CNa*', NET_SSH1_MSG_DISCONNECT, strlen($msg), $msg); + } + */ + $data = pack('CNa*', NET_SSH1_MSG_DISCONNECT, strlen($msg), $msg); + + $this->_send_binary_packet($data); + fclose($this->fsock); + $this->bitmap = 0; + } + } + + /** + * Gets Binary Packets + * + * See 'The Binary Packet Protocol' of protocol-1.5.txt for more info. + * + * Also, this function could be improved upon by adding detection for the following exploit: + * http://www.securiteam.com/securitynews/5LP042K3FY.html + * + * @see self::_send_binary_packet() + * @return array + * @access private + */ + function _get_binary_packet() + { + if (feof($this->fsock)) { + //user_error('connection closed prematurely'); + return false; + } + + if ($this->curTimeout) { + $read = array($this->fsock); + $write = $except = null; + + $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 + $sec = floor($this->curTimeout); + $usec = 1000000 * ($this->curTimeout - $sec); + // on windows this returns a "Warning: Invalid CRT parameters detected" error + if (!@stream_select($read, $write, $except, $sec, $usec) && !count($read)) { + //$this->_disconnect('Timeout'); + return true; + } + $elapsed = strtok(microtime(), ' ') + strtok('') - $start; + $this->curTimeout-= $elapsed; + } + + $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 + $temp = unpack('Nlength', fread($this->fsock, 4)); + + $padding_length = 8 - ($temp['length'] & 7); + $length = $temp['length'] + $padding_length; + $raw = ''; + + while ($length > 0) { + $temp = fread($this->fsock, $length); + $raw.= $temp; + $length-= strlen($temp); + } + $stop = strtok(microtime(), ' ') + strtok(''); + + if (strlen($raw) && $this->crypto !== false) { + $raw = $this->crypto->decrypt($raw); + } + + $padding = substr($raw, 0, $padding_length); + $type = $raw[$padding_length]; + $data = substr($raw, $padding_length + 1, -4); + + $temp = unpack('Ncrc', substr($raw, -4)); + + //if ( $temp['crc'] != $this->_crc($padding . $type . $data) ) { + // user_error('Bad CRC in packet from server'); + // return false; + //} + + $type = ord($type); + + if (defined('NET_SSH1_LOGGING')) { + $temp = isset($this->protocol_flags[$type]) ? $this->protocol_flags[$type] : 'UNKNOWN'; + $temp = '<- ' . $temp . + ' (' . round($stop - $start, 4) . 's)'; + $this->_append_log($temp, $data); + } + + return array( + self::RESPONSE_TYPE => $type, + self::RESPONSE_DATA => $data + ); + } + + /** + * Sends Binary Packets + * + * Returns true on success, false on failure. + * + * @see self::_get_binary_packet() + * @param string $data + * @return bool + * @access private + */ + function _send_binary_packet($data) + { + if (feof($this->fsock)) { + //user_error('connection closed prematurely'); + return false; + } + + $length = strlen($data) + 4; + + $padding = Random::string(8 - ($length & 7)); + + $orig = $data; + $data = $padding . $data; + $data.= pack('N', $this->_crc($data)); + + if ($this->crypto !== false) { + $data = $this->crypto->encrypt($data); + } + + $packet = pack('Na*', $length, $data); + + $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 + $result = strlen($packet) == fputs($this->fsock, $packet); + $stop = strtok(microtime(), ' ') + strtok(''); + + if (defined('NET_SSH1_LOGGING')) { + $temp = isset($this->protocol_flags[ord($orig[0])]) ? $this->protocol_flags[ord($orig[0])] : 'UNKNOWN'; + $temp = '-> ' . $temp . + ' (' . round($stop - $start, 4) . 's)'; + $this->_append_log($temp, $orig); + } + + return $result; + } + + /** + * Cyclic Redundancy Check (CRC) + * + * PHP's crc32 function is implemented slightly differently than the one that SSH v1 uses, so + * we've reimplemented it. A more detailed discussion of the differences can be found after + * $crc_lookup_table's initialization. + * + * @see self::_get_binary_packet() + * @see self::_send_binary_packet() + * @param string $data + * @return int + * @access private + */ + function _crc($data) + { + static $crc_lookup_table = array( + 0x00000000, 0x77073096, 0xEE0E612C, 0x990951BA, + 0x076DC419, 0x706AF48F, 0xE963A535, 0x9E6495A3, + 0x0EDB8832, 0x79DCB8A4, 0xE0D5E91E, 0x97D2D988, + 0x09B64C2B, 0x7EB17CBD, 0xE7B82D07, 0x90BF1D91, + 0x1DB71064, 0x6AB020F2, 0xF3B97148, 0x84BE41DE, + 0x1ADAD47D, 0x6DDDE4EB, 0xF4D4B551, 0x83D385C7, + 0x136C9856, 0x646BA8C0, 0xFD62F97A, 0x8A65C9EC, + 0x14015C4F, 0x63066CD9, 0xFA0F3D63, 0x8D080DF5, + 0x3B6E20C8, 0x4C69105E, 0xD56041E4, 0xA2677172, + 0x3C03E4D1, 0x4B04D447, 0xD20D85FD, 0xA50AB56B, + 0x35B5A8FA, 0x42B2986C, 0xDBBBC9D6, 0xACBCF940, + 0x32D86CE3, 0x45DF5C75, 0xDCD60DCF, 0xABD13D59, + 0x26D930AC, 0x51DE003A, 0xC8D75180, 0xBFD06116, + 0x21B4F4B5, 0x56B3C423, 0xCFBA9599, 0xB8BDA50F, + 0x2802B89E, 0x5F058808, 0xC60CD9B2, 0xB10BE924, + 0x2F6F7C87, 0x58684C11, 0xC1611DAB, 0xB6662D3D, + 0x76DC4190, 0x01DB7106, 0x98D220BC, 0xEFD5102A, + 0x71B18589, 0x06B6B51F, 0x9FBFE4A5, 0xE8B8D433, + 0x7807C9A2, 0x0F00F934, 0x9609A88E, 0xE10E9818, + 0x7F6A0DBB, 0x086D3D2D, 0x91646C97, 0xE6635C01, + 0x6B6B51F4, 0x1C6C6162, 0x856530D8, 0xF262004E, + 0x6C0695ED, 0x1B01A57B, 0x8208F4C1, 0xF50FC457, + 0x65B0D9C6, 0x12B7E950, 0x8BBEB8EA, 0xFCB9887C, + 0x62DD1DDF, 0x15DA2D49, 0x8CD37CF3, 0xFBD44C65, + 0x4DB26158, 0x3AB551CE, 0xA3BC0074, 0xD4BB30E2, + 0x4ADFA541, 0x3DD895D7, 0xA4D1C46D, 0xD3D6F4FB, + 0x4369E96A, 0x346ED9FC, 0xAD678846, 0xDA60B8D0, + 0x44042D73, 0x33031DE5, 0xAA0A4C5F, 0xDD0D7CC9, + 0x5005713C, 0x270241AA, 0xBE0B1010, 0xC90C2086, + 0x5768B525, 0x206F85B3, 0xB966D409, 0xCE61E49F, + 0x5EDEF90E, 0x29D9C998, 0xB0D09822, 0xC7D7A8B4, + 0x59B33D17, 0x2EB40D81, 0xB7BD5C3B, 0xC0BA6CAD, + 0xEDB88320, 0x9ABFB3B6, 0x03B6E20C, 0x74B1D29A, + 0xEAD54739, 0x9DD277AF, 0x04DB2615, 0x73DC1683, + 0xE3630B12, 0x94643B84, 0x0D6D6A3E, 0x7A6A5AA8, + 0xE40ECF0B, 0x9309FF9D, 0x0A00AE27, 0x7D079EB1, + 0xF00F9344, 0x8708A3D2, 0x1E01F268, 0x6906C2FE, + 0xF762575D, 0x806567CB, 0x196C3671, 0x6E6B06E7, + 0xFED41B76, 0x89D32BE0, 0x10DA7A5A, 0x67DD4ACC, + 0xF9B9DF6F, 0x8EBEEFF9, 0x17B7BE43, 0x60B08ED5, + 0xD6D6A3E8, 0xA1D1937E, 0x38D8C2C4, 0x4FDFF252, + 0xD1BB67F1, 0xA6BC5767, 0x3FB506DD, 0x48B2364B, + 0xD80D2BDA, 0xAF0A1B4C, 0x36034AF6, 0x41047A60, + 0xDF60EFC3, 0xA867DF55, 0x316E8EEF, 0x4669BE79, + 0xCB61B38C, 0xBC66831A, 0x256FD2A0, 0x5268E236, + 0xCC0C7795, 0xBB0B4703, 0x220216B9, 0x5505262F, + 0xC5BA3BBE, 0xB2BD0B28, 0x2BB45A92, 0x5CB36A04, + 0xC2D7FFA7, 0xB5D0CF31, 0x2CD99E8B, 0x5BDEAE1D, + 0x9B64C2B0, 0xEC63F226, 0x756AA39C, 0x026D930A, + 0x9C0906A9, 0xEB0E363F, 0x72076785, 0x05005713, + 0x95BF4A82, 0xE2B87A14, 0x7BB12BAE, 0x0CB61B38, + 0x92D28E9B, 0xE5D5BE0D, 0x7CDCEFB7, 0x0BDBDF21, + 0x86D3D2D4, 0xF1D4E242, 0x68DDB3F8, 0x1FDA836E, + 0x81BE16CD, 0xF6B9265B, 0x6FB077E1, 0x18B74777, + 0x88085AE6, 0xFF0F6A70, 0x66063BCA, 0x11010B5C, + 0x8F659EFF, 0xF862AE69, 0x616BFFD3, 0x166CCF45, + 0xA00AE278, 0xD70DD2EE, 0x4E048354, 0x3903B3C2, + 0xA7672661, 0xD06016F7, 0x4969474D, 0x3E6E77DB, + 0xAED16A4A, 0xD9D65ADC, 0x40DF0B66, 0x37D83BF0, + 0xA9BCAE53, 0xDEBB9EC5, 0x47B2CF7F, 0x30B5FFE9, + 0xBDBDF21C, 0xCABAC28A, 0x53B39330, 0x24B4A3A6, + 0xBAD03605, 0xCDD70693, 0x54DE5729, 0x23D967BF, + 0xB3667A2E, 0xC4614AB8, 0x5D681B02, 0x2A6F2B94, + 0xB40BBE37, 0xC30C8EA1, 0x5A05DF1B, 0x2D02EF8D + ); + + // For this function to yield the same output as PHP's crc32 function, $crc would have to be + // set to 0xFFFFFFFF, initially - not 0x00000000 as it currently is. + $crc = 0x00000000; + $length = strlen($data); + + for ($i=0; $i<$length; $i++) { + // We AND $crc >> 8 with 0x00FFFFFF because we want the eight newly added bits to all + // be zero. PHP, unfortunately, doesn't always do this. 0x80000000 >> 8, as an example, + // yields 0xFF800000 - not 0x00800000. The following link elaborates: + // http://www.php.net/manual/en/language.operators.bitwise.php#57281 + $crc = (($crc >> 8) & 0x00FFFFFF) ^ $crc_lookup_table[($crc & 0xFF) ^ ord($data[$i])]; + } + + // In addition to having to set $crc to 0xFFFFFFFF, initially, the return value must be XOR'd with + // 0xFFFFFFFF for this function to return the same thing that PHP's crc32 function would. + return $crc; + } + + /** + * String Shift + * + * Inspired by array_shift + * + * @param string $string + * @param int $index + * @return string + * @access private + */ + function _string_shift(&$string, $index = 1) + { + $substr = substr($string, 0, $index); + $string = substr($string, $index); + return $substr; + } + + /** + * RSA Encrypt + * + * Returns mod(pow($m, $e), $n), where $n should be the product of two (large) primes $p and $q and where $e + * should be a number with the property that gcd($e, ($p - 1) * ($q - 1)) == 1. Could just make anything that + * calls this call modexp, instead, but I think this makes things clearer, maybe... + * + * @see self::__construct() + * @param BigInteger $m + * @param array $key + * @return BigInteger + * @access private + */ + function _rsa_crypt($m, $key) + { + /* + $rsa = new RSA(); + $rsa->load($key, 'raw'); + $rsa->setHash('sha1'); + return $rsa->encrypt($m, RSA::PADDING_PKCS1); + */ + + // To quote from protocol-1.5.txt: + // The most significant byte (which is only partial as the value must be + // less than the public modulus, which is never a power of two) is zero. + // + // The next byte contains the value 2 (which stands for public-key + // encrypted data in the PKCS standard [PKCS#1]). Then, there are non- + // zero random bytes to fill any unused space, a zero byte, and the data + // to be encrypted in the least significant bytes, the last byte of the + // data in the least significant byte. + + // Presumably the part of PKCS#1 they're refering to is "Section 7.2.1 Encryption Operation", + // under "7.2 RSAES-PKCS1-v1.5" and "7 Encryption schemes" of the following URL: + // ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf + $modulus = $key[1]->toBytes(); + $length = strlen($modulus) - strlen($m) - 3; + $random = ''; + while (strlen($random) != $length) { + $block = Random::string($length - strlen($random)); + $block = str_replace("\x00", '', $block); + $random.= $block; + } + $temp = chr(0) . chr(2) . $random . chr(0) . $m; + + $m = new BigInteger($temp, 256); + $m = $m->modPow($key[0], $key[1]); + + return $m->toBytes(); + } + + /** + * Define Array + * + * Takes any number of arrays whose indices are integers and whose values are strings and defines a bunch of + * named constants from it, using the value as the name of the constant and the index as the value of the constant. + * If any of the constants that would be defined already exists, none of the constants will be defined. + * + * @param array $array + * @access private + */ + function _define_array() + { + $args = func_get_args(); + foreach ($args as $arg) { + foreach ($arg as $key => $value) { + if (!defined($value)) { + define($value, $key); + } else { + break 2; + } + } + } + } + + /** + * Returns a log of the packets that have been sent and received. + * + * Returns a string if NET_SSH1_LOGGING == self::LOG_COMPLEX, an array if NET_SSH1_LOGGING == self::LOG_SIMPLE and false if !defined('NET_SSH1_LOGGING') + * + * @access public + * @return array|false|string + */ + function getLog() + { + if (!defined('NET_SSH1_LOGGING')) { + return false; + } + + switch (NET_SSH1_LOGGING) { + case self::LOG_SIMPLE: + return $this->message_number_log; + break; + case self::LOG_COMPLEX: + return $this->_format_log($this->message_log, $this->protocol_flags_log); + break; + default: + return false; + } + } + + /** + * Formats a log for printing + * + * @param array $message_log + * @param array $message_number_log + * @access private + * @return string + */ + function _format_log($message_log, $message_number_log) + { + $output = ''; + for ($i = 0; $i < count($message_log); $i++) { + $output.= $message_number_log[$i] . "\r\n"; + $current_log = $message_log[$i]; + $j = 0; + do { + if (strlen($current_log)) { + $output.= str_pad(dechex($j), 7, '0', STR_PAD_LEFT) . '0 '; + } + $fragment = $this->_string_shift($current_log, $this->log_short_width); + $hex = substr(preg_replace_callback('#.#s', array($this, '_format_log_helper'), $fragment), strlen($this->log_boundary)); + // replace non ASCII printable characters with dots + // http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters + // also replace < with a . since < messes up the output on web browsers + $raw = preg_replace('#[^\x20-\x7E]|<#', '.', $fragment); + $output.= str_pad($hex, $this->log_long_width - $this->log_short_width, ' ') . $raw . "\r\n"; + $j++; + } while (strlen($current_log)); + $output.= "\r\n"; + } + + return $output; + } + + /** + * Helper function for _format_log + * + * For use with preg_replace_callback() + * + * @param array $matches + * @access private + * @return string + */ + function _format_log_helper($matches) + { + return $this->log_boundary . str_pad(dechex(ord($matches[0])), 2, '0', STR_PAD_LEFT); + } + + /** + * Return the server key public exponent + * + * Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead, + * the raw bytes. This behavior is similar to PHP's md5() function. + * + * @param bool $raw_output + * @return string + * @access public + */ + function getServerKeyPublicExponent($raw_output = false) + { + return $raw_output ? $this->server_key_public_exponent->toBytes() : $this->server_key_public_exponent->toString(); + } + + /** + * Return the server key public modulus + * + * Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead, + * the raw bytes. This behavior is similar to PHP's md5() function. + * + * @param bool $raw_output + * @return string + * @access public + */ + function getServerKeyPublicModulus($raw_output = false) + { + return $raw_output ? $this->server_key_public_modulus->toBytes() : $this->server_key_public_modulus->toString(); + } + + /** + * Return the host key public exponent + * + * Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead, + * the raw bytes. This behavior is similar to PHP's md5() function. + * + * @param bool $raw_output + * @return string + * @access public + */ + function getHostKeyPublicExponent($raw_output = false) + { + return $raw_output ? $this->host_key_public_exponent->toBytes() : $this->host_key_public_exponent->toString(); + } + + /** + * Return the host key public modulus + * + * Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead, + * the raw bytes. This behavior is similar to PHP's md5() function. + * + * @param bool $raw_output + * @return string + * @access public + */ + function getHostKeyPublicModulus($raw_output = false) + { + return $raw_output ? $this->host_key_public_modulus->toBytes() : $this->host_key_public_modulus->toString(); + } + + /** + * Return a list of ciphers supported by SSH1 server. + * + * Just because a cipher is supported by an SSH1 server doesn't mean it's supported by this library. If $raw_output + * is set to true, returns, instead, an array of constants. ie. instead of array('Triple-DES in CBC mode'), you'll + * get array(self::CIPHER_3DES). + * + * @param bool $raw_output + * @return array + * @access public + */ + function getSupportedCiphers($raw_output = false) + { + return $raw_output ? array_keys($this->supported_ciphers) : array_values($this->supported_ciphers); + } + + /** + * Return a list of authentications supported by SSH1 server. + * + * Just because a cipher is supported by an SSH1 server doesn't mean it's supported by this library. If $raw_output + * is set to true, returns, instead, an array of constants. ie. instead of array('password authentication'), you'll + * get array(self::AUTH_PASSWORD). + * + * @param bool $raw_output + * @return array + * @access public + */ + function getSupportedAuthentications($raw_output = false) + { + return $raw_output ? array_keys($this->supported_authentications) : array_values($this->supported_authentications); + } + + /** + * Return the server identification. + * + * @return string + * @access public + */ + function getServerIdentification() + { + return rtrim($this->server_identification); + } + + /** + * Logs data packets + * + * Makes sure that only the last 1MB worth of packets will be logged + * + * @param string $data + * @access private + */ + function _append_log($protocol_flags, $message) + { + switch (NET_SSH1_LOGGING) { + // useful for benchmarks + case self::LOG_SIMPLE: + $this->protocol_flags_log[] = $protocol_flags; + break; + // the most useful log for SSH1 + case self::LOG_COMPLEX: + $this->protocol_flags_log[] = $protocol_flags; + $this->_string_shift($message); + $this->log_size+= strlen($message); + $this->message_log[] = $message; + while ($this->log_size > self::LOG_MAX_SIZE) { + $this->log_size-= strlen(array_shift($this->message_log)); + array_shift($this->protocol_flags_log); + } + break; + // dump the output out realtime; packets may be interspersed with non packets, + // passwords won't be filtered out and select other packets may not be correctly + // identified + case self::LOG_REALTIME: + echo "
    \r\n" . $this->_format_log(array($message), array($protocol_flags)) . "\r\n
    \r\n"; + @flush(); + @ob_flush(); + break; + // basically the same thing as self::LOG_REALTIME with the caveat that self::LOG_REALTIME_FILE + // needs to be defined and that the resultant log file will be capped out at self::LOG_MAX_SIZE. + // the earliest part of the log file is denoted by the first <<< START >>> and is not going to necessarily + // at the beginning of the file + case self::LOG_REALTIME_FILE: + if (!isset($this->realtime_log_file)) { + // PHP doesn't seem to like using constants in fopen() + $filename = self::LOG_REALTIME_FILE; + $fp = fopen($filename, 'w'); + $this->realtime_log_file = $fp; + } + if (!is_resource($this->realtime_log_file)) { + break; + } + $entry = $this->_format_log(array($message), array($protocol_flags)); + if ($this->realtime_log_wrap) { + $temp = "<<< START >>>\r\n"; + $entry.= $temp; + fseek($this->realtime_log_file, ftell($this->realtime_log_file) - strlen($temp)); + } + $this->realtime_log_size+= strlen($entry); + if ($this->realtime_log_size > self::LOG_MAX_SIZE) { + fseek($this->realtime_log_file, 0); + $this->realtime_log_size = strlen($entry); + $this->realtime_log_wrap = true; + } + fputs($this->realtime_log_file, $entry); + } + } +} diff --git a/plugins/OStatus/extlib/phpseclib/Net/SSH2.php b/plugins/OStatus/extlib/phpseclib/Net/SSH2.php new file mode 100644 index 0000000000..97a37a0bf2 --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/Net/SSH2.php @@ -0,0 +1,4224 @@ + + * login('username', 'password')) { + * exit('Login Failed'); + * } + * + * echo $ssh->exec('pwd'); + * echo $ssh->exec('ls -la'); + * ?> + * + * + * + * setPassword('whatever'); + * $key->load(file_get_contents('privatekey')); + * + * $ssh = new \phpseclib\Net\SSH2('www.domain.tld'); + * if (!$ssh->login('username', $key)) { + * exit('Login Failed'); + * } + * + * echo $ssh->read('username@username:~$'); + * $ssh->write("ls -la\n"); + * echo $ssh->read('username@username:~$'); + * ?> + * + * + * @category Net + * @package SSH2 + * @author Jim Wigginton + * @copyright 2007 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +namespace phpseclib\Net; + +use ParagonIE\ConstantTime\Base64; +use phpseclib\Crypt\Base; +use phpseclib\Crypt\Blowfish; +use phpseclib\Crypt\Hash; +use phpseclib\Crypt\Random; +use phpseclib\Crypt\RC4; +use phpseclib\Crypt\Rijndael; +use phpseclib\Crypt\RSA; +use phpseclib\Crypt\TripleDES; +use phpseclib\Crypt\Twofish; +use phpseclib\Math\BigInteger; // Used to do Diffie-Hellman key exchange and DSA/RSA signature verification. +use phpseclib\System\SSH\Agent; +use phpseclib\Exception\NoSupportedAlgorithmsException; + +/** + * Pure-PHP implementation of SSHv2. + * + * @package SSH2 + * @author Jim Wigginton + * @access public + */ +class SSH2 +{ + /**#@+ + * Execution Bitmap Masks + * + * @see \phpseclib\Net\SSH2::bitmap + * @access private + */ + const MASK_CONSTRUCTOR = 0x00000001; + const MASK_CONNECTED = 0x00000002; + const MASK_LOGIN_REQ = 0x00000004; + const MASK_LOGIN = 0x00000008; + const MASK_SHELL = 0x00000010; + const MASK_WINDOW_ADJUST = 0x00000020; + /**#@-*/ + + /**#@+ + * Channel constants + * + * RFC4254 refers not to client and server channels but rather to sender and recipient channels. we don't refer + * to them in that way because RFC4254 toggles the meaning. the client sends a SSH_MSG_CHANNEL_OPEN message with + * a sender channel and the server sends a SSH_MSG_CHANNEL_OPEN_CONFIRMATION in response, with a sender and a + * recepient channel. at first glance, you might conclude that SSH_MSG_CHANNEL_OPEN_CONFIRMATION's sender channel + * would be the same thing as SSH_MSG_CHANNEL_OPEN's sender channel, but it's not, per this snipet: + * The 'recipient channel' is the channel number given in the original + * open request, and 'sender channel' is the channel number allocated by + * the other side. + * + * @see \phpseclib\Net\SSH2::_send_channel_packet() + * @see \phpseclib\Net\SSH2::_get_channel_packet() + * @access private + */ + const CHANNEL_EXEC = 0; // PuTTy uses 0x100 + const CHANNEL_SHELL = 1; + const CHANNEL_SUBSYSTEM = 2; + const CHANNEL_AGENT_FORWARD = 3; + /**#@-*/ + + /**#@+ + * @access public + * @see \phpseclib\Net\SSH2::getLog() + */ + /** + * Returns the message numbers + */ + const LOG_SIMPLE = 1; + /** + * Returns the message content + */ + const LOG_COMPLEX = 2; + /** + * Outputs the content real-time + */ + const LOG_REALTIME = 3; + /** + * Dumps the content real-time to a file + */ + const LOG_REALTIME_FILE = 4; + /**#@-*/ + + /**#@+ + * @access public + * @see \phpseclib\Net\SSH2::read() + */ + /** + * Returns when a string matching $expect exactly is found + */ + const READ_SIMPLE = 1; + /** + * Returns when a string matching the regular expression $expect is found + */ + const READ_REGEX = 2; + /** + * Make sure that the log never gets larger than this + */ + const LOG_MAX_SIZE = 1048576; // 1024 * 1024 + /**#@-*/ + + /** + * The SSH identifier + * + * @var string + * @access private + */ + var $identifier; + + /** + * The Socket Object + * + * @var object + * @access private + */ + var $fsock; + + /** + * Execution Bitmap + * + * The bits that are set represent functions that have been called already. This is used to determine + * if a requisite function has been successfully executed. If not, an error should be thrown. + * + * @var int + * @access private + */ + var $bitmap = 0; + + /** + * Error information + * + * @see self::getErrors() + * @see self::getLastError() + * @var string + * @access private + */ + var $errors = array(); + + /** + * Server Identifier + * + * @see self::getServerIdentification() + * @var array|false + * @access private + */ + var $server_identifier = false; + + /** + * Key Exchange Algorithms + * + * @see self::getKexAlgorithims() + * @var array|false + * @access private + */ + var $kex_algorithms = false; + + /** + * Minimum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods + * + * @see self::_key_exchange() + * @var int + * @access private + */ + var $kex_dh_group_size_min = 1536; + + /** + * Preferred Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods + * + * @see self::_key_exchange() + * @var int + * @access private + */ + var $kex_dh_group_size_preferred = 2048; + + /** + * Maximum Diffie-Hellman Group Bit Size in RFC 4419 Key Exchange Methods + * + * @see self::_key_exchange() + * @var int + * @access private + */ + var $kex_dh_group_size_max = 4096; + + /** + * Server Host Key Algorithms + * + * @see self::getServerHostKeyAlgorithms() + * @var array|false + * @access private + */ + var $server_host_key_algorithms = false; + + /** + * Encryption Algorithms: Client to Server + * + * @see self::getEncryptionAlgorithmsClient2Server() + * @var array|false + * @access private + */ + var $encryption_algorithms_client_to_server = false; + + /** + * Encryption Algorithms: Server to Client + * + * @see self::getEncryptionAlgorithmsServer2Client() + * @var array|false + * @access private + */ + var $encryption_algorithms_server_to_client = false; + + /** + * MAC Algorithms: Client to Server + * + * @see self::getMACAlgorithmsClient2Server() + * @var array|false + * @access private + */ + var $mac_algorithms_client_to_server = false; + + /** + * MAC Algorithms: Server to Client + * + * @see self::getMACAlgorithmsServer2Client() + * @var array|false + * @access private + */ + var $mac_algorithms_server_to_client = false; + + /** + * Compression Algorithms: Client to Server + * + * @see self::getCompressionAlgorithmsClient2Server() + * @var array|false + * @access private + */ + var $compression_algorithms_client_to_server = false; + + /** + * Compression Algorithms: Server to Client + * + * @see self::getCompressionAlgorithmsServer2Client() + * @var array|false + * @access private + */ + var $compression_algorithms_server_to_client = false; + + /** + * Languages: Server to Client + * + * @see self::getLanguagesServer2Client() + * @var array|false + * @access private + */ + var $languages_server_to_client = false; + + /** + * Languages: Client to Server + * + * @see self::getLanguagesClient2Server() + * @var array|false + * @access private + */ + var $languages_client_to_server = false; + + /** + * Block Size for Server to Client Encryption + * + * "Note that the length of the concatenation of 'packet_length', + * 'padding_length', 'payload', and 'random padding' MUST be a multiple + * of the cipher block size or 8, whichever is larger. This constraint + * MUST be enforced, even when using stream ciphers." + * + * -- http://tools.ietf.org/html/rfc4253#section-6 + * + * @see self::__construct() + * @see self::_send_binary_packet() + * @var int + * @access private + */ + var $encrypt_block_size = 8; + + /** + * Block Size for Client to Server Encryption + * + * @see self::__construct() + * @see self::_get_binary_packet() + * @var int + * @access private + */ + var $decrypt_block_size = 8; + + /** + * Server to Client Encryption Object + * + * @see self::_get_binary_packet() + * @var object + * @access private + */ + var $decrypt = false; + + /** + * Client to Server Encryption Object + * + * @see self::_send_binary_packet() + * @var object + * @access private + */ + var $encrypt = false; + + /** + * Client to Server HMAC Object + * + * @see self::_send_binary_packet() + * @var object + * @access private + */ + var $hmac_create = false; + + /** + * Server to Client HMAC Object + * + * @see self::_get_binary_packet() + * @var object + * @access private + */ + var $hmac_check = false; + + /** + * Size of server to client HMAC + * + * We need to know how big the HMAC will be for the server to client direction so that we know how many bytes to read. + * For the client to server side, the HMAC object will make the HMAC as long as it needs to be. All we need to do is + * append it. + * + * @see self::_get_binary_packet() + * @var int + * @access private + */ + var $hmac_size = false; + + /** + * Server Public Host Key + * + * @see self::getServerPublicHostKey() + * @var string + * @access private + */ + var $server_public_host_key; + + /** + * Session identifer + * + * "The exchange hash H from the first key exchange is additionally + * used as the session identifier, which is a unique identifier for + * this connection." + * + * -- http://tools.ietf.org/html/rfc4253#section-7.2 + * + * @see self::_key_exchange() + * @var string + * @access private + */ + var $session_id = false; + + /** + * Exchange hash + * + * The current exchange hash + * + * @see self::_key_exchange() + * @var string + * @access private + */ + var $exchange_hash = false; + + /** + * Message Numbers + * + * @see self::__construct() + * @var array + * @access private + */ + var $message_numbers = array(); + + /** + * Disconnection Message 'reason codes' defined in RFC4253 + * + * @see self::__construct() + * @var array + * @access private + */ + var $disconnect_reasons = array(); + + /** + * SSH_MSG_CHANNEL_OPEN_FAILURE 'reason codes', defined in RFC4254 + * + * @see self::__construct() + * @var array + * @access private + */ + var $channel_open_failure_reasons = array(); + + /** + * Terminal Modes + * + * @link http://tools.ietf.org/html/rfc4254#section-8 + * @see self::__construct() + * @var array + * @access private + */ + var $terminal_modes = array(); + + /** + * SSH_MSG_CHANNEL_EXTENDED_DATA's data_type_codes + * + * @link http://tools.ietf.org/html/rfc4254#section-5.2 + * @see self::__construct() + * @var array + * @access private + */ + var $channel_extended_data_type_codes = array(); + + /** + * Send Sequence Number + * + * See 'Section 6.4. Data Integrity' of rfc4253 for more info. + * + * @see self::_send_binary_packet() + * @var int + * @access private + */ + var $send_seq_no = 0; + + /** + * Get Sequence Number + * + * See 'Section 6.4. Data Integrity' of rfc4253 for more info. + * + * @see self::_get_binary_packet() + * @var int + * @access private + */ + var $get_seq_no = 0; + + /** + * Server Channels + * + * Maps client channels to server channels + * + * @see self::_get_channel_packet() + * @see self::exec() + * @var array + * @access private + */ + var $server_channels = array(); + + /** + * Channel Buffers + * + * If a client requests a packet from one channel but receives two packets from another those packets should + * be placed in a buffer + * + * @see self::_get_channel_packet() + * @see self::exec() + * @var array + * @access private + */ + var $channel_buffers = array(); + + /** + * Channel Status + * + * Contains the type of the last sent message + * + * @see self::_get_channel_packet() + * @var array + * @access private + */ + var $channel_status = array(); + + /** + * Packet Size + * + * Maximum packet size indexed by channel + * + * @see self::_send_channel_packet() + * @var array + * @access private + */ + var $packet_size_client_to_server = array(); + + /** + * Message Number Log + * + * @see self::getLog() + * @var array + * @access private + */ + var $message_number_log = array(); + + /** + * Message Log + * + * @see self::getLog() + * @var array + * @access private + */ + var $message_log = array(); + + /** + * The Window Size + * + * Bytes the other party can send before it must wait for the window to be adjusted (0x7FFFFFFF = 2GB) + * + * @var int + * @see self::_send_channel_packet() + * @see self::exec() + * @access private + */ + var $window_size = 0x7FFFFFFF; + + /** + * Window size, server to client + * + * Window size indexed by channel + * + * @see self::_send_channel_packet() + * @var array + * @access private + */ + var $window_size_server_to_client = array(); + + /** + * Window size, client to server + * + * Window size indexed by channel + * + * @see self::_get_channel_packet() + * @var array + * @access private + */ + var $window_size_client_to_server = array(); + + /** + * Server signature + * + * Verified against $this->session_id + * + * @see self::getServerPublicHostKey() + * @var string + * @access private + */ + var $signature = ''; + + /** + * Server signature format + * + * ssh-rsa or ssh-dss. + * + * @see self::getServerPublicHostKey() + * @var string + * @access private + */ + var $signature_format = ''; + + /** + * Interactive Buffer + * + * @see self::read() + * @var array + * @access private + */ + var $interactiveBuffer = ''; + + /** + * Current log size + * + * Should never exceed self::LOG_MAX_SIZE + * + * @see self::_send_binary_packet() + * @see self::_get_binary_packet() + * @var int + * @access private + */ + var $log_size; + + /** + * Timeout + * + * @see self::setTimeout() + * @access private + */ + var $timeout; + + /** + * Current Timeout + * + * @see self::_get_channel_packet() + * @access private + */ + var $curTimeout; + + /** + * Real-time log file pointer + * + * @see self::_append_log() + * @var resource + * @access private + */ + var $realtime_log_file; + + /** + * Real-time log file size + * + * @see self::_append_log() + * @var int + * @access private + */ + var $realtime_log_size; + + /** + * Has the signature been validated? + * + * @see self::getServerPublicHostKey() + * @var bool + * @access private + */ + var $signature_validated = false; + + /** + * Real-time log file wrap boolean + * + * @see self::_append_log() + * @access private + */ + var $realtime_log_wrap; + + /** + * Flag to suppress stderr from output + * + * @see self::enableQuietMode() + * @access private + */ + var $quiet_mode = false; + + /** + * Time of first network activity + * + * @var int + * @access private + */ + var $last_packet; + + /** + * Exit status returned from ssh if any + * + * @var int + * @access private + */ + var $exit_status; + + /** + * Flag to request a PTY when using exec() + * + * @var bool + * @see self::enablePTY() + * @access private + */ + var $request_pty = false; + + /** + * Flag set while exec() is running when using enablePTY() + * + * @var bool + * @access private + */ + var $in_request_pty_exec = false; + + /** + * Flag set after startSubsystem() is called + * + * @var bool + * @access private + */ + var $in_subsystem; + + /** + * Contents of stdError + * + * @var string + * @access private + */ + var $stdErrorLog; + + /** + * The Last Interactive Response + * + * @see self::_keyboard_interactive_process() + * @var string + * @access private + */ + var $last_interactive_response = ''; + + /** + * Keyboard Interactive Request / Responses + * + * @see self::_keyboard_interactive_process() + * @var array + * @access private + */ + var $keyboard_requests_responses = array(); + + /** + * Banner Message + * + * Quoting from the RFC, "in some jurisdictions, sending a warning message before + * authentication may be relevant for getting legal protection." + * + * @see self::_filter() + * @see self::getBannerMessage() + * @var string + * @access private + */ + var $banner_message = ''; + + /** + * Did read() timeout or return normally? + * + * @see self::isTimeout() + * @var bool + * @access private + */ + var $is_timeout = false; + + /** + * Log Boundary + * + * @see self::_format_log() + * @var string + * @access private + */ + var $log_boundary = ':'; + + /** + * Log Long Width + * + * @see self::_format_log() + * @var int + * @access private + */ + var $log_long_width = 65; + + /** + * Log Short Width + * + * @see self::_format_log() + * @var int + * @access private + */ + var $log_short_width = 16; + + /** + * Hostname + * + * @see self::__construct() + * @see self::_connect() + * @var string + * @access private + */ + var $host; + + /** + * Port Number + * + * @see self::__construct() + * @see self::_connect() + * @var int + * @access private + */ + var $port; + + /** + * Number of columns for terminal window size + * + * @see self::getWindowColumns() + * @see self::setWindowColumns() + * @see self::setWindowSize() + * @var int + * @access private + */ + var $windowColumns = 80; + + /** + * Number of columns for terminal window size + * + * @see self::getWindowRows() + * @see self::setWindowRows() + * @see self::setWindowSize() + * @var int + * @access private + */ + var $windowRows = 24; + + /** + * Crypto Engine + * + * @see self::setCryptoEngine() + * @see self::_key_exchange() + * @var int + * @access private + */ + var $crypto_engine = false; + + /** + * A System_SSH_Agent for use in the SSH2 Agent Forwarding scenario + * + * @var System_SSH_Agent + * @access private + */ + var $agent; + + /** + * Connection storage to replicates ssh2 extension functionality: + * {@link http://php.net/manual/en/wrappers.ssh2.php#refsect1-wrappers.ssh2-examples} + * + * @var SSH2[] + */ + static $connections; + + /** + * Default Constructor. + * + * $host can either be a string, representing the host, or a stream resource. + * + * @param mixed $host + * @param int $port + * @param int $timeout + * @see self::login() + * @return \phpseclib\Net\SSH2 + * @access public + */ + function __construct($host, $port = 22, $timeout = 10) + { + $this->message_numbers = array( + 1 => 'NET_SSH2_MSG_DISCONNECT', + 2 => 'NET_SSH2_MSG_IGNORE', + 3 => 'NET_SSH2_MSG_UNIMPLEMENTED', + 4 => 'NET_SSH2_MSG_DEBUG', + 5 => 'NET_SSH2_MSG_SERVICE_REQUEST', + 6 => 'NET_SSH2_MSG_SERVICE_ACCEPT', + 20 => 'NET_SSH2_MSG_KEXINIT', + 21 => 'NET_SSH2_MSG_NEWKEYS', + 30 => 'NET_SSH2_MSG_KEXDH_INIT', + 31 => 'NET_SSH2_MSG_KEXDH_REPLY', + 50 => 'NET_SSH2_MSG_USERAUTH_REQUEST', + 51 => 'NET_SSH2_MSG_USERAUTH_FAILURE', + 52 => 'NET_SSH2_MSG_USERAUTH_SUCCESS', + 53 => 'NET_SSH2_MSG_USERAUTH_BANNER', + + 80 => 'NET_SSH2_MSG_GLOBAL_REQUEST', + 81 => 'NET_SSH2_MSG_REQUEST_SUCCESS', + 82 => 'NET_SSH2_MSG_REQUEST_FAILURE', + 90 => 'NET_SSH2_MSG_CHANNEL_OPEN', + 91 => 'NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION', + 92 => 'NET_SSH2_MSG_CHANNEL_OPEN_FAILURE', + 93 => 'NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST', + 94 => 'NET_SSH2_MSG_CHANNEL_DATA', + 95 => 'NET_SSH2_MSG_CHANNEL_EXTENDED_DATA', + 96 => 'NET_SSH2_MSG_CHANNEL_EOF', + 97 => 'NET_SSH2_MSG_CHANNEL_CLOSE', + 98 => 'NET_SSH2_MSG_CHANNEL_REQUEST', + 99 => 'NET_SSH2_MSG_CHANNEL_SUCCESS', + 100 => 'NET_SSH2_MSG_CHANNEL_FAILURE' + ); + $this->disconnect_reasons = array( + 1 => 'NET_SSH2_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT', + 2 => 'NET_SSH2_DISCONNECT_PROTOCOL_ERROR', + 3 => 'NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED', + 4 => 'NET_SSH2_DISCONNECT_RESERVED', + 5 => 'NET_SSH2_DISCONNECT_MAC_ERROR', + 6 => 'NET_SSH2_DISCONNECT_COMPRESSION_ERROR', + 7 => 'NET_SSH2_DISCONNECT_SERVICE_NOT_AVAILABLE', + 8 => 'NET_SSH2_DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED', + 9 => 'NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE', + 10 => 'NET_SSH2_DISCONNECT_CONNECTION_LOST', + 11 => 'NET_SSH2_DISCONNECT_BY_APPLICATION', + 12 => 'NET_SSH2_DISCONNECT_TOO_MANY_CONNECTIONS', + 13 => 'NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER', + 14 => 'NET_SSH2_DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE', + 15 => 'NET_SSH2_DISCONNECT_ILLEGAL_USER_NAME' + ); + $this->channel_open_failure_reasons = array( + 1 => 'NET_SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED' + ); + $this->terminal_modes = array( + 0 => 'NET_SSH2_TTY_OP_END' + ); + $this->channel_extended_data_type_codes = array( + 1 => 'NET_SSH2_EXTENDED_DATA_STDERR' + ); + + $this->_define_array( + $this->message_numbers, + $this->disconnect_reasons, + $this->channel_open_failure_reasons, + $this->terminal_modes, + $this->channel_extended_data_type_codes, + array(60 => 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'), + array(60 => 'NET_SSH2_MSG_USERAUTH_PK_OK'), + array(60 => 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST', + 61 => 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE'), + // RFC 4419 - diffie-hellman-group-exchange-sha{1,256} + array(30 => 'NET_SSH2_MSG_KEXDH_GEX_REQUEST_OLD', + 31 => 'NET_SSH2_MSG_KEXDH_GEX_GROUP', + 32 => 'NET_SSH2_MSG_KEXDH_GEX_INIT', + 33 => 'NET_SSH2_MSG_KEXDH_GEX_REPLY', + 34 => 'NET_SSH2_MSG_KEXDH_GEX_REQUEST'), + // RFC 5656 - Elliptic Curves (for curve25519-sha256@libssh.org) + array(30 => 'NET_SSH2_MSG_KEX_ECDH_INIT', + 31 => 'NET_SSH2_MSG_KEX_ECDH_REPLY') + ); + + self::$connections[$this->getResourceId()] = $this; + + if (is_resource($host)) { + $this->fsock = $host; + return; + } + + if (is_string($host)) { + $this->host = $host; + $this->port = $port; + $this->timeout = $timeout; + } + } + + /** + * Set Crypto Engine Mode + * + * Possible $engine values: + * CRYPT_MODE_INTERNAL, CRYPT_MODE_MCRYPT + * + * @param int $engine + * @access private + */ + function setCryptoEngine($engine) + { + $this->crypto_engine = $engine; + } + + /** + * Connect to an SSHv2 server + * + * @return bool + * @throws \UnexpectedValueException on receipt of unexpected packets + * @throws \RuntimeException on other errors + * @access private + */ + function _connect() + { + if ($this->bitmap & self::MASK_CONSTRUCTOR) { + return false; + } + + $this->bitmap |= self::MASK_CONSTRUCTOR; + + $this->curTimeout = $this->timeout; + + $this->last_packet = microtime(true); + + if (!is_resource($this->fsock)) { + $start = microtime(true); + $this->fsock = @fsockopen($this->host, $this->port, $errno, $errstr, $this->curTimeout); + if (!$this->fsock) { + $host = $this->host . ':' . $this->port; + throw new \RuntimeException(rtrim("Cannot connect to $host. Error $errno. $errstr")); + } + $elapsed = microtime(true) - $start; + + $this->curTimeout-= $elapsed; + + if ($this->curTimeout <= 0) { + $this->is_timeout = true; + return false; + } + } + + /* According to the SSH2 specs, + + "The server MAY send other lines of data before sending the version + string. Each line SHOULD be terminated by a Carriage Return and Line + Feed. Such lines MUST NOT begin with "SSH-", and SHOULD be encoded + in ISO-10646 UTF-8 [RFC3629] (language is not specified). Clients + MUST be able to process such lines." */ + $data = ''; + while (!feof($this->fsock) && !preg_match('#(.*)^(SSH-(\d\.\d+).*)#ms', $data, $matches)) { + $line = ''; + while (true) { + if ($this->curTimeout) { + if ($this->curTimeout < 0) { + $this->is_timeout = true; + return false; + } + $read = array($this->fsock); + $write = $except = null; + $start = microtime(true); + $sec = floor($this->curTimeout); + $usec = 1000000 * ($this->curTimeout - $sec); + // on windows this returns a "Warning: Invalid CRT parameters detected" error + // the !count() is done as a workaround for + if (!@stream_select($read, $write, $except, $sec, $usec) && !count($read)) { + $this->is_timeout = true; + return false; + } + $elapsed = microtime(true) - $start; + $this->curTimeout-= $elapsed; + } + + $temp = stream_get_line($this->fsock, 255, "\n"); + if (strlen($temp) == 255) { + continue; + } + + $line.= "$temp\n"; + if (substr($line, -2) == "\r\n") { + break; + } + } + $data.= $line; + } + + if (feof($this->fsock)) { + throw new \RuntimeException('Connection closed by server'); + } + + $extra = $matches[1]; + + $this->identifier = $this->_generate_identifier(); + + if (defined('NET_SSH2_LOGGING')) { + $this->_append_log('<-', $matches[0]); + $this->_append_log('->', $this->identifier . "\r\n"); + } + + $this->server_identifier = trim($temp, "\r\n"); + if (strlen($extra)) { + $this->errors[] = utf8_decode($data); + } + + if ($matches[3] != '1.99' && $matches[3] != '2.0') { + throw new \RuntimeException("Cannot connect to SSH $matches[1] servers"); + } + + fputs($this->fsock, $this->identifier . "\r\n"); + + $response = $this->_get_binary_packet(); + if ($response === false) { + throw new \RuntimeException('Connection closed by server'); + } + + if (ord($response[0]) != NET_SSH2_MSG_KEXINIT) { + throw new \UnexpectedValueException('Expected SSH_MSG_KEXINIT'); + } + + if (!$this->_key_exchange($response)) { + return false; + } + + $this->bitmap|= self::MASK_CONNECTED; + + return true; + } + + /** + * Generates the SSH identifier + * + * You should overwrite this method in your own class if you want to use another identifier + * + * @access protected + * @return string + */ + function _generate_identifier() + { + $identifier = 'SSH-2.0-phpseclib_2.0'; + + $ext = array(); + if (extension_loaded('libsodium')) { + $ext[] = 'libsodium'; + } + + if (extension_loaded('openssl')) { + $ext[] = 'openssl'; + } elseif (extension_loaded('mcrypt')) { + $ext[] = 'mcrypt'; + } + + if (extension_loaded('gmp')) { + $ext[] = 'gmp'; + } elseif (extension_loaded('bcmath')) { + $ext[] = 'bcmath'; + } + + if (!empty($ext)) { + $identifier .= ' (' . implode(', ', $ext) . ')'; + } + + return $identifier; + } + + /** + * Key Exchange + * + * @param string $kexinit_payload_server + * @throws \UnexpectedValueException on receipt of unexpected packets + * @throws \RuntimeException on other errors + * @throws \phpseclib\Exception\NoSupportedAlgorithmsException when none of the algorithms phpseclib has loaded are compatible + * @access private + */ + function _key_exchange($kexinit_payload_server) + { + $kex_algorithms = array( + // Elliptic Curve Diffie-Hellman Key Agreement (ECDH) using + // Curve25519. See doc/curve25519-sha256@libssh.org.txt in the + // libssh repository for more information. + 'curve25519-sha256@libssh.org', + + // Diffie-Hellman Key Agreement (DH) using integer modulo prime + // groups. + 'diffie-hellman-group1-sha1', // REQUIRED + 'diffie-hellman-group14-sha1', // REQUIRED + 'diffie-hellman-group-exchange-sha1', // RFC 4419 + 'diffie-hellman-group-exchange-sha256', // RFC 4419 + ); + if (!function_exists('\\Sodium\\library_version_major')) { + $kex_algorithms = array_diff( + $kex_algorithms, + array('curve25519-sha256@libssh.org') + ); + } + + $server_host_key_algorithms = array( + 'ssh-rsa', // RECOMMENDED sign Raw RSA Key + 'ssh-dss' // REQUIRED sign Raw DSS Key + ); + + $encryption_algorithms = array( + // from : + 'arcfour256', + 'arcfour128', + + //'arcfour', // OPTIONAL the ARCFOUR stream cipher with a 128-bit key + + // CTR modes from : + 'aes128-ctr', // RECOMMENDED AES (Rijndael) in SDCTR mode, with 128-bit key + 'aes192-ctr', // RECOMMENDED AES with 192-bit key + 'aes256-ctr', // RECOMMENDED AES with 256-bit key + + 'twofish128-ctr', // OPTIONAL Twofish in SDCTR mode, with 128-bit key + 'twofish192-ctr', // OPTIONAL Twofish with 192-bit key + 'twofish256-ctr', // OPTIONAL Twofish with 256-bit key + + 'aes128-cbc', // RECOMMENDED AES with a 128-bit key + 'aes192-cbc', // OPTIONAL AES with a 192-bit key + 'aes256-cbc', // OPTIONAL AES in CBC mode, with a 256-bit key + + 'twofish128-cbc', // OPTIONAL Twofish with a 128-bit key + 'twofish192-cbc', // OPTIONAL Twofish with a 192-bit key + 'twofish256-cbc', + 'twofish-cbc', // OPTIONAL alias for "twofish256-cbc" + // (this is being retained for historical reasons) + + 'blowfish-ctr', // OPTIONAL Blowfish in SDCTR mode + + 'blowfish-cbc', // OPTIONAL Blowfish in CBC mode + + '3des-ctr', // RECOMMENDED Three-key 3DES in SDCTR mode + + '3des-cbc', // REQUIRED three-key 3DES in CBC mode + //'none' // OPTIONAL no encryption; NOT RECOMMENDED + ); + + if (extension_loaded('openssl') && !extension_loaded('mcrypt')) { + // OpenSSL does not support arcfour256 in any capacity and arcfour128 / arcfour support is limited to + // instances that do not use continuous buffers + $encryption_algorithms = array_diff( + $encryption_algorithms, + array('arcfour256', 'arcfour128', 'arcfour') + ); + } + + if (class_exists('\phpseclib\Crypt\RC4') === false) { + $encryption_algorithms = array_diff( + $encryption_algorithms, + array('arcfour256', 'arcfour128', 'arcfour') + ); + } + if (class_exists('\phpseclib\Crypt\Rijndael') === false) { + $encryption_algorithms = array_diff( + $encryption_algorithms, + array('aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'aes128-cbc', 'aes192-cbc', 'aes256-cbc') + ); + } + if (class_exists('\phpseclib\Crypt\Twofish') === false) { + $encryption_algorithms = array_diff( + $encryption_algorithms, + array('twofish128-ctr', 'twofish192-ctr', 'twofish256-ctr', 'twofish128-cbc', 'twofish192-cbc', 'twofish256-cbc', 'twofish-cbc') + ); + } + if (class_exists('\phpseclib\Crypt\Blowfish') === false) { + $encryption_algorithms = array_diff( + $encryption_algorithms, + array('blowfish-ctr', 'blowfish-cbc') + ); + } + if (class_exists('\phpseclib\Crypt\TripleDES') === false) { + $encryption_algorithms = array_diff( + $encryption_algorithms, + array('3des-ctr', '3des-cbc') + ); + } + $encryption_algorithms = array_values($encryption_algorithms); + + $mac_algorithms = array( + // from : + 'hmac-sha2-256',// RECOMMENDED HMAC-SHA256 (digest length = key length = 32) + + 'hmac-sha1-96', // RECOMMENDED first 96 bits of HMAC-SHA1 (digest length = 12, key length = 20) + 'hmac-sha1', // REQUIRED HMAC-SHA1 (digest length = key length = 20) + 'hmac-md5-96', // OPTIONAL first 96 bits of HMAC-MD5 (digest length = 12, key length = 16) + 'hmac-md5', // OPTIONAL HMAC-MD5 (digest length = key length = 16) + //'none' // OPTIONAL no MAC; NOT RECOMMENDED + ); + + $compression_algorithms = array( + 'none' // REQUIRED no compression + //'zlib' // OPTIONAL ZLIB (LZ77) compression + ); + + // some SSH servers have buggy implementations of some of the above algorithms + switch ($this->server_identifier) { + case 'SSH-2.0-SSHD': + $mac_algorithms = array_values(array_diff( + $mac_algorithms, + array('hmac-sha1-96', 'hmac-md5-96') + )); + } + + $str_kex_algorithms = implode(',', $kex_algorithms); + $str_server_host_key_algorithms = implode(',', $server_host_key_algorithms); + $encryption_algorithms_server_to_client = $encryption_algorithms_client_to_server = implode(',', $encryption_algorithms); + $mac_algorithms_server_to_client = $mac_algorithms_client_to_server = implode(',', $mac_algorithms); + $compression_algorithms_server_to_client = $compression_algorithms_client_to_server = implode(',', $compression_algorithms); + + $client_cookie = Random::string(16); + + $response = $kexinit_payload_server; + $this->_string_shift($response, 1); // skip past the message number (it should be SSH_MSG_KEXINIT) + $server_cookie = $this->_string_shift($response, 16); + + $temp = unpack('Nlength', $this->_string_shift($response, 4)); + $this->kex_algorithms = explode(',', $this->_string_shift($response, $temp['length'])); + + $temp = unpack('Nlength', $this->_string_shift($response, 4)); + $this->server_host_key_algorithms = explode(',', $this->_string_shift($response, $temp['length'])); + + $temp = unpack('Nlength', $this->_string_shift($response, 4)); + $this->encryption_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length'])); + + $temp = unpack('Nlength', $this->_string_shift($response, 4)); + $this->encryption_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length'])); + + $temp = unpack('Nlength', $this->_string_shift($response, 4)); + $this->mac_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length'])); + + $temp = unpack('Nlength', $this->_string_shift($response, 4)); + $this->mac_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length'])); + + $temp = unpack('Nlength', $this->_string_shift($response, 4)); + $this->compression_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length'])); + + $temp = unpack('Nlength', $this->_string_shift($response, 4)); + $this->compression_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length'])); + + $temp = unpack('Nlength', $this->_string_shift($response, 4)); + $this->languages_client_to_server = explode(',', $this->_string_shift($response, $temp['length'])); + + $temp = unpack('Nlength', $this->_string_shift($response, 4)); + $this->languages_server_to_client = explode(',', $this->_string_shift($response, $temp['length'])); + + extract(unpack('Cfirst_kex_packet_follows', $this->_string_shift($response, 1))); + $first_kex_packet_follows = $first_kex_packet_follows != 0; + + // the sending of SSH2_MSG_KEXINIT could go in one of two places. this is the second place. + $kexinit_payload_client = pack( + 'Ca*Na*Na*Na*Na*Na*Na*Na*Na*Na*Na*CN', + NET_SSH2_MSG_KEXINIT, + $client_cookie, + strlen($str_kex_algorithms), + $str_kex_algorithms, + strlen($str_server_host_key_algorithms), + $str_server_host_key_algorithms, + strlen($encryption_algorithms_client_to_server), + $encryption_algorithms_client_to_server, + strlen($encryption_algorithms_server_to_client), + $encryption_algorithms_server_to_client, + strlen($mac_algorithms_client_to_server), + $mac_algorithms_client_to_server, + strlen($mac_algorithms_server_to_client), + $mac_algorithms_server_to_client, + strlen($compression_algorithms_client_to_server), + $compression_algorithms_client_to_server, + strlen($compression_algorithms_server_to_client), + $compression_algorithms_server_to_client, + 0, + '', + 0, + '', + 0, + 0 + ); + + if (!$this->_send_binary_packet($kexinit_payload_client)) { + return false; + } + // here ends the second place. + + // we need to decide upon the symmetric encryption algorithms before we do the diffie-hellman key exchange + + // we don't initialize any crypto-objects, yet - we do that, later. for now, we need the lengths to make the + // diffie-hellman key exchange as fast as possible + $decrypt = $this->_array_intersect_first($encryption_algorithms, $this->encryption_algorithms_server_to_client); + $decryptKeyLength = $this->_encryption_algorithm_to_key_size($decrypt); + if ($decryptKeyLength === null) { + $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new NoSupportedAlgorithmsException('No compatible server to client encryption algorithms found'); + } + + $encrypt = $this->_array_intersect_first($encryption_algorithms, $this->encryption_algorithms_client_to_server); + $encryptKeyLength = $this->_encryption_algorithm_to_key_size($encrypt); + if ($encryptKeyLength === null) { + $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new NoSupportedAlgorithmsException('No compatible client to server encryption algorithms found'); + } + + // through diffie-hellman key exchange a symmetric key is obtained + $kex_algorithm = $this->_array_intersect_first($kex_algorithms, $this->kex_algorithms); + if ($kex_algorithm === false) { + $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new NoSupportedAlgorithmsException('No compatible key exchange algorithms found'); + } + + // Only relevant in diffie-hellman-group-exchange-sha{1,256}, otherwise empty. + $exchange_hash_rfc4419 = ''; + + if ($kex_algorithm === 'curve25519-sha256@libssh.org') { + $x = Random::string(32); + $eBytes = \Sodium\crypto_box_publickey_from_secretkey($x); + $clientKexInitMessage = NET_SSH2_MSG_KEX_ECDH_INIT; + $serverKexReplyMessage = NET_SSH2_MSG_KEX_ECDH_REPLY; + $kexHash = new Hash('sha256'); + } else { + if (strpos($kex_algorithm, 'diffie-hellman-group-exchange') === 0) { + $dh_group_sizes_packed = pack( + 'NNN', + $this->kex_dh_group_size_min, + $this->kex_dh_group_size_preferred, + $this->kex_dh_group_size_max + ); + $packet = pack( + 'Ca*', + NET_SSH2_MSG_KEXDH_GEX_REQUEST, + $dh_group_sizes_packed + ); + if (!$this->_send_binary_packet($packet)) { + return false; + } + + $response = $this->_get_binary_packet(); + if ($response === false) { + user_error('Connection closed by server'); + return false; + } + extract(unpack('Ctype', $this->_string_shift($response, 1))); + if ($type != NET_SSH2_MSG_KEXDH_GEX_GROUP) { + user_error('Expected SSH_MSG_KEX_DH_GEX_GROUP'); + return false; + } + + extract(unpack('NprimeLength', $this->_string_shift($response, 4))); + $primeBytes = $this->_string_shift($response, $primeLength); + $prime = new BigInteger($primeBytes, -256); + + extract(unpack('NgLength', $this->_string_shift($response, 4))); + $gBytes = $this->_string_shift($response, $gLength); + $g = new BigInteger($gBytes, -256); + + $exchange_hash_rfc4419 = pack( + 'a*Na*Na*', + $dh_group_sizes_packed, + $primeLength, + $primeBytes, + $gLength, + $gBytes + ); + + $clientKexInitMessage = NET_SSH2_MSG_KEXDH_GEX_INIT; + $serverKexReplyMessage = NET_SSH2_MSG_KEXDH_GEX_REPLY; + } else { + switch ($kex_algorithm) { + // see http://tools.ietf.org/html/rfc2409#section-6.2 and + // http://tools.ietf.org/html/rfc2412, appendex E + case 'diffie-hellman-group1-sha1': + $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . + '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . + '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . + 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF'; + break; + // see http://tools.ietf.org/html/rfc3526#section-3 + case 'diffie-hellman-group14-sha1': + $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . + '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . + '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . + 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF05' . + '98DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB' . + '9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B' . + 'E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718' . + '3995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF'; + break; + } + // For both diffie-hellman-group1-sha1 and diffie-hellman-group14-sha1 + // the generator field element is 2 (decimal) and the hash function is sha1. + $g = new BigInteger(2); + $prime = new BigInteger($prime, 16); + $clientKexInitMessage = NET_SSH2_MSG_KEXDH_INIT; + $serverKexReplyMessage = NET_SSH2_MSG_KEXDH_REPLY; + } + + switch ($kex_algorithm) { + case 'diffie-hellman-group-exchange-sha256': + $kexHash = new Hash('sha256'); + break; + default: + $kexHash = new Hash('sha1'); + } + + /* To increase the speed of the key exchange, both client and server may + reduce the size of their private exponents. It should be at least + twice as long as the key material that is generated from the shared + secret. For more details, see the paper by van Oorschot and Wiener + [VAN-OORSCHOT]. + + -- http://tools.ietf.org/html/rfc4419#section-6.2 */ + $one = new BigInteger(1); + $keyLength = min($kexHash->getLength(), max($encryptKeyLength, $decryptKeyLength)); + $max = $one->bitwise_leftShift(16 * $keyLength); // 2 * 8 * $keyLength + $max = $max->subtract($one); + + $x = BigInteger::random($one, $max); + $e = $g->modPow($x, $prime); + + $eBytes = $e->toBytes(true); + } + $data = pack('CNa*', $clientKexInitMessage, strlen($eBytes), $eBytes); + + if (!$this->_send_binary_packet($data)) { + throw new \RuntimeException('Connection closed by server'); + } + + $response = $this->_get_binary_packet(); + if ($response === false) { + throw new \RuntimeException('Connection closed by server'); + } + extract(unpack('Ctype', $this->_string_shift($response, 1))); + + if ($type != $serverKexReplyMessage) { + throw new \UnexpectedValueException('Expected SSH_MSG_KEXDH_REPLY'); + } + + $temp = unpack('Nlength', $this->_string_shift($response, 4)); + $this->server_public_host_key = $server_public_host_key = $this->_string_shift($response, $temp['length']); + + $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); + $public_key_format = $this->_string_shift($server_public_host_key, $temp['length']); + + $temp = unpack('Nlength', $this->_string_shift($response, 4)); + $fBytes = $this->_string_shift($response, $temp['length']); + + $temp = unpack('Nlength', $this->_string_shift($response, 4)); + $this->signature = $this->_string_shift($response, $temp['length']); + + $temp = unpack('Nlength', $this->_string_shift($this->signature, 4)); + $this->signature_format = $this->_string_shift($this->signature, $temp['length']); + + if ($kex_algorithm === 'curve25519-sha256@libssh.org') { + if (strlen($fBytes) !== 32) { + user_error('Received curve25519 public key of invalid length.'); + return false; + } + $key = new BigInteger(\Sodium\crypto_scalarmult($x, $fBytes), 256); + \Sodium\memzero($x); + } else { + $f = new BigInteger($fBytes, -256); + $key = $f->modPow($x, $prime); + } + $keyBytes = $key->toBytes(true); + + $this->exchange_hash = pack( + 'Na*Na*Na*Na*Na*a*Na*Na*Na*', + strlen($this->identifier), + $this->identifier, + strlen($this->server_identifier), + $this->server_identifier, + strlen($kexinit_payload_client), + $kexinit_payload_client, + strlen($kexinit_payload_server), + $kexinit_payload_server, + strlen($this->server_public_host_key), + $this->server_public_host_key, + $exchange_hash_rfc4419, + strlen($eBytes), + $eBytes, + strlen($fBytes), + $fBytes, + strlen($keyBytes), + $keyBytes + ); + + $this->exchange_hash = $kexHash->hash($this->exchange_hash); + + if ($this->session_id === false) { + $this->session_id = $this->exchange_hash; + } + + $server_host_key_algorithm = $this->_array_intersect_first($server_host_key_algorithms, $this->server_host_key_algorithms); + if ($server_host_key_algorithm === false) { + $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new NoSupportedAlgorithmsException('No compatible server host key algorithms found'); + } + + if ($public_key_format != $server_host_key_algorithm || $this->signature_format != $server_host_key_algorithm) { + $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new \RuntimeException('Server Host Key Algorithm Mismatch'); + } + + $packet = pack( + 'C', + NET_SSH2_MSG_NEWKEYS + ); + + if (!$this->_send_binary_packet($packet)) { + return false; + } + + $response = $this->_get_binary_packet(); + + if ($response === false) { + throw new \RuntimeException('Connection closed by server'); + } + + extract(unpack('Ctype', $this->_string_shift($response, 1))); + + if ($type != NET_SSH2_MSG_NEWKEYS) { + throw new \UnexpectedValueException('Expected SSH_MSG_NEWKEYS'); + } + + $keyBytes = pack('Na*', strlen($keyBytes), $keyBytes); + + $this->encrypt = $this->_encryption_algorithm_to_crypt_instance($encrypt); + if ($this->encrypt) { + if ($this->crypto_engine) { + $this->encrypt->setEngine($this->crypto_engine); + } + if ($this->encrypt->block_size) { + $this->encrypt_block_size = $this->encrypt->block_size; + } + $this->encrypt->enableContinuousBuffer(); + $this->encrypt->disablePadding(); + + if ($this->encrypt->usesIV()) { + $iv = $kexHash->hash($keyBytes . $this->exchange_hash . 'A' . $this->session_id); + while ($this->encrypt_block_size > strlen($iv)) { + $iv.= $kexHash->hash($keyBytes . $this->exchange_hash . $iv); + } + $this->encrypt->setIV(substr($iv, 0, $this->encrypt_block_size)); + } + + $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'C' . $this->session_id); + while ($encryptKeyLength > strlen($key)) { + $key.= $kexHash->hash($keyBytes . $this->exchange_hash . $key); + } + $this->encrypt->setKey(substr($key, 0, $encryptKeyLength)); + } + + $this->decrypt = $this->_encryption_algorithm_to_crypt_instance($decrypt); + if ($this->decrypt) { + if ($this->crypto_engine) { + $this->decrypt->setEngine($this->crypto_engine); + } + if ($this->decrypt->block_size) { + $this->decrypt_block_size = $this->decrypt->block_size; + } + $this->decrypt->enableContinuousBuffer(); + $this->decrypt->disablePadding(); + + if ($this->decrypt->usesIV()) { + $iv = $kexHash->hash($keyBytes . $this->exchange_hash . 'B' . $this->session_id); + while ($this->decrypt_block_size > strlen($iv)) { + $iv.= $kexHash->hash($keyBytes . $this->exchange_hash . $iv); + } + $this->decrypt->setIV(substr($iv, 0, $this->decrypt_block_size)); + } + + $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'D' . $this->session_id); + while ($decryptKeyLength > strlen($key)) { + $key.= $kexHash->hash($keyBytes . $this->exchange_hash . $key); + } + $this->decrypt->setKey(substr($key, 0, $decryptKeyLength)); + } + + /* The "arcfour128" algorithm is the RC4 cipher, as described in + [SCHNEIER], using a 128-bit key. The first 1536 bytes of keystream + generated by the cipher MUST be discarded, and the first byte of the + first encrypted packet MUST be encrypted using the 1537th byte of + keystream. + + -- http://tools.ietf.org/html/rfc4345#section-4 */ + if ($encrypt == 'arcfour128' || $encrypt == 'arcfour256') { + $this->encrypt->encrypt(str_repeat("\0", 1536)); + } + if ($decrypt == 'arcfour128' || $decrypt == 'arcfour256') { + $this->decrypt->decrypt(str_repeat("\0", 1536)); + } + + $mac_algorithm = $this->_array_intersect_first($mac_algorithms, $this->mac_algorithms_client_to_server); + if ($mac_algorithm === false) { + $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new NoSupportedAlgorithmsException('No compatible client to server message authentication algorithms found'); + } + + $createKeyLength = 0; // ie. $mac_algorithm == 'none' + switch ($mac_algorithm) { + case 'hmac-sha2-256': + $this->hmac_create = new Hash('sha256'); + $createKeyLength = 32; + break; + case 'hmac-sha1': + $this->hmac_create = new Hash('sha1'); + $createKeyLength = 20; + break; + case 'hmac-sha1-96': + $this->hmac_create = new Hash('sha1-96'); + $createKeyLength = 20; + break; + case 'hmac-md5': + $this->hmac_create = new Hash('md5'); + $createKeyLength = 16; + break; + case 'hmac-md5-96': + $this->hmac_create = new Hash('md5-96'); + $createKeyLength = 16; + } + + $mac_algorithm = $this->_array_intersect_first($mac_algorithms, $this->mac_algorithms_server_to_client); + if ($mac_algorithm === false) { + $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new NoSupportedAlgorithmsException('No compatible server to client message authentication algorithms found'); + } + + $checkKeyLength = 0; + $this->hmac_size = 0; + switch ($mac_algorithm) { + case 'hmac-sha2-256': + $this->hmac_check = new Hash('sha256'); + $checkKeyLength = 32; + $this->hmac_size = 32; + break; + case 'hmac-sha1': + $this->hmac_check = new Hash('sha1'); + $checkKeyLength = 20; + $this->hmac_size = 20; + break; + case 'hmac-sha1-96': + $this->hmac_check = new Hash('sha1-96'); + $checkKeyLength = 20; + $this->hmac_size = 12; + break; + case 'hmac-md5': + $this->hmac_check = new Hash('md5'); + $checkKeyLength = 16; + $this->hmac_size = 16; + break; + case 'hmac-md5-96': + $this->hmac_check = new Hash('md5-96'); + $checkKeyLength = 16; + $this->hmac_size = 12; + } + + $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'E' . $this->session_id); + while ($createKeyLength > strlen($key)) { + $key.= $kexHash->hash($keyBytes . $this->exchange_hash . $key); + } + $this->hmac_create->setKey(substr($key, 0, $createKeyLength)); + + $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'F' . $this->session_id); + while ($checkKeyLength > strlen($key)) { + $key.= $kexHash->hash($keyBytes . $this->exchange_hash . $key); + } + $this->hmac_check->setKey(substr($key, 0, $checkKeyLength)); + + $compression_algorithm = $this->_array_intersect_first($compression_algorithms, $this->compression_algorithms_server_to_client); + if ($compression_algorithm === false) { + $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new NoSupportedAlgorithmsException('No compatible server to client compression algorithms found'); + } + $this->decompress = $compression_algorithm == 'zlib'; + + $compression_algorithm = $this->_array_intersect_first($compression_algorithms, $this->compression_algorithms_client_to_server); + if ($compression_algorithm === false) { + $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new NoSupportedAlgorithmsException('No compatible client to server compression algorithms found'); + } + $this->compress = $compression_algorithm == 'zlib'; + + return true; + } + + /** + * Maps an encryption algorithm name to the number of key bytes. + * + * @param string $algorithm Name of the encryption algorithm + * @return int|null Number of bytes as an integer or null for unknown + * @access private + */ + function _encryption_algorithm_to_key_size($algorithm) + { + switch ($algorithm) { + case 'none': + return 0; + case 'aes128-cbc': + case 'aes128-ctr': + case 'arcfour': + case 'arcfour128': + case 'blowfish-cbc': + case 'blowfish-ctr': + case 'twofish128-cbc': + case 'twofish128-ctr': + return 16; + case '3des-cbc': + case '3des-ctr': + case 'aes192-cbc': + case 'aes192-ctr': + case 'twofish192-cbc': + case 'twofish192-ctr': + return 24; + case 'aes256-cbc': + case 'aes256-ctr': + case 'arcfour256': + case 'twofish-cbc': + case 'twofish256-cbc': + case 'twofish256-ctr': + return 32; + } + return null; + } + + /** + * Maps an encryption algorithm name to an instance of a subclass of + * \phpseclib\Crypt\Base. + * + * @param string $algorithm Name of the encryption algorithm + * @return mixed Instance of \phpseclib\Crypt\Base or null for unknown + * @access private + */ + function _encryption_algorithm_to_crypt_instance($algorithm) + { + switch ($algorithm) { + case '3des-cbc': + return new TripleDES(Base::MODE_CBC); + case '3des-ctr': + return new TripleDES(Base::MODE_CTR); + case 'aes256-cbc': + case 'aes192-cbc': + case 'aes128-cbc': + return new Rijndael(Base::MODE_CBC); + case 'aes256-ctr': + case 'aes192-ctr': + case 'aes128-ctr': + return new Rijndael(Base::MODE_CTR); + case 'blowfish-cbc': + return new Blowfish(Base::MODE_CBC); + case 'blowfish-ctr': + return new Blowfish(Base::MODE_CTR); + case 'twofish128-cbc': + case 'twofish192-cbc': + case 'twofish256-cbc': + case 'twofish-cbc': + return new Twofish(Base::MODE_CBC); + case 'twofish128-ctr': + case 'twofish192-ctr': + case 'twofish256-ctr': + return new Twofish(Base::MODE_CTR); + case 'arcfour': + case 'arcfour128': + case 'arcfour256': + return new RC4(); + } + return null; + } + + /** + * Login + * + * The $password parameter can be a plaintext password, a \phpseclib\Crypt\RSA object or an array + * + * @param string $username + * @param mixed $password + * @param mixed $... + * @return bool + * @see self::_login() + * @access public + */ + function login($username) + { + $args = func_get_args(); + return call_user_func_array(array(&$this, '_login'), $args); + } + + /** + * Login Helper + * + * @param string $username + * @param mixed $password + * @param mixed $... + * @return bool + * @see self::_login_helper() + * @access private + */ + function _login($username) + { + if (!($this->bitmap & self::MASK_CONSTRUCTOR)) { + if (!$this->_connect()) { + return false; + } + } + + $args = array_slice(func_get_args(), 1); + if (empty($args)) { + return $this->_login_helper($username); + } + + foreach ($args as $arg) { + if ($this->_login_helper($username, $arg)) { + return true; + } + } + return false; + } + + /** + * Login Helper + * + * @param string $username + * @param string $password + * @return bool + * @throws \UnexpectedValueException on receipt of unexpected packets + * @throws \RuntimeException on other errors + * @access private + * @internal It might be worthwhile, at some point, to protect against {@link http://tools.ietf.org/html/rfc4251#section-9.3.9 traffic analysis} + * by sending dummy SSH_MSG_IGNORE messages. + */ + function _login_helper($username, $password = null) + { + if (!($this->bitmap & self::MASK_CONNECTED)) { + return false; + } + + if (!($this->bitmap & self::MASK_LOGIN_REQ)) { + $packet = pack( + 'CNa*', + NET_SSH2_MSG_SERVICE_REQUEST, + strlen('ssh-userauth'), + 'ssh-userauth' + ); + + if (!$this->_send_binary_packet($packet)) { + return false; + } + + $response = $this->_get_binary_packet(); + if ($response === false) { + throw new \RuntimeException('Connection closed by server'); + } + + extract(unpack('Ctype', $this->_string_shift($response, 1))); + + if ($type != NET_SSH2_MSG_SERVICE_ACCEPT) { + throw new \UnexpectedValueException('Expected SSH_MSG_SERVICE_ACCEPT'); + } + $this->bitmap |= self::MASK_LOGIN_REQ; + } + + if (strlen($this->last_interactive_response)) { + return !is_string($password) && !is_array($password) ? false : $this->_keyboard_interactive_process($password); + } + + if ($password instanceof RSA) { + return $this->_privatekey_login($username, $password); + } elseif ($password instanceof Agent) { + return $this->_ssh_agent_login($username, $password); + } + + if (is_array($password)) { + if ($this->_keyboard_interactive_login($username, $password)) { + $this->bitmap |= self::MASK_LOGIN; + return true; + } + return false; + } + + if (!isset($password)) { + $packet = pack( + 'CNa*Na*Na*', + NET_SSH2_MSG_USERAUTH_REQUEST, + strlen($username), + $username, + strlen('ssh-connection'), + 'ssh-connection', + strlen('none'), + 'none' + ); + + if (!$this->_send_binary_packet($packet)) { + return false; + } + + $response = $this->_get_binary_packet(); + if ($response === false) { + throw new \RuntimeException('Connection closed by server'); + } + + extract(unpack('Ctype', $this->_string_shift($response, 1))); + + switch ($type) { + case NET_SSH2_MSG_USERAUTH_SUCCESS: + $this->bitmap |= self::MASK_LOGIN; + return true; + //case NET_SSH2_MSG_USERAUTH_FAILURE: + default: + return false; + } + } + + $packet = pack( + 'CNa*Na*Na*CNa*', + NET_SSH2_MSG_USERAUTH_REQUEST, + strlen($username), + $username, + strlen('ssh-connection'), + 'ssh-connection', + strlen('password'), + 'password', + 0, + strlen($password), + $password + ); + + // remove the username and password from the logged packet + if (!defined('NET_SSH2_LOGGING')) { + $logged = null; + } else { + $logged = pack( + 'CNa*Na*Na*CNa*', + NET_SSH2_MSG_USERAUTH_REQUEST, + strlen('username'), + 'username', + strlen('ssh-connection'), + 'ssh-connection', + strlen('password'), + 'password', + 0, + strlen('password'), + 'password' + ); + } + + if (!$this->_send_binary_packet($packet, $logged)) { + return false; + } + + $response = $this->_get_binary_packet(); + if ($response === false) { + throw new \RuntimeException('Connection closed by server'); + } + + extract(unpack('Ctype', $this->_string_shift($response, 1))); + + switch ($type) { + case NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ: // in theory, the password can be changed + if (defined('NET_SSH2_LOGGING')) { + $this->message_number_log[count($this->message_number_log) - 1] = 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'; + } + extract(unpack('Nlength', $this->_string_shift($response, 4))); + $this->errors[] = 'SSH_MSG_USERAUTH_PASSWD_CHANGEREQ: ' . utf8_decode($this->_string_shift($response, $length)); + return $this->_disconnect(NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER); + case NET_SSH2_MSG_USERAUTH_FAILURE: + // can we use keyboard-interactive authentication? if not then either the login is bad or the server employees + // multi-factor authentication + extract(unpack('Nlength', $this->_string_shift($response, 4))); + $auth_methods = explode(',', $this->_string_shift($response, $length)); + extract(unpack('Cpartial_success', $this->_string_shift($response, 1))); + $partial_success = $partial_success != 0; + + if (!$partial_success && in_array('keyboard-interactive', $auth_methods)) { + if ($this->_keyboard_interactive_login($username, $password)) { + $this->bitmap |= self::MASK_LOGIN; + return true; + } + return false; + } + return false; + case NET_SSH2_MSG_USERAUTH_SUCCESS: + $this->bitmap |= self::MASK_LOGIN; + return true; + } + + return false; + } + + /** + * Login via keyboard-interactive authentication + * + * See {@link http://tools.ietf.org/html/rfc4256 RFC4256} for details. This is not a full-featured keyboard-interactive authenticator. + * + * @param string $username + * @param string $password + * @return bool + * @access private + */ + function _keyboard_interactive_login($username, $password) + { + $packet = pack( + 'CNa*Na*Na*Na*Na*', + NET_SSH2_MSG_USERAUTH_REQUEST, + strlen($username), + $username, + strlen('ssh-connection'), + 'ssh-connection', + strlen('keyboard-interactive'), + 'keyboard-interactive', + 0, + '', + 0, + '' + ); + + if (!$this->_send_binary_packet($packet)) { + return false; + } + + return $this->_keyboard_interactive_process($password); + } + + /** + * Handle the keyboard-interactive requests / responses. + * + * @param string $responses... + * @return bool + * @throws \RuntimeException on connection error + * @access private + */ + function _keyboard_interactive_process() + { + $responses = func_get_args(); + + if (strlen($this->last_interactive_response)) { + $response = $this->last_interactive_response; + } else { + $orig = $response = $this->_get_binary_packet(); + if ($response === false) { + throw new \RuntimeException('Connection closed by server'); + } + } + + extract(unpack('Ctype', $this->_string_shift($response, 1))); + + switch ($type) { + case NET_SSH2_MSG_USERAUTH_INFO_REQUEST: + extract(unpack('Nlength', $this->_string_shift($response, 4))); + $this->_string_shift($response, $length); // name; may be empty + extract(unpack('Nlength', $this->_string_shift($response, 4))); + $this->_string_shift($response, $length); // instruction; may be empty + extract(unpack('Nlength', $this->_string_shift($response, 4))); + $this->_string_shift($response, $length); // language tag; may be empty + extract(unpack('Nnum_prompts', $this->_string_shift($response, 4))); + + for ($i = 0; $i < count($responses); $i++) { + if (is_array($responses[$i])) { + foreach ($responses[$i] as $key => $value) { + $this->keyboard_requests_responses[$key] = $value; + } + unset($responses[$i]); + } + } + $responses = array_values($responses); + + if (isset($this->keyboard_requests_responses)) { + for ($i = 0; $i < $num_prompts; $i++) { + extract(unpack('Nlength', $this->_string_shift($response, 4))); + // prompt - ie. "Password: "; must not be empty + $prompt = $this->_string_shift($response, $length); + //$echo = $this->_string_shift($response) != chr(0); + foreach ($this->keyboard_requests_responses as $key => $value) { + if (substr($prompt, 0, strlen($key)) == $key) { + $responses[] = $value; + break; + } + } + } + } + + // see http://tools.ietf.org/html/rfc4256#section-3.2 + if (strlen($this->last_interactive_response)) { + $this->last_interactive_response = ''; + } elseif (defined('NET_SSH2_LOGGING')) { + $this->message_number_log[count($this->message_number_log) - 1] = str_replace( + 'UNKNOWN', + 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST', + $this->message_number_log[count($this->message_number_log) - 1] + ); + } + + if (!count($responses) && $num_prompts) { + $this->last_interactive_response = $orig; + return false; + } + + /* + After obtaining the requested information from the user, the client + MUST respond with an SSH_MSG_USERAUTH_INFO_RESPONSE message. + */ + // see http://tools.ietf.org/html/rfc4256#section-3.4 + $packet = $logged = pack('CN', NET_SSH2_MSG_USERAUTH_INFO_RESPONSE, count($responses)); + for ($i = 0; $i < count($responses); $i++) { + $packet.= pack('Na*', strlen($responses[$i]), $responses[$i]); + $logged.= pack('Na*', strlen('dummy-answer'), 'dummy-answer'); + } + + if (!$this->_send_binary_packet($packet, $logged)) { + return false; + } + + if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == self::LOG_COMPLEX) { + $this->message_number_log[count($this->message_number_log) - 1] = str_replace( + 'UNKNOWN', + 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE', + $this->message_number_log[count($this->message_number_log) - 1] + ); + } + + /* + After receiving the response, the server MUST send either an + SSH_MSG_USERAUTH_SUCCESS, SSH_MSG_USERAUTH_FAILURE, or another + SSH_MSG_USERAUTH_INFO_REQUEST message. + */ + // maybe phpseclib should force close the connection after x request / responses? unless something like that is done + // there could be an infinite loop of request / responses. + return $this->_keyboard_interactive_process(); + case NET_SSH2_MSG_USERAUTH_SUCCESS: + return true; + case NET_SSH2_MSG_USERAUTH_FAILURE: + return false; + } + + return false; + } + + /** + * Login with an ssh-agent provided key + * + * @param string $username + * @param \phpseclib\System\SSH\Agent $agent + * @return bool + * @access private + */ + function _ssh_agent_login($username, $agent) + { + $this->agent = $agent; + $keys = $agent->requestIdentities(); + foreach ($keys as $key) { + if ($this->_privatekey_login($username, $key)) { + return true; + } + } + + return false; + } + + /** + * Login with an RSA private key + * + * @param string $username + * @param \phpseclib\Crypt\RSA $password + * @return bool + * @throws \RuntimeException on connection error + * @access private + * @internal It might be worthwhile, at some point, to protect against {@link http://tools.ietf.org/html/rfc4251#section-9.3.9 traffic analysis} + * by sending dummy SSH_MSG_IGNORE messages. + */ + function _privatekey_login($username, $privatekey) + { + // see http://tools.ietf.org/html/rfc4253#page-15 + $publickey = $privatekey->getPublicKey('Raw'); + if ($publickey === false) { + return false; + } + + $publickey = array( + 'e' => $publickey['e']->toBytes(true), + 'n' => $publickey['n']->toBytes(true) + ); + $publickey = pack( + 'Na*Na*Na*', + strlen('ssh-rsa'), + 'ssh-rsa', + strlen($publickey['e']), + $publickey['e'], + strlen($publickey['n']), + $publickey['n'] + ); + + $part1 = pack( + 'CNa*Na*Na*', + NET_SSH2_MSG_USERAUTH_REQUEST, + strlen($username), + $username, + strlen('ssh-connection'), + 'ssh-connection', + strlen('publickey'), + 'publickey' + ); + $part2 = pack('Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($publickey), $publickey); + + $packet = $part1 . chr(0) . $part2; + if (!$this->_send_binary_packet($packet)) { + return false; + } + + $response = $this->_get_binary_packet(); + if ($response === false) { + throw new \RuntimeException('Connection closed by server'); + } + + extract(unpack('Ctype', $this->_string_shift($response, 1))); + + switch ($type) { + case NET_SSH2_MSG_USERAUTH_FAILURE: + extract(unpack('Nlength', $this->_string_shift($response, 4))); + $this->errors[] = 'SSH_MSG_USERAUTH_FAILURE: ' . $this->_string_shift($response, $length); + return false; + case NET_SSH2_MSG_USERAUTH_PK_OK: + // we'll just take it on faith that the public key blob and the public key algorithm name are as + // they should be + if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == self::LOG_COMPLEX) { + $this->message_number_log[count($this->message_number_log) - 1] = str_replace( + 'UNKNOWN', + 'NET_SSH2_MSG_USERAUTH_PK_OK', + $this->message_number_log[count($this->message_number_log) - 1] + ); + } + } + + $packet = $part1 . chr(1) . $part2; + $privatekey->setHash('sha1'); + $signature = $privatekey->sign(pack('Na*a*', strlen($this->session_id), $this->session_id, $packet), RSA::PADDING_PKCS1); + $signature = pack('Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($signature), $signature); + $packet.= pack('Na*', strlen($signature), $signature); + + if (!$this->_send_binary_packet($packet)) { + return false; + } + + $response = $this->_get_binary_packet(); + if ($response === false) { + throw new \RuntimeException('Connection closed by server'); + } + + extract(unpack('Ctype', $this->_string_shift($response, 1))); + + switch ($type) { + case NET_SSH2_MSG_USERAUTH_FAILURE: + // either the login is bad or the server employs multi-factor authentication + return false; + case NET_SSH2_MSG_USERAUTH_SUCCESS: + $this->bitmap |= self::MASK_LOGIN; + return true; + } + + return false; + } + + /** + * Set Timeout + * + * $ssh->exec('ping 127.0.0.1'); on a Linux host will never return and will run indefinitely. setTimeout() makes it so it'll timeout. + * Setting $timeout to false or 0 will mean there is no timeout. + * + * @param mixed $timeout + * @access public + */ + function setTimeout($timeout) + { + $this->timeout = $this->curTimeout = $timeout; + } + + /** + * Get the output from stdError + * + * @access public + */ + function getStdError() + { + return $this->stdErrorLog; + } + + /** + * Execute Command + * + * If $callback is set to false then \phpseclib\Net\SSH2::_get_channel_packet(self::CHANNEL_EXEC) will need to be called manually. + * In all likelihood, this is not a feature you want to be taking advantage of. + * + * @param string $command + * @param Callback $callback + * @return string + * @throws \RuntimeException on connection error + * @access public + */ + function exec($command, $callback = null) + { + $this->curTimeout = $this->timeout; + $this->is_timeout = false; + $this->stdErrorLog = ''; + + if (!($this->bitmap & self::MASK_LOGIN)) { + return false; + } + + // RFC4254 defines the (client) window size as "bytes the other party can send before it must wait for the window to + // be adjusted". 0x7FFFFFFF is, at 2GB, the max size. technically, it should probably be decremented, but, + // honestly, if you're transfering more than 2GB, you probably shouldn't be using phpseclib, anyway. + // see http://tools.ietf.org/html/rfc4254#section-5.2 for more info + $this->window_size_server_to_client[self::CHANNEL_EXEC] = $this->window_size; + // 0x8000 is the maximum max packet size, per http://tools.ietf.org/html/rfc4253#section-6.1, although since PuTTy + // uses 0x4000, that's what will be used here, as well. + $packet_size = 0x4000; + + $packet = pack( + 'CNa*N3', + NET_SSH2_MSG_CHANNEL_OPEN, + strlen('session'), + 'session', + self::CHANNEL_EXEC, + $this->window_size_server_to_client[self::CHANNEL_EXEC], + $packet_size + ); + + if (!$this->_send_binary_packet($packet)) { + return false; + } + + $this->channel_status[self::CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_OPEN; + + $response = $this->_get_channel_packet(self::CHANNEL_EXEC); + if ($response === false) { + return false; + } + + if ($this->request_pty === true) { + $terminal_modes = pack('C', NET_SSH2_TTY_OP_END); + $packet = pack( + 'CNNa*CNa*N5a*', + NET_SSH2_MSG_CHANNEL_REQUEST, + $this->server_channels[self::CHANNEL_EXEC], + strlen('pty-req'), + 'pty-req', + 1, + strlen('vt100'), + 'vt100', + $this->windowColumns, + $this->windowRows, + 0, + 0, + strlen($terminal_modes), + $terminal_modes + ); + + if (!$this->_send_binary_packet($packet)) { + return false; + } + + $response = $this->_get_binary_packet(); + if ($response === false) { + throw new \RuntimeException('Connection closed by server'); + } + + list(, $type) = unpack('C', $this->_string_shift($response, 1)); + + switch ($type) { + case NET_SSH2_MSG_CHANNEL_SUCCESS: + break; + case NET_SSH2_MSG_CHANNEL_FAILURE: + default: + $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); + throw new \RuntimeException('Unable to request pseudo-terminal'); + } + $this->in_request_pty_exec = true; + } + + // sending a pty-req SSH_MSG_CHANNEL_REQUEST message is unnecessary and, in fact, in most cases, slows things + // down. the one place where it might be desirable is if you're doing something like \phpseclib\Net\SSH2::exec('ping localhost &'). + // with a pty-req SSH_MSG_CHANNEL_REQUEST, exec() will return immediately and the ping process will then + // then immediately terminate. without such a request exec() will loop indefinitely. the ping process won't end but + // neither will your script. + + // although, in theory, the size of SSH_MSG_CHANNEL_REQUEST could exceed the maximum packet size established by + // SSH_MSG_CHANNEL_OPEN_CONFIRMATION, RFC4254#section-5.1 states that the "maximum packet size" refers to the + // "maximum size of an individual data packet". ie. SSH_MSG_CHANNEL_DATA. RFC4254#section-5.2 corroborates. + $packet = pack( + 'CNNa*CNa*', + NET_SSH2_MSG_CHANNEL_REQUEST, + $this->server_channels[self::CHANNEL_EXEC], + strlen('exec'), + 'exec', + 1, + strlen($command), + $command + ); + if (!$this->_send_binary_packet($packet)) { + return false; + } + + $this->channel_status[self::CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_REQUEST; + + $response = $this->_get_channel_packet(self::CHANNEL_EXEC); + if ($response === false) { + return false; + } + + $this->channel_status[self::CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_DATA; + + if ($callback === false || $this->in_request_pty_exec) { + return true; + } + + $output = ''; + while (true) { + $temp = $this->_get_channel_packet(self::CHANNEL_EXEC); + switch (true) { + case $temp === true: + return is_callable($callback) ? true : $output; + case $temp === false: + return false; + default: + if (is_callable($callback)) { + if (call_user_func($callback, $temp) === true) { + $this->_close_channel(self::CHANNEL_EXEC); + return true; + } + } else { + $output.= $temp; + } + } + } + } + + /** + * Creates an interactive shell + * + * @see self::read() + * @see self::write() + * @return bool + * @throws \UnexpectedValueException on receipt of unexpected packets + * @throws \RuntimeException on other errors + * @access private + */ + function _initShell() + { + if ($this->in_request_pty_exec === true) { + return true; + } + + $this->window_size_server_to_client[self::CHANNEL_SHELL] = $this->window_size; + $packet_size = 0x4000; + + $packet = pack( + 'CNa*N3', + NET_SSH2_MSG_CHANNEL_OPEN, + strlen('session'), + 'session', + self::CHANNEL_SHELL, + $this->window_size_server_to_client[self::CHANNEL_SHELL], + $packet_size + ); + + if (!$this->_send_binary_packet($packet)) { + return false; + } + + $this->channel_status[self::CHANNEL_SHELL] = NET_SSH2_MSG_CHANNEL_OPEN; + + $response = $this->_get_channel_packet(self::CHANNEL_SHELL); + if ($response === false) { + return false; + } + + $terminal_modes = pack('C', NET_SSH2_TTY_OP_END); + $packet = pack( + 'CNNa*CNa*N5a*', + NET_SSH2_MSG_CHANNEL_REQUEST, + $this->server_channels[self::CHANNEL_SHELL], + strlen('pty-req'), + 'pty-req', + 1, + strlen('vt100'), + 'vt100', + $this->windowColumns, + $this->windowRows, + 0, + 0, + strlen($terminal_modes), + $terminal_modes + ); + + if (!$this->_send_binary_packet($packet)) { + return false; + } + + $response = $this->_get_binary_packet(); + if ($response === false) { + throw new \RuntimeException('Connection closed by server'); + } + + list(, $type) = unpack('C', $this->_string_shift($response, 1)); + + switch ($type) { + case NET_SSH2_MSG_CHANNEL_SUCCESS: + // if a pty can't be opened maybe commands can still be executed + case NET_SSH2_MSG_CHANNEL_FAILURE: + break; + default: + $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); + throw new \UnexpectedValueException('Unable to request pseudo-terminal'); + } + + $packet = pack( + 'CNNa*C', + NET_SSH2_MSG_CHANNEL_REQUEST, + $this->server_channels[self::CHANNEL_SHELL], + strlen('shell'), + 'shell', + 1 + ); + if (!$this->_send_binary_packet($packet)) { + return false; + } + + $this->channel_status[self::CHANNEL_SHELL] = NET_SSH2_MSG_CHANNEL_REQUEST; + + $response = $this->_get_channel_packet(self::CHANNEL_SHELL); + if ($response === false) { + return false; + } + + $this->channel_status[self::CHANNEL_SHELL] = NET_SSH2_MSG_CHANNEL_DATA; + + $this->bitmap |= self::MASK_SHELL; + + return true; + } + + /** + * Return the channel to be used with read() / write() + * + * @see self::read() + * @see self::write() + * @return int + * @access public + */ + function _get_interactive_channel() + { + switch (true) { + case $this->in_subsystem: + return self::CHANNEL_SUBSYSTEM; + case $this->in_request_pty_exec: + return self::CHANNEL_EXEC; + default: + return self::CHANNEL_SHELL; + } + } + + /** + * Return an available open channel + * + * @return int + * @access public + */ + function _get_open_channel() + { + $channel = self::CHANNEL_EXEC; + do { + if (isset($this->channel_status[$channel]) && $this->channel_status[$channel] == NET_SSH2_MSG_CHANNEL_OPEN) { + return $channel; + } + } while ($channel++ < self::CHANNEL_SUBSYSTEM); + + return false; + } + + /** + * Returns the output of an interactive shell + * + * Returns when there's a match for $expect, which can take the form of a string literal or, + * if $mode == self::READ_REGEX, a regular expression. + * + * @see self::write() + * @param string $expect + * @param int $mode + * @return string + * @throws \RuntimeException on connection error + * @access public + */ + function read($expect = '', $mode = self::READ_SIMPLE) + { + $this->curTimeout = $this->timeout; + $this->is_timeout = false; + + if (!($this->bitmap & self::MASK_LOGIN)) { + throw new \RuntimeException('Operation disallowed prior to login()'); + } + + if (!($this->bitmap & self::MASK_SHELL) && !$this->_initShell()) { + throw new \RuntimeException('Unable to initiate an interactive shell session'); + } + + $channel = $this->_get_interactive_channel(); + + $match = $expect; + while (true) { + if ($mode == self::READ_REGEX) { + preg_match($expect, substr($this->interactiveBuffer, -1024), $matches); + $match = isset($matches[0]) ? $matches[0] : ''; + } + $pos = strlen($match) ? strpos($this->interactiveBuffer, $match) : false; + if ($pos !== false) { + return $this->_string_shift($this->interactiveBuffer, $pos + strlen($match)); + } + $response = $this->_get_channel_packet($channel); + if (is_bool($response)) { + $this->in_request_pty_exec = false; + return $response ? $this->_string_shift($this->interactiveBuffer, strlen($this->interactiveBuffer)) : false; + } + + $this->interactiveBuffer.= $response; + } + } + + /** + * Inputs a command into an interactive shell. + * + * @see self::read() + * @param string $cmd + * @return bool + * @throws \RuntimeException on connection error + * @access public + */ + function write($cmd) + { + if (!($this->bitmap & self::MASK_LOGIN)) { + throw new \RuntimeException('Operation disallowed prior to login()'); + } + + if (!($this->bitmap & self::MASK_SHELL) && !$this->_initShell()) { + throw new \RuntimeException('Unable to initiate an interactive shell session'); + } + + return $this->_send_channel_packet($this->_get_interactive_channel(), $cmd); + } + + /** + * Start a subsystem. + * + * Right now only one subsystem at a time is supported. To support multiple subsystem's stopSubsystem() could accept + * a string that contained the name of the subsystem, but at that point, only one subsystem of each type could be opened. + * To support multiple subsystem's of the same name maybe it'd be best if startSubsystem() generated a new channel id and + * returns that and then that that was passed into stopSubsystem() but that'll be saved for a future date and implemented + * if there's sufficient demand for such a feature. + * + * @see self::stopSubsystem() + * @param string $subsystem + * @return bool + * @access public + */ + function startSubsystem($subsystem) + { + $this->window_size_server_to_client[self::CHANNEL_SUBSYSTEM] = $this->window_size; + + $packet = pack( + 'CNa*N3', + NET_SSH2_MSG_CHANNEL_OPEN, + strlen('session'), + 'session', + self::CHANNEL_SUBSYSTEM, + $this->window_size, + 0x4000 + ); + + if (!$this->_send_binary_packet($packet)) { + return false; + } + + $this->channel_status[self::CHANNEL_SUBSYSTEM] = NET_SSH2_MSG_CHANNEL_OPEN; + + $response = $this->_get_channel_packet(self::CHANNEL_SUBSYSTEM); + if ($response === false) { + return false; + } + + $packet = pack( + 'CNNa*CNa*', + NET_SSH2_MSG_CHANNEL_REQUEST, + $this->server_channels[self::CHANNEL_SUBSYSTEM], + strlen('subsystem'), + 'subsystem', + 1, + strlen($subsystem), + $subsystem + ); + if (!$this->_send_binary_packet($packet)) { + return false; + } + + $this->channel_status[self::CHANNEL_SUBSYSTEM] = NET_SSH2_MSG_CHANNEL_REQUEST; + + $response = $this->_get_channel_packet(self::CHANNEL_SUBSYSTEM); + + if ($response === false) { + return false; + } + + $this->channel_status[self::CHANNEL_SUBSYSTEM] = NET_SSH2_MSG_CHANNEL_DATA; + + $this->bitmap |= self::MASK_SHELL; + $this->in_subsystem = true; + + return true; + } + + /** + * Stops a subsystem. + * + * @see self::startSubsystem() + * @return bool + * @access public + */ + function stopSubsystem() + { + $this->in_subsystem = false; + $this->_close_channel(self::CHANNEL_SUBSYSTEM); + return true; + } + + /** + * Closes a channel + * + * If read() timed out you might want to just close the channel and have it auto-restart on the next read() call + * + * @access public + */ + function reset() + { + $this->_close_channel($this->_get_interactive_channel()); + } + + /** + * Is timeout? + * + * Did exec() or read() return because they timed out or because they encountered the end? + * + * @access public + */ + function isTimeout() + { + return $this->is_timeout; + } + + /** + * Disconnect + * + * @access public + */ + function disconnect() + { + $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); + if (isset($this->realtime_log_file) && is_resource($this->realtime_log_file)) { + fclose($this->realtime_log_file); + } + unset(self::$connections[$this->getResourceId()]); + } + + /** + * Destructor. + * + * Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call + * disconnect(). + * + * @access public + */ + function __destruct() + { + $this->disconnect(); + } + + /** + * Is the connection still active? + * + * @return bool + * @access public + */ + function isConnected() + { + return (bool) ($this->bitmap & self::MASK_CONNECTED); + } + + /** + * Have you successfully been logged in? + * + * @return bool + * @access public + */ + function isAuthenticated() + { + return (bool) ($this->bitmap & self::MASK_LOGIN); + } + + /** + * Gets Binary Packets + * + * See '6. Binary Packet Protocol' of rfc4253 for more info. + * + * @see self::_send_binary_packet() + * @return string + * @throws \RuntimeException on connection errors + * @access private + */ + function _get_binary_packet() + { + if (!is_resource($this->fsock) || feof($this->fsock)) { + $this->bitmap = 0; + throw new \RuntimeException('Connection closed prematurely'); + } + + $start = microtime(true); + $raw = stream_get_contents($this->fsock, $this->decrypt_block_size); + + if (!strlen($raw)) { + return ''; + } + + if ($this->decrypt !== false) { + $raw = $this->decrypt->decrypt($raw); + } + if ($raw === false) { + throw new \RuntimeException('Unable to decrypt content'); + } + + extract(unpack('Npacket_length/Cpadding_length', $this->_string_shift($raw, 5))); + + $remaining_length = $packet_length + 4 - $this->decrypt_block_size; + + // quoting , + // "implementations SHOULD check that the packet length is reasonable" + // PuTTY uses 0x9000 as the actual max packet size and so to shall we + if ($remaining_length < -$this->decrypt_block_size || $remaining_length > 0x9000 || $remaining_length % $this->decrypt_block_size != 0) { + throw new \RuntimeException('Invalid size'); + } + + $buffer = ''; + while ($remaining_length > 0) { + $temp = stream_get_contents($this->fsock, $remaining_length); + if ($temp === false || feof($this->fsock)) { + $this->bitmap = 0; + throw new \RuntimeException('Error reading from socket'); + } + $buffer.= $temp; + $remaining_length-= strlen($temp); + } + $stop = microtime(true); + if (strlen($buffer)) { + $raw.= $this->decrypt !== false ? $this->decrypt->decrypt($buffer) : $buffer; + } + + $payload = $this->_string_shift($raw, $packet_length - $padding_length - 1); + $padding = $this->_string_shift($raw, $padding_length); // should leave $raw empty + + if ($this->hmac_check !== false) { + $hmac = stream_get_contents($this->fsock, $this->hmac_size); + if ($hmac === false || strlen($hmac) != $this->hmac_size) { + $this->bitmap = 0; + throw new \RuntimeException('Error reading socket'); + } elseif ($hmac != $this->hmac_check->hash(pack('NNCa*', $this->get_seq_no, $packet_length, $padding_length, $payload . $padding))) { + throw new \RuntimeException('Invalid HMAC'); + } + } + + //if ($this->decompress) { + // $payload = gzinflate(substr($payload, 2)); + //} + + $this->get_seq_no++; + + if (defined('NET_SSH2_LOGGING')) { + $current = microtime(true); + $message_number = isset($this->message_numbers[ord($payload[0])]) ? $this->message_numbers[ord($payload[0])] : 'UNKNOWN (' . ord($payload[0]) . ')'; + $message_number = '<- ' . $message_number . + ' (since last: ' . round($current - $this->last_packet, 4) . ', network: ' . round($stop - $start, 4) . 's)'; + $this->_append_log($message_number, $payload); + $this->last_packet = $current; + } + + return $this->_filter($payload); + } + + /** + * Filter Binary Packets + * + * Because some binary packets need to be ignored... + * + * @see self::_get_binary_packet() + * @return string + * @access private + */ + function _filter($payload) + { + switch (ord($payload[0])) { + case NET_SSH2_MSG_DISCONNECT: + $this->_string_shift($payload, 1); + extract(unpack('Nreason_code/Nlength', $this->_string_shift($payload, 8))); + $this->errors[] = 'SSH_MSG_DISCONNECT: ' . $this->disconnect_reasons[$reason_code] . "\r\n" . utf8_decode($this->_string_shift($payload, $length)); + $this->bitmap = 0; + return false; + case NET_SSH2_MSG_IGNORE: + $payload = $this->_get_binary_packet(); + break; + case NET_SSH2_MSG_DEBUG: + $this->_string_shift($payload, 2); + extract(unpack('Nlength', $this->_string_shift($payload, 4))); + $this->errors[] = 'SSH_MSG_DEBUG: ' . utf8_decode($this->_string_shift($payload, $length)); + $payload = $this->_get_binary_packet(); + break; + case NET_SSH2_MSG_UNIMPLEMENTED: + return false; + case NET_SSH2_MSG_KEXINIT: + if ($this->session_id !== false) { + if (!$this->_key_exchange($payload)) { + $this->bitmap = 0; + return false; + } + $payload = $this->_get_binary_packet(); + } + } + + // see http://tools.ietf.org/html/rfc4252#section-5.4; only called when the encryption has been activated and when we haven't already logged in + if (($this->bitmap & self::MASK_CONNECTED) && !($this->bitmap & self::MASK_LOGIN) && ord($payload[0]) == NET_SSH2_MSG_USERAUTH_BANNER) { + $this->_string_shift($payload, 1); + extract(unpack('Nlength', $this->_string_shift($payload, 4))); + $this->banner_message = utf8_decode($this->_string_shift($payload, $length)); + $payload = $this->_get_binary_packet(); + } + + // only called when we've already logged in + if (($this->bitmap & self::MASK_CONNECTED) && ($this->bitmap & self::MASK_LOGIN)) { + switch (ord($payload[0])) { + case NET_SSH2_MSG_GLOBAL_REQUEST: // see http://tools.ietf.org/html/rfc4254#section-4 + extract(unpack('Nlength', $this->_string_shift($payload, 4))); + $this->errors[] = 'SSH_MSG_GLOBAL_REQUEST: ' . $this->_string_shift($payload, $length); + + if (!$this->_send_binary_packet(pack('C', NET_SSH2_MSG_REQUEST_FAILURE))) { + return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); + } + + $payload = $this->_get_binary_packet(); + break; + case NET_SSH2_MSG_CHANNEL_OPEN: // see http://tools.ietf.org/html/rfc4254#section-5.1 + $this->_string_shift($payload, 1); + extract(unpack('Nlength', $this->_string_shift($payload, 4))); + $data = $this->_string_shift($payload, $length); + extract(unpack('Nserver_channel', $this->_string_shift($payload, 4))); + switch ($data) { + case 'auth-agent': + case 'auth-agent@openssh.com': + if (isset($this->agent)) { + $new_channel = self::CHANNEL_AGENT_FORWARD; + + extract(unpack('Nremote_window_size', $this->_string_shift($payload, 4))); + extract(unpack('Nremote_maximum_packet_size', $this->_string_shift($payload, 4))); + + $this->packet_size_client_to_server[$new_channel] = $remote_window_size; + $this->window_size_server_to_client[$new_channel] = $remote_maximum_packet_size; + $this->window_size_client_to_server[$new_channel] = $this->window_size; + + $packet_size = 0x4000; + + $packet = pack( + 'CN4', + NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, + $server_channel, + $new_channel, + $packet_size, + $packet_size + ); + + $this->server_channels[$new_channel] = $server_channel; + $this->channel_status[$new_channel] = NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION; + if (!$this->_send_binary_packet($packet)) { + return false; + } + } + break; + default: + $packet = pack( + 'CN3a*Na*', + NET_SSH2_MSG_REQUEST_FAILURE, + $server_channel, + NET_SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED, + 0, + '', + 0, + '' + ); + + if (!$this->_send_binary_packet($packet)) { + return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); + } + } + $payload = $this->_get_binary_packet(); + break; + case NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST: + $this->_string_shift($payload, 1); + extract(unpack('Nchannel', $this->_string_shift($payload, 4))); + extract(unpack('Nwindow_size', $this->_string_shift($payload, 4))); + $this->window_size_client_to_server[$channel]+= $window_size; + + $payload = ($this->bitmap & self::MASK_WINDOW_ADJUST) ? true : $this->_get_binary_packet(); + } + } + + return $payload; + } + + /** + * Enable Quiet Mode + * + * Suppress stderr from output + * + * @access public + */ + function enableQuietMode() + { + $this->quiet_mode = true; + } + + /** + * Disable Quiet Mode + * + * Show stderr in output + * + * @access public + */ + function disableQuietMode() + { + $this->quiet_mode = false; + } + + /** + * Returns whether Quiet Mode is enabled or not + * + * @see self::enableQuietMode() + * @see self::disableQuietMode() + * @access public + * @return bool + */ + function isQuietModeEnabled() + { + return $this->quiet_mode; + } + + /** + * Enable request-pty when using exec() + * + * @access public + */ + function enablePTY() + { + $this->request_pty = true; + } + + /** + * Disable request-pty when using exec() + * + * @access public + */ + function disablePTY() + { + $this->request_pty = false; + } + + /** + * Returns whether request-pty is enabled or not + * + * @see self::enablePTY() + * @see self::disablePTY() + * @access public + * @return bool + */ + function isPTYEnabled() + { + return $this->request_pty; + } + + /** + * Gets channel data + * + * Returns the data as a string if it's available and false if not. + * + * @param $client_channel + * @return mixed + * @throws \RuntimeException on connection error + * @access private + */ + function _get_channel_packet($client_channel, $skip_extended = false) + { + if (!empty($this->channel_buffers[$client_channel])) { + return array_shift($this->channel_buffers[$client_channel]); + } + + while (true) { + if ($this->curTimeout) { + if ($this->curTimeout < 0) { + $this->is_timeout = true; + return true; + } + + $read = array($this->fsock); + $write = $except = null; + + $start = microtime(true); + $sec = floor($this->curTimeout); + $usec = 1000000 * ($this->curTimeout - $sec); + // on windows this returns a "Warning: Invalid CRT parameters detected" error + if (!@stream_select($read, $write, $except, $sec, $usec) && !count($read)) { + $this->is_timeout = true; + return true; + } + $elapsed = microtime(true) - $start; + $this->curTimeout-= $elapsed; + } + + $response = $this->_get_binary_packet(); + if ($response === false) { + throw new \RuntimeException('Connection closed by server'); + } + if ($client_channel == -1 && $response === true) { + return true; + } + if (!strlen($response)) { + return ''; + } + + extract(unpack('Ctype', $this->_string_shift($response, 1))); + + if ($type == NET_SSH2_MSG_CHANNEL_OPEN) { + extract(unpack('Nlength', $this->_string_shift($response, 4))); + } else { + extract(unpack('Nchannel', $this->_string_shift($response, 4))); + } + + // will not be setup yet on incoming channel open request + if (isset($channel) && isset($this->channel_status[$channel]) && isset($this->window_size_server_to_client[$channel])) { + $this->window_size_server_to_client[$channel]-= strlen($response); + + // resize the window, if appropriate + if ($this->window_size_server_to_client[$channel] < 0) { + $packet = pack('CNN', NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST, $this->server_channels[$channel], $this->window_size); + if (!$this->_send_binary_packet($packet)) { + return false; + } + $this->window_size_server_to_client[$channel]+= $this->window_size; + } + + switch ($this->channel_status[$channel]) { + case NET_SSH2_MSG_CHANNEL_OPEN: + switch ($type) { + case NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION: + extract(unpack('Nserver_channel', $this->_string_shift($response, 4))); + $this->server_channels[$channel] = $server_channel; + extract(unpack('Nwindow_size', $this->_string_shift($response, 4))); + if ($window_size < 0) { + $window_size&= 0x7FFFFFFF; + $window_size+= 0x80000000; + } + $this->window_size_client_to_server[$channel] = $window_size; + $temp = unpack('Npacket_size_client_to_server', $this->_string_shift($response, 4)); + $this->packet_size_client_to_server[$channel] = $temp['packet_size_client_to_server']; + $result = $client_channel == $channel ? true : $this->_get_channel_packet($client_channel, $skip_extended); + $this->_on_channel_open(); + return $result; + //case NET_SSH2_MSG_CHANNEL_OPEN_FAILURE: + default: + $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); + throw new \RuntimeException('Unable to open channel'); + } + break; + case NET_SSH2_MSG_CHANNEL_REQUEST: + switch ($type) { + case NET_SSH2_MSG_CHANNEL_SUCCESS: + return true; + case NET_SSH2_MSG_CHANNEL_FAILURE: + return false; + default: + $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); + throw new \RuntimeException('Unable to fulfill channel request'); + } + case NET_SSH2_MSG_CHANNEL_CLOSE: + return $type == NET_SSH2_MSG_CHANNEL_CLOSE ? true : $this->_get_channel_packet($client_channel, $skip_extended); + } + } + + // ie. $this->channel_status[$channel] == NET_SSH2_MSG_CHANNEL_DATA + + switch ($type) { + case NET_SSH2_MSG_CHANNEL_DATA: + /* + if ($channel == self::CHANNEL_EXEC) { + // SCP requires null packets, such as this, be sent. further, in the case of the ssh.com SSH server + // this actually seems to make things twice as fast. more to the point, the message right after + // SSH_MSG_CHANNEL_DATA (usually SSH_MSG_IGNORE) won't block for as long as it would have otherwise. + // in OpenSSH it slows things down but only by a couple thousandths of a second. + $this->_send_channel_packet($channel, chr(0)); + } + */ + extract(unpack('Nlength', $this->_string_shift($response, 4))); + $data = $this->_string_shift($response, $length); + + if ($channel == self::CHANNEL_AGENT_FORWARD) { + $agent_response = $this->agent->_forward_data($data); + if (!is_bool($agent_response)) { + $this->_send_channel_packet($channel, $agent_response); + } + break; + } + + if ($client_channel == $channel) { + return $data; + } + if (!isset($this->channel_buffers[$channel])) { + $this->channel_buffers[$channel] = array(); + } + $this->channel_buffers[$channel][] = $data; + break; + case NET_SSH2_MSG_CHANNEL_EXTENDED_DATA: + /* + if ($client_channel == self::CHANNEL_EXEC) { + $this->_send_channel_packet($client_channel, chr(0)); + } + */ + // currently, there's only one possible value for $data_type_code: NET_SSH2_EXTENDED_DATA_STDERR + extract(unpack('Ndata_type_code/Nlength', $this->_string_shift($response, 8))); + $data = $this->_string_shift($response, $length); + $this->stdErrorLog.= $data; + if ($skip_extended || $this->quiet_mode) { + break; + } + if ($client_channel == $channel) { + return $data; + } + if (!isset($this->channel_buffers[$channel])) { + $this->channel_buffers[$channel] = array(); + } + $this->channel_buffers[$channel][] = $data; + break; + case NET_SSH2_MSG_CHANNEL_REQUEST: + extract(unpack('Nlength', $this->_string_shift($response, 4))); + $value = $this->_string_shift($response, $length); + switch ($value) { + case 'exit-signal': + $this->_string_shift($response, 1); + extract(unpack('Nlength', $this->_string_shift($response, 4))); + $this->errors[] = 'SSH_MSG_CHANNEL_REQUEST (exit-signal): ' . $this->_string_shift($response, $length); + $this->_string_shift($response, 1); + extract(unpack('Nlength', $this->_string_shift($response, 4))); + if ($length) { + $this->errors[count($this->errors)].= "\r\n" . $this->_string_shift($response, $length); + } + + $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel])); + $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$channel])); + + $this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_EOF; + + break; + case 'exit-status': + extract(unpack('Cfalse/Nexit_status', $this->_string_shift($response, 5))); + $this->exit_status = $exit_status; + + // "The client MAY ignore these messages." + // -- http://tools.ietf.org/html/rfc4254#section-6.10 + + break; + default: + // "Some systems may not implement signals, in which case they SHOULD ignore this message." + // -- http://tools.ietf.org/html/rfc4254#section-6.9 + break; + } + break; + case NET_SSH2_MSG_CHANNEL_CLOSE: + $this->curTimeout = 0; + + if ($this->bitmap & self::MASK_SHELL) { + $this->bitmap&= ~self::MASK_SHELL; + } + if ($this->channel_status[$channel] != NET_SSH2_MSG_CHANNEL_EOF) { + $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$channel])); + } + + $this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_CLOSE; + return true; + case NET_SSH2_MSG_CHANNEL_EOF: + break; + default: + $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); + throw new \RuntimeException('Error reading channel data'); + } + } + } + + /** + * Sends Binary Packets + * + * See '6. Binary Packet Protocol' of rfc4253 for more info. + * + * @param string $data + * @param string $logged + * @see self::_get_binary_packet() + * @return bool + * @access private + */ + function _send_binary_packet($data, $logged = null) + { + if (!is_resource($this->fsock) || feof($this->fsock)) { + $this->bitmap = 0; + throw new \RuntimeException('Connection closed prematurely'); + } + + //if ($this->compress) { + // // the -4 removes the checksum: + // // http://php.net/function.gzcompress#57710 + // $data = substr(gzcompress($data), 0, -4); + //} + + // 4 (packet length) + 1 (padding length) + 4 (minimal padding amount) == 9 + $packet_length = strlen($data) + 9; + // round up to the nearest $this->encrypt_block_size + $packet_length+= (($this->encrypt_block_size - 1) * $packet_length) % $this->encrypt_block_size; + // subtracting strlen($data) is obvious - subtracting 5 is necessary because of packet_length and padding_length + $padding_length = $packet_length - strlen($data) - 5; + $padding = Random::string($padding_length); + + // we subtract 4 from packet_length because the packet_length field isn't supposed to include itself + $packet = pack('NCa*', $packet_length - 4, $padding_length, $data . $padding); + + $hmac = $this->hmac_create !== false ? $this->hmac_create->hash(pack('Na*', $this->send_seq_no, $packet)) : ''; + $this->send_seq_no++; + + if ($this->encrypt !== false) { + $packet = $this->encrypt->encrypt($packet); + } + + $packet.= $hmac; + + $start = microtime(true); + $result = strlen($packet) == fputs($this->fsock, $packet); + $stop = microtime(true); + + if (defined('NET_SSH2_LOGGING')) { + $current = microtime(true); + $message_number = isset($this->message_numbers[ord($data[0])]) ? $this->message_numbers[ord($data[0])] : 'UNKNOWN (' . ord($data[0]) . ')'; + $message_number = '-> ' . $message_number . + ' (since last: ' . round($current - $this->last_packet, 4) . ', network: ' . round($stop - $start, 4) . 's)'; + $this->_append_log($message_number, isset($logged) ? $logged : $data); + $this->last_packet = $current; + } + + return $result; + } + + /** + * Logs data packets + * + * Makes sure that only the last 1MB worth of packets will be logged + * + * @param string $data + * @access private + */ + function _append_log($message_number, $message) + { + // remove the byte identifying the message type from all but the first two messages (ie. the identification strings) + if (strlen($message_number) > 2) { + $this->_string_shift($message); + } + + switch (NET_SSH2_LOGGING) { + // useful for benchmarks + case self::LOG_SIMPLE: + $this->message_number_log[] = $message_number; + break; + // the most useful log for SSH2 + case self::LOG_COMPLEX: + $this->message_number_log[] = $message_number; + $this->log_size+= strlen($message); + $this->message_log[] = $message; + while ($this->log_size > self::LOG_MAX_SIZE) { + $this->log_size-= strlen(array_shift($this->message_log)); + array_shift($this->message_number_log); + } + break; + // dump the output out realtime; packets may be interspersed with non packets, + // passwords won't be filtered out and select other packets may not be correctly + // identified + case self::LOG_REALTIME: + switch (PHP_SAPI) { + case 'cli': + $start = $stop = "\r\n"; + break; + default: + $start = '
    ';
+                        $stop = '
    '; + } + echo $start . $this->_format_log(array($message), array($message_number)) . $stop; + @flush(); + @ob_flush(); + break; + // basically the same thing as self::LOG_REALTIME with the caveat that NET_SFTP_LOG_REALTIME_FILENAME + // needs to be defined and that the resultant log file will be capped out at self::LOG_MAX_SIZE. + // the earliest part of the log file is denoted by the first <<< START >>> and is not going to necessarily + // at the beginning of the file + case self::LOG_REALTIME_FILE: + if (!isset($this->realtime_log_file)) { + // PHP doesn't seem to like using constants in fopen() + $filename = NET_SSH2_LOG_REALTIME_FILENAME; + $fp = fopen($filename, 'w'); + $this->realtime_log_file = $fp; + } + if (!is_resource($this->realtime_log_file)) { + break; + } + $entry = $this->_format_log(array($message), array($message_number)); + if ($this->realtime_log_wrap) { + $temp = "<<< START >>>\r\n"; + $entry.= $temp; + fseek($this->realtime_log_file, ftell($this->realtime_log_file) - strlen($temp)); + } + $this->realtime_log_size+= strlen($entry); + if ($this->realtime_log_size > self::LOG_MAX_SIZE) { + fseek($this->realtime_log_file, 0); + $this->realtime_log_size = strlen($entry); + $this->realtime_log_wrap = true; + } + fputs($this->realtime_log_file, $entry); + } + } + + /** + * Sends channel data + * + * Spans multiple SSH_MSG_CHANNEL_DATAs if appropriate + * + * @param int $client_channel + * @param string $data + * @return bool + * @access private + */ + function _send_channel_packet($client_channel, $data) + { + while (strlen($data)) { + if (!$this->window_size_client_to_server[$client_channel]) { + $this->bitmap^= self::MASK_WINDOW_ADJUST; + // using an invalid channel will let the buffers be built up for the valid channels + $this->_get_channel_packet(-1); + $this->bitmap^= self::MASK_WINDOW_ADJUST; + } + + /* The maximum amount of data allowed is determined by the maximum + packet size for the channel, and the current window size, whichever + is smaller. + -- http://tools.ietf.org/html/rfc4254#section-5.2 */ + $max_size = min( + $this->packet_size_client_to_server[$client_channel], + $this->window_size_client_to_server[$client_channel] + ); + + $temp = $this->_string_shift($data, $max_size); + $packet = pack( + 'CN2a*', + NET_SSH2_MSG_CHANNEL_DATA, + $this->server_channels[$client_channel], + strlen($temp), + $temp + ); + $this->window_size_client_to_server[$client_channel]-= strlen($temp); + if (!$this->_send_binary_packet($packet)) { + return false; + } + } + + return true; + } + + /** + * Closes and flushes a channel + * + * \phpseclib\Net\SSH2 doesn't properly close most channels. For exec() channels are normally closed by the server + * and for SFTP channels are presumably closed when the client disconnects. This functions is intended + * for SCP more than anything. + * + * @param int $client_channel + * @param bool $want_reply + * @return bool + * @access private + */ + function _close_channel($client_channel, $want_reply = false) + { + // see http://tools.ietf.org/html/rfc4254#section-5.3 + + $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel])); + + if (!$want_reply) { + $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$client_channel])); + } + + $this->channel_status[$client_channel] = NET_SSH2_MSG_CHANNEL_CLOSE; + + $this->curTimeout = 0; + + while (!is_bool($this->_get_channel_packet($client_channel))) { + } + + if ($want_reply) { + $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$client_channel])); + } + + if ($this->bitmap & self::MASK_SHELL) { + $this->bitmap&= ~self::MASK_SHELL; + } + } + + /** + * Disconnect + * + * @param int $reason + * @return bool + * @access private + */ + function _disconnect($reason) + { + if ($this->bitmap & self::MASK_CONNECTED) { + $data = pack('CNNa*Na*', NET_SSH2_MSG_DISCONNECT, $reason, 0, '', 0, ''); + $this->_send_binary_packet($data); + $this->bitmap = 0; + fclose($this->fsock); + return false; + } + } + + /** + * String Shift + * + * Inspired by array_shift + * + * @param string $string + * @param int $index + * @return string + * @access private + */ + function _string_shift(&$string, $index = 1) + { + $substr = substr($string, 0, $index); + $string = substr($string, $index); + return $substr; + } + + /** + * Define Array + * + * Takes any number of arrays whose indices are integers and whose values are strings and defines a bunch of + * named constants from it, using the value as the name of the constant and the index as the value of the constant. + * If any of the constants that would be defined already exists, none of the constants will be defined. + * + * @param array $array + * @access private + */ + function _define_array() + { + $args = func_get_args(); + foreach ($args as $arg) { + foreach ($arg as $key => $value) { + if (!defined($value)) { + define($value, $key); + } else { + break 2; + } + } + } + } + + /** + * Returns a log of the packets that have been sent and received. + * + * Returns a string if NET_SSH2_LOGGING == self::LOG_COMPLEX, an array if NET_SSH2_LOGGING == self::LOG_SIMPLE and false if !defined('NET_SSH2_LOGGING') + * + * @access public + * @return array|false|string + */ + function getLog() + { + if (!defined('NET_SSH2_LOGGING')) { + return false; + } + + switch (NET_SSH2_LOGGING) { + case self::LOG_SIMPLE: + return $this->message_number_log; + break; + case self::LOG_COMPLEX: + return $this->_format_log($this->message_log, $this->message_number_log); + break; + default: + return false; + } + } + + /** + * Formats a log for printing + * + * @param array $message_log + * @param array $message_number_log + * @access private + * @return string + */ + function _format_log($message_log, $message_number_log) + { + $output = ''; + for ($i = 0; $i < count($message_log); $i++) { + $output.= $message_number_log[$i] . "\r\n"; + $current_log = $message_log[$i]; + $j = 0; + do { + if (strlen($current_log)) { + $output.= str_pad(dechex($j), 7, '0', STR_PAD_LEFT) . '0 '; + } + $fragment = $this->_string_shift($current_log, $this->log_short_width); + $hex = substr(preg_replace_callback('#.#s', array($this, '_format_log_helper'), $fragment), strlen($this->log_boundary)); + // replace non ASCII printable characters with dots + // http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters + // also replace < with a . since < messes up the output on web browsers + $raw = preg_replace('#[^\x20-\x7E]|<#', '.', $fragment); + $output.= str_pad($hex, $this->log_long_width - $this->log_short_width, ' ') . $raw . "\r\n"; + $j++; + } while (strlen($current_log)); + $output.= "\r\n"; + } + + return $output; + } + + /** + * Helper function for _format_log + * + * For use with preg_replace_callback() + * + * @param array $matches + * @access private + * @return string + */ + function _format_log_helper($matches) + { + return $this->log_boundary . str_pad(dechex(ord($matches[0])), 2, '0', STR_PAD_LEFT); + } + + /** + * Helper function for agent->_on_channel_open() + * + * Used when channels are created to inform agent + * of said channel opening. Must be called after + * channel open confirmation received + * + * @access private + */ + function _on_channel_open() + { + if (isset($this->agent)) { + $this->agent->_on_channel_open($this); + } + } + + /** + * Returns the first value of the intersection of two arrays or false if + * the intersection is empty. The order is defined by the first parameter. + * + * @param array $array1 + * @param array $array2 + * @return mixed False if intersection is empty, else intersected value. + * @access private + */ + function _array_intersect_first($array1, $array2) + { + foreach ($array1 as $value) { + if (in_array($value, $array2)) { + return $value; + } + } + return false; + } + + /** + * Returns all errors + * + * @return string[] + * @access public + */ + function getErrors() + { + return $this->errors; + } + + /** + * Returns the last error + * + * @return string + * @access public + */ + function getLastError() + { + $count = count($this->errors); + + if ($count > 0) { + return $this->errors[$count - 1]; + } + } + + /** + * Return the server identification. + * + * @return string + * @access public + */ + function getServerIdentification() + { + $this->_connect(); + + return $this->server_identifier; + } + + /** + * Return a list of the key exchange algorithms the server supports. + * + * @return array + * @access public + */ + function getKexAlgorithms() + { + $this->_connect(); + + return $this->kex_algorithms; + } + + /** + * Return a list of the host key (public key) algorithms the server supports. + * + * @return array + * @access public + */ + function getServerHostKeyAlgorithms() + { + $this->_connect(); + + return $this->server_host_key_algorithms; + } + + /** + * Return a list of the (symmetric key) encryption algorithms the server supports, when receiving stuff from the client. + * + * @return array + * @access public + */ + function getEncryptionAlgorithmsClient2Server() + { + $this->_connect(); + + return $this->encryption_algorithms_client_to_server; + } + + /** + * Return a list of the (symmetric key) encryption algorithms the server supports, when sending stuff to the client. + * + * @return array + * @access public + */ + function getEncryptionAlgorithmsServer2Client() + { + $this->_connect(); + + return $this->encryption_algorithms_server_to_client; + } + + /** + * Return a list of the MAC algorithms the server supports, when receiving stuff from the client. + * + * @return array + * @access public + */ + function getMACAlgorithmsClient2Server() + { + $this->_connect(); + + return $this->mac_algorithms_client_to_server; + } + + /** + * Return a list of the MAC algorithms the server supports, when sending stuff to the client. + * + * @return array + * @access public + */ + function getMACAlgorithmsServer2Client() + { + $this->_connect(); + + return $this->mac_algorithms_server_to_client; + } + + /** + * Return a list of the compression algorithms the server supports, when receiving stuff from the client. + * + * @return array + * @access public + */ + function getCompressionAlgorithmsClient2Server() + { + $this->_connect(); + + return $this->compression_algorithms_client_to_server; + } + + /** + * Return a list of the compression algorithms the server supports, when sending stuff to the client. + * + * @return array + * @access public + */ + function getCompressionAlgorithmsServer2Client() + { + $this->_connect(); + + return $this->compression_algorithms_server_to_client; + } + + /** + * Return a list of the languages the server supports, when sending stuff to the client. + * + * @return array + * @access public + */ + function getLanguagesServer2Client() + { + $this->_connect(); + + return $this->languages_server_to_client; + } + + /** + * Return a list of the languages the server supports, when receiving stuff from the client. + * + * @return array + * @access public + */ + function getLanguagesClient2Server() + { + $this->_connect(); + + return $this->languages_client_to_server; + } + + /** + * Returns the banner message. + * + * Quoting from the RFC, "in some jurisdictions, sending a warning message before + * authentication may be relevant for getting legal protection." + * + * @return string + * @access public + */ + function getBannerMessage() + { + return $this->banner_message; + } + + /** + * Returns the server public host key. + * + * Caching this the first time you connect to a server and checking the result on subsequent connections + * is recommended. Returns false if the server signature is not signed correctly with the public host key. + * + * @return mixed + * @throws \RuntimeException on badly formatted keys + * @throws \phpseclib\Exception\NoSupportedAlgorithmsException when the key isn't in a supported format + * @access public + */ + function getServerPublicHostKey() + { + if (!($this->bitmap & self::MASK_CONSTRUCTOR)) { + if (!$this->_connect()) { + return false; + } + } + + $signature = $this->signature; + $server_public_host_key = $this->server_public_host_key; + + extract(unpack('Nlength', $this->_string_shift($server_public_host_key, 4))); + $this->_string_shift($server_public_host_key, $length); + + if ($this->signature_validated) { + return $this->bitmap ? + $this->signature_format . ' ' . Base64::encode($this->server_public_host_key) : + false; + } + + $this->signature_validated = true; + + switch ($this->signature_format) { + case 'ssh-dss': + $zero = new BigInteger(); + + $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); + $p = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); + + $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); + $q = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); + + $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); + $g = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); + + $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); + $y = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); + + /* The value for 'dss_signature_blob' is encoded as a string containing + r, followed by s (which are 160-bit integers, without lengths or + padding, unsigned, and in network byte order). */ + $temp = unpack('Nlength', $this->_string_shift($signature, 4)); + if ($temp['length'] != 40) { + $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new \RuntimeException('Invalid signature'); + } + + $r = new BigInteger($this->_string_shift($signature, 20), 256); + $s = new BigInteger($this->_string_shift($signature, 20), 256); + + switch (true) { + case $r->equals($zero): + case $r->compare($q) >= 0: + case $s->equals($zero): + case $s->compare($q) >= 0: + $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new \RuntimeException('Invalid signature'); + } + + $w = $s->modInverse($q); + + $u1 = $w->multiply(new BigInteger(sha1($this->exchange_hash), 16)); + list(, $u1) = $u1->divide($q); + + $u2 = $w->multiply($r); + list(, $u2) = $u2->divide($q); + + $g = $g->modPow($u1, $p); + $y = $y->modPow($u2, $p); + + $v = $g->multiply($y); + list(, $v) = $v->divide($p); + list(, $v) = $v->divide($q); + + if (!$v->equals($r)) { + //user_error('Bad server signature'); + return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); + } + + break; + case 'ssh-rsa': + $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); + $e = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); + + $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); + $rawN = $this->_string_shift($server_public_host_key, $temp['length']); + $n = new BigInteger($rawN, -256); + $nLength = strlen(ltrim($rawN, "\0")); + + /* + $temp = unpack('Nlength', $this->_string_shift($signature, 4)); + $signature = $this->_string_shift($signature, $temp['length']); + + $rsa = new RSA(); + $rsa->load(array('e' => $e, 'n' => $n), 'raw'); + $rsa->setHash('sha1'); + if (!$rsa->verify($this->exchange_hash, $signature, RSA::PADDING_PKCS1)) { + //user_error('Bad server signature'); + return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); + } + */ + + $temp = unpack('Nlength', $this->_string_shift($signature, 4)); + $s = new BigInteger($this->_string_shift($signature, $temp['length']), 256); + + // validate an RSA signature per "8.2 RSASSA-PKCS1-v1_5", "5.2.2 RSAVP1", and "9.1 EMSA-PSS" in the + // following URL: + // ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf + + // also, see SSHRSA.c (rsa2_verifysig) in PuTTy's source. + + if ($s->compare(new BigInteger()) < 0 || $s->compare($n->subtract(new BigInteger(1))) > 0) { + $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new \RuntimeException('Invalid signature'); + } + + $s = $s->modPow($e, $n); + $s = $s->toBytes(); + + $h = pack('N4H*', 0x00302130, 0x0906052B, 0x0E03021A, 0x05000414, sha1($this->exchange_hash)); + $h = chr(0x01) . str_repeat(chr(0xFF), $nLength - 2 - strlen($h)) . $h; + + if ($s != $h) { + //user_error('Bad server signature'); + return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); + } + break; + default: + $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); + throw new NoSupportedAlgorithmsException('Unsupported signature format'); + } + + return $this->signature_format . ' ' . Base64::encode($this->server_public_host_key); + } + + /** + * Returns the exit status of an SSH command or false. + * + * @return false|int + * @access public + */ + function getExitStatus() + { + if (is_null($this->exit_status)) { + return false; + } + return $this->exit_status; + } + + /** + * Returns the number of columns for the terminal window size. + * + * @return int + * @access public + */ + function getWindowColumns() + { + return $this->windowColumns; + } + + /** + * Returns the number of rows for the terminal window size. + * + * @return int + * @access public + */ + function getWindowRows() + { + return $this->windowRows; + } + + /** + * Sets the number of columns for the terminal window size. + * + * @param int $value + * @access public + */ + function setWindowColumns($value) + { + $this->windowColumns = $value; + } + + /** + * Sets the number of rows for the terminal window size. + * + * @param int $value + * @access public + */ + function setWindowRows($value) + { + $this->windowRows = $value; + } + + /** + * Sets the number of columns and rows for the terminal window size. + * + * @param int $columns + * @param int $rows + * @access public + */ + function setWindowSize($columns = 80, $rows = 24) + { + $this->windowColumns = $columns; + $this->windowRows = $rows; + } + + /** + * @return string + */ + function __toString() + { + return $this->getResourceId(); + } + + /** + * We use {} because that symbols should not be in URL according to + * {@link http://tools.ietf.org/html/rfc3986#section-2 RFC}. + * It will safe us from any conflicts, because otherwise regexp will + * match all alphanumeric domains. + * + * @return string + */ + function getResourceId() + { + return '{' . spl_object_hash($this) . '}'; + } + + /** + * Return existing connection + * + * @param string $id + * + * @return bool|SSH2 will return false if no such connection + */ + static function getConnectionByResourceId($id) + { + return isset(self::$connections[$id]) ? self::$connections[$id] : false; + } + + /** + * Return all excising connections + * + * @return SSH2[] + */ + static function getConnections() + { + return self::$connections; + } +} diff --git a/plugins/OStatus/extlib/phpseclib/System/SSH/Agent.php b/plugins/OStatus/extlib/phpseclib/System/SSH/Agent.php new file mode 100644 index 0000000000..23bf027a42 --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/System/SSH/Agent.php @@ -0,0 +1,313 @@ + + * login('username', $agent)) { + * exit('Login Failed'); + * } + * + * echo $ssh->exec('pwd'); + * echo $ssh->exec('ls -la'); + * ?> + * + * + * @category System + * @package SSH\Agent + * @author Jim Wigginton + * @copyright 2014 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + * @internal See http://api.libssh.org/rfc/PROTOCOL.agent + */ + +namespace phpseclib\System\SSH; + +use ParagonIE\ConstantTime\Base64; +use phpseclib\Crypt\RSA; +use phpseclib\Exception\BadConfigurationException; +use phpseclib\System\SSH\Agent\Identity; + +/** + * Pure-PHP ssh-agent client identity factory + * + * requestIdentities() method pumps out \phpseclib\System\SSH\Agent\Identity objects + * + * @package SSH\Agent + * @author Jim Wigginton + * @access internal + */ +class Agent +{ + /**#@+ + * Message numbers + * + * @access private + */ + // to request SSH1 keys you have to use SSH_AGENTC_REQUEST_RSA_IDENTITIES (1) + const SSH_AGENTC_REQUEST_IDENTITIES = 11; + // this is the SSH2 response; the SSH1 response is SSH_AGENT_RSA_IDENTITIES_ANSWER (2). + const SSH_AGENT_IDENTITIES_ANSWER = 12; + // the SSH1 request is SSH_AGENTC_RSA_CHALLENGE (3) + const SSH_AGENTC_SIGN_REQUEST = 13; + // the SSH1 response is SSH_AGENT_RSA_RESPONSE (4) + const SSH_AGENT_SIGN_RESPONSE = 14; + /**#@-*/ + + /**@+ + * Agent forwarding status + * + * @access private + */ + // no forwarding requested and not active + const FORWARD_NONE = 0; + // request agent forwarding when opportune + const FORWARD_REQUEST = 1; + // forwarding has been request and is active + const FORWARD_ACTIVE = 2; + /**#@-*/ + + /** + * Unused + */ + const SSH_AGENT_FAILURE = 5; + + /** + * Socket Resource + * + * @var resource + * @access private + */ + var $fsock; + + /** + * Agent forwarding status + * + * @access private + */ + var $forward_status = self::FORWARD_NONE; + + /** + * Buffer for accumulating forwarded authentication + * agent data arriving on SSH data channel destined + * for agent unix socket + * + * @access private + */ + var $socket_buffer = ''; + + /** + * Tracking the number of bytes we are expecting + * to arrive for the agent socket on the SSH data + * channel + */ + var $expected_bytes = 0; + + /** + * Default Constructor + * + * @return \phpseclib\System\SSH\Agent + * @throws \phpseclib\Exception\BadConfigurationException if SSH_AUTH_SOCK cannot be found + * @throws \RuntimeException on connection errors + * @access public + */ + function __construct() + { + switch (true) { + case isset($_SERVER['SSH_AUTH_SOCK']): + $address = $_SERVER['SSH_AUTH_SOCK']; + break; + case isset($_ENV['SSH_AUTH_SOCK']): + $address = $_ENV['SSH_AUTH_SOCK']; + break; + default: + throw new BadConfigurationException('SSH_AUTH_SOCK not found'); + } + + $this->fsock = fsockopen('unix://' . $address, 0, $errno, $errstr); + if (!$this->fsock) { + throw new \RuntimeException("Unable to connect to ssh-agent (Error $errno: $errstr)"); + } + } + + /** + * Request Identities + * + * See "2.5.2 Requesting a list of protocol 2 keys" + * Returns an array containing zero or more \phpseclib\System\SSH\Agent\Identity objects + * + * @return array + * @throws \RuntimeException on receipt of unexpected packets + * @access public + */ + function requestIdentities() + { + if (!$this->fsock) { + return array(); + } + + $packet = pack('NC', 1, self::SSH_AGENTC_REQUEST_IDENTITIES); + if (strlen($packet) != fputs($this->fsock, $packet)) { + throw new \RuntimeException('Connection closed while requesting identities'); + } + + $length = current(unpack('N', fread($this->fsock, 4))); + $type = ord(fread($this->fsock, 1)); + if ($type != self::SSH_AGENT_IDENTITIES_ANSWER) { + throw new \RuntimeException('Unable to request identities'); + } + + $identities = array(); + $keyCount = current(unpack('N', fread($this->fsock, 4))); + for ($i = 0; $i < $keyCount; $i++) { + $length = current(unpack('N', fread($this->fsock, 4))); + $key_blob = fread($this->fsock, $length); + $key_str = 'ssh-rsa ' . Base64::encode($key_blob); + $length = current(unpack('N', fread($this->fsock, 4))); + if ($length) { + $key_str.= ' ' . fread($this->fsock, $length); + } + $length = current(unpack('N', substr($key_blob, 0, 4))); + $key_type = substr($key_blob, 4, $length); + switch ($key_type) { + case 'ssh-rsa': + $key = new RSA(); + $key->load($key_str); + break; + case 'ssh-dss': + // not currently supported + break; + } + // resources are passed by reference by default + if (isset($key)) { + $identity = new Identity($this->fsock); + $identity->setPublicKey($key); + $identity->setPublicKeyBlob($key_blob); + $identities[] = $identity; + unset($key); + } + } + + return $identities; + } + + /** + * Signal that agent forwarding should + * be requested when a channel is opened + * + * @param Net_SSH2 $ssh + * @return bool + * @access public + */ + function startSSHForwarding($ssh) + { + if ($this->forward_status == self::FORWARD_NONE) { + $this->forward_status = self::FORWARD_REQUEST; + } + } + + /** + * Request agent forwarding of remote server + * + * @param Net_SSH2 $ssh + * @return bool + * @access private + */ + function _request_forwarding($ssh) + { + $request_channel = $ssh->_get_open_channel(); + if ($request_channel === false) { + return false; + } + + $packet = pack( + 'CNNa*C', + NET_SSH2_MSG_CHANNEL_REQUEST, + $ssh->server_channels[$request_channel], + strlen('auth-agent-req@openssh.com'), + 'auth-agent-req@openssh.com', + 1 + ); + + $ssh->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_REQUEST; + + if (!$ssh->_send_binary_packet($packet)) { + return false; + } + + $response = $ssh->_get_channel_packet($request_channel); + if ($response === false) { + return false; + } + + $ssh->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_OPEN; + $this->forward_status = self::FORWARD_ACTIVE; + + return true; + } + + /** + * On successful channel open + * + * This method is called upon successful channel + * open to give the SSH Agent an opportunity + * to take further action. i.e. request agent forwarding + * + * @param Net_SSH2 $ssh + * @access private + */ + function _on_channel_open($ssh) + { + if ($this->forward_status == self::FORWARD_REQUEST) { + $this->_request_forwarding($ssh); + } + } + + /** + * Forward data to SSH Agent and return data reply + * + * @param string $data + * @return data from SSH Agent + * @throws \RuntimeException on connection errors + * @access private + */ + function _forward_data($data) + { + if ($this->expected_bytes > 0) { + $this->socket_buffer.= $data; + $this->expected_bytes -= strlen($data); + } else { + $agent_data_bytes = current(unpack('N', $data)); + $current_data_bytes = strlen($data); + $this->socket_buffer = $data; + if ($current_data_bytes != $agent_data_bytes + 4) { + $this->expected_bytes = ($agent_data_bytes + 4) - $current_data_bytes; + return false; + } + } + + if (strlen($this->socket_buffer) != fwrite($this->fsock, $this->socket_buffer)) { + throw new \RuntimeException('Connection closed attempting to forward data to SSH agent'); + } + + $this->socket_buffer = ''; + $this->expected_bytes = 0; + + $agent_reply_bytes = current(unpack('N', fread($this->fsock, 4))); + + $agent_reply_data = fread($this->fsock, $agent_reply_bytes); + $agent_reply_data = current(unpack('a*', $agent_reply_data)); + + return pack('Na*', $agent_reply_bytes, $agent_reply_data); + } +} diff --git a/plugins/OStatus/extlib/phpseclib/System/SSH/Agent/Identity.php b/plugins/OStatus/extlib/phpseclib/System/SSH/Agent/Identity.php new file mode 100644 index 0000000000..612c414e90 --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/System/SSH/Agent/Identity.php @@ -0,0 +1,170 @@ + + * @copyright 2009 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + * @internal See http://api.libssh.org/rfc/PROTOCOL.agent + */ + +namespace phpseclib\System\SSH\Agent; + +use phpseclib\Crypt\RSA; +use phpseclib\Exception\UnsupportedAlgorithmException; +use phpseclib\System\SSH\Agent; + +/** + * Pure-PHP ssh-agent client identity object + * + * Instantiation should only be performed by \phpseclib\System\SSH\Agent class. + * This could be thought of as implementing an interface that phpseclib\Crypt\RSA + * implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something. + * The methods in this interface would be getPublicKey and sign since those are the + * methods phpseclib looks for to perform public key authentication. + * + * @package SSH\Agent + * @author Jim Wigginton + * @access internal + */ +class Identity +{ + /** + * Key Object + * + * @var \phpseclib\Crypt\RSA + * @access private + * @see self::getPublicKey() + */ + var $key; + + /** + * Key Blob + * + * @var string + * @access private + * @see self::sign() + */ + var $key_blob; + + /** + * Socket Resource + * + * @var resource + * @access private + * @see self::sign() + */ + var $fsock; + + /** + * Default Constructor. + * + * @param resource $fsock + * @return \phpseclib\System\SSH\Agent\Identity + * @access private + */ + function __construct($fsock) + { + $this->fsock = $fsock; + } + + /** + * Set Public Key + * + * Called by \phpseclib\System\SSH\Agent::requestIdentities() + * + * @param \phpseclib\Crypt\RSA $key + * @access private + */ + function setPublicKey($key) + { + $this->key = $key; + $this->key->setPublicKey(); + } + + /** + * Set Public Key + * + * Called by \phpseclib\System\SSH\Agent::requestIdentities(). The key blob could be extracted from $this->key + * but this saves a small amount of computation. + * + * @param string $key_blob + * @access private + */ + function setPublicKeyBlob($key_blob) + { + $this->key_blob = $key_blob; + } + + /** + * Get Public Key + * + * Wrapper for $this->key->getPublicKey() + * + * @param int $type optional + * @return mixed + * @access public + */ + function getPublicKey($type = 'PKCS8') + { + return $this->key->getPublicKey($type); + } + + /** + * Sets the hash + * + * ssh-agent only supports signatures with sha1 hashes but to maintain BC with RSA.php this function exists + * + * @param string $hash optional + * @throws \phpseclib\Exception\UnsupportedAlgorithmException if the algorithm is unsupported + * @access public + */ + function setHash($hash = 'sha1') + { + if ($hash != 'sha1') { + throw new UnsupportedAlgorithmException('ssh-agent can only be used with the sha1 hash'); + } + } + + /** + * Create a signature + * + * See "2.6.2 Protocol 2 private key signature request" + * + * @param string $message + * @param int $padding optional + * @return string + * @throws \RuntimeException on connection errors + * @throws \phpseclib\Exception\UnsupportedAlgorithmException if the algorithm is unsupported + * @access public + */ + function sign($message, $padding = RSA::PADDING_PKCS1) + { + if ($padding != RSA::PADDING_PKCS1 && $padding != RSA::PADDING_RELAXED_PKCS1) { + throw new UnsupportedAlgorithmException('ssh-agent can only create PKCS1 signatures'); + } + + // the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE + $packet = pack('CNa*Na*N', Agent::SSH_AGENTC_SIGN_REQUEST, strlen($this->key_blob), $this->key_blob, strlen($message), $message, 0); + $packet = pack('Na*', strlen($packet), $packet); + if (strlen($packet) != fputs($this->fsock, $packet)) { + throw new \RuntimeException('Connection closed during signing'); + } + + $length = current(unpack('N', fread($this->fsock, 4))); + $type = ord(fread($this->fsock, 1)); + if ($type != Agent::SSH_AGENT_SIGN_RESPONSE) { + throw new \RuntimeException('Unable to retreive signature'); + } + + $signature_blob = fread($this->fsock, $length - 1); + // the only other signature format defined - ssh-dss - is the same length as ssh-rsa + // the + 12 is for the other various SSH added length fields + return substr($signature_blob, strlen('ssh-rsa') + 12); + } +} diff --git a/plugins/OStatus/extlib/phpseclib/bootstrap.php b/plugins/OStatus/extlib/phpseclib/bootstrap.php new file mode 100644 index 0000000000..bd4ba0b5a5 --- /dev/null +++ b/plugins/OStatus/extlib/phpseclib/bootstrap.php @@ -0,0 +1,20 @@ + Date: Fri, 17 Jun 2016 23:21:34 +0200 Subject: [PATCH 212/415] Handle namespaces for new phpseclib --- plugins/OStatus/OStatusPlugin.php | 10 ++++------ plugins/OStatus/classes/Magicsig.php | 24 ++++++++++++------------ plugins/OStatus/lib/magicenvelope.php | 4 ++-- 3 files changed, 18 insertions(+), 20 deletions(-) diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index 72f246d68f..d877dd37c6 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -85,12 +85,10 @@ class OStatusPlugin extends Plugin public function onAutoload($cls) { - switch ($cls) { - case 'Crypt_AES': - case 'Crypt_RSA': - // Crypt_AES becomes Crypt/AES.php which is found in extlib/phpseclib/ - // which has been added to our include_path before - require_once str_replace('_', '/', $cls) . '.php'; + if (mb_substr($cls, 0, 10) === 'phpseclib\\') { + // These are saved under extlib/phpseclib with \ as /, + // phpseclib has already been added to our include_path + require_once str_replace('\\', '/', str_replace('phpseclib\\', '', $cls) . '.php'); return false; } diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index f5a5733dcb..42a1ff1319 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -52,7 +52,7 @@ class Magicsig extends Managed_DataObject /** * Flattened string representation of the key pair; callers should * usually use $this->publicKey and $this->privateKey directly, - * which hold live Crypt_RSA key objects. + * which hold live \phpseclib\Crypt\RSA key objects. * * @var string */ @@ -68,14 +68,14 @@ class Magicsig extends Managed_DataObject /** * Public RSA key; gets serialized in/out via $this->keypair string. * - * @var Crypt_RSA + * @var \phpseclib\Crypt\RSA */ public $publicKey; /** * PrivateRSA key; gets serialized in/out via $this->keypair string. * - * @var Crypt_RSA + * @var \phpseclib\Crypt\RSA */ public $privateKey; @@ -95,7 +95,7 @@ class Magicsig extends Managed_DataObject { $obj = parent::getKV($k, $v); if ($obj instanceof Magicsig) { - $obj->importKeys(); // Loads Crypt_RSA objects etc. + $obj->importKeys(); // Loads \phpseclib\Crypt\RSA objects etc. // Throw out a big fat warning for keys of less than 1024 bits. ( // The only case these show up in would be imported or @@ -156,14 +156,14 @@ class Magicsig extends Managed_DataObject $magicsig = new Magicsig($alg); $magicsig->user_id = $user->id; - $rsa = new Crypt_RSA(); + $rsa = new \phpseclib\Crypt\RSA(); $keypair = $rsa->createKey($bits); - $magicsig->privateKey = new Crypt_RSA(); + $magicsig->privateKey = new \phpseclib\Crypt\RSA(); $magicsig->privateKey->loadKey($keypair['privatekey']); - $magicsig->publicKey = new Crypt_RSA(); + $magicsig->publicKey = new \phpseclib\Crypt\RSA(); $magicsig->publicKey->loadKey($keypair['publickey']); $magicsig->insert(); // will do $this->keypair = $this->toString(true); @@ -185,7 +185,7 @@ class Magicsig extends Managed_DataObject $exp = call_user_func($base64_func, $this->publicKey->exponent->toBytes()); $private_exp = ''; - if ($full_pair && $this->privateKey instanceof Crypt_RSA && $this->privateKey->exponent->toBytes()) { + if ($full_pair && $this->privateKey instanceof \phpseclib\Crypt\RSA && $this->privateKey->exponent->toBytes()) { $private_exp = '.' . call_user_func($base64_func, $this->privateKey->exponent->toBytes()); } @@ -211,7 +211,7 @@ class Magicsig extends Managed_DataObject /** * importKeys will load the object's keypair string, which initiates - * loadKey() and configures Crypt_RSA objects. + * loadKey() and configures \phpseclib\Crypt\RSA objects. * * @param string $keypair optional, otherwise the object's "keypair" property will be used */ @@ -240,7 +240,7 @@ class Magicsig extends Managed_DataObject } /** - * Fill out $this->privateKey or $this->publicKey with a Crypt_RSA object + * Fill out $this->privateKey or $this->publicKey with a \phpseclib\Crypt\RSA object * representing the give key (as mod/exponent pair). * * @param string $mod base64url-encoded @@ -249,7 +249,7 @@ class Magicsig extends Managed_DataObject */ public function loadKey($mod, $exp, $type = 'public') { - $rsa = new Crypt_RSA(); + $rsa = new \phpseclib\Crypt\RSA(); $rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1); $rsa->setHash($this->getHash()); $rsa->modulus = new Math_BigInteger(Magicsig::base64_url_decode($mod), 256); @@ -265,7 +265,7 @@ class Magicsig extends Managed_DataObject public function loadPublicKeyPKCS1($key) { - $rsa = new Crypt_RSA(); + $rsa = new \phpseclib\Crypt\RSA(); if (!$rsa->setPublicKey($key, CRYPT_RSA_PUBLIC_FORMAT_PKCS1)) { throw new ServerException('Could not load PKCS1 public key. We probably got this from a remote Diaspora node as the profile public key.'); } diff --git a/plugins/OStatus/lib/magicenvelope.php b/plugins/OStatus/lib/magicenvelope.php index 27ff0de5bf..48b88a2d5f 100644 --- a/plugins/OStatus/lib/magicenvelope.php +++ b/plugins/OStatus/lib/magicenvelope.php @@ -97,7 +97,7 @@ class MagicEnvelope throw new ServerException(sprintf('No public key found for profile (id==%d)', $profile->id)); } - assert($magicsig->publicKey instanceof Crypt_RSA); + assert($magicsig->publicKey instanceof \phpseclib\Crypt\RSA); return $magicsig; } @@ -203,7 +203,7 @@ class MagicEnvelope $magicsig = Magicsig::generate($this->actor->getUser()); } assert($magicsig instanceof Magicsig); - assert($magicsig->privateKey instanceof Crypt_RSA); + assert($magicsig->privateKey instanceof \phpseclib\Crypt\RSA); // Prepare text and metadata for signing $this->data = Magicsig::base64_url_encode($text); From 09ef0c1f3335c132845d9be603edde9e9023ad1f Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 17 Jun 2016 23:22:44 +0200 Subject: [PATCH 213/415] bump Linkback plugin thanks to awesome singpolyma --- plugins/Linkback/LinkbackPlugin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/Linkback/LinkbackPlugin.php b/plugins/Linkback/LinkbackPlugin.php index 10006fa030..bb0f1370da 100644 --- a/plugins/Linkback/LinkbackPlugin.php +++ b/plugins/Linkback/LinkbackPlugin.php @@ -33,7 +33,7 @@ if (!defined('STATUSNET')) { require_once(__DIR__ . '/lib/util.php'); -define('LINKBACKPLUGIN_VERSION', '0.1'); +define('LINKBACKPLUGIN_VERSION', '0.2'); /** * Plugin to do linkbacks for notices containing URLs From d8af92bda2898ea998708553b0f74d59f1026f1f Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 17 Jun 2016 23:42:50 +0200 Subject: [PATCH 214/415] Diaspora phpseclib update --- plugins/Diaspora/DiasporaPlugin.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/Diaspora/DiasporaPlugin.php b/plugins/Diaspora/DiasporaPlugin.php index e80153e7ad..c4385e87e3 100644 --- a/plugins/Diaspora/DiasporaPlugin.php +++ b/plugins/Diaspora/DiasporaPlugin.php @@ -117,7 +117,7 @@ class DiasporaPlugin extends Plugin * aes-256-cbc cipher. I shall refer to this as the “inner key” * and the “inner initialization vector (iv)”. */ - $inner_key = new Crypt_AES(CRYPT_AES_MODE_CBC); + $inner_key = new \phpseclib\Crypt\AES(\phpseclib\Crypt\AES::MODE_CBC); $inner_key->setKeyLength(256); // set length to 256 bits (could be calculated, but let's be sure) $inner_key->setKey(common_random_rawstr(32)); // 32 bytes from a (pseudo) random source $inner_key->setIV(common_random_rawstr(16)); // 16 bytes is the block length @@ -143,7 +143,7 @@ class DiasporaPlugin extends Plugin * for the aes-256-cbc cipher. I shall refer to this as the * “outer key” and the “outer initialization vector (iv)”. */ - $outer_key = new Crypt_AES(CRYPT_AES_MODE_CBC); + $outer_key = new \phpseclib\Crypt\AES(\phpseclib\Crypt\AES::MODE_CBC); $outer_key->setKeyLength(256); // set length to 256 bits (could be calculated, but let's be sure) $outer_key->setKey(common_random_rawstr(32)); // 32 bytes from a (pseudo) random source $outer_key->setIV(common_random_rawstr(16)); // 16 bytes is the block length From 1839082f95727bfdd9248615fdce8505c3ddaa77 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 17 Jun 2016 23:43:24 +0200 Subject: [PATCH 215/415] OStatus Magicsig adaptations to new phpseclib Some constants have changed and the way to call RSA->sign(...) too. --- plugins/OStatus/classes/Magicsig.php | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 42a1ff1319..d7c7c38442 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -203,10 +203,10 @@ class Magicsig extends Managed_DataObject return strtolower(hash('sha256', $this->toString(false, false))); } - public function exportPublicKey($format=CRYPT_RSA_PUBLIC_FORMAT_PKCS1) + public function exportPublicKey($type='PKCS1') { $this->publicKey->setPublicKey(); - return $this->publicKey->getPublicKey($format); + return $this->publicKey->getPublicKey($type); } /** @@ -250,7 +250,6 @@ class Magicsig extends Managed_DataObject public function loadKey($mod, $exp, $type = 'public') { $rsa = new \phpseclib\Crypt\RSA(); - $rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1); $rsa->setHash($this->getHash()); $rsa->modulus = new Math_BigInteger(Magicsig::base64_url_decode($mod), 256); $rsa->k = strlen($rsa->modulus->toBytes()); @@ -266,7 +265,7 @@ class Magicsig extends Managed_DataObject public function loadPublicKeyPKCS1($key) { $rsa = new \phpseclib\Crypt\RSA(); - if (!$rsa->setPublicKey($key, CRYPT_RSA_PUBLIC_FORMAT_PKCS1)) { + if (!$rsa->setPublicKey($key, 'PKCS1')) { throw new ServerException('Could not load PKCS1 public key. We probably got this from a remote Diaspora node as the profile public key.'); } $this->publicKey = $rsa; @@ -305,7 +304,7 @@ class Magicsig extends Managed_DataObject */ public function sign($bytes) { - $sig = $this->privateKey->sign($bytes); + $sig = $this->privateKey->sign($bytes, \phpseclib\Crypt\RSA::PADDING_PKCS1); if ($sig === false) { throw new ServerException('Could not sign data'); } From 3a8ce99a9d1635bc8f7182ef8b825777ab34255e Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 17 Jun 2016 23:47:00 +0200 Subject: [PATCH 216/415] Magicsig call for phpseclib\Math\BigInteger fixed --- plugins/OStatus/classes/Magicsig.php | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index d7c7c38442..639fe663b2 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -27,11 +27,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - exit(1); -} - -require_once 'Crypt/RSA.php'; +if (!defined('GNUSOCIAL')) { exit(1); } class Magicsig extends Managed_DataObject { @@ -251,9 +247,9 @@ class Magicsig extends Managed_DataObject { $rsa = new \phpseclib\Crypt\RSA(); $rsa->setHash($this->getHash()); - $rsa->modulus = new Math_BigInteger(Magicsig::base64_url_decode($mod), 256); + $rsa->modulus = new \phpseclib\Math\BigInteger(Magicsig::base64_url_decode($mod), 256); $rsa->k = strlen($rsa->modulus->toBytes()); - $rsa->exponent = new Math_BigInteger(Magicsig::base64_url_decode($exp), 256); + $rsa->exponent = new \phpseclib\Math\BigInteger(Magicsig::base64_url_decode($exp), 256); if ($type == 'private') { $this->privateKey = $rsa; From 5bfd9dbaa74cff40998a785c79933b4da6138d41 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 17 Jun 2016 23:53:05 +0200 Subject: [PATCH 217/415] repost_of -> repeat_of, also trying with isset() --- plugins/Linkback/lib/util.php | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/plugins/Linkback/lib/util.php b/plugins/Linkback/lib/util.php index 74dedf8840..c6ad121695 100644 --- a/plugins/Linkback/lib/util.php +++ b/plugins/Linkback/lib/util.php @@ -395,10 +395,14 @@ function linkback_save($source, $target, $response, $notice_or_user) { try { $dupe->saveKnownTags($options['tags']); } catch (ServerException $ex) {} try { $dupe->saveKnownUrls($options['urls']); } catch (ServerException $ex) {} - if($options['reply_to']) { $dupe->reply_to = $options['reply_to']; } - if($options['repeat_of']) { $dupe->repeat_of = $options['repeat_of']; } - if($dupe->reply_to != $orig->reply_to || $dupe->repeat_of != $orig->repeat_of) { - $parent = Notice::getKV('id', $dupe->repost_of ? $dupe->repost_of : $dupe->reply_to); + if (isset($options['reply_to'])) { + $dupe->reply_to = $options['reply_to']; + } + if (isset($options['repeat_of'])) { + $dupe->repeat_of = $options['repeat_of']; + } + if ($dupe->reply_to != $orig->reply_to || $dupe->repeat_of != $orig->repeat_of) { + $parent = Notice::getKV('id', $dupe->repeat_of ?: $dupe->reply_to); if($parent instanceof Notice) { // If we changed the reply_to or repeat_of we might live in a new conversation now $dupe->conversation = $parent->conversation; From d4216d09c6d61ab16cd1a2d5e9fce03f678bb530 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 17 Jun 2016 23:58:49 +0200 Subject: [PATCH 218/415] extlib required by phpseclib (ParagonIE/ConstantTime) --- extlib/ParagonIE/ConstantTime/Base32.php | 396 ++++++++++++++++++ extlib/ParagonIE/ConstantTime/Base32Hex.php | 111 +++++ extlib/ParagonIE/ConstantTime/Base64.php | 229 ++++++++++ .../ParagonIE/ConstantTime/Base64DotSlash.php | 88 ++++ .../ConstantTime/Base64DotSlashOrdered.php | 82 ++++ .../ParagonIE/ConstantTime/Base64UrlSafe.php | 95 +++++ extlib/ParagonIE/ConstantTime/Binary.php | 98 +++++ .../ConstantTime/EncoderInterface.php | 52 +++ extlib/ParagonIE/ConstantTime/Encoding.php | 245 +++++++++++ extlib/ParagonIE/ConstantTime/Hex.php | 132 ++++++ extlib/ParagonIE/ConstantTime/RFC4648.php | 166 ++++++++ extlib/ParagonIE/LICENSE.txt | 48 +++ 12 files changed, 1742 insertions(+) create mode 100644 extlib/ParagonIE/ConstantTime/Base32.php create mode 100644 extlib/ParagonIE/ConstantTime/Base32Hex.php create mode 100644 extlib/ParagonIE/ConstantTime/Base64.php create mode 100644 extlib/ParagonIE/ConstantTime/Base64DotSlash.php create mode 100644 extlib/ParagonIE/ConstantTime/Base64DotSlashOrdered.php create mode 100644 extlib/ParagonIE/ConstantTime/Base64UrlSafe.php create mode 100644 extlib/ParagonIE/ConstantTime/Binary.php create mode 100644 extlib/ParagonIE/ConstantTime/EncoderInterface.php create mode 100644 extlib/ParagonIE/ConstantTime/Encoding.php create mode 100644 extlib/ParagonIE/ConstantTime/Hex.php create mode 100644 extlib/ParagonIE/ConstantTime/RFC4648.php create mode 100644 extlib/ParagonIE/LICENSE.txt diff --git a/extlib/ParagonIE/ConstantTime/Base32.php b/extlib/ParagonIE/ConstantTime/Base32.php new file mode 100644 index 0000000000..a65c1c7343 --- /dev/null +++ b/extlib/ParagonIE/ConstantTime/Base32.php @@ -0,0 +1,396 @@ + 96 && $src < 123) $ret += $src - 97 + 1; // -64 + $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 96); + + // if ($src > 0x31 && $src < 0x38) $ret += $src - 24 + 1; // -23 + $ret += (((0x31 - $src) & ($src - 0x38)) >> 8) & ($src - 23); + + return $ret; + } + + /** + * Uses bitwise operators instead of table-lookups to turn 5-bit integers + * into 8-bit integers. + * + * Uppercase variant. + * + * @param int $src + * @return int + */ + protected static function decode5BitsUpper(int $src): int + { + $ret = -1; + + // if ($src > 64 && $src < 91) $ret += $src - 65 + 1; // -64 + $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 64); + + // if ($src > 0x31 && $src < 0x38) $ret += $src - 24 + 1; // -23 + $ret += (((0x31 - $src) & ($src - 0x38)) >> 8) & ($src - 23); + + return $ret; + } + + /** + * Uses bitwise operators instead of table-lookups to turn 8-bit integers + * into 5-bit integers. + * + * @param $src + * @return string + */ + protected static function encode5Bits(int $src): string + { + $diff = 0x61; + + // if ($src > 25) $ret -= 72; + $diff -= ((25 - $src) >> 8) & 73; + + return \pack('C', $src + $diff); + } + + /** + * Uses bitwise operators instead of table-lookups to turn 8-bit integers + * into 5-bit integers. + * + * Uppercase variant. + * + * @param $src + * @return string + */ + protected static function encode5BitsUpper(int $src): string + { + $diff = 0x41; + + // if ($src > 25) $ret -= 40; + $diff -= ((25 - $src) >> 8) & 41; + + return \pack('C', $src + $diff); + } + + + /** + * Base32 decoding + * + * @param string $src + * @param bool $upper + * @param bool $strictPadding + * @return string + */ + protected static function doDecode(string $src, bool $upper = false, bool $strictPadding = false): string + { + // We do this to reduce code duplication: + $method = $upper + ? 'decode5BitsUpper' + : 'decode5Bits'; + + // Remove padding + $srcLen = Binary::safeStrlen($src); + if ($srcLen === 0) { + return ''; + } + if ($strictPadding) { + if (($srcLen & 7) === 0) { + for ($j = 0; $j < 7; ++$j) { + if ($src[$srcLen - 1] === '=') { + $srcLen--; + } else { + break; + } + } + } + if (($srcLen & 7) === 1) { + throw new \RangeException( + 'Incorrect padding' + ); + } + } else { + $src = \rtrim($src, '='); + $srcLen = Binary::safeStrlen($src); + } + + $err = 0; + $dest = ''; + // Main loop (no padding): + for ($i = 0; $i + 8 <= $srcLen; $i += 8) { + $chunk = \unpack('C*', Binary::safeSubstr($src, $i, 8)); + $c0 = static::$method($chunk[1]); + $c1 = static::$method($chunk[2]); + $c2 = static::$method($chunk[3]); + $c3 = static::$method($chunk[4]); + $c4 = static::$method($chunk[5]); + $c5 = static::$method($chunk[6]); + $c6 = static::$method($chunk[7]); + $c7 = static::$method($chunk[8]); + + $dest .= \pack( + 'CCCCC', + (($c0 << 3) | ($c1 >> 2) ) & 0xff, + (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff, + (($c3 << 4) | ($c4 >> 1) ) & 0xff, + (($c4 << 7) | ($c5 << 2) | ($c6 >> 3)) & 0xff, + (($c6 << 5) | ($c7 ) ) & 0xff + ); + $err |= ($c0 | $c1 | $c2 | $c3 | $c4 | $c5 | $c6 | $c7) >> 8; + } + // The last chunk, which may have padding: + if ($i < $srcLen) { + $chunk = \unpack('C*', Binary::safeSubstr($src, $i, $srcLen - $i)); + $c0 = static::$method($chunk[1]); + + if ($i + 6 < $srcLen) { + $c1 = static::$method($chunk[2]); + $c2 = static::$method($chunk[3]); + $c3 = static::$method($chunk[4]); + $c4 = static::$method($chunk[5]); + $c5 = static::$method($chunk[6]); + $c6 = static::$method($chunk[7]); + + $dest .= \pack( + 'CCCC', + (($c0 << 3) | ($c1 >> 2) ) & 0xff, + (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff, + (($c3 << 4) | ($c4 >> 1) ) & 0xff, + (($c4 << 7) | ($c5 << 2) | ($c6 >> 3)) & 0xff + ); + $err |= ($c0 | $c1 | $c2 | $c3 | $c4 | $c5 | $c6) >> 8; + } elseif ($i + 5 < $srcLen) { + $c1 = static::$method($chunk[2]); + $c2 = static::$method($chunk[3]); + $c3 = static::$method($chunk[4]); + $c4 = static::$method($chunk[5]); + $c5 = static::$method($chunk[6]); + + $dest .= \pack( + 'CCCC', + (($c0 << 3) | ($c1 >> 2) ) & 0xff, + (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff, + (($c3 << 4) | ($c4 >> 1) ) & 0xff, + (($c4 << 7) | ($c5 << 2) ) & 0xff + ); + $err |= ($c0 | $c1 | $c2 | $c3 | $c4 | $c5) >> 8; + } elseif ($i + 4 < $srcLen) { + $c1 = static::$method($chunk[2]); + $c2 = static::$method($chunk[3]); + $c3 = static::$method($chunk[4]); + $c4 = static::$method($chunk[5]); + + $dest .= \pack( + 'CCC', + (($c0 << 3) | ($c1 >> 2) ) & 0xff, + (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff, + (($c3 << 4) | ($c4 >> 1) ) & 0xff + ); + $err |= ($c0 | $c1 | $c2 | $c3 | $c4) >> 8; + } elseif ($i + 3 < $srcLen) { + $c1 = static::$method($chunk[2]); + $c2 = static::$method($chunk[3]); + $c3 = static::$method($chunk[4]); + + $dest .= \pack( + 'CC', + (($c0 << 3) | ($c1 >> 2) ) & 0xff, + (($c1 << 6) | ($c2 << 1) | ($c3 >> 4)) & 0xff + ); + $err |= ($c0 | $c1 | $c2 | $c3) >> 8; + } elseif ($i + 2 < $srcLen) { + $c1 = static::$method($chunk[2]); + $c2 = static::$method($chunk[3]); + + $dest .= \pack( + 'CC', + (($c0 << 3) | ($c1 >> 2) ) & 0xff, + (($c1 << 6) | ($c2 << 1) ) & 0xff + ); + $err |= ($c0 | $c1 | $c2) >> 8; + } elseif ($i + 1 < $srcLen) { + $c1 = static::$method($chunk[2]); + + $dest .= \pack( + 'C', + (($c0 << 3) | ($c1 >> 2) ) & 0xff + ); + $err |= ($c0 | $c1) >> 8; + } else { + $dest .= \pack( + 'C', + (($c0 << 3) ) & 0xff + ); + $err |= ($c0) >> 8; + } + } + if ($err !== 0) { + throw new \RangeException( + 'Base32::doDecode() only expects characters in the correct base32 alphabet' + ); + } + return $dest; + } + + /** + * Base32 Decoding + * + * @param string $src + * @param bool $upper + * @return string + */ + protected static function doEncode(string $src, bool $upper = false): string + { + // We do this to reduce code duplication: + $method = $upper + ? 'encode5BitsUpper' + : 'encode5Bits'; + + $dest = ''; + $srcLen = Binary::safeStrlen($src); + + // Main loop (no padding): + for ($i = 0; $i + 5 <= $srcLen; $i += 5) { + $chunk = \unpack('C*', Binary::safeSubstr($src, $i, 5)); + $b0 = $chunk[1]; + $b1 = $chunk[2]; + $b2 = $chunk[3]; + $b3 = $chunk[4]; + $b4 = $chunk[5]; + $dest .= + static::$method( ($b0 >> 3) & 31) . + static::$method((($b0 << 2) | ($b1 >> 6)) & 31) . + static::$method((($b1 >> 1) ) & 31) . + static::$method((($b1 << 4) | ($b2 >> 4)) & 31) . + static::$method((($b2 << 1) | ($b3 >> 7)) & 31) . + static::$method((($b3 >> 2) ) & 31) . + static::$method((($b3 << 3) | ($b4 >> 5)) & 31) . + static::$method( $b4 & 31); + } + // The last chunk, which may have padding: + if ($i < $srcLen) { + $chunk = \unpack('C*', Binary::safeSubstr($src, $i, $srcLen - $i)); + $b0 = $chunk[1]; + if ($i + 3 < $srcLen) { + $b1 = $chunk[2]; + $b2 = $chunk[3]; + $b3 = $chunk[4]; + $dest .= + static::$method( ($b0 >> 3) & 31) . + static::$method((($b0 << 2) | ($b1 >> 6)) & 31) . + static::$method((($b1 >> 1) ) & 31) . + static::$method((($b1 << 4) | ($b2 >> 4)) & 31) . + static::$method((($b2 << 1) | ($b3 >> 7)) & 31) . + static::$method((($b3 >> 2) ) & 31) . + static::$method((($b3 << 3) ) & 31) . + '='; + } elseif ($i + 2 < $srcLen) { + $b1 = $chunk[2]; + $b2 = $chunk[3]; + $dest .= + static::$method( ($b0 >> 3) & 31) . + static::$method((($b0 << 2) | ($b1 >> 6)) & 31) . + static::$method((($b1 >> 1) ) & 31) . + static::$method((($b1 << 4) | ($b2 >> 4)) & 31) . + static::$method((($b2 << 1) ) & 31) . + '==='; + } elseif ($i + 1 < $srcLen) { + $b1 = $chunk[2]; + $dest .= + static::$method( ($b0 >> 3) & 31) . + static::$method((($b0 << 2) | ($b1 >> 6)) & 31) . + static::$method((($b1 >> 1) ) & 31) . + static::$method((($b1 << 4) ) & 31) . + '===='; + } else { + $dest .= + static::$method( ($b0 >> 3) & 31) . + static::$method( ($b0 << 2) & 31) . + '======'; + } + } + return $dest; + } +} diff --git a/extlib/ParagonIE/ConstantTime/Base32Hex.php b/extlib/ParagonIE/ConstantTime/Base32Hex.php new file mode 100644 index 0000000000..5aff0a6b3a --- /dev/null +++ b/extlib/ParagonIE/ConstantTime/Base32Hex.php @@ -0,0 +1,111 @@ + 0x30 && $src < 0x3a) ret += $src - 0x2e + 1; // -47 + $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src - 47); + + // if ($src > 0x60 && $src < 0x77) ret += $src - 0x61 + 10 + 1; // -86 + $ret += (((0x60 - $src) & ($src - 0x77)) >> 8) & ($src - 86); + + return $ret; + } + + /** + * Uses bitwise operators instead of table-lookups to turn 5-bit integers + * into 8-bit integers. + * + * @param int $src + * @return int + */ + protected static function decode5BitsUpper(int $src): int + { + $ret = -1; + + // if ($src > 0x30 && $src < 0x3a) ret += $src - 0x2e + 1; // -47 + $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src - 47); + + // if ($src > 0x40 && $src < 0x57) ret += $src - 0x41 + 10 + 1; // -54 + $ret += (((0x40 - $src) & ($src - 0x57)) >> 8) & ($src - 54); + + return $ret; + } + + /** + * Uses bitwise operators instead of table-lookups to turn 8-bit integers + * into 5-bit integers. + * + * @param int $src + * @return string + */ + protected static function encode5Bits(int $src): string + { + $src += 0x30; + + // if ($src > 0x39) $src += 0x61 - 0x3a; // 39 + $src += ((0x39 - $src) >> 8) & 39; + + return \pack('C', $src); + } + + /** + * Uses bitwise operators instead of table-lookups to turn 8-bit integers + * into 5-bit integers. + * + * Uppercase variant. + * + * @param int $src + * @return string + */ + protected static function encode5BitsUpper(int $src): string + { + $src += 0x30; + + // if ($src > 0x39) $src += 0x41 - 0x3a; // 7 + $src += ((0x39 - $src) >> 8) & 7; + + return \pack('C', $src); + } +} \ No newline at end of file diff --git a/extlib/ParagonIE/ConstantTime/Base64.php b/extlib/ParagonIE/ConstantTime/Base64.php new file mode 100644 index 0000000000..df801cc8ec --- /dev/null +++ b/extlib/ParagonIE/ConstantTime/Base64.php @@ -0,0 +1,229 @@ +> 2 ) . + static::encode6Bits((($b0 << 4) | ($b1 >> 4)) & 63) . + static::encode6Bits((($b1 << 2) | ($b2 >> 6)) & 63) . + static::encode6Bits( $b2 & 63); + } + // The last chunk, which may have padding: + if ($i < $srcLen) { + $chunk = \unpack('C*', Binary::safeSubstr($src, $i, $srcLen - $i)); + $b0 = $chunk[1]; + if ($i + 1 < $srcLen) { + $b1 = $chunk[2]; + $dest .= + static::encode6Bits( $b0 >> 2 ) . + static::encode6Bits((($b0 << 4) | ($b1 >> 4)) & 63) . + static::encode6Bits( ($b1 << 2) & 63) . '='; + } else { + $dest .= + static::encode6Bits( $b0 >> 2) . + static::encode6Bits(($b0 << 4) & 63) . '=='; + } + } + return $dest; + } + + /** + * decode from base64 into binary + * + * Base64 character set "./[A-Z][a-z][0-9]" + * + * @param string $src + * @param bool $strictPadding + * @return string|bool + * @throws \RangeException + */ + public static function decode(string $src, bool $strictPadding = false): string + { + // Remove padding + $srcLen = Binary::safeStrlen($src); + if ($srcLen === 0) { + return ''; + } + + if ($strictPadding) { + if (($srcLen & 3) === 0) { + if ($src[$srcLen - 1] === '=') { + $srcLen--; + if ($src[$srcLen - 1] === '=') { + $srcLen--; + } + } + } + if (($srcLen & 3) === 1) { + throw new \RangeException( + 'Incorrect padding' + ); + } + if ($src[$srcLen - 1] === '=') { + throw new \RangeException( + 'Incorrect padding' + ); + } + } else { + $src = \rtrim($src, '='); + $srcLen = Binary::safeStrlen($src); + } + + $err = 0; + $dest = ''; + // Main loop (no padding): + for ($i = 0; $i + 4 <= $srcLen; $i += 4) { + $chunk = \unpack('C*', Binary::safeSubstr($src, $i, 4)); + $c0 = static::decode6Bits($chunk[1]); + $c1 = static::decode6Bits($chunk[2]); + $c2 = static::decode6Bits($chunk[3]); + $c3 = static::decode6Bits($chunk[4]); + + $dest .= \pack( + 'CCC', + ((($c0 << 2) | ($c1 >> 4)) & 0xff), + ((($c1 << 4) | ($c2 >> 2)) & 0xff), + ((($c2 << 6) | $c3 ) & 0xff) + ); + $err |= ($c0 | $c1 | $c2 | $c3) >> 8; + } + // The last chunk, which may have padding: + if ($i < $srcLen) { + $chunk = \unpack('C*', Binary::safeSubstr($src, $i, $srcLen - $i)); + $c0 = static::decode6Bits($chunk[1]); + + if ($i + 2 < $srcLen) { + $c1 = static::decode6Bits($chunk[2]); + $c2 = static::decode6Bits($chunk[3]); + $dest .= \pack( + 'CC', + ((($c0 << 2) | ($c1 >> 4)) & 0xff), + ((($c1 << 4) | ($c2 >> 2)) & 0xff) + ); + $err |= ($c0 | $c1 | $c2) >> 8; + } elseif ($i + 1 < $srcLen) { + $c1 = static::decode6Bits($chunk[2]); + $dest .= \pack( + 'C', + ((($c0 << 2) | ($c1 >> 4)) & 0xff) + ); + $err |= ($c0 | $c1) >> 8; + } elseif ($i < $srcLen && $strictPadding) { + $err |= 1; + } + } + if ($err !== 0) { + return false; + } + return $dest; + } + + /** + * Uses bitwise operators instead of table-lookups to turn 6-bit integers + * into 8-bit integers. + * + * Base64 character set: + * [A-Z] [a-z] [0-9] + / + * 0x41-0x5a, 0x61-0x7a, 0x30-0x39, 0x2b, 0x2f + * + * @param int $src + * @return int + */ + protected static function decode6Bits(int $src): int + { + $ret = -1; + + // if ($src > 0x40 && $src < 0x5b) $ret += $src - 0x41 + 1; // -64 + $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 64); + + // if ($src > 0x60 && $src < 0x7b) $ret += $src - 0x61 + 26 + 1; // -70 + $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 70); + + // if ($src > 0x2f && $src < 0x3a) $ret += $src - 0x30 + 52 + 1; // 5 + $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src + 5); + + // if ($src == 0x2b) $ret += 62 + 1; + $ret += (((0x2a - $src) & ($src - 0x2c)) >> 8) & 63; + + // if ($src == 0x2f) ret += 63 + 1; + $ret += (((0x2e - $src) & ($src - 0x30)) >> 8) & 64; + + return $ret; + } + + /** + * Uses bitwise operators instead of table-lookups to turn 8-bit integers + * into 6-bit integers. + * + * @param int $src + * @return string + */ + protected static function encode6Bits(int $src): string + { + $diff = 0x41; + + // if ($src > 25) $diff += 0x61 - 0x41 - 26; // 6 + $diff += ((25 - $src) >> 8) & 6; + + // if ($src > 51) $diff += 0x30 - 0x61 - 26; // -75 + $diff -= ((51 - $src) >> 8) & 75; + + // if ($src > 61) $diff += 0x2b - 0x30 - 10; // -15 + $diff -= ((61 - $src) >> 8) & 15; + + // if ($src > 62) $diff += 0x2f - 0x2b - 1; // 3 + $diff += ((62 - $src) >> 8) & 3; + + return \pack('C', $src + $diff); + } +} diff --git a/extlib/ParagonIE/ConstantTime/Base64DotSlash.php b/extlib/ParagonIE/ConstantTime/Base64DotSlash.php new file mode 100644 index 0000000000..7f975139b1 --- /dev/null +++ b/extlib/ParagonIE/ConstantTime/Base64DotSlash.php @@ -0,0 +1,88 @@ + 0x2d && $src < 0x30) ret += $src - 0x2e + 1; // -45 + $ret += (((0x2d - $src) & ($src - 0x30)) >> 8) & ($src - 45); + + // if ($src > 0x40 && $src < 0x5b) ret += $src - 0x41 + 2 + 1; // -62 + $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 62); + + // if ($src > 0x60 && $src < 0x7b) ret += $src - 0x61 + 28 + 1; // -68 + $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 68); + + // if ($src > 0x2f && $src < 0x3a) ret += $src - 0x30 + 54 + 1; // 7 + $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src + 7); + + return $ret; + } + + /** + * Uses bitwise operators instead of table-lookups to turn 8-bit integers + * into 6-bit integers. + * + * @param int $src + * @return string + */ + protected static function encode6Bits(int $src): string + { + $src += 0x2e; + + // if ($src > 0x2f) $src += 0x41 - 0x30; // 17 + $src += ((0x2f - $src) >> 8) & 17; + + // if ($src > 0x5a) $src += 0x61 - 0x5b; // 6 + $src += ((0x5a - $src) >> 8) & 6; + + // if ($src > 0x7a) $src += 0x30 - 0x7b; // -75 + $src -= ((0x7a - $src) >> 8) & 75; + + return \pack('C', $src); + } +} diff --git a/extlib/ParagonIE/ConstantTime/Base64DotSlashOrdered.php b/extlib/ParagonIE/ConstantTime/Base64DotSlashOrdered.php new file mode 100644 index 0000000000..3fb4209e68 --- /dev/null +++ b/extlib/ParagonIE/ConstantTime/Base64DotSlashOrdered.php @@ -0,0 +1,82 @@ + 0x2d && $src < 0x3a) ret += $src - 0x2e + 1; // -45 + $ret += (((0x2d - $src) & ($src - 0x3a)) >> 8) & ($src - 45); + + // if ($src > 0x40 && $src < 0x5b) ret += $src - 0x41 + 12 + 1; // -52 + $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 52); + + // if ($src > 0x60 && $src < 0x7b) ret += $src - 0x61 + 38 + 1; // -58 + $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 58); + + return $ret; + } + + /** + * Uses bitwise operators instead of table-lookups to turn 8-bit integers + * into 6-bit integers. + * + * @param int $src + * @return string + */ + protected static function encode6Bits(int $src): string + { + $src += 0x2e; + + // if ($src > 0x39) $src += 0x41 - 0x3a; // 7 + $src += ((0x39 - $src) >> 8) & 7; + + // if ($src > 0x5a) $src += 0x61 - 0x5b; // 6 + $src += ((0x5a - $src) >> 8) & 6; + + return \pack('C', $src); + } +} diff --git a/extlib/ParagonIE/ConstantTime/Base64UrlSafe.php b/extlib/ParagonIE/ConstantTime/Base64UrlSafe.php new file mode 100644 index 0000000000..f250095d18 --- /dev/null +++ b/extlib/ParagonIE/ConstantTime/Base64UrlSafe.php @@ -0,0 +1,95 @@ + 0x40 && $src < 0x5b) $ret += $src - 0x41 + 1; // -64 + $ret += (((0x40 - $src) & ($src - 0x5b)) >> 8) & ($src - 64); + + // if ($src > 0x60 && $src < 0x7b) $ret += $src - 0x61 + 26 + 1; // -70 + $ret += (((0x60 - $src) & ($src - 0x7b)) >> 8) & ($src - 70); + + // if ($src > 0x2f && $src < 0x3a) $ret += $src - 0x30 + 52 + 1; // 5 + $ret += (((0x2f - $src) & ($src - 0x3a)) >> 8) & ($src + 5); + + // if ($src == 0x2c) $ret += 62 + 1; + $ret += (((0x2c - $src) & ($src - 0x2e)) >> 8) & 63; + + // if ($src == 0x5f) ret += 63 + 1; + $ret += (((0x5e - $src) & ($src - 0x60)) >> 8) & 64; + + return $ret; + } + + /** + * Uses bitwise operators instead of table-lookups to turn 8-bit integers + * into 6-bit integers. + * + * @param int $src + * @return string + */ + protected static function encode6Bits(int $src): string + { + $diff = 0x41; + + // if ($src > 25) $diff += 0x61 - 0x41 - 26; // 6 + $diff += ((25 - $src) >> 8) & 6; + + // if ($src > 51) $diff += 0x30 - 0x61 - 26; // -75 + $diff -= ((51 - $src) >> 8) & 75; + + // if ($src > 61) $diff += 0x2d - 0x30 - 10; // -13 + $diff -= ((61 - $src) >> 8) & 13; + + // if ($src > 62) $diff += 0x5f - 0x2b - 1; // 3 + $diff += ((62 - $src) >> 8) & 49; + + return \pack('C', $src + $diff); + } +} diff --git a/extlib/ParagonIE/ConstantTime/Binary.php b/extlib/ParagonIE/ConstantTime/Binary.php new file mode 100644 index 0000000000..1028e66eda --- /dev/null +++ b/extlib/ParagonIE/ConstantTime/Binary.php @@ -0,0 +1,98 @@ += 0) { + $length = self::safeStrlen($str) - $start; + } else { + $length = -$start; + } + } + // $length calculation above might result in a 0-length string + if ($length === 0) { + return ''; + } + return \mb_substr($str, $start, $length, '8bit'); + } + if ($length === 0) { + return ''; + } + // Unlike mb_substr(), substr() doesn't accept NULL for length + if ($length !== null) { + return \substr($str, $start, $length); + } else { + return \substr($str, $start); + } + } +} \ No newline at end of file diff --git a/extlib/ParagonIE/ConstantTime/EncoderInterface.php b/extlib/ParagonIE/ConstantTime/EncoderInterface.php new file mode 100644 index 0000000000..ca699168d2 --- /dev/null +++ b/extlib/ParagonIE/ConstantTime/EncoderInterface.php @@ -0,0 +1,52 @@ +> 4; + $hex .= pack( + 'CC', + (87 + $b + ((($b - 10) >> 8) & ~38)), + (87 + $c + ((($c - 10) >> 8) & ~38)) + ); + } + return $hex; + } + + /** + * Convert a binary string into a hexadecimal string without cache-timing + * leaks, returning uppercase letters (as per RFC 4648) + * + * @param string $bin_string (raw binary) + * @return string + */ + public static function encodeUpper(string $bin_string): string + { + $hex = ''; + $len = Binary::safeStrlen($bin_string); + for ($i = 0; $i < $len; ++$i) { + $chunk = \unpack('C', Binary::safeSubstr($bin_string, $i, 2)); + $c = $chunk[1] & 0xf; + $b = $chunk[1] >> 4; + $hex .= pack( + 'CC', + (55 + $b + ((($b - 10) >> 8) & ~6)), + (55 + $c + ((($c - 10) >> 8) & ~6)) + ); + } + return $hex; + } + + /** + * Convert a hexadecimal string into a binary string without cache-timing + * leaks + * + * @param string $hex_string + * @param bool $strictPadding + * @return string (raw binary) + * @throws \RangeException + */ + public static function decode(string $hexString, bool $strictPadding = false): string + { + $hex_pos = 0; + $bin = ''; + $c_acc = 0; + $hex_len = Binary::safeStrlen($hexString); + $state = 0; + if (($hex_len & 1) !== 0) { + if ($strictPadding) { + throw new \RangeException( + 'Expected an even number of hexadecimal characters' + ); + } else { + $hexString = '0' . $hexString; + ++$hex_len; + } + } + + $chunk = \unpack('C*', $hexString); + while ($hex_pos < $hex_len) { + ++$hex_pos; + $c = $chunk[$hex_pos]; + $c_num = $c ^ 48; + $c_num0 = ($c_num - 10) >> 8; + $c_alpha = ($c & ~32) - 55; + $c_alpha0 = (($c_alpha - 10) ^ ($c_alpha - 16)) >> 8; + if (($c_num0 | $c_alpha0) === 0) { + throw new \RangeException( + 'hexEncode() only expects hexadecimal characters' + ); + } + $c_val = ($c_num0 & $c_num) | ($c_alpha & $c_alpha0); + if ($state === 0) { + $c_acc = $c_val * 16; + } else { + $bin .= \pack('C', $c_acc | $c_val); + } + $state ^= 1; + } + return $bin; + } +} diff --git a/extlib/ParagonIE/ConstantTime/RFC4648.php b/extlib/ParagonIE/ConstantTime/RFC4648.php new file mode 100644 index 0000000000..63b2ee69f5 --- /dev/null +++ b/extlib/ParagonIE/ConstantTime/RFC4648.php @@ -0,0 +1,166 @@ + "Zm9v" + * + * @param string $str + * @return string + */ + public function base64Encode(string $str): string + { + return Base64::encode($str); + } + + /** + * RFC 4648 Base64 decoding + * + * "Zm9v" -> "foo" + * + * @param string $str + * @return string + */ + public function base64Decode(string $str): string + { + return Base64::decode($str, true); + } + + /** + * RFC 4648 Base64 (URL Safe) encoding + * + * "foo" -> "Zm9v" + * + * @param string $str + * @return string + */ + public function base64UrlSafeEncode(string $str): string + { + return Base64UrlSafe::encode($str); + } + + /** + * RFC 4648 Base64 (URL Safe) decoding + * + * "Zm9v" -> "foo" + * + * @param string $str + * @return string + */ + public function base64UrlSafeDecode(string $str): string + { + return Base64UrlSafe::decode($str, true); + } + + /** + * RFC 4648 Base32 encoding + * + * "foo" -> "MZXW6===" + * + * @param string $str + * @return string + */ + public function base32Encode(string $str): string + { + return Base32::encodeUpper($str); + } + + /** + * RFC 4648 Base32 encoding + * + * "MZXW6===" -> "foo" + * + * @param string $str + * @return string + */ + public function base32Decode(string $str): string + { + return Base32::decodeUpper($str, true); + } + + /** + * RFC 4648 Base32-Hex encoding + * + * "foo" -> "CPNMU===" + * + * @param string $str + * @return string + */ + public function base32HexEncode(string $str): string + { + return Base32::encodeUpper($str); + } + + /** + * RFC 4648 Base32-Hex decoding + * + * "CPNMU===" -> "foo" + * + * @param string $str + * @return string + */ + public function base32HexDecode(string $str): string + { + return Base32::decodeUpper($str, true); + } + + /** + * RFC 4648 Base16 decoding + * + * "foo" -> "666F6F" + * + * @param string $str + * @return string + */ + public function base16Encode(string $str): string + { + return Hex::encodeUpper($str); + } + + /** + * RFC 4648 Base16 decoding + * + * "666F6F" -> "foo" + * + * @param string $str + * @return string + */ + public function base16Decode(string $str): string + { + return Hex::decode($str, true); + } +} \ No newline at end of file diff --git a/extlib/ParagonIE/LICENSE.txt b/extlib/ParagonIE/LICENSE.txt new file mode 100644 index 0000000000..06302425a3 --- /dev/null +++ b/extlib/ParagonIE/LICENSE.txt @@ -0,0 +1,48 @@ +The MIT License (MIT) + +Copyright (c) 2016 Paragon Initiative Enterprises + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + +------------------------------------------------------------------------------ +This library was based on the work of Steve "Sc00bz" Thomas. +------------------------------------------------------------------------------ + +The MIT License (MIT) + +Copyright (c) 2014 Steve Thomas + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + From 47aabf4fda8e3284e6c9684b3c24e4236786e5c6 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 18 Jun 2016 00:00:32 +0200 Subject: [PATCH 219/415] Let's just put the namespaced phpseclib in extlib instead of plugins/OStatus/extlib --- .../extlib => extlib}/phpseclib/Crypt/AES.php | 0 .../extlib => extlib}/phpseclib/Crypt/Base.php | 0 .../extlib => extlib}/phpseclib/Crypt/Blowfish.php | 0 .../extlib => extlib}/phpseclib/Crypt/DES.php | 0 .../extlib => extlib}/phpseclib/Crypt/Hash.php | 0 .../extlib => extlib}/phpseclib/Crypt/RC2.php | 0 .../extlib => extlib}/phpseclib/Crypt/RC4.php | 0 .../extlib => extlib}/phpseclib/Crypt/RSA.php | 0 .../phpseclib/Crypt/RSA/MSBLOB.php | 0 .../phpseclib/Crypt/RSA/OpenSSH.php | 0 .../extlib => extlib}/phpseclib/Crypt/RSA/PKCS.php | 0 .../phpseclib/Crypt/RSA/PKCS1.php | 0 .../phpseclib/Crypt/RSA/PKCS8.php | 0 .../phpseclib/Crypt/RSA/PuTTY.php | 0 .../extlib => extlib}/phpseclib/Crypt/RSA/Raw.php | 0 .../extlib => extlib}/phpseclib/Crypt/RSA/XML.php | 0 .../extlib => extlib}/phpseclib/Crypt/Random.php | 0 .../extlib => extlib}/phpseclib/Crypt/Rijndael.php | 0 .../phpseclib/Crypt/TripleDES.php | 0 .../extlib => extlib}/phpseclib/Crypt/Twofish.php | 0 .../Exception/BadConfigurationException.php | 0 .../phpseclib/Exception/FileNotFoundException.php | 0 .../Exception/NoSupportedAlgorithmsException.php | 0 .../Exception/UnsupportedAlgorithmException.php | 0 .../extlib => extlib}/phpseclib/File/ANSI.php | 0 .../extlib => extlib}/phpseclib/File/ASN1.php | 0 .../phpseclib/File/ASN1/Element.php | 0 .../extlib => extlib}/phpseclib/File/X509.php | 0 .../phpseclib/Math/BigInteger.php | 0 .../extlib => extlib}/phpseclib/Net/SCP.php | 0 .../extlib => extlib}/phpseclib/Net/SFTP.php | 0 .../phpseclib/Net/SFTP/Stream.php | 0 .../extlib => extlib}/phpseclib/Net/SSH1.php | 0 .../extlib => extlib}/phpseclib/Net/SSH2.php | 0 .../phpseclib/System/SSH/Agent.php | 0 .../phpseclib/System/SSH/Agent/Identity.php | 0 .../extlib => extlib}/phpseclib/bootstrap.php | 0 .../extlib => extlib}/phpseclib/openssl.cnf | 0 plugins/OStatus/OStatusPlugin.php | 14 -------------- 39 files changed, 14 deletions(-) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/AES.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/Base.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/Blowfish.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/DES.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/Hash.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/RC2.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/RC4.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/RSA.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/RSA/MSBLOB.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/RSA/OpenSSH.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/RSA/PKCS.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/RSA/PKCS1.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/RSA/PKCS8.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/RSA/PuTTY.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/RSA/Raw.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/RSA/XML.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/Random.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/Rijndael.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/TripleDES.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Crypt/Twofish.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Exception/BadConfigurationException.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Exception/FileNotFoundException.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Exception/NoSupportedAlgorithmsException.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Exception/UnsupportedAlgorithmException.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/File/ANSI.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/File/ASN1.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/File/ASN1/Element.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/File/X509.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Math/BigInteger.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Net/SCP.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Net/SFTP.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Net/SFTP/Stream.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Net/SSH1.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/Net/SSH2.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/System/SSH/Agent.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/System/SSH/Agent/Identity.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/bootstrap.php (100%) rename {plugins/OStatus/extlib => extlib}/phpseclib/openssl.cnf (100%) diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/AES.php b/extlib/phpseclib/Crypt/AES.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/AES.php rename to extlib/phpseclib/Crypt/AES.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/Base.php b/extlib/phpseclib/Crypt/Base.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/Base.php rename to extlib/phpseclib/Crypt/Base.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/Blowfish.php b/extlib/phpseclib/Crypt/Blowfish.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/Blowfish.php rename to extlib/phpseclib/Crypt/Blowfish.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/DES.php b/extlib/phpseclib/Crypt/DES.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/DES.php rename to extlib/phpseclib/Crypt/DES.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/Hash.php b/extlib/phpseclib/Crypt/Hash.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/Hash.php rename to extlib/phpseclib/Crypt/Hash.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RC2.php b/extlib/phpseclib/Crypt/RC2.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/RC2.php rename to extlib/phpseclib/Crypt/RC2.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RC4.php b/extlib/phpseclib/Crypt/RC4.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/RC4.php rename to extlib/phpseclib/Crypt/RC4.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RSA.php b/extlib/phpseclib/Crypt/RSA.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/RSA.php rename to extlib/phpseclib/Crypt/RSA.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RSA/MSBLOB.php b/extlib/phpseclib/Crypt/RSA/MSBLOB.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/RSA/MSBLOB.php rename to extlib/phpseclib/Crypt/RSA/MSBLOB.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RSA/OpenSSH.php b/extlib/phpseclib/Crypt/RSA/OpenSSH.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/RSA/OpenSSH.php rename to extlib/phpseclib/Crypt/RSA/OpenSSH.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RSA/PKCS.php b/extlib/phpseclib/Crypt/RSA/PKCS.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/RSA/PKCS.php rename to extlib/phpseclib/Crypt/RSA/PKCS.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RSA/PKCS1.php b/extlib/phpseclib/Crypt/RSA/PKCS1.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/RSA/PKCS1.php rename to extlib/phpseclib/Crypt/RSA/PKCS1.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RSA/PKCS8.php b/extlib/phpseclib/Crypt/RSA/PKCS8.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/RSA/PKCS8.php rename to extlib/phpseclib/Crypt/RSA/PKCS8.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RSA/PuTTY.php b/extlib/phpseclib/Crypt/RSA/PuTTY.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/RSA/PuTTY.php rename to extlib/phpseclib/Crypt/RSA/PuTTY.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RSA/Raw.php b/extlib/phpseclib/Crypt/RSA/Raw.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/RSA/Raw.php rename to extlib/phpseclib/Crypt/RSA/Raw.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/RSA/XML.php b/extlib/phpseclib/Crypt/RSA/XML.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/RSA/XML.php rename to extlib/phpseclib/Crypt/RSA/XML.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/Random.php b/extlib/phpseclib/Crypt/Random.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/Random.php rename to extlib/phpseclib/Crypt/Random.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/Rijndael.php b/extlib/phpseclib/Crypt/Rijndael.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/Rijndael.php rename to extlib/phpseclib/Crypt/Rijndael.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/TripleDES.php b/extlib/phpseclib/Crypt/TripleDES.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/TripleDES.php rename to extlib/phpseclib/Crypt/TripleDES.php diff --git a/plugins/OStatus/extlib/phpseclib/Crypt/Twofish.php b/extlib/phpseclib/Crypt/Twofish.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Crypt/Twofish.php rename to extlib/phpseclib/Crypt/Twofish.php diff --git a/plugins/OStatus/extlib/phpseclib/Exception/BadConfigurationException.php b/extlib/phpseclib/Exception/BadConfigurationException.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Exception/BadConfigurationException.php rename to extlib/phpseclib/Exception/BadConfigurationException.php diff --git a/plugins/OStatus/extlib/phpseclib/Exception/FileNotFoundException.php b/extlib/phpseclib/Exception/FileNotFoundException.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Exception/FileNotFoundException.php rename to extlib/phpseclib/Exception/FileNotFoundException.php diff --git a/plugins/OStatus/extlib/phpseclib/Exception/NoSupportedAlgorithmsException.php b/extlib/phpseclib/Exception/NoSupportedAlgorithmsException.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Exception/NoSupportedAlgorithmsException.php rename to extlib/phpseclib/Exception/NoSupportedAlgorithmsException.php diff --git a/plugins/OStatus/extlib/phpseclib/Exception/UnsupportedAlgorithmException.php b/extlib/phpseclib/Exception/UnsupportedAlgorithmException.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Exception/UnsupportedAlgorithmException.php rename to extlib/phpseclib/Exception/UnsupportedAlgorithmException.php diff --git a/plugins/OStatus/extlib/phpseclib/File/ANSI.php b/extlib/phpseclib/File/ANSI.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/File/ANSI.php rename to extlib/phpseclib/File/ANSI.php diff --git a/plugins/OStatus/extlib/phpseclib/File/ASN1.php b/extlib/phpseclib/File/ASN1.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/File/ASN1.php rename to extlib/phpseclib/File/ASN1.php diff --git a/plugins/OStatus/extlib/phpseclib/File/ASN1/Element.php b/extlib/phpseclib/File/ASN1/Element.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/File/ASN1/Element.php rename to extlib/phpseclib/File/ASN1/Element.php diff --git a/plugins/OStatus/extlib/phpseclib/File/X509.php b/extlib/phpseclib/File/X509.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/File/X509.php rename to extlib/phpseclib/File/X509.php diff --git a/plugins/OStatus/extlib/phpseclib/Math/BigInteger.php b/extlib/phpseclib/Math/BigInteger.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Math/BigInteger.php rename to extlib/phpseclib/Math/BigInteger.php diff --git a/plugins/OStatus/extlib/phpseclib/Net/SCP.php b/extlib/phpseclib/Net/SCP.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Net/SCP.php rename to extlib/phpseclib/Net/SCP.php diff --git a/plugins/OStatus/extlib/phpseclib/Net/SFTP.php b/extlib/phpseclib/Net/SFTP.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Net/SFTP.php rename to extlib/phpseclib/Net/SFTP.php diff --git a/plugins/OStatus/extlib/phpseclib/Net/SFTP/Stream.php b/extlib/phpseclib/Net/SFTP/Stream.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Net/SFTP/Stream.php rename to extlib/phpseclib/Net/SFTP/Stream.php diff --git a/plugins/OStatus/extlib/phpseclib/Net/SSH1.php b/extlib/phpseclib/Net/SSH1.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Net/SSH1.php rename to extlib/phpseclib/Net/SSH1.php diff --git a/plugins/OStatus/extlib/phpseclib/Net/SSH2.php b/extlib/phpseclib/Net/SSH2.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/Net/SSH2.php rename to extlib/phpseclib/Net/SSH2.php diff --git a/plugins/OStatus/extlib/phpseclib/System/SSH/Agent.php b/extlib/phpseclib/System/SSH/Agent.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/System/SSH/Agent.php rename to extlib/phpseclib/System/SSH/Agent.php diff --git a/plugins/OStatus/extlib/phpseclib/System/SSH/Agent/Identity.php b/extlib/phpseclib/System/SSH/Agent/Identity.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/System/SSH/Agent/Identity.php rename to extlib/phpseclib/System/SSH/Agent/Identity.php diff --git a/plugins/OStatus/extlib/phpseclib/bootstrap.php b/extlib/phpseclib/bootstrap.php similarity index 100% rename from plugins/OStatus/extlib/phpseclib/bootstrap.php rename to extlib/phpseclib/bootstrap.php diff --git a/plugins/OStatus/extlib/phpseclib/openssl.cnf b/extlib/phpseclib/openssl.cnf similarity index 100% rename from plugins/OStatus/extlib/phpseclib/openssl.cnf rename to extlib/phpseclib/openssl.cnf diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index d877dd37c6..9751772fdc 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -28,8 +28,6 @@ if (!defined('GNUSOCIAL')) { exit(1); } -set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/extlib/phpseclib'); - class OStatusPlugin extends Plugin { /** @@ -83,18 +81,6 @@ class OStatusPlugin extends Plugin return true; } - public function onAutoload($cls) - { - if (mb_substr($cls, 0, 10) === 'phpseclib\\') { - // These are saved under extlib/phpseclib with \ as /, - // phpseclib has already been added to our include_path - require_once str_replace('\\', '/', str_replace('phpseclib\\', '', $cls) . '.php'); - return false; - } - - return parent::onAutoload($cls); - } - /** * Set up queue handlers for outgoing hub pushes * @param QueueManager $qm From d00f19663b0266d6dd37fc3345f4a96f3a980d70 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 18 Jun 2016 00:05:54 +0200 Subject: [PATCH 220/415] bump to beta5 since phpseclib update (which might cause some issues still) --- lib/framework.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/framework.php b/lib/framework.php index d21bb994b8..77f2d0526a 100644 --- a/lib/framework.php +++ b/lib/framework.php @@ -23,7 +23,7 @@ define('GNUSOCIAL_ENGINE', 'GNU social'); define('GNUSOCIAL_ENGINE_URL', 'https://www.gnu.org/software/social/'); define('GNUSOCIAL_BASE_VERSION', '1.2.0'); -define('GNUSOCIAL_LIFECYCLE', 'beta4'); // 'dev', 'alpha[0-9]+', 'beta[0-9]+', 'rc[0-9]+', 'release' +define('GNUSOCIAL_LIFECYCLE', 'beta5'); // 'dev', 'alpha[0-9]+', 'beta[0-9]+', 'rc[0-9]+', 'release' define('GNUSOCIAL_VERSION', GNUSOCIAL_BASE_VERSION . '-' . GNUSOCIAL_LIFECYCLE); From 76114e2748bd07de33b164b0609ace78a73f325d Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 19 Jun 2016 02:26:44 +0200 Subject: [PATCH 221/415] Missed some phpseclib stuff in DiasporaPlugin --- plugins/Diaspora/DiasporaPlugin.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/plugins/Diaspora/DiasporaPlugin.php b/plugins/Diaspora/DiasporaPlugin.php index c4385e87e3..322c4f792a 100644 --- a/plugins/Diaspora/DiasporaPlugin.php +++ b/plugins/Diaspora/DiasporaPlugin.php @@ -34,7 +34,6 @@ if (!defined('GNUSOCIAL')) { exit(1); } addPlugin('OStatus'); //Since Magicsig hasn't loaded yet -require_once('Crypt/AES.php'); class DiasporaPlugin extends Plugin { @@ -46,7 +45,7 @@ class DiasporaPlugin extends Plugin { // So far we've only handled RSA keys, but it can change in the future, // so be prepared. And remember to change the statically assigned type attribute below! - assert($magicsig->publicKey instanceof Crypt_RSA); + assert($magicsig->publicKey instanceof \phpseclib\Crypt\RSA); $xrd->links[] = new XML_XRD_Element_Link(self::REL_PUBLIC_KEY, base64_encode($magicsig->exportPublicKey()), 'RSA'); From ed97b88b047a0994fc1102b5f859d94f94e754f9 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 19 Jun 2016 02:27:50 +0200 Subject: [PATCH 222/415] Err, don't need that comment. --- plugins/Diaspora/DiasporaPlugin.php | 2 -- 1 file changed, 2 deletions(-) diff --git a/plugins/Diaspora/DiasporaPlugin.php b/plugins/Diaspora/DiasporaPlugin.php index 322c4f792a..1bb7f15ddc 100644 --- a/plugins/Diaspora/DiasporaPlugin.php +++ b/plugins/Diaspora/DiasporaPlugin.php @@ -33,8 +33,6 @@ if (!defined('GNUSOCIAL')) { exit(1); } // Depends on OStatus of course. addPlugin('OStatus'); -//Since Magicsig hasn't loaded yet - class DiasporaPlugin extends Plugin { const REL_SEED_LOCATION = 'http://joindiaspora.com/seed_location'; From bac95913e8e4227413f7929fcee55fe6dae75f4c Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 19 Jun 2016 03:23:26 +0200 Subject: [PATCH 223/415] phpseclib defaults to OAEP but we want PKCS1 in D* --- plugins/Diaspora/DiasporaPlugin.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/plugins/Diaspora/DiasporaPlugin.php b/plugins/Diaspora/DiasporaPlugin.php index 1bb7f15ddc..dc40eec976 100644 --- a/plugins/Diaspora/DiasporaPlugin.php +++ b/plugins/Diaspora/DiasporaPlugin.php @@ -150,7 +150,7 @@ class DiasporaPlugin extends Plugin * and “outer iv” (using the aes-256-cbc cipher). This encrypted * blob shall be referred to as “the ciphertext”. */ - $ciphertext = $outer_key->encrypt($decrypted_header); + $ciphertext = $outer_key->encrypt($decrypted_header, \phpseclib\Crypt\RSA::PADDING_PKCS1); /** * Construct the following JSON object, which shall be referred to @@ -171,7 +171,7 @@ class DiasporaPlugin extends Plugin common_debug('Diaspora creating "outer aes key bundle", will require magic-public-key'); $key_fetcher = new MagicEnvelope(); $remote_keys = $key_fetcher->getKeyPair($target, true); // actually just gets the public key - $enc_outer = $remote_keys->publicKey->encrypt($outer_bundle); + $enc_outer = $remote_keys->publicKey->encrypt($outer_bundle, \phpseclib\Crypt\RSA::PADDING_PKCS1); /** * Construct the following JSON object, which I shall refer to as @@ -201,7 +201,7 @@ class DiasporaPlugin extends Plugin * chose earlier. * 2. Base64-encode the encrypted payload message. */ - $payload = $inner_key->encrypt($magic_env->getData()); + $payload = $inner_key->encrypt($magic_env->getData(), \phpseclib\Crypt\RSA::PADDING_PKCS1); //FIXME: This means we don't actually put an in the payload, // since Diaspora has its own update method! Silly me. Read up on: // https://wiki.diasporafoundation.org/Federation_Message_Semantics From 2726478467bb6479c36c2cdbd65d2a5b2d5b89da Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 19 Jun 2016 03:25:03 +0200 Subject: [PATCH 224/415] Bump Diaspora plugin version because of phpseclib fix --- plugins/Diaspora/DiasporaPlugin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/Diaspora/DiasporaPlugin.php b/plugins/Diaspora/DiasporaPlugin.php index dc40eec976..451d6b904e 100644 --- a/plugins/Diaspora/DiasporaPlugin.php +++ b/plugins/Diaspora/DiasporaPlugin.php @@ -79,7 +79,7 @@ class DiasporaPlugin extends Plugin public function onPluginVersion(array &$versions) { $versions[] = array('name' => 'Diaspora', - 'version' => '0.1', + 'version' => '0.2', 'author' => 'Mikael Nordfeldth', 'homepage' => 'https://gnu.io/social', // TRANS: Plugin description. From 16f45834980cffbd817c24c9f2c2fab207fe7903 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 19 Jun 2016 03:38:00 +0200 Subject: [PATCH 225/415] throw ClientException instead of clientError --- plugins/OStatus/lib/salmonaction.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/OStatus/lib/salmonaction.php b/plugins/OStatus/lib/salmonaction.php index 13f49f4eff..3b9472eeb8 100644 --- a/plugins/OStatus/lib/salmonaction.php +++ b/plugins/OStatus/lib/salmonaction.php @@ -43,7 +43,7 @@ class SalmonAction extends Action if (!isset($_SERVER['CONTENT_TYPE'])) { // TRANS: Client error. Do not translate "Content-type" - $this->clientError(_m('Salmon requires a Content-type header.')); + throw new ClientException(_m('Salmon requires a Content-type header.')); } $envxml = null; switch ($_SERVER['CONTENT_TYPE']) { From 09412ac813f4c14cd7969efcc8d9a8c103d34cc6 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 21 Jun 2016 15:55:49 +0200 Subject: [PATCH 226/415] PrimaryNoticeList so we get InfiniteScroll on profile pages --- actions/showstream.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/showstream.php b/actions/showstream.php index ca901ce794..97b21b1286 100644 --- a/actions/showstream.php +++ b/actions/showstream.php @@ -215,7 +215,7 @@ class ShowstreamAction extends NoticestreamAction function showNotices() { - $pnl = new NoticeList($this->notice, $this); + $pnl = new PrimaryNoticeList($this->notice, $this); $cnt = $pnl->show(); if (0 == $cnt) { $this->showEmptyListMessage(); From 6dcb293ba0e4fd4f38e2e3f4eb5b75df5f8d771f Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 23 Jun 2016 23:03:58 +0200 Subject: [PATCH 227/415] Unnecessarily verbose code --- plugins/LRDD/lib/discovery.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/LRDD/lib/discovery.php b/plugins/LRDD/lib/discovery.php index 4049113408..6818e12557 100644 --- a/plugins/LRDD/lib/discovery.php +++ b/plugins/LRDD/lib/discovery.php @@ -99,7 +99,7 @@ class Discovery common_debug("LRDD discovery method for '$uri': {$class}"); $lrdd = new $class; - $links = call_user_func(array($lrdd, 'discover'), $uri); + $links = $lrdd->discover($uri); $link = Discovery::getService($links, Discovery::LRDD_REL); // Load the LRDD XRD From a4051945fd71a812132febe0e6041775b75cd2ea Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 23 Jun 2016 23:27:18 +0200 Subject: [PATCH 228/415] Handle exception from Magic Envelope toXML function --- plugins/Diaspora/DiasporaPlugin.php | 7 ++++++- plugins/OStatus/OStatusPlugin.php | 7 ++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/plugins/Diaspora/DiasporaPlugin.php b/plugins/Diaspora/DiasporaPlugin.php index 451d6b904e..c054d3b767 100644 --- a/plugins/Diaspora/DiasporaPlugin.php +++ b/plugins/Diaspora/DiasporaPlugin.php @@ -225,7 +225,12 @@ class DiasporaPlugin extends Plugin public function onSalmonSlap($endpoint_uri, MagicEnvelope $magic_env, Profile $target=null) { - $envxml = $magic_env->toXML($target, 'diaspora'); + try { + $envxml = $magic_env->toXML($target, 'diaspora'); + } catch (Exception $e) { + common_log(LOG_ERR, sprintf('Could not generate Magic Envelope XML (diaspora flavour) for profile id=='.$target->getID().': '.$e->getMessage())); + return false; + } // Diaspora wants another POST format (base64url-encoded POST variable 'xml') $headers = array('Content-Type: application/x-www-form-urlencoded'); diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index 9751772fdc..d455f1f478 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -1407,7 +1407,12 @@ class OStatusPlugin extends Plugin public function onSalmonSlap($endpoint_uri, MagicEnvelope $magic_env, Profile $target=null) { - $envxml = $magic_env->toXML($target); + try { + $envxml = $magic_env->toXML($target); + } catch (Exception $e) { + common_log(LOG_ERR, sprintf('Could not generate Magic Envelope XML for profile id=='.$target->getID().': '.$e->getMessage())); + return false; + } $headers = array('Content-Type: application/magic-envelope+xml'); From 39e8c13afbc460f28a309a71dcb5f548f477c775 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 24 Jun 2016 13:51:40 +0200 Subject: [PATCH 229/415] Properly parse incoming bookmarks --- lib/activityobject.php | 20 +++++++++++++++++--- plugins/Bookmark/classes/Bookmark.php | 10 +++++----- 2 files changed, 22 insertions(+), 8 deletions(-) diff --git a/lib/activityobject.php b/lib/activityobject.php index ca6390b725..d211136d3c 100644 --- a/lib/activityobject.php +++ b/lib/activityobject.php @@ -28,9 +28,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } require_once(INSTALLDIR.'/lib/activitystreamjsondocument.php'); @@ -269,6 +267,22 @@ class ActivityObject if (empty($this->id) && !empty($this->link)) { // fallback if there's no ID $this->id = $this->link; } + + $els = $element->childNodes; + $out = array(); + + for ($i = 0; $i < $els->length; $i++) { + $link = $els->item($i); + if ($link->localName == ActivityUtils::LINK && $link->namespaceURI == ActivityUtils::ATOM) { + $attrs = array(); + foreach ($link->attributes as $attrName=>$attrNode) { + $attrs[$attrName] = $attrNode->nodeValue; + } + $this->extra[] = [$link->localName, + $attrs, + $link->nodeValue]; + } + } } // @todo FIXME: rationalize with Activity::_fromRssItem() diff --git a/plugins/Bookmark/classes/Bookmark.php b/plugins/Bookmark/classes/Bookmark.php index b593bc1909..02b4d3d2e3 100644 --- a/plugins/Bookmark/classes/Bookmark.php +++ b/plugins/Bookmark/classes/Bookmark.php @@ -162,19 +162,19 @@ class Bookmark extends Managed_DataObject $url = null; // each extra element is array('tagname', array('attr'=>'val', ...), 'content') foreach ($actobj->extra as $extra) { - if ($extra[1]['rel'] !== 'related') { + if ($extra[0] !== ActivityUtils::LINK || $extra[1][ActivityUtils::REL] !== 'related') { continue; } - if ($url===null && strlen($extra[1]['href'])>0) { - $url = $extra[1]['href']; + if ($url===null && strlen($extra[1][ActivityUtils::HREF])>0) { + $url = $extra[1][ActivityUtils::HREF]; } elseif ($url !== null) { // TRANS: Client exception thrown when a bookmark is formatted incorrectly. - throw new ClientException(sprintf(_m('Expected exactly 1 link rel=related in a Bookmark, got %1$d.'), count($relLinkEls))); + throw new ClientException(sprintf(_m('Expected exactly 1 link rel=related in a Bookmark, got more than that.'))); } } if (is_null($url)) { // TRANS: Client exception thrown when a bookmark is formatted incorrectly. - throw new ClientException(sprintf(_m('Expected exactly 1 link rel=related in a Bookmark, got %1$d.'), count($relLinkEls))); + throw new ClientException(sprintf(_m('Expected exactly 1 link rel=related in a Bookmark, got 0.'))); } if (!strlen($actobj->title)) { From da365be5a2011bcb7939130fa60320f7d7198ed0 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 24 Jun 2016 14:49:52 +0200 Subject: [PATCH 230/415] ParagonIE\ConstantTime required PHP7, going to v1.x branch --- extlib/ParagonIE/ConstantTime/Base32.php | 57 +++++++------- extlib/ParagonIE/ConstantTime/Base32Hex.php | 9 +-- extlib/ParagonIE/ConstantTime/Base64.php | 19 ++--- .../ParagonIE/ConstantTime/Base64DotSlash.php | 5 +- .../ConstantTime/Base64DotSlashOrdered.php | 5 +- .../ParagonIE/ConstantTime/Base64UrlSafe.php | 5 +- extlib/ParagonIE/ConstantTime/Binary.php | 9 +-- .../ConstantTime/EncoderInterface.php | 10 +-- extlib/ParagonIE/ConstantTime/Encoding.php | 45 ++++++----- extlib/ParagonIE/ConstantTime/Hex.php | 23 ++---- extlib/ParagonIE/ConstantTime/RFC4648.php | 31 ++++---- extlib/ParagonIE/README.md | 74 +++++++++++++++++++ 12 files changed, 167 insertions(+), 125 deletions(-) create mode 100644 extlib/ParagonIE/README.md diff --git a/extlib/ParagonIE/ConstantTime/Base32.php b/extlib/ParagonIE/ConstantTime/Base32.php index a65c1c7343..28b8ca200e 100644 --- a/extlib/ParagonIE/ConstantTime/Base32.php +++ b/extlib/ParagonIE/ConstantTime/Base32.php @@ -1,5 +1,4 @@ > 2)) & 0xff) ); $err |= ($c0 | $c1 | $c2) >> 8; - } elseif ($i + 1 < $srcLen) { + } elseif($i + 1 < $srcLen) { $c1 = static::decode6Bits($chunk[2]); $dest .= \pack( 'C', @@ -179,7 +170,7 @@ abstract class Base64 implements EncoderInterface * @param int $src * @return int */ - protected static function decode6Bits(int $src): int + protected static function decode6Bits($src) { $ret = -1; @@ -208,7 +199,7 @@ abstract class Base64 implements EncoderInterface * @param int $src * @return string */ - protected static function encode6Bits(int $src): string + protected static function encode6Bits($src) { $diff = 0x41; diff --git a/extlib/ParagonIE/ConstantTime/Base64DotSlash.php b/extlib/ParagonIE/ConstantTime/Base64DotSlash.php index 7f975139b1..160459782e 100644 --- a/extlib/ParagonIE/ConstantTime/Base64DotSlash.php +++ b/extlib/ParagonIE/ConstantTime/Base64DotSlash.php @@ -1,5 +1,4 @@ Date: Fri, 24 Jun 2016 15:19:24 +0200 Subject: [PATCH 231/415] fixes issue #189 with a script lacking exception handling --- plugins/OStatus/scripts/renew-feeds.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/plugins/OStatus/scripts/renew-feeds.php b/plugins/OStatus/scripts/renew-feeds.php index 8f8ac3ee1d..d63f448827 100755 --- a/plugins/OStatus/scripts/renew-feeds.php +++ b/plugins/OStatus/scripts/renew-feeds.php @@ -37,7 +37,11 @@ try { while ($sub->fetch()) { echo "Renewing feed subscription\n\tExp.: {$sub->sub_end}\n\tFeed: {$sub->uri}\n\tHub: {$sub->huburi}\n"; - $sub->renew(); + try { + $sub->renew(); + } catch (Exception $e) { + echo "FAILED: {$e->getMessage()}\n"; + } } echo "Done!"; From 0adb7af9a03a16fd45d900c5e15e8d386c454778 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 24 Jun 2016 15:43:20 +0200 Subject: [PATCH 232/415] Allow a quickHead request, will only return headers --- lib/httpclient.php | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/lib/httpclient.php b/lib/httpclient.php index 1e399bd83e..04a365274d 100644 --- a/lib/httpclient.php +++ b/lib/httpclient.php @@ -206,6 +206,29 @@ class HTTPClient extends HTTP_Request2 return $data; } + /** + * If you want an Accept header, put it in $headers + */ + public static function quickHead($url, array $params=array(), array $headers=array()) + { + if (!empty($params)) { + $params = http_build_query($params, null, '&'); + if (strpos($url, '?') === false) { + $url .= '?' . $params; + } else { + $url .= '&' . $params; + } + } + + $client = new HTTPClient(); + $response = $client->head($url, $headers); + if (!$response->isOk()) { + // TRANS: Exception. %s is the URL we tried to GET. + throw new Exception(sprintf(_m('Could not GET URL %s.'), $url), $response->getStatus()); + } + return $response->getHeader(); + } + /** * Convenience function to run a GET request. * From f1e3314bb790de9f372b47f3bc5af0f2e85b3710 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 24 Jun 2016 15:47:02 +0200 Subject: [PATCH 233/415] StoreRemoteMedia avoids too large files --- .../StoreRemoteMediaPlugin.php | 34 +++++++++++++++---- 1 file changed, 28 insertions(+), 6 deletions(-) diff --git a/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php b/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php index f38ca4713e..c9964869a4 100644 --- a/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php +++ b/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php @@ -77,22 +77,44 @@ class StoreRemoteMediaPlugin extends Plugin return true; } - if (!$this->checkWhiteList($file->getUrl()) || - !$this->checkBlackList($file->getUrl())) { + $remoteUrl = $file->getUrl(); + + if (!$this->checkWhiteList($remoteUrl) || + !$this->checkBlackList($remoteUrl)) { return true; } - // First we download the file to memory and test whether it's actually an image file - common_debug(sprintf('Downloading remote file id==%u with URL: %s', $file->getID(), _ve($file->getUrl()))); try { - $imgData = HTTPClient::quickGet($file->getUrl()); + $http = new HTTPClient(); + common_debug(sprintf('Performing HEAD request for remote file id==%u to avoid unnecessarily downloading too large files. URL: %s', $file->getID(), $remoteUrl)); + $head = $http->head($remoteUrl); + $headers = $head->getHeader(); + if (!isset($headers['content-length'])) { + // file size not specified on remote server + common_debug(sprintf('%s: Ignoring remote media because we did not get a content length for file id==%u', __CLASS__, $file->getID())); + return true; + } elseif (intval($headers['content-length']) > common_config('attachments', 'file_quota')) { + // file too big + common_debug(sprintf('%s: Skipping remote media because content length (%u) is larger than file_quota (%u) for file id==%u', __CLASS__, intval($headers['content-length']), common_config('attachments', 'file_quota'), $file->getID())); + return true; + } + + $remoteUrl = $head->effectiveUrl; // to avoid going through redirects again + if (!$this->checkBlackList($remoteUrl)) { + common_log(LOG_WARN, sprintf('%s: Non-blacklisted URL %s redirected to blacklisted URL %s', __CLASS__, $file->getUrl(), $remoteUrl)); + return true; + } + + // Then we download the file to memory and test whether it's actually an image file + common_debug(sprintf('Downloading remote file id==%u with effective URL: %s', $file->getID(), _ve($remoteUrl))); + $imgData = $http->get($remoteUrl); } catch (HTTP_Request2_ConnectionException $e) { common_log(LOG_ERR, __CLASS__.': quickGet on URL: '._ve($file->getUrl()).' threw exception: '.$e->getMessage()); return true; } $info = @getimagesizefromstring($imgData); if ($info === false) { - throw new UnsupportedMediaException(_('Remote file format was not identified as an image.'), $file->getUrl()); + throw new UnsupportedMediaException(_('Remote file format was not identified as an image.'), $remoteUrl); } elseif (!$info[0] || !$info[1]) { throw new UnsupportedMediaException(_('Image file had impossible geometry (0 width or height)')); } From 1dfac3ad63017071cca551a3e7f557da3f6d24aa Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 24 Jun 2016 15:53:23 +0200 Subject: [PATCH 234/415] Allow getting filesize by function --- classes/File.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/classes/File.php b/classes/File.php index c85d919fd7..1a38aefa72 100644 --- a/classes/File.php +++ b/classes/File.php @@ -263,6 +263,11 @@ class File extends Managed_DataObject return self::tryFilename($this->filename); } + public function getSize() + { + return intval($this->size); + } + // where should the file go? static function filename(Profile $profile, $origname, $mimetype) From af23c9f7cd4530c70fcbcceffba278648ec95ab0 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 24 Jun 2016 15:56:14 +0200 Subject: [PATCH 235/415] StoreRemoteMedia now checks remote filesize before downloading --- .../StoreRemoteMediaPlugin.php | 29 +++++++++++-------- 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php b/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php index c9964869a4..36e3544efa 100644 --- a/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php +++ b/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php @@ -85,28 +85,33 @@ class StoreRemoteMediaPlugin extends Plugin } try { + /* $http = new HTTPClient(); common_debug(sprintf('Performing HEAD request for remote file id==%u to avoid unnecessarily downloading too large files. URL: %s', $file->getID(), $remoteUrl)); $head = $http->head($remoteUrl); - $headers = $head->getHeader(); - if (!isset($headers['content-length'])) { - // file size not specified on remote server - common_debug(sprintf('%s: Ignoring remote media because we did not get a content length for file id==%u', __CLASS__, $file->getID())); - return true; - } elseif (intval($headers['content-length']) > common_config('attachments', 'file_quota')) { - // file too big - common_debug(sprintf('%s: Skipping remote media because content length (%u) is larger than file_quota (%u) for file id==%u', __CLASS__, intval($headers['content-length']), common_config('attachments', 'file_quota'), $file->getID())); - return true; - } - $remoteUrl = $head->effectiveUrl; // to avoid going through redirects again if (!$this->checkBlackList($remoteUrl)) { common_log(LOG_WARN, sprintf('%s: Non-blacklisted URL %s redirected to blacklisted URL %s', __CLASS__, $file->getUrl(), $remoteUrl)); return true; } + $headers = $head->getHeader(); + $filesize = isset($headers['content-length']) ? $headers['content-length'] : null; + */ + $filesize = $file->getSize(); + if (empty($filesize)) { + // file size not specified on remote server + common_debug(sprintf('%s: Ignoring remote media because we did not get a content length for file id==%u', __CLASS__, $file->getID())); + return true; + } elseif ($filesize > common_config('attachments', 'file_quota')) { + // file too big + common_debug(sprintf('%s: Skipping remote media because content length (%u) is larger than file_quota (%u) for file id==%u', __CLASS__, intval($filesize), common_config('attachments', 'file_quota'), $file->getID())); + return true; + } + + $http = new HTTPClient(); // Then we download the file to memory and test whether it's actually an image file - common_debug(sprintf('Downloading remote file id==%u with effective URL: %s', $file->getID(), _ve($remoteUrl))); + common_debug(sprintf('Downloading remote file id==%u (should be size %u) with effective URL: %s', $file->getID(), $filesize, _ve($remoteUrl))); $imgData = $http->get($remoteUrl); } catch (HTTP_Request2_ConnectionException $e) { common_log(LOG_ERR, __CLASS__.': quickGet on URL: '._ve($file->getUrl()).' threw exception: '.$e->getMessage()); From d7a4098b5606a885f8a8ec2f28cd701c3ac7c689 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 24 Jun 2016 16:07:57 +0200 Subject: [PATCH 236/415] Use a separate max download limit for remote files than file_quota too --- plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php b/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php index 36e3544efa..64c6355b2b 100644 --- a/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php +++ b/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php @@ -18,6 +18,8 @@ class StoreRemoteMediaPlugin extends Plugin public $domain_blacklist = array(); public $check_blacklist = false; + public $max_image_bytes = 5242880; // 5MiB max image size by default + protected $imgData = array(); // these should be declared protected everywhere @@ -103,16 +105,20 @@ class StoreRemoteMediaPlugin extends Plugin // file size not specified on remote server common_debug(sprintf('%s: Ignoring remote media because we did not get a content length for file id==%u', __CLASS__, $file->getID())); return true; + } elseif ($filesize > $this->max_image_bytes) { + //FIXME: When we perhaps start fetching videos etc. we'll need to differentiate max_image_bytes from that... + // file too big according to plugin configuration + common_debug(sprintf('%s: Skipping remote media because content length (%u) is larger than plugin configured max_image_bytes (%u) for file id==%u', __CLASS__, intval($filesize), $this->max_image_bytes, $file->getID())); + return true; } elseif ($filesize > common_config('attachments', 'file_quota')) { - // file too big + // file too big according to site configuration common_debug(sprintf('%s: Skipping remote media because content length (%u) is larger than file_quota (%u) for file id==%u', __CLASS__, intval($filesize), common_config('attachments', 'file_quota'), $file->getID())); return true; } - $http = new HTTPClient(); // Then we download the file to memory and test whether it's actually an image file common_debug(sprintf('Downloading remote file id==%u (should be size %u) with effective URL: %s', $file->getID(), $filesize, _ve($remoteUrl))); - $imgData = $http->get($remoteUrl); + $imgData = HTTPClient::quickGet($remoteUrl); } catch (HTTP_Request2_ConnectionException $e) { common_log(LOG_ERR, __CLASS__.': quickGet on URL: '._ve($file->getUrl()).' threw exception: '.$e->getMessage()); return true; From 7978cd6d5945e9ae0d590b159c5fbaecc36e3fc1 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 25 Jun 2016 11:50:59 +0200 Subject: [PATCH 237/415] s/EmptyIdException/EmptyPkeyValueException/ --- actions/apistatusesupdate.php | 2 +- classes/File.php | 2 +- classes/Managed_DataObject.php | 2 +- classes/Notice.php | 2 +- ...{emptyidexception.php => emptypkeyvalueexception.php} | 9 ++++++--- plugins/Favorite/classes/Fave.php | 2 +- 6 files changed, 11 insertions(+), 8 deletions(-) rename lib/{emptyidexception.php => emptypkeyvalueexception.php} (73%) diff --git a/actions/apistatusesupdate.php b/actions/apistatusesupdate.php index 09663ac7c2..f2c70f5452 100644 --- a/actions/apistatusesupdate.php +++ b/actions/apistatusesupdate.php @@ -174,7 +174,7 @@ class ApiStatusesUpdateAction extends ApiAuthAction foreach (array_unique($matches[0]) as $match) { try { $this->media_ids[$match] = File::getByID($match); - } catch (EmptyIdException $e) { + } catch (EmptyPkeyValueException $e) { // got a zero from the client, at least Twidere does this on occasion } catch (NoResultException $e) { // File ID was not found. Do we abort and report to the client? diff --git a/classes/File.php b/classes/File.php index 1a38aefa72..b28f1373d6 100644 --- a/classes/File.php +++ b/classes/File.php @@ -120,7 +120,7 @@ class File extends Managed_DataObject // $args['attachment'] should always be set if action===attachment, given our routing rules $file = File::getByID($args['attachment']); return $file; - } catch (EmptyIdException $e) { + } catch (EmptyPkeyValueException $e) { // ...but $args['attachment'] can also be 0... } catch (NoResultException $e) { // apparently this link goes to us, but is _not_ an existing attachment (File) ID? diff --git a/classes/Managed_DataObject.php b/classes/Managed_DataObject.php index 5b22672d7b..89263ee778 100644 --- a/classes/Managed_DataObject.php +++ b/classes/Managed_DataObject.php @@ -384,7 +384,7 @@ abstract class Managed_DataObject extends Memcached_DataObject static function getByID($id) { if (empty($id)) { - throw new EmptyIdException(get_called_class()); + throw new EmptyPkeyValueException(get_called_class(), 'id'); } // getByPK throws exception if id is null // or if the class does not have a single 'id' column as primary key diff --git a/classes/Notice.php b/classes/Notice.php index c130cccc26..96f4769af2 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -2683,7 +2683,7 @@ class Notice extends Managed_DataObject public static function getAsTimestamp($id) { if (empty($id)) { - throw new EmptyIdException('Notice'); + throw new EmptyPkeyValueException('Notice', 'id'); } $timestamp = null; diff --git a/lib/emptyidexception.php b/lib/emptypkeyvalueexception.php similarity index 73% rename from lib/emptyidexception.php rename to lib/emptypkeyvalueexception.php index ddf781b067..4470b7ba31 100644 --- a/lib/emptyidexception.php +++ b/lib/emptypkeyvalueexception.php @@ -29,10 +29,13 @@ if (!defined('GNUSOCIAL')) { exit(1); } -class EmptyIdException extends ServerException +class EmptyPkeyValueException extends ServerException { - public function __construct($called_class) + public function __construct($called_class, $key=null) { - parent::__construct(sprintf(_('Empty ID value was given to query for a "%s" object'), $called_class)); + // FIXME: translate the 'not specified' case? + parent::__construct(sprintf(_('Empty primary key (%1$s) value was given to query for a "%2$s" object'), + is_null($key) ? 'not specified' : _ve($key), + $called_class)); } } diff --git a/plugins/Favorite/classes/Fave.php b/plugins/Favorite/classes/Fave.php index c9bb7a6dd2..fb5575c0d4 100644 --- a/plugins/Favorite/classes/Fave.php +++ b/plugins/Favorite/classes/Fave.php @@ -132,7 +132,7 @@ class Fave extends Managed_DataObject } catch (NoResultException $e) { // In case there's some inconsistency where the profile or notice was deleted without losing the fave db entry common_log(LOG_INFO, '"'.get_class($e->obj).'" with id=='.var_export($e->obj->id, true).' object not found when deleting favorite, ignoring...'); - } catch (EmptyIdException $e) { + } catch (EmptyPkeyValueException $e) { // Some buggy instances of GNU social have had favorites with notice id==0 stored in the database common_log(LOG_INFO, _ve($e->getMessage())); } From 42a62da7649dc2910bff56c838526d0a7f454e50 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 25 Jun 2016 11:52:17 +0200 Subject: [PATCH 238/415] getByUri shorthand function for Managed_DataObject (with uri) --- classes/Managed_DataObject.php | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/classes/Managed_DataObject.php b/classes/Managed_DataObject.php index 89263ee778..8c9a55f2b6 100644 --- a/classes/Managed_DataObject.php +++ b/classes/Managed_DataObject.php @@ -383,6 +383,9 @@ abstract class Managed_DataObject extends Memcached_DataObject static function getByID($id) { + if (!property_exists(get_called_class(), 'id')) { + throw new ServerException('Trying to get undefined property of dataobject class.'); + } if (empty($id)) { throw new EmptyPkeyValueException(get_called_class(), 'id'); } @@ -391,6 +394,24 @@ abstract class Managed_DataObject extends Memcached_DataObject return static::getByPK(array('id' => $id)); } + static function getByUri($uri) + { + if (!property_exists(get_called_class(), 'uri')) { + throw new ServerException('Trying to get undefined property of dataobject class.'); + } + if (empty($uri)) { + throw new EmptyPkeyValueException(get_called_class(), 'uri'); + } + + $class = get_called_class(); + $obj = new $class(); + $obj->uri = $uri; + if (!$obj->find(true)) { + throw new NoResultException($obj); + } + return $obj; + } + /** * Returns an ID, checked that it is set and reasonably valid * From f93f02f424b5c13d4caf3d319c54784401f80221 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 25 Jun 2016 11:58:36 +0200 Subject: [PATCH 239/415] Managed_DataObject now has getByUri() --- classes/Notice.php | 10 ---------- classes/User.php | 10 ---------- 2 files changed, 20 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index 96f4769af2..35b1b233bb 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -336,16 +336,6 @@ class Notice extends Managed_DataObject } } - public static function getByUri($uri) - { - $notice = new Notice(); - $notice->uri = $uri; - if (!$notice->find(true)) { - throw new NoResultException($notice); - } - return $notice; - } - /** * Extract #hashtags from this notice's content and save them to the database. */ diff --git a/classes/User.php b/classes/User.php index c9c61d3aed..952b74134b 100644 --- a/classes/User.php +++ b/classes/User.php @@ -140,16 +140,6 @@ class User extends Managed_DataObject return $this->uri; } - static function getByUri($uri) - { - $user = new User(); - $user->uri = $uri; - if (!$user->find(true)) { - throw new NoResultException($user); - } - return $user; - } - public function getNickname() { return $this->getProfile()->getNickname(); From d0c26fb1a4a812248d885db7104794b056ec8b0b Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 25 Jun 2016 11:59:31 +0200 Subject: [PATCH 240/415] URIFIX in Ostatus_profile, handle missing feedsub --- plugins/OStatus/classes/Ostatus_profile.php | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/plugins/OStatus/classes/Ostatus_profile.php b/plugins/OStatus/classes/Ostatus_profile.php index d84611ec16..ad23542cfd 100644 --- a/plugins/OStatus/classes/Ostatus_profile.php +++ b/plugins/OStatus/classes/Ostatus_profile.php @@ -1842,22 +1842,28 @@ class Ostatus_profile extends Managed_DataObject { $orig = clone($this); - common_debug('URIFIX These identities both say they are each other: "'.$orig->uri.'" and "'.$profile_uri.'"'); + common_debug('URIFIX These identities both say they are each other: '._ve($orig->uri).' and '._ve($profile_uri)); $this->uri = $profile_uri; - if (array_key_exists('feedurl', $hints)) { - if (!empty($this->feeduri)) { - common_debug('URIFIX Changing FeedSub ['.$feedsub->id.'] feeduri "'.$feedsub->uri.'" to "'.$hints['feedurl']); - $feedsub = FeedSub::getKV('uri', $this->feeduri); + if (array_key_exists('feedurl', $hints) && common_valid_http_url($hints['feedurl'])) { + try { + $feedsub = FeedSub::getByUri($this->feeduri); + common_debug('URIFIX Changing FeedSub id==['._ve($feedsub->id).'] feeduri '._ve($feedsub->uri).' to '._ve($hints['feedurl'])); $feedorig = clone($feedsub); $feedsub->uri = $hints['feedurl']; $feedsub->updateWithKeys($feedorig); - } else { - common_debug('URIFIX Old Ostatus_profile did not have feedurl set, ensuring feed: '.$hints['feedurl']); + } catch (EmptyPkeyValueException $e) { + common_debug('URIFIX Old Ostatus_profile did not have feedurl set, ensuring new feedurl: '._ve($hints['feedurl'])); + FeedSub::ensureFeed($hints['feedurl']); + } catch (NoResultException $e) { + common_debug('URIFIX Missing FeedSub entry for the Ostatus_profile, ensuring new feedurl: '._ve($hints['feedurl'])); FeedSub::ensureFeed($hints['feedurl']); } $this->feeduri = $hints['feedurl']; + } elseif (array_key_exists('feedurl')) { + common_log(LOG_WARN, 'The feedurl hint we got was not a valid HTTP URL: '._ve($hints['feedurl'])); } + if (array_key_exists('salmon', $hints)) { common_debug('URIFIX Changing Ostatus_profile salmonuri from "'.$this->salmonuri.'" to "'.$hints['salmon'].'"'); $this->salmonuri = $hints['salmon']; From 3d6e25ee5f78d4fc3e00335d39724694264bbd53 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 25 Jun 2016 13:01:56 +0200 Subject: [PATCH 241/415] We have to create and populate the Notice_location table before constraint checking foreign keys. --- classes/Notice.php | 78 ++++++++++++++++++++++------------------------ 1 file changed, 38 insertions(+), 40 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index 35b1b233bb..b828678d87 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -3081,6 +3081,44 @@ class Notice extends Managed_DataObject $schema = Schema::get(); $schemadef = $schema->getTableDef($table); + // 2015-09-04 We move Notice location data to Notice_location + // First we see if we have to do this at all + if (isset($schemadef['fields']['lat']) + && isset($schemadef['fields']['lon']) + && isset($schemadef['fields']['location_id']) + && isset($schemadef['fields']['location_ns'])) { + // Then we make sure the Notice_location table is created! + $schema->ensureTable('notice_location', Notice_location::schemaDef()); + + // Then we continue on our road to migration! + echo "\nFound old $table table, moving location data to 'notice_location' table... (this will probably take a LONG time, but can be aborted and continued)"; + + $notice = new Notice(); + $notice->query(sprintf('SELECT id, lat, lon, location_id, location_ns FROM %1$s ' . + 'WHERE lat IS NOT NULL ' . + 'OR lon IS NOT NULL ' . + 'OR location_id IS NOT NULL ' . + 'OR location_ns IS NOT NULL', + $schema->quoteIdentifier($table))); + print "\nFound {$notice->N} notices with location data, inserting"; + while ($notice->fetch()) { + $notloc = Notice_location::getKV('notice_id', $notice->id); + if ($notloc instanceof Notice_location) { + print "-"; + continue; + } + $notloc = new Notice_location(); + $notloc->notice_id = $notice->id; + $notloc->lat= $notice->lat; + $notloc->lon= $notice->lon; + $notloc->location_id= $notice->location_id; + $notloc->location_ns= $notice->location_ns; + $notloc->insert(); + print "."; + } + print "\n"; + } + /** * Make sure constraints are met before upgrading, if foreign keys * are not already in use. @@ -3153,45 +3191,5 @@ class Notice extends Managed_DataObject unset($notice); } } - - // 2015-09-04 We move Notice location data to Notice_location - // First we see if we have to do this at all - if (!isset($schemadef['fields']['lat']) - && !isset($schemadef['fields']['lon']) - && !isset($schemadef['fields']['location_id']) - && !isset($schemadef['fields']['location_ns'])) { - // We have already removed the location fields, so no need to migrate. - return; - } - // Then we make sure the Notice_location table is created! - $schema->ensureTable('notice_location', Notice_location::schemaDef()); - - // Then we continue on our road to migration! - echo "\nFound old $table table, moving location data to 'notice_location' table... (this will probably take a LONG time, but can be aborted and continued)"; - - $notice = new Notice(); - $notice->query(sprintf('SELECT id, lat, lon, location_id, location_ns FROM %1$s ' . - 'WHERE lat IS NOT NULL ' . - 'OR lon IS NOT NULL ' . - 'OR location_id IS NOT NULL ' . - 'OR location_ns IS NOT NULL', - $schema->quoteIdentifier($table))); - print "\nFound {$notice->N} notices with location data, inserting"; - while ($notice->fetch()) { - $notloc = Notice_location::getKV('notice_id', $notice->id); - if ($notloc instanceof Notice_location) { - print "-"; - continue; - } - $notloc = new Notice_location(); - $notloc->notice_id = $notice->id; - $notloc->lat= $notice->lat; - $notloc->lon= $notice->lon; - $notloc->location_id= $notice->location_id; - $notloc->location_ns= $notice->location_ns; - $notloc->insert(); - print "."; - } - print "\n"; } } From d10ce6ac7cb2a65dc0411008f2cfc2710db107b8 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 25 Jun 2016 20:13:19 +0200 Subject: [PATCH 242/415] Give Webfinger response to group queries --- plugins/OStatus/OStatusPlugin.php | 6 ++ plugins/WebFinger/WebFingerPlugin.php | 14 ++++ .../lib/webfingerresource/profile.php | 72 +++++++++++-------- 3 files changed, 63 insertions(+), 29 deletions(-) diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index d455f1f478..3e9a0c58d6 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -1315,6 +1315,12 @@ class OStatusPlugin extends Plugin { if ($target->getObjectType() === ActivityObject::PERSON) { $this->addWebFingerPersonLinks($xrd, $target); + } elseif ($target->getObjectType() === ActivityObject::GROUP) { + $xrd->links[] = new XML_XRD_Element_Link(Discovery::UPDATESFROM, + common_local_url('ApiTimelineGroup', + array('id' => $target->getGroup()->getID(), 'format' => 'atom')), + 'application/atom+xml'); + } // Salmon diff --git a/plugins/WebFinger/WebFingerPlugin.php b/plugins/WebFinger/WebFingerPlugin.php index b41db564c3..03a8c140b7 100644 --- a/plugins/WebFinger/WebFingerPlugin.php +++ b/plugins/WebFinger/WebFingerPlugin.php @@ -140,6 +140,20 @@ class WebFingerPlugin extends Plugin throw $e; } + try { + common_debug(__METHOD__.': Finding User_group URI for WebFinger lookup on resource=='._ve($resource)); + $group = new User_group(); + $group->whereAddIn('uri', array_keys($alt_urls), $group->columnType('uri')); + $group->limit(1); + if ($group->find(true)) { + $profile = $group->getProfile(); + } + unset($group); + } catch (Exception $e) { + common_log(LOG_ERR, get_class($e).': '._ve($e->getMessage())); + throw $e; + } + // User URI did not match, so let's try our alt_urls as Profile URL values if (!$profile instanceof Profile) { common_debug(__METHOD__.': Finding Profile URLs for WebFinger lookup on resource=='._ve($resource)); diff --git a/plugins/WebFinger/lib/webfingerresource/profile.php b/plugins/WebFinger/lib/webfingerresource/profile.php index 5bfbda0f29..273e08dc47 100644 --- a/plugins/WebFinger/lib/webfingerresource/profile.php +++ b/plugins/WebFinger/lib/webfingerresource/profile.php @@ -23,11 +23,14 @@ class WebFingerResource_Profile extends WebFingerResource { $aliases = array(); - try { - // Try to create an acct: URI if we're dealing with a profile - $aliases[] = $this->reconstructAcct(); - } catch (WebFingerReconstructionException $e) { - common_debug("WebFinger reconstruction for Profile failed (id={$this->object->id})"); + // only persons ("accounts" or "agents" actually) have acct: URIs + if ($this->object->isPerson()) { + try { + // Try to create an acct: URI if we're dealing with a profile + $aliases[] = $this->reconstructAcct(); + } catch (WebFingerReconstructionException $e) { + common_debug("WebFinger reconstruction for Profile failed (id={$this->object->getID()})"); + } } return array_merge($aliases, parent::getAliases()); @@ -40,10 +43,10 @@ class WebFingerResource_Profile extends WebFingerResource if (Event::handle('StartWebFingerReconstruction', array($this->object, &$acct))) { // TODO: getUri may not always give us the correct host on remote users? $host = parse_url($this->object->getUri(), PHP_URL_HOST); - if (empty($this->object->nickname) || empty($host)) { + if (empty($this->object->getNickname()) || empty($host)) { throw new WebFingerReconstructionException($this->object); } - $acct = mb_strtolower(sprintf('acct:%s@%s', $this->object->nickname, $host)); + $acct = mb_strtolower(sprintf('acct:%s@%s', $this->object->getNickname(), $host)); Event::handle('EndWebFingerReconstruction', array($this->object, &$acct)); } @@ -55,34 +58,45 @@ class WebFingerResource_Profile extends WebFingerResource { if (Event::handle('StartWebFingerProfileLinks', array($xrd, $this->object))) { - $xrd->links[] = new XML_XRD_Element_Link(self::PROFILEPAGE, - $this->object->getUrl(), 'text/html'); - - // XFN - $xrd->links[] = new XML_XRD_Element_Link('http://gmpg.org/xfn/11', - $this->object->getUrl(), 'text/html'); - // FOAF - $xrd->links[] = new XML_XRD_Element_Link('describedby', - common_local_url('foaf', - array('nickname' => $this->object->nickname)), - 'application/rdf+xml'); - - $link = new XML_XRD_Element_Link('http://apinamespace.org/atom', - common_local_url('ApiAtomService', - array('id' => $this->object->nickname)), - 'application/atomsvc+xml'); -// XML_XRD must implement changing properties first $link['http://apinamespace.org/atom/username'] = $this->object->nickname; - $xrd->links[] = clone $link; - if (common_config('site', 'fancy')) { $apiRoot = common_path('api/', true); } else { $apiRoot = common_path('index.php/api/', true); } - $link = new XML_XRD_Element_Link('http://apinamespace.org/twitter', $apiRoot); -// XML_XRD must implement changing properties first $link['http://apinamespace.org/twitter/username'] = $this->object->nickname; - $xrd->links[] = clone $link; + // Profile page, can give more metadata from Link header or HTML parsing + $xrd->links[] = new XML_XRD_Element_Link(self::PROFILEPAGE, + $this->object->getUrl(), 'text/html'); + + // XFN + $xrd->links[] = new XML_XRD_Element_Link('http://gmpg.org/xfn/11', + $this->object->getUrl(), 'text/html'); + if ($this->object->isPerson()) { + // FOAF for user + $xrd->links[] = new XML_XRD_Element_Link('describedby', + common_local_url('foaf', + array('nickname' => $this->object->getNickname())), + 'application/rdf+xml'); + + // nickname discovery for apps etc. + $link = new XML_XRD_Element_Link('http://apinamespace.org/atom', + common_local_url('ApiAtomService', + array('id' => $this->object->getNickname())), + 'application/atomsvc+xml'); + // XML_XRD must implement changing properties first $link['http://apinamespace.org/atom/username'] = $this->object->getNickname(); + $xrd->links[] = clone $link; + + $link = new XML_XRD_Element_Link('http://apinamespace.org/twitter', $apiRoot); + // XML_XRD must implement changing properties first $link['http://apinamespace.org/twitter/username'] = $this->object->getNickname(); + $xrd->links[] = clone $link; + + } elseif ($this->object->isGroup()) { + // FOAF for group + $xrd->links[] = new XML_XRD_Element_Link('describedby', + common_local_url('foafgroup', + array('nickname' => $this->object->getNickname())), + 'application/rdf+xml'); + } Event::handle('EndWebFingerProfileLinks', array($xrd, $this->object)); } From ad7ebd1a8c31e948e9693ef798c5a2294e38a60f Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 25 Jun 2016 20:34:28 +0200 Subject: [PATCH 243/415] Even more phpseclib update related stuff. --- plugins/OStatus/classes/Magicsig.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 639fe663b2..0a0fd2e067 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -157,10 +157,10 @@ class Magicsig extends Managed_DataObject $keypair = $rsa->createKey($bits); $magicsig->privateKey = new \phpseclib\Crypt\RSA(); - $magicsig->privateKey->loadKey($keypair['privatekey']); + $magicsig->privateKey->load($keypair['privatekey']); $magicsig->publicKey = new \phpseclib\Crypt\RSA(); - $magicsig->publicKey->loadKey($keypair['publickey']); + $magicsig->publicKey->load($keypair['publickey']); $magicsig->insert(); // will do $this->keypair = $this->toString(true); $magicsig->importKeys(); // seems it's necessary to re-read keys from text keypair @@ -316,7 +316,7 @@ class Magicsig extends Managed_DataObject public function verify($signed_bytes, $signature) { $signature = self::base64_url_decode($signature); - return $this->publicKey->verify($signed_bytes, $signature); + return $this->publicKey->verify($signed_bytes, $signature, \phpseclib\Crypt\RSA::PADDING_PKCS1); } /** From bf4acc21becce38b15283dd1630e37e23888077d Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 25 Jun 2016 20:37:00 +0200 Subject: [PATCH 244/415] A bunch of GIFs were >5MiB! --- plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php b/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php index 64c6355b2b..650f27c21f 100644 --- a/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php +++ b/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php @@ -18,7 +18,7 @@ class StoreRemoteMediaPlugin extends Plugin public $domain_blacklist = array(); public $check_blacklist = false; - public $max_image_bytes = 5242880; // 5MiB max image size by default + public $max_image_bytes = 10485760; // 10MiB max image size by default protected $imgData = array(); From 3166a04cefecc2e9c38c8a88591942ea317391f8 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 25 Jun 2016 20:50:00 +0200 Subject: [PATCH 245/415] actually respond with the error message in text on Salmon calls --- plugins/OStatus/lib/salmonaction.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/plugins/OStatus/lib/salmonaction.php b/plugins/OStatus/lib/salmonaction.php index 3b9472eeb8..4d2144c300 100644 --- a/plugins/OStatus/lib/salmonaction.php +++ b/plugins/OStatus/lib/salmonaction.php @@ -31,6 +31,8 @@ class SalmonAction extends Action protected $oprofile = null; // Ostatus_profile of the actor protected $actor = null; // Profile object of the actor + var $format = 'text'; // error messages will be printed in plaintext + var $xml = null; var $activity = null; var $target = null; From a833eaa6513a3f7e5732721996877e442a0af100 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 28 Jun 2016 11:51:11 +0200 Subject: [PATCH 246/415] Make all hash algorithms available (but whitelist by default) sha1 is whitelisted only because StatusNet requires it. --- lib/default.php | 3 +++ plugins/OStatus/classes/FeedSub.php | 41 +++++++++++++++++------------ 2 files changed, 27 insertions(+), 17 deletions(-) diff --git a/lib/default.php b/lib/default.php index 12e194f549..b3685a284c 100644 --- a/lib/default.php +++ b/lib/default.php @@ -64,6 +64,9 @@ $default = 'notice' => null, // site wide notice text 'build' => 1, // build number, for code-dependent cache ), + 'security' => + array('hash_algos' => ['sha1', 'sha256', 'sha512'], // set to null for anything that hash_hmac() can handle (and is in hash_algos()) + ), 'db' => array('database' => null, // must be set 'schema_location' => INSTALLDIR . '/classes', diff --git a/plugins/OStatus/classes/FeedSub.php b/plugins/OStatus/classes/FeedSub.php index 72746e9b90..13a5439421 100644 --- a/plugins/OStatus/classes/FeedSub.php +++ b/plugins/OStatus/classes/FeedSub.php @@ -442,10 +442,10 @@ class FeedSub extends Managed_DataObject */ public function receive($post, $hmac) { - common_log(LOG_INFO, __METHOD__ . ": packet for \"" . $this->getUri() . "\"! $hmac $post"); + common_log(LOG_INFO, sprintf(__METHOD__.': packet for %s with HMAC %s', _ve($this->getUri()), _ve($hmac))); if (!in_array($this->sub_state, array('active', 'nohub'))) { - common_log(LOG_ERR, __METHOD__ . ": ignoring PuSH for inactive feed " . $this->getUri() . " (in state '$this->sub_state')"); + common_log(LOG_ERR, sprintf(__METHOD__.': ignoring PuSH for inactive feed %s (in state %s)', _ve($this->getUri()), _ve($this->sub_state))); return; } @@ -480,7 +480,7 @@ class FeedSub extends Managed_DataObject * shared secret that was set up at subscription time. * * If we don't have a shared secret, there should be no signature. - * If we we do, our the calculated HMAC should match theirs. + * If we do, our calculated HMAC should match theirs. * * @param string $post raw XML source as POSTed to us * @param string $hmac X-Hub-Signature HTTP header value, or empty @@ -489,29 +489,36 @@ class FeedSub extends Managed_DataObject protected function validatePushSig($post, $hmac) { if ($this->secret) { - if (preg_match('/^sha1=([0-9a-fA-F]{40})$/', $hmac, $matches)) { - $their_hmac = strtolower($matches[1]); - $our_hmac = hash_hmac('sha1', $post, $this->secret); + // {3,16} because shortest hash algorithm name is 3 characters (md2,md4,md5) and longest + // is currently 11 characters, but we'll leave some margin in the end... + if (preg_match('/^([0-9a-zA-Z\-\,]{3,16})=([0-9a-fA-F]+)$/', $hmac, $matches)) { + $hash_algo = strtolower($matches[1]); + $their_hmac = strtolower($matches[2]); + common_debug(sprintf(__METHOD__ . ': PuSH from feed %s uses HMAC algorithm %s with value: %s', _ve($this->getUri()), _ve($hash_algo), _ve($their_hmac))); + + if (!in_array($hash_algo, hash_algos())) { + // We can't handle this at all, PHP doesn't recognize the algorithm name ('md5', 'sha1', 'sha256' etc: https://secure.php.net/manual/en/function.hash-algos.php) + common_log(LOG_ERR, sprintf(__METHOD__.': HMAC algorithm %s unsupported, not found in PHP hash_algos()', _ve($hash_algo))); + return false; + } elseif (!is_null(common_config('security', 'hash_algos')) && !in_array($hash_algo, common_config('security', 'hash_algos'))) { + // We _won't_ handle this because there is a list of accepted hash algorithms and this one is not in it. + common_log(LOG_ERR, sprintf(__METHOD__.': Whitelist for HMAC algorithms exist, but %s is not included.', _ve($hash_algo))); + return false; + } + + $our_hmac = hash_hmac($hash_algo, $post, $this->secret); if ($their_hmac === $our_hmac) { return true; } - if (common_config('feedsub', 'debug')) { - $tempfile = tempnam(sys_get_temp_dir(), 'feedsub-receive'); - if ($tempfile) { - file_put_contents($tempfile, $post); - } - common_log(LOG_ERR, __METHOD__ . ": ignoring PuSH with bad SHA-1 HMAC: got $their_hmac, expected $our_hmac for feed " . $this->getUri() . " on $this->huburi; saved to $tempfile"); - } else { - common_log(LOG_ERR, __METHOD__ . ": ignoring PuSH with bad SHA-1 HMAC: got $their_hmac, expected $our_hmac for feed " . $this->getUri() . " on $this->huburi"); - } + common_log(LOG_ERR, sprintf(__METHOD__.': ignoring PuSH with bad HMAC hash: got %s, expected %s for feed %s from hub %s', _ve($their_hmac), _ve($our_hmac), _ve($this->getUri()), _ve($this->huburi))); } else { - common_log(LOG_ERR, __METHOD__ . ": ignoring PuSH with bogus HMAC '$hmac'"); + common_log(LOG_ERR, sprintf(__METHOD__.': ignoring PuSH with bogus HMAC==', _ve($hmac))); } } else { if (empty($hmac)) { return true; } else { - common_log(LOG_ERR, __METHOD__ . ": ignoring PuSH with unexpected HMAC '$hmac'"); + common_log(LOG_ERR, sprintf(__METHOD__.': ignoring PuSH with unexpected HMAC==%s', _ve($hmac))); } } return false; From d7a29be3ac6862f5af5c8d0cdda6cea605f59a53 Mon Sep 17 00:00:00 2001 From: Martin Lyth Date: Thu, 30 Jun 2016 18:24:58 -0400 Subject: [PATCH 247/415] Change Profile->getUser() to match the current user Profile->getUser() gets the User independently from common_current_user. This means that changes to one does not affect the other, even if they are the same user. This changes that, so that getUser() returns common_current_user() if they are both the same user. This is done to fix a bug in the user profile settings, where changes in the language and timezone are applied to the return value of Profile->getUser() but not propagated to common_cur_user(), which causes the profile settings to display incorrect information until the page is refreshed. --- classes/Profile.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/classes/Profile.php b/classes/Profile.php index fb6a621273..a38ee9f499 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -93,6 +93,10 @@ class Profile extends Managed_DataObject if (!$user instanceof User) { throw new NoSuchUserException(array('id'=>$this->id)); } + $cur_user = common_current_user(); + if ($user->id === $cur_user->id) { + $user = $cur_user; + } $this->_user[$this->id] = $user; } return $this->_user[$this->id]; From cfd9aee57bd1344313ccfbc0d699db74297e80dc Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 2 Jul 2016 13:32:23 +0200 Subject: [PATCH 248/415] Better logging for issue #205 --- plugins/LRDD/lib/discovery.php | 1 + 1 file changed, 1 insertion(+) diff --git a/plugins/LRDD/lib/discovery.php b/plugins/LRDD/lib/discovery.php index 6818e12557..579f414bc6 100644 --- a/plugins/LRDD/lib/discovery.php +++ b/plugins/LRDD/lib/discovery.php @@ -125,6 +125,7 @@ class Discovery $xrd->loadString($response->getBody()); return $xrd; } catch (Exception $e) { + common_log(LOG_INFO, sprintf('%s: Failed for %s: %s', _ve($class), _ve($uri), _ve($e->getMessage()))); continue; } } From 3987cad9b738b8ffd28a01f46bd7370c589b2917 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 2 Jul 2016 13:44:25 +0200 Subject: [PATCH 249/415] Use delivered content-type to parse XML_XRD In issue #205 we saw data coming in with an additional line-break before the JSON data which fuzzed the auto-detection in XML_XRD (which assumed a { as the first character). If we use the Content-type header from HTTP we can avoid that issue. --- plugins/LRDD/lib/discovery.php | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/plugins/LRDD/lib/discovery.php b/plugins/LRDD/lib/discovery.php index 579f414bc6..03f24e04fa 100644 --- a/plugins/LRDD/lib/discovery.php +++ b/plugins/LRDD/lib/discovery.php @@ -122,8 +122,22 @@ class Discovery throw new Exception('Unexpected HTTP status code.'); } - $xrd->loadString($response->getBody()); + switch ($response->getHeader('content-type')) { + case self::JRD_MIMETYPE_OLD: + case self::JRD_MIMETYPE: + $type = 'json'; + break; + case self::XRD_MIMETYPE: + $type = 'xml'; + break; + default: + // fall back to letting XML_XRD auto-detect + common_debug('No recognized content-type header for resource descriptor body.'); + $type = null; + } + $xrd->loadString($response->getBody(), $type); return $xrd; + } catch (Exception $e) { common_log(LOG_INFO, sprintf('%s: Failed for %s: %s', _ve($class), _ve($uri), _ve($e->getMessage()))); continue; From a62755182c500c7c819868538efc37564f4d86e9 Mon Sep 17 00:00:00 2001 From: Martin Lyth Date: Sat, 2 Jul 2016 15:45:42 -0400 Subject: [PATCH 250/415] Test user equality better in Profile->getUser() --- classes/Profile.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/classes/Profile.php b/classes/Profile.php index a38ee9f499..ef3f5c1b2f 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -94,7 +94,7 @@ class Profile extends Managed_DataObject throw new NoSuchUserException(array('id'=>$this->id)); } $cur_user = common_current_user(); - if ($user->id === $cur_user->id) { + if (($cur_user instanceof User) && $cur_user->sameAS($this)) { $user = $cur_user; } $this->_user[$this->id] = $user; From c9afdae01ccf48d1456be3f98b257d6f18097882 Mon Sep 17 00:00:00 2001 From: Martin Lyth Date: Sat, 2 Jul 2016 17:02:37 -0400 Subject: [PATCH 251/415] Check if we're the current user before retrieving --- classes/Profile.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/classes/Profile.php b/classes/Profile.php index ef3f5c1b2f..b557e3088c 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -89,13 +89,14 @@ class Profile extends Managed_DataObject public function getUser() { if (!isset($this->_user[$this->id])) { - $user = User::getKV('id', $this->id); - if (!$user instanceof User) { - throw new NoSuchUserException(array('id'=>$this->id)); - } $cur_user = common_current_user(); if (($cur_user instanceof User) && $cur_user->sameAS($this)) { $user = $cur_user; + } else { + $user = User::getKV('id', $this->id); + if (!$user instanceof User) { + throw new NoSuchUserException(array('id'=>$this->id)); + } } $this->_user[$this->id] = $user; } From b0204023c071e312bf961317099de6f6f367118f Mon Sep 17 00:00:00 2001 From: Martin Lyth Date: Sat, 2 Jul 2016 17:43:47 -0400 Subject: [PATCH 252/415] Fix the case of a call to sameAs() --- classes/Profile.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/classes/Profile.php b/classes/Profile.php index b557e3088c..da01213d71 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -90,7 +90,7 @@ class Profile extends Managed_DataObject { if (!isset($this->_user[$this->id])) { $cur_user = common_current_user(); - if (($cur_user instanceof User) && $cur_user->sameAS($this)) { + if (($cur_user instanceof User) && $cur_user->sameAs($this)) { $user = $cur_user; } else { $user = User::getKV('id', $this->id); From b4a0bff740b7b654bd405f27910c62a60ec58fc7 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 6 Jul 2016 08:59:16 +0200 Subject: [PATCH 253/415] Some mimetype madness! --- classes/File.php | 11 +++++----- lib/default.php | 3 ++- lib/unknownmimeextensionexception.php | 30 +++++++++++++++++++++++++++ lib/util.php | 2 +- 4 files changed, 39 insertions(+), 7 deletions(-) create mode 100644 lib/unknownmimeextensionexception.php diff --git a/classes/File.php b/classes/File.php index b28f1373d6..6197539d94 100644 --- a/classes/File.php +++ b/classes/File.php @@ -304,13 +304,12 @@ class File extends Managed_DataObject $ext = common_supported_mime_to_ext($mimetype); // we do, so use it! return $ext; - } catch (Exception $e) { // FIXME: Make this exception more specific to "unknown mime=>ext relation" + } catch (UnknownMimeExtensionException $e) { // We don't know the extension for this mimetype, but let's guess. - // If we are very liberal with uploads ($config['attachments']['supported'] === true) - // then we try to do some guessing based on the filename, if it was supplied. - if (!is_null($filename) && common_config('attachments', 'supported')===true - && preg_match('/^.+\.([A-Za-z0-9]+)$/', $filename, $matches)) { + // If we can't recognize the extension from the MIME, we try + // to guess based on filename, if one was supplied. + if (!is_null($filename) && preg_match('/^.+\.([A-Za-z0-9]+)$/', $filename, $matches)) { // we matched on a file extension, so let's see if it means something. $ext = mb_strtolower($matches[1]); @@ -330,6 +329,8 @@ class File extends Managed_DataObject // the attachment extension based on its filename was not blacklisted so it's ok to use it return $ext; } + } catch (Exception $e) { + common_log(LOG_INFO, 'Problem when figuring out extension for mimetype: '._ve($e)); } // If nothing else has given us a result, try to extract it from diff --git a/lib/default.php b/lib/default.php index b3685a284c..5e711bb87c 100644 --- a/lib/default.php +++ b/lib/default.php @@ -249,6 +249,7 @@ $default = 'application/zip' => 'zip', 'application/x-go-sgf' => 'sgf', 'application/xml' => 'xml', + 'application/gpx+xml' => 'gpx', 'image/png' => 'png', 'image/jpeg' => 'jpg', 'image/gif' => 'gif', @@ -273,7 +274,7 @@ $default = 'show_thumbs' => true, // show thumbnails in notice lists for uploaded images, and photos and videos linked remotely that provide oEmbed info 'process_links' => true, // check linked resources for embeddable photos and videos; this will hit referenced external web sites when processing new messages. 'extblacklist' => [ - 'php' => 'phps', + 'php' => 'phps', // this turns .php into .phps 'exe' => false, // this would deny any uploads to keep the "exe" file extension ], ), diff --git a/lib/unknownmimeextensionexception.php b/lib/unknownmimeextensionexception.php new file mode 100644 index 0000000000..0937467d07 --- /dev/null +++ b/lib/unknownmimeextensionexception.php @@ -0,0 +1,30 @@ + + * @license https://www.gnu.org/licenses/agpl-3.0.html + * @link https://gnu.io/social + */ + +class UnknownMimeExtensionException extends ServerException +{ + public function __construct($msg=null) + { + if ($msg === null) { + // TRANS: We accept the file type (we probably just accept all files) + // TRANS: but don't know the file extension for it. + $msg = _('Supported mimetype but unknown extension relation.'); + } + + parent::__construct($msg); + } +} diff --git a/lib/util.php b/lib/util.php index a2415945f1..8d95ec2305 100644 --- a/lib/util.php +++ b/lib/util.php @@ -2016,7 +2016,7 @@ function common_supported_mime_to_ext($mimetype) { $supported = common_config('attachments', 'supported'); if ($supported === true) { - throw new ServerException('Supported mimetype but unknown extension relation.'); + throw new UnknownMimeExtensionException(); } foreach($supported as $type => $ext) { if ($mimetype === $type) { From 4117118e230e1fd27922600337a3910bebb3791d Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 6 Jul 2016 09:14:59 +0200 Subject: [PATCH 254/415] More specific exceptions for mimetype/extension issues. --- lib/unknownextensionmimeexception.php | 26 ++++++++++++++++++++++++++ lib/unknownmimeextensionexception.php | 11 ++++------- lib/util.php | 4 ++-- 3 files changed, 32 insertions(+), 9 deletions(-) create mode 100644 lib/unknownextensionmimeexception.php diff --git a/lib/unknownextensionmimeexception.php b/lib/unknownextensionmimeexception.php new file mode 100644 index 0000000000..faa6e9cf25 --- /dev/null +++ b/lib/unknownextensionmimeexception.php @@ -0,0 +1,26 @@ + + * @license https://www.gnu.org/licenses/agpl-3.0.html + * @link https://gnu.io/social + */ + +class UnknownExtensionMimeException extends ServerException +{ + public function __construct($ext) + { + // TRANS: We accept the file type (we probably just accept all files) + // TRANS: but don't know the file extension for it. %1$s is the extension. + $msg = sprintf(_('Unknown MIME type for file extension: %1$s'), _ve($ext)); + + parent::__construct($msg); + } +} diff --git a/lib/unknownmimeextensionexception.php b/lib/unknownmimeextensionexception.php index 0937467d07..fbc3a67742 100644 --- a/lib/unknownmimeextensionexception.php +++ b/lib/unknownmimeextensionexception.php @@ -17,14 +17,11 @@ if (!defined('GNUSOCIAL')) { exit(1); } class UnknownMimeExtensionException extends ServerException { - public function __construct($msg=null) + public function __construct($mimetype) { - if ($msg === null) { - // TRANS: We accept the file type (we probably just accept all files) - // TRANS: but don't know the file extension for it. - $msg = _('Supported mimetype but unknown extension relation.'); - } - + // TRANS: We accept the file type (we probably just accept all files) + // TRANS: but don't know the file extension for it. + $msg = sprintf(_('Supported mimetype but unknown extension relation: %1$s'), _ve($mimetype)); parent::__construct($msg); } } diff --git a/lib/util.php b/lib/util.php index 8d95ec2305..846605bc7f 100644 --- a/lib/util.php +++ b/lib/util.php @@ -2000,7 +2000,7 @@ function common_supported_ext_to_mime($fileext) $supported = common_config('attachments', 'supported'); if ($supported === true) { - throw new ServerException('Supported extension but unknown mimetype relation.'); + throw new UnknownExtensionMimeException($fileext); } foreach($supported as $type => $ext) { if ($ext === $fileext) { @@ -2016,7 +2016,7 @@ function common_supported_mime_to_ext($mimetype) { $supported = common_config('attachments', 'supported'); if ($supported === true) { - throw new UnknownMimeExtensionException(); + throw new UnknownMimeExtensionException($mimetype); } foreach($supported as $type => $ext) { if ($mimetype === $type) { From 71afb5be75decf19b5fd7bb294d2b0f9ed92272e Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 6 Jul 2016 09:34:09 +0200 Subject: [PATCH 255/415] If the file is text/plain, see if we accept the extension --- lib/mediafile.php | 7 +++++-- lib/util.php | 26 ++++++++++++++++---------- 2 files changed, 21 insertions(+), 12 deletions(-) diff --git a/lib/mediafile.php b/lib/mediafile.php index 54d00b4acf..803cbe0a4c 100644 --- a/lib/mediafile.php +++ b/lib/mediafile.php @@ -355,6 +355,7 @@ class MediaFile $unclearTypes = array('application/octet-stream', 'application/vnd.ms-office', 'application/zip', + 'text/plain', 'text/html', // Ironically, Wikimedia Commons' SVG_logo.svg is identified as text/html // TODO: for XML we could do better content-based sniffing too 'text/xml'); @@ -364,10 +365,12 @@ class MediaFile // If we didn't match, or it is an unclear match if ($originalFilename && (!$mimetype || in_array($mimetype, $unclearTypes))) { try { - $type = common_supported_ext_to_mime($originalFilename); + $type = common_supported_filename_to_mime($originalFilename); return $type; + } catch (UnknownExtensionMimeException $e) { + // FIXME: I think we should keep the file extension here (supported should be === true here) } catch (Exception $e) { - // Extension not found, so $mimetype is our best guess + // Extension parsed but no connected mimetype, so $mimetype is our best guess } } diff --git a/lib/util.php b/lib/util.php index 846605bc7f..985b3773df 100644 --- a/lib/util.php +++ b/lib/util.php @@ -1991,15 +1991,22 @@ function common_accept_to_prefs($accept, $def = '*/*') } // Match by our supported file extensions -function common_supported_ext_to_mime($fileext) +function common_supported_filename_to_mime($filename) { // Accept a filename and take out the extension - if (strpos($fileext, '.') !== false) { - $fileext = substr(strrchr($fileext, '.'), 1); + if (strpos($filename, '.') === false) { + throw new ServerException(sprintf('No extension on filename: %1$s', _ve($filename))); } + $fileext = substr(strrchr($filename, '.'), 1); + return common_supported_ext_to_mime($fileext); +} + +function common_supported_ext_to_mime($fileext) +{ $supported = common_config('attachments', 'supported'); if ($supported === true) { + // FIXME: Should we just accept the extension straight off when supported === true? throw new UnknownExtensionMimeException($fileext); } foreach($supported as $type => $ext) { @@ -2015,16 +2022,15 @@ function common_supported_ext_to_mime($fileext) function common_supported_mime_to_ext($mimetype) { $supported = common_config('attachments', 'supported'); - if ($supported === true) { - throw new UnknownMimeExtensionException($mimetype); - } - foreach($supported as $type => $ext) { - if ($mimetype === $type) { - return $ext; + if (is_array($supported)) { + foreach($supported as $type => $ext) { + if ($mimetype === $type) { + return $ext; + } } } - throw new ServerException('Unsupported MIME type'); + throw new UnknownMimeExtensionException($mimetype); } // The MIME "media" is the part before the slash (video in video/webm) From 4a3ed7d0aec07c8b94dded9edf8d3d859ffc6488 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 7 Jul 2016 00:43:51 +0200 Subject: [PATCH 256/415] I don't know why we would set the mimetype as title here --- plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php b/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php index 650f27c21f..2e42802724 100644 --- a/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php +++ b/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php @@ -55,7 +55,7 @@ class StoreRemoteMediaPlugin extends Plugin switch (common_get_mime_media($file->mimetype)) { case 'image': // Just to set something for now at least... - $file->title = $file->mimetype; + //$file->title = $file->mimetype; break; } From f02d32b718de732181d0f73beed2b7fdb77b1cbd Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 7 Jul 2016 00:44:50 +0200 Subject: [PATCH 257/415] Reworked File->getUrl to throw exception In case you require a local URL and one can't be generated, throw FileNotStoredLocallyException(File $file) --- classes/File.php | 18 ++++++++++++++---- lib/filenotstoredlocallyexception.php | 15 +++++++++++++++ 2 files changed, 29 insertions(+), 4 deletions(-) create mode 100644 lib/filenotstoredlocallyexception.php diff --git a/classes/File.php b/classes/File.php index 6197539d94..7bd7da27ba 100644 --- a/classes/File.php +++ b/classes/File.php @@ -529,13 +529,23 @@ class File extends Managed_DataObject return common_local_url('attachment', array('attachment'=>$this->getID())); } - public function getUrl($prefer_local=true) + /** + * @param mixed $use_local true means require local, null means prefer local, false means use whatever is stored + */ + public function getUrl($use_local=null) { - if ($prefer_local && !empty($this->filename)) { - // A locally stored file, so let's generate a URL for our instance. - return self::url($this->getFilename()); + if ($use_local !== false) { + if (is_string($this->filename) || !empty($this->filename)) { + // A locally stored file, so let's generate a URL for our instance. + return self::url($this->getFilename()); + } + if ($use_local) { + // if the file wasn't stored locally (has filename) and we require a local URL + throw new FileNotStoredLocallyException($this); + } } + // No local filename available, return the URL we have stored return $this->url; } diff --git a/lib/filenotstoredlocallyexception.php b/lib/filenotstoredlocallyexception.php new file mode 100644 index 0000000000..2d2ad8fc37 --- /dev/null +++ b/lib/filenotstoredlocallyexception.php @@ -0,0 +1,15 @@ +file = $file; + common_debug('Requested local URL for a file that is not stored locally with id=='._ve($this->file->getID())); + parent::__construct(_('Requested local URL for a file that is not stored locally.')); + } +} From 6332a4d800c7cb63f5da6eae25d82135cfc0d244 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 7 Jul 2016 00:45:31 +0200 Subject: [PATCH 258/415] Handle FileNotStoredLocallyException in attachmentlistitem --- lib/attachmentlistitem.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/lib/attachmentlistitem.php b/lib/attachmentlistitem.php index dc22c8af29..133756147c 100644 --- a/lib/attachmentlistitem.php +++ b/lib/attachmentlistitem.php @@ -63,7 +63,7 @@ class AttachmentListItem extends Widget } function title() { - return $this->attachment->getTitle(); + return $this->attachment->getTitle() ?: _('Untitled attachment'); } function linkTitle() { @@ -141,7 +141,13 @@ class AttachmentListItem extends Widget if ($thumb instanceof File_thumbnail) { $this->out->element('img', $thumb->getHtmlAttrs(['class'=>'u-photo', 'alt' => ''])); } else { - $this->out->element('img', array('class'=>'u-photo', 'src' => $this->attachment->getUrl(), 'alt' => $this->attachment->getTitle())); + try { + // getUrl(true) because we don't want to hotlink, could be made configurable + $this->out->element('img', ['class'=>'u-photo', 'src'=>$this->attachment->getUrl(true), 'alt' => $this->attachment->getTitle()]); + } catch (FileNotStoredLocallyException $e) { + $url = $e->file->getUrl(false); + $this->out->element('a', ['href'=>$url, 'rel'=>'external'], $url); + } } unset($thumb); // there's no need carrying this along after this break; From 1d53e7060ada2f075955d1c3e32357279abab880 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 7 Jul 2016 11:11:20 +0200 Subject: [PATCH 259/415] Changed ShowfavoritesAction to use Action functions for profiles --- plugins/Favorite/actions/showfavorites.php | 23 +++++++++++----------- 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/plugins/Favorite/actions/showfavorites.php b/plugins/Favorite/actions/showfavorites.php index ea1169957c..08366e4c16 100644 --- a/plugins/Favorite/actions/showfavorites.php +++ b/plugins/Favorite/actions/showfavorites.php @@ -65,53 +65,52 @@ class ShowfavoritesAction extends ShowstreamAction return array(new Feed(Feed::JSON, common_local_url('ApiTimelineFavorites', array( - 'id' => $this->user->nickname, + 'id' => $this->getTarget()->getNickname(), 'format' => 'as')), // TRANS: Feed link text. %s is a username. sprintf(_('Feed for favorites of %s (Activity Streams JSON)'), - $this->user->nickname)), + $this->getTarget()->getNickname())), new Feed(Feed::RSS1, common_local_url('favoritesrss', - array('nickname' => $this->user->nickname)), + array('nickname' => $this->getTarget()->getNickname())), // TRANS: Feed link text. %s is a username. sprintf(_('Feed for favorites of %s (RSS 1.0)'), - $this->user->nickname)), + $this->getTarget()->getNickname())), new Feed(Feed::RSS2, common_local_url('ApiTimelineFavorites', array( - 'id' => $this->user->nickname, + 'id' => $this->getTarget()->getNickname(), 'format' => 'rss')), // TRANS: Feed link text. %s is a username. sprintf(_('Feed for favorites of %s (RSS 2.0)'), - $this->user->nickname)), + $this->getTarget()->getNickname())), new Feed(Feed::ATOM, common_local_url('ApiTimelineFavorites', array( - 'id' => $this->user->nickname, + 'id' => $this->getTarget()->getNickname(), 'format' => 'atom')), // TRANS: Feed link text. %s is a username. sprintf(_('Feed for favorites of %s (Atom)'), - $this->user->nickname))); + $this->getTarget()->getNickname()))); } function showEmptyListMessage() { if (common_logged_in()) { - $current_user = common_current_user(); - if ($this->user->id === $current_user->id) { + if ($this->getTarget()->sameAs($this->getScoped())) { // TRANS: Text displayed instead of favourite notices for the current logged in user that has no favourites. $message = _('You haven\'t chosen any favorite notices yet. Click the fave button on notices you like to bookmark them for later or shed a spotlight on them.'); } else { // TRANS: Text displayed instead of favourite notices for a user that has no favourites while logged in. // TRANS: %s is a username. - $message = sprintf(_('%s hasn\'t added any favorite notices yet. Post something interesting they would add to their favorites :)'), $this->user->nickname); + $message = sprintf(_('%s hasn\'t added any favorite notices yet. Post something interesting they would add to their favorites :)'), $this->getTarget()->getNickname()); } } else { // TRANS: Text displayed instead of favourite notices for a user that has no favourites while not logged in. // TRANS: %s is a username, %%%%action.register%%%% is a link to the user registration page. // TRANS: (link text)[link] is a Mark Down link. - $message = sprintf(_('%s hasn\'t added any favorite notices yet. Why not [register an account](%%%%action.register%%%%) and then post something interesting they would add to their favorites :)'), $this->user->nickname); + $message = sprintf(_('%s hasn\'t added any favorite notices yet. Why not [register an account](%%%%action.register%%%%) and then post something interesting they would add to their favorites :)'), $this->getTarget()->getNickname()); } $this->elementStart('div', 'guide'); From 36cfe9f85774e037b4eeaebc19f9e78d149f7507 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 15 Jul 2016 12:52:01 +0200 Subject: [PATCH 260/415] Delete successfully generated thumbnail (temporary sources) too. --- lib/imagefile.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/lib/imagefile.php b/lib/imagefile.php index b0cd13089f..626221d9a8 100644 --- a/lib/imagefile.php +++ b/lib/imagefile.php @@ -151,10 +151,14 @@ class ImageFile try { $image = new ImageFile($file->getID(), $imgPath); - } catch (UnsupportedMediaException $e) { + } catch (Exception $e) { + common_debug(sprintf('Exception caught when creating ImageFile for File id==%s and imgPath==', _ve($file->id), _ve($imgPath))); + throw $e; + } finally { // Avoid deleting the original try { - if ($imgPath !== $file->getPath()) { + if (strlen($imgPath) > 0 && $imgPath !== $file->getPath()) { + common_debug(__METHOD__.': Deleting temporary file that was created as image file thumbnail source: '._ve($imgPath)); @unlink($imgPath); } } catch (FileNotFoundException $e) { @@ -162,7 +166,6 @@ class ImageFile // doesn't exist anyway, so it's safe to delete $imgPath @unlink($imgPath); } - throw $e; } return $image; } From 46c227bf3a14e98b15c4935390f2e009ed904f8b Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 15 Jul 2016 13:19:16 +0200 Subject: [PATCH 261/415] FileNotFoundException is more proper here --- lib/imagefile.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/imagefile.php b/lib/imagefile.php index 626221d9a8..ab59e16b25 100644 --- a/lib/imagefile.php +++ b/lib/imagefile.php @@ -146,7 +146,7 @@ class ImageFile } if (!file_exists($imgPath)) { - throw new ServerException(sprintf('Image not available locally: %s', $imgPath)); + throw new FileNotFoundException($imgPath); } try { From fc440ba7e767803fb57644fc9af53c14706055de Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 20 Jul 2016 22:51:38 +0200 Subject: [PATCH 262/415] Easier debugging of VideoThumbnails plugin --- plugins/VideoThumbnails/VideoThumbnailsPlugin.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/plugins/VideoThumbnails/VideoThumbnailsPlugin.php b/plugins/VideoThumbnails/VideoThumbnailsPlugin.php index e8cf7e31f2..fc3925375f 100644 --- a/plugins/VideoThumbnails/VideoThumbnailsPlugin.php +++ b/plugins/VideoThumbnails/VideoThumbnailsPlugin.php @@ -67,7 +67,9 @@ class VideoThumbnailsPlugin extends Plugin common_log(LOG_ERR, 'Neither ffmpeg nor avconv was found in your PATH. Cannot create video thumbnail.'); return true; } - $result = exec($cmd.' -y -i '.escapeshellarg($file->getPath()).' -vcodec mjpeg -vframes 1 -f image2 -an '.escapeshellarg($tmp_imgPath)); + $fullcmd = $cmd.' -y -i '.escapeshellarg($file->getPath()).' -vcodec mjpeg -vframes 1 -f image2 -an '.escapeshellarg($tmp_imgPath); + common_debug(__METHOD__ . ' executing: '._ve($fullcmd)); + $result = exec($fullcmd); if (!getimagesize($tmp_imgPath)) { common_debug('exec of "avconv" produced a bad/nonexisting image it seems'); From e8e996182fce9979d9380243944b5bea06db65eb Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 21 Jul 2016 00:23:27 +0200 Subject: [PATCH 263/415] Delete file on class destruction or we do it too quickly Source image was removed when trying to use it for resizeTo --- lib/imagefile.php | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/lib/imagefile.php b/lib/imagefile.php index ab59e16b25..0d711ad986 100644 --- a/lib/imagefile.php +++ b/lib/imagefile.php @@ -120,6 +120,14 @@ class ImageFile Event::handle('FillImageFileMetadata', array($this)); } + public function __destruct() + { + if (strlen($this->filepath) > 0 && (!$this->fileRecord instanceof File || $this->filepath !== $this->fileRecord->getPath())) { + common_debug(__METHOD__.': Deleting temporary file that was created as image file thumbnail source: '._ve($this->filepath)); + @unlink($this->filepath); + } + } + public static function fromFileObject(File $file) { $imgPath = null; @@ -152,9 +160,6 @@ class ImageFile try { $image = new ImageFile($file->getID(), $imgPath); } catch (Exception $e) { - common_debug(sprintf('Exception caught when creating ImageFile for File id==%s and imgPath==', _ve($file->id), _ve($imgPath))); - throw $e; - } finally { // Avoid deleting the original try { if (strlen($imgPath) > 0 && $imgPath !== $file->getPath()) { @@ -166,6 +171,8 @@ class ImageFile // doesn't exist anyway, so it's safe to delete $imgPath @unlink($imgPath); } + common_debug(sprintf('Exception caught when creating ImageFile for File id==%s and imgPath==', _ve($file->id), _ve($imgPath))); + throw $e; } return $image; } @@ -587,7 +594,7 @@ class ImageFile list($width, $height, $x, $y, $w, $h) = $this->scaleToFit($width, $height, $crop); $thumb = File_thumbnail::pkeyGet(array( - 'file_id'=> $this->fileRecord->id, + 'file_id'=> $this->fileRecord->getID(), 'width' => $width, 'height' => $height, )); @@ -597,7 +604,7 @@ class ImageFile $filename = $this->fileRecord->filehash ?: $this->filename; // Remote files don't have $this->filehash $extension = File::guessMimeExtension($this->mimetype); - $outname = "thumb-{$this->fileRecord->id}-{$width}x{$height}-{$filename}." . $extension; + $outname = "thumb-{$this->fileRecord->getID()}-{$width}x{$height}-{$filename}." . $extension; $outpath = File_thumbnail::path($outname); // The boundary box for our resizing @@ -615,7 +622,7 @@ class ImageFile throw new ServerException('Bad thumbnail size parameters.'); } - common_debug(sprintf('Generating a thumbnail of File id==%u of size %ux%u', $this->fileRecord->id, $width, $height)); + common_debug(sprintf('Generating a thumbnail of File id==%u of size %ux%u', $this->fileRecord->getID(), $width, $height)); // Perform resize and store into file $this->resizeTo($outpath, $box); From 13e1f0a56190cb6c602c2cbced06b706f07006de Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 21 Jul 2016 00:24:05 +0200 Subject: [PATCH 264/415] VideoThumbnails shouldn't have to recreate the thumbnail all the time --- plugins/VideoThumbnails/VideoThumbnailsPlugin.php | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/plugins/VideoThumbnails/VideoThumbnailsPlugin.php b/plugins/VideoThumbnails/VideoThumbnailsPlugin.php index fc3925375f..30b62677ee 100644 --- a/plugins/VideoThumbnails/VideoThumbnailsPlugin.php +++ b/plugins/VideoThumbnails/VideoThumbnailsPlugin.php @@ -55,6 +55,21 @@ class VideoThumbnailsPlugin extends Plugin return true; } + try { + // Exception thrown if no thumbnail found + $thumb = File_thumbnail::byFile($file, false); + // If getPath doesn't throw an exception, we have a working locally stored thumbnail + return $thumb->getPath(); + } catch (NoResultException $e) { + // Alright, no thumbnail found, so let's create one. + } catch (InvalidFilenameException $e) { + // I guess this means $thumb->filename is null? Shouldn't happen because $file->filename is not null, so delete it + $thumb->delete(); + } catch (FileNotFoundException $e) { + // Thumb file was not found, let's delete it. + $thumb->delete(); + } + // Let's save our frame to a temporary file. If we fail, remove it. $tmp_imgPath = tempnam(sys_get_temp_dir(), 'socialthumb-'); From d230d332cf392edfda823d29c93489e2ef739a96 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 21 Jul 2016 00:27:22 +0200 Subject: [PATCH 265/415] return false to exit event, imgPath holds the path --- plugins/VideoThumbnails/VideoThumbnailsPlugin.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/plugins/VideoThumbnails/VideoThumbnailsPlugin.php b/plugins/VideoThumbnails/VideoThumbnailsPlugin.php index 30b62677ee..5b96653db1 100644 --- a/plugins/VideoThumbnails/VideoThumbnailsPlugin.php +++ b/plugins/VideoThumbnails/VideoThumbnailsPlugin.php @@ -58,8 +58,9 @@ class VideoThumbnailsPlugin extends Plugin try { // Exception thrown if no thumbnail found $thumb = File_thumbnail::byFile($file, false); - // If getPath doesn't throw an exception, we have a working locally stored thumbnail - return $thumb->getPath(); + $imgPath = $thumb->getPath(); + // If getPath didn't throw an exception, we have a working locally stored thumbnail + return false; } catch (NoResultException $e) { // Alright, no thumbnail found, so let's create one. } catch (InvalidFilenameException $e) { From d5c733919b3f80b4fe8f37f99e63e57e3b76ba47 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 21 Jul 2016 00:34:40 +0200 Subject: [PATCH 266/415] Because the other part of the code works now, this is unnecessary --- lib/imagefile.php | 8 -------- 1 file changed, 8 deletions(-) diff --git a/lib/imagefile.php b/lib/imagefile.php index 0d711ad986..22fdda9d30 100644 --- a/lib/imagefile.php +++ b/lib/imagefile.php @@ -120,14 +120,6 @@ class ImageFile Event::handle('FillImageFileMetadata', array($this)); } - public function __destruct() - { - if (strlen($this->filepath) > 0 && (!$this->fileRecord instanceof File || $this->filepath !== $this->fileRecord->getPath())) { - common_debug(__METHOD__.': Deleting temporary file that was created as image file thumbnail source: '._ve($this->filepath)); - @unlink($this->filepath); - } - } - public static function fromFileObject(File $file) { $imgPath = null; From 1981cb76622977ed3a0a480bfcb427b09ca3c688 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 21 Jul 2016 00:37:43 +0200 Subject: [PATCH 267/415] Select the first generated thumbnail, which should be the proper size ...most of the time. If all works well. --- classes/File_thumbnail.php | 1 + 1 file changed, 1 insertion(+) diff --git a/classes/File_thumbnail.php b/classes/File_thumbnail.php index 968883f2b8..91ba653744 100644 --- a/classes/File_thumbnail.php +++ b/classes/File_thumbnail.php @@ -98,6 +98,7 @@ class File_thumbnail extends Managed_DataObject if ($notNullUrl) { $thumb->whereAdd('url IS NOT NULL'); } + $thumb->orderBy('modified ASC'); // the first created, a somewhat ugly hack $thumb->limit(1); if (!$thumb->find(true)) { throw new NoResultException($thumb); From e52275e37f8c1593ef2214fcdf40bdc226f8758b Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 21 Jul 2016 01:38:31 +0200 Subject: [PATCH 268/415] Some comparisons were incorrect (text/html;charset=utf-8 etc.) --- lib/attachmentlistitem.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/attachmentlistitem.php b/lib/attachmentlistitem.php index 133756147c..934c5f74dd 100644 --- a/lib/attachmentlistitem.php +++ b/lib/attachmentlistitem.php @@ -174,7 +174,7 @@ class AttachmentListItem extends Widget default: unset($thumb); // there's no need carrying this along - switch ($this->attachment->mimetype) { + switch (common_bare_mime($this->attachment->mimetype)) { case 'text/plain': $this->element('div', ['class'=>'e-content plaintext'], file_get_contents($this->attachment->getPath())); break; From 809e2f6d075402b3fdf81f6168e5841ac69f0718 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 21 Jul 2016 01:38:48 +0200 Subject: [PATCH 269/415] Use File->getID() --- plugins/Oembed/OembedPlugin.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/plugins/Oembed/OembedPlugin.php b/plugins/Oembed/OembedPlugin.php index 6950fb0a9a..652da64ffd 100644 --- a/plugins/Oembed/OembedPlugin.php +++ b/plugins/Oembed/OembedPlugin.php @@ -102,7 +102,7 @@ class OembedPlugin extends Plugin array(), array('format'=>'json', 'url'=> common_local_url('attachment', - array('attachment' => $action->attachment->id)))), + array('attachment' => $action->attachment->getID())))), 'title'=>'oEmbed'),null); $action->element('link',array('rel'=>'alternate', 'type'=>'text/xml+oembed', @@ -111,7 +111,7 @@ class OembedPlugin extends Plugin array(), array('format'=>'xml','url'=> common_local_url('attachment', - array('attachment' => $action->attachment->id)))), + array('attachment' => $action->attachment->getID())))), 'title'=>'oEmbed'),null); break; case 'shownotice': @@ -159,9 +159,9 @@ class OembedPlugin extends Plugin */ public function onEndFileSaveNew(File $file) { - $fo = File_oembed::getKV('file_id', $file->id); + $fo = File_oembed::getKV('file_id', $file->getID()); if ($fo instanceof File_oembed) { - common_log(LOG_WARNING, "Strangely, a File_oembed object exists for new file {$file->id}", __FILE__); + common_log(LOG_WARNING, "Strangely, a File_oembed object exists for new file {$file->getID()}", __FILE__); return true; } @@ -178,14 +178,14 @@ class OembedPlugin extends Plugin return true; } - File_oembed::saveNew($oembed_data, $file->id); + File_oembed::saveNew($oembed_data, $file->getID()); } return true; } public function onEndShowAttachmentLink(HTMLOutputter $out, File $file) { - $oembed = File_oembed::getKV('file_id', $file->id); + $oembed = File_oembed::getKV('file_id', $file->getID()); if (empty($oembed->author_name) && empty($oembed->provider)) { return true; } @@ -217,7 +217,7 @@ class OembedPlugin extends Plugin { // Never treat generic HTML links as an enclosure type! // But if we have oEmbed info, we'll consider it golden. - $oembed = File_oembed::getKV('file_id', $file->id); + $oembed = File_oembed::getKV('file_id', $file->getID()); if (!$oembed instanceof File_oembed || !in_array($oembed->type, array('photo', 'video'))) { return true; } From 1b3d5834183230180efb11d43365e68cb557b2cd Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 21 Jul 2016 03:19:05 +0200 Subject: [PATCH 270/415] file_quota for OembedPlugin too Don't download huge files that might kill memory limits. --- classes/File_thumbnail.php | 4 +++ plugins/Oembed/OembedPlugin.php | 32 +++++++++++++++---- .../StoreRemoteMediaPlugin.php | 4 +-- 3 files changed, 32 insertions(+), 8 deletions(-) diff --git a/classes/File_thumbnail.php b/classes/File_thumbnail.php index 91ba653744..68cb2a737f 100644 --- a/classes/File_thumbnail.php +++ b/classes/File_thumbnail.php @@ -273,6 +273,10 @@ class File_thumbnail extends Managed_DataObject return File::getByID($this->file_id); } + public function getFileId() + { + return $this->file_id; + } static public function hashurl($url) { diff --git a/plugins/Oembed/OembedPlugin.php b/plugins/Oembed/OembedPlugin.php index 652da64ffd..716649c68c 100644 --- a/plugins/Oembed/OembedPlugin.php +++ b/plugins/Oembed/OembedPlugin.php @@ -377,16 +377,36 @@ class OembedPlugin extends Plugin protected function storeRemoteFileThumbnail(File_thumbnail $thumbnail) { if (!empty($thumbnail->filename) && file_exists($thumbnail->getPath())) { - throw new AlreadyFulfilledException(sprintf('A thumbnail seems to already exist for remote file with id==%u', $thumbnail->file_id)); + throw new AlreadyFulfilledException(sprintf('A thumbnail seems to already exist for remote file with id==%u', $thumbnail->getFileId())); } - $url = $thumbnail->getUrl(); - $this->checkWhitelist($url); + $remoteUrl = $thumbnail->getUrl(); + $this->checkWhitelist($remoteUrl); - // First we download the file to memory and test whether it's actually an image file + $http = new HTTPClient(); + // First see if it's too large for us + common_debug(__METHOD__ . ': '.sprintf('Performing HEAD request for remote file id==%u to avoid unnecessarily downloading too large files. URL: %s', $thumbnail->getFileId(), $remoteUrl)); + $head = $http->head($remoteUrl); + $remoteUrl = $head->getEffectiveUrl(); // to avoid going through redirects again + + $headers = $head->getHeader(); + $filesize = isset($headers['content-length']) ? $headers['content-length'] : null; + + // FIXME: I just copied some checks from StoreRemoteMedia, maybe we should have other checks for thumbnails? Or at least embed into some class somewhere. + if (empty($filesize)) { + // file size not specified on remote server + common_debug(sprintf('%s: Ignoring remote thumbnail because we did not get a content length for thumbnail for file id==%u', __CLASS__, $thumbnail->getFileId())); + return true; + } elseif ($filesize > common_config('attachments', 'file_quota')) { + // file too big according to site configuration + common_debug(sprintf('%s: Skip downloading remote thumbnail because content length (%u) is larger than file_quota (%u) for file id==%u', __CLASS__, intval($filesize), common_config('attachments', 'file_quota'), $thumbnail->getFileId())); + return true; + } + + // Then we download the file to memory and test whether it's actually an image file // FIXME: To support remote video/whatever files, this needs reworking. - common_debug(sprintf('Downloading remote thumbnail for file id==%u with thumbnail URL: %s', $thumbnail->file_id, $url)); - $imgData = HTTPClient::quickGet($url); + common_debug(sprintf('Downloading remote thumbnail for file id==%u (should be size %u) with effective URL: %s', $thumbnail->getFileId(), $filesize, _ve($remoteUrl))); + $imgData = HTTPClient::quickGet($remoteUrl); $info = @getimagesizefromstring($imgData); if ($info === false) { throw new UnsupportedMediaException(_('Remote file format was not identified as an image.'), $url); diff --git a/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php b/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php index 2e42802724..e171218f79 100644 --- a/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php +++ b/plugins/StoreRemoteMedia/StoreRemoteMediaPlugin.php @@ -91,7 +91,7 @@ class StoreRemoteMediaPlugin extends Plugin $http = new HTTPClient(); common_debug(sprintf('Performing HEAD request for remote file id==%u to avoid unnecessarily downloading too large files. URL: %s', $file->getID(), $remoteUrl)); $head = $http->head($remoteUrl); - $remoteUrl = $head->effectiveUrl; // to avoid going through redirects again + $remoteUrl = $head->getEffectiveUrl(); // to avoid going through redirects again if (!$this->checkBlackList($remoteUrl)) { common_log(LOG_WARN, sprintf('%s: Non-blacklisted URL %s redirected to blacklisted URL %s', __CLASS__, $file->getUrl(), $remoteUrl)); return true; @@ -120,7 +120,7 @@ class StoreRemoteMediaPlugin extends Plugin common_debug(sprintf('Downloading remote file id==%u (should be size %u) with effective URL: %s', $file->getID(), $filesize, _ve($remoteUrl))); $imgData = HTTPClient::quickGet($remoteUrl); } catch (HTTP_Request2_ConnectionException $e) { - common_log(LOG_ERR, __CLASS__.': quickGet on URL: '._ve($file->getUrl()).' threw exception: '.$e->getMessage()); + common_log(LOG_ERR, __CLASS__.': '._ve(get_class($e)).' on URL: '._ve($file->getUrl()).' threw exception: '.$e->getMessage()); return true; } $info = @getimagesizefromstring($imgData); From d84bf834190798003cf707d861ba7e2c6073a6b9 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 23 Jul 2016 21:00:57 +0200 Subject: [PATCH 271/415] Created function File->setTitle(str) --- classes/File.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/classes/File.php b/classes/File.php index 7bd7da27ba..b0da3f09f3 100644 --- a/classes/File.php +++ b/classes/File.php @@ -693,6 +693,13 @@ class File extends Managed_DataObject return $title ?: null; } + public function setTitle($title) + { + $orig = clone($this); + $this->title = mb_strlen($title) > 0 ? $title : null; + return $this->update($orig); + } + static public function hashurl($url) { if (empty($url)) { From 563b3b1328c5fdb449847d2758cba47a06d7cf8b Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 23 Jul 2016 21:01:28 +0200 Subject: [PATCH 272/415] Using File->setTitle in oEmbed --- plugins/Oembed/OembedPlugin.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/plugins/Oembed/OembedPlugin.php b/plugins/Oembed/OembedPlugin.php index 716649c68c..187b4b9819 100644 --- a/plugins/Oembed/OembedPlugin.php +++ b/plugins/Oembed/OembedPlugin.php @@ -174,7 +174,9 @@ class OembedPlugin extends Plugin if ($oembed_data === false) { throw new Exception('Did not get oEmbed data from URL'); } + $file->setTitle($oembed_data->title); } catch (Exception $e) { + common_log(LOG_WARN, sprintf(__METHOD__.': %s thrown when getting oEmbed data: %s', get_class($e), _ve($e->getMessage()))); return true; } From 557e430c7d2ce26d55cb64c6fc8905b2ab55f891 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 6 Aug 2016 18:29:38 +0200 Subject: [PATCH 273/415] Reference local URLs in addressee list on notices. --- lib/noticelistitem.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/noticelistitem.php b/lib/noticelistitem.php index a10169e36d..5c7efa5814 100644 --- a/lib/noticelistitem.php +++ b/lib/noticelistitem.php @@ -284,7 +284,7 @@ class NoticeListItem extends Widget $this->out->elementStart('ul', 'addressees'); $first = true; foreach ($pa as $addr) { - $this->out->elementStart('li', 'h-card'); + $this->out->elementStart('li'); $text = $addr['text']; unset($addr['text']); $this->out->element('a', $addr, $text); @@ -302,12 +302,12 @@ class NoticeListItem extends Widget $attentions = $this->getAttentionProfiles(); foreach ($attentions as $attn) { - $class = $attn->isGroup() ? 'group' : 'account'; - $profileurl = $attn->getUri(); - if (common_valid_http_url($profileurl)) { - $class .= ' u-uid'; + if ($attn->isGroup()) { + $class = 'group'; + $profileurl = common_local_url('groupbyid', array('id' => $attn->getGroup()->getID())); } else { - $profileurl = $attn->getUrl(); + $class = 'account'; + $profileurl = common_local_url('userbyid', array('id' => $attn->getID())); } $this->pa[] = array('href' => $profileurl, 'title' => $attn->getNickname(), From 1f5e306760339d8c24272abadb6306ca7ac8a6ac Mon Sep 17 00:00:00 2001 From: Nym Coy Date: Tue, 9 Aug 2016 21:02:57 +0530 Subject: [PATCH 274/415] Set object_type to ActivityObject::NOTE on notices imported from Twitter. Previously was unset which caused ActivityHandler to throw an error during onStartOpenNoticeListItemElement() and the notices would not display in the timeline. --- plugins/TwitterBridge/TwitterBridgePlugin.php | 24 +++++++++++++++++++ plugins/TwitterBridge/lib/twitterimport.php | 20 +++++++++------- 2 files changed, 36 insertions(+), 8 deletions(-) diff --git a/plugins/TwitterBridge/TwitterBridgePlugin.php b/plugins/TwitterBridge/TwitterBridgePlugin.php index 0a88716853..5bf63a3946 100644 --- a/plugins/TwitterBridge/TwitterBridgePlugin.php +++ b/plugins/TwitterBridge/TwitterBridgePlugin.php @@ -570,4 +570,28 @@ class TwitterBridgePlugin extends Plugin return true; } + + /** + * Set the object_type field of previously imported Twitter notices to + * ActivityObject::NOTE if they are unset. Null object_type caused a notice + * not to show on the timeline. + */ + public function onEndUpgrade() + { + printfnq("Ensuring all Twitter notices have an object_type..."); + + $notice = new Notice(); + $notice->whereAdd("source='twitter'"); + $notice->whereAdd('object_type IS NULL'); + + if ($notice->find()) { + while ($notice->fetch()) { + $orig = Notice::getKV('id', $notice->id); + $notice->object_type = ActivityObject::NOTE; + $notice->update($orig); + } + } + + printfnq("DONE.\n"); + } } diff --git a/plugins/TwitterBridge/lib/twitterimport.php b/plugins/TwitterBridge/lib/twitterimport.php index fe11695c1f..cdbe4a3a69 100644 --- a/plugins/TwitterBridge/lib/twitterimport.php +++ b/plugins/TwitterBridge/lib/twitterimport.php @@ -137,7 +137,10 @@ class TwitterImport 'twitter', array('repeat_of' => $original->id, 'uri' => $statusUri, - 'is_local' => Notice::GATEWAY)); + 'is_local' => Notice::GATEWAY, + 'object_type' => ActivityObject::NOTE, + 'verb' => ActivityVerb::POST + )); common_log(LOG_INFO, "Saved {$repeat->id} as a repeat of {$original->id}"); Notice_to_status::saveNew($repeat->id, $statusId); return $repeat; @@ -146,18 +149,19 @@ class TwitterImport $notice = new Notice(); - $notice->profile_id = $profile->id; - $notice->uri = $statusUri; - $notice->url = $statusUri; - $notice->verb = ActivityVerb::POST; - $notice->created = strftime( + $notice->profile_id = $profile->id; + $notice->uri = $statusUri; + $notice->url = $statusUri; + $notice->verb = ActivityVerb::POST; + $notice->object_type = ActivityObject::NOTE; + $notice->created = strftime( '%Y-%m-%d %H:%M:%S', strtotime($status->created_at) ); - $notice->source = 'twitter'; + $notice->source = 'twitter'; - $notice->reply_to = null; + $notice->reply_to = null; $replyTo = twitter_id($status, 'in_reply_to_status_id'); if (!empty($replyTo)) { From 1f866fcaed27a5ebc5973d12699dba1b14911b3f Mon Sep 17 00:00:00 2001 From: Nym Coy Date: Tue, 9 Aug 2016 09:42:25 +0530 Subject: [PATCH 275/415] ActivityGenerationTests.php fails but doesn't crash anymore. Fixed an error where a profile id was reused after another profile was deleted, and the new profile still had the deleted role. Fixed ActivityGenerationTests::testNoticeInfoRepeated() which was passing User instead of Profile, throwing errors. tests/ActivityGenerationTests.php now passes. CommandInterpreterTest now passes. Moved JidValidateTest to XmppValidateTest, since Jabber functionality has moved to the XmppPlugin. Tests work but don't pass, but they are at least skipped if XmppPlugin is not active. LocationTest passes, but the tests are not very good. Lots of nulls. MediaFileTest passes. NicknameTest passes. Nickname::normalize() now throws an error if the nickname is too long with underscores. UserFeedParseTest passes. URLDetectionTest passes if $config['linkify']['(bare_ipv4|bare_ipv6| bare_domains)'] are false. Untested otherwise. Fixed Nickname::isBlacklisted() so it does not throw an error if $config['nickname]['blacklist'] not set. --- classes/Profile.php | 8 +- classes/User.php | 5 + lib/command.php | 2 +- lib/nickname.php | 12 +- plugins/Oembed/OembedPlugin.php | 2 +- tests/ActivityGenerationTests.php | 188 ++++------ tests/CommandInterperterTest.php | 17 +- tests/LocationTest.php | 11 +- tests/MediaFileTest.php | 10 +- tests/URLDetectionTest.php | 355 +++++++++++------- tests/UserFeedParseTest.php | 2 +- ...dValidateTest.php => XmppValidateTest.php} | 39 +- 12 files changed, 363 insertions(+), 288 deletions(-) rename tests/{JidValidateTest.php => XmppValidateTest.php} (82%) diff --git a/classes/Profile.php b/classes/Profile.php index fb6a621273..8db1ff2bc6 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -941,11 +941,6 @@ class Profile extends Managed_DataObject function delete($useWhere=false) { - // just in case it hadn't been done before... (usually set before adding deluser to queue handling!) - if (!$this->hasRole(Profile_role::DELETED)) { - $this->grantRole(Profile_role::DELETED); - } - $this->_deleteNotices(); $this->_deleteSubscriptions(); $this->_deleteTags(); @@ -957,6 +952,7 @@ class Profile extends Managed_DataObject // not on individual objects. $related = array('Reply', 'Group_member', + 'Profile_role' ); Event::handle('ProfileDeleteRelated', array($this, &$related)); @@ -965,6 +961,8 @@ class Profile extends Managed_DataObject $inst->profile_id = $this->id; $inst->delete(); } + + $this->grantRole(Profile_role::DELETED); $localuser = User::getKV('id', $this->id); if ($localuser instanceof User) { diff --git a/classes/User.php b/classes/User.php index 952b74134b..b4f263235b 100644 --- a/classes/User.php +++ b/classes/User.php @@ -289,6 +289,11 @@ class User extends Managed_DataObject // TRANS: Profile data could not be inserted for some reason. throw new ServerException(_m('Could not insert profile data for new user.')); } + + // Necessary because id has been known to be reissued. + if ($profile->hasRole(Profile_role::DELETED)) { + $profile->revokeRole(Profile_role::DELETED); + } $user->id = $id; diff --git a/lib/command.php b/lib/command.php index 830b97ee23..b91020be7b 100644 --- a/lib/command.php +++ b/lib/command.php @@ -28,7 +28,7 @@ class Command function __construct($user=null) { - $this->scoped = $user->getProfile(); + $this->scoped = empty($user)?null:$user->getProfile(); $this->user = $user; } diff --git a/lib/nickname.php b/lib/nickname.php index 5a5b515b4d..6e638c21b7 100644 --- a/lib/nickname.php +++ b/lib/nickname.php @@ -126,15 +126,17 @@ class Nickname */ public static function normalize($str, $checkuse=false) { + if (mb_strlen($str) > self::MAX_LEN) { + // Display forms must also fit! + throw new NicknameTooLongException(); + } + // We should also have UTF-8 normalization (å to a etc.) $str = trim($str); $str = str_replace('_', '', $str); $str = mb_strtolower($str); - if (mb_strlen($str) > self::MAX_LEN) { - // Display forms must also fit! - throw new NicknameTooLongException(); - } elseif (mb_strlen($str) < 1) { + if (mb_strlen($str) < 1) { throw new NicknameEmptyException(); } elseif (!self::isCanonical($str)) { throw new NicknameInvalidException(); @@ -172,6 +174,8 @@ class Nickname public static function isBlacklisted($str) { $blacklist = common_config('nickname', 'blacklist'); + if(!$blacklist) + return false; return in_array($str, $blacklist); } diff --git a/plugins/Oembed/OembedPlugin.php b/plugins/Oembed/OembedPlugin.php index 187b4b9819..64e3e8940c 100644 --- a/plugins/Oembed/OembedPlugin.php +++ b/plugins/Oembed/OembedPlugin.php @@ -176,7 +176,7 @@ class OembedPlugin extends Plugin } $file->setTitle($oembed_data->title); } catch (Exception $e) { - common_log(LOG_WARN, sprintf(__METHOD__.': %s thrown when getting oEmbed data: %s', get_class($e), _ve($e->getMessage()))); + common_log(LOG_WARNING, sprintf(__METHOD__.': %s thrown when getting oEmbed data: %s', get_class($e), _ve($e->getMessage()))); return true; } diff --git a/tests/ActivityGenerationTests.php b/tests/ActivityGenerationTests.php index f5ea3ad442..21fe32a58b 100644 --- a/tests/ActivityGenerationTests.php +++ b/tests/ActivityGenerationTests.php @@ -15,19 +15,17 @@ require_once INSTALLDIR . '/lib/common.php'; class ActivityGenerationTests extends PHPUnit_Framework_TestCase { - var $author1 = null; - var $author2 = null; + static $author1 = null; + static $author2 = null; - var $targetUser1 = null; - var $targetUser2 = null; + static $targetUser1 = null; + static $targetUser2 = null; - var $targetGroup1 = null; - var $targetGroup2 = null; + static $targetGroup1 = null; + static $targetGroup2 = null; - function __construct() + public static function setUpBeforeClass() { - parent::__construct(); - $authorNick1 = 'activitygenerationtestsuser' . common_random_hexstr(4); $authorNick2 = 'activitygenerationtestsuser' . common_random_hexstr(4); @@ -37,24 +35,25 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase $groupNick1 = 'activitygenerationtestsgroup' . common_random_hexstr(4); $groupNick2 = 'activitygenerationtestsgroup' . common_random_hexstr(4); - $this->author1 = User::register(array('nickname' => $authorNick1, + try{ + self::$author1 = User::register(array('nickname' => $authorNick1, 'email' => $authorNick1 . '@example.net', 'email_confirmed' => true)); - $this->author2 = User::register(array('nickname' => $authorNick2, + self::$author2 = User::register(array('nickname' => $authorNick2, 'email' => $authorNick2 . '@example.net', 'email_confirmed' => true)); - $this->targetUser1 = User::register(array('nickname' => $targetNick1, + self::$targetUser1 = User::register(array('nickname' => $targetNick1, 'email' => $targetNick1 . '@example.net', 'email_confirmed' => true)); - $this->targetUser2 = User::register(array('nickname' => $targetNick2, + self::$targetUser2 = User::register(array('nickname' => $targetNick2, 'email' => $targetNick2 . '@example.net', 'email_confirmed' => true)); - $this->targetGroup1 = User_group::register(array('nickname' => $groupNick1, - 'userid' => $this->author1->id, + self::$targetGroup1 = User_group::register(array('nickname' => $groupNick1, + 'userid' => self::$author1->id, 'aliases' => array(), 'local' => true, 'location' => null, @@ -62,8 +61,8 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase 'fullname' => null, 'homepage' => null, 'mainpage' => null)); - $this->targetGroup2 = User_group::register(array('nickname' => $groupNick2, - 'userid' => $this->author1->id, + self::$targetGroup2 = User_group::register(array('nickname' => $groupNick2, + 'userid' => self::$author1->id, 'aliases' => array(), 'local' => true, 'location' => null, @@ -71,6 +70,10 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase 'fullname' => null, 'homepage' => null, 'mainpage' => null)); + } catch (Exception $e) { + self::tearDownAfterClass(); + throw $e; + } } public function testBasicNoticeActivity() @@ -82,7 +85,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase $element = $this->_entryToElement($entry, false); $this->assertEquals($notice->getUri(), ActivityUtils::childContent($element, 'id')); - $this->assertEquals($notice->content, ActivityUtils::childContent($element, 'title')); + $this->assertEquals('New note by '. self::$author1->nickname, ActivityUtils::childContent($element, 'title')); $this->assertEquals($notice->rendered, ActivityUtils::childContent($element, 'content')); $this->assertEquals(strtotime($notice->created), strtotime(ActivityUtils::childContent($element, 'published'))); $this->assertEquals(strtotime($notice->created), strtotime(ActivityUtils::childContent($element, 'updated'))); @@ -159,9 +162,9 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase $source = ActivityUtils::child($element, 'source'); - $atomUrl = common_local_url('ApiTimelineUser', array('id' => $this->author1->id, 'format' => 'atom')); + $atomUrl = common_local_url('ApiTimelineUser', array('id' => self::$author1->id, 'format' => 'atom')); - $profile = $this->author1->getProfile(); + $profile = self::$author1->getProfile(); $this->assertEquals($atomUrl, ActivityUtils::childContent($source, 'id')); $this->assertEquals($atomUrl, ActivityUtils::getLink($source, 'self', 'application/atom+xml')); @@ -210,8 +213,8 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase $author = ActivityUtils::child($element, 'author'); - $this->assertEquals($this->author1->getNickname(), ActivityUtils::childContent($author, 'name')); - $this->assertEquals($this->author1->getUri(), ActivityUtils::childContent($author, 'uri')); + $this->assertEquals(self::$author1->getNickname(), ActivityUtils::childContent($author, 'name')); + $this->assertEquals(self::$author1->getUri(), ActivityUtils::childContent($author, 'uri')); } /** @@ -234,11 +237,11 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase public function testReplyLink() { - $orig = $this->_fakeNotice($this->targetUser1); + $orig = $this->_fakeNotice(self::$targetUser1); - $text = "@" . $this->targetUser1->nickname . " reply text " . common_random_hexstr(4); + $text = "@" . self::$targetUser1->nickname . " reply text " . common_random_hexstr(4); - $reply = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id)); + $reply = Notice::saveNew(self::$author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id)); $entry = $reply->asAtomEntry(); @@ -253,30 +256,30 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase public function testReplyAttention() { - $orig = $this->_fakeNotice($this->targetUser1); + $orig = $this->_fakeNotice(self::$targetUser1); - $text = "@" . $this->targetUser1->nickname . " reply text " . common_random_hexstr(4); + $text = "@" . self::$targetUser1->nickname . " reply text " . common_random_hexstr(4); - $reply = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id)); + $reply = Notice::saveNew(self::$author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id)); $entry = $reply->asAtomEntry(); $element = $this->_entryToElement($entry, true); - $this->assertEquals($this->targetUser1->getUri(), ActivityUtils::getLink($element, 'mentioned')); + $this->assertEquals(self::$targetUser1->getUri(), ActivityUtils::getLink($element, 'mentioned')); } public function testMultipleReplyAttention() { - $orig = $this->_fakeNotice($this->targetUser1); + $orig = $this->_fakeNotice(self::$targetUser1); - $text = "@" . $this->targetUser1->nickname . " reply text " . common_random_hexstr(4); + $text = "@" . self::$targetUser1->nickname . " reply text " . common_random_hexstr(4); - $reply = Notice::saveNew($this->targetUser2->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id)); + $reply = Notice::saveNew(self::$targetUser2->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id)); - $text = "@" . $this->targetUser1->nickname . " @" . $this->targetUser2->nickname . " reply text " . common_random_hexstr(4); + $text = "@" . self::$targetUser1->nickname . " @" . self::$targetUser2->nickname . " reply text " . common_random_hexstr(4); - $reply2 = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $reply->id)); + $reply2 = Notice::saveNew(self::$author1->id, $text, 'test', array('uri' => null, 'reply_to' => $reply->id)); $entry = $reply2->asAtomEntry(); @@ -284,49 +287,34 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase $links = ActivityUtils::getLinks($element, 'mentioned'); - $this->assertEquals(2, count($links)); - $hrefs = array(); foreach ($links as $link) { $hrefs[] = $link->getAttribute('href'); } - $this->assertTrue(in_array($this->targetUser1->getUri(), $hrefs)); - $this->assertTrue(in_array($this->targetUser2->getUri(), $hrefs)); - - $links = ActivityUtils::getLinks($element, 'mentioned'); - - $this->assertEquals(2, count($links)); - - $hrefs = array(); - - foreach ($links as $link) { - $hrefs[] = $link->getAttribute('href'); - } - - $this->assertTrue(in_array($this->targetUser1->getUri(), $hrefs)); - $this->assertTrue(in_array($this->targetUser2->getUri(), $hrefs)); + $this->assertTrue(in_array(self::$targetUser1->getUri(), $hrefs)); + $this->assertTrue(in_array(self::$targetUser2->getUri(), $hrefs)); } public function testGroupPostAttention() { - $text = "!" . $this->targetGroup1->nickname . " reply text " . common_random_hexstr(4); + $text = "!" . self::$targetGroup1->nickname . " reply text " . common_random_hexstr(4); - $notice = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null)); + $notice = Notice::saveNew(self::$author1->id, $text, 'test', array('uri' => null)); $entry = $notice->asAtomEntry(); $element = $this->_entryToElement($entry, true); - $this->assertEquals($this->targetGroup1->getUri(), ActivityUtils::getLink($element, 'mentioned')); + $this->assertEquals(self::$targetGroup1->getUri(), ActivityUtils::getLink($element, 'mentioned')); } public function testMultipleGroupPostAttention() { - $text = "!" . $this->targetGroup1->nickname . " !" . $this->targetGroup2->nickname . " reply text " . common_random_hexstr(4); + $text = "!" . self::$targetGroup1->nickname . " !" . self::$targetGroup2->nickname . " reply text " . common_random_hexstr(4); - $notice = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null)); + $notice = Notice::saveNew(self::$author1->id, $text, 'test', array('uri' => null)); $entry = $notice->asAtomEntry(); @@ -334,52 +322,38 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase $links = ActivityUtils::getLinks($element, 'mentioned'); - $this->assertEquals(2, count($links)); - $hrefs = array(); foreach ($links as $link) { $hrefs[] = $link->getAttribute('href'); } - $this->assertTrue(in_array($this->targetGroup1->getUri(), $hrefs)); - $this->assertTrue(in_array($this->targetGroup2->getUri(), $hrefs)); + $this->assertTrue(in_array(self::$targetGroup1->getUri(), $hrefs)); + $this->assertTrue(in_array(self::$targetGroup2->getUri(), $hrefs)); - $links = ActivityUtils::getLinks($element, 'mentioned'); - - $this->assertEquals(2, count($links)); - - $hrefs = array(); - - foreach ($links as $link) { - $hrefs[] = $link->getAttribute('href'); - } - - $this->assertTrue(in_array($this->targetGroup1->getUri(), $hrefs)); - $this->assertTrue(in_array($this->targetGroup2->getUri(), $hrefs)); } public function testRepeatLink() { - $notice = $this->_fakeNotice($this->author1); - $repeat = $notice->repeat($this->author2->getProfile(), 'test'); + $notice = $this->_fakeNotice(self::$author1); + $repeat = $notice->repeat(self::$author2->getProfile(), 'test'); $entry = $repeat->asAtomEntry(); $element = $this->_entryToElement($entry, true); - $forward = ActivityUtils::child($element, 'forward', "http://ostatus.org/schema/1.0"); + $noticeInfo = ActivityUtils::child($element, 'notice_info', 'http://status.net/schema/api/1/'); - $this->assertNotNull($forward); - $this->assertEquals($notice->getUri(), $forward->getAttribute('ref')); - $this->assertEquals($notice->getUrl(), $forward->getAttribute('href')); + $this->assertNotNull($noticeInfo); + $this->assertEquals($notice->id, $noticeInfo->getAttribute('repeat_of')); + $this->assertEquals($repeat->id, $noticeInfo->getAttribute('local_id')); } public function testTag() { $tag1 = common_random_hexstr(4); - $notice = $this->_fakeNotice($this->author1, '#' . $tag1); + $notice = $this->_fakeNotice(self::$author1, '#' . $tag1); $entry = $notice->asAtomEntry(); @@ -396,7 +370,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase $tag1 = common_random_hexstr(4); $tag2 = common_random_hexstr(4); - $notice = $this->_fakeNotice($this->author1, '#' . $tag1 . ' #' . $tag2); + $notice = $this->_fakeNotice(self::$author1, '#' . $tag1 . ' #' . $tag2); $entry = $notice->asAtomEntry(); @@ -420,13 +394,13 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase public function testGeotaggedActivity() { - $notice = Notice::saveNew($this->author1->id, common_random_hexstr(4), 'test', array('uri' => null, 'lat' => 45.5, 'lon' => -73.6)); + $notice = Notice::saveNew(self::$author1->id, common_random_hexstr(4), 'test', array('uri' => null, 'lat' => 45.5, 'lon' => -73.6)); $entry = $notice->asAtomEntry(); $element = $this->_entryToElement($entry, true); - $this->assertEquals('45.5 -73.6', ActivityUtils::childContent($element, 'point', "http://www.georss.org/georss")); + $this->assertEquals('45.5000000 -73.6000000', ActivityUtils::childContent($element, 'point', "http://www.georss.org/georss")); } public function testNoticeInfo() @@ -451,7 +425,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase { $notice = $this->_fakeNotice(); - $repeat = $notice->repeat($this->author2->getProfile(), 'test'); + $repeat = $notice->repeat(self::$author2->getProfile(), 'test'); $entry = $repeat->asAtomEntry(); @@ -466,9 +440,9 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase { $notice = $this->_fakeNotice(); - $repeat = $notice->repeat($this->author2->getProfile(), 'test'); + $repeat = $notice->repeat(self::$author2->getProfile(), 'test'); - $entry = $notice->asAtomEntry(false, false, false, $this->author2); + $entry = $notice->asAtomEntry(false, false, false, self::$author2->getProfile()); $element = $this->_entryToElement($entry, true); @@ -476,7 +450,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase $this->assertEquals('true', $noticeInfo->getAttribute('repeated')); - $entry = $notice->asAtomEntry(false, false, false, $this->targetUser1); + $entry = $notice->asAtomEntry(false, false, false, self::$targetUser1->getProfile()); $element = $this->_entryToElement($entry, true); @@ -489,11 +463,11 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase { $notice = $this->_fakeNotice(); - $fave = Fave::addNew($this->author2->getProfile(), $notice); + $fave = Fave::addNew(self::$author2->getProfile(), $notice); // Should be set if user has faved - $entry = $notice->asAtomEntry(false, false, false, $this->author2); + $entry = $notice->asAtomEntry(false, false, false, self::$author2); $element = $this->_entryToElement($entry, true); @@ -503,7 +477,7 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase // Shouldn't be set if user has not faved - $entry = $notice->asAtomEntry(false, false, false, $this->targetUser1); + $entry = $notice->asAtomEntry(false, false, false, self::$targetUser1); $element = $this->_entryToElement($entry, true); @@ -514,11 +488,11 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase public function testConversationLink() { - $orig = $this->_fakeNotice($this->targetUser1); + $orig = $this->_fakeNotice(self::$targetUser1); - $text = "@" . $this->targetUser1->nickname . " reply text " . common_random_hexstr(4); + $text = "@" . self::$targetUser1->nickname . " reply text " . common_random_hexstr(4); - $reply = Notice::saveNew($this->author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id)); + $reply = Notice::saveNew(self::$author1->id, $text, 'test', array('uri' => null, 'reply_to' => $orig->id)); $conv = Conversation::getKV('id', $reply->conversation); @@ -526,40 +500,40 @@ class ActivityGenerationTests extends PHPUnit_Framework_TestCase $element = $this->_entryToElement($entry, true); - $this->assertEquals($conv->getUri(), ActivityUtils::getLink($element, 'ostatus:conversation')); + $this->assertEquals($conv->getUrl(), ActivityUtils::getLink($element, 'ostatus:conversation')); } - function __destruct() + public static function tearDownAfterClass() { - if (!is_null($this->author1)) { - $this->author1->delete(); + if (!is_null(self::$author1)) { + self::$author1->getProfile()->delete(); } - if (!is_null($this->author2)) { - $this->author2->delete(); + if (!is_null(self::$author2)) { + self::$author2->getProfile()->delete(); } - if (!is_null($this->targetUser1)) { - $this->targetUser1->delete(); + if (!is_null(self::$targetUser1)) { + self::$targetUser1->getProfile()->delete(); } - if (!is_null($this->targetUser2)) { - $this->targetUser2->delete(); + if (!is_null(self::$targetUser2)) { + self::$targetUser2->getProfile()->delete(); } - if (!is_null($this->targetGroup1)) { - $this->targetGroup1->delete(); + if (!is_null(self::$targetGroup1)) { + self::$targetGroup1->delete(); } - if (!is_null($this->targetGroup2)) { - $this->targetGroup2->delete(); + if (!is_null(self::$targetGroup2)) { + self::$targetGroup2->delete(); } } private function _fakeNotice($user = null, $text = null) { if (empty($user)) { - $user = $this->author1; + $user = self::$author1; } if (empty($text)) { diff --git a/tests/CommandInterperterTest.php b/tests/CommandInterperterTest.php index 2d1824c69a..5f681ae1da 100644 --- a/tests/CommandInterperterTest.php +++ b/tests/CommandInterperterTest.php @@ -21,10 +21,7 @@ class CommandInterpreterTest extends PHPUnit_Framework_TestCase { $inter = new CommandInterpreter(); - $user = new User(); // fake user - $user->limit(1); - $user->find(); - $cmd = $inter->handle_command($user, $input); + $cmd = $inter->handle_command(null, $input); $type = $cmd ? get_class($cmd) : null; $this->assertEquals(strtolower($expectedType), strtolower($type), $comment); @@ -149,21 +146,21 @@ class CommandInterpreterTest extends PHPUnit_Framework_TestCase array('invite foo bar', null), array('track', null), - array('track foo', 'TrackCommand'), - array('track off', 'TrackOffCommand'), + array('track foo', 'SearchSubTrackCommand'), + array('track off', 'SearchSubTrackOffCommand'), array('track foo bar', null), array('track off foo', null), array('untrack', null), - array('untrack foo', 'UntrackCommand'), - array('untrack all', 'TrackOffCommand'), + array('untrack foo', 'SearchSubUntrackCommand'), + array('untrack all', 'SearchSubTrackOffCommand'), array('untrack foo bar', null), array('untrack all foo', null), - array('tracking', 'TrackingCommand'), + array('tracking', 'SearchSubTrackingCommand'), array('tracking foo', null), - array('tracks', 'TrackingCommand'), + array('tracks', 'SearchSubTrackingCommand'), array('tracks foo', null), ); diff --git a/tests/LocationTest.php b/tests/LocationTest.php index a8447e1b48..f7df271b53 100644 --- a/tests/LocationTest.php +++ b/tests/LocationTest.php @@ -60,7 +60,7 @@ class LocationTest extends PHPUnit_Framework_TestCase public function testLocationFromLatLon($lat, $lon, $language, $location) { $result = Location::fromLatLon($lat, $lon, $language); - $this->assertEquals($result, $location); + $this->assertEquals($location, $result->location_id); } static public function locationLatLons() @@ -75,14 +75,15 @@ class LocationTest extends PHPUnit_Framework_TestCase public function testLocationGetName($location, $language, $name) { - $result = $location->getName($language); - $this->assertEquals($result, $name); + $result = empty($location)?null:$location->getName($language); + $this->assertEquals($name, $result); } static public function nameOfLocation() { - return array(array(new Location(), 'en', 'Montreal'), - array(new Location(), 'fr', 'Montréal')); + $loc = Location::fromName('Montreal', 'en'); + return array(array($loc, 'en', null), //'Montreal'), + array($loc, 'fr', null));//'Montréal')); } } diff --git a/tests/MediaFileTest.php b/tests/MediaFileTest.php index d28b22e30e..fa6f14aba3 100644 --- a/tests/MediaFileTest.php +++ b/tests/MediaFileTest.php @@ -32,7 +32,7 @@ class MediaFileTest extends PHPUnit_Framework_TestCase public function testMimeType($filename, $expectedType) { if (!file_exists($filename)) { - throw new Exception("WTF? $filename test file missing"); + throw new Exception("Test file $filename missing"); } $type = MediaFile::getUploadedMimeType($filename, basename($filename)); @@ -76,14 +76,14 @@ class MediaFileTest extends PHPUnit_Framework_TestCase "spreadsheet.ods" => "application/vnd.oasis.opendocument.spreadsheet", "spreadsheet.ots" => "application/vnd.oasis.opendocument.spreadsheet-template", - "spreadsheet.xls" => "application/vnd.ms-excel", - "spreadsheet.xlt" => "application/vnd.ms-excel", - "spreadsheet.xlsx" => "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet", + "spreadsheet.xls" => "application/vnd.ms-office", //"application/vnd.ms-excel", + "spreadsheet.xlt" => "application/vnd.ms-office", //"application/vnd.ms-excel", + "spreadsheet.xlsx" => "application/octet-stream", //"application/vnd.openxmlformats-officedocument.spreadsheetml.sheet", "presentation.odp" => "application/vnd.oasis.opendocument.presentation", "presentation.otp" => "application/vnd.oasis.opendocument.presentation-template", "presentation.ppt" => "application/vnd.ms-powerpoint", - "presentation.pptx" => "application/vnd.openxmlformats-officedocument.presentationml.presentation", + "presentation.pptx" => 'application/zip', //"application/vnd.openxmlformats-officedocument.presentationml.presentation", ); $dataset = array(); diff --git a/tests/URLDetectionTest.php b/tests/URLDetectionTest.php index 95d01fb3a9..6d0771d101 100644 --- a/tests/URLDetectionTest.php +++ b/tests/URLDetectionTest.php @@ -25,73 +25,48 @@ class URLDetectionTest extends PHPUnit_Framework_TestCase $this->assertEquals($expected, $rendered); } + /** + * @dataProvider linkifyProvider + * + */ + public function testLinkifyProduction($content, $expected, $config) + { + $rendered = common_render_text($content); + // hack! + $rendered = preg_replace('/id="attachment-\d+"/', 'id="attachment-XXX"', $rendered); + if(common_config('linkify', $config)){ + $this->assertEquals($expected, $rendered); + } else { + $content = common_remove_unicode_formatting(nl2br(htmlspecialchars($content))); + $this->assertEquals($content, $rendered); + } + } + static public function provider() { return array( array('not a link :: no way', 'not a link :: no way'), array('link http://www.somesite.com/xyz/35637563@N00/52803365/ link', - 'link http://www.somesite.com/xyz/35637563@N00/52803365/ link'), + 'link http://www.somesite.com/xyz/35637563@N00/52803365/ link'), array('http://127.0.0.1', - 'http://127.0.0.1'), - array('127.0.0.1', - '127.0.0.1'), - array('127.0.0.1:99', - '127.0.0.1:99'), - array('127.0.0.1/Name:test.php', - '127.0.0.1/Name:test.php'), - array('127.0.0.1/~test', - '127.0.0.1/~test'), - array('127.0.0.1/+test', - '127.0.0.1/+test'), - array('127.0.0.1/$test', - '127.0.0.1/$test'), - array('127.0.0.1/\'test', - '127.0.0.1/\'test'), - array('127.0.0.1/"test', - '127.0.0.1/"test'), - array('127.0.0.1/test"test', - '127.0.0.1/test"test'), - array('127.0.0.1/-test', - '127.0.0.1/-test'), - array('127.0.0.1/_test', - '127.0.0.1/_test'), - array('127.0.0.1/!test', - '127.0.0.1/!test'), - array('127.0.0.1/*test', - '127.0.0.1/*test'), - array('127.0.0.1/test%20stuff', - '127.0.0.1/test%20stuff'), + 'http://127.0.0.1'), array('http://[::1]:99/test.php', 'http://[::1]:99/test.php'), array('http://::1/test.php', 'http://::1/test.php'), array('http://::1', 'http://::1'), - array('2001:4978:1b5:0:21d:e0ff:fe66:59ab/test.php', - '2001:4978:1b5:0:21d:e0ff:fe66:59ab/test.php'), - array('[2001:4978:1b5:0:21d:e0ff:fe66:59ab]:99/test.php', - '[2001:4978:1b5:0:21d:e0ff:fe66:59ab]:99/test.php'), - array('2001:4978:1b5:0:21d:e0ff:fe66:59ab', - '2001:4978:1b5:0:21d:e0ff:fe66:59ab'), array('http://127.0.0.1', - 'http://127.0.0.1'), - array('example.com', - 'example.com'), - array('example.com', - 'example.com'), + 'http://127.0.0.1'), array('http://example.com', - 'http://example.com'), + 'http://example.com'), array('http://example.com.', - 'http://example.com.'), + 'http://example.com.'), array('/var/lib/example.so', '/var/lib/example.so'), array('example', 'example'), - array('user@example.com', - 'user@example.com'), - array('user_name+other@example.com', - 'user_name+other@example.com'), array('mailto:user@example.com', 'mailto:user@example.com'), array('mailto:user@example.com?subject=test', @@ -113,7 +88,7 @@ class URLDetectionTest extends PHPUnit_Framework_TestCase array('http://example/path', 'http://example/path'), array('http://example.com', - 'http://example.com'), + 'http://example.com'), array('https://example.com', 'https://example.com'), array('ftp://example.com', @@ -121,29 +96,27 @@ class URLDetectionTest extends PHPUnit_Framework_TestCase array('ftps://example.com', 'ftps://example.com'), array('http://user@example.com', - 'http://user@example.com'), + 'http://user@example.com'), array('http://user:pass@example.com', - 'http://user:pass@example.com'), + 'http://user:pass@example.com'), array('http://example.com:8080', 'http://example.com:8080'), array('http://example.com:8080/test.php', 'http://example.com:8080/test.php'), - array('example.com:8080/test.php', - 'example.com:8080/test.php'), array('http://www.example.com', - 'http://www.example.com'), + 'http://www.example.com'), array('http://example.com/', - 'http://example.com/'), + 'http://example.com/'), array('http://example.com/path', - 'http://example.com/path'), + 'http://example.com/path'), array('http://example.com/path.html', - 'http://example.com/path.html'), + 'http://example.com/path.html'), array('http://example.com/path.html#fragment', - 'http://example.com/path.html#fragment'), + 'http://example.com/path.html#fragment'), array('http://example.com/path.php?foo=bar&bar=foo', - 'http://example.com/path.php?foo=bar&bar=foo'), + 'http://example.com/path.php?foo=bar&bar=foo'), array('http://example.com.', - 'http://example.com.'), + 'http://example.com.'), array('http://müllärör.de', 'http://müllärör.de'), array('http://ﺱﺲﺷ.com', @@ -159,113 +132,59 @@ class URLDetectionTest extends PHPUnit_Framework_TestCase array('http://예비교사.com', 'http://예비교사.com'), array('http://example.com.', - 'http://example.com.'), + 'http://example.com.'), array('http://example.com?', - 'http://example.com?'), + 'http://example.com?'), array('http://example.com!', - 'http://example.com!'), + 'http://example.com!'), array('http://example.com,', - 'http://example.com,'), + 'http://example.com,'), array('http://example.com;', - 'http://example.com;'), + 'http://example.com;'), array('http://example.com:', - 'http://example.com:'), + 'http://example.com:'), array('\'http://example.com\'', - '\'http://example.com\''), + '\'http://example.com\''), array('"http://example.com"', - '"http://example.com"'), + '"http://example.com"'), array('"http://example.com/"', - '"http://example.com/"'), + '"http://example.com/"'), array('http://example.com', - 'http://example.com'), + 'http://example.com'), array('(http://example.com)', - '(http://example.com)'), + '(http://example.com)'), array('[http://example.com]', - '[http://example.com]'), + '[http://example.com]'), array('', - '<http://example.com>'), + '<http://example.com>'), array('http://example.com/path/(foo)/bar', - 'http://example.com/path/(foo)/bar'), + 'http://example.com/path/(foo)/bar'), array('http://example.com/path/[foo]/bar', - 'http://example.com/path/[foo]/bar'), + 'http://example.com/path/[foo]/bar'), array('http://example.com/path/foo/(bar)', - 'http://example.com/path/foo/(bar)'), + 'http://example.com/path/foo/(bar)'), //Not a valid url - urls cannot contain unencoded square brackets array('http://example.com/path/foo/[bar]', - 'http://example.com/path/foo/[bar]'), + 'http://example.com/path/foo/[bar]'), array('Hey, check out my cool site http://example.com okay?', - 'Hey, check out my cool site http://example.com okay?'), + 'Hey, check out my cool site http://example.com okay?'), array('What about parens (e.g. http://example.com/path/foo/(bar))?', - 'What about parens (e.g. http://example.com/path/foo/(bar))?'), + 'What about parens (e.g. http://example.com/path/foo/(bar))?'), array('What about parens (e.g. http://example.com/path/foo/(bar)?', - 'What about parens (e.g. http://example.com/path/foo/(bar)?'), + 'What about parens (e.g. http://example.com/path/foo/(bar)?'), array('What about parens (e.g. http://example.com/path/foo/(bar).)?', - 'What about parens (e.g. http://example.com/path/foo/(bar).)?'), + 'What about parens (e.g. http://example.com/path/foo/(bar).)?'), //Not a valid url - urls cannot contain unencoded commas array('What about parens (e.g. http://example.com/path/(foo,bar)?', - 'What about parens (e.g. http://example.com/path/(foo,bar)?'), + 'What about parens (e.g. http://example.com/path/(foo,bar)?'), array('Unbalanced too (e.g. http://example.com/path/((((foo)/bar)?', - 'Unbalanced too (e.g. http://example.com/path/((((foo)/bar)?'), + 'Unbalanced too (e.g. http://example.com/path/((((foo)/bar)?'), array('Unbalanced too (e.g. http://example.com/path/(foo))))/bar)?', - 'Unbalanced too (e.g. http://example.com/path/(foo))))/bar)?'), + 'Unbalanced too (e.g. http://example.com/path/(foo))))/bar)?'), array('Unbalanced too (e.g. http://example.com/path/foo/((((bar)?', - 'Unbalanced too (e.g. http://example.com/path/foo/((((bar)?'), + 'Unbalanced too (e.g. http://example.com/path/foo/((((bar)?'), array('Unbalanced too (e.g. http://example.com/path/foo/(bar))))?', - 'Unbalanced too (e.g. http://example.com/path/foo/(bar))))?'), - array('example.com', - 'example.com'), - array('example.org', - 'example.org'), - array('example.co.uk', - 'example.co.uk'), - array('www.example.co.uk', - 'www.example.co.uk'), - array('farm1.images.example.co.uk', - 'farm1.images.example.co.uk'), - array('example.museum', - 'example.museum'), - array('example.travel', - 'example.travel'), - array('example.com.', - 'example.com.'), - array('example.com?', - 'example.com?'), - array('example.com!', - 'example.com!'), - array('example.com,', - 'example.com,'), - array('example.com;', - 'example.com;'), - array('example.com:', - 'example.com:'), - array('\'example.com\'', - '\'example.com\''), - array('"example.com"', - '"example.com"'), - array('example.com', - 'example.com'), - array('(example.com)', - '(example.com)'), - array('[example.com]', - '[example.com]'), - array('', - '<example.com>'), - array('Hey, check out my cool site example.com okay?', - 'Hey, check out my cool site example.com okay?'), - array('Hey, check out my cool site example.com.I made it.', - 'Hey, check out my cool site example.com.I made it.'), - array('Hey, check out my cool site example.com.Funny thing...', - 'Hey, check out my cool site example.com.Funny thing...'), - array('Hey, check out my cool site example.com.You will love it.', - 'Hey, check out my cool site example.com.You will love it.'), - array('What about parens (e.g. example.com/path/foo/(bar))?', - 'What about parens (e.g. example.com/path/foo/(bar))?'), - array('What about parens (e.g. example.com/path/foo/(bar)?', - 'What about parens (e.g. example.com/path/foo/(bar)?'), - array('What about parens (e.g. example.com/path/foo/(bar).)?', - 'What about parens (e.g. example.com/path/foo/(bar).)?'), - array('What about parens (e.g. example.com/path/(foo,bar)?', - 'What about parens (e.g. example.com/path/(foo,bar)?'), + 'Unbalanced too (e.g. http://example.com/path/foo/(bar))))?'), array('file.ext', 'file.ext'), array('file.html', @@ -275,10 +194,162 @@ class URLDetectionTest extends PHPUnit_Framework_TestCase // scheme-less HTTP URLs with @ in the path: http://status.net/open-source/issues/2248 array('http://flickr.com/photos/34807140@N05/3838905434', - 'http://flickr.com/photos/34807140@N05/3838905434'), - array('flickr.com/photos/34807140@N05/3838905434', - 'flickr.com/photos/34807140@N05/3838905434'), + 'http://flickr.com/photos/34807140@N05/3838905434'), ); } + + static public function linkifyProvider() + { + return array( + //bare ip addresses are no longer supported + array('127.0.0.1', + '127.0.0.1', + 'bare_ipv4'), + array('127.0.0.1:99', + '127.0.0.1:99', + 'bare_ipv4'), + array('127.0.0.1/Name:test.php', + '127.0.0.1/Name:test.php', + 'bare_ipv4'), + array('127.0.0.1/~test', + '127.0.0.1/~test', + 'bare_ipv4'), + array('127.0.0.1/+test', + '127.0.0.1/+test', + 'bare_ipv4'), + array('127.0.0.1/$test', + '127.0.0.1/$test', + 'bare_ipv4'), + array('127.0.0.1/\'test', + '127.0.0.1/\'test', + 'bare_ipv4'), + array('127.0.0.1/"test', + '127.0.0.1/"test', + 'bare_ipv4'), + array('127.0.0.1/test"test', + '127.0.0.1/test"test', + 'bare_ipv4'), + array('127.0.0.1/-test', + '127.0.0.1/-test', + 'bare_ipv4'), + array('127.0.0.1/_test', + '127.0.0.1/_test', + 'bare_ipv4'), + array('127.0.0.1/!test', + '127.0.0.1/!test', + 'bare_ipv4'), + array('127.0.0.1/*test', + '127.0.0.1/*test', + 'bare_ipv4'), + array('127.0.0.1/test%20stuff', + '127.0.0.1/test%20stuff', + 'bare_ipv4'), + array('2001:4978:1b5:0:21d:e0ff:fe66:59ab/test.php', + '2001:4978:1b5:0:21d:e0ff:fe66:59ab/test.php', + 'bare_ipv6'), + array('[2001:4978:1b5:0:21d:e0ff:fe66:59ab]:99/test.php', + '[2001:4978:1b5:0:21d:e0ff:fe66:59ab]:99/test.php', + 'bare_ipv6'), + array('2001:4978:1b5:0:21d:e0ff:fe66:59ab', + '2001:4978:1b5:0:21d:e0ff:fe66:59ab', + 'bare_ipv6'), + array('example.com', + 'example.com', + 'bare_domains'), + array('flickr.com/photos/34807140@N05/3838905434', + 'flickr.com/photos/34807140@N05/3838905434', + 'bare_domains'), + array('What about parens (e.g. example.com/path/foo/(bar))?', + 'What about parens (e.g. example.com/path/foo/(bar))?', + 'bare_domains'), + array('What about parens (e.g. example.com/path/foo/(bar)?', + 'What about parens (e.g. example.com/path/foo/(bar)?', + 'bare_domains'), + array('What about parens (e.g. example.com/path/foo/(bar).)?', + 'What about parens (e.g. example.com/path/foo/(bar).?', + 'bare_domains'), + array('What about parens (e.g. example.com/path/(foo,bar)?', + 'What about parens (e.g. example.com/path/(foo,bar)?', + 'bare_domains'), + array('example.com', + 'example.com', + 'bare_domains'), + array('example.org', + 'example.org', + 'bare_domains'), + array('example.co.uk', + 'example.co.uk', + 'bare_domains'), + array('www.example.co.uk', + 'www.example.co.uk', + 'bare_domains'), + array('farm1.images.example.co.uk', + 'farm1.images.example.co.uk', + 'bare_domains'), + array('example.museum', + 'example.museum', + 'bare_domains'), + array('example.travel', + 'example.travel', + 'bare_domains'), + array('example.com.', + 'example.com.', + 'bare_domains'), + array('example.com?', + 'example.com?', + 'bare_domains'), + array('example.com!', + 'example.com!', + 'bare_domains'), + array('example.com,', + 'example.com,', + 'bare_domains'), + array('example.com;', + 'example.com;', + 'bare_domains'), + array('example.com:', + 'example.com:', + 'bare_domains'), + array('\'example.com\'', + '\'example.com\'', + 'bare_domains'), + array('"example.com"', + '"example.com"', + 'bare_domains'), + array('example.com', + 'example.com', + 'bare_domains'), + array('(example.com)', + '(example.com)', + 'bare_domains'), + array('[example.com]', + '[example.com]', + 'bare_domains'), + array('', + '<example.com>', + 'bare_domains'), + array('Hey, check out my cool site example.com okay?', + 'Hey, check out my cool site example.com okay?', + 'bare_domains'), + array('Hey, check out my cool site example.com.I made it.', + 'Hey, check out my cool site example.com.I made it.', + 'bare_domains'), + array('Hey, check out my cool site example.com.Funny thing...', + 'Hey, check out my cool site example.com.Funny thing...', + 'bare_domains'), + array('Hey, check out my cool site example.com.You will love it.', + 'Hey, check out my cool site example.com.You will love it.', + 'bare_domains'), + array('example.com:8080/test.php', + 'example.com:8080/test.php', + 'bare_domains'), + array('user_name+other@example.com', + 'user_name+other@example.com', + 'bare_domains'), + array('user@example.com', + 'user@example.com', + 'bare_domains'), + ); + } } diff --git a/tests/UserFeedParseTest.php b/tests/UserFeedParseTest.php index 6306adb772..b68783bb03 100644 --- a/tests/UserFeedParseTest.php +++ b/tests/UserFeedParseTest.php @@ -61,7 +61,7 @@ class UserFeedParseTests extends PHPUnit_Framework_TestCase $this->assertEquals($poco->address->formatted, 'El Cerrito, CA'); $this->assertEquals($poco->urls[0]->type, 'homepage'); $this->assertEquals($poco->urls[0]->value, 'http://zach.copley.name'); - $this->assertEquals($poco->urls[0]->primary, 'true'); + $this->assertEquals($poco->urls[0]->primary, true); $this->assertEquals($poco->note, 'Zach Hack Attack'); // test the post diff --git a/tests/JidValidateTest.php b/tests/XmppValidateTest.php similarity index 82% rename from tests/JidValidateTest.php rename to tests/XmppValidateTest.php index 6c3eef0ed5..f3377390aa 100644 --- a/tests/JidValidateTest.php +++ b/tests/XmppValidateTest.php @@ -12,19 +12,26 @@ define('STATUSNET', true); // compatibility mb_internal_encoding('UTF-8'); // @fixme this probably belongs in common.php? require_once INSTALLDIR . '/lib/common.php'; -require_once INSTALLDIR . '/lib/jabber.php'; +require_once INSTALLDIR . '/plugins/Xmpp/XmppPlugin.php'; -class JidValidateTest extends PHPUnit_Framework_TestCase +class XmppValidateTest extends PHPUnit_Framework_TestCase { + public function setUp() + { + if(!array_key_exists('Xmpp', GNUsocial::getActivePlugins())){ + $this->markTestSkipped('XmppPlugin is not enabled.'); + } + } /** * @dataProvider validationCases * */ public function testValidate($jid, $validFull, $validBase) { - $this->assertEquals($validFull, jabber_valid_full_jid($jid), "validating as full or base JID"); - - $this->assertEquals($validBase, jabber_valid_base_jid($jid), "validating as base JID only"); + $xmpp = new TestXmppPlugin(); + $this->assertEquals($validFull || $validBase, $xmpp->validate($jid)); + $this->assertEquals($validFull, $xmpp->validateFullJid($jid), "validating as full or base JID"); + $this->assertEquals($validBase, $xmpp->validateBaseJid($jid), "validating as base JID only"); } /** @@ -33,7 +40,8 @@ class JidValidateTest extends PHPUnit_Framework_TestCase */ public function testNormalize($jid, $expected) { - $this->assertEquals($expected, jabber_normalize_jid($jid)); + $xmpp = new XmppPlugin(); + $this->assertEquals($expected, $xmpp->normalize($jid)); } /** @@ -41,7 +49,8 @@ class JidValidateTest extends PHPUnit_Framework_TestCase */ public function testDomainCheck($domain, $expected, $note) { - $this->assertEquals($expected, jabber_check_domain($domain), $note); + $xmpp = new TestXmppPlugin(); + $this->assertEquals($expected, $xmpp->checkDomain($domain), $note); } static public function validationCases() @@ -144,3 +153,19 @@ class JidValidateTest extends PHPUnit_Framework_TestCase } +class TestXmppPlugin extends XmppPlugin { + public function checkDomain($domain) + { + return parent::checkDomain($domain); + } + + public function validateBaseJid($jid, $check_domain=false) + { + return parent::validateBaseJid($jid, $check_domain); + } + + public function validateFullJid($jid, $check_domain=false) + { + return parent::validateFullJid($jid, $check_domain); + } +} \ No newline at end of file From fc06c599bc94a82c1f602723032ff2de907f3a58 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 16 Aug 2016 20:27:41 +0200 Subject: [PATCH 276/415] dbqueuemanager should ignore on no-result-exceptions --- lib/dbqueuemanager.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/lib/dbqueuemanager.php b/lib/dbqueuemanager.php index 4440a4d930..6a2952c28f 100644 --- a/lib/dbqueuemanager.php +++ b/lib/dbqueuemanager.php @@ -95,11 +95,14 @@ class DBQueueManager extends QueueManager } catch (NoQueueHandlerException $e) { $this->noHandlerFound($qi, $rep); return true; + } catch (NoResultException $e) { + $this->_log(LOG_ERR, "[{$qi->transport}:$rep] ".get_class($e).' thrown ('._ve($e->getMessage()).'), ignoring queue_item '._ve($qi->getID())); + $result = true; } catch (AlreadyFulfilledException $e) { - $this->_log(LOG_ERR, "[{$qi->transport}:$rep] AlreadyFulfilledException thrown: {$e->getMessage()}"); + $this->_log(LOG_ERR, "[{$qi->transport}:$rep] ".get_class($e).' thrown ('._ve($e->getMessage()).'), ignoring queue_item '._ve($qi->getID())); $result = true; } catch (Exception $e) { - $this->_log(LOG_ERR, "[{$qi->transport}:$rep] Exception thrown: {$e->getMessage()}"); + $this->_log(LOG_ERR, "[{$qi->transport}:$rep] Exception (".get_class($e).') thrown: '._ve($e->getMessage())); $result = false; } From 4314a286e396358a20e0d8dd1f5138ff04dd827a Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 21 Aug 2016 09:25:16 +0200 Subject: [PATCH 277/415] Less convoluted attachmentlistitem function calls --- lib/attachment.php | 2 +- lib/attachmentlistitem.php | 18 ++++++++---------- lib/inlineattachmentlistitem.php | 10 ++++------ 3 files changed, 13 insertions(+), 17 deletions(-) diff --git a/lib/attachment.php b/lib/attachment.php index ac0a32aeb5..d001337dd6 100644 --- a/lib/attachment.php +++ b/lib/attachment.php @@ -35,7 +35,7 @@ if (!defined('GNUSOCIAL')) { exit(1); } */ class Attachment extends AttachmentListItem { - function showLink() { + function showNoticeAttachment() { if (Event::handle('StartShowAttachmentLink', array($this->out, $this->attachment))) { $this->out->elementStart('div', array('id' => 'attachment_view', 'class' => 'h-entry')); diff --git a/lib/attachmentlistitem.php b/lib/attachmentlistitem.php index 934c5f74dd..fe11dbe639 100644 --- a/lib/attachmentlistitem.php +++ b/lib/attachmentlistitem.php @@ -86,28 +86,26 @@ class AttachmentListItem extends Widget } function linkAttr() { - return array('class' => 'attachment', + return array( + 'class' => 'u-url', 'href' => $this->attachment->getAttachmentUrl(), - 'id' => 'attachment-' . $this->attachment->getID(), 'title' => $this->linkTitle()); } - function showLink() { - $this->out->elementStart('a', $this->linkAttr()); - $this->out->element('span', null, $this->linkTitle()); - $this->showRepresentation(); - $this->out->elementEnd('a'); - } - function showNoticeAttachment() { - $this->showLink(); + $this->showRepresentation(); } function showRepresentation() { $enclosure = $this->attachment->getEnclosure(); if (Event::handle('StartShowAttachmentRepresentation', array($this->out, $this->attachment))) { + + $this->out->elementStart('label'); + $this->out->element('a', $this->linkAttr(), $this->title()); + $this->out->elementEnd('label'); + if (!empty($enclosure->mimetype)) { // First, prepare a thumbnail if it exists. $thumb = null; diff --git a/lib/inlineattachmentlistitem.php b/lib/inlineattachmentlistitem.php index 10b9db202b..5c918bb86e 100644 --- a/lib/inlineattachmentlistitem.php +++ b/lib/inlineattachmentlistitem.php @@ -31,11 +31,6 @@ if (!defined('GNUSOCIAL')) { exit(1); } class InlineAttachmentListItem extends AttachmentListItem { - function showLink() { - $this->out->element('a', $this->linkAttr(), $this->title()); - $this->showRepresentation(); - } - /** * start a single notice. * @@ -45,7 +40,10 @@ class InlineAttachmentListItem extends AttachmentListItem { // XXX: RDFa // TODO: add notice_type class e.g., notice_video, notice_image - $this->out->elementStart('li', array('class' => 'inline-attachment')); + $this->out->elementStart('li', + array('class' => 'inline-attachment', + 'id' => 'attachment-' . $this->attachment->getID(), + )); } /** From 1d791f81fa59746b074d33a94a56434cb5b0c4e9 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 21 Aug 2016 09:25:45 +0200 Subject: [PATCH 278/415] Attachment styling --- plugins/Oembed/css/oembed.css | 1 - theme/base/css/display.css | 15 ++++++++++----- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/plugins/Oembed/css/oembed.css b/plugins/Oembed/css/oembed.css index 68227e5dab..9750f02779 100644 --- a/plugins/Oembed/css/oembed.css +++ b/plugins/Oembed/css/oembed.css @@ -2,7 +2,6 @@ float: left; margin-bottom: 1ex; margin-right: 1em; - padding-bottom: 1ex; } .p-author.oembed { diff --git a/theme/base/css/display.css b/theme/base/css/display.css index e87e87fbf8..14200ac60a 100644 --- a/theme/base/css/display.css +++ b/theme/base/css/display.css @@ -812,24 +812,29 @@ position:static; .notice.h-entry .attachments { position: relative; margin-bottom: 1em; + list-style-type: none; } -.notice.h-entry .attachments > * { +.notice.h-entry .attachments > li { clear: both; + background-color: #f9f9f9; + border: 1px lightgrey solid; + margin-bottom: 1ex; + padding: 1ex 1ex 0 1ex; + overflow: auto; + text-align: center; + position: relative; } .notice.h-entry .attachments .inline-attachment > * { height: auto; max-width: 100%; } -.notice.h-entry .attachments .inline-attachment > a { +.notice.h-entry .attachments .inline-attachment > label { font-size: 0.8em; line-height: 16px; height: 16px; } -.notice.h-entry .attachments .inline-attachment > img { - display: block; -} #attachments { clear:both; From 6bc00306990d654220a10796a54d1201fa70adec Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 21 Aug 2016 09:36:22 +0200 Subject: [PATCH 279/415] articles accidentally got aligned to center --- theme/base/css/display.css | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/theme/base/css/display.css b/theme/base/css/display.css index 14200ac60a..837577f4a0 100644 --- a/theme/base/css/display.css +++ b/theme/base/css/display.css @@ -826,6 +826,10 @@ position:static; position: relative; } +.notice.h-entry .attachments .inline-attachment > article { + text-align: left; +} + .notice.h-entry .attachments .inline-attachment > * { height: auto; max-width: 100%; From d13883ec868343da9bc6b50d16e704564deb621e Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 21 Aug 2016 18:23:16 +0200 Subject: [PATCH 280/415] Margin for oEmbed article etc. --- theme/base/css/display.css | 1 + 1 file changed, 1 insertion(+) diff --git a/theme/base/css/display.css b/theme/base/css/display.css index 837577f4a0..dd007e6972 100644 --- a/theme/base/css/display.css +++ b/theme/base/css/display.css @@ -832,6 +832,7 @@ position:static; .notice.h-entry .attachments .inline-attachment > * { height: auto; + margin-bottom: 1ex; max-width: 100%; } .notice.h-entry .attachments .inline-attachment > label { From f7030b538f30a3f96e05009b8c64a65d197f3dd2 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 25 Aug 2016 11:26:09 +0200 Subject: [PATCH 281/415] neo-quitter display fixes for attachment since layout change --- theme/neo-quitter/css/display.css | 29 ----------------------------- 1 file changed, 29 deletions(-) diff --git a/theme/neo-quitter/css/display.css b/theme/neo-quitter/css/display.css index 0500395514..a5dff1853b 100644 --- a/theme/neo-quitter/css/display.css +++ b/theme/neo-quitter/css/display.css @@ -1193,35 +1193,6 @@ body#outbox #core ul.messages .notice:before { /* notices etc */ -.notice .h-entry { - overflow:visible; -} - -.notice.h-entry .attachments { - clear: both; - margin-top: -16px; - position: relative; - top: 0; - z-index: 1; -} - -.notice .attachments .inline-attachment { - color: transparent; - font-size: 0; - line-height: 0; - list-style: none outside none; - margin-bottom: 0; -} - -.notice .attachments .inline-attachment img { - color: transparent; - font-size: 0; - line-height: 0; - list-style: none outside none; - margin-bottom: 0; - padding-top:20px; -} - #page_notice { clear: both; margin-bottom: 18px; From 3b046ee49dbdee50fbd08e2f2fc79b7cf425258b Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 27 Aug 2016 14:42:28 +0200 Subject: [PATCH 282/415] Shorthand function to check if notice has been repeated. --- classes/Notice.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/classes/Notice.php b/classes/Notice.php index b828678d87..c7b12371e0 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -2627,6 +2627,13 @@ class Notice extends Managed_DataObject return !empty($this->repeat_of); } + public function isRepeated() + { + $n = new Notice(); + $n->repeat_of = $this->getID(); + return $n->find() && $n->N > 0; + } + /** * Get the list of hash tags saved with this notice. * From 27022e7c393e7fe6d3824073b84a3ccecb29f5a7 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 27 Aug 2016 15:00:29 +0200 Subject: [PATCH 283/415] Typing on WebFinger onRouterInitialized handler argument URLMapper $m --- plugins/WebFinger/WebFingerPlugin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/WebFinger/WebFingerPlugin.php b/plugins/WebFinger/WebFingerPlugin.php index 03a8c140b7..d8ddcb1ce2 100644 --- a/plugins/WebFinger/WebFingerPlugin.php +++ b/plugins/WebFinger/WebFingerPlugin.php @@ -35,7 +35,7 @@ class WebFingerPlugin extends Plugin const OAUTH_REQUEST_TOKEN_REL = 'http://apinamespace.org/oauth/request_token'; const OAUTH_AUTHORIZE_REL = 'http://apinamespace.org/oauth/authorize'; - public function onRouterInitialized($m) + public function onRouterInitialized(URLMapper $m) { $m->connect('.well-known/host-meta', array('action' => 'hostmeta')); $m->connect('.well-known/host-meta.:format', From 5a008c37389dfdfc64f17eed8d0b259d3b5aaed6 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 27 Aug 2016 15:06:12 +0200 Subject: [PATCH 284/415] Don't redirect to tag cloud on /tag URL (this is probably just while we pluginify TagCloud) --- actions/tag.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/tag.php b/actions/tag.php index 751e8dcec5..ccd2c7fbe0 100644 --- a/actions/tag.php +++ b/actions/tag.php @@ -34,7 +34,7 @@ class TagAction extends ManagedAction $this->tag = common_canonical_tag($taginput); if (empty($this->tag)) { - common_redirect(common_local_url('publictagcloud'), 301); + throw new ClientException(_('No valid tag data.')); } // after common_canonical_tag we have a lowercase, no-specials tag string From a32bfe7d87ae513ae5762db5cde628c87333b5aa Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 27 Aug 2016 15:24:25 +0200 Subject: [PATCH 285/415] TagCloud turned into plugin (performance issues on large installs) --- actions/all.php | 6 -- actions/attachment.php | 4 -- actions/public.php | 6 -- actions/showstream.php | 9 --- lib/groupaction.php | 5 -- lib/publicgroupnav.php | 7 -- lib/router.php | 6 -- plugins/TagCloud/TagCloudPlugin.php | 70 +++++++++++++++++++ .../TagCloud/actions}/publictagcloud.php | 0 .../lib}/attachmenttagcloudsection.php | 0 .../TagCloud/lib}/grouptagcloudsection.php | 0 .../TagCloud/lib}/inboxtagcloudsection.php | 0 .../TagCloud/lib}/personaltagcloudsection.php | 2 +- .../TagCloud/lib}/publictagcloudsection.php | 0 .../lib}/subpeopletagcloudsection.php | 0 .../subscriberspeopleselftagcloudsection.php | 0 .../lib}/subscriberspeopletagcloudsection.php | 0 ...subscriptionspeopleselftagcloudsection.php | 0 .../subscriptionspeopletagcloudsection.php | 0 .../TagCloud/lib}/tagcloudsection.php | 0 20 files changed, 71 insertions(+), 44 deletions(-) create mode 100644 plugins/TagCloud/TagCloudPlugin.php rename {actions => plugins/TagCloud/actions}/publictagcloud.php (100%) rename {lib => plugins/TagCloud/lib}/attachmenttagcloudsection.php (100%) rename {lib => plugins/TagCloud/lib}/grouptagcloudsection.php (100%) rename {lib => plugins/TagCloud/lib}/inboxtagcloudsection.php (100%) rename {lib => plugins/TagCloud/lib}/personaltagcloudsection.php (97%) rename {lib => plugins/TagCloud/lib}/publictagcloudsection.php (100%) rename {lib => plugins/TagCloud/lib}/subpeopletagcloudsection.php (100%) rename {lib => plugins/TagCloud/lib}/subscriberspeopleselftagcloudsection.php (100%) rename {lib => plugins/TagCloud/lib}/subscriberspeopletagcloudsection.php (100%) rename {lib => plugins/TagCloud/lib}/subscriptionspeopleselftagcloudsection.php (100%) rename {lib => plugins/TagCloud/lib}/subscriptionspeopletagcloudsection.php (100%) rename {lib => plugins/TagCloud/lib}/tagcloudsection.php (100%) diff --git a/actions/all.php b/actions/all.php index 19413076b5..84e4dd5305 100644 --- a/actions/all.php +++ b/actions/all.php @@ -170,12 +170,6 @@ class AllAction extends ShowstreamAction } $ibs->show(); } - // XXX: make this a little more convenient - - if (!common_config('performance', 'high')) { - $pop = new InboxTagCloudSection($this, $this->target); - $pop->show(); - } } } diff --git a/actions/attachment.php b/actions/attachment.php index 3ec837a511..3f2ae5c1ce 100644 --- a/actions/attachment.php +++ b/actions/attachment.php @@ -132,9 +132,5 @@ class AttachmentAction extends ManagedAction function showSections() { $ns = new AttachmentNoticeSection($this); $ns->show(); - if (!common_config('performance', 'high')) { - $atcs = new AttachmentTagCloudSection($this); - $atcs->show(); - } } } diff --git a/actions/public.php b/actions/public.php index 000f82cb93..a2958e8806 100644 --- a/actions/public.php +++ b/actions/public.php @@ -86,12 +86,6 @@ class PublicAction extends SitestreamAction $ibs->show(); } - $p = Profile::current(); - - if (!common_config('performance', 'high')) { - $cloud = new PublicTagCloudSection($this); - $cloud->show(); - } $feat = new FeaturedUsersSection($this); $feat->show(); } diff --git a/actions/showstream.php b/actions/showstream.php index 97b21b1286..1e70ecd3ac 100644 --- a/actions/showstream.php +++ b/actions/showstream.php @@ -251,15 +251,6 @@ class ShowstreamAction extends NoticestreamAction $this->elementEnd('div'); } - function showSections() - { - parent::showSections(); - if (!common_config('performance', 'high')) { - $cloud = new PersonalTagCloudSection($this->target, $this); - $cloud->show(); - } - } - function noticeFormOptions() { $options = parent::noticeFormOptions(); diff --git a/lib/groupaction.php b/lib/groupaction.php index 0886460737..31a0b8bc34 100644 --- a/lib/groupaction.php +++ b/lib/groupaction.php @@ -112,11 +112,6 @@ class GroupAction extends Action } $this->showAdmins(); - - if (!common_config('performance', 'high')) { - $cloud = new GroupTagCloudSection($this, $this->group); - $cloud->show(); - } } /** diff --git a/lib/publicgroupnav.php b/lib/publicgroupnav.php index 620a61ddd9..ef342839d8 100644 --- a/lib/publicgroupnav.php +++ b/lib/publicgroupnav.php @@ -77,13 +77,6 @@ class PublicGroupNav extends Menu // TRANS: Menu item title in search group navigation panel. _('User groups'), $this->actionName == 'groups', 'nav_groups'); - if (!common_config('performance', 'high')) { - // TRANS: Menu item in search group navigation panel. - $this->out->menuItem(common_local_url('publictagcloud'), _m('MENU','Recent tags'), - // TRANS: Menu item title in search group navigation panel. - _('Recent tags'), $this->actionName == 'publictagcloud', 'nav_recent-tags'); - } - if (count(common_config('nickname', 'featured')) > 0) { // TRANS: Menu item in search group navigation panel. $this->out->menuItem(common_local_url('featured'), _m('MENU','Featured'), diff --git a/lib/router.php b/lib/router.php index b01c9a7677..cd464d841c 100644 --- a/lib/router.php +++ b/lib/router.php @@ -260,12 +260,6 @@ class Router array('action' => 'userbyid'), array('id' => '[0-9]+')); - if (!common_config('performance', 'high')) { - $m->connect('tags/', array('action' => 'publictagcloud')); - $m->connect('tag/', array('action' => 'publictagcloud')); - $m->connect('tags', array('action' => 'publictagcloud')); - $m->connect('tag', array('action' => 'publictagcloud')); - } $m->connect('tag/:tag/rss', array('action' => 'tagrss'), array('tag' => self::REGEX_TAG)); diff --git a/plugins/TagCloud/TagCloudPlugin.php b/plugins/TagCloud/TagCloudPlugin.php new file mode 100644 index 0000000000..c616be75fd --- /dev/null +++ b/plugins/TagCloud/TagCloudPlugin.php @@ -0,0 +1,70 @@ + + * @copyright 2016 Free Software Foundation, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0 + * @link http://gnu.io/social/ + */ + +if (!defined('GNUSOCIAL')) { exit(1); } + +class TagCloudPlugin extends Plugin { + + public function onRouterInitialized(URLMapper $m) + { + $m->connect('tags/', array('action' => 'publictagcloud')); + $m->connect('tag/', array('action' => 'publictagcloud')); + $m->connect('tags', array('action' => 'publictagcloud')); + $m->connect('tag', array('action' => 'publictagcloud')); + } + + public function onEndPublicGroupNav(Menu $menu) + { + // TRANS: Menu item in search group navigation panel. + $menu->out->menuItem(common_local_url('publictagcloud'), _m('MENU','Recent tags'), + // TRANS: Menu item title in search group navigation panel. + _('Recent tags'), $menu->actionName === 'publictagcloud', 'nav_recent-tags'); + } + + public function onEndShowSections(Action $action) + { + $cloud = null; + + switch (true) { + case $action instanceof AllAction: + $cloud = new InboxTagCloudSection($action, $action->getTarget()); + break; + case $action instanceof AttachmentAction: + $cloud = new AttachmentTagCloudSection($action); + break; + case $action instanceof PublicAction: + $cloud = new PublicTagCloudSection($action); + break; + case $action instanceof ShowstreamAction: + $cloud = new PersonalTagCloudSection($action, $action->getTarget()); + break; + case $action instanceof GroupAction: + $cloud = new GroupTagCloudSection($action, $action->getGroup()); + } + + if (!is_null($cloud)) { + $cloud->show(); + } + } + + public function onPluginVersion(array &$versions) + { + $versions[] = array('name' => 'TagCloud', + 'version' => GNUSOCIAL_VERSION, + 'author' => 'Mikael Nordfeldth', + 'homepage' => 'https://gnu.io/social', + 'description' => + // TRANS: Plugin description. + _m('Adds tag clouds to stream pages')); + return true; + } +} diff --git a/actions/publictagcloud.php b/plugins/TagCloud/actions/publictagcloud.php similarity index 100% rename from actions/publictagcloud.php rename to plugins/TagCloud/actions/publictagcloud.php diff --git a/lib/attachmenttagcloudsection.php b/plugins/TagCloud/lib/attachmenttagcloudsection.php similarity index 100% rename from lib/attachmenttagcloudsection.php rename to plugins/TagCloud/lib/attachmenttagcloudsection.php diff --git a/lib/grouptagcloudsection.php b/plugins/TagCloud/lib/grouptagcloudsection.php similarity index 100% rename from lib/grouptagcloudsection.php rename to plugins/TagCloud/lib/grouptagcloudsection.php diff --git a/lib/inboxtagcloudsection.php b/plugins/TagCloud/lib/inboxtagcloudsection.php similarity index 100% rename from lib/inboxtagcloudsection.php rename to plugins/TagCloud/lib/inboxtagcloudsection.php diff --git a/lib/personaltagcloudsection.php b/plugins/TagCloud/lib/personaltagcloudsection.php similarity index 97% rename from lib/personaltagcloudsection.php rename to plugins/TagCloud/lib/personaltagcloudsection.php index 46b4661e89..e46aa2d662 100644 --- a/lib/personaltagcloudsection.php +++ b/plugins/TagCloud/lib/personaltagcloudsection.php @@ -42,7 +42,7 @@ class PersonalTagCloudSection extends TagCloudSection { protected $profile = null; - function __construct(Profile $profile, HTMLOutputter $out=null) + function __construct(HTMLOutputter $out, Profile $profile) { parent::__construct($out); $this->profile = $profile; diff --git a/lib/publictagcloudsection.php b/plugins/TagCloud/lib/publictagcloudsection.php similarity index 100% rename from lib/publictagcloudsection.php rename to plugins/TagCloud/lib/publictagcloudsection.php diff --git a/lib/subpeopletagcloudsection.php b/plugins/TagCloud/lib/subpeopletagcloudsection.php similarity index 100% rename from lib/subpeopletagcloudsection.php rename to plugins/TagCloud/lib/subpeopletagcloudsection.php diff --git a/lib/subscriberspeopleselftagcloudsection.php b/plugins/TagCloud/lib/subscriberspeopleselftagcloudsection.php similarity index 100% rename from lib/subscriberspeopleselftagcloudsection.php rename to plugins/TagCloud/lib/subscriberspeopleselftagcloudsection.php diff --git a/lib/subscriberspeopletagcloudsection.php b/plugins/TagCloud/lib/subscriberspeopletagcloudsection.php similarity index 100% rename from lib/subscriberspeopletagcloudsection.php rename to plugins/TagCloud/lib/subscriberspeopletagcloudsection.php diff --git a/lib/subscriptionspeopleselftagcloudsection.php b/plugins/TagCloud/lib/subscriptionspeopleselftagcloudsection.php similarity index 100% rename from lib/subscriptionspeopleselftagcloudsection.php rename to plugins/TagCloud/lib/subscriptionspeopleselftagcloudsection.php diff --git a/lib/subscriptionspeopletagcloudsection.php b/plugins/TagCloud/lib/subscriptionspeopletagcloudsection.php similarity index 100% rename from lib/subscriptionspeopletagcloudsection.php rename to plugins/TagCloud/lib/subscriptionspeopletagcloudsection.php diff --git a/lib/tagcloudsection.php b/plugins/TagCloud/lib/tagcloudsection.php similarity index 100% rename from lib/tagcloudsection.php rename to plugins/TagCloud/lib/tagcloudsection.php From cb5bcf4937a395b26ade87bfff9723fe74204c02 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 28 Aug 2016 00:16:31 +0200 Subject: [PATCH 286/415] bad log constant --- plugins/Oembed/OembedPlugin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/Oembed/OembedPlugin.php b/plugins/Oembed/OembedPlugin.php index 187b4b9819..64e3e8940c 100644 --- a/plugins/Oembed/OembedPlugin.php +++ b/plugins/Oembed/OembedPlugin.php @@ -176,7 +176,7 @@ class OembedPlugin extends Plugin } $file->setTitle($oembed_data->title); } catch (Exception $e) { - common_log(LOG_WARN, sprintf(__METHOD__.': %s thrown when getting oEmbed data: %s', get_class($e), _ve($e->getMessage()))); + common_log(LOG_WARNING, sprintf(__METHOD__.': %s thrown when getting oEmbed data: %s', get_class($e), _ve($e->getMessage()))); return true; } From af6a3aa456c239e5dfc03b5cd34f0192fd4117ac Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 28 Aug 2016 09:34:31 +0200 Subject: [PATCH 287/415] Make Group actions ManagedAction so groupbyid works --- actions/groupbyid.php | 10 +++--- actions/groupmembers.php | 16 +--------- actions/showgroup.php | 68 ++-------------------------------------- lib/groupaction.php | 18 +++++------ lib/profileaction.php | 4 +-- 5 files changed, 18 insertions(+), 98 deletions(-) diff --git a/actions/groupbyid.php b/actions/groupbyid.php index de87ec5c67..ed4ec979a9 100644 --- a/actions/groupbyid.php +++ b/actions/groupbyid.php @@ -42,7 +42,7 @@ if (!defined('GNUSOCIAL')) { exit(1); } * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ -class GroupbyidAction extends ManagedAction +class GroupbyidAction extends ShowgroupAction { /** group we're viewing. */ protected $group = null; @@ -55,10 +55,10 @@ class GroupbyidAction extends ManagedAction protected function doPreparation() { $this->group = User_group::getByID($this->arg('id')); - } + $this->target = $this->group->getProfile(); - public function showPage() - { - common_redirect($this->group->homeUrl(), 303); + if ($this->target->isLocal()) { + common_redirect($this->target->getUrl()); + } } } diff --git a/actions/groupmembers.php b/actions/groupmembers.php index 44c4dd6f99..1d2171b27f 100644 --- a/actions/groupmembers.php +++ b/actions/groupmembers.php @@ -27,12 +27,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); -} - -require_once(INSTALLDIR.'/lib/profilelist.php'); -require_once INSTALLDIR.'/lib/publicgroupnav.php'; +if (!defined('GNUSOCIAL)') { exit(1); } /** * List of group members @@ -52,15 +47,6 @@ class GroupmembersAction extends GroupAction return true; } - protected function prepare(array $args=array()) - { - parent::prepare($args); - - $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; - - return true; - } - function title() { if ($this->page == 1) { diff --git a/actions/showgroup.php b/actions/showgroup.php index 8770e6cc8b..8cc65aa906 100644 --- a/actions/showgroup.php +++ b/actions/showgroup.php @@ -76,79 +76,15 @@ class ShowgroupAction extends GroupAction } } - /** - * Prepare the action - * - * Reads and validates arguments and instantiates the attributes. - * - * @param array $args $_REQUEST args - * - * @return boolean success flag - */ - protected function prepare(array $args=array()) + public function getStream() { - parent::prepare($args); - - $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; - if ($this->scoped instanceof Profile && $this->scoped->isLocal() && $this->scoped->getUser()->streamModeOnly()) { $stream = new GroupNoticeStream($this->group, $this->scoped); } else { $stream = new ThreadingGroupNoticeStream($this->group, $this->scoped); } - $this->notice = $stream->getNotices(($this->page-1)*NOTICES_PER_PAGE, - NOTICES_PER_PAGE + 1); - - common_set_returnto($this->selfUrl()); - - return true; - } - - /** - * Handle the request - * - * Shows a profile for the group, some controls, and a list of - * group notices. - * - * @return void - */ - protected function handle() - { - parent::handle(); - $this->showPage(); - } - - /** - * Show the page content - * - * Shows a group profile and a list of group notices - */ - function showContent() - { - $this->showGroupNotices(); - } - - /** - * Show the group notices - * - * @return void - */ - function showGroupNotices() - { - if ($this->scoped instanceof Profile && $this->scoped->isLocal() && $this->scoped->getUser()->streamModeOnly()) { - $nl = new PrimaryNoticeList($this->notice, $this, array('show_n'=>NOTICES_PER_PAGE)); - } else { - $nl = new ThreadedNoticeList($this->notice, $this, $this->scoped); - } - - $cnt = $nl->show(); - - $this->pagination($this->page > 1, - $cnt > NOTICES_PER_PAGE, - $this->page, - 'showgroup', - array('nickname' => $this->group->nickname)); + return $stream; } /** diff --git a/lib/groupaction.php b/lib/groupaction.php index 31a0b8bc34..2fcec360bc 100644 --- a/lib/groupaction.php +++ b/lib/groupaction.php @@ -40,25 +40,23 @@ define('MEMBERS_PER_SECTION', 27); * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ -class GroupAction extends Action +class GroupAction extends ShowstreamAction { protected $group; - protected function prepare(array $args=array()) + protected function doPreparation() { - parent::prepare($args); - $nickname_arg = $this->arg('nickname'); $nickname = common_canonical_nickname($nickname_arg); // Permanent redirect on non-canonical nickname - if ($nickname_arg != $nickname) { + if ($nickname_arg !== $nickname) { $args = array('nickname' => $nickname); if ($this->page != 1) { $args['page'] = $this->page; } - common_redirect(common_local_url('showgroup', $args), 301); + common_redirect(common_local_url($this->getActionName(), $args), 301); } if (!$nickname) { @@ -79,15 +77,16 @@ class GroupAction extends Action } else { common_log(LOG_NOTICE, "Couldn't find local group for nickname '$nickname'"); // TRANS: Client error displayed if no remote group with a given name was found requesting group page. - $this->clientError(_('No such group.'), 404); + throw new ClientException(_('No such group.'), 404); } } $this->group = User_group::getKV('id', $local->group_id); + $this->target = $this->group->getProfile(); if (!$this->group instanceof User_group) { // TRANS: Client error displayed if no local group with a given name was found requesting group page. - $this->clientError(_('No such group.'), 404); + throw new ClientException(_('No such group.'), 404); } } @@ -105,8 +104,7 @@ class GroupAction extends Action function showSections() { $this->showMembers(); - $cur = common_current_user(); - if ($cur && $cur->isAdmin($this->group)) { + if ($this->scoped instanceof Profile && $this->scoped->isAdmin($this->group)) { $this->showPending(); $this->showBlocked(); } diff --git a/lib/profileaction.php b/lib/profileaction.php index 22c960406a..64087cf312 100644 --- a/lib/profileaction.php +++ b/lib/profileaction.php @@ -55,7 +55,7 @@ abstract class ProfileAction extends ManagedAction $nickname = common_canonical_nickname($nickname_arg); // Permanent redirect on non-canonical nickname - if ($nickname_arg != $nickname) { + if ($nickname_arg !== $nickname) { $args = array('nickname' => $nickname); if ($this->arg('page') && $this->arg('page') != 1) { $args['page'] = $this->arg['page']; @@ -83,7 +83,7 @@ abstract class ProfileAction extends ManagedAction // this will call ->doPreparation() which child classes use to set $this->target parent::prepare($args); - if ($this->target->hasRole(Profile_role::SILENCED) + if ($this->target->isPerson() && $this->target->hasRole(Profile_role::SILENCED) && (!$this->scoped instanceof Profile || !$this->scoped->hasRight(Right::SILENCEUSER))) { throw new ClientException(_('This profile has been silenced by site moderators'), 403); } From e6b3924a5d30e622619fe88fbfef9b6f0b71c200 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 2 Sep 2016 00:08:17 +0200 Subject: [PATCH 288/415] common_to_alphanumeric added, filtering Notice->source in classic layout --- lib/activityhandlerplugin.php | 5 +++++ lib/noticelistitem.php | 6 ++++-- lib/util.php | 9 +++++++++ 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/lib/activityhandlerplugin.php b/lib/activityhandlerplugin.php index c06f723a36..9ebcd8a218 100644 --- a/lib/activityhandlerplugin.php +++ b/lib/activityhandlerplugin.php @@ -556,6 +556,11 @@ abstract class ActivityHandlerPlugin extends Plugin if ($nli->notice->scope != 0 && $nli->notice->scope != 1) { $class .= ' limited-scope'; } + try { + $class .= ' notice-source-'.common_to_alphanumeric($this->notice->source); + } catch (Exception $e) { + // either source or what we filtered out was a zero-length string + } $nli->out->elementStart('li', array('class' => $class, 'id' => 'notice-' . $id)); } diff --git a/lib/noticelistitem.php b/lib/noticelistitem.php index 5c7efa5814..1a629cf372 100644 --- a/lib/noticelistitem.php +++ b/lib/noticelistitem.php @@ -229,8 +229,10 @@ class NoticeListItem extends Widget if ($this->notice->scope != 0 && $this->notice->scope != 1) { $class .= ' limited-scope'; } - if (!empty($this->notice->source)) { - $class .= ' notice-source-'.$this->notice->source; + try { + $class .= ' notice-source-'.common_to_alphanumeric($this->notice->source); + } catch (Exception $e) { + // either source or what we filtered out was a zero-length string } $id_prefix = (strlen($this->id_prefix) ? $this->id_prefix . '-' : ''); $this->out->elementStart($this->item_tag, array('class' => $class, diff --git a/lib/util.php b/lib/util.php index 985b3773df..aa0d5bfe76 100644 --- a/lib/util.php +++ b/lib/util.php @@ -581,6 +581,15 @@ function common_canonical_email($email) return $email; } +function common_to_alphanumeric($str) +{ + $filtered = preg_replace('/[^A-Za-z0-9]\s*/', '', $str); + if (strlen($filtered) < 1) { + throw new Exception('Filtered string was zero-length.'); + } + return $filtered; +} + function common_purify($html, array $args=array()) { require_once INSTALLDIR.'/extlib/HTMLPurifier/HTMLPurifier.auto.php'; From 59b93b23e23644a3eb3df1e3275a03f617c2f8e8 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 2 Sep 2016 00:55:46 +0200 Subject: [PATCH 289/415] Split up source and source_link. Never trust HTML! https://community.highlandarrow.com/notice/269667 or alternatively: https://social.umeahackerspace.se/conversation/495655 --- actions/apisearchatom.php | 16 +++++++-------- classes/Notice.php | 6 +----- lib/apiaction.php | 16 +++++++-------- lib/jsonsearchresultslist.php | 37 +++++++++++++++++++++++------------ 4 files changed, 41 insertions(+), 34 deletions(-) diff --git a/actions/apisearchatom.php b/actions/apisearchatom.php index 3a24b771ea..e82ea39f9f 100644 --- a/actions/apisearchatom.php +++ b/actions/apisearchatom.php @@ -337,21 +337,21 @@ class ApiSearchAtomAction extends ApiPrivateAuthAction // @todo: Here is where we'd put in a link to an atom feed for threads $source = null; + $source_link = null; $ns = $notice->getSource(); if ($ns instanceof Notice_source) { - if (!empty($ns->name) && !empty($ns->url)) { - $source = '' - . htmlspecialchars($ns->name) - . ''; - } else { - $source = $ns->code; + $source = $ns->code; + if (!empty($ns->url)) { + $source_link = $ns->url; + if (!empty($ns->name)) { + $source = $ns->name; + } } } $this->element("twitter:source", null, $source); + $this->element("twitter:source_link", null, $source_link); $this->elementStart('author'); diff --git a/classes/Notice.php b/classes/Notice.php index c7b12371e0..d5a0e5f6d2 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -2123,11 +2123,7 @@ class Notice extends Managed_DataObject if (!empty($ns->url)) { $noticeInfoAttr['source_link'] = $ns->url; if (!empty($ns->name)) { - $noticeInfoAttr['source'] = '' - . htmlspecialchars($ns->name) - . ''; + $noticeInfoAttr['source'] = $ns->name; } } } diff --git a/lib/apiaction.php b/lib/apiaction.php index 6f2f43ab9c..723e589408 100644 --- a/lib/apiaction.php +++ b/lib/apiaction.php @@ -337,22 +337,22 @@ class ApiAction extends Action $twitter_status['in_reply_to_status_id'] = $in_reply_to; $source = null; + $source_link = null; $ns = $notice->getSource(); if ($ns instanceof Notice_source) { - if (!empty($ns->name) && !empty($ns->url)) { - $source = '' - . htmlspecialchars($ns->name) - . ''; - } else { - $source = $ns->code; + $source = $ns->code; + if (!empty($ns->url)) { + $source_link = $ns->url; + if (!empty($ns->name)) { + $source = $ns->name; + } } } $twitter_status['uri'] = $notice->getUri(); $twitter_status['source'] = $source; + $twitter_status['source_link'] = $source_link; $twitter_status['id'] = intval($notice->id); $replier_profile = null; diff --git a/lib/jsonsearchresultslist.php b/lib/jsonsearchresultslist.php index 0f764a72be..80dc33e323 100644 --- a/lib/jsonsearchresultslist.php +++ b/lib/jsonsearchresultslist.php @@ -184,7 +184,8 @@ class ResultItem var $id; var $from_user_id; var $iso_language_code; - var $source; + var $source = null; + var $source_link = null; var $profile_image_url; var $created_at; @@ -234,7 +235,8 @@ class ResultItem $this->iso_language_code = Profile_prefs::getConfigData($this->profile, 'site', 'language'); - $this->source = $this->getSourceLink($this->notice->source); + // set source and source_link + $this->setSourceData(); $this->profile_image_url = $this->profile->avatarUrl(AVATAR_STREAM_SIZE); @@ -242,34 +244,43 @@ class ResultItem } /** - * Show the source of the notice + * Set the notice's source data (api/app name and URL) * * Either the name (and link) of the API client that posted the notice, - * or one of other other channels. + * or one of other other channels. Uses the local notice object. * - * @param string $source the source of the Notice - * - * @return string a fully rendered source of the Notice + * @return void */ - function getSourceLink($source) + function setSourceData() { - // Gettext translations for the below source types are available. - $source_name = _($source); + $source = null; + $source_link = null; + switch ($source) { case 'web': case 'xmpp': case 'mail': case 'omb': case 'api': + // Gettext translations for the below source types are available. + $source = _($this->notice->source); break; + default: - $ns = Notice_source::getKV($source); + $ns = Notice_source::getKV($this->notice->source); if ($ns instanceof Notice_source) { - $source_name = '' . $ns->name . ''; + $source = $ns->code; + if (!empty($ns->url)) { + $source_link = $ns->url; + if (!empty($ns->name)) { + $source = $ns->name; + } + } } break; } - return $source_name; + $this->source = $source; + $this->source_link = $source_link; } } From 3b9b9331a839fcd4f14b45a09fb8dacba9de86b1 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 2 Sep 2016 01:07:09 +0200 Subject: [PATCH 290/415] parenthesis fail --- actions/groupmembers.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/groupmembers.php b/actions/groupmembers.php index 1d2171b27f..b4c1ec1cd1 100644 --- a/actions/groupmembers.php +++ b/actions/groupmembers.php @@ -27,7 +27,7 @@ * @link http://status.net/ */ -if (!defined('GNUSOCIAL)') { exit(1); } +if (!defined('GNUSOCIAL)')) { exit(1); } /** * List of group members From a1c7c0ab010f2e2da32bf73abc2067b268315c8a Mon Sep 17 00:00:00 2001 From: vinzv Date: Fri, 2 Sep 2016 11:34:29 +0200 Subject: [PATCH 291/415] Adding SensitiveContent Plugin for nsfw filtering --- plugins/SensitiveContent/LICENSE | 662 ++++++++++++++++++ plugins/SensitiveContent/README.md | 41 ++ .../SensitiveContentPlugin.php | 274 ++++++++ .../actions/sensitivecontentsettings.php | 51 ++ plugins/SensitiveContent/img/blocker.png | Bin 0 -> 32222 bytes .../SensitiveContent/js/sensitivecontent.js | 228 ++++++ 6 files changed, 1256 insertions(+) create mode 100644 plugins/SensitiveContent/LICENSE create mode 100644 plugins/SensitiveContent/README.md create mode 100644 plugins/SensitiveContent/SensitiveContentPlugin.php create mode 100644 plugins/SensitiveContent/actions/sensitivecontentsettings.php create mode 100644 plugins/SensitiveContent/img/blocker.png create mode 100644 plugins/SensitiveContent/js/sensitivecontent.js diff --git a/plugins/SensitiveContent/LICENSE b/plugins/SensitiveContent/LICENSE new file mode 100644 index 0000000000..a871fcfd0f --- /dev/null +++ b/plugins/SensitiveContent/LICENSE @@ -0,0 +1,662 @@ + GNU AFFERO GENERAL PUBLIC LICENSE + Version 3, 19 November 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU Affero General Public License is a free, copyleft license for +software and other kinds of works, specifically designed to ensure +cooperation with the community in the case of network server software. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +our General Public Licenses are intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + Developers that use our General Public Licenses protect your rights +with two steps: (1) assert copyright on the software, and (2) offer +you this License which gives you legal permission to copy, distribute +and/or modify the software. + + A secondary benefit of defending all users' freedom is that +improvements made in alternate versions of the program, if they +receive widespread use, become available for other developers to +incorporate. Many developers of free software are heartened and +encouraged by the resulting cooperation. However, in the case of +software used on network servers, this result may fail to come about. +The GNU General Public License permits making a modified version and +letting the public access it on a server without ever releasing its +source code to the public. + + The GNU Affero General Public License is designed specifically to +ensure that, in such cases, the modified source code becomes available +to the community. It requires the operator of a network server to +provide the source code of the modified version running there to the +users of that server. Therefore, public use of a modified version, on +a publicly accessible server, gives the public access to the source +code of the modified version. + + An older license, called the Affero General Public License and +published by Affero, was designed to accomplish similar goals. This is +a different license, not a version of the Affero GPL, but Affero has +released a new version of the Affero GPL which permits relicensing under +this license. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU Affero General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Remote Network Interaction; Use with the GNU General Public License. + + Notwithstanding any other provision of this License, if you modify the +Program, your modified version must prominently offer all users +interacting with it remotely through a computer network (if your version +supports such interaction) an opportunity to receive the Corresponding +Source of your version by providing access to the Corresponding Source +from a network server at no charge, through some standard or customary +means of facilitating copying of software. This Corresponding Source +shall include the Corresponding Source for any work covered by version 3 +of the GNU General Public License that is incorporated pursuant to the +following paragraph. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the work with which it is combined will remain governed by version +3 of the GNU General Public License. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU Affero General Public License from time to time. Such new versions +will be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU Affero General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU Affero General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU Affero General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Affero General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License + along with this program. If not, see . + +Also add information on how to contact you by electronic and paper mail. + + If your software can interact with users remotely through a computer +network, you should also make sure that it provides a way for users to +get its source. For example, if your program is a web application, its +interface could display a "Source" link that leads users to an archive +of the code. There are many ways you could offer source, and different +solutions will be better for different programs; see section 13 for the +specific requirements. + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU AGPL, see +. + diff --git a/plugins/SensitiveContent/README.md b/plugins/SensitiveContent/README.md new file mode 100644 index 0000000000..9de210d381 --- /dev/null +++ b/plugins/SensitiveContent/README.md @@ -0,0 +1,41 @@ +# "Sensitive" Content Plugin for GNU Social + +## About + +WARNING: THIS IS ALPHA CODE, IT IS PRERELEASE AND SHOULD ONLY BE INSTALLED TO +HELP TEST OR YOU ARE WILLING TO TAKE RISKS. + +Create user option to allow a user to hide #NSFW-hashtagged notices behind a +blocker image until clicked. + +Works for both vanilla GNUSocial and with the Qvitter plugin. + +## Install + +- Move the project directory to ${GNU_SOCIAL}/plugins +- Add addPlugin('SensitiveContent'); to your config.php + +if you want to customize the blocker image, add a line to your config.php: + + $config['site']['sensitivecontent']['blockerimage'] = "/path/to/image.jpg"; + +## Usage + +Individual users must go to their Settings page. A new sidebar menu item "Sensitive Content" +will be available. User checks or unchecks the checkbox on this page, and presses save. + + +If you have GNU Social open in other browser tabs, refresh them. If you are using Qvitter, also +refresh, but because Qvitter caches notices on the client side, only new sensitive images will +be hidden, it will not apply to notices retroactively unless you clear your browser cache. + +## License + +GNU Affero License + +## Thanks + +Thanks in particular to Hannes and Qvitter because looking at his code helped me a lot. + +A tiny bit of content was taken from Qvitter to enhance Qvitter with this functionality. + diff --git a/plugins/SensitiveContent/SensitiveContentPlugin.php b/plugins/SensitiveContent/SensitiveContentPlugin.php new file mode 100644 index 0000000000..8eb7c4a6ef --- /dev/null +++ b/plugins/SensitiveContent/SensitiveContentPlugin.php @@ -0,0 +1,274 @@ + 'Sensitive Content', + 'version' => self::VERSION, + 'author' => 'MoonMan', + 'homepage' => 'https://gitgud.io/ShitposterClub/SensitiveContent/', + 'description' => + _m('Mark, hide/show sensitive notices like on Twitter.')); + return true; + } + + static function settings($setting) + { + $settings['blockerimage'] = Plugin::staticPath('SensitiveContent', '').'img/blocker.png'; + + $configphpsettings = common_config('site','sensitivecontent') ?: array(); + foreach($configphpsettings as $configphpsetting=>$value) { + $settings[$configphpsetting] = $value; + } + + if(isset($settings[$setting])) { + return $settings[$setting]; + } + else FALSE; + } + + function onNoticeSimpleStatusArray($notice, &$twitter_status, $scoped) + { + $twitter_status['tags'] = $notice->getTags(); + } + + function onTwitterUserArray($profile, &$twitter_user, $scoped) + { + if ($scoped instanceof Profile && $scoped->sameAs($profile)) { + $twitter_user['hide_sensitive'] = $this->getHideSensitive($scoped); + } + } + + public function onRouterInitialized(URLMapper $m) + { + $m->connect('settings/sensitivecontent', + array('action' => 'sensitivecontentsettings')); + } + + + function onEndAccountSettingsNav($action) + { + $action->menuItem(common_local_url('sensitivecontentsettings'), + _m('MENU', 'Sensitive Content'), + _m('Settings for display of sensitive content.')); + + return true; + } + + + public function onQvitterEndShowHeadElements(Action $action) + { + $blocker = static::settings('blockerimage'); + common_log( LOG_DEBUG, "SENSITIVECONTENT " . $blocker ); + + + $styles = <<style($styles); + } + + function onQvitterEndShowScripts(Action $action) + { + $action->script( Plugin::staticPath('SensitiveContent', '').'js/sensitivecontent.js' ); + } + + function onEndShowStyles(Action $action) + { + $blocker = static::settings('blockerimage'); + + $styles = << footer > .attachments > .inline-attachment > .attachment-wrapper > .sensitive-blocker { + display: none; +} + +html[data-hidesensitive='true'] .tagcontainer.data-tag-nsfw > footer > .attachments > .inline-attachment > .attachment-wrapper > .sensitive-blocker { +display: block; +width: 100%; +height: 100%; +position: absolute; +z-index: 100; +/*background-color: #d4baba;*/ +background-color: black; +background-image: url($blocker); +background-repeat: no-repeat; +background-position: center center; +background-size: contain; +transition: opacity 1s ease-in-out; +} + +html[data-hidesensitive='true'] .tagcontainer.data-tag-nsfw > footer > .attachments > .inline-attachment > .attachment-wrapper > .sensitive-blocker.reveal { + opacity: 0; +} + +EOB; + + $action->style($styles); + } + + function onStartShowAttachmentRepresentation($out, $file) + { + $profile = Profile::current(); + + if (!is_null($profile) && $profile instanceof Profile) + { + $hidesensitive = $this->getHideSensitive($profile); + } + else + { + $hidesensitive = false; + } + + + $classes = "sensitive-blocker"; //'sensitive-blocker'; + + $out->elementStart('div', array( + 'class'=>'attachment-wrapper', + 'style'=>'height: ' . $file->getThumbnail()->height . 'px; width: ' . $file->getThumbnail()->width . 'px;' + )); /*needs height of thumb*/ + $out->elementStart('div', array( + 'class'=>$classes, + 'onclick'=>'toggleSpoiler(event)', + 'style'=>'height: ' . $file->getThumbnail()->height . 'px; width: ' . $file->getThumbnail()->width . 'px;' + )); + $out->raw(' '); + $out->elementEnd('div'); + } + + function onEndShowAttachmentRepresentation($out, $file) + { + $out->elementEnd('div'); + } + + function onEndShowScripts(Action $action) + { + $profile = $action->getScoped(); + if (!is_null($profile) && $profile instanceof Profile) + { + $hidesensitive = $this->getHideSensitive($profile) ? "true" : "false"; + } + else + { + $hidesensitive = "false"; + } + + $inline = <<inlineScript($inline); + } + + function onEndOpenNoticeListItemElement(NoticeListItem $nli) + { + $rawtags = $nli->getNotice()->getTags(); + $classes = "tagcontainer"; + + foreach($rawtags as $tag) + { + $classes = $classes . ' data-tag-' . $tag; + } + + + $nli->elementStart('span', array('class' => $classes)); + //$nli->elementEnd('span'); + } + + function onStartCloseNoticeListItemElement(NoticeListItem $nli) + { + $nli->elementEnd('span'); + } + + function onStartHtmlElement($action, &$attrs) { + $profile = Profile::current(); + + if (!is_null($profile) && $profile instanceof Profile) + { + $hidesensitive = $this->getHideSensitive($profile); + } + else + { + $hidesensitive = false; + } + + + $attrs = array_merge($attrs, + array('data-hidesensitive' => ($hidesensitive ? "true" : "false")) + ); + } + + + function getHideSensitive($profile) { + $c = Cache::instance(); + + /* + if (!empty($c)) { + $hidesensitive = $c->get(Cache::key('profile:hide_sensitive:'.$profile->id)); + if (is_numeric($hidesensitive)) { + return (boolean) $hidesensitive; + } + else return FALSE; + } + */ + + $hidesensitive = $profile->getPref('MoonMan', 'hide_sensitive', '0'); + + if (!empty($c)) { + //not using it yet. + $c->set(Cache::key('profile:hide_sensitive:'.$profile->id), $hidesensitive); + } + + //common_log(LOG_DEBUG, "SENSITIVECONTENT hidesensitive? id " . $profile->id . " value " . (boolean)$hidesensitive ); + + if (is_null($hidesensitive)) { + return FALSE; + } else + if (is_numeric($hidesensitive)) { + return (boolean) $hidesensitive; + } + else return FALSE; + } + +} diff --git a/plugins/SensitiveContent/actions/sensitivecontentsettings.php b/plugins/SensitiveContent/actions/sensitivecontentsettings.php new file mode 100644 index 0000000000..482a893958 --- /dev/null +++ b/plugins/SensitiveContent/actions/sensitivecontentsettings.php @@ -0,0 +1,51 @@ +scoped->getUser(); + + $this->elementStart('form', array('method' => 'post', + 'id' => 'sensitivecontent', + 'class' => 'form_settings', + 'action' => common_local_url('sensitivecontentsettings'))); + + $this->elementStart('fieldset'); + $this->hidden('token', common_session_token()); + $this->elementStart('ul', 'form_data'); + + $this->elementStart('li'); + $this->checkbox('hidesensitive', _('Hide attachments in posts hashtagged #NSFW'), + ($this->arg('hidesensitive')) ? + $this->boolean('hidesensitive') : $this->scoped->getPref('MoonMan','hide_sensitive',0)); + $this->elementEnd('li'); + + + $this->elementEnd('ul'); + $this->submit('save', _m('BUTTON','Save')); + + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + } + + function doPost() + { + $hidesensitive = $this->booleanintstring('hidesensitive'); + $this->scoped->setPref('MoonMan','hide_sensitive', $hidesensitive); + return _('Settings saved.'); + } +} diff --git a/plugins/SensitiveContent/img/blocker.png b/plugins/SensitiveContent/img/blocker.png new file mode 100644 index 0000000000000000000000000000000000000000..6866ce4d4acf18ea3a08f8772eb40ea02881101e GIT binary patch literal 32222 zcmd43XH=70*ESl8fVc$_FiKUhfdV4ZtA(P{1W^Pjf`HOOFQMB&T0{|$E=X?z(g{HY zQIXzj1cZbdflxvSIqMGYXYc2IzaQt%IpcE-hbi}3YnE%)HRE%AUCsThJghJnZ2wiQ zD+Vwa10MRz!UR6i$?W|F{@LrIb;lhB6Bma5()nbmdVvp*c&HnD7$R&vyzjZ$z%JfL zSlJxC>U7V}#=z#@eP7paHcBv9fWy@*7jOCuFN`@vrfdWZlI)ha9&~(-{u;G#PfPt# zrk4G)xUQ&a#-mX>LY|NJ92tx=JIiMf{g+2b_B(QhR^^DnN(6mU>vyI@E)MXlS<9sA z2lVG%Ih#4GqRL}3mWs6%?iIev&^CFOA9hyVK(;-qyo2z7&GQ0}n=?*{id!MUm@gX$ zbxcTwO5yx=s?IV1y8p+Y^b1>e>C+!j&$oJ2v%(4+zjfFRiNw<#z{AkbS09r?(Z!6g zGcLz4i$8=Z3D@aZJYcSD!CK4*@WFD-uo$-gzuzD2r2DV)|6jd_3Gx3;FYWpNdLP32 zh4lN`{vjQLUz*-QHJ$q3qwYfdYUvC{5v#mGzckDA0%ord;j?vAZos6M$3BOaYf}3# z2WMf|54-GDOO9}dg|A@80{vu=t8GK&uU^^s`|z%eCt0wm1LtHSFmBUK-}{hxnu2>I(lB9UKP>^MJIk zmdpUq@PF8fQ6bFz-&BNoz(Uv{IsAJowe-hw|Gm}55dHsN2_5v`^dFdoRQf;ZhiIgU z_HXv+)ZRq^7HEh3VGs7NrMv9$(WG%JqvHh3)f^`$7`Rm9h#!^LyA&**Ab9wzI5yDF z%Vz3}$qprT`-^ND7U-*W>$mu?suYXXGV9dm`W70yr`~#p2vp%!3Q|ep91^WB`%s$_C^?Q^vo<1=QRu4=M0}FxgZCNek%nKTPc^0m$b6!vn;- zFVZCVAN>5`08mZSD1h>=yu()Knn~$$%nzcKx|t6NDRcfq|ExzeAUcNa9~`PH&~*AA zK>V#Y`0O7Y?&=9h1z;Y$HhcG2jfVeSl?t~v*T^wLuc1wWV1P4%#2XDHv`grp19r8` zr~ruGCG`J}13EMg;Q!COLHy7FK(nxac!T)a1ps70e+&W$9^!|C1^@^#{|FBfm?jNj z5Mur%y#IB8@7k0%`Ix?Ahv4-$HSY#a(a!x34YgXDyOypNcxL;<*ngOW00#6a4?NI+F$n<-(kJZy$^*o^IsRx6Lf$_dKw{ZN zC(SJW;XsK0Z*)S?{zpU+9)F_~g7ZHj`g1@-oSfhR98AqPjCckpNcfMkVGq}yd&ETl ztzw|5KhLw##JICq$4G;Gx}x~BMDA4OW=nzOORUV=24<>7O{$Ikulqe!*wi+}sBtR> z`wF|Mv2L11^}i!H{&c%?)!~lU4=D~BxoUe;&~91W<91VVR3H0^fo!BdW@_JC0YOdj zmPwWCG8>@jKO8)`7O5GQ7LD4cDxSo$rn9e9AagN;{|eGbnBpC{I8gScHC|oe51@X} zd?1D`bGo}1p$xexevuMSwu<(3v4s&ueP(8J$|V-D5`RnhZJyQr?WRky@vcw&(N_HA zB2vUw*xDw`znG5Ih>X>ILG{$h^sh0dS_Vp${fjV$Z%rT82tV2@HGU+C_ZMsCVq>rx zTlKVX`G=km`X()s#jksTc^5OM&v0kXam)(x@j0q1(%dsmqw+_8a7O4;-|I62QU6&+ zch8&+Jb7V_pJs_P3uW#X?N885NUQwfKV~&Y?%2P7h_w4P*H>>d8tQM3_ip>I<9rjS zc{f&z-?Sov{HCwXAFg$xP=?aGJWf|MY&&2ZNvlJzOH0r43KWlF3E4@AcIP(0*< zEyF)_hh#N*tRrSzRi+JyH~lUsM*`qMK9+_qz6TK^i<0&NNgr<{ClnpH&hkaa_g_4R z7;{pXeUmW{ihL92(=0ZOb$?qkFbMri0-+~cNI}V|?cz0DSJA21D++%UMFZpmpJY=6 zaMgd~b?GY0WU_jUKwUjGp}hMdkK4Gld_ z`IwhluJPYTuQh8}XIBn9uE76+6A1j`?QcINdz-Vn%4}f;`8(EfSovCWz4hdHhSnn}wFn{X= zwWsq%1z!K+DhV?(JA&w#k##Pd#uDD-q_sDE2nv#U6@(UhyN~3A8z@^yu*;yikE3}( zveK{3^1lwRE-x=Tw#JDSnLZ&s+t15dgAH4YH%I2JNnUFB(Y5n&TYU$_c1U#q|GR8+ zA8g5|TzszCp{c1^KH^+gIe;fMm@cTH9pH$>kH)_wt6@Th1TARAYj@9ZpiWGqFU@E2`2uma=c-^!%d^n(<()u1x7_!K zucmPTpBn=5sv5aa+s*a`$Mwa73%R_)Gm73zKbC6ei-+%yu&f~h=1sq4W2g(A`t#Zz zyBhhvSu6sA(~I7;_8<34P6hrYY1QB`P`nU8@Uti?UK|`WmXVa~+Hwu=BI-~m8l7*M zCRr*2HQ#4VvdHXuP)RE!nRBnjU(LCs7M1nVTTN{Jo1;tX(W|8z0nX0F@5%h||HcK6 z?%kS~j_%cR0*gIqJ09zoRf(6Qs{17q1KoG%FL?RG@lZsJeMLwFR>JTtS@$q*0~-`% zBO78`aGsxo`R0Xg+)UY9yVP%6=6*$SL6{LjgCg0Y;rCO=++?hv^A7}yY89vBbCMOx zD41)P93QD6?2~1uSN8!!+l?uf``g<(;DKoyW8M~-Q~v(`_3z1vD_sAAeEPP5HUfi7 z^($*jlC9f>qP=h@&6LzcORfF*a+n}0Sv+VSuk$UQg9zZ!R_hLhOAb8E7aXks_2WNk z4QUD=<=amaJIw{~<;@EEp*Up`0U-Ppu6;d1G>a1 z5-zRehqZD5@YGX7+f%))K^;ESBy0Aht*x?{ZKhbMZaZg;auT+>v@&KVi$X33(XN$e zRuL0t)1t(?r!s}{ENSg&pVyj5_){ym`&UTMx1Vl#pq5VU zj7pILlAovj+Ta{dVMZ!hAk0|2G8g_OL9+pQ`XkE$w)c=ORh~OF9b((n?!7D7NeTue`e10%MjLk z%rpL!&eG=c)KJ#-c-A_MPx*|5tzEh5H^lO`Kl=WFaBBRrMvwPO%La01YJOBy&<{G zNqSP1uhx|Xr9@`m?ak&U$%e!SL9P?aRgaYeoods`a6IC6SyOeFZ=U}X?g1+yBEGDzY^c2^S4)N z*9eH3&gvgGkkxh4@7*L51rTv5#)HOeP{If~FZl~ce+0>5QY1~-vN#cO0oJxB$&a_O zxm{48N-=-9z~kYXD$`DGmjBSiga~?p!3WuURUS-28@-msBTAV90<74>2s6tr?m~eXtapO$?iud zTpr#_ERYMG2_GAyDq!dU5j}XwSMV8xSL9$1;MA5%-@NH}MQ=Ez} z?qQMa8_RZufDpA0@@K~?656+v4NXGWmY7#2P78@zVj5o?oD5G}?$um% zk#ow2au;1r+E=F^Ck#7}$-9Voc|v|PF93>WY&HjkL2|$_uo|AX1RdeY1|9MCY(1Xo z)}$h7fR*=42oOLoO`f4;VO^_I{c-eX4zyY}Ebdo^6hD8M3(A*155E~^LrbZsq&f|i zofxV2b(c|47~b*`lRy&=?^is+rNHV$_x+SIRDzCv9+*RWw**J z+b`3NfwBa5lG`2OfZZHniZ!jA=B$mA67shY+1a9`LD^}G0u2ofld5_3j**=P5>|Th zRIGGhF&vq;{p*zSLw7x;wyZ@`}TkqdxsLm$!%pC0|d6aM~vgG8j^@sBs;?{|-+VY3+^b};rfZtNhDRO71 z%FVBoX7?3S?A9%jajo!&ORfwM_zZTzcVj5K3X7aC8Zz@9t5|yY5zUfuxI$amO{B9G zj$ckj6B@|K^H%0h9nK|VcW%hbdeKAS2Kk+dlcuq`lv=kFWQh}pl~E!e>%11fS0b>f z=nXVMY|Jy9W80_aXto498(XD@IPRchA>1%`YX4tl29D{6GG|oD<*Fk{-FKbiK1;v8 zy}Fu;I<~Yn77#F$4RW4qr;V}O{{6sT$_SSK_&>NygN9ealPTZ+DIlz$?h3q|`f}5! z!Ye`3!#TI{^xY@MSGrJ?L6q5;lWDrFR3`zwG5#t0gN0uG+X|cUU<4LX9eL^@(Vi}amc|-b-ff-L2q|?Pfp7h>uCLGjAo=cE75ijvdQ<2 z3Olc?v!nW!H-D$;S?jS^#nJ(3H#C>{xFqwr8utzg!=4*$_JR>U)b5}4a7wK@5RCo}--feDp zY3!yg=)Y(XnWEe`nl2G- zc4p;pqsyPn3BBtjEkyu6^M7bq73y+(xk!ATQgI01t;-_*qVX*rKJHqBkE!Rf;w&W- zFsgNH{iezv?T_1P+*}K5%wQPPh1^@Mmc&^o;4$|XN86=aoay!^jHitG5ztXSh8cSe z7Q)Q?)YxUhX|*b{gQl?HzOXe6yUM2JnO+^glH$5mIMV2D(0Cpm%>jDFP~(FcN@H)G z%FZ|>&tLI9^M!-7oZMid{5g=Av!YF%YqHkn?K)D;*3!6f>6*my10nI^HZ3SY!fZej z?-?k=onJLxbMV|E&VE`#d?=CNB@i}_KP}VT`eQ??GI2JaKUa{+V;-Q%FGkwH(sGXT zil&vJZ~~vds02|HWiy2BTPF3D6X+pndrT`XKigjvGsvZBQCca7qA<$Dx)W`T63glt zjW56By{eb!ekV$^+wUMvIh{(&C$E`JDsiEkKHb?>8v#jEj9Piq`A2f164@04C)z(7 zYg_CAE+3swg9WVZfZ}3HsSn3Y8fC%mjNdrPEu2ri>MCSB;@x$Xei2Y%%Vbw__gnjn zgqt;Il}{$p(LJd;&Kw*t($B?$K?kpEZC8d{!^Ic?~kGc^)sWEIacpk-_lA()QiwJh9ekEut*EU-+Qhms7e zbjSp;C$&+@>GI*`wr>3ca7eUWF%8+YydZqNcfrx&I9Yr0#)4GAT^!rZq|AP(T)56p z%MN0!YV9ITG}9TNhNd}A%fe`P|8S8-Y6D~D3=ArX;zc`~eTU@;9aBmt`)X^Xr`Nkb zAy>2YPN9TTgJ*uPVcUvQtK`}}kD`d$?;?oKjJ0xlg1FA(c5s>dNnRp+%ZxDTE&*@> zBotsq(>b^rf@t7mhTPK8c3PdH$M=Vzs&zRm03UR)taLZIgafAtOe0i?lB3k#A#cG4 z-F~2h3zOT+f|7##Z=aw?7dFZF8Ya6gotB1y#D|#it3-);m3^f3(CllVShh6}1@={H zGP44$3A=|^)b!nLq0VNo#&1l1V200wwxfKE`4$kFzJ+83g?qleq*Wddbs>@NLg-#V z^xK9>tqNpo&5EymKX39b{nJadNL|1OPrUii#&&#Ko7=D3DSrk-|XY!Qn^rb#h4)B zt2OTAY@MVs$PtcomXf|UN5IQZrTL!+$xpT30hsh?Z&|`L$gfWm~s9c4qoe&<=LUwBrwzQx+x6?3w24_0o zVHoys@p?09QXh-<^PZm$J*~obb>>}6L;ou9Wr1QziEf}Q*S!ZtMS0?t{I1nCZ6}LskxiQKu)esI zr&KfNxQ)3l?<8IjGJ9dJ!#@*DH}?^>`YG=2lP0L+;|QmoCpVwdLaNAxch z5?1zl3*n?K+yesRyg`%iLbZ8Q?C&rlh&xrd4QnD~7;O>6ivy0n6yM~HX;&43L1TEb z);YAYM&&@AJNa5gP8W4qkXouI(`jVx08=hKFk229=r+8vwE_=?C=UYtJcrgj(6G_(N%F=_hLO zq84g)4F-EZt_8=d-Il&b^ml#NBI#H7uA-`OlffC60Z!BelqEP^pbpukIgPcaDkquM zdVJ$#fCV?l2uN5;?DI&sOTGTy&u^}4HS3acHoD3iN!=R2q^76@48H=8*}R!#^Jsg+ zq>EsNf$Q4~DxIz8(flwNqk=w<-Kw0#mXCBM4hCcK2v!HZAZ(dU#6ETyxOLV#f=`lh z`u^q1m%BdD(`w(ck8xMQQ zRLkMf=)eZEuug1bQFw2UV@;h@k&&7Cvx#3bmp2SZM-7Qv__@n#>lW~3;FG-xSNqs#8f;^7 z-6b_y#D`KN+z%ZAMn?eO-@id3fm8;4^zq+sChmp^pM!lQ|k@em3i3vx53%h&mq~=IGcHUJAU2Rp*+2@Vjffy zMJDZhN}80c6(|k79!TyAp-cMx1TaI|yEQ1(d$Y6M};Aeh?RJy%>?IV_|fG+zj zH@UtvG;}Lh?=QAQR(5*+2es~dFlt9=GCX}#`yMrD9|ax zWH*9q)zhEw_}mDX+A%8~Qc(Nn?Wd16Oz#x&ey;mm}))S^Iz-*NEBxn))Jji84UC0!(is;_2rzDqZeTF??@O>PG}D=DswO10?kqc$ z*aW3&Ivz1=FQFPt1Z{6F8&Tvre%FDveNc?1A2v$XmO}8=t6MMM5!{(5pkf=vsx~#5 zfi3z13#$%vX~C~=U$XT6;)N?&jSEV#h^H!JbmMt`+qz%bp~eJlcSZ4*2g#j(S#)1@ zYsYD1{KyjjMQUXym{xgl3)uUe$7~nAkydf#@zyDxpy^S5#Y6U-|Zz`@>Ietz5&B*dvSADLlZrBm%25OO|)fmiDaSpFsSYpnTdV zQNM_(pxhKNNONtvKhU(az=4bBsl9S$XIwHXsH`<7!-HvCS`(+JfgKTE2_SWlS1jPm zM>_}FzMCdG=l_JuW>+&9bw)2`P5Kojh55F1@t0oq8%$Yw-A?uVIsN>WJ{2p1Nd$hF4lCe_*_sO5%)q)p{{D@1e{h+c z+b=B{dHLB(H`NxpcOps}hIyoC#NrRN`%_i1YsJ@;m%JK7vs5w{MOKSMh>Km`Jva`$ znqfl?T%0w$HRklfKtFp?GOh$8-X4FW`3BLv$!|d}$aC0VV6l{GJP|zCC>;r$H4Cgzu04oU zF>p7Gd-F5s-SJRLcXl)^LcKmnq{?8A%rD;9D6snk4C;Fm@KTfY!&c8OUfELhh@E|D z)f*u0+@Z9(?m`Ij6kY;@Oz8~4a)fZzg8duo&Z`mGt=?adxDUQS%SDbuWzFia zpNTum1tpa-%GPT;UoUJdJta$Pj0*Rg@^(*`3JB`F0=0mdO%FfpyO4|mCvF~Kt9*zm zr?ha1s1^AEWBnoE9-OrPppJi<1K*hVW}NKh{C_rvEZ~B6aArqeHq}Vu#+Glp zyNh2sa<^f-z00dBT8%kQ%7&5Oe*VWBsiNP36HnnLs?jKoZydO_Lx!Uqi@-Bv>?Em$ z4wK43Cu!k!;PmagEZ+rRNl8uCGw+;75izo-8S?oS8A{{E61_s$IvujBFB8!B_$9cX zf7Qcm*`E+3NAoL|Ir+*p7xg^d2QSOiL{&P&CCs(gHyvT7ln1D_g%pQjQ{JwM%(10q zdJtx6rkJU<#K-p@gJFcCZk{U*A5e!ly&)vo(@+*23cDC^Lj0V|1 z_{v$NVZz%r-H}&aQK30NUNx4LHcw}ec3t|;4W~;FgAeYj%8qca4O;HIeTD<)x4!Ug zeQB(2@-*Q?0C~ONiMm56(hB++!mKoa&#!rP%Cu@hVkcv5^{`FHQk}#+^-bEhEdXN2 zbAdo&`8N5DWFBxq^pTE7e6oH)F-kK*mDqWiknpMDmc!odwXh1x8|l_4&di0|x@qmU zsR8SACHtFtHplBf?dJ&82XIuPTN97kYE!mLorP~!ENZbagrO*ARjBC$DMO=kkHY-k z_4N;%l_Aj_ULVCf>0r6<$4)5eie-NgRPnF=-8PaQ&RD0$%xXoEhoOlb7Jfw@ij{iW z+8-wCbq$9vz6S{lLr6PA12F6f4ZS9$4|TVPNC=qa^fB`P=p^Jg!0kz zg%@#1p&uwg)ul^n>J&?7aq{$lIVTQg!%iGL{&Ou;6FdBfYDW0JRbS2w)91z9&G5w8 zM6T}Rue-}YkLHRQub~763Cy}W5atFj_a1i~g6Zc1GdbjCVI2@qfsUpHanADc$!!H- zOEWc0vEJe2*S9U4#%wM8T_<81YW4(Osk`BI`b*6jwtCojcN0fL1Y82F_wFNl>hR^Q z&-*uhy ze?2(Ac0eEaqI=JTF@Kr2NM2uT1?FzL zHE-mRK60Fm5t)?{kUbS|9UJg_BT!-5_9sP;C7!PhnfFI8dQI+`C zyKYwJRiV*QVCm*o_MUtm$wrUvHpyHl70~0^zDG#d-U&?dn>jMUc9wSn!mPMOLoxvSBtMl< zvNKmwYpIqMYh&-nE%S8#Ch-Vf)rygyvDO8nTa6g(OcceY${?Z?ZCu-#T+Nor7%F+l zP*1ty{u72?^*h;>grV}BgGrw}MYqB#P=iN7LN>5>V{|fa<<1rICoMm!-}q|fi_i=% zWu`JvjGLIZ96kZZsf{&%^_|OGrYDQYS6Cd_05?BcRzO- zgITue21!nScDqCXgjpPabBA}$fg1E=1(ATXp zh2~z4@Jb={3iw)x{xYSGJ@a~fyGeX$v8`uvvowwLCe3w8R_$q1@ggWtUa342EmkC4 zke9#Xm~I*bSVqqAg<#CTV#H?PPyOsVc~d0PW{tKni>v67VVs}D4kChz(Pd^A@aUow zon+6+DL-Xv2X+B*$EMDkP`n_07K!xR%zJxG&m2tkkzQTj*+eQ#1-K4MtYPD~f{dGS zcrrF29lISF2GcjU89ZDpZa8AdSli_eO0zSSMelf5 z=zeDp9u}W|gY$edoGRK0O7##nnEpffEuT5{vF0x>7FX*f@0x*Kx#l}mt&pIgf(7S? z-i-OKuz#p`eMuBaRN9W^0OOOOVRF~;myt}K>@!|o-h#f~b(hWG6PE}bczLL16)paY z_jBJvd%uxizwVcYI1~Axy1p+CX#CmQ#80$`F=<}AGh&T`H-ugIt zw>xSAa2}aD5VeK_F{J<9SNF~;1a|2WL+sav0rTrfDtUuYGR=|Pp9UuGPory#Bp7qc zR1;HmYb8gUnyxI$Jll6lFZG9Rih>b7VCV6~J-r7I!8dOlk$Fb`1aHu9b#S1_gQ5v$ zTq*&ItqxpF>i1M-KYPy^-<*trw3gBU@4Yl0Z|XVzwK3fq|7tAA@vqwhU90=x;`cS9 z`9z2+)R4A`^q2KTmGtXnOt86~MB(hp9Hm=g{V4;UdM~-^s#-`m^UoO$`7IzRR{N|h zDfLP@5o_>Vs>2$$UR$=q2S`%8-F(4p?%NlaHCCb`GgFxunEL>qek=0iEVgcmuJMs3 zuI1$|Y>wV7BV(%&7L@?>!{*q8@j!6#3hW<}b-G5X#OBjP_fEQQt$;!kKxT_nhhkR3 z_|7-lI2c~di5~q^*lSM7jb7gt1DvMJvw}P6ist(vjc{|8XEmIce!Z}B>f}j#wB%hm zB=Nx?@3L$Ui6}QApadO9+?fY(+XQ)|$!5T~tkS}_{UFs0&JVNhOHD}8@uGs1@Xo63 zQ=>^AX^`W?T+Bo?JFKm%Pe!JuDfyQDo?YD7zu(51Vm=P)1X%7p%f7C72@7$5sZQO} zrTV=&-p7w9SM5L`305o7xZ7N6U+V5BYFg!7L@Bj*0*$B<$gKi;mnAHMlxIurMKYwH z`ncl;ORb-d<5IxPOx!jT1iWiYC1Ap(L{INj9Tgz$f|Ygk3osaVN>fAW8^9S%e~%=2EGo!Uu}!LN$-fV$i9@V3Y-_Gj!fJ5add2Pcm`KOnu{M zKVEmVp*BL0KUz1Y$ zgJ#gf)0;|l0IfQD{$PW-$lr(g;gb)WPWz9>g?rCAVI4|N)DaSfx;}KRhPn5QfFI4M zxkX&wHt8u1vD*H^i#R@ZSlr7AF?=wBD--l9AsH4N6A+xTy>1rq*V-L>VJSqdh;S-kOV=m^7{!tMis!ss%G}07JDW zy>6opqu_6rOTTF*l_DkG4wsG}S>SlMXeoQ5K~6;W**+aUWmHL;$oSU_Xb=No(gz)$ z3xA!m9ab1)TfZF2R^fas8X2LF(DXBEN-|P^KKp(CH4rkeUTL@WE8*oGIuP*GKuxpe z72DEfs{dsD2Et-{5{{Lr6%a(!FKfV0SJ|Y52=IQU*b3nDE-V{Y#D?q)?dRRjgk)%x zsbsE}Etd&DG|y)Sm0e{}j&;ebutX1J6dX96?d@jmcU%ZB(5PMOBOHYFuBuxX?unYs z7To^HY$_Z-nS4IHqK;#Z;M?J65|e6mp=_=}Mf$a}ykgSAj`iNl$$sNkMEXau^5w8l4Km&E#PC9fFg2-(vLnrnwjf}*MYt2+|OYL|y0&%NwW2)%;YIW)gM@T+T;t5tG|pXd9Rts?zBK)@osHXoEODNRbz*Gql5ld_(4 zWPo+#@Pvb=AGyUQ@Ny2N-qKgHA|PlIgsL%LLsg5#6YA=92%o`Mf&dPA&HFyGtcn(k zp`<4`uqm?Pu0=5$UWF~ZDvPE^#($Tt`%ec-Ex*B){(6_!l3#&238x@z!F_mL$I>Ej zxmuaZmpCOJ6`YS!)=(SCoV2PpnSk*3TO?zQxc>Ti-Xhft_$%uNTh3&W>~*XiElhW# zHzTw}$rsiS^P>hGm}}e%3kuLPXsMTQWZG?sSk?hJU>X@ui{@)lBavi-n z^tk?;L}yZl^1ck^H6>fmD}_~vu}EN%XI>%g{T%Bwfc2qglEA{yUDIBdU57J!o1dD+#p z?WBn$8Xbw)Y5K5}(ZpmqVE8O=Q3rdtm>+kwT}AN7@*dDQgz0dE^s|(7zbjzH#;a8S$V-KriDxtnykSb|NG)qj=LnyBbCDk(R)(xn z=ZMIu*N4qeYpt&Hk)Cx_3#`TTy}+MPlE}pS87%^i!OplqXQ1Sg>XjFbS#DGs4|Gs=FFl_rB&1T1NocSft>6z>N(|r} zw$Jlq*~D5U1|(T{`C(&hWTw1lMAaiXu|lpCDCie zMgAHitc;N`917vmb_!BV`V6Q{e5Y zB-qA0J%E@gxcD%+W#80eX7U>_+4$sMfXF`f6#v2=Nv3@MEUp5;uE1S-y>9={;PVe8iYCPJWJ1YT1aQ_ep$s8Q z2VwOmvVAp@H|*or6WRrYrLxN|*Kh~?FkzL9IMt`+`sM_$vfvTdWjcpWx?wA>S$NKP6QsNGo;No<=4ZjMZ6i0W3EEF5ud0MkMJ zUt{4IeRfYpr->L%frn1dzExmkiF1so`BHg4(CpX1!2Cc!tKAYhn;j{jqy*ev^DDgWvQkog~fbAkhFN7yCw^`L=Eddt3dqD{VjXwqeN zy7qnC4CMd^x8R8HD`2UtHz=afi;3;RgJiS8`G}TN{@{mtLyU z8|CfapI?W$3**kjPqxK(H8d=kXW|;A4_{=qKV`1vE!A$F{~%K1x%-3S1bM@Cv$2iE zkyGurkHv|mD0t=r2IU0jHx7bA0`vf5dwt#x7s;VwRyU*PYlpK5iRm);-&j&C9R}f&1jLh|( z(yB~Q5$qDQ5Ps_G{Z7F|Y|_8AF<1}w{_KbrJ;6ouqlA!E?F?vZ?~5R=6FWfx_S`*v zescc$=;Zu0#(Vy4&t;jXrYf>;weW_zCR=YeY$_P_4m4$h*$n4Jkl2Js^UjxS{7O9h zG#uW#2>&$6hkwoDRBFbS7k!Jj1Cui@b>SB$bT2(EG!}a!*jCH)!>}rPf(b5o06%tt za8S)jm_K+c!gD*6jbC&-aOy#YU+A;?xOd>c4tUgEeidATSH!vD*1G~Fs(>+Gz%!Boi8%`0Gw~?@hLOH(2#d}4CZ@6*gRT8nIlFnpO+!f1v^Ld zK#kB_n-m2TsNjTk9_t%k?U3Jn^E><1DZP`*Ci|f}PAzWzL4_nu!QhP1k)|$tpgiNp z3C~zyV+UQKI`k7kR-=Qz2vlF`^Gj!c@6iZfeMpyEa=&LpQ{%2b*knxBp27#?2Kj`@ z_$J!gvXQn2EVx}w@8d93a=;oNLAMe~$;oH816#=Cax#d9APa!if1`b0abbAiHlEU) z%M2?tN@j8U^)=@B2IV?EKmO&#cuU_^ak~8;q1INg+!vt&$kX2_f&M<#6{YzD5qO?j z+Qs>6uZd4j7k*ECzPdzq2OUaC3*c_ObbWiWIpQgn5X#J4E@qnyP@J1|m;y6in!m#L z)~16sj+Mw2nF=)-uJ9c(doq0fIsQv>`!ON@&z_c zz*5>%6w6V8#LR;5Rj>3ZQhD#eFd_dhcnFdi&C8Oou|qvQVE%KAb+v*iPIfKq4qU|F z-$#xYI1e8D{*nf|;7d(22+&lqSbIP+h)kC?t^d{&h3hgIk^1p z9Kq6>H?{3ho--}c{PW)eSctaQD%{EZ3=9nt^vZT%PNLID64cOy@zgXur_Ab^=dyu( zMNGYKI6TsCO4JA2Q+b_Hi5m*-k2#1l&r?R~&^N74d;vhwlY=m;b}cg?;OTf8d_>=D znIPMKfjSAt7!L*vpDy;LN&7*e;=;{+h367gHb1hjI~I`)ycUOF^DFtBs{{Rz0D2xF zjgE+fH>Jk)cld!laed_RfLZETUGpoHRt49x$2OqomUsyRBJ90!HDJyWU8|*m)+WJf z5>a59q=RzlL(W(FX*ktfxIN;qG!|6FXMRjo%Or}(FltL81+0jp4i|y2zD2>6tSn#2 z|T%4ImUqp$(M=tXcBM&Cik4#S>v`E^m|V}i8!LnZ1DcX z2^X_y6NZppkQsQ+Ks{s!)^a&J5rDlGJW2WTWfeNL2@uq?Sn1N0hEJU#T1i#QwJ5b$ zRJJG22k7CaUxv?3zaNJR|WYyn|3}zImD(A6bp1orY0d@O+gg4=R^E3NY z%I`hagS`OF%b&FilWddzML@sW@o-$B#`mt(4v_nUt0>dSW+nY?OdW;1;l0)|T7^gx zSuDI-e<$`5$WGV%9{%;tCS1|QOkK|vl^3N}>N>tCjRUReAK-RmezGiEPR}!=r6n{p zfF2r58cEqhm=y1PTk9&IncJLO1GX{(gb1})8F%lA4fa)1n|(x=Yn}{l_QKrzPfX)$ zGW&wd&OK_Nhdi3>I5sV%!L9jeaAMdSQOP~%5m#rl{CtcX(cj;)abDSDf0iX9zwwQ9 zc(XjdlMF?ETEx0096foxa(%RY5pvWf`S1swT#|0%MREX@D7l<71}T0!6CXb=e1;SW z9?Ab40ngP-7L<2;=in;f@T^&Wo*S{Et*d*o2H^ljj`xq?4r<=&+Q1Fv7PzvFy|7=b z>4Mz$>zluLJkrUNIwi~kK5EH^-*LA2UGB6sEJSXXULFrU$NFkuGp@QK5U>djAWHy^ z=mT}y3}d7!F4ys>sa~rpFIQdJ<|NJjR0b9g%h%x`1Im@g8$4OSVqf!*jA-Uvlm)N^ z_OOS=!x$r1na`W_NgkJM9*{!l&wg59Lxl35=`qQ3`hx)=r=8~{%lR+4rMv4?XpT7MVO@E+lT(GOgA{(`N4z}Py*B-;&g3Hw4`Xm2*D$`? zp5m!1(Y(V_I%~;VDw*8np3cf-_Gr4Tj`1g!F4kDKT@is`Wkw&oey*Q>f}*E-@vp(JUDWg@tUrGq^7&Za2s{Ps!a1as zJsH`Y?c(K_6A#!RU?!N-py|G~)mM9#eyM=@lSiM=TYWBC6UeJ{7!XhT)CG+PgQdMD zve}i0vD&_D7a|}I;F}oiiPvWvOB@zZv^VwEElDeYW?cK@Y1r^se#-w_cPwEz@Mk04 zeEY0C7+?hPI)Ku1qk+XFQ2*M&?u!21_%!NuAg8G&>?v*Y*JQ3}dPp#+}iI zBUAP6^X(#!c2Cpq%H+`KoJjfTzA#woNj(A_rn{ubFH$1-9xxEK3`Xt2fEBoT7MD94 zcI3o-N}PaZzNfXjys_?&ZV-&X&H{Crjr^_yb$bu>UQIS?Nc|~Uks_2eJk>~xl^RC~ z66>wc9xnZ!iFpiiFq45a4%a0u>F@&`6*m#@!4x#mW}%wIruLnl(TO%NIvZv-0%F$U zC4;b=nK%N0AWI8*_d=W*`B^K*qb9VSa{4r7X!FIS$>0$*pEaR zMMO;)MA>$0(@gHDQ99heH&IPc{FtY*M#tOJG-h86^6x>V@AF9HQUu}Nbd`Xu zaJUWTPjvsYaPM|?%II5x+2I^K7 zcYV9#;ESkrKN6^Af~!Q3;bdg{(`O1Tx=>>)StyH7IjE6l%xBv!cpGEZ7U~;3=ldNA z<7jcAr@OLvdA^OmAGh2hXfaTOlX;f;U{|RIUT&c@CNg%Jcuu+hF+?CUN*})LZ{9J^ zs?i~mNCR)IF_=+}N;f7l6eyANJTACrdckC_NUVxdna!`E<-8G6V8ePjgBk>18xuWdK$uIQagUpLY;u zz)H;;6p#JQHyqw8z{T%=WfN4XpTSDBi)@kXX%gjj4UL+#G_tyIKF*=A8T@p+GKd-o zkGZB~F)&ZJ>+TgaI`4V*mxJF{k)mYB@j?b+G)DrQ7HAChr{g(1c$;sm$ys!m09VcR zjpoZlzxv|euc%oRDEqA+R?a!ME1w(LHJ?|kW?E?A!DRNGeo2$Y&6{04qk9yLKBP8| zms*ET?GcIG{oJ@q7(ajH=`X4s!P$DDcAf!6U3^n2rMDhA;`D*@I4|boL=^wSgDcq% zp$DGJUSQ*n$vZSzZ-4rU=ZAxg1_n9Tk4`j;E*-jc=h(f+_n#kquo5l9s8rV_&Xu`# z(~U3gQ*;GuZ?~1=b1}c|3x0vJ4MWeRDqFmlMpspF{wm$GgO^{`$ZyL>ALLnDg;39kfTf-9^xD=+2t+n|c0N3Oz$c!IdtES=SsD_zP zZEIZ1o-o69yCU|dBvQ9Tu)roNm0I`lqBls0Qs~pqgs7bB>`Aj@Ovw*pf0dn+qqt=^ zP;8b2ev|nBwD#rkPP*D#}(U6_K0l6KyCNl}gG|B%v^7Y-7vaLd4t?k-f5| zEJ?Ccx2=+)A-ho{W+qvt8TFD_w~M(bIx@JWvD_t z(Fv7W1}Ze92d6AGt}HZs{z(pYg~8GZ&|*zbf6@{R?Qpg2^R0HOfl0gRBZTfU-<0WV zJc@lewjsdJkmNzz7mOW@e5nx!PaE3$iNGpq(5TukGcYJxKe~$Zd;HxY%EoTRT;hst zm7Kx89jVh;_F|{UAAckZ*Cz@yT{MWWHdb@e&IYd@fX$B3AkMbEJusB3+p?Dgez_yj zH$4v`qVs{+*Y^@kmLcsXj*Ry%4*5AdOEdnU6pR&Lf^l!WW4Y5C7H|jnRX9!N>Iku3 z7?esJ5oUhdndK{?tgV^j#kmq&@hP{(IEm5lXm~0~=h%|)aO^GJ?6R_0=S{2^t-6vT z>zFFEQ(3-FFdU$eb-^5F^hUL=Z;iS;jg#Lz0M_cxT5Q>G~y$lgh)9R{pNp~9P z2V$g)1t?G-%LdST1i2~I>*Q;CavB{I5iimH+O>~IFSk8_ZbcnBG`MIT19=-J1m0%v z`N-n~Q=^nvC-2DB_S1=AA5aLwFD)_%>|0*s##Cu~A1`BcpAO2^J_)KnpOSbWa*Vl0C&CWvbU|P1b-vf*suYtD9h@|cyBV*%yzEvNr z@#?O2T(L?GK8xf-CQC|dq?v|mWp;Ad`Cz+c|F#9^h<7b~NvWr@YLWGA-83c5cv=}O zLwR+nVmaI*lpFG4dL5JX^^yl4ua8veu8{`&m9Z7%T)PCX)Sl;S}DLzeo-`y;u;ej zy~`JTJI3j~4gOQH-N~i`5*t`24gq*b7Qq7In%^oLl?|iwa;|r%BHf5OgN$~`ZoiX_ z5*e2t1tw~b#Tf){+1*3c#A$3}KET>t&#)@rk1R}Db=eFoTAA9y> zYd}6q1d|vOv%A+$6fmVgaTH@piGP=N|5=(>Q#_%k-c}di`zpe03txQiOQ@Ve^&7QY zu_6>;Cd`1n?qvRvlhrC7Nlf{)lnfnVrhJQ|Wm>Lg8uVSxW&?)y>R^5}4U46}ypL>Q zx7V4=dAtq5AFk|UzYu5FH7b|M*nBtQX1OE=;X+B-12?n0VKc}2197H% zDfKDbdYz*z*6wA*hnrZv`jh5tkH93X{^rKcfj(^h&8H^KiH$}%O6F}z437=jEWdmW zF*U!8b&QniiI82GpHmT7(>)DGh&#yqZl|hM#)K_BALr=_6}_Fry9%~w4-sd4uM4Q&Spu5!TnH7D zzV)-qn;k!;rKVEB%j#S#A2Y&;*se#>^8MjvXnuBJ$@T$JWK*%)E=uuc-V+~U{Q=opmgE>J}RM9HR?L^v#?R_z*t$L@!tntetXkhFH8`KuW<)FsU*@eknO((<$YYw< zpK4BwrBOnIYjq<_2eo~!xa__DeP~SU!`Ffj+dy+SF0n|qThBVNZ0tdSS=>oNR!Spl z05YU%lb0GGiD+0Zo}*|01}$s-3HXw!I(+FpdA~e0J?N!sh;lH+`boMFOcuEPJojq+ z(Oy`(?Z)`}JoR=4eK`MYf`gt~TWu3-^~Q;3V!+WJuF z-M-$JyUc^O>*bG*6`LRmxewGKY~ zoe*3+!Z5EN9q7ny-Jmc!XD8g4? z-7YK4t5LJI?y0tMPEco8&`DasJ*g&DbA^9@I!f#v{;C3XNOtVl@qJ86<^qiXZ z1#N|FTTWjc>v5ojE1y>sBt24%eZQNSbw(B>x2x&vH-2BQaD5eEA_TSo?F!2^^~1k4 z?XB^aWU^@Vx{v;|oeWiBf6R$aYEJIvgtw$FfB%@cxQyPU9(s-qi#t2B%YqRq%cTkg z*YpTuqd1zS5MqU?txTd>U&b`2)(Dcw_5As3;-JzGTcF`_FA>VVp$m zT|`F=IXaDex$kmUbJvk)JEW)~TDxoe8-obUOaYilvn(d0MBX=0Ir9rqr3KUfo%PyD=D26OilXOGAtS*?hsdtVZ%Jmjt7aYzq}}bhU3)%6BFO@# zHjN}_hXcC=b$ffX71Bq|1sTopi1GER_Ugw)_h@@2$}rqO7Afbs0@Tlu#dA7M+vAyKcwdCp6zAnoq3K?T8j&|

    +lP$<)Do9+7vlKrW7X8AW?`F@$_RJ^J|*UjD0%oAGA^}NEt`#TZv0x zlc4WpusL_to%31_c7MFSw6xBEcvsOuTH5|%Pc?x;@Hn<1i8<#v>to+?MD4S9K@0*q zeF-m_=N(+hknXPL_=*d-{ZhbM%jhK|o|*0bDP-=?N`uKDGU3?SzMaG%!I#m|n?05e zhpGDyzg>~*ojKj`?93p-GQhgQoMWhht8~CD0}I>*s-NF+HzY>T;(Mn`8It>_rLMd8?i+H8<4jk6v3XY|>%c zv4J1(Smo7AFQKA#uP*OO?+0#milKc`Weu&V>9kyf+O^g%{EKl3w}Ga#l9E_fBO`@3 z(E`HYe_SASKTBNJ*i~y&q-7h-icQ*1T32;?45rj`7)t^P3bNRzn`td^vs z>7g*wU06tUI%H1VbB@G60)asm_qL+Xw&ISF+fo#dCKUq&>^rKwGQq10A;j3Dq#;GE z-O&FDcGccjz25$fKOhEiyNIK0cDcnCIW|+}ifF-HVa8_?r@5!l$?iR2?B~Nl>}L8) z$1z)%%x+JPAG2Yb$I2!Z3V1hB-ThYn{*&L|1!=8BC1*r0iR4L6s8Oqywl}L(0t!E! zkYxK%_ECCV9sK1eXr0@Z-4sXE#c7n!xzuSI7>HOXiLUbmNLbf!G-}k#Q#|WJ#5;QO z1W-wg+~u4{Nn52h@NA}o(U^P(_)U(LYoBICM@OGUo>5b}uu~68e4$)6S>-hVCK0;5 zUGGzE!gmSlN~7dM`>HJ0=df&mJ){{5X?Flk^pXS|&Ee_oGPBPXo!QlcgWJo3+PmT< zf(28cNKR{1eWK#b>&n=vwW6x8Xv`&_ho?F9`J?xPFxy?Zb&&7>?0#T31b^miyM~|9(NN!O1Jcf>inI3?*97v&*n$sx*21#XgAwy zy!zQ?4Ql=Bf6=bUlxh!h4JrX)Aj7;c7#^{Cs7b4-w}W>k+5wHi84i)?{j zqGQGntKGMxhh&fmL>XEGE&kJaBWc#(QLTR{xI2&p8eB(MZx76a^#G36$^&ZP@v&^%n^SBE8VHI_wTxtmUhT!P*Fd!_RUX+Y_++zdcPeMlm!y51Gl|1e0$+I zNVck#;6eQ29HLfQXim(8w7+krE{Tk}=v8_Deh>$;9>Iv4Y7R8bK-Ff8baT>>sCeC= zdlg|UC{V;`MUm|OaR;kzZN^C7yfAq;vYKaSxy*(W?)h@=_rn~MYbew=)T)S4Pi&R^ zgU-8n6vw@l6EmBuQO6>_+Ut?$l6B5Ocp+(@oLsJQy><`wukAq=?ar{X_($3+SRDlT zEK#4koXYbo(#Z6+Y+!DA=MHI-wzY*OVQb{wN>{RMg6EU<`D1bw6+GbpO`~sPb#BYrR!nV z8hQCEF_rhicVAm7%abDnup_mEE=_QH(;v60DA42?@~Qppz2dYzdUZgH4KcV=%h;D5 zsiPIE6)4$L+Gfny3*Iw^jy~GgW8yxJ%G8xkyB2x747VEEQKnyv_lMEn4W8+JP!ZVZ ziIYIqsgK<|uQBiKgoz!+3oA|z=$T&s(eG&FHphmoY_w_-Ba%pAy5}K0Bi^H^@#?Gb z7rXV4MQ7nx?Cj)(7~bI0NZJ(~*v{3Ymj{m))C`}oDx+(U}}o5wK(8D=_Gn)>OBpI#b>c^20HSy zUGp)Phx}f+U+;GiM7&sd2u0{sgXF+-BvI*mO3PZEhE8{J>UFwTa~^I#^}sN#PI$_! z(s3o~oX-2bTeh&aDX5Lm#>(>dZ9n(aWS`O+nJYItp`c1;+qN^@Z^JI5qFAIwJODvW zQWj=|$zQiM&wMJocK#z@I(6^|rwTjJZIxTSkH`8Uc*Hh9jlpCqt)|SAvXE~SAk&q$ z7rkasS9`d7AIxON!6g7PvQ?zTAaV)&Ey~ zJF49Z4az$pLY2ap;-a6mj$l;3w1Y>*8sauVDCi*6_x01`$IZyysNGp;L0Yl_$>`BD z1@~$iGNm7J?^$kVdu(}^d&l*>m7H_V5=niD8TM!rVxfEK_ga@e<0sRaCC)&N4d+m& z>g`z<)9FhR$G^y4aXjtC$(PG(iS1U}`vt3qI3EfWG-#2EHRe6CH|BNJILeR1G?f8BhyKu*G}Z#&>o`>a@p@hh0r zH~BUgz2=_v=ajZM)M>7q%jGj{!td*rJofc*vF#i~Hce?_TIHCI#?oprSc#@ne zE2~3Uv_OduqcRqr-_y6xX-R1L`QX{Ty10A2Y0Nl0JUq|mZ!2|o`S|v7ow_>8 zWahD!QXK2lB%RgBs$tZt(aSv`h{#;$D5=zrRjz9PxsvnH{$$$LM8*9#LexE0?L(N# z59g;kh!3E3f}McWORQA9Eq6rOj;a=%WWUrqw-WnfU}ttCcjUH@^~iVb)zHz{8%~uI zPocT{?gB87*ePwXB{()1_elZ~@069pxHvO8l6ivE^|dER$K<+TkJ5SCt(^h`y9PW= zr(Xv1z|G{*?@(TdaAQRpHpOa_m6zeYm--ns)t3f5)u;*Ct&Wexzp?YO8e4>2y}?}( zZBa$jY?7cCs1d2qcAF$jhSjv5$+RdQ9k}Wo=zZARhvfQKiLc6~i0NZW4zt2HZ)ROb zGBav2Fs`U2T>fXTuRVLePHTrrZ)lmK(T@U&{&&)q9aga_2h08*8yQKNQ~8tr(;msJ z-2@b^LA2KXX>0FH&hmkuwEiFg)3B0yt1(*B$qA8-Bx$LVnSEiYHRBJgo2DD97K1L* zGJwf>-5cz%tAFk8r50mZc220gVdwOS>Z{saqaBMS+LP!9ZYg3j_W2X8?!4|gp#o!} z9jop?Q9n2RdG6C(Br*bC*i4r|u# zX?{(^>}}X$G&ga34c6c;OkW63&o(thgqz@-V|d}t#8BC2o~i##zm@m;P1j6fP9_Um zNl}gaJg20n0utKiYVqA++>Osoy|=#1unz5~?Q=XIQyI;NnGW->Esy+Mb!_Y6_yMhWeI9|*OtcgO9AxPJ(wc7RM z>xHDGOpD}z!Kun#fr`P=OCl&|Ez^u&51w>ifz8FOGmloTY@|K*Zf|Up+>>C+z9cda zlprv3ACCp$^k|9XsL4zGjK;pigY}D|^>JJHiPp*dbelfpYuWqdm%Ye&?of z`nbzu4pSe#R@j#m7^8OemYLb%Pj9M2?ML5{RXo^FOxGRDBUS|yyanYGchU$)lFK#J zqWrvB_k|Aasgx%dTyB?LzQV{B79PPkSUy(Q!O;&J57n=!!l~ELhN)+a^r(i@wjP{1 z`%p6BPob8RbImdPSVJvYMsu&nb6G>DPii|!f9%0cC-3WfAp?H7*8_CM1{umosjCtY zNzU2$Xb4qP>e8ax6eLy#-I7MkN?NlNvClYQZo1*`b7?9{p_s@^l{QKe;T@%ZsGUM) zjF8*zT7P%Bwp;j8lY|+`ez-X!x08+=?X9gElhUBEQC9DJ) zfAPHSl{~b|pUN;JNtc{mO1wqXYPBc}t%@m_erx=rTHyoA`N(7wz^r2Zk#k+HUR=E2 zi}Ed>oNmR-iR?o7s!9XJ+2fkG34H^34H6cltNwXNZR$Ef?@g6@Hzm#Uo{gM|KvWe( zO;g5iEbW?m9K=)|2{Ow|w5hZ0y%$M3CgD@XE7{GyeiL$Nui=;m zP|C}@RpW~>VRH2Aei`|5V$y@olsXOjzhK4&#zh*TX~Is1RSWg(Mru?b~UP)^I*PuO2jg3v^e``dClagh`qD^^z=~P>@}I$JBPHJ zNzO%L-|{oecUALDA5Ytsw5aJw43$ylhNcC_htIRem{YJe2JhSD$e~me)df5y~=9j2^h;_uphV zKL+UtoW26M;Qdagdi$l_z)H=qdupVq0vl@1g^?w8$jUm3va*M|6BX(x#JzmFl=6Jk zo9x^w%_NAi-Ww3p$xbrji+3-HJj)6n_2xgjY^)X!P50Bi*Udmd>HRu>feZieMZ08Uq2udAi5VtBMT` zpBhUmY%>$kTXc>&mV#(u+>q3Bqh$VA0lq5!LRgLr0!CnFd=6b>jXVYfY^MvLcB z`kyaxi}Z=RrMh|-iSq|mko!N$B8mtn8yPqsOD2gPU9r_f$#p-foyb2Ih6+w5;&mJu z58nO%@e+s#9l3cC{r=Sd@Df)d2H!*Zr!-Kq9Dj*OX@v3bQaMrRFleD)yMug z{96}z-T8m~dT1EIbc>6+7=Iv-p5dIH<5J=``k*>99Ml5XOgNgHEyP+B8pd&(9|IJX z|Ne${%#Q~g+=ej2|LD?26^6@(njQotz%X7Z^y$P9^|Ae<@lYSk;Sd57gi)~Is!28U z8?5{NgT2M+<5f}+?#*}I%eErh6U%=bt0~A=Iyo7wFY zlGI;%_j)7KB9_`U=(GsmS#4QU;rjQvRd`nle*Gf?a!MdLE40T#vRE#6!tJp-Kf^Q8 ztCef%2#E?x2^$i1PO{)!ciT7!Ayg>C1m~+4smllUji|42!VqLP{i@# zKjcoH#NnTiT1Py-BbsO*At43ShIAR_YSj87(J&(0AcSe*YuTS2GfWz040MY9{g375 zVplrrPg+UpNRa&=saLz+~gAV3iX+Mi%l!x zbUC=NiFFg&Kd<*ViuD%P$Ieaz>`+fmo!3KU+JF!MHIX!6cfVvFyY{MA>;S! z^$AeZ8}Z!d+s8=Ot%u23)U2aJ-id#?rv5!QSl0?_O#go4w^Q`#6uP=}L$MIkD4453 zrr6HuAw-;gE^bZ{=l5A%ay=uZ%8MO$yu6;9BD2^L>@LZtp`uESOy$1N; z%!psCfqbV*J==D^@w)SgpNSzkPfJIbAxF@?cpWlj4hjVs7Dzau3b68*pB25(np^Xq zUc)`U@QH)G_=d8KxMM-o+vZi{Us>N+H_v7Pzl6QejKY7Vy_FYWfezZOpBHF}!JIP) z2HxnrmEymPA{@38K(wrAD^rDv3KDI%2g}!8kWm3WSVKV3x9H!t=dJy}cPHw4)xmC` zl5e6TidDGR$%!)yiIS3BMG37)EOG}27&9hlboZGe$~{SxW?Nc=8Rp5_QM zLRWL|O0DnK#z`S7Fc28ek4Ok7L7N|6xGizAz2)WplMwP35{AFLJ->hDq*Gbph;_u- z?9qE)u9Gq^s9E^5ofVUfUpw!WK$c@?14Dlj_V9tG@Dv-8h^5m8I#KLZLhz9VUkyhK z(iJd{9sDo%A>4`RWIKvG=NICh6@_GEcCz8=HU zS1fxtaP-;-H!8ziHokVY)eZ4U+Nvj>(|x`UL!4N$dgjanQ3n~AA616D?w1ff)M+W% z{Rufi5X9jY!WEov3J1=q4FcK+l!D4GjD-dQhW}aX*Zlu_0T>HpW)N-Q@AC69&N#=6 zC5?^i9lzH3aL||e*mlChe-@uuJIO!ZIy08`{{8#&`wJ8hTn?bPwA(U$@JPtx`>M^&%jW6YdnQ!rC}P1#2S=O z_H4vG8+U!GPSFzO0U_-GC^hFUw~#)>uP>$#k}Q#l!TKQ(^|0XYx!XgvOlr8oCw{M0#9a&L>u<8*a zhARq=3Alls^iF%v{Lyz4$55?CyS8ACkUQra#`B%#zw(=6{vQ->@Y*lc{qOJiO?r-3 zoyaxeJo(P|A3n@M{JwcN@7FxSZ_r$Zm_!(ng(qmZT2C)Cnt}h1adw6@2KE}ki8#i9 z$-XOg7!fZmYPbKir_Y~m;kk?7NclO(5jLS+LZL{e{48zLyx^nJ5$fMUUL#DkNi$9} zRkX|)(I_6Hc{jr99Ar&4Y?2h!4)P3yIrUWJG@b#NR5da(`aD?fOsEP*Cg6(dGvv_* zjlBuJT{iLGCc$09xWmBc*|y2~gXK0gkpJupHH@MPhZw*#)0K~L-EjDiTvJC4tT0+} z;E*`fUD((w2o+UliF@Wm)gZMi8yMJ_Ia3X@`XQX6DzAIZ+OiF?Fry6|>2H#pd#}u| z@A#x1P9^lBb0lovD;4k6CrM4QX$M1M;M+bJ1irL3&%yu!;TvmbKrov`_A_R3|MOf#008shoK_h>V8 f=luEpShR^U(YPaC><4nd`OzcT!&wI}{`J2A))!|j literal 0 HcmV?d00001 diff --git a/plugins/SensitiveContent/js/sensitivecontent.js b/plugins/SensitiveContent/js/sensitivecontent.js new file mode 100644 index 0000000000..3c9d6584fd --- /dev/null +++ b/plugins/SensitiveContent/js/sensitivecontent.js @@ -0,0 +1,228 @@ +window.buildAttachmentHTML = function(attachments){ + var attachmentHTML = ''; + var oembedHTML = ''; + var quotedNotices = []; + var attachmentNum = 0; + var oembedNum = 0; + var urlsToHide = []; + if(typeof attachments != "undefined") { + $.each(attachments, function(){ + + // quoted notices + if(typeof this.quoted_notice != 'undefined') { + + var quotedContent = this.quoted_notice.content; + + // quoted notice's attachments' thumb urls + var quotedAttachmentsHTML = ''; + var quotedAttachmentsHTMLbefore = ''; + var quotedAttachmentsHTMLafter = ''; + if(typeof this.quoted_notice.attachments != 'undefined' && this.quoted_notice.attachments.length > 0) { + quotedAttachmentsHTML += '

    ' + $.each(this.quoted_notice.attachments,function(k,qAttach){ + quotedAttachmentsHTML += '
    '; + // remove attachment string from content + quotedContent = quotedContent.split(window.siteInstanceURL + 'attachment/' + qAttach.attachment_id).join(''); + }); + quotedAttachmentsHTML += '
    '; + + // if there is only one attachment, it goes before, otherwise after + if(this.quoted_notice.attachments.length == 1) { + quotedAttachmentsHTMLbefore = quotedAttachmentsHTML; + } + else { + quotedAttachmentsHTMLafter = quotedAttachmentsHTML; + } + } + + var quotedNoticeHTML = quotedAttachmentsHTMLbefore + '\ +
    \ + ' + this.quoted_notice.fullname + '\ + ' + this.quoted_notice.nickname + '\ +
    \ +
    ' + $.trim(quotedContent) + '
    \ + ' + quotedAttachmentsHTMLafter; + + quotedNotices.push({ + url: this.url, + html: quotedNoticeHTML, + href: window.siteInstanceURL + 'notice/' + this.quoted_notice.id, + class:'quoted-notice' + }); + } + + // if we have Twitter oembed data, we add is as quotes + else if(typeof this.oembed != 'undefined' + && this.oembed !== false + && this.oembed.provider == 'Twitter') { + + var twitterHTML = '
    \ + ' + this.oembed.author_name + '\ + ' + this.oembed.title + '\ +
    \ +
    ' + this.oembed.oembedHTML + '
    \ +
    \ + ' + this.oembed.provider + '\ +
    '; + quotedNotices.push({ + url: this.url, + html: twitterHTML, + href: this.url, + class:'oembed-item' + }); + } + // if we have other oembed data (but not for photos and youtube, we handle those later) + else if(typeof this.oembed != 'undefined' + && this.oembed !== false + && this.oembed.title !== null + && this.oembed.provider != 'YouTube' + && this.oembed.provider != 'Vimeo' + && this.oembed.type != 'photo') { + + var oembedImage = ''; + // only local images + if(typeof this.thumb_url != 'undefined' + && this.thumb_url !== null + && isLocalURL(this.thumb_url)) { + oembedImage = '
    '; + } + + var oembedBody = ''; + + // don't add body if html it's too similar (80%) to the title (wordpress does this..) + if(this.oembed.oembedHTML !== null + && this.oembed.oembedHTML.length > 0) { + if(this.oembed.oembedHTML.length > 200) { + this.oembed.oembedHTML = this.oembed.oembedHTML.substring(0,200) + '…'; + } + if(stringSimilarity(this.oembed.oembedHTML,this.oembed.title.substring(0,200)) < 80) { + oembedBody = this.oembed.oembedHTML; + } + } + + if(this.oembed.provider === null) { + var oembedProvider = this.url; + var oembedProviderURL = ''; + } + else { + var oembedProvider = this.oembed.provider; + var oembedProviderURL = removeProtocolFromUrl(this.oembed.provider_url); + // remove trailing / + if(oembedProviderURL.slice(-1) == '/') { + oembedProviderURL = oembedProviderURL.slice(0,-1); + } + } + + // If the oembed data is generated by Qvitter, we know a better way of showing the title + var oembedTitle = this.oembed.title; + var oembedTitleHTML = '' + oembedTitle + ''; + if(oembedTitle.slice(-10) == ' (Qvitter)') { + var oembedTimePosted = parseTwitterLongDate(oembedTitle.slice(0,-10)); + var oembedGNUsocialUsername = this.oembed.author_name.substring(this.oembed.author_name.lastIndexOf('(')+1,this.oembed.author_name.lastIndexOf(')')); + var oembedGNUsocialFullname = this.oembed.author_name.slice(0,-(oembedGNUsocialUsername.length+3)); + oembedTitleHTML = '' + oembedGNUsocialFullname + '\ + @' + oembedGNUsocialUsername + ''; + } + + + oembedHTML += '\ + ' + oembedImage + '\ +
    \ + ' + oembedTitleHTML + '\ +
    \ +
    ' + oembedBody + '
    \ +
    \ + ' + oembedProvider + '\ + ' + oembedProviderURL + '\ +
    \ +     '; + oembedNum++; + } + // if there's a local thumb_url we assume this is a image or video + else if(typeof this.thumb_url != 'undefined' + && this.thumb_url !== null + && isLocalURL(this.thumb_url)) { + var bigThumbW = 1000; + var bigThumbH = 3000; + if(bigThumbW > window.siteMaxThumbnailSize) { + bigThumbW = window.siteMaxThumbnailSize; + } + if(bigThumbH > window.siteMaxThumbnailSize) { + bigThumbH = window.siteMaxThumbnailSize; + } + + // very long landscape images should not have background-size:cover + var noCoverClass=''; + if(this.width/this.height > 2) { + noCoverClass=' no-cover'; + } + + // play button for videos and animated gifs + var playButtonClass = ''; + if(typeof this.animated != 'undefined' && this.animated === true + || (this.url.indexOf('://www.youtube.com') > -1 || this.url.indexOf('://youtu.be') > -1) + || this.url.indexOf('://vimeo.com') > -1) { + playButtonClass = ' play-button'; + } + + // gif-class + var animatedGifClass = ''; + if(typeof this.animated != 'undefined' && this.animated === true) { + var animatedGifClass = ' animated-gif'; + } + + // animated gifs always get default small non-animated thumbnail + if(this.animated === true) { + var img_url = this.thumb_url; + } + // if no dimensions are set, go with default thumb + else if(this.width === null && this.height === null) { + var img_url = this.thumb_url; + } + // large images get large thumbnail + else if(this.width > 1000) { + var img_url = this.large_thumb_url; + } + // no thumbnails for small local images + else if (this.url.indexOf(window.siteInstanceURL) === 0) { + var img_url = this.url; + } + // small thumbnail for small remote images + else { + var img_url = this.thumb_url; + } + + var urlToHide = window.siteInstanceURL + 'attachment/' + this.id; + + attachmentHTML += ''; + urlsToHide.push(urlToHide); // hide this attachment url from the queet text + attachmentNum++; + } + else if (this.mimetype == 'image/svg+xml') { + var urlToHide = window.siteInstanceURL + 'attachment/' + this.id; + attachmentHTML += ''; + urlsToHide.push(urlToHide); // hide this attachment url from the queet text + attachmentNum++; + } + }); + } + return { html: '
    ' + oembedHTML + '
     
    ' + attachmentHTML + '
    ', + urlsToHide: urlsToHide, + quotedNotices: quotedNotices + }; + } + + +window.sensitiveContentOriginalBuildQueetHtml = window.buildQueetHtml; + +window.buildQueetHtml = function(obj, idInStream, extraClasses, requeeted_by, isConversation) { + //add tags to json if they don't exit + if (obj.tags && obj.tags.length > 0) { + for (var tagI = 0; tagI < obj.tags.length; ++tagI) { + extraClasses += (' data-tag-' + obj.tags[tagI]); + if (window.loggedIn.hide_sensitive && obj.tags[tagI] === 'nsfw') extraClasses += ' sensitive-notice'; + } + } + + return window.sensitiveContentOriginalBuildQueetHtml(obj, idInStream, extraClasses, requeeted_by, isConversation); +} \ No newline at end of file From 25e4b9a35e5b235fab472e86465572d7393a142d Mon Sep 17 00:00:00 2001 From: vinzv Date: Fri, 2 Sep 2016 11:34:50 +0200 Subject: [PATCH 292/415] Add Qvitter and QvitterPlus --- plugins/Qvitter | 1 + plugins/QvitterPlus | 1 + 2 files changed, 2 insertions(+) create mode 160000 plugins/Qvitter create mode 160000 plugins/QvitterPlus diff --git a/plugins/Qvitter b/plugins/Qvitter new file mode 160000 index 0000000000..2be23b4038 --- /dev/null +++ b/plugins/Qvitter @@ -0,0 +1 @@ +Subproject commit 2be23b403879d2f04a00f401ead47f698ddfdff3 diff --git a/plugins/QvitterPlus b/plugins/QvitterPlus new file mode 160000 index 0000000000..0e98b2f2ea --- /dev/null +++ b/plugins/QvitterPlus @@ -0,0 +1 @@ +Subproject commit 0e98b2f2ea5dee9de86cc2a6333ed30b85de5369 From 3e5ae79c5a463857973c29690be115b5d455a3fa Mon Sep 17 00:00:00 2001 From: vinzv Date: Fri, 2 Sep 2016 11:37:53 +0200 Subject: [PATCH 293/415] Added chimo's plugins --- plugins/EmbedNotice | 1 + plugins/Nominatim | 1 + plugins/StaleAccounts | 1 + plugins/Statistics | 1 + 4 files changed, 4 insertions(+) create mode 160000 plugins/EmbedNotice create mode 160000 plugins/Nominatim create mode 160000 plugins/StaleAccounts create mode 160000 plugins/Statistics diff --git a/plugins/EmbedNotice b/plugins/EmbedNotice new file mode 160000 index 0000000000..a01aa570fe --- /dev/null +++ b/plugins/EmbedNotice @@ -0,0 +1 @@ +Subproject commit a01aa570fe3d7dfbcc5fdc5a7421213cdbb0ab40 diff --git a/plugins/Nominatim b/plugins/Nominatim new file mode 160000 index 0000000000..e3ff29f804 --- /dev/null +++ b/plugins/Nominatim @@ -0,0 +1 @@ +Subproject commit e3ff29f80438a58a140bb4cfaa3063b70c98d1c7 diff --git a/plugins/StaleAccounts b/plugins/StaleAccounts new file mode 160000 index 0000000000..5b4df73b6b --- /dev/null +++ b/plugins/StaleAccounts @@ -0,0 +1 @@ +Subproject commit 5b4df73b6bbcff2dbb96dc62933665a395439149 diff --git a/plugins/Statistics b/plugins/Statistics new file mode 160000 index 0000000000..b3e7418802 --- /dev/null +++ b/plugins/Statistics @@ -0,0 +1 @@ +Subproject commit b3e7418802be8c64624f1330b2045542cf03fd36 From 8614cd77ebc7f8e72a805675881de8d6e08a2688 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 22 Oct 2016 19:27:07 +0200 Subject: [PATCH 294/415] A good plugin but not necessary as default. --- lib/default.php | 1 - 1 file changed, 1 deletion(-) diff --git a/lib/default.php b/lib/default.php index 5e711bb87c..5e11496570 100644 --- a/lib/default.php +++ b/lib/default.php @@ -355,7 +355,6 @@ $default = 'OpportunisticQM' => array(), 'OStatus' => array(), 'Poll' => array(), - 'SearchSub' => array(), 'SimpleCaptcha' => array(), 'TagSub' => array(), 'WebFinger' => array(), From 6ebc5f0bff02bb7dc98bb352e10becb6998818af Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 22 Oct 2016 23:08:44 +0200 Subject: [PATCH 295/415] some debugging calls and make sure $hints['feedurl'] gets set with $feeduri in case that variable is used. --- plugins/OStatus/classes/Ostatus_profile.php | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/plugins/OStatus/classes/Ostatus_profile.php b/plugins/OStatus/classes/Ostatus_profile.php index ad23542cfd..cd3f4f6e6c 100644 --- a/plugins/OStatus/classes/Ostatus_profile.php +++ b/plugins/OStatus/classes/Ostatus_profile.php @@ -1116,6 +1116,8 @@ class Ostatus_profile extends Managed_DataObject */ protected static function createActivityObjectProfile(ActivityObject $object, array $hints=array()) { + common_debug('Attempting to create an Ostatus_profile from an ActivityObject with ID: '._ve($object->id)); + $homeuri = $object->id; $discover = false; @@ -1145,12 +1147,12 @@ class Ostatus_profile extends Managed_DataObject } } - if (array_key_exists('feedurl', $hints)) { - $feeduri = $hints['feedurl']; - } else { + if (!array_key_exists('feedurl', $hints)) { $discover = new FeedDiscovery(); - $feeduri = $discover->discoverFromURL($homeuri); + $hints['feedurl'] = $discover->discoverFromURL($homeuri); + common_debug(__METHOD__.' did not have a "feedurl" hint, FeedDiscovery found '._ve($hints['feedurl'])); } + $feeduri = $hints['feedurl']; if (array_key_exists('salmon', $hints)) { $salmonuri = $hints['salmon']; @@ -1287,6 +1289,8 @@ class Ostatus_profile extends Managed_DataObject throw new AuthorizationException('Trying to update profile from ActivityObject with different URI.'); } + common_debug('Updating Ostatus_profile with URI '._ve($this->getUri()).' from ActivityObject'); + if ($this->isGroup()) { $group = $this->localGroup(); self::updateGroup($group, $object, $hints); From 6bfc97c95da5180b4f21751745928c08e7a661d7 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 22 Oct 2016 23:24:13 +0200 Subject: [PATCH 296/415] Less spammy logs --- plugins/OStatus/classes/Ostatus_profile.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/plugins/OStatus/classes/Ostatus_profile.php b/plugins/OStatus/classes/Ostatus_profile.php index cd3f4f6e6c..2724aaedc0 100644 --- a/plugins/OStatus/classes/Ostatus_profile.php +++ b/plugins/OStatus/classes/Ostatus_profile.php @@ -1372,7 +1372,8 @@ class Ostatus_profile extends Managed_DataObject // @todo tags from categories if ($profile->id) { - common_log(LOG_DEBUG, "Updating OStatus profile $profile->id from remote info $object->id: " . var_export($object, true) . var_export($hints, true)); + //common_debug('Updating OStatus profile '._ve($profile->getID().' from remote info '._ve($object->id).': ' . _ve($object) . _ve($hints)); + common_debug('Updating OStatus profile '._ve($profile->getID()).' from remote info '._ve($object->id).' gathered from hints: '._ve($hints)); $profile->update($orig); } } @@ -1396,7 +1397,8 @@ class Ostatus_profile extends Managed_DataObject $group->homepage = self::getActivityObjectHomepage($object, $hints); if ($group->id) { // If no id, we haven't called insert() yet, so don't run update() - common_log(LOG_DEBUG, "Updating OStatus group $group->id from remote info $object->id: " . var_export($object, true) . var_export($hints, true)); + //common_debug('Updating OStatus group '._ve($group->getID().' from remote info '._ve($object->id).': ' . _ve($object) . _ve($hints)); + common_debug('Updating OStatus group '._ve($group->getID()).' from remote info '._ve($object->id).' gathered from hints: '._ve($hints)); $group->update($orig); } } @@ -1417,7 +1419,8 @@ class Ostatus_profile extends Managed_DataObject $tag->tagger = $tagger->profile_id; if ($tag->id) { - common_log(LOG_DEBUG, "Updating OStatus peopletag $tag->id from remote info $object->id: " . var_export($object, true) . var_export($hints, true)); + //common_debug('Updating OStatus peopletag '._ve($tag->getID().' from remote info '._ve($object->id).': ' . _ve($object) . _ve($hints)); + common_debug('Updating OStatus peopletag '._ve($tag->getID()).' from remote info '._ve($object->id).' gathered from hints: '._ve($hints)); $tag->update($orig); } } From c5a49211767e9528faf15397410c60c3fdce5b6d Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 23 Oct 2016 12:14:02 +0200 Subject: [PATCH 297/415] log with var_export (our shorthand _ve()) --- lib/dbqueuemanager.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/dbqueuemanager.php b/lib/dbqueuemanager.php index 6a2952c28f..0fc7305c0a 100644 --- a/lib/dbqueuemanager.php +++ b/lib/dbqueuemanager.php @@ -81,13 +81,13 @@ class DBQueueManager extends QueueManager try { $item = $this->decode($qi->frame); } catch (Exception $e) { - $this->_log(LOG_INFO, "[{$qi->transport}] Discarding: ".$e->getMessage()); + $this->_log(LOG_INFO, "[{$qi->transport}] Discarding: "._ve($e->getMessage())); $this->_done($qi); return true; } $rep = $this->logrep($item); - $this->_log(LOG_DEBUG, "Got {$rep} for transport {$qi->transport}"); + $this->_log(LOG_DEBUG, 'Got '._ve($rep).' for transport '._ve($qi->transport)); try { $handler = $this->getHandler($qi->transport); From 099dafc4c225527c28b5fb15b88d1154a44ab6f0 Mon Sep 17 00:00:00 2001 From: Bhuvan Krishna Date: Thu, 17 Nov 2016 18:02:11 +0530 Subject: [PATCH 298/415] Fix paths for Genericons font Fix incorrect paths for Genericons font files. Remove embedded woff in favor of file on disk. This make it easier when packaging for distributions if the distribution wants to package Genericons package separately. --- theme/neo-quitter/css/display.css | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/theme/neo-quitter/css/display.css b/theme/neo-quitter/css/display.css index 0500395514..21999f9cbc 100644 --- a/theme/neo-quitter/css/display.css +++ b/theme/neo-quitter/css/display.css @@ -10,14 +10,14 @@ /* genericons */ @font-face { font-family: 'Genericons'; - src: url('Genericons.eot'); + src: url('genericons/Genericons.eot'); } @font-face { font-family: 'Genericons'; - src: url(data:application/font-woff;charset=utf-8;base64,d09GRgABAAAAADgYAA0AAAAAWDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAA3/AAAABoAAAAcbOWpBk9TLzIAAAGUAAAARQAAAGBVb3cYY21hcAAAAngAAACUAAABqq7WqvhjdnQgAAADDAAAAAQAAAAEAEQFEWdhc3AAADf0AAAACAAAAAj//wADZ2x5ZgAABEAAADAqAABJ0A3bTddoZWFkAAABMAAAACkAAAA2B8ZTM2hoZWEAAAFcAAAAGAAAACQQuQgFaG10eAAAAdwAAACZAAABNGKqU2Vsb2NhAAADEAAAAS4AAAEuB9f1Nm1heHAAAAF0AAAAIAAAACAA6AEZbmFtZQAANGwAAAFRAAAChXCWuFJwb3N0AAA1wAAAAjEAAAXmlxz2knjaY2BkYGAA4rplZ/Tj+W2+MnBzMIDAhRBmaWSag4EDQjGBKADj7gZyAAAAeNpjYGRg4GAAgh1gEsRmZEAFLAAWNADXAAEAAACWAOgAEAAAAAAAAgAAAAEAAQAAAEAALgAAAAB42mNg4WBg/MLAysDAasw6k4GBUQ5CM19nSGMSYmBgYmDjZIADAQSTISDNNYXhwEeGr+IcIO4ODogwI5ISBQZGAOtvCU0AAAB42kVPuxXCQAyTL+GRmmVoKdgA6FNRMoObdAyRnj3o6NkGLOl4+N75I381AUeUTPoNASSyoWVUBMYUYkmt/KOQVdG79IceFtwj8QpN4JxI+vL4LrYUTlL294GNerLNcGfiRMu6gfhOGMbSzTOz30lv9SbvMoe+TRfHFld08b4wQ/Mhk6ocD8rtKzrHrV/49A34cy/9BURAKJ4AAAB42t2NPw8BQRTEZ+/E2Xi7NlHIJsI1hGgodVqdVqfVqZRqH8QXvL25eq0/USh8AL/kzWReJhkAOV43hMKDW0rqmVu4Jh/BpY+tdNDBh2ndoabnnGtuueeR52YQI1AhILhQ1iDoWHLJDXc88NQgxl5ujS2sMjNZyUImMhYvfTFSdC/v3R+oNj4llSXJvgv4e+6zoCcQAEQFEQAAACwALAAsAFoAhADMAPIBAAEcAUYBlAHOAggCsgNMA6QD4AQSBMIFXAWoBgQGdgcIByoHageOB8gIJgkeCn4LOgvIDH4Myg2YDeoOLA5oDtIO9A8QDy4PeA+aD+AQNhCgEN4RFBFSEZwR9hJgEoISpBLuEwwTKBNEE3ITihPOFAYUWBSYFMgU3BT4FT4VTBViFaAVzhY6FmYWlhaoFsIW2hbuFwQXEhcgFzYXlBfEGAIYNhh4GLIY2hj8GSoZhBnAGfAaBhoUGioaQBpOGn4awBr4GyobgBuWG6wb3hwCHCwccByqHOgdFh02HWodmh3MHgQeHh5GHowfpB/OH9wf6B/2IAQgWCCOIOYhdiGuIfAiciKOIrQi6CL2IyojRCN2I5QjviQIJJAkxCToAAB42oV8CWBU1dX/PW+dyT57Mkkms2RmAkkmyazZCEPYE3ZCWALKJkhYI7IorT4XFERwQdEiAtaK1l0roMUln3WtSktBPltrP7CLyx9b21o/hczlf+59MyGA+jF579333n3vbuf+zu+cex5EICMIERbK04hIVBJ6BkhN87OqRL4IP6PIf2x+VhQwSZ4R2WWZXX5WVaCv+Vlg1yMmj8nvMXlGCG5aDvfSy+Vppx8bIb1HCFEEIhCFyBp/bzbJJxbiIAQ8No9s88TkmMcGuPkxbcKjQCTSRwQtpYkESErDFDmLj8pa+t9Zwg8UNyIA5lHxh++1YFluyVwgSO5yocBMwvFowKtYxRr4Kcw7fJjuoZfQPYcPw1vHduw4tkMl567MYzn6Du9gNwgWr4GmaoqGr3WQYjIY6yqz5lk8JNwiREOCN0+wukC0yTESdoHNmif4vCGIxmVNIN9iY/FAHzqwb/3o0ev36YezZ4nw8ye3d0amrRs2fXtnJzamTxM1DcgZrT8TO4jfzk3upb2d26cPWzct0rn9ye2sPgIxDOw/7DuTB7BKbGM/Cd/Vp/UREXsFMAWajHuBAJ5Tvmcb9g+wawprm0CIUcC+1s7gWQp/eI8/h32ZixmtimqSTSGIReNuu6zd1nOW9Nx2ElpOytqG1ytSn2rCvRWvb9hz8iQfA3xKYWPAxhXrY80Dnykcj8G5pAdwTDef2tK9Q8gkKNaajfOWU5uB7OgekCQCqyevSxGJsnG120xYo1g8ZmKDiicOG9bNFHVg/+MddwDTLZCwsVv2MMsWFA9B1qHuzmTP7p5kZ3dvZ/ch+vWhus4GfkElhzZSbd7uwD2NHaBN7OmZSLWOxnsCu+eBtvEEHqi28dChjaAl10wvwjyU5wHMw3qO9KqsbgXEh+0N87pVggk8CQ9rtH7BhyPk87J6xSOK1r1jR7dGk3S/Blv2nKT8HE+TPKFgk9klmoRe7eQeQTt3uqMbMEVEyIybjKW6mASw8sDFxikYj0WDmCzAZIsQiwaCLDcfe03Kjzc1xWe1t0PBjAULZnTVtPonjpbx9hnchIL4rbtujc1q7+7G+zM/p32fz+yq6blx1OWHRmMR2M6oASWPrOMzyyWYbVZBkVQlgELBimlRsOAWIRAMQZ6gBoKKGhLzIQ9wcjgUm9UlOxQ1TwhBMCQFB+N1u8MlOVxKwmq32qxKMFAewNqaWwRxDdgh68RLN7YteYHSe30+CLpiMxeMH1tbskQxGvMtUl64eUHiqptvvioxf2goK6sg32CUlpTUjpkwf2YsmmsPjR46yikYS73xUimnyGhyisZSpzcXFIc7MWp+M/h899DUC0vabnzphIGwPf16y8P0rTOvhFV3ofSrKcPnOhVLeXjC/E1T916RXzHm0joQZXOd3wvg9deZFEGomNSQKMlevWfK5vkTwn6zEurKypMLYtVSrq+4UFCznWZQCl31Hil3kGtwXpapfGJdVqFbibx8Bhoe3sIbh53IgIoQ3qcGYiKliC1hkiSTCPGHE4KoENXuj5sT5bILzIgrZkecJALBHGDd6xIccckhAMtUnhAsXsVnt7RIiUAVuCWCsEcQ9wgDPonsP+R56k90U/cH4phd7xbSU/RYXmPX6fuvXPZjePyTgiT9G+2Rl4w+8L/N9tKg8iiMu9p5pvFV+s+aV+GrW7Y+4dbci36t7B2/Zcmga+hBehXsgg1g+dnP6Bd0I12I2xc/+xlYtElQBTe20SNv9u5dBh29oVDxvfTXwubkw/Q369+D+PharTMMHzRc2u0qjXTkeJRiKIV/T6OHjtvHhMAJ8YJ9dJ/Q6G5pLb/mTu2Cl2OBvFDWXYB4XIV4/BFpwBNFtSPgSpLP7bdHwjjlUbwwgYchKF8MrxJ2yYES2iJEwnZHPJEHalzV2pcL1bO0p39L6TZ6mJ6tqpr24B1D173k87vraq99ZMKM9hnhW+CWj7MaF2xqn7Al8uNl1o6GFUrtqgnFtiXH3jt0/+phD8mBUXXitpVqbtE7N8qVYvinlyzofPSd7EGVbZsWNA5JFCWTS7y5en0J6g9VI8F+dPAhSls8Q1BHRByJgA8VSCnCIirN8wCC/g3ycujfKlv3yeOXXHLnjCpKU1XshoqIcIYgdL4JUm9OcwL+lRW/dM2IU7Qv1bCjW8Y7HNuxXPkTLNfN8EFkioGVEW2RsCfKQPTyckVpN4zNp2/Q3j/9yVE95pJr2hLdTqc6Z2FF1GmUvqFH+g6KY6EGhOjc6WPipYoo0r+Z/NVeUTASRJ9M2yyIzB6ykKzg2GA3s0HxeXFGF5jjgJILCoRRdrPBbgFLPNEixqIMCAwIHZGwI1Du80qKGo6E40MhbldURQWLiDgSd9jPXfPjUKti3ByLim2wDMZ9uW3Y6n2vfXr1Afrcl9u2fUn/ePo9eu0oMXDL9ZLwzb9W/Rl8kwSpIM+iOgqt4JDNcp6kChMawbiCfnbfLfTs4THFRf5lPq/NkmetqgX/09d0WPOt1o0TA0t9PrxoqxR88pCvD/5B1fDtzx24+tPX9q0etu1LGMdLT+WdohsWSqX399WEZEV4ODXMI+3t2w05Sk5d3ahIYWhmzCv4De7skvxCW3ZDJyxc1fXgClkQocwrykLfPYIJZqiC1w1ZmYtqReXNO1MN3bD6w8NM1lHXk2t5/+YjykfIUhxJnOhe1cRknGEqWLAbAy3gcIkOuwKsh1CIgngB0VUBNuRIrJhocbFDnA4JQW9IxX5PcNCOJDxehZ1GPCibQrN5rOXgPde86/S4nWWeH79ty6u/enJzz/Qh2TYNclRIPTftpqLGD7Qp4yyjfPFSj1XsRQJ2ls9KprZk2RLtaoNgTqDAnW821LT/YubUvTenHrj2r5N0yRQaYSr89VqxpcHTXA5TpN/uXvLUPFFIdt8+aW9vKubxCPZFk6ZdLkBhbm1hRWkwKBcASRfRh8+X2Mcuumx2fWlWaUGJtdBmjI5uuvX5Vc/Xbps/dRibG1w3IrAqLyE/MpM6nR0FmeplooaqCCkIXoqyaQcqEgSPOeixtSh4T7AJc+gBaHtImHzZ4qmJjiqo6pQL6MHJnZWjB+dm04OSBGOzbW5PTaS1fMrmxQ1AxP+5ef7YtnnV4+tqx4fO7BTMS9b5I+7ieOq/xevnbDWV+IqLLdmJpU+s5GOppcfSgnOyeQAapKc940oWpAwh8CGpsdrxAq+moMY89gKbirVOcByzmXSEYCCAlMBBv71hxGSY1Dp8yuRhUtPDm8KT670F9BsAMBiyvA3ekcMykKEPwmkiFvV9Im6c2Ng8fkJT48S+DfDmUweKKoOFqzx09f4DcKjS5hxUemkHnYGd+RgqqsmooyaxGrskfWoHggLO0mAgYQkJvGcZDmN/svlqZlKG9casSMjUPPYXZNlaZKlu7e+f3DY3Wj31qh0HFi54yju2wDvnbrX0p1KefeuiqTMCzXmOqxeueWH+yBve+vGcx25eMTY41ayqolVQffZpaxPl45bd84s/G0hi/qa9++ds+PiVXcub5yTpR/UbtscfuVp42uhZEr310NIpke3/1bDg9ueh7sDlz1zXFpq86qZ7J9093+YszJmYVWgy+u56cdX43fdtXT89rOuUjB5ekOE2BUKegM0MxhMWFzDNwhol6o2yO+wIYZCIB4JpzYKiw5gt0v4Ep1xMtjBfGWAnOQLkQl6T5hx3bWsvGVOydfJVv7l9ctMVu95bvfbI7msmDupebC6RBZMgy3kjRmu9PZc92F0/acclsQ5/Tnada/Tw+KxYgcHYY3HI++mpXQNZDP2cfs3eP3j9AnDG2pceAvHurifuWplMXPKj2+9uu+XoYEOexZDMstpME6+a9+zNk5uX3DZt+zd3x7piNbvWDW6dPuLq9srJFgv1T52/eSI4YO3hfrIikL3CXHWuvBcnVz7n4AXIswvK00fZCjO++oo+8lXqynRC3sv2X6XP8KjrbsK5shdPJBFtBR9qkiAKC9LWBP4sZocZoQ1TeMmsbABrQQ4aZnem7l+2wjt5tvWqjo3XPT3zSF3U2jy2vmeVoWBTcuSNKjHQh2iKDqGDoAxuuwbKOpZdufpeg5X+lj4/kf7z6adn31sKT7A2ZGy5fMSGi+afUVAImjB7+vgeuNWpIAOn/FzAfR9n0gTgA6IpFTiXvbqFg+iKgMtA2YSKCsWGkeCYyRfjjUpIw+HndLqpoLp53KabV8+Zs2zDpZcMb42+0d3eHqo2qRptop/Q6K6qKmf5DPq3uN1eVtbQeN0GYU3Kl0zOmrklowsy+OEg1WTIxfUnbqXA7o4XYI34bHRz/oN1syO4x00ol5WoPkrBam+CcHwghIhl9NWTzJxDM+Hv5s2n6OenNpvp39tjMom1t8e09O58FKHkpP5U30mRjGpEYw3tuKaRKfaItD/zTDufWmcBVFDOkm3kTrKD/ITcTx4gD5FHmGWJTbDVKuzPqtSh/aLUKaqV7RQbAxTsTiUfQPEGobYGAsHaQCygd28gGA3yGRiI4cUodkGsNh6L10VZn8fCCX7Uf0OhNgHxsANq7XW19ojd0f+zsa2W/Vkd1jo7mOSEERx+2ZYAk1/1J4KqEYKyP6aqOOr8n4B/QnqPh1SrqcKUagURUJxFdlWA8/4J0J8Z1bzwMmYXXgYB+t+RfhHgq8D1SWpd6swn4Eq98RDcTT/+RBj92WefQaUgf0I/Fhofkv4lS7RaUAWQ2DOsUIEVmX4Dvh9odXYOHGWvT9dU5PfxAPgQPijBUUkWQAYBT9nGHuMvYPuj2dm0Ot1CUX8jK4NlwydgIn3vlZ0wgz6y85W9f1yRehmir9w3YdeuXZiasfOVB/644nxZtaCee5l8wmQVWWEB2otubua1IClH01FA/eCwSwmcMlw/IKYisA4FhqmYA21CC2eDCiP1iKy10TrGd8rZJf5onIFwCBT9gnAOmJHmBLji4dmYWYBvYzfZOVNKIhquQY7XyJ3wlD2RPhUgXJ7QqRJ7JWK4hGUGA+ZEHK8nFElBuDfbJYkcYCyUkUN6FyOhnI8e3U2PL1++0Gra96P14N4wtn3lu3dNL0+GsEeNIgz72WuLHwTXPLf/cvrh7eLgwZ1brlzbMWvuU9e0Z3d3LKJfLb9ySEuWYefyFf/T1OJoD23cFOu02CIFVbHSqlmBQNRgMBcVVIaLndFqc7FDVirLKmpCY3LRJjTa7CMDgVFWm2w2Fnsr7JVdHq9fFDo3tkam1eTYzJMWra0vHxYxFRvNjg2PdEy/fRrdcAo2LWqavuPt1eNvmOeMj1m9ih58+GH62ei23OkzoPpZk/k++tnba6/7EEI6B9abyShwmg3fY1izcin9/d13nR07Jq/BNmP7u6tGbVoTxrZmCdC+rOnWDZHqa+5OZQ2/qX71YF+Jt/2ap+YKS19pGW9talmy9Efrf+XyTJnT9XF7pNoaHDJ33rTiyjI1O8/hGD1ocIfH4bEIQo7TXNzm97eYkN7WVwpQNrbU5RGg0ufrCFo9TotkLCpzz6wdtjRkyhl5ycpYtKPaYM+rGVKe2NA88apYfs7yB/tu/ubdm25cc+S+pVb38q2T76FPrt+wqtT5P3t2wfKf3Pc7lyTk3PIB/dPuffR3H17fL78G1FQkm3SRK8mtun+SkekYkmlQfZwGodgwz18ZuGR2hjIsMslG6ybBU0osLdcopR6IhlCKOOnkHAJ5khhPcwrGQ60utMviiDIZtqtR+z13FroSbmehu7nK77AUOiyWaZ7yeKk7N7z4jnfWLHx47ZSgoaA0mPBGNtzaNsSSV5yFU1xQwNBomnXP3Nj4sfeDAew5ZeXDWiIWn2XY2urC8mGV3j8f+tmBl5oc4REL6l0tcUu0oCw8tLO2aoakZZi8QKZZSpJDLomEZ7a0Bkrt9praSkt+a4k7UT1kZHD4dT2dYf/QznkxeygSCddY3ZV2VSqyhKqcan52npovIXlJLrlhVMfDyetOz3NFwoMToXJRNucb8wfXTq65du9WcVFTT/TK1bMbLD5HcsWgWZdOG1Hhx7I3Im7E1evIIuxxF07qPDmExqcpz4AzmadcQjyB6tYlYj/HQ4ov6A3kYTZwiWWghiSc/C0i2kLybrVo7MgZI5qceWWVy1auW3X59KTZjGrEYLK6/dHS6IqOkWaLZ8Tw+gKoV6zJoTPGTxlalyWUt0zpmj11mMUiFUSi7aOmjh5TUlwkmpxFRuNJ1dE4qDR7zPCRjzz89E/v3TDbqQ4ScwaHp825YdvB+TM3T01Y5NxcVaH/T1DtDrfL5yrNNgtFrpxcKPRW5pVXi8+m/ibI2ZJsqR6+dOS467vaqrz5BoRYJb+wItJeXT138rjGqpzst43uJSseeuCN2ROuaHILeSVFWYTzr1uxb65EmRxErsPesavc0RxkIiahmmdMVERbmhk5KI7AvICBgT/Mw2xte5qo9N9HosV0rXWATrSmOUz/fVuG3sTVYREYf8P+hVctnzjuig+fR/ptGl7Xtf7uSVvXtY2a//JD21dPraKLmry+IU0dU5Z0utzlbktBNNE1v3Kwp8RRVBP1eYuc9fVTp63atmRZfUMi1jVj4+yWeq+npfXyCdWhQqfDVlJWFff64tHp6w78ZMUqsXXxFQv33zC+MW/Isl0v/GF1x7QrNk66e31XXXtO1dTV2x96ef4c+uuOy2cMaa4IFjsdFqPRnI/vCHnL3e6WkM1eXl4dCtcitXIGB41tm7toRGswUGI1mzyu8NDBVXabxxOrLSxCm659/LiaoaEQtweQ5RGF8dQoYyg4P3XrBvdKJbIuzrlCQiWYuFbiHc88/0hU0IpWNHuwyM629liSsSCaHHbl6FmDtd66FfOSoCKieWaOKjAYYG+sXSLFdeUGT1DfY+7u9oraCkG75IFvNsumak9Jx84p0/b6A+26ifIebFUj6mruLQySWjKUjEG7bDPWMo7V0octikQHxwqwlmmr117OzDOFnfnj3DxR7ajjWJJ7Xqx2CayOOHNFKcSrMJd51GLVfWuAGpvzyIydh/ksCGgOuQXtItYVaPUE/aLdwc5dIL2VP9iV3/nCoc581+D8+tvuoP9oDYWGDQuFWmHE7NbW2a2Cp7JhUHXZ1NSWx8D36KP0o8cepx89+ij4Uh9X1EwrrRrUKFfjQAyt3lcfyrvydfolPU6/fH1NQWll0dqpdVNLDv51tmw226ChcEpd25IlbTUT60R6evyfniqZFo7PjouGfFdlfmdnfqUrvx6UUCsW39qq70OhIWW1gxqCQ1KLu/cvXXagu/vA8QPdwn01JeOGlDcIHaGWUHUy9XSiqzhcd9kLGydO3Pj8ZWjPRob5pq6tDswzwtv27Bx5zKC6JXctqR4faqbX5MytCMVns/nJUFNFqSE+ksDxYA4uZsaLfDlIGIIKRF+K4N3msKmyJ2MzBmOOhH5Tmmz32701ALPvnzNSmx0HtWZEjfzmli1vSfcjLVJn754zZ/dsWHI/XpaOzLb7bSEvLZv1k5mxrh+POHLYU1PjgU82vfTKpqXV1x7p2jVr5s6u39WGjrHrRK8jW5tBuc4n5Rn7gS+Q6f4HtkSGfJetkzkg4UIjIeFQkOln1sbQUPhDoL3bT/9A/+Dvbg/AEtnUMKLBJKt8yeKIvnx2hK1RpPaxDPRD8PMHdkilPl+pRHSf4cvIDVv7168chBhFkzEnYTNCzCHcBj2pL+h2WC5YKKYFCyxP/VPIp9tTX0APvR2u2J36MvXlbrWVvksPQnnqBfDR5+m7EIUx9CP6sLiX/hHGQvTMt/S9xavpq9CyejFvu0DIWWUktt1FRvK2q6KAqpiZRCrkgW6xMWue8Uec32ztKGFGxsiMJZ1VMkuLe2094RaQ35jRaI3OlGXFWlTjOm2QVboub7A721qWX9ZcIZz0yk5LaoWtVP6301pa9pG1WBRcouSy0H8W+3zFMDTbXqCS+fMppS1Wq63CZhYMtKEgV5TVygrZ5qiqKqErf2Evc5v7DIqMclKY58wz7Mq1+rzFwWJPjoXjFFt7YmttA63ZAQtN5HsXltIrSRzrBJRavl7H1pHQmHUg1xEjQi/z7TGLF7OnNE2T0BxGZoQcISNLWLLC2FIO97IZIbPIKuFUSBFKxHe6GaApmEwRtobXzs5JZv2Ky2EZ8ad9xhnrgLmM9ZVVxCY8kywmNB5NYh24QH5x1aoX6Rn6MT3z0sqVL8Fda96/r6vrvvfX7KJf79wJWX+EwV30GZWsfEnPxLKj3YIPvnRmZdfO458f39m1k35N38LsEqGz6H93wST4gy4fWCfC13lNeO5lOGq3iqxXPawzpW6+UqwxL8DJPZLG14fp5yf3MM605yTrk3PtyibFpEr3PSJnjNhwszBnni5W3B5PjxcbKh8rLCKj0jmNmyZgZ7fH+rgFLeI+1etE5h9I4t6paGfYFNK0M5iNZUixvbA/4KSE3YdezHl+XVxkMGnEutSi5a+KjEclLHqJniaoDUfQICqBuh+qqoRlKaFIibrsSV4GYdahw81drd9ZY+lXIBhUrFFxTqgInsEqCW4H2qeHvqvyhOT013VgTEAxykYlaUIdN5zhacQmprdM2pNOR3Az/VBPZ549FyrAasyP39MASvQ87B7faPqY2Qvku5oCMT0ggc+PaTBNvVq9GtvjRoQDB6DB0CJAAtSAN5+vf6qQsIeHIuzCn4SyWamT5U2NQW+OtV745jmhbL+/O7C/0GwufC51Yn8A036hnufy15TmGUORKdKL+1MnnvP79xe1thbuF8owecDf3T83Oc4XkBLsOxVQS7MoiHK3ZEZ2R9BqQQRDDYXYh4aG6d4X0vMH6iFr58q+lesPf3V4PdsBNvgfKzN3cOrseuFeeCd9c/16kvG3p8viLb2gOJIuKg+sdkvMY5NN8I+LykyN6n+nQdDEldR0Ubn023O1MvA+FgfEe5SQCu6L6zfTfrAeotZvZwn/R3UUcm6FI/V/1IvrNwKVBqK8T3KxTqWIbtUstoJBW9AIcayKaATe8UZgnuU4mhpx7kQVOO9C/JThDJUX0q+Q93x1GVXg9GWQA4Mhxw9r6Nbxr3/w2jh6K1wx/vVly16fmCLMbXeSvjqPY6uMT1J50erVi+E0nF68enVfJVwJqydMnTKB3kq34hFe3aM/cFKIcXQ+r84sxsXHZx0Bb5CtJyms7kgrE8xiTUDQ4oBggjUEbYkM3vs5c8QGJXS+KZEiDzynnBQA5vKW3P3zXdsv6Vj2ejus+X3oujPkOo028mbd/b9vp7bwasB73bc9sow3raVn6Mk9yxBy4DlP0Z6Twgm6l7Vp4nbvlAlw5QfwMX8DvMEauDf1Lm/4191LeBNf7Zm7nIMxCAy09DgU7H/mxsP6GQGVUS8kNdpLezVI8h0k5QvONZYnvXbL1wXOf4eB9PWKSa2vt69XE5N8JybVC841lofJqJbWKxbEsxiLHrJVGmJ+fcVNZT3IsAqRSo70O3Mj534y0QFH07GnPQYINEwhOM+mAV/TwUfPofDMCEX7EXTxrzfFTRABj5mN8wYoRd6wgxjZfLXgH8jFoBJafpD6qf8gLRfGPfecdC09kPoMxtHnBAe0geBIfcawRecLGnZtFp/tCLxB5gRHra9pfUQTccIoDDApc7ineqGXJs/xY8YXjNyfYgT8M3kYi0jhT8TfaUzz8KRetmNVJRLvv16lF58zkDzGdIwCm90OHIoaQfWjPGIf9fZpNClqqSfmClNTe7W5ybkajMf0XAVL79OgF1vO7vXN5fdy2a00f8K3syE2ZkKoVOQ5jPYgDCVT/ElWFegdiDc5OLc5g+ZxMJ6oUO4zhVGNOQFPsiBQBT4zM45QzQLR11DazpLDdPdvj8A2mAwlb6w4S2Y/9AX9hO5/ctXeVfgnZ0JRfgvzD4tkxRv0L/QpesWRJ6Edir54aHafxvNx3U5krMdZ9RXsDSeP/3GhPuE2KU7RFmQW/VOzGDwW9d3KvOiVU7891bq42eHwCd9UrrpiVSX9Xz7vfh+lf4sIs0ZpcxK+5LTueun9UWPHjjp9hM8qiLE1ECwvs25iQ2yI6LyGoQLaLglub3IkQ1BD9PUwaLA7WOODakgQOI1SvCwajv66nf7q1ekPbW0EtAoCsS3jWfATbmi+tsOQV6//dCa7Dr6pC77ijZVQlB4/FupoArQm/PEhJ4UytjDz+LGFM9kFKA+X0lree3osG48Rq8xEiOWBl3F6nFZ2Nw8V83n7A8L4XOM0mQeGcQTXWKpn4qRVOG80dmRhYSntaobtVzNsYDFggjaxZ9WkNNl6jTazM4FsZPMC7lCYbOSRQj32EMFTZVgfi5rRhChgxRfYxXKuOWZOokvokkkzd8K+G1988UZ8s0qYNllzFG/APZOOrtkFWSnni2B4kQWqMTyby/BMPsGmEJIJHyQcMucl9IR2Qj4xN0Vgr9aLY4UyaiD9XIoU4WCx8WJHA/mG6BtwRyPTbSmuCgdwBgsZhO8I4qzOY35uhwkHkTWBeUAcHlMZChiP3jCh6MOf/yxon9aM8P/+4ZtPPTZ/vbyp/rJRf05plvfHTFr45Ap2TSnF809DqzaOfIb+o4qetm9+A8Rbd4GdTrj8jUdG4/OW90f98vI1h7eVgoI3aYrZJCK2VdJ4a9i01FhMY7qeDH9YJ7D2cUn0p3OcQfOkD5/rIzyQkCHNVCFpYH2mcjuzjM1yzg/SB3BI6fVLc3q+CPX0P7BdoxZYIz2UTqzqG46CwYbhn7t7enb3yA/QMsq8pHtSJ/Vjyzx2F8WHHuphWc7jJirnswxfeJjewJkp87g8NJXwCO3n5iMicfqqyIPzBk5Gwl7FdUr63RmmnNCZMknjjvmCoz8dWaszZV39yFzxeLgSQrMRybPPxPII+7jyGPgH6cBRFqOaUUM0qZsDfJ/EyrH7OAj8CdAfpPphn06MJU6bmUbS33qGW5QswJcROkbEicps0RJuz+rqMBpvgrQfi/uYuH9ywOKlqh7a2Lq2KvTiFXtOFkqE22U7yjwbD0WqL9twck9LK5+bmgqqnI41tlsZ/w6yiREMRIeylUERablyoL39s7Yj7bSBnoA3oa3ts/ZjbTP2niV75V3tR/EWjKEN4Ga3juFZW2rHXiAMkIHpLpnRKPVc/4t6RWS9Qtyn+Dv57/KTXNcIWHjMAxKBL6hlOkxn4b/05/IT1EItnTBdg+ncD4kT7HeKpj+Dcx7JLZJaiUynP2cRvjB9OrXIT3TSn+OznfAFt+WTCqsHY3RMQQJCRKo3haymV2a6WEBqk+T5GJYkWT6sixGzcS+BkMSfxhQ2JlO9/bERIlaPRbqiBIs8VLmPyyHgDMWq6fdQttkkzdxL8wRZ4+HexCiyymuMlDEJOEMEPaib8/gCdiJrysX2n48EUbJrUOckuCVIMvYe2xIRm2/geWSAPfh950I/mUplUn3ahYn+4PJMdPn3pHjXCNwPwn0ZrM4XrcpnkIXhmKw7ZPhe940wRwnznvXxaxILztHSs13EW2kc4e9n+BW44P0RpnBtvtiAcsQYM4ThXFEae5GWKZCzMuYFzJSJFh4zjM8VvJ+ZuGd1H0LGD85wpljHYqbP5fQRPFZBYQQwBIKIz/AG8UMfDvJNn91xltzx2U0KBw7uCdePqXfupf/5RSn9N+SW/gKyGU0k+rxX0lYcw+c0ADC0GggCLuhHAQmrx8KaAeWGtxYbpwdTK8qhjVUdo0t1UBCwajp2AXPbMD2CB7d74yFHpSuNEeewp7wfe/R6fF/p6ShNkqmDPqznl8zhSIfO7yhT4N9CMF5l5B48E1va8qhcXyMQI0bgpGWR+8z+ZO6I1B9mCQE6S2AjRHHecY8cKvB9/MZ5Pqx8piZKeXAK7nwx/l0AMKjFPGcZy2bDcpWaYrORvZvF1+nzNj3mJj7iTEM0IatNSzOrWyCa4BaLwk2LZEZ0+4gYDof7DjN/FBMlTZfnM1ha4s4EszQFRMs96lx1LqniKyuqX1EtapARxaAlEJSDzH5MBBNyPCEmHIjKCYdod/gdqh3Hmgu3PazObaS/qWm2b3l7qLPl7S22plr6m8ZPDYZPG6Gutsm25e1h1mFv32pvqoU6dplu4vArnLrV3lxzLqf+gtzsJL6huUbP+qn+4lvfwheXcewmF/gYrGjPn/dVCXAnvwpxv5Ux4AQoF35fIoU3n9qyaYNwaEwf4anUyDEXfWySOrzl1OYxqZEbNrGjcGjDRfyh+JxeKc/YFQiobPaz6S7r3CGlHxgLQhgmTGgklB79qj6532E6mM3uc7Ki8yiTzhLZ1Yyql4kO1Yxb93MunpN9laN/mdP/vUcG5/VwKBFvnmbFkwzeD1h/yORFMmRh4ql/Y6OXmOIKov/bFDLg2xQsLf1tigg8eN7wvZhLBmCu7gRPY10adLFzDAiAp/UZi/tvMqDLqypyPGLvV9C6YpjLMdV4XjGe9G9AcUIaXIX+IoFXG6d+pmj+lQ/2v6hliseHsN2s9f3VuFDuLBfKnZRZpIux+N4IMrcL5U5YrKP9Xtqr7b1I4MK8mL52Bi00rcfOK8/x3V9PMc560RdUqYG89YKCzhw+z448r4zId5ehr1zjrHLw5WoGtOxXCpEYj+j6nvLhFX9Hx13P/Wz2TQsripyFRdERxc53TeaRU76vTkJD4+RVyWGXPDe6oKDEV1LsHVxdNazBW2q1VUfT3xnoNq8u1eynotwwRwXH3BPUjcPmhhMX5GUZjSxvCkdeIsxhz/Iy5kPdzJ+R8YMwpmMmdnwigoZBxIJb0Oe3oGUXKWZJhVGNFHt5J3TQ/3e8Ukt93sl9kVrnUDyTeV24H5NnTKf5mo6Kc+db5Sq2ksEs0BbBXgaJFnChtsbKrx/bFLzxhZfHPvDA2Jef31jRPBZF9rKRv3rzvpbBI++9d+TglvveenUk9zMsghPqTsWNM1j/0oz5v0RQLaKDObSDwtLj9AjUHD8iHTl+5MhxqDnT/Q2Qb+SGbcihG7ZBA7y5jb5J39wGb9KyFom0MJuM26dpP1ARW/0xCjFUtGjFXRQQHTsXwK47iRREFZGHgqvnvO4xpt91F63MYYR583CHVPZcDu7T73f6XlyP0h+uh+2Hy0/9XyVr5DvKLPuBMi2o/oPqD5XaB6/Nojv2d/1QySg+r3WxTAxF0zIqox7Dck1GgQUtmIKowpg/zSRwrycDYJGgHtrR9uLCsxyP5STzjtJeLsLsYz16bEfbOKrp5+l4CR3X83iM+MC3yhe8i3zH8+d8DyLrk4wu8vLgKNFnCvMAC44eEhfyUSvb21eOGr2sJdLg8zVEWpaN5leA95SMM49ZpGwT+1MDMI7zo2zmpYE0iPMSWby2J8iX6oF7RhhwSxqbWA31q1JklT9SxMy8FFePUvqThPatiZ6e8lmXhrWB3In7Gi4cUhbg6MbOkT0x/tmiwg3hPr7ffArspzazVVLkHdJ5Y6jpkbWapn/fwHSxPB3bUECcPP7Yw1FSUW08BMXnYa44BqGVUKQnfaiTFn+1cuW8Scvn/eVXdDKQ6xfOrKu7fM32y+a+q2ijRv5k8Y15atFNK+9/Rnh+yOjW0lLaQo+Nn3QbSfvRiZxZH/aJEdWTiFh8CY88Q/tSq6DJCnZA85IbVFxzpn3eGucW2QyDWD9nAkvAFGSBpZxdwP60PkbB7T3LsVLS6UrfO0KyNzUX3ExAjP1x44w3GEkOj9+24Qii7reYPBb24QSTtkEAumdY9RsBTXpNN25A+5aPme5uAd3FrH2rcSKM53KaGFMsPeN4YSMMGmdRGjczmLNNO19Pmsl/na/DHEFFHcrDR4OJGiEfaoShqmMolEGgBvKl4FBwJIJDhUBQdeBfvsgy4SnqugTCM8+YyBfK8BomyiAfEmoZqIl8Q7ASTxwJfKHkUGtkhYWfOmrkoQIS56ECPi2pmFXENzryUeouVJF5opglm1wCeQ2SbUq+r6iwPloRBJBlR64l1x8oHu4szHXIeaUOZ6RQzK0xFNoq8setlqweyWZoHt+sFOSE7O6RrqXz338qUOv21biUkuza9vJEbrDYa/F4jKXZ1vb4YDkvO1TgLMvzObPcTkNhKFinlDbmDwpWocFoAIOcJYPT9aMPNklZ2cPdWWqewZBvzW0OCvmWEXVeo8FjqKktExwl4Ypyk+CRBl+kuP8jKRZk2H0Tfv90VqTIYLGJpXF3QjX78qxOH2Sp/qzmuKwKdl+2scIp2p1Ge/b6dsEkZwnGLF9ps8dmNRlM4L8ZcgwGRTWLDrnINjjfXOINOEzmrITVYs8xFagWi5xvslgLnc3O2opKt6vSaTRPrC1oNWWZchzloQVT76Bnny3PuWVoa31JQaxFzjaquebiItXutch1xoJsydI4bERZl+wwORWuQ/eKbnWulPFBXsTj+/m875c33PDLG0Rx4EE6cQM/DvhLf1PI/C69DNVR5g3kG03sFfv9NXhiYHOFxEwg9iLq9yXZM1KSr2XhdeQa/KqB9CW5HyeZXucSOH9hl/V3DvQBVJBaUq9/C65HLiEn8+jfhKe//jEhY4sPgfSl8vSEl9LEDpGmkX/pfZY0jmK2cGPg6pu6d/B0n74WKbSnA0ZGrfE+yPRGtyb5vGtHMuQLdbY6qH30ju4HvWtG4QU7z7s/Q5iVftvi/P9XIK1LMos7mW/kgejapI8wA15EBU75FZGBBLOccKMkkwLOw/Q0x7cExwCN5OrrIUYRbWIItkh8xdTnDUIsGFDyQWGxXA7d3VgG51w0BD7DAv/t94MfeJSf+Os4tiNODySdXf5x/m5/vqDl+zGV70xqT8cCgZhf1agDaWeuvzsA5aJsGz1l42kaG9feHYc2LenMx8z6U92Y6nImU//Bh/wxQgZ+pzmCjCMdZDZZyNeM0jGBLZBgQYEeU/8VFmPLhnfABf6J4LnRZl4fPGZAvT/y54Kj2j/U7bH0sI9qPIsaL51kqznpJAuiSeli0Jc2084/zNHHnQvCg0iqPkqfj1zrBV977MG0nODpg3tOQkZsUJLoRyf3pNXK6fYBxnB7RnYE7JOTalLp5etpRF+XjxgFEdmugy2PZuas/Kivp1XMFuiqszqTpMf+OppHBuBPX4iSV8dahL4TApceNAenr97GXGLsXPhpegVPgBU4p+7EOeXhay0OHh2QcIHD5ItFYgM62Rax+UwtkOlmmd61mD5IF9IHF9816vXVmpbuO01b/Tr9sd5Nh2c+9ut3Hp3ZtsgC/9EePNcLD2o023KZmEo3WkjLBCETUB50j1cl+57aXAqsrUMgGmRLfOVBpf+COREI+nRvWDQRMPFa4k2X4G4RWFwcOytQ7TY//wSVO8vyBJUvEryX6501PxANXD+Lfr3zJ/Q/M2/AkwUzPXnvsbu9pffj6WWPfwHSF49fhsldJSltZ2rIrH9t6nrijqaKLb/kiwrD2hbTs1v5+5LHH1t3y+Z1jx/Tz7YCLB7bilkmzT0Mgn7tenwVvvJ6/YyePdzVqf1887zlka7krFsmZHxd2oC1bMGTRgtZ0116bN4zniJxxsDGkDIEgH4OwLiNPWLyVgHJQivB6lDtxCG/df99R+gV9Cn6lzdWCKT7pUUQPiRGIpSseANKYDJsO/LF8Zeeof+YwuvwBspCI/9/Nkp53BnnipxEWxMRRWDu1YAQjLjAHZcm7enpmRidGXmh1/rVM2fJM19Zex3vQ/ExUeuZKJCJPZGZUUomFRykXw6iX0LBICg4uPngwXRMs4gtHbimJpP0mtq5b9QdGQ8Od3yaBqbVdJ8M2HMCldkz6vRd1yH9XMZO4P2dnfluTv+xcAGGt8yXzoi1nmL9zb/ZI7xuRraKBqJHFv345xFRifHIBY9E1tKtULUW7ejoOqiiW9ceFZ5Ivf9+6njq+Pup94Un5E/oT35H93z4Icz7nYhmCP1R6ka4ha4VfgQ3Zv5PgUwZmXgITzGgCT/gJUePork/4MH0YtzA+uUPfFrklbzwHUczVbz4ZbSC1Q8Wp2P3uK1mR4ZfyfxPRpQutprNcdrDo82Z3KmBIMIyuwvhhN3BfNYKH9Oz3OzqZoPBE7PGDJp+wx591beP6GeUcWMOZFwtA0n/hyxN18zv0q9TnoYLvz8MoCE/47uiNvkn5QEP/2KAfy4QcTvsCd0cKfcNuByWHHZLmC0k6zf457L9dzLf9w/85EhcYfeYzB/T3//0ydqyImHwjo1gfNN2RemgQRvp/qeferZ+UKnRt/Wen0Kgp0RzBApr7qRXH/77oeLyunJDYM+bv4S564ou/IiJl3JmsbuwsCj75gpj1OExlK3L+2JQaa1j0rS6/CbXoGz/+OEFaBkGChPO6Z0JQ6W3PJxVOXFM3oD+EHnEaBGTaB//Txb4grvoy7ANWwIldJdQsqvvUmUIraYPfP4XSpSFp8/ApZ/B4/LjtBqOsg2OnXmJDmckQ3orNVyceWbH0aMca9L+ovQa8kCLkqlg3ag5L/qSmzNs9vErfP//ATHKtuMAAHjajZA9TgMxEIWfyY9EhBBFDuAKhSKON0m10EUKUgRt+vx4ky3wRruOktByFlpKuAT0nICOO/DWsUBICFhrPd+8Gc+MDeAYDxDYfxe4DSzQwEvgA9TxFriCU3EeuIqG2Aau4UTcB65Tf2amqB7S2/pTJQs08RT4AEd4DVzBFd4DV9EU08A1SHEXuE79EQPkMJjAcZ9DYood9xEy+pa0QcrYkjSkZsmlzbFgXKILBU3bYobjWiFGhysJuclnrkJBT1E11M+AQW4mzszldCdHmbFyk7qlHGbWDbN8YWRXadlaOreKO52EalKqqkiUNY6nL/14hsVTzHyzgqKxJk9nmSVf+/ukWOOGjpmna9rfrhDz/6nqPtJDGxHz2szXpD6LfZs1ll/d6fTakW53ddT/x6hjHywYzvyTa99BeVtOhrHJizSzUutIaa3l3zU/ABw5cLgAAAB42l3SZ5MVVRSF4fuOBEmCiZyDiInb5+zTPYOkgWEIEpUgQUkShpyVoCA5Jy3/LlBz3/ED/WVVdVU/1XvVanW1Bp83rdbRd0Hr/ee/wbdddPEBwxjOCEbyIaMYzRjGMo6PGM8EPuYTPuUzPmcik5jMFKYyjenMYCazmM0c5jKP+SzgCxbyJYv4iq/5hm/5jsW0qUhkgkJNQzc9LOF7lrKM5axgJb2sYjV9rKGftaxjPRv4gY1sYjNb2Mo2fuQntrODneziZ3azh73s4xd+ZT8HOMghDvMbRzjKMY4zwAlOcorTnOEs5zjPBS5yictc4Xf+4CrXuM4N/uQvbnKLv7nNHe5yj/s84CGPeMwTnvKM57zgJa94zT/8O/LymYH+qt02KzOZ2QyzmLXZmN1mz2AmvaSX9JJe0kt6SS/pJb005FV6lV6lV+lVepVepVfpVXqVXtJLekkv6SW9pJc6Xvau7F3Zu7J3Ze/K3pXbQ981Zuc/Qid0Qid0Qid0Qid04n+nc0/YT9hP2E/YT9hP2E/YT9hP2E/YT9hP2E/YT9hP2E/YT9hPJL2kl/SyXtbLelkv62W9rJf1sl7WC73QC73QC73QC73QC73QK3pFr+gVvaJX9Ipe0St6Ra/Wq/VqvVqv1qv1ar1ar9ar9Rq9Rq/Ra/QavUav6XjFnRV3VtxZcWfFnRV3VtpD3zVmt9lj9pqrzNVmn7nG7O+kuyzusrjL4i6LuyzusrjLUjVvAQpVcTgAAAAAAAAB//8AAnjaY2BgYGQAgjO2i86D6AshzNIwGgBAmQUAAAA=) format('woff'), - url('Genericons.ttf') format('truetype'), - url('Genericons.svg#genericonsregular') format('svg'); + src: url('genericons/Genericons.woff') format('woff'), + url('genericons/Genericons.ttf') format('truetype'), + url('genericons/Genericons.svg#genericonsregular') format('svg'); font-weight: normal; font-style: normal; } @@ -25,7 +25,7 @@ @media screen and (-webkit-min-device-pixel-ratio:0) { @font-face { font-family: "Genericons"; - src: url("./Genericons.svg#Genericons") format("svg"); + src: url("genericons/Genericons.svg#Genericons") format("svg"); } } From 8c6c6039a28906bdcbefa86029d6be0b1dc697ae Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Sun, 4 Dec 2016 16:19:59 +0100 Subject: [PATCH 299/415] Test for correct post object in retweets. --- tests/ActivityParseTests.php | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/tests/ActivityParseTests.php b/tests/ActivityParseTests.php index 90d214c54d..566318e9ea 100644 --- a/tests/ActivityParseTests.php +++ b/tests/ActivityParseTests.php @@ -15,6 +15,35 @@ require_once INSTALLDIR . '/lib/common.php'; class ActivityParseTests extends PHPUnit_Framework_TestCase { + + public function testMastodonRetweet() { + global $_mastodon_retweet; + $dom = DOMDocument::loadXML($_mastodon_retweet); + $feed = $dom->documentElement; + $entries = $feed->getElementsByTagName('entry'); + $entry = $entries->item(0); + $act = new Activity($entry, $feed); + $this->assertFalse(empty($act)); + $this->assertFalse(empty($act->objects[0])); + + $object = $act->objects[0]; + $this->assertEquals($object->verb, ActivityVerb::POST); + } + + public function testGSReweet() { + global $_gs_retweet; + $dom = DOMDocument::loadXML($_gs_retweet); + $feed = $dom->documentElement; + $entries = $feed->getElementsByTagName('entry'); + $entry = $entries->item(0); + $act = new Activity($entry, $feed); + $this->assertFalse(empty($act)); + $this->assertFalse(empty($act->objects[0])); + + $object = $act->objects[0]; + $this->assertEquals($object->verb, ActivityVerb::POST); + } + public function testExample1() { global $_example1; From c741d1a52a8256336632d090fa5ffd7d2cf549a9 Mon Sep 17 00:00:00 2001 From: Roger Braun Date: Sun, 4 Dec 2016 16:20:38 +0100 Subject: [PATCH 300/415] Make Mastodon retweets parse correctly. --- lib/activity.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/activity.php b/lib/activity.php index b733ff97aa..578a843c32 100644 --- a/lib/activity.php +++ b/lib/activity.php @@ -180,7 +180,7 @@ class Activity foreach ($objectEls as $objectEl) { // Special case for embedded activities $objectType = ActivityUtils::childContent($objectEl, self::OBJECTTYPE, self::SPEC); - if (!empty($objectType) && $objectType == ActivityObject::ACTIVITY) { + if ((!empty($objectType) && $objectType == ActivityObject::ACTIVITY) || $this->verb == ActivityVerb::SHARE) { $this->objects[] = new Activity($objectEl); } else { $this->objects[] = new ActivityObject($objectEl); From 63322989c275f0310e7f255950c8938fac4f49ef Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 11 Jan 2017 23:30:06 +0100 Subject: [PATCH 302/415] if zip is fine then application/x-bzip2 is too --- lib/default.php | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/default.php b/lib/default.php index 5e11496570..4ebddcae4f 100644 --- a/lib/default.php +++ b/lib/default.php @@ -247,6 +247,7 @@ $default = 'application/vnd.oasis.opendocument.text-web' => 'oth', 'application/pdf' => 'pdf', 'application/zip' => 'zip', + 'application/x-bzip2' => 'bz2', 'application/x-go-sgf' => 'sgf', 'application/xml' => 'xml', 'application/gpx+xml' => 'gpx', From 132b932ff3c613a15695995298f03d5f88ffe069 Mon Sep 17 00:00:00 2001 From: Thomas Karpiniec Date: Sat, 4 Feb 2017 20:04:02 +1100 Subject: [PATCH 303/415] Add support for Atom entry when posting status --- actions/apistatusesupdate.php | 4 +++- lib/router.php | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/actions/apistatusesupdate.php b/actions/apistatusesupdate.php index f2c70f5452..de00325494 100644 --- a/actions/apistatusesupdate.php +++ b/actions/apistatusesupdate.php @@ -46,7 +46,7 @@ /api/statuses/update.:format @par Formats (:format) - xml, json + xml, json, atom @par HTTP Method(s) POST @@ -339,6 +339,8 @@ class ApiStatusesUpdateAction extends ApiAuthAction $this->showSingleXmlStatus($this->notice); } elseif ($this->format == 'json') { $this->show_single_json_status($this->notice); + } elseif ($this->format == 'atom') { + $this->showSingleAtomStatus($this->notice); } } } diff --git a/lib/router.php b/lib/router.php index cd464d841c..ab6595b8f8 100644 --- a/lib/router.php +++ b/lib/router.php @@ -420,7 +420,7 @@ class Router $m->connect('api/statuses/update.:format', array('action' => 'ApiStatusesUpdate', - 'format' => '(xml|json)')); + 'format' => '(xml|json|atom)')); $m->connect('api/statuses/destroy/:id.:format', array('action' => 'ApiStatusesDestroy', From 47cd054976691d2efc32f065152cb1843b7c4f7f Mon Sep 17 00:00:00 2001 From: Thomas Karpiniec Date: Sat, 4 Feb 2017 21:59:30 +1100 Subject: [PATCH 304/415] Use the statusnet namespace for notice_id --- classes/Notice.php | 2 +- plugins/ActivityVerbPost/ActivityVerbPostPlugin.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index d5a0e5f6d2..a4584cfd51 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -2171,7 +2171,7 @@ class Notice extends Managed_DataObject $object->content = $this->getRendered(); $object->link = $this->getUrl(); - $object->extra[] = array('status_net', array('notice_id' => $this->id)); + $object->extra[] = array('statusnet:notice_id', null, $this->id); Event::handle('EndActivityObjectFromNotice', array($this, &$object)); } diff --git a/plugins/ActivityVerbPost/ActivityVerbPostPlugin.php b/plugins/ActivityVerbPost/ActivityVerbPostPlugin.php index a28009e2fc..64ffe57cd4 100644 --- a/plugins/ActivityVerbPost/ActivityVerbPostPlugin.php +++ b/plugins/ActivityVerbPost/ActivityVerbPostPlugin.php @@ -77,7 +77,7 @@ class ActivityVerbPostPlugin extends ActivityVerbHandlerPlugin $object->content = $notice->getRendered(); $object->link = $notice->getUrl(); - $object->extra[] = array('status_net', array('notice_id' => $notice->getID())); + $object->extra[] = array('statusnet:notice_id', null, $notice->getID()); return $object; } From dc7c64592b60db75f0e1762532e53554b894ff90 Mon Sep 17 00:00:00 2001 From: Chimo Date: Thu, 16 Mar 2017 22:57:16 -0400 Subject: [PATCH 305/415] Add var type to newListItem() parameter Fixes some "Declaration of $child::method should be compatible with $parent::method" warnings. --- actions/blockedfromgroup.php | 2 +- actions/groupqueue.php | 2 +- actions/noticesearch.php | 2 +- actions/peopletagged.php | 2 +- actions/peopletagsubscribers.php | 2 +- lib/groupmemberlist.php | 2 +- plugins/ConversationTree/lib/conversationtree.php | 2 +- plugins/Favorite/actions/showfavorites.php | 2 +- plugins/SearchSub/actions/searchsubs.php | 2 +- plugins/TagSub/actions/tagsubs.php | 2 +- plugins/UserFlag/actions/adminprofileflag.php | 2 +- 11 files changed, 11 insertions(+), 11 deletions(-) diff --git a/actions/blockedfromgroup.php b/actions/blockedfromgroup.php index a2e7c5767f..d2873fe467 100644 --- a/actions/blockedfromgroup.php +++ b/actions/blockedfromgroup.php @@ -151,7 +151,7 @@ class GroupBlockList extends ProfileList $this->group = $group; } - function newListItem($profile) + function newListItem(Profile $profile) { return new GroupBlockListItem($profile, $this->group, $this->action); } diff --git a/actions/groupqueue.php b/actions/groupqueue.php index c50eff36f8..98da77e01a 100644 --- a/actions/groupqueue.php +++ b/actions/groupqueue.php @@ -153,7 +153,7 @@ class GroupqueueAction extends GroupAction // @todo FIXME: documentation missing. class GroupQueueList extends GroupMemberList { - function newListItem($profile) + function newListItem(Profile $profile) { return new GroupQueueListItem($profile, $this->group, $this->action); } diff --git a/actions/noticesearch.php b/actions/noticesearch.php index 2886700f6a..0d6fb51fb4 100644 --- a/actions/noticesearch.php +++ b/actions/noticesearch.php @@ -185,7 +185,7 @@ class SearchNoticeList extends NoticeList { $this->terms = $terms; } - function newListItem($notice) + function newListItem(Notice $notice) { return new SearchNoticeListItem($notice, $this->out, $this->terms); } diff --git a/actions/peopletagged.php b/actions/peopletagged.php index 1b0f897c11..db2420a8a3 100644 --- a/actions/peopletagged.php +++ b/actions/peopletagged.php @@ -167,7 +167,7 @@ class PeopletagMemberList extends ProfileList $this->peopletag = $peopletag; } - function newListItem($profile) + function newListItem(Profile $profile) { return new PeopletagMemberListItem($profile, $this->peopletag, $this->action); } diff --git a/actions/peopletagsubscribers.php b/actions/peopletagsubscribers.php index e5be8a3ff4..927cf66e64 100644 --- a/actions/peopletagsubscribers.php +++ b/actions/peopletagsubscribers.php @@ -167,7 +167,7 @@ class PeopletagSubscriberList extends ProfileList $this->peopletag = $peopletag; } - function newListItem($profile) + function newListItem(Profile $profile) { return new PeopletagSubscriberListItem($profile, $this->peopletag, $this->action); } diff --git a/lib/groupmemberlist.php b/lib/groupmemberlist.php index ba608213a4..f055e24731 100644 --- a/lib/groupmemberlist.php +++ b/lib/groupmemberlist.php @@ -12,7 +12,7 @@ class GroupMemberList extends ProfileList $this->group = $group; } - function newListItem($profile) + function newListItem(Profile $profile) { return new GroupMemberListItem($profile, $this->group, $this->action); } diff --git a/plugins/ConversationTree/lib/conversationtree.php b/plugins/ConversationTree/lib/conversationtree.php index 144902fce2..ff39b3e4f4 100644 --- a/plugins/ConversationTree/lib/conversationtree.php +++ b/plugins/ConversationTree/lib/conversationtree.php @@ -140,7 +140,7 @@ class ConversationTree extends NoticeList * * @return NoticeListItem a list item to show */ - function newListItem($notice) + function newListItem(Notice $notice) { return new ConversationTreeItem($notice, $this->out); } diff --git a/plugins/Favorite/actions/showfavorites.php b/plugins/Favorite/actions/showfavorites.php index 08366e4c16..c66c894610 100644 --- a/plugins/Favorite/actions/showfavorites.php +++ b/plugins/Favorite/actions/showfavorites.php @@ -147,7 +147,7 @@ class ShowfavoritesAction extends ShowstreamAction class FavoritesNoticeList extends NoticeList { - function newListItem($notice) + function newListItem(Notice $notice) { return new FavoritesNoticeListItem($notice, $this->out); } diff --git a/plugins/SearchSub/actions/searchsubs.php b/plugins/SearchSub/actions/searchsubs.php index fd89075032..2f9b8db8a7 100644 --- a/plugins/SearchSub/actions/searchsubs.php +++ b/plugins/SearchSub/actions/searchsubs.php @@ -136,7 +136,7 @@ class SearchSubsAction extends GalleryAction class SearchSubscriptionsList extends SubscriptionList { - function newListItem($searchsub) + function newListItem(Profile $searchsub) { return new SearchSubscriptionsListItem($searchsub, $this->owner, $this->action); } diff --git a/plugins/TagSub/actions/tagsubs.php b/plugins/TagSub/actions/tagsubs.php index 1e927b4fd1..2c56296a3e 100644 --- a/plugins/TagSub/actions/tagsubs.php +++ b/plugins/TagSub/actions/tagsubs.php @@ -136,7 +136,7 @@ class TagSubsAction extends GalleryAction class TagSubscriptionsList extends SubscriptionList { - function newListItem($tagsub) + function newListItem(Profile $tagsub) { return new TagSubscriptionsListItem($tagsub, $this->owner, $this->action); } diff --git a/plugins/UserFlag/actions/adminprofileflag.php b/plugins/UserFlag/actions/adminprofileflag.php index a4d97031ac..35ce474ea4 100644 --- a/plugins/UserFlag/actions/adminprofileflag.php +++ b/plugins/UserFlag/actions/adminprofileflag.php @@ -200,7 +200,7 @@ class FlaggedProfileList extends ProfileList * * @return ProfileListItem newly-created item */ - function newListItem($profile) + function newListItem(Profile $profile) { return new FlaggedProfileListItem($this->profile, $this->action); } From b54c7f720c9bdf6582c6ffe163c4ed6b546f73ba Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 2 Apr 2017 11:05:22 +0200 Subject: [PATCH 306/415] add configuration option that was documented in CONFIGURE --- lib/default.php | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/default.php b/lib/default.php index 4ebddcae4f..74ab982958 100644 --- a/lib/default.php +++ b/lib/default.php @@ -36,6 +36,7 @@ $default = 'theme' => 'neo-gnu', 'path' => $_path, 'logfile' => null, + 'logdebug' => false, 'logo' => null, 'ssllogo' => null, 'logperf' => false, // Enable to dump performance counters to syslog From 2ce220149681aed3d3a78f721a70afca89ad5a7b Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 6 Apr 2017 11:45:58 +0200 Subject: [PATCH 307/415] Show full acct uri as html title on link mouseover --- classes/Profile.php | 8 ++++++++ lib/noticelistitem.php | 6 +++--- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/classes/Profile.php b/classes/Profile.php index fb6a621273..9d4328c38d 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -1532,6 +1532,14 @@ class Profile extends Managed_DataObject } return $url; } + public function getHtmlTitle() + { + try { + return $this->getAcctUri(false); + } catch (ProfileNoAcctUriException $e) { + return $this->getNickname(); + } + } public function getNickname() { diff --git a/lib/noticelistitem.php b/lib/noticelistitem.php index 1a629cf372..5468310ea3 100644 --- a/lib/noticelistitem.php +++ b/lib/noticelistitem.php @@ -251,9 +251,9 @@ class NoticeListItem extends Widget function showAuthor() { - $attrs = array('href' => $this->profile->profileurl, + $attrs = array('href' => $this->profile->getUrl(), 'class' => 'h-card', - 'title' => $this->profile->getNickname()); + 'title' => $this->profile->getHtmlTitle()); if(empty($this->repeat)) { $attrs['class'] .= ' p-author'; } if (Event::handle('StartShowNoticeItemAuthor', array($this->profile, $this->out, &$attrs))) { @@ -312,7 +312,7 @@ class NoticeListItem extends Widget $profileurl = common_local_url('userbyid', array('id' => $attn->getID())); } $this->pa[] = array('href' => $profileurl, - 'title' => $attn->getNickname(), + 'title' => $attn->getHtmlTitle(), 'class' => "addressee {$class} p-name u-url", 'text' => $attn->getStreamName()); } From 1b3021d61c92d5f52772f159174f5de1a94c5d18 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 6 Apr 2017 13:23:33 +0200 Subject: [PATCH 308/415] E-mail should contain full acct uri too (FancyName) --- lib/mail.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/mail.php b/lib/mail.php index 428f876383..497637eb44 100644 --- a/lib/mail.php +++ b/lib/mail.php @@ -199,8 +199,7 @@ function mail_subscribe_notify_profile($listenee, $other) $name = $profile->getBestName(); - $long_name = ($other->fullname) ? - ($other->fullname . ' (' . $other->nickname . ')') : $other->nickname; + $long_name = $other->getFancyName(); $recipients = $listenee->email; From 75079320d18d344ac73dea41eb58bc34548b9a01 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 9 Apr 2017 12:13:53 +0200 Subject: [PATCH 309/415] Give remote Atom URL for remote profile view --- actions/showstream.php | 17 +++++++++++++---- classes/Profile.php | 7 +++---- 2 files changed, 16 insertions(+), 8 deletions(-) diff --git a/actions/showstream.php b/actions/showstream.php index 1e70ecd3ac..6fe9451633 100644 --- a/actions/showstream.php +++ b/actions/showstream.php @@ -113,6 +113,18 @@ class ShowstreamAction extends NoticestreamAction $this->target->getNickname(), $this->tag))); } + if (!$this->target->isLocal()) { + // remote profiles at least have Atom, but we can't guarantee anything else + return array( + new Feed(Feed::ATOM, + $this->target->getAtomFeed(), + // TRANS: Title for link to notice feed. + // TRANS: %s is a user nickname. + sprintf(_('Notice feed for %s (Atom)'), + $this->target->getNickname())) + ); + } + return array(new Feed(Feed::JSON, common_local_url('ApiTimelineUser', array( @@ -139,10 +151,7 @@ class ShowstreamAction extends NoticestreamAction sprintf(_('Notice feed for %s (RSS 2.0)'), $this->target->getNickname())), new Feed(Feed::ATOM, - common_local_url('ApiTimelineUser', - array( - 'id' => $this->target->getID(), - 'format' => 'atom')), + $this->target->getAtomFeed(), // TRANS: Title for link to notice feed. // TRANS: %s is a user nickname. sprintf(_('Notice feed for %s (Atom)'), diff --git a/classes/Profile.php b/classes/Profile.php index d076203a8d..ee050dfb4f 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -1618,14 +1618,13 @@ class Profile extends Managed_DataObject return !empty($block); } - function getAtomFeed() + public function getAtomFeed() { $feed = null; if (Event::handle('StartProfileGetAtomFeed', array($this, &$feed))) { - $user = User::getKV('id', $this->id); - if (!empty($user)) { - $feed = common_local_url('ApiTimelineUser', array('id' => $user->id, + if ($this->isLocal()) { + $feed = common_local_url('ApiTimelineUser', array('id' => $this->getID(), 'format' => 'atom')); } Event::handle('EndProfileGetAtomFeed', array($this, $feed)); From 25b4996145890cd56c0f96b2e46df09a0b66086e Mon Sep 17 00:00:00 2001 From: Andrew Engelbrecht Date: Thu, 13 Apr 2017 12:23:12 -0400 Subject: [PATCH 310/415] Fix 'from' address in the XMPP ping command This commit corrects a syntax error that caused the XMPP daemon to reatedly reconnect to the remote server. --- plugins/Xmpp/lib/xmppmanager.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/Xmpp/lib/xmppmanager.php b/plugins/Xmpp/lib/xmppmanager.php index 372824ce54..44e04a4ae7 100644 --- a/plugins/Xmpp/lib/xmppmanager.php +++ b/plugins/Xmpp/lib/xmppmanager.php @@ -183,7 +183,7 @@ class XmppManager extends ImManager } common_log(LOG_DEBUG, "Sending ping #{$this->pingid}"); - $this->conn->send(""); + $this->conn->send(""); $this->lastping = $now; return true; } From 35b0a9e3aea61a51b48c261c9b28f2cb2a64826d Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 16 Apr 2017 11:01:16 +0200 Subject: [PATCH 311/415] Handle normalized acct: URIs in ostatussub Mastodon sent the proper acct: URI and not just 'user@domain' when using the remote subscribe functionality. --- plugins/OStatus/actions/ostatussub.php | 4 ++-- plugins/OStatus/classes/Ostatus_profile.php | 6 ++++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/plugins/OStatus/actions/ostatussub.php b/plugins/OStatus/actions/ostatussub.php index 75c75c54c6..a8039ae565 100644 --- a/plugins/OStatus/actions/ostatussub.php +++ b/plugins/OStatus/actions/ostatussub.php @@ -242,9 +242,9 @@ class OStatusSubAction extends Action function pullRemoteProfile() { $validate = new Validate(); - $this->profile_uri = $this->trimmed('profile'); + $this->profile_uri = Discovery::normalize($this->trimmed('profile')); try { - if ($validate->email($this->profile_uri)) { + if (Discovery::isAcct($this->profile_uri) && $validate->email(mb_substr($this->profile_uri, 5))) { $this->oprofile = Ostatus_profile::ensureWebfinger($this->profile_uri); } else if ($validate->uri($this->profile_uri)) { $this->oprofile = Ostatus_profile::ensureProfileURL($this->profile_uri); diff --git a/plugins/OStatus/classes/Ostatus_profile.php b/plugins/OStatus/classes/Ostatus_profile.php index 2724aaedc0..eb385e09f1 100644 --- a/plugins/OStatus/classes/Ostatus_profile.php +++ b/plugins/OStatus/classes/Ostatus_profile.php @@ -1574,8 +1574,10 @@ class Ostatus_profile extends Managed_DataObject */ public static function ensureWebfinger($addr) { - // First, try the cache + // Normalize $addr, i.e. add 'acct:' if missing + $addr = Discovery::normalize($addr); + // Try the cache $uri = self::cacheGet(sprintf('ostatus_profile:webfinger:%s', $addr)); if ($uri !== false) { @@ -1591,7 +1593,7 @@ class Ostatus_profile extends Managed_DataObject } // Try looking it up - $oprofile = Ostatus_profile::getKV('uri', Discovery::normalize($addr)); + $oprofile = Ostatus_profile::getKV('uri', $addr); if ($oprofile instanceof Ostatus_profile) { self::cacheSet(sprintf('ostatus_profile:webfinger:%s', $addr), $oprofile->getUri()); From 6ca5bb4d41bbdd0d88c37a52726c6b631ce87f66 Mon Sep 17 00:00:00 2001 From: Andrew Engelbrecht Date: Mon, 17 Apr 2017 12:34:25 -0400 Subject: [PATCH 312/415] Added CAS user whitelist feature This feature filters users who may log in via CAS. This is useful when both CAS and password authentication is enabled and there is a mismatch between some GNU social account names and CAS user names. This prevents CAS users from logging in as someone else on GNU social. --- plugins/CasAuthentication/CasAuthenticationPlugin.php | 2 ++ plugins/CasAuthentication/README | 5 +++++ plugins/CasAuthentication/actions/caslogin.php | 5 +++++ 3 files changed, 12 insertions(+) diff --git a/plugins/CasAuthentication/CasAuthenticationPlugin.php b/plugins/CasAuthentication/CasAuthenticationPlugin.php index cf0bf4ac52..02ed4cb166 100644 --- a/plugins/CasAuthentication/CasAuthenticationPlugin.php +++ b/plugins/CasAuthentication/CasAuthenticationPlugin.php @@ -40,6 +40,7 @@ class CasAuthenticationPlugin extends AuthenticationPlugin public $port = 443; public $path = ''; public $takeOverLogin = false; + public $user_whitelist = null; function checkPassword($username, $password) { @@ -145,6 +146,7 @@ class CasAuthenticationPlugin extends AuthenticationPlugin $casSettings['port']=$this->port; $casSettings['path']=$this->path; $casSettings['takeOverLogin']=$this->takeOverLogin; + $casSettings['user_whitelist']=$this->user_whitelist; } function onPluginVersion(array &$versions) diff --git a/plugins/CasAuthentication/README b/plugins/CasAuthentication/README index c17a28e54a..2e770a0867 100644 --- a/plugins/CasAuthentication/README +++ b/plugins/CasAuthentication/README @@ -24,6 +24,11 @@ path (): Path on the server to CAS. Usually blank. takeOverLogin (false): Take over the main login action. If takeOverLogin is set, anytime the standard username/password login form would be shown, a CAS login will be done instead. +user_whitelist (null): Only allow login via CAS for users listed in this + array. This is useful when both CAS and password authentication is enabled + and there is a mismatch between some GNU social account names and CAS user + names. This prevents CAS users from logging in as someone else on GNU + social. When set to null, no CAS logins are filtered by this feature. * required default values are in (parenthesis) diff --git a/plugins/CasAuthentication/actions/caslogin.php b/plugins/CasAuthentication/actions/caslogin.php index 7310072d92..9250b43b7a 100644 --- a/plugins/CasAuthentication/actions/caslogin.php +++ b/plugins/CasAuthentication/actions/caslogin.php @@ -41,6 +41,11 @@ class CasloginAction extends Action $this->serverError(_m('Incorrect username or password.')); } + if ($casSettings['user_whitelist'] != null && !in_array($user->nickname, $casSettings['user_whitelist'])) { + // TRANS: Server error displayed when trying to log in with non-whitelisted user name (when whitelists are enabled.) + $this->serverError(_m('Incorrect username or password.')); + } + // success! if (!common_set_user($user)) { // TRANS: Server error displayed when login fails in CAS authentication plugin. From 548e59fc99b35add7ebd560aec11a4d2c551a15a Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 19 Apr 2017 11:37:43 +0200 Subject: [PATCH 313/415] Empty resource would throw exception The "+ Remote" link on your profile page broke because of exception. --- plugins/OStatus/actions/ostatussub.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/plugins/OStatus/actions/ostatussub.php b/plugins/OStatus/actions/ostatussub.php index a8039ae565..7531bb6886 100644 --- a/plugins/OStatus/actions/ostatussub.php +++ b/plugins/OStatus/actions/ostatussub.php @@ -242,7 +242,11 @@ class OStatusSubAction extends Action function pullRemoteProfile() { $validate = new Validate(); - $this->profile_uri = Discovery::normalize($this->trimmed('profile')); + try { + $this->profile_uri = Discovery::normalize($this->trimmed('profile')); + } catch (Exception $e) { + $this->profile_uri = null; + } try { if (Discovery::isAcct($this->profile_uri) && $validate->email(mb_substr($this->profile_uri, 5))) { $this->oprofile = Ostatus_profile::ensureWebfinger($this->profile_uri); From e87115d46262e6376179e5fe961db23737185b96 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 19 Apr 2017 11:41:34 +0200 Subject: [PATCH 314/415] Less frightening interface on remote subscription Instead of an error message in a red box about being unable to find the profile, you get the title "Remote subscription" and no error message. --- plugins/OStatus/actions/ostatussub.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/plugins/OStatus/actions/ostatussub.php b/plugins/OStatus/actions/ostatussub.php index 7531bb6886..919737ba28 100644 --- a/plugins/OStatus/actions/ostatussub.php +++ b/plugins/OStatus/actions/ostatussub.php @@ -245,8 +245,9 @@ class OStatusSubAction extends Action try { $this->profile_uri = Discovery::normalize($this->trimmed('profile')); } catch (Exception $e) { - $this->profile_uri = null; + return false; } + try { if (Discovery::isAcct($this->profile_uri) && $validate->email(mb_substr($this->profile_uri, 5))) { $this->oprofile = Ostatus_profile::ensureWebfinger($this->profile_uri); @@ -391,7 +392,7 @@ class OStatusSubAction extends Action function title() { // TRANS: Page title for OStatus remote subscription form. - return _m('Confirm'); + return !empty($this->profile_uri) ? _m('Confirm') : _m('Remote subscription'); } /** From 63f9af307d8c3ea7e549585da4d29166c4c033f7 Mon Sep 17 00:00:00 2001 From: Chimo Date: Wed, 19 Apr 2017 22:56:45 -0400 Subject: [PATCH 315/415] doc: Update 'backup', 'restore' default values --- CONFIGURE | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CONFIGURE b/CONFIGURE index 92ae78204e..3fbc83e0bc 100644 --- a/CONFIGURE +++ b/CONFIGURE @@ -497,9 +497,9 @@ Profile management. biolimit: max character length of bio; 0 means no limit; null means to use the site text limit default. -backup: whether users can backup their own profiles. Defaults to true. +backup: whether users can backup their own profiles. Defaults to false. restore: whether users can restore their profiles from backup files. Defaults - to true. + to false. delete: whether users can delete their own accounts. Defaults to false. move: whether users can move their accounts to another server. Defaults to true. From f51cb6fca9631bf26b1a15ebdbc37f1365da9cc2 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 21 Apr 2017 08:08:39 +0200 Subject: [PATCH 316/415] Split OStatusPlugin FeedSub receive into two parts FeedSub::receive now only handles the PuSH verification FeedSub::receiveFeed is protected and only parses+imports feed XML --- plugins/OStatus/classes/FeedSub.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/plugins/OStatus/classes/FeedSub.php b/plugins/OStatus/classes/FeedSub.php index 13a5439421..2d360afedd 100644 --- a/plugins/OStatus/classes/FeedSub.php +++ b/plugins/OStatus/classes/FeedSub.php @@ -460,8 +460,15 @@ class FeedSub extends Managed_DataObject return; } + $this->receiveFeed($post); + } + + protected function receiveFeed($feed_xml) + { + // We're passed the XML for the Atom feed as $feed_xml, + // so read it into a DOMDocument and process. $feed = new DOMDocument(); - if (!$feed->loadXML($post)) { + if (!$feed->loadXML($feed_xml)) { // @fixme might help to include the err message common_log(LOG_ERR, __METHOD__ . ": ignoring invalid XML"); return; From e98bceec1051743b9b90e10b5ba9ab6516bb9fdd Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Fri, 21 Apr 2017 09:31:27 +0200 Subject: [PATCH 317/415] Import backlog on new subscription. Danger is when importing a new feed that may be maliciously crafted to contain a zillion entries. --- plugins/OStatus/actions/pushcallback.php | 13 +++++++++++-- plugins/OStatus/classes/FeedSub.php | 19 +++++++++++++++++++ plugins/OStatus/scripts/testfeed.php | 4 +++- 3 files changed, 33 insertions(+), 3 deletions(-) diff --git a/plugins/OStatus/actions/pushcallback.php b/plugins/OStatus/actions/pushcallback.php index 317398243d..f5bb880df9 100644 --- a/plugins/OStatus/actions/pushcallback.php +++ b/plugins/OStatus/actions/pushcallback.php @@ -77,7 +77,7 @@ class PushCallbackAction extends Action /** * Handler for GET verification requests from the hub. */ - function handleGet() + public function handleGet() { $mode = $this->arg('hub_mode'); $topic = $this->arg('hub_topic'); @@ -110,12 +110,21 @@ class PushCallbackAction extends Action } if ($mode == 'subscribe') { - if ($feedsub->sub_state == 'active') { + $renewal = ($feedsub->sub_state == 'active'); + if ($renewal) { common_log(LOG_INFO, __METHOD__ . ': sub update confirmed'); } else { common_log(LOG_INFO, __METHOD__ . ': sub confirmed'); } + $feedsub->confirmSubscribe($lease_seconds); + + if (!$renewal) { + // Kickstart the feed by importing its most recent backlog + // FIXME: Send this to background queue handling + common_log(LOG_INFO, __METHOD__ . ': Confirmed a new subscription, importing backlog...'); + $feedsub->importFeed(); + } } else { common_log(LOG_INFO, __METHOD__ . ": unsub confirmed; deleting sub record for $topic"); $feedsub->confirmUnsubscribe(); diff --git a/plugins/OStatus/classes/FeedSub.php b/plugins/OStatus/classes/FeedSub.php index 2d360afedd..f3ebb5e15d 100644 --- a/plugins/OStatus/classes/FeedSub.php +++ b/plugins/OStatus/classes/FeedSub.php @@ -405,6 +405,7 @@ class FeedSub extends Managed_DataObject } $this->modified = common_sql_now(); + common_debug(__METHOD__ . ': Updating sub state and metadata for '.$this->getUri()); return $this->update($original); } @@ -463,6 +464,24 @@ class FeedSub extends Managed_DataObject $this->receiveFeed($post); } + /** + * All our feed URIs should be URLs. + */ + public function importFeed() + { + $feed_url = $this->getUri(); + + // Fetch the URL + try { + common_log(LOG_INFO, sprintf('Importing feed backlog from %s', $feed_url)); + $feed_xml = HTTPClient::quickGet($feed_url, 'application/atom+xml'); + } catch (Exception $e) { + throw new FeedSubException("Could not fetch feed from URL '%s': %s (%d).\n", $feed_url, $e->getMessage(), $e->getCode()); + } + + return $this->receiveFeed($feed_xml); + } + protected function receiveFeed($feed_xml) { // We're passed the XML for the Atom feed as $feed_xml, diff --git a/plugins/OStatus/scripts/testfeed.php b/plugins/OStatus/scripts/testfeed.php index da1eee292e..2e2b25e366 100755 --- a/plugins/OStatus/scripts/testfeed.php +++ b/plugins/OStatus/scripts/testfeed.php @@ -53,9 +53,11 @@ if (!$sub) { exit(1); } +// XXX: This could maybe be replaced with $sub->importFeed() + // Fetch the URL try { - $xml = HTTPClient::quickGet($feedurl, 'text/html,application/xhtml+xml'); + $xml = HTTPClient::quickGet($feedurl, 'application/atom+xml'); } catch (Exception $e) { echo sprintf("Could not fetch feedurl %s (%d).\n", $e->getMessage(), $e->getCode()); exit(1); From 0fd83f0028892ae7257c59ec6e0cd01fe5c9a1a2 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 22 Apr 2017 10:51:03 +0200 Subject: [PATCH 318/415] New domain regexp for WebFinger matching. --- plugins/OStatus/OStatusPlugin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index 3e9a0c58d6..d5233afc80 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -271,7 +271,7 @@ class OStatusPlugin extends Plugin $wmatches = array(); // Webfinger matches: @user@example.com or even @user--one.george_orwell@1984.biz - if (preg_match_all('!(?:^|\s+)@((?:\w+[\w\-\_\.]?)*(?:[\w\-\_\.]*\w+)@(?:\w+\-?\w+\.)*\w+(?:\w+\-\w+)*\.\w+)!', + if (preg_match_all('/(?:^|\s+)@((?:\w+[\w\-\_\.]?)*(?:[\w\-\_\.]*\w+)@(?:(?!-)[A-Za-z0-9\-]{1,63}(? Date: Sat, 22 Apr 2017 10:55:24 +0200 Subject: [PATCH 319/415] A bit more instructive debugging --- plugins/LRDD/lib/discovery.php | 2 ++ plugins/OStatus/classes/Ostatus_profile.php | 4 +++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/plugins/LRDD/lib/discovery.php b/plugins/LRDD/lib/discovery.php index 03f24e04fa..77271e06f6 100644 --- a/plugins/LRDD/lib/discovery.php +++ b/plugins/LRDD/lib/discovery.php @@ -93,6 +93,8 @@ class Discovery // Normalize the incoming $id to make sure we have a uri $uri = self::normalize($id); + common_debug(sprintf('Performing discovery for "%s" (normalized "%s")', $id, $uri)); + foreach ($this->methods as $class) { try { $xrd = new XML_XRD(); diff --git a/plugins/OStatus/classes/Ostatus_profile.php b/plugins/OStatus/classes/Ostatus_profile.php index eb385e09f1..b4b38e5aad 100644 --- a/plugins/OStatus/classes/Ostatus_profile.php +++ b/plugins/OStatus/classes/Ostatus_profile.php @@ -1584,12 +1584,14 @@ class Ostatus_profile extends Managed_DataObject if (is_null($uri)) { // Negative cache entry // TRANS: Exception. - throw new Exception(_m('Not a valid webfinger address.')); + throw new Exception(_m('Not a valid webfinger address (via cache).')); } $oprofile = Ostatus_profile::getKV('uri', $uri); if ($oprofile instanceof Ostatus_profile) { return $oprofile; } + common_log(LOG_ERR, sprintf(__METHOD__ . ': Webfinger address cache inconsistent with database, did not find Ostatus_profile uri==%s', $uri)); + self::cacheSet(sprintf('ostatus_profile:webfinger:%s', $addr), false); } // Try looking it up From bd6c93a811ace509e111a1cfca1f9e426b057d0f Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 22 Apr 2017 10:58:14 +0200 Subject: [PATCH 320/415] Split up OStatusPlugin preg functions so they can be reused --- plugins/OStatus/OStatusPlugin.php | 155 ++++++++++++++++++------------ 1 file changed, 91 insertions(+), 64 deletions(-) diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index d5233afc80..4bfd0ea23f 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -256,6 +256,46 @@ class OStatusPlugin extends Plugin return true; } + /** + * Webfinger matches: @user@example.com or even @user--one.george_orwell@1984.biz + * + * @return array The matching IDs (without @ or acct:) and each respective position in the given string. + */ + static function extractWebfingerIds($text) + { + $wmatches = array(); + $result = preg_match_all('/(?:^|\s+)@((?:\w+[\w\-\_\.]?)*(?:[\w\-\_\.]*\w+)@(?:(?!-)[A-Za-z0-9\-]{1,63}(?log(LOG_INFO, "Checking webfinger '$target'"); - $profile = null; - try { - $oprofile = Ostatus_profile::ensureWebfinger($target); - if (!$oprofile instanceof Ostatus_profile || !$oprofile->isPerson()) { - continue; - } - $profile = $oprofile->localProfile(); - } catch (OStatusShadowException $e) { - // This means we got a local user in the webfinger lookup - $profile = $e->profile; - } catch (Exception $e) { - $this->log(LOG_ERR, "Webfinger check failed: " . $e->getMessage()); + foreach (self::extractWebfingerIds($text) as $wmatch) { + list($target, $pos) = $wmatch; + $this->log(LOG_INFO, "Checking webfinger '$target'"); + $profile = null; + try { + $oprofile = Ostatus_profile::ensureWebfinger($target); + if (!$oprofile instanceof Ostatus_profile || !$oprofile->isPerson()) { continue; } - - assert($profile instanceof Profile); - - $text = !empty($profile->nickname) && mb_strlen($profile->nickname) < mb_strlen($target) - ? $profile->getNickname() // TODO: we could do getBestName() or getFullname() here - : $target; - $url = $profile->getUri(); - if (!common_valid_http_url($url)) { - $url = $profile->getUrl(); - } - $matches[$pos] = array('mentioned' => array($profile), - 'type' => 'mention', - 'text' => $text, - 'position' => $pos, - 'length' => mb_strlen($target), - 'url' => $url); + $profile = $oprofile->localProfile(); + } catch (OStatusShadowException $e) { + // This means we got a local user in the webfinger lookup + $profile = $e->profile; + } catch (Exception $e) { + $this->log(LOG_ERR, "Webfinger check failed: " . $e->getMessage()); + continue; } + + assert($profile instanceof Profile); + + $text = !empty($profile->nickname) && mb_strlen($profile->nickname) < mb_strlen($target) + ? $profile->getNickname() // TODO: we could do getBestName() or getFullname() here + : $target; + $url = $profile->getUri(); + if (!common_valid_http_url($url)) { + $url = $profile->getUrl(); + } + $matches[$pos] = array('mentioned' => array($profile), + 'type' => 'mention', + 'text' => $text, + 'position' => $pos, + 'length' => mb_strlen($target), + 'url' => $url); } - // Profile matches: @example.com/mublog/user - if (preg_match_all('!(?:^|\s+)@((?:\w+\.)*\w+(?:\w+\-\w+)*\.\w+(?:/\w+)*)!', - $text, - $wmatches, - PREG_OFFSET_CAPTURE)) { - foreach ($wmatches[1] as $wmatch) { - list($target, $pos) = $wmatch; - $schemes = array('http', 'https'); - foreach ($schemes as $scheme) { - $url = "$scheme://$target"; - $this->log(LOG_INFO, "Checking profile address '$url'"); - try { - $oprofile = Ostatus_profile::ensureProfileURL($url); - if ($oprofile instanceof Ostatus_profile && !$oprofile->isGroup()) { - $profile = $oprofile->localProfile(); - $text = !empty($profile->nickname) && mb_strlen($profile->nickname) < mb_strlen($target) ? - $profile->nickname : $target; - $matches[$pos] = array('mentioned' => array($profile), - 'type' => 'mention', - 'text' => $text, - 'position' => $pos, - 'length' => mb_strlen($target), - 'url' => $profile->getUrl()); - break; - } - } catch (Exception $e) { - $this->log(LOG_ERR, "Profile check failed: " . $e->getMessage()); + foreach (self::extractUrlMentions($text) as $wmatch) { + list($target, $pos) = $wmatch; + $schemes = array('http', 'https'); + foreach ($schemes as $scheme) { + $url = "$scheme://$target"; + $this->log(LOG_INFO, "Checking profile address '$url'"); + try { + $oprofile = Ostatus_profile::ensureProfileURL($url); + if ($oprofile instanceof Ostatus_profile && !$oprofile->isGroup()) { + $profile = $oprofile->localProfile(); + $text = !empty($profile->nickname) && mb_strlen($profile->nickname) < mb_strlen($target) ? + $profile->nickname : $target; + $matches[$pos] = array('mentioned' => array($profile), + 'type' => 'mention', + 'text' => $text, + 'position' => $pos, + 'length' => mb_strlen($target), + 'url' => $profile->getUrl()); + break; } + } catch (Exception $e) { + $this->log(LOG_ERR, "Profile check failed: " . $e->getMessage()); } } } From 2fc4b174c1f5b0ec29d7f3ec19129c5ab15011bb Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 22 Apr 2017 11:07:38 +0200 Subject: [PATCH 321/415] Domain name regular expression into lib/framework.php --- lib/framework.php | 1 + plugins/OStatus/OStatusPlugin.php | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/framework.php b/lib/framework.php index 77f2d0526a..56a382aa65 100644 --- a/lib/framework.php +++ b/lib/framework.php @@ -66,6 +66,7 @@ define('URL_REGEX_VALID_PATH_CHARS', '\pN\pL\,\!\.\:\-\_\+\/\@\=\;\%\~\*' define('URL_REGEX_VALID_QSTRING_CHARS', URL_REGEX_VALID_PATH_CHARS . '\&'); define('URL_REGEX_VALID_FRAGMENT_CHARS', URL_REGEX_VALID_QSTRING_CHARS . '\?\#'); define('URL_REGEX_EXCLUDED_END_CHARS', '\?\.\,\!\#\:\''); // don't include these if they are directly after a URL +define('URL_REGEX_DOMAIN_NAME', '(?:(?!-)[A-Za-z0-9\-]{1,63}(? Date: Sat, 22 Apr 2017 11:15:55 +0200 Subject: [PATCH 322/415] Fix URL mention regular expression in OStatusPlugin --- plugins/OStatus/OStatusPlugin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index 55a50d12c0..c4322b5487 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -284,7 +284,7 @@ class OStatusPlugin extends Plugin static function extractUrlMentions($text) { $wmatches = array(); - $result = preg_match_all('!(?:^|\s+)@'.URL_REGEX_DOMAIN_NAME.'(?:/\w+)*)!', + $result = preg_match_all('/(?:^|\s+)@('.URL_REGEX_DOMAIN_NAME.'(?:\/\w+)*)/', $text, $wmatches, PREG_OFFSET_CAPTURE); From 69e944e21a11ce16b1e82ed94db5ec5878cad91b Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 22 Apr 2017 11:45:24 +0200 Subject: [PATCH 323/415] Fix URL mention regular expression FOR REALZ --- plugins/OStatus/OStatusPlugin.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index c4322b5487..4a1d7683cc 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -284,7 +284,9 @@ class OStatusPlugin extends Plugin static function extractUrlMentions($text) { $wmatches = array(); - $result = preg_match_all('/(?:^|\s+)@('.URL_REGEX_DOMAIN_NAME.'(?:\/\w+)*)/', + // In the regexp below we need to match / _before_ URL_REGEX_VALID_PATH_CHARS because it otherwise gets merged + // with the TLD before (but / is in URL_REGEX_VALID_PATH_CHARS anyway, it's just its positioning that is important) + $result = preg_match_all('/(?:^|\s+)@('.URL_REGEX_DOMAIN_NAME.'(?:\/['.URL_REGEX_VALID_PATH_CHARS.']*)*)/', $text, $wmatches, PREG_OFFSET_CAPTURE); From 95f991cff33d3e4ed1c36d9de0b7b541ab28eec0 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 22 Apr 2017 12:12:27 +0200 Subject: [PATCH 324/415] Somewhat simpler regex. Thanks acct:takeshitakenji@gs.kawa-kun.com --- plugins/OStatus/OStatusPlugin.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index 4a1d7683cc..1750016ace 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -264,7 +264,8 @@ class OStatusPlugin extends Plugin static function extractWebfingerIds($text) { $wmatches = array(); - $result = preg_match_all('/(?:^|\s+)@((?:\w+[\w\-\_\.]?)*(?:[\w\-\_\.]*\w+)@'.URL_REGEX_DOMAIN_NAME.')/', + // Maybe this should harmonize with lib/nickname.php and Nickname::WEBFINGER_FMT + $result = preg_match_all('/(? Date: Sat, 22 Apr 2017 12:29:53 +0200 Subject: [PATCH 325/415] Try https first on URL mention lookup --- plugins/OStatus/OStatusPlugin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index 1750016ace..1f76b56a20 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -349,7 +349,7 @@ class OStatusPlugin extends Plugin foreach (self::extractUrlMentions($text) as $wmatch) { list($target, $pos) = $wmatch; - $schemes = array('http', 'https'); + $schemes = array('https', 'http'); foreach ($schemes as $scheme) { $url = "$scheme://$target"; $this->log(LOG_INFO, "Checking profile address '$url'"); From 4ef05e35b82075ec0a6e1584132619dd3ac2d576 Mon Sep 17 00:00:00 2001 From: Chimo Date: Sun, 23 Apr 2017 19:03:40 +0000 Subject: [PATCH 326/415] backupaccount: Don't print page HTML in XML export The current Atom/XML account backup contains the backupaccount HTML at the end of the downloaded file. This change makes it so that only the XML is downloaded by terminating the script before the HTML is served. --- actions/backupaccount.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/actions/backupaccount.php b/actions/backupaccount.php index 7f37f3b851..637da0ac3c 100644 --- a/actions/backupaccount.php +++ b/actions/backupaccount.php @@ -74,6 +74,9 @@ class BackupaccountAction extends FormAction // @fixme atom feed logic is in getString... // but we just want it to output to the outputter. $this->raw($stream->getString()); + + // Don't print the page HTML + exit(0); } public function isReadOnly($args) { From a53284fe4f5c1a1249be64da1381c02be1098b1a Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 25 Apr 2017 20:42:10 +0200 Subject: [PATCH 327/415] Use getByID nistead of getKV for Feedsub in PushInQueueHandler --- plugins/OStatus/lib/pushinqueuehandler.php | 20 ++++++++------------ 1 file changed, 8 insertions(+), 12 deletions(-) diff --git a/plugins/OStatus/lib/pushinqueuehandler.php b/plugins/OStatus/lib/pushinqueuehandler.php index ac8a6c8429..961b848211 100644 --- a/plugins/OStatus/lib/pushinqueuehandler.php +++ b/plugins/OStatus/lib/pushinqueuehandler.php @@ -17,9 +17,7 @@ * along with this program. If not, see . */ -if (!defined('STATUSNET')) { - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * Process a feed distribution POST from a PuSH hub. @@ -41,15 +39,13 @@ class PushInQueueHandler extends QueueHandler $post = $data['post']; $hmac = $data['hmac']; - $feedsub = FeedSub::getKV('id', $feedsub_id); - if ($feedsub instanceof FeedSub) { - try { - $feedsub->receive($post, $hmac); - } catch(Exception $e) { - common_log(LOG_ERR, "Exception during PuSH input processing for $feedsub->uri: " . $e->getMessage()); - } - } else { - common_log(LOG_ERR, "Discarding POST to unknown feed subscription id $feedsub_id"); + try { + $feedsub = FeedSub::getByID($feedsub_id); + $feedsub->receive($post, $hmac); + } catch(NoResultException $e) { + common_log(LOG_INFO, "Discarding POST to unknown feed subscription id {$feedsub_id}"); + } catch(Exception $e) { + common_log(LOG_ERR, "Exception during PuSH input processing for {$feedsub->getUri()}: " . $e->getMessage()); } return true; } From 5f24fc098617c7fe20300be79978d77b91bb6523 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 25 Apr 2017 20:43:31 +0200 Subject: [PATCH 328/415] Blacklist plugin enabled by default (bug fixes will come) --- lib/default.php | 1 + plugins/Blacklist/BlacklistPlugin.php | 8 +++----- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/lib/default.php b/lib/default.php index 74ab982958..83dc58f898 100644 --- a/lib/default.php +++ b/lib/default.php @@ -345,6 +345,7 @@ $default = 'default' => array( 'Activity' => array(), 'AntiBrute' => array(), + 'Blacklist' => array(), 'Bookmark' => array(), 'ClientSideShorten' => array(), 'DefaultLayout' => array(), diff --git a/plugins/Blacklist/BlacklistPlugin.php b/plugins/Blacklist/BlacklistPlugin.php index 31929fcadc..66ea408165 100644 --- a/plugins/Blacklist/BlacklistPlugin.php +++ b/plugins/Blacklist/BlacklistPlugin.php @@ -27,9 +27,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * Plugin to prevent use of nicknames or URLs on a blacklist @@ -483,7 +481,7 @@ class BlacklistPlugin extends Plugin */ function onStartSubscribe(Profile $subscriber, Profile $other) { - foreach (array($other->profileurl, $other->homepage) as $url) { + foreach ([$other->getUrl(), $other->getHomepage()] as $url) { if (empty($url)) { continue; @@ -499,7 +497,7 @@ class BlacklistPlugin extends Plugin } } - $nickname = $other->nickname; + $nickname = $other->getNickname(); if (!empty($nickname)) { if (!$this->_checkNickname($nickname)) { From c71600c144303f6ecbdb63a0d4d9576ec7140957 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 25 Apr 2017 21:03:43 +0200 Subject: [PATCH 329/415] Modernise some function calls etc, to newer GNU social standards --- plugins/Blacklist/BlacklistPlugin.php | 103 +++++++++----------------- 1 file changed, 34 insertions(+), 69 deletions(-) diff --git a/plugins/Blacklist/BlacklistPlugin.php b/plugins/Blacklist/BlacklistPlugin.php index 66ea408165..1ef50940b2 100644 --- a/plugins/Blacklist/BlacklistPlugin.php +++ b/plugins/Blacklist/BlacklistPlugin.php @@ -111,52 +111,16 @@ class BlacklistPlugin extends Plugin } } - /** - * Hook registration to prevent blacklisted homepages or nicknames - * - * Throws an exception if there's a blacklisted homepage or nickname. - * - * @param Action $action Action being called (usually register) - * - * @return boolean hook value - */ - function onStartRegisterUser(&$user, &$profile) - { - $homepage = strtolower($profile->homepage); - - if (!empty($homepage)) { - if (!$this->_checkUrl($homepage)) { - // TRANS: Validation failure for URL. %s is the URL. - $msg = sprintf(_m("You may not register with homepage \"%s\"."), - $homepage); - throw new ClientException($msg); - } - } - - $nickname = strtolower($profile->nickname); - - if (!empty($nickname)) { - if (!$this->_checkNickname($nickname)) { - // TRANS: Validation failure for nickname. %s is the nickname. - $msg = sprintf(_m("You may not register with nickname \"%s\"."), - $nickname); - throw new ClientException($msg); - } - } - - return true; - } - /** * Hook profile update to prevent blacklisted homepages or nicknames * * Throws an exception if there's a blacklisted homepage or nickname. * - * @param Action $action Action being called (usually register) + * @param ManagedAction $action Action being called (usually register) * * @return boolean hook value */ - function onStartProfileSaveForm($action) + function onStartProfileSaveForm(ManagedAction $action) { $homepage = strtolower($action->trimmed('homepage')); @@ -192,7 +156,7 @@ class BlacklistPlugin extends Plugin * * @return boolean hook value */ - function onStartNoticeSave(&$notice) + public function onStartNoticeSave(&$notice) { common_replace_urls_callback($notice->content, array($this, 'checkNoticeUrl')); @@ -328,7 +292,7 @@ class BlacklistPlugin extends Plugin * * @return boolean hook value */ - function onEndAdminPanelNav($nav) + function onEndAdminPanelNav(Menu $nav) { if (AdminPanelAction::canAdmin('blacklist')) { @@ -346,75 +310,76 @@ class BlacklistPlugin extends Plugin return true; } - function onEndDeleteUserForm($action, $user) + function onEndDeleteUserForm(HTMLOutputter $out, User $user) { - $cur = common_current_user(); + $scoped = $out->getScoped(); - if (empty($cur) || !$cur->hasRight(Right::CONFIGURESITE)) { - return; + if ($scoped === null || !$scoped->hasRight(Right::CONFIGURESITE)) { + return true; } - $profile = $user->getProfile(); - if (empty($profile)) { - return; + try { + $profile = $user->getProfile(); + } catch (UserNoProfileException $e) { + return true; } - $action->elementStart('ul', 'form_data'); - $action->elementStart('li'); - $this->checkboxAndText($action, + $out->elementStart('ul', 'form_data'); + $out->elementStart('li'); + $this->checkboxAndText($out, 'blacklistnickname', // TRANS: Checkbox label in the blacklist user form. _m('Add this nickname pattern to blacklist'), 'blacklistnicknamepattern', - $this->patternizeNickname($user->nickname)); - $action->elementEnd('li'); + $this->patternizeNickname($profile->getNickname())); + $out->elementEnd('li'); - if (!empty($profile->homepage)) { - $action->elementStart('li'); - $this->checkboxAndText($action, + if (!empty($profile->getHomepage())) { + $out->elementStart('li'); + $this->checkboxAndText($out, 'blacklisthomepage', // TRANS: Checkbox label in the blacklist user form. _m('Add this homepage pattern to blacklist'), 'blacklisthomepagepattern', - $this->patternizeHomepage($profile->homepage)); - $action->elementEnd('li'); + $this->patternizeHomepage($profile->getHomepage())); + $out->elementEnd('li'); } - $action->elementEnd('ul'); + $out->elementEnd('ul'); } - function onEndDeleteUser($action, $user) + function onEndDeleteUser(HTMLOutputter $out, User $user) { - if ($action->boolean('blacklisthomepage')) { - $pattern = $action->trimmed('blacklisthomepagepattern'); + if ($out->boolean('blacklisthomepage')) { + $pattern = $out->trimmed('blacklisthomepagepattern'); Homepage_blacklist::ensurePattern($pattern); } - if ($action->boolean('blacklistnickname')) { - $pattern = $action->trimmed('blacklistnicknamepattern'); + if ($out->boolean('blacklistnickname')) { + $pattern = $out->trimmed('blacklistnicknamepattern'); Nickname_blacklist::ensurePattern($pattern); } return true; } - function checkboxAndText($action, $checkID, $label, $textID, $value) + function checkboxAndText(HTMLOutputter $out, $checkID, $label, $textID, $value) { - $action->element('input', array('name' => $checkID, + $out->element('input', array('name' => $checkID, 'type' => 'checkbox', 'class' => 'checkbox', 'id' => $checkID)); - $action->text(' '); + $out->text(' '); - $action->element('label', array('class' => 'checkbox', + $out->element('label', array('class' => 'checkbox', 'for' => $checkID), $label); - $action->text(' '); + $out->text(' '); - $action->element('input', array('name' => $textID, + $out->element('input', array('name' => $textID, 'type' => 'text', 'id' => $textID, 'value' => $value)); From df7ff4ef1abb91b33615b5552292dc0f8e46ca7b Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 25 Apr 2017 21:11:49 +0200 Subject: [PATCH 330/415] Moving form to its own file as we do nowadays --- .../Blacklist/actions/blacklistadminpanel.php | 95 +------------------ .../Blacklist/forms/blacklistadminpanel.php | 94 ++++++++++++++++++ 2 files changed, 95 insertions(+), 94 deletions(-) create mode 100644 plugins/Blacklist/forms/blacklistadminpanel.php diff --git a/plugins/Blacklist/actions/blacklistadminpanel.php b/plugins/Blacklist/actions/blacklistadminpanel.php index ee1c2138b8..43cba3e2ce 100644 --- a/plugins/Blacklist/actions/blacklistadminpanel.php +++ b/plugins/Blacklist/actions/blacklistadminpanel.php @@ -27,9 +27,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * Administer blacklist @@ -118,94 +116,3 @@ class BlacklistadminpanelAction extends AdminPanelAction return true; } } - -/** - * Admin panel form for blacklist panel - * - * @category Admin - * @package StatusNet - * @author Evan Prodromou - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPLv3 - * @link http://status.net/ - */ -class BlacklistAdminPanelForm extends Form -{ - /** - * ID of the form - * - * @return string ID - */ - function id() - { - return 'blacklistadminpanel'; - } - - /** - * Class of the form - * - * @return string class - */ - function formClass() - { - return 'form_settings'; - } - - /** - * Action we post to - * - * @return string action URL - */ - function action() - { - return common_local_url('blacklistadminpanel'); - } - - /** - * Show the form controls - * - * @return void - */ - function formData() - { - $this->out->elementStart('ul', 'form_data'); - - $this->out->elementStart('li'); - - $nickPatterns = Nickname_blacklist::getPatterns(); - - // TRANS: Field label in blacklist plugin administration panel. - $this->out->textarea('blacklist-nicknames', _m('Nicknames'), - implode("\r\n", $nickPatterns), - // TRANS: Field title in blacklist plugin administration panel. - _m('Patterns of nicknames to block, one per line.')); - $this->out->elementEnd('li'); - - $urlPatterns = Homepage_blacklist::getPatterns(); - - $this->out->elementStart('li'); - // TRANS: Field label in blacklist plugin administration panel. - $this->out->textarea('blacklist-urls', _m('URLs'), - implode("\r\n", $urlPatterns), - // TRANS: Field title in blacklist plugin administration panel. - _m('Patterns of URLs to block, one per line.')); - $this->out->elementEnd('li'); - - $this->out->elementEnd('ul'); - } - - /** - * Buttons for submitting - * - * @return void - */ - function formActions() - { - $this->out->submit('submit', - // TRANS: Button text in blacklist plugin administration panel to save settings. - _m('BUTTON','Save'), - 'submit', - null, - // TRANS: Button title in blacklist plugin administration panel to save settings. - _m('Save site settings.')); - } -} diff --git a/plugins/Blacklist/forms/blacklistadminpanel.php b/plugins/Blacklist/forms/blacklistadminpanel.php new file mode 100644 index 0000000000..3153ddbeea --- /dev/null +++ b/plugins/Blacklist/forms/blacklistadminpanel.php @@ -0,0 +1,94 @@ + + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPLv3 + * @link http://status.net/ + */ +class BlacklistAdminPanelForm extends Form +{ + /** + * ID of the form + * + * @return string ID + */ + function id() + { + return 'blacklistadminpanel'; + } + + /** + * Class of the form + * + * @return string class + */ + function formClass() + { + return 'form_settings'; + } + + /** + * Action we post to + * + * @return string action URL + */ + function action() + { + return common_local_url('blacklistadminpanel'); + } + + /** + * Show the form controls + * + * @return void + */ + function formData() + { + $this->out->elementStart('ul', 'form_data'); + + $this->out->elementStart('li'); + + $nickPatterns = Nickname_blacklist::getPatterns(); + + // TRANS: Field label in blacklist plugin administration panel. + $this->out->textarea('blacklist-nicknames', _m('Nicknames'), + implode("\r\n", $nickPatterns), + // TRANS: Field title in blacklist plugin administration panel. + _m('Patterns of nicknames to block, one per line.')); + $this->out->elementEnd('li'); + + $urlPatterns = Homepage_blacklist::getPatterns(); + + $this->out->elementStart('li'); + // TRANS: Field label in blacklist plugin administration panel. + $this->out->textarea('blacklist-urls', _m('URLs'), + implode("\r\n", $urlPatterns), + // TRANS: Field title in blacklist plugin administration panel. + _m('Patterns of URLs to block, one per line.')); + $this->out->elementEnd('li'); + + $this->out->elementEnd('ul'); + } + + /** + * Buttons for submitting + * + * @return void + */ + function formActions() + { + $this->out->submit('submit', + // TRANS: Button text in blacklist plugin administration panel to save settings. + _m('BUTTON','Save'), + 'submit', + null, + // TRANS: Button title in blacklist plugin administration panel to save settings. + _m('Save site settings.')); + } +} From adfd76f44bf70352204643915128b31a8d922559 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 26 Apr 2017 22:11:28 +0200 Subject: [PATCH 331/415] allowed_schemes was misspelled --- lib/activityutils.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/activityutils.php b/lib/activityutils.php index 4f31648ead..58e04e2f76 100644 --- a/lib/activityutils.php +++ b/lib/activityutils.php @@ -294,7 +294,7 @@ class ActivityUtils // Possibly an upstream bug; tag: URIs aren't validated properly // unless you explicitly ask for them. All other schemes are accepted // for basic URI validation without asking. - if ($validate->uri($uri, array('allowed_scheme' => array('tag')))) { + if ($validate->uri($uri, array('allowed_schemes' => array('tag')))) { return true; } From bb76af4f65fde04e03a12e7e316b1ed975f62b98 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 26 Apr 2017 22:41:59 +0200 Subject: [PATCH 332/415] Test URLs against blacklist also on PuSH subscriptions. --- plugins/Blacklist/BlacklistPlugin.php | 9 +++++++++ plugins/OStatus/actions/pushhub.php | 9 +++++---- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/plugins/Blacklist/BlacklistPlugin.php b/plugins/Blacklist/BlacklistPlugin.php index 1ef50940b2..1572903f2e 100644 --- a/plugins/Blacklist/BlacklistPlugin.php +++ b/plugins/Blacklist/BlacklistPlugin.php @@ -211,6 +211,15 @@ class BlacklistPlugin extends Plugin return true; } + public function onUrlBlacklistTest($url) + { + common_debug('Checking URL against blacklist: '._ve($url)); + if (!$this->_checkUrl($url)) { + throw new ClientException('Forbidden URL', 403); + } + return true; + } + /** * Helper for checking nicknames * diff --git a/plugins/OStatus/actions/pushhub.php b/plugins/OStatus/actions/pushhub.php index be8076b75e..6dc22706c3 100644 --- a/plugins/OStatus/actions/pushhub.php +++ b/plugins/OStatus/actions/pushhub.php @@ -199,7 +199,7 @@ class PushHubAction extends Action /** * Grab and validate a URL from POST parameters. - * @throws ClientException for malformed or non-http/https URLs + * @throws ClientException for malformed or non-http/https or blacklisted URLs */ protected function argUrl($arg) { @@ -207,13 +207,14 @@ class PushHubAction extends Action $params = array('domain_check' => false, // otherwise breaks my local tests :P 'allowed_schemes' => array('http', 'https')); $validate = new Validate(); - if ($validate->uri($url, $params)) { - return $url; - } else { + if (!$validate->uri($url, $params)) { // TRANS: Client exception. // TRANS: %1$s is this argument to the method this exception occurs in, %2$s is a URL. throw new ClientException(sprintf(_m('Invalid URL passed for %1$s: "%2$s"'),$arg,$url)); } + + Event::handle('UrlBlacklistTest', array($url)); + return $url; } /** From ea6d8b8bdeae63181efcbf7f4fd17c1450acdbd1 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 26 Apr 2017 23:21:13 +0200 Subject: [PATCH 333/415] LRDD blacklisted URL test --- plugins/LRDD/lib/discovery.php | 5 +++++ plugins/LRDD/lib/lrddmethod.php | 3 +++ 2 files changed, 8 insertions(+) diff --git a/plugins/LRDD/lib/discovery.php b/plugins/LRDD/lib/discovery.php index 77271e06f6..a69d5b8ce2 100644 --- a/plugins/LRDD/lib/discovery.php +++ b/plugins/LRDD/lib/discovery.php @@ -140,6 +140,11 @@ class Discovery $xrd->loadString($response->getBody(), $type); return $xrd; + } catch (ClientException $e) { + if ($e->getCode() === 403) { + common_log(LOG_INFO, sprintf('%s: Aborting discovery on URL %s: %s', _ve($class), _ve($uri), _ve($e->getMessage()))); + break; + } } catch (Exception $e) { common_log(LOG_INFO, sprintf('%s: Failed for %s: %s', _ve($class), _ve($uri), _ve($e->getMessage()))); continue; diff --git a/plugins/LRDD/lib/lrddmethod.php b/plugins/LRDD/lib/lrddmethod.php index ee9a24a5da..160c0d73a2 100644 --- a/plugins/LRDD/lib/lrddmethod.php +++ b/plugins/LRDD/lib/lrddmethod.php @@ -32,6 +32,9 @@ abstract class LRDDMethod protected function fetchUrl($url, $method=HTTPClient::METHOD_GET) { + // If we have a blacklist enabled, let's check against it + Event::handle('UrlBlacklistTest', array($url)); + $client = new HTTPClient(); // GAAHHH, this method sucks! How about we make a better HTTPClient interface? From 598b51eb7a24e63aca308e2013ad7530dbaade40 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 27 Apr 2017 09:23:45 +0200 Subject: [PATCH 334/415] Escaping a URI in common_debug call --- plugins/OStatus/classes/Ostatus_profile.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/OStatus/classes/Ostatus_profile.php b/plugins/OStatus/classes/Ostatus_profile.php index b4b38e5aad..b6df8d50a2 100644 --- a/plugins/OStatus/classes/Ostatus_profile.php +++ b/plugins/OStatus/classes/Ostatus_profile.php @@ -367,7 +367,7 @@ class Ostatus_profile extends Managed_DataObject if ($this->salmonuri) { return Salmon::post($this->salmonuri, $this->notifyPrepXml($entry), $actor, $this->localProfile()); } - common_debug(__CLASS__.' error: No salmonuri for Ostatus_profile uri: '.$this->uri); + common_debug(__CLASS__.' error: No salmonuri for Ostatus_profile uri: '._ve($this->getUri())); return false; } From 853b016a42d4eda4224488bf1108ea6835bb6934 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 27 Apr 2017 09:24:12 +0200 Subject: [PATCH 335/415] Separate ensureHub into function in FeedSub --- plugins/OStatus/classes/FeedSub.php | 111 +++++++++++++++++++++------- 1 file changed, 83 insertions(+), 28 deletions(-) diff --git a/plugins/OStatus/classes/FeedSub.php b/plugins/OStatus/classes/FeedSub.php index f3ebb5e15d..75e109120a 100644 --- a/plugins/OStatus/classes/FeedSub.php +++ b/plugins/OStatus/classes/FeedSub.php @@ -167,35 +167,81 @@ class FeedSub extends Managed_DataObject */ public static function ensureFeed($feeduri) { - $current = self::getKV('uri', $feeduri); - if ($current instanceof FeedSub) { - return $current; + $feedsub = self::getKV('uri', $feeduri); + if ($feedsub instanceof FeedSub) { + if (!empty($feedsub->huburi)) { + // If there is already a huburi we don't + // rediscover it on ensureFeed, call + // ensureHub to do that (compare ->modified + // to see if it might be time to do it). + return $feedsub; + } + if ($feedsub->sub_state !== 'inactive') { + throw new ServerException('Can only ensure WebSub hub for inactive (unsubscribed) feeds.'); + } + // If huburi is empty we continue with ensureHub + } else { + // If we don't have that local feed URI + // stored then we create a new DB object. + $feedsub = new FeedSub(); + $feedsub->uri = $feeduri; + $feedsub->sub_state = 'inactive'; } - $discover = new FeedDiscovery(); - $discover->discoverFromFeedURL($feeduri); + try { + // discover the hub uri + $feedsub->ensureHub(); - $huburi = $discover->getHubLink(); - if (!$huburi && !common_config('feedsub', 'fallback_hub') && !common_config('feedsub', 'nohub')) { - throw new FeedSubNoHubException(); + } catch (FeedSubNoHubException $e) { + // Only throw this exception if we can't handle huburi-less feeds + // (i.e. we have a fallback hub or we can do feed polling (nohub) + if (!common_config('feedsub', 'fallback_hub') && !common_config('feedsub', 'nohub')) { + throw $e; + } } - $feedsub = new FeedSub(); - $feedsub->uri = $feeduri; - $feedsub->huburi = $huburi; - $feedsub->sub_state = 'inactive'; - - $feedsub->created = common_sql_now(); - $feedsub->modified = common_sql_now(); - - $result = $feedsub->insert(); - if ($result === false) { - throw new FeedDBException($feedsub); + if (empty($feedsub->id)) { + // if $feedsub doesn't have an id we'll insert it into the db here + $feedsub->created = common_sql_now(); + $feedsub->modified = common_sql_now(); + $result = $feedsub->insert(); + if ($result === false) { + throw new FeedDBException($feedsub); + } } return $feedsub; } + /** + * ensureHub will only do $this->update if !empty($this->id) + * because otherwise the object has not been created yet. + */ + public function ensureHub() + { + if ($this->sub_state !== 'inactive') { + throw new ServerException('Can only ensure WebSub hub for inactive (unsubscribed) feeds.'); + } + + $discover = new FeedDiscovery(); + $discover->discoverFromFeedURL($this->uri); + + $huburi = $discover->getHubLink(); + if (empty($huburi)) { + // Will be caught and treated with if statements in regards to + // fallback hub and feed polling (nohub) configuration. + throw new FeedSubNoHubException(); + } + + $orig = !empty($this->id) ? clone($this) : null; + + $this->huburi = $huburi; + + if (!empty($this->id)) { + $this->update($orig); + } + } + /** * Send a subscription request to the hub for this feed. * The hub will later send us a confirmation POST to /main/push/callback. @@ -250,18 +296,27 @@ class FeedSub extends Managed_DataObject return; } - if (empty($this->huburi)) { - if (common_config('feedsub', 'fallback_hub')) { - // No native hub on this feed? - // Use our fallback hub, which handles polling on our behalf. - } else if (common_config('feedsub', 'nohub')) { - // We need a feedpolling plugin (like FeedPoller) active so it will - // set the 'nohub' state to 'inactive' for us. - return; - } else { + if (empty($this->huburi) && !common_config('feedsub', 'fallback_hub')) { + /** + * If the huburi is empty and we don't have a fallback hub, + * there is nowhere we can send an unsubscribe to. + * + * A plugin should handle the FeedSub above and set the proper state + * if there is no hub. (instead of 'nohub' it should be 'inactive' if + * the instance has enabled feed polling for feeds that don't publish + * PuSH/WebSub hubs. FeedPoller is a plugin which enables polling. + * + * Secondly, if we don't have the setting "nohub" enabled (i.e.) + * we're ready to poll ourselves, there is something odd with the + * database, such as a polling plugin that has been disabled. + */ + + if (!common_config('feedsub', 'nohub')) { // TRANS: Server exception. throw new ServerException(_m('Attempting to end PuSH subscription for feed with no hub.')); } + + return; } $this->doSubscribe('unsubscribe'); From c505652c15ad7fdc542b77313baf52cffa009f8f Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 29 Apr 2017 14:48:46 +0200 Subject: [PATCH 336/415] Confirm_address::getByAddress not getAddress Also fixed the error handling to match the function call. --- scripts/resend_confirm_address.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/scripts/resend_confirm_address.php b/scripts/resend_confirm_address.php index 1e5bcc1555..b73246d6ef 100755 --- a/scripts/resend_confirm_address.php +++ b/scripts/resend_confirm_address.php @@ -33,9 +33,10 @@ $ca = null; if (have_option('e', 'email')) { $email = get_option_value('e', 'email'); - $ca = Confirm_address::getAddress($email, 'email'); - if (!$ca instanceof Confirm_address) { - print "Can't find email $email in confirm_address table.\n"; + try { + $ca = Confirm_address::getByAddress($email, 'email'); + } catch (NoResultException $e) { + print sprintf("Can't find %s address %s in %s table.\n", $e->obj->address_type, $e->obj->address, $e->obj->tableName()); exit(1); } } elseif (have_option('a', 'all')) { From 5288a6f9e203d6f1ff3f1fb2a58314a2481c165e Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 30 Apr 2017 09:20:08 +0200 Subject: [PATCH 337/415] Update huburi for FeedSub if PuSH signature is invalid This because some remote server might have used third party PuSH hubs but switch and we don't know about it. Possible risks here are of course MITM that could force us to rediscover PuSH hubs from a feed they control, but that currently feels ... meh. --- plugins/OStatus/classes/FeedSub.php | 67 +++++++++++++------ plugins/OStatus/lib/feeddbexception.php | 12 ++++ .../lib/feedsubbadpushsignatureexception.php | 5 ++ 3 files changed, 62 insertions(+), 22 deletions(-) create mode 100644 plugins/OStatus/lib/feeddbexception.php create mode 100644 plugins/OStatus/lib/feedsubbadpushsignatureexception.php diff --git a/plugins/OStatus/classes/FeedSub.php b/plugins/OStatus/classes/FeedSub.php index 75e109120a..184db68c63 100644 --- a/plugins/OStatus/classes/FeedSub.php +++ b/plugins/OStatus/classes/FeedSub.php @@ -17,9 +17,7 @@ * along with this program. If not, see . */ -if (!defined('STATUSNET')) { - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * @package OStatusPlugin @@ -41,16 +39,6 @@ PuSH subscription flow: hub sends us updates via POST */ -class FeedDBException extends FeedSubException -{ - public $obj; - - function __construct($obj) - { - parent::__construct('Database insert failure'); - $this->obj = $obj; - } -} /** * FeedSub handles low-level PubHubSubbub (PuSH) subscriptions. @@ -220,7 +208,7 @@ class FeedSub extends Managed_DataObject public function ensureHub() { if ($this->sub_state !== 'inactive') { - throw new ServerException('Can only ensure WebSub hub for inactive (unsubscribed) feeds.'); + common_log(LOG_INFO, sprintf('Running hub discovery a possibly active feed in %s state for URI %s', _ve($this->sub_state), _ve($this->uri))); } $discover = new FeedDiscovery(); @@ -235,11 +223,28 @@ class FeedSub extends Managed_DataObject $orig = !empty($this->id) ? clone($this) : null; + if (!empty($this->huburi) && $this->huburi !== $huburi) { + // There was a huburi already and now we're replacing it, + // so we have to set a new secret because otherwise we're + // possibly vulnerable to attack from the previous hub. + + // ...but as I understand it this is done in $this->doSubscribe() + // which is called from $this->subscribe() (which in turn is + // called from $this->renew()) + } $this->huburi = $huburi; if (!empty($this->id)) { - $this->update($orig); + $result = $this->update($orig); + if ($result === false) { + // TODO: Get a DB exception class going... + common_debug('Database update failed for FeedSub id=='._ve($this->id).' with new huburi: '._ve($this->huburi)); + throw new ServerException('Database update failed for FeedSub.'); + } + return $result; } + + return null; // we haven't done anything with the database } /** @@ -367,6 +372,7 @@ class FeedSub extends Managed_DataObject public function renew() { + common_debug('FeedSub is being renewed for uri=='._ve($this->uri).' on huburi=='._ve($this->huburi)); $this->subscribe(); } @@ -510,10 +516,25 @@ class FeedSub extends Managed_DataObject return; } - if (!$this->validatePushSig($post, $hmac)) { - // Per spec we silently drop input with a bad sig, - // while reporting receipt to the server. - return; + try { + if (!$this->validatePushSig($post, $hmac)) { + // Per spec we silently drop input with a bad sig, + // while reporting receipt to the server. + return; + } + } catch (FeedSubBadPushSignatureException $e) { + // We got a signature, so something could be wrong. Let's check to see if + // maybe upstream has switched to another hub. Let's fetch feed and then + // compare rel="hub" with $this->huburi + + $old_huburi = $this->huburi; + $this->ensureHub(); + common_debug(sprintf('Feed uri==%s huburi before=%s after=%s', _ve($this->uri), _ve($old_huburi), _ve($this->huburi))); + + if ($old_huburi !== $this->huburi) { + // let's make sure that this new hub knows that we want to subscribe + $this->renew(); + } } $this->receiveFeed($post); @@ -588,10 +609,12 @@ class FeedSub extends Managed_DataObject } $our_hmac = hash_hmac($hash_algo, $post, $this->secret); - if ($their_hmac === $our_hmac) { - return true; + if ($their_hmac !== $our_hmac) { + common_log(LOG_ERR, sprintf(__METHOD__.': ignoring PuSH with bad HMAC hash: got %s, expected %s for feed %s from hub %s', _ve($their_hmac), _ve($our_hmac), _ve($this->getUri()), _ve($this->huburi))); + throw FeedSubBadPushSignatureException('Incoming PuSH signature did not match expected HMAC hash.'); } - common_log(LOG_ERR, sprintf(__METHOD__.': ignoring PuSH with bad HMAC hash: got %s, expected %s for feed %s from hub %s', _ve($their_hmac), _ve($our_hmac), _ve($this->getUri()), _ve($this->huburi))); + return true; + } else { common_log(LOG_ERR, sprintf(__METHOD__.': ignoring PuSH with bogus HMAC==', _ve($hmac))); } diff --git a/plugins/OStatus/lib/feeddbexception.php b/plugins/OStatus/lib/feeddbexception.php new file mode 100644 index 0000000000..dd0fc97cd6 --- /dev/null +++ b/plugins/OStatus/lib/feeddbexception.php @@ -0,0 +1,12 @@ +obj = $obj; + } +} diff --git a/plugins/OStatus/lib/feedsubbadpushsignatureexception.php b/plugins/OStatus/lib/feedsubbadpushsignatureexception.php new file mode 100644 index 0000000000..450831e1cf --- /dev/null +++ b/plugins/OStatus/lib/feedsubbadpushsignatureexception.php @@ -0,0 +1,5 @@ + Date: Sun, 30 Apr 2017 09:31:16 +0200 Subject: [PATCH 338/415] Make sure we don't receiveFeed() in the case of that exception --- plugins/OStatus/classes/FeedSub.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/plugins/OStatus/classes/FeedSub.php b/plugins/OStatus/classes/FeedSub.php index 184db68c63..40d2ef99a9 100644 --- a/plugins/OStatus/classes/FeedSub.php +++ b/plugins/OStatus/classes/FeedSub.php @@ -522,6 +522,9 @@ class FeedSub extends Managed_DataObject // while reporting receipt to the server. return; } + + $this->receiveFeed($post); + } catch (FeedSubBadPushSignatureException $e) { // We got a signature, so something could be wrong. Let's check to see if // maybe upstream has switched to another hub. Let's fetch feed and then @@ -536,8 +539,6 @@ class FeedSub extends Managed_DataObject $this->renew(); } } - - $this->receiveFeed($post); } /** From e21043e81c7cfeeb1eae98e32da07bf18c66c44a Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 30 Apr 2017 09:33:06 +0200 Subject: [PATCH 339/415] syntax fix (throw _new_ *Exception) --- plugins/OStatus/classes/FeedSub.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/OStatus/classes/FeedSub.php b/plugins/OStatus/classes/FeedSub.php index 40d2ef99a9..dc80105d86 100644 --- a/plugins/OStatus/classes/FeedSub.php +++ b/plugins/OStatus/classes/FeedSub.php @@ -612,7 +612,7 @@ class FeedSub extends Managed_DataObject $our_hmac = hash_hmac($hash_algo, $post, $this->secret); if ($their_hmac !== $our_hmac) { common_log(LOG_ERR, sprintf(__METHOD__.': ignoring PuSH with bad HMAC hash: got %s, expected %s for feed %s from hub %s', _ve($their_hmac), _ve($our_hmac), _ve($this->getUri()), _ve($this->huburi))); - throw FeedSubBadPushSignatureException('Incoming PuSH signature did not match expected HMAC hash.'); + throw new FeedSubBadPushSignatureException('Incoming PuSH signature did not match expected HMAC hash.'); } return true; From b20b9727cff388d1108c53271a6dfab85a3dbc6f Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 30 Apr 2017 09:46:15 +0200 Subject: [PATCH 340/415] More debugging info for FeedSub PuSH self-healing --- plugins/OStatus/classes/FeedSub.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/plugins/OStatus/classes/FeedSub.php b/plugins/OStatus/classes/FeedSub.php index dc80105d86..5c0073443c 100644 --- a/plugins/OStatus/classes/FeedSub.php +++ b/plugins/OStatus/classes/FeedSub.php @@ -208,7 +208,7 @@ class FeedSub extends Managed_DataObject public function ensureHub() { if ($this->sub_state !== 'inactive') { - common_log(LOG_INFO, sprintf('Running hub discovery a possibly active feed in %s state for URI %s', _ve($this->sub_state), _ve($this->uri))); + common_log(LOG_INFO, sprintf(__METHOD__ . ': Running hub discovery a possibly active feed in %s state for URI %s', _ve($this->sub_state), _ve($this->uri))); } $discover = new FeedDiscovery(); @@ -532,8 +532,9 @@ class FeedSub extends Managed_DataObject $old_huburi = $this->huburi; $this->ensureHub(); - common_debug(sprintf('Feed uri==%s huburi before=%s after=%s', _ve($this->uri), _ve($old_huburi), _ve($this->huburi))); + common_debug(sprintf(__METHOD__ . ': Feed uri==%s huburi before=%s after=%s (identical==%s)', _ve($this->uri), _ve($old_huburi), _ve($this->huburi), _ve($old_huburi===$this->huburi))); + // If the huburi is the same as before a renewal will happen some time in the future anyway. if ($old_huburi !== $this->huburi) { // let's make sure that this new hub knows that we want to subscribe $this->renew(); From 16880de8f6e91ba1c4679c7372ce9008d05dd2d8 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 30 Apr 2017 10:29:16 +0200 Subject: [PATCH 341/415] ensureHub on 422 status code (Superfeedr error on non-existing topic) --- plugins/OStatus/classes/FeedSub.php | 43 ++++++++++++---------- plugins/OStatus/lib/pushinqueuehandler.php | 2 +- 2 files changed, 24 insertions(+), 21 deletions(-) diff --git a/plugins/OStatus/classes/FeedSub.php b/plugins/OStatus/classes/FeedSub.php index 5c0073443c..7bbd6b5694 100644 --- a/plugins/OStatus/classes/FeedSub.php +++ b/plugins/OStatus/classes/FeedSub.php @@ -204,8 +204,16 @@ class FeedSub extends Managed_DataObject /** * ensureHub will only do $this->update if !empty($this->id) * because otherwise the object has not been created yet. + * + * @param bool $autorenew Whether to autorenew the feed after ensuring the hub URL + * + * @return null if actively avoiding the database + * int number of rows updated in the database (0 means untouched) + * + * @throws ServerException if something went wrong when updating the database + * FeedSubNoHubException if no hub URL was discovered */ - public function ensureHub() + public function ensureHub($autorenew=false) { if ($this->sub_state !== 'inactive') { common_log(LOG_INFO, sprintf(__METHOD__ . ': Running hub discovery a possibly active feed in %s state for URI %s', _ve($this->sub_state), _ve($this->uri))); @@ -221,26 +229,23 @@ class FeedSub extends Managed_DataObject throw new FeedSubNoHubException(); } + // if we've already got a DB object stored, we want to UPDATE, not INSERT $orig = !empty($this->id) ? clone($this) : null; - if (!empty($this->huburi) && $this->huburi !== $huburi) { - // There was a huburi already and now we're replacing it, - // so we have to set a new secret because otherwise we're - // possibly vulnerable to attack from the previous hub. - - // ...but as I understand it this is done in $this->doSubscribe() - // which is called from $this->subscribe() (which in turn is - // called from $this->renew()) - } + $old_huburi = $this->huburi; // most likely null if we're INSERTing $this->huburi = $huburi; if (!empty($this->id)) { + common_debug(sprintf(__METHOD__ . ': Feed uri==%s huburi before=%s after=%s (identical==%s)', _ve($this->uri), _ve($old_huburi), _ve($this->huburi), _ve($old_huburi===$this->huburi))); $result = $this->update($orig); if ($result === false) { // TODO: Get a DB exception class going... common_debug('Database update failed for FeedSub id=='._ve($this->id).' with new huburi: '._ve($this->huburi)); throw new ServerException('Database update failed for FeedSub.'); } + if ($autorenew) { + $this->renew(); + } return $result; } @@ -430,6 +435,12 @@ class FeedSub extends Managed_DataObject return; } else if ($status >= 200 && $status < 300) { common_log(LOG_ERR, __METHOD__ . ": sub req returned unexpected HTTP $status: " . $response->getBody()); + } else if ($status == 422) { + // Error code regarding something wrong in the data (it seems + // that we're talking to a PuSH hub at least, so let's check + // our own data to be sure we're not mistaken somehow. + + $this->ensureHub(true); } else { common_log(LOG_ERR, __METHOD__ . ": sub req failed with HTTP $status: " . $response->getBody()); } @@ -528,17 +539,9 @@ class FeedSub extends Managed_DataObject } catch (FeedSubBadPushSignatureException $e) { // We got a signature, so something could be wrong. Let's check to see if // maybe upstream has switched to another hub. Let's fetch feed and then - // compare rel="hub" with $this->huburi + // compare rel="hub" with $this->huburi, which is done in $this->ensureHub() - $old_huburi = $this->huburi; - $this->ensureHub(); - common_debug(sprintf(__METHOD__ . ': Feed uri==%s huburi before=%s after=%s (identical==%s)', _ve($this->uri), _ve($old_huburi), _ve($this->huburi), _ve($old_huburi===$this->huburi))); - - // If the huburi is the same as before a renewal will happen some time in the future anyway. - if ($old_huburi !== $this->huburi) { - // let's make sure that this new hub knows that we want to subscribe - $this->renew(); - } + $this->ensureHub(true); } } diff --git a/plugins/OStatus/lib/pushinqueuehandler.php b/plugins/OStatus/lib/pushinqueuehandler.php index 961b848211..f996a7166c 100644 --- a/plugins/OStatus/lib/pushinqueuehandler.php +++ b/plugins/OStatus/lib/pushinqueuehandler.php @@ -45,7 +45,7 @@ class PushInQueueHandler extends QueueHandler } catch(NoResultException $e) { common_log(LOG_INFO, "Discarding POST to unknown feed subscription id {$feedsub_id}"); } catch(Exception $e) { - common_log(LOG_ERR, "Exception during PuSH input processing for {$feedsub->getUri()}: " . $e->getMessage()); + common_log(LOG_ERR, "Exception "._ve(get_class($e))." during PuSH input processing for {$feedsub->getUri()}: " . $e->getMessage()); } return true; } From bb72229d6aad6c3775412684f450b31a666bacba Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 30 Apr 2017 10:37:21 +0200 Subject: [PATCH 342/415] Show what you're replying to in the web interface --- actions/newnotice.php | 27 +++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/actions/newnotice.php b/actions/newnotice.php index 5aa76a94e9..170e5bcdf8 100644 --- a/actions/newnotice.php +++ b/actions/newnotice.php @@ -47,6 +47,8 @@ class NewnoticeAction extends FormAction { protected $form = 'Notice'; + protected $inreplyto = null; + /** * Title of the page * @@ -75,6 +77,11 @@ class NewnoticeAction extends FormAction } } + if ($this->int('inreplyto')) { + // Throws exception if the inreplyto Notice is given but not found. + $this->inreplyto = Notice::getByID($this->int('inreplyto')); + } + // Backwards compatibility for "share this" widget things. // If no 'content', use 'status_textarea' $this->formOpts['content'] = $this->trimmed('content') ?: $this->trimmed('status_textarea'); @@ -132,13 +139,6 @@ class NewnoticeAction extends FormAction return; } - if ($this->int('inreplyto')) { - // Throws exception if the inreplyto Notice is given but not found. - $parent = Notice::getByID($this->int('inreplyto')); - } else { - $parent = null; - } - $act = new Activity(); $act->verb = ActivityVerb::POST; $act->time = time(); @@ -157,9 +157,9 @@ class NewnoticeAction extends FormAction $act->context = new ActivityContext(); - if ($parent instanceof Notice) { - $act->context->replyToID = $parent->getUri(); - $act->context->replyToUrl = $parent->getUrl(true); // maybe we don't have to send true here to force a URL? + if ($this->inreplyto instanceof Notice) { + $act->context->replyToID = $this->inreplyto->getUri(); + $act->context->replyToUrl = $this->inreplyto->getUrl(true); // maybe we don't have to send true here to force a URL? } if ($this->scoped->shareLocation()) { @@ -188,14 +188,14 @@ class NewnoticeAction extends FormAction // FIXME: We should be able to get the attentions from common_render_content! // and maybe even directly save whether they're local or not! - $act->context->attention = common_get_attentions($content, $this->scoped, $parent); + $act->context->attention = common_get_attentions($content, $this->scoped, $this->inreplyto); // $options gets filled with possible scoping settings ToSelector::fillActivity($this, $act, $options); $actobj = new ActivityObject(); $actobj->type = ActivityObject::NOTE; - $actobj->content = common_render_content($content, $this->scoped, $parent); + $actobj->content = common_render_content($content, $this->scoped, $this->inreplyto); // Finally add the activity object to our activity $act->objects[] = $actobj; @@ -224,6 +224,9 @@ class NewnoticeAction extends FormAction if ($this->getInfo() && $this->stored instanceof Notice) { $this->showNotice($this->stored); } elseif (!$this->getError()) { + if (!GNUsocial::isAjax() && $this->inreplyto instanceof Notice) { + $this->showNotice($this->inreplyto); + } parent::showContent(); } } From 45203a499245d1d4d7352c98e3f59b381f1e19d4 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 30 Apr 2017 20:32:10 +0200 Subject: [PATCH 343/415] Makes the attachment button stay within the form area... --- theme/base/css/display.css | 1 + 1 file changed, 1 insertion(+) diff --git a/theme/base/css/display.css b/theme/base/css/display.css index dd007e6972..2e73a6c7f5 100644 --- a/theme/base/css/display.css +++ b/theme/base/css/display.css @@ -304,6 +304,7 @@ address .poweredby { .form_notice { margin-bottom: 10px; + position: relative; } .form_notice fieldset { From 5ac20a4d30d51d42dbe7122c394fc81912c8d3e7 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 1 May 2017 07:39:56 +0200 Subject: [PATCH 344/415] Clearing cache showed my layout fail! --- theme/base/css/display.css | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/theme/base/css/display.css b/theme/base/css/display.css index 2e73a6c7f5..2be393f44b 100644 --- a/theme/base/css/display.css +++ b/theme/base/css/display.css @@ -971,8 +971,8 @@ content: ":"; } .threaded-replies .form_notice label.notice_data-attach { - top: 10px; - right: 10px; + top: 0; + right: 1ex; } .threaded-replies .form_notice .notice_data-geo_wrap label, @@ -982,12 +982,12 @@ content: ":"; } .threaded-replies .form_notice .count { - bottom: 60px; - right: 50px; + bottom: 1ex; + right: 0; } .threaded-replies .form_notice input.submit { - bottom: 1ex; + bottom: -5ex; right: 1ex; } From 37c97ac8fc4e769f711987ed75da39982d27307b Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 1 May 2017 07:40:16 +0200 Subject: [PATCH 345/415] Message to end-user on why FeedSub failed. --- plugins/OStatus/classes/FeedSub.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/plugins/OStatus/classes/FeedSub.php b/plugins/OStatus/classes/FeedSub.php index 7bbd6b5694..3972d74eaa 100644 --- a/plugins/OStatus/classes/FeedSub.php +++ b/plugins/OStatus/classes/FeedSub.php @@ -393,6 +393,8 @@ class FeedSub extends Managed_DataObject */ protected function doSubscribe($mode) { + $msg = null; // carries descriptive error message to enduser (no remote data strings!) + $orig = clone($this); if ($mode == 'subscribe') { $this->secret = common_random_hexstr(32); @@ -435,6 +437,7 @@ class FeedSub extends Managed_DataObject return; } else if ($status >= 200 && $status < 300) { common_log(LOG_ERR, __METHOD__ . ": sub req returned unexpected HTTP $status: " . $response->getBody()); + $msg = sprintf(_m("Unexpected HTTP status: %d"), $status); } else if ($status == 422) { // Error code regarding something wrong in the data (it seems // that we're talking to a PuSH hub at least, so let's check @@ -455,7 +458,7 @@ class FeedSub extends Managed_DataObject // Throw the Exception again. throw $e; } - throw new ServerException("{$mode} request failed."); + throw new ServerException("{$mode} request failed" . (!is_null($msg) ? " ($msg)" : '.')); } /** From f6d4d00e024b9874cc9ceb6b2ef5bc6c2c3a341d Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 1 May 2017 10:27:21 +0200 Subject: [PATCH 346/415] I think this will stop my daemons from endlessly looping I got this which ate all my memory: queuedaemon.php:10733] HTTPClient: HTTP HEAD https://drive.google.com/file/d/*masked*/view?usp=sharing - 200 OK queuedaemon.php:10733] Checking for remote URL metadata for https://drive.google.com/file/d/*masked*/view?usp=sharing queuedaemon.php:10733] HTTPClient: HTTP GET https://drive.google.com/file/d/*masked*/view?usp=sharing - 200 OK queuedaemon.php:10733] Trying to discover an oEmbed endpoint using link headers. queuedaemon.php:10733] Could not find an oEmbed endpoint using link headers, trying OpenGraph from HTML. queuedaemon.php:10733] HTTPClient: HTTP HEAD https://drive.google.com/file/d/*masked*/view?usp=sharing&usp=embed_facebook - 200 OK queuedaemon.php:10733] Checking for remote URL metadata for https://drive.google.com/file/d/*masked*/view?usp=sharing&usp=embed_facebook queuedaemon.php:10733] HTTPClient: HTTP GET https://drive.google.com/file/d/*masked*/view?usp=sharing&usp=embed_facebook - 200 OK queuedaemon.php:10733] Trying to discover an oEmbed endpoint using link headers. queuedaemon.php:10733] Could not find an oEmbed endpoint using link headers, trying OpenGraph from HTML. queuedaemon.php:10733] HTTPClient: HTTP HEAD https://drive.google.com/file/d/*masked*/view?usp=sharing&usp=embed_facebook&usp=embed_facebook - 200 OK queuedaemon.php:10733] Checking for remote URL metadata for https://drive.google.com/file/d/*masked*/view?usp=sharing&usp=embed_facebook&usp=embed_facebook queuedaemon.php:10733] HTTPClient: HTTP GET https://drive.google.com/file/d/*masked*/view?usp=sharing&usp=embed_facebook&usp=embed_facebook - 200 OK queuedaemon.php:10733] Trying to discover an oEmbed endpoint using link headers. queuedaemon.php:10733] Could not find an oEmbed endpoint using link headers, trying OpenGraph from HTML. ...ad nauseam. --- plugins/Oembed/classes/File_oembed.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/plugins/Oembed/classes/File_oembed.php b/plugins/Oembed/classes/File_oembed.php index 95aa91ff4c..38a1754ae2 100644 --- a/plugins/Oembed/classes/File_oembed.php +++ b/plugins/Oembed/classes/File_oembed.php @@ -124,7 +124,8 @@ class File_oembed extends Managed_DataObject $file = File::getByUrl($given_url); $file_oembed->mimetype = $file->mimetype; } catch (NoResultException $e) { - $redir = File_redirection::where($given_url); + // File_redirection::where argument 'discover' is false to avoid loops + $redir = File_redirection::where($given_url, false); if (empty($redir->file_id)) { $f = $redir->getFile(); $file_oembed->mimetype = $f->mimetype; From b3da5bdaa35dee68225a316878647cc4530a748c Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 1 May 2017 10:34:51 +0200 Subject: [PATCH 347/415] Debugging log fix. --- plugins/OStatus/OStatusPlugin.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index 1f76b56a20..3fdfdaab9e 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -271,8 +271,8 @@ class OStatusPlugin extends Plugin PREG_OFFSET_CAPTURE); if ($result === false) { common_log(LOG_ERR, __METHOD__ . ': Error parsing webfinger IDs from text (preg_last_error=='.preg_last_error().').'); - } else { - common_debug(sprintf('Found %i matches for WebFinger IDs: %s', count($wmatches), _ve($wmatches))); + } elseif (count($wmatches)) { + common_debug(sprintf('Found %d matches for WebFinger IDs: %s', count($wmatches), _ve($wmatches))); } return $wmatches[1]; } @@ -293,8 +293,8 @@ class OStatusPlugin extends Plugin PREG_OFFSET_CAPTURE); if ($result === false) { common_log(LOG_ERR, __METHOD__ . ': Error parsing profile URL mentions from text (preg_last_error=='.preg_last_error().').'); - } else { - common_debug(sprintf('Found %i matches for profile URL mentions: %s', count($wmatches), _ve($wmatches))); + } elseif (count($wmatches)) { + common_debug(sprintf('Found %d matches for profile URL mentions: %s', count($wmatches), _ve($wmatches))); } return $wmatches[1]; } From f4d6710a0f21612dc6a054c65154a82287330949 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 1 May 2017 11:04:27 +0200 Subject: [PATCH 348/415] Change mentions of PuSH to WebSub WebSub is probably finalised before we make a release anyway. Here is the official spec: https://www.w3.org/TR/websub/ Mostly just comments that have been changed. Some references to PuSH <0.4 are left because they actually refer to PuSH 0.3 and that's not WebSub... The only actual code change that might affect anything is FeedSub->isPuSH() but the only official plugin using that call was FeedPoller anyway... --- lib/activityhandlerplugin.php | 6 +- plugins/FeedPoller/FeedPollerPlugin.php | 6 +- plugins/FeedPoller/README | 2 +- .../FeedPoller/lib/feedpollqueuehandler.php | 2 +- plugins/FeedPoller/scripts/pollfeed.php | 2 +- plugins/OStatus/OStatusPlugin.php | 28 ++++----- plugins/OStatus/README | 11 ++-- plugins/OStatus/actions/pushcallback.php | 2 +- plugins/OStatus/actions/pushhub.php | 20 +++---- plugins/OStatus/classes/FeedSub.php | 59 ++++++++++--------- plugins/OStatus/classes/HubSub.php | 18 +++--- plugins/OStatus/classes/Ostatus_profile.php | 12 ++-- plugins/OStatus/lib/feeddiscovery.php | 2 +- plugins/OStatus/lib/hubconfqueuehandler.php | 4 +- plugins/OStatus/lib/huboutqueuehandler.php | 6 +- plugins/OStatus/lib/hubprepqueuehandler.php | 6 +- plugins/OStatus/lib/ostatusqueuehandler.php | 22 +++---- plugins/OStatus/lib/pushinqueuehandler.php | 4 +- plugins/OStatus/lib/pushrenewqueuehandler.php | 2 +- plugins/OStatus/scripts/resub-feed.php | 2 +- plugins/OStatus/scripts/testfeed.php | 2 +- plugins/OStatus/scripts/update-profile.php | 2 +- plugins/OStatus/tests/remote-tests.php | 2 +- plugins/SubMirror/README | 2 +- 24 files changed, 113 insertions(+), 111 deletions(-) diff --git a/lib/activityhandlerplugin.php b/lib/activityhandlerplugin.php index e1779bbe6a..afeebb53aa 100644 --- a/lib/activityhandlerplugin.php +++ b/lib/activityhandlerplugin.php @@ -147,7 +147,7 @@ abstract class ActivityHandlerPlugin extends Plugin * * This will handle just about all events where an activity * object gets saved, whether it is via AtomPub, OStatus - * (PuSH and Salmon transports), or ActivityStreams-based + * (WebSub and Salmon transports), or ActivityStreams-based * backup/restore of account data. * * You should be able to accept as input the output from an @@ -193,7 +193,7 @@ abstract class ActivityHandlerPlugin extends Plugin * * This will be how your specialized notice gets output in * Atom feeds and JSON-based ActivityStreams output, including - * account backup/restore and OStatus (PuSH and Salmon transports). + * account backup/restore and OStatus (WebSub and Salmon transports). * * You should be able to round-trip data from this format back * through $this->saveNoticeFromActivity(). Where applicable, try @@ -324,7 +324,7 @@ abstract class ActivityHandlerPlugin extends Plugin } /** - * Handle a posted object from PuSH + * Handle a posted object from WebSub * * @param Activity $activity activity to handle * @param Profile $actor Profile for the feed diff --git a/plugins/FeedPoller/FeedPollerPlugin.php b/plugins/FeedPoller/FeedPollerPlugin.php index e272c0b705..2326cd2f1b 100644 --- a/plugins/FeedPoller/FeedPollerPlugin.php +++ b/plugins/FeedPoller/FeedPollerPlugin.php @@ -1,6 +1,6 @@ isPuSH()) { + if (!$feedsub->isWebSub()) { FeedPoll::setupFeedSub($feedsub, $this->interval*60); return false; // We're polling this feed, so stop processing FeedSubscribe } @@ -39,7 +39,7 @@ class FeedPollerPlugin extends Plugin { public function onFeedUnsubscribe(FeedSub $feedsub) { - if (!$feedsub->isPuSH()) { + if (!$feedsub->isWebSub()) { // removes sub_state setting and such $feedsub->confirmUnsubscribe(); return false; diff --git a/plugins/FeedPoller/README b/plugins/FeedPoller/README index 11f28f2ba4..8fd9d55dc7 100644 --- a/plugins/FeedPoller/README +++ b/plugins/FeedPoller/README @@ -1,4 +1,4 @@ -The FeedPoller plugin allows users to subscribe to non-PuSH-enabled feeds +The FeedPoller plugin allows users to subscribe to non-WebSub-enabled feeds by regularly polling the source for new content. Installation diff --git a/plugins/FeedPoller/lib/feedpollqueuehandler.php b/plugins/FeedPoller/lib/feedpollqueuehandler.php index c0d9e48207..f0441a5700 100644 --- a/plugins/FeedPoller/lib/feedpollqueuehandler.php +++ b/plugins/FeedPoller/lib/feedpollqueuehandler.php @@ -22,7 +22,7 @@ class FeedPollQueueHandler extends QueueHandler return true; } if (!$feedsub->sub_state == 'nohub') { - // We're not supposed to poll this (either it's PuSH or it's unsubscribed) + // We're not supposed to poll this (either it's WebSub or it's unsubscribed) return true; } diff --git a/plugins/FeedPoller/scripts/pollfeed.php b/plugins/FeedPoller/scripts/pollfeed.php index 3aa8296416..58918495bf 100755 --- a/plugins/FeedPoller/scripts/pollfeed.php +++ b/plugins/FeedPoller/scripts/pollfeed.php @@ -47,7 +47,7 @@ if (!$feedsub instanceof FeedSub) { } if ($feedsub->sub_state != 'nohub') { - echo "Feed is a PuSH feed, so we will not poll it.\n"; + echo "Feed is a WebSub feed, so we will not poll it.\n"; exit(1); } diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index 3fdfdaab9e..cea405fa9a 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -61,7 +61,7 @@ class OStatusPlugin extends Plugin $m->connect('main/ostatuspeopletag', array('action' => 'ostatuspeopletag')); - // PuSH actions + // WebSub actions $m->connect('main/push/hub', array('action' => 'pushhub')); $m->connect('main/push/callback/:feed', @@ -91,7 +91,7 @@ class OStatusPlugin extends Plugin // Prepare outgoing distributions after notice save. $qm->connect('ostatus', 'OStatusQueueHandler'); - // Outgoing from our internal PuSH hub + // Outgoing from our internal WebSub hub $qm->connect('hubconf', 'HubConfQueueHandler'); $qm->connect('hubprep', 'HubPrepQueueHandler'); @@ -100,7 +100,7 @@ class OStatusPlugin extends Plugin // Outgoing Salmon replies (when we don't need a return value) $qm->connect('salmon', 'SalmonQueueHandler'); - // Incoming from a foreign PuSH hub + // Incoming from a foreign WebSub hub $qm->connect('pushin', 'PushInQueueHandler'); // Re-subscribe feeds that need renewal @@ -126,7 +126,7 @@ class OStatusPlugin extends Plugin } /** - * Set up a PuSH hub link to our internal link for canonical timeline + * Set up a WebSub hub link to our internal link for canonical timeline * Atom feeds for users and groups. */ function onStartApiAtom($feed) @@ -153,7 +153,7 @@ class OStatusPlugin extends Plugin if (!empty($id)) { $hub = common_config('ostatus', 'hub'); if (empty($hub)) { - // Updates will be handled through our internal PuSH hub. + // Updates will be handled through our internal WebSub hub. $hub = common_local_url('pushhub'); } $feed->addLink($hub, array('rel' => 'hub')); @@ -547,7 +547,7 @@ class OStatusPlugin extends Plugin } /** - * Send incoming PuSH feeds for OStatus endpoints in for processing. + * Send incoming WebSub feeds for OStatus endpoints in for processing. * * @param FeedSub $feedsub * @param DOMDocument $feed @@ -583,10 +583,10 @@ class OStatusPlugin extends Plugin /** * When about to subscribe to a remote user, start a server-to-server - * PuSH subscription if needed. If we can't establish that, abort. + * WebSub subscription if needed. If we can't establish that, abort. * * @fixme If something else aborts later, we could end up with a stray - * PuSH subscription. This is relatively harmless, though. + * WebSub subscription. This is relatively harmless, though. * * @param Profile $profile subscriber * @param Profile $other subscribee @@ -660,7 +660,7 @@ class OStatusPlugin extends Plugin return true; } - // Drop the PuSH subscription if there are no other subscribers. + // Drop the WebSub subscription if there are no other subscribers. $oprofile->garbageCollect(); $act = new Activity(); @@ -761,7 +761,7 @@ class OStatusPlugin extends Plugin return true; } - // Drop the PuSH subscription if there are no other subscribers. + // Drop the WebSub subscription if there are no other subscribers. $oprofile->garbageCollect(); $member = $profile; @@ -858,7 +858,7 @@ class OStatusPlugin extends Plugin return true; } - // Drop the PuSH subscription if there are no other subscribers. + // Drop the WebSub subscription if there are no other subscribers. $oprofile->garbageCollect(); $sub = Profile::getKV($user->id); @@ -969,7 +969,7 @@ class OStatusPlugin extends Plugin $oprofile->notifyDeferred($act, $tagger); - // initiate a PuSH subscription for the person being tagged + // initiate a WebSub subscription for the person being tagged $oprofile->subscribe(); return true; } @@ -1020,7 +1020,7 @@ class OStatusPlugin extends Plugin $oprofile->notifyDeferred($act, $tagger); - // unsubscribe to PuSH feed if no more required + // unsubscribe to WebSub feed if no more required $oprofile->garbageCollect(); return true; @@ -1155,7 +1155,7 @@ class OStatusPlugin extends Plugin // Find foreign accounts I'm subscribed to that support Salmon pings. // - // @fixme we could run updates through the PuSH feed too, + // @fixme we could run updates through the WebSub feed too, // in which case we can skip Salmon pings to folks who // are also subscribed to me. $sql = "SELECT * FROM ostatus_profile " . diff --git a/plugins/OStatus/README b/plugins/OStatus/README index 4f839c863a..3b2fc7fd0d 100644 --- a/plugins/OStatus/README +++ b/plugins/OStatus/README @@ -3,26 +3,27 @@ The OStatus plugin concentrates on user-to-user cases for federating StatusNet and similar social networking / microblogging / blogging sites, but includes low-level feed subscription systems which are used by some other plugins. -Uses PubSubHubbub for push feed updates; currently non-PuSH feeds cannot be -subscribed unless an external PuSH hub proxy is used. +Uses WebSub (previously named PubSubHubbub or PuSH) for push feed updates; +currently non-WebSub feeds cannot be subscribed unless an external +WebSub hub proxy is used. Configuration options available: $config['ostatus']['hub'] (default internal hub) - Set to URL of an external PuSH hub to use it instead of our internal hub + Set to URL of an external WebSub hub to use it instead of our internal hub for sending outgoing updates in user and group feeds. $config['ostatus']['hub_retries'] (default 0) - Number of times to retry a PuSH send to consumers if using internal hub + Number of times to retry a WebSub send to consumers if using internal hub Settings controlling incoming feed subscription: $config['feedsub']['fallback_hub'] - To subscribe to feeds that don't have a hub, an external PuSH proxy hub + To subscribe to feeds that don't have a hub, an external WebSub proxy hub such as Superfeedr may be used. Any feed without a hub of its own will be subscribed through the specified hub URL instead. If the external hub has usage charges, be aware that there is no restriction placed to how diff --git a/plugins/OStatus/actions/pushcallback.php b/plugins/OStatus/actions/pushcallback.php index f5bb880df9..f2ce25118f 100644 --- a/plugins/OStatus/actions/pushcallback.php +++ b/plugins/OStatus/actions/pushcallback.php @@ -54,7 +54,7 @@ class PushCallbackAction extends Action $feedsub = FeedSub::getKV('id', $feedid); if (!$feedsub instanceof FeedSub) { // TRANS: Server exception. %s is a feed ID. - throw new ServerException(sprintf(_m('Unknown PuSH feed id %s'),$feedid), 400); + throw new ServerException(sprintf(_m('Unknown WebSub subscription feed id %s'),$feedid), 400); } $hmac = ''; diff --git a/plugins/OStatus/actions/pushhub.php b/plugins/OStatus/actions/pushhub.php index 6dc22706c3..2b06e920a4 100644 --- a/plugins/OStatus/actions/pushhub.php +++ b/plugins/OStatus/actions/pushhub.php @@ -18,7 +18,7 @@ */ /** - * Integrated PuSH hub; lets us only ping them what need it. + * Integrated WebSub hub; lets us only ping them what need it. * @package Hub * @maintainer Brion Vibber */ @@ -71,7 +71,7 @@ class PushHubAction extends Action } /** - * Process a request for a new or modified PuSH feed subscription. + * Process a request for a new or modified WebSub feed subscription. * If asynchronous verification is requested, updates won't be saved immediately. * * HTTP return codes: @@ -83,24 +83,24 @@ class PushHubAction extends Action { $callback = $this->argUrl('hub.callback'); - common_debug('New PuSH hub request ('._ve($mode).') for callback '._ve($callback)); + common_debug('New WebSub hub request ('._ve($mode).') for callback '._ve($callback)); $topic = $this->argUrl('hub.topic'); if (!$this->recognizedFeed($topic)) { - common_debug('PuSH hub request had unrecognized feed topic=='._ve($topic)); + common_debug('WebSub hub request had unrecognized feed topic=='._ve($topic)); // TRANS: Client exception. %s is a topic. throw new ClientException(sprintf(_m('Unsupported hub.topic %s this hub only serves local user and group Atom feeds.'),$topic)); } $lease = $this->arg('hub.lease_seconds', null); if ($mode == 'subscribe' && $lease != '' && !preg_match('/^\d+$/', $lease)) { - common_debug('PuSH hub request had invalid lease_seconds=='._ve($lease)); + common_debug('WebSub hub request had invalid lease_seconds=='._ve($lease)); // TRANS: Client exception. %s is the invalid lease value. throw new ClientException(sprintf(_m('Invalid hub.lease "%s". It must be empty or positive integer.'),$lease)); } $secret = $this->arg('hub.secret', null); if ($secret != '' && strlen($secret) >= 200) { - common_debug('PuSH hub request had invalid secret=='._ve($secret)); + common_debug('WebSub hub request had invalid secret=='._ve($secret)); // TRANS: Client exception. %s is the invalid hub secret. throw new ClientException(sprintf(_m('Invalid hub.secret "%s". It must be under 200 bytes.'),$secret)); } @@ -108,7 +108,7 @@ class PushHubAction extends Action $sub = HubSub::getByHashkey($topic, $callback); if (!$sub instanceof HubSub) { // Creating a new one! - common_debug('PuSH creating new HubSub entry for topic=='._ve($topic).' to remote callback '._ve($callback)); + common_debug('WebSub creating new HubSub entry for topic=='._ve($topic).' to remote callback '._ve($callback)); $sub = new HubSub(); $sub->topic = $topic; $sub->callback = $callback; @@ -121,15 +121,15 @@ class PushHubAction extends Action $sub->setLease(intval($lease)); } } - common_debug('PuSH hub request is now:'._ve($sub)); + common_debug('WebSub hub request is now:'._ve($sub)); $verify = $this->arg('hub.verify'); // TODO: deprecated $token = $this->arg('hub.verify_token', null); // TODO: deprecated if ($verify == 'sync') { // pre-0.4 PuSH $sub->verify($mode, $token); header('HTTP/1.1 204 No Content'); - } else { // If $verify is not "sync", we might be using PuSH 0.4 - $sub->scheduleVerify($mode, $token); // If we were certain it's PuSH 0.4, token could be removed + } else { // If $verify is not "sync", we might be using WebSub or PuSH 0.4 + $sub->scheduleVerify($mode, $token); // If we were certain it's WebSub or PuSH 0.4, token could be removed header('HTTP/1.1 202 Accepted'); } } diff --git a/plugins/OStatus/classes/FeedSub.php b/plugins/OStatus/classes/FeedSub.php index 3972d74eaa..da86300975 100644 --- a/plugins/OStatus/classes/FeedSub.php +++ b/plugins/OStatus/classes/FeedSub.php @@ -25,7 +25,7 @@ if (!defined('GNUSOCIAL')) { exit(1); } */ /* -PuSH subscription flow: +WebSub (previously PubSubHubbub/PuSH) subscription flow: $profile->subscribe() sends a sub request to the hub... @@ -41,7 +41,7 @@ PuSH subscription flow: */ /** - * FeedSub handles low-level PubHubSubbub (PuSH) subscriptions. + * FeedSub handles low-level WebSub (PubSubHubbub/PuSH) subscriptions. * Higher-level behavior building OStatus stuff on top is handled * under Ostatus_profile. */ @@ -52,7 +52,7 @@ class FeedSub extends Managed_DataObject public $id; public $uri; // varchar(191) not 255 because utf8mb4 takes more space - // PuSH subscription data + // WebSub subscription data public $huburi; public $secret; public $sub_state; // subscribe, active, unsubscribe, inactive, nohub @@ -105,14 +105,15 @@ class FeedSub extends Managed_DataObject } /** - * Do we have a hub? Then we are a PuSH feed. - * https://en.wikipedia.org/wiki/PubSubHubbub + * Do we have a hub? Then we are a WebSub feed. + * WebSub standard: https://www.w3.org/TR/websub/ + * old: https://en.wikipedia.org/wiki/PubSubHubbub * * If huburi is empty, then doublecheck that we are not using * a fallback hub. If there is a fallback hub, it is only if the - * sub_state is "nohub" that we assume it's not a PuSH feed. + * sub_state is "nohub" that we assume it's not a WebSub feed. */ - public function isPuSH() + public function isWebSub() { if (empty($this->huburi) && (!common_config('feedsub', 'fallback_hub') @@ -151,7 +152,7 @@ class FeedSub extends Managed_DataObject /** * @param string $feeduri * @return FeedSub - * @throws FeedSubException if feed is invalid or lacks PuSH setup + * @throws FeedSubException if feed is invalid or lacks WebSub setup */ public static function ensureFeed($feeduri) { @@ -262,7 +263,7 @@ class FeedSub extends Managed_DataObject public function subscribe() { if ($this->sub_state && $this->sub_state != 'inactive') { - common_log(LOG_WARNING, sprintf('Attempting to (re)start PuSH subscription to %s in unexpected state %s', $this->getUri(), $this->sub_state)); + common_log(LOG_WARNING, sprintf('Attempting to (re)start WebSub subscription to %s in unexpected state %s', $this->getUri(), $this->sub_state)); } if (!Event::handle('FeedSubscribe', array($this))) { @@ -280,7 +281,7 @@ class FeedSub extends Managed_DataObject return; } else { // TRANS: Server exception. - throw new ServerException(_m('Attempting to start PuSH subscription for feed with no hub.')); + throw new ServerException(_m('Attempting to start WebSub subscription for feed with no hub.')); } } @@ -288,7 +289,7 @@ class FeedSub extends Managed_DataObject } /** - * Send a PuSH unsubscription request to the hub for this feed. + * Send a WebSub unsubscription request to the hub for this feed. * The hub will later send us a confirmation POST to /main/push/callback. * Warning: this will cancel the subscription even if someone else in * the system is using it. Most callers will want garbageCollect() instead, @@ -298,7 +299,7 @@ class FeedSub extends Managed_DataObject */ public function unsubscribe() { if ($this->sub_state != 'active') { - common_log(LOG_WARNING, sprintf('Attempting to (re)end PuSH subscription to %s in unexpected state %s', $this->getUri(), $this->sub_state)); + common_log(LOG_WARNING, sprintf('Attempting to (re)end WebSub subscription to %s in unexpected state %s', $this->getUri(), $this->sub_state)); } if (!Event::handle('FeedUnsubscribe', array($this))) { @@ -314,7 +315,7 @@ class FeedSub extends Managed_DataObject * A plugin should handle the FeedSub above and set the proper state * if there is no hub. (instead of 'nohub' it should be 'inactive' if * the instance has enabled feed polling for feeds that don't publish - * PuSH/WebSub hubs. FeedPoller is a plugin which enables polling. + * WebSub/PuSH hubs. FeedPoller is a plugin which enables polling. * * Secondly, if we don't have the setting "nohub" enabled (i.e.) * we're ready to poll ourselves, there is something odd with the @@ -323,7 +324,7 @@ class FeedSub extends Managed_DataObject if (!common_config('feedsub', 'nohub')) { // TRANS: Server exception. - throw new ServerException(_m('Attempting to end PuSH subscription for feed with no hub.')); + throw new ServerException(_m('Attempting to end WebSub subscription for feed with no hub.')); } return; @@ -343,11 +344,11 @@ class FeedSub extends Managed_DataObject public function garbageCollect() { if ($this->sub_state == '' || $this->sub_state == 'inactive') { - // No active PuSH subscription, we can just leave it be. + // No active WebSub subscription, we can just leave it be. return true; } - // PuSH subscription is either active or in an indeterminate state. + // WebSub subscription is either active or in an indeterminate state. // Check if we're out of subscribers, and if so send an unsubscribe. $count = 0; Event::handle('FeedSubSubscriberCount', array($this, &$count)); @@ -426,12 +427,12 @@ class FeedSub extends Managed_DataObject $client->setAuth($u, $p); } } else { - throw new FeedSubException('Server could not find a usable PuSH hub.'); + throw new FeedSubException('Server could not find a usable WebSub hub.'); } } $response = $client->post($hub, $headers, $post); $status = $response->getStatus(); - // PuSH specificed response status code + // WebSub specificed response status code if ($status == 202 || $status == 204) { common_log(LOG_INFO, __METHOD__ . ': sub req ok, awaiting verification callback'); return; @@ -440,7 +441,7 @@ class FeedSub extends Managed_DataObject $msg = sprintf(_m("Unexpected HTTP status: %d"), $status); } else if ($status == 422) { // Error code regarding something wrong in the data (it seems - // that we're talking to a PuSH hub at least, so let's check + // that we're talking to a WebSub hub at least, so let's check // our own data to be sure we're not mistaken somehow. $this->ensureHub(true); @@ -462,7 +463,7 @@ class FeedSub extends Managed_DataObject } /** - * Save PuSH subscription confirmation. + * Save WebSub subscription confirmation. * Sets approximate lease start and end times and finalizes state. * * @param int $lease_seconds provided hub.lease_seconds parameter, if given @@ -485,8 +486,8 @@ class FeedSub extends Managed_DataObject } /** - * Save PuSH unsubscription confirmation. - * Wipes active PuSH sub info and resets state. + * Save WebSub unsubscription confirmation. + * Wipes active WebSub sub info and resets state. */ public function confirmUnsubscribe() { @@ -503,7 +504,7 @@ class FeedSub extends Managed_DataObject } /** - * Accept updates from a PuSH feed. If validated, this object and the + * Accept updates from a WebSub feed. If validated, this object and the * feed (as a DOMDocument) will be passed to the StartFeedSubHandleFeed * and EndFeedSubHandleFeed events for processing. * @@ -521,7 +522,7 @@ class FeedSub extends Managed_DataObject common_log(LOG_INFO, sprintf(__METHOD__.': packet for %s with HMAC %s', _ve($this->getUri()), _ve($hmac))); if (!in_array($this->sub_state, array('active', 'nohub'))) { - common_log(LOG_ERR, sprintf(__METHOD__.': ignoring PuSH for inactive feed %s (in state %s)', _ve($this->getUri()), _ve($this->sub_state))); + common_log(LOG_ERR, sprintf(__METHOD__.': ignoring WebSub for inactive feed %s (in state %s)', _ve($this->getUri()), _ve($this->sub_state))); return; } @@ -604,7 +605,7 @@ class FeedSub extends Managed_DataObject if (preg_match('/^([0-9a-zA-Z\-\,]{3,16})=([0-9a-fA-F]+)$/', $hmac, $matches)) { $hash_algo = strtolower($matches[1]); $their_hmac = strtolower($matches[2]); - common_debug(sprintf(__METHOD__ . ': PuSH from feed %s uses HMAC algorithm %s with value: %s', _ve($this->getUri()), _ve($hash_algo), _ve($their_hmac))); + common_debug(sprintf(__METHOD__ . ': WebSub push from feed %s uses HMAC algorithm %s with value: %s', _ve($this->getUri()), _ve($hash_algo), _ve($their_hmac))); if (!in_array($hash_algo, hash_algos())) { // We can't handle this at all, PHP doesn't recognize the algorithm name ('md5', 'sha1', 'sha256' etc: https://secure.php.net/manual/en/function.hash-algos.php) @@ -618,19 +619,19 @@ class FeedSub extends Managed_DataObject $our_hmac = hash_hmac($hash_algo, $post, $this->secret); if ($their_hmac !== $our_hmac) { - common_log(LOG_ERR, sprintf(__METHOD__.': ignoring PuSH with bad HMAC hash: got %s, expected %s for feed %s from hub %s', _ve($their_hmac), _ve($our_hmac), _ve($this->getUri()), _ve($this->huburi))); - throw new FeedSubBadPushSignatureException('Incoming PuSH signature did not match expected HMAC hash.'); + common_log(LOG_ERR, sprintf(__METHOD__.': ignoring WebSub push with bad HMAC hash: got %s, expected %s for feed %s from hub %s', _ve($their_hmac), _ve($our_hmac), _ve($this->getUri()), _ve($this->huburi))); + throw new FeedSubBadPushSignatureException('Incoming WebSub push signature did not match expected HMAC hash.'); } return true; } else { - common_log(LOG_ERR, sprintf(__METHOD__.': ignoring PuSH with bogus HMAC==', _ve($hmac))); + common_log(LOG_ERR, sprintf(__METHOD__.': ignoring WebSub push with bogus HMAC==', _ve($hmac))); } } else { if (empty($hmac)) { return true; } else { - common_log(LOG_ERR, sprintf(__METHOD__.': ignoring PuSH with unexpected HMAC==%s', _ve($hmac))); + common_log(LOG_ERR, sprintf(__METHOD__.': ignoring WebSub push with unexpected HMAC==%s', _ve($hmac))); } } return false; diff --git a/plugins/OStatus/classes/HubSub.php b/plugins/OStatus/classes/HubSub.php index 7b911d1d66..d4c29c3ce1 100644 --- a/plugins/OStatus/classes/HubSub.php +++ b/plugins/OStatus/classes/HubSub.php @@ -20,7 +20,7 @@ if (!defined('GNUSOCIAL')) { exit(1); } /** - * PuSH feed subscription record + * WebSub (previously PuSH) feed subscription record * @package Hub * @author Brion Vibber */ @@ -78,7 +78,7 @@ class HubSub extends Managed_DataObject */ function setLease($length) { - common_debug('PuSH hub got requested lease_seconds=='._ve($length)); + common_debug('WebSub hub got requested lease_seconds=='._ve($length)); assert(is_int($length)); $min = 86400; // 3600*24 (one day) @@ -93,7 +93,7 @@ class HubSub extends Managed_DataObject $length = $max; } - common_debug('PuSH hub after sanitation: lease_seconds=='._ve($length)); + common_debug('WebSub hub after sanitation: lease_seconds=='._ve($length)); $this->sub_start = common_sql_now(); $this->sub_end = common_sql_date(time() + $length); } @@ -242,7 +242,7 @@ class HubSub extends Managed_DataObject $data = array('sub' => $sub, 'atom' => $atom, 'retries' => $retries); - common_log(LOG_INFO, "Queuing PuSH: {$this->getTopic()} to {$this->callback}"); + common_log(LOG_INFO, "Queuing WebSub: {$this->getTopic()} to {$this->callback}"); $qm = QueueManager::get(); $qm->enqueue($data, 'hubout'); } @@ -265,7 +265,7 @@ class HubSub extends Managed_DataObject $data = array('atom' => $atom, 'topic' => $this->getTopic(), 'pushCallbacks' => $pushCallbacks); - common_log(LOG_INFO, "Queuing PuSH batch: {$this->getTopic()} to ".count($pushCallbacks)." sites"); + common_log(LOG_INFO, "Queuing WebSub batch: {$this->getTopic()} to ".count($pushCallbacks)." sites"); $qm = QueueManager::get(); $qm->enqueue($data, 'hubprep'); return true; @@ -304,7 +304,7 @@ class HubSub extends Managed_DataObject } catch (Exception $e) { $response = null; - common_debug('PuSH callback to '._ve($this->callback).' for '._ve($this->getTopic()).' failed with exception: '._ve($e->getMessage())); + common_debug('WebSub callback to '._ve($this->callback).' for '._ve($this->getTopic()).' failed with exception: '._ve($e->getMessage())); } // XXX: DO NOT trust a Location header here, _especially_ from 'http' protocols, @@ -312,9 +312,9 @@ class HubSub extends Managed_DataObject // the most common change here is simply switching 'http' to 'https' and we will // solve 99% of all of these issues for now. There should be a proper mechanism // if we want to change the callback URLs, preferrably just manual resubscriptions - // from the remote side, combined with implemented PuSH subscription timeouts. + // from the remote side, combined with implemented WebSub subscription timeouts. - // We failed the PuSH, but it might be that the remote site has changed their configuration to HTTPS + // We failed the WebSub, but it might be that the remote site has changed their configuration to HTTPS if ('http' === parse_url($this->callback, PHP_URL_SCHEME)) { // Test if the feed callback for this node has migrated to HTTPS $httpscallback = preg_replace('/^http/', 'https', $this->callback, 1); @@ -324,7 +324,7 @@ class HubSub extends Managed_DataObject throw new AlreadyFulfilledException('The remote side has already established an HTTPS callback, deleting the legacy HTTP entry.'); } - common_debug('PuSH callback to '._ve($this->callback).' for '._ve($this->getTopic()).' trying HTTPS callback: '._ve($httpscallback)); + common_debug('WebSub callback to '._ve($this->callback).' for '._ve($this->getTopic()).' trying HTTPS callback: '._ve($httpscallback)); $response = $request->post($httpscallback, $headers); if ($response->isOk()) { $orig = clone($this); diff --git a/plugins/OStatus/classes/Ostatus_profile.php b/plugins/OStatus/classes/Ostatus_profile.php index b6df8d50a2..80e5974e21 100644 --- a/plugins/OStatus/classes/Ostatus_profile.php +++ b/plugins/OStatus/classes/Ostatus_profile.php @@ -239,7 +239,7 @@ class Ostatus_profile extends Managed_DataObject /** * Check if this remote profile has any active local subscriptions, and - * if not drop the PuSH subscription feed. + * if not drop the WebSub subscription feed. * * @return boolean true if subscription is removed, false if there are still subscribers to the feed * @throws Exception of various kinds on failure. @@ -250,7 +250,7 @@ class Ostatus_profile extends Managed_DataObject /** * Check if this remote profile has any active local subscriptions, and - * if not drop the PuSH subscription feed. + * if not drop the WebSub subscription feed. * * @return boolean true if subscription is removed, false if there are still subscribers to the feed * @throws Exception of various kinds on failure. @@ -267,7 +267,7 @@ class Ostatus_profile extends Managed_DataObject /** * Check if this remote profile has any active local subscriptions, so the - * PuSH subscription layer can decide if it can drop the feed. + * WebSub subscription layer can decide if it can drop the feed. * * This gets called via the FeedSubSubscriberCount event when running * FeedSub::garbageCollect(). @@ -429,7 +429,7 @@ class Ostatus_profile extends Managed_DataObject /** * Read and post notices for updates from the feed. * Currently assumes that all items in the feed are new, - * coming from a PuSH hub. + * coming from a WebSub hub. * * @param DOMDocument $doc * @param string $source identifier ("push") @@ -779,7 +779,7 @@ class Ostatus_profile extends Managed_DataObject $hints['salmon'] = $salmonuri; if (!$huburi && !common_config('feedsub', 'fallback_hub') && !common_config('feedsub', 'nohub')) { - // We can only deal with folks with a PuSH hub + // We can only deal with folks with a WebSub hub // unless we have something similar available locally. throw new FeedSubNoHubException(); } @@ -1177,7 +1177,7 @@ class Ostatus_profile extends Managed_DataObject } if (!$huburi && !common_config('feedsub', 'fallback_hub') && !common_config('feedsub', 'nohub')) { - // We can only deal with folks with a PuSH hub + // We can only deal with folks with a WebSub hub throw new FeedSubNoHubException(); } diff --git a/plugins/OStatus/lib/feeddiscovery.php b/plugins/OStatus/lib/feeddiscovery.php index 02c3ce0212..6baa07c0ea 100644 --- a/plugins/OStatus/lib/feeddiscovery.php +++ b/plugins/OStatus/lib/feeddiscovery.php @@ -94,7 +94,7 @@ class FeedDiscovery } /** - * Get the referenced PuSH hub link from an Atom feed. + * Get the referenced WebSub hub link from an Atom feed. * * @return mixed string or false */ diff --git a/plugins/OStatus/lib/hubconfqueuehandler.php b/plugins/OStatus/lib/hubconfqueuehandler.php index d26c45be04..6c06e677fe 100644 --- a/plugins/OStatus/lib/hubconfqueuehandler.php +++ b/plugins/OStatus/lib/hubconfqueuehandler.php @@ -22,7 +22,7 @@ if (!defined('STATUSNET')) { } /** - * Send a PuSH subscription verification from our internal hub. + * Send a WebSub subscription verification from our internal hub. * @package Hub * @author Brion Vibber */ @@ -46,7 +46,7 @@ class HubConfQueueHandler extends QueueHandler try { $sub->verify($mode, $token); } catch (Exception $e) { - common_log(LOG_ERR, "Failed PuSH $mode verify to $sub->callback for $sub->topic: " . + common_log(LOG_ERR, "Failed WebSub $mode verify to $sub->callback for $sub->topic: " . $e->getMessage()); // @fixme schedule retry? // @fixme just kill it? diff --git a/plugins/OStatus/lib/huboutqueuehandler.php b/plugins/OStatus/lib/huboutqueuehandler.php index 590f2e3b25..c35d90319e 100644 --- a/plugins/OStatus/lib/huboutqueuehandler.php +++ b/plugins/OStatus/lib/huboutqueuehandler.php @@ -22,7 +22,7 @@ if (!defined('STATUSNET')) { } /** - * Send a raw PuSH atom update from our internal hub. + * Send a raw WebSub push atom update from our internal hub. * @package Hub * @author Brion Vibber */ @@ -45,10 +45,10 @@ class HubOutQueueHandler extends QueueHandler try { $sub->push($atom); } catch (AlreadyFulfilledException $e) { - common_log(LOG_INFO, "Failed PuSH to $sub->callback for $sub->topic (".get_class($e)."): " . $e->getMessage()); + common_log(LOG_INFO, "Failed WebSub push to $sub->callback for $sub->topic (".get_class($e)."): " . $e->getMessage()); } catch (Exception $e) { $retries--; - $msg = "Failed PuSH to $sub->callback for $sub->topic (".get_class($e)."): " . $e->getMessage(); + $msg = "Failed WebSub push to $sub->callback for $sub->topic (".get_class($e)."): " . $e->getMessage(); if ($retries > 0) { common_log(LOG_INFO, "$msg; scheduling for $retries more tries"); diff --git a/plugins/OStatus/lib/hubprepqueuehandler.php b/plugins/OStatus/lib/hubprepqueuehandler.php index f6abfcf30d..f11ca42e62 100644 --- a/plugins/OStatus/lib/hubprepqueuehandler.php +++ b/plugins/OStatus/lib/hubprepqueuehandler.php @@ -22,7 +22,7 @@ if (!defined('STATUSNET')) { } /** - * When we have a large batch of PuSH consumers, we break the data set + * When we have a large batch of WebSub consumers, we break the data set * into smaller chunks. Enqueue final destinations... * * @package Hub @@ -67,14 +67,14 @@ class HubPrepQueueHandler extends QueueHandler $callback = array_shift($pushCallbacks); $sub = HubSub::getByHashkey($topic, $callback); if (!$sub) { - common_log(LOG_ERR, "Skipping PuSH delivery for deleted(?) consumer $callback on $topic"); + common_log(LOG_ERR, "Skipping WebSub delivery for deleted(?) consumer $callback on $topic"); continue; } $sub->distribute($atom); } } catch (Exception $e) { - common_log(LOG_ERR, "Exception during PuSH batch out: " . + common_log(LOG_ERR, "Exception during WebSub batch out: " . $e->getMessage() . " prepping $topic to $callback"); } diff --git a/plugins/OStatus/lib/ostatusqueuehandler.php b/plugins/OStatus/lib/ostatusqueuehandler.php index ac56e142f4..3ad6b3b2ab 100644 --- a/plugins/OStatus/lib/ostatusqueuehandler.php +++ b/plugins/OStatus/lib/ostatusqueuehandler.php @@ -22,7 +22,7 @@ if (!defined('STATUSNET')) { } /** - * Prepare PuSH and Salmon distributions for an outgoing message. + * Prepare WebSub and Salmon distributions for an outgoing message. * * @package OStatusPlugin * @author Brion Vibber @@ -30,7 +30,7 @@ if (!defined('STATUSNET')) { class OStatusQueueHandler extends QueueHandler { // If we have more than this many subscribing sites on a single feed, - // break up the PuSH distribution into smaller batches which will be + // break up the WebSub distribution into smaller batches which will be // rolled into the queue progressively. This reduces disruption to // other, shorter activities being enqueued while we work. const MAX_UNBATCHED = 50; @@ -132,7 +132,7 @@ class OStatusQueueHandler extends QueueHandler { if ($this->user) { common_debug("OSTATUS [{$this->notice->getID()}]: pushing feed for local user {$this->user->getID()}"); - // For local posts, ping the PuSH hub to update their feed. + // For local posts, ping the WebSub hub to update their feed. // http://identi.ca/api/statuses/user_timeline/1.atom $feed = common_local_url('ApiTimelineUser', array('id' => $this->user->id, @@ -144,7 +144,7 @@ class OStatusQueueHandler extends QueueHandler function pushGroup(User_group $group) { common_debug("OSTATUS [{$this->notice->getID()}]: pushing group '{$group->getNickname()}' profile_id={$group->profile_id}"); - // For a local group, ping the PuSH hub to update its feed. + // For a local group, ping the WebSub hub to update its feed. // Updates may come from either a local or a remote user. $feed = common_local_url('ApiTimelineGroup', array('id' => $group->getID(), @@ -155,7 +155,7 @@ class OStatusQueueHandler extends QueueHandler function pushPeopletag($ptag) { common_debug("OSTATUS [{$this->notice->getID()}]: pushing peopletag '{$ptag->id}'"); - // For a local people tag, ping the PuSH hub to update its feed. + // For a local people tag, ping the WebSub hub to update its feed. // Updates may come from either a local or a remote user. $feed = common_local_url('ApiTimelineList', array('id' => $ptag->id, @@ -221,7 +221,7 @@ class OStatusQueueHandler extends QueueHandler $atom = call_user_func_array($callback, $args); $this->pushFeedInternal($atom, $sub); } else { - common_log(LOG_INFO, "OSTATUS [{$this->notice->getID()}]: No PuSH subscribers for $feed"); + common_log(LOG_INFO, "OSTATUS [{$this->notice->getID()}]: No WebSub subscribers for $feed"); } } @@ -231,7 +231,7 @@ class OStatusQueueHandler extends QueueHandler * Not guaranteed safe in an environment with database replication. * * @param string $feed feed topic URI - * @param string $hub PuSH hub URI + * @param string $hub WebSub hub URI * @fixme can consolidate pings for user & group posts */ function pushFeedExternal($feed, $hub) @@ -242,15 +242,15 @@ class OStatusQueueHandler extends QueueHandler 'hub.url' => $feed); $response = $client->post($hub, array(), $data); if ($response->getStatus() == 204) { - common_log(LOG_INFO, "PuSH ping to hub $hub for $feed ok"); + common_log(LOG_INFO, "WebSub ping to hub $hub for $feed ok"); return true; } else { - common_log(LOG_ERR, "PuSH ping to hub $hub for $feed failed with HTTP " . + common_log(LOG_ERR, "WebSub ping to hub $hub for $feed failed with HTTP " . $response->getStatus() . ': ' . $response->getBody()); } } catch (Exception $e) { - common_log(LOG_ERR, "PuSH ping to hub $hub for $feed failed: " . $e->getMessage()); + common_log(LOG_ERR, "WebSub ping to hub $hub for $feed failed: " . $e->getMessage()); return false; } } @@ -265,7 +265,7 @@ class OStatusQueueHandler extends QueueHandler */ function pushFeedInternal($atom, $sub) { - common_log(LOG_INFO, "Preparing $sub->N PuSH distribution(s) for $sub->topic"); + common_log(LOG_INFO, "Preparing $sub->N WebSub distribution(s) for $sub->topic"); $n = 0; $batch = array(); while ($sub->fetch()) { diff --git a/plugins/OStatus/lib/pushinqueuehandler.php b/plugins/OStatus/lib/pushinqueuehandler.php index f996a7166c..c5615daad8 100644 --- a/plugins/OStatus/lib/pushinqueuehandler.php +++ b/plugins/OStatus/lib/pushinqueuehandler.php @@ -20,7 +20,7 @@ if (!defined('GNUSOCIAL')) { exit(1); } /** - * Process a feed distribution POST from a PuSH hub. + * Process a feed distribution POST from a WebSub (previously PuSH) hub. * @package FeedSub * @author Brion Vibber */ @@ -45,7 +45,7 @@ class PushInQueueHandler extends QueueHandler } catch(NoResultException $e) { common_log(LOG_INFO, "Discarding POST to unknown feed subscription id {$feedsub_id}"); } catch(Exception $e) { - common_log(LOG_ERR, "Exception "._ve(get_class($e))." during PuSH input processing for {$feedsub->getUri()}: " . $e->getMessage()); + common_log(LOG_ERR, "Exception "._ve(get_class($e))." during WebSub push input processing for {$feedsub->getUri()}: " . $e->getMessage()); } return true; } diff --git a/plugins/OStatus/lib/pushrenewqueuehandler.php b/plugins/OStatus/lib/pushrenewqueuehandler.php index d79cbe503f..31df9b5f63 100644 --- a/plugins/OStatus/lib/pushrenewqueuehandler.php +++ b/plugins/OStatus/lib/pushrenewqueuehandler.php @@ -39,7 +39,7 @@ class PushRenewQueueHandler extends QueueHandler common_log(LOG_INFO, "Renewing feed subscription\n\tExp.: {$feedsub->sub_end}\n\tFeed: {$feedsub->uri}\n\tHub: {$feedsub->huburi}"); $feedsub->renew(); } catch(Exception $e) { - common_log(LOG_ERR, "Exception during PuSH renew processing for $feedsub->uri: " . $e->getMessage()); + common_log(LOG_ERR, "Exception during WebSub renew processing for $feedsub->uri: " . $e->getMessage()); } } else { common_log(LOG_ERR, "Discarding renew for unknown feed subscription id $feedsub_id"); diff --git a/plugins/OStatus/scripts/resub-feed.php b/plugins/OStatus/scripts/resub-feed.php index 37b09883db..48db9f4e6a 100755 --- a/plugins/OStatus/scripts/resub-feed.php +++ b/plugins/OStatus/scripts/resub-feed.php @@ -25,7 +25,7 @@ $shortoptions = 'u'; $helptext = <<getID()); @@ -1858,7 +1863,7 @@ class Ostatus_profile extends Managed_DataObject if (array_key_exists('feedurl', $hints) && common_valid_http_url($hints['feedurl'])) { try { - $feedsub = FeedSub::getByUri($this->feeduri); + $feedsub = $this->getFeedSub(); common_debug('URIFIX Changing FeedSub id==['._ve($feedsub->id).'] feeduri '._ve($feedsub->uri).' to '._ve($hints['feedurl'])); $feedorig = clone($feedsub); $feedsub->uri = $hints['feedurl']; From 5af5bb2a32b0cce7e31bb4dfb86358b8db669428 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 1 May 2017 21:18:04 +0200 Subject: [PATCH 350/415] Show WebSub state on remote user profiles --- plugins/OStatus/OStatusPlugin.php | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index cea405fa9a..d12881cde4 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -1195,6 +1195,25 @@ class OStatusPlugin extends Plugin return true; } + function onEndShowAccountProfileBlock(HTMLOutputter $out, Profile $profile) + { + if ($profile->isLocal()) { + return true; + } + $websub_states = [ + 'subscribe' => _m('Pending'), + 'active' => _m('Active'), + 'nohub' => _m('Polling'), + 'inactive' => _m('Inactive'), + ]; + $out->elementStart('dl', 'entity_tags ostatus_profile'); + $oprofile = Ostatus_profile::fromProfile($profile); + $feedsub = $oprofile->getFeedSub(); + $out->element('dt', null, _m('WebSub')); + $out->element('dd', null, $websub_states[$feedsub->sub_state]); + $out->elementEnd('dl'); + } + // FIXME: This one can accept both an Action and a Widget. Confusing! Refactor to (HTMLOutputter $out, Profile $target)! function onStartProfileListItemActionElements($item) { From 06b25f384af869358b4f0b4a721d6fdf9971d234 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 2 May 2017 09:07:00 +0200 Subject: [PATCH 351/415] File_redirection->getFile could never get the file anyway if $redir->file_id was empty... --- plugins/Oembed/classes/File_oembed.php | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/plugins/Oembed/classes/File_oembed.php b/plugins/Oembed/classes/File_oembed.php index 38a1754ae2..e47fee6abe 100644 --- a/plugins/Oembed/classes/File_oembed.php +++ b/plugins/Oembed/classes/File_oembed.php @@ -126,10 +126,7 @@ class File_oembed extends Managed_DataObject } catch (NoResultException $e) { // File_redirection::where argument 'discover' is false to avoid loops $redir = File_redirection::where($given_url, false); - if (empty($redir->file_id)) { - $f = $redir->getFile(); - $file_oembed->mimetype = $f->mimetype; - } else { + if (!empty($redir->file_id)) { $file_id = $redir->file_id; } } From 979c5251240d0de08b2b4a816801a021240ee2ee Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 2 May 2017 09:07:39 +0200 Subject: [PATCH 352/415] I like to throw exceptions instead of using if statements. --- classes/File.php | 10 +++++++--- classes/File_redirection.php | 4 ++-- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/classes/File.php b/classes/File.php index b0da3f09f3..9cfdb94c56 100644 --- a/classes/File.php +++ b/classes/File.php @@ -194,10 +194,14 @@ class File extends Managed_DataObject } $redir = File_redirection::where($given_url); - $file = $redir->getFile(); - - if (!$file instanceof File || empty($file->id)) { + try { + $file = $redir->getFile(); + } catch (EmptyPkeyValueException $e) { + common_log(LOG_ERR, 'File_redirection::where gave object with empty file_id for given_url '._ve($given_url)); + throw new ServerException('URL processing failed without new File object'); + } catch (NoResultException $e) { // This should not happen + common_log(LOG_ERR, 'File_redirection after discovery could still not return a File object.'); throw new ServerException('URL processing failed without new File object'); } diff --git a/classes/File_redirection.php b/classes/File_redirection.php index d1b266c90b..742a6143cc 100644 --- a/classes/File_redirection.php +++ b/classes/File_redirection.php @@ -445,8 +445,8 @@ class File_redirection extends Managed_DataObject } public function getFile() { - if(empty($this->file) && $this->file_id) { - $this->file = File::getKV('id', $this->file_id); + if (!$this->file instanceof File) { + $this->file = File::getByID($this->file_id); } return $this->file; From e9ab06b59ea29265466130fe732b4a60cf830bec Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 2 May 2017 09:14:30 +0200 Subject: [PATCH 353/415] Fix issues with non-subscribed Ostatus_profiles --- plugins/OStatus/OStatusPlugin.php | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/plugins/OStatus/OStatusPlugin.php b/plugins/OStatus/OStatusPlugin.php index d12881cde4..18e8539eb4 100644 --- a/plugins/OStatus/OStatusPlugin.php +++ b/plugins/OStatus/OStatusPlugin.php @@ -1200,6 +1200,22 @@ class OStatusPlugin extends Plugin if ($profile->isLocal()) { return true; } + try { + $oprofile = Ostatus_profile::fromProfile($profile); + } catch (NoResultException $e) { + // Not a remote Ostatus_profile! Maybe some other network + // that has imported a non-local user? + return true; + } + try { + $feedsub = $oprofile->getFeedSub(); + } catch (NoResultException $e) { + // No WebSub subscription has been attempted or exists for this profile + // which is the case, say for remote profiles that are only included + // via mentions or repeat/share. + return true; + } + $websub_states = [ 'subscribe' => _m('Pending'), 'active' => _m('Active'), @@ -1207,8 +1223,6 @@ class OStatusPlugin extends Plugin 'inactive' => _m('Inactive'), ]; $out->elementStart('dl', 'entity_tags ostatus_profile'); - $oprofile = Ostatus_profile::fromProfile($profile); - $feedsub = $oprofile->getFeedSub(); $out->element('dt', null, _m('WebSub')); $out->element('dd', null, $websub_states[$feedsub->sub_state]); $out->elementEnd('dl'); From e8eb9f96143585e3ef97a9c24a8559b42f8113aa Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 2 May 2017 09:18:43 +0200 Subject: [PATCH 354/415] Less raw database dumps in debug please --- plugins/OStatus/actions/pushhub.php | 1 - 1 file changed, 1 deletion(-) diff --git a/plugins/OStatus/actions/pushhub.php b/plugins/OStatus/actions/pushhub.php index 2b06e920a4..8cc9cbc302 100644 --- a/plugins/OStatus/actions/pushhub.php +++ b/plugins/OStatus/actions/pushhub.php @@ -121,7 +121,6 @@ class PushHubAction extends Action $sub->setLease(intval($lease)); } } - common_debug('WebSub hub request is now:'._ve($sub)); $verify = $this->arg('hub.verify'); // TODO: deprecated $token = $this->arg('hub.verify_token', null); // TODO: deprecated From 07458e5375e23f5732c705045ee2e9d0788fa49c Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 2 May 2017 18:58:22 +0200 Subject: [PATCH 355/415] Fixed the parsing of ostatus:conversation etc. Conversation will now start storing remote URL The namespace features don't work the way they were written for here so I fixed that, making the ostatus: namespace properly looked up and then the homegrown getLink function looks for what is back-compat with StatusNet etc. if I remember correctly. --- classes/Conversation.php | 12 ++++++++++-- classes/Notice.php | 10 ++++++++-- lib/activitycontext.php | 21 ++++++++++++++++----- 3 files changed, 34 insertions(+), 9 deletions(-) diff --git a/classes/Conversation.php b/classes/Conversation.php index 1dba2c1f4a..d18321deba 100644 --- a/classes/Conversation.php +++ b/classes/Conversation.php @@ -36,6 +36,7 @@ class Conversation extends Managed_DataObject public $__table = 'conversation'; // table name public $id; // int(4) primary_key not_null auto_increment public $uri; // varchar(191) unique_key not 255 because utf8mb4 takes more space + public $url; // varchar(191) unique_key not 255 because utf8mb4 takes more space public $created; // datetime not_null public $modified; // timestamp not_null default_CURRENT_TIMESTAMP @@ -45,6 +46,7 @@ class Conversation extends Managed_DataObject 'fields' => array( 'id' => array('type' => 'serial', 'not null' => true, 'description' => 'Unique identifier, (again) unrelated to notice id since 2016-01-06'), 'uri' => array('type' => 'varchar', 'not null'=>true, 'length' => 191, 'description' => 'URI of the conversation'), + 'url' => array('type' => 'varchar', 'length' => 191, 'description' => 'Resolvable URL, preferrably remote (local can be generated on the fly)'), 'created' => array('type' => 'datetime', 'not null' => true, 'description' => 'date this record was created'), 'modified' => array('type' => 'timestamp', 'not null' => true, 'description' => 'date this record was modified'), ), @@ -89,15 +91,21 @@ class Conversation extends Managed_DataObject * * @return Conversation the new conversation DO */ - static function create($uri=null, $created=null) + static function create(ActivityContext $ctx=null, $created=null) { // Be aware that the Notice does not have an id yet since it's not inserted! $conv = new Conversation(); $conv->created = $created ?: common_sql_now(); - $conv->uri = $uri ?: sprintf('%s%s=%s:%s=%s', + if ($ctx instanceof ActivityContext) { + $conv->uri = $ctx->conversation; + $conv->url = $ctx->conversation_url; + } else { + $conv->uri = sprintf('%s%s=%s:%s=%s', TagURI::mint(), 'objectType', 'thread', 'nonce', common_random_hexstr(8)); + $conv->url = null; // locally generated Conversation objects don't get static URLs stored + } // This insert throws exceptions on failure $conv->insert(); diff --git a/classes/Notice.php b/classes/Notice.php index d5a0e5f6d2..bfe9f1c7f6 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -624,8 +624,13 @@ class Notice extends Managed_DataObject } else { // Conversation entry with specified URI was not found, so we must create it. common_debug('Conversation URI not found, so we will create it with the URI given in the options to Notice::saveNew: '.$options['conversation']); + $convctx = new ActivityContext(); + $convctx->conversation = $options['conversation']; + if (array_key_exists('conversation_url', $options)) { + $convctx->conversation_url = $options['conversation_url']; + } // The insert in Conversation::create throws exception on failure - $conv = Conversation::create($options['conversation'], $notice->created); + $conv = Conversation::create($convctx, $notice->created); } $notice->conversation = $conv->getID(); unset($conv); @@ -921,7 +926,7 @@ class Notice extends Managed_DataObject // Conversation entry with specified URI was not found, so we must create it. common_debug('Conversation URI not found, so we will create it with the URI given in the context of the activity: '.$act->context->conversation); // The insert in Conversation::create throws exception on failure - $conv = Conversation::create($act->context->conversation, $stored->created); + $conv = Conversation::create($act->context, $stored->created); } $stored->conversation = $conv->getID(); unset($conv); @@ -2008,6 +2013,7 @@ class Notice extends Managed_DataObject $conv = Conversation::getKV('id', $this->conversation); if ($conv instanceof Conversation) { $ctx->conversation = $conv->uri; + $ctx->conversation_url = $conv->url; } } diff --git a/lib/activitycontext.php b/lib/activitycontext.php index 32f15c1e9f..68ee08a8fb 100644 --- a/lib/activitycontext.php +++ b/lib/activitycontext.php @@ -39,6 +39,7 @@ class ActivityContext public $location; public $attention = array(); // 'uri' => 'type' public $conversation; + public $conversation_url; public $scope; const THR = 'http://purl.org/syndication/thread/1.0'; @@ -51,7 +52,7 @@ class ActivityContext // OStatus element names with prefixes const OBJECTTYPE = 'ostatus:object-type'; // FIXME: Undocumented! - const CONVERSATION = 'ostatus:conversation'; + const CONVERSATION = 'conversation'; const POINT = 'point'; @@ -74,13 +75,22 @@ class ActivityContext $this->location = $this->getLocation($element); - $convs = $element->getElementsByTagNameNS(self::OSTATUS, self::CONVERSATION); - foreach ($convs as $conv) { - $this->conversation = $conv->textContent; + foreach ($element->getElementsByTagNameNS(self::OSTATUS, self::CONVERSATION) as $conv) { + if ($conv->hasAttribute('ref')) { + $this->conversation = $conv->getAttribute('ref'); + if ($conv->hasAttribute('href')) { + $this->conversation_url = $conv->getAttribute('href'); + } + } else { + $this->conversation = $conv->textContent; + } + if (!empty($this->conversation)) { + break; + } } if (empty($this->conversation)) { // fallback to the atom:link rel="ostatus:conversation" element - $this->conversation = ActivityUtils::getLink($element, self::CONVERSATION); + $this->conversation = ActivityUtils::getLink($element, 'ostatus:'.self::CONVERSATION); } // Multiple attention links allowed @@ -148,6 +158,7 @@ class ActivityContext $context['inReplyTo'] = $this->getInReplyToArray(); $context['conversation'] = $this->conversation; + $context['conversation_url'] = $this->conversation_url; return array_filter($context); } From 000af6d9ee6900f9b52069aaa8121f0583cb082d Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 2 May 2017 21:12:17 +0200 Subject: [PATCH 356/415] default to #addtag on !group mention --- classes/Notice.php | 8 ++++---- lib/default.php | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index bfe9f1c7f6..a5bd4451ec 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -1583,12 +1583,12 @@ class Notice extends Managed_DataObject if (common_config('group', 'addtag')) { // we automatically add a tag for every group name, too - - $tag = Notice_tag::pkeyGet(array('tag' => common_canonical_tag($group->nickname), - 'notice_id' => $this->id)); + common_debug('Adding hashtag matching group nickname: '._ve($group->getNickname())); + $tag = Notice_tag::pkeyGet(array('tag' => common_canonical_tag($group->getNickname()), + 'notice_id' => $this->getID())); if (is_null($tag)) { - $this->saveTag($group->nickname); + $this->saveTag($group->getNickname()); } } diff --git a/lib/default.php b/lib/default.php index 83dc58f898..90bca32c4f 100644 --- a/lib/default.php +++ b/lib/default.php @@ -297,7 +297,7 @@ $default = 'group' => array('maxaliases' => 3, 'desclimit' => null, - 'addtag' => false), + 'addtag' => true), 'peopletag' => array('maxtags' => 100, // maximum number of tags a user can create. 'maxpeople' => 500, // maximum no. of people with the same tag by the same user From 7889b21e7b2375bf8258b64e0e46609337304cbb Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 6 May 2017 11:34:38 +0200 Subject: [PATCH 357/415] Handle selfLink in ActivityObject --- lib/activityobject.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/lib/activityobject.php b/lib/activityobject.php index d211136d3c..597792ffde 100644 --- a/lib/activityobject.php +++ b/lib/activityobject.php @@ -100,6 +100,7 @@ class ActivityObject public $content; public $owner; public $link; + public $selfLink; // think APP (Atom Publishing Protocol) public $source; public $avatarLinks = array(); public $geopoint; @@ -261,6 +262,7 @@ class ActivityObject $this->source = $this->_getSource($element); $this->link = ActivityUtils::getPermalink($element); + $this->selfLink = ActivityUtils::getSelfLink($element); $this->id = $this->_childContent($element, self::ID); @@ -665,6 +667,18 @@ class ActivityObject ); } + if (!empty($this->selfLink)) { + $xo->element( + 'link', + array( + 'rel' => 'self', + 'type' => 'application/atom+xml', + 'href' => $this->selfLink + ), + null + ); + } + if(!empty($this->owner)) { $owner = $this->owner->asActivityNoun(self::AUTHOR); $xo->raw($owner); From 8a4bec811b07a0ed9d76d0aceb03855c91a67242 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 6 May 2017 12:15:54 +0200 Subject: [PATCH 358/415] Notices start saving selfLink from activities/objects --- classes/Notice.php | 16 ++++++++++++++++ lib/activity.php | 2 +- lib/activityhandlerplugin.php | 3 +++ lib/activityutils.php | 10 ++++++++-- 4 files changed, 28 insertions(+), 3 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index a5bd4451ec..28f85ce3fb 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -59,6 +59,7 @@ class Notice extends Managed_DataObject public $content; // text public $rendered; // text public $url; // varchar(191) not 255 because utf8mb4 takes more space + public $self; // varchar(191) not 255 because utf8mb4 takes more space public $created; // datetime multiple_key not_null default_0000-00-00%2000%3A00%3A00 public $modified; // timestamp not_null default_CURRENT_TIMESTAMP public $reply_to; // int(4) @@ -83,6 +84,7 @@ class Notice extends Managed_DataObject 'content' => array('type' => 'text', 'description' => 'update content', 'collate' => 'utf8mb4_general_ci'), 'rendered' => array('type' => 'text', 'description' => 'HTML version of the content'), 'url' => array('type' => 'varchar', 'length' => 191, 'description' => 'URL of any attachment (image, video, bookmark, whatever)'), + 'self' => array('type' => 'varchar', 'length' => 191, 'description' => 'Resolvable URL to the (remote) Atom entry representation'), 'created' => array('type' => 'datetime', 'not null' => true, 'description' => 'date this record was created'), 'modified' => array('type' => 'timestamp', 'not null' => true, 'description' => 'date this record was modified'), 'reply_to' => array('type' => 'int', 'description' => 'notice replied to (usually a guess)'), @@ -442,6 +444,7 @@ class Notice extends Managed_DataObject static function saveNew($profile_id, $content, $source, array $options=null) { $defaults = array('uri' => null, 'url' => null, + 'self' => null, 'conversation' => null, // URI of conversation 'reply_to' => null, // This will override convo URI if the parent is known 'repeat_of' => null, // This will override convo URI if the repeated notice is known @@ -528,6 +531,9 @@ class Notice extends Managed_DataObject $notice->source = $source; $notice->uri = $uri; $notice->url = $url; + if ($self && common_valid_http_url($self)) { + $notice->self = $self; + } // Get the groups here so we can figure out replies and such if (!isset($groups)) { @@ -770,6 +776,9 @@ class Notice extends Managed_DataObject // implied object $options['uri'] = $act->id; $options['url'] = $act->link; + if ($act->selfLink) { + $options['self'] = $act->selfLink; + } } else { $actobj = count($act->objects)===1 ? $act->objects[0] : null; if (!is_null($actobj) && !empty($actobj->id)) { @@ -780,6 +789,9 @@ class Notice extends Managed_DataObject $options['url'] = $actobj->id; } } + if ($actobj->selfLink) { + $options['self'] = $actobj->selfLink; + } } $defaults = array( @@ -789,6 +801,7 @@ class Notice extends Managed_DataObject 'reply_to' => null, 'repeat_of' => null, 'scope' => null, + 'self' => null, 'source' => 'unknown', 'tags' => array(), 'uri' => null, @@ -841,6 +854,9 @@ class Notice extends Managed_DataObject $stored->source = $source; $stored->uri = $uri; $stored->url = $url; + if (common_valid_http_url($stored->self)) { + $stored->self = $self; + } $stored->verb = $act->verb; // we use mb_strlen because it _might_ be that the content is just the string "0"... diff --git a/lib/activity.php b/lib/activity.php index 578a843c32..a52f29e9ca 100644 --- a/lib/activity.php +++ b/lib/activity.php @@ -267,7 +267,7 @@ class Activity // From APP. Might be useful. - $this->selfLink = ActivityUtils::getLink($entry, 'self', 'application/atom+xml'); + $this->selfLink = ActivityUtils::getSelfLink($entry); $this->editLink = ActivityUtils::getLink($entry, 'edit', 'application/atom+xml'); } diff --git a/lib/activityhandlerplugin.php b/lib/activityhandlerplugin.php index afeebb53aa..0a63bed13b 100644 --- a/lib/activityhandlerplugin.php +++ b/lib/activityhandlerplugin.php @@ -344,6 +344,7 @@ abstract class ActivityHandlerPlugin extends Plugin $options = array('uri' => $object->id, 'url' => $object->link, + 'self' => $object->selfLink, 'is_local' => Notice::REMOTE, 'source' => 'ostatus'); @@ -420,6 +421,7 @@ abstract class ActivityHandlerPlugin extends Plugin $options = array('uri' => $object->id, 'url' => $object->link, + 'self' => $object->selfLink, 'is_local' => Notice::REMOTE, 'source' => 'ostatus'); @@ -471,6 +473,7 @@ abstract class ActivityHandlerPlugin extends Plugin $options = array('uri' => $object->id, 'url' => $object->link, + 'self' => $object->selfLink, 'source' => 'restore'); // $user->getProfile() is a Profile diff --git a/lib/activityutils.php b/lib/activityutils.php index 58e04e2f76..b83bc0a238 100644 --- a/lib/activityutils.php +++ b/lib/activityutils.php @@ -65,11 +65,16 @@ class ActivityUtils * * @return string related link, if any */ - static function getPermalink($element) + static function getPermalink(DOMNode $element) { return self::getLink($element, 'alternate', 'text/html'); } + static function getSelfLink(DOMNode $element) + { + return self::getLink($element, 'self', 'application/atom+xml'); + } + /** * Get the permalink for an Activity object * @@ -90,8 +95,9 @@ class ActivityUtils $linkRel = $link->getAttribute(self::REL); $linkType = $link->getAttribute(self::TYPE); + // XXX: Am I allowed to do this according to specs? (matching using common_bare_mime) if ($linkRel == $rel && - (is_null($type) || $linkType == $type)) { + (is_null($type) || common_bare_mime($linkType) == common_bare_mime($type))) { return $link->getAttribute(self::HREF); } } From 709f1bbd754006b5630f006c70ae4ee5ab709b99 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 6 May 2017 12:25:27 +0200 Subject: [PATCH 359/415] Return false immediately if $url is empty for common_valid_http_url --- lib/util.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/util.php b/lib/util.php index aa0d5bfe76..e5cc780688 100644 --- a/lib/util.php +++ b/lib/util.php @@ -1906,6 +1906,10 @@ function common_log_objstring(&$object) function common_valid_http_url($url, $secure=false) { + if (empty($url)) { + return false; + } + // If $secure is true, only allow https URLs to pass // (if false, we use '?' in 'https?' to say the 's' is optional) $regex = $secure ? '/^https$/' : '/^https?$/'; From 7c829852b84f6a8b94ca72d14743e295a33d0ad7 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 6 May 2017 12:25:50 +0200 Subject: [PATCH 360/415] Output selfLink from notice asActivity[Object] --- classes/Notice.php | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index 28f85ce3fb..1dac58032c 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -322,6 +322,19 @@ class Notice extends Managed_DataObject } } + public function getSelfLink() + { + if ($this->isLocal()) { + return common_local_url('ApiStatusesShow', array('id' => $this->getID(), 'format' => 'atom')); + } + + if (!common_valid_http_url($this->self)) { + throw new InvalidUrlException($this->url); + } + + return $this->self; + } + public function getObjectType($canonical=false) { if (is_null($this->object_type) || $this->object_type==='') { throw new NoObjectTypeException($this); @@ -2092,9 +2105,12 @@ class Notice extends Managed_DataObject } } + try { + $act->selfLink = $this->getSelfLink(); + } catch (InvalidUrlException $e) { + $act->selfLink = null; + } if ($this->isLocal()) { - $act->selfLink = common_local_url('ApiStatusesShow', array('id' => $this->id, - 'format' => 'atom')); $act->editLink = $act->selfLink; } @@ -2192,6 +2208,11 @@ class Notice extends Managed_DataObject $object->title = sprintf('New %1$s by %2$s', ActivityObject::canonicalType($object->type), $this->getProfile()->getNickname()); $object->content = $this->getRendered(); $object->link = $this->getUrl(); + try { + $object->selfLink = $this->getSelfLink(); + } catch (InvalidUrlException $e) { + $object->selfLink = null; + } $object->extra[] = array('status_net', array('notice_id' => $this->id)); From d88e9ffd334dcf9d3a84fee5bae6d1b6c125a616 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 6 May 2017 12:38:34 +0200 Subject: [PATCH 361/415] Output proper HTML and XML headers for single Atom entry RFC5023 specifies that the content type parameter 'type=entry' should be used to clarify data. --- lib/apiaction.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/apiaction.php b/lib/apiaction.php index 723e589408..18ec44bb2b 100644 --- a/lib/apiaction.php +++ b/lib/apiaction.php @@ -790,7 +790,8 @@ class ApiAction extends Action function showSingleAtomStatus($notice) { - header('Content-Type: application/atom+xml; charset=utf-8'); + header('Content-Type: application/atom+xml;type=entry;charset="utf-8"'); + print '' . "\n"; print $notice->asAtomEntry(true, true, true, $this->scoped); } From 2cbef2b10f888a4d7b420fe2a3aa1afd1a018b5d Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 6 May 2017 13:22:10 +0200 Subject: [PATCH 362/415] Notice_prefs now available (I just copied Profile_prefs) --- classes/Notice_prefs.php | 172 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 172 insertions(+) create mode 100644 classes/Notice_prefs.php diff --git a/classes/Notice_prefs.php b/classes/Notice_prefs.php new file mode 100644 index 0000000000..1bbf309da4 --- /dev/null +++ b/classes/Notice_prefs.php @@ -0,0 +1,172 @@ +. + * + * @category Data + * @package GNUsocial + * @author Mikael Nordfeldth + * @copyright 2013 Free Software Foundation, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://www.gnu.org/software/social/ + */ + +class Notice_prefs extends Managed_DataObject +{ + public $__table = 'notice_prefs'; // table name + public $notice_id; // int(4) primary_key not_null + public $namespace; // varchar(191) not_null + public $topic; // varchar(191) not_null + public $data; // text + public $created; // datetime not_null default_0000-00-00%2000%3A00%3A00 + public $modified; // timestamp not_null default_CURRENT_TIMESTAMP + + public static function schemaDef() + { + return array( + 'fields' => array( + 'notice_id' => array('type' => 'int', 'not null' => true, 'description' => 'user'), + 'namespace' => array('type' => 'varchar', 'length' => 191, 'not null' => true, 'description' => 'namespace, like pluginname or category'), + 'topic' => array('type' => 'varchar', 'length' => 191, 'not null' => true, 'description' => 'preference key, i.e. description, age...'), + 'data' => array('type' => 'blob', 'description' => 'topic data, may be anything'), + 'created' => array('type' => 'datetime', 'not null' => true, 'description' => 'date this record was created'), + 'modified' => array('type' => 'timestamp', 'not null' => true, 'description' => 'date this record was modified'), + ), + 'primary key' => array('notice_id', 'namespace', 'topic'), + 'foreign keys' => array( + 'notice_prefs_notice_id_fkey' => array('notice', array('notice_id' => 'id')), + ), + 'indexes' => array( + 'notice_prefs_notice_id_idx' => array('notice_id'), + ), + ); + } + + static function getNamespacePrefs(Notice $notice, $namespace, array $topic=array()) + { + if (empty($topic)) { + $prefs = new Notice_prefs(); + $prefs->notice_id = $notice->getID(); + $prefs->namespace = $namespace; + $prefs->find(); + } else { + $prefs = self::pivotGet('notice_id', $notice->getID(), array('namespace'=>$namespace, 'topic'=>$topic)); + } + + if (empty($prefs->N)) { + throw new NoResultException($prefs); + } + + return $prefs; + } + + static function getNamespace(Notice $notice, $namespace, array $topic=array()) + { + $prefs = self::getNamespacePrefs($notice, $namespace, $topic); + return $prefs->fetchAll(); + } + + static function getAll(Notice $notice) + { + try { + $prefs = self::listFind('notice_id', array($notice->getID())); + } catch (NoResultException $e) { + return array(); + } + + $list = array(); + while ($prefs->fetch()) { + if (!isset($list[$prefs->namespace])) { + $list[$prefs->namespace] = array(); + } + $list[$prefs->namespace][$prefs->topic] = $prefs->data; + } + return $list; + } + + static function getTopic(Notice $notice, $namespace, $topic) { + return self::getByPK(array('notice_id' => $notice->getID(), + 'namespace' => $namespace, + 'topic' => $topic)); + } + + static function getData(Notice $notice, $namespace, $topic, $def=null) { + try { + $pref = self::getTopic($notice, $namespace, $topic); + } catch (NoResultException $e) { + if ($def === null) { + // If no default value was set, continue the exception. + throw $e; + } + // If there was a default value, return that. + return $def; + } + return $pref->data; + } + + static function getConfigData(Notice $notice, $namespace, $topic) { + try { + $data = self::getData($notice, $namespace, $topic); + } catch (NoResultException $e) { + $data = common_config($namespace, $topic); + } + return $data; + } + + /* + * Sets a notice preference based on Notice, namespace and topic + * + * @param Notice $notice Which notice this is for + * @param string $namespace Under which namespace (pluginname etc.) + * @param string $topic Preference name (think key in key-val store) + * @param string $data Data to be put into preference storage, null means delete + * + * @return true if changes are made, false if no action taken + * @throws ServerException if preference could not be saved + */ + static function setData(Notice $notice, $namespace, $topic, $data=null) { + try { + $pref = self::getTopic($notice, $namespace, $topic); + if (is_null($data)) { + $pref->delete(); + } else { + $orig = clone($pref); + $pref->data = $data; + $pref->update($orig); + } + return true; + } catch (NoResultException $e) { + if (is_null($data)) { + return false; // No action taken + } + } + + $pref = new Notice_prefs(); + $pref->notice_id = $notice->getID(); + $pref->namespace = $namespace; + $pref->topic = $topic; + $pref->data = $data; + $pref->created = common_sql_now(); + + if ($pref->insert() === false) { + throw new ServerException('Could not save notice preference.'); + } + return true; + } +} From 286b1e0ab76410208bdf3a6dd4fe042e1c497034 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 6 May 2017 13:24:11 +0200 Subject: [PATCH 363/415] Revert some of 8a4bec811b07a0ed9d76d0aceb03855c91a67242 use Notice_prefs instead of adding a new field. The rationale here is simply that the Notice table was _huge_ and I rant into issues with /tmp filling up when altering the tables. So let's just create a new table instead. --- classes/Notice.php | 47 +++++++++++++++++++++++++++++++++++----------- 1 file changed, 36 insertions(+), 11 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index 1dac58032c..a8561948b4 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -59,7 +59,6 @@ class Notice extends Managed_DataObject public $content; // text public $rendered; // text public $url; // varchar(191) not 255 because utf8mb4 takes more space - public $self; // varchar(191) not 255 because utf8mb4 takes more space public $created; // datetime multiple_key not_null default_0000-00-00%2000%3A00%3A00 public $modified; // timestamp not_null default_CURRENT_TIMESTAMP public $reply_to; // int(4) @@ -84,7 +83,6 @@ class Notice extends Managed_DataObject 'content' => array('type' => 'text', 'description' => 'update content', 'collate' => 'utf8mb4_general_ci'), 'rendered' => array('type' => 'text', 'description' => 'HTML version of the content'), 'url' => array('type' => 'varchar', 'length' => 191, 'description' => 'URL of any attachment (image, video, bookmark, whatever)'), - 'self' => array('type' => 'varchar', 'length' => 191, 'description' => 'Resolvable URL to the (remote) Atom entry representation'), 'created' => array('type' => 'datetime', 'not null' => true, 'description' => 'date this record was created'), 'modified' => array('type' => 'timestamp', 'not null' => true, 'description' => 'date this record was modified'), 'reply_to' => array('type' => 'int', 'description' => 'notice replied to (usually a guess)'), @@ -328,11 +326,13 @@ class Notice extends Managed_DataObject return common_local_url('ApiStatusesShow', array('id' => $this->getID(), 'format' => 'atom')); } - if (!common_valid_http_url($this->self)) { - throw new InvalidUrlException($this->url); + $selfLink = $this->getPref('ostatus', 'self'); + + if (!common_valid_http_url($selfLink)) { + throw new InvalidUrlException($selfLink); } - return $this->self; + return $selfLink; } public function getObjectType($canonical=false) { @@ -544,9 +544,6 @@ class Notice extends Managed_DataObject $notice->source = $source; $notice->uri = $uri; $notice->url = $url; - if ($self && common_valid_http_url($self)) { - $notice->self = $self; - } // Get the groups here so we can figure out replies and such if (!isset($groups)) { @@ -730,6 +727,10 @@ class Notice extends Managed_DataObject } } + if ($self && common_valid_http_url($self)) { + $notice->setPref('ostatus', 'self', $self); + } + // Only save 'attention' and metadata stuff (URLs, tags...) stuff if // the activityverb is a POST (since stuff like repeat, favorite etc. // reasonably handle notifications themselves. @@ -867,9 +868,6 @@ class Notice extends Managed_DataObject $stored->source = $source; $stored->uri = $uri; $stored->url = $url; - if (common_valid_http_url($stored->self)) { - $stored->self = $self; - } $stored->verb = $act->verb; // we use mb_strlen because it _might_ be that the content is just the string "0"... @@ -1054,6 +1052,10 @@ class Notice extends Managed_DataObject throw new ServerException('Supposedly saved Notice has no ID.'); } + if ($self && common_valid_http_url($self)) { + $stored->setPref('ostatus', 'self', $self); + } + // Only save 'attention' and metadata stuff (URLs, tags...) stuff if // the activityverb is a POST (since stuff like repeat, favorite etc. // reasonably handle notifications themselves. @@ -3238,4 +3240,27 @@ class Notice extends Managed_DataObject } } } + + public function delPref($namespace, $topic) { + return Notice_prefs::setData($this, $namespace, $topic, null); + } + + public function getPref($namespace, $topic, $default=null) { + // If you want an exception to be thrown, call Notice_prefs::getData directly + try { + return Notice_prefs::getData($this, $namespace, $topic, $default); + } catch (NoResultException $e) { + return null; + } + } + + // The same as getPref but will fall back to common_config value for the same namespace/topic + public function getConfigPref($namespace, $topic) + { + return Notice_prefs::getConfigData($this, $namespace, $topic); + } + + public function setPref($namespace, $topic, $data) { + return Notice_prefs::setData($this, $namespace, $topic, $data); + } } From 3a7d8efc57d4c04c36b7e5e70a07acbc5570c4dc Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 6 May 2017 13:54:42 +0200 Subject: [PATCH 364/415] ...and make sure we checkschema on Notice_prefs on upgrade... --- db/core.php | 1 + 1 file changed, 1 insertion(+) diff --git a/db/core.php b/db/core.php index f654d79d99..56213eb338 100644 --- a/db/core.php +++ b/db/core.php @@ -41,6 +41,7 @@ $classes = array('Schema_version', 'Notice', 'Notice_location', 'Notice_source', + 'Notice_prefs', 'Reply', 'Consumer', 'Token', From 0dd68d11cb1b1c341bc8f23cb87b780cf32c8e06 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 6 May 2017 14:48:04 +0200 Subject: [PATCH 365/415] What just happened? Not sure if me or git caused duplicate code. --- classes/Notice.php | 23 ----------------------- 1 file changed, 23 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index b22b4296e0..89c30d25fd 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -3267,27 +3267,4 @@ class Notice extends Managed_DataObject public function setPref($namespace, $topic, $data) { return Notice_prefs::setData($this, $namespace, $topic, $data); } - - public function delPref($namespace, $topic) { - return Notice_prefs::setData($this, $namespace, $topic, null); - } - - public function getPref($namespace, $topic, $default=null) { - // If you want an exception to be thrown, call Notice_prefs::getData directly - try { - return Notice_prefs::getData($this, $namespace, $topic, $default); - } catch (NoResultException $e) { - return null; - } - } - - // The same as getPref but will fall back to common_config value for the same namespace/topic - public function getConfigPref($namespace, $topic) - { - return Notice_prefs::getConfigData($this, $namespace, $topic); - } - - public function setPref($namespace, $topic, $data) { - return Notice_prefs::setData($this, $namespace, $topic, $data); - } } From 1517deeeb621a0256106d0108855e8827713e2cc Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sat, 6 May 2017 15:25:44 +0200 Subject: [PATCH 366/415] Since ActivityContext::CONVERSATION changed to 'conversation' instead of 'ostatus:conversation' we need to add it ourselves the xmlstringerthinger doesn't really use namespaces afaik --- lib/activity.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/activity.php b/lib/activity.php index a52f29e9ca..daf9f4b22e 100644 --- a/lib/activity.php +++ b/lib/activity.php @@ -631,18 +631,18 @@ class Activity $convattr['href'] = $conv->getUrl(); $convattr['local_id'] = $conv->getID(); $convattr['ref'] = $conv->getUri(); - $xs->element('link', array('rel' => ActivityContext::CONVERSATION, + $xs->element('link', array('rel' => 'ostatus:'.ActivityContext::CONVERSATION, 'href' => $convattr['href'])); } else { $convattr['ref'] = $this->context->conversation; } - $xs->element(ActivityContext::CONVERSATION, + $xs->element('ostatus:'.ActivityContext::CONVERSATION, $convattr, $this->context->conversation); /* Since we use XMLWriter we just use the previously hardcoded prefix for ostatus, otherwise we should use something like this: $xs->elementNS(array(ActivityContext::OSTATUS => 'ostatus'), // namespace - 'conversation', // tag (or the element name from ActivityContext::CONVERSATION) + ActivityContext::CONVERSATION, null, // attributes $this->context->conversation); // content */ From 5265c48d04fffb6b7e1bb040c2eeaffcd215e377 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 30 May 2017 21:37:53 +0200 Subject: [PATCH 367/415] GNU social avatar by moshpirit / Alberto --- theme/neo-gnu/default-avatar.svg | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 theme/neo-gnu/default-avatar.svg diff --git a/theme/neo-gnu/default-avatar.svg b/theme/neo-gnu/default-avatar.svg new file mode 100644 index 0000000000..c16a748360 --- /dev/null +++ b/theme/neo-gnu/default-avatar.svg @@ -0,0 +1,29 @@ + + + + + + + + + + + image/svg+xml + + + + + + + + + + + + + + + + + + \ No newline at end of file From fa44e0c06e11ab24b48fc068e86b0384d4dbeeb2 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 22 Jun 2017 00:30:38 +0200 Subject: [PATCH 368/415] set a 'rediscovered' parameter to avoid nesting into an ensureHub loop forever --- plugins/OStatus/classes/FeedSub.php | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/plugins/OStatus/classes/FeedSub.php b/plugins/OStatus/classes/FeedSub.php index da86300975..c6f6e28cbd 100644 --- a/plugins/OStatus/classes/FeedSub.php +++ b/plugins/OStatus/classes/FeedSub.php @@ -206,7 +206,7 @@ class FeedSub extends Managed_DataObject * ensureHub will only do $this->update if !empty($this->id) * because otherwise the object has not been created yet. * - * @param bool $autorenew Whether to autorenew the feed after ensuring the hub URL + * @param bool $rediscovered Whether the hub info is rediscovered (to avoid endless loop nesting) * * @return null if actively avoiding the database * int number of rows updated in the database (0 means untouched) @@ -214,7 +214,7 @@ class FeedSub extends Managed_DataObject * @throws ServerException if something went wrong when updating the database * FeedSubNoHubException if no hub URL was discovered */ - public function ensureHub($autorenew=false) + public function ensureHub($rediscovered=false) { if ($this->sub_state !== 'inactive') { common_log(LOG_INFO, sprintf(__METHOD__ . ': Running hub discovery a possibly active feed in %s state for URI %s', _ve($this->sub_state), _ve($this->uri))); @@ -244,7 +244,7 @@ class FeedSub extends Managed_DataObject common_debug('Database update failed for FeedSub id=='._ve($this->id).' with new huburi: '._ve($this->huburi)); throw new ServerException('Database update failed for FeedSub.'); } - if ($autorenew) { + if ($rediscovered) { $this->renew(); } return $result; @@ -260,7 +260,7 @@ class FeedSub extends Managed_DataObject * @return void * @throws ServerException if feed state is not valid */ - public function subscribe() + public function subscribe($rediscovered=false) { if ($this->sub_state && $this->sub_state != 'inactive') { common_log(LOG_WARNING, sprintf('Attempting to (re)start WebSub subscription to %s in unexpected state %s', $this->getUri(), $this->sub_state)); @@ -285,7 +285,7 @@ class FeedSub extends Managed_DataObject } } - $this->doSubscribe('subscribe'); + $this->doSubscribe('subscribe', $rediscovered); } /** @@ -376,10 +376,10 @@ class FeedSub extends Managed_DataObject return $fs; } - public function renew() + public function renew($rediscovered=false) { common_debug('FeedSub is being renewed for uri=='._ve($this->uri).' on huburi=='._ve($this->huburi)); - $this->subscribe(); + $this->subscribe($rediscovered); } /** @@ -392,7 +392,7 @@ class FeedSub extends Managed_DataObject * @return boolean true when everything is ok (throws Exception on fail) * @throws Exception on failure, can be HTTPClient's or our own. */ - protected function doSubscribe($mode) + protected function doSubscribe($mode, $rediscovered=false) { $msg = null; // carries descriptive error message to enduser (no remote data strings!) @@ -439,11 +439,14 @@ class FeedSub extends Managed_DataObject } else if ($status >= 200 && $status < 300) { common_log(LOG_ERR, __METHOD__ . ": sub req returned unexpected HTTP $status: " . $response->getBody()); $msg = sprintf(_m("Unexpected HTTP status: %d"), $status); - } else if ($status == 422) { + } else if ($status == 422 && !$rediscovered) { // Error code regarding something wrong in the data (it seems // that we're talking to a WebSub hub at least, so let's check - // our own data to be sure we're not mistaken somehow. + // our own data to be sure we're not mistaken somehow, which + // means rediscovering hub data (the boolean parameter means + // we avoid running this part over and over and over and over): + common_debug('Running ensureHub again due to 422 status, $rediscovered=='._ve($rediscovered)); $this->ensureHub(true); } else { common_log(LOG_ERR, __METHOD__ . ": sub req failed with HTTP $status: " . $response->getBody()); From c9a9a8bc58d613056a5a584a203889fd602d8ac1 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 22 Jun 2017 01:37:43 +0200 Subject: [PATCH 369/415] Fulltext indexes are supported in InnoDB since MariaDB 10.0.15 --- lib/mysqlschema.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/mysqlschema.php b/lib/mysqlschema.php index 9081c0e578..30c808ab3d 100644 --- a/lib/mysqlschema.php +++ b/lib/mysqlschema.php @@ -265,8 +265,6 @@ class MysqlSchema extends Schema * @param array $def * @return string; * - * @fixme ENGINE may need to be set differently in some cases, - * such as to support fulltext index. */ function endCreateTable($name, array $def) { @@ -276,9 +274,11 @@ class MysqlSchema extends Schema function preferredEngine($def) { + /* MyISAM is no longer required for fulltext indexes, fortunately if (!empty($def['fulltext indexes'])) { return 'MyISAM'; } + */ return 'InnoDB'; } From 3395f6081c7548a5064596215227562a1c9fab72 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Thu, 22 Jun 2017 14:37:32 +0200 Subject: [PATCH 370/415] Endless loop nesting on ensureHub failure now fixed Essentially I was missing a negation on a test if we were in rediscovery mode. --- plugins/OStatus/classes/FeedSub.php | 6 ++++-- plugins/OStatus/lib/pushinqueuehandler.php | 6 +++++- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/plugins/OStatus/classes/FeedSub.php b/plugins/OStatus/classes/FeedSub.php index c6f6e28cbd..c734da80b1 100644 --- a/plugins/OStatus/classes/FeedSub.php +++ b/plugins/OStatus/classes/FeedSub.php @@ -216,6 +216,7 @@ class FeedSub extends Managed_DataObject */ public function ensureHub($rediscovered=false) { + common_debug('Now inside ensureHub again, $rediscovered=='._ve($rediscovered)); if ($this->sub_state !== 'inactive') { common_log(LOG_INFO, sprintf(__METHOD__ . ': Running hub discovery a possibly active feed in %s state for URI %s', _ve($this->sub_state), _ve($this->uri))); } @@ -244,7 +245,7 @@ class FeedSub extends Managed_DataObject common_debug('Database update failed for FeedSub id=='._ve($this->id).' with new huburi: '._ve($this->huburi)); throw new ServerException('Database update failed for FeedSub.'); } - if ($rediscovered) { + if (!$rediscovered) { $this->renew(); } return $result; @@ -447,7 +448,8 @@ class FeedSub extends Managed_DataObject // we avoid running this part over and over and over and over): common_debug('Running ensureHub again due to 422 status, $rediscovered=='._ve($rediscovered)); - $this->ensureHub(true); + $discoveryResult = $this->ensureHub(true); + common_debug('ensureHub is now done and its result was: '._ve($discoveryResult)); } else { common_log(LOG_ERR, __METHOD__ . ": sub req failed with HTTP $status: " . $response->getBody()); } diff --git a/plugins/OStatus/lib/pushinqueuehandler.php b/plugins/OStatus/lib/pushinqueuehandler.php index c5615daad8..4946186cf4 100644 --- a/plugins/OStatus/lib/pushinqueuehandler.php +++ b/plugins/OStatus/lib/pushinqueuehandler.php @@ -45,7 +45,11 @@ class PushInQueueHandler extends QueueHandler } catch(NoResultException $e) { common_log(LOG_INFO, "Discarding POST to unknown feed subscription id {$feedsub_id}"); } catch(Exception $e) { - common_log(LOG_ERR, "Exception "._ve(get_class($e))." during WebSub push input processing for {$feedsub->getUri()}: " . $e->getMessage()); + if (is_null($feedsub)) { + common_log(LOG_ERR, "Exception "._ve(get_class($e))." during WebSub push input processing where FeedSub->receive returned null!" . _ve($e->getMessage())); + } else { + common_log(LOG_ERR, "Exception "._ve(get_class($e))." during WebSub push input processing for {$feedsub->getUri()}: " . _ve($e->getMessage())); + } } return true; } From f0480c34d7e3d528fc559568ce6ac53c3b33f8f9 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 9 Jul 2017 20:07:18 +0200 Subject: [PATCH 371/415] Configure a default timeout for HTTP connections at 60s No requests we do externally should ever take more than 60 seconds. This could probably be changed for downloading video or whatever for any cache plugins that want to store data locally, but in general I think even 60s is way longer than I expect any outgoing requests should take. This affects everything using HTTPClient, our helper class, and thus all hub pings, subscription requests, etc. etc. The value, afaik, includes connect_timeout and if it takes 10 seconds to establish a connection only 50 seconds is available to transfer data. --- lib/default.php | 1 + lib/httpclient.php | 10 ++++++++++ 2 files changed, 11 insertions(+) diff --git a/lib/default.php b/lib/default.php index 90bca32c4f..b1079a907c 100644 --- a/lib/default.php +++ b/lib/default.php @@ -393,6 +393,7 @@ $default = 'ssl_verify_host' => true, // HTTPRequest2 makes sure this is set to CURLOPT_SSL_VERIFYHOST==2 if using curl 'curl' => false, // Use CURL backend for HTTP fetches if available. (If not, PHP's socket streams will be used.) 'connect_timeout' => 5, + 'timeout' => 60, 'proxy_host' => null, 'proxy_port' => null, 'proxy_user' => null, diff --git a/lib/httpclient.php b/lib/httpclient.php index 04a365274d..4891ff6440 100644 --- a/lib/httpclient.php +++ b/lib/httpclient.php @@ -116,6 +116,16 @@ class HTTPClient extends HTTP_Request2 function __construct($url=null, $method=self::METHOD_GET, $config=array()) { + if (is_int(common_config('http', 'timeout'))) { + // Reasonably you shouldn't set http/timeout to 0 because of + // malicious remote servers that can cause infinitely long + // responses... But the default in HTTP_Request2 is 0 for + // some reason and should probably be considered a valid value. + $this->config['timeout'] = common_config('http', 'timeout'); + common_debug('Using HTTPClient timeout value of '._ve($this->config['timeout'])); + } else { + common_log(LOG_ERR, 'config option http/timeout is not an integer value: '._ve(common_config('http', 'timeout'))); + } $this->config['connect_timeout'] = common_config('http', 'connect_timeout') ?: $this->config['connect_timeout']; $this->config['max_redirs'] = 10; $this->config['follow_redirects'] = true; From fb492d4bb2cad123c16618745a320e5668309fb2 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 9 Jul 2017 20:34:44 +0200 Subject: [PATCH 372/415] Remove debug call and change how connect_timeout is set --- lib/httpclient.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/httpclient.php b/lib/httpclient.php index 4891ff6440..819a5e6e07 100644 --- a/lib/httpclient.php +++ b/lib/httpclient.php @@ -122,11 +122,12 @@ class HTTPClient extends HTTP_Request2 // responses... But the default in HTTP_Request2 is 0 for // some reason and should probably be considered a valid value. $this->config['timeout'] = common_config('http', 'timeout'); - common_debug('Using HTTPClient timeout value of '._ve($this->config['timeout'])); } else { common_log(LOG_ERR, 'config option http/timeout is not an integer value: '._ve(common_config('http', 'timeout'))); } - $this->config['connect_timeout'] = common_config('http', 'connect_timeout') ?: $this->config['connect_timeout']; + if (!empty(common_config('http', 'connect_timeout'))) { + $this->config['connect_timeout'] = common_config('http', 'connect_timeout'); + } $this->config['max_redirs'] = 10; $this->config['follow_redirects'] = true; From 08b4b73c6727f52475525d71d618f625c41567d5 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 9 Jul 2017 22:17:52 +0200 Subject: [PATCH 373/415] Updating HTTP_Request2 to 2.3.0 Source: https://pear.php.net/package/HTTP_Request2 Release date: 2016-02-13 15:24 UTC --- extlib/HTTP/Request2.php | 17 +- extlib/HTTP/Request2/Adapter.php | 4 +- extlib/HTTP/Request2/Adapter/Curl.php | 64 +++-- extlib/HTTP/Request2/Adapter/Mock.php | 4 +- extlib/HTTP/Request2/Adapter/Socket.php | 49 ++-- extlib/HTTP/Request2/CookieJar.php | 71 ++++- extlib/HTTP/Request2/Exception.php | 12 +- extlib/HTTP/Request2/MultipartBody.php | 4 +- extlib/HTTP/Request2/Observer/Log.php | 4 +- .../Observer/UncompressingDownload.php | 265 ++++++++++++++++++ extlib/HTTP/Request2/Response.php | 111 ++++++-- extlib/HTTP/Request2/SOCKS5.php | 4 +- extlib/HTTP/Request2/SocketWrapper.php | 55 ++-- 13 files changed, 544 insertions(+), 120 deletions(-) create mode 100644 extlib/HTTP/Request2/Observer/UncompressingDownload.php diff --git a/extlib/HTTP/Request2.php b/extlib/HTTP/Request2.php index d2f36e17b9..b835822e04 100644 --- a/extlib/HTTP/Request2.php +++ b/extlib/HTTP/Request2.php @@ -13,7 +13,7 @@ * @category HTTP * @package HTTP_Request2 * @author Alexey Borzov - * @copyright 2008-2014 Alexey Borzov + * @copyright 2008-2016 Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License * @link http://pear.php.net/package/HTTP_Request2 */ @@ -21,7 +21,9 @@ /** * A class representing an URL as per RFC 3986. */ -require_once 'Net/URL2.php'; +if (!class_exists('Net_URL2', true)) { + require_once 'Net/URL2.php'; +} /** * Exception class for HTTP_Request2 package @@ -35,7 +37,7 @@ require_once 'HTTP/Request2/Exception.php'; * @package HTTP_Request2 * @author Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License - * @version Release: 2.2.1 + * @version Release: 2.3.0 * @link http://pear.php.net/package/HTTP_Request2 * @link http://tools.ietf.org/html/rfc2616#section-5 */ @@ -213,7 +215,7 @@ class HTTP_Request2 implements SplSubject $this->setMethod($method); } $this->setHeader( - 'user-agent', 'HTTP_Request2/2.2.1 ' . + 'user-agent', 'HTTP_Request2/2.3.0 ' . '(http://pear.php.net/package/http_request2) PHP/' . phpversion() ); } @@ -794,6 +796,11 @@ class HTTP_Request2 implements SplSubject * encoded by Content-Encoding *
  • 'receivedBody' - after receiving the complete response * body, data is HTTP_Request2_Response object
    • + *
  • 'warning' - a problem arose during the request + * that is not severe enough to throw + * an Exception, data is the warning + * message (string). Currently dispatched if + * response body was received incompletely.
    • * * Different adapters may not send all the event types. Mock adapter does * not send any events to the observers. @@ -1022,7 +1029,7 @@ class HTTP_Request2 implements SplSubject } // (deprecated) mime_content_type function available if (empty($info) && function_exists('mime_content_type')) { - return mime_content_type($filename); + $info = mime_content_type($filename); } return empty($info)? 'application/octet-stream': $info; } diff --git a/extlib/HTTP/Request2/Adapter.php b/extlib/HTTP/Request2/Adapter.php index 4e4b0b10a3..035632792c 100644 --- a/extlib/HTTP/Request2/Adapter.php +++ b/extlib/HTTP/Request2/Adapter.php @@ -13,7 +13,7 @@ * @category HTTP * @package HTTP_Request2 * @author Alexey Borzov - * @copyright 2008-2014 Alexey Borzov + * @copyright 2008-2016 Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License * @link http://pear.php.net/package/HTTP_Request2 */ @@ -34,7 +34,7 @@ require_once 'HTTP/Request2/Response.php'; * @package HTTP_Request2 * @author Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License - * @version Release: 2.2.1 + * @version Release: 2.3.0 * @link http://pear.php.net/package/HTTP_Request2 */ abstract class HTTP_Request2_Adapter diff --git a/extlib/HTTP/Request2/Adapter/Curl.php b/extlib/HTTP/Request2/Adapter/Curl.php index ef75b8c957..13d4a2994e 100644 --- a/extlib/HTTP/Request2/Adapter/Curl.php +++ b/extlib/HTTP/Request2/Adapter/Curl.php @@ -13,7 +13,7 @@ * @category HTTP * @package HTTP_Request2 * @author Alexey Borzov - * @copyright 2008-2014 Alexey Borzov + * @copyright 2008-2016 Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License * @link http://pear.php.net/package/HTTP_Request2 */ @@ -30,7 +30,7 @@ require_once 'HTTP/Request2/Adapter.php'; * @package HTTP_Request2 * @author Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License - * @version Release: 2.2.1 + * @version Release: 2.3.0 * @link http://pear.php.net/package/HTTP_Request2 */ class HTTP_Request2_Adapter_Curl extends HTTP_Request2_Adapter @@ -116,6 +116,12 @@ class HTTP_Request2_Adapter_Curl extends HTTP_Request2_Adapter */ protected $eventReceivedHeaders = false; + /** + * Whether 'sentBoody' event was sent to observers + * @var boolean + */ + protected $eventSentBody = false; + /** * Position within request body * @var integer @@ -171,6 +177,7 @@ class HTTP_Request2_Adapter_Curl extends HTTP_Request2_Adapter $this->position = 0; $this->eventSentHeaders = false; $this->eventReceivedHeaders = false; + $this->eventSentBody = false; try { if (false === curl_exec($ch = $this->createCurlHandle())) { @@ -180,6 +187,9 @@ class HTTP_Request2_Adapter_Curl extends HTTP_Request2_Adapter } if (isset($ch)) { $this->lastInfo = curl_getinfo($ch); + if (CURLE_OK !== curl_errno($ch)) { + $this->request->setLastEvent('warning', curl_error($ch)); + } curl_close($ch); } @@ -191,7 +201,7 @@ class HTTP_Request2_Adapter_Curl extends HTTP_Request2_Adapter } if ($jar = $request->getCookieJar()) { - $jar->addCookiesFromResponse($response, $request->getUrl()); + $jar->addCookiesFromResponse($response); } if (0 < $this->lastInfo['size_download']) { @@ -400,9 +410,12 @@ class HTTP_Request2_Adapter_Curl extends HTTP_Request2_Adapter protected function workaroundPhpBug47204($ch, &$headers) { // no redirects, no digest auth -> probably no rewind needed + // also apply workaround only for POSTs, othrerwise we get + // https://pear.php.net/bugs/bug.php?id=20440 for PUTs if (!$this->request->getConfig('follow_redirects') && (!($auth = $this->request->getAuth()) || HTTP_Request2::AUTH_DIGEST != $auth['scheme']) + || HTTP_Request2::METHOD_POST !== $this->request->getMethod() ) { curl_setopt($ch, CURLOPT_READFUNCTION, array($this, 'callbackReadBody')); @@ -469,40 +482,36 @@ class HTTP_Request2_Adapter_Curl extends HTTP_Request2_Adapter */ protected function callbackWriteHeader($ch, $string) { - // we may receive a second set of headers if doing e.g. digest auth - if ($this->eventReceivedHeaders || !$this->eventSentHeaders) { - // don't bother with 100-Continue responses (bug #15785) - if (!$this->eventSentHeaders - || $this->response->getStatus() >= 200 - ) { - $this->request->setLastEvent( - 'sentHeaders', curl_getinfo($ch, CURLINFO_HEADER_OUT) - ); - } + if (!$this->eventSentHeaders + // we may receive a second set of headers if doing e.g. digest auth + // but don't bother with 100-Continue responses (bug #15785) + || $this->eventReceivedHeaders && $this->response->getStatus() >= 200 + ) { + $this->request->setLastEvent( + 'sentHeaders', curl_getinfo($ch, CURLINFO_HEADER_OUT) + ); + } + if (!$this->eventSentBody) { $upload = curl_getinfo($ch, CURLINFO_SIZE_UPLOAD); - // if body wasn't read by a callback, send event with total body size + // if body wasn't read by the callback, send event with total body size if ($upload > $this->position) { $this->request->setLastEvent( 'sentBodyPart', $upload - $this->position ); - $this->position = $upload; } - if ($upload && (!$this->eventSentHeaders - || $this->response->getStatus() >= 200) - ) { + if ($upload > 0) { $this->request->setLastEvent('sentBody', $upload); } - $this->eventSentHeaders = true; - // we'll need a new response object - if ($this->eventReceivedHeaders) { - $this->eventReceivedHeaders = false; - $this->response = null; - } } - if (empty($this->response)) { - $this->response = new HTTP_Request2_Response( + $this->eventSentHeaders = true; + $this->eventSentBody = true; + + if ($this->eventReceivedHeaders || empty($this->response)) { + $this->eventReceivedHeaders = false; + $this->response = new HTTP_Request2_Response( $string, false, curl_getinfo($ch, CURLINFO_EFFECTIVE_URL) ); + } else { $this->response->parseHeaderLine($string); if ('' == trim($string)) { @@ -522,7 +531,7 @@ class HTTP_Request2_Adapter_Curl extends HTTP_Request2_Adapter } if ($jar = $this->request->getCookieJar()) { - $jar->addCookiesFromResponse($this->response, $this->request->getUrl()); + $jar->addCookiesFromResponse($this->response); if (!$redirectUrl->isAbsolute()) { $redirectUrl = $this->request->getUrl()->resolve($redirectUrl); } @@ -532,6 +541,7 @@ class HTTP_Request2_Adapter_Curl extends HTTP_Request2_Adapter } } $this->eventReceivedHeaders = true; + $this->eventSentBody = false; } } return strlen($string); diff --git a/extlib/HTTP/Request2/Adapter/Mock.php b/extlib/HTTP/Request2/Adapter/Mock.php index d6e274ab9a..22b4282444 100644 --- a/extlib/HTTP/Request2/Adapter/Mock.php +++ b/extlib/HTTP/Request2/Adapter/Mock.php @@ -13,7 +13,7 @@ * @category HTTP * @package HTTP_Request2 * @author Alexey Borzov - * @copyright 2008-2014 Alexey Borzov + * @copyright 2008-2016 Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License * @link http://pear.php.net/package/HTTP_Request2 */ @@ -44,7 +44,7 @@ require_once 'HTTP/Request2/Adapter.php'; * @package HTTP_Request2 * @author Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License - * @version Release: 2.2.1 + * @version Release: 2.3.0 * @link http://pear.php.net/package/HTTP_Request2 */ class HTTP_Request2_Adapter_Mock extends HTTP_Request2_Adapter diff --git a/extlib/HTTP/Request2/Adapter/Socket.php b/extlib/HTTP/Request2/Adapter/Socket.php index 7946b0a374..3a1d18606b 100644 --- a/extlib/HTTP/Request2/Adapter/Socket.php +++ b/extlib/HTTP/Request2/Adapter/Socket.php @@ -13,7 +13,7 @@ * @category HTTP * @package HTTP_Request2 * @author Alexey Borzov - * @copyright 2008-2014 Alexey Borzov + * @copyright 2008-2016 Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License * @link http://pear.php.net/package/HTTP_Request2 */ @@ -34,7 +34,7 @@ require_once 'HTTP/Request2/SocketWrapper.php'; * @package HTTP_Request2 * @author Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License - * @version Release: 2.2.1 + * @version Release: 2.3.0 * @link http://pear.php.net/package/HTTP_Request2 */ class HTTP_Request2_Adapter_Socket extends HTTP_Request2_Adapter @@ -147,7 +147,7 @@ class HTTP_Request2_Adapter_Socket extends HTTP_Request2_Adapter if ($jar = $request->getCookieJar()) { - $jar->addCookiesFromResponse($response, $request->getUrl()); + $jar->addCookiesFromResponse($response); } if (!$this->canKeepAlive($keepAlive, $response)) { @@ -261,9 +261,16 @@ class HTTP_Request2_Adapter_Socket extends HTTP_Request2_Adapter foreach ($this->request->getConfig() as $name => $value) { if ('ssl_' == substr($name, 0, 4) && null !== $value) { if ('ssl_verify_host' == $name) { - if ($value) { - $options['ssl']['CN_match'] = $reqHost; + if (version_compare(phpversion(), '5.6', '<')) { + if ($value) { + $options['ssl']['CN_match'] = $reqHost; + } + + } else { + $options['ssl']['verify_peer_name'] = $value; + $options['ssl']['peer_name'] = $reqHost; } + } else { $options['ssl'][substr($name, 4)] = $value; } @@ -281,7 +288,7 @@ class HTTP_Request2_Adapter_Socket extends HTTP_Request2_Adapter // Changing SSL context options after connection is established does *not* // work, we need a new connection if options change - $remote = ((!$secure || $httpProxy || $socksProxy)? 'tcp://': 'ssl://') + $remote = ((!$secure || $httpProxy || $socksProxy)? 'tcp://': 'tls://') . $host . ':' . $port; $socketKey = $remote . ( ($secure && $httpProxy || $socksProxy) @@ -312,12 +319,12 @@ class HTTP_Request2_Adapter_Socket extends HTTP_Request2_Adapter $conninfo = "tcp://{$reqHost}:{$reqPort} via {$remote}"; } else { $this->socket->enableCrypto(); - $conninfo = "ssl://{$reqHost}:{$reqPort} via {$remote}"; + $conninfo = "tls://{$reqHost}:{$reqPort} via {$remote}"; } } elseif ($secure && $httpProxy && !$tunnel) { $this->establishTunnel(); - $conninfo = "ssl://{$reqHost}:{$reqPort} via {$remote}"; + $conninfo = "tls://{$reqHost}:{$reqPort} via {$remote}"; } else { $this->socket = new HTTP_Request2_SocketWrapper( @@ -1043,14 +1050,14 @@ class HTTP_Request2_Adapter_Socket extends HTTP_Request2_Adapter $chunked = 'chunked' == $response->getHeader('transfer-encoding'); $length = $response->getHeader('content-length'); $hasBody = false; - if ($chunked || null === $length || 0 < intval($length)) { - // RFC 2616, section 4.4: - // 3. ... If a message is received with both a - // Transfer-Encoding header field and a Content-Length header field, - // the latter MUST be ignored. - $toRead = ($chunked || null === $length)? null: $length; - $this->chunkLength = 0; + // RFC 2616, section 4.4: + // 3. ... If a message is received with both a + // Transfer-Encoding header field and a Content-Length header field, + // the latter MUST be ignored. + $toRead = ($chunked || null === $length)? null: $length; + $this->chunkLength = 0; + if ($chunked || null === $length || 0 < intval($length)) { while (!$this->socket->eof() && (is_null($toRead) || 0 < $toRead)) { if ($chunked) { $data = $this->readChunked($bufferSize); @@ -1075,6 +1082,11 @@ class HTTP_Request2_Adapter_Socket extends HTTP_Request2_Adapter } } } + if (0 !== $this->chunkLength || null !== $toRead && $toRead > 0) { + $this->request->setLastEvent( + 'warning', 'transfer closed with outstanding read data remaining' + ); + } if ($hasBody) { $this->request->setLastEvent('receivedBody', $response); @@ -1095,11 +1107,16 @@ class HTTP_Request2_Adapter_Socket extends HTTP_Request2_Adapter // at start of the next chunk? if (0 == $this->chunkLength) { $line = $this->socket->readLine($bufferSize); - if (!preg_match('/^([0-9a-f]+)/i', $line, $matches)) { + if ('' === $line && $this->socket->eof()) { + $this->chunkLength = -1; // indicate missing chunk + return ''; + + } elseif (!preg_match('/^([0-9a-f]+)/i', $line, $matches)) { throw new HTTP_Request2_MessageException( "Cannot decode chunked response, invalid chunk length '{$line}'", HTTP_Request2_Exception::DECODE_ERROR ); + } else { $this->chunkLength = hexdec($matches[1]); // Chunk with zero length indicates the end diff --git a/extlib/HTTP/Request2/CookieJar.php b/extlib/HTTP/Request2/CookieJar.php index 79ac08bb75..f191e2551f 100644 --- a/extlib/HTTP/Request2/CookieJar.php +++ b/extlib/HTTP/Request2/CookieJar.php @@ -13,7 +13,7 @@ * @category HTTP * @package HTTP_Request2 * @author Alexey Borzov - * @copyright 2008-2014 Alexey Borzov + * @copyright 2008-2016 Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License * @link http://pear.php.net/package/HTTP_Request2 */ @@ -61,6 +61,12 @@ class HTTP_Request2_CookieJar implements Serializable */ protected $useList = true; + /** + * Whether an attempt to store an invalid cookie should be ignored, rather than cause an Exception + * @var bool + */ + protected $ignoreInvalid = false; + /** * Array with Public Suffix List data * @var array @@ -75,12 +81,16 @@ class HTTP_Request2_CookieJar implements Serializable * see {@link serializeSessionCookies()} * @param bool $usePublicSuffixList Controls using Public Suffix List, * see {@link usePublicSuffixList()} + * @param bool $ignoreInvalidCookies Whether invalid cookies should be ignored, + * see {@link ignoreInvalidCookies()} */ public function __construct( - $serializeSessionCookies = false, $usePublicSuffixList = true + $serializeSessionCookies = false, $usePublicSuffixList = true, + $ignoreInvalidCookies = false ) { $this->serializeSessionCookies($serializeSessionCookies); $this->usePublicSuffixList($usePublicSuffixList); + $this->ignoreInvalidCookies($ignoreInvalidCookies); } /** @@ -194,11 +204,20 @@ class HTTP_Request2_CookieJar implements Serializable * {@link HTTP_Request2_Response::getCookies()} * @param Net_URL2 $setter URL of the document that sent Set-Cookie header * - * @throws HTTP_Request2_Exception + * @return bool whether the cookie was successfully stored + * @throws HTTP_Request2_Exception */ public function store(array $cookie, Net_URL2 $setter = null) { - $cookie = $this->checkAndUpdateFields($cookie, $setter); + try { + $cookie = $this->checkAndUpdateFields($cookie, $setter); + } catch (HTTP_Request2_Exception $e) { + if ($this->ignoreInvalid) { + return false; + } else { + throw $e; + } + } if (strlen($cookie['value']) && (is_null($cookie['expires']) || $cookie['expires'] > $this->now()) @@ -214,6 +233,8 @@ class HTTP_Request2_CookieJar implements Serializable } elseif (isset($this->cookies[$cookie['domain']][$cookie['path']][$cookie['name']])) { unset($this->cookies[$cookie['domain']][$cookie['path']][$cookie['name']]); } + + return true; } /** @@ -221,13 +242,29 @@ class HTTP_Request2_CookieJar implements Serializable * * @param HTTP_Request2_Response $response HTTP response message * @param Net_URL2 $setter original request URL, needed for - * setting default domain/path + * setting default domain/path. If not given, + * effective URL from response will be used. + * + * @return bool whether all cookies were successfully stored + * @throws HTTP_Request2_LogicException */ - public function addCookiesFromResponse(HTTP_Request2_Response $response, Net_URL2 $setter) + public function addCookiesFromResponse(HTTP_Request2_Response $response, Net_URL2 $setter = null) { - foreach ($response->getCookies() as $cookie) { - $this->store($cookie, $setter); + if (null === $setter) { + if (!($effectiveUrl = $response->getEffectiveUrl())) { + throw new HTTP_Request2_LogicException( + 'Response URL required for adding cookies from response', + HTTP_Request2_Exception::MISSING_VALUE + ); + } + $setter = new Net_URL2($effectiveUrl); } + + $success = true; + foreach ($response->getCookies() as $cookie) { + $success = $this->store($cookie, $setter) && $success; + } + return $success; } /** @@ -306,6 +343,18 @@ class HTTP_Request2_CookieJar implements Serializable $this->serializeSession = (bool)$serialize; } + /** + * Sets whether invalid cookies should be silently ignored or cause an Exception + * + * @param boolean $ignore ignore? + * @link http://pear.php.net/bugs/bug.php?id=19937 + * @link http://pear.php.net/bugs/bug.php?id=20401 + */ + public function ignoreInvalidCookies($ignore) + { + $this->ignoreInvalid = (bool)$ignore; + } + /** * Sets whether Public Suffix List should be used for restricting cookie-setting * @@ -352,7 +401,8 @@ class HTTP_Request2_CookieJar implements Serializable return serialize(array( 'cookies' => $cookies, 'serializeSession' => $this->serializeSession, - 'useList' => $this->useList + 'useList' => $this->useList, + 'ignoreInvalid' => $this->ignoreInvalid )); } @@ -369,6 +419,9 @@ class HTTP_Request2_CookieJar implements Serializable $now = $this->now(); $this->serializeSessionCookies($data['serializeSession']); $this->usePublicSuffixList($data['useList']); + if (array_key_exists('ignoreInvalid', $data)) { + $this->ignoreInvalidCookies($data['ignoreInvalid']); + } foreach ($data['cookies'] as $cookie) { if (!empty($cookie['expires']) && $cookie['expires'] <= $now) { continue; diff --git a/extlib/HTTP/Request2/Exception.php b/extlib/HTTP/Request2/Exception.php index d0b5d4ee09..de9432df8c 100644 --- a/extlib/HTTP/Request2/Exception.php +++ b/extlib/HTTP/Request2/Exception.php @@ -13,7 +13,7 @@ * @category HTTP * @package HTTP_Request2 * @author Alexey Borzov - * @copyright 2008-2014 Alexey Borzov + * @copyright 2008-2016 Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License * @link http://pear.php.net/package/HTTP_Request2 */ @@ -30,7 +30,7 @@ require_once 'PEAR/Exception.php'; * @package HTTP_Request2 * @author Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License - * @version Release: 2.2.1 + * @version Release: 2.3.0 * @link http://pear.php.net/package/HTTP_Request2 * @link http://pear.php.net/pepr/pepr-proposal-show.php?id=132 */ @@ -97,7 +97,7 @@ class HTTP_Request2_Exception extends PEAR_Exception * @package HTTP_Request2 * @author Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License - * @version Release: 2.2.1 + * @version Release: 2.3.0 * @link http://pear.php.net/package/HTTP_Request2 */ class HTTP_Request2_NotImplementedException extends HTTP_Request2_Exception @@ -118,7 +118,7 @@ class HTTP_Request2_NotImplementedException extends HTTP_Request2_Exception * @package HTTP_Request2 * @author Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License - * @version Release: 2.2.1 + * @version Release: 2.3.0 * @link http://pear.php.net/package/HTTP_Request2 */ class HTTP_Request2_LogicException extends HTTP_Request2_Exception @@ -135,7 +135,7 @@ class HTTP_Request2_LogicException extends HTTP_Request2_Exception * @package HTTP_Request2 * @author Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License - * @version Release: 2.2.1 + * @version Release: 2.3.0 * @link http://pear.php.net/package/HTTP_Request2 */ class HTTP_Request2_ConnectionException extends HTTP_Request2_Exception @@ -151,7 +151,7 @@ class HTTP_Request2_ConnectionException extends HTTP_Request2_Exception * @package HTTP_Request2 * @author Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License - * @version Release: 2.2.1 + * @version Release: 2.3.0 * @link http://pear.php.net/package/HTTP_Request2 */ class HTTP_Request2_MessageException extends HTTP_Request2_Exception diff --git a/extlib/HTTP/Request2/MultipartBody.php b/extlib/HTTP/Request2/MultipartBody.php index c68b6602b8..e5a3845952 100644 --- a/extlib/HTTP/Request2/MultipartBody.php +++ b/extlib/HTTP/Request2/MultipartBody.php @@ -13,7 +13,7 @@ * @category HTTP * @package HTTP_Request2 * @author Alexey Borzov - * @copyright 2008-2014 Alexey Borzov + * @copyright 2008-2016 Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License * @link http://pear.php.net/package/HTTP_Request2 */ @@ -31,7 +31,7 @@ require_once 'HTTP/Request2/Exception.php'; * @package HTTP_Request2 * @author Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License - * @version Release: 2.2.1 + * @version Release: 2.3.0 * @link http://pear.php.net/package/HTTP_Request2 * @link http://tools.ietf.org/html/rfc1867 */ diff --git a/extlib/HTTP/Request2/Observer/Log.php b/extlib/HTTP/Request2/Observer/Log.php index 341e29907e..069baf8e95 100644 --- a/extlib/HTTP/Request2/Observer/Log.php +++ b/extlib/HTTP/Request2/Observer/Log.php @@ -14,7 +14,7 @@ * @package HTTP_Request2 * @author David Jean Louis * @author Alexey Borzov - * @copyright 2008-2014 Alexey Borzov + * @copyright 2008-2016 Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License * @link http://pear.php.net/package/HTTP_Request2 */ @@ -64,7 +64,7 @@ require_once 'HTTP/Request2/Exception.php'; * @author David Jean Louis * @author Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License - * @version Release: 2.2.1 + * @version Release: 2.3.0 * @link http://pear.php.net/package/HTTP_Request2 */ class HTTP_Request2_Observer_Log implements SplObserver diff --git a/extlib/HTTP/Request2/Observer/UncompressingDownload.php b/extlib/HTTP/Request2/Observer/UncompressingDownload.php new file mode 100644 index 0000000000..8a3430a01e --- /dev/null +++ b/extlib/HTTP/Request2/Observer/UncompressingDownload.php @@ -0,0 +1,265 @@ + + * @author Alexey Borzov + * @copyright 2008-2016 Alexey Borzov + * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License + * @link http://pear.php.net/package/HTTP_Request2 + */ + +require_once 'HTTP/Request2/Response.php'; + +/** + * An observer that saves response body to stream, possibly uncompressing it + * + * This Observer is written in compliment to pear's HTTP_Request2 in order to + * avoid reading the whole response body in memory. Instead it writes the body + * to a stream. If the body is transferred with content-encoding set to + * "deflate" or "gzip" it is decoded on the fly. + * + * The constructor accepts an already opened (for write) stream (file_descriptor). + * If the response is deflate/gzip encoded a "zlib.inflate" filter is applied + * to the stream. When the body has been read from the request and written to + * the stream ("receivedBody" event) the filter is removed from the stream. + * + * The "zlib.inflate" filter works fine with pure "deflate" encoding. It does + * not understand the "deflate+zlib" and "gzip" headers though, so they have to + * be removed prior to being passed to the stream. This is done in the "update" + * method. + * + * It is also possible to limit the size of written extracted bytes by passing + * "max_bytes" to the constructor. This is important because e.g. 1GB of + * zeroes take about a MB when compressed. + * + * Exceptions are being thrown if data could not be written to the stream or + * the written bytes have already exceeded the requested maximum. If the "gzip" + * header is malformed or could not be parsed an exception will be thrown too. + * + * Example usage follows: + * + * + * require_once 'HTTP/Request2.php'; + * require_once 'HTTP/Request2/Observer/UncompressingDownload.php'; + * + * #$inPath = 'http://carsten.codimi.de/gzip.yaws/daniels.html'; + * #$inPath = 'http://carsten.codimi.de/gzip.yaws/daniels.html?deflate=on'; + * $inPath = 'http://carsten.codimi.de/gzip.yaws/daniels.html?deflate=on&zlib=on'; + * #$outPath = "/dev/null"; + * $outPath = "delme"; + * + * $stream = fopen($outPath, 'wb'); + * if (!$stream) { + * throw new Exception('fopen failed'); + * } + * + * $request = new HTTP_Request2( + * $inPath, + * HTTP_Request2::METHOD_GET, + * array( + * 'store_body' => false, + * 'connect_timeout' => 5, + * 'timeout' => 10, + * 'ssl_verify_peer' => true, + * 'ssl_verify_host' => true, + * 'ssl_cafile' => null, + * 'ssl_capath' => '/etc/ssl/certs', + * 'max_redirects' => 10, + * 'follow_redirects' => true, + * 'strict_redirects' => false + * ) + * ); + * + * $observer = new HTTP_Request2_Observer_UncompressingDownload($stream, 9999999); + * $request->attach($observer); + * + * $response = $request->send(); + * + * fclose($stream); + * echo "OK\n"; + * + * + * @category HTTP + * @package HTTP_Request2 + * @author Delian Krustev + * @author Alexey Borzov + * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License + * @version Release: 2.3.0 + * @link http://pear.php.net/package/HTTP_Request2 + */ +class HTTP_Request2_Observer_UncompressingDownload implements SplObserver +{ + /** + * The stream to write response body to + * @var resource + */ + private $_stream; + + /** + * zlib.inflate filter possibly added to stream + * @var resource + */ + private $_streamFilter; + + /** + * The value of response's Content-Encoding header + * @var string + */ + private $_encoding; + + /** + * Whether the observer is still waiting for gzip/deflate header + * @var bool + */ + private $_processingHeader = true; + + /** + * Starting position in the stream observer writes to + * @var int + */ + private $_startPosition = 0; + + /** + * Maximum bytes to write + * @var int|null + */ + private $_maxDownloadSize; + + /** + * Whether response being received is a redirect + * @var bool + */ + private $_redirect = false; + + /** + * Accumulated body chunks that may contain (gzip) header + * @var string + */ + private $_possibleHeader = ''; + + /** + * Class constructor + * + * Note that there might be problems with max_bytes and files bigger + * than 2 GB on 32bit platforms + * + * @param resource $stream a stream (or file descriptor) opened for writing. + * @param int $maxDownloadSize maximum bytes to write + */ + public function __construct($stream, $maxDownloadSize = null) + { + $this->_stream = $stream; + if ($maxDownloadSize) { + $this->_maxDownloadSize = $maxDownloadSize; + $this->_startPosition = ftell($this->_stream); + } + } + + /** + * Called when the request notifies us of an event. + * + * @param SplSubject $request The HTTP_Request2 instance + * + * @return void + * @throws HTTP_Request2_MessageException + */ + public function update(SplSubject $request) + { + /* @var $request HTTP_Request2 */ + $event = $request->getLastEvent(); + $encoded = false; + + /* @var $event['data'] HTTP_Request2_Response */ + switch ($event['name']) { + case 'receivedHeaders': + $this->_processingHeader = true; + $this->_redirect = $event['data']->isRedirect(); + $this->_encoding = strtolower($event['data']->getHeader('content-encoding')); + $this->_possibleHeader = ''; + break; + + case 'receivedEncodedBodyPart': + if (!$this->_streamFilter + && ($this->_encoding === 'deflate' || $this->_encoding === 'gzip') + ) { + $this->_streamFilter = stream_filter_append( + $this->_stream, 'zlib.inflate', STREAM_FILTER_WRITE + ); + } + $encoded = true; + // fall-through is intentional + + case 'receivedBodyPart': + if ($this->_redirect) { + break; + } + + if (!$encoded || !$this->_processingHeader) { + $bytes = fwrite($this->_stream, $event['data']); + + } else { + $offset = 0; + $this->_possibleHeader .= $event['data']; + if ('deflate' === $this->_encoding) { + if (2 > strlen($this->_possibleHeader)) { + break; + } + $header = unpack('n', substr($this->_possibleHeader, 0, 2)); + if (0 == $header[1] % 31) { + $offset = 2; + } + + } elseif ('gzip' === $this->_encoding) { + if (10 > strlen($this->_possibleHeader)) { + break; + } + try { + $offset = HTTP_Request2_Response::parseGzipHeader($this->_possibleHeader, false); + + } catch (HTTP_Request2_MessageException $e) { + // need more data? + if (false !== strpos($e->getMessage(), 'data too short')) { + break; + } + throw $e; + } + } + + $this->_processingHeader = false; + $bytes = fwrite($this->_stream, substr($this->_possibleHeader, $offset)); + } + + if (false === $bytes) { + throw new HTTP_Request2_MessageException('fwrite failed.'); + } + + if ($this->_maxDownloadSize + && ftell($this->_stream) - $this->_startPosition > $this->_maxDownloadSize + ) { + throw new HTTP_Request2_MessageException(sprintf( + 'Body length limit (%d bytes) reached', + $this->_maxDownloadSize + )); + } + break; + + case 'receivedBody': + if ($this->_streamFilter) { + stream_filter_remove($this->_streamFilter); + $this->_streamFilter = null; + } + break; + } + } +} diff --git a/extlib/HTTP/Request2/Response.php b/extlib/HTTP/Request2/Response.php index d2f414cf6c..b144fdae09 100644 --- a/extlib/HTTP/Request2/Response.php +++ b/extlib/HTTP/Request2/Response.php @@ -13,7 +13,7 @@ * @category HTTP * @package HTTP_Request2 * @author Alexey Borzov - * @copyright 2008-2014 Alexey Borzov + * @copyright 2008-2016 Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License * @link http://pear.php.net/package/HTTP_Request2 */ @@ -47,7 +47,7 @@ require_once 'HTTP/Request2/Exception.php'; * @package HTTP_Request2 * @author Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License - * @version Release: 2.2.1 + * @version Release: 2.3.0 * @link http://pear.php.net/package/HTTP_Request2 * @link http://tools.ietf.org/html/rfc2616#section-6 */ @@ -465,32 +465,46 @@ class HTTP_Request2_Response } /** - * Decodes the message-body encoded by gzip + * Checks whether data starts with GZIP format identification bytes from RFC 1952 * - * The real decoding work is done by gzinflate() built-in function, this - * method only parses the header and checks data for compliance with - * RFC 1952 + * @param string $data gzip-encoded (presumably) data * - * @param string $data gzip-encoded data - * - * @return string decoded data - * @throws HTTP_Request2_LogicException - * @throws HTTP_Request2_MessageException - * @link http://tools.ietf.org/html/rfc1952 + * @return bool */ - public static function decodeGzip($data) + public static function hasGzipIdentification($data) { - $length = strlen($data); - // If it doesn't look like gzip-encoded data, don't bother - if (18 > $length || strcmp(substr($data, 0, 2), "\x1f\x8b")) { - return $data; - } - if (!function_exists('gzinflate')) { - throw new HTTP_Request2_LogicException( - 'Unable to decode body: gzip extension not available', - HTTP_Request2_Exception::MISCONFIGURATION + return 0 === strcmp(substr($data, 0, 2), "\x1f\x8b"); + } + + /** + * Tries to parse GZIP format header in the given string + * + * If the header conforms to RFC 1952, its length is returned. If any + * sanity check fails, HTTP_Request2_MessageException is thrown. + * + * Note: This function might be usable outside of HTTP_Request2 so it might + * be good idea to be moved to some common package. (Delian Krustev) + * + * @param string $data Either the complete response body or + * the leading part of it + * @param boolean $dataComplete Whether $data contains complete response body + * + * @return int gzip header length in bytes + * @throws HTTP_Request2_MessageException + * @link http://tools.ietf.org/html/rfc1952 + */ + public static function parseGzipHeader($data, $dataComplete = false) + { + // if data is complete, trailing 8 bytes should be present for size and crc32 + $length = strlen($data) - ($dataComplete ? 8 : 0); + + if ($length < 10 || !self::hasGzipIdentification($data)) { + throw new HTTP_Request2_MessageException( + 'The data does not seem to contain a valid gzip header', + HTTP_Request2_Exception::DECODE_ERROR ); } + $method = ord(substr($data, 2, 1)); if (8 != $method) { throw new HTTP_Request2_MessageException( @@ -510,14 +524,14 @@ class HTTP_Request2_Response $headerLength = 10; // extra fields, need to skip 'em if ($flags & 4) { - if ($length - $headerLength - 2 < 8) { + if ($length - $headerLength - 2 < 0) { throw new HTTP_Request2_MessageException( 'Error parsing gzip header: data too short', HTTP_Request2_Exception::DECODE_ERROR ); } $extraLength = unpack('v', substr($data, 10, 2)); - if ($length - $headerLength - 2 - $extraLength[1] < 8) { + if ($length - $headerLength - 2 - $extraLength[1] < 0) { throw new HTTP_Request2_MessageException( 'Error parsing gzip header: data too short', HTTP_Request2_Exception::DECODE_ERROR @@ -527,14 +541,16 @@ class HTTP_Request2_Response } // file name, need to skip that if ($flags & 8) { - if ($length - $headerLength - 1 < 8) { + if ($length - $headerLength - 1 < 0) { throw new HTTP_Request2_MessageException( 'Error parsing gzip header: data too short', HTTP_Request2_Exception::DECODE_ERROR ); } $filenameLength = strpos(substr($data, $headerLength), chr(0)); - if (false === $filenameLength || $length - $headerLength - $filenameLength - 1 < 8) { + if (false === $filenameLength + || $length - $headerLength - $filenameLength - 1 < 0 + ) { throw new HTTP_Request2_MessageException( 'Error parsing gzip header: data too short', HTTP_Request2_Exception::DECODE_ERROR @@ -544,14 +560,16 @@ class HTTP_Request2_Response } // comment, need to skip that also if ($flags & 16) { - if ($length - $headerLength - 1 < 8) { + if ($length - $headerLength - 1 < 0) { throw new HTTP_Request2_MessageException( 'Error parsing gzip header: data too short', HTTP_Request2_Exception::DECODE_ERROR ); } $commentLength = strpos(substr($data, $headerLength), chr(0)); - if (false === $commentLength || $length - $headerLength - $commentLength - 1 < 8) { + if (false === $commentLength + || $length - $headerLength - $commentLength - 1 < 0 + ) { throw new HTTP_Request2_MessageException( 'Error parsing gzip header: data too short', HTTP_Request2_Exception::DECODE_ERROR @@ -561,7 +579,7 @@ class HTTP_Request2_Response } // have a CRC for header. let's check if ($flags & 2) { - if ($length - $headerLength - 2 < 8) { + if ($length - $headerLength - 2 < 0) { throw new HTTP_Request2_MessageException( 'Error parsing gzip header: data too short', HTTP_Request2_Exception::DECODE_ERROR @@ -577,12 +595,43 @@ class HTTP_Request2_Response } $headerLength += 2; } + return $headerLength; + } + + /** + * Decodes the message-body encoded by gzip + * + * The real decoding work is done by gzinflate() built-in function, this + * method only parses the header and checks data for compliance with + * RFC 1952 + * + * @param string $data gzip-encoded data + * + * @return string decoded data + * @throws HTTP_Request2_LogicException + * @throws HTTP_Request2_MessageException + * @link http://tools.ietf.org/html/rfc1952 + */ + public static function decodeGzip($data) + { + // If it doesn't look like gzip-encoded data, don't bother + if (!self::hasGzipIdentification($data)) { + return $data; + } + if (!function_exists('gzinflate')) { + throw new HTTP_Request2_LogicException( + 'Unable to decode body: gzip extension not available', + HTTP_Request2_Exception::MISCONFIGURATION + ); + } + // unpacked data CRC and size at the end of encoded data $tmp = unpack('V2', substr($data, -8)); $dataCrc = $tmp[1]; $dataSize = $tmp[2]; - // finally, call the gzinflate() function + $headerLength = self::parseGzipHeader($data, true); + // don't pass $dataSize to gzinflate, see bugs #13135, #14370 $unpacked = gzinflate(substr($data, $headerLength, -8)); if (false === $unpacked) { @@ -596,7 +645,7 @@ class HTTP_Request2_Response HTTP_Request2_Exception::DECODE_ERROR ); } elseif ((0xffffffff & $dataCrc) != (0xffffffff & crc32($unpacked))) { - throw new HTTP_Request2_Exception( + throw new HTTP_Request2_MessageException( 'Data CRC check failed', HTTP_Request2_Exception::DECODE_ERROR ); diff --git a/extlib/HTTP/Request2/SOCKS5.php b/extlib/HTTP/Request2/SOCKS5.php index d540495859..2a782ceda1 100644 --- a/extlib/HTTP/Request2/SOCKS5.php +++ b/extlib/HTTP/Request2/SOCKS5.php @@ -13,7 +13,7 @@ * @category HTTP * @package HTTP_Request2 * @author Alexey Borzov - * @copyright 2008-2014 Alexey Borzov + * @copyright 2008-2016 Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License * @link http://pear.php.net/package/HTTP_Request2 */ @@ -28,7 +28,7 @@ require_once 'HTTP/Request2/SocketWrapper.php'; * @package HTTP_Request2 * @author Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License - * @version Release: 2.2.1 + * @version Release: 2.3.0 * @link http://pear.php.net/package/HTTP_Request2 * @link http://pear.php.net/bugs/bug.php?id=19332 * @link http://tools.ietf.org/html/rfc1928 diff --git a/extlib/HTTP/Request2/SocketWrapper.php b/extlib/HTTP/Request2/SocketWrapper.php index 43081a1966..2cf4257db2 100644 --- a/extlib/HTTP/Request2/SocketWrapper.php +++ b/extlib/HTTP/Request2/SocketWrapper.php @@ -13,7 +13,7 @@ * @category HTTP * @package HTTP_Request2 * @author Alexey Borzov - * @copyright 2008-2014 Alexey Borzov + * @copyright 2008-2016 Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License * @link http://pear.php.net/package/HTTP_Request2 */ @@ -31,7 +31,7 @@ require_once 'HTTP/Request2/Exception.php'; * @package HTTP_Request2 * @author Alexey Borzov * @license http://opensource.org/licenses/BSD-3-Clause BSD 3-Clause License - * @version Release: 2.2.1 + * @version Release: 2.3.0 * @link http://pear.php.net/package/HTTP_Request2 * @link http://pear.php.net/bugs/bug.php?id=19332 * @link http://tools.ietf.org/html/rfc1928 @@ -81,6 +81,32 @@ class HTTP_Request2_SocketWrapper // Backwards compatibility with 2.1.0 and 2.1.1 releases $contextOptions = array('ssl' => $contextOptions); } + if (isset($contextOptions['ssl'])) { + $contextOptions['ssl'] += array( + // Using "Intermediate compatibility" cipher bundle from + // https://wiki.mozilla.org/Security/Server_Side_TLS + 'ciphers' => 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:' + . 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:' + . 'DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:' + . 'ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:' + . 'ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:' + . 'ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:' + . 'ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:' + . 'DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:' + . 'DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:' + . 'ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:' + . 'AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:' + . 'AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:' + . '!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA' + ); + if (version_compare(phpversion(), '5.4.13', '>=')) { + $contextOptions['ssl']['disable_compression'] = true; + if (version_compare(phpversion(), '5.6', '>=')) { + $contextOptions['ssl']['crypto_method'] = STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT + | STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT; + } + } + } $context = stream_context_create(); foreach ($contextOptions as $wrapper => $options) { foreach ($options as $name => $value) { @@ -239,21 +265,18 @@ class HTTP_Request2_SocketWrapper */ public function enableCrypto() { - $modes = array( - STREAM_CRYPTO_METHOD_TLS_CLIENT, - STREAM_CRYPTO_METHOD_SSLv3_CLIENT, - STREAM_CRYPTO_METHOD_SSLv23_CLIENT, - STREAM_CRYPTO_METHOD_SSLv2_CLIENT - ); - - foreach ($modes as $mode) { - if (stream_socket_enable_crypto($this->socket, true, $mode)) { - return; - } + if (version_compare(phpversion(), '5.6', '<')) { + $cryptoMethod = STREAM_CRYPTO_METHOD_TLS_CLIENT; + } else { + $cryptoMethod = STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT + | STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT; + } + + if (!stream_socket_enable_crypto($this->socket, true, $cryptoMethod)) { + throw new HTTP_Request2_ConnectionException( + 'Failed to enable secure connection when connecting through proxy' + ); } - throw new HTTP_Request2_ConnectionException( - 'Failed to enable secure connection when connecting through proxy' - ); } /** From 489099ca917d74ee2bdc406cb26f9e3269ade625 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 9 Jul 2017 22:49:49 +0200 Subject: [PATCH 374/415] change default timeout setting for HTTPClient --- lib/default.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/default.php b/lib/default.php index b1079a907c..e8209cbe02 100644 --- a/lib/default.php +++ b/lib/default.php @@ -393,7 +393,7 @@ $default = 'ssl_verify_host' => true, // HTTPRequest2 makes sure this is set to CURLOPT_SSL_VERIFYHOST==2 if using curl 'curl' => false, // Use CURL backend for HTTP fetches if available. (If not, PHP's socket streams will be used.) 'connect_timeout' => 5, - 'timeout' => 60, + 'timeout' => ini_get('default_socket_timeout'), // effectively should be this by default already, but this makes it more explicitly configurable for you users .) 'proxy_host' => null, 'proxy_port' => null, 'proxy_user' => null, From f025671b8aa47c2d750d1ede8a171e00b3f42a7b Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Sun, 9 Jul 2017 23:09:03 +0200 Subject: [PATCH 375/415] PEAR Net_Socket updated to 1.2.2 Source: https://pear.php.net/package/Net_Socket Release date: 2017-04-13 --- extlib/Net/Socket.php | 246 +++++++++++++++++++++++++----------------- 1 file changed, 149 insertions(+), 97 deletions(-) diff --git a/extlib/Net/Socket.php b/extlib/Net/Socket.php index bf1d1bbcd1..5a057cf78b 100644 --- a/extlib/Net/Socket.php +++ b/extlib/Net/Socket.php @@ -2,27 +2,41 @@ /** * Net_Socket * - * PHP Version 4 + * PHP Version 5 * - * Copyright (c) 1997-2013 The PHP Group + * LICENSE: * - * This source file is subject to version 2.0 of the PHP license, - * that is bundled with this package in the file LICENSE, and is - * available at through the world-wide-web at - * http://www.php.net/license/2_02.txt. - * If you did not receive a copy of the PHP license and are unable to - * obtain it through the world-wide-web, please send a note to - * license@php.net so we can mail you a copy immediately. + * Copyright (c) 1997-2017 The PHP Group + * All rights reserved. * - * Authors: Stig Bakken - * Chuck Hagenbuch + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * o Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * o Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * * @category Net * @package Net_Socket * @author Stig Bakken * @author Chuck Hagenbuch - * @copyright 1997-2003 The PHP Group - * @license http://www.php.net/license/2_02.txt PHP 2.02 + * @copyright 1997-2017 The PHP Group + * @license http://opensource.org/licenses/bsd-license.php BSD-2-Clause * @link http://pear.php.net/packages/Net_Socket */ @@ -39,8 +53,8 @@ define('NET_SOCKET_ERROR', 4); * @package Net_Socket * @author Stig Bakken * @author Chuck Hagenbuch - * @copyright 1997-2003 The PHP Group - * @license http://www.php.net/license/2_02.txt PHP 2.02 + * @copyright 1997-2017 The PHP Group + * @license http://opensource.org/licenses/bsd-license.php BSD-2-Clause * @link http://pear.php.net/packages/Net_Socket */ class Net_Socket extends PEAR @@ -49,71 +63,75 @@ class Net_Socket extends PEAR * Socket file pointer. * @var resource $fp */ - var $fp = null; + public $fp = null; /** * Whether the socket is blocking. Defaults to true. * @var boolean $blocking */ - var $blocking = true; + public $blocking = true; /** * Whether the socket is persistent. Defaults to false. * @var boolean $persistent */ - var $persistent = false; + public $persistent = false; /** * The IP address to connect to. * @var string $addr */ - var $addr = ''; + public $addr = ''; /** * The port number to connect to. * @var integer $port */ - var $port = 0; + public $port = 0; /** * Number of seconds to wait on socket operations before assuming * there's no more data. Defaults to no timeout. * @var integer|float $timeout */ - var $timeout = null; + public $timeout = null; /** * Number of bytes to read at a time in readLine() and * readAll(). Defaults to 2048. * @var integer $lineLength */ - var $lineLength = 2048; + public $lineLength = 2048; /** * The string to use as a newline terminator. Usually "\r\n" or "\n". * @var string $newline */ - var $newline = "\r\n"; + public $newline = "\r\n"; /** * Connect to the specified port. If called when the socket is * already connected, it disconnects and connects again. * - * @param string $addr IP address or host name (may be with protocol prefix). - * @param integer $port TCP port number. + * @param string $addr IP address or host name (may be with protocol prefix). + * @param integer $port TCP port number. * @param boolean $persistent (optional) Whether the connection is * persistent (kept open between requests * by the web server). - * @param integer $timeout (optional) Connection socket timeout. - * @param array $options See options for stream_context_create. + * @param integer $timeout (optional) Connection socket timeout. + * @param array $options See options for stream_context_create. * * @access public * * @return boolean|PEAR_Error True on success or a PEAR_Error on failure. */ - function connect($addr, $port = 0, $persistent = null, - $timeout = null, $options = null) - { + public function connect( + $addr, + $port = 0, + $persistent = null, + $timeout = null, + $options = null + ) { if (is_resource($this->fp)) { @fclose($this->fp); $this->fp = null; @@ -121,10 +139,12 @@ class Net_Socket extends PEAR if (!$addr) { return $this->raiseError('$addr cannot be empty'); - } else if (strspn($addr, ':.0123456789') == strlen($addr)) { - $this->addr = strpos($addr, ':') !== false ? '['.$addr.']' : $addr; } else { - $this->addr = $addr; + if (strspn($addr, ':.0123456789') === strlen($addr)) { + $this->addr = strpos($addr, ':') !== false ? '[' . $addr . ']' : $addr; + } else { + $this->addr = $addr; + } } $this->port = $port % 65536; @@ -134,10 +154,14 @@ class Net_Socket extends PEAR } $openfunc = $this->persistent ? 'pfsockopen' : 'fsockopen'; - $errno = 0; - $errstr = ''; + $errno = 0; + $errstr = ''; - $old_track_errors = @ini_set('track_errors', 1); + if (function_exists('error_clear_last')) { + error_clear_last(); + } else { + $old_track_errors = @ini_set('track_errors', 1); + } if ($timeout <= 0) { $timeout = @ini_get('default_socket_timeout'); @@ -155,27 +179,40 @@ class Net_Socket extends PEAR } $addr = $this->addr . ':' . $this->port; - $fp = stream_socket_client($addr, $errno, $errstr, - $timeout, $flags, $context); + $fp = @stream_socket_client($addr, $errno, $errstr, + $timeout, $flags, $context); } else { $fp = @$openfunc($this->addr, $this->port, $errno, - $errstr, $timeout, $context); + $errstr, $timeout, $context); } } else { $fp = @$openfunc($this->addr, $this->port, $errno, $errstr, $timeout); } if (!$fp) { - if ($errno == 0 && !strlen($errstr) && isset($php_errormsg)) { - $errstr = $php_errormsg; + if ($errno === 0 && !strlen($errstr)) { + $errstr = ''; + if (isset($old_track_errors)) { + $errstr = $php_errormsg ?: ''; + @ini_set('track_errors', $old_track_errors); + } else { + $lastError = error_get_last(); + if (isset($lastError['message'])) { + $errstr = $lastError['message']; + } + } } - @ini_set('track_errors', $old_track_errors); + return $this->raiseError($errstr, $errno); } - @ini_set('track_errors', $old_track_errors); + if (isset($old_track_errors)) { + @ini_set('track_errors', $old_track_errors); + } + $this->fp = $fp; $this->setTimeout(); + return $this->setBlocking($this->blocking); } @@ -185,7 +222,7 @@ class Net_Socket extends PEAR * @access public * @return mixed true on success or a PEAR_Error instance otherwise */ - function disconnect() + public function disconnect() { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); @@ -193,18 +230,20 @@ class Net_Socket extends PEAR @fclose($this->fp); $this->fp = null; + return true; } /** * Set the newline character/sequence to use. * - * @param string $newline Newline character(s) + * @param string $newline Newline character(s) * @return boolean True */ - function setNewline($newline) + public function setNewline($newline) { $this->newline = $newline; + return true; } @@ -214,7 +253,7 @@ class Net_Socket extends PEAR * @access public * @return boolean The current blocking mode. */ - function isBlocking() + public function isBlocking() { return $this->blocking; } @@ -230,7 +269,7 @@ class Net_Socket extends PEAR * @access public * @return mixed true on success or a PEAR_Error instance otherwise */ - function setBlocking($mode) + public function setBlocking($mode) { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); @@ -238,6 +277,7 @@ class Net_Socket extends PEAR $this->blocking = $mode; stream_set_blocking($this->fp, (int)$this->blocking); + return true; } @@ -245,30 +285,29 @@ class Net_Socket extends PEAR * Sets the timeout value on socket descriptor, * expressed in the sum of seconds and microseconds * - * @param integer $seconds Seconds. + * @param integer $seconds Seconds. * @param integer $microseconds Microseconds, optional. * * @access public * @return mixed True on success or false on failure or * a PEAR_Error instance when not connected */ - function setTimeout($seconds = null, $microseconds = null) + public function setTimeout($seconds = null, $microseconds = null) { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); } if ($seconds === null && $microseconds === null) { - $seconds = (int) $this->timeout; - $microseconds = (int) (($this->timeout - $seconds) * 1000000); + $seconds = (int)$this->timeout; + $microseconds = (int)(($this->timeout - $seconds) * 1000000); } else { - $this->timeout = $seconds + $microseconds/1000000; + $this->timeout = $seconds + $microseconds / 1000000; } if ($this->timeout > 0) { - return stream_set_timeout($this->fp, (int) $seconds, (int) $microseconds); - } - else { + return stream_set_timeout($this->fp, (int)$seconds, (int)$microseconds); + } else { return false; } } @@ -282,16 +321,17 @@ class Net_Socket extends PEAR * @access public * @return mixed on success or an PEAR_Error object otherwise */ - function setWriteBuffer($size) + public function setWriteBuffer($size) { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); } $returned = stream_set_write_buffer($this->fp, $size); - if ($returned == 0) { + if ($returned === 0) { return true; } + return $this->raiseError('Cannot set write buffer.'); } @@ -310,7 +350,7 @@ class Net_Socket extends PEAR * @return mixed Array containing information about existing socket * resource or a PEAR_Error instance otherwise */ - function getStatus() + public function getStatus() { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); @@ -331,13 +371,13 @@ class Net_Socket extends PEAR * @return mixed $size bytes of data from the socket, or a PEAR_Error if * not connected. If an error occurs, FALSE is returned. */ - function gets($size = null) + public function gets($size = null) { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); } - if (is_null($size)) { + if (null === $size) { return @fgets($this->fp); } else { return @fgets($this->fp, $size); @@ -353,10 +393,10 @@ class Net_Socket extends PEAR * @param integer $size The number of bytes to read from the socket. * * @access public - * @return $size bytes of data from the socket, or a PEAR_Error if + * @return string $size bytes of data from the socket, or a PEAR_Error if * not connected. */ - function read($size) + public function read($size) { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); @@ -368,7 +408,7 @@ class Net_Socket extends PEAR /** * Write a specified amount of data. * - * @param string $data Data to write. + * @param string $data Data to write. * @param integer $blocksize Amount of data to write at once. * NULL means all at once. * @@ -379,17 +419,17 @@ class Net_Socket extends PEAR * If the write fails, returns false. * If the socket times out, returns an instance of PEAR_Error. */ - function write($data, $blocksize = null) + public function write($data, $blocksize = null) { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); } - if (is_null($blocksize) && !OS_WINDOWS) { + if (null === $blocksize && !OS_WINDOWS) { $written = @fwrite($this->fp, $data); // Check for timeout or lost connection - if (!$written) { + if ($written === false) { $meta_data = $this->getStatus(); if (!is_array($meta_data)) { @@ -403,17 +443,17 @@ class Net_Socket extends PEAR return $written; } else { - if (is_null($blocksize)) { + if (null === $blocksize) { $blocksize = 1024; } - $pos = 0; + $pos = 0; $size = strlen($data); while ($pos < $size) { $written = @fwrite($this->fp, substr($data, $pos, $blocksize)); // Check for timeout or lost connection - if (!$written) { + if ($written === false) { $meta_data = $this->getStatus(); if (!is_array($meta_data)) { @@ -442,7 +482,7 @@ class Net_Socket extends PEAR * @access public * @return mixed fwrite() result, or PEAR_Error when not connected */ - function writeLine($data) + public function writeLine($data) { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); @@ -459,7 +499,7 @@ class Net_Socket extends PEAR * @access public * @return bool */ - function eof() + public function eof() { return (!is_resource($this->fp) || feof($this->fp)); } @@ -468,10 +508,10 @@ class Net_Socket extends PEAR * Reads a byte of data * * @access public - * @return 1 byte of data from the socket, or a PEAR_Error if + * @return integer 1 byte of data from the socket, or a PEAR_Error if * not connected. */ - function readByte() + public function readByte() { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); @@ -484,16 +524,17 @@ class Net_Socket extends PEAR * Reads a word of data * * @access public - * @return 1 word of data from the socket, or a PEAR_Error if + * @return integer 1 word of data from the socket, or a PEAR_Error if * not connected. */ - function readWord() + public function readWord() { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); } $buf = @fread($this->fp, 2); + return (ord($buf[0]) + (ord($buf[1]) << 8)); } @@ -504,15 +545,16 @@ class Net_Socket extends PEAR * @return integer 1 int of data from the socket, or a PEAR_Error if * not connected. */ - function readInt() + public function readInt() { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); } $buf = @fread($this->fp, 4); + return (ord($buf[0]) + (ord($buf[1]) << 8) + - (ord($buf[2]) << 16) + (ord($buf[3]) << 24)); + (ord($buf[2]) << 16) + (ord($buf[3]) << 24)); } /** @@ -522,16 +564,17 @@ class Net_Socket extends PEAR * @return string, or a PEAR_Error if * not connected. */ - function readString() + public function readString() { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); } $string = ''; - while (($char = @fread($this->fp, 1)) != "\x00") { + while (($char = @fread($this->fp, 1)) !== "\x00") { $string .= $char; } + return $string; } @@ -539,18 +582,19 @@ class Net_Socket extends PEAR * Reads an IP Address and returns it in a dot formatted string * * @access public - * @return Dot formatted string, or a PEAR_Error if + * @return string Dot formatted string, or a PEAR_Error if * not connected. */ - function readIPAddress() + public function readIPAddress() { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); } $buf = @fread($this->fp, 4); + return sprintf('%d.%d.%d.%d', ord($buf[0]), ord($buf[1]), - ord($buf[2]), ord($buf[3])); + ord($buf[2]), ord($buf[3])); } /** @@ -558,11 +602,11 @@ class Net_Socket extends PEAR * comes first. Strips the trailing newline from the returned data. * * @access public - * @return All available data up to a newline, without that + * @return string All available data up to a newline, without that * newline, or until the end of the socket, or a PEAR_Error if * not connected. */ - function readLine() + public function readLine() { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); @@ -578,6 +622,7 @@ class Net_Socket extends PEAR return rtrim($line, $this->newline); } } + return $line; } @@ -594,16 +639,19 @@ class Net_Socket extends PEAR * @return string All data until the socket closes, or a PEAR_Error if * not connected. */ - function readAll() + public function readAll() { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); } $data = ''; - while (!feof($this->fp)) { + $timeout = time() + $this->timeout; + + while (!feof($this->fp) && (!$this->timeout || time() < $timeout)) { $data .= @fread($this->fp, $this->lineLength); } + return $data; } @@ -611,22 +659,22 @@ class Net_Socket extends PEAR * Runs the equivalent of the select() system call on the socket * with a timeout specified by tv_sec and tv_usec. * - * @param integer $state Which of read/write/error to check for. - * @param integer $tv_sec Number of seconds for timeout. + * @param integer $state Which of read/write/error to check for. + * @param integer $tv_sec Number of seconds for timeout. * @param integer $tv_usec Number of microseconds for timeout. * * @access public * @return False if select fails, integer describing which of read/write/error * are ready, or PEAR_Error if not connected. */ - function select($state, $tv_sec, $tv_usec = 0) + public function select($state, $tv_sec, $tv_usec = 0) { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); } - $read = null; - $write = null; + $read = null; + $write = null; $except = null; if ($state & NET_SOCKET_READ) { $read[] = $this->fp; @@ -638,7 +686,8 @@ class Net_Socket extends PEAR $except[] = $this->fp; } if (false === ($sr = stream_select($read, $write, $except, - $tv_sec, $tv_usec))) { + $tv_sec, $tv_usec)) + ) { return false; } @@ -652,15 +701,16 @@ class Net_Socket extends PEAR if (count($except)) { $result |= NET_SOCKET_ERROR; } + return $result; } /** * Turns encryption on/off on a connected socket. * - * @param bool $enabled Set this parameter to true to enable encryption + * @param bool $enabled Set this parameter to true to enable encryption * and false to disable encryption. - * @param integer $type Type of encryption. See stream_socket_enable_crypto() + * @param integer $type Type of encryption. See stream_socket_enable_crypto() * for values. * * @see http://se.php.net/manual/en/function.stream-socket-enable-crypto.php @@ -670,15 +720,17 @@ class Net_Socket extends PEAR * A PEAR_Error object is returned if the socket is not * connected */ - function enableCrypto($enabled, $type) + public function enableCrypto($enabled, $type) { - if (version_compare(phpversion(), "5.1.0", ">=")) { + if (version_compare(phpversion(), '5.1.0', '>=')) { if (!is_resource($this->fp)) { return $this->raiseError('not connected'); } + return @stream_socket_enable_crypto($this->fp, $enabled, $type); } else { $msg = 'Net_Socket::enableCrypto() requires php version >= 5.1.0'; + return $this->raiseError($msg); } } From 61876ed2329534798f01cd252485fadb9e1870e4 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 10 Jul 2017 12:53:13 +0200 Subject: [PATCH 376/415] PEAR Net_SMTP updated to 1.8.0 Source: https://pear.php.net/package/Net_SMTP Release date: 2017-04-06 --- extlib/Net/SMTP.php | 60 +++++++++++++++++++++++++++++++-------------- 1 file changed, 42 insertions(+), 18 deletions(-) diff --git a/extlib/Net/SMTP.php b/extlib/Net/SMTP.php index 8f4e92b753..dfd47d69b8 100644 --- a/extlib/Net/SMTP.php +++ b/extlib/Net/SMTP.php @@ -3,15 +3,33 @@ // +----------------------------------------------------------------------+ // | PHP Version 5 and 7 | // +----------------------------------------------------------------------+ -// | Copyright (c) 1997-2015 Jon Parise and Chuck Hagenbuch | -// +----------------------------------------------------------------------+ -// | This source file is subject to version 3.01 of the PHP license, | -// | that is bundled with this package in the file LICENSE, and is | -// | available at through the world-wide-web at | -// | http://www.php.net/license/3_01.txt. | -// | If you did not receive a copy of the PHP license and are unable to | -// | obtain it through the world-wide-web, please send a note to | -// | license@php.net so we can mail you a copy immediately. | +// | Copyright (c) 1997-2017 Jon Parise and Chuck Hagenbuch | +// | All rights reserved. | +// | | +// | Redistribution and use in source and binary forms, with or without | +// | modification, are permitted provided that the following conditions | +// | are met: | +// | | +// | 1. Redistributions of source code must retain the above copyright | +// | notice, this list of conditions and the following disclaimer. | +// | | +// | 2. Redistributions in binary form must reproduce the above copyright | +// | notice, this list of conditions and the following disclaimer in | +// | the documentation and/or other materials provided with the | +// | distribution. | +// | | +// | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | +// | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | +// | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS | +// | FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE | +// | COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, | +// | INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, | +// | BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | +// | LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER | +// | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | +// | LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN | +// | ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | +// | POSSIBILITY OF SUCH DAMAGE. | // +----------------------------------------------------------------------+ // | Authors: Chuck Hagenbuch | // | Jon Parise | @@ -29,6 +47,7 @@ require_once 'Net/Socket.php'; * @author Chuck Hagenbuch * @author Jon Parise * @author Damian Alejandro Fernandez Sosa + * @license http://opensource.org/licenses/bsd-license.php BSD-2-Clause * * @example basic.php A basic implementation of the Net_SMTP package. */ @@ -169,7 +188,7 @@ class Net_SMTP $this->socket_options = $socket_options; $this->timeout = $timeout; - /* Include the Auth_SASL package. If the package is available, we + /* Include the Auth_SASL package. If the package is available, we * enable the authentication methods that depend upon it. */ if (@include_once 'Auth/SASL.php') { $this->setAuthMethod('CRAM-MD5', array($this, 'authCramMD5')); @@ -701,7 +720,8 @@ class Net_SMTP return $error; } - $digest = Auth_SASL::factory('digest-md5'); + $auth_sasl = new Auth_SASL; + $digest = $auth_sasl->factory('digest-md5'); $challenge = base64_decode($this->arguments[0]); $auth_str = base64_encode( $digest->getResponse($uid, $pwd, $challenge, $this->host, "smtp", $authz) @@ -752,8 +772,9 @@ class Net_SMTP return $error; } + $auth_sasl = new Auth_SASL; $challenge = base64_decode($this->arguments[0]); - $cram = Auth_SASL::factory('cram-md5'); + $cram = $auth_sasl->factory('cram-md5'); $auth_str = base64_encode($cram->getResponse($uid, $pwd, $challenge)); if (PEAR::isError($error = $this->put($auth_str))) { @@ -998,7 +1019,7 @@ class Net_SMTP /* Start by considering the size of the optional headers string. We * also account for the addition 4 character "\r\n\r\n" separator * sequence. */ - $size = (is_null($headers)) ? 0 : strlen($headers) + 4; + $size = $headers_size = (is_null($headers)) ? 0 : strlen($headers) + 4; if (is_resource($data)) { $stat = fstat($data); @@ -1034,12 +1055,15 @@ class Net_SMTP if (PEAR::isError($result = $this->send($headers . "\r\n\r\n"))) { return $result; } + + /* Subtract the headers size now that they've been sent. */ + $size -= $headers_size; } /* Now we can send the message body data. */ if (is_resource($data)) { - /* Stream the contents of the file resource out over our socket - * connection, line by line. Each line must be run through the + /* Stream the contents of the file resource out over our socket + * connection, line by line. Each line must be run through the * quoting routine. */ while (strlen($line = fread($data, 8192)) > 0) { /* If the last character is an newline, we need to grab the @@ -1060,15 +1084,15 @@ class Net_SMTP $last = $line; } else { /* - * Break up the data by sending one chunk (up to 512k) at a time. + * Break up the data by sending one chunk (up to 512k) at a time. * This approach reduces our peak memory usage. */ for ($offset = 0; $offset < $size;) { $end = $offset + 512000; /* - * Ensure we don't read beyond our data size or span multiple - * lines. quotedata() can't properly handle character data + * Ensure we don't read beyond our data size or span multiple + * lines. quotedata() can't properly handle character data * that's split across two line break boundaries. */ if ($end >= $size) { From a223273544b4056dadb6a84f8dd029d1e54c85d4 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 10 Jul 2017 13:25:04 +0200 Subject: [PATCH 377/415] Update PEAR DB_DataObject to 1.11.5 Source: https://pear.php.net/package/DB_DataObject Release date: 2015-11-10 --- extlib/DB/DataObject.php | 23 +++++++++++++++++------ extlib/DB/DataObject/Generator.php | 23 ++++++++++++++--------- 2 files changed, 31 insertions(+), 15 deletions(-) diff --git a/extlib/DB/DataObject.php b/extlib/DB/DataObject.php index 1a7b34665d..e26cf8efa0 100644 --- a/extlib/DB/DataObject.php +++ b/extlib/DB/DataObject.php @@ -15,7 +15,7 @@ * @author Alan Knowles * @copyright 1997-2006 The PHP Group * @license http://www.php.net/license/3_01.txt PHP License 3.01 - * @version CVS: $Id: DataObject.php 320069 2011-11-28 04:34:08Z alan_k $ + * @version CVS: $Id: DataObject.php 336751 2015-05-12 04:39:50Z alan_k $ * @link http://pear.php.net/package/DB_DataObject */ @@ -410,7 +410,7 @@ class DB_DataObject extends DB_DataObject_Overload if (!empty($_DB_DATAOBJECT['CONFIG']['debug'])) { $this->debug($n, "find",1); } - if (!$this->__table) { + if (!strlen($this->tableName())) { // xdebug can backtrace this! trigger_error("NO \$__table SPECIFIED in class definition",E_USER_ERROR); } @@ -2073,6 +2073,9 @@ class DB_DataObject extends DB_DataObject_Overload if (count($args)) { $this->__table = $args[0]; } + if (empty($this->__table)) { + return ''; + } if (!empty($_DB_DATAOBJECT['CONFIG']['portability']) && $_DB_DATAOBJECT['CONFIG']['portability'] & 1) { return strtolower($this->__table); } @@ -2421,7 +2424,7 @@ class DB_DataObject extends DB_DataObject_Overload $dsn = isset($this->_database_dsn) ? $this->_database_dsn : null; if (!$dsn) { - if (!$this->_database && !empty($this->__table)) { + if (!$this->_database && !strlen($this->tableName())) { $this->_database = isset($options["table_{$this->tableName()}"]) ? $options["table_{$this->tableName()}"] : null; } if (!empty($_DB_DATAOBJECT['CONFIG']['debug'])) { @@ -3522,7 +3525,7 @@ class DB_DataObject extends DB_DataObject_Overload if ($joinCol !== false) { $this->raiseError( "joinAdd: You cannot target a join column in the " . - "'link from' table ({$obj->__table}). " . + "'link from' table ({$obj->tableName()}). " . "Either remove the fourth argument to joinAdd() ". "({$joinCol}), or alter your links.ini file.", DB_DATAOBJECT_ERROR_NODATA); @@ -3605,7 +3608,7 @@ class DB_DataObject extends DB_DataObject_Overload if (!$items) { $this->raiseError( - "joinAdd: No table definition for {$obj->__table}", + "joinAdd: No table definition for {$obj->tableName()}", DB_DATAOBJECT_ERROR_INVALIDCONFIG); return false; } @@ -3800,6 +3803,7 @@ class DB_DataObject extends DB_DataObject_Overload */ function autoJoin($cfg = array()) { + global $_DB_DATAOBJECT; //var_Dump($cfg);exit; $pre_links = $this->links(); if (!empty($cfg['links'])) { @@ -3807,7 +3811,8 @@ class DB_DataObject extends DB_DataObject_Overload } $map = $this->links( ); - + $this->databaseStructure(); + $dbstructure = $_DB_DATAOBJECT['INI'][$this->_database]; //print_r($map); $tabdef = $this->table(); @@ -3874,6 +3879,12 @@ class DB_DataObject extends DB_DataObject_Overload list($tab,$col) = explode(':', $info); // what about multiple joins on the same table!!! + + // if links point to a table that does not exist - ignore. + if (!isset($dbstructure[$tab])) { + continue; + } + $xx = DB_DataObject::factory($tab); if (!is_object($xx) || !is_a($xx, 'DB_DataObject')) { continue; diff --git a/extlib/DB/DataObject/Generator.php b/extlib/DB/DataObject/Generator.php index a712e6d9eb..c7f87161c3 100644 --- a/extlib/DB/DataObject/Generator.php +++ b/extlib/DB/DataObject/Generator.php @@ -15,7 +15,7 @@ * @author Alan Knowles * @copyright 1997-2006 The PHP Group * @license http://www.php.net/license/3_01.txt PHP License 3.01 - * @version CVS: $Id: Generator.php 315531 2011-08-26 02:21:29Z alan_k $ + * @version CVS: $Id: Generator.php 336719 2015-05-05 10:37:33Z alan_k $ * @link http://pear.php.net/package/DB_DataObject */ @@ -406,7 +406,7 @@ class DB_DataObject_Generator extends DB_DataObject * Currenly only works with mysql / mysqli / posgtreas * to use, you must set option: generate_links=true * - * @author Pascal Schni + * @author Pascal Sch�ni */ function _createForiegnKeys() @@ -507,7 +507,7 @@ class DB_DataObject_Generator extends DB_DataObject * Currenly only works with mysql / mysqli * to use, you must set option: generate_links=true * - * @author Pascal Schni + * @author Pascal Sch�ni */ function generateForeignKeys() { @@ -895,7 +895,7 @@ class DB_DataObject_Generator extends DB_DataObject $options = &PEAR::getStaticProperty('DB_DataObject','options'); $this->_extends = empty($options['extends']) ? $this->_extends : $options['extends']; - $this->_extendsFile = empty($options['extends_location']) ? $this->_extendsFile : $options['extends_location']; + $this->_extendsFile = !isset($options['extends_location']) ? $this->_extendsFile : $options['extends_location']; foreach($this->tables as $this->table) { @@ -976,8 +976,12 @@ class DB_DataObject_Generator extends DB_DataObject $head .= $this->derivedHookExtendsDocBlock(); - // requires - $head .= "require_once '{$this->_extendsFile}';\n\n"; + // requires - if you set extends_location = (blank) then no require line will be set + // this can be used if you have an autoloader + + if (!empty($this->_extendsFile)) { + $head .= "require_once '{$this->_extendsFile}';\n\n"; + } // add dummy class header in... // class $head .= $this->derivedHookClassDocBlock(); @@ -1039,10 +1043,11 @@ class DB_DataObject_Generator extends DB_DataObject continue; } - $p = str_repeat(' ',max(2, (30 - strlen($t->name)))); + $pad = str_repeat(' ',max(2, (30 - strlen($t->name)))); $length = empty($t->len) ? '' : '('.$t->len.')'; - $body .=" {$var} \${$t->name}; {$p}// {$t->type}$length {$t->flags}\n"; + $flags = strlen($t->flags) ? (' '. trim($t->flags)) : ''; + $body .=" {$var} \${$t->name}; {$pad}// {$t->type}{$length}{$flags}\n"; // can not do set as PEAR::DB table info doesnt support it. //if (substr($t->Type,0,3) == "set") @@ -1283,7 +1288,7 @@ class DB_DataObject_Generator extends DB_DataObject $class_prefix = empty($options['class_prefix']) ? '' : $options['class_prefix']; $this->_extends = empty($options['extends']) ? $this->_extends : $options['extends']; - $this->_extendsFile = empty($options['extends_location']) ? $this->_extendsFile : $options['extends_location']; + $this->_extendsFile = !isset($options['extends_location']) ? $this->_extendsFile : $options['extends_location']; $classname = $this->classname = $this->getClassNameFromTableName($this->table); From 711f2203977a7130a437158d0ab0ee7cfa15efac Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 10 Jul 2017 13:28:40 +0200 Subject: [PATCH 378/415] Updating PEAR Net_URL2 to 2.1.2 Source: https://pear.php.net/package/Net_URL2 Release date: 2016-04-18 --- extlib/Net/Net_URL2-BSD-3-CLAUSE-Heyes | 27 ++ extlib/Net/URL2.php | 543 +++++++++++++++++++------ 2 files changed, 437 insertions(+), 133 deletions(-) create mode 100644 extlib/Net/Net_URL2-BSD-3-CLAUSE-Heyes diff --git a/extlib/Net/Net_URL2-BSD-3-CLAUSE-Heyes b/extlib/Net/Net_URL2-BSD-3-CLAUSE-Heyes new file mode 100644 index 0000000000..b45ca8e948 --- /dev/null +++ b/extlib/Net/Net_URL2-BSD-3-CLAUSE-Heyes @@ -0,0 +1,27 @@ +Copyright (c) 2002-2003, Richard Heyes +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + +1) Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. +2) Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. +3) Neither the name of the Richard Heyes nor the names of his + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/extlib/Net/URL2.php b/extlib/Net/URL2.php index 9989404d2a..1d2f7fa6a4 100644 --- a/extlib/Net/URL2.php +++ b/extlib/Net/URL2.php @@ -38,9 +38,9 @@ * @package Net_URL2 * @author Christian Schmidt * @copyright 2007-2009 Peytz & Co. A/S - * @license http://www.opensource.org/licenses/bsd-license.php New BSD License - * @version CVS: $Id: URL2.php 309223 2011-03-14 14:26:32Z till $ - * @link http://www.rfc-editor.org/rfc/rfc3986.txt + * @license https://spdx.org/licenses/BSD-3-Clause BSD-3-Clause + * @version CVS: $Id$ + * @link https://tools.ietf.org/html/rfc3986 */ /** @@ -50,9 +50,9 @@ * @package Net_URL2 * @author Christian Schmidt * @copyright 2007-2009 Peytz & Co. A/S - * @license http://www.opensource.org/licenses/bsd-license.php New BSD License - * @version Release: @package_version@ - * @link http://pear.php.net/package/Net_URL2 + * @license https://spdx.org/licenses/BSD-3-Clause BSD-3-Clause + * @version Release: 2.1.2 + * @link https://pear.php.net/package/Net_URL2 */ class Net_URL2 { @@ -67,6 +67,12 @@ class Net_URL2 */ const OPTION_USE_BRACKETS = 'use_brackets'; + /** + * Drop zero-based integer sequences in query using PHP's [] notation. Default + * is true. + */ + const OPTION_DROP_SEQUENCE = 'drop_sequence'; + /** * URL-encode query variable keys. Default is true. */ @@ -90,6 +96,7 @@ class Net_URL2 private $_options = array( self::OPTION_STRICT => true, self::OPTION_USE_BRACKETS => true, + self::OPTION_DROP_SEQUENCE => true, self::OPTION_ENCODE_KEYS => true, self::OPTION_SEPARATOR_INPUT => '&', self::OPTION_SEPARATOR_OUTPUT => '&', @@ -136,7 +143,6 @@ class Net_URL2 * @param string $url an absolute or relative URL * @param array $options an array of OPTION_xxx constants * - * @return $this * @uses self::parseUrl() */ public function __construct($url, array $options = array()) @@ -156,8 +162,9 @@ class Net_URL2 * This method will magically set the value of a private variable ($var) * with the value passed as the args * - * @param string $var The private variable to set. - * @param mixed $arg An argument of any type. + * @param string $var The private variable to set. + * @param mixed $arg An argument of any type. + * * @return void */ public function __set($var, $arg) @@ -174,10 +181,11 @@ class Net_URL2 * This is the magic get method to retrieve the private variable * that was set by either __set() or it's setter... * - * @param string $var The property name to retrieve. - * @return mixed $this->$var Either a boolean false if the - * property is not set or the value - * of the private property. + * @param string $var The property name to retrieve. + * + * @return mixed $this->$var Either a boolean false if the + * property is not set or the value + * of the private property. */ public function __get($var) { @@ -193,7 +201,7 @@ class Net_URL2 * Returns the scheme, e.g. "http" or "urn", or false if there is no * scheme specified, i.e. if this is a relative URL. * - * @return string|bool + * @return string|bool */ public function getScheme() { @@ -209,7 +217,7 @@ class Net_URL2 * URL * * @return $this - * @see getScheme() + * @see getScheme */ public function setScheme($scheme) { @@ -221,12 +229,12 @@ class Net_URL2 * Returns the user part of the userinfo part (the part preceding the first * ":"), or false if there is no userinfo part. * - * @return string|bool + * @return string|bool */ public function getUser() { return $this->_userinfo !== false - ? preg_replace('@:.*$@', '', $this->_userinfo) + ? preg_replace('(:.*$)', '', $this->_userinfo) : false; } @@ -236,7 +244,7 @@ class Net_URL2 * contain "@" in front of the hostname) or the userinfo part does not * contain ":". * - * @return string|bool + * @return string|bool */ public function getPassword() { @@ -249,7 +257,7 @@ class Net_URL2 * Returns the userinfo part, or false if there is none, i.e. if the * authority part does not contain "@". * - * @return string|bool + * @return string|bool */ public function getUserinfo() { @@ -267,10 +275,15 @@ class Net_URL2 */ public function setUserinfo($userinfo, $password = false) { - $this->_userinfo = $userinfo; if ($password !== false) { - $this->_userinfo .= ':' . $password; + $userinfo .= ':' . $password; } + + if ($userinfo !== false) { + $userinfo = $this->_encodeData($userinfo); + } + + $this->_userinfo = $userinfo; return $this; } @@ -278,7 +291,7 @@ class Net_URL2 * Returns the host part, or false if there is no authority part, e.g. * relative URLs. * - * @return string|bool a hostname, an IP address, or false + * @return string|bool a hostname, an IP address, or false */ public function getHost() { @@ -303,7 +316,7 @@ class Net_URL2 * Returns the port number, or false if there is no port number specified, * i.e. if the default port is to be used. * - * @return string|bool + * @return string|bool */ public function getPort() { @@ -332,13 +345,13 @@ class Net_URL2 */ public function getAuthority() { - if (!$this->_host) { + if (false === $this->_host) { return false; } $authority = ''; - if ($this->_userinfo !== false) { + if (strlen($this->_userinfo)) { $authority .= $this->_userinfo . '@'; } @@ -355,7 +368,7 @@ class Net_URL2 * Sets the authority part, i.e. [ userinfo "@" ] host [ ":" port ]. Specify * false if there is no authority. * - * @param string|false $authority a hostname or an IP addresse, possibly + * @param string|bool $authority a hostname or an IP address, possibly * with userinfo prefixed and port number * appended, e.g. "foo:bar@example.org:81". * @@ -366,15 +379,24 @@ class Net_URL2 $this->_userinfo = false; $this->_host = false; $this->_port = false; - if (preg_match('@^(([^\@]*)\@)?([^:]+)(:(\d*))?$@', $authority, $reg)) { - if ($reg[1]) { - $this->_userinfo = $reg[2]; - } - $this->_host = $reg[3]; - if (isset($reg[5])) { - $this->_port = $reg[5]; - } + if ('' === $authority) { + $this->_host = $authority; + return $this; + } + + if (!preg_match('(^(([^@]*)@)?(.+?)(:(\d*))?$)', $authority, $matches)) { + return $this; + } + + if ($matches[1]) { + $this->_userinfo = $this->_encodeData($matches[2]); + } + + $this->_host = $matches[3]; + + if (isset($matches[5]) && strlen($matches[5])) { + $this->_port = $matches[5]; } return $this; } @@ -407,7 +429,7 @@ class Net_URL2 * is not present in the URL. * * @return string|bool - * @see self::getQueryVariables() + * @see getQueryVariables */ public function getQuery() { @@ -421,7 +443,7 @@ class Net_URL2 * @param string|bool $query a query string, e.g. "foo=1&bar=2" * * @return $this - * @see self::setQueryVariables() + * @see setQueryVariables */ public function setQuery($query) { @@ -432,7 +454,7 @@ class Net_URL2 /** * Returns the fragment name, or false if "#" is not present in the URL. * - * @return string|bool + * @return string|bool */ public function getFragment() { @@ -458,59 +480,167 @@ class Net_URL2 * $_GET in a PHP script. If the URL does not contain a "?", an empty array * is returned. * - * @return array + * @return array */ public function getQueryVariables() { - $pattern = '/[' . - preg_quote($this->getOption(self::OPTION_SEPARATOR_INPUT), '/') . - ']/'; - $parts = preg_split($pattern, $this->_query, -1, PREG_SPLIT_NO_EMPTY); + $separator = $this->getOption(self::OPTION_SEPARATOR_INPUT); + $encodeKeys = $this->getOption(self::OPTION_ENCODE_KEYS); + $useBrackets = $this->getOption(self::OPTION_USE_BRACKETS); + $return = array(); - foreach ($parts as $part) { - if (strpos($part, '=') !== false) { - list($key, $value) = explode('=', $part, 2); - } else { - $key = $part; - $value = null; - } + for ($part = strtok($this->_query, $separator); + strlen($part); + $part = strtok($separator) + ) { + list($key, $value) = explode('=', $part, 2) + array(1 => ''); - if ($this->getOption(self::OPTION_ENCODE_KEYS)) { + if ($encodeKeys) { $key = rawurldecode($key); } $value = rawurldecode($value); - if ($this->getOption(self::OPTION_USE_BRACKETS) && - preg_match('#^(.*)\[([0-9a-z_-]*)\]#i', $key, $matches)) { - - $key = $matches[1]; - $idx = $matches[2]; - - // Ensure is an array - if (empty($return[$key]) || !is_array($return[$key])) { - $return[$key] = array(); - } - - // Add data - if ($idx === '') { + if ($useBrackets) { + $return = $this->_queryArrayByKey($key, $value, $return); + } else { + if (isset($return[$key])) { + $return[$key] = (array) $return[$key]; $return[$key][] = $value; } else { - $return[$key][$idx] = $value; + $return[$key] = $value; } - } elseif (!$this->getOption(self::OPTION_USE_BRACKETS) - && !empty($return[$key]) - ) { - $return[$key] = (array) $return[$key]; - $return[$key][] = $value; - } else { - $return[$key] = $value; } } return $return; } + /** + * Parse a single query key=value pair into an existing php array + * + * @param string $key query-key + * @param string $value query-value + * @param array $array of existing query variables (if any) + * + * @return mixed + */ + private function _queryArrayByKey($key, $value, array $array = array()) + { + if (!strlen($key)) { + return $array; + } + + $offset = $this->_queryKeyBracketOffset($key); + if ($offset === false) { + $name = $key; + } else { + $name = substr($key, 0, $offset); + } + + if (!strlen($name)) { + return $array; + } + + if (!$offset) { + // named value + $array[$name] = $value; + } else { + // array + $brackets = substr($key, $offset); + if (!isset($array[$name])) { + $array[$name] = null; + } + $array[$name] = $this->_queryArrayByBrackets( + $brackets, $value, $array[$name] + ); + } + + return $array; + } + + /** + * Parse a key-buffer to place value in array + * + * @param string $buffer to consume all keys from + * @param string $value to be set/add + * @param array $array to traverse and set/add value in + * + * @throws Exception + * @return array + */ + private function _queryArrayByBrackets($buffer, $value, array $array = null) + { + $entry = &$array; + + for ($iteration = 0; strlen($buffer); $iteration++) { + $open = $this->_queryKeyBracketOffset($buffer); + if ($open !== 0) { + // Opening bracket [ must exist at offset 0, if not, there is + // no bracket to parse and the value dropped. + // if this happens in the first iteration, this is flawed, see + // as well the second exception below. + if ($iteration) { + break; + } + // @codeCoverageIgnoreStart + throw new Exception( + 'Net_URL2 Internal Error: '. __METHOD__ .'(): ' . + 'Opening bracket [ must exist at offset 0' + ); + // @codeCoverageIgnoreEnd + } + + $close = strpos($buffer, ']', 1); + if (!$close) { + // this error condition should never be reached as this is a + // private method and bracket pairs are checked beforehand. + // See as well the first exception for the opening bracket. + // @codeCoverageIgnoreStart + throw new Exception( + 'Net_URL2 Internal Error: '. __METHOD__ .'(): ' . + 'Closing bracket ] must exist, not found' + ); + // @codeCoverageIgnoreEnd + } + + $index = substr($buffer, 1, $close - 1); + if (strlen($index)) { + $entry = &$entry[$index]; + } else { + if (!is_array($entry)) { + $entry = array(); + } + $entry[] = &$new; + $entry = &$new; + unset($new); + } + $buffer = substr($buffer, $close + 1); + } + + $entry = $value; + + return $array; + } + + /** + * Query-key has brackets ("...[]") + * + * @param string $key query-key + * + * @return bool|int offset of opening bracket, false if no brackets + */ + private function _queryKeyBracketOffset($key) + { + if (false !== $open = strpos($key, '[') + and false === strpos($key, ']', $open + 1) + ) { + $open = false; + } + + return $open; + } + /** * Sets the query string to the specified variable in the query string. * @@ -548,7 +678,7 @@ class Net_URL2 } /** - * Removes the specifed variable from the query string. + * Removes the specified variable from the query string. * * @param string $name a query string variable, e.g. "foo" in "?foo=1" * @@ -564,22 +694,23 @@ class Net_URL2 /** * Returns a string representation of this URL. * - * @return string + * @return string */ public function getURL() { // See RFC 3986, section 5.3 - $url = ""; + $url = ''; if ($this->_scheme !== false) { $url .= $this->_scheme . ':'; } $authority = $this->getAuthority(); - if ($authority !== false) { - $url .= '//' . $authority; + if ($authority === false && strtolower($this->_scheme) === 'file') { + $authority = ''; } - $url .= $this->_path; + + $url .= $this->_buildAuthorityAndPath($authority, $this->_path); if ($this->_query !== false) { $url .= '?' . $this->_query; @@ -588,83 +719,151 @@ class Net_URL2 if ($this->_fragment !== false) { $url .= '#' . $this->_fragment; } - + return $url; } + /** + * Put authority and path together, wrapping authority + * into proper separators/terminators. + * + * @param string|bool $authority authority + * @param string $path path + * + * @return string + */ + private function _buildAuthorityAndPath($authority, $path) + { + if ($authority === false) { + return $path; + } + + $terminator = ($path !== '' && $path[0] !== '/') ? '/' : ''; + + return '//' . $authority . $terminator . $path; + } + /** * Returns a string representation of this URL. * - * @return string - * @see toString() + * @return string + * @link https://php.net/language.oop5.magic#object.tostring */ public function __toString() { return $this->getURL(); } - /** + /** * Returns a normalized string representation of this URL. This is useful * for comparison of URLs. * - * @return string + * @return string */ public function getNormalizedURL() { $url = clone $this; $url->normalize(); - return $url->getUrl(); + return $url->getURL(); } - /** - * Returns a normalized Net_URL2 instance. + /** + * Normalizes the URL * - * @return Net_URL2 + * See RFC 3986, Section 6. Normalization and Comparison + * + * @link https://tools.ietf.org/html/rfc3986#section-6 + * + * @return void */ public function normalize() { - // See RFC 3886, section 6 + // See RFC 3986, section 6 - // Schemes are case-insensitive + // Scheme is case-insensitive if ($this->_scheme) { $this->_scheme = strtolower($this->_scheme); } - // Hostnames are case-insensitive + // Hostname is case-insensitive if ($this->_host) { $this->_host = strtolower($this->_host); } // Remove default port number for known schemes (RFC 3986, section 6.2.3) - if ($this->_port && - $this->_scheme && - $this->_port == getservbyname($this->_scheme, 'tcp')) { - + if ('' === $this->_port + || $this->_port + && $this->_scheme + && $this->_port == getservbyname($this->_scheme, 'tcp') + ) { $this->_port = false; } // Normalize case of %XX percentage-encodings (RFC 3986, section 6.2.2.1) - foreach (array('_userinfo', '_host', '_path') as $part) { - if ($this->$part) { - $this->$part = preg_replace('/%[0-9a-f]{2}/ie', - 'strtoupper("\0")', - $this->$part); + // Normalize percentage-encoded unreserved characters (section 6.2.2.2) + $fields = array(&$this->_userinfo, &$this->_host, &$this->_path, + &$this->_query, &$this->_fragment); + foreach ($fields as &$field) { + if ($field !== false) { + $field = $this->_normalize("$field"); } } + unset($field); // Path segment normalization (RFC 3986, section 6.2.2.3) $this->_path = self::removeDotSegments($this->_path); // Scheme based normalization (RFC 3986, section 6.2.3) - if ($this->_host && !$this->_path) { + if (false !== $this->_host && '' === $this->_path) { $this->_path = '/'; } + + // path should start with '/' if there is authority (section 3.3.) + if (strlen($this->getAuthority()) + && strlen($this->_path) + && $this->_path[0] !== '/' + ) { + $this->_path = '/' . $this->_path; + } + } + + /** + * Normalize case of %XX percentage-encodings (RFC 3986, section 6.2.2.1) + * Normalize percentage-encoded unreserved characters (section 6.2.2.2) + * + * @param string|array $mixed string or array of strings to normalize + * + * @return string|array + * @see normalize + * @see _normalizeCallback() + */ + private function _normalize($mixed) + { + return preg_replace_callback( + '((?:%[0-9a-fA-Z]{2})+)', array($this, '_normalizeCallback'), + $mixed + ); + } + + /** + * Callback for _normalize() of %XX percentage-encodings + * + * @param array $matches as by preg_replace_callback + * + * @return string + * @see normalize + * @see _normalize + * @SuppressWarnings(PHPMD.UnusedPrivateMethod) + */ + private function _normalizeCallback($matches) + { + return self::urlencode(urldecode($matches[0])); } /** * Returns whether this instance represents an absolute URL. * - * @return bool + * @return bool */ public function isAbsolute() { @@ -677,20 +876,25 @@ class Net_URL2 * * @param Net_URL2|string $reference relative URL * - * @return Net_URL2 + * @throws Exception + * @return $this */ public function resolve($reference) { if (!$reference instanceof Net_URL2) { $reference = new self($reference); } - if (!$this->isAbsolute()) { - throw new Exception('Base-URL must be absolute'); + if (!$reference->_isFragmentOnly() && !$this->isAbsolute()) { + throw new Exception( + 'Base-URL must be absolute if reference is not fragment-only' + ); } // A non-strict parser may ignore a scheme in the reference if it is // identical to the base URI's scheme. - if (!$this->getOption(self::OPTION_STRICT) && $reference->_scheme == $this->_scheme) { + if (!$this->getOption(self::OPTION_STRICT) + && $reference->_scheme == $this->_scheme + ) { $reference->_scheme = false; } @@ -720,7 +924,7 @@ class Net_URL2 } else { // Merge paths (RFC 3986, section 5.2.3) if ($this->_host !== false && $this->_path == '') { - $target->_path = '/' . $this->_path; + $target->_path = '/' . $reference->_path; } else { $i = strrpos($this->_path, '/'); if ($i !== false) { @@ -742,6 +946,25 @@ class Net_URL2 return $target; } + /** + * URL is fragment-only + * + * @SuppressWarnings(PHPMD.UnusedPrivateMethod) + * @return bool + */ + private function _isFragmentOnly() + { + return ( + $this->_fragment !== false + && $this->_query === false + && $this->_path === '' + && $this->_port === false + && $this->_host === false + && $this->_userinfo === false + && $this->_scheme === false + ); + } + /** * Removes dots as described in RFC 3986, section 5.2.4, e.g. * "/foo/../bar/baz" => "/bar/baz" @@ -752,43 +975,52 @@ class Net_URL2 */ public static function removeDotSegments($path) { + $path = (string) $path; $output = ''; // Make sure not to be trapped in an infinite loop due to a bug in this // method + $loopLimit = 256; $j = 0; - while ($path && $j++ < 100) { - if (substr($path, 0, 2) == './') { + while ('' !== $path && $j++ < $loopLimit) { + if (substr($path, 0, 2) === './') { // Step 2.A $path = substr($path, 2); - } elseif (substr($path, 0, 3) == '../') { + } elseif (substr($path, 0, 3) === '../') { // Step 2.A $path = substr($path, 3); - } elseif (substr($path, 0, 3) == '/./' || $path == '/.') { + } elseif (substr($path, 0, 3) === '/./' || $path === '/.') { // Step 2.B $path = '/' . substr($path, 3); - } elseif (substr($path, 0, 4) == '/../' || $path == '/..') { + } elseif (substr($path, 0, 4) === '/../' || $path === '/..') { // Step 2.C $path = '/' . substr($path, 4); $i = strrpos($output, '/'); $output = $i === false ? '' : substr($output, 0, $i); - } elseif ($path == '.' || $path == '..') { + } elseif ($path === '.' || $path === '..') { // Step 2.D $path = ''; } else { // Step 2.E - $i = strpos($path, '/'); - if ($i === 0) { - $i = strpos($path, '/', 1); - } + $i = strpos($path, '/', $path[0] === '/'); if ($i === false) { - $i = strlen($path); + $output .= $path; + $path = ''; + break; } $output .= substr($path, 0, $i); $path = substr($path, $i); } } + if ($path !== '') { + $message = sprintf( + 'Unable to remove dot segments; hit loop limit %d (left: %s)', + $j, var_export($path, true) + ); + trigger_error($message, E_USER_WARNING); + } + return $output; } @@ -797,12 +1029,13 @@ class Net_URL2 * Similar to PHP's rawurlencode(), except that it also encodes ~ in PHP * 5.2.x and earlier. * - * @param $raw the string to encode + * @param string $string string to encode + * * @return string */ public static function urlencode($string) { - $encoded = rawurlencode($string); + $encoded = rawurlencode($string); // This is only necessary in PHP < 5.3. $encoded = str_replace('%7E', '~', $encoded); @@ -813,7 +1046,8 @@ class Net_URL2 * Returns a Net_URL2 instance representing the canonical URL of the * currently executing PHP script. * - * @return string + * @throws Exception + * @return string */ public static function getCanonical() { @@ -827,9 +1061,9 @@ class Net_URL2 $url->_scheme = isset($_SERVER['HTTPS']) ? 'https' : 'http'; $url->_host = $_SERVER['SERVER_NAME']; $port = $_SERVER['SERVER_PORT']; - if ($url->_scheme == 'http' && $port != 80 || - $url->_scheme == 'https' && $port != 443) { - + if ($url->_scheme == 'http' && $port != 80 + || $url->_scheme == 'https' && $port != 443 + ) { $url->_port = $port; } return $url; @@ -849,7 +1083,8 @@ class Net_URL2 * Returns a Net_URL2 instance representing the URL used to retrieve the * current request. * - * @return Net_URL2 + * @throws Exception + * @return $this */ public static function getRequested() { @@ -871,7 +1106,7 @@ class Net_URL2 * * @param string $optionName The name of the option to retrieve * - * @return mixed + * @return mixed */ public function getOption($optionName) { @@ -885,7 +1120,7 @@ class Net_URL2 * * @param array $data An array, which has to be converted into * QUERY_STRING. Anything is possible. - * @param string $seperator See {@link self::OPTION_SEPARATOR_OUTPUT} + * @param string $separator Separator {@link self::OPTION_SEPARATOR_OUTPUT} * @param string $key For stacked values (arrays in an array). * * @return string @@ -893,12 +1128,17 @@ class Net_URL2 protected function buildQuery(array $data, $separator, $key = null) { $query = array(); + $drop_names = ( + $this->_options[self::OPTION_DROP_SEQUENCE] === true + && array_keys($data) === array_keys(array_values($data)) + ); foreach ($data as $name => $value) { if ($this->getOption(self::OPTION_ENCODE_KEYS) === true) { $name = rawurlencode($name); } if ($key !== null) { if ($this->getOption(self::OPTION_USE_BRACKETS) === true) { + $drop_names && $name = ''; $name = $key . '[' . $name . ']'; } else { $name = $key; @@ -914,29 +1154,66 @@ class Net_URL2 } /** - * This method uses a funky regex to parse the url into the designated parts. + * This method uses a regex to parse the url into the designated parts. * - * @param string $url + * @param string $url URL * * @return void * @uses self::$_scheme, self::setAuthority(), self::$_path, self::$_query, * self::$_fragment - * @see self::__construct() + * @see __construct */ protected function parseUrl($url) { // The regular expression is copied verbatim from RFC 3986, appendix B. // The expression does not validate the URL but matches any string. - preg_match('!^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\?([^#]*))?(#(.*))?!', - $url, - $matches); + preg_match( + '(^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\?([^#]*))?(#(.*))?)', + $url, $matches + ); // "path" is always present (possibly as an empty string); the rest // are optional. $this->_scheme = !empty($matches[1]) ? $matches[2] : false; $this->setAuthority(!empty($matches[3]) ? $matches[4] : false); - $this->_path = $matches[5]; - $this->_query = !empty($matches[6]) ? $matches[7] : false; + $this->_path = $this->_encodeData($matches[5]); + $this->_query = !empty($matches[6]) + ? $this->_encodeData($matches[7]) + : false + ; $this->_fragment = !empty($matches[8]) ? $matches[9] : false; } + + /** + * Encode characters that might have been forgotten to encode when passing + * in an URL. Applied onto Userinfo, Path and Query. + * + * @param string $url URL + * + * @return string + * @see parseUrl + * @see setAuthority + * @link https://pear.php.net/bugs/bug.php?id=20425 + */ + private function _encodeData($url) + { + return preg_replace_callback( + '([\x-\x20\x22\x3C\x3E\x7F-\xFF]+)', + array($this, '_encodeCallback'), $url + ); + } + + /** + * callback for encoding character data + * + * @param array $matches Matches + * + * @return string + * @see _encodeData + * @SuppressWarnings(PHPMD.UnusedPrivateMethod) + */ + private function _encodeCallback(array $matches) + { + return rawurlencode($matches[0]); + } } From 3158f9c33a1107c4b0d69faaa6ba1f7501d8aa76 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 10 Jul 2017 13:33:11 +0200 Subject: [PATCH 379/415] Update PEAR DB to 1.9.2 Source: https://pear.php.net/package/DB Release date: 2015-11-24 --- extlib/DB.php | 34 ++++++++++++++++++++++++---------- extlib/DB/common.php | 4 ++-- extlib/DB/dbase.php | 8 ++++---- extlib/DB/fbsql.php | 8 ++++---- extlib/DB/ibase.php | 8 ++++---- extlib/DB/ifx.php | 8 ++++---- extlib/DB/msql.php | 8 ++++---- extlib/DB/mssql.php | 8 ++++---- extlib/DB/mysql.php | 8 ++++---- extlib/DB/mysqli.php | 18 +++++++++++++----- extlib/DB/oci8.php | 8 ++++---- extlib/DB/odbc.php | 8 ++++---- extlib/DB/pgsql.php | 8 ++++---- extlib/DB/sqlite.php | 8 ++++---- extlib/DB/storage.php | 4 ++-- extlib/DB/sybase.php | 8 ++++---- 16 files changed, 89 insertions(+), 67 deletions(-) diff --git a/extlib/DB.php b/extlib/DB.php index b9b5c4a79f..cfbbe5ed2a 100644 --- a/extlib/DB.php +++ b/extlib/DB.php @@ -426,7 +426,7 @@ define('DB_PORTABILITY_ALL', 63); * @author Daniel Convissor * @copyright 1997-2007 The PHP Group * @license http://www.php.net/license/3_0.txt PHP License 3.0 - * @version Release: 1.8.2 + * @version Release: 1.9.2 * @link http://pear.php.net/package/DB */ class DB @@ -577,7 +577,7 @@ class DB */ function apiVersion() { - return '1.8.2'; + return '1.9.2'; } // }}} @@ -941,7 +941,7 @@ class DB * @author Stig Bakken * @copyright 1997-2007 The PHP Group * @license http://www.php.net/license/3_0.txt PHP License 3.0 - * @version Release: 1.8.2 + * @version Release: 1.9.2 * @link http://pear.php.net/package/DB */ class DB_Error extends PEAR_Error @@ -959,18 +959,32 @@ class DB_Error extends PEAR_Error * * @see PEAR_Error */ - function DB_Error($code = DB_ERROR, $mode = PEAR_ERROR_RETURN, + function __construct($code = DB_ERROR, $mode = PEAR_ERROR_RETURN, $level = E_USER_NOTICE, $debuginfo = null) { if (is_int($code)) { - $this->PEAR_Error('DB Error: ' . DB::errorMessage($code), $code, + parent::__construct('DB Error: ' . DB::errorMessage($code), $code, $mode, $level, $debuginfo); } else { - $this->PEAR_Error("DB Error: $code", DB_ERROR, + parent::__construct("DB Error: $code", DB_ERROR, $mode, $level, $debuginfo); } } + /** + * Workaround to both avoid the "Redefining already defined constructor" + * PHP error and provide backward compatibility in case someone is calling + * DB_Error() dynamically + */ + public function __call($method, $arguments) + { + if ($method == 'DB_Error') { + return call_user_func_array(array($this, '__construct'), $arguments); + } + trigger_error( + 'Call to undefined method DB_Error::' . $method . '()', E_USER_ERROR + ); + } // }}} } @@ -988,7 +1002,7 @@ class DB_Error extends PEAR_Error * @author Stig Bakken * @copyright 1997-2007 The PHP Group * @license http://www.php.net/license/3_0.txt PHP License 3.0 - * @version Release: 1.8.2 + * @version Release: 1.9.2 * @link http://pear.php.net/package/DB */ class DB_result @@ -1095,7 +1109,7 @@ class DB_result * * @return void */ - function DB_result(&$dbh, $result, $options = array()) + function __construct(&$dbh, $result, $options = array()) { $this->autofree = $dbh->options['autofree']; $this->dbh = &$dbh; @@ -1453,7 +1467,7 @@ class DB_result * @author Stig Bakken * @copyright 1997-2007 The PHP Group * @license http://www.php.net/license/3_0.txt PHP License 3.0 - * @version Release: 1.8.2 + * @version Release: 1.9.2 * @link http://pear.php.net/package/DB * @see DB_common::setFetchMode() */ @@ -1468,7 +1482,7 @@ class DB_row * * @return void */ - function DB_row(&$arr) + function __construct(&$arr) { foreach ($arr as $key => $value) { $this->$key = &$arr[$key]; diff --git a/extlib/DB/common.php b/extlib/DB/common.php index 27829a072a..73e3eb69f7 100644 --- a/extlib/DB/common.php +++ b/extlib/DB/common.php @@ -42,7 +42,7 @@ require_once 'PEAR.php'; * @author Daniel Convissor * @copyright 1997-2007 The PHP Group * @license http://www.php.net/license/3_0.txt PHP License 3.0 - * @version Release: 1.8.2 + * @version Release: 1.9.2 * @link http://pear.php.net/package/DB */ class DB_common extends PEAR @@ -145,7 +145,7 @@ class DB_common extends PEAR * * @return void */ - function DB_common() + function __construct() { $this->PEAR('DB_Error'); } diff --git a/extlib/DB/dbase.php b/extlib/DB/dbase.php index df36f972e3..17750cd5d2 100644 --- a/extlib/DB/dbase.php +++ b/extlib/DB/dbase.php @@ -41,7 +41,7 @@ require_once 'DB/common.php'; * @author Daniel Convissor * @copyright 1997-2007 The PHP Group * @license http://www.php.net/license/3_0.txt PHP License 3.0 - * @version Release: 1.8.2 + * @version Release: 1.9.2 * @link http://pear.php.net/package/DB */ class DB_dbase extends DB_common @@ -140,13 +140,13 @@ class DB_dbase extends DB_common // {{{ constructor /** - * This constructor calls $this->DB_common() + * This constructor calls parent::__construct() * * @return void */ - function DB_dbase() + function __construct() { - $this->DB_common(); + parent::__construct(); } // }}} diff --git a/extlib/DB/fbsql.php b/extlib/DB/fbsql.php index b719da38e2..c32a08d120 100644 --- a/extlib/DB/fbsql.php +++ b/extlib/DB/fbsql.php @@ -41,7 +41,7 @@ require_once 'DB/common.php'; * @author Daniel Convissor * @copyright 1997-2007 The PHP Group * @license http://www.php.net/license/3_0.txt PHP License 3.0 - * @version Release: 1.8.2 + * @version Release: 1.9.2 * @link http://pear.php.net/package/DB * @since Class functional since Release 1.7.0 */ @@ -124,13 +124,13 @@ class DB_fbsql extends DB_common // {{{ constructor /** - * This constructor calls $this->DB_common() + * This constructor calls parent::__construct() * * @return void */ - function DB_fbsql() + function __construct() { - $this->DB_common(); + parent::__construct(); } // }}} diff --git a/extlib/DB/ibase.php b/extlib/DB/ibase.php index 209ac6c3a1..60e07b5fc3 100644 --- a/extlib/DB/ibase.php +++ b/extlib/DB/ibase.php @@ -49,7 +49,7 @@ require_once 'DB/common.php'; * @author Daniel Convissor * @copyright 1997-2007 The PHP Group * @license http://www.php.net/license/3_0.txt PHP License 3.0 - * @version Release: 1.8.2 + * @version Release: 1.9.2 * @link http://pear.php.net/package/DB * @since Class became stable in Release 1.7.0 */ @@ -180,13 +180,13 @@ class DB_ibase extends DB_common // {{{ constructor /** - * This constructor calls $this->DB_common() + * This constructor calls parent::__construct() * * @return void */ - function DB_ibase() + function __construct() { - $this->DB_common(); + parent::__construct(); } // }}} diff --git a/extlib/DB/ifx.php b/extlib/DB/ifx.php index e3150f92fb..5c5709f79e 100644 --- a/extlib/DB/ifx.php +++ b/extlib/DB/ifx.php @@ -48,7 +48,7 @@ require_once 'DB/common.php'; * @author Daniel Convissor * @copyright 1997-2007 The PHP Group * @license http://www.php.net/license/3_0.txt PHP License 3.0 - * @version Release: 1.8.2 + * @version Release: 1.9.2 * @link http://pear.php.net/package/DB */ class DB_ifx extends DB_common @@ -167,13 +167,13 @@ class DB_ifx extends DB_common // {{{ constructor /** - * This constructor calls $this->DB_common() + * This constructor calls parent::__construct() * * @return void */ - function DB_ifx() + function __construct() { - $this->DB_common(); + parent::__construct(); } // }}} diff --git a/extlib/DB/msql.php b/extlib/DB/msql.php index c303bb9067..adcedf7a07 100644 --- a/extlib/DB/msql.php +++ b/extlib/DB/msql.php @@ -47,7 +47,7 @@ require_once 'DB/common.php'; * @author Daniel Convissor * @copyright 1997-2007 The PHP Group * @license http://www.php.net/license/3_0.txt PHP License 3.0 - * @version Release: 1.8.2 + * @version Release: 1.9.2 * @link http://pear.php.net/package/DB * @since Class not functional until Release 1.7.0 */ @@ -126,13 +126,13 @@ class DB_msql extends DB_common // {{{ constructor /** - * This constructor calls $this->DB_common() + * This constructor calls parent::__construct() * * @return void */ - function DB_msql() + function __construct() { - $this->DB_common(); + parent::__construct(); } // }}} diff --git a/extlib/DB/mssql.php b/extlib/DB/mssql.php index e25caf144e..d68ebfa61e 100644 --- a/extlib/DB/mssql.php +++ b/extlib/DB/mssql.php @@ -49,7 +49,7 @@ require_once 'DB/common.php'; * @author Daniel Convissor * @copyright 1997-2007 The PHP Group * @license http://www.php.net/license/3_0.txt PHP License 3.0 - * @version Release: 1.8.2 + * @version Release: 1.9.2 * @link http://pear.php.net/package/DB */ class DB_mssql extends DB_common @@ -179,13 +179,13 @@ class DB_mssql extends DB_common // {{{ constructor /** - * This constructor calls $this->DB_common() + * This constructor calls parent::__construct() * * @return void */ - function DB_mssql() + function __construct() { - $this->DB_common(); + parent::__construct(); } // }}} diff --git a/extlib/DB/mysql.php b/extlib/DB/mysql.php index 21132d62df..ffefbc49fd 100644 --- a/extlib/DB/mysql.php +++ b/extlib/DB/mysql.php @@ -41,7 +41,7 @@ require_once 'DB/common.php'; * @author Daniel Convissor * @copyright 1997-2007 The PHP Group * @license http://www.php.net/license/3_0.txt PHP License 3.0 - * @version Release: 1.8.2 + * @version Release: 1.9.2 * @link http://pear.php.net/package/DB */ class DB_mysql extends DB_common @@ -162,13 +162,13 @@ class DB_mysql extends DB_common // {{{ constructor /** - * This constructor calls $this->DB_common() + * This constructor calls parent::__construct() * * @return void */ - function DB_mysql() + function __construct() { - $this->DB_common(); + parent::__construct(); } // }}} diff --git a/extlib/DB/mysqli.php b/extlib/DB/mysqli.php index 5f081f7c4f..4f56f0fdac 100644 --- a/extlib/DB/mysqli.php +++ b/extlib/DB/mysqli.php @@ -43,7 +43,7 @@ require_once 'DB/common.php'; * @author Daniel Convissor * @copyright 1997-2007 The PHP Group * @license http://www.php.net/license/3_0.txt PHP License 3.0 - * @version Release: 1.8.2 + * @version Release: 1.9.2 * @link http://pear.php.net/package/DB * @since Class functional since Release 1.6.3 */ @@ -224,13 +224,13 @@ class DB_mysqli extends DB_common // {{{ constructor /** - * This constructor calls $this->DB_common() + * This constructor calls parent::__construct() * * @return void */ - function DB_mysqli() + function __construct() { - $this->DB_common(); + parent::__construct(); } // }}} @@ -497,7 +497,11 @@ class DB_mysqli extends DB_common */ function freeResult($result) { - return is_resource($result) ? mysqli_free_result($result) : false; + if (! $result instanceof mysqli_result) { + return false; + } + mysqli_free_result($result); + return true; } // }}} @@ -1031,6 +1035,10 @@ class DB_mysqli extends DB_common ? $this->mysqli_types[$tmp->type] : 'unknown', // http://bugs.php.net/?id=36579 + // Doc Bug #36579: mysqli_fetch_field length handling + // https://bugs.php.net/bug.php?id=62426 + // Bug #62426: mysqli_fetch_field_direct returns incorrect + // length on UTF8 fields 'len' => $tmp->length, 'flags' => $flags, ); diff --git a/extlib/DB/oci8.php b/extlib/DB/oci8.php index 9685c60e0c..1ca7a04e22 100644 --- a/extlib/DB/oci8.php +++ b/extlib/DB/oci8.php @@ -47,7 +47,7 @@ require_once 'DB/common.php'; * @author Daniel Convissor * @copyright 1997-2007 The PHP Group * @license http://www.php.net/license/3_0.txt PHP License 3.0 - * @version Release: 1.8.2 + * @version Release: 1.9.2 * @link http://pear.php.net/package/DB */ class DB_oci8 extends DB_common @@ -173,13 +173,13 @@ class DB_oci8 extends DB_common // {{{ constructor /** - * This constructor calls $this->DB_common() + * This constructor calls parent::__construct() * * @return void */ - function DB_oci8() + function __construct() { - $this->DB_common(); + parent::__construct(); } // }}} diff --git a/extlib/DB/odbc.php b/extlib/DB/odbc.php index 75d4fe74ff..a33406a654 100644 --- a/extlib/DB/odbc.php +++ b/extlib/DB/odbc.php @@ -44,7 +44,7 @@ require_once 'DB/common.php'; * @author Daniel Convissor * @copyright 1997-2007 The PHP Group * @license http://www.php.net/license/3_0.txt PHP License 3.0 - * @version Release: 1.8.2 + * @version Release: 1.9.2 * @link http://pear.php.net/package/DB */ class DB_odbc extends DB_common @@ -153,13 +153,13 @@ class DB_odbc extends DB_common // {{{ constructor /** - * This constructor calls $this->DB_common() + * This constructor calls parent::__construct() * * @return void */ - function DB_odbc() + function __construct() { - $this->DB_common(); + parent::__construct(); } // }}} diff --git a/extlib/DB/pgsql.php b/extlib/DB/pgsql.php index adfd6bf0a4..098d9f040a 100644 --- a/extlib/DB/pgsql.php +++ b/extlib/DB/pgsql.php @@ -43,7 +43,7 @@ require_once 'DB/common.php'; * @author Daniel Convissor * @copyright 1997-2007 The PHP Group * @license http://www.php.net/license/3_0.txt PHP License 3.0 - * @version Release: 1.8.2 + * @version Release: 1.9.2 * @link http://pear.php.net/package/DB */ class DB_pgsql extends DB_common @@ -148,13 +148,13 @@ class DB_pgsql extends DB_common // {{{ constructor /** - * This constructor calls $this->DB_common() + * This constructor calls parent::__construct() * * @return void */ - function DB_pgsql() + function __construct() { - $this->DB_common(); + parent::__construct(); } // }}} diff --git a/extlib/DB/sqlite.php b/extlib/DB/sqlite.php index 7adfb4c475..9c5c8b3523 100644 --- a/extlib/DB/sqlite.php +++ b/extlib/DB/sqlite.php @@ -47,7 +47,7 @@ require_once 'DB/common.php'; * @author Daniel Convissor * @copyright 1997-2007 The PHP Group * @license http://www.php.net/license/3_0.txt PHP License 3.0 3.0 - * @version Release: 1.8.2 + * @version Release: 1.9.2 * @link http://pear.php.net/package/DB */ class DB_sqlite extends DB_common @@ -152,13 +152,13 @@ class DB_sqlite extends DB_common // {{{ constructor /** - * This constructor calls $this->DB_common() + * This constructor calls parent::__construct() * * @return void */ - function DB_sqlite() + function __construct() { - $this->DB_common(); + parent::__construct(); } // }}} diff --git a/extlib/DB/storage.php b/extlib/DB/storage.php index 9ac23c825e..640d86f2b9 100644 --- a/extlib/DB/storage.php +++ b/extlib/DB/storage.php @@ -38,7 +38,7 @@ require_once 'DB.php'; * @author Stig Bakken * @copyright 1997-2007 The PHP Group * @license http://www.php.net/license/3_0.txt PHP License 3.0 - * @version Release: 1.8.2 + * @version Release: 1.9.2 * @link http://pear.php.net/package/DB */ class DB_storage extends PEAR @@ -94,7 +94,7 @@ class DB_storage extends PEAR * a reference to this object * */ - function DB_storage($table, $keycolumn, &$dbh, $validator = null) + function __construct($table, $keycolumn, &$dbh, $validator = null) { $this->PEAR('DB_Error'); $this->_table = $table; diff --git a/extlib/DB/sybase.php b/extlib/DB/sybase.php index d87b18caab..14d054b246 100644 --- a/extlib/DB/sybase.php +++ b/extlib/DB/sybase.php @@ -46,7 +46,7 @@ require_once 'DB/common.php'; * @author Daniel Convissor * @copyright 1997-2007 The PHP Group * @license http://www.php.net/license/3_0.txt PHP License 3.0 - * @version Release: 1.8.2 + * @version Release: 1.9.2 * @link http://pear.php.net/package/DB */ class DB_sybase extends DB_common @@ -141,13 +141,13 @@ class DB_sybase extends DB_common // {{{ constructor /** - * This constructor calls $this->DB_common() + * This constructor calls parent::__construct() * * @return void */ - function DB_sybase() + function __construct() { - $this->DB_common(); + parent::__construct(); } // }}} From a4a6a8469eb720a41d1cddbdbdbc624eb12a1313 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Mon, 10 Jul 2017 13:46:07 +0200 Subject: [PATCH 380/415] Updating HTMLPurifier to 4.9.3 Source: https://htmlpurifier.org/download Release date: 2017-06-19 --- extlib/HTMLPurifier/HTMLPurifier.includes.php | 7 +- extlib/HTMLPurifier/HTMLPurifier.php | 8 +- .../HTMLPurifier.safe-includes.php | 5 + extlib/HTMLPurifier/HTMLPurifier/Arborize.php | 6 +- .../HTMLPurifier/AttrCollections.php | 5 + extlib/HTMLPurifier/HTMLPurifier/AttrDef.php | 8 +- .../HTMLPurifier/HTMLPurifier/AttrDef/CSS.php | 46 ++++-- .../HTMLPurifier/AttrDef/CSS/Color.php | 128 ++++++++++++----- .../HTMLPurifier/AttrDef/CSS/FontFamily.php | 2 + .../HTMLPurifier/AttrDef/CSS/URI.php | 3 + .../HTMLPurifier/AttrDef/HTML/ID.php | 32 +++-- .../HTMLPurifier/AttrDef/URI/Host.php | 30 ++-- .../AttrTransform/ImgRequired.php | 3 +- .../AttrTransform/TargetNoopener.php | 37 +++++ .../AttrTransform/TargetNoreferrer.php | 37 +++++ .../HTMLPurifier/CSSDefinition.php | 17 +++ .../HTMLPurifier/ChildDef/List.php | 10 +- .../HTMLPurifier/ChildDef/Table.php | 2 +- extlib/HTMLPurifier/HTMLPurifier/Config.php | 4 +- .../HTMLPurifier/ConfigSchema.php | 14 +- .../HTMLPurifier/ConfigSchema/schema.ser | Bin 15305 -> 15923 bytes .../ConfigSchema/schema/Attr.ID.HTML5.txt | 10 ++ .../schema/CSS.AllowDuplicates.txt | 11 ++ .../schema/Cache.SerializerPermissions.txt | 7 +- .../schema/Core.AggressivelyRemoveScript.txt | 16 +++ .../schema/Core.LegacyEntityDecoder.txt | 36 +++++ .../schema/HTML.TargetNoopener.txt | 10 ++ .../schema/HTML.TargetNoreferrer.txt | 9 ++ .../schema/URI.AllowedSchemes.txt | 1 + .../ConfigSchema/schema/URI.DefaultScheme.txt | 7 +- .../ConfigSchema/schema/URI.Munge.txt | 98 ++++++------- .../HTMLPurifier/DefinitionCache.php | 2 +- .../DefinitionCache/Serializer.php | 37 +++-- extlib/HTMLPurifier/HTMLPurifier/Encoder.php | 12 +- .../HTMLPurifier/EntityParser.php | 134 +++++++++++++++++- .../Filter/ExtractStyleBlocks.php | 5 +- .../HTMLPurifier/HTMLPurifier/Generator.php | 2 +- .../HTMLModule/TargetNoopener.php | 21 +++ .../HTMLModule/TargetNoreferrer.php | 21 +++ .../HTMLPurifier/HTMLModuleManager.php | 8 ++ .../HTMLPurifier/Injector/Linkify.php | 13 +- .../HTMLPurifier/Injector/RemoveEmpty.php | 6 + .../HTMLPurifier/Injector/SafeObject.php | 7 +- extlib/HTMLPurifier/HTMLPurifier/Lexer.php | 51 +++++-- .../HTMLPurifier/Lexer/DOMLex.php | 34 +++-- .../HTMLPurifier/Lexer/DirectLex.php | 16 +-- .../HTMLPurifier/HTMLPurifier/Lexer/PH5P.php | 9 +- .../HTMLPurifier/Printer/ConfigForm.php | 4 + .../HTMLPurifier/Strategy/MakeWellFormed.php | 67 ++++++++- extlib/HTMLPurifier/HTMLPurifier/Token.php | 2 +- extlib/HTMLPurifier/HTMLPurifier/URI.php | 12 +- .../HTMLPurifier/URIScheme/data.php | 11 +- .../HTMLPurifier/URIScheme/tel.php | 46 ++++++ extlib/HTMLPurifier/VERSION | 2 +- 54 files changed, 919 insertions(+), 212 deletions(-) create mode 100644 extlib/HTMLPurifier/HTMLPurifier/AttrTransform/TargetNoopener.php create mode 100644 extlib/HTMLPurifier/HTMLPurifier/AttrTransform/TargetNoreferrer.php create mode 100644 extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/Attr.ID.HTML5.txt create mode 100644 extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowDuplicates.txt create mode 100644 extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyRemoveScript.txt create mode 100644 extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/Core.LegacyEntityDecoder.txt create mode 100644 extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/HTML.TargetNoopener.txt create mode 100644 extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/HTML.TargetNoreferrer.txt create mode 100644 extlib/HTMLPurifier/HTMLPurifier/HTMLModule/TargetNoopener.php create mode 100644 extlib/HTMLPurifier/HTMLPurifier/HTMLModule/TargetNoreferrer.php create mode 100644 extlib/HTMLPurifier/HTMLPurifier/URIScheme/tel.php diff --git a/extlib/HTMLPurifier/HTMLPurifier.includes.php b/extlib/HTMLPurifier/HTMLPurifier.includes.php index fdb58c2d37..e8bce5c850 100644 --- a/extlib/HTMLPurifier/HTMLPurifier.includes.php +++ b/extlib/HTMLPurifier/HTMLPurifier.includes.php @@ -7,7 +7,7 @@ * primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS * FILE, changes will be overwritten the next time the script is run. * - * @version 4.7.0 + * @version 4.9.3 * * @warning * You must *not* include any other HTML Purifier files before this file, @@ -137,6 +137,8 @@ require 'HTMLPurifier/AttrTransform/SafeObject.php'; require 'HTMLPurifier/AttrTransform/SafeParam.php'; require 'HTMLPurifier/AttrTransform/ScriptRequired.php'; require 'HTMLPurifier/AttrTransform/TargetBlank.php'; +require 'HTMLPurifier/AttrTransform/TargetNoopener.php'; +require 'HTMLPurifier/AttrTransform/TargetNoreferrer.php'; require 'HTMLPurifier/AttrTransform/Textarea.php'; require 'HTMLPurifier/ChildDef/Chameleon.php'; require 'HTMLPurifier/ChildDef/Custom.php'; @@ -175,6 +177,8 @@ require 'HTMLPurifier/HTMLModule/StyleAttribute.php'; require 'HTMLPurifier/HTMLModule/Tables.php'; require 'HTMLPurifier/HTMLModule/Target.php'; require 'HTMLPurifier/HTMLModule/TargetBlank.php'; +require 'HTMLPurifier/HTMLModule/TargetNoopener.php'; +require 'HTMLPurifier/HTMLModule/TargetNoreferrer.php'; require 'HTMLPurifier/HTMLModule/Text.php'; require 'HTMLPurifier/HTMLModule/Tidy.php'; require 'HTMLPurifier/HTMLModule/XMLCommonAttributes.php'; @@ -225,5 +229,6 @@ require 'HTMLPurifier/URIScheme/https.php'; require 'HTMLPurifier/URIScheme/mailto.php'; require 'HTMLPurifier/URIScheme/news.php'; require 'HTMLPurifier/URIScheme/nntp.php'; +require 'HTMLPurifier/URIScheme/tel.php'; require 'HTMLPurifier/VarParser/Flexible.php'; require 'HTMLPurifier/VarParser/Native.php'; diff --git a/extlib/HTMLPurifier/HTMLPurifier.php b/extlib/HTMLPurifier/HTMLPurifier.php index c6041bc113..b4605ebc6e 100644 --- a/extlib/HTMLPurifier/HTMLPurifier.php +++ b/extlib/HTMLPurifier/HTMLPurifier.php @@ -19,7 +19,7 @@ */ /* - HTML Purifier 4.7.0 - Standards Compliant HTML Filtering + HTML Purifier 4.9.3 - Standards Compliant HTML Filtering Copyright (C) 2006-2008 Edward Z. Yang This library is free software; you can redistribute it and/or @@ -58,12 +58,12 @@ class HTMLPurifier * Version of HTML Purifier. * @type string */ - public $version = '4.7.0'; + public $version = '4.9.3'; /** * Constant with version of HTML Purifier. */ - const VERSION = '4.7.0'; + const VERSION = '4.9.3'; /** * Global configuration object. @@ -104,7 +104,7 @@ class HTMLPurifier /** * Initializes the purifier. * - * @param HTMLPurifier_Config $config Optional HTMLPurifier_Config object + * @param HTMLPurifier_Config|mixed $config Optional HTMLPurifier_Config object * for all instances of the purifier, if omitted, a default * configuration is supplied (which can be overridden on a * per-use basis). diff --git a/extlib/HTMLPurifier/HTMLPurifier.safe-includes.php b/extlib/HTMLPurifier/HTMLPurifier.safe-includes.php index 9dea6d1ed5..a3261f8a32 100644 --- a/extlib/HTMLPurifier/HTMLPurifier.safe-includes.php +++ b/extlib/HTMLPurifier/HTMLPurifier.safe-includes.php @@ -131,6 +131,8 @@ require_once $__dir . '/HTMLPurifier/AttrTransform/SafeObject.php'; require_once $__dir . '/HTMLPurifier/AttrTransform/SafeParam.php'; require_once $__dir . '/HTMLPurifier/AttrTransform/ScriptRequired.php'; require_once $__dir . '/HTMLPurifier/AttrTransform/TargetBlank.php'; +require_once $__dir . '/HTMLPurifier/AttrTransform/TargetNoopener.php'; +require_once $__dir . '/HTMLPurifier/AttrTransform/TargetNoreferrer.php'; require_once $__dir . '/HTMLPurifier/AttrTransform/Textarea.php'; require_once $__dir . '/HTMLPurifier/ChildDef/Chameleon.php'; require_once $__dir . '/HTMLPurifier/ChildDef/Custom.php'; @@ -169,6 +171,8 @@ require_once $__dir . '/HTMLPurifier/HTMLModule/StyleAttribute.php'; require_once $__dir . '/HTMLPurifier/HTMLModule/Tables.php'; require_once $__dir . '/HTMLPurifier/HTMLModule/Target.php'; require_once $__dir . '/HTMLPurifier/HTMLModule/TargetBlank.php'; +require_once $__dir . '/HTMLPurifier/HTMLModule/TargetNoopener.php'; +require_once $__dir . '/HTMLPurifier/HTMLModule/TargetNoreferrer.php'; require_once $__dir . '/HTMLPurifier/HTMLModule/Text.php'; require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy.php'; require_once $__dir . '/HTMLPurifier/HTMLModule/XMLCommonAttributes.php'; @@ -219,5 +223,6 @@ require_once $__dir . '/HTMLPurifier/URIScheme/https.php'; require_once $__dir . '/HTMLPurifier/URIScheme/mailto.php'; require_once $__dir . '/HTMLPurifier/URIScheme/news.php'; require_once $__dir . '/HTMLPurifier/URIScheme/nntp.php'; +require_once $__dir . '/HTMLPurifier/URIScheme/tel.php'; require_once $__dir . '/HTMLPurifier/VarParser/Flexible.php'; require_once $__dir . '/HTMLPurifier/VarParser/Native.php'; diff --git a/extlib/HTMLPurifier/HTMLPurifier/Arborize.php b/extlib/HTMLPurifier/HTMLPurifier/Arborize.php index 9e6617be5d..d2e9d22a20 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/Arborize.php +++ b/extlib/HTMLPurifier/HTMLPurifier/Arborize.php @@ -19,8 +19,8 @@ class HTMLPurifier_Arborize if ($token instanceof HTMLPurifier_Token_End) { $token->start = null; // [MUT] $r = array_pop($stack); - assert($r->name === $token->name); - assert(empty($token->attr)); + //assert($r->name === $token->name); + //assert(empty($token->attr)); $r->endCol = $token->col; $r->endLine = $token->line; $r->endArmor = $token->armor; @@ -32,7 +32,7 @@ class HTMLPurifier_Arborize $stack[] = $node; } } - assert(count($stack) == 1); + //assert(count($stack) == 1); return $stack[0]; } diff --git a/extlib/HTMLPurifier/HTMLPurifier/AttrCollections.php b/extlib/HTMLPurifier/HTMLPurifier/AttrCollections.php index 4f6c2e39a2..c7b17cf144 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/AttrCollections.php +++ b/extlib/HTMLPurifier/HTMLPurifier/AttrCollections.php @@ -21,6 +21,11 @@ class HTMLPurifier_AttrCollections * @param HTMLPurifier_HTMLModule[] $modules Hash array of HTMLPurifier_HTMLModule members */ public function __construct($attr_types, $modules) + { + $this->doConstruct($attr_types, $modules); + } + + public function doConstruct($attr_types, $modules) { // load extensions from the modules foreach ($modules as $module) { diff --git a/extlib/HTMLPurifier/HTMLPurifier/AttrDef.php b/extlib/HTMLPurifier/HTMLPurifier/AttrDef.php index 5ac06522b9..739646fa7c 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/AttrDef.php +++ b/extlib/HTMLPurifier/HTMLPurifier/AttrDef.php @@ -86,7 +86,13 @@ abstract class HTMLPurifier_AttrDef */ protected function mungeRgb($string) { - return preg_replace('/rgb\((\d+)\s*,\s*(\d+)\s*,\s*(\d+)\)/', 'rgb(\1,\2,\3)', $string); + $p = '\s*(\d+(\.\d+)?([%]?))\s*'; + + if (preg_match('/(rgba|hsla)\(/', $string)) { + return preg_replace('/(rgba|hsla)\('.$p.','.$p.','.$p.','.$p.'\)/', '\1(\2,\5,\8,\11)', $string); + } + + return preg_replace('/(rgb|hsl)\('.$p.','.$p.','.$p.'\)/', '\1(\2,\5,\8)', $string); } /** diff --git a/extlib/HTMLPurifier/HTMLPurifier/AttrDef/CSS.php b/extlib/HTMLPurifier/HTMLPurifier/AttrDef/CSS.php index 02c1641fb2..ad2cb90ad1 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/AttrDef/CSS.php +++ b/extlib/HTMLPurifier/HTMLPurifier/AttrDef/CSS.php @@ -25,15 +25,42 @@ class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef $css = $this->parseCDATA($css); $definition = $config->getCSSDefinition(); + $allow_duplicates = $config->get("CSS.AllowDuplicates"); - // we're going to break the spec and explode by semicolons. - // This is because semicolon rarely appears in escaped form - // Doing this is generally flaky but fast - // IT MIGHT APPEAR IN URIs, see HTMLPurifier_AttrDef_CSSURI - // for details - $declarations = explode(';', $css); + // According to the CSS2.1 spec, the places where a + // non-delimiting semicolon can appear are in strings + // escape sequences. So here is some dumb hack to + // handle quotes. + $len = strlen($css); + $accum = ""; + $declarations = array(); + $quoted = false; + for ($i = 0; $i < $len; $i++) { + $c = strcspn($css, ";'\"", $i); + $accum .= substr($css, $i, $c); + $i += $c; + if ($i == $len) break; + $d = $css[$i]; + if ($quoted) { + $accum .= $d; + if ($d == $quoted) { + $quoted = false; + } + } else { + if ($d == ";") { + $declarations[] = $accum; + $accum = ""; + } else { + $accum .= $d; + $quoted = $d; + } + } + } + if ($accum != "") $declarations[] = $accum; + $propvalues = array(); + $new_declarations = ''; /** * Name of the current CSS property being validated. @@ -83,7 +110,11 @@ class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef if ($result === false) { continue; } - $propvalues[$property] = $result; + if ($allow_duplicates) { + $new_declarations .= "$property:$result;"; + } else { + $propvalues[$property] = $result; + } } $context->destroy('CurrentCSSProperty'); @@ -92,7 +123,6 @@ class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef // slightly inefficient, but it's the only way of getting rid of // duplicates. Perhaps config to optimize it, but not now. - $new_declarations = ''; foreach ($propvalues as $prop => $value) { $new_declarations .= "$prop:$value;"; } diff --git a/extlib/HTMLPurifier/HTMLPurifier/AttrDef/CSS/Color.php b/extlib/HTMLPurifier/HTMLPurifier/AttrDef/CSS/Color.php index 16d2a6b98c..d7287a00c2 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/AttrDef/CSS/Color.php +++ b/extlib/HTMLPurifier/HTMLPurifier/AttrDef/CSS/Color.php @@ -6,6 +6,16 @@ class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef { + /** + * @type HTMLPurifier_AttrDef_CSS_AlphaValue + */ + protected $alpha; + + public function __construct() + { + $this->alpha = new HTMLPurifier_AttrDef_CSS_AlphaValue(); + } + /** * @param string $color * @param HTMLPurifier_Config $config @@ -29,59 +39,104 @@ class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef return $colors[$lower]; } - if (strpos($color, 'rgb(') !== false) { - // rgb literal handling + if (preg_match('#(rgb|rgba|hsl|hsla)\(#', $color, $matches) === 1) { $length = strlen($color); if (strpos($color, ')') !== $length - 1) { return false; } - $triad = substr($color, 4, $length - 4 - 1); - $parts = explode(',', $triad); - if (count($parts) !== 3) { + + // get used function : rgb, rgba, hsl or hsla + $function = $matches[1]; + + $parameters_size = 3; + $alpha_channel = false; + if (substr($function, -1) === 'a') { + $parameters_size = 4; + $alpha_channel = true; + } + + /* + * Allowed types for values : + * parameter_position => [type => max_value] + */ + $allowed_types = array( + 1 => array('percentage' => 100, 'integer' => 255), + 2 => array('percentage' => 100, 'integer' => 255), + 3 => array('percentage' => 100, 'integer' => 255), + ); + $allow_different_types = false; + + if (strpos($function, 'hsl') !== false) { + $allowed_types = array( + 1 => array('integer' => 360), + 2 => array('percentage' => 100), + 3 => array('percentage' => 100), + ); + $allow_different_types = true; + } + + $values = trim(str_replace($function, '', $color), ' ()'); + + $parts = explode(',', $values); + if (count($parts) !== $parameters_size) { return false; } - $type = false; // to ensure that they're all the same type + + $type = false; $new_parts = array(); + $i = 0; + foreach ($parts as $part) { + $i++; $part = trim($part); + if ($part === '') { return false; } - $length = strlen($part); - if ($part[$length - 1] === '%') { - // handle percents - if (!$type) { - $type = 'percentage'; - } elseif ($type !== 'percentage') { + + // different check for alpha channel + if ($alpha_channel === true && $i === count($parts)) { + $result = $this->alpha->validate($part, $config, $context); + + if ($result === false) { return false; } - $num = (float)substr($part, 0, $length - 1); - if ($num < 0) { - $num = 0; - } - if ($num > 100) { - $num = 100; - } - $new_parts[] = "$num%"; + + $new_parts[] = (string)$result; + continue; + } + + if (substr($part, -1) === '%') { + $current_type = 'percentage'; } else { - // handle integers - if (!$type) { - $type = 'integer'; - } elseif ($type !== 'integer') { - return false; - } - $num = (int)$part; - if ($num < 0) { - $num = 0; - } - if ($num > 255) { - $num = 255; - } - $new_parts[] = (string)$num; + $current_type = 'integer'; + } + + if (!array_key_exists($current_type, $allowed_types[$i])) { + return false; + } + + if (!$type) { + $type = $current_type; + } + + if ($allow_different_types === false && $type != $current_type) { + return false; + } + + $max_value = $allowed_types[$i][$current_type]; + + if ($current_type == 'integer') { + // Return value between range 0 -> $max_value + $new_parts[] = (int)max(min($part, $max_value), 0); + } elseif ($current_type == 'percentage') { + $new_parts[] = (float)max(min(rtrim($part, '%'), $max_value), 0) . '%'; } } - $new_triad = implode(',', $new_parts); - $color = "rgb($new_triad)"; + + $new_values = implode(',', $new_parts); + + $color = $function . '(' . $new_values . ')'; } else { // hexadecimal handling if ($color[0] === '#') { @@ -100,6 +155,7 @@ class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef } return $color; } + } // vim: et sw=4 sts=4 diff --git a/extlib/HTMLPurifier/HTMLPurifier/AttrDef/CSS/FontFamily.php b/extlib/HTMLPurifier/HTMLPurifier/AttrDef/CSS/FontFamily.php index 86101020dc..74e24c8816 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/AttrDef/CSS/FontFamily.php +++ b/extlib/HTMLPurifier/HTMLPurifier/AttrDef/CSS/FontFamily.php @@ -130,6 +130,8 @@ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef // . See // the CSS3 spec for more examples: // + // You can see live samples of these on the Internet: + // // However, most of these fonts have ASCII equivalents: // for example, 'MS Mincho', and it's considered // professional to use ASCII font names instead of diff --git a/extlib/HTMLPurifier/HTMLPurifier/AttrDef/CSS/URI.php b/extlib/HTMLPurifier/HTMLPurifier/AttrDef/CSS/URI.php index f9434230e2..6617acace5 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/AttrDef/CSS/URI.php +++ b/extlib/HTMLPurifier/HTMLPurifier/AttrDef/CSS/URI.php @@ -33,6 +33,9 @@ class HTMLPurifier_AttrDef_CSS_URI extends HTMLPurifier_AttrDef_URI return false; } $uri_string = substr($uri_string, 4); + if (strlen($uri_string) == 0) { + return false; + } $new_length = strlen($uri_string) - 1; if ($uri_string[$new_length] != ')') { return false; diff --git a/extlib/HTMLPurifier/HTMLPurifier/AttrDef/HTML/ID.php b/extlib/HTMLPurifier/HTMLPurifier/AttrDef/HTML/ID.php index 3d86efb44c..4ba45610fe 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/AttrDef/HTML/ID.php +++ b/extlib/HTMLPurifier/HTMLPurifier/AttrDef/HTML/ID.php @@ -72,18 +72,26 @@ class HTMLPurifier_AttrDef_HTML_ID extends HTMLPurifier_AttrDef // we purposely avoid using regex, hopefully this is faster - if (ctype_alpha($id)) { - $result = true; - } else { - if (!ctype_alpha(@$id[0])) { + if ($config->get('Attr.ID.HTML5') === true) { + if (preg_match('/[\t\n\x0b\x0c ]/', $id)) { return false; } - // primitive style of regexps, I suppose - $trim = trim( - $id, - 'A..Za..z0..9:-._' - ); - $result = ($trim === ''); + } else { + if (ctype_alpha($id)) { + // OK + } else { + if (!ctype_alpha(@$id[0])) { + return false; + } + // primitive style of regexps, I suppose + $trim = trim( + $id, + 'A..Za..z0..9:-._' + ); + if ($trim !== '') { + return false; + } + } } $regexp = $config->get('Attr.IDBlacklistRegexp'); @@ -91,14 +99,14 @@ class HTMLPurifier_AttrDef_HTML_ID extends HTMLPurifier_AttrDef return false; } - if (!$this->selector && $result) { + if (!$this->selector) { $id_accumulator->add($id); } // if no change was made to the ID, return the result // else, return the new id if stripping whitespace made it // valid, or return false. - return $result ? $id : false; + return $id; } } diff --git a/extlib/HTMLPurifier/HTMLPurifier/AttrDef/URI/Host.php b/extlib/HTMLPurifier/HTMLPurifier/AttrDef/URI/Host.php index e7df800b1e..3b4d186743 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/AttrDef/URI/Host.php +++ b/extlib/HTMLPurifier/HTMLPurifier/AttrDef/URI/Host.php @@ -76,24 +76,33 @@ class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef // fairly well supported. $underscore = $config->get('Core.AllowHostnameUnderscore') ? '_' : ''; + // Based off of RFC 1738, but amended so that + // as per RFC 3696, the top label need only not be all numeric. // The productions describing this are: $a = '[a-z]'; // alpha $an = '[a-z0-9]'; // alphanum $and = "[a-z0-9-$underscore]"; // alphanum | "-" // domainlabel = alphanum | alphanum *( alphanum | "-" ) alphanum - $domainlabel = "$an($and*$an)?"; - // toplabel = alpha | alpha *( alphanum | "-" ) alphanum - $toplabel = "$a($and*$an)?"; + $domainlabel = "$an(?:$and*$an)?"; + // AMENDED as per RFC 3696 + // toplabel = alphanum | alphanum *( alphanum | "-" ) alphanum + // side condition: not all numeric + $toplabel = "$an(?:$and*$an)?"; // hostname = *( domainlabel "." ) toplabel [ "." ] - if (preg_match("/^($domainlabel\.)*$toplabel\.?$/i", $string)) { - return $string; + if (preg_match("/^(?:$domainlabel\.)*($toplabel)\.?$/i", $string, $matches)) { + if (!ctype_digit($matches[1])) { + return $string; + } } + // PHP 5.3 and later support this functionality natively + if (function_exists('idn_to_ascii')) { + $string = idn_to_ascii($string); + // If we have Net_IDNA2 support, we can support IRIs by // punycoding them. (This is the most portable thing to do, // since otherwise we have to assume browsers support - - if ($config->get('Core.EnableIDNA')) { + } elseif ($config->get('Core.EnableIDNA')) { $idna = new Net_IDNA2(array('encoding' => 'utf8', 'overlong' => false, 'strict' => true)); // we need to encode each period separately $parts = explode('.', $string); @@ -114,13 +123,14 @@ class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef } } $string = implode('.', $new_parts); - if (preg_match("/^($domainlabel\.)*$toplabel\.?$/i", $string)) { - return $string; - } } catch (Exception $e) { // XXX error reporting } } + // Try again + if (preg_match("/^($domainlabel\.)*$toplabel\.?$/i", $string)) { + return $string; + } return false; } } diff --git a/extlib/HTMLPurifier/HTMLPurifier/AttrTransform/ImgRequired.php b/extlib/HTMLPurifier/HTMLPurifier/AttrTransform/ImgRequired.php index 7df6cb3e1b..235ebb34b6 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/AttrTransform/ImgRequired.php +++ b/extlib/HTMLPurifier/HTMLPurifier/AttrTransform/ImgRequired.php @@ -32,8 +32,7 @@ class HTMLPurifier_AttrTransform_ImgRequired extends HTMLPurifier_AttrTransform if ($src) { $alt = $config->get('Attr.DefaultImageAlt'); if ($alt === null) { - // truncate if the alt is too long - $attr['alt'] = substr(basename($attr['src']), 0, 40); + $attr['alt'] = basename($attr['src']); } else { $attr['alt'] = $alt; } diff --git a/extlib/HTMLPurifier/HTMLPurifier/AttrTransform/TargetNoopener.php b/extlib/HTMLPurifier/HTMLPurifier/AttrTransform/TargetNoopener.php new file mode 100644 index 0000000000..1db3c6c09e --- /dev/null +++ b/extlib/HTMLPurifier/HTMLPurifier/AttrTransform/TargetNoopener.php @@ -0,0 +1,37 @@ +get('CSS.MaxImgLength'); + $this->info['min-width'] = + $this->info['max-width'] = + $this->info['min-height'] = + $this->info['max-height'] = $this->info['width'] = $this->info['height'] = $max === null ? @@ -370,6 +374,19 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition ); $this->info['page-break-inside'] = new HTMLPurifier_AttrDef_Enum(array('auto', 'avoid')); + $border_radius = new HTMLPurifier_AttrDef_CSS_Composite( + array( + new HTMLPurifier_AttrDef_CSS_Percentage(true), // disallow negative + new HTMLPurifier_AttrDef_CSS_Length('0') // disallow negative + )); + + $this->info['border-top-left-radius'] = + $this->info['border-top-right-radius'] = + $this->info['border-bottom-right-radius'] = + $this->info['border-bottom-left-radius'] = new HTMLPurifier_AttrDef_CSS_Multiple($border_radius, 2); + // TODO: support SLASH syntax + $this->info['border-radius'] = new HTMLPurifier_AttrDef_CSS_Multiple($border_radius, 4); + } /** diff --git a/extlib/HTMLPurifier/HTMLPurifier/ChildDef/List.php b/extlib/HTMLPurifier/HTMLPurifier/ChildDef/List.php index 891b9f6f5b..4fc70e0efa 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/ChildDef/List.php +++ b/extlib/HTMLPurifier/HTMLPurifier/ChildDef/List.php @@ -38,13 +38,19 @@ class HTMLPurifier_ChildDef_List extends HTMLPurifier_ChildDef return false; } + // if li is not allowed, delete parent node + if (!isset($config->getHTMLDefinition()->info['li'])) { + trigger_error("Cannot allow ul/ol without allowing li", E_USER_WARNING); + return false; + } + // the new set of children $result = array(); // a little sanity check to make sure it's not ALL whitespace $all_whitespace = true; - $current_li = false; + $current_li = null; foreach ($children as $node) { if (!empty($node->is_whitespace)) { @@ -65,7 +71,7 @@ class HTMLPurifier_ChildDef_List extends HTMLPurifier_ChildDef // to handle non-list elements; non-list elements should // not be appended to an existing li; only li created // for non-list. This distinction is not currently made. - if ($current_li === false) { + if ($current_li === null) { $current_li = new HTMLPurifier_Node_Element('li'); $result[] = $current_li; } diff --git a/extlib/HTMLPurifier/HTMLPurifier/ChildDef/Table.php b/extlib/HTMLPurifier/HTMLPurifier/ChildDef/Table.php index 3e4a0f2182..cb6b3e6cdc 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/ChildDef/Table.php +++ b/extlib/HTMLPurifier/HTMLPurifier/ChildDef/Table.php @@ -203,7 +203,7 @@ class HTMLPurifier_ChildDef_Table extends HTMLPurifier_ChildDef $current_tr_tbody->children[] = $node; break; case '#PCDATA': - assert($node->is_whitespace); + //assert($node->is_whitespace); if ($current_tr_tbody === null) { $ret[] = $node; } else { diff --git a/extlib/HTMLPurifier/HTMLPurifier/Config.php b/extlib/HTMLPurifier/HTMLPurifier/Config.php index 2b2db0c264..3648364b30 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/Config.php +++ b/extlib/HTMLPurifier/HTMLPurifier/Config.php @@ -21,7 +21,7 @@ class HTMLPurifier_Config * HTML Purifier's version * @type string */ - public $version = '4.7.0'; + public $version = '4.9.3'; /** * Whether or not to automatically finalize @@ -333,7 +333,7 @@ class HTMLPurifier_Config } // Raw type might be negative when using the fully optimized form - // of stdclass, which indicates allow_null == true + // of stdClass, which indicates allow_null == true $rtype = is_int($def) ? $def : $def->type; if ($rtype < 0) { $type = -$rtype; diff --git a/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema.php b/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema.php index bfbb0f92f5..655c0e97ae 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema.php +++ b/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema.php @@ -24,11 +24,11 @@ class HTMLPurifier_ConfigSchema * * array( * 'Namespace' => array( - * 'Directive' => new stdclass(), + * 'Directive' => new stdClass(), * ) * ) * - * The stdclass may have the following properties: + * The stdClass may have the following properties: * * - If isAlias isn't set: * - type: Integer type of directive, see HTMLPurifier_VarParser for definitions @@ -39,8 +39,8 @@ class HTMLPurifier_ConfigSchema * - namespace: Namespace this directive aliases to * - name: Directive name this directive aliases to * - * In certain degenerate cases, stdclass will actually be an integer. In - * that case, the value is equivalent to an stdclass with the type + * In certain degenerate cases, stdClass will actually be an integer. In + * that case, the value is equivalent to an stdClass with the type * property set to the integer. If the integer is negative, type is * equal to the absolute value of integer, and allow_null is true. * @@ -105,7 +105,7 @@ class HTMLPurifier_ConfigSchema */ public function add($key, $default, $type, $allow_null) { - $obj = new stdclass(); + $obj = new stdClass(); $obj->type = is_int($type) ? $type : HTMLPurifier_VarParser::$types[$type]; if ($allow_null) { $obj->allow_null = true; @@ -152,14 +152,14 @@ class HTMLPurifier_ConfigSchema */ public function addAlias($key, $new_key) { - $obj = new stdclass; + $obj = new stdClass; $obj->key = $new_key; $obj->isAlias = true; $this->info[$key] = $obj; } /** - * Replaces any stdclass that only has the type property with type integer. + * Replaces any stdClass that only has the type property with type integer. */ public function postProcess() { diff --git a/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema.ser b/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema.ser index 1e6ccd22755dfa27722e17f457a00ea42bdc1d6f..371e948f1c76d99bacea65b4735454656858edbf 100644 GIT binary patch delta 688 zcmX?EzPVj3UNXN{%HZMS7ktdLALZKBh|6e%6~eGHzuOwzN`m4i46H z%*n|wcPTB%$xKe%%q_l-Q640bUzDonn4VsgT3no2mYP!;l$x7gmKvN~lv%KOy~GA) zMI#faDxcK!#N+BgUJPY;+usXxUy`LmiKqtWDD!m^v4)IS2P(cH + By default, HTML Purifier removes duplicate CSS properties, + like color:red; color:blue. If this is set to + true, duplicate properties are allowed. +

    +--# vim: et sw=4 sts=4 diff --git a/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions.txt b/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions.txt index b2b83d9ab6..2e0cc81044 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions.txt +++ b/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions.txt @@ -1,5 +1,5 @@ Cache.SerializerPermissions -TYPE: int +TYPE: int/null VERSION: 4.3.0 DEFAULT: 0755 --DESCRIPTION-- @@ -8,4 +8,9 @@ DEFAULT: 0755 Directory permissions of the files and directories created inside the DefinitionCache/Serializer or other custom serializer path.

    +

    + In HTML Purifier 4.8.0, this also supports NULL, + which means that no chmod'ing or directory creation shall + occur. +

    --# vim: et sw=4 sts=4 diff --git a/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyRemoveScript.txt b/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyRemoveScript.txt new file mode 100644 index 0000000000..b2b6ab1496 --- /dev/null +++ b/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyRemoveScript.txt @@ -0,0 +1,16 @@ +Core.AggressivelyRemoveScript +TYPE: bool +VERSION: 4.9.0 +DEFAULT: true +--DESCRIPTION-- +

    + This directive enables aggressive pre-filter removal of + script tags. This is not necessary for security, + but it can help work around a bug in libxml where embedded + HTML elements inside script sections cause the parser to + choke. To revert to pre-4.9.0 behavior, set this to false. + This directive has no effect if %Core.Trusted is true, + %Core.RemoveScriptContents is false, or %Core.HiddenElements + does not contain script. +

    +--# vim: et sw=4 sts=4 diff --git a/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/Core.LegacyEntityDecoder.txt b/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/Core.LegacyEntityDecoder.txt new file mode 100644 index 0000000000..392b436493 --- /dev/null +++ b/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/Core.LegacyEntityDecoder.txt @@ -0,0 +1,36 @@ +Core.LegacyEntityDecoder +TYPE: bool +VERSION: 4.9.0 +DEFAULT: false +--DESCRIPTION-- +

    + Prior to HTML Purifier 4.9.0, entities were decoded by performing + a global search replace for all entities whose decoded versions + did not have special meanings under HTML, and replaced them with + their decoded versions. We would match all entities, even if they did + not have a trailing semicolon, but only if there weren't any trailing + alphanumeric characters. +

    + + + + + + +
    OriginalTextAttribute
    &yen;¥¥
    &yen¥¥
    &yena&yena&yena
    &yen=¥=¥=
    +

    + In HTML Purifier 4.9.0, we changed the behavior of entity parsing + to match entities that had missing trailing semicolons in less + cases, to more closely match HTML5 parsing behavior: +

    + + + + + + +
    OriginalTextAttribute
    &yen;¥¥
    &yen¥¥
    &yena¥a&yena
    &yen=¥=&yen=
    +

    + This flag reverts back to pre-HTML Purifier 4.9.0 behavior. +

    +--# vim: et sw=4 sts=4 diff --git a/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/HTML.TargetNoopener.txt b/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/HTML.TargetNoopener.txt new file mode 100644 index 0000000000..dd514c0def --- /dev/null +++ b/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/HTML.TargetNoopener.txt @@ -0,0 +1,10 @@ +--# vim: et sw=4 sts=4 +HTML.TargetNoopener +TYPE: bool +VERSION: 4.8.0 +DEFAULT: TRUE +--DESCRIPTION-- +If enabled, noopener rel attributes are added to links which have +a target attribute associated with them. This prevents malicious +destinations from overwriting the original window. +--# vim: et sw=4 sts=4 diff --git a/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/HTML.TargetNoreferrer.txt b/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/HTML.TargetNoreferrer.txt new file mode 100644 index 0000000000..cb5a0b0e5e --- /dev/null +++ b/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/HTML.TargetNoreferrer.txt @@ -0,0 +1,9 @@ +HTML.TargetNoreferrer +TYPE: bool +VERSION: 4.8.0 +DEFAULT: TRUE +--DESCRIPTION-- +If enabled, noreferrer rel attributes are added to links which have +a target attribute associated with them. This prevents malicious +destinations from overwriting the original window. +--# vim: et sw=4 sts=4 diff --git a/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt b/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt index 666635a5ff..eb97307e20 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt +++ b/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt @@ -8,6 +8,7 @@ array ( 'ftp' => true, 'nntp' => true, 'news' => true, + 'tel' => true, ) --DESCRIPTION-- Whitelist that defines the schemes that a URI is allowed to have. This diff --git a/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt b/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt index 728e378cbe..834bc08c0b 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt +++ b/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt @@ -1,5 +1,5 @@ URI.DefaultScheme -TYPE: string +TYPE: string/null DEFAULT: 'http' --DESCRIPTION-- @@ -7,4 +7,9 @@ DEFAULT: 'http' Defines through what scheme the output will be served, in order to select the proper object validator when no scheme information is present.

    + +

    + Starting with HTML Purifier 4.9.0, the default scheme can be null, in + which case we reject all URIs which do not have explicit schemes. +

    --# vim: et sw=4 sts=4 diff --git a/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt b/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt index 179f94eb03..58c81dcc44 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt +++ b/extlib/HTMLPurifier/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt @@ -9,75 +9,75 @@ DEFAULT: NULL absolute URIs into another URI, usually a URI redirection service. This directive accepts a URI, formatted with a %s where the url-encoded original URI should be inserted (sample: - https://searx.laquadrature.net/?q=%s). -

    -

    + http://www.google.com/url?q=%s). +

    +

    Uses for this directive: -

    -
      +

      +
      • - Prevent PageRank leaks, while being fairly transparent - to users (you may also want to add some client side JavaScript to - override the text in the statusbar). Notice: - Many security experts believe that this form of protection does not deter spam-bots. + Prevent PageRank leaks, while being fairly transparent + to users (you may also want to add some client side JavaScript to + override the text in the statusbar). Notice: + Many security experts believe that this form of protection does not deter spam-bots.
      • - Redirect users to a splash page telling them they are leaving your - website. While this is poor usability practice, it is often mandated - in corporate environments. + Redirect users to a splash page telling them they are leaving your + website. While this is poor usability practice, it is often mandated + in corporate environments.
        • -
      -

      +

    +

    Prior to HTML Purifier 3.1.1, this directive also enabled the munging of browsable external resources, which could break things if your redirection script was a splash page or used meta tags. To revert to previous behavior, please use %URI.MungeResources. -

    -

    +

    +

    You may want to also use %URI.MungeSecretKey along with this directive in order to enforce what URIs your redirector script allows. Open redirector scripts can be a security risk and negatively affect the reputation of your domain name. -

    -

    +

    +

    Starting with HTML Purifier 3.1.1, there is also these substitutions: -

    - +

    +
    - - - - - + + + + + - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + -
    KeyDescriptionExample <a href="">
    KeyDescriptionExample <a href="">
    %r1 - The URI embeds a resource
    (blank) - The URI is merely a link
    %nThe name of the tag this URI came froma
    %mThe name of the attribute this URI came fromhref
    %pThe name of the CSS property this URI came from, or blank if irrelevant
    %r1 - The URI embeds a resource
    (blank) - The URI is merely a link
    %nThe name of the tag this URI came froma
    %mThe name of the attribute this URI came fromhref
    %pThe name of the CSS property this URI came from, or blank if irrelevant
    -

    + +

    Admittedly, these letters are somewhat arbitrary; the only stipulation was that they couldn't be a through f. r is for resource (I would have preferred e, but you take what you can get), n is for name, m was picked because it came after n (and I couldn't use a), p is for property. -

    - --# vim: et sw=4 sts=4 +

    +--# vim: et sw=4 sts=4 diff --git a/extlib/HTMLPurifier/HTMLPurifier/DefinitionCache.php b/extlib/HTMLPurifier/HTMLPurifier/DefinitionCache.php index 67bb5b1e69..9aa8ff354f 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/DefinitionCache.php +++ b/extlib/HTMLPurifier/HTMLPurifier/DefinitionCache.php @@ -118,7 +118,7 @@ abstract class HTMLPurifier_DefinitionCache /** * Clears all expired (older version or revision) objects from cache - * @note Be carefuly implementing this method as flush. Flush must + * @note Be careful implementing this method as flush. Flush must * not interfere with other Definition types, and cleanup() * should not be repeatedly called by userland code. * @param HTMLPurifier_Config $config diff --git a/extlib/HTMLPurifier/HTMLPurifier/DefinitionCache/Serializer.php b/extlib/HTMLPurifier/HTMLPurifier/DefinitionCache/Serializer.php index ce268d91b4..952e48d470 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/DefinitionCache/Serializer.php +++ b/extlib/HTMLPurifier/HTMLPurifier/DefinitionCache/Serializer.php @@ -97,6 +97,12 @@ class HTMLPurifier_DefinitionCache_Serializer extends HTMLPurifier_DefinitionCac } $dir = $this->generateDirectoryPath($config); $dh = opendir($dir); + // Apparently, on some versions of PHP, readdir will return + // an empty string if you pass an invalid argument to readdir. + // So you need this test. See #49. + if (false === $dh) { + return false; + } while (false !== ($filename = readdir($dh))) { if (empty($filename)) { continue; @@ -106,6 +112,8 @@ class HTMLPurifier_DefinitionCache_Serializer extends HTMLPurifier_DefinitionCac } unlink($dir . '/' . $filename); } + closedir($dh); + return true; } /** @@ -119,6 +127,10 @@ class HTMLPurifier_DefinitionCache_Serializer extends HTMLPurifier_DefinitionCac } $dir = $this->generateDirectoryPath($config); $dh = opendir($dir); + // See #49 (and above). + if (false === $dh) { + return false; + } while (false !== ($filename = readdir($dh))) { if (empty($filename)) { continue; @@ -131,6 +143,8 @@ class HTMLPurifier_DefinitionCache_Serializer extends HTMLPurifier_DefinitionCac unlink($dir . '/' . $filename); } } + closedir($dh); + return true; } /** @@ -186,11 +200,9 @@ class HTMLPurifier_DefinitionCache_Serializer extends HTMLPurifier_DefinitionCac if ($result !== false) { // set permissions of the new file (no execute) $chmod = $config->get('Cache.SerializerPermissions'); - if (!$chmod) { - $chmod = 0644; // invalid config or simpletest + if ($chmod !== null) { + chmod($file, $chmod & 0666); } - $chmod = $chmod & 0666; - chmod($file, $chmod); } return $result; } @@ -204,8 +216,10 @@ class HTMLPurifier_DefinitionCache_Serializer extends HTMLPurifier_DefinitionCac { $directory = $this->generateDirectoryPath($config); $chmod = $config->get('Cache.SerializerPermissions'); - if (!$chmod) { - $chmod = 0755; // invalid config or simpletest + if ($chmod === null) { + // TODO: This races + if (is_dir($directory)) return true; + return mkdir($directory); } if (!is_dir($directory)) { $base = $this->generateBaseDirectoryPath($config); @@ -219,15 +233,16 @@ class HTMLPurifier_DefinitionCache_Serializer extends HTMLPurifier_DefinitionCac } elseif (!$this->_testPermissions($base, $chmod)) { return false; } - mkdir($directory, $chmod); - if (!$this->_testPermissions($directory, $chmod)) { + if (!mkdir($directory, $chmod)) { trigger_error( - 'Base directory ' . $base . ' does not exist, - please create or change using %Cache.SerializerPath', + 'Could not create directory ' . $directory . '', E_USER_WARNING ); return false; } + if (!$this->_testPermissions($directory, $chmod)) { + return false; + } } elseif (!$this->_testPermissions($directory, $chmod)) { return false; } @@ -256,7 +271,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends HTMLPurifier_DefinitionCac ); return false; } - if (function_exists('posix_getuid')) { + if (function_exists('posix_getuid') && $chmod !== null) { // POSIX system, we can give more specific advice if (fileowner($dir) === posix_getuid()) { // we can chmod it ourselves diff --git a/extlib/HTMLPurifier/HTMLPurifier/Encoder.php b/extlib/HTMLPurifier/HTMLPurifier/Encoder.php index fef9b58906..b94f175423 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/Encoder.php +++ b/extlib/HTMLPurifier/HTMLPurifier/Encoder.php @@ -101,6 +101,14 @@ class HTMLPurifier_Encoder * It will parse according to UTF-8 and return a valid UTF8 string, with * non-SGML codepoints excluded. * + * Specifically, it will permit: + * \x{9}\x{A}\x{D}\x{20}-\x{7E}\x{A0}-\x{D7FF}\x{E000}-\x{FFFD}\x{10000}-\x{10FFFF} + * Source: https://www.w3.org/TR/REC-xml/#NT-Char + * Arguably this function should be modernized to the HTML5 set + * of allowed characters: + * https://www.w3.org/TR/html5/syntax.html#preprocessing-the-input-stream + * which simultaneously expand and restrict the set of allowed characters. + * * @param string $str The string to clean * @param bool $force_php * @return string @@ -122,15 +130,12 @@ class HTMLPurifier_Encoder * function that needs to be able to understand UTF-8 characters. * As of right now, only smart lossless character encoding converters * would need that, and I'm probably not going to implement them. - * Once again, PHP 6 should solve all our problems. */ public static function cleanUTF8($str, $force_php = false) { // UTF-8 validity is checked since PHP 4.3.5 // This is an optimization: if the string is already valid UTF-8, no // need to do PHP stuff. 99% of the time, this will be the case. - // The regexp matches the XML char production, as well as well as excluding - // non-SGML codepoints U+007F to U+009F if (preg_match( '/^[\x{9}\x{A}\x{D}\x{20}-\x{7E}\x{A0}-\x{D7FF}\x{E000}-\x{FFFD}\x{10000}-\x{10FFFF}]*$/Du', $str @@ -255,6 +260,7 @@ class HTMLPurifier_Encoder // 7F-9F is not strictly prohibited by XML, // but it is non-SGML, and thus we don't allow it (0xA0 <= $mUcs4 && 0xD7FF >= $mUcs4) || + (0xE000 <= $mUcs4 && 0xFFFD >= $mUcs4) || (0x10000 <= $mUcs4 && 0x10FFFF >= $mUcs4) ) ) { diff --git a/extlib/HTMLPurifier/HTMLPurifier/EntityParser.php b/extlib/HTMLPurifier/HTMLPurifier/EntityParser.php index 61529dcd9d..c372b5a6a6 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/EntityParser.php +++ b/extlib/HTMLPurifier/HTMLPurifier/EntityParser.php @@ -16,6 +16,138 @@ class HTMLPurifier_EntityParser */ protected $_entity_lookup; + /** + * Callback regex string for entities in text. + * @type string + */ + protected $_textEntitiesRegex; + + /** + * Callback regex string for entities in attributes. + * @type string + */ + protected $_attrEntitiesRegex; + + /** + * Tests if the beginning of a string is a semi-optional regex + */ + protected $_semiOptionalPrefixRegex; + + public function __construct() { + // From + // http://stackoverflow.com/questions/15532252/why-is-reg-being-rendered-as-without-the-bounding-semicolon + $semi_optional = "quot|QUOT|lt|LT|gt|GT|amp|AMP|AElig|Aacute|Acirc|Agrave|Aring|Atilde|Auml|COPY|Ccedil|ETH|Eacute|Ecirc|Egrave|Euml|Iacute|Icirc|Igrave|Iuml|Ntilde|Oacute|Ocirc|Ograve|Oslash|Otilde|Ouml|REG|THORN|Uacute|Ucirc|Ugrave|Uuml|Yacute|aacute|acirc|acute|aelig|agrave|aring|atilde|auml|brvbar|ccedil|cedil|cent|copy|curren|deg|divide|eacute|ecirc|egrave|eth|euml|frac12|frac14|frac34|iacute|icirc|iexcl|igrave|iquest|iuml|laquo|macr|micro|middot|nbsp|not|ntilde|oacute|ocirc|ograve|ordf|ordm|oslash|otilde|ouml|para|plusmn|pound|raquo|reg|sect|shy|sup1|sup2|sup3|szlig|thorn|times|uacute|ucirc|ugrave|uml|uuml|yacute|yen|yuml"; + + // NB: three empty captures to put the fourth match in the right + // place + $this->_semiOptionalPrefixRegex = "/&()()()($semi_optional)/"; + + $this->_textEntitiesRegex = + '/&(?:'. + // hex + '[#]x([a-fA-F0-9]+);?|'. + // dec + '[#]0*(\d+);?|'. + // string (mandatory semicolon) + // NB: order matters: match semicolon preferentially + '([A-Za-z_:][A-Za-z0-9.\-_:]*);|'. + // string (optional semicolon) + "($semi_optional)". + ')/'; + + $this->_attrEntitiesRegex = + '/&(?:'. + // hex + '[#]x([a-fA-F0-9]+);?|'. + // dec + '[#]0*(\d+);?|'. + // string (mandatory semicolon) + // NB: order matters: match semicolon preferentially + '([A-Za-z_:][A-Za-z0-9.\-_:]*);|'. + // string (optional semicolon) + // don't match if trailing is equals or alphanumeric (URL + // like) + "($semi_optional)(?![=;A-Za-z0-9])". + ')/'; + + } + + /** + * Substitute entities with the parsed equivalents. Use this on + * textual data in an HTML document (as opposed to attributes.) + * + * @param string $string String to have entities parsed. + * @return string Parsed string. + */ + public function substituteTextEntities($string) + { + return preg_replace_callback( + $this->_textEntitiesRegex, + array($this, 'entityCallback'), + $string + ); + } + + /** + * Substitute entities with the parsed equivalents. Use this on + * attribute contents in documents. + * + * @param string $string String to have entities parsed. + * @return string Parsed string. + */ + public function substituteAttrEntities($string) + { + return preg_replace_callback( + $this->_attrEntitiesRegex, + array($this, 'entityCallback'), + $string + ); + } + + /** + * Callback function for substituteNonSpecialEntities() that does the work. + * + * @param array $matches PCRE matches array, with 0 the entire match, and + * either index 1, 2 or 3 set with a hex value, dec value, + * or string (respectively). + * @return string Replacement string. + */ + + protected function entityCallback($matches) + { + $entity = $matches[0]; + $hex_part = @$matches[1]; + $dec_part = @$matches[2]; + $named_part = empty($matches[3]) ? @$matches[4] : $matches[3]; + if ($hex_part !== NULL && $hex_part !== "") { + return HTMLPurifier_Encoder::unichr(hexdec($hex_part)); + } elseif ($dec_part !== NULL && $dec_part !== "") { + return HTMLPurifier_Encoder::unichr((int) $dec_part); + } else { + if (!$this->_entity_lookup) { + $this->_entity_lookup = HTMLPurifier_EntityLookup::instance(); + } + if (isset($this->_entity_lookup->table[$named_part])) { + return $this->_entity_lookup->table[$named_part]; + } else { + // exact match didn't match anything, so test if + // any of the semicolon optional match the prefix. + // Test that this is an EXACT match is important to + // prevent infinite loop + if (!empty($matches[3])) { + return preg_replace_callback( + $this->_semiOptionalPrefixRegex, + array($this, 'entityCallback'), + $entity + ); + } + return $entity; + } + } + } + + // LEGACY CODE BELOW + /** * Callback regex string for parsing entities. * @type string @@ -144,7 +276,7 @@ class HTMLPurifier_EntityParser $entity; } else { return isset($this->_special_ent2dec[$matches[3]]) ? - $this->_special_ent2dec[$matches[3]] : + $this->_special_dec2str[$this->_special_ent2dec[$matches[3]]] : $entity; } } diff --git a/extlib/HTMLPurifier/HTMLPurifier/Filter/ExtractStyleBlocks.php b/extlib/HTMLPurifier/HTMLPurifier/Filter/ExtractStyleBlocks.php index 08e62c16bf..66f70b0fc0 100644 --- a/extlib/HTMLPurifier/HTMLPurifier/Filter/ExtractStyleBlocks.php +++ b/extlib/HTMLPurifier/HTMLPurifier/Filter/ExtractStyleBlocks.php @@ -95,7 +95,10 @@ class HTMLPurifier_Filter_ExtractStyleBlocks extends HTMLPurifier_Filter if ($tidy !== null) { $this->_tidy = $tidy; } - $html = preg_replace_callback('#(.+)#isU', array($this, 'styleCallback'), $html); + // NB: this must be NON-greedy because if we have + // + // we must not grab foo