Write to the log when the SSL key is created
[moodle.git] / mnet / xmlrpc / server.php
CommitLineData
71558f85 1<?php
2/**
3 * An XML-RPC server
4 *
5 * @author Donal McMullan donal@catalyst.net.nz
6 * @version 0.0.1
7 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
8 * @package mnet
9 */
10
11// Make certain that config.php doesn't display any errors, and that it doesn't
12// override our do-not-display-errors setting:
13ini_set('display_errors',0);
14require_once(dirname(dirname(dirname(__FILE__))) . '/config.php');
15ini_set('display_errors',0);
16
17// Include MNET stuff:
18require_once $CFG->dirroot.'/mnet/lib.php';
19require_once $CFG->dirroot.'/mnet/remote_client.php';
20
21// Content type for output is not html:
1008dad6 22header('Content-type: text/xml; charset=utf-8');
71558f85 23
25202581 24// PHP 5.2.2: $HTTP_RAW_POST_DATA not populated bug:
25// http://bugs.php.net/bug.php?id=41293
26if (empty($HTTP_RAW_POST_DATA)) {
27 $HTTP_RAW_POST_DATA = file_get_contents('php://input');
28}
29
71558f85 30if (!empty($CFG->mnet_rpcdebug)) {
31 trigger_error("HTTP_RAW_POST_DATA");
32 trigger_error($HTTP_RAW_POST_DATA);
33}
34
35// New global variable which ONLY gets set in this server page, so you know that
36// if you've been called by a remote Moodle, this should be set:
37$MNET_REMOTE_CLIENT = new mnet_remote_client();
38
39// Peek at the message to see if it's an XML-ENC document. If it is, note that
40// the client connection was encrypted, and strip the xml-encryption and
41// xml-signature wrappers from the XML-RPC payload
42if (strpos(substr($HTTP_RAW_POST_DATA, 0, 100), '<encryptedMessage>')) {
43 $MNET_REMOTE_CLIENT->was_encrypted();
44// Extract the XML-RPC payload from the XML-ENC and XML-SIG wrappers.
45 $payload = mnet_server_strip_wrappers($HTTP_RAW_POST_DATA);
46} else {
47 $params = xmlrpc_decode_request($HTTP_RAW_POST_DATA, $method);
48 if ($method == 'system.keyswap' ||
49 $method == 'system/keyswap') {
50
51 // OK
52
53 } elseif ($MNET_REMOTE_CLIENT->plaintext_is_ok() == false) {
54 exit(mnet_server_fault(7021, 'forbidden-transport'));
55 }
56 // Looks like plaintext is ok. It is assumed that a plaintext call:
57 // 1. Came from a trusted host on your local network
58 // 2. Is *not* from a Moodle - otherwise why skip encryption/signing?
59 // 3. Is free to execute ANY function in Moodle
60 // 4. Cannot execute any methods (as it can't instantiate a class first)
61 // To execute a method, you'll need to create a wrapper function that first
62 // instantiates the class, and then calls the method.
63 $payload = $HTTP_RAW_POST_DATA;
64}
65
66if (!empty($CFG->mnet_rpcdebug)) {
67 trigger_error("XMLRPC Payload");
68 trigger_error(print_r($payload,1));
69}
70
71// Parse and action the XML-RPC payload
72$response = mnet_server_dispatch($payload);
73
74/**
75 * Strip the encryption (XML-ENC) and signature (XML-SIG) wrappers and return the XML-RPC payload
76 *
77 * IF COMMUNICATION TAKES PLACE OVER UNENCRYPTED HTTP:
78 * The payload will have been encrypted with a symmetric key. This key will
79 * itself have been encrypted using your public key. The key is decrypted using
80 * your private key, and then used to decrypt the XML payload.
81 *
82 * IF COMMUNICATION TAKES PLACE OVER UNENCRYPTED HTTP *OR* ENCRYPTED HTTPS:
83 * In either case, there will be an XML wrapper which contains your XML-RPC doc
84 * as an object element, a signature for that doc, and various standards-
85 * compliant info to aid in verifying the signature.
86 *
87 * This function parses the encryption wrapper, decrypts the contents, parses
88 * the signature wrapper, and if the signature matches the payload, it returns
89 * the payload, which should be an XML-RPC request.
90 * If there is an error, or the signatures don't match, it echoes an XML-RPC
91 * error and exits.
92 *
93 * See the W3C's {@link http://www.w3.org/TR/xmlenc-core/ XML Encryption Syntax and Processing}
94 * and {@link http://www.w3.org/TR/2001/PR-xmldsig-core-20010820/ XML-Signature Syntax and Processing}
95 * guidelines for more detail on the XML.
96 *
97 * -----XML-Envelope---------------------------------
98 * | |
99 * | Encrypted-Symmetric-key---------------- |
100 * | |_____________________________________| |
101 * | |
102 * | Encrypted data------------------------- |
103 * | | | |
104 * | | -XML-Envelope------------------ | |
105 * | | | | | |
106 * | | | --Signature------------- | | |
107 * | | | |______________________| | | |
108 * | | | | | |
109 * | | | --Signed-Payload-------- | | |
110 * | | | | | | | |
111 * | | | | XML-RPC Request | | | |
112 * | | | |______________________| | | |
113 * | | | | | |
114 * | | |_____________________________| | |
115 * | |_____________________________________| |
116 * | |
117 * |________________________________________________|
118 *
119 * @uses $db
120 * @param string $HTTP_RAW_POST_DATA The XML that the client sent
121 * @return string The XMLRPC payload.
122 */
123function mnet_server_strip_wrappers($HTTP_RAW_POST_DATA) {
124 global $MNET, $MNET_REMOTE_CLIENT;
125 if (isset($_SERVER)) {
126
127 $crypt_parser = new mnet_encxml_parser();
128 $crypt_parser->parse($HTTP_RAW_POST_DATA);
129
9dd0e611 130 // Make sure we know who we're talking to
131 $host_record_exists = $MNET_REMOTE_CLIENT->set_wwwroot($crypt_parser->remote_wwwroot);
132
133 if (false == $host_record_exists) {
134 exit(mnet_server_fault(7020, 'wrong-wwwroot', $crypt_parser->remote_wwwroot));
9dd0e611 135 }
136
71558f85 137 if ($crypt_parser->payload_encrypted) {
138
735c7beb 139 $key = array_pop($crypt_parser->cipher); // This key is Symmetric
71558f85 140 $data = array_pop($crypt_parser->cipher);
141
142 $crypt_parser->free_resource();
143
9dd0e611 144 $payload = ''; // Initialize payload var
145 $push_current_key = false; // True if we need to push a fresh key to the peer
71558f85 146
147 // &$payload
148 $isOpen = openssl_open(base64_decode($data), $payload, base64_decode($key), $MNET->get_private_key());
149
735c7beb 150 if (!$isOpen) {
151 // Decryption failed... let's try our archived keys
c9fa3eee 152 $openssl_history = get_config('mnet', 'openssl_history');
153 if(empty($openssl_history)) {
154 $openssl_history = array();
155 set_config('openssl_history', serialize($openssl_history), 'mnet');
156 } else {
503d1262 157 $openssl_history = unserialize($openssl_history);
735c7beb 158 }
735c7beb 159 foreach($openssl_history as $keyset) {
160 $keyresource = openssl_pkey_get_private($keyset['keypair_PEM']);
161 $isOpen = openssl_open(base64_decode($data), $payload, base64_decode($key), $keyresource);
162 if ($isOpen) {
163 // It's an older code, sir, but it checks out
9dd0e611 164 $push_current_key = true;
735c7beb 165 }
166 }
167 }
168
71558f85 169 if (!$isOpen) {
170 exit(mnet_server_fault(7023, 'encryption-invalid'));
171 }
172
173 if (strpos(substr($payload, 0, 100), '<signedMessage>')) {
174 $MNET_REMOTE_CLIENT->was_signed();
175 $sig_parser = new mnet_encxml_parser();
176 $sig_parser->parse($payload);
177 } else {
178 exit(mnet_server_fault(7022, 'verifysignature-error'));
179 }
180
181 } else {
182 exit(mnet_server_fault(7024, 'payload-not-encrypted'));
183 }
184
185 unset($payload);
186
9dd0e611 187 // if the peer used one of our public keys that have expired, we will
188 // return a signed/encrypted error message with our new public key
189 if($push_current_key) {
190 // NOTE: Here, we use the 'mnet_server_fault_xml' to avoid
191 // get_string being called on our public_key
192 exit(mnet_server_fault_xml(7025, $MNET->public_key));
71558f85 193 }
194
195 /**
196 * Get the certificate (i.e. public key) from the remote server.
197 */
198 $certificate = $MNET_REMOTE_CLIENT->public_key;
199
200 if ($certificate == false) {
201 exit(mnet_server_fault(709, 'nosuchpublickey'));
202 }
203
204 $payload = base64_decode($sig_parser->data_object);
205
206 // Does the signature match the data and the public cert?
207 $signature_verified = openssl_verify($payload, base64_decode($sig_parser->signature), $certificate);
208 if ($signature_verified == 1) {
3e008de8 209 $MNET_REMOTE_CLIENT->touch();
71558f85 210 // Parse the XML
211 } elseif ($signature_verified == 0) {
25202581 212 $currkey = mnet_get_public_key($MNET_REMOTE_CLIENT->wwwroot, $MNET_REMOTE_CLIENT->application->xmlrpc_server_url);
9dd0e611 213 if($currkey != $certificate) {
214 // Has the server updated its certificate since our last
215 // handshake?
216 if(!$MNET_REMOTE_CLIENT->refresh_key()) {
217 exit(mnet_server_fault(7026, 'verifysignature-invalid'));
218 }
219 } else {
220 exit(mnet_server_fault(710, 'verifysignature-invalid'));
221 }
71558f85 222 } else {
223 exit(mnet_server_fault(711, 'verifysignature-error'));
224 }
225
226 $sig_parser->free_resource();
227
228 return $payload;
229 } else {
230 exit(mnet_server_fault(712, "phperror"));
231 }
232}
233
234/**
151a9872 235 * Return the proper XML-RPC content to report an error in the local language.
71558f85 236 *
237 * @param int $code The ID code of the error message
151a9872 238 * @param string $text The array-key of the error message in the lang file
239 * @param string $param The $a param for the error message in the lang file
71558f85 240 * @return string $text The text of the error message
241 */
242function mnet_server_fault($code, $text, $param = null) {
151a9872 243 global $MNET_REMOTE_CLIENT;
71558f85 244 if (!is_numeric($code)) {
245 $code = 0;
246 }
247 $code = intval($code);
248
249 $text = get_string($text, 'mnet', $param);
151a9872 250 return mnet_server_fault_xml($code, $text);
251}
71558f85 252
151a9872 253/**
254 * Return the proper XML-RPC content to report an error.
255 *
256 * @param int $code The ID code of the error message
257 * @param string $text The error message
258 * @return string $text The XML text of the error message
259 */
260function mnet_server_fault_xml($code, $text) {
573f8b02 261 global $MNET_REMOTE_CLIENT, $CFG;
71558f85 262 // Replace illegal XML chars - is this already in a lib somewhere?
263 $text = str_replace(array('<','>','&','"',"'"), array('&lt;','&gt;','&amp;','&quot;','&apos;'), $text);
264
265 $return = mnet_server_prepare_response('<?xml version="1.0"?>
266<methodResponse>
267 <fault>
268 <value>
269 <struct>
270 <member>
271 <name>faultCode</name>
272 <value><int>'.$code.'</int></value>
273 </member>
274 <member>
275 <name>faultString</name>
276 <value><string>'.$text.'</string></value>
25202581 277 </member>
278 </struct>
279 </value>
280 </fault>
281</methodResponse>');
573f8b02 282
283 if (!empty($CFG->mnet_rpcdebug)) {
3d706b49 284 trigger_error("XMLRPC Error Response $code: $text");
573f8b02 285 trigger_error(print_r($return,1));
286 }
287
71558f85 288 return $return;
289}
290
291/**
292 * Dummy function for the XML-RPC dispatcher - use to call a method on an object
293 * or to call a function
294 *
295 * Translate XML-RPC's strange function call syntax into a more straightforward
296 * PHP-friendly alternative. This dummy function will be called by the
297 * dispatcher, and can be used to call a method on an object, or just a function
298 *
299 * The methodName argument (eg. mnet/testlib/mnet_concatenate_strings)
300 * is ignored.
301 *
302 * @param string $methodname We discard this - see 'functionname'
303 * @param array $argsarray Each element is an argument to the real
304 * function
305 * @param string $functionname The name of the PHP function you want to call
306 * @return mixed The return value will be that of the real
307 * function, whateber it may be.
308 */
309function mnet_server_dummy_method($methodname, $argsarray, $functionname) {
310 global $MNET_REMOTE_CLIENT;
311
5c2e5bf2 312 if (!is_object($MNET_REMOTE_CLIENT->object_to_call)) {
71558f85 313 return @call_user_func_array($functionname, $argsarray);
314 } else {
315 return @call_user_method_array($functionname, $MNET_REMOTE_CLIENT->object_to_call, $argsarray);
316 }
317}
318
319/**
320 * Package a response in any required envelope, and return it to the client
321 *
322 * @param string $response The XMLRPC response string
323 * @return string The encoded response string
324 */
325function mnet_server_prepare_response($response) {
326 global $MNET_REMOTE_CLIENT;
327
328 if ($MNET_REMOTE_CLIENT->request_was_signed) {
329 $response = mnet_sign_message($response);
330 }
331
332 if ($MNET_REMOTE_CLIENT->request_was_encrypted) {
333 $response = mnet_encrypt_message($response, $MNET_REMOTE_CLIENT->public_key);
334 }
335
336 return $response;
337}
338
339/**
340 * If security checks are passed, dispatch the request to the function/method
341 *
342 * The config variable 'mnet_dispatcher_mode' can be:
343 * strict: Only execute functions that are in specific files
344 * off: The default - don't execute anything
345 *
346 * @param string $payload The XML-RPC request
347 * @return No return val - just echo the response
348 */
349function mnet_server_dispatch($payload) {
350 global $CFG, $MNET_REMOTE_CLIENT;
351 // xmlrpc_decode_request returns an array of parameters, and the $method
352 // variable (which is passed by reference) is instantiated with the value from
353 // the methodName tag in the xml payload
354 // xmlrpc_decode_request($xml, &$method)
355 $params = xmlrpc_decode_request($payload, $method);
356
b26a847b 357 // $method is something like: "mod/forum/lib.php/forum_add_instance"
71558f85 358 // $params is an array of parameters. A parameter might itself be an array.
359
360 // Whitelist characters that are permitted in a method name
361 // The method name must not begin with a / - avoid absolute paths
362 // A dot character . is only allowed in the filename, i.e. something.php
363 if (0 == preg_match("@^[A-Za-z0-9]+/[A-Za-z0-9/_-]+(\.php/)?[A-Za-z0-9_-]+$@",$method)) {
364 exit(mnet_server_fault(713, 'nosuchfunction'));
365 }
366
4fc66605 367 if(preg_match("/^system\./", $method)) {
b26a847b 368 $callstack = explode('.', $method);
369 } else {
370 $callstack = explode('/', $method);
371 // callstack will look like array('mod', 'forum', 'lib.php', 'forum_add_instance');
372 }
71558f85 373
374 /**
375 * What has the site administrator chosen as his dispatcher setting?
376 * strict: Only execute functions that are in specific files
377 * off: The default - don't execute anything
378 */
379 ////////////////////////////////////// OFF
380 if (!isset($CFG->mnet_dispatcher_mode) ) {
381 set_config('mnet_dispatcher_mode', 'off');
382 exit(mnet_server_fault(704, 'nosuchservice'));
383 } elseif ('off' == $CFG->mnet_dispatcher_mode) {
384 exit(mnet_server_fault(704, 'nosuchservice'));
385
386 ////////////////////////////////////// SYSTEM METHODS
387 } elseif ($callstack[0] == 'system') {
388 $functionname = $callstack[1];
389 $xmlrpcserver = xmlrpc_server_create();
390
391 // I'm adding the canonical xmlrpc references here, however we've
392 // already forbidden that the period (.) should be allowed in the call
393 // stack, so if someone tries to access our XMLRPC in the normal way,
394 // they'll already have received a RPC server fault message.
395
396 // Maybe we should allow an easement so that regular XMLRPC clients can
397 // call our system methods, and find out what we have to offer?
398
399 xmlrpc_server_register_method($xmlrpcserver, 'system.listMethods', 'mnet_system');
400 xmlrpc_server_register_method($xmlrpcserver, 'system/listMethods', 'mnet_system');
401
402 xmlrpc_server_register_method($xmlrpcserver, 'system.methodSignature', 'mnet_system');
403 xmlrpc_server_register_method($xmlrpcserver, 'system/methodSignature', 'mnet_system');
404
405 xmlrpc_server_register_method($xmlrpcserver, 'system.methodHelp', 'mnet_system');
406 xmlrpc_server_register_method($xmlrpcserver, 'system/methodHelp', 'mnet_system');
407
408 xmlrpc_server_register_method($xmlrpcserver, 'system.listServices', 'mnet_system');
409 xmlrpc_server_register_method($xmlrpcserver, 'system/listServices', 'mnet_system');
410
411 xmlrpc_server_register_method($xmlrpcserver, 'system.keyswap', 'mnet_keyswap');
412 xmlrpc_server_register_method($xmlrpcserver, 'system/keyswap', 'mnet_keyswap');
413
414 if ($method == 'system.listMethods' ||
415 $method == 'system/listMethods' ||
416 $method == 'system.methodSignature' ||
417 $method == 'system/methodSignature' ||
418 $method == 'system.methodHelp' ||
419 $method == 'system/methodHelp' ||
420 $method == 'system.listServices' ||
421 $method == 'system/listServices' ||
422 $method == 'system.keyswap' ||
423 $method == 'system/keyswap') {
424
1008dad6 425 $response = xmlrpc_server_call_method($xmlrpcserver, $payload, $MNET_REMOTE_CLIENT, array("encoding" => "utf-8"));
71558f85 426 $response = mnet_server_prepare_response($response);
427 } else {
428 exit(mnet_server_fault(7018, 'nosuchfunction'));
429 }
430
431 xmlrpc_server_destroy($xmlrpcserver);
432 echo $response;
433 ////////////////////////////////////// STRICT AUTH
434 } elseif ($callstack[0] == 'auth') {
435
436 // Break out the callstack into its elements
437 list($base, $plugin, $filename, $methodname) = $callstack;
438
439 // We refuse to include anything that is not auth.php
440 if ($filename == 'auth.php' && is_enabled_auth($plugin)) {
441 $authclass = 'auth_plugin_'.$plugin;
442 $includefile = '/auth/'.$plugin.'/auth.php';
443 $response = mnet_server_invoke_method($includefile, $methodname, $method, $payload, $authclass);
444 $response = mnet_server_prepare_response($response);
445 echo $response;
446 } else {
447 // Generate error response - unable to locate function
448 exit(mnet_server_fault(702, 'nosuchfunction'));
449 }
450
451 ////////////////////////////////////// STRICT ENROL
452 } elseif ($callstack[0] == 'enrol') {
453
454 // Break out the callstack into its elements
455 list($base, $plugin, $filename, $methodname) = $callstack;
456
457 if ($filename == 'enrol.php' && is_enabled_enrol($plugin)) {
458 $enrolclass = 'enrolment_plugin_'.$plugin;
459 $includefile = '/enrol/'.$plugin.'/enrol.php';
460 $response = mnet_server_invoke_method($includefile, $methodname, $method, $payload, $enrolclass);
461 $response = mnet_server_prepare_response($response);
462 echo $response;
463 } else {
464 // Generate error response - unable to locate function
465 exit(mnet_server_fault(703, 'nosuchfunction'));
466 }
467
468 ////////////////////////////////////// STRICT MOD/*
68bcd355 469 } elseif ($callstack[0] == 'mod' || 'dangerous' == $CFG->mnet_dispatcher_mode) {
71558f85 470 list($base, $module, $filename, $functionname) = $callstack;
471
472 ////////////////////////////////////// STRICT MOD/*
473 if ($base == 'mod' && $filename == 'rpclib.php') {
474 $includefile = '/mod/'.$module.'/rpclib.php';
475 $response = mnet_server_invoke_method($includefile, $functionname, $method, $payload);
476 $response = mnet_server_prepare_response($response);
477 echo $response;
478
68bcd355 479 ////////////////////////////////////// DANGEROUS
480 } elseif ('dangerous' == $CFG->mnet_dispatcher_mode && $MNET_REMOTE_CLIENT->plaintext_is_ok()) {
71558f85 481
482 $functionname = array_pop($callstack);
71558f85 483
484 if ($MNET_REMOTE_CLIENT->plaintext_is_ok()) {
485
1bef950e 486 $filename = clean_param(implode('/',$callstack), PARAM_PATH);
487 if (0 == preg_match("/php$/", $filename)) {
488 // Filename doesn't end in 'php'; possible attack?
489 // Generate error response - unable to locate function
490 exit(mnet_server_fault(7012, 'nosuchfunction'));
491 }
492
71558f85 493 // The call stack holds the path to any include file
1bef950e 494 $includefile = $CFG->dirroot.'/'.$filename;
71558f85 495
b26a847b 496 $response = mnet_server_invoke_method($includefile, $functionname, $method, $payload);
71558f85 497 echo $response;
498 }
499
500 } else {
501 // Generate error response - unable to locate function
502 exit(mnet_server_fault(7012, 'nosuchfunction'));
503 }
504
505 } else {
506 // Generate error response - unable to locate function
507 exit(mnet_server_fault(7012, 'nosuchfunction'));
508 }
509}
510
511/**
512 * Execute the system functions - mostly for introspection
513 *
514 * @param string $method XMLRPC method name, e.g. system.listMethods
515 * @param array $params Array of parameters from the XMLRPC request
516 * @param string $hostinfo Hostinfo object from the mnet_host table
517 * @return mixed Response data - any kind of PHP variable
518 */
519function mnet_system($method, $params, $hostinfo) {
520 global $CFG;
521
522 if (empty($hostinfo)) return array();
523
524 $id_list = $hostinfo->id;
525 if (!empty($CFG->mnet_all_hosts_id)) {
526 $id_list .= ', '.$CFG->mnet_all_hosts_id;
527 }
528
529 if ('system.listMethods' == $method || 'system/listMethods' == $method) {
530 if (count($params) == 0) {
531 $query = '
532 SELECT DISTINCT
533 rpc.function_name,
534 rpc.xmlrpc_path,
535 rpc.enabled,
536 rpc.help,
537 rpc.profile
538 FROM
539 '.$CFG->prefix.'mnet_host2service h2s,
540 '.$CFG->prefix.'mnet_service2rpc s2r,
541 '.$CFG->prefix.'mnet_rpc rpc
542 WHERE
543 s2r.rpcid = rpc.id AND
544 h2s.serviceid = s2r.serviceid AND
f633d85d 545 h2s.hostid in ('.$id_list .') AND
546 h2s.publish =\'1\'
71558f85 547 ORDER BY
548 rpc.xmlrpc_path ASC';
549
550 } else {
551 $query = '
552 SELECT DISTINCT
553 rpc.function_name,
554 rpc.xmlrpc_path,
555 rpc.enabled,
556 rpc.help,
557 rpc.profile
558 FROM
559 '.$CFG->prefix.'mnet_host2service h2s,
560 '.$CFG->prefix.'mnet_service2rpc s2r,
561 '.$CFG->prefix.'mnet_service svc,
562 '.$CFG->prefix.'mnet_rpc rpc
563 WHERE
564 s2r.rpcid = rpc.id AND
565 h2s.serviceid = s2r.serviceid AND
566 h2s.hostid in ('.$id_list .') AND
f633d85d 567 h2s.publish =\'1\' AND
71558f85 568 svc.id = h2s.serviceid AND
569 svc.name = \''.$params[0].'\'
570 ORDER BY
571 rpc.xmlrpc_path ASC';
572
573 }
574 $resultset = array_values(get_records_sql($query));
575 $methods = array();
576 foreach($resultset as $result) {
577 $methods[] = $result->xmlrpc_path;
578 }
579 return $methods;
580 } elseif ('system.methodSignature' == $method || 'system/methodSignature' == $method) {
581 $query = '
582 SELECT DISTINCT
583 rpc.function_name,
584 rpc.xmlrpc_path,
585 rpc.enabled,
586 rpc.help,
587 rpc.profile
588 FROM
589 '.$CFG->prefix.'mnet_host2service h2s,
590 '.$CFG->prefix.'mnet_service2rpc s2r,
591 '.$CFG->prefix.'mnet_rpc rpc
592 WHERE
593 rpc.xmlrpc_path = \''.$params[0].'\' AND
594 s2r.rpcid = rpc.id AND
595 h2s.serviceid = s2r.serviceid AND
f633d85d 596 h2s.publish =\'1\' AND
71558f85 597 h2s.hostid in ('.$id_list .')';
598
599 $result = get_records_sql($query);
600 $methodsigs = array();
601
602 if (is_array($result)) {
603 foreach($result as $method) {
604 $methodsigs[] = unserialize($method->profile);
605 }
606 }
607
608 return $methodsigs;
609 } elseif ('system.methodHelp' == $method || 'system/methodHelp' == $method) {
610 $query = '
611 SELECT DISTINCT
612 rpc.function_name,
613 rpc.xmlrpc_path,
614 rpc.enabled,
615 rpc.help,
616 rpc.profile
617 FROM
618 '.$CFG->prefix.'mnet_host2service h2s,
619 '.$CFG->prefix.'mnet_service2rpc s2r,
620 '.$CFG->prefix.'mnet_rpc rpc
621 WHERE
622 rpc.xmlrpc_path = \''.$params[0].'\' AND
623 s2r.rpcid = rpc.id AND
f633d85d 624 h2s.publish =\'1\' AND
71558f85 625 h2s.serviceid = s2r.serviceid AND
626 h2s.hostid in ('.$id_list .')';
627
628 $result = get_record_sql($query);
629
630 if (is_object($result)) {
631 return $result->help;
632 }
633 } elseif ('system.listServices' == $method || 'system/listServices' == $method) {
634 $query = '
635 SELECT DISTINCT
636 s.id,
637 s.name,
638 s.apiversion,
639 h2s.publish,
640 h2s.subscribe
641 FROM
642 '.$CFG->prefix.'mnet_host2service h2s,
643 '.$CFG->prefix.'mnet_service s
644 WHERE
645 h2s.serviceid = s.id AND
f633d85d 646 (h2s.publish =\'1\' OR h2s.subscribe =\'1\') AND
71558f85 647 h2s.hostid in ('.$id_list .')
648 ORDER BY
649 s.name ASC';
650
651 $result = get_records_sql($query);
652 $services = array();
653
654 if (is_array($result)) {
655 foreach($result as $service) {
656 $services[] = array('name' => $service->name,
657 'apiversion' => $service->apiversion,
658 'publish' => $service->publish,
659 'subscribe' => $service->subscribe);
660 }
661 }
662
663 return $services;
664 }
665 exit(mnet_server_fault(7019, 'nosuchfunction'));
666}
667
668/**
669 * Initialize the object (if necessary), execute the method or function, and
670 * return the response
671 *
672 * @param string $includefile The file that contains the object definition
673 * @param string $methodname The name of the method to execute
674 * @param string $method The full path to the method
675 * @param string $payload The XML-RPC request payload
676 * @param string $class The name of the class to instantiate (or false)
677 * @return string The XML-RPC response
678 */
679function mnet_server_invoke_method($includefile, $methodname, $method, $payload, $class=false) {
680
681 $permission = mnet_permit_rpc_call($includefile, $methodname, $class);
682
683 if (RPC_NOSUCHFILE == $permission) {
684 // Generate error response - unable to locate function
685 exit(mnet_server_fault(705, 'nosuchfile', $includefile));
686 }
687
688 if (RPC_NOSUCHFUNCTION == $permission) {
689 // Generate error response - unable to locate function
690 exit(mnet_server_fault(706, 'nosuchfunction'));
691 }
692
693 if (RPC_FORBIDDENFUNCTION == $permission) {
694 // Generate error response - unable to locate function
695 exit(mnet_server_fault(707, 'forbidden-function'));
696 }
697
698 if (RPC_NOSUCHCLASS == $permission) {
699 // Generate error response - unable to locate function
700 exit(mnet_server_fault(7013, 'nosuchfunction'));
701 }
702
703 if (RPC_NOSUCHMETHOD == $permission) {
704 // Generate error response - unable to locate function
705 exit(mnet_server_fault(7014, 'nosuchmethod'));
706 }
707
708 if (RPC_NOSUCHFUNCTION == $permission) {
709 // Generate error response - unable to locate function
710 exit(mnet_server_fault(7014, 'nosuchmethod'));
711 }
712
713 if (RPC_FORBIDDENMETHOD == $permission) {
714 // Generate error response - unable to locate function
715 exit(mnet_server_fault(7015, 'nosuchfunction'));
716 }
717
718 if (0 < $permission) {
719 // Generate error response - unable to locate function
720 exit(mnet_server_fault(7019, 'unknownerror'));
721 }
722
723 if (RPC_OK == $permission) {
724 $xmlrpcserver = xmlrpc_server_create();
725 $bool = xmlrpc_server_register_method($xmlrpcserver, $method, 'mnet_server_dummy_method');
1008dad6 726 $response = xmlrpc_server_call_method($xmlrpcserver, $payload, $methodname, array("encoding" => "utf-8"));
71558f85 727 $bool = xmlrpc_server_destroy($xmlrpcserver);
728 return $response;
729 }
730}
731
85d2d959 732/**
733 * Accepts a public key from a new remote host and returns the public key for
734 * this host. If 'register all hosts' is turned on, it will bootstrap a record
735 * for the remote host in the mnet_host table (if it's not already there)
736 *
737 * @param string $function XML-RPC requires this but we don't... discard!
738 * @param array $params Array of parameters
739 * $params[0] is the remote wwwroot
740 * $params[1] is the remote public key
741 * @return string The XML-RPC response
742 */
71558f85 743function mnet_keyswap($function, $params) {
735c7beb 744 global $CFG, $MNET;
71558f85 745 $return = array();
746
747 if (!empty($CFG->mnet_register_allhosts)) {
748 $mnet_peer = new mnet_peer();
25202581 749 @list($wwwroot, $pubkey, $application) = each($params);
750 $keyok = $mnet_peer->bootstrap($wwwroot, $pubkey, $application);
71558f85 751 if ($keyok) {
752 $mnet_peer->commit();
753 }
754 }
735c7beb 755 return $MNET->public_key;
71558f85 756}
85d2d959 757
71558f85 758?>