XmppPlugin.php 17 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482
  1. <?php
  2. /**
  3. * StatusNet - the distributed open-source microblogging tool
  4. * Copyright (C) 2009, StatusNet, Inc.
  5. *
  6. * Send and receive notices using the XMPP network
  7. *
  8. * PHP version 7
  9. *
  10. * This program is free software: you can redistribute it and/or modify
  11. * it under the terms of the GNU Affero General Public License as published by
  12. * the Free Software Foundation, either version 3 of the License, or
  13. * (at your option) any later version.
  14. *
  15. * This program is distributed in the hope that it will be useful,
  16. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  18. * GNU Affero General Public License for more details.
  19. *
  20. * You should have received a copy of the GNU Affero General Public License
  21. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  22. *
  23. * @category IM
  24. * @package StatusNet
  25. * @author Evan Prodromou <evan@status.net>
  26. * @copyright 2009 StatusNet, Inc.
  27. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
  28. * @link http://status.net/
  29. */
  30. if (!defined('STATUSNET')) {
  31. // This check helps protect against security problems;
  32. // your code file can't be executed directly from the web.
  33. exit(1);
  34. }
  35. /**
  36. * Plugin for XMPP
  37. *
  38. * @category Plugin
  39. * @package StatusNet
  40. * @author Evan Prodromou <evan@status.net>
  41. * @copyright 2009 StatusNet, Inc.
  42. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
  43. * @link http://status.net/
  44. */
  45. class XmppPlugin extends ImPlugin
  46. {
  47. const PLUGIN_VERSION = '2.0.0';
  48. public $server = null;
  49. public $port = 5222;
  50. public $user = 'update';
  51. public $resource = 'gnusocial';
  52. public $encryption = true;
  53. public $password = null;
  54. public $host = null; // only set if != server
  55. public $debug = false; // print extra debug info
  56. public $transport = 'xmpp';
  57. function getDisplayName()
  58. {
  59. // TRANS: Plugin display name.
  60. return _m('XMPP/Jabber');
  61. }
  62. function daemonScreenname()
  63. {
  64. $ret = $this->user . '@' . $this->server;
  65. if ($this->resource) {
  66. return $ret . '/' . $this->resource;
  67. } else {
  68. return $ret;
  69. }
  70. }
  71. function validate($screenname)
  72. {
  73. return $this->validateBaseJid($screenname, common_config('email', 'check_domain'));
  74. }
  75. /**
  76. * Checks whether a string is a syntactically valid base Jabber ID (JID).
  77. * A base JID won't include a resource specifier on the end; since we
  78. * take it off when reading input we can't really use them reliably
  79. * to direct outgoing messages yet (sorry guys!)
  80. *
  81. * Note that a bare domain can be a valid JID.
  82. *
  83. * @param string $jid string to check
  84. * @param bool $check_domain whether we should validate that domain...
  85. *
  86. * @return boolean whether the string is a valid JID
  87. */
  88. protected function validateBaseJid($jid, $check_domain = false)
  89. {
  90. try {
  91. $parts = $this->splitJid($jid);
  92. if ($check_domain) {
  93. if (!$this->checkDomain($parts['domain'])) {
  94. return false;
  95. }
  96. }
  97. return ($parts['resource'] === null); // missing; empty ain't kosher
  98. } catch (Exception $e) {
  99. return false;
  100. }
  101. }
  102. /**
  103. * Splits a Jabber ID (JID) into node, domain, and resource portions.
  104. *
  105. * Based on validation routine submitted by:
  106. * @param string $jid string to check
  107. *
  108. * @return array with "node", "domain", and "resource" indices
  109. * @throws Exception if input is not valid
  110. * @license Licensed under ISC-L, which is compatible with everything else that keeps the copyright notice intact.
  111. *
  112. * @copyright 2009 Patrick Georgi <patrick@georgi-clan.de>
  113. */
  114. protected function splitJid($jid)
  115. {
  116. $chars = '';
  117. /* the following definitions come from stringprep, Appendix C,
  118. which is used in its entirety by nodeprop, Chapter 5, "Prohibited Output" */
  119. /* C1.1 ASCII space characters */
  120. $chars .= "\x{20}";
  121. /* C1.2 Non-ASCII space characters */
  122. $chars .= "\x{a0}\x{1680}\x{2000}-\x{200b}\x{202f}\x{205f}\x{3000a}";
  123. /* C2.1 ASCII control characters */
  124. $chars .= "\x{00}-\x{1f}\x{7f}";
  125. /* C2.2 Non-ASCII control characters */
  126. $chars .= "\x{80}-\x{9f}\x{6dd}\x{70f}\x{180e}\x{200c}\x{200d}\x{2028}\x{2029}\x{2060}-\x{2063}\x{206a}-\x{206f}\x{feff}\x{fff9}-\x{fffc}\x{1d173}-\x{1d17a}";
  127. /* C3 - Private Use */
  128. $chars .= "\x{e000}-\x{f8ff}\x{f0000}-\x{ffffd}\x{100000}-\x{10fffd}";
  129. /* C4 - Non-character code points */
  130. $chars .= "\x{fdd0}-\x{fdef}\x{fffe}\x{ffff}\x{1fffe}\x{1ffff}\x{2fffe}\x{2ffff}\x{3fffe}\x{3ffff}\x{4fffe}\x{4ffff}\x{5fffe}\x{5ffff}\x{6fffe}\x{6ffff}\x{7fffe}\x{7ffff}\x{8fffe}\x{8ffff}\x{9fffe}\x{9ffff}\x{afffe}\x{affff}\x{bfffe}\x{bffff}\x{cfffe}\x{cffff}\x{dfffe}\x{dffff}\x{efffe}\x{effff}\x{ffffe}\x{fffff}\x{10fffe}\x{10ffff}";
  131. /* C5 - Surrogate codes */
  132. // We can't use preg_match to check this, fix below
  133. // $chars .= "\x{d800}-\x{dfff}";
  134. /* C6 - Inappropriate for plain text */
  135. $chars .= "\x{fff9}-\x{fffd}";
  136. /* C7 - Inappropriate for canonical representation */
  137. $chars .= "\x{2ff0}-\x{2ffb}";
  138. /* C8 - Change display properties or are deprecated */
  139. $chars .= "\x{340}\x{341}\x{200e}\x{200f}\x{202a}-\x{202e}\x{206a}-\x{206f}";
  140. /* C9 - Tagging characters */
  141. $chars .= "\x{e0001}\x{e0020}-\x{e007f}";
  142. /* Nodeprep forbids some more characters */
  143. $nodeprepchars = $chars;
  144. $nodeprepchars .= "\x{22}\x{26}\x{27}\x{2f}\x{3a}\x{3c}\x{3e}\x{40}";
  145. $parts = explode("/", $jid, 2);
  146. if (count($parts) > 1) {
  147. $resource = $parts[1];
  148. // if ($resource == '') then
  149. // Warning: empty resource isn't legit.
  150. // But if we're normalizing, we may as well take it...
  151. } else {
  152. $resource = null;
  153. }
  154. $node = explode("@", $parts[0]);
  155. if ((count($node) > 2) || (count($node) == 0)) {
  156. // TRANS: Exception thrown when using too many @ signs in a Jabber ID.
  157. throw new Exception(_m('Invalid JID: too many @s.'));
  158. } else if (count($node) == 1) {
  159. $domain = $node[0];
  160. $node = null;
  161. } else {
  162. $domain = $node[1];
  163. $node = $node[0];
  164. if ($node == '') {
  165. // TRANS: Exception thrown when using @ sign not followed by a Jabber ID.
  166. throw new Exception(_m('Invalid JID: @ but no node'));
  167. }
  168. }
  169. if ($node !== null) {
  170. // Length limits per http://xmpp.org/rfcs/rfc3920.html#addressing
  171. if (strlen($node) > 1023) {
  172. // TRANS: Exception thrown when using too long a Jabber ID (>1023).
  173. throw new Exception(_m('Invalid JID: node too long.'));
  174. }
  175. // C5 - Surrogate codes is ensured by encoding check
  176. if (preg_match("/[" . $nodeprepchars . "]/u", $node) || mb_detect_encoding($node, 'UTF-8', true) != 'UTF-8') {
  177. // TRANS: Exception thrown when using an invalid Jabber ID.
  178. // TRANS: %s is the invalid Jabber ID.
  179. throw new Exception(sprintf(_m('Invalid JID node "%s".'), $node));
  180. }
  181. }
  182. if (strlen($domain) > 1023) {
  183. // TRANS: Exception thrown when using too long a Jabber domain (>1023).
  184. throw new Exception(_m('Invalid JID: domain too long.'));
  185. }
  186. if (!common_valid_domain($domain)) {
  187. // TRANS: Exception thrown when using an invalid Jabber domain name.
  188. // TRANS: %s is the invalid domain name.
  189. throw new Exception(sprintf(_m('Invalid JID domain name "%s".'), $domain));
  190. }
  191. if ($resource !== null) {
  192. if (strlen($resource) > 1023) {
  193. // TRANS: Exception thrown when using too long a resource (>1023).
  194. throw new Exception("Invalid JID: resource too long.");
  195. }
  196. if (preg_match("/[" . $chars . "]/u", $resource)) {
  197. // TRANS: Exception thrown when using an invalid Jabber resource.
  198. // TRANS: %s is the invalid resource.
  199. throw new Exception(sprintf(_m('Invalid JID resource "%s".'), $resource));
  200. }
  201. }
  202. return array('node' => is_null($node) ? null : mb_strtolower($node),
  203. 'domain' => is_null($domain) ? null : mb_strtolower($domain),
  204. 'resource' => $resource);
  205. }
  206. /**
  207. * Check if this domain's got some legit DNS record
  208. * @param $domain
  209. * @return bool
  210. */
  211. protected function checkDomain($domain)
  212. {
  213. if (checkdnsrr("_xmpp-server._tcp." . $domain, "SRV")) {
  214. return true;
  215. }
  216. if (checkdnsrr($domain, "ANY")) {
  217. return true;
  218. }
  219. return false;
  220. }
  221. /**
  222. * Load related Plugins when needed
  223. *
  224. * @param string $cls Name of the class to be loaded
  225. *
  226. * @return boolean hook value; true means continue processing, false means stop.
  227. */
  228. function onAutoload($cls)
  229. {
  230. switch ($cls) {
  231. case 'XMPPHP_XMPP':
  232. require_once __DIR__ . '/extlib/XMPPHP/XMPP.php';
  233. return false;
  234. }
  235. return parent::onAutoload($cls);
  236. }
  237. function onStartImDaemonIoManagers(&$classes)
  238. {
  239. parent::onStartImDaemonIoManagers($classes);
  240. $classes[] = new XmppManager($this); // handles pings/reconnects
  241. return true;
  242. }
  243. function sendMessage($screenname, $body)
  244. {
  245. $this->queuedConnection()->message($screenname, $body, 'chat');
  246. }
  247. /**
  248. * Build a queue-proxied XMPP interface object. Any outgoing messages
  249. * will be run back through us for enqueing rather than sent directly.
  250. *
  251. * @return QueuedXMPP
  252. * @throws Exception if server settings are invalid.
  253. */
  254. function queuedConnection()
  255. {
  256. if (!isset($this->server)) {
  257. // TRANS: Exception thrown when the plugin configuration is incorrect.
  258. throw new Exception(_m('You must specify a server in the configuration.'));
  259. }
  260. if (!isset($this->port)) {
  261. // TRANS: Exception thrown when the plugin configuration is incorrect.
  262. throw new Exception(_m('You must specify a port in the configuration.'));
  263. }
  264. if (!isset($this->user)) {
  265. // TRANS: Exception thrown when the plugin configuration is incorrect.
  266. throw new Exception(_m('You must specify a user in the configuration.'));
  267. }
  268. if (!isset($this->password)) {
  269. // TRANS: Exception thrown when the plugin configuration is incorrect.
  270. throw new Exception(_m('You must specify a password in the configuration.'));
  271. }
  272. return new QueuedXMPP($this, $this->host ?
  273. $this->host :
  274. $this->server,
  275. $this->port,
  276. $this->user,
  277. $this->password,
  278. $this->resource,
  279. $this->server,
  280. $this->debug ?
  281. true : false,
  282. $this->debug ?
  283. \XMPPHP\Log::LEVEL_VERBOSE : null
  284. );
  285. }
  286. function sendNotice($screenname, Notice $notice)
  287. {
  288. try {
  289. $msg = $this->formatNotice($notice);
  290. $entry = $this->format_entry($notice);
  291. } catch (Exception $e) {
  292. common_log(LOG_ERR, __METHOD__ . ": Discarding outgoing stanza because of exception: {$e->getMessage()}");
  293. return false; // return value of sendNotice is never actually used as of now
  294. }
  295. $this->queuedConnection()->message($screenname, $msg, 'chat', null, $entry);
  296. return true;
  297. }
  298. /**
  299. * extra information for XMPP messages, as defined by Twitter
  300. *
  301. * @param Notice $notice Notice being sent
  302. *
  303. * @return string Extra information (Atom, HTML, addresses) in string format
  304. */
  305. protected function format_entry(Notice $notice)
  306. {
  307. $profile = $notice->getProfile();
  308. $entry = $notice->asAtomEntry(true, true);
  309. $xs = new XMLStringer();
  310. $xs->elementStart('html', array('xmlns' => 'http://jabber.org/protocol/xhtml-im'));
  311. $xs->elementStart('body', array('xmlns' => 'http://www.w3.org/1999/xhtml'));
  312. $xs->element('a', array('href' => $profile->profileurl), $profile->nickname);
  313. try {
  314. $parent = $notice->getParent();
  315. $orig_profile = $parent->getProfile();
  316. $orig_profurl = $orig_profile->getUrl();
  317. $xs->text(" => ");
  318. $xs->element('a', array('href' => $orig_profurl), $orig_profile->nickname);
  319. $xs->text(": ");
  320. } catch (NoParentNoticeException $e) {
  321. $xs->text(": ");
  322. }
  323. // FIXME: Why do we replace \t with ''? is it just to make it pretty? shouldn't whitespace be handled well...?
  324. $xs->raw(str_replace("\t", "", $notice->getRendered()));
  325. $xs->text(" ");
  326. $xs->element('a', array(
  327. 'href' => common_local_url('conversation',
  328. array('id' => $notice->conversation)) . '#notice-' . $notice->id),
  329. // TRANS: Link description to notice in conversation.
  330. // TRANS: %s is a notice ID.
  331. sprintf(_m('[%u]'), $notice->id));
  332. $xs->elementEnd('body');
  333. $xs->elementEnd('html');
  334. $html = $xs->getString();
  335. return $html . ' ' . $entry;
  336. }
  337. function receiveRawMessage($pl)
  338. {
  339. $from = $this->normalize($pl['from']);
  340. if ($pl['type'] != 'chat') {
  341. $this->log(LOG_WARNING, "Ignoring message of type " . $pl['type'] . " from $from: " . $pl['xml']->toString());
  342. return true;
  343. }
  344. if (mb_strlen($pl['body']) == 0) {
  345. $this->log(LOG_WARNING, "Ignoring message with empty body from $from: " . $pl['xml']->toString());
  346. return true;
  347. }
  348. $this->handleIncoming($from, $pl['body']);
  349. return true;
  350. }
  351. /**
  352. * Normalizes a Jabber ID for comparison, dropping the resource component if any.
  353. *
  354. * @param string $jid JID to check
  355. * @return string an equivalent JID in normalized (lowercase) form
  356. */
  357. function normalize($jid)
  358. {
  359. try {
  360. $parts = $this->splitJid($jid);
  361. if ($parts['node'] !== null) {
  362. return $parts['node'] . '@' . $parts['domain'];
  363. } else {
  364. return $parts['domain'];
  365. }
  366. } catch (Exception $e) {
  367. return null;
  368. }
  369. }
  370. /**
  371. * Add XMPP plugin daemon to the list of daemon to start
  372. *
  373. * @param array $daemons the list of daemons to run
  374. *
  375. * @return boolean hook return
  376. */
  377. function onGetValidDaemons(&$daemons)
  378. {
  379. if (isset($this->server) &&
  380. isset($this->port) &&
  381. isset($this->user) &&
  382. isset($this->password)) {
  383. array_push(
  384. $daemons,
  385. INSTALLDIR
  386. . '/scripts/imdaemon.php'
  387. );
  388. }
  389. return true;
  390. }
  391. /**
  392. * Plugin Nodeinfo information
  393. *
  394. * @param array $protocols
  395. * @return bool hook true
  396. */
  397. public function onNodeInfoProtocols(array &$protocols)
  398. {
  399. $protocols[] = "xmpp";
  400. return true;
  401. }
  402. public function onPluginVersion(array &$versions): bool
  403. {
  404. $versions[] = array('name' => 'XMPP',
  405. 'version' => self::PLUGIN_VERSION,
  406. 'author' => 'Craig Andrews, Evan Prodromou',
  407. 'homepage' => 'https://git.gnu.io/gnu/gnu-social/tree/master/plugins/XMPP',
  408. 'rawdescription' =>
  409. // TRANS: Plugin description.
  410. _m('The XMPP plugin allows users to send and receive notices over the XMPP/Jabber network.'));
  411. return true;
  412. }
  413. /**
  414. * Checks whether a string is a syntactically valid Jabber ID (JID),
  415. * either with or without a resource.
  416. *
  417. * Note that a bare domain can be a valid JID.
  418. *
  419. * @param string $jid string to check
  420. * @param bool $check_domain whether we should validate that domain...
  421. *
  422. * @return boolean whether the string is a valid JID
  423. */
  424. protected function validateFullJid($jid, $check_domain = false)
  425. {
  426. try {
  427. $parts = $this->splitJid($jid);
  428. if ($check_domain) {
  429. if (!$this->checkDomain($parts['domain'])) {
  430. return false;
  431. }
  432. }
  433. return $parts['resource'] !== ''; // missing or present; empty ain't kosher
  434. } catch (Exception $e) {
  435. return false;
  436. }
  437. }
  438. }