all repos — honk @ 4e89ac7b94e842021f584f0477ef0dbb5f8d673f

my fork of honk

honk.go (view raw)

   1//
   2// Copyright (c) 2019 Ted Unangst <tedu@tedunangst.com>
   3//
   4// Permission to use, copy, modify, and distribute this software for any
   5// purpose with or without fee is hereby granted, provided that the above
   6// copyright notice and this permission notice appear in all copies.
   7//
   8// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
   9// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  10// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  11// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  12// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  13// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  14// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  15
  16package main
  17
  18import (
  19	"bytes"
  20	"crypto/rand"
  21	"crypto/rsa"
  22	"database/sql"
  23	"fmt"
  24	"html/template"
  25	"image"
  26	_ "image/gif"
  27	_ "image/jpeg"
  28	_ "image/png"
  29	"io"
  30	"log"
  31	"net/http"
  32	"os"
  33	"sort"
  34	"strings"
  35	"sync"
  36	"time"
  37
  38	"github.com/gorilla/mux"
  39)
  40
  41type UserInfo struct {
  42	UserID   int64
  43	Username string
  44}
  45
  46type WhatAbout struct {
  47	ID      int64
  48	Name    string
  49	Display string
  50	About   string
  51	Key     string
  52	URL     string
  53}
  54
  55type Honk struct {
  56	ID       int64
  57	UserID   int64
  58	Username string
  59	What     string
  60	Honker   string
  61	XID      string
  62	RID      string
  63	Date     time.Time
  64	URL      string
  65	Noise    string
  66	Audience []string
  67	HTML     template.HTML
  68	Donks    []*Donk
  69}
  70
  71type Donk struct {
  72	FileID  int64
  73	XID     string
  74	Name    string
  75	URL     string
  76	Media   string
  77	Content []byte
  78}
  79
  80type Honker struct {
  81	ID     int64
  82	UserID int64
  83	Name   string
  84	XID    string
  85	Flavor string
  86}
  87
  88var serverName string
  89var iconName = "icon.png"
  90
  91var readviews *Template
  92
  93func getInfo(r *http.Request) map[string]interface{} {
  94	templinfo := make(map[string]interface{})
  95	templinfo["StyleParam"] = getstyleparam("views/style.css")
  96	templinfo["LocalStyleParam"] = getstyleparam("views/local.css")
  97	templinfo["ServerName"] = serverName
  98	templinfo["IconName"] = iconName
  99	templinfo["UserInfo"] = GetUserInfo(r)
 100	templinfo["LogoutCSRF"] = GetCSRF("logout", r)
 101	return templinfo
 102}
 103
 104func homepage(w http.ResponseWriter, r *http.Request) {
 105	templinfo := getInfo(r)
 106	u := GetUserInfo(r)
 107	var honks []*Honk
 108	if u != nil {
 109		honks = gethonksforuser(u.UserID)
 110		templinfo["HonkCSRF"] = GetCSRF("honkhonk", r)
 111	} else {
 112		honks = gethonks()
 113	}
 114	sort.Slice(honks, func(i, j int) bool {
 115		return honks[i].Date.After(honks[j].Date)
 116	})
 117	reverbolate(honks)
 118
 119	var modtime time.Time
 120	if len(honks) > 0 {
 121		modtime = honks[0].Date
 122	}
 123	debug := false
 124	getconfig("debug", &debug)
 125	imh := r.Header.Get("If-Modified-Since")
 126	if !debug && imh != "" && !modtime.IsZero() {
 127		ifmod, err := time.Parse(http.TimeFormat, imh)
 128		if err == nil && !modtime.After(ifmod) {
 129			w.WriteHeader(http.StatusNotModified)
 130			return
 131		}
 132	}
 133
 134	msg := "Things happen."
 135	getconfig("servermsg", &msg)
 136	templinfo["Honks"] = honks
 137	templinfo["ShowRSS"] = true
 138	templinfo["ServerMessage"] = msg
 139	w.Header().Set("Cache-Control", "max-age=0")
 140	w.Header().Set("Last-Modified", modtime.Format(http.TimeFormat))
 141	err := readviews.ExecuteTemplate(w, "homepage.html", templinfo)
 142	if err != nil {
 143		log.Print(err)
 144	}
 145}
 146
 147func showrss(w http.ResponseWriter, r *http.Request) {
 148	name := mux.Vars(r)["name"]
 149
 150	var honks []*Honk
 151	if name != "" {
 152		honks = gethonksbyuser(name)
 153	} else {
 154		honks = gethonks()
 155	}
 156	sort.Slice(honks, func(i, j int) bool {
 157		return honks[i].Date.After(honks[j].Date)
 158	})
 159	reverbolate(honks)
 160
 161	home := fmt.Sprintf("https://%s/", serverName)
 162	base := home
 163	if name != "" {
 164		home += "u/" + name
 165		name += " "
 166	}
 167	feed := RssFeed{
 168		Title:       name + "honk",
 169		Link:        home,
 170		Description: name + "honk rss",
 171		FeedImage: &RssFeedImage{
 172			URL:   base + "icon.png",
 173			Title: name + "honk rss",
 174			Link:  home,
 175		},
 176	}
 177	var modtime time.Time
 178	past := time.Now().UTC().Add(-3 * 24 * time.Hour)
 179	for _, honk := range honks {
 180		if honk.Date.Before(past) {
 181			break
 182		}
 183		if honk.URL[0] == '/' {
 184			honk.URL = "https://" + serverName + honk.URL
 185		}
 186		feed.Items = append(feed.Items, &RssItem{
 187			Title:       fmt.Sprintf("%s %s %s", honk.Username, honk.What, honk.XID),
 188			Description: RssCData{string(honk.HTML)},
 189			Link:        honk.URL,
 190			PubDate:     honk.Date.Format(time.RFC1123),
 191		})
 192		if honk.Date.After(modtime) {
 193			modtime = honk.Date
 194		}
 195	}
 196	w.Header().Set("Cache-Control", "max-age=300")
 197	w.Header().Set("Last-Modified", modtime.Format(http.TimeFormat))
 198
 199	err := feed.Write(w)
 200	if err != nil {
 201		log.Printf("error writing rss: %s", err)
 202	}
 203}
 204
 205func butwhatabout(name string) (*WhatAbout, error) {
 206	row := stmtWhatAbout.QueryRow(name)
 207	var user WhatAbout
 208	err := row.Scan(&user.ID, &user.Name, &user.Display, &user.About, &user.Key)
 209	user.URL = fmt.Sprintf("https://%s/u/%s", serverName, user.Name)
 210	return &user, err
 211}
 212
 213func crappola(j map[string]interface{}) bool {
 214	t, _ := jsongetstring(j, "type")
 215	a, _ := jsongetstring(j, "actor")
 216	o, _ := jsongetstring(j, "object")
 217	if t == "Delete" && a == o {
 218		log.Printf("crappola from %s", a)
 219		return true
 220	}
 221	return false
 222}
 223
 224func ping(user *WhatAbout, who string) {
 225	inbox, _, err := getboxes(who)
 226	if err != nil {
 227		log.Printf("no inbox for ping: %s", err)
 228		return
 229	}
 230	j := NewJunk()
 231	j["@context"] = itiswhatitis
 232	j["type"] = "Ping"
 233	j["id"] = user.URL + "/ping/" + xfiltrate()
 234	j["actor"] = user.URL
 235	j["to"] = who
 236	keyname, key := ziggy(user.Name)
 237	err = PostJunk(keyname, key, inbox, j)
 238	if err != nil {
 239		log.Printf("can't send ping: %s", err)
 240		return
 241	}
 242	log.Printf("sent ping to %s: %s", who, j["id"])
 243}
 244
 245func pong(user *WhatAbout, who string, obj string) {
 246	inbox, _, err := getboxes(who)
 247	if err != nil {
 248		log.Printf("no inbox for pong %s : %s", who, err)
 249		return
 250	}
 251	j := NewJunk()
 252	j["@context"] = itiswhatitis
 253	j["type"] = "Pong"
 254	j["id"] = user.URL + "/pong/" + xfiltrate()
 255	j["actor"] = user.URL
 256	j["to"] = who
 257	j["object"] = obj
 258	keyname, key := ziggy(user.Name)
 259	err = PostJunk(keyname, key, inbox, j)
 260	if err != nil {
 261		log.Printf("can't send pong: %s", err)
 262		return
 263	}
 264}
 265
 266func inbox(w http.ResponseWriter, r *http.Request) {
 267	name := mux.Vars(r)["name"]
 268	user, err := butwhatabout(name)
 269	if err != nil {
 270		http.NotFound(w, r)
 271		return
 272	}
 273	var buf bytes.Buffer
 274	io.Copy(&buf, r.Body)
 275	payload := buf.Bytes()
 276	j, err := ReadJunk(bytes.NewReader(payload))
 277	if err != nil {
 278		log.Printf("bad payload: %s", err)
 279		io.WriteString(os.Stdout, "bad payload\n")
 280		os.Stdout.Write(payload)
 281		io.WriteString(os.Stdout, "\n")
 282		return
 283	}
 284	if crappola(j) {
 285		return
 286	}
 287	keyname, err := zag(r, payload)
 288	if err != nil {
 289		log.Printf("inbox message failed signature: %s", err)
 290		fd, _ := os.OpenFile("savedinbox.json", os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0666)
 291		io.WriteString(fd, "bad signature:\n")
 292		WriteJunk(fd, j)
 293		io.WriteString(fd, "\n")
 294		fd.Close()
 295		return
 296	}
 297	fd, _ := os.OpenFile("savedinbox.json", os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0666)
 298	WriteJunk(fd, j)
 299	io.WriteString(fd, "\n")
 300	fd.Close()
 301	who, _ := jsongetstring(j, "actor")
 302	if !keymatch(keyname, who) {
 303		log.Printf("keyname actor mismatch: %s <> %s", keyname, who)
 304		return
 305	}
 306	what, _ := jsongetstring(j, "type")
 307	switch what {
 308	case "Ping":
 309		obj, _ := jsongetstring(j, "id")
 310		log.Printf("ping from %s: %s", who, obj)
 311		pong(user, who, obj)
 312	case "Pong":
 313		obj, _ := jsongetstring(j, "object")
 314		log.Printf("pong from %s: %s", who, obj)
 315	case "Follow":
 316		log.Printf("updating honker follow: %s", who)
 317		rubadubdub(user, j)
 318	case "Accept":
 319		db := opendatabase()
 320		log.Printf("updating honker accept: %s", who)
 321		db.Exec("update honkers set flavor = 'sub' where xid = ? and flavor = 'presub'", who)
 322	case "Undo":
 323		obj, ok := jsongetmap(j, "object")
 324		if !ok {
 325			log.Printf("unknown undo no object")
 326		} else {
 327			what, _ := jsongetstring(obj, "type")
 328			if what != "Follow" {
 329				log.Printf("unknown undo: %s", what)
 330			} else {
 331				log.Printf("updating honker undo: %s", who)
 332				db := opendatabase()
 333				db.Exec("update honkers set flavor = 'undub' where xid = ? and flavor = 'dub'", who)
 334			}
 335		}
 336	default:
 337		xonk := xonkxonk(j)
 338		if xonk != nil && needxonk(user, xonk) {
 339			xonk.UserID = user.ID
 340			savexonk(xonk)
 341		}
 342	}
 343}
 344
 345func outbox(w http.ResponseWriter, r *http.Request) {
 346	name := mux.Vars(r)["name"]
 347	user, err := butwhatabout(name)
 348	if err != nil {
 349		http.NotFound(w, r)
 350		return
 351	}
 352	honks := gethonksbyuser(name)
 353
 354	var jonks []map[string]interface{}
 355	for _, h := range honks {
 356		j, _ := jonkjonk(user, h)
 357		jonks = append(jonks, j)
 358	}
 359
 360	j := NewJunk()
 361	j["@context"] = itiswhatitis
 362	j["id"] = user.URL + "/outbox"
 363	j["type"] = "OrderedCollection"
 364	j["totalItems"] = len(jonks)
 365	j["orderedItems"] = jonks
 366
 367	w.Header().Set("Content-Type", theonetruename)
 368	WriteJunk(w, j)
 369}
 370
 371func viewuser(w http.ResponseWriter, r *http.Request) {
 372	name := mux.Vars(r)["name"]
 373	user, err := butwhatabout(name)
 374	if err != nil {
 375		http.NotFound(w, r)
 376		return
 377	}
 378	if friendorfoe(r.Header.Get("Accept")) {
 379		j := asjonker(user)
 380		w.Header().Set("Content-Type", theonetruename)
 381		WriteJunk(w, j)
 382		return
 383	}
 384	honks := gethonksbyuser(name)
 385	u := GetUserInfo(r)
 386	honkpage(w, r, u, user, honks)
 387}
 388
 389func viewhonker(w http.ResponseWriter, r *http.Request) {
 390	name := mux.Vars(r)["name"]
 391	u := GetUserInfo(r)
 392	honks := gethonksbyhonker(u.UserID, name)
 393	honkpage(w, r, nil, nil, honks)
 394}
 395
 396func fingerlicker(w http.ResponseWriter, r *http.Request) {
 397	orig := r.FormValue("resource")
 398
 399	log.Printf("finger lick: %s", orig)
 400
 401	if strings.HasPrefix(orig, "acct:") {
 402		orig = orig[5:]
 403	}
 404
 405	name := orig
 406	idx := strings.LastIndexByte(name, '/')
 407	if idx != -1 {
 408		name = name[idx+1:]
 409		if "https://"+serverName+"/u/"+name != orig {
 410			log.Printf("foreign request rejected")
 411			name = ""
 412		}
 413	} else {
 414		idx = strings.IndexByte(name, '@')
 415		if idx != -1 {
 416			name = name[:idx]
 417			if name+"@"+serverName != orig {
 418				log.Printf("foreign request rejected")
 419				name = ""
 420			}
 421		}
 422	}
 423	user, err := butwhatabout(name)
 424	if err != nil {
 425		http.NotFound(w, r)
 426		return
 427	}
 428
 429	j := NewJunk()
 430	j["subject"] = fmt.Sprintf("acct:%s@%s", user.Name, serverName)
 431	j["aliases"] = []string{user.URL}
 432	var links []map[string]interface{}
 433	l := NewJunk()
 434	l["rel"] = "self"
 435	l["type"] = `application/activity+json`
 436	l["href"] = user.URL
 437	links = append(links, l)
 438	j["links"] = links
 439
 440	w.Header().Set("Content-Type", "application/jrd+json")
 441	WriteJunk(w, j)
 442}
 443
 444func viewhonk(w http.ResponseWriter, r *http.Request) {
 445	name := mux.Vars(r)["name"]
 446	xid := mux.Vars(r)["xid"]
 447	user, err := butwhatabout(name)
 448	if err != nil {
 449		http.NotFound(w, r)
 450		return
 451	}
 452	h := getxonk(name, xid)
 453	if h == nil {
 454		http.NotFound(w, r)
 455		return
 456	}
 457	if friendorfoe(r.Header.Get("Accept")) {
 458		_, j := jonkjonk(user, h)
 459		j["@context"] = itiswhatitis
 460		w.Header().Set("Content-Type", theonetruename)
 461		WriteJunk(w, j)
 462		return
 463	}
 464	honkpage(w, r, nil, nil, []*Honk{h})
 465}
 466
 467func honkpage(w http.ResponseWriter, r *http.Request, u *UserInfo, user *WhatAbout, honks []*Honk) {
 468	reverbolate(honks)
 469	templinfo := getInfo(r)
 470	if u != nil && u.Username == user.Name {
 471		templinfo["UserCSRF"] = GetCSRF("saveuser", r)
 472		templinfo["HonkCSRF"] = GetCSRF("honkhonk", r)
 473	}
 474	if user != nil {
 475		templinfo["Name"] = user.Name
 476		whatabout := user.About
 477		templinfo["RawWhatAbout"] = whatabout
 478		whatabout = obfusbreak(whatabout)
 479		templinfo["WhatAbout"] = cleanstring(whatabout)
 480	}
 481	templinfo["Honks"] = honks
 482	err := readviews.ExecuteTemplate(w, "honkpage.html", templinfo)
 483	if err != nil {
 484		log.Print(err)
 485	}
 486}
 487
 488func saveuser(w http.ResponseWriter, r *http.Request) {
 489	whatabout := r.FormValue("whatabout")
 490	u := GetUserInfo(r)
 491	db := opendatabase()
 492	_, err := db.Exec("update users set about = ? where username = ?", whatabout, u.Username)
 493	if err != nil {
 494		log.Printf("error bouting what: %s", err)
 495	}
 496
 497	http.Redirect(w, r, "/u/"+u.Username, http.StatusSeeOther)
 498}
 499
 500func gethonkers(userid int64) []*Honker {
 501	rows, err := stmtHonkers.Query(userid)
 502	if err != nil {
 503		log.Printf("error querying honkers: %s", err)
 504		return nil
 505	}
 506	defer rows.Close()
 507	var honkers []*Honker
 508	for rows.Next() {
 509		var f Honker
 510		err = rows.Scan(&f.ID, &f.UserID, &f.Name, &f.XID, &f.Flavor)
 511		if err != nil {
 512			log.Printf("error scanning honker: %s", err)
 513			return nil
 514		}
 515		honkers = append(honkers, &f)
 516	}
 517	return honkers
 518}
 519
 520func getdubs(userid int64) []*Honker {
 521	rows, err := stmtDubbers.Query(userid)
 522	if err != nil {
 523		log.Printf("error querying dubs: %s", err)
 524		return nil
 525	}
 526	defer rows.Close()
 527	var honkers []*Honker
 528	for rows.Next() {
 529		var f Honker
 530		err = rows.Scan(&f.ID, &f.UserID, &f.Name, &f.XID, &f.Flavor)
 531		if err != nil {
 532			log.Printf("error scanning honker: %s", err)
 533			return nil
 534		}
 535		honkers = append(honkers, &f)
 536	}
 537	return honkers
 538}
 539
 540func getxonk(name, xid string) *Honk {
 541	var h Honk
 542	var dt, aud string
 543	row := stmtOneXonk.QueryRow(xid)
 544	err := row.Scan(&h.ID, &h.UserID, &h.Username, &h.What, &h.Honker, &h.XID, &h.RID,
 545		&dt, &h.URL, &aud, &h.Noise)
 546	if err != nil {
 547		log.Printf("error scanning xonk: %s", err)
 548		return nil
 549	}
 550	if name != "" && h.Username != name {
 551		log.Printf("user xonk mismatch")
 552		return nil
 553	}
 554	h.Date, _ = time.Parse(dbtimeformat, dt)
 555	h.Audience = strings.Split(aud, " ")
 556	donksforhonks([]*Honk{&h})
 557	return &h
 558}
 559
 560func gethonks() []*Honk {
 561	rows, err := stmtHonks.Query()
 562	return getsomehonks(rows, err)
 563}
 564func gethonksbyuser(name string) []*Honk {
 565	rows, err := stmtUserHonks.Query(name)
 566	return getsomehonks(rows, err)
 567}
 568func gethonksforuser(userid int64) []*Honk {
 569	dt := time.Now().UTC().Add(-2 * 24 * time.Hour)
 570	rows, err := stmtHonksForUser.Query(userid, dt.Format(dbtimeformat))
 571	return getsomehonks(rows, err)
 572}
 573func gethonksbyhonker(userid int64, honker string) []*Honk {
 574	rows, err := stmtHonksByHonker.Query(userid, honker)
 575	return getsomehonks(rows, err)
 576}
 577
 578func getsomehonks(rows *sql.Rows, err error) []*Honk {
 579	if err != nil {
 580		log.Printf("error querying honks: %s", err)
 581		return nil
 582	}
 583	defer rows.Close()
 584	var honks []*Honk
 585	for rows.Next() {
 586		var h Honk
 587		var dt, aud string
 588		err = rows.Scan(&h.ID, &h.UserID, &h.Username, &h.What, &h.Honker, &h.XID, &h.RID,
 589			&dt, &h.URL, &aud, &h.Noise)
 590		if err != nil {
 591			log.Printf("error scanning honks: %s", err)
 592			return nil
 593		}
 594		h.Date, _ = time.Parse(dbtimeformat, dt)
 595		h.Audience = strings.Split(aud, " ")
 596		honks = append(honks, &h)
 597	}
 598	rows.Close()
 599	donksforhonks(honks)
 600	return honks
 601}
 602
 603func donksforhonks(honks []*Honk) {
 604	db := opendatabase()
 605	var ids []string
 606	hmap := make(map[int64]*Honk)
 607	for _, h := range honks {
 608		ids = append(ids, fmt.Sprintf("%d", h.ID))
 609		hmap[h.ID] = h
 610	}
 611	q := fmt.Sprintf("select honkid, donks.fileid, xid, name, url, media from donks join files on donks.fileid = files.fileid where honkid in (%s)", strings.Join(ids, ","))
 612	rows, err := db.Query(q)
 613	if err != nil {
 614		log.Printf("error querying donks: %s", err)
 615		return
 616	}
 617	defer rows.Close()
 618	for rows.Next() {
 619		var hid int64
 620		var d Donk
 621		err = rows.Scan(&hid, &d.FileID, &d.XID, &d.Name, &d.URL, &d.Media)
 622		if err != nil {
 623			log.Printf("error scanning donk: %s", err)
 624			continue
 625		}
 626		h := hmap[hid]
 627		h.Donks = append(h.Donks, &d)
 628	}
 629}
 630
 631func savebonk(w http.ResponseWriter, r *http.Request) {
 632	xid := r.FormValue("xid")
 633
 634	log.Printf("bonking %s", xid)
 635
 636	xonk := getxonk("", xid)
 637	if xonk == nil {
 638		return
 639	}
 640	if xonk.Honker == "" {
 641		xonk.XID = fmt.Sprintf("https://%s/u/%s/h/%s", serverName, xonk.Username, xonk.XID)
 642	}
 643
 644	userinfo := GetUserInfo(r)
 645
 646	dt := time.Now().UTC()
 647	bonk := Honk{
 648		UserID:   userinfo.UserID,
 649		Username: userinfo.Username,
 650		Honker:   xonk.Honker,
 651		What:     "bonk",
 652		XID:      xonk.XID,
 653		Date:     dt,
 654		Noise:    xonk.Noise,
 655		Donks:    xonk.Donks,
 656		Audience: oneofakind(prepend(thewholeworld, xonk.Audience)),
 657	}
 658
 659	aud := strings.Join(bonk.Audience, " ")
 660	res, err := stmtSaveHonk.Exec(userinfo.UserID, "bonk", "", xid, "",
 661		dt.Format(dbtimeformat), "", aud, bonk.Noise)
 662	if err != nil {
 663		log.Printf("error saving bonk: %s", err)
 664		return
 665	}
 666	bonk.ID, _ = res.LastInsertId()
 667	for _, d := range bonk.Donks {
 668		_, err = stmtSaveDonk.Exec(bonk.ID, d.FileID)
 669		if err != nil {
 670			log.Printf("err saving donk: %s", err)
 671			return
 672		}
 673	}
 674
 675	user, _ := butwhatabout(userinfo.Username)
 676
 677	go honkworldwide(user, &bonk)
 678
 679}
 680
 681func savehonk(w http.ResponseWriter, r *http.Request) {
 682	rid := r.FormValue("rid")
 683	noise := r.FormValue("noise")
 684
 685	userinfo := GetUserInfo(r)
 686
 687	dt := time.Now().UTC()
 688	xid := xfiltrate()
 689	if xid == "" {
 690		return
 691	}
 692	what := "honk"
 693	if rid != "" {
 694		what = "tonk"
 695	}
 696	honk := Honk{
 697		UserID:   userinfo.UserID,
 698		Username: userinfo.Username,
 699		What:     "honk",
 700		XID:      xid,
 701		RID:      rid,
 702		Date:     dt,
 703	}
 704	if noise[0] == '@' {
 705		honk.Audience = append(grapevine(noise), thewholeworld)
 706	} else {
 707		honk.Audience = append([]string{thewholeworld}, grapevine(noise)...)
 708	}
 709	if rid != "" {
 710		xonk := getxonk("", rid)
 711		if xonk != nil {
 712			honk.Audience = append(honk.Audience, xonk.Audience...)
 713		} else {
 714			xonkaud := whosthere(rid)
 715			honk.Audience = append(honk.Audience, xonkaud...)
 716		}
 717	}
 718	honk.Audience = oneofakind(honk.Audience)
 719	noise = obfusbreak(noise)
 720	honk.Noise = noise
 721
 722	file, _, err := r.FormFile("donk")
 723	if err == nil {
 724		var buf bytes.Buffer
 725		io.Copy(&buf, file)
 726		file.Close()
 727		data := buf.Bytes()
 728		img, format, err := image.Decode(&buf)
 729		if err != nil {
 730			log.Printf("bad image: %s", err)
 731			return
 732		}
 733		data, format, err = vacuumwrap(img, format)
 734		if err != nil {
 735			log.Printf("can't vacuum image: %s", err)
 736			return
 737		}
 738		name := xfiltrate()
 739		media := "image/" + format
 740		if format == "jpeg" {
 741			format = "jpg"
 742		}
 743		name = name + "." + format
 744		url := fmt.Sprintf("https://%s/d/%s", serverName, name)
 745		res, err := stmtSaveFile.Exec(name, name, url, media, data)
 746		if err != nil {
 747			log.Printf("unable to save image: %s", err)
 748			return
 749		}
 750		var d Donk
 751		d.FileID, _ = res.LastInsertId()
 752		d.XID = name
 753		d.Name = name
 754		d.Media = media
 755		d.URL = url
 756		honk.Donks = append(honk.Donks, &d)
 757	}
 758	herd := herdofemus(honk.Noise)
 759	for _, e := range herd {
 760		donk := savedonk(e.ID, e.Name, "image/png")
 761		if donk != nil {
 762			honk.Donks = append(honk.Donks, donk)
 763		}
 764	}
 765
 766	aud := strings.Join(honk.Audience, " ")
 767	res, err := stmtSaveHonk.Exec(userinfo.UserID, what, "", xid, rid,
 768		dt.Format(dbtimeformat), "", aud, noise)
 769	if err != nil {
 770		log.Printf("error saving honk: %s", err)
 771		return
 772	}
 773	honk.ID, _ = res.LastInsertId()
 774	for _, d := range honk.Donks {
 775		_, err = stmtSaveDonk.Exec(honk.ID, d.FileID)
 776		if err != nil {
 777			log.Printf("err saving donk: %s", err)
 778			return
 779		}
 780	}
 781
 782	user, _ := butwhatabout(userinfo.Username)
 783
 784	go honkworldwide(user, &honk)
 785
 786	http.Redirect(w, r, "/", http.StatusSeeOther)
 787}
 788
 789func showhonkers(w http.ResponseWriter, r *http.Request) {
 790	userinfo := GetUserInfo(r)
 791	templinfo := getInfo(r)
 792	templinfo["Honkers"] = gethonkers(userinfo.UserID)
 793	templinfo["HonkerCSRF"] = GetCSRF("savehonker", r)
 794	err := readviews.ExecuteTemplate(w, "honkers.html", templinfo)
 795	if err != nil {
 796		log.Print(err)
 797	}
 798}
 799
 800var handfull = make(map[string]string)
 801var handlock sync.Mutex
 802
 803func gofish(name string) string {
 804	if name[0] == '@' {
 805		name = name[1:]
 806	}
 807	m := strings.Split(name, "@")
 808	if len(m) != 2 {
 809		log.Printf("bad fish name: %s", name)
 810		return ""
 811	}
 812	handlock.Lock()
 813	defer handlock.Unlock()
 814	ref, ok := handfull[name]
 815	if ok {
 816		return ref
 817	}
 818	j, err := GetJunk(fmt.Sprintf("https://%s/.well-known/webfinger?resource=acct:%s", m[1], name))
 819	if err != nil {
 820		log.Printf("failed to go fish %s: %s", name, err)
 821		handfull[name] = ""
 822		return ""
 823	}
 824	links, _ := jsongetarray(j, "links")
 825	for _, l := range links {
 826		href, _ := jsongetstring(l, "href")
 827		rel, _ := jsongetstring(l, "rel")
 828		t, _ := jsongetstring(l, "type")
 829		if rel == "self" && friendorfoe(t) {
 830			handfull[name] = href
 831			return href
 832		}
 833	}
 834	handfull[name] = ""
 835	return ""
 836}
 837
 838func savehonker(w http.ResponseWriter, r *http.Request) {
 839	name := r.FormValue("name")
 840	url := r.FormValue("url")
 841	peep := r.FormValue("peep")
 842	flavor := "presub"
 843	if peep == "peep" {
 844		flavor = "peep"
 845	}
 846
 847	if url == "" {
 848		return
 849	}
 850	if url[0] == '@' {
 851		url = gofish(url)
 852	}
 853	if url == "" {
 854		return
 855	}
 856
 857	u := GetUserInfo(r)
 858	db := opendatabase()
 859	_, err := db.Exec("insert into honkers (userid, name, xid, flavor) values (?, ?, ?, ?)",
 860		u.UserID, name, url, flavor)
 861	if err != nil {
 862		log.Print(err)
 863	}
 864	if flavor == "presub" {
 865		user, _ := butwhatabout(u.Username)
 866		go subsub(user, url)
 867	}
 868	http.Redirect(w, r, "/honkers", http.StatusSeeOther)
 869}
 870
 871func avatate(w http.ResponseWriter, r *http.Request) {
 872	n := r.FormValue("a")
 873	a := avatar(n)
 874	w.Header().Set("Cache-Control", "max-age=432000")
 875	w.Write(a)
 876}
 877
 878func servecss(w http.ResponseWriter, r *http.Request) {
 879	w.Header().Set("Cache-Control", "max-age=7776000")
 880	http.ServeFile(w, r, "views"+r.URL.Path)
 881}
 882func servehtml(w http.ResponseWriter, r *http.Request) {
 883	templinfo := getInfo(r)
 884	err := readviews.ExecuteTemplate(w, r.URL.Path[1:]+".html", templinfo)
 885	if err != nil {
 886		log.Print(err)
 887	}
 888}
 889func serveemu(w http.ResponseWriter, r *http.Request) {
 890	xid := mux.Vars(r)["xid"]
 891	w.Header().Set("Cache-Control", "max-age=432000")
 892	http.ServeFile(w, r, "emus/"+xid)
 893}
 894
 895func servefile(w http.ResponseWriter, r *http.Request) {
 896	xid := mux.Vars(r)["xid"]
 897	row := stmtFileData.QueryRow(xid)
 898	var data []byte
 899	err := row.Scan(&data)
 900	if err != nil {
 901		log.Printf("error loading file: %s", err)
 902		http.NotFound(w, r)
 903		return
 904	}
 905	w.Header().Set("Cache-Control", "max-age=432000")
 906	w.Write(data)
 907}
 908
 909func serve() {
 910	db := opendatabase()
 911	LoginInit(db)
 912
 913	listener, err := openListener()
 914	if err != nil {
 915		log.Fatal(err)
 916	}
 917	debug := false
 918	getconfig("debug", &debug)
 919	readviews = ParseTemplates(debug,
 920		"views/homepage.html",
 921		"views/honkpage.html",
 922		"views/honkers.html",
 923		"views/honkform.html",
 924		"views/honk.html",
 925		"views/login.html",
 926		"views/header.html",
 927	)
 928	if !debug {
 929		s := "views/style.css"
 930		savedstyleparams[s] = getstyleparam(s)
 931		s = "views/local.css"
 932		savedstyleparams[s] = getstyleparam(s)
 933	}
 934
 935	mux := mux.NewRouter()
 936	mux.Use(LoginChecker)
 937
 938	posters := mux.Methods("POST").Subrouter()
 939	getters := mux.Methods("GET").Subrouter()
 940
 941	getters.HandleFunc("/", homepage)
 942	getters.HandleFunc("/rss", showrss)
 943	getters.HandleFunc("/u/{name:[[:alnum:]]+}", viewuser)
 944	getters.HandleFunc("/u/{name:[[:alnum:]]+}/h/{xid:[[:alnum:]]+}", viewhonk)
 945	getters.HandleFunc("/u/{name:[[:alnum:]]+}/rss", showrss)
 946	posters.HandleFunc("/u/{name:[[:alnum:]]+}/inbox", inbox)
 947	getters.HandleFunc("/u/{name:[[:alnum:]]+}/outbox", outbox)
 948	getters.HandleFunc("/a", avatate)
 949	getters.HandleFunc("/d/{xid:[[:alnum:].]+}", servefile)
 950	getters.HandleFunc("/emu/{xid:[[:alnum:]_.]+}", serveemu)
 951	getters.HandleFunc("/h/{name:[[:alnum:]]+}", viewhonker)
 952	getters.HandleFunc("/.well-known/webfinger", fingerlicker)
 953
 954	getters.HandleFunc("/style.css", servecss)
 955	getters.HandleFunc("/local.css", servecss)
 956	getters.HandleFunc("/login", servehtml)
 957	posters.HandleFunc("/dologin", dologin)
 958	getters.HandleFunc("/logout", dologout)
 959
 960	loggedin := mux.NewRoute().Subrouter()
 961	loggedin.Use(LoginRequired)
 962	loggedin.Handle("/honk", CSRFWrap("honkhonk", http.HandlerFunc(savehonk)))
 963	loggedin.Handle("/bonk", CSRFWrap("honkhonk", http.HandlerFunc(savebonk)))
 964	loggedin.Handle("/saveuser", CSRFWrap("saveuser", http.HandlerFunc(saveuser)))
 965	loggedin.HandleFunc("/honkers", showhonkers)
 966	loggedin.Handle("/savehonker", CSRFWrap("savehonker", http.HandlerFunc(savehonker)))
 967
 968	err = http.Serve(listener, mux)
 969	if err != nil {
 970		log.Fatal(err)
 971	}
 972}
 973
 974var stmtHonkers, stmtDubbers, stmtOneXonk, stmtHonks, stmtUserHonks *sql.Stmt
 975var stmtHonksForUser, stmtDeleteHonk, stmtSaveDub *sql.Stmt
 976var stmtHonksByHonker, stmtSaveHonk, stmtFileData, stmtWhatAbout *sql.Stmt
 977var stmtFindXonk, stmtSaveDonk, stmtFindFile, stmtSaveFile *sql.Stmt
 978
 979func preparetodie(db *sql.DB, s string) *sql.Stmt {
 980	stmt, err := db.Prepare(s)
 981	if err != nil {
 982		log.Fatal(err)
 983	}
 984	return stmt
 985}
 986
 987func prepareStatements(db *sql.DB) {
 988	stmtHonkers = preparetodie(db, "select honkerid, userid, name, xid, flavor from honkers where userid = ? and flavor = 'sub' or flavor = 'peep'")
 989	stmtDubbers = preparetodie(db, "select honkerid, userid, name, xid, flavor from honkers where userid = ? and flavor = 'dub'")
 990	stmtOneXonk = preparetodie(db, "select honkid, honks.userid, users.username, what, honker, xid, rid, dt, url, audience, noise from honks join users on honks.userid = users.userid where xid = ?")
 991	stmtHonks = preparetodie(db, "select honkid, honks.userid, users.username, what, honker, xid, rid, dt, url, audience, noise from honks join users on honks.userid = users.userid where honker = '' order by honkid desc limit 50")
 992	stmtUserHonks = preparetodie(db, "select honkid, honks.userid, username, what, honker, xid, rid, dt, url, audience, noise from honks join users on honks.userid = users.userid where honker = '' and username = ? order by honkid desc limit 50")
 993	stmtHonksForUser = preparetodie(db, "select honkid, honks.userid, users.username, what, honker, xid, rid, dt, url, audience, noise from honks join users on honks.userid = users.userid where honks.userid = ? and dt > ? order by honkid desc limit 250")
 994	stmtHonksByHonker = preparetodie(db, "select honkid, honks.userid, users.username, what, honker, honks.xid, rid, dt, url, audience, noise from honks join users on honks.userid = users.userid join honkers on honkers.xid = honks.honker where honks.userid = ? and honkers.name = ? order by honkid desc limit 50")
 995	stmtSaveHonk = preparetodie(db, "insert into honks (userid, what, honker, xid, rid, dt, url, audience, noise) values (?, ?, ?, ?, ?, ?, ?, ?, ?)")
 996	stmtFileData = preparetodie(db, "select content from files where xid = ?")
 997	stmtFindXonk = preparetodie(db, "select honkid from honks where userid = ? and xid = ?")
 998	stmtSaveDonk = preparetodie(db, "insert into donks (honkid, fileid) values (?, ?)")
 999	stmtDeleteHonk = preparetodie(db, "update honks set what = 'zonk' where xid = ? and honker = ?")
1000	stmtFindFile = preparetodie(db, "select fileid from files where url = ?")
1001	stmtSaveFile = preparetodie(db, "insert into files (xid, name, url, media, content) values (?, ?, ?, ?, ?)")
1002	stmtWhatAbout = preparetodie(db, "select userid, username, displayname, about, pubkey from users where username = ?")
1003	stmtSaveDub = preparetodie(db, "insert into honkers (userid, name, xid, flavor) values (?, ?, ?, ?)")
1004}
1005
1006func ElaborateUnitTests() {
1007}
1008
1009func finishusersetup() error {
1010	db := opendatabase()
1011	k, err := rsa.GenerateKey(rand.Reader, 2048)
1012	if err != nil {
1013		return err
1014	}
1015	pubkey, err := zem(&k.PublicKey)
1016	if err != nil {
1017		return err
1018	}
1019	seckey, err := zem(k)
1020	if err != nil {
1021		return err
1022	}
1023	_, err = db.Exec("update users set displayname = username, about = ?, pubkey = ?, seckey = ? where userid = 1", "what about me?", pubkey, seckey)
1024	if err != nil {
1025		return err
1026	}
1027	return nil
1028}
1029
1030func main() {
1031	cmd := "run"
1032	if len(os.Args) > 1 {
1033		cmd = os.Args[1]
1034	}
1035	switch cmd {
1036	case "init":
1037		initdb()
1038	case "upgrade":
1039		upgradedb()
1040	}
1041	db := opendatabase()
1042	dbversion := 0
1043	getconfig("dbversion", &dbversion)
1044	if dbversion != myVersion {
1045		log.Fatal("incorrect database version. run upgrade.")
1046	}
1047	getconfig("servername", &serverName)
1048	prepareStatements(db)
1049	switch cmd {
1050	case "ping":
1051		if len(os.Args) < 4 {
1052			fmt.Printf("usage: honk ping from to\n")
1053			return
1054		}
1055		name := os.Args[2]
1056		targ := os.Args[3]
1057		user, err := butwhatabout(name)
1058		if err != nil {
1059			log.Printf("unknown user")
1060			return
1061		}
1062		ping(user, targ)
1063	case "peep":
1064		peeppeep()
1065	case "run":
1066		serve()
1067	case "test":
1068		ElaborateUnitTests()
1069	default:
1070		log.Fatal("unknown command")
1071	}
1072}