this might make zot-id work as originally conceived complete with reverse magic auth. If it doesn't it will probably crash and burn every site involved in horrible ways. To test or not to test.... decisions. (Maybe tomorrow.)

boot.php

@@ -1975,6 +1975,15 @@ function zid_init(&$a) {
 		proc_run('php','include/gprobe.php',bin2hex($tmp_str));
 		$arr = array('zid' => $tmp_str, 'url' => $a->cmd);
 		call_hooks('zid_init',$arr);
+		if((! local_user()) && (! remote_user())) {
+			$r = q("select * from hubloc where hubloc_addr = '%s' limit 1",
+				dbesc($tmp_str)
+			);
+			// try to avoid recursion - but send them home to do a proper magic auth
+			if($r && ($r[0]['hubloc_url'] != z_root()) && (! strstr(get_app()->query_string,'/magic'))) {
+				goaway($r[0]['hubloc_url'] . '/magic' . '?f=&dest=' . z_root() . get_app()->query_string);
+			}
+		}
 	}
 }
 

include/gprobe.php

@@ -15,7 +15,7 @@ function gprobe_run($argv, $argc){
 	$url = hex2bin($argv[1]);
 
 	$r = q("select * from xchan where xchan_addr = '%s' limit 1",
-		dbesc(normalise_link($url))
+		dbesc($url)
 	);
 
 	if(! $r) {

mod/magic.php

@@ -22,6 +22,17 @@ function magic_init(&$a) {
 			intval(HUBLOC_FLAGS_PRIMARY)
 		);
 	}
+	else {
+		// See if we know anybody at the dest site that will unlock the door for us
+		$b = explode('/',$dest);
+		if(count($b) >= 2)
+		$u = $b[0] . '//' . $b[2];
+		$x = q("select xchan.xchan_url, hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash
+			where hubloc_url = '%s' limit 1",
+			dbesc($u)
+		);
+	}
+
 
 	if(! $x) {
 

version.inc

@@ -1 +1 @@
-2013-02-05.222
+2013-02-06.223