b38a789005
HubSub didn't save sub start and end datetimes
2016-01-13 19:23:34 +01:00
5c262a788d
Unused, unnecessary and intrusive cookie/storage removed!
2016-01-13 15:22:28 +01:00
99da1ebe41
Catch NoHttpResponseException when using HTTPClient
2016-01-13 14:17:49 +01:00
3ed632decf
NoHttpResponseException needed instead of HTTP_Request2_Exception
...
HTTP_Request2_Exception assumed an HTTP response status code/line
2016-01-13 14:08:48 +01:00
e75472f460
Use the upstream function to get effectiveUrl
2016-01-13 14:00:05 +01:00
f4feef477b
Don't follow redirects on PuSH POST.
2016-01-12 14:32:28 +01:00
c826fe0af4
$target was klantigtly copied from another debug message
2016-01-11 20:10:38 +01:00
bd6efa0e45
Update PuSH callback URL if remote side switched to HTTPS
...
See the comment in the source on why we're not following Location headers...
2016-01-11 19:55:02 +01:00
f24cdf4a80
Much more logging in PushHubAction (OStatus)
2016-01-11 19:54:05 +01:00
b13f8df79b
HTTPClient would return null instead of exception
...
This caused $response->isOK() tests to call a function on a non-existing object, causing all hell to break loose.
2016-01-11 02:36:59 +01:00
42dff2742a
Put salmon slaps in queues before pushing user Atom feed
2016-01-10 00:29:32 +01:00
c3c5a9974d
Do proper fromUri lookup on groups too
2016-01-09 14:36:47 +01:00
4e0ed61f7c
OStatus queue handler uses Notice->getAttentionProfiles()
...
and lots more debugging for LOG_DEBUG
2016-01-08 01:31:47 +01:00
3471213d1c
processFeed would abort on certain errors where findLocalObject failed
2016-01-05 15:00:07 +01:00
ab93bb009c
XSS vulnerability when remote-subscribing
...
->raw was used on non-filtered strings for some reasons, changed
to ->text.
2016-01-05 12:15:50 +01:00
f6df44ea85
Handle feed imports with exceptions better
2015-12-31 15:05:35 +01:00
b76461fc78
syntax error
2015-12-27 01:42:03 +01:00
0ac71c2b7b
Duplicate URI means we have it already, I assume
2015-12-27 01:40:00 +01:00
306df3dc3b
Logging fixes
2015-12-26 16:27:06 +01:00
0baa9debbc
Merge branch 'direct-feed-sub' into 'master'
...
If we are given a direct URL to a feed, use that
See merge request !54
2015-12-14 21:09:56 +00:00
0e91a38c9c
Merge branch 'firefox-sub-link' into 'master'
...
Link to add to Firefox as feedreader
This allows easily subscribing to any feed firefox detects in your GNU Social instance.
See merge request !55
2015-12-14 21:08:22 +00:00
edd62e58fd
Merge branch 'at-mention-url' into 'master'
...
MentionURL Plugin
This plugin enables users to use the syntax `@twitter.com/singpolyma` to mention users the system does not know about, or to be more specific when a nickname is ambiguous.
See merge request !53
2015-12-14 21:01:42 +00:00
acd4980ab4
Fix federation issue with groups (bad list order)
2015-11-08 23:31:23 +01:00
844670f88d
Ooops, copypasted something into the wrong place.
2015-11-08 23:24:20 +01:00
65184782aa
OStatus usage of static Validate::* calls fixed
2015-11-08 10:33:41 +01:00
7ccd36849e
Merge branch 'master' of git.gnu.io:gnu/gnu-social into nightly
...
Conflicts:
plugins/OStatus/OStatusPlugin.php
master vs. nightly thing
2015-11-05 16:16:02 +01:00
f345f1d605
Merge branch 'renew-pshb' into 'master'
...
Actually use the renew code
We have the code to check once a day and renew, but currently it's
just in a script directory. This change adds an event listener
hook to check and renew subscriptions daily.
Closes #83
See merge request !38
2015-11-05 15:13:16 +00:00
c950f18546
Merge branch 'master' into nightly
...
Some merge requests that were aimed at master
2015-11-05 16:07:05 +01:00
45b24286e5
Merge branch 'status-204' into 'master'
...
Accept 204 for PuSH subscription
Some hubs (notably, pushpress, used by wordpress.com) return 204 to mean success.
This used to be allowed by the spec, so no harm in accepting it.
See merge request !48
2015-11-05 15:03:42 +00:00
a74572b469
Use mb_strlen
2015-10-28 01:46:08 +00:00
fe4c8a771b
Replace text with nickname if shorter
2015-10-28 01:24:58 +00:00
0aa759fab7
Allow mentioning bare domains with OStatus
2015-10-28 01:24:42 +00:00
2edf535ecd
Add length argument to plugin
2015-10-28 01:24:29 +00:00
85d5cfede5
Link to add to Firefox as feedreader
2015-10-28 01:10:28 +00:00
e58c529c53
If we are given a direct URL to a feed, use that
2015-10-28 00:54:20 +00:00
e1de6e0aa9
Support more author types on RSS
...
Specifically, any ActivityStreams or ATOM namespaces being used on
an rss channel.
2015-10-27 18:43:57 +00:00
4c2bc465a0
Accept 204 for PuSH subscription
...
Some hubs (notably, pushpress, used by wordpress.com) return 204 to mean success.
This used to be allowed by the spec, so no harm in accepting it.
2015-10-27 03:16:39 +00:00
4b31bc3fd2
Enqueue renewals
...
Better for request times, etc
2015-10-21 01:50:03 +00:00
df21c3c95d
Renew 1 day *before* the end, not 1 day *after*
2015-10-21 01:49:26 +00:00
df46f123dd
Actually use the renew code
...
We have the code to check once a day and renew, but currently it's
just in a script directory. This change adds an event listener
hook to check and renew subscriptions daily.
2015-10-21 01:10:48 +00:00
2c8536dbf0
Link source==share notices
2015-10-14 01:30:29 +02:00
d7fd6bac72
Snapshot of the Transifex translation project - October 2015
2015-10-04 18:23:01 +02:00
af1b0915f4
Magic signature discovery and envelope changes
2015-10-04 17:26:35 +02:00
6afa091dca
Change some Salmon events and similar
...
Use Profile instead of User and (if we know it) send along the target
profile, so a Diaspora plugin can encrypt to the receiver.
2015-10-04 17:26:23 +02:00
f4ed171397
Make Magicsig capable of loading public PKCS1 keys
2015-10-04 17:22:19 +02:00
2970333adb
Set otherwise undiscovered salmonuri on OStatus script update-profile.php
2015-10-04 17:21:56 +02:00
57f26a97fb
var_export without true
2015-10-04 16:40:21 +02:00
4238875ebe
autoloading of Crypt_AES and Crypt_RSA is easier
2015-10-04 15:57:11 +02:00
684b9419a0
Add an event to get plugin discovery hints from XRD
2015-10-04 14:46:45 +02:00
2aed59a02a
Diaspora plugin is almost there (for remote salmon slaps at least)
2015-10-04 12:06:48 +02:00
9b461db4da
Send the entire XMLStringer object in MagicEnvelope events.
2015-10-04 09:59:01 +02:00
184293c634
Break out MagicEnvelope->toXML() functionality to allow for plugin flexibility
2015-10-04 00:17:07 +02:00
30a4393afa
Move around some code related to Magic_envelope and signing
2015-10-03 23:35:46 +02:00
a09cf51b99
Move Ostatus_profile->processPost function into plugin
2015-09-29 15:19:13 +02:00
c5a5eaf288
Do we update feeduri and salmonuri for Ostatus_profile now?
...
When changing from HTTP to HTTPS, following up on commit
59763ceecb
2015-07-11 19:46:01 +02:00
24b1e26406
MagicEnvelope called DOMDocument::loadXML statically
...
but apparently we shouldn't do this, despite recommended on https://secure.php.net/manual/en/domdocument.loadxml.php
2015-07-10 23:24:50 +02:00
55b2d124bc
The 'target' is an argument to common_local_url not the target profile
2015-07-10 22:49:38 +02:00
7c4e550e31
Merge branch 'master' into nightly
2015-07-10 16:02:55 +02:00
9a92b58057
ShowstreamAction tidying up
...
Lots of these changes mean that we're requiring certain values to
either by typed properly or return the expected value. If it doesn't
there should be a fatal exception thrown which we can followup in the
logs and won't go silently suppressed.
2015-07-10 13:44:47 +02:00
1ab4c9998a
Add executable permission to script missing it
2015-07-10 14:46:08 +05:30
d6924f7680
Remove executable permissions where unnecessary
2015-07-10 14:36:34 +05:30
871912a00a
Plugins didn't match lib/plugin.php onPluginVersion function definition
...
I ran:
for i in `grep -R onPluginVersion...version plugins/|cut -d: -f1`; do sed -i '{ s/\(onPluginVersion(\)\(\&\$versions\)/\1array \2/ }' $i; done
2015-06-06 22:04:01 +02:00
6478034e92
Diaspora-compatible Salmon slap receival
...
We're not all the way there yet, there is something which seems to bugger
up profile discovery from their end.
2015-06-06 17:14:38 +02:00
faf14197cd
Diaspora doesn't understand our Salmon POST, so send again
2015-06-06 16:57:29 +02:00
b63054cb1d
OStatus update-profile.php script now finds Diaspora salmon URLs
2015-06-06 16:18:22 +02:00
4de125dd84
Moved FeedSubException parent class to own file
2015-06-06 16:02:25 +02:00
268b901048
Maintainer change for Ostatus_profile
2015-06-06 15:58:08 +02:00
57943cad99
Magicsig gets toFingerprint output
...
We give this as a lowercase, sha256 hexadecimal digest of the string:
TYPE + "." + BASE64(modulus as bytes) + "." + BASE64(exponent as bytes)
Where TYPE in all our cases up until now at least are "RSA"
2015-06-06 14:35:48 +02:00
c5f79fd2f3
Magicsig gets toFingerprint function.
2015-06-06 14:33:43 +02:00
e212f2ae77
Moved Diaspora specific metadata to own plugin
2015-06-06 13:49:27 +02:00
fe6498e7c8
Send objects instead of integers to File_to_post::processNew
2015-06-04 17:36:11 +02:00
4e9e3cf0d5
Moving Ostatus_profile processShare to SharePlugin
2015-03-12 15:47:21 +01:00
2a32af084f
ImageFile $id argument is only for File objects
...
Remember to eliminate the Avatar/group logo call to ImageFile->resize!
2015-03-11 00:20:48 +01:00
1e89540c3f
Merge branch 'nightly', beginning of 1.2.x
...
Conflicts:
plugins/APC/locale/APC.pot
plugins/APC/locale/ast/LC_MESSAGES/APC.po
plugins/APC/locale/be-tarask/LC_MESSAGES/APC.po
plugins/APC/locale/br/LC_MESSAGES/APC.po
plugins/APC/locale/de/LC_MESSAGES/APC.po
plugins/APC/locale/es/LC_MESSAGES/APC.po
plugins/APC/locale/eu/LC_MESSAGES/APC.po
plugins/APC/locale/fr/LC_MESSAGES/APC.po
plugins/APC/locale/gl/LC_MESSAGES/APC.po
plugins/APC/locale/he/LC_MESSAGES/APC.po
plugins/APC/locale/ia/LC_MESSAGES/APC.po
plugins/APC/locale/id/LC_MESSAGES/APC.po
plugins/APC/locale/it/LC_MESSAGES/APC.po
plugins/APC/locale/mk/LC_MESSAGES/APC.po
plugins/APC/locale/ms/LC_MESSAGES/APC.po
plugins/APC/locale/nb/LC_MESSAGES/APC.po
plugins/APC/locale/nl/LC_MESSAGES/APC.po
plugins/APC/locale/pl/LC_MESSAGES/APC.po
plugins/APC/locale/pt/LC_MESSAGES/APC.po
plugins/APC/locale/pt_BR/LC_MESSAGES/APC.po
plugins/APC/locale/ru/LC_MESSAGES/APC.po
plugins/APC/locale/tl/LC_MESSAGES/APC.po
plugins/APC/locale/uk/LC_MESSAGES/APC.po
plugins/APC/locale/zh_CN/LC_MESSAGES/APC.po
plugins/Adsense/locale/Adsense.pot
plugins/Adsense/locale/be-tarask/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/br/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/ca/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/de/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/es/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/eu/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/fr/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/gl/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/he/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/ia/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/it/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/ja/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/ka/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/lb/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/lt/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/mk/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/ms/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/nb/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/nl/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/pl/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/pt/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/pt_BR/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/ru/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/sv/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/tl/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/tr/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/uk/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/zh_CN/LC_MESSAGES/Adsense.po
plugins/Aim/locale/Aim.pot
plugins/Aim/locale/af/LC_MESSAGES/Aim.po
plugins/Aim/locale/ca/LC_MESSAGES/Aim.po
plugins/Aim/locale/de/LC_MESSAGES/Aim.po
plugins/Aim/locale/es/LC_MESSAGES/Aim.po
plugins/Aim/locale/eu/LC_MESSAGES/Aim.po
plugins/Aim/locale/fi/LC_MESSAGES/Aim.po
plugins/Aim/locale/fr/LC_MESSAGES/Aim.po
plugins/Aim/locale/gl/LC_MESSAGES/Aim.po
plugins/Aim/locale/ia/LC_MESSAGES/Aim.po
plugins/Aim/locale/it/LC_MESSAGES/Aim.po
plugins/Aim/locale/mk/LC_MESSAGES/Aim.po
plugins/Aim/locale/ms/LC_MESSAGES/Aim.po
plugins/Aim/locale/nl/LC_MESSAGES/Aim.po
plugins/Aim/locale/pl/LC_MESSAGES/Aim.po
plugins/Aim/locale/pt/LC_MESSAGES/Aim.po
plugins/Aim/locale/sv/LC_MESSAGES/Aim.po
plugins/Aim/locale/tl/LC_MESSAGES/Aim.po
plugins/Aim/locale/uk/LC_MESSAGES/Aim.po
plugins/Blog/locale/Blog.pot
plugins/Blog/locale/ar/LC_MESSAGES/Blog.po
plugins/Blog/locale/br/LC_MESSAGES/Blog.po
plugins/Blog/locale/ca/LC_MESSAGES/Blog.po
plugins/Blog/locale/de/LC_MESSAGES/Blog.po
plugins/Blog/locale/es/LC_MESSAGES/Blog.po
plugins/Blog/locale/eu/LC_MESSAGES/Blog.po
plugins/Blog/locale/fr/LC_MESSAGES/Blog.po
plugins/Blog/locale/gl/LC_MESSAGES/Blog.po
plugins/Blog/locale/ia/LC_MESSAGES/Blog.po
plugins/Blog/locale/it/LC_MESSAGES/Blog.po
plugins/Blog/locale/lt/LC_MESSAGES/Blog.po
plugins/Blog/locale/mk/LC_MESSAGES/Blog.po
plugins/Blog/locale/nl/LC_MESSAGES/Blog.po
plugins/Blog/locale/tl/LC_MESSAGES/Blog.po
plugins/Blog/locale/tr/LC_MESSAGES/Blog.po
plugins/Irc/locale/Irc.pot
plugins/Irc/locale/ca/LC_MESSAGES/Irc.po
plugins/Irc/locale/de/LC_MESSAGES/Irc.po
plugins/Irc/locale/es/LC_MESSAGES/Irc.po
plugins/Irc/locale/eu/LC_MESSAGES/Irc.po
plugins/Irc/locale/fi/LC_MESSAGES/Irc.po
plugins/Irc/locale/fr/LC_MESSAGES/Irc.po
plugins/Irc/locale/gl/LC_MESSAGES/Irc.po
plugins/Irc/locale/ia/LC_MESSAGES/Irc.po
plugins/Irc/locale/it/LC_MESSAGES/Irc.po
plugins/Irc/locale/ja/LC_MESSAGES/Irc.po
plugins/Irc/locale/mk/LC_MESSAGES/Irc.po
plugins/Irc/locale/nl/LC_MESSAGES/Irc.po
plugins/Irc/locale/sv/LC_MESSAGES/Irc.po
plugins/Irc/locale/tl/LC_MESSAGES/Irc.po
plugins/Irc/locale/tr/LC_MESSAGES/Irc.po
plugins/Irc/locale/uk/LC_MESSAGES/Irc.po
plugins/Spotify/locale/Spotify.pot
plugins/Spotify/locale/de/LC_MESSAGES/Spotify.po
plugins/Spotify/locale/es/LC_MESSAGES/Spotify.po
plugins/Spotify/locale/fr/LC_MESSAGES/Spotify.po
plugins/Spotify/locale/gl/LC_MESSAGES/Spotify.po
plugins/Spotify/locale/he/LC_MESSAGES/Spotify.po
plugins/Spotify/locale/ia/LC_MESSAGES/Spotify.po
plugins/Spotify/locale/mk/LC_MESSAGES/Spotify.po
plugins/Spotify/locale/nl/LC_MESSAGES/Spotify.po
plugins/Spotify/locale/sv/LC_MESSAGES/Spotify.po
plugins/Spotify/locale/tl/LC_MESSAGES/Spotify.po
plugins/TinyMCE/locale/TinyMCE.pot
plugins/TinyMCE/locale/ca/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/de/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/eo/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/es/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/fr/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/gl/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/he/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/ia/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/id/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/ja/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/mk/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/ms/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/nb/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/nl/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/pt/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/pt_BR/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/ru/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/tl/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/uk/LC_MESSAGES/TinyMCE.po
plugins/XCache/locale/XCache.pot
plugins/XCache/locale/ast/LC_MESSAGES/XCache.po
plugins/XCache/locale/br/LC_MESSAGES/XCache.po
plugins/XCache/locale/de/LC_MESSAGES/XCache.po
plugins/XCache/locale/es/LC_MESSAGES/XCache.po
plugins/XCache/locale/eu/LC_MESSAGES/XCache.po
plugins/XCache/locale/fi/LC_MESSAGES/XCache.po
plugins/XCache/locale/fr/LC_MESSAGES/XCache.po
plugins/XCache/locale/gl/LC_MESSAGES/XCache.po
plugins/XCache/locale/he/LC_MESSAGES/XCache.po
plugins/XCache/locale/ia/LC_MESSAGES/XCache.po
plugins/XCache/locale/id/LC_MESSAGES/XCache.po
plugins/XCache/locale/mk/LC_MESSAGES/XCache.po
plugins/XCache/locale/ms/LC_MESSAGES/XCache.po
plugins/XCache/locale/nb/LC_MESSAGES/XCache.po
plugins/XCache/locale/nl/LC_MESSAGES/XCache.po
plugins/XCache/locale/pl/LC_MESSAGES/XCache.po
plugins/XCache/locale/pt/LC_MESSAGES/XCache.po
plugins/XCache/locale/pt_BR/LC_MESSAGES/XCache.po
plugins/XCache/locale/ru/LC_MESSAGES/XCache.po
plugins/XCache/locale/tl/LC_MESSAGES/XCache.po
plugins/XCache/locale/tr/LC_MESSAGES/XCache.po
plugins/XCache/locale/uk/LC_MESSAGES/XCache.po
plugins/YammerImport/locale/YammerImport.pot
plugins/YammerImport/locale/br/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/de/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/es/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/eu/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/fr/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/gl/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/ia/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/mk/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/ms/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/nl/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/pl/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/ru/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/tl/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/tr/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/uk/LC_MESSAGES/YammerImport.po
2015-03-09 11:01:17 +01:00
55894f02c7
TagProfileAction and OStatusPlugin now use less redundant code
2015-03-08 20:14:46 +01:00
a452a3b1a0
Snapshot of the Transifex translation project - February 2015
2015-03-08 09:34:38 +01:00
8fac7a9f6c
StatusNet class renamed GNUsocial
...
also added backward compatible StatusNet class for the two calls I know
third party plugins use, isHTTPS and getActivePlugins
2015-02-27 12:44:15 +01:00
c1e3cfe7a7
ensureFeedURL will return Ostatus_profile early if already stored
2015-02-20 14:47:12 +01:00
0590f2975e
Merge branch 'utf8mb4' into nightly
...
Conflicts because of urlhash fixes:
classes/File.php
classes/File_redirection.php
classes/File_thumbnail.php
2015-02-19 20:50:40 +01:00
45dc76de26
File and File_redirection adhoc storage methods updated for urlhash
2015-02-19 19:05:24 +01:00
0deaf6c50c
use common_purify to purify HTML, one function to rule them all
2015-02-18 00:14:28 +01:00
9aa59c7f62
forgot primary key column to updateWithKeys in SalmonAction
2015-02-17 21:31:35 +01:00
59763ceecb
SalmonAction now updates remote URI if it was stale.
...
After doublechecking two identities so that they match (like one that was
previously http:// but now is https://) we update the URI in our database
to match.
This has to be verified so it's not easy to fool our script and thus make
us replace legitimate URIs with fake ones. I believe the callback method
is safe, but I'm not sure how well it handles HTTP MITM attacks etc.
2015-02-17 17:35:45 +01:00
2f86cd8602
utf8mb4 conversion on database with index adjusts
2015-02-12 18:18:55 +01:00
39dce9e348
Merge commit 'refs/merge-requests/36' of https://gitorious.org/social/mainline into merge-requests/36
2015-02-08 23:11:47 +01:00
11053431d6
Populate 'created' property on ostatus_source
...
The 'created' column in ostatus_source SQL table has NOT NULL restriction.
INSERTs fail when running MySQL/MariaDB in strict mode if this is not
populated.
2015-02-08 13:41:29 -05:00
1bda6fb9be
General code quality improvement for easier understanding
...
Also made sure we only match local group IDs in recognizedFeed for PushhubAction
2015-02-08 11:47:15 +01:00
4b77f88a17
Merge commit 'refs/merge-requests/34' of https://gitorious.org/social/mainline into merge-requests/34
2015-02-08 11:21:36 +01:00
56c0cd621a
Remove NOT NULL restriction on FeedSub last_update
...
Fixes an issue where INSERTs fail if MySQL/MariaDB runs in "strict
mode".
2015-02-07 11:08:03 -05:00
937adf05c9
Remove NOT NULL restriction on HubSub 'lease'
...
This fixes an issue where INSERTs in HubSub fail if MySQL/MariaDB is
running in "strict mode" since the default lease time in
PushHubAction::subunsub is null.
Permanent subscriptions have been removed in PuSH v0.4, but they are
being kept here for backward-compatibility with previous GS/SN versions.
2015-02-07 10:46:13 -05:00
f141565104
Allow delete-inactive for gcfeeds
...
Garbage collecting should also allow to clean up leftover database entries.
2015-02-04 16:49:03 +01:00
7666ac34f9
Revert "Notices for faves are already sent as they are notices now."
...
This reverts commit 636d5141e9
2015-02-03 17:50:21 +01:00
636d5141e9
Notices for faves are already sent as they are notices now.
2015-02-03 16:44:13 +01:00
acec8b8cf2
Default value false for $force on Ostatus updateAvatar
2015-01-27 14:14:24 +01:00
cc996f58db
Test in Ostatus_profile if avatar is an image before writing to filesystem
...
This clears one FIXME...
We also fix HTTPClient::quickGet() (and a related call in OStatus testfeed.php).
2015-01-27 14:00:39 +01:00
cdd3c52633
Handle groups better in Ostatus_profile->updateAvatar
2015-01-27 13:38:11 +01:00
482f61ac15
OStatusSub should use inherent attributes
...
No need to make several common_current_user calls and then getProfile
directly after that, since we have stuff like $this->scoped.
2015-01-27 13:23:49 +01:00
cf46de6ca7
Ostatus_profile smarter test if avatar exists
...
If you accidentally deleted a remote user's avatar from filesystem,
it'd take until its URL was updated that you got it back. Now it
happens if the local avatar file doesn't exist.
2015-01-26 17:43:09 +01:00
697a00d8e1
Force updateAvatar if desired
2015-01-26 17:26:51 +01:00
7beec74f0c
Differentiate on group and user for WebFinger data
2015-01-26 12:18:35 +01:00
aeaee388bf
Store remote magicsig public keys locally
2015-01-24 13:06:09 +01:00
2d0155a50f
Added Magicsig onProfileDeleteRelated
2015-01-24 12:47:39 +01:00
975ce6d83e
Documentation update (clarifying need for php5-gmp in comment)
2015-01-24 12:22:29 +01:00
cce808b27c
const'ifying bits and sigalg
...
Also we should move away from 1024 bit keys as soon as we can.
2015-01-24 12:18:55 +01:00
3a0136fe1f
Replace file_get_contents with HTTPClient in testfeed
2015-01-22 11:30:36 +01:00
d492b74e42
holy crap, file_put_contents got args in wrong order
2015-01-18 02:57:08 +01:00
5d9e9aaaf5
Keep the old error message on updateAvatar
2015-01-18 02:48:39 +01:00
010824c4b5
Use HTTPClient to download avatar
...
also make updateAvatar public so we can call it from update_ostatus_profile.php
2015-01-18 02:44:55 +01:00
0499736bb4
Loose_Ostatusprofile::updateAvatar was identical to Ostatus_profile
2015-01-18 02:39:08 +01:00
ba9abb3c57
Add nohub config setting to allowed non-PuSH feeds
2015-01-16 01:10:55 +01:00
8594a2ba16
FeedPoller plugin, for hubless feeds
2015-01-15 21:13:13 +01:00
57d8eb8a53
Ensuring unknown profiles in salmon slaps work again
2015-01-13 13:43:35 +01:00
db7154c63b
Abort on failure instead of return early success
2015-01-13 13:18:57 +01:00
66044b7782
ensureActivityObjectProfile is more thorough than createAct...
2015-01-12 11:47:21 +01:00
73669ed308
ensureProfile already done and stored in $this->oprofile
2015-01-12 02:01:26 +01:00
d8f4de450c
Support for updated aliases
...
will verify unknown aliases against old ones if the new identifies as a
previously recognized URI.
Steps:
1. Check the newly received URI. Who does it say it is?
2. Compare these alleged identities to our local database.
3. If we found any locally stored identities, ask it about its aliases.
4. Do any of the aliases from our known identity match the recently introduced one?
Currently we do _not_ update the ostatus_profile table with the new URI.
2015-01-10 02:07:39 +01:00
d32fef6039
Merge commit 'refs/merge-requests/28' of https://gitorious.org/social/mainline into merge-requests/28
2015-01-08 16:48:42 +01:00
f246dd4645
OStatusPlugin: fix ensureProfile catch-22 in onCheckActivityAuthorship()
...
Use profile URL (not URI), like elsewhere.
Profile::getUri() doesn't actually do anything useful, here--
it does nothing unless a plugin (like OStatus) is already
able to resolve the Profile into a backend object (e.g.: an Ostatus_profile).
If we might not already have an Ostatus_profile for a given Profile,
then we need to use $profile->getUrl() and fetch the data from that URL.
2014-12-30 23:56:33 -05:00
d3a8896b2a
Merge commit 'refs/merge-requests/26' of https://gitorious.org/social/mainline into merge-requests/26
2014-12-09 13:45:15 +01:00
f71eeaee5a
OStatus/scripts/update-profile-data.php: print updated fullnames
...
Now that we can actually update them again.
2014-12-08 22:06:29 -05:00
812d1eead9
Stronger typing in Ostatus_profile
2014-12-08 19:52:00 +01:00
72d1c3c73e
fetch conversation URI in processPost, not processShare
2014-11-27 16:51:21 +01:00
bdb4a41696
Use remote conversation URI info to stitch convos together
...
If we know the URI sent from the remote party, and we don't know the
notice it is replying to, we might still be able to put it in the same
conversation thread!
2014-11-27 14:06:10 +01:00
8056097478
Try to lookup the profile if we don't know it yet
2014-11-24 23:50:42 +01:00
720c2c9ff2
Ostatus_profile->checkAuthorship returns Profile
...
not Ostatus_profile
2014-11-24 23:40:06 +01:00
3bf1478f97
Bad parameter count for checkAuthorship
...
At the same time we change this to call ActivityUtils::checkAuthorship
instead to let the retrieval/verification go through event handling.
rozzin (Joshua Judson Rosen) found this error. Thanks.
2014-11-24 12:49:20 +01:00
4b875e0fd0
Fix OStatus groups by making Ostatus_profile::localProfile() work for groups
...
We need to look up a feed profile for HandleFeedEntryWithProfile events,
regardless of whether they're an OStatus user, group, or something else;
this is the least hairy way of doing that--the alternative being
to keep spreading the same logic all over the calling code.
Theoretically, this change might allow OStatusGroups to be recorded
as the authors of activities if they pass through any authorless
activities; but that's why we have checkAuthorship().
2014-11-24 12:30:37 +01:00
d2e1a8c706
Ostatus_profile::checkAuthorship(): throw ServerException when bogus non-authorship is detected
...
Similarly to what ActivityUtils::checkAuthorship does; try to ensure
that activities from ambiguous OStatus feeds (groups and peopletags)
that require explicit authorship don't get in without explicit authors.
2014-11-24 12:29:41 +01:00
496acdc7d9
normalizing acct: URI just to be sure
2014-11-16 18:29:05 +01:00
faae9d069a
We're using URLMapper, not Net_URL_Mapper
2014-11-07 15:24:05 +01:00
29ac42addd
Diaspora public key published in WebFinger
2014-11-06 21:05:31 +01:00
57b5e2483d
A little bit more debugging.
2014-10-25 14:23:15 +02:00
2d0c7c2c99
ensureWebfinger was never complete in StatusNet. Worked a bit on it.
2014-07-27 23:08:02 +02:00
ae62b91940
Unifying HTML stripping functions to common_strip_html
2014-07-14 13:52:23 +02:00
fffacaa27c
FavorAction now uses Notice::saveActivity
2014-07-06 01:37:03 +02:00
eda69cabaf
Remove Ostatus_profile when releted Profile is deleted
2014-07-04 11:45:42 +02:00
4b40d6bb2a
TagprofileAction fiddled with, now doesn't require OStatus override
...
But it still doesn't quite work properly, so a lot of work is necessary for this.
2014-07-03 14:02:21 +02:00
b63f6e949c
Converted all ActivityObject::fromProfile to $profile->asActivityObject
2014-07-03 10:51:36 +02:00
c44146d6f8
Favorites are now being stored from activities
2014-07-02 18:38:19 +02:00
9f4bcbad8a
checkAuthorship events, Ostatus_profile rewrite to handle it
...
Lost dependency of OStatus plugin for lib/microappplugin.php, whoo!
also noting which plugins should be upgraded to new saveActivity support.
Favorite plugin won't work with the new system just yet, it doesn't have
the necessary functions to extract activity objects, but that's coming
in the next (few) commits.
2014-07-02 11:38:45 +02:00
acb07ef52f
Added saveActivity method to Notice class
...
saveActivity will accept an Activity which gets parsed and saved through
plugins. So when an ActivityHandlerPlugin (such as Favorite will be soon)
gets a feed to save, this will be the function called instead of saveNew.
2014-07-02 11:38:37 +02:00
d0da552722
SalmonAction and extensions simplified
2014-06-28 20:33:09 +02:00
c74dc15173
DiscoveryHints gets microformats2 parsing abilities
2014-06-24 01:27:03 +02:00
55418685c4
DiscoveryHints now properly returns hcard url
2014-06-23 20:51:37 +02:00
d350a20e1f
Less verbose debugging (also don't log private keys)
...
Magicsig private keys were logged. That's probably not a good thing.
MagicEnvelope full XML entries no longer spam the log either.
2014-06-03 12:53:04 +02:00
aaef11077d
Default of Magicsig keypair toString should be secure
...
Prevent crappy coders from leaking private keys.
2014-06-03 12:51:52 +02:00
0bc122ff58
Magicsig::generate is now static
...
This also fixes a problem with "initial salmon slap", which was a
problem for newly registered accounts which would have their first
salmon slap fail to distribute since there was a problem with Magicsig
keys. Apparently we have to re-read them with importKeys so the
Crypt_RSA objects publicKey and privateKey match later instances of them.
I think it may have been that generate() doesn't specify a signatureMode,
but I leave experimentation of that to the future.
2014-06-02 21:50:40 +02:00
537dff7987
Salmon posts can only be made for local users. More typing!
...
Since we of course don't have the remote party's private keys anyway.
I made some small fixes in Magicsig class too, removing unnecessary code.
2014-06-02 19:46:42 +02:00
2cd25039af
Quick-return is more comprehensible than long if statements
2014-06-02 19:37:06 +02:00
f7479e3f57
Prepare for WebFinger magicsig data for remote profiles
2014-06-02 19:33:09 +02:00
78805d113a
MagicEnvelope discoverKeyPair now returns string
...
getKeyPair fills in missing data so it's a complete Magicsig.
We may use insert() here in the future so the Magicsig is cached locally.
2014-06-02 18:31:48 +02:00
d44588f98b
Only use a Profile in MagicEnvelope keypair retrieval
...
So we _know_ there is a profile for the submitter we're about to verify.
2014-06-02 16:12:26 +02:00
56194b3cd9
Magicsig importKeys finetuning and getHash() use
2014-06-02 16:11:15 +02:00
dc52a8ff43
Don't ensureProfile before we verify signature
2014-06-02 16:10:26 +02:00
00b2bddc7c
Clarify it's not base64, but base64url, encoding in Magicsig
2014-06-02 14:51:15 +02:00
993ad00333
Improve debugging for Salmon slaps
2014-06-02 14:20:58 +02:00
d534ea7bd6
Try the whole Salmon action for AlreadyFulfilledException
...
If we have already fulfilled the action, we don't have to send an error back.
2014-06-02 13:57:30 +02:00
c1dc13bef0
Magicsig warning message would fail to get bits
2014-06-02 13:35:29 +02:00
3ef8322b03
There could be unresolvable FeedSub entries
2014-06-01 16:07:08 +02:00
75711ae06a
Magicsig is made a bit less cumbersome
2014-05-31 13:41:49 +02:00
411f3b86a4
Use locally cached Salmon keys for profiles
...
Please note that we're not yet actually caching them ourselves.
2014-05-31 12:51:51 +02:00
0c2134f9ad
Last objectification of MagicEnvelope. Smarter SalmonAction
2014-05-31 12:00:46 +02:00
9e6599b9fb
Salmon log message tidying up
2014-05-28 14:07:47 +02:00
03fc02c26f
Bad variable names (fixes last commit)
2014-05-27 13:02:26 +02:00
41773d3f67
MagicEnvelope object orientation (no passing arrays)
...
MagicEnvelope now uses object properties instead of passing arrays
around everywhere.
2014-05-27 12:01:12 +02:00
14251d26ad
Make MagicEnvelope self-reference
...
Also, a stricer typing for DOMDocument in fromDom parsing function.
2014-05-27 10:18:36 +02:00
54ae0ed3cc
Removed MagicEnvelopeCompat, legacy from SN <0.9.7
2014-05-26 23:54:22 +02:00
7c7426b473
Minor changes in Salmon lib for Magicsig retrieval.
2014-05-26 20:06:45 +02:00
ba10da27da
Should not normalize Salmon author URIs.
...
It's normalized in Discovery->lookup later anyway.
2014-05-26 14:20:42 +02:00
8c348c96e7
getAuthorUri is a more appropriate function name
2014-05-26 14:14:54 +02:00
fac102a50a
checkAuthor not used anywhere
2014-05-26 14:13:35 +02:00
3c322abafc
There's no guarantee we have an Ostatus_profile for Feedsub
2014-05-19 18:34:44 +02:00
0dad11bb85
Inform and make use of NoProfileException in OStatus actions
...
This is because Ostatus_profile->localProfile() throws NoProfileException
instead of returning null for profiles which don't exist in Profile table.
2014-05-19 18:07:57 +02:00
63c20e59aa
UsersalmonAction cleanup
2014-05-19 18:07:14 +02:00
228dc1f851
Ostatus_profile throws NoProfileException from localProfile()
...
Some implementations of the exception handling is included here,
the actions come in a later commit.
2014-05-19 17:59:36 +02:00
d2c749c7de
NoUriException added and implemented in FeedSub class
...
This is a specific exception for objects which require URI but lack it,
first implemented in FeedSub to allow for identification of bad entries.
2014-05-19 17:30:04 +02:00
1207f4f06f
isLocal() for User_group
2014-05-19 14:46:54 +02:00
7977361193
Too many bird wings ({), sorry Erkan :)
2014-05-07 09:52:50 +02:00
b59beb50e6
misplaced dollar sign, also URLs != attention URIs
2014-05-07 09:20:57 +02:00
c01138c16b
Forgot 'new' before the Exception class
2014-05-07 00:06:04 +02:00
074b2b621c
Garbage collection script didn't loop through anything
2014-05-06 16:18:47 +02:00
8b12e41351
User object didn't have getNickname() function
...
We're just jumping on to the Profile->getNickname() function.
2014-05-06 16:08:36 +02:00
869ca2d20b
Missed a $user->id to $profile->id translation
2014-05-06 15:43:06 +02:00
c279a33feb
More Exceptions for FeedSub doSubscribe and related functions
...
Now also garbageCollect will now throw exceptions of failures of all kinds
and only reply true/false on entirely successful runs of sub/unsub.
2014-05-06 15:40:57 +02:00
0fa00d5106
Type testing instead of just empty() in OStatusPlugin
2014-05-06 14:36:52 +02:00
1a0171ef61
MagicEnvelope class now throws exception on XRD fail
2014-05-06 13:11:29 +02:00
fc3125cf28
More modern coding, stuff related to subscriptions
...
Also trying to use the newly implemented AlreadyFulfilledException
2014-05-05 23:58:05 +02:00
805958cc23
UsersalmonAction updated to stronger typing standards
2014-05-05 19:38:01 +02:00
595d231d9a
GroupsalmonAction updated to stronger typing standards
2014-05-05 19:25:39 +02:00
cdefeda659
More debugging for Salmon activities
2014-05-05 19:10:44 +02:00
bbada781b7
Stronger typing and function access control in OStatus
2014-05-05 19:06:22 +02:00
2ea5f00666
Success debugging was too much noise
2014-05-05 18:59:44 +02:00
960baae1d1
More debugging in Magicsig class verify method
2014-05-05 17:48:21 +02:00
7440dc2145
Prevent spurious refusals of legitimate notices posted to users via Salmon.
...
Make the logic match the intent described in the comments.
The intent is clearly "accept notices whenever (A or B or C)", but
the logic implemented was more like "not ((not A) or (not B) or (not C))",
which is a basical boolean algebra fail (each of those ORs need to
become ANDs for double-negation to work).
The practical implication was that, for example, writing a reply
to someone else's notice and including an @-reference to _another_
user on another site to bring them into the discussion would
fail to deliver the notice to the new user because their server
would basically say `oh no, you can't message this user
from someone else's thread' because an earlier check for
the `A' or `C' parts of `(A or B or C)' prevents `B' from
being checked.
cf.: <http://status.hackerposse.com/notice/55846 >, which was
refused by the nhcrossing.com server because it didn't know
about <http://sn.jonkman.ca/notice/93724 >, even though it would
have passed the later `notice contains a reference to a local user'
check if not for an exception being prematurely thrown.
The whole idea of reporting `which specific check FAILED'
in an `if ANY SUCCEEDS' analysis is just bogus, so nix all of
the distinct ClientExceptions--a single `ALL FAILED' exception
is the only one that makes sense.
2014-05-05 13:35:38 +02:00
b77a09fdee
Notice URIs are not necessarily URLs.
...
Let's use getUrl() for URL retrieval. May throw exceptions, but
only if it's a Notice that cannot be linked like that anyway.
2014-04-30 20:44:23 +02:00
5fd6053220
Code cleanup and enabling User object's etc. getUri()
2014-04-28 14:08:42 +02:00
639cf48cc7
OStatus onStartNoticeSourceLink to use exceptions
2014-04-19 22:18:36 +02:00
c00491cd7a
Cosmetic changes to common_redirect, clientError, serverError
...
Since these functions exit (or throw exception) after running, there
is no need to have a 'return' statement or similar afterwards.
2014-03-10 00:25:57 +01:00
8d655bc706
Add support for 'nohub' sub_state in FeedSub
...
(requires upgrade.php run)
2014-03-09 23:03:54 +01:00
779ce40ac3
Add functions to avoid direct variable access
2014-03-09 13:31:05 +01:00
Mikael Nordfeldth
Stephen Paul Weber
digital dreamer
Bhuvan Krishna
Chimo
Joshua Judson Rosen