OStatus PuSH fixes:

* HMAC now calculated correctly - confirmed interop with Google's public hub
* Can optionally use an external PuSH hub, set URL in $config['ostatus']['hub']
  (may have issues in replication environment, and will ping the hub for every
  update rather than just those with subscribers) Internal hub will still function
  when this is set, but won't be advertised. Warning: setting this, then turning
  it off later will break subscriptions as that hub will no longer receive pings.

plugins/OStatus/classes/Feedinfo.php

@@ -160,7 +160,7 @@ class Feedinfo extends Memcached_DataObject
 
     function keyTypes()
     {
-        return array('id' => 'K'); // @fixme we'll need a profile_id key at least
+        return array('id' => 'K', 'feeduri' => 'U'); // @fixme we'll need a profile_id key at least
     }
 
     function sequenceKey()
@@ -323,7 +323,7 @@ class Feedinfo extends Memcached_DataObject
         if ($this->secret) {
             if (preg_match('/^sha1=([0-9a-fA-F]{40})$/', $hmac, $matches)) {
                 $their_hmac = strtolower($matches[1]);
-                $our_hmac = sha1($xml . $this->secret);
+                $our_hmac = hash_hmac('sha1', $xml, $this->secret);
                 if ($their_hmac !== $our_hmac) {
                     common_log(LOG_ERR, __METHOD__ . ": ignoring PuSH with bad SHA-1 HMAC: got $their_hmac, expected $our_hmac");
                     return;

plugins/OStatus/classes/HubSub.php

@@ -242,7 +242,7 @@ class HubSub extends Memcached_DataObject
     {
         $headers = array('Content-Type: application/atom+xml');
         if ($this->secret) {
-            $hmac = sha1($atom . $this->secret);
+            $hmac = hash_hmac('sha1', $atom, $this->secret);
             $headers[] = "X-Hub-Signature: sha1=$hmac";
         } else {
             $hmac = '(none)';