Commit Graph

131 Commits

Author SHA1 Message Date
Evan Prodromou
6d2ba2b7bb lost cookie-jar file 2011-06-22 17:21:15 -04:00
Evan Prodromou
a5fd9b705a upgrade DB_DataObject to 1.9.5 2011-03-26 14:45:15 -04:00
Evan Prodromou
75baffc970 Upgrade PEAR to 1.9.2 2011-03-26 14:37:42 -04:00
Evan Prodromou
d1d5d234f8 upgrade Console_GetOpt to 1.9.2 2011-03-26 14:22:24 -04:00
Zach Copley
b7d0746694 Merge branch '0.9.x' into 1.0.x
Conflicts:
	actions/confirmaddress.php
	actions/emailsettings.php
	actions/hostmeta.php
	actions/imsettings.php
	actions/login.php
	actions/profilesettings.php
	actions/showgroup.php
	actions/smssettings.php
	actions/urlsettings.php
	actions/userauthorization.php
	actions/userdesignsettings.php
	classes/Memcached_DataObject.php
	index.php
	lib/accountsettingsaction.php
	lib/action.php
	lib/common.php
	lib/connectsettingsaction.php
	lib/designsettings.php
	lib/personalgroupnav.php
	lib/profileaction.php
	lib/userprofile.php
	plugins/ClientSideShorten/ClientSideShortenPlugin.php
	plugins/Facebook/FBConnectSettings.php
	plugins/Facebook/FacebookPlugin.php
	plugins/NewMenu/NewMenuPlugin.php
	plugins/NewMenu/newmenu.css
2011-02-28 15:39:43 -08:00
Evan Prodromou
bfa053ef17 Remove executable bits from Auth_SASL files 2011-02-09 11:04:52 -05:00
Evan Prodromou
9c4294fb50 include Auth_SASL from PEAR in extlib 2011-02-09 11:03:44 -05:00
Brion Vibber
baae319aef extlibs updates: PEAR::Mail to 1.2.0, PEAR::Net_SMTP to 1.4.2 (need to go together as a pair)
PEAR::Mail updated to 1.2.0 from 1.1.4, fixes deprecation warnings on PHP 5.3, as well as:
1.2.0:
• QA release - stable.
• Updated minimum dependencies (Net_SMTP, PEAR, PHP)
• Doc Bug #15620 Licence change to BSD
• Bug #13659 Mail parse error in special condition
• Bug #16200 - Security hole allow to read/write Arbitrary File
_hasUnclosedQuotes() doesn't properly handle a double slash before an end quote (slusarz@curecanti.org, Bug #9137).
• Make sure Net_SMTP is defined when calling getSMTPObject() directly (slusarz@curecanti.org, Bug #13772).
• Add addServiceExtensionParameter() to the SMTP driver (slusarz@curecanti.org, Bug #13764).
• Add a method to obtain the Net_SMTP object from the SMTP driver (slusarz@curecanti.org, Bug #13766).

PEAR::Net_SMTP updated to 1.4.2 from 1.3.1, needed to support updated PEAR::Mail:
1.4.2:
• Fixing header string quoting in data(). (Bug #17199)
1.4.1:
• The auth() method now includes an optional $tls parameter that determines whether or not TLS should be attempted (if supported by the PHP runtime and the remote SMTP server). This parameter defaults to true. (Bug #16349)
• Header data can be specified separately from message body data by passing it as the optional second parameter to ``data()``. This is especially useful when an open file resource is being used to supply message data because it allows header fields (like *Subject:*) to be built dynamically at runtime. (Request #17012)
1.4.0:
• The data() method now accepts either a string or a file resource containing the message data. (Request #16962)
1.3.4:
• All Net_Socket write failures are now recognized. (Bug #16831)
1.3.3:
• Added getGreeting(), for retrieving the server's greeting string. (Request #16066) [needed for PEAR::Mail]
• We no longer attempt a TLS connection if we're already using a secure socket. (Bug #16254)
• You can now specify a debug output handler via setDebug(). (Request #16420)
1.3.2:
• TLS connection only gets started if no AUTH methods are sent. (Bug #14944)
2010-12-10 10:47:22 -08:00
Brion Vibber
9df856e667 Merge branch '0.9.x' into merge
Conflicts:
	README
	actions/hostmeta.php
	classes/File_redirection.php
	lib/common.php
	lib/designsettings.php
	lib/router.php
	lib/util.php
	lib/xmppmanager.php
	plugins/OStatus/OStatusPlugin.php
2010-12-07 10:50:05 -08:00
Evan Prodromou
6a0fd59df2 Net URL Mapper Path plex file 2010-11-27 16:52:32 -05:00
Evan Prodromou
0a753206cb Net_URL_Mapper 0.9.1 2010-11-27 16:48:52 -05:00
Brion Vibber
ed2bc323a1 Drop PEAR HTTP_Request library -- no longer used since Services_oEmbed was dropped.
(HTTP_Request2 is separate and is widely used. Net_URL is also used separately by Net_URL_Mapper.)
2010-11-19 12:15:28 -08:00
Brion Vibber
e317ec11ad Drop PEAR Services_oEmbed -- ended up replaced by our oEmbedHelper wrapper. The extra validation available there is problematic, and their code for building HTML for us wasn't being used anyway. 2010-11-15 12:35:15 -08:00
Craig Andrews
0721d8d3e2 Merge remote branch 'statusnet/0.9.x' into 1.0.x 2010-10-14 15:27:17 -04:00
Zach Copley
a54991797d Upgrade OAuth.php to the latest version. 2010-10-06 13:39:58 -07:00
Evan Prodromou
9f0715a993 Merge branch '0.9.x' into 1.0.x 2010-08-03 16:05:03 -07:00
Brion Vibber
f0620a74c8 Provisional OAuth, OpenID token check timing attack patches 2010-07-19 16:47:49 -07:00
Brion Vibber
c5e89527d9 Updated OMB_Yadis_XRDS for compatibility with php-openid 2.2.2: Auth_Yadis_XRDS::parseXRDS() is now declared static, and PHP 5.3 demands it say so on the subclass too.
Compat fix branch for upstream: 6589dc073f
2010-06-29 15:03:50 -04:00
Brion Vibber
15b1d130d2 Update to last upstream version of libomb: coding style updates, static call fix, improved handling of invalid XRD URIs. 2010-06-29 14:39:57 -04:00
Brion Vibber
2d920e05d5 Update the (formerly) Janrain OpenID library to 2.2.2 -- bug fixes including PHP 5.3 compatibility fix.
Upstream release was tagged at: a287b2d85e
2010-06-29 10:24:48 -04:00
Brion Vibber
ddc7811a7b Move XMPPHP from core extlibs to Xmpp plugin extlibs 2010-05-05 16:52:31 -07:00
Brion Vibber
081ee9b29c extlibs updates: PEAR::Mail to 1.2.0, PEAR::Net_SMTP to 1.4.2 (need to go together as a pair)
PEAR::Mail updated to 1.2.0 from 1.1.4, fixes deprecation warnings on PHP 5.3, as well as:
1.2.0:
• QA release - stable.
• Updated minimum dependencies (Net_SMTP, PEAR, PHP)
• Doc Bug #15620 Licence change to BSD
• Bug #13659 Mail parse error in special condition
• Bug #16200 - Security hole allow to read/write Arbitrary File
_hasUnclosedQuotes() doesn't properly handle a double slash before an end quote (slusarz@curecanti.org, Bug #9137).
• Make sure Net_SMTP is defined when calling getSMTPObject() directly (slusarz@curecanti.org, Bug #13772).
• Add addServiceExtensionParameter() to the SMTP driver (slusarz@curecanti.org, Bug #13764).
• Add a method to obtain the Net_SMTP object from the SMTP driver (slusarz@curecanti.org, Bug #13766).

PEAR::Net_SMTP updated to 1.4.2 from 1.3.1, needed to support updated PEAR::Mail:
1.4.2:
• Fixing header string quoting in data(). (Bug #17199)
1.4.1:
• The auth() method now includes an optional $tls parameter that determines whether or not TLS should be attempted (if supported by the PHP runtime and the remote SMTP server). This parameter defaults to true. (Bug #16349)
• Header data can be specified separately from message body data by passing it as the optional second parameter to ``data()``. This is especially useful when an open file resource is being used to supply message data because it allows header fields (like *Subject:*) to be built dynamically at runtime. (Request #17012)
1.4.0:
• The data() method now accepts either a string or a file resource containing the message data. (Request #16962)
1.3.4:
• All Net_Socket write failures are now recognized. (Bug #16831)
1.3.3:
• Added getGreeting(), for retrieving the server's greeting string. (Request #16066) [needed for PEAR::Mail]
• We no longer attempt a TLS connection if we're already using a secure socket. (Bug #16254)
• You can now specify a debug output handler via setDebug(). (Request #16420)
1.3.2:
• TLS connection only gets started if no AUTH methods are sent. (Bug #14944)
2010-05-03 16:49:59 -07:00
Brion Vibber
f514f7b722 Merge branch 'testing' into 0.9.x 2010-05-03 12:25:29 -07:00
Brion Vibber
df4462611c Revert "Update PEAR::Mail to 1.2.0 release; fixes deprecation warnings running under PHP 5.3."
This reverts commit 9fd02a4f11.

Looks like there's some changes I missed in there and getting this in'll involve updating some other packages. Will poke it after 0.9.2.
2010-05-01 09:51:25 -07:00
Brion Vibber
f85fc944b7 Merge branch 'testing' into 0.9.x 2010-04-30 14:07:24 -07:00
Brion Vibber
9fd02a4f11 Update PEAR::Mail to 1.2.0 release; fixes deprecation warnings running under PHP 5.3. 2010-04-30 13:47:46 -07:00
Brion Vibber
a39efbd8d8 Update XMPPHP to last upstream release (r77), includes an XML quoting fix. 2010-04-30 13:37:40 -07:00
Brion Vibber
df9eb4164a Merge branch 'testing' of git@gitorious.org:statusnet/mainline into 0.9.x 2010-03-31 12:48:24 -07:00
Brion Vibber
0841fa712e Ticket #1281: JID validation now more or less follows spec instead of calling e-mail validator
Basic splitting/validation code submitted via http://status.net/wiki/XMPP/JID_validation -- Copyright 2009 Patrick Georgi <patrick@georgi-clan.de> Licensed under ISC-L, which is compatible with everything else that keeps the copyright notice intact.

Added PEAR Net_IDNA package to extlib to handle IDN normalization (also used by Validate's email verifier if present).

* added test suite, supplemented my own test cases with JID validation and normalization test cases from libpurple
* follows XMPP rules for validation of name part
* fixes for normalization with non-ASCII names
* will do domain checks if $config['email']['check_domain'] is on, checking for an XMPP-server SRV record or any lookup. (We don't actually need to ping those direct though.)
* some more obscure stringprep validation rules aren't quite followed yet, but we err on the side of permissiveness.
* we still don't actually let you save your address with a resource on it, as we strip resources when looking up users who've sent us presence or message updates. I would recommend saving the outgoing resource as a separate field if/when we add that..?
2010-03-30 17:35:27 -07:00
Craig Andrews
1f73156dae Move the bundled Net/LDAP2 library to the LdapCommon directory 2010-03-23 21:57:47 -04:00
Brion Vibber
e18e659ca3 Drop HTMLPurifier; we don't need its extra capabilities and we're already using htmLawed which is lighter-weight. 2010-02-24 23:39:40 +00:00
Evan Prodromou
81ea0f8117 Add HTMLPurifier to extlib
HTMLPurifier defangs arbitrary submitted HTML. We're using it in the
OStatus plugin, but it may be valuable for other parts of the codebase
(I think OEmbed might benefit, for example).
2010-02-20 11:35:01 -05:00
Brion Vibber
8869ccc94e Temporary debug hack tracking down 'revoked accesstoken' issue with OMB posts 2010-02-15 15:19:16 -08:00
Evan Prodromou
7679f058ef Revert "DEBUG HACK: error checking for xml_parse in XMPPHP input stream"
This reverts commit 906450e2f5.

1) It was a quick debug hack 2) it doesn't meet the requirements
for changing extlib/ libraries
2010-01-20 15:56:24 -05:00
Brion Vibber
906450e2f5 DEBUG HACK: error checking for xml_parse in XMPPHP input stream 2010-01-20 08:37:58 -08:00
Evan Prodromou
8679bc6c7b add LGPL 2010-01-02 22:46:50 -10:00
Evan Prodromou
dfba47bdf4 include DB_DataObject 1.9.0 2009-12-08 15:32:50 -05:00
Brion Vibber
8ab40e7051 Cleanup for bug 1813: workaround sometimes-missing dl() in PHP 5.3 by defining our own bogus function rather than attempting to patch upstream libs. This keeps our fix across upstream versions (or when loading upstream library from outside extlib)
Note that fixes to OpenID libraries in commit fe9473ac78 were lost in just such an update.
2009-11-16 15:45:15 -08:00
Craig Andrews
5b51eeeebb Bump to version 1.0.0 2009-11-16 11:14:00 -05:00
Zach Copley
40bf174c01 Revert a OS X-specific change to PEAR MIME_Type that I accidentally commited. 2009-11-05 05:59:46 +00:00
Zach Copley
527427d3e0 Implement update avatar via API (/api/account/update_profile_image.format) 2009-11-04 21:00:26 -08:00
Craig Andrews
c403f7fa44 Added Net_LDAP2 to extlib, and add a skeleton LDAP plugin 2009-11-04 13:39:56 -05:00
Brion Vibber
5581143bee Rebuilt HTTPClient class as an extension of PEAR HTTP_Request2 package, adding redirect handling and convenience functions.
Caching support will be added in future work after unit tests have been added.

* extlib: add PEAR HTTP_Request2 0.4.1 alpha
* extlib: update PEAR Net_URL2 to 0.3.0 beta for HTTP_Request2 compatibility
* moved direct usage of CURL and file_get_contents to HTTPClient class, excluding external-sourced libraries
* adapted GeonamesPlugin for new HTTPResponse interface

Note some plugins haven't been fully tested yet.
2009-11-02 09:14:15 -08:00
Brion Vibber
b22fc5b74a Revert "Rebuilt HTTPClient class as an extension of PEAR HTTP_Request2 package, adding redirect handling and convenience functions."
Going to restructure a little more before finalizing this...

This reverts commit fa37967858.
2009-11-02 07:51:29 -08:00
Brion Vibber
fa37967858 Rebuilt HTTPClient class as an extension of PEAR HTTP_Request2 package, adding redirect handling and convenience functions.
Caching support will be added in future work after unit tests have been added.

* extlib: add PEAR HTTP_Request2 0.4.1 alpha
* extlib: update PEAR Net_URL2 to 0.3.0 beta for HTTP_Request2 compatibility
* moved direct usage of CURL and file_get_contents to HTTPClient class, excluding external-sourced libraries

Note some plugins haven't been tested yet.
2009-11-02 06:31:28 -08:00
Evan Prodromou
44ce8e2fcd Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x 2009-10-31 14:47:21 -04:00
Evan Prodromou
4e9ec0d0e1 merge from testing 2009-10-31 14:36:04 -04:00
Evan Prodromou
ae7d524fd8 add a README warning devs from fracking around in extlib/ 2009-10-31 13:35:20 -04:00
Craig Andrews
02131db1c9 Bump to Auth_OpenID 2.1.3 2009-10-30 01:30:42 -04:00
Zach Copley
d07c9d8750 Gather all the Facebook stuff together in one place 2009-10-21 01:07:03 +00:00