Created
December 8, 2024 19:40
-
-
Save yurukov/ddb019f76d47c169848acc59ed7942d8 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/index.php b/index.php | |
| index 95c862d..9ba3741 100644 | |
| --- a/index.php | |
| +++ b/index.php | |
| @@ -98,6 +98,7 @@ | |
| case "nodeinfo/2.1": | |
| nodeinfo(); // Optional. Static. | |
| case rawurldecode( $username ): | |
| + case "users/" . rawurldecode( $username ): | |
| case "@" . rawurldecode( $username ): // Some software assumes usernames start with an `@` | |
| username(); // Mandatory. Static | |
| case "following": | |
| @@ -654,7 +655,6 @@ XML; | |
| $rawUsername = rawurldecode( $username ); | |
| $h1 = "HomePage"; | |
| - $directory = "posts"; | |
| // Counters for followers, following, and posts | |
| $follower_files = glob( $directories["followers"] . "/*.json" ); | |
| @@ -718,7 +718,7 @@ echo <<< HTML | |
| <ul> | |
| HTML; | |
| // Get all the files in the directory | |
| - $message_files = array_reverse( glob( "posts" . "/*.json") ); | |
| + $message_files = array_reverse( glob( $directories["posts"] . "/*.json") ); | |
| // There are lots of messages. The UI will only show 200. | |
| $message_files = array_slice( $message_files, 0, 1000 ); | |
| @@ -1346,27 +1346,29 @@ HTML; | |
| return false; | |
| } | |
| - // Is there a significant difference between the Date header and the published timestamp? | |
| - // Two minutes chosen because Friendica is frequently more than a minute skewed | |
| - $published = $body["published"]; | |
| - $publishedDatetime = new DateTime($published); | |
| - // Calculate the time difference in seconds | |
| - $timeDifference = abs( $publishedDatetime->getTimestamp() - $headerDatetime->getTimestamp() ); | |
| - if ( $timeDifference > 120 ) { | |
| - // Write a log detailing the error | |
| - // Filename for the log | |
| - $filename = "{$type}.Signature.Time_Failure"; | |
| - | |
| - // Save headers and request data to the timestamped file in the logs directory | |
| - $message = | |
| - "Header Date:\n" . print_r( $dateHeader, true ) . "\n" . | |
| - "Published Date:\n" . print_r( $publishedDatetime->format('D, d M Y H:i:s T'), true ) ."\n" . | |
| - "Original Body:\n" . print_r( $body, true ) . "\n\n" . | |
| - "Original Headers:\n" . print_r( $headers, true ) . "\n\n"; | |
| - | |
| - save_log( $filename, $message ); | |
| - return false; | |
| - } | |
| + if (array_key_exists("published",$body)) { | |
| + // Is there a significant difference between the Date header and the published timestamp? | |
| + // Two minutes chosen because Friendica is frequently more than a minute skewed | |
| + $published = $body["published"]; | |
| + $publishedDatetime = new DateTime($published); | |
| + // Calculate the time difference in seconds | |
| + $timeDifference = abs( $publishedDatetime->getTimestamp() - $headerDatetime->getTimestamp() ); | |
| + if ( $timeDifference > 120 ) { | |
| + // Write a log detailing the error | |
| + // Filename for the log | |
| + $filename = "{$type}.Signature.Time_Failure"; | |
| + | |
| + // Save headers and request data to the timestamped file in the logs directory | |
| + $message = | |
| + "Header Date:\n" . print_r( $dateHeader, true ) . "\n" . | |
| + "Published Date:\n" . print_r( $publishedDatetime->format('D, d M Y H:i:s T'), true ) ."\n" . | |
| + "Original Body:\n" . print_r( $body, true ) . "\n\n" . | |
| + "Original Headers:\n" . print_r( $headers, true ) . "\n\n"; | |
| + | |
| + save_log( $filename, $message ); | |
| + return false; | |
| + } | |
| + } | |
| // Validate the Digest | |
| // It is the hash of the raw input string, in binary, encoded as base64. | |
| @@ -1383,6 +1385,8 @@ HTML; | |
| // See https://github.com/superseriousbusiness/gotosocial/issues/1186#issuecomment-1976166659 and https://github.com/snarfed/bridgy-fed/issues/430 for hs2019 | |
| if ( "SHA-256" == $digestAlgorithm || "hs2019" == $digestAlgorithm ) { | |
| $digestAlgorithm = "sha256"; | |
| + } else if ( "SHA-384" == $digestAlgorithm ) { | |
| + $digestAlgorithm = "sha384"; | |
| } else if ( "SHA-512" == $digestAlgorithm ) { | |
| $digestAlgorithm = "sha512"; | |
| } | |
| @@ -1475,8 +1479,12 @@ HTML; | |
| // There might be many different signing algorithms | |
| // TODO: Find a way to transform these automatically | |
| // See https://github.com/superseriousbusiness/gotosocial/issues/1186#issuecomment-1976166659 and https://github.com/snarfed/bridgy-fed/issues/430 for hs2019 | |
| - if ( "hs2019" == $algorithm ) { | |
| + if ( "hs2019" == $algorithm || "rsa-sha256" == $algorithm ) { | |
| $algorithm = "sha256"; | |
| + } elseif ( "rsa-sha384" == $algorithm ) { | |
| + $algorithm = "sha384"; | |
| + } elseif ( "rsa-sha512" == $algorithm ) { | |
| + $algorithm = "sha512"; | |
| } | |
| // Finally! Calculate whether the signature is valid |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment