MDL-16094 File storage conversion Quiz and Questions
[moodle.git] / mnet / xmlrpc / server.php
CommitLineData
71558f85 1<?php
2/**
3 * An XML-RPC server
4 *
5 * @author Donal McMullan donal@catalyst.net.nz
6 * @version 0.0.1
7 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
8 * @package mnet
9 */
10
11// Make certain that config.php doesn't display any errors, and that it doesn't
12// override our do-not-display-errors setting:
af0e9032
PS
13// disable moodle specific debug messages and any errors in output
14define('NO_DEBUG_DISPLAY', true);
15// cookies are not used, makes sure there is empty global $USER
16define('NO_MOODLE_COOKIES', true);
17
287efec6
PL
18define('MNET_SERVER', true);
19
71558f85 20require_once(dirname(dirname(dirname(__FILE__))) . '/config.php');
71558f85 21
287efec6 22$mnet = get_mnet_environment();
71558f85 23// Include MNET stuff:
24require_once $CFG->dirroot.'/mnet/lib.php';
25require_once $CFG->dirroot.'/mnet/remote_client.php';
de260e0f
PL
26require_once $CFG->dirroot.'/mnet/xmlrpc/serverlib.php';
27
71558f85 28
600be062 29if ($CFG->mnet_dispatcher_mode === 'off') {
30 print_error('mnetdisabled', 'mnet');
31}
32
71558f85 33// Content type for output is not html:
1008dad6 34header('Content-type: text/xml; charset=utf-8');
71558f85 35
25202581 36// PHP 5.2.2: $HTTP_RAW_POST_DATA not populated bug:
37// http://bugs.php.net/bug.php?id=41293
38if (empty($HTTP_RAW_POST_DATA)) {
39 $HTTP_RAW_POST_DATA = file_get_contents('php://input');
40}
41
71f61c41
PL
42mnet_debug("HTTP_RAW_POST_DATA", 2);
43mnet_debug($HTTP_RAW_POST_DATA, 2);
71558f85 44
8d60e942 45if (!isset($_SERVER)) {
d234faf3 46 exit(mnet_server_fault(712, get_string('phperror', 'mnet')));
8d60e942 47}
48
49
71558f85 50// New global variable which ONLY gets set in this server page, so you know that
51// if you've been called by a remote Moodle, this should be set:
287efec6
PL
52$remoteclient = new mnet_remote_client();
53set_mnet_remote_client($remoteclient);
71558f85 54
939ea0bc
PL
55try {
56 $plaintextmessage = mnet_server_strip_encryption($HTTP_RAW_POST_DATA);
57 $xmlrpcrequest = mnet_server_strip_signature($plaintextmessage);
c0b22a3f 58} catch (Exception $e) {
71f61c41 59 mnet_debug('encryption strip exception thrown: ' . $e->getMessage());
939ea0bc
PL
60 exit(mnet_server_fault($e->getCode(), $e->getMessage(), $e->a));
61}
62
71f61c41
PL
63mnet_debug('XMLRPC Payload', 2);
64mnet_debug($xmlrpcrequest, 2);
8d60e942 65
287efec6 66if($remoteclient->pushkey == true) {
8d60e942 67 // The peer used one of our older public keys, we will return a
68 // signed/encrypted error message containing our new public key
69 // Sign message with our old key, and encrypt to the peer's private key.
71f61c41 70 mnet_debug('sending back new key');
287efec6 71 exit(mnet_server_fault_xml(7025, $mnet->public_key, $remoteclient->useprivatekey));
8d60e942 72}
73// Have a peek at what the request would be if we were to process it
74$params = xmlrpc_decode_request($xmlrpcrequest, $method);
71f61c41 75mnet_debug("incoming mnet request $method");
8d60e942 76
77// One of three conditions need to be met before we continue processing this request:
78// 1. Request is properly encrypted and signed
79// 2. Request is for a keyswap (we don't mind enencrypted or unsigned requests for a public key)
80// 3. Request is properly signed and we're happy with it being unencrypted
287efec6 81if ((($remoteclient->request_was_encrypted == true) && ($remoteclient->signatureok == true))
8d60e942 82 || (($method == 'system.keyswap') || ($method == 'system/keyswap'))
287efec6 83 || (($remoteclient->signatureok == true) && ($remoteclient->plaintext_is_ok() == true))) {
939ea0bc 84 try {
de260e0f
PL
85 // main dispatch call. will echo the response directly
86 mnet_server_dispatch($xmlrpcrequest);
71f61c41 87 mnet_debug('exiting cleanly');
de260e0f 88 exit;
c0b22a3f 89 } catch (Exception $e) {
71f61c41 90 mnet_debug('dispatch exception thrown: ' . $e->getMessage());
939ea0bc
PL
91 exit(mnet_server_fault($e->getCode(), $e->getMessage(), $e->a));
92 }
8d60e942 93}
de260e0f
PL
94// if we get to here, something is wrong
95// so detect a few common cases and send appropriate errors
287efec6 96if (($remoteclient->request_was_encrypted == false) && ($remoteclient->plaintext_is_ok() == false)) {
71f61c41 97 mnet_debug('non encrypted request');
d234faf3 98 exit(mnet_server_fault(7021, get_string('forbidden-transport', 'mnet')));
71558f85 99}
100
287efec6 101if ($remoteclient->request_was_signed == false) {
de260e0f 102 // Request was not signed
71f61c41 103 mnet_debug('non signed request');
d234faf3 104 exit(mnet_server_fault(711, get_string('verifysignature-error', 'mnet')));
5f6b28fa 105}
71558f85 106
287efec6 107if ($remoteclient->signatureok == false) {
de260e0f 108 // We were unable to verify the signature
71f61c41 109 mnet_debug('non verified signature');
d234faf3 110 exit(mnet_server_fault(710, get_string('verifysignature-invalid', 'mnet')));
71558f85 111}
71f61c41 112mnet_debug('unknown error');
d234faf3 113exit(mnet_server_fault(7000, get_string('unknownerror', 'mnet')));