honk.go (view raw)
1//
2// Copyright (c) 2019 Ted Unangst <tedu@tedunangst.com>
3//
4// Permission to use, copy, modify, and distribute this software for any
5// purpose with or without fee is hereby granted, provided that the above
6// copyright notice and this permission notice appear in all copies.
7//
8// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15
16package main
17
18import (
19 "bytes"
20 "crypto/rand"
21 "crypto/rsa"
22 "database/sql"
23 "fmt"
24 "html"
25 "html/template"
26 "image"
27 _ "image/gif"
28 _ "image/jpeg"
29 _ "image/png"
30 "io"
31 "log"
32 notrand "math/rand"
33 "net/http"
34 "os"
35 "sort"
36 "strconv"
37 "strings"
38 "sync"
39 "time"
40
41 "github.com/gorilla/mux"
42)
43
44type UserInfo struct {
45 UserID int64
46 Username string
47}
48
49type WhatAbout struct {
50 ID int64
51 Name string
52 Display string
53 About string
54 Key string
55 URL string
56}
57
58type Honk struct {
59 ID int64
60 UserID int64
61 Username string
62 What string
63 Honker string
64 XID string
65 RID string
66 Date time.Time
67 URL string
68 Noise string
69 Convoy string
70 Audience []string
71 HTML template.HTML
72 Donks []*Donk
73}
74
75type Donk struct {
76 FileID int64
77 XID string
78 Name string
79 URL string
80 Media string
81 Content []byte
82}
83
84type Honker struct {
85 ID int64
86 UserID int64
87 Name string
88 XID string
89 Flavor string
90 Combos []string
91}
92
93var serverName string
94var iconName = "icon.png"
95
96var readviews *Template
97
98func getInfo(r *http.Request) map[string]interface{} {
99 templinfo := make(map[string]interface{})
100 templinfo["StyleParam"] = getstyleparam("views/style.css")
101 templinfo["LocalStyleParam"] = getstyleparam("views/local.css")
102 templinfo["ServerName"] = serverName
103 templinfo["IconName"] = iconName
104 templinfo["UserInfo"] = GetUserInfo(r)
105 templinfo["LogoutCSRF"] = GetCSRF("logout", r)
106 return templinfo
107}
108
109func homepage(w http.ResponseWriter, r *http.Request) {
110 templinfo := getInfo(r)
111 u := GetUserInfo(r)
112 var honks []*Honk
113 if u != nil {
114 if r.URL.Path == "/atme" {
115 honks = gethonksforme(u.UserID)
116 } else {
117 honks = gethonksforuser(u.UserID)
118 }
119 templinfo["HonkCSRF"] = GetCSRF("honkhonk", r)
120 } else {
121 honks = getpublichonks()
122 }
123 sort.Slice(honks, func(i, j int) bool {
124 return honks[i].Date.After(honks[j].Date)
125 })
126
127 var modtime time.Time
128 if len(honks) > 0 {
129 modtime = honks[0].Date
130 }
131 debug := false
132 getconfig("debug", &debug)
133 imh := r.Header.Get("If-Modified-Since")
134 if !debug && imh != "" && !modtime.IsZero() {
135 ifmod, err := time.Parse(http.TimeFormat, imh)
136 if err == nil && !modtime.After(ifmod) {
137 w.WriteHeader(http.StatusNotModified)
138 return
139 }
140 }
141 reverbolate(honks)
142
143 msg := "Things happen."
144 getconfig("servermsg", &msg)
145 templinfo["Honks"] = honks
146 templinfo["ShowRSS"] = true
147 templinfo["ServerMessage"] = msg
148 if u == nil {
149 w.Header().Set("Cache-Control", "max-age=60")
150 } else {
151 w.Header().Set("Cache-Control", "max-age=0")
152 }
153 w.Header().Set("Last-Modified", modtime.Format(http.TimeFormat))
154 err := readviews.ExecuteTemplate(w, "honkpage.html", templinfo)
155 if err != nil {
156 log.Print(err)
157 }
158}
159
160func showrss(w http.ResponseWriter, r *http.Request) {
161 name := mux.Vars(r)["name"]
162
163 var honks []*Honk
164 if name != "" {
165 honks = gethonksbyuser(name)
166 } else {
167 honks = getpublichonks()
168 }
169 sort.Slice(honks, func(i, j int) bool {
170 return honks[i].Date.After(honks[j].Date)
171 })
172 reverbolate(honks)
173
174 home := fmt.Sprintf("https://%s/", serverName)
175 base := home
176 if name != "" {
177 home += "u/" + name
178 name += " "
179 }
180 feed := RssFeed{
181 Title: name + "honk",
182 Link: home,
183 Description: name + "honk rss",
184 FeedImage: &RssFeedImage{
185 URL: base + "icon.png",
186 Title: name + "honk rss",
187 Link: home,
188 },
189 }
190 var modtime time.Time
191 past := time.Now().UTC().Add(-3 * 24 * time.Hour)
192 for _, honk := range honks {
193 if honk.Date.Before(past) {
194 break
195 }
196 desc := string(honk.HTML)
197 for _, d := range honk.Donks {
198 desc += fmt.Sprintf(`<p><a href="%sd/%s">Attachment: %s</a>`,
199 base, d.XID, html.EscapeString(d.Name))
200 }
201
202 feed.Items = append(feed.Items, &RssItem{
203 Title: fmt.Sprintf("%s %s %s", honk.Username, honk.What, honk.XID),
204 Description: RssCData{desc},
205 Link: honk.URL,
206 PubDate: honk.Date.Format(time.RFC1123),
207 })
208 if honk.Date.After(modtime) {
209 modtime = honk.Date
210 }
211 }
212 w.Header().Set("Cache-Control", "max-age=300")
213 w.Header().Set("Last-Modified", modtime.Format(http.TimeFormat))
214
215 err := feed.Write(w)
216 if err != nil {
217 log.Printf("error writing rss: %s", err)
218 }
219}
220
221func butwhatabout(name string) (*WhatAbout, error) {
222 row := stmtWhatAbout.QueryRow(name)
223 var user WhatAbout
224 err := row.Scan(&user.ID, &user.Name, &user.Display, &user.About, &user.Key)
225 user.URL = fmt.Sprintf("https://%s/u/%s", serverName, user.Name)
226 return &user, err
227}
228
229func crappola(j map[string]interface{}) bool {
230 t, _ := jsongetstring(j, "type")
231 a, _ := jsongetstring(j, "actor")
232 o, _ := jsongetstring(j, "object")
233 if t == "Delete" && a == o {
234 log.Printf("crappola from %s", a)
235 return true
236 }
237 return false
238}
239
240func ping(user *WhatAbout, who string) {
241 box, err := getboxes(who)
242 if err != nil {
243 log.Printf("no inbox for ping: %s", err)
244 return
245 }
246 j := NewJunk()
247 j["@context"] = itiswhatitis
248 j["type"] = "Ping"
249 j["id"] = user.URL + "/ping/" + xfiltrate()
250 j["actor"] = user.URL
251 j["to"] = who
252 keyname, key := ziggy(user.Name)
253 err = PostJunk(keyname, key, box.In, j)
254 if err != nil {
255 log.Printf("can't send ping: %s", err)
256 return
257 }
258 log.Printf("sent ping to %s: %s", who, j["id"])
259}
260
261func pong(user *WhatAbout, who string, obj string) {
262 box, err := getboxes(who)
263 if err != nil {
264 log.Printf("no inbox for pong %s : %s", who, err)
265 return
266 }
267 j := NewJunk()
268 j["@context"] = itiswhatitis
269 j["type"] = "Pong"
270 j["id"] = user.URL + "/pong/" + xfiltrate()
271 j["actor"] = user.URL
272 j["to"] = who
273 j["object"] = obj
274 keyname, key := ziggy(user.Name)
275 err = PostJunk(keyname, key, box.In, j)
276 if err != nil {
277 log.Printf("can't send pong: %s", err)
278 return
279 }
280}
281
282func inbox(w http.ResponseWriter, r *http.Request) {
283 name := mux.Vars(r)["name"]
284 user, err := butwhatabout(name)
285 if err != nil {
286 http.NotFound(w, r)
287 return
288 }
289 var buf bytes.Buffer
290 io.Copy(&buf, r.Body)
291 payload := buf.Bytes()
292 j, err := ReadJunk(bytes.NewReader(payload))
293 if err != nil {
294 log.Printf("bad payload: %s", err)
295 io.WriteString(os.Stdout, "bad payload\n")
296 os.Stdout.Write(payload)
297 io.WriteString(os.Stdout, "\n")
298 return
299 }
300 if crappola(j) {
301 return
302 }
303 keyname, err := zag(r, payload)
304 if err != nil {
305 log.Printf("inbox message failed signature: %s", err)
306 if keyname != "" {
307 keyname, err = makeitworksomehowwithoutregardforkeycontinuity(keyname, r, payload)
308 }
309 if err != nil {
310 fd, _ := os.OpenFile("savedinbox.json", os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0666)
311 io.WriteString(fd, "bad signature:\n")
312 WriteJunk(fd, j)
313 io.WriteString(fd, "\n")
314 fd.Close()
315 return
316 }
317 }
318 what, _ := jsongetstring(j, "type")
319 if what == "Like" {
320 return
321 }
322 who, _ := jsongetstring(j, "actor")
323 if !keymatch(keyname, who, user.ID) {
324 log.Printf("keyname actor mismatch: %s <> %s", keyname, who)
325 return
326 }
327 if thoudostbitethythumb(user.ID, who) {
328 log.Printf("ignoring thumb sucker %s", who)
329 return
330 }
331 fd, _ := os.OpenFile("savedinbox.json", os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0666)
332 WriteJunk(fd, j)
333 io.WriteString(fd, "\n")
334 fd.Close()
335 switch what {
336 case "Ping":
337 obj, _ := jsongetstring(j, "id")
338 log.Printf("ping from %s: %s", who, obj)
339 pong(user, who, obj)
340 case "Pong":
341 obj, _ := jsongetstring(j, "object")
342 log.Printf("pong from %s: %s", who, obj)
343 case "Follow":
344 log.Printf("updating honker follow: %s", who)
345 rubadubdub(user, j)
346 case "Accept":
347 db := opendatabase()
348 log.Printf("updating honker accept: %s", who)
349 db.Exec("update honkers set flavor = 'sub' where xid = ? and flavor = 'presub'", who)
350 case "Undo":
351 obj, ok := jsongetmap(j, "object")
352 if !ok {
353 log.Printf("unknown undo no object")
354 } else {
355 what, _ := jsongetstring(obj, "type")
356 switch what {
357 case "Follow":
358 log.Printf("updating honker undo: %s", who)
359 db := opendatabase()
360 db.Exec("update honkers set flavor = 'undub' where xid = ? and flavor = 'dub'", who)
361 case "Like":
362 default:
363 log.Printf("unknown undo: %s", what)
364 }
365 }
366 default:
367 xonk := xonkxonk(j)
368 if xonk != nil && needxonk(user, xonk) {
369 xonk.UserID = user.ID
370 savexonk(user, xonk)
371 }
372 }
373}
374
375func outbox(w http.ResponseWriter, r *http.Request) {
376 name := mux.Vars(r)["name"]
377 user, err := butwhatabout(name)
378 if err != nil {
379 http.NotFound(w, r)
380 return
381 }
382 honks := gethonksbyuser(name)
383
384 var jonks []map[string]interface{}
385 for _, h := range honks {
386 j, _ := jonkjonk(user, h)
387 jonks = append(jonks, j)
388 }
389
390 j := NewJunk()
391 j["@context"] = itiswhatitis
392 j["id"] = user.URL + "/outbox"
393 j["type"] = "OrderedCollection"
394 j["totalItems"] = len(jonks)
395 j["orderedItems"] = jonks
396
397 w.Header().Set("Cache-Control", "max-age=60")
398 w.Header().Set("Content-Type", theonetruename)
399 WriteJunk(w, j)
400}
401
402func viewuser(w http.ResponseWriter, r *http.Request) {
403 name := mux.Vars(r)["name"]
404 user, err := butwhatabout(name)
405 if err != nil {
406 http.NotFound(w, r)
407 return
408 }
409 if friendorfoe(r.Header.Get("Accept")) {
410 j := asjonker(user)
411 w.Header().Set("Cache-Control", "max-age=600")
412 w.Header().Set("Content-Type", theonetruename)
413 WriteJunk(w, j)
414 return
415 }
416 honks := gethonksbyuser(name)
417 u := GetUserInfo(r)
418 honkpage(w, r, u, user, honks, "")
419}
420
421func viewhonker(w http.ResponseWriter, r *http.Request) {
422 name := mux.Vars(r)["name"]
423 u := GetUserInfo(r)
424 honks := gethonksbyhonker(u.UserID, name)
425 honkpage(w, r, u, nil, honks, "honks by honker: " + name)
426}
427
428func viewcombo(w http.ResponseWriter, r *http.Request) {
429 name := mux.Vars(r)["name"]
430 u := GetUserInfo(r)
431 honks := gethonksbycombo(u.UserID, name)
432 honkpage(w, r, u, nil, honks, "honks by combo: " + name)
433}
434func viewconvoy(w http.ResponseWriter, r *http.Request) {
435 c := r.FormValue("c")
436 var userid int64 = -1
437 u := GetUserInfo(r)
438 if u != nil {
439 userid = u.UserID
440 }
441 honks := gethonksbyconvoy(userid, c)
442 honkpage(w, r, u, nil, honks, "honks in convoy: " + c)
443}
444
445func fingerlicker(w http.ResponseWriter, r *http.Request) {
446 orig := r.FormValue("resource")
447
448 log.Printf("finger lick: %s", orig)
449
450 if strings.HasPrefix(orig, "acct:") {
451 orig = orig[5:]
452 }
453
454 name := orig
455 idx := strings.LastIndexByte(name, '/')
456 if idx != -1 {
457 name = name[idx+1:]
458 if "https://"+serverName+"/u/"+name != orig {
459 log.Printf("foreign request rejected")
460 name = ""
461 }
462 } else {
463 idx = strings.IndexByte(name, '@')
464 if idx != -1 {
465 name = name[:idx]
466 if name+"@"+serverName != orig {
467 log.Printf("foreign request rejected")
468 name = ""
469 }
470 }
471 }
472 user, err := butwhatabout(name)
473 if err != nil {
474 http.NotFound(w, r)
475 return
476 }
477
478 j := NewJunk()
479 j["subject"] = fmt.Sprintf("acct:%s@%s", user.Name, serverName)
480 j["aliases"] = []string{user.URL}
481 var links []map[string]interface{}
482 l := NewJunk()
483 l["rel"] = "self"
484 l["type"] = `application/activity+json`
485 l["href"] = user.URL
486 links = append(links, l)
487 j["links"] = links
488
489 w.Header().Set("Cache-Control", "max-age=3600")
490 w.Header().Set("Content-Type", "application/jrd+json")
491 WriteJunk(w, j)
492}
493
494func viewhonk(w http.ResponseWriter, r *http.Request) {
495 name := mux.Vars(r)["name"]
496 xid := mux.Vars(r)["xid"]
497 user, err := butwhatabout(name)
498 if err != nil {
499 http.NotFound(w, r)
500 return
501 }
502 h := getxonk(name, xid)
503 if h == nil {
504 http.NotFound(w, r)
505 return
506 }
507 if friendorfoe(r.Header.Get("Accept")) {
508 _, j := jonkjonk(user, h)
509 j["@context"] = itiswhatitis
510 w.Header().Set("Cache-Control", "max-age=3600")
511 w.Header().Set("Content-Type", theonetruename)
512 WriteJunk(w, j)
513 return
514 }
515 u := GetUserInfo(r)
516 honkpage(w, r, u, nil, []*Honk{h}, "one honk")
517}
518
519func honkpage(w http.ResponseWriter, r *http.Request, u *UserInfo, user *WhatAbout, honks []*Honk, infomsg string) {
520 reverbolate(honks)
521 templinfo := getInfo(r)
522 if u != nil {
523 if user != nil && u.Username == user.Name {
524 templinfo["UserCSRF"] = GetCSRF("saveuser", r)
525 }
526 templinfo["HonkCSRF"] = GetCSRF("honkhonk", r)
527 }
528 if u == nil {
529 w.Header().Set("Cache-Control", "max-age=60")
530 }
531 if user != nil {
532 templinfo["Name"] = user.Name
533 whatabout := user.About
534 templinfo["RawWhatAbout"] = whatabout
535 whatabout = obfusbreak(whatabout)
536 templinfo["WhatAbout"] = cleanstring(whatabout)
537 }
538 templinfo["Honks"] = honks
539 templinfo["ServerMessage"] = infomsg
540 err := readviews.ExecuteTemplate(w, "honkpage.html", templinfo)
541 if err != nil {
542 log.Print(err)
543 }
544}
545
546func saveuser(w http.ResponseWriter, r *http.Request) {
547 whatabout := r.FormValue("whatabout")
548 u := GetUserInfo(r)
549 db := opendatabase()
550 _, err := db.Exec("update users set about = ? where username = ?", whatabout, u.Username)
551 if err != nil {
552 log.Printf("error bouting what: %s", err)
553 }
554
555 http.Redirect(w, r, "/u/"+u.Username, http.StatusSeeOther)
556}
557
558func gethonkers(userid int64) []*Honker {
559 rows, err := stmtHonkers.Query(userid)
560 if err != nil {
561 log.Printf("error querying honkers: %s", err)
562 return nil
563 }
564 defer rows.Close()
565 var honkers []*Honker
566 for rows.Next() {
567 var f Honker
568 var combos string
569 err = rows.Scan(&f.ID, &f.UserID, &f.Name, &f.XID, &f.Flavor, &combos)
570 f.Combos = strings.Split(strings.TrimSpace(combos), " ")
571 if err != nil {
572 log.Printf("error scanning honker: %s", err)
573 return nil
574 }
575 honkers = append(honkers, &f)
576 }
577 return honkers
578}
579
580func getdubs(userid int64) []*Honker {
581 rows, err := stmtDubbers.Query(userid)
582 if err != nil {
583 log.Printf("error querying dubs: %s", err)
584 return nil
585 }
586 defer rows.Close()
587 var honkers []*Honker
588 for rows.Next() {
589 var f Honker
590 err = rows.Scan(&f.ID, &f.UserID, &f.Name, &f.XID, &f.Flavor)
591 if err != nil {
592 log.Printf("error scanning honker: %s", err)
593 return nil
594 }
595 honkers = append(honkers, &f)
596 }
597 return honkers
598}
599
600func getxonk(name, xid string) *Honk {
601 var h Honk
602 var dt, aud string
603 row := stmtOneXonk.QueryRow(xid)
604 err := row.Scan(&h.ID, &h.UserID, &h.Username, &h.What, &h.Honker, &h.XID, &h.RID,
605 &dt, &h.URL, &aud, &h.Noise, &h.Convoy)
606 if err != nil {
607 if err != sql.ErrNoRows {
608 log.Printf("error scanning xonk: %s", err)
609 }
610 return nil
611 }
612 if name != "" && h.Username != name {
613 log.Printf("user xonk mismatch")
614 return nil
615 }
616 h.Date, _ = time.Parse(dbtimeformat, dt)
617 h.Audience = strings.Split(aud, " ")
618 donksforhonks([]*Honk{&h})
619 return &h
620}
621
622func getpublichonks() []*Honk {
623 rows, err := stmtPublicHonks.Query()
624 return getsomehonks(rows, err)
625}
626func gethonksbyuser(name string) []*Honk {
627 rows, err := stmtUserHonks.Query(name)
628 return getsomehonks(rows, err)
629}
630func gethonksforuser(userid int64) []*Honk {
631 dt := time.Now().UTC().Add(-2 * 24 * time.Hour)
632 rows, err := stmtHonksForUser.Query(userid, dt.Format(dbtimeformat), userid)
633 return getsomehonks(rows, err)
634}
635func gethonksforme(userid int64) []*Honk {
636 dt := time.Now().UTC().Add(-4 * 24 * time.Hour)
637 rows, err := stmtHonksForMe.Query(userid, dt.Format(dbtimeformat), userid)
638 return getsomehonks(rows, err)
639}
640func gethonksbyhonker(userid int64, honker string) []*Honk {
641 rows, err := stmtHonksByHonker.Query(userid, honker)
642 return getsomehonks(rows, err)
643}
644func gethonksbycombo(userid int64, combo string) []*Honk {
645 combo = "% " + combo + " %"
646 rows, err := stmtHonksByCombo.Query(userid, combo)
647 return getsomehonks(rows, err)
648}
649func gethonksbyconvoy(userid int64, convoy string) []*Honk {
650 rows, err := stmtHonksByConvoy.Query(userid, convoy)
651 return getsomehonks(rows, err)
652}
653
654func getsomehonks(rows *sql.Rows, err error) []*Honk {
655 if err != nil {
656 log.Printf("error querying honks: %s", err)
657 return nil
658 }
659 defer rows.Close()
660 var honks []*Honk
661 for rows.Next() {
662 var h Honk
663 var dt, aud string
664 err = rows.Scan(&h.ID, &h.UserID, &h.Username, &h.What, &h.Honker, &h.XID, &h.RID,
665 &dt, &h.URL, &aud, &h.Noise, &h.Convoy)
666 if err != nil {
667 log.Printf("error scanning honks: %s", err)
668 return nil
669 }
670 h.Date, _ = time.Parse(dbtimeformat, dt)
671 h.Audience = strings.Split(aud, " ")
672 honks = append(honks, &h)
673 }
674 rows.Close()
675 donksforhonks(honks)
676 return honks
677}
678
679func donksforhonks(honks []*Honk) {
680 db := opendatabase()
681 var ids []string
682 hmap := make(map[int64]*Honk)
683 for _, h := range honks {
684 if h.What == "zonk" {
685 continue
686 }
687 ids = append(ids, fmt.Sprintf("%d", h.ID))
688 hmap[h.ID] = h
689 }
690 q := fmt.Sprintf("select honkid, donks.fileid, xid, name, url, media from donks join files on donks.fileid = files.fileid where honkid in (%s)", strings.Join(ids, ","))
691 rows, err := db.Query(q)
692 if err != nil {
693 log.Printf("error querying donks: %s", err)
694 return
695 }
696 defer rows.Close()
697 for rows.Next() {
698 var hid int64
699 var d Donk
700 err = rows.Scan(&hid, &d.FileID, &d.XID, &d.Name, &d.URL, &d.Media)
701 if err != nil {
702 log.Printf("error scanning donk: %s", err)
703 continue
704 }
705 h := hmap[hid]
706 h.Donks = append(h.Donks, &d)
707 }
708}
709
710func savebonk(w http.ResponseWriter, r *http.Request) {
711 xid := r.FormValue("xid")
712
713 log.Printf("bonking %s", xid)
714
715 xonk := getxonk("", xid)
716 if xonk == nil {
717 return
718 }
719 if xonk.Honker == "" {
720 xonk.XID = fmt.Sprintf("https://%s/u/%s/h/%s", serverName, xonk.Username, xonk.XID)
721 }
722 convoy := xonk.Convoy
723
724 userinfo := GetUserInfo(r)
725
726 dt := time.Now().UTC()
727 bonk := Honk{
728 UserID: userinfo.UserID,
729 Username: userinfo.Username,
730 Honker: xonk.Honker,
731 What: "bonk",
732 XID: xonk.XID,
733 Date: dt,
734 Noise: xonk.Noise,
735 Convoy: convoy,
736 Donks: xonk.Donks,
737 Audience: oneofakind(prepend(thewholeworld, xonk.Audience)),
738 }
739
740 user, _ := butwhatabout(userinfo.Username)
741
742 aud := strings.Join(bonk.Audience, " ")
743 whofore := 0
744 if strings.Contains(aud, user.URL) {
745 whofore = 1
746 }
747 res, err := stmtSaveHonk.Exec(userinfo.UserID, "bonk", "", xid, "",
748 dt.Format(dbtimeformat), "", aud, bonk.Noise, bonk.Convoy, whofore)
749 if err != nil {
750 log.Printf("error saving bonk: %s", err)
751 return
752 }
753 bonk.ID, _ = res.LastInsertId()
754 for _, d := range bonk.Donks {
755 _, err = stmtSaveDonk.Exec(bonk.ID, d.FileID)
756 if err != nil {
757 log.Printf("err saving donk: %s", err)
758 return
759 }
760 }
761
762 go honkworldwide(user, &bonk)
763
764}
765
766func zonkit(w http.ResponseWriter, r *http.Request) {
767 xid := r.FormValue("xid")
768
769 log.Printf("zonking %s", xid)
770 userinfo := GetUserInfo(r)
771 stmtZonkIt.Exec(userinfo.UserID, xid)
772}
773
774func savehonk(w http.ResponseWriter, r *http.Request) {
775 rid := r.FormValue("rid")
776 noise := r.FormValue("noise")
777
778 userinfo := GetUserInfo(r)
779
780 dt := time.Now().UTC()
781 xid := xfiltrate()
782 what := "honk"
783 if rid != "" {
784 what = "tonk"
785 }
786 honk := Honk{
787 UserID: userinfo.UserID,
788 Username: userinfo.Username,
789 What: "honk",
790 XID: xid,
791 RID: rid,
792 Date: dt,
793 }
794 if noise[0] == '@' {
795 honk.Audience = append(grapevine(noise), thewholeworld)
796 } else {
797 honk.Audience = prepend(thewholeworld, grapevine(noise))
798 }
799 var convoy string
800 if rid != "" {
801 xonk := getxonk("", rid)
802 if xonk != nil {
803 honk.Audience = append(honk.Audience, xonk.Audience...)
804 convoy = xonk.Convoy
805 } else {
806 xonkaud, c := whosthere(rid)
807 honk.Audience = append(honk.Audience, xonkaud...)
808 convoy = c
809 }
810 }
811 if convoy == "" {
812 convoy = "data:,electrichonkytonk-" + xfiltrate()
813 }
814 honk.Audience = oneofakind(honk.Audience)
815 noise = obfusbreak(noise)
816 honk.Noise = noise
817 honk.Convoy = convoy
818
819 file, filehdr, err := r.FormFile("donk")
820 if err == nil {
821 var buf bytes.Buffer
822 io.Copy(&buf, file)
823 file.Close()
824 data := buf.Bytes()
825 xid := xfiltrate()
826 var media, name string
827 img, format, err := image.Decode(&buf)
828 if err == nil {
829 data, format, err = vacuumwrap(img, format)
830 if err != nil {
831 log.Printf("can't vacuum image: %s", err)
832 return
833 }
834 media = "image/" + format
835 if format == "jpeg" {
836 format = "jpg"
837 }
838 name = xid + "." + format
839 xid = name
840 } else {
841 maxsize := 100000
842 if len(data) > maxsize {
843 log.Printf("bad image: %s too much text: %d", err, len(data))
844 http.Error(w, "didn't like your attachment", http.StatusUnsupportedMediaType)
845 return
846 }
847 for i := 0; i < len(data); i++ {
848 if data[i] < 32 && data[i] != '\t' && data[i] != '\r' && data[i] != '\n' {
849 log.Printf("bad image: %s not text: %d", err, data[i])
850 http.Error(w, "didn't like your attachment", http.StatusUnsupportedMediaType)
851 return
852 }
853 }
854 media = "text/plain"
855 name = filehdr.Filename
856 if name == "" {
857 name = xid + ".txt"
858 }
859 xid += ".txt"
860 }
861 url := fmt.Sprintf("https://%s/d/%s", serverName, xid)
862 res, err := stmtSaveFile.Exec(xid, name, url, media, data)
863 if err != nil {
864 log.Printf("unable to save image: %s", err)
865 return
866 }
867 var d Donk
868 d.FileID, _ = res.LastInsertId()
869 d.XID = name
870 d.Name = name
871 d.Media = media
872 d.URL = url
873 honk.Donks = append(honk.Donks, &d)
874 }
875 herd := herdofemus(honk.Noise)
876 for _, e := range herd {
877 donk := savedonk(e.ID, e.Name, "image/png")
878 if donk != nil {
879 donk.Name = e.Name
880 honk.Donks = append(honk.Donks, donk)
881 }
882 }
883
884 user, _ := butwhatabout(userinfo.Username)
885
886 aud := strings.Join(honk.Audience, " ")
887 whofore := 0
888 if strings.Contains(aud, user.URL) {
889 whofore = 1
890 }
891 res, err := stmtSaveHonk.Exec(userinfo.UserID, what, "", xid, rid,
892 dt.Format(dbtimeformat), "", aud, noise, convoy, whofore)
893 if err != nil {
894 log.Printf("error saving honk: %s", err)
895 return
896 }
897 honk.ID, _ = res.LastInsertId()
898 for _, d := range honk.Donks {
899 _, err = stmtSaveDonk.Exec(honk.ID, d.FileID)
900 if err != nil {
901 log.Printf("err saving donk: %s", err)
902 return
903 }
904 }
905
906 go honkworldwide(user, &honk)
907
908 http.Redirect(w, r, "/", http.StatusSeeOther)
909}
910
911func viewhonkers(w http.ResponseWriter, r *http.Request) {
912 userinfo := GetUserInfo(r)
913 templinfo := getInfo(r)
914 templinfo["Honkers"] = gethonkers(userinfo.UserID)
915 templinfo["HonkerCSRF"] = GetCSRF("savehonker", r)
916 err := readviews.ExecuteTemplate(w, "honkers.html", templinfo)
917 if err != nil {
918 log.Print(err)
919 }
920}
921
922var handfull = make(map[string]string)
923var handlock sync.Mutex
924
925func gofish(name string) string {
926 if name[0] == '@' {
927 name = name[1:]
928 }
929 m := strings.Split(name, "@")
930 if len(m) != 2 {
931 log.Printf("bad fish name: %s", name)
932 return ""
933 }
934 handlock.Lock()
935 ref, ok := handfull[name]
936 handlock.Unlock()
937 if ok {
938 return ref
939 }
940 j, err := GetJunk(fmt.Sprintf("https://%s/.well-known/webfinger?resource=acct:%s", m[1], name))
941 handlock.Lock()
942 defer handlock.Unlock()
943 if err != nil {
944 log.Printf("failed to go fish %s: %s", name, err)
945 handfull[name] = ""
946 return ""
947 }
948 links, _ := jsongetarray(j, "links")
949 for _, l := range links {
950 href, _ := jsongetstring(l, "href")
951 rel, _ := jsongetstring(l, "rel")
952 t, _ := jsongetstring(l, "type")
953 if rel == "self" && friendorfoe(t) {
954 handfull[name] = href
955 return href
956 }
957 }
958 handfull[name] = ""
959 return ""
960}
961
962func savehonker(w http.ResponseWriter, r *http.Request) {
963 u := GetUserInfo(r)
964 name := r.FormValue("name")
965 url := r.FormValue("url")
966 peep := r.FormValue("peep")
967 combos := r.FormValue("combos")
968 honkerid, _ := strconv.ParseInt(r.FormValue("honkerid"), 10, 0)
969
970 if honkerid > 0 {
971 combos = " " + strings.TrimSpace(combos) + " "
972 _, err := stmtUpdateHonker.Exec(combos, honkerid, u.UserID)
973 if err != nil {
974 log.Printf("update honker err: %s", err)
975 return
976 }
977 http.Redirect(w, r, "/honkers", http.StatusSeeOther)
978 }
979
980 flavor := "presub"
981 if peep == "peep" {
982 flavor = "peep"
983 }
984 if url == "" {
985 return
986 }
987 if url[0] == '@' {
988 url = gofish(url)
989 }
990 if url == "" {
991 return
992 }
993 _, err := stmtSaveHonker.Exec(u.UserID, name, url, flavor, combos)
994 if err != nil {
995 log.Print(err)
996 return
997 }
998 if flavor == "presub" {
999 user, _ := butwhatabout(u.Username)
1000 go subsub(user, url)
1001 }
1002 http.Redirect(w, r, "/honkers", http.StatusSeeOther)
1003}
1004
1005type Zonker struct {
1006 Name string
1007 Wherefore string
1008}
1009
1010func killzone(w http.ResponseWriter, r *http.Request) {
1011 db := opendatabase()
1012 userinfo := GetUserInfo(r)
1013 rows, err := db.Query("select name, wherefore from zonkers where userid = ?", userinfo.UserID)
1014 if err != nil {
1015 log.Printf("err: %s", err)
1016 return
1017 }
1018 var zonkers []Zonker
1019 for rows.Next() {
1020 var z Zonker
1021 rows.Scan(&z.Name, &z.Wherefore)
1022 zonkers = append(zonkers, z)
1023 }
1024 templinfo := getInfo(r)
1025 templinfo["Zonkers"] = zonkers
1026 templinfo["KillCSRF"] = GetCSRF("killitwithfire", r)
1027 err = readviews.ExecuteTemplate(w, "zonkers.html", templinfo)
1028 if err != nil {
1029 log.Print(err)
1030 }
1031}
1032
1033func killitwithfire(w http.ResponseWriter, r *http.Request) {
1034 userinfo := GetUserInfo(r)
1035 wherefore := r.FormValue("wherefore")
1036 name := r.FormValue("name")
1037 if name == "" {
1038 return
1039 }
1040 switch wherefore {
1041 case "zonker":
1042 case "zurl":
1043 case "zonvoy":
1044 default:
1045 return
1046 }
1047 db := opendatabase()
1048 db.Exec("insert into zonkers (userid, name, wherefore) values (?, ?, ?)",
1049 userinfo.UserID, name, wherefore)
1050
1051 http.Redirect(w, r, "/killzone", http.StatusSeeOther)
1052}
1053
1054func somedays() string {
1055 secs := 432000 + notrand.Int63n(432000)
1056 return fmt.Sprintf("%d", secs)
1057}
1058
1059func avatate(w http.ResponseWriter, r *http.Request) {
1060 n := r.FormValue("a")
1061 a := avatar(n)
1062 w.Header().Set("Cache-Control", "max-age="+somedays())
1063 w.Write(a)
1064}
1065
1066func servecss(w http.ResponseWriter, r *http.Request) {
1067 w.Header().Set("Cache-Control", "max-age=7776000")
1068 http.ServeFile(w, r, "views"+r.URL.Path)
1069}
1070func servehtml(w http.ResponseWriter, r *http.Request) {
1071 templinfo := getInfo(r)
1072 err := readviews.ExecuteTemplate(w, r.URL.Path[1:]+".html", templinfo)
1073 if err != nil {
1074 log.Print(err)
1075 }
1076}
1077func serveemu(w http.ResponseWriter, r *http.Request) {
1078 xid := mux.Vars(r)["xid"]
1079 w.Header().Set("Cache-Control", "max-age="+somedays())
1080 http.ServeFile(w, r, "emus/"+xid)
1081}
1082
1083func servefile(w http.ResponseWriter, r *http.Request) {
1084 xid := mux.Vars(r)["xid"]
1085 row := stmtFileData.QueryRow(xid)
1086 var media string
1087 var data []byte
1088 err := row.Scan(&media, &data)
1089 if err != nil {
1090 log.Printf("error loading file: %s", err)
1091 http.NotFound(w, r)
1092 return
1093 }
1094 w.Header().Set("Content-Type", media)
1095 w.Header().Set("X-Content-Type-Options", "nosniff")
1096 w.Header().Set("Cache-Control", "max-age="+somedays())
1097 w.Write(data)
1098}
1099
1100func serve() {
1101 db := opendatabase()
1102 LoginInit(db)
1103
1104 listener, err := openListener()
1105 if err != nil {
1106 log.Fatal(err)
1107 }
1108 go redeliverator()
1109
1110 debug := false
1111 getconfig("debug", &debug)
1112 readviews = ParseTemplates(debug,
1113 "views/honkpage.html",
1114 "views/honkers.html",
1115 "views/zonkers.html",
1116 "views/honkform.html",
1117 "views/honk.html",
1118 "views/login.html",
1119 "views/header.html",
1120 )
1121 if !debug {
1122 s := "views/style.css"
1123 savedstyleparams[s] = getstyleparam(s)
1124 s = "views/local.css"
1125 savedstyleparams[s] = getstyleparam(s)
1126 }
1127
1128 mux := mux.NewRouter()
1129 mux.Use(LoginChecker)
1130
1131 posters := mux.Methods("POST").Subrouter()
1132 getters := mux.Methods("GET").Subrouter()
1133
1134 getters.HandleFunc("/", homepage)
1135 getters.HandleFunc("/rss", showrss)
1136 getters.HandleFunc("/u/{name:[[:alnum:]]+}", viewuser)
1137 getters.HandleFunc("/u/{name:[[:alnum:]]+}/h/{xid:[[:alnum:]]+}", viewhonk)
1138 getters.HandleFunc("/u/{name:[[:alnum:]]+}/rss", showrss)
1139 posters.HandleFunc("/u/{name:[[:alnum:]]+}/inbox", inbox)
1140 getters.HandleFunc("/u/{name:[[:alnum:]]+}/outbox", outbox)
1141 getters.HandleFunc("/a", avatate)
1142 getters.HandleFunc("/t", viewconvoy)
1143 getters.HandleFunc("/d/{xid:[[:alnum:].]+}", servefile)
1144 getters.HandleFunc("/emu/{xid:[[:alnum:]_.]+}", serveemu)
1145 getters.HandleFunc("/.well-known/webfinger", fingerlicker)
1146
1147 getters.HandleFunc("/style.css", servecss)
1148 getters.HandleFunc("/local.css", servecss)
1149 getters.HandleFunc("/login", servehtml)
1150 posters.HandleFunc("/dologin", dologin)
1151 getters.HandleFunc("/logout", dologout)
1152
1153 loggedin := mux.NewRoute().Subrouter()
1154 loggedin.Use(LoginRequired)
1155 loggedin.HandleFunc("/atme", homepage)
1156 loggedin.HandleFunc("/killzone", killzone)
1157 loggedin.Handle("/honk", CSRFWrap("honkhonk", http.HandlerFunc(savehonk)))
1158 loggedin.Handle("/bonk", CSRFWrap("honkhonk", http.HandlerFunc(savebonk)))
1159 loggedin.Handle("/zonkit", CSRFWrap("honkhonk", http.HandlerFunc(zonkit)))
1160 loggedin.Handle("/killitwithfire", CSRFWrap("killitwithfire", http.HandlerFunc(killitwithfire)))
1161 loggedin.Handle("/saveuser", CSRFWrap("saveuser", http.HandlerFunc(saveuser)))
1162 loggedin.HandleFunc("/honkers", viewhonkers)
1163 loggedin.HandleFunc("/h/{name:[[:alnum:]]+}", viewhonker)
1164 loggedin.HandleFunc("/c/{name:[[:alnum:]]+}", viewcombo)
1165 loggedin.Handle("/savehonker", CSRFWrap("savehonker", http.HandlerFunc(savehonker)))
1166
1167 err = http.Serve(listener, mux)
1168 if err != nil {
1169 log.Fatal(err)
1170 }
1171}
1172
1173var stmtHonkers, stmtDubbers, stmtSaveHonker, stmtUpdateHonker *sql.Stmt
1174var stmtOneXonk, stmtPublicHonks, stmtUserHonks, stmtHonksByCombo, stmtHonksByConvoy *sql.Stmt
1175var stmtHonksForUser, stmtHonksForMe, stmtDeleteHonk, stmtSaveDub *sql.Stmt
1176var stmtHonksByHonker, stmtSaveHonk, stmtFileData, stmtWhatAbout *sql.Stmt
1177var stmtFindXonk, stmtSaveDonk, stmtFindFile, stmtSaveFile *sql.Stmt
1178var stmtAddDoover, stmtGetDoovers, stmtLoadDoover, stmtZapDoover *sql.Stmt
1179var stmtHasHonker, stmtThumbBiter, stmtZonkIt *sql.Stmt
1180
1181func preparetodie(db *sql.DB, s string) *sql.Stmt {
1182 stmt, err := db.Prepare(s)
1183 if err != nil {
1184 log.Fatalf("error %s: %s", err, s)
1185 }
1186 return stmt
1187}
1188
1189func prepareStatements(db *sql.DB) {
1190 stmtHonkers = preparetodie(db, "select honkerid, userid, name, xid, flavor, combos from honkers where userid = ? and flavor = 'sub' or flavor = 'peep'")
1191 stmtSaveHonker = preparetodie(db, "insert into honkers (userid, name, xid, flavor, combos) values (?, ?, ?, ?, ?)")
1192 stmtUpdateHonker = preparetodie(db, "update honkers set combos = ? where honkerid = ? and userid = ?")
1193 stmtHasHonker = preparetodie(db, "select honkerid from honkers where xid = ? and userid = ?")
1194 stmtDubbers = preparetodie(db, "select honkerid, userid, name, xid, flavor from honkers where userid = ? and flavor = 'dub'")
1195
1196 selecthonks := "select honkid, honks.userid, username, what, honker, honks.xid, rid, dt, url, audience, noise, convoy from honks join users on honks.userid = users.userid "
1197 limit := " order by honkid desc limit "
1198 stmtOneXonk = preparetodie(db, selecthonks+"where xid = ?")
1199 stmtPublicHonks = preparetodie(db, selecthonks+"where honker = ''"+limit+"50")
1200 stmtUserHonks = preparetodie(db, selecthonks+"where honker = '' and username = ?"+limit+"50")
1201 stmtHonksForUser = preparetodie(db, selecthonks+"where honks.userid = ? and dt > ? and convoy not in (select name from zonkers where userid = ? and wherefore = 'zonvoy' order by zonkerid desc limit 100)"+limit+"250")
1202 stmtHonksForMe = preparetodie(db, selecthonks+"where honks.userid = ? and dt > ? and whofore = 1 and convoy not in (select name from zonkers where userid = ? and wherefore = 'zonvoy' order by zonkerid desc limit 100)"+limit+"150")
1203 stmtHonksByHonker = preparetodie(db, selecthonks+"join honkers on honkers.xid = honks.honker where honks.userid = ? and honkers.name = ?"+limit+"50")
1204 stmtHonksByCombo = preparetodie(db, selecthonks+"join honkers on honkers.xid = honks.honker where honks.userid = ? and honkers.combos like ?"+limit+"50")
1205 stmtHonksByConvoy = preparetodie(db, selecthonks+"where (honks.userid = ? or honker = '') and convoy = ?"+limit+"50")
1206
1207 stmtSaveHonk = preparetodie(db, "insert into honks (userid, what, honker, xid, rid, dt, url, audience, noise, convoy, whofore) values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)")
1208 stmtFileData = preparetodie(db, "select media, content from files where xid = ?")
1209 stmtFindXonk = preparetodie(db, "select honkid from honks where userid = ? and xid = ?")
1210 stmtSaveDonk = preparetodie(db, "insert into donks (honkid, fileid) values (?, ?)")
1211 stmtDeleteHonk = preparetodie(db, "update honks set what = 'zonk' where xid = ? and honker = ?")
1212 stmtFindFile = preparetodie(db, "select fileid from files where url = ?")
1213 stmtSaveFile = preparetodie(db, "insert into files (xid, name, url, media, content) values (?, ?, ?, ?, ?)")
1214 stmtWhatAbout = preparetodie(db, "select userid, username, displayname, about, pubkey from users where username = ?")
1215 stmtSaveDub = preparetodie(db, "insert into honkers (userid, name, xid, flavor) values (?, ?, ?, ?)")
1216 stmtAddDoover = preparetodie(db, "insert into doovers (dt, tries, username, rcpt, msg) values (?, ?, ?, ?, ?)")
1217 stmtGetDoovers = preparetodie(db, "select dooverid, dt from doovers")
1218 stmtLoadDoover = preparetodie(db, "select tries, username, rcpt, msg from doovers where dooverid = ?")
1219 stmtZapDoover = preparetodie(db, "delete from doovers where dooverid = ?")
1220 stmtZonkIt = preparetodie(db, "update honks set what = 'zonk' where userid = ? and xid = ?")
1221 stmtThumbBiter = preparetodie(db, "select zonkerid from zonkers where ((name = ? and wherefore = 'zonker') or (name = ? and wherefore = 'zurl')) and userid = ?")
1222}
1223
1224func ElaborateUnitTests() {
1225}
1226
1227func finishusersetup() error {
1228 db := opendatabase()
1229 k, err := rsa.GenerateKey(rand.Reader, 2048)
1230 if err != nil {
1231 return err
1232 }
1233 pubkey, err := zem(&k.PublicKey)
1234 if err != nil {
1235 return err
1236 }
1237 seckey, err := zem(k)
1238 if err != nil {
1239 return err
1240 }
1241 _, err = db.Exec("update users set displayname = username, about = ?, pubkey = ?, seckey = ? where userid = 1", "what about me?", pubkey, seckey)
1242 if err != nil {
1243 return err
1244 }
1245 return nil
1246}
1247
1248func main() {
1249 cmd := "run"
1250 if len(os.Args) > 1 {
1251 cmd = os.Args[1]
1252 }
1253 switch cmd {
1254 case "init":
1255 initdb()
1256 case "upgrade":
1257 upgradedb()
1258 }
1259 db := opendatabase()
1260 dbversion := 0
1261 getconfig("dbversion", &dbversion)
1262 if dbversion != myVersion {
1263 log.Fatal("incorrect database version. run upgrade.")
1264 }
1265 getconfig("servername", &serverName)
1266 prepareStatements(db)
1267 switch cmd {
1268 case "ping":
1269 if len(os.Args) < 4 {
1270 fmt.Printf("usage: honk ping from to\n")
1271 return
1272 }
1273 name := os.Args[2]
1274 targ := os.Args[3]
1275 user, err := butwhatabout(name)
1276 if err != nil {
1277 log.Printf("unknown user")
1278 return
1279 }
1280 ping(user, targ)
1281 case "peep":
1282 peeppeep()
1283 case "run":
1284 serve()
1285 case "test":
1286 ElaborateUnitTests()
1287 default:
1288 log.Fatal("unknown command")
1289 }
1290}