projects / moodle.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
MDL-16286 MDL-16285 better variable names and improved structure
[moodle.git] / mnet / xmlrpc / server.php
CommitLineData
71558f85 1<?php
2/**
3 * An XML-RPC server
4 *
5 * @author Donal McMullan donal@catalyst.net.nz
6 * @version 0.0.1
7 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
8 * @package mnet
9 */
10
11// Make certain that config.php doesn't display any errors, and that it doesn't
12// override our do-not-display-errors setting:
13ini_set('display_errors',0);
14require_once(dirname(dirname(dirname(__FILE__))) . '/config.php');
15ini_set('display_errors',0);
16
17// Include MNET stuff:
18require_once $CFG->dirroot.'/mnet/lib.php';
19require_once $CFG->dirroot.'/mnet/remote_client.php';
20
600be062 21if ($CFG->mnet_dispatcher_mode === 'off') {
22 print_error('mnetdisabled', 'mnet');
23}
24
71558f85 25// Content type for output is not html:
1008dad6 26header('Content-type: text/xml; charset=utf-8');
71558f85 27
25202581 28// PHP 5.2.2: $HTTP_RAW_POST_DATA not populated bug:
29// http://bugs.php.net/bug.php?id=41293
30if (empty($HTTP_RAW_POST_DATA)) {
31 $HTTP_RAW_POST_DATA = file_get_contents('php://input');
32}
33
71558f85 34if (!empty($CFG->mnet_rpcdebug)) {
35 trigger_error("HTTP_RAW_POST_DATA");
36 trigger_error($HTTP_RAW_POST_DATA);
37}
38
39// New global variable which ONLY gets set in this server page, so you know that
40// if you've been called by a remote Moodle, this should be set:
41$MNET_REMOTE_CLIENT = new mnet_remote_client();
42
5f6b28fa 43$plaintextmessage = mnet_server_decrypt_data($HTTP_RAW_POST_DATA);
44$xmlrpcrequest = mnet_server_check_signature($plaintextmessage);
71558f85 45
46if (!empty($CFG->mnet_rpcdebug)) {
47 trigger_error("XMLRPC Payload");
5f6b28fa 48 trigger_error(print_r($xmlrpcrequest,1));
71558f85 49}
50
51// Parse and action the XML-RPC payload
5f6b28fa 52$response = mnet_server_dispatch($xmlrpcrequest);
71558f85 53
54/**
71558f85 55 * -----XML-Envelope---------------------------------
56 * | |
57 * | Encrypted-Symmetric-key---------------- |
58 * | |_____________________________________| |
59 * | |
60 * | Encrypted data------------------------- |
61 * | | | |
62 * | | -XML-Envelope------------------ | |
63 * | | | | | |
64 * | | | --Signature------------- | | |
65 * | | | |______________________| | | |
66 * | | | | | |
67 * | | | --Signed-Payload-------- | | |
68 * | | | | | | | |
69 * | | | | XML-RPC Request | | | |
70 * | | | |______________________| | | |
71 * | | | | | |
72 * | | |_____________________________| | |
73 * | |_____________________________________| |
74 * | |
75 * |________________________________________________|
76 *
71558f85 77 */
5f6b28fa 78
79/* Decrypt supplied data using our private key.
80 *
81 * @param string $HTTP_RAW_POST_DATA The XML that the client sent
82 * @return string XML envelope containing XMLRPC request and remote peer signature
83 */
84function mnet_server_decrypt_data($HTTP_RAW_POST_DATA) {
71558f85 85 global $MNET, $MNET_REMOTE_CLIENT;
2a75520f 86 if (!isset($_SERVER)) {
87 exit(mnet_server_fault(712, "phperror"));
88 }
71558f85 89
2a75520f 90 $crypt_parser = new mnet_encxml_parser();
91 $crypt_parser->parse($HTTP_RAW_POST_DATA);
71558f85 92
2a75520f 93 // Make sure we know who we're talking to
94 $host_record_exists = $MNET_REMOTE_CLIENT->set_wwwroot($crypt_parser->remote_wwwroot);
9dd0e611 95
2a75520f 96 if (false == $host_record_exists) {
97 exit(mnet_server_fault(7020, 'wrong-wwwroot', $crypt_parser->remote_wwwroot));
98 }
9dd0e611 99
5f6b28fa 100 if (!$crypt_parser->payload_encrypted) {
101 //In most situations payload_unencrypted represents an error
102 $params = xmlrpc_decode_request($HTTP_RAW_POST_DATA, $method);
103 if (($method != 'system.keyswap')
104 && ($method != 'system/keyswap')
105 && ($MNET_REMOTE_CLIENT->plaintext_is_ok() == false)) {
106 exit(mnet_server_fault(7021, 'forbidden-transport'));
2a75520f 107 }
5f6b28fa 108 // Looks like plaintext is ok. It is assumed that a plaintext call:
109 // 1. Came from a trusted host on your local network
110 // 2. Is *not* from a Moodle - otherwise why skip encryption/signing?
111 // 3. Is free to execute ANY function in Moodle
112 // 4. Cannot execute any methods (as it can't instantiate a class first)
113 // To execute a method, you'll need to create a wrapper function that first
114 // instantiates the class, and then calls the method.
115 return $HTTP_RAW_POST_DATA;
116 }
117 // This key is symmetric, and is itself encrypted. Can be decrypted using our private key
118 $key = array_pop($crypt_parser->cipher);
119 // This data is symmetrically encrypted, can be decrypted using the above key
120 $data = array_pop($crypt_parser->cipher);
121
122 $crypt_parser->free_resource();
123 $payload = ''; // Initialize payload var
124
125 // &$payload
126 $isOpen = openssl_open(base64_decode($data), $payload, base64_decode($key), $MNET->get_private_key());
127
128 if (!$isOpen) {
129 // Decryption failed... let's try our archived keys
130 $openssl_history = get_config('mnet', 'openssl_history');
131 if(empty($openssl_history)) {
132 $openssl_history = array();
133 set_config('openssl_history', serialize($openssl_history), 'mnet');
71558f85 134 } else {
5f6b28fa 135 $openssl_history = unserialize($openssl_history);
136 }
137 foreach($openssl_history as $keyset) {
138 $keyresource = openssl_pkey_get_private($keyset['keypair_PEM']);
139 $isOpen = openssl_open(base64_decode($data), $payload, base64_decode($key), $keyresource);
140 if ($isOpen) {
141 // It's an older code, sir, but it checks out
142
143 // The peer used one of our public keys that have expired, we will return a
144 // signed/encrypted error message containing our new public key
145 // Sign message with our old key, and encrypt to the peer's private key.
146
147 // Fabricate 'was_signed'
148 // Set here so that we sign the response containing the new public key.
149 $MNET_REMOTE_CLIENT->was_signed();
150
151 // 'Was_encrypted' is mostly true
152 // Set here so that the response is encrypted to the remote peer's private key.
153 $MNET_REMOTE_CLIENT->was_encrypted();
154
155 // nb 'srvr_fault_xml' used to avoid use of get_string on our new public_key
156 exit(mnet_server_fault_xml(7025, $MNET->public_key, $keyresource));
157 }
71558f85 158 }
5f6b28fa 159 }
71558f85 160
5f6b28fa 161 if (!$isOpen) {
162 exit(mnet_server_fault(7023, 'encryption-invalid'));
2a75520f 163 }
5f6b28fa 164 $MNET_REMOTE_CLIENT->was_encrypted();
165 return $payload;
166}
71558f85 167
5f6b28fa 168/* Check signature for supplied message using our record of remote peer's public key.
169 *
170 * @param string $plaintextmessage XML envelope containing XMLRPC request and signature
171 * @return string XMLRPC request
172 */
173function mnet_server_check_signature($plaintextmessage) {
174 global $MNET, $MNET_REMOTE_CLIENT;
175 $sig_parser = new mnet_encxml_parser();
176 $sig_parser->parse($plaintextmessage);
71558f85 177
5f6b28fa 178 // Get our record of the peer's public key
2a75520f 179 $certificate = $MNET_REMOTE_CLIENT->public_key;
71558f85 180
2a75520f 181 if ($certificate == false) {
182 exit(mnet_server_fault(709, 'nosuchpublickey'));
183 }
184
185 $payload = base64_decode($sig_parser->data_object);
5f6b28fa 186 $signature = base64_decode($sig_parser->signature);
2a75520f 187
188 // Does the signature match the data and the public cert?
5f6b28fa 189 $signature_verified = openssl_verify($payload, $signature, $certificate);
454a6e7c 190 if ($signature_verified == 0) {
191 // $signature was not generated for $payload using $certificate
192 // Get the key the remote peer is currently publishing:
2a75520f 193 $currkey = mnet_get_public_key($MNET_REMOTE_CLIENT->wwwroot, $MNET_REMOTE_CLIENT->application);
454a6e7c 194 // If the key the remote peer is currently publishing is different to $certificate
2a75520f 195 if($currkey != $certificate) {
454a6e7c 196 // If we can't get the server's new key through trusted means
197 if(!$MNET_REMOTE_CLIENT->refresh_key()){
2a75520f 198 exit(mnet_server_fault(7026, 'verifysignature-invalid'));
9dd0e611 199 }
988b0b22 200 // If we did manage to re-key, try to verify the signature again using the new public key.
201 $certificate = $MNET_REMOTE_CLIENT->public_key;
250f84d6 202 $signature_verified = openssl_verify($payload, $signature, $certificate);
71558f85 203 }
454a6e7c 204 }
205
206 if ($signature_verified == 1) {
207 $MNET_REMOTE_CLIENT->was_signed();
208 $MNET_REMOTE_CLIENT->touch();
209 } elseif ($signature_verified == 0) {
210 exit(mnet_server_fault(710, 'verifysignature-invalid'));
71558f85 211 } else {
2a75520f 212 exit(mnet_server_fault(711, 'verifysignature-error'));
71558f85 213 }
2a75520f 214
215 $sig_parser->free_resource();
216
217 return $payload;
71558f85 218}
219
220/**
151a9872 221 * Return the proper XML-RPC content to report an error in the local language.
71558f85 222 *
223 * @param int $code The ID code of the error message
151a9872 224 * @param string $text The array-key of the error message in the lang file
ea676d6e 225 * or the full string (will be detected by the function
151a9872 226 * @param string $param The $a param for the error message in the lang file
71558f85 227 * @return string $text The text of the error message
228 */
229function mnet_server_fault($code, $text, $param = null) {
151a9872 230 global $MNET_REMOTE_CLIENT;
71558f85 231 if (!is_numeric($code)) {
232 $code = 0;
233 }
234 $code = intval($code);
235
ea676d6e 236 $string = get_string($text, 'mnet', $param);
237 if (strpos($string, '[[') === 0) {
238 $string = $text;
239 }
240
241 return mnet_server_fault_xml($code, $string);
151a9872 242}
71558f85 243
151a9872 244/**
245 * Return the proper XML-RPC content to report an error.
246 *
09f0abb2 247 * @param int $code The ID code of the error message
248 * @param string $text The error message
249 * @param resource $privatekey The private key that should be used to sign the response
250 * @return string $text The XML text of the error message
151a9872 251 */
09f0abb2 252function mnet_server_fault_xml($code, $text, $privatekey = null) {
573f8b02 253 global $MNET_REMOTE_CLIENT, $CFG;
71558f85 254 // Replace illegal XML chars - is this already in a lib somewhere?
255 $text = str_replace(array('<','>','&','"',"'"), array('&lt;','&gt;','&amp;','&quot;','&apos;'), $text);
256
257 $return = mnet_server_prepare_response('<?xml version="1.0"?>
258<methodResponse>
259 <fault>
260 <value>
261 <struct>
262 <member>
263 <name>faultCode</name>
264 <value><int>'.$code.'</int></value>
265 </member>
266 <member>
267 <name>faultString</name>
268 <value><string>'.$text.'</string></value>
25202581 269 </member>
270 </struct>
271 </value>
272 </fault>
09f0abb2 273</methodResponse>', $privatekey);
573f8b02 274
275 if (!empty($CFG->mnet_rpcdebug)) {
3d706b49 276 trigger_error("XMLRPC Error Response $code: $text");
573f8b02 277 trigger_error(print_r($return,1));
278 }
279
71558f85 280 return $return;
281}
282
283/**
284 * Dummy function for the XML-RPC dispatcher - use to call a method on an object
285 * or to call a function
286 *
287 * Translate XML-RPC's strange function call syntax into a more straightforward
288 * PHP-friendly alternative. This dummy function will be called by the
289 * dispatcher, and can be used to call a method on an object, or just a function
290 *
291 * The methodName argument (eg. mnet/testlib/mnet_concatenate_strings)
292 * is ignored.
293 *
294 * @param string $methodname We discard this - see 'functionname'
295 * @param array $argsarray Each element is an argument to the real
296 * function
297 * @param string $functionname The name of the PHP function you want to call
298 * @return mixed The return value will be that of the real
299 * function, whateber it may be.
300 */
301function mnet_server_dummy_method($methodname, $argsarray, $functionname) {
302 global $MNET_REMOTE_CLIENT;
303
b91b274b 304 if (is_object($MNET_REMOTE_CLIENT->object_to_call)) {
71558f85 305 return @call_user_method_array($functionname, $MNET_REMOTE_CLIENT->object_to_call, $argsarray);
b91b274b 306 } else if (!empty($MNET_REMOTE_CLIENT->static_location)) {
307 return @call_user_func_array(array($MNET_REMOTE_CLIENT->static_location, $functionname), $argsarray);
308 } else {
309 return @call_user_func_array($functionname, $argsarray);
71558f85 310 }
311}
312
313/**
314 * Package a response in any required envelope, and return it to the client
315 *
09f0abb2 316 * @param string $response The XMLRPC response string
317 * @param resource $privatekey The private key to sign the response with
318 * @return string The encoded response string
71558f85 319 */
09f0abb2 320function mnet_server_prepare_response($response, $privatekey = null) {
71558f85 321 global $MNET_REMOTE_CLIENT;
322
323 if ($MNET_REMOTE_CLIENT->request_was_signed) {
09f0abb2 324 $response = mnet_sign_message($response, $privatekey);
71558f85 325 }
326
327 if ($MNET_REMOTE_CLIENT->request_was_encrypted) {
328 $response = mnet_encrypt_message($response, $MNET_REMOTE_CLIENT->public_key);
329 }
330
331 return $response;
332}
333
334/**
335 * If security checks are passed, dispatch the request to the function/method
336 *
337 * The config variable 'mnet_dispatcher_mode' can be:
338 * strict: Only execute functions that are in specific files
339 * off: The default - don't execute anything
340 *
341 * @param string $payload The XML-RPC request
342 * @return No return val - just echo the response
343 */
344function mnet_server_dispatch($payload) {
345 global $CFG, $MNET_REMOTE_CLIENT;
346 // xmlrpc_decode_request returns an array of parameters, and the $method
347 // variable (which is passed by reference) is instantiated with the value from
348 // the methodName tag in the xml payload
349 // xmlrpc_decode_request($xml, &$method)
350 $params = xmlrpc_decode_request($payload, $method);
351
b26a847b 352 // $method is something like: "mod/forum/lib.php/forum_add_instance"
71558f85 353 // $params is an array of parameters. A parameter might itself be an array.
354
355 // Whitelist characters that are permitted in a method name
356 // The method name must not begin with a / - avoid absolute paths
357 // A dot character . is only allowed in the filename, i.e. something.php
358 if (0 == preg_match("@^[A-Za-z0-9]+/[A-Za-z0-9/_-]+(\.php/)?[A-Za-z0-9_-]+$@",$method)) {
359 exit(mnet_server_fault(713, 'nosuchfunction'));
360 }
361
4fc66605 362 if(preg_match("/^system\./", $method)) {
b26a847b 363 $callstack = explode('.', $method);
364 } else {
365 $callstack = explode('/', $method);
366 // callstack will look like array('mod', 'forum', 'lib.php', 'forum_add_instance');
367 }
71558f85 368
369 /**
370 * What has the site administrator chosen as his dispatcher setting?
371 * strict: Only execute functions that are in specific files
372 * off: The default - don't execute anything
373 */
374 ////////////////////////////////////// OFF
375 if (!isset($CFG->mnet_dispatcher_mode) ) {
376 set_config('mnet_dispatcher_mode', 'off');
377 exit(mnet_server_fault(704, 'nosuchservice'));
378 } elseif ('off' == $CFG->mnet_dispatcher_mode) {
379 exit(mnet_server_fault(704, 'nosuchservice'));
380
381 ////////////////////////////////////// SYSTEM METHODS
382 } elseif ($callstack[0] == 'system') {
383 $functionname = $callstack[1];
384 $xmlrpcserver = xmlrpc_server_create();
385
386 // I'm adding the canonical xmlrpc references here, however we've
387 // already forbidden that the period (.) should be allowed in the call
388 // stack, so if someone tries to access our XMLRPC in the normal way,
389 // they'll already have received a RPC server fault message.
390
391 // Maybe we should allow an easement so that regular XMLRPC clients can
392 // call our system methods, and find out what we have to offer?
393
394 xmlrpc_server_register_method($xmlrpcserver, 'system.listMethods', 'mnet_system');
395 xmlrpc_server_register_method($xmlrpcserver, 'system/listMethods', 'mnet_system');
396
397 xmlrpc_server_register_method($xmlrpcserver, 'system.methodSignature', 'mnet_system');
398 xmlrpc_server_register_method($xmlrpcserver, 'system/methodSignature', 'mnet_system');
399
400 xmlrpc_server_register_method($xmlrpcserver, 'system.methodHelp', 'mnet_system');
401 xmlrpc_server_register_method($xmlrpcserver, 'system/methodHelp', 'mnet_system');
402
403 xmlrpc_server_register_method($xmlrpcserver, 'system.listServices', 'mnet_system');
404 xmlrpc_server_register_method($xmlrpcserver, 'system/listServices', 'mnet_system');
405
406 xmlrpc_server_register_method($xmlrpcserver, 'system.keyswap', 'mnet_keyswap');
407 xmlrpc_server_register_method($xmlrpcserver, 'system/keyswap', 'mnet_keyswap');
408
409 if ($method == 'system.listMethods' ||
410 $method == 'system/listMethods' ||
411 $method == 'system.methodSignature' ||
412 $method == 'system/methodSignature' ||
413 $method == 'system.methodHelp' ||
414 $method == 'system/methodHelp' ||
415 $method == 'system.listServices' ||
416 $method == 'system/listServices' ||
417 $method == 'system.keyswap' ||
418 $method == 'system/keyswap') {
419
1008dad6 420 $response = xmlrpc_server_call_method($xmlrpcserver, $payload, $MNET_REMOTE_CLIENT, array("encoding" => "utf-8"));
71558f85 421 $response = mnet_server_prepare_response($response);
422 } else {
423 exit(mnet_server_fault(7018, 'nosuchfunction'));
424 }
425
426 xmlrpc_server_destroy($xmlrpcserver);
427 echo $response;
428 ////////////////////////////////////// STRICT AUTH
429 } elseif ($callstack[0] == 'auth') {
430
431 // Break out the callstack into its elements
432 list($base, $plugin, $filename, $methodname) = $callstack;
433
434 // We refuse to include anything that is not auth.php
435 if ($filename == 'auth.php' && is_enabled_auth($plugin)) {
436 $authclass = 'auth_plugin_'.$plugin;
437 $includefile = '/auth/'.$plugin.'/auth.php';
438 $response = mnet_server_invoke_method($includefile, $methodname, $method, $payload, $authclass);
439 $response = mnet_server_prepare_response($response);
440 echo $response;
441 } else {
442 // Generate error response - unable to locate function
443 exit(mnet_server_fault(702, 'nosuchfunction'));
444 }
445
446 ////////////////////////////////////// STRICT ENROL
447 } elseif ($callstack[0] == 'enrol') {
448
449 // Break out the callstack into its elements
450 list($base, $plugin, $filename, $methodname) = $callstack;
451
452 if ($filename == 'enrol.php' && is_enabled_enrol($plugin)) {
453 $enrolclass = 'enrolment_plugin_'.$plugin;
454 $includefile = '/enrol/'.$plugin.'/enrol.php';
455 $response = mnet_server_invoke_method($includefile, $methodname, $method, $payload, $enrolclass);
456 $response = mnet_server_prepare_response($response);
457 echo $response;
458 } else {
459 // Generate error response - unable to locate function
460 exit(mnet_server_fault(703, 'nosuchfunction'));
461 }
462
b91b274b 463 } else if ($callstack[0] == 'portfolio') {
464 // Break out the callstack into its elements
465 list($base, $plugin, $filename, $methodname) = $callstack;
466
467 if ($filename == 'lib.php') {
468 $pluginclass = 'portfolio_plugin_' . $plugin;
469 $includefile = '/portfolio/type/'.$plugin.'/lib.php';
470 $response = mnet_server_invoke_method($includefile, $methodname, $method, $payload, $pluginclass);
471 $response = mnet_server_prepare_response($response);
472 echo $response;
473 } else {
474 // Generate error response - unable to locate function
475 exit(mnet_server_fault(7012, 'nosuchfunction'));
476 }
477
71558f85 478 ////////////////////////////////////// STRICT MOD/*
68bcd355 479 } elseif ($callstack[0] == 'mod' || 'dangerous' == $CFG->mnet_dispatcher_mode) {
71558f85 480 list($base, $module, $filename, $functionname) = $callstack;
481
482 ////////////////////////////////////// STRICT MOD/*
483 if ($base == 'mod' && $filename == 'rpclib.php') {
484 $includefile = '/mod/'.$module.'/rpclib.php';
485 $response = mnet_server_invoke_method($includefile, $functionname, $method, $payload);
486 $response = mnet_server_prepare_response($response);
487 echo $response;
488
68bcd355 489 ////////////////////////////////////// DANGEROUS
490 } elseif ('dangerous' == $CFG->mnet_dispatcher_mode && $MNET_REMOTE_CLIENT->plaintext_is_ok()) {
71558f85 491
492 $functionname = array_pop($callstack);
71558f85 493
494 if ($MNET_REMOTE_CLIENT->plaintext_is_ok()) {
495
1bef950e 496 $filename = clean_param(implode('/',$callstack), PARAM_PATH);
497 if (0 == preg_match("/php$/", $filename)) {
498 // Filename doesn't end in 'php'; possible attack?
499 // Generate error response - unable to locate function
500 exit(mnet_server_fault(7012, 'nosuchfunction'));
501 }
502
71558f85 503 // The call stack holds the path to any include file
1bef950e 504 $includefile = $CFG->dirroot.'/'.$filename;
71558f85 505
b26a847b 506 $response = mnet_server_invoke_method($includefile, $functionname, $method, $payload);
71558f85 507 echo $response;
508 }
509
510 } else {
511 // Generate error response - unable to locate function
512 exit(mnet_server_fault(7012, 'nosuchfunction'));
513 }
514
515 } else {
516 // Generate error response - unable to locate function
517 exit(mnet_server_fault(7012, 'nosuchfunction'));
518 }
519}
520
521/**
522 * Execute the system functions - mostly for introspection
523 *
524 * @param string $method XMLRPC method name, e.g. system.listMethods
525 * @param array $params Array of parameters from the XMLRPC request
526 * @param string $hostinfo Hostinfo object from the mnet_host table
527 * @return mixed Response data - any kind of PHP variable
528 */
529function mnet_system($method, $params, $hostinfo) {
cc38ff5d 530 global $CFG, $DB;
71558f85 531
532 if (empty($hostinfo)) return array();
533
534 $id_list = $hostinfo->id;
535 if (!empty($CFG->mnet_all_hosts_id)) {
536 $id_list .= ', '.$CFG->mnet_all_hosts_id;
537 }
538
539 if ('system.listMethods' == $method || 'system/listMethods' == $method) {
540 if (count($params) == 0) {
541 $query = '
542 SELECT DISTINCT
543 rpc.function_name,
544 rpc.xmlrpc_path,
545 rpc.enabled,
546 rpc.help,
547 rpc.profile
548 FROM
cc38ff5d 549 {mnet_host2service} h2s,
550 {mnet_service2rpc} s2r,
551 {mnet_rpc} rpc
71558f85 552 WHERE
553 s2r.rpcid = rpc.id AND
554 h2s.serviceid = s2r.serviceid AND
f633d85d 555 h2s.hostid in ('.$id_list .') AND
556 h2s.publish =\'1\'
71558f85 557 ORDER BY
558 rpc.xmlrpc_path ASC';
cc38ff5d 559 $params = array();
71558f85 560
561 } else {
562 $query = '
563 SELECT DISTINCT
564 rpc.function_name,
565 rpc.xmlrpc_path,
566 rpc.enabled,
567 rpc.help,
568 rpc.profile
569 FROM
cc38ff5d 570 {mnet_host2service} h2s,
571 {mnet_service2rpc} s2r,
572 {mnet_service} svc,
573 {mnet_rpc} rpc
71558f85 574 WHERE
575 s2r.rpcid = rpc.id AND
576 h2s.serviceid = s2r.serviceid AND
577 h2s.hostid in ('.$id_list .') AND
f633d85d 578 h2s.publish =\'1\' AND
71558f85 579 svc.id = h2s.serviceid AND
cc38ff5d 580 svc.name = ?
71558f85 581 ORDER BY
582 rpc.xmlrpc_path ASC';
cc38ff5d 583 $params = array($params[0]);
71558f85 584
585 }
cc38ff5d 586 $resultset = array_values($DB->get_records_sql($query, $params));
71558f85 587 $methods = array();
588 foreach($resultset as $result) {
589 $methods[] = $result->xmlrpc_path;
590 }
591 return $methods;
592 } elseif ('system.methodSignature' == $method || 'system/methodSignature' == $method) {
593 $query = '
594 SELECT DISTINCT
595 rpc.function_name,
596 rpc.xmlrpc_path,
597 rpc.enabled,
598 rpc.help,
599 rpc.profile
600 FROM
cc38ff5d 601 {mnet_host2service} h2s,
602 {mnet_service2rpc} s2r,
603 {mnet_rpc rpc}
71558f85 604 WHERE
cc38ff5d 605 rpc.xmlrpc_path = ? AND
71558f85 606 s2r.rpcid = rpc.id AND
607 h2s.serviceid = s2r.serviceid AND
f633d85d 608 h2s.publish =\'1\' AND
71558f85 609 h2s.hostid in ('.$id_list .')';
cc38ff5d 610 $params = array($params[0]);
71558f85 611
cc38ff5d 612 $result = $DB->get_records_sql($query, $params);
71558f85 613 $methodsigs = array();
614
615 if (is_array($result)) {
616 foreach($result as $method) {
617 $methodsigs[] = unserialize($method->profile);
618 }
619 }
620
621 return $methodsigs;
622 } elseif ('system.methodHelp' == $method || 'system/methodHelp' == $method) {
623 $query = '
624 SELECT DISTINCT
625 rpc.function_name,
626 rpc.xmlrpc_path,
627 rpc.enabled,
628 rpc.help,
629 rpc.profile
630 FROM
cc38ff5d 631 {mnet_host2service} h2s,
632 {mnet_service2rpc} s2r,
633 {mnet_rpc} rpc
71558f85 634 WHERE
cc38ff5d 635 rpc.xmlrpc_path = ? AND
71558f85 636 s2r.rpcid = rpc.id AND
f633d85d 637 h2s.publish =\'1\' AND
71558f85 638 h2s.serviceid = s2r.serviceid AND
639 h2s.hostid in ('.$id_list .')';
cc38ff5d 640 $params = array($params[0]);
71558f85 641
cc38ff5d 642 $result = $DB->get_record_sql($query, $params);
71558f85 643
644 if (is_object($result)) {
645 return $result->help;
646 }
647 } elseif ('system.listServices' == $method || 'system/listServices' == $method) {
648 $query = '
649 SELECT DISTINCT
650 s.id,
651 s.name,
652 s.apiversion,
653 h2s.publish,
654 h2s.subscribe
655 FROM
cc38ff5d 656 {mnet_host2service} h2s,
657 {mnet_service} s
71558f85 658 WHERE
659 h2s.serviceid = s.id AND
f633d85d 660 (h2s.publish =\'1\' OR h2s.subscribe =\'1\') AND
71558f85 661 h2s.hostid in ('.$id_list .')
662 ORDER BY
663 s.name ASC';
cc38ff5d 664 $params = array();
71558f85 665
cc38ff5d 666 $result = $DB->get_records_sql($query, $params);
71558f85 667 $services = array();
668
669 if (is_array($result)) {
670 foreach($result as $service) {
671 $services[] = array('name' => $service->name,
672 'apiversion' => $service->apiversion,
673 'publish' => $service->publish,
674 'subscribe' => $service->subscribe);
675 }
676 }
677
678 return $services;
679 }
680 exit(mnet_server_fault(7019, 'nosuchfunction'));
681}
682
683/**
684 * Initialize the object (if necessary), execute the method or function, and
685 * return the response
686 *
687 * @param string $includefile The file that contains the object definition
688 * @param string $methodname The name of the method to execute
689 * @param string $method The full path to the method
690 * @param string $payload The XML-RPC request payload
691 * @param string $class The name of the class to instantiate (or false)
692 * @return string The XML-RPC response
693 */
694function mnet_server_invoke_method($includefile, $methodname, $method, $payload, $class=false) {
695
696 $permission = mnet_permit_rpc_call($includefile, $methodname, $class);
697
698 if (RPC_NOSUCHFILE == $permission) {
699 // Generate error response - unable to locate function
700 exit(mnet_server_fault(705, 'nosuchfile', $includefile));
701 }
702
703 if (RPC_NOSUCHFUNCTION == $permission) {
704 // Generate error response - unable to locate function
705 exit(mnet_server_fault(706, 'nosuchfunction'));
706 }
707
708 if (RPC_FORBIDDENFUNCTION == $permission) {
709 // Generate error response - unable to locate function
710 exit(mnet_server_fault(707, 'forbidden-function'));
711 }
712
713 if (RPC_NOSUCHCLASS == $permission) {
714 // Generate error response - unable to locate function
715 exit(mnet_server_fault(7013, 'nosuchfunction'));
716 }
717
718 if (RPC_NOSUCHMETHOD == $permission) {
719 // Generate error response - unable to locate function
720 exit(mnet_server_fault(7014, 'nosuchmethod'));
721 }
722
723 if (RPC_NOSUCHFUNCTION == $permission) {
724 // Generate error response - unable to locate function
725 exit(mnet_server_fault(7014, 'nosuchmethod'));
726 }
727
728 if (RPC_FORBIDDENMETHOD == $permission) {
729 // Generate error response - unable to locate function
730 exit(mnet_server_fault(7015, 'nosuchfunction'));
731 }
732
733 if (0 < $permission) {
734 // Generate error response - unable to locate function
735 exit(mnet_server_fault(7019, 'unknownerror'));
736 }
737
738 if (RPC_OK == $permission) {
739 $xmlrpcserver = xmlrpc_server_create();
740 $bool = xmlrpc_server_register_method($xmlrpcserver, $method, 'mnet_server_dummy_method');
1008dad6 741 $response = xmlrpc_server_call_method($xmlrpcserver, $payload, $methodname, array("encoding" => "utf-8"));
71558f85 742 $bool = xmlrpc_server_destroy($xmlrpcserver);
743 return $response;
744 }
745}
746
85d2d959 747/**
748 * Accepts a public key from a new remote host and returns the public key for
749 * this host. If 'register all hosts' is turned on, it will bootstrap a record
750 * for the remote host in the mnet_host table (if it's not already there)
751 *
752 * @param string $function XML-RPC requires this but we don't... discard!
753 * @param array $params Array of parameters
754 * $params[0] is the remote wwwroot
755 * $params[1] is the remote public key
756 * @return string The XML-RPC response
757 */
71558f85 758function mnet_keyswap($function, $params) {
735c7beb 759 global $CFG, $MNET;
71558f85 760 $return = array();
761
762 if (!empty($CFG->mnet_register_allhosts)) {
763 $mnet_peer = new mnet_peer();
25202581 764 @list($wwwroot, $pubkey, $application) = each($params);
765 $keyok = $mnet_peer->bootstrap($wwwroot, $pubkey, $application);
71558f85 766 if ($keyok) {
767 $mnet_peer->commit();
768 }
769 }
735c7beb 770 return $MNET->public_key;
71558f85 771}
85d2d959 772
71558f85 773?>
Moodle official production repository