diaspora-vines 0.1.26 → 0.1.27

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 69f1732a51eafbd6380760225853ba02f152146c
-  data.tar.gz: ee927ae9eb69d6584cede7180dc24ceae9bff465
+  metadata.gz: 87d2b07cbe2ab258cc25dbcea4fb8429feebd806
+  data.tar.gz: 35994b6743c62749b50002ba80ea354dbe5d6116
 SHA512:
-  metadata.gz: e520f4868fb123ccd57bf09437cf1219edc90af497dbdac5f63079afd028a275d200ac7dc83d4e12b5a6af374dc9c09b0662bead7e953e8e927c1ee01446dd60
-  data.tar.gz: 6170127b740aaa2b0b1eb61a708e75aa3d103561bcdc611fe21f114f2c20a61aba1707a1fc99ca2e445916afdf5fb3a110a3a33eccc6efe9fa99ac0793fb8a62
+  metadata.gz: 33bcb7a97e8af3a83576adea4ef702a80276505ea2970b58b02a52265d8fd2be25158b8dc86b77da6234b78b1f703a084824f0b8830de5db0fc051f78b51c10e
+  data.tar.gz: 42dbc10e518ac5238b399d97c714b169fee8cf72ba61ff58b73c8d4d3e7440d723e54cc95b9b17ca1076a58ecaf0f8c78412e3e16d2ce2490b831c55e5003ad4

data/conf/config.rb

@@ -19,6 +19,7 @@ Vines::Config.configure do
   host 'diaspora' do
     cross_domain_messages true
     accept_self_signed false
+    force_s2s_encryption false
     storage 'sql'
   end
 

data/lib/vines.rb

@@ -14,6 +14,7 @@ module Vines
     :tls              => 'urn:ietf:params:xml:ns:xmpp-tls'.freeze,
     :bind             => 'urn:ietf:params:xml:ns:xmpp-bind'.freeze,
     :session          => 'urn:ietf:params:xml:ns:xmpp-session'.freeze,
+    :stanzas          => 'urn:ietf:params:xml:ns:xmpp-stanzas'.freeze,
     :ping             => 'urn:xmpp:ping'.freeze,
     :delay            => 'urn:xmpp:delay'.freeze,
     :pubsub           => 'http://jabber.org/protocol/pubsub'.freeze,
@@ -30,8 +31,11 @@ module Vines
     :offline          => 'msgoffline'.freeze,
     :bosh             => 'urn:xmpp:xbosh'.freeze,
     :vcard            => 'vcard-temp'.freeze,
+    :vcard_update     => 'vcard-temp:x:update'.freeze,
     :si               => 'http://jabber.org/protocol/si'.freeze,
-    :byte_streams     => 'http://jabber.org/protocol/bytestreams'.freeze
+    :byte_streams     => 'http://jabber.org/protocol/bytestreams'.freeze,
+    :dialback         => 'urn:xmpp:features:dialback'.freeze,
+    :legacy_dialback  => 'jabber:server:dialback'.freeze
   }.freeze
 
   module Log
@@ -127,6 +131,7 @@ end
   vines/daemon
   vines/error
   vines/kit
+  vines/node
   vines/router
   vines/token_bucket
   vines/user
@@ -173,18 +178,20 @@ end
 
   vines/stream/server
   vines/stream/server/start
-  vines/stream/server/tls
+  vines/stream/server/auth_method
   vines/stream/server/auth_restart
   vines/stream/server/auth
   vines/stream/server/final_restart
   vines/stream/server/ready
 
   vines/stream/server/outbound/start
-  vines/stream/server/outbound/tls
+  vines/stream/server/outbound/auth
   vines/stream/server/outbound/tls_result
+  vines/stream/server/outbound/authoritative
   vines/stream/server/outbound/auth_restart
-  vines/stream/server/outbound/auth
-  vines/stream/server/outbound/auth_result
+  vines/stream/server/outbound/auth_external
+  vines/stream/server/outbound/auth_external_result
+  vines/stream/server/outbound/auth_dialback_result
   vines/stream/server/outbound/final_restart
   vines/stream/server/outbound/final_features
 

data/lib/vines/config/host.rb

@@ -15,6 +15,7 @@ module Vines
         @cross_domain_messages = false
         @private_storage = false
         @accept_self_signed = false
+        @force_s2s_encryption = false
         @components, @pubsubs = {}, {}
         validate_domain(@name)
         instance_eval(&block)
@@ -30,6 +31,14 @@ module Vines
         end
       end
 
+      def force_s2s_encryption(enabled)
+        @force_s2s_encryption = !!enabled
+      end
+
+      def force_s2s_encryption?
+        @force_s2s_encryption
+      end
+
       def accept_self_signed(enabled)
         @accept_self_signed = !!enabled
       end

data/lib/vines/kit.rb

@@ -19,5 +19,12 @@ module Vines
     def self.auth_token
       SecureRandom.hex(64)
     end
+
+    # Generate a HMAC for dialback as recommended in XEP-0185
+    def self.dialback_key(key, receiving, originating, id)
+      digest = OpenSSL::Digest.new('sha256')
+      data = "#{receiving} #{originating} #{id}"
+      OpenSSL::HMAC.hexdigest(digest, digest.hexdigest(key), data)
+    end
   end
 end

data/lib/vines/node.rb

@@ -0,0 +1,31 @@
+module Vines
+  # Utility functions to work with nodes
+  module Node
+
+    STREAM = 'stream'.freeze
+    BODY   = 'body'.freeze
+
+    module_function
+
+    # Check if node starts a new stream
+    def stream?(node)
+      node.name == STREAM && namespace(node) == NAMESPACES[:stream]
+    end
+
+    # Check if BOSH body
+    def body?(node)
+      node.name == BODY && namespace(node) == NAMESPACES[:http_bind]
+    end
+
+    # Get the namespace
+    def namespace(node)
+      namespace = node.namespace
+      namespace && namespace.href
+    end
+
+    # Convert to stanza
+    def to_stanza(node, stream)
+      Stanza.from_node(node, stream)
+    end
+  end
+end

data/lib/vines/router.rb

@@ -96,6 +96,11 @@ module Vines
       end
     end
 
+    # Return stream by id
+    def stream_by_id(id)
+      (@servers+@clients.values.flatten+@components).find {|stream| stream.id == id }
+    end
+
     # Returns the total number of streams connected to the server.
     def size
       clients = @clients.values.inject(0) {|sum, arr| sum + arr.size }

data/lib/vines/stanza/presence.rb

@@ -18,7 +18,7 @@ module Vines
         unless self['type'].nil?
           raise StanzaErrors::BadRequest.new(self, 'modify')
         end
-        if Config.instance.max_offline_msgs > 0
+        if Config.instance.max_offline_msgs > 0 && !validate_to
           check_offline_messages(stream.last_broadcast_presence)
         end
         dir = outbound? ? 'outbound' : 'inbound'
@@ -69,6 +69,12 @@ module Vines
           stream.user.subscribed_from?(to) ? stream.available_resources(to) : []
         end
 
+        # NOTE overriding vCard information is not concurring
+        # with XEP-153 due the fact that the user can only update
+        # his vCard via the Diaspora environment we should act
+        # the same way for the avatar update
+        override_vcard_update
+
         broadcast(recipients)
         broadcast(stream.available_resources(stream.user.jid))
 
@@ -162,6 +168,15 @@ module Vines
           self['from'] = bare.to_s
         end
       end
+
+      def override_vcard_update
+        image_path = storage.find_avatar_by_jid(@node['from'])
+        return if image_path.nil?
+        photo_tag = "<photo><EXTVAL>#{image_path}</EXTVAL></photo>"
+        node = @node.xpath("//xmlns:x", 'xmlns' => NAMESPACES[:vcard_update]).first
+        node.remove unless node.blank?
+        @node << "<x xmlns=\"#{NAMESPACES[:vcard_update]}\">#{photo_tag}</x>"
+      end
     end
   end
 end

data/lib/vines/storage.rb

@@ -230,7 +230,7 @@ module Vines
     # message   - The message you want to store.
     #
     # Returns nothing.
-    def save_mesage(from, to, message)
+    def save_message(from, to, message)
       raise 'subclass must implement'
     end
 
@@ -243,6 +243,15 @@ module Vines
       raise 'subclass must implement'
     end
 
+    # Retrieve the avatar url by jid.
+    #
+    # jid      - The String or JID of the user.
+    #
+    # Returns string
+    def find_avatar_by_jid(jid)
+      raise 'subclass must implement'
+    end
+
     private
 
     # Determine if any of the arguments are nil or empty strings.

data/lib/vines/storage/sql.rb

@@ -112,10 +112,13 @@ module Vines
           # add diaspora contacts
           xuser.contacts.chat_enabled.each do |contact|
             handle = contact.person.diaspora_handle
+            profile = contact.person.profile
+            name = "#{profile.first_name} #{profile.last_name}"
+            name = handle.gsub(/\@.*?$/, '') if name.strip.empty?
             ask, subscription, groups = get_diaspora_flags(contact)
             user.roster << Vines::Contact.new(
               jid: handle,
-              name: handle.gsub(/\@.*?$/, ''),
+              name: name,
               subscription: subscription,
               from_diaspora: true,
               groups: groups,
@@ -162,8 +165,7 @@ module Vines
           contact.update_attributes(
             name: fresh.name,
             ask: fresh.ask,
-            subscription: fresh.subscription,
-            groups: get_external_groups)
+            subscription: fresh.subscription)
         end
 
         # add new contacts to roster
@@ -177,8 +179,7 @@ module Vines
               jid: contact.jid.bare.to_s,
               name: contact.name,
               ask: contact.ask,
-              subscription: contact.subscription,
-              groups: get_external_groups) unless jids.include?(contact.jid.bare.to_s)
+              subscription: contact.subscription) unless jids.include?(contact.jid.bare.to_s)
           end
         }
         xuser.save
@@ -260,6 +261,18 @@ module Vines
       end
       with_connection :save_fragment
 
+      def find_avatar_by_jid(jid)
+        jid = JID.new(jid).bare.to_s
+        return nil if jid.empty?
+
+        person = Sql::Person.find_by_diaspora_handle(jid)
+        return nil if person.nil?
+        return nil if person.profile.nil?
+        return nil unless person.local?
+        person.profile.image_url
+      end
+      with_connection :find_avatar_by_jid
+
       private
         def establish_connection
           ActiveRecord::Base.logger = log # using vines logger

data/lib/vines/stream.rb

@@ -8,9 +8,10 @@ module Vines
     include Vines::Log
 
     ERROR = 'error'.freeze
+    STREAM = 'stream'.freeze
     PAD   = 20
 
-    attr_reader   :config, :domain
+    attr_reader   :config, :domain, :id, :state
     attr_accessor :user
 
     def initialize(config)
@@ -122,7 +123,7 @@ module Vines
 
     def ssl_verify_peer(pem)
       # Skip verifying if user accept self-signed certificates
-      return if self.vhost.accept_self_signed?
+      return true if self.vhost.accept_self_signed?
       # EM is supposed to close the connection when this returns false,
       # but it only does that for inbound connections, not when we
       # make a connection to another server.
@@ -265,6 +266,7 @@ module Vines
       if error?(node)
         close_stream
       else
+        update_stream_id(node)
         state.node(node)
       end
     rescue => e
@@ -286,14 +288,6 @@ module Vines
         ["#{label} stanza:".ljust(PAD), from, to, node])
     end
 
-    # Inspects the current state of the stream's state machine. Provided as a
-    # method so subclasses can override the behavior.
-    #
-    # Returns the current Stream::State.
-    def state
-      @state
-    end
-
     # Determine if this is a valid domain-only JID that can be used in
     # stream initiation stanza headers.
     #
@@ -303,5 +297,13 @@ module Vines
     def valid_address?(jid)
       JID.new(jid).domain? rescue false
     end
+
+    def update_stream_id(id_or_node)
+      if id_or_node.is_a? String
+        @id = id_or_node.freeze
+      elsif Node.stream?(id_or_node) # move stream? method somewhere else?
+        @id = id_or_node['id'].freeze
+      end
+    end
   end
 end

data/lib/vines/stream/client/bind_restart.rb

@@ -13,6 +13,12 @@ module Vines
           stream.start(node)
           doc = Document.new
           features = doc.create_element('stream:features') do |el|
+            # Session support is deprecated, but like we do it for Adium
+            # in the iq-session-stanza we have to serve the feature for Xabber.
+            # Otherwise it will disconnect after authentication!
+            el << doc.create_element('session', 'xmlns' => NAMESPACES[:session]) do |session|
+              session << doc.create_element('optional')
+            end
             el << doc.create_element('bind', 'xmlns' => NAMESPACES[:bind])
           end
           stream.write(features)

data/lib/vines/stream/http.rb

@@ -46,19 +46,21 @@ module Vines
       end
 
       def process_request(request)
-        if request.path == self.bind && request.options?
-          request.reply_to_options
-        elsif request.path == self.bind
-          body = Nokogiri::XML(request.body).root
-          if session = Sessions[body['sid']]
-            @session = session
-          else
-            @session = Http::Session.new(self)
+        if request.method == 'POST'
+          if request.path == self.bind && request.options?
+            request.reply_to_options
+          elsif request.path == self.bind
+            body = Nokogiri::XML(request.body).root
+            if session = Sessions[body['sid']]
+              @session = session
+            else
+              @session = Http::Session.new(self)
+            end
+            @session.request(request)
+            @nodes.push(body)
           end
-          @session.request(request)
-          @nodes.push(body)
         else
-          request.reply_with_file(self.root)
+          request.reply('It works!', 'text/plain')
         end
       end
 

data/lib/vines/stream/server.rb

@@ -15,7 +15,7 @@ module Vines
       # yielded stream will be nil if the remote connection failed. We need to
       # use a background thread to avoid blocking the server on DNS SRV
       # lookups.
-      def self.start(config, to, from, &callback)
+      def self.start(config, to, from, dialback_verify_key = false, &callback)
         op = proc do
           Resolv::DNS.open do |dns|
             dns.getresources("_xmpp-server._tcp.#{to}", Resolv::DNS::Resource::IN::SRV)
@@ -28,22 +28,22 @@ module Vines
               def method_missing(name); self[name]; end
             end
           end
-          Server.connect(config, to, from, srv, callback)
+          Server.connect(config, to, from, srv, dialback_verify_key, callback)
         end
         EM.defer(proc { op.call rescue [] }, cb)
       end
 
-      def self.connect(config, to, from, srv, callback)
+      def self.connect(config, to, from, srv, dialback_verify_key = false, callback)
         if srv.empty?
           # fiber so storage calls work properly
           Fiber.new { callback.call(nil) }.resume
         else
           begin
             rr = srv.shift
-            opts = {to: to, from: from, srv: srv, callback: callback}
+            opts = {to: to, from: from, srv: srv, dialback_verify_key: dialback_verify_key, callback: callback}
             EM.connect(rr.target.to_s, rr.port, Server, config, opts)
           rescue => e
-            connect(config, to, from, srv, callback)
+            connect(config, to, from, srv, dialback_verify_key, callback)
           end
         end
       end
@@ -53,10 +53,13 @@ module Vines
 
       def initialize(config, options={})
         super(config)
+        @outbound_tls_required = false
+        @peer_trusted = nil
         @connected = false
         @remote_domain = options[:to]
         @domain = options[:from]
         @srv = options[:srv]
+        @dialback_verify_key = options[:dialback_verify_key]
         @callback = options[:callback]
         @outbound = @remote_domain && @domain
         start = @outbound ? Outbound::Start.new(self) : Start.new(self)
@@ -72,8 +75,30 @@ module Vines
         config[:server].max_stanza_size
       end
 
+      def ssl_verify_peer(pem)
+        @peer_trusted = @store.trusted?(pem)
+        true
+      end
+
+      def peer_trusted?
+        !@peer_trusted.nil? && @peer_trusted
+      end
+
+      def dialback_retry?
+        return false if @peer_trusted.nil? || @peer_trusted
+        true
+      end
+
       def ssl_handshake_completed
-        close_connection unless cert_domain_matches?(@remote_domain)
+        @peer_trusted = cert_domain_matches?(@remote_domain) && peer_trusted?
+      end
+
+      def outbound_tls_required?
+        @outbound_tls_required
+      end
+
+      def outbound_tls_required(required)
+        @outbound_tls_required = required
       end
 
       # Return an array of allowed authentication mechanisms advertised as
@@ -99,10 +124,16 @@ module Vines
 
       def notify_connected
         @connected = true
-        if @callback
-          @callback.call(self)
-          @callback = nil
-        end
+        self.callback!
+        @callback = nil
+      end
+
+      def callback!
+        @callback.call(self) if @callback
+      end
+
+      def dialback_verify_key?
+        @dialback_verify_key
       end
 
       def ready?
@@ -115,7 +146,6 @@ module Vines
         @domain, @remote_domain = to, from unless @domain
         send_stream_header
         raise StreamErrors::NotAuthorized if domain_change?(to, from)
-        raise StreamErrors::UnsupportedVersion unless node['version'] == '1.0'
         raise StreamErrors::ImproperAddressing unless valid_address?(@domain) && valid_address?(@remote_domain)
         raise StreamErrors::HostUnknown unless config.vhost?(@domain) || config.pubsub?(@domain) || config.component?(@domain)
         raise StreamErrors::NotAuthorized unless config.s2s?(@remote_domain) && config.allowed?(@domain, @remote_domain)
@@ -140,14 +170,17 @@ module Vines
       end
 
       def send_stream_header
+        stream_id = Kit.uuid
+        update_stream_id(stream_id)
         attrs = {
           'xmlns'        => NAMESPACES[:server],
           'xmlns:stream' => NAMESPACES[:stream],
+          'xmlns:db'     => NAMESPACES[:legacy_dialback],
           'xml:lang'     => 'en',
-          'id'           => Kit.uuid,
+          'id'           => stream_id,
+          'version'      => '1.0',
           'from'         => @domain,
           'to'           => @remote_domain,
-          'version'      => '1.0'
         }
         write "<stream:stream %s>" % attrs.to_a.map{|k,v| "#{k}='#{v}'"}.join(' ')
       end