Support relayable_retractions that are relayed to us by the top-level post owner
This commit is contained in:
parent
959b264c44
commit
1fe1ac022f
3 changed files with 39 additions and 9 deletions
|
@ -113,6 +113,7 @@ function delivery_run($argv, $argc){
|
|||
$uid = $r[0]['uid'];
|
||||
$updated = $r[0]['edited'];
|
||||
|
||||
// The following seems superfluous. We've already checked for "if (! intval($r[0]['parent']))" a few lines up
|
||||
if(! $parent_id)
|
||||
continue;
|
||||
|
||||
|
|
|
@ -83,6 +83,9 @@ function diaspora_dispatch($importer,$msg) {
|
|||
elseif($xmlbase->signed_retraction) {
|
||||
$ret = diaspora_signed_retraction($importer,$xmlbase->signed_retraction,$msg);
|
||||
}
|
||||
elseif($xmlbase->relayable_retraction) {
|
||||
$ret = diaspora_signed_retraction($importer,$xmlbase->relayable_retraction,$msg);
|
||||
}
|
||||
elseif($xmlbase->photo) {
|
||||
$ret = diaspora_photo($importer,$xmlbase->photo,$msg);
|
||||
}
|
||||
|
@ -1783,28 +1786,53 @@ function diaspora_signed_retraction($importer,$xml,$msg) {
|
|||
$type = notags(unxmlify($xml->target_type));
|
||||
$sig = notags(unxmlify($xml->target_author_signature));
|
||||
|
||||
$parent_author_signature = (($xml->parent_author_signature) ? notags(unxmlify($xml->parent_author_signature)) : '');
|
||||
|
||||
$contact = diaspora_get_contact_by_handle($importer['uid'],$diaspora_handle);
|
||||
if(! $contact) {
|
||||
logger('diaspora_signed_retraction: no contact');
|
||||
return;
|
||||
}
|
||||
|
||||
// this may not yet work for comments. Need to see how the relaying works
|
||||
// and figure out who signs it.
|
||||
|
||||
|
||||
$signed_data = $guid . ';' . $type ;
|
||||
|
||||
$sig = base64_decode($sig);
|
||||
|
||||
if(strcasecmp($diaspora_handle,$msg['author']) == 0) {
|
||||
$person = $contact;
|
||||
$key = $msg['key'];
|
||||
}
|
||||
else {
|
||||
$person = find_diaspora_person_by_handle($diaspora_handle);
|
||||
|
||||
if(is_array($person) && x($person,'pubkey'))
|
||||
$key = $person['pubkey'];
|
||||
else {
|
||||
logger('diaspora_signed_retraction: unable to find author details');
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if(! rsa_verify($signed_data,$sig,$key,'sha256')) {
|
||||
logger('diaspora_signed_retraction: owner verification failed.' . print_r($msg,true));
|
||||
logger('diaspora_signed_retraction: retraction-owner verification failed.' . print_r($msg,true));
|
||||
return;
|
||||
}
|
||||
|
||||
if($type === 'StatusMessage') {
|
||||
if($parent_author_signature) {
|
||||
$owner_signed_data = $guid . ';' . $type ;
|
||||
|
||||
$parent_author_signature = base64_decode($parent_author_signature);
|
||||
|
||||
$key = $msg['key'];
|
||||
|
||||
if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha256')) {
|
||||
logger('diaspora_signed_retraction: failed to verify person relaying the retraction (e.g. owner of a post relaying a retracted comment');
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if($type === 'StatusMessage' || $type === 'Comment') {
|
||||
$r = q("select * from item where guid = '%s' and uid = %d and not file like '%%[%%' limit 1",
|
||||
dbesc($guid),
|
||||
intval($importer['uid'])
|
||||
|
|
|
@ -125,6 +125,7 @@ function notifier_run($argv, $argc){
|
|||
$uid = $r[0]['uid'];
|
||||
$updated = $r[0]['edited'];
|
||||
|
||||
// The following seems superfluous. We've already checked for "if (! intval($r[0]['parent']))" a few lines up
|
||||
if(! $parent_id)
|
||||
return;
|
||||
|
||||
|
|
Loading…
Reference in a new issue