function dfrn_deliver($owner, $contact, $atom, $dissolve = false)
{
$a = get_app();
$idtosend = $orig_id = $contact['dfrn-id'] ? $contact['dfrn-id'] : $contact['issued-id'];
if ($contact['duplex'] && $contact['dfrn-id']) {
$idtosend = '0:' . $orig_id;
}
if ($contact['duplex'] && $contact['issued-id']) {
$idtosend = '1:' . $orig_id;
}
$rino = get_config('system', 'rino_encrypt');
$rino = intval($rino);
// use RINO1 if mcrypt isn't installed and RINO2 was selected
if ($rino == 2 and !function_exists('mcrypt_create_iv')) {
$rino = 1;
}
logger("Local rino version: " . $rino, LOGGER_DEBUG);
$ssl_val = intval(get_config('system', 'ssl_policy'));
$ssl_policy = '';
switch ($ssl_val) {
case SSL_POLICY_FULL:
$ssl_policy = 'full';
break;
case SSL_POLICY_SELFSIGN:
$ssl_policy = 'self';
break;
case SSL_POLICY_NONE:
default:
$ssl_policy = 'none';
break;
}
$url = $contact['notify'] . '&dfrn_id=' . $idtosend . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . ($rino ? '&rino=' . $rino : '');
logger('dfrn_deliver: ' . $url);
$xml = fetch_url($url);
$curl_stat = $a->get_curl_code();
if (!$curl_stat) {
return -1;
}
// timed out
logger('dfrn_deliver: ' . $xml, LOGGER_DATA);
if (!$xml) {
return 3;
}
if (strpos($xml, '<?xml') === false) {
logger('dfrn_deliver: no valid XML returned');
logger('dfrn_deliver: returned XML: ' . $xml, LOGGER_DATA);
return 3;
}
$res = parse_xml_string($xml);
if (intval($res->status) != 0 || !strlen($res->challenge) || !strlen($res->dfrn_id)) {
return $res->status ? $res->status : 3;
}
$postvars = array();
$sent_dfrn_id = hex2bin((string) $res->dfrn_id);
$challenge = hex2bin((string) $res->challenge);
$perm = $res->perm ? $res->perm : null;
$dfrn_version = (double) ($res->dfrn_version ? $res->dfrn_version : 2.0);
$rino_remote_version = intval($res->rino);
$page = $owner['page-flags'] == PAGE_COMMUNITY ? 1 : 0;
logger("Remote rino version: " . $rino_remote_version . " for " . $contact["url"], LOGGER_DEBUG);
if ($owner['page-flags'] == PAGE_PRVGROUP) {
$page = 2;
}
$final_dfrn_id = '';
if ($perm) {
if ($perm == 'rw' && !intval($contact['writable']) || $perm == 'r' && intval($contact['writable'])) {
q("update contact set writable = %d where id = %d", intval($perm == 'rw' ? 1 : 0), intval($contact['id']));
$contact['writable'] = (string) 1 - intval($contact['writable']);
}
}
if ($contact['duplex'] && strlen($contact['pubkey']) || $owner['page-flags'] == PAGE_COMMUNITY && strlen($contact['pubkey']) || $contact['rel'] == CONTACT_IS_SHARING && strlen($contact['pubkey'])) {
openssl_public_decrypt($sent_dfrn_id, $final_dfrn_id, $contact['pubkey']);
openssl_public_decrypt($challenge, $postvars['challenge'], $contact['pubkey']);
} else {
openssl_private_decrypt($sent_dfrn_id, $final_dfrn_id, $contact['prvkey']);
openssl_private_decrypt($challenge, $postvars['challenge'], $contact['prvkey']);
}
$final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.'));
if (strpos($final_dfrn_id, ':') == 1) {
$final_dfrn_id = substr($final_dfrn_id, 2);
}
if ($final_dfrn_id != $orig_id) {
logger('dfrn_deliver: wrong dfrn_id.');
// did not decode properly - cannot trust this site
return 3;
}
$postvars['dfrn_id'] = $idtosend;
$postvars['dfrn_version'] = DFRN_PROTOCOL_VERSION;
if ($dissolve) {
$postvars['dissolve'] = '1';
}
if ($contact['rel'] && $contact['rel'] != CONTACT_IS_SHARING && !$contact['blocked'] || $owner['page-flags'] == PAGE_COMMUNITY) {
$postvars['data'] = $atom;
$postvars['perm'] = 'rw';
} else {
$postvars['data'] = str_replace('<dfrn:comment-allow>1', '<dfrn:comment-allow>0', $atom);
$postvars['perm'] = 'r';
}
$postvars['ssl_policy'] = $ssl_policy;
if ($page) {
$postvars['page'] = $page;
}
if ($rino > 0 && $rino_remote_version > 0 && !$dissolve) {
logger('rino version: ' . $rino_remote_version);
switch ($rino_remote_version) {
case 1:
// Deprecated rino version!
$key = substr(random_string(), 0, 16);
$data = aes_encrypt($postvars['data'], $key);
break;
case 2:
// RINO 2 based on php-encryption
try {
$key = Crypto::createNewRandomKey();
} catch (CryptoTestFailed $ex) {
logger('Cannot safely create a key');
return -1;
} catch (CannotPerformOperation $ex) {
logger('Cannot safely create a key');
return -1;
}
try {
$data = Crypto::encrypt($postvars['data'], $key);
} catch (CryptoTestFailed $ex) {
logger('Cannot safely perform encryption');
return -1;
} catch (CannotPerformOperation $ex) {
logger('Cannot safely perform encryption');
return -1;
}
break;
default:
logger("rino: invalid requested verision '{$rino_remote_version}'");
return -1;
}
$postvars['rino'] = $rino_remote_version;
$postvars['data'] = bin2hex($data);
#logger('rino: sent key = ' . $key, LOGGER_DEBUG);
if ($dfrn_version >= 2.1) {
if ($contact['duplex'] && strlen($contact['pubkey']) || $owner['page-flags'] == PAGE_COMMUNITY && strlen($contact['pubkey']) || $contact['rel'] == CONTACT_IS_SHARING && strlen($contact['pubkey'])) {
openssl_public_encrypt($key, $postvars['key'], $contact['pubkey']);
} else {
openssl_private_encrypt($key, $postvars['key'], $contact['prvkey']);
}
} else {
if ($contact['duplex'] && strlen($contact['prvkey']) || $owner['page-flags'] == PAGE_COMMUNITY) {
openssl_private_encrypt($key, $postvars['key'], $contact['prvkey']);
} else {
openssl_public_encrypt($key, $postvars['key'], $contact['pubkey']);
}
}
logger('md5 rawkey ' . md5($postvars['key']));
$postvars['key'] = bin2hex($postvars['key']);
}
logger('dfrn_deliver: ' . "SENDING: " . print_r($postvars, true), LOGGER_DATA);
$xml = post_url($contact['notify'], $postvars);
logger('dfrn_deliver: ' . "RECEIVED: " . $xml, LOGGER_DATA);
$curl_stat = $a->get_curl_code();
if (!$curl_stat || !strlen($xml)) {
return -1;
}
// timed out
if ($curl_stat == 503 && stristr($a->get_curl_headers(), 'retry-after')) {
return -1;
}
if (strpos($xml, '<?xml') === false) {
logger('dfrn_deliver: phase 2: no valid XML returned');
logger('dfrn_deliver: phase 2: returned XML: ' . $xml, LOGGER_DATA);
return 3;
}
if ($contact['term-date'] != '0000-00-00 00:00:00') {
logger("dfrn_deliver: {$url} back from the dead - removing mark for death");
require_once 'include/Contact.php';
unmark_for_death($contact);
}
$res = parse_xml_string($xml);
return $res->status;
}
