| Commit | Line | Data |
|---|---|---|
| 71558f85 | 1 | <?php |
| 2 | /** | |
| 3 | * An XML-RPC server | |
| 4 | * | |
| 5 | * @author Donal McMullan donal@catalyst.net.nz | |
| 6 | * @version 0.0.1 | |
| 7 | * @license http://www.gnu.org/copyleft/gpl.html GNU Public License | |
| 8 | * @package mnet | |
| 9 | */ | |
| 10 | ||
| 11 | // Make certain that config.php doesn't display any errors, and that it doesn't | |
| 12 | // override our do-not-display-errors setting: | |
| af0e9032 PS |
13 | // disable moodle specific debug messages and any errors in output |
| 14 | define('NO_DEBUG_DISPLAY', true); | |
| 15 | // cookies are not used, makes sure there is empty global $USER | |
| 16 | define('NO_MOODLE_COOKIES', true); | |
| 17 | ||
| 287efec6 PL |
18 | define('MNET_SERVER', true); |
| 19 | ||
| 1fcf0ca8 | 20 | require(__DIR__.'/../../config.php'); |
| 71558f85 | 21 | |
| 287efec6 | 22 | $mnet = get_mnet_environment(); |
| 71558f85 | 23 | // Include MNET stuff: |
| 24 | require_once $CFG->dirroot.'/mnet/lib.php'; | |
| 25 | require_once $CFG->dirroot.'/mnet/remote_client.php'; | |
| de260e0f PL |
26 | require_once $CFG->dirroot.'/mnet/xmlrpc/serverlib.php'; |
| 27 | ||
| 71558f85 | 28 | |
| 600be062 | 29 | if ($CFG->mnet_dispatcher_mode === 'off') { |
| 30 | print_error('mnetdisabled', 'mnet'); | |
| 31 | } | |
| 32 | ||
| 71558f85 | 33 | // Content type for output is not html: |
| 1008dad6 | 34 | header('Content-type: text/xml; charset=utf-8'); |
| 71558f85 | 35 | |
| 4d16a274 SL |
36 | $rawpostdata = file_get_contents("php://input"); |
| 37 | mnet_debug("RAW POST DATA", 2); | |
| 38 | mnet_debug($rawpostdata, 2); | |
| 71558f85 | 39 | |
| 8d60e942 | 40 | if (!isset($_SERVER)) { |
| d234faf3 | 41 | exit(mnet_server_fault(712, get_string('phperror', 'mnet'))); |
| 8d60e942 | 42 | } |
| 43 | ||
| 44 | ||
| 71558f85 | 45 | // New global variable which ONLY gets set in this server page, so you know that |
| 46 | // if you've been called by a remote Moodle, this should be set: | |
| 287efec6 PL |
47 | $remoteclient = new mnet_remote_client(); |
| 48 | set_mnet_remote_client($remoteclient); | |
| 71558f85 | 49 | |
| 939ea0bc | 50 | try { |
| 4d16a274 | 51 | $plaintextmessage = mnet_server_strip_encryption($rawpostdata); |
| 939ea0bc | 52 | $xmlrpcrequest = mnet_server_strip_signature($plaintextmessage); |
| c0b22a3f | 53 | } catch (Exception $e) { |
| 71f61c41 | 54 | mnet_debug('encryption strip exception thrown: ' . $e->getMessage()); |
| 939ea0bc PL |
55 | exit(mnet_server_fault($e->getCode(), $e->getMessage(), $e->a)); |
| 56 | } | |
| 57 | ||
| 71f61c41 PL |
58 | mnet_debug('XMLRPC Payload', 2); |
| 59 | mnet_debug($xmlrpcrequest, 2); | |
| 8d60e942 | 60 | |
| 287efec6 | 61 | if($remoteclient->pushkey == true) { |
| 8d60e942 | 62 | // The peer used one of our older public keys, we will return a |
| 63 | // signed/encrypted error message containing our new public key | |
| 64 | // Sign message with our old key, and encrypt to the peer's private key. | |
| 71f61c41 | 65 | mnet_debug('sending back new key'); |
| 287efec6 | 66 | exit(mnet_server_fault_xml(7025, $mnet->public_key, $remoteclient->useprivatekey)); |
| 8d60e942 | 67 | } |
| 68 | // Have a peek at what the request would be if we were to process it | |
| 69 | $params = xmlrpc_decode_request($xmlrpcrequest, $method); | |
| 71f61c41 | 70 | mnet_debug("incoming mnet request $method"); |
| 8d60e942 | 71 | |
| 72 | // One of three conditions need to be met before we continue processing this request: | |
| 73 | // 1. Request is properly encrypted and signed | |
| 74 | // 2. Request is for a keyswap (we don't mind enencrypted or unsigned requests for a public key) | |
| 75 | // 3. Request is properly signed and we're happy with it being unencrypted | |
| 287efec6 | 76 | if ((($remoteclient->request_was_encrypted == true) && ($remoteclient->signatureok == true)) |
| 8d60e942 | 77 | || (($method == 'system.keyswap') || ($method == 'system/keyswap')) |
| 287efec6 | 78 | || (($remoteclient->signatureok == true) && ($remoteclient->plaintext_is_ok() == true))) { |
| 939ea0bc | 79 | try { |
| de260e0f PL |
80 | // main dispatch call. will echo the response directly |
| 81 | mnet_server_dispatch($xmlrpcrequest); | |
| 71f61c41 | 82 | mnet_debug('exiting cleanly'); |
| de260e0f | 83 | exit; |
| c0b22a3f | 84 | } catch (Exception $e) { |
| 71f61c41 | 85 | mnet_debug('dispatch exception thrown: ' . $e->getMessage()); |
| 939ea0bc PL |
86 | exit(mnet_server_fault($e->getCode(), $e->getMessage(), $e->a)); |
| 87 | } | |
| 8d60e942 | 88 | } |
| de260e0f PL |
89 | // if we get to here, something is wrong |
| 90 | // so detect a few common cases and send appropriate errors | |
| 287efec6 | 91 | if (($remoteclient->request_was_encrypted == false) && ($remoteclient->plaintext_is_ok() == false)) { |
| 71f61c41 | 92 | mnet_debug('non encrypted request'); |
| d234faf3 | 93 | exit(mnet_server_fault(7021, get_string('forbidden-transport', 'mnet'))); |
| 71558f85 | 94 | } |
| 95 | ||
| 287efec6 | 96 | if ($remoteclient->request_was_signed == false) { |
| de260e0f | 97 | // Request was not signed |
| 71f61c41 | 98 | mnet_debug('non signed request'); |
| d234faf3 | 99 | exit(mnet_server_fault(711, get_string('verifysignature-error', 'mnet'))); |
| 5f6b28fa | 100 | } |
| 71558f85 | 101 | |
| 287efec6 | 102 | if ($remoteclient->signatureok == false) { |
| de260e0f | 103 | // We were unable to verify the signature |
| 71f61c41 | 104 | mnet_debug('non verified signature'); |
| d234faf3 | 105 | exit(mnet_server_fault(710, get_string('verifysignature-invalid', 'mnet'))); |
| 71558f85 | 106 | } |
| 71f61c41 | 107 | mnet_debug('unknown error'); |
| d234faf3 | 108 | exit(mnet_server_fault(7000, get_string('unknownerror', 'mnet'))); |
