306df3dc3b
Logging fixes
2015-12-26 16:27:06 +01:00
7ccd36849e
Merge branch 'master' of git.gnu.io:gnu/gnu-social into nightly
...
Conflicts:
plugins/OStatus/OStatusPlugin.php
master vs. nightly thing
2015-11-05 16:16:02 +01:00
4b31bc3fd2
Enqueue renewals
...
Better for request times, etc
2015-10-21 01:50:03 +00:00
af1b0915f4
Magic signature discovery and envelope changes
2015-10-04 17:26:35 +02:00
6afa091dca
Change some Salmon events and similar
...
Use Profile instead of User and (if we know it) send along the target
profile, so a Diaspora plugin can encrypt to the receiver.
2015-10-04 17:26:23 +02:00
2970333adb
Set otherwise undiscovered salmonuri on OStatus script update-profile.php
2015-10-04 17:21:56 +02:00
57f26a97fb
var_export without true
2015-10-04 16:40:21 +02:00
684b9419a0
Add an event to get plugin discovery hints from XRD
2015-10-04 14:46:45 +02:00
2aed59a02a
Diaspora plugin is almost there (for remote salmon slaps at least)
2015-10-04 12:06:48 +02:00
9b461db4da
Send the entire XMLStringer object in MagicEnvelope events.
2015-10-04 09:59:01 +02:00
184293c634
Break out MagicEnvelope->toXML() functionality to allow for plugin flexibility
2015-10-04 00:17:07 +02:00
30a4393afa
Move around some code related to Magic_envelope and signing
2015-10-03 23:35:46 +02:00
c5a5eaf288
Do we update feeduri and salmonuri for Ostatus_profile now?
...
When changing from HTTP to HTTPS, following up on commit
59763ceecb
2015-07-11 19:46:01 +02:00
24b1e26406
MagicEnvelope called DOMDocument::loadXML statically
...
but apparently we shouldn't do this, despite recommended on https://secure.php.net/manual/en/domdocument.loadxml.php
2015-07-10 23:24:50 +02:00
6478034e92
Diaspora-compatible Salmon slap receival
...
We're not all the way there yet, there is something which seems to bugger
up profile discovery from their end.
2015-06-06 17:14:38 +02:00
faf14197cd
Diaspora doesn't understand our Salmon POST, so send again
2015-06-06 16:57:29 +02:00
4de125dd84
Moved FeedSubException parent class to own file
2015-06-06 16:02:25 +02:00
8fac7a9f6c
StatusNet class renamed GNUsocial
...
also added backward compatible StatusNet class for the two calls I know
third party plugins use, isHTTPS and getActivePlugins
2015-02-27 12:44:15 +01:00
9aa59c7f62
forgot primary key column to updateWithKeys in SalmonAction
2015-02-17 21:31:35 +01:00
59763ceecb
SalmonAction now updates remote URI if it was stale.
...
After doublechecking two identities so that they match (like one that was
previously http:// but now is https://) we update the URI in our database
to match.
This has to be verified so it's not easy to fool our script and thus make
us replace legitimate URIs with fake ones. I believe the callback method
is safe, but I'm not sure how well it handles HTTP MITM attacks etc.
2015-02-17 17:35:45 +01:00
aeaee388bf
Store remote magicsig public keys locally
2015-01-24 13:06:09 +01:00
975ce6d83e
Documentation update (clarifying need for php5-gmp in comment)
2015-01-24 12:22:29 +01:00
57d8eb8a53
Ensuring unknown profiles in salmon slaps work again
2015-01-13 13:43:35 +01:00
66044b7782
ensureActivityObjectProfile is more thorough than createAct...
2015-01-12 11:47:21 +01:00
73669ed308
ensureProfile already done and stored in $this->oprofile
2015-01-12 02:01:26 +01:00
d8f4de450c
Support for updated aliases
...
will verify unknown aliases against old ones if the new identifies as a
previously recognized URI.
Steps:
1. Check the newly received URI. Who does it say it is?
2. Compare these alleged identities to our local database.
3. If we found any locally stored identities, ask it about its aliases.
4. Do any of the aliases from our known identity match the recently introduced one?
Currently we do _not_ update the ostatus_profile table with the new URI.
2015-01-10 02:07:39 +01:00
c44146d6f8
Favorites are now being stored from activities
2014-07-02 18:38:19 +02:00
d0da552722
SalmonAction and extensions simplified
2014-06-28 20:33:09 +02:00
c74dc15173
DiscoveryHints gets microformats2 parsing abilities
2014-06-24 01:27:03 +02:00
55418685c4
DiscoveryHints now properly returns hcard url
2014-06-23 20:51:37 +02:00
d350a20e1f
Less verbose debugging (also don't log private keys)
...
Magicsig private keys were logged. That's probably not a good thing.
MagicEnvelope full XML entries no longer spam the log either.
2014-06-03 12:53:04 +02:00
0bc122ff58
Magicsig::generate is now static
...
This also fixes a problem with "initial salmon slap", which was a
problem for newly registered accounts which would have their first
salmon slap fail to distribute since there was a problem with Magicsig
keys. Apparently we have to re-read them with importKeys so the
Crypt_RSA objects publicKey and privateKey match later instances of them.
I think it may have been that generate() doesn't specify a signatureMode,
but I leave experimentation of that to the future.
2014-06-02 21:50:40 +02:00
537dff7987
Salmon posts can only be made for local users. More typing!
...
Since we of course don't have the remote party's private keys anyway.
I made some small fixes in Magicsig class too, removing unnecessary code.
2014-06-02 19:46:42 +02:00
78805d113a
MagicEnvelope discoverKeyPair now returns string
...
getKeyPair fills in missing data so it's a complete Magicsig.
We may use insert() here in the future so the Magicsig is cached locally.
2014-06-02 18:31:48 +02:00
d44588f98b
Only use a Profile in MagicEnvelope keypair retrieval
...
So we _know_ there is a profile for the submitter we're about to verify.
2014-06-02 16:12:26 +02:00
dc52a8ff43
Don't ensureProfile before we verify signature
2014-06-02 16:10:26 +02:00
993ad00333
Improve debugging for Salmon slaps
2014-06-02 14:20:58 +02:00
d534ea7bd6
Try the whole Salmon action for AlreadyFulfilledException
...
If we have already fulfilled the action, we don't have to send an error back.
2014-06-02 13:57:30 +02:00
75711ae06a
Magicsig is made a bit less cumbersome
2014-05-31 13:41:49 +02:00
411f3b86a4
Use locally cached Salmon keys for profiles
...
Please note that we're not yet actually caching them ourselves.
2014-05-31 12:51:51 +02:00
0c2134f9ad
Last objectification of MagicEnvelope. Smarter SalmonAction
2014-05-31 12:00:46 +02:00
9e6599b9fb
Salmon log message tidying up
2014-05-28 14:07:47 +02:00
03fc02c26f
Bad variable names (fixes last commit)
2014-05-27 13:02:26 +02:00
41773d3f67
MagicEnvelope object orientation (no passing arrays)
...
MagicEnvelope now uses object properties instead of passing arrays
around everywhere.
2014-05-27 12:01:12 +02:00
14251d26ad
Make MagicEnvelope self-reference
...
Also, a stricer typing for DOMDocument in fromDom parsing function.
2014-05-27 10:18:36 +02:00
54ae0ed3cc
Removed MagicEnvelopeCompat, legacy from SN <0.9.7
2014-05-26 23:54:22 +02:00
7c7426b473
Minor changes in Salmon lib for Magicsig retrieval.
2014-05-26 20:06:45 +02:00
ba10da27da
Should not normalize Salmon author URIs.
...
It's normalized in Discovery->lookup later anyway.
2014-05-26 14:20:42 +02:00
8c348c96e7
getAuthorUri is a more appropriate function name
2014-05-26 14:14:54 +02:00
fac102a50a
checkAuthor not used anywhere
2014-05-26 14:13:35 +02:00
Mikael Nordfeldth
Stephen Paul Weber