Tracker #MDL-9353 - Paypal cost of course not visible in course settings.
[moodle.git] / mnet / xmlrpc / server.php
CommitLineData
71558f85 1<?php
2/**
3 * An XML-RPC server
4 *
5 * @author Donal McMullan donal@catalyst.net.nz
6 * @version 0.0.1
7 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
8 * @package mnet
9 */
10
11// Make certain that config.php doesn't display any errors, and that it doesn't
12// override our do-not-display-errors setting:
13ini_set('display_errors',0);
14require_once(dirname(dirname(dirname(__FILE__))) . '/config.php');
15ini_set('display_errors',0);
16
17// Include MNET stuff:
18require_once $CFG->dirroot.'/mnet/lib.php';
19require_once $CFG->dirroot.'/mnet/remote_client.php';
20
21// Content type for output is not html:
1008dad6 22header('Content-type: text/xml; charset=utf-8');
71558f85 23
24if (!empty($CFG->mnet_rpcdebug)) {
25 trigger_error("HTTP_RAW_POST_DATA");
26 trigger_error($HTTP_RAW_POST_DATA);
27}
28
29// New global variable which ONLY gets set in this server page, so you know that
30// if you've been called by a remote Moodle, this should be set:
31$MNET_REMOTE_CLIENT = new mnet_remote_client();
32
33// Peek at the message to see if it's an XML-ENC document. If it is, note that
34// the client connection was encrypted, and strip the xml-encryption and
35// xml-signature wrappers from the XML-RPC payload
36if (strpos(substr($HTTP_RAW_POST_DATA, 0, 100), '<encryptedMessage>')) {
37 $MNET_REMOTE_CLIENT->was_encrypted();
38// Extract the XML-RPC payload from the XML-ENC and XML-SIG wrappers.
39 $payload = mnet_server_strip_wrappers($HTTP_RAW_POST_DATA);
40} else {
41 $params = xmlrpc_decode_request($HTTP_RAW_POST_DATA, $method);
42 if ($method == 'system.keyswap' ||
43 $method == 'system/keyswap') {
44
45 // OK
46
47 } elseif ($MNET_REMOTE_CLIENT->plaintext_is_ok() == false) {
48 exit(mnet_server_fault(7021, 'forbidden-transport'));
49 }
50 // Looks like plaintext is ok. It is assumed that a plaintext call:
51 // 1. Came from a trusted host on your local network
52 // 2. Is *not* from a Moodle - otherwise why skip encryption/signing?
53 // 3. Is free to execute ANY function in Moodle
54 // 4. Cannot execute any methods (as it can't instantiate a class first)
55 // To execute a method, you'll need to create a wrapper function that first
56 // instantiates the class, and then calls the method.
57 $payload = $HTTP_RAW_POST_DATA;
58}
59
60if (!empty($CFG->mnet_rpcdebug)) {
61 trigger_error("XMLRPC Payload");
62 trigger_error(print_r($payload,1));
63}
64
65// Parse and action the XML-RPC payload
66$response = mnet_server_dispatch($payload);
67
68/**
69 * Strip the encryption (XML-ENC) and signature (XML-SIG) wrappers and return the XML-RPC payload
70 *
71 * IF COMMUNICATION TAKES PLACE OVER UNENCRYPTED HTTP:
72 * The payload will have been encrypted with a symmetric key. This key will
73 * itself have been encrypted using your public key. The key is decrypted using
74 * your private key, and then used to decrypt the XML payload.
75 *
76 * IF COMMUNICATION TAKES PLACE OVER UNENCRYPTED HTTP *OR* ENCRYPTED HTTPS:
77 * In either case, there will be an XML wrapper which contains your XML-RPC doc
78 * as an object element, a signature for that doc, and various standards-
79 * compliant info to aid in verifying the signature.
80 *
81 * This function parses the encryption wrapper, decrypts the contents, parses
82 * the signature wrapper, and if the signature matches the payload, it returns
83 * the payload, which should be an XML-RPC request.
84 * If there is an error, or the signatures don't match, it echoes an XML-RPC
85 * error and exits.
86 *
87 * See the W3C's {@link http://www.w3.org/TR/xmlenc-core/ XML Encryption Syntax and Processing}
88 * and {@link http://www.w3.org/TR/2001/PR-xmldsig-core-20010820/ XML-Signature Syntax and Processing}
89 * guidelines for more detail on the XML.
90 *
91 * -----XML-Envelope---------------------------------
92 * | |
93 * | Encrypted-Symmetric-key---------------- |
94 * | |_____________________________________| |
95 * | |
96 * | Encrypted data------------------------- |
97 * | | | |
98 * | | -XML-Envelope------------------ | |
99 * | | | | | |
100 * | | | --Signature------------- | | |
101 * | | | |______________________| | | |
102 * | | | | | |
103 * | | | --Signed-Payload-------- | | |
104 * | | | | | | | |
105 * | | | | XML-RPC Request | | | |
106 * | | | |______________________| | | |
107 * | | | | | |
108 * | | |_____________________________| | |
109 * | |_____________________________________| |
110 * | |
111 * |________________________________________________|
112 *
113 * @uses $db
114 * @param string $HTTP_RAW_POST_DATA The XML that the client sent
115 * @return string The XMLRPC payload.
116 */
117function mnet_server_strip_wrappers($HTTP_RAW_POST_DATA) {
118 global $MNET, $MNET_REMOTE_CLIENT;
119 if (isset($_SERVER)) {
120
121 $crypt_parser = new mnet_encxml_parser();
122 $crypt_parser->parse($HTTP_RAW_POST_DATA);
123
9dd0e611 124 // Make sure we know who we're talking to
125 $host_record_exists = $MNET_REMOTE_CLIENT->set_wwwroot($crypt_parser->remote_wwwroot);
126
127 if (false == $host_record_exists) {
128 exit(mnet_server_fault(7020, 'wrong-wwwroot', $crypt_parser->remote_wwwroot));
129 } elseif (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] != $MNET_REMOTE_CLIENT->ip_address) {
130 exit(mnet_server_fault(7017, 'wrong-ip'));
131 }
132
71558f85 133 if ($crypt_parser->payload_encrypted) {
134
735c7beb 135 $key = array_pop($crypt_parser->cipher); // This key is Symmetric
71558f85 136 $data = array_pop($crypt_parser->cipher);
137
138 $crypt_parser->free_resource();
139
9dd0e611 140 $payload = ''; // Initialize payload var
141 $push_current_key = false; // True if we need to push a fresh key to the peer
71558f85 142
143 // &$payload
144 $isOpen = openssl_open(base64_decode($data), $payload, base64_decode($key), $MNET->get_private_key());
145
735c7beb 146 if (!$isOpen) {
147 // Decryption failed... let's try our archived keys
c9fa3eee 148 $openssl_history = get_config('mnet', 'openssl_history');
149 if(empty($openssl_history)) {
150 $openssl_history = array();
151 set_config('openssl_history', serialize($openssl_history), 'mnet');
152 } else {
503d1262 153 $openssl_history = unserialize($openssl_history);
735c7beb 154 }
735c7beb 155 foreach($openssl_history as $keyset) {
156 $keyresource = openssl_pkey_get_private($keyset['keypair_PEM']);
157 $isOpen = openssl_open(base64_decode($data), $payload, base64_decode($key), $keyresource);
158 if ($isOpen) {
159 // It's an older code, sir, but it checks out
9dd0e611 160 $push_current_key = true;
735c7beb 161 }
162 }
163 }
164
71558f85 165 if (!$isOpen) {
166 exit(mnet_server_fault(7023, 'encryption-invalid'));
167 }
168
169 if (strpos(substr($payload, 0, 100), '<signedMessage>')) {
170 $MNET_REMOTE_CLIENT->was_signed();
171 $sig_parser = new mnet_encxml_parser();
172 $sig_parser->parse($payload);
173 } else {
174 exit(mnet_server_fault(7022, 'verifysignature-error'));
175 }
176
177 } else {
178 exit(mnet_server_fault(7024, 'payload-not-encrypted'));
179 }
180
181 unset($payload);
182
9dd0e611 183 // if the peer used one of our public keys that have expired, we will
184 // return a signed/encrypted error message with our new public key
185 if($push_current_key) {
186 // NOTE: Here, we use the 'mnet_server_fault_xml' to avoid
187 // get_string being called on our public_key
188 exit(mnet_server_fault_xml(7025, $MNET->public_key));
71558f85 189 }
190
191 /**
192 * Get the certificate (i.e. public key) from the remote server.
193 */
194 $certificate = $MNET_REMOTE_CLIENT->public_key;
195
196 if ($certificate == false) {
197 exit(mnet_server_fault(709, 'nosuchpublickey'));
198 }
199
200 $payload = base64_decode($sig_parser->data_object);
201
202 // Does the signature match the data and the public cert?
203 $signature_verified = openssl_verify($payload, base64_decode($sig_parser->signature), $certificate);
204 if ($signature_verified == 1) {
3e008de8 205 $MNET_REMOTE_CLIENT->touch();
71558f85 206 // Parse the XML
207 } elseif ($signature_verified == 0) {
9dd0e611 208 $currkey = mnet_get_public_key($MNET_REMOTE_CLIENT->wwwroot);
209 if($currkey != $certificate) {
210 // Has the server updated its certificate since our last
211 // handshake?
212 if(!$MNET_REMOTE_CLIENT->refresh_key()) {
213 exit(mnet_server_fault(7026, 'verifysignature-invalid'));
214 }
215 } else {
216 exit(mnet_server_fault(710, 'verifysignature-invalid'));
217 }
71558f85 218 } else {
219 exit(mnet_server_fault(711, 'verifysignature-error'));
220 }
221
222 $sig_parser->free_resource();
223
224 return $payload;
225 } else {
226 exit(mnet_server_fault(712, "phperror"));
227 }
228}
229
230/**
151a9872 231 * Return the proper XML-RPC content to report an error in the local language.
71558f85 232 *
233 * @param int $code The ID code of the error message
151a9872 234 * @param string $text The array-key of the error message in the lang file
235 * @param string $param The $a param for the error message in the lang file
71558f85 236 * @return string $text The text of the error message
237 */
238function mnet_server_fault($code, $text, $param = null) {
151a9872 239 global $MNET_REMOTE_CLIENT;
71558f85 240 if (!is_numeric($code)) {
241 $code = 0;
242 }
243 $code = intval($code);
244
245 $text = get_string($text, 'mnet', $param);
151a9872 246 return mnet_server_fault_xml($code, $text);
247}
71558f85 248
151a9872 249/**
250 * Return the proper XML-RPC content to report an error.
251 *
252 * @param int $code The ID code of the error message
253 * @param string $text The error message
254 * @return string $text The XML text of the error message
255 */
256function mnet_server_fault_xml($code, $text) {
573f8b02 257 global $MNET_REMOTE_CLIENT, $CFG;
71558f85 258 // Replace illegal XML chars - is this already in a lib somewhere?
259 $text = str_replace(array('<','>','&','"',"'"), array('&lt;','&gt;','&amp;','&quot;','&apos;'), $text);
260
261 $return = mnet_server_prepare_response('<?xml version="1.0"?>
262<methodResponse>
263 <fault>
264 <value>
265 <struct>
266 <member>
267 <name>faultCode</name>
268 <value><int>'.$code.'</int></value>
269 </member>
270 <member>
271 <name>faultString</name>
272 <value><string>'.$text.'</string></value>
273 </member>
274 </struct>
275 </value>
276 </fault>
277 </methodResponse>');
573f8b02 278
279 if (!empty($CFG->mnet_rpcdebug)) {
280 trigger_error("XMLRPC Error Response");
281 trigger_error(print_r($return,1));
282 }
283
71558f85 284 return $return;
285}
286
287/**
288 * Dummy function for the XML-RPC dispatcher - use to call a method on an object
289 * or to call a function
290 *
291 * Translate XML-RPC's strange function call syntax into a more straightforward
292 * PHP-friendly alternative. This dummy function will be called by the
293 * dispatcher, and can be used to call a method on an object, or just a function
294 *
295 * The methodName argument (eg. mnet/testlib/mnet_concatenate_strings)
296 * is ignored.
297 *
298 * @param string $methodname We discard this - see 'functionname'
299 * @param array $argsarray Each element is an argument to the real
300 * function
301 * @param string $functionname The name of the PHP function you want to call
302 * @return mixed The return value will be that of the real
303 * function, whateber it may be.
304 */
305function mnet_server_dummy_method($methodname, $argsarray, $functionname) {
306 global $MNET_REMOTE_CLIENT;
307
5c2e5bf2 308 if (!is_object($MNET_REMOTE_CLIENT->object_to_call)) {
71558f85 309 return @call_user_func_array($functionname, $argsarray);
310 } else {
311 return @call_user_method_array($functionname, $MNET_REMOTE_CLIENT->object_to_call, $argsarray);
312 }
313}
314
315/**
316 * Package a response in any required envelope, and return it to the client
317 *
318 * @param string $response The XMLRPC response string
319 * @return string The encoded response string
320 */
321function mnet_server_prepare_response($response) {
322 global $MNET_REMOTE_CLIENT;
323
324 if ($MNET_REMOTE_CLIENT->request_was_signed) {
325 $response = mnet_sign_message($response);
326 }
327
328 if ($MNET_REMOTE_CLIENT->request_was_encrypted) {
329 $response = mnet_encrypt_message($response, $MNET_REMOTE_CLIENT->public_key);
330 }
331
332 return $response;
333}
334
335/**
336 * If security checks are passed, dispatch the request to the function/method
337 *
338 * The config variable 'mnet_dispatcher_mode' can be:
339 * strict: Only execute functions that are in specific files
340 * off: The default - don't execute anything
341 *
342 * @param string $payload The XML-RPC request
343 * @return No return val - just echo the response
344 */
345function mnet_server_dispatch($payload) {
346 global $CFG, $MNET_REMOTE_CLIENT;
347 // xmlrpc_decode_request returns an array of parameters, and the $method
348 // variable (which is passed by reference) is instantiated with the value from
349 // the methodName tag in the xml payload
350 // xmlrpc_decode_request($xml, &$method)
351 $params = xmlrpc_decode_request($payload, $method);
352
353 // $method is something like: "mod/forum/lib/forum_add_instance"
354 // $params is an array of parameters. A parameter might itself be an array.
355
356 // Whitelist characters that are permitted in a method name
357 // The method name must not begin with a / - avoid absolute paths
358 // A dot character . is only allowed in the filename, i.e. something.php
359 if (0 == preg_match("@^[A-Za-z0-9]+/[A-Za-z0-9/_-]+(\.php/)?[A-Za-z0-9_-]+$@",$method)) {
360 exit(mnet_server_fault(713, 'nosuchfunction'));
361 }
362
363 $callstack = explode('/', $method);
364 // callstack will look like array('mod', 'forum', 'lib', 'forum_add_instance');
365
366 /**
367 * What has the site administrator chosen as his dispatcher setting?
368 * strict: Only execute functions that are in specific files
369 * off: The default - don't execute anything
370 */
371 ////////////////////////////////////// OFF
372 if (!isset($CFG->mnet_dispatcher_mode) ) {
373 set_config('mnet_dispatcher_mode', 'off');
374 exit(mnet_server_fault(704, 'nosuchservice'));
375 } elseif ('off' == $CFG->mnet_dispatcher_mode) {
376 exit(mnet_server_fault(704, 'nosuchservice'));
377
378 ////////////////////////////////////// SYSTEM METHODS
379 } elseif ($callstack[0] == 'system') {
380 $functionname = $callstack[1];
381 $xmlrpcserver = xmlrpc_server_create();
382
383 // I'm adding the canonical xmlrpc references here, however we've
384 // already forbidden that the period (.) should be allowed in the call
385 // stack, so if someone tries to access our XMLRPC in the normal way,
386 // they'll already have received a RPC server fault message.
387
388 // Maybe we should allow an easement so that regular XMLRPC clients can
389 // call our system methods, and find out what we have to offer?
390
391 xmlrpc_server_register_method($xmlrpcserver, 'system.listMethods', 'mnet_system');
392 xmlrpc_server_register_method($xmlrpcserver, 'system/listMethods', 'mnet_system');
393
394 xmlrpc_server_register_method($xmlrpcserver, 'system.methodSignature', 'mnet_system');
395 xmlrpc_server_register_method($xmlrpcserver, 'system/methodSignature', 'mnet_system');
396
397 xmlrpc_server_register_method($xmlrpcserver, 'system.methodHelp', 'mnet_system');
398 xmlrpc_server_register_method($xmlrpcserver, 'system/methodHelp', 'mnet_system');
399
400 xmlrpc_server_register_method($xmlrpcserver, 'system.listServices', 'mnet_system');
401 xmlrpc_server_register_method($xmlrpcserver, 'system/listServices', 'mnet_system');
402
403 xmlrpc_server_register_method($xmlrpcserver, 'system.keyswap', 'mnet_keyswap');
404 xmlrpc_server_register_method($xmlrpcserver, 'system/keyswap', 'mnet_keyswap');
405
406 if ($method == 'system.listMethods' ||
407 $method == 'system/listMethods' ||
408 $method == 'system.methodSignature' ||
409 $method == 'system/methodSignature' ||
410 $method == 'system.methodHelp' ||
411 $method == 'system/methodHelp' ||
412 $method == 'system.listServices' ||
413 $method == 'system/listServices' ||
414 $method == 'system.keyswap' ||
415 $method == 'system/keyswap') {
416
1008dad6 417 $response = xmlrpc_server_call_method($xmlrpcserver, $payload, $MNET_REMOTE_CLIENT, array("encoding" => "utf-8"));
71558f85 418 $response = mnet_server_prepare_response($response);
419 } else {
420 exit(mnet_server_fault(7018, 'nosuchfunction'));
421 }
422
423 xmlrpc_server_destroy($xmlrpcserver);
424 echo $response;
425 ////////////////////////////////////// STRICT AUTH
426 } elseif ($callstack[0] == 'auth') {
427
428 // Break out the callstack into its elements
429 list($base, $plugin, $filename, $methodname) = $callstack;
430
431 // We refuse to include anything that is not auth.php
432 if ($filename == 'auth.php' && is_enabled_auth($plugin)) {
433 $authclass = 'auth_plugin_'.$plugin;
434 $includefile = '/auth/'.$plugin.'/auth.php';
435 $response = mnet_server_invoke_method($includefile, $methodname, $method, $payload, $authclass);
436 $response = mnet_server_prepare_response($response);
437 echo $response;
438 } else {
439 // Generate error response - unable to locate function
440 exit(mnet_server_fault(702, 'nosuchfunction'));
441 }
442
443 ////////////////////////////////////// STRICT ENROL
444 } elseif ($callstack[0] == 'enrol') {
445
446 // Break out the callstack into its elements
447 list($base, $plugin, $filename, $methodname) = $callstack;
448
449 if ($filename == 'enrol.php' && is_enabled_enrol($plugin)) {
450 $enrolclass = 'enrolment_plugin_'.$plugin;
451 $includefile = '/enrol/'.$plugin.'/enrol.php';
452 $response = mnet_server_invoke_method($includefile, $methodname, $method, $payload, $enrolclass);
453 $response = mnet_server_prepare_response($response);
454 echo $response;
455 } else {
456 // Generate error response - unable to locate function
457 exit(mnet_server_fault(703, 'nosuchfunction'));
458 }
459
460 ////////////////////////////////////// STRICT MOD/*
461 } elseif ($callstack[0] == 'mod' || 'promiscuous' == $CFG->mnet_dispatcher_mode) {
462 list($base, $module, $filename, $functionname) = $callstack;
463
464 ////////////////////////////////////// STRICT MOD/*
465 if ($base == 'mod' && $filename == 'rpclib.php') {
466 $includefile = '/mod/'.$module.'/rpclib.php';
467 $response = mnet_server_invoke_method($includefile, $functionname, $method, $payload);
468 $response = mnet_server_prepare_response($response);
469 echo $response;
470
471 ////////////////////////////////////// PROMISCUOUS
472 } elseif ('promiscuous' == $CFG->mnet_dispatcher_mode && $MNET_REMOTE_CLIENT->plaintext_is_ok()) {
473
474 $functionname = array_pop($callstack);
475 $filename = array_pop($callstack);
476
477 if ($MNET_REMOTE_CLIENT->plaintext_is_ok()) {
478
479 // The call stack holds the path to any include file
480 $includefile = $CFG->dirroot.'/'.implode('/',$callstack).'/'.$filename.'.php';
481
482 $response = mnet_server_invoke_function($includefile, $functionname, $method, $payload);
483 echo $response;
484 }
485
486 } else {
487 // Generate error response - unable to locate function
488 exit(mnet_server_fault(7012, 'nosuchfunction'));
489 }
490
491 } else {
492 // Generate error response - unable to locate function
493 exit(mnet_server_fault(7012, 'nosuchfunction'));
494 }
495}
496
497/**
498 * Execute the system functions - mostly for introspection
499 *
500 * @param string $method XMLRPC method name, e.g. system.listMethods
501 * @param array $params Array of parameters from the XMLRPC request
502 * @param string $hostinfo Hostinfo object from the mnet_host table
503 * @return mixed Response data - any kind of PHP variable
504 */
505function mnet_system($method, $params, $hostinfo) {
506 global $CFG;
507
508 if (empty($hostinfo)) return array();
509
510 $id_list = $hostinfo->id;
511 if (!empty($CFG->mnet_all_hosts_id)) {
512 $id_list .= ', '.$CFG->mnet_all_hosts_id;
513 }
514
515 if ('system.listMethods' == $method || 'system/listMethods' == $method) {
516 if (count($params) == 0) {
517 $query = '
518 SELECT DISTINCT
519 rpc.function_name,
520 rpc.xmlrpc_path,
521 rpc.enabled,
522 rpc.help,
523 rpc.profile
524 FROM
525 '.$CFG->prefix.'mnet_host2service h2s,
526 '.$CFG->prefix.'mnet_service2rpc s2r,
527 '.$CFG->prefix.'mnet_rpc rpc
528 WHERE
529 s2r.rpcid = rpc.id AND
530 h2s.serviceid = s2r.serviceid AND
531 h2s.hostid in ('.$id_list .')
532 ORDER BY
533 rpc.xmlrpc_path ASC';
534
535 } else {
536 $query = '
537 SELECT DISTINCT
538 rpc.function_name,
539 rpc.xmlrpc_path,
540 rpc.enabled,
541 rpc.help,
542 rpc.profile
543 FROM
544 '.$CFG->prefix.'mnet_host2service h2s,
545 '.$CFG->prefix.'mnet_service2rpc s2r,
546 '.$CFG->prefix.'mnet_service svc,
547 '.$CFG->prefix.'mnet_rpc rpc
548 WHERE
549 s2r.rpcid = rpc.id AND
550 h2s.serviceid = s2r.serviceid AND
551 h2s.hostid in ('.$id_list .') AND
552 svc.id = h2s.serviceid AND
553 svc.name = \''.$params[0].'\'
554 ORDER BY
555 rpc.xmlrpc_path ASC';
556
557 }
558 $resultset = array_values(get_records_sql($query));
559 $methods = array();
560 foreach($resultset as $result) {
561 $methods[] = $result->xmlrpc_path;
562 }
563 return $methods;
564 } elseif ('system.methodSignature' == $method || 'system/methodSignature' == $method) {
565 $query = '
566 SELECT DISTINCT
567 rpc.function_name,
568 rpc.xmlrpc_path,
569 rpc.enabled,
570 rpc.help,
571 rpc.profile
572 FROM
573 '.$CFG->prefix.'mnet_host2service h2s,
574 '.$CFG->prefix.'mnet_service2rpc s2r,
575 '.$CFG->prefix.'mnet_rpc rpc
576 WHERE
577 rpc.xmlrpc_path = \''.$params[0].'\' AND
578 s2r.rpcid = rpc.id AND
579 h2s.serviceid = s2r.serviceid AND
580 h2s.hostid in ('.$id_list .')';
581
582 $result = get_records_sql($query);
583 $methodsigs = array();
584
585 if (is_array($result)) {
586 foreach($result as $method) {
587 $methodsigs[] = unserialize($method->profile);
588 }
589 }
590
591 return $methodsigs;
592 } elseif ('system.methodHelp' == $method || 'system/methodHelp' == $method) {
593 $query = '
594 SELECT DISTINCT
595 rpc.function_name,
596 rpc.xmlrpc_path,
597 rpc.enabled,
598 rpc.help,
599 rpc.profile
600 FROM
601 '.$CFG->prefix.'mnet_host2service h2s,
602 '.$CFG->prefix.'mnet_service2rpc s2r,
603 '.$CFG->prefix.'mnet_rpc rpc
604 WHERE
605 rpc.xmlrpc_path = \''.$params[0].'\' AND
606 s2r.rpcid = rpc.id AND
607 h2s.serviceid = s2r.serviceid AND
608 h2s.hostid in ('.$id_list .')';
609
610 $result = get_record_sql($query);
611
612 if (is_object($result)) {
613 return $result->help;
614 }
615 } elseif ('system.listServices' == $method || 'system/listServices' == $method) {
616 $query = '
617 SELECT DISTINCT
618 s.id,
619 s.name,
620 s.apiversion,
621 h2s.publish,
622 h2s.subscribe
623 FROM
624 '.$CFG->prefix.'mnet_host2service h2s,
625 '.$CFG->prefix.'mnet_service s
626 WHERE
627 h2s.serviceid = s.id AND
628 h2s.hostid in ('.$id_list .')
629 ORDER BY
630 s.name ASC';
631
632 $result = get_records_sql($query);
633 $services = array();
634
635 if (is_array($result)) {
636 foreach($result as $service) {
637 $services[] = array('name' => $service->name,
638 'apiversion' => $service->apiversion,
639 'publish' => $service->publish,
640 'subscribe' => $service->subscribe);
641 }
642 }
643
644 return $services;
645 }
646 exit(mnet_server_fault(7019, 'nosuchfunction'));
647}
648
649/**
650 * Initialize the object (if necessary), execute the method or function, and
651 * return the response
652 *
653 * @param string $includefile The file that contains the object definition
654 * @param string $methodname The name of the method to execute
655 * @param string $method The full path to the method
656 * @param string $payload The XML-RPC request payload
657 * @param string $class The name of the class to instantiate (or false)
658 * @return string The XML-RPC response
659 */
660function mnet_server_invoke_method($includefile, $methodname, $method, $payload, $class=false) {
661
662 $permission = mnet_permit_rpc_call($includefile, $methodname, $class);
663
664 if (RPC_NOSUCHFILE == $permission) {
665 // Generate error response - unable to locate function
666 exit(mnet_server_fault(705, 'nosuchfile', $includefile));
667 }
668
669 if (RPC_NOSUCHFUNCTION == $permission) {
670 // Generate error response - unable to locate function
671 exit(mnet_server_fault(706, 'nosuchfunction'));
672 }
673
674 if (RPC_FORBIDDENFUNCTION == $permission) {
675 // Generate error response - unable to locate function
676 exit(mnet_server_fault(707, 'forbidden-function'));
677 }
678
679 if (RPC_NOSUCHCLASS == $permission) {
680 // Generate error response - unable to locate function
681 exit(mnet_server_fault(7013, 'nosuchfunction'));
682 }
683
684 if (RPC_NOSUCHMETHOD == $permission) {
685 // Generate error response - unable to locate function
686 exit(mnet_server_fault(7014, 'nosuchmethod'));
687 }
688
689 if (RPC_NOSUCHFUNCTION == $permission) {
690 // Generate error response - unable to locate function
691 exit(mnet_server_fault(7014, 'nosuchmethod'));
692 }
693
694 if (RPC_FORBIDDENMETHOD == $permission) {
695 // Generate error response - unable to locate function
696 exit(mnet_server_fault(7015, 'nosuchfunction'));
697 }
698
699 if (0 < $permission) {
700 // Generate error response - unable to locate function
701 exit(mnet_server_fault(7019, 'unknownerror'));
702 }
703
704 if (RPC_OK == $permission) {
705 $xmlrpcserver = xmlrpc_server_create();
706 $bool = xmlrpc_server_register_method($xmlrpcserver, $method, 'mnet_server_dummy_method');
1008dad6 707 $response = xmlrpc_server_call_method($xmlrpcserver, $payload, $methodname, array("encoding" => "utf-8"));
71558f85 708 $bool = xmlrpc_server_destroy($xmlrpcserver);
709 return $response;
710 }
711}
712
85d2d959 713/**
714 * Accepts a public key from a new remote host and returns the public key for
715 * this host. If 'register all hosts' is turned on, it will bootstrap a record
716 * for the remote host in the mnet_host table (if it's not already there)
717 *
718 * @param string $function XML-RPC requires this but we don't... discard!
719 * @param array $params Array of parameters
720 * $params[0] is the remote wwwroot
721 * $params[1] is the remote public key
722 * @return string The XML-RPC response
723 */
71558f85 724function mnet_keyswap($function, $params) {
735c7beb 725 global $CFG, $MNET;
71558f85 726 $return = array();
727
728 if (!empty($CFG->mnet_register_allhosts)) {
729 $mnet_peer = new mnet_peer();
85d2d959 730 $keyok = $mnet_peer->bootstrap($params[0], $params[1]);
71558f85 731 if ($keyok) {
732 $mnet_peer->commit();
733 }
734 }
735c7beb 735 return $MNET->public_key;
71558f85 736}
85d2d959 737
71558f85 738?>