71558f85 |
1 | <?php |
2 | /** |
3 | * An XML-RPC server |
4 | * |
5 | * @author Donal McMullan donal@catalyst.net.nz |
6 | * @version 0.0.1 |
7 | * @license http://www.gnu.org/copyleft/gpl.html GNU Public License |
8 | * @package mnet |
9 | */ |
10 | |
11 | // Make certain that config.php doesn't display any errors, and that it doesn't |
12 | // override our do-not-display-errors setting: |
13 | ini_set('display_errors',0); |
14 | require_once(dirname(dirname(dirname(__FILE__))) . '/config.php'); |
15 | ini_set('display_errors',0); |
16 | |
17 | // Include MNET stuff: |
18 | require_once $CFG->dirroot.'/mnet/lib.php'; |
19 | require_once $CFG->dirroot.'/mnet/remote_client.php'; |
20 | |
21 | // Content type for output is not html: |
22 | header('Content-type: text/xml'); |
23 | |
24 | if (!empty($CFG->mnet_rpcdebug)) { |
25 | trigger_error("HTTP_RAW_POST_DATA"); |
26 | trigger_error($HTTP_RAW_POST_DATA); |
27 | } |
28 | |
29 | // New global variable which ONLY gets set in this server page, so you know that |
30 | // if you've been called by a remote Moodle, this should be set: |
31 | $MNET_REMOTE_CLIENT = new mnet_remote_client(); |
32 | |
33 | // Peek at the message to see if it's an XML-ENC document. If it is, note that |
34 | // the client connection was encrypted, and strip the xml-encryption and |
35 | // xml-signature wrappers from the XML-RPC payload |
36 | if (strpos(substr($HTTP_RAW_POST_DATA, 0, 100), '<encryptedMessage>')) { |
37 | $MNET_REMOTE_CLIENT->was_encrypted(); |
38 | // Extract the XML-RPC payload from the XML-ENC and XML-SIG wrappers. |
39 | $payload = mnet_server_strip_wrappers($HTTP_RAW_POST_DATA); |
40 | } else { |
41 | $params = xmlrpc_decode_request($HTTP_RAW_POST_DATA, $method); |
42 | if ($method == 'system.keyswap' || |
43 | $method == 'system/keyswap') { |
44 | |
45 | // OK |
46 | |
47 | } elseif ($MNET_REMOTE_CLIENT->plaintext_is_ok() == false) { |
48 | exit(mnet_server_fault(7021, 'forbidden-transport')); |
49 | } |
50 | // Looks like plaintext is ok. It is assumed that a plaintext call: |
51 | // 1. Came from a trusted host on your local network |
52 | // 2. Is *not* from a Moodle - otherwise why skip encryption/signing? |
53 | // 3. Is free to execute ANY function in Moodle |
54 | // 4. Cannot execute any methods (as it can't instantiate a class first) |
55 | // To execute a method, you'll need to create a wrapper function that first |
56 | // instantiates the class, and then calls the method. |
57 | $payload = $HTTP_RAW_POST_DATA; |
58 | } |
59 | |
60 | if (!empty($CFG->mnet_rpcdebug)) { |
61 | trigger_error("XMLRPC Payload"); |
62 | trigger_error(print_r($payload,1)); |
63 | } |
64 | |
65 | // Parse and action the XML-RPC payload |
66 | $response = mnet_server_dispatch($payload); |
67 | |
68 | /** |
69 | * Strip the encryption (XML-ENC) and signature (XML-SIG) wrappers and return the XML-RPC payload |
70 | * |
71 | * IF COMMUNICATION TAKES PLACE OVER UNENCRYPTED HTTP: |
72 | * The payload will have been encrypted with a symmetric key. This key will |
73 | * itself have been encrypted using your public key. The key is decrypted using |
74 | * your private key, and then used to decrypt the XML payload. |
75 | * |
76 | * IF COMMUNICATION TAKES PLACE OVER UNENCRYPTED HTTP *OR* ENCRYPTED HTTPS: |
77 | * In either case, there will be an XML wrapper which contains your XML-RPC doc |
78 | * as an object element, a signature for that doc, and various standards- |
79 | * compliant info to aid in verifying the signature. |
80 | * |
81 | * This function parses the encryption wrapper, decrypts the contents, parses |
82 | * the signature wrapper, and if the signature matches the payload, it returns |
83 | * the payload, which should be an XML-RPC request. |
84 | * If there is an error, or the signatures don't match, it echoes an XML-RPC |
85 | * error and exits. |
86 | * |
87 | * See the W3C's {@link http://www.w3.org/TR/xmlenc-core/ XML Encryption Syntax and Processing} |
88 | * and {@link http://www.w3.org/TR/2001/PR-xmldsig-core-20010820/ XML-Signature Syntax and Processing} |
89 | * guidelines for more detail on the XML. |
90 | * |
91 | * -----XML-Envelope--------------------------------- |
92 | * | | |
93 | * | Encrypted-Symmetric-key---------------- | |
94 | * | |_____________________________________| | |
95 | * | | |
96 | * | Encrypted data------------------------- | |
97 | * | | | | |
98 | * | | -XML-Envelope------------------ | | |
99 | * | | | | | | |
100 | * | | | --Signature------------- | | | |
101 | * | | | |______________________| | | | |
102 | * | | | | | | |
103 | * | | | --Signed-Payload-------- | | | |
104 | * | | | | | | | | |
105 | * | | | | XML-RPC Request | | | | |
106 | * | | | |______________________| | | | |
107 | * | | | | | | |
108 | * | | |_____________________________| | | |
109 | * | |_____________________________________| | |
110 | * | | |
111 | * |________________________________________________| |
112 | * |
113 | * @uses $db |
114 | * @param string $HTTP_RAW_POST_DATA The XML that the client sent |
115 | * @return string The XMLRPC payload. |
116 | */ |
117 | function mnet_server_strip_wrappers($HTTP_RAW_POST_DATA) { |
118 | global $MNET, $MNET_REMOTE_CLIENT; |
119 | if (isset($_SERVER)) { |
120 | |
121 | $crypt_parser = new mnet_encxml_parser(); |
122 | $crypt_parser->parse($HTTP_RAW_POST_DATA); |
123 | |
124 | if ($crypt_parser->payload_encrypted) { |
125 | |
126 | $key = array_pop($crypt_parser->cipher); |
127 | $data = array_pop($crypt_parser->cipher); |
128 | |
129 | $crypt_parser->free_resource(); |
130 | |
131 | // Initialize payload var |
132 | $payload = ''; |
133 | |
134 | // &$payload |
135 | $isOpen = openssl_open(base64_decode($data), $payload, base64_decode($key), $MNET->get_private_key()); |
136 | |
137 | if (!$isOpen) { |
138 | exit(mnet_server_fault(7023, 'encryption-invalid')); |
139 | } |
140 | |
141 | if (strpos(substr($payload, 0, 100), '<signedMessage>')) { |
142 | $MNET_REMOTE_CLIENT->was_signed(); |
143 | $sig_parser = new mnet_encxml_parser(); |
144 | $sig_parser->parse($payload); |
145 | } else { |
146 | exit(mnet_server_fault(7022, 'verifysignature-error')); |
147 | } |
148 | |
149 | } else { |
150 | exit(mnet_server_fault(7024, 'payload-not-encrypted')); |
151 | } |
152 | |
153 | unset($payload); |
154 | |
155 | $host_record_exists = $MNET_REMOTE_CLIENT->set_wwwroot($sig_parser->remote_wwwroot); |
156 | |
157 | if (false == $host_record_exists) { |
158 | exit(mnet_server_fault(7020, 'wrong-wwwroot', $sig_parser->remote_wwwroot)); |
159 | } elseif (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] != $MNET_REMOTE_CLIENT->ip_address) { |
160 | exit(mnet_server_fault(7017, 'wrong-ip')); |
161 | } |
162 | |
163 | /** |
164 | * Get the certificate (i.e. public key) from the remote server. |
165 | */ |
166 | $certificate = $MNET_REMOTE_CLIENT->public_key; |
167 | |
168 | if ($certificate == false) { |
169 | exit(mnet_server_fault(709, 'nosuchpublickey')); |
170 | } |
171 | |
172 | $payload = base64_decode($sig_parser->data_object); |
173 | |
174 | // Does the signature match the data and the public cert? |
175 | $signature_verified = openssl_verify($payload, base64_decode($sig_parser->signature), $certificate); |
176 | if ($signature_verified == 1) { |
177 | // Parse the XML |
178 | } elseif ($signature_verified == 0) { |
179 | exit(mnet_server_fault(710, 'verifysignature-invalid')); |
180 | } else { |
181 | exit(mnet_server_fault(711, 'verifysignature-error')); |
182 | } |
183 | |
184 | $sig_parser->free_resource(); |
185 | |
186 | return $payload; |
187 | } else { |
188 | exit(mnet_server_fault(712, "phperror")); |
189 | } |
190 | } |
191 | |
192 | /** |
193 | * Return the proper XML-RPC content to report an error. |
194 | * |
195 | * @param int $code The ID code of the error message |
196 | * @return string $text The text of the error message |
197 | */ |
198 | function mnet_server_fault($code, $text, $param = null) { |
199 | if (!is_numeric($code)) { |
200 | $code = 0; |
201 | } |
202 | $code = intval($code); |
203 | |
204 | $text = get_string($text, 'mnet', $param); |
205 | |
206 | // Replace illegal XML chars - is this already in a lib somewhere? |
207 | $text = str_replace(array('<','>','&','"',"'"), array('<','>','&','"','''), $text); |
208 | |
209 | $return = mnet_server_prepare_response('<?xml version="1.0"?> |
210 | <methodResponse> |
211 | <fault> |
212 | <value> |
213 | <struct> |
214 | <member> |
215 | <name>faultCode</name> |
216 | <value><int>'.$code.'</int></value> |
217 | </member> |
218 | <member> |
219 | <name>faultString</name> |
220 | <value><string>'.$text.'</string></value> |
221 | </member> |
222 | </struct> |
223 | </value> |
224 | </fault> |
225 | </methodResponse>'); |
226 | return $return; |
227 | } |
228 | |
229 | /** |
230 | * Dummy function for the XML-RPC dispatcher - use to call a method on an object |
231 | * or to call a function |
232 | * |
233 | * Translate XML-RPC's strange function call syntax into a more straightforward |
234 | * PHP-friendly alternative. This dummy function will be called by the |
235 | * dispatcher, and can be used to call a method on an object, or just a function |
236 | * |
237 | * The methodName argument (eg. mnet/testlib/mnet_concatenate_strings) |
238 | * is ignored. |
239 | * |
240 | * @param string $methodname We discard this - see 'functionname' |
241 | * @param array $argsarray Each element is an argument to the real |
242 | * function |
243 | * @param string $functionname The name of the PHP function you want to call |
244 | * @return mixed The return value will be that of the real |
245 | * function, whateber it may be. |
246 | */ |
247 | function mnet_server_dummy_method($methodname, $argsarray, $functionname) { |
248 | global $MNET_REMOTE_CLIENT; |
249 | |
250 | if ($MNET_REMOTE_CLIENT->object_to_call == false) { |
251 | return @call_user_func_array($functionname, $argsarray); |
252 | } else { |
253 | return @call_user_method_array($functionname, $MNET_REMOTE_CLIENT->object_to_call, $argsarray); |
254 | } |
255 | } |
256 | |
257 | /** |
258 | * Package a response in any required envelope, and return it to the client |
259 | * |
260 | * @param string $response The XMLRPC response string |
261 | * @return string The encoded response string |
262 | */ |
263 | function mnet_server_prepare_response($response) { |
264 | global $MNET_REMOTE_CLIENT; |
265 | |
266 | if ($MNET_REMOTE_CLIENT->request_was_signed) { |
267 | $response = mnet_sign_message($response); |
268 | } |
269 | |
270 | if ($MNET_REMOTE_CLIENT->request_was_encrypted) { |
271 | $response = mnet_encrypt_message($response, $MNET_REMOTE_CLIENT->public_key); |
272 | } |
273 | |
274 | return $response; |
275 | } |
276 | |
277 | /** |
278 | * If security checks are passed, dispatch the request to the function/method |
279 | * |
280 | * The config variable 'mnet_dispatcher_mode' can be: |
281 | * strict: Only execute functions that are in specific files |
282 | * off: The default - don't execute anything |
283 | * |
284 | * @param string $payload The XML-RPC request |
285 | * @return No return val - just echo the response |
286 | */ |
287 | function mnet_server_dispatch($payload) { |
288 | global $CFG, $MNET_REMOTE_CLIENT; |
289 | // xmlrpc_decode_request returns an array of parameters, and the $method |
290 | // variable (which is passed by reference) is instantiated with the value from |
291 | // the methodName tag in the xml payload |
292 | // xmlrpc_decode_request($xml, &$method) |
293 | $params = xmlrpc_decode_request($payload, $method); |
294 | |
295 | // $method is something like: "mod/forum/lib/forum_add_instance" |
296 | // $params is an array of parameters. A parameter might itself be an array. |
297 | |
298 | // Whitelist characters that are permitted in a method name |
299 | // The method name must not begin with a / - avoid absolute paths |
300 | // A dot character . is only allowed in the filename, i.e. something.php |
301 | if (0 == preg_match("@^[A-Za-z0-9]+/[A-Za-z0-9/_-]+(\.php/)?[A-Za-z0-9_-]+$@",$method)) { |
302 | exit(mnet_server_fault(713, 'nosuchfunction')); |
303 | } |
304 | |
305 | $callstack = explode('/', $method); |
306 | // callstack will look like array('mod', 'forum', 'lib', 'forum_add_instance'); |
307 | |
308 | /** |
309 | * What has the site administrator chosen as his dispatcher setting? |
310 | * strict: Only execute functions that are in specific files |
311 | * off: The default - don't execute anything |
312 | */ |
313 | ////////////////////////////////////// OFF |
314 | if (!isset($CFG->mnet_dispatcher_mode) ) { |
315 | set_config('mnet_dispatcher_mode', 'off'); |
316 | exit(mnet_server_fault(704, 'nosuchservice')); |
317 | } elseif ('off' == $CFG->mnet_dispatcher_mode) { |
318 | exit(mnet_server_fault(704, 'nosuchservice')); |
319 | |
320 | ////////////////////////////////////// SYSTEM METHODS |
321 | } elseif ($callstack[0] == 'system') { |
322 | $functionname = $callstack[1]; |
323 | $xmlrpcserver = xmlrpc_server_create(); |
324 | |
325 | // I'm adding the canonical xmlrpc references here, however we've |
326 | // already forbidden that the period (.) should be allowed in the call |
327 | // stack, so if someone tries to access our XMLRPC in the normal way, |
328 | // they'll already have received a RPC server fault message. |
329 | |
330 | // Maybe we should allow an easement so that regular XMLRPC clients can |
331 | // call our system methods, and find out what we have to offer? |
332 | |
333 | xmlrpc_server_register_method($xmlrpcserver, 'system.listMethods', 'mnet_system'); |
334 | xmlrpc_server_register_method($xmlrpcserver, 'system/listMethods', 'mnet_system'); |
335 | |
336 | xmlrpc_server_register_method($xmlrpcserver, 'system.methodSignature', 'mnet_system'); |
337 | xmlrpc_server_register_method($xmlrpcserver, 'system/methodSignature', 'mnet_system'); |
338 | |
339 | xmlrpc_server_register_method($xmlrpcserver, 'system.methodHelp', 'mnet_system'); |
340 | xmlrpc_server_register_method($xmlrpcserver, 'system/methodHelp', 'mnet_system'); |
341 | |
342 | xmlrpc_server_register_method($xmlrpcserver, 'system.listServices', 'mnet_system'); |
343 | xmlrpc_server_register_method($xmlrpcserver, 'system/listServices', 'mnet_system'); |
344 | |
345 | xmlrpc_server_register_method($xmlrpcserver, 'system.keyswap', 'mnet_keyswap'); |
346 | xmlrpc_server_register_method($xmlrpcserver, 'system/keyswap', 'mnet_keyswap'); |
347 | |
348 | if ($method == 'system.listMethods' || |
349 | $method == 'system/listMethods' || |
350 | $method == 'system.methodSignature' || |
351 | $method == 'system/methodSignature' || |
352 | $method == 'system.methodHelp' || |
353 | $method == 'system/methodHelp' || |
354 | $method == 'system.listServices' || |
355 | $method == 'system/listServices' || |
356 | $method == 'system.keyswap' || |
357 | $method == 'system/keyswap') { |
358 | |
359 | $response = xmlrpc_server_call_method($xmlrpcserver, $payload, $MNET_REMOTE_CLIENT); |
360 | $response = mnet_server_prepare_response($response); |
361 | } else { |
362 | exit(mnet_server_fault(7018, 'nosuchfunction')); |
363 | } |
364 | |
365 | xmlrpc_server_destroy($xmlrpcserver); |
366 | echo $response; |
367 | ////////////////////////////////////// STRICT AUTH |
368 | } elseif ($callstack[0] == 'auth') { |
369 | |
370 | // Break out the callstack into its elements |
371 | list($base, $plugin, $filename, $methodname) = $callstack; |
372 | |
373 | // We refuse to include anything that is not auth.php |
374 | if ($filename == 'auth.php' && is_enabled_auth($plugin)) { |
375 | $authclass = 'auth_plugin_'.$plugin; |
376 | $includefile = '/auth/'.$plugin.'/auth.php'; |
377 | $response = mnet_server_invoke_method($includefile, $methodname, $method, $payload, $authclass); |
378 | $response = mnet_server_prepare_response($response); |
379 | echo $response; |
380 | } else { |
381 | // Generate error response - unable to locate function |
382 | exit(mnet_server_fault(702, 'nosuchfunction')); |
383 | } |
384 | |
385 | ////////////////////////////////////// STRICT ENROL |
386 | } elseif ($callstack[0] == 'enrol') { |
387 | |
388 | // Break out the callstack into its elements |
389 | list($base, $plugin, $filename, $methodname) = $callstack; |
390 | |
391 | if ($filename == 'enrol.php' && is_enabled_enrol($plugin)) { |
392 | $enrolclass = 'enrolment_plugin_'.$plugin; |
393 | $includefile = '/enrol/'.$plugin.'/enrol.php'; |
394 | $response = mnet_server_invoke_method($includefile, $methodname, $method, $payload, $enrolclass); |
395 | $response = mnet_server_prepare_response($response); |
396 | echo $response; |
397 | } else { |
398 | // Generate error response - unable to locate function |
399 | exit(mnet_server_fault(703, 'nosuchfunction')); |
400 | } |
401 | |
402 | ////////////////////////////////////// STRICT MOD/* |
403 | } elseif ($callstack[0] == 'mod' || 'promiscuous' == $CFG->mnet_dispatcher_mode) { |
404 | list($base, $module, $filename, $functionname) = $callstack; |
405 | |
406 | ////////////////////////////////////// STRICT MOD/* |
407 | if ($base == 'mod' && $filename == 'rpclib.php') { |
408 | $includefile = '/mod/'.$module.'/rpclib.php'; |
409 | $response = mnet_server_invoke_method($includefile, $functionname, $method, $payload); |
410 | $response = mnet_server_prepare_response($response); |
411 | echo $response; |
412 | |
413 | ////////////////////////////////////// PROMISCUOUS |
414 | } elseif ('promiscuous' == $CFG->mnet_dispatcher_mode && $MNET_REMOTE_CLIENT->plaintext_is_ok()) { |
415 | |
416 | $functionname = array_pop($callstack); |
417 | $filename = array_pop($callstack); |
418 | |
419 | if ($MNET_REMOTE_CLIENT->plaintext_is_ok()) { |
420 | |
421 | // The call stack holds the path to any include file |
422 | $includefile = $CFG->dirroot.'/'.implode('/',$callstack).'/'.$filename.'.php'; |
423 | |
424 | $response = mnet_server_invoke_function($includefile, $functionname, $method, $payload); |
425 | echo $response; |
426 | } |
427 | |
428 | } else { |
429 | // Generate error response - unable to locate function |
430 | exit(mnet_server_fault(7012, 'nosuchfunction')); |
431 | } |
432 | |
433 | } else { |
434 | // Generate error response - unable to locate function |
435 | exit(mnet_server_fault(7012, 'nosuchfunction')); |
436 | } |
437 | } |
438 | |
439 | /** |
440 | * Execute the system functions - mostly for introspection |
441 | * |
442 | * @param string $method XMLRPC method name, e.g. system.listMethods |
443 | * @param array $params Array of parameters from the XMLRPC request |
444 | * @param string $hostinfo Hostinfo object from the mnet_host table |
445 | * @return mixed Response data - any kind of PHP variable |
446 | */ |
447 | function mnet_system($method, $params, $hostinfo) { |
448 | global $CFG; |
449 | |
450 | if (empty($hostinfo)) return array(); |
451 | |
452 | $id_list = $hostinfo->id; |
453 | if (!empty($CFG->mnet_all_hosts_id)) { |
454 | $id_list .= ', '.$CFG->mnet_all_hosts_id; |
455 | } |
456 | |
457 | if ('system.listMethods' == $method || 'system/listMethods' == $method) { |
458 | if (count($params) == 0) { |
459 | $query = ' |
460 | SELECT DISTINCT |
461 | rpc.function_name, |
462 | rpc.xmlrpc_path, |
463 | rpc.enabled, |
464 | rpc.help, |
465 | rpc.profile |
466 | FROM |
467 | '.$CFG->prefix.'mnet_host2service h2s, |
468 | '.$CFG->prefix.'mnet_service2rpc s2r, |
469 | '.$CFG->prefix.'mnet_rpc rpc |
470 | WHERE |
471 | s2r.rpcid = rpc.id AND |
472 | h2s.serviceid = s2r.serviceid AND |
473 | h2s.hostid in ('.$id_list .') |
474 | ORDER BY |
475 | rpc.xmlrpc_path ASC'; |
476 | |
477 | } else { |
478 | $query = ' |
479 | SELECT DISTINCT |
480 | rpc.function_name, |
481 | rpc.xmlrpc_path, |
482 | rpc.enabled, |
483 | rpc.help, |
484 | rpc.profile |
485 | FROM |
486 | '.$CFG->prefix.'mnet_host2service h2s, |
487 | '.$CFG->prefix.'mnet_service2rpc s2r, |
488 | '.$CFG->prefix.'mnet_service svc, |
489 | '.$CFG->prefix.'mnet_rpc rpc |
490 | WHERE |
491 | s2r.rpcid = rpc.id AND |
492 | h2s.serviceid = s2r.serviceid AND |
493 | h2s.hostid in ('.$id_list .') AND |
494 | svc.id = h2s.serviceid AND |
495 | svc.name = \''.$params[0].'\' |
496 | ORDER BY |
497 | rpc.xmlrpc_path ASC'; |
498 | |
499 | } |
500 | $resultset = array_values(get_records_sql($query)); |
501 | $methods = array(); |
502 | foreach($resultset as $result) { |
503 | $methods[] = $result->xmlrpc_path; |
504 | } |
505 | return $methods; |
506 | } elseif ('system.methodSignature' == $method || 'system/methodSignature' == $method) { |
507 | $query = ' |
508 | SELECT DISTINCT |
509 | rpc.function_name, |
510 | rpc.xmlrpc_path, |
511 | rpc.enabled, |
512 | rpc.help, |
513 | rpc.profile |
514 | FROM |
515 | '.$CFG->prefix.'mnet_host2service h2s, |
516 | '.$CFG->prefix.'mnet_service2rpc s2r, |
517 | '.$CFG->prefix.'mnet_rpc rpc |
518 | WHERE |
519 | rpc.xmlrpc_path = \''.$params[0].'\' AND |
520 | s2r.rpcid = rpc.id AND |
521 | h2s.serviceid = s2r.serviceid AND |
522 | h2s.hostid in ('.$id_list .')'; |
523 | |
524 | $result = get_records_sql($query); |
525 | $methodsigs = array(); |
526 | |
527 | if (is_array($result)) { |
528 | foreach($result as $method) { |
529 | $methodsigs[] = unserialize($method->profile); |
530 | } |
531 | } |
532 | |
533 | return $methodsigs; |
534 | } elseif ('system.methodHelp' == $method || 'system/methodHelp' == $method) { |
535 | $query = ' |
536 | SELECT DISTINCT |
537 | rpc.function_name, |
538 | rpc.xmlrpc_path, |
539 | rpc.enabled, |
540 | rpc.help, |
541 | rpc.profile |
542 | FROM |
543 | '.$CFG->prefix.'mnet_host2service h2s, |
544 | '.$CFG->prefix.'mnet_service2rpc s2r, |
545 | '.$CFG->prefix.'mnet_rpc rpc |
546 | WHERE |
547 | rpc.xmlrpc_path = \''.$params[0].'\' AND |
548 | s2r.rpcid = rpc.id AND |
549 | h2s.serviceid = s2r.serviceid AND |
550 | h2s.hostid in ('.$id_list .')'; |
551 | |
552 | $result = get_record_sql($query); |
553 | |
554 | if (is_object($result)) { |
555 | return $result->help; |
556 | } |
557 | } elseif ('system.listServices' == $method || 'system/listServices' == $method) { |
558 | $query = ' |
559 | SELECT DISTINCT |
560 | s.id, |
561 | s.name, |
562 | s.apiversion, |
563 | h2s.publish, |
564 | h2s.subscribe |
565 | FROM |
566 | '.$CFG->prefix.'mnet_host2service h2s, |
567 | '.$CFG->prefix.'mnet_service s |
568 | WHERE |
569 | h2s.serviceid = s.id AND |
570 | h2s.hostid in ('.$id_list .') |
571 | ORDER BY |
572 | s.name ASC'; |
573 | |
574 | $result = get_records_sql($query); |
575 | $services = array(); |
576 | |
577 | if (is_array($result)) { |
578 | foreach($result as $service) { |
579 | $services[] = array('name' => $service->name, |
580 | 'apiversion' => $service->apiversion, |
581 | 'publish' => $service->publish, |
582 | 'subscribe' => $service->subscribe); |
583 | } |
584 | } |
585 | |
586 | return $services; |
587 | } |
588 | exit(mnet_server_fault(7019, 'nosuchfunction')); |
589 | } |
590 | |
591 | /** |
592 | * Initialize the object (if necessary), execute the method or function, and |
593 | * return the response |
594 | * |
595 | * @param string $includefile The file that contains the object definition |
596 | * @param string $methodname The name of the method to execute |
597 | * @param string $method The full path to the method |
598 | * @param string $payload The XML-RPC request payload |
599 | * @param string $class The name of the class to instantiate (or false) |
600 | * @return string The XML-RPC response |
601 | */ |
602 | function mnet_server_invoke_method($includefile, $methodname, $method, $payload, $class=false) { |
603 | |
604 | $permission = mnet_permit_rpc_call($includefile, $methodname, $class); |
605 | |
606 | if (RPC_NOSUCHFILE == $permission) { |
607 | // Generate error response - unable to locate function |
608 | exit(mnet_server_fault(705, 'nosuchfile', $includefile)); |
609 | } |
610 | |
611 | if (RPC_NOSUCHFUNCTION == $permission) { |
612 | // Generate error response - unable to locate function |
613 | exit(mnet_server_fault(706, 'nosuchfunction')); |
614 | } |
615 | |
616 | if (RPC_FORBIDDENFUNCTION == $permission) { |
617 | // Generate error response - unable to locate function |
618 | exit(mnet_server_fault(707, 'forbidden-function')); |
619 | } |
620 | |
621 | if (RPC_NOSUCHCLASS == $permission) { |
622 | // Generate error response - unable to locate function |
623 | exit(mnet_server_fault(7013, 'nosuchfunction')); |
624 | } |
625 | |
626 | if (RPC_NOSUCHMETHOD == $permission) { |
627 | // Generate error response - unable to locate function |
628 | exit(mnet_server_fault(7014, 'nosuchmethod')); |
629 | } |
630 | |
631 | if (RPC_NOSUCHFUNCTION == $permission) { |
632 | // Generate error response - unable to locate function |
633 | exit(mnet_server_fault(7014, 'nosuchmethod')); |
634 | } |
635 | |
636 | if (RPC_FORBIDDENMETHOD == $permission) { |
637 | // Generate error response - unable to locate function |
638 | exit(mnet_server_fault(7015, 'nosuchfunction')); |
639 | } |
640 | |
641 | if (0 < $permission) { |
642 | // Generate error response - unable to locate function |
643 | exit(mnet_server_fault(7019, 'unknownerror')); |
644 | } |
645 | |
646 | if (RPC_OK == $permission) { |
647 | $xmlrpcserver = xmlrpc_server_create(); |
648 | $bool = xmlrpc_server_register_method($xmlrpcserver, $method, 'mnet_server_dummy_method'); |
649 | $response = xmlrpc_server_call_method($xmlrpcserver, $payload, $methodname); |
650 | $bool = xmlrpc_server_destroy($xmlrpcserver); |
651 | return $response; |
652 | } |
653 | } |
654 | |
655 | function mnet_keyswap($function, $params) { |
656 | global $CFG; |
657 | $return = array(); |
658 | |
659 | if (!empty($CFG->mnet_register_allhosts)) { |
660 | $mnet_peer = new mnet_peer(); |
661 | $keyok = $mnet_peer->bootstrap($params[0]); |
662 | if ($keyok) { |
663 | $mnet_peer->commit(); |
664 | } |
665 | } |
666 | $keypair = mnet_get_keypair(); |
667 | return $keypair['certificate']; |
668 | } |
669 | ?> |