From 13d59e0c76b887a2bfd2e5cfcc2e0fedf728bc07 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Tue, 23 Mar 2010 17:24:01 -0700 Subject: [PATCH 1/9] fixup_deletions.php script to look for notices posted by now-deleted profiles and remove them. --- classes/Notice.php | 4 +- scripts/fixup_deletions.php | 166 ++++++++++++++++++++++++++++++++++++ 2 files changed, 169 insertions(+), 1 deletion(-) create mode 100755 scripts/fixup_deletions.php diff --git a/classes/Notice.php b/classes/Notice.php index f7194e3394..be3e9ca2a6 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -421,7 +421,9 @@ class Notice extends Memcached_DataObject } $profile = Profile::staticGet($this->profile_id); - $profile->blowNoticeCount(); + if (!empty($profile)) { + $profile->blowNoticeCount(); + } } /** diff --git a/scripts/fixup_deletions.php b/scripts/fixup_deletions.php new file mode 100755 index 0000000000..07ada7f9d9 --- /dev/null +++ b/scripts/fixup_deletions.php @@ -0,0 +1,166 @@ +#!/usr/bin/env php +. + */ + +define('INSTALLDIR', realpath(dirname(__FILE__) . '/..')); + +$longoptions = array('dry-run', 'start=', 'end='); + +$helptext = <<query($query); + + if ($profile->fetch()) { + return intval($profile->id); + } else { + die("Something went awry; could not look up max used profile_id."); + } +} + +/** + * Check for profiles in the given id range that are missing, presumed deleted. + * + * @param int $start beginning profile.id, inclusive + * @param int $end final profile.id, inclusive + * @return array of integer profile.ids + * @access private + */ +function get_missing_profiles($start, $end) +{ + $query = sprintf("SELECT id FROM profile WHERE id BETWEEN %d AND %d", + $start, $end); + + $profile = new Profile(); + $profile->query($query); + + $all = range($start, $end); + $known = array(); + while ($row = $profile->fetch()) { + $known[] = intval($profile->id); + } + unset($profile); + + $missing = array_diff($all, $known); + return $missing; +} + +/** + * Look for stray notices from this profile and, if present, kill them. + * + * @param int $profile_id + * @param bool $dry if true, we won't delete anything + */ +function cleanup_missing_profile($profile_id, $dry) +{ + $notice = new Notice(); + $notice->profile_id = $profile_id; + $notice->find(); + if ($notice->N == 0) { + return; + } + + $s = ($notice->N == 1) ? '' : 's'; + print "Deleted profile $profile_id has $notice->N stray notice$s:\n"; + + while ($notice->fetch()) { + print " notice $notice->id"; + if ($dry) { + print " (skipped; dry run)\n"; + } else { + $victim = clone($notice); + try { + $victim->delete(); + print " (deleted)\n"; + } catch (Exception $e) { + print " FAILED: "; + print $e->getMessage(); + print "\n"; + } + } + } +} + +$dry = have_option('dry-run'); + +$max_profile_id = get_max_profile_id(); +$chunk = 1000; + +if (have_option('start')) { + $begin = intval(get_option_value('start')); +} else { + $begin = 1; +} +if (have_option('end')) { + $final = min($max_profile_id, intval(get_option_value('end'))); +} else { + $final = $max_profile_id; +} + +if ($begin < 1) { + die("Silly human, you can't begin before profile number 1!\n"); +} +if ($final < $begin) { + die("Silly human, you can't end at $final if it's before $begin!\n"); +} + +// Identify missing profiles... +for ($start = $begin; $start <= $final; $start += $chunk) { + $end = min($start + $chunk - 1, $final); + + print "Checking for missing profiles between id $start and $end"; + if ($dry) { + print " (dry run)"; + } + print "...\n"; + $missing = get_missing_profiles($start, $end); + + foreach ($missing as $profile_id) { + cleanup_missing_profile($profile_id, $dry); + } +} + +echo "done.\n"; + From 9380eed794e1bd419a4af4dcbbcd176f164112fc Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Tue, 23 Mar 2010 18:44:54 -0700 Subject: [PATCH 2/9] add a general PuSHed post and an @-reply back to a subscribee by name to OStatus remote test cases --- plugins/OStatus/tests/remote-tests.php | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/plugins/OStatus/tests/remote-tests.php b/plugins/OStatus/tests/remote-tests.php index b064114911..a27ecb854f 100644 --- a/plugins/OStatus/tests/remote-tests.php +++ b/plugins/OStatus/tests/remote-tests.php @@ -78,6 +78,8 @@ class OStatusTester extends TestBase $this->testLocalPost(); $this->testMentionUrl(); $this->testSubscribe(); + $this->testPush(); + $this->testMentionSubscribee(); $this->testUnsubscribe(); $this->log("DONE!"); @@ -126,6 +128,26 @@ class OStatusTester extends TestBase $this->assertTrue($this->pub->hasSubscriber($this->sub->getProfileUri())); } + function testPush() + { + $this->assertTrue($this->sub->hasSubscription($this->pub->getProfileUri())); + $this->assertTrue($this->pub->hasSubscriber($this->sub->getProfileUri())); + + $name = $this->sub->username; + $post = $this->pub->post("Regular post, which $name should get via PuSH"); + $this->sub->assertReceived($post); + } + + function testMentionSubscribee() + { + $this->assertTrue($this->sub->hasSubscription($this->pub->getProfileUri())); + $this->assertFalse($this->pub->hasSubscription($this->sub->getProfileUri())); + + $name = $this->pub->username; + $post = $this->sub->post("Just a quick note back to my remote subscribee @$name"); + $this->pub->assertReceived($post); + } + function testUnsubscribe() { $this->assertTrue($this->sub->hasSubscription($this->pub->getProfileUri())); From fcf86b4fdf200b1f2955f4f93c5b85054c7254b7 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Tue, 23 Mar 2010 18:56:40 -0700 Subject: [PATCH 3/9] Improve legibility of OStatus remote tests output --- plugins/OStatus/tests/remote-tests.php | 29 ++++++++++++++------------ 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/plugins/OStatus/tests/remote-tests.php b/plugins/OStatus/tests/remote-tests.php index a27ecb854f..24b4b1660a 100644 --- a/plugins/OStatus/tests/remote-tests.php +++ b/plugins/OStatus/tests/remote-tests.php @@ -75,13 +75,16 @@ class OStatusTester extends TestBase { $this->setup(); - $this->testLocalPost(); - $this->testMentionUrl(); - $this->testSubscribe(); - $this->testPush(); - $this->testMentionSubscribee(); - $this->testUnsubscribe(); + $methods = get_class_methods($this); + foreach ($methods as $method) { + if (strtolower(substr($method, 0, 4)) == 'test') { + print "\n"; + print "== $method ==\n"; + call_user_func(array($this, $method)); + } + } + print "\n"; $this->log("DONE!"); } @@ -372,6 +375,7 @@ class SNTestClient extends TestBase $this->assertEqual($this->fullname, $data['name']); $this->assertEqual($this->homepage, $data['url']); $this->assertEqual($this->bio, $data['description']); + $this->log(" looks good!"); } /** @@ -408,11 +412,11 @@ class SNTestClient extends TestBase } $tries--; if ($tries) { - $this->log("Didn't see it yet, waiting $timeout seconds"); + $this->log(" didn't see it yet, waiting $timeout seconds"); sleep($timeout); } } - throw new Exception("Message $notice_uri not received by $this->username"); + throw new Exception(" message $notice_uri not received by $this->username"); } /** @@ -442,10 +446,9 @@ class SNTestClient extends TestBase } foreach ($entries as $entry) { if ($entry->id == $notice_uri) { - $this->log("found it $notice_uri"); + $this->log(" found it $notice_uri"); return true; } - //$this->log("nope... " . $entry->id); } return false; } @@ -515,15 +518,15 @@ class SNTestClient extends TestBase foreach ($follows as $follow) { $target = $follow->getAttributeNS($ns_rdf, 'resource'); if ($target == ($subscribed . '#acct')) { - $this->log("Confirmed $subscriber subscribed to $subscribed"); + $this->log(" confirmed $subscriber subscribed to $subscribed"); return true; } } - $this->log("We found $subscriber but they don't follow $subscribed"); + $this->log(" we found $subscriber but they don't follow $subscribed"); return false; } } - $this->log("Can't find $subscriber in {$this->username}'s social graph."); + $this->log(" can't find $subscriber in {$this->username}'s social graph."); return false; } From 7b1b6045e61973b8835e7253d6b532a752535297 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Wed, 24 Mar 2010 00:00:55 -0700 Subject: [PATCH 4/9] Look for the first object in the Activity --- plugins/OStatus/actions/usersalmon.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/plugins/OStatus/actions/usersalmon.php b/plugins/OStatus/actions/usersalmon.php index ecdcfa1939..6c360c49f9 100644 --- a/plugins/OStatus/actions/usersalmon.php +++ b/plugins/OStatus/actions/usersalmon.php @@ -92,7 +92,7 @@ class UsersalmonAction extends SalmonAction throw new ClientException("Not to anyone in reply to anything!"); } - $existing = Notice::staticGet('uri', $this->act->object->id); + $existing = Notice::staticGet('uri', $this->act->objects[0]->id); if (!empty($existing)) { common_log(LOG_ERR, "Not saving notice '{$existing->uri}'; already exists."); @@ -143,7 +143,7 @@ class UsersalmonAction extends SalmonAction function handleFavorite() { - $notice = $this->getNotice($this->act->object); + $notice = $this->getNotice($this->act->objects[0]); $profile = $this->ensureProfile()->localProfile(); $old = Fave::pkeyGet(array('user_id' => $profile->id, @@ -164,7 +164,7 @@ class UsersalmonAction extends SalmonAction */ function handleUnfavorite() { - $notice = $this->getNotice($this->act->object); + $notice = $this->getNotice($this->act->objects[0]); $profile = $this->ensureProfile()->localProfile(); $fave = Fave::pkeyGet(array('user_id' => $profile->id, From 10410907a0a6f1af9fb18cb3341db792baa49cf3 Mon Sep 17 00:00:00 2001 From: James Walker Date: Wed, 24 Mar 2010 14:27:35 -0400 Subject: [PATCH 5/9] A bit safer checking in the keypair parsing --- plugins/OStatus/lib/magicenvelope.php | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/plugins/OStatus/lib/magicenvelope.php b/plugins/OStatus/lib/magicenvelope.php index 9266cab5cf..799b5e3079 100644 --- a/plugins/OStatus/lib/magicenvelope.php +++ b/plugins/OStatus/lib/magicenvelope.php @@ -59,12 +59,21 @@ class MagicEnvelope } if ($xrd->links) { if ($link = Discovery::getService($xrd->links, Magicsig::PUBLICKEYREL)) { - list($type, $keypair) = explode(',', $link['href']); - if (empty($keypair)) { + $keypair = false; + $parts = explode(',', $link['href']); + if (count($parts) == 2) { + $keypair = $parts[1]; + } else { // Backwards compatibility check for separator bug in 0.9.0 - list($type, $keypair) = explode(';', $link['href']); + $parts = explode(';', $link['href']); + if (count($parts) == 2) { + $keypair = $parts[1]; + } + } + + if ($keypair) { + return $keypair; } - return $keypair; } } throw new Exception('Unable to locate signer public key'); From c4273f0ef32f65267ddf43dc5dc6977659a0697e Mon Sep 17 00:00:00 2001 From: James Walker Date: Wed, 24 Mar 2010 15:15:20 -0400 Subject: [PATCH 6/9] Check for 0.9.0 bad keys from old Crypt_RSA library --- plugins/OStatus/classes/Magicsig.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 87c684c93d..1a95414958 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -50,7 +50,15 @@ class Magicsig extends Memcached_DataObject { $obj = parent::staticGet(__CLASS__, $k, $v); if (!empty($obj)) { - return Magicsig::fromString($obj->keypair); + $obj = Magicsig::fromString($obj->keypair); + + // Double check keys: Crypt_RSA did not + // consistently generate good keypairs. + // We've also moved to 1024 bit keys. + if (strlen($obj->publicKey->modulus->toBits()) != 1024) { + $obj->delete(); + return false; + } } return $obj; From cfca789b34eeac6c531c4c7aac622ed2e2510390 Mon Sep 17 00:00:00 2001 From: James Walker Date: Wed, 24 Mar 2010 15:18:41 -0400 Subject: [PATCH 7/9] Updated Math_Biginteger from upstream - removing safe* workarounds --- plugins/OStatus/classes/Magicsig.php | 8 ++++---- plugins/OStatus/extlib/Math/BigInteger.php | 8 ++++---- plugins/OStatus/lib/safecrypt_rsa.php | 18 ------------------ plugins/OStatus/lib/safemath_biginteger.php | 20 -------------------- 4 files changed, 8 insertions(+), 46 deletions(-) delete mode 100644 plugins/OStatus/lib/safecrypt_rsa.php delete mode 100644 plugins/OStatus/lib/safemath_biginteger.php diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index 1a95414958..c7dd17c268 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -108,16 +108,16 @@ class Magicsig extends Memcached_DataObject public function generate($user_id) { - $rsa = new SafeCrypt_RSA(); + $rsa = new Crypt_RSA(); $keypair = $rsa->createKey(); $rsa->loadKey($keypair['privatekey']); - $this->privateKey = new SafeCrypt_RSA(); + $this->privateKey = new Crypt_RSA(); $this->privateKey->loadKey($keypair['privatekey']); - $this->publicKey = new SafeCrypt_RSA(); + $this->publicKey = new Crypt_RSA(); $this->publicKey->loadKey($keypair['publickey']); $this->user_id = $user_id; @@ -169,7 +169,7 @@ class Magicsig extends Memcached_DataObject { common_log(LOG_DEBUG, "Adding ".$type." key: (".$mod .', '. $exp .")"); - $rsa = new SafeCrypt_RSA(); + $rsa = new Crypt_RSA(); $rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1; $rsa->setHash('sha256'); $rsa->modulus = new Math_BigInteger(base64_url_decode($mod), 256); diff --git a/plugins/OStatus/extlib/Math/BigInteger.php b/plugins/OStatus/extlib/Math/BigInteger.php index 9733351d42..4373805f99 100644 --- a/plugins/OStatus/extlib/Math/BigInteger.php +++ b/plugins/OStatus/extlib/Math/BigInteger.php @@ -67,7 +67,7 @@ * @author Jim Wigginton * @copyright MMVI Jim Wigginton * @license http://www.gnu.org/licenses/lgpl.txt - * @version $Id: BigInteger.php,v 1.31 2010/03/01 17:28:19 terrafrost Exp $ + * @version $Id: BigInteger.php,v 1.33 2010/03/22 22:32:03 terrafrost Exp $ * @link http://pear.php.net/package/Math_BigInteger */ @@ -294,7 +294,7 @@ class Math_BigInteger { $this->value = array(); } - if ($x === 0) { + if (empty($x)) { return; } @@ -718,7 +718,7 @@ class Math_BigInteger { * * Will be called, automatically, when serialize() is called on a Math_BigInteger object. * - * @see __wakeup + * @see __wakeup() * @access public */ function __sleep() @@ -740,7 +740,7 @@ class Math_BigInteger { * * Will be called, automatically, when unserialize() is called on a Math_BigInteger object. * - * @see __sleep + * @see __sleep() * @access public */ function __wakeup() diff --git a/plugins/OStatus/lib/safecrypt_rsa.php b/plugins/OStatus/lib/safecrypt_rsa.php deleted file mode 100644 index f3aa2c9285..0000000000 --- a/plugins/OStatus/lib/safecrypt_rsa.php +++ /dev/null @@ -1,18 +0,0 @@ -zero = new SafeMath_BigInteger(); - } -} - diff --git a/plugins/OStatus/lib/safemath_biginteger.php b/plugins/OStatus/lib/safemath_biginteger.php deleted file mode 100644 index c05e24d1ec..0000000000 --- a/plugins/OStatus/lib/safemath_biginteger.php +++ /dev/null @@ -1,20 +0,0 @@ -hex == '') { - $this->hex = '0'; - } - parent::__wakeup(); - } -} - From 9e0b9857f435bf45d353bc88eb2462d483bcc46b Mon Sep 17 00:00:00 2001 From: James Walker Date: Wed, 24 Mar 2010 15:26:03 -0400 Subject: [PATCH 8/9] Make sure we're requiring the library --- plugins/OStatus/classes/Magicsig.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/plugins/OStatus/classes/Magicsig.php b/plugins/OStatus/classes/Magicsig.php index c7dd17c268..864fef6285 100644 --- a/plugins/OStatus/classes/Magicsig.php +++ b/plugins/OStatus/classes/Magicsig.php @@ -27,6 +27,8 @@ * @link http://status.net/ */ +require_once 'Crypt/RSA.php'; + class Magicsig extends Memcached_DataObject { From a954fd65ba00328cd1a76e620113d2f639340aaf Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Wed, 24 Mar 2010 13:36:57 -0700 Subject: [PATCH 9/9] Fix for API group methods, caused failure or output corruption when pulling up local groups by name in api/statusnet/groups/is_member.json/xml --- lib/apiaction.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/apiaction.php b/lib/apiaction.php index e6aaf93161..9fc1a07799 100644 --- a/lib/apiaction.php +++ b/lib/apiaction.php @@ -1273,7 +1273,7 @@ class ApiAction extends Action if (empty($local)) { return null; } else { - return User_group::staticGet('id', $local->id); + return User_group::staticGet('id', $local->group_id); } }