--- /dev/null
+<?php
+/**
+ * Adapted for Moodle from the AMFPHP Project at http://www.amfphp.org/
+ * Creates the methodTable for a service class.
+ *
+ * @usage $this->methodTable = MethodTable::create($this);
+ * @author Christophe Herreman
+ * @since 05/01/2005
+ * @version $id$
+ *
+ * Special contributions by Allessandro Crugnola and Ted Milker
+ */
+
+if (!defined('T_ML_COMMENT')) {
+ define('T_ML_COMMENT', T_COMMENT);
+} else {
+ define('T_DOC_COMMENT', T_ML_COMMENT);
+}
+
+/**
+ * Return string from start of haystack to first occurance of needle, or whole
+ * haystack, if needle does not occur
+ *
+ * @access public
+ * @param $haystack(String) Haystack to search in
+ * @param $needle(String) Needle to look for
+ */
+function strrstr($haystack, $needle)
+{
+ return substr($haystack, 0, strpos($haystack.$needle,$needle));
+}
+
+/**
+ * Return substring of haystack from end of needle onwards, or FALSE
+ *
+ * @access public
+ * @param $haystack(String) Haystack to search in
+ * @param $needle(String) Needle to look for
+ */
+function strstrafter($haystack, $needle)
+{
+ return substr(strstr($haystack, $needle), strlen($needle));
+}
+
+class MethodTable
+{
+ /**
+ * Constructor.
+ *
+ * Since this class should only be accessed through the static create() method
+ * this constructor should be made private. Unfortunately, this is not possible
+ * in PHP4.
+ *
+ * @access private
+ */
+ function MethodTable(){
+ }
+
+
+ /**
+ * Creates the methodTable for a passed class.
+ *
+ * @static
+ * @access public
+ * @param $sourcePath(String) The path to the file you want to parse
+ * @param $containsClass(Bool) True if the file is a class definition (optional)
+ */
+ function create($sourcePath, $containsClass = false){
+
+ $methodTable = array();
+ if(!file_exists($sourcePath))
+ {
+ return false;
+ }
+
+ $source = file_get_contents($sourcePath);
+ $tokens = (array)token_get_all($source);
+
+ $waitingForOpenParenthesis = false;
+ $waitingForFunction = false;
+ $waitingForClassName = false;
+ $bufferingArgs = false;
+ $argBuffer = "";
+ $lastFunction = "";
+ $lastFunctionComment = "";
+ $lastComment = "";
+ $classMethods = array();
+ $realClassName = "";
+
+ if($containsClass) {
+ $openBraces = -10000;
+ }
+ else
+ {
+ $openBraces = 1;
+ }
+
+ $waitingForEndEncapsedString = false;
+ foreach($tokens as $token)
+ {
+ if (is_string($token)) {
+ if($token == '{')
+ {
+ $openBraces++;
+ }
+ if($token == '}')
+ {
+ if($waitingForEndEncapsedString)
+ {
+ $waitingForEndEncapsedString = false;
+ }
+ else
+ {
+ $lastComment = '';
+ $openBraces--;
+
+ if($openBraces == 0)
+ {
+ break;
+ }
+ }
+ }
+ elseif($waitingForOpenParenthesis && $token == '(')
+ {
+ $bufferingArgs = true;
+ $argBuffer = "";
+ $waitingForOpenParenthesis = false;
+ }
+ elseif($bufferingArgs)
+ {
+ if($token != ')')
+ {
+ $argBuffer .= $token;
+ }
+ else
+ {
+ if($lastFunction != $realClassName)
+ {
+ $classMethods[] = array("name" => $lastFunction,
+ "comment" => $lastFunctionComment,
+ "args" => $argBuffer);
+
+ $bufferingArgs = false;
+ $argBuffer = "";
+ $lastFunction = "";
+ $lastFunctionComment = "";
+ }
+ }
+
+ }
+ } else {
+ // token array
+ list($id, $text) = $token;
+
+ if($bufferingArgs)
+ {
+ $argBuffer .= $text;
+ }
+ switch ($id)
+ {
+
+ case T_COMMENT:
+ case T_ML_COMMENT: // we've defined this
+ case T_DOC_COMMENT: // and this
+ // no action on comments
+ $lastComment = $text;
+ break;
+ case T_FUNCTION:
+ if($openBraces >= 1)
+ {
+ $waitingForFunction = true;
+ }
+ break;
+ case T_STRING:
+ if($waitingForFunction)
+ {
+ $waitingForFunction = false;
+ $waitingForOpenParenthesis = true;
+ $lastFunction = $text;
+ $lastFunctionComment = $lastComment;
+ $lastComment = "";
+ }
+ if($waitingForClassName)
+ {
+ $waitingForClassName = false;
+ $realClassName = $text;
+ }
+ break;
+ case T_CLASS:
+ $openBraces = 0;
+ $waitingForClassName = true;
+ break;
+ case T_CURLY_OPEN:
+ case T_DOLLAR_OPEN_CURLY_BRACES:
+ $waitingForEndEncapsedString = true;
+ break;
+ }
+ }
+ }
+
+ foreach ($classMethods as $key => $value) {
+ $methodSignature = $value['args'];
+ $methodName = $value['name'];
+ $methodComment = $value['comment'];
+
+ $description = MethodTable::getMethodDescription($methodComment) . " " . MethodTable::getMethodCommentAttribute($methodComment, "desc");
+ $description = trim($description);
+ $access = MethodTable::getMethodCommentAttributeFirstWord($methodComment, "access");
+ $roles = MethodTable::getMethodCommentAttributeFirstWord($methodComment, "roles");
+ $instance = MethodTable::getMethodCommentAttributeFirstWord($methodComment, "instance");
+ $returns = MethodTable::getMethodReturnValue($methodComment);
+ $pagesize = MethodTable::getMethodCommentAttributeFirstWord($methodComment, "pagesize");
+ $params = MethodTable::getMethodCommentArguments($methodComment);
+
+
+ //description, arguments, access, [roles, [instance, [returns, [pagesize]]]]
+ $methodTable[$methodName] = array();
+ //$methodTable[$methodName]["signature"] = $methodSignature; //debug purposes
+ $methodTable[$methodName]["description"] = ($description == "") ? "No description given." : $description;
+ $methodTable[$methodName]["arguments"] = MethodTable::getMethodArguments($methodSignature, $params);
+ $methodTable[$methodName]["access"] = ($access == "") ? "private" : $access;
+
+ if($roles != "") $methodTable[$methodName]["roles"] = $roles;
+ if($instance != "") $methodTable[$methodName]["instance"] = $instance;
+ if($returns != "") $methodTable[$methodName]["returns"] = $returns;
+ if($pagesize != "") $methodTable[$methodName]["pagesize"] = $pagesize;
+ }
+
+ return $methodTable;
+
+ }
+
+ /**
+ *
+ */
+ function getMethodCommentServices($comment)
+ {
+ $pieces = explode('@service', $comment);
+ $args = array();
+ if(is_array($pieces) && count($pieces) > 1)
+ {
+ for($i = 0; $i < count($pieces) - 1; $i++)
+ {
+ $ps = strrstr($pieces[$i + 1], '@');
+ $ps = strrstr($ps, '*/');
+ $args[] = MethodTable::cleanComment($ps);
+ }
+ }
+ return $args;
+ }
+
+
+ /**
+ *
+ */
+ function getMethodCommentArguments($comment)
+ {
+ $pieces = explode('@param', $comment);
+ $args = array();
+ if(is_array($pieces) && count($pieces) > 1)
+ {
+ for($i = 0; $i < count($pieces) - 1; $i++)
+ {
+ $ps = strrstr($pieces[$i + 1], '@');
+ $ps = strrstr($ps, '*/');
+ $args[] = MethodTable::cleanComment($ps);
+ }
+ }
+ return $args;
+ }
+
+
+ /**
+ * Returns the description from the comment.
+ * The description is(are) the first line(s) in the comment.
+ *
+ * @static
+ * @private
+ * @param $comment(String) The method's comment.
+ */
+ function getMethodDescription($comment){
+ $comment = MethodTable::cleanComment(strrstr($comment, "@"));
+ return trim($comment);
+ }
+
+
+ /**
+ * Returns the value of a comment attribute.
+ *
+ * @static
+ * @private
+ * @param $comment(String) The method's comment.
+ * @param $attribute(String) The name of the attribute to get its value from.
+ */
+ function getMethodCommentAttribute($comment, $attribute){
+ $pieces = strstrafter($comment, '@' . $attribute);
+ if($pieces !== FALSE)
+ {
+ $pieces = strrstr($pieces, '@');
+ $pieces = strrstr($pieces, '*/');
+ return MethodTable::cleanComment($pieces);
+ }
+ return "";
+ }
+
+ /**
+ * Returns the value of a comment attribute.
+ *
+ * @static
+ * @private
+ * @param $comment(String) The method's comment.
+ * @param $attribute(String) The name of the attribute to get its value from.
+ */
+ function getMethodCommentAttributeFirstLine($comment, $attribute){
+ $pieces = strstrafter($comment, '@' . $attribute);
+ if($pieces !== FALSE)
+ {
+ $pieces = strrstr($pieces, '@');
+ $pieces = strrstr($pieces, "*");
+ $pieces = strrstr($pieces, "/");
+ $pieces = strrstr($pieces, "-");
+ $pieces = strrstr($pieces, "\n");
+ $pieces = strrstr($pieces, "\r");
+ $pieces = strrstr($pieces, '*/');
+ return MethodTable::cleanComment($pieces);
+ }
+ return "";
+ }
+
+ /**
+ * Returns the value of a comment attribute.
+ *
+ * @static
+ * @private
+ * @param $comment(String) The method's comment.
+ * @param $attribute(String) The name of the attribute to get its value from.
+ */
+ function getMethodReturnValue($comment){
+ $result = array('type' => 'void', 'description' => '');
+ $pieces = strstrafter($comment, '@returns');
+ if(FALSE == $pieces) $pieces = strstrafter($comment, '@return');
+ if($pieces !== FALSE)
+ {
+ $pieces = strrstr($pieces, '@');
+ $pieces = strrstr($pieces, "*");
+ $pieces = strrstr($pieces, "/");
+ $pieces = strrstr($pieces, "-");
+ $pieces = strrstr($pieces, "\n");
+ $pieces = strrstr($pieces, "\r");
+ $pieces = strrstr($pieces, '*/');
+ $pieces = trim(MethodTable::cleanComment($pieces));
+ @list($result['type'], $result['description']) = explode(' ', $pieces, 2);
+ $result['type'] = MethodTable::standardizeType($result['type']);
+ }
+ return $result;
+ }
+
+ function getMethodCommentAttributeFirstWord($comment, $attribute){
+ $pieces = strstrafter($comment, '@' . $attribute);
+ if($pieces !== FALSE)
+ {
+ $val = MethodTable::cleanComment($pieces);
+ return trim(strrstr($val, ' '));
+ }
+ return "";
+ }
+
+ /**
+ * Returns an array with the arguments of a method.
+ *
+ * @static
+ * @access private
+ * @param $methodSignature(String) The method's signature;
+ */
+ function getMethodArguments($methodSignature, $commentParams){
+ if(strlen($methodSignature) == 0){
+ //no arguments, return an empty array
+ $result = array();
+ }else{
+ //clean the arguments before returning them
+ $result = MethodTable::cleanArguments(explode(",", $methodSignature), $commentParams);
+ }
+
+ return $result;
+ }
+
+ /**
+ * Cleans the function or method's return value.
+ *
+ * @static
+ * @access private
+ * @param $value(String) The "dirty" value.
+ */
+ function cleanReturnValue($value){
+ $result = array();
+ $value = trim($value);
+
+ list($result['type'], $result['description']) = explode(' ', $value, 2);
+
+ $result['type'] = MethodTable::standardizeType($result['type']);
+
+ return $result;
+ }
+
+
+ /**
+ * Takes a string and returns the XMLRPC type that most closely matches it.
+ *
+ * @static
+ * @access private
+ * @param $type(String) The given type string.
+ */
+ function standardizeType($type) {
+ $type = strtolower($type);
+ if('str' == $type || 'string' == $type) return 'string';
+ if('int' == $type || 'integer' == $type) return 'int';
+ if('bool' == $type || 'boolean' == $type) return 'boolean';
+
+ // Note that object is not a valid XMLRPC type
+ if('object' == $type || 'class' == $type) return 'object';
+ if('float' == $type || 'dbl' == $type || 'double' == $type || 'flt' == $type) return 'double';
+
+ // Note that null is not a valid XMLRPC type. The null type can have
+ // only one value - null.
+ if('null' == $type) return 'null';
+
+ // Note that mixed is not a valid XMLRPC type
+ if('mixed' == $type) return 'mixed';
+ if('array' == $type || 'arr' == $type) return 'array';
+ if('assoc' == $type || 'struct' == $type) return 'struct';
+
+ // Note that this is not a valid XMLRPC type. As references cannot be
+ // serialized or exported, there is no way this could be XML-RPCed.
+ if('reference' == $type || 'ref' == $type) return 'reference';
+ return 'string';
+ }
+
+ /**
+ * Cleans the arguments array.
+ * This method removes all whitespaces and the leading "$" sign from each argument
+ * in the array.
+ *
+ * @static
+ * @access private
+ * @param $args(Array) The "dirty" array with arguments.
+ */
+ function cleanArguments($args, $commentParams){
+ $result = array();
+
+ if(!is_array($args)) return array();
+
+ foreach($args as $index => $arg){
+ $arg = strrstr(str_replace(array('$','&$'), array('','&'), $arg), '=');
+ if(!isset($commentParams[$index]))
+ {
+ $result[] = trim($arg);
+ }
+ else
+ {
+ $start = trim($arg);
+ $end = trim(str_replace('$', '', $commentParams[$index]));
+
+ // Suppress Notice of 'Undefined offset' with @
+ @list($word0, $word1, $tail) = preg_split("/[\s]+/", $end, 3);
+ $word0 = strtolower($word0);
+ $word1 = strtolower($word1);
+
+ $wordBase0 = ereg_replace('^[&$]+','',$word0);
+ $wordBase1 = ereg_replace('^[&$]+','',$word1);
+ $startBase = strtolower(ereg_replace('^[&$]+','',$start));
+
+ if ($wordBase0 == $startBase) {
+ $type = str_replace(array('(',')'),'', $word1);
+ } elseif($wordBase1 == $startBase) {
+ $type = str_replace(array('(',')'),'', $word0);
+ } elseif( ereg('(^[&$]+)|(\()([a-z0-9]+)(\)$)', $word0, $regs) ) {
+ $tail = str_ireplace($word0, '', $end);
+ $type = $regs[3];
+ } else {
+ // default to string
+ $type = 'string';
+ }
+
+ $type = MethodTable::standardizeType($type);
+/*
+ if($type == 'str') {
+ $type = 'string';
+ } elseif($type == 'int' || $type == 'integer') {
+ $type = 'int';
+ } elseif($type == 'bool' || $type == 'boolean') {
+ $type = 'boolean';
+ } elseif($type == 'object' || $type == 'class') {
+ // Note that this is not a valid XMLRPC type
+ $type = 'object';
+ } elseif($type == 'float' || $type == 'dbl' || $type == 'double' || $type == 'flt') {
+ $type = 'double';
+ } elseif($type == 'null') {
+ // Note that this is not a valid XMLRPC type
+ // The null type can have only one value - null. Why would
+ // that be an argument to a function? Just in case:
+ $type = 'null';
+ } elseif($type == 'mixed') {
+ // Note that this is not a valid XMLRPC type
+ $type = 'mixed';
+ } elseif($type == 'array' || $type == 'arr') {
+ $type = 'array';
+ } elseif($type == 'assoc') {
+ $type = 'struct';
+ } elseif($type == 'reference' || $type == 'ref') {
+ // Note that this is not a valid XMLRPC type
+ // As references cannot be serialized or exported, there is
+ // no way this could be XML-RPCed.
+ $type = 'reference';
+ } else {
+ $type = 'string';
+ }
+*/
+ $result[] = array('type' => $type, 'description' => $start . ' - ' . $tail);
+ }
+ }
+
+ return $result;
+ }
+
+
+ /**
+ * Cleans the comment string by removing all comment start and end characters.
+ *
+ * @static
+ * @private
+ * @param $comment(String) The method's comment.
+ */
+ function cleanComment($comment){
+ $comment = str_replace("/**", "", $comment);
+ $comment = str_replace("*/", "", $comment);
+ $comment = str_replace("*", "", $comment);
+ $comment = str_replace("\n", "\\n", trim($comment));
+ $comment = eregi_replace("[\r\t\n ]+", " ", trim($comment));
+ $comment = str_replace("\"", "\\\"", $comment);
+ return $comment;
+ }
+
+ /**
+ *
+ */
+ function showCode($methodTable){
+
+ if(!is_array($methodTable)) $methodTable = array();
+
+ foreach($methodTable as $methodName=>$methodProps){
+ $result .= "\n\t\"" . $methodName . "\" => array(";
+
+ foreach($methodProps as $key=>$value){
+ $result .= "\n\t\t\"" . $key . "\" => ";
+
+ if($key=="arguments"){
+ $result .= "array(";
+ for($i=0; $i<count($value); $i++){
+ $result .= "\"" . addslashes($value[$i]) . "\"";
+ if($i<count($value)-1){
+ $result .= ", ";
+ }
+ }
+ $result .= ")";
+ }else{
+ $result .= "\"" . $value . "\"";
+ }
+
+ $result .= ",";
+ }
+
+ $result = substr($result, 0, -1);
+ $result .= "\n\t),";
+ }
+
+ $result = substr($result, 0, -1);
+ $result = "\$this->methodTable = array(" . $result;
+ $result .= "\n);";
+
+ return $result;
+ }
+}
+?>
--- /dev/null
+<?php
+
+// Allows the admin to control user logins from remote moodles.
+
+require_once dirname(dirname(dirname(__FILE__))) . '/config.php';
+require_once($CFG->libdir.'/adminlib.php');
+include_once($CFG->dirroot.'/mnet/lib.php');
+
+$sort = optional_param('sort', 'username', PARAM_ALPHA);
+$dir = optional_param('dir', 'ASC', PARAM_ALPHA);
+$page = optional_param('page', 0, PARAM_INT);
+$perpage = optional_param('perpage', 30, PARAM_INT);
+$action = trim(strtolower(optional_param('action', '', PARAM_ALPHA)));
+
+require_login();
+$adminroot = admin_get_root();
+admin_externalpage_setup('ssoaccesscontrol', $adminroot);
+admin_externalpage_print_header($adminroot);
+
+$sitecontext = get_context_instance(CONTEXT_SYSTEM, SITEID);
+$sesskey = sesskey();
+$formerror = array();
+
+// grab the mnet hosts and remove the localhost
+$mnethosts = get_records_menu('mnet_host', '', '', 'name', 'id, name');
+if (array_key_exists($CFG->mnet_localhost_id, $mnethosts)) {
+ unset($mnethosts[$CFG->mnet_localhost_id]);
+}
+
+
+
+// process actions
+if (!empty($action) and confirm_sesskey()) {
+
+ // boot if insufficient permission
+ if (!has_capability('moodle/user:delete', $sitecontext)) {
+ error('You are not permitted to modify the MNET access control list.');
+ }
+
+ // fetch the record in question
+ $id = required_param('id', PARAM_INT);
+ if (!$idrec = get_record('mnet_sso_access_control', 'id', $id)) {
+ error('Record does not exist.', '/admin/mnet/access_control.php');
+ }
+
+ switch ($action) {
+
+ case "delete":
+ delete_records('mnet_sso_access_control', 'id', $id);
+ notify("SSO ACL: delete record for user '{$idrec->username}' from {$mnethosts[$idrec->mnet_host_id]}.");
+ break;
+
+ case "acl":
+
+ // require the access parameter, and it must be 'allow' or 'deny'
+ $access = trim(strtolower(required_param('access', PARAM_ALPHA)));
+ if ($access != 'allow' and $access != 'deny') {
+ error('Invalid access parameter.', '/admin/mnet/access_control.php');
+ }
+
+ if (mnet_update_sso_access_control($idrec->username, $idrec->mnet_host_id, $access)) {
+ notify("SSO ACL: $access user '{$idrec->username}' from {$mnethosts[$idrec->mnet_host_id]}");
+ }
+ break;
+
+ default:
+ error('Invalid action parameter.', '/admin/mnet/access_control.php');
+ }
+ redirect('access_control.php', get_string('changessaved'));
+}
+
+
+
+// process the form results
+if ($form = data_submitted() and confirm_sesskey()) {
+
+ // check permissions and verify form input
+ if (!has_capability('moodle/user:delete', $sitecontext)) {
+ error('You are not permitted to modify the MNET access control list.', '/admin/mnet/access_control.php');
+ }
+ if (empty($form->username)) {
+ $formerror['username'] = 'Please enter a username, or a list of usernames separated by commas.';
+ }
+ if (empty($form->mnet_host_id)) {
+ $formerror['mnet_host_id'] = 'Please select a remote Moodle host.';
+ }
+ if (empty($form->access)) {
+ $formerror['access'] = 'Please select an access level from the list.';
+ }
+
+ // process if there are no errors
+ if (count($formerror) == 0) {
+
+ // username can be a comma separated list
+ $usernames = explode(',', $form->username);
+
+ foreach ($usernames as $username) {
+ $username = trim(moodle_strtolower($username));
+ if (!empty($username)) {
+ if (mnet_update_sso_access_control($username, $form->mnet_host_id, $form->access)) {
+ notify("SSO ACL: $form->access user '$username' from {$mnethosts[$form->mnet_host_id]}");
+ }
+ }
+ }
+ redirect('access_control.php', get_string('changessaved'));
+ }
+}
+
+
+
+// output the ACL table
+$columns = array("username", "mnet_host_id", "access", "delete");
+$headings = array();
+$string = array('username' => get_string('username'),
+ 'mnet_host_id' => get_string('remotehost', 'mnet'),
+ 'access' => get_string('accesslevel', 'mnet'),
+ 'delete' => get_string('delete'));
+foreach ($columns as $column) {
+ if ($sort != $column) {
+ $columnicon = "";
+ $columndir = "ASC";
+ } else {
+ $columndir = $dir == "ASC" ? "DESC" : "ASC";
+ $columnicon = $dir == "ASC" ? "down" : "up";
+ $columnicon = " <img src=\"$CFG->pixpath/t/$columnicon.gif\" alt=\"\" />";
+ }
+ $headings[$column] = "<a href=\"?sort=$column&dir=$columndir&\">".$string[$column]."</a>$columnicon";
+}
+$headings['delete'] = '';
+$acl = get_records('mnet_sso_access_control', '', '', "$sort $dir", '*'); //, $page * $perpage, $perpage);
+$aclcount = count_records('mnet_sso_access_control');
+
+if (!$acl) {
+ print_heading('No entries in the SSO access control list');
+ $table = NULL;
+} else {
+ $table->head = $headings;
+ $table->align = array('left', 'left', 'center');
+ $table->width = "95%";
+ foreach ($acl as $aclrecord) {
+ if ($aclrecord->access == 'allow') {
+ $accesscolumn = get_string('allow', 'mnet')
+ . " (<a href=\"?id={$aclrecord->id}&action=acl&access=deny&sesskey={$USER->sesskey}\">"
+ . get_string('deny', 'mnet') . "</a>)";
+ } else {
+ $accesscolumn = get_string('deny', 'mnet')
+ . " (<a href=\"?id={$aclrecord->id}&action=acl&access=allow&sesskey={$USER->sesskey}\">"
+ . get_string('allow', 'mnet') . "</a>)";
+ }
+ $deletecolumn = "<a href=\"?id={$aclrecord->id}&action=delete&sesskey={$USER->sesskey}\">"
+ . get_string('delete') . "</a>";
+ $table->data[] = array ($aclrecord->username, $aclrecord->mnet_host_id, $accesscolumn, $deletecolumn);
+ }
+}
+
+if (!empty($table)) {
+ print_table($table);
+ echo '<p> </p>';
+ print_paging_bar($aclcount, $page, $perpage, "?sort=$sort&dir=$dir&perpage=$perpage&");
+}
+
+
+
+// output the add form
+print_simple_box_start('center','90%','','20');
+
+?>
+ <div class="mnetaddtoaclform">
+ <form name="mnetaddtoacl" method="post">
+ <input type="hidden" name="sesskey" value="<?php echo $sesskey; ?>">
+<?php
+
+// enter a username
+echo get_string('username') . ":\n";
+if (!empty($formerror['username'])) {
+ echo '<span class="error"> * </span>';
+}
+echo '<input type="text" name="username" size="20" maxlength="100">';
+
+// choose a remote host
+echo " " . get_string('remotehost', 'mnet') . ":\n";
+if (!empty($formerror['mnet_host_id'])) {
+ echo '<span class="error"> * </span>';
+}
+choose_from_menu($mnethosts, 'mnet_host_id');
+
+// choose an access level
+echo " " . get_string('accesslevel', 'mnet') . ":\n";
+if (!empty($formerror['access'])) {
+ echo '<span class="error"> * </span>';
+}
+$accessmenu['allow'] = get_string('allow', 'mnet');
+$accessmenu['deny'] = get_string('deny', 'mnet');
+choose_from_menu($accessmenu, 'access');
+
+// submit button
+echo '<input type="submit" value="' . get_string('addtoacl', 'mnet') . '">';
+echo "</form></div>\n";
+
+// print errors
+foreach ($formerror as $error) {
+ echo "<br><span class=\"error\">$error<span>";
+}
+
+print_simple_box_end();
+admin_externalpage_print_footer($adminroot);
+
+?>
--- /dev/null
+<?php
+/**
+ * Library functions for mnet
+ *
+ * @author Donal McMullan donal@catalyst.net.nz
+ * @version 0.0.1
+ * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
+ * @package mnet
+ */
+
+include_once $CFG->dirroot.'/admin/mnet/MethodTable.php';
+error_reporting(E_ALL);
+/**
+ * Parse a file to find out what functions/methods exist in it, and add entries
+ * for the remote-call-enabled functions to the database.
+ *
+ * The path to a file, e.g. auth/mnet/auth.php can be thought of as
+ * type/parentname/docname
+ *
+ * @param string $type mod, auth or enrol
+ * @param string $parentname Implementation of type, e.g. 'mnet' in the
+ * case of auth/mnet/auth.php
+ * @return bool True on success, else false
+ */
+function mnet_get_functions($type, $parentname) {
+ global $CFG;
+ $dataobject = new stdClass();
+ $docname = $type.'.php';
+ $publishes = array();
+ if ('mod' == $type) {
+ $docname = 'rpclib.php';
+ $relname = '/mod/'.$parentname.'/'.$docname;
+ $filename = $CFG->dirroot.$relname;
+ if (file_exists($filename)) include $filename;
+ $mnet_publishes = $parentname.'_mnet_publishes';
+ if (function_exists($mnet_publishes)) {
+ (array)$publishes = $mnet_publishes();
+ }
+ } else {
+ // auth or enrol
+ $relname = '/'.$type.'/'.$parentname.'/'.$docname;
+ $filename = $CFG->dirroot.$relname;
+ if (file_exists($filename)) include $filename;
+ $class = $type.($type=='enrol'? 'ment':'').'_plugin_'.$parentname;
+ if (class_exists($class)) {
+ $object = new $class();
+ if (method_exists($object, 'mnet_publishes')) {
+ (array)$publishes = $object->mnet_publishes();
+ }
+ }
+ }
+
+ $methodServiceArray = array();
+ foreach($publishes as $service) {
+ if (is_array($service['methods'])) {
+ foreach($service['methods'] as $methodname) {
+ $methodServiceArray[$methodname][] = $service;
+ }
+ }
+ }
+
+ // Disable functions that don't exist (any more) in the source
+ // Should these be deleted? What about their permissions records?
+ $rpcrecords = get_records_select('mnet_rpc', ' parent=\''.$parentname.'\' AND parent_type=\''.$type.'\' ', 'function_name ASC ');
+ if (!empty($rpcrecords)) {
+ foreach($rpcrecords as $rpc) {
+ if (!array_key_exists($rpc->function_name, $methodServiceArray)) {
+ $rpc->enabled = 0;
+ update_record('mnet_rpc', $rpc);
+ }
+ }
+ }
+
+ if (!file_exists($filename)) return false;
+
+ $functions = (array)MethodTable::create($filename,false);
+
+ foreach($functions as $functionname => $details) {
+ if (array_key_exists($functionname, $methodServiceArray)) {
+ $dataobject->function_name = $functionname;
+ $dataobject->xmlrpc_path = $type.'/'.$parentname.'/'.$docname.'/'.$functionname;
+ $dataobject->parent_type = $type;
+ $dataobject->parent = $parentname;
+ $dataobject->enabled = '0';
+ $dataobject->help = addslashes($details['description']);
+
+ $profile = $details['arguments'];
+ if (!isset($details['returns'])) {
+ array_unshift($profile, array('type' => 'void', 'description' => 'No return value'));
+ } else {
+ array_unshift($profile, $details['returns']);
+ }
+ $dataobject->profile = serialize($profile);
+
+ if ($record_exists = get_record('mnet_rpc', 'xmlrpc_path', $dataobject->xmlrpc_path)) {
+ $dataobject->id = $record_exists->id;
+ $dataobject->enabled = $record_exists->enabled;
+ update_record('mnet_rpc', $dataobject);
+ } else {
+ $dataobject->id = insert_record('mnet_rpc', $dataobject, true);
+ }
+
+ foreach($methodServiceArray[$functionname] as $service) {
+ $serviceobj = get_record('mnet_service', 'name', $service['name']);
+ if (false == $serviceobj) {
+ $serviceobj = new stdClass();
+ $serviceobj->name = $service['name'];
+ $serviceobj->apiversion = $service['apiversion'];
+ $serviceobj->offer = 1;
+ $serviceobj->id = insert_record('mnet_service', $serviceobj, true);
+ }
+
+ if (false == get_record('mnet_service2rpc', 'rpcid', $dataobject->id, 'serviceid', $serviceobj->id)) {
+ $obj = new stdClass();
+ $obj->rpcid = $dataobject->id;
+ $obj->serviceid = $serviceobj->id;
+ insert_record('mnet_service2rpc', $obj, true);
+ }
+ }
+ }
+ }
+ return true;
+}
+
+function upgrade_RPC_functions($returnurl) {
+ global $CFG;
+
+ $basedir = $CFG->dirroot.'/mod';
+ if (file_exists($basedir) && filetype($basedir) == 'dir') {
+ $dirhandle = opendir($basedir);
+ while (false !== ($dir = readdir($dirhandle))) {
+ $firstchar = substr($dir, 0, 1);
+ if ($firstchar == '.' or $dir == 'CVS' or $dir == '_vti_cnf') {
+ continue;
+ }
+ if (filetype($basedir .'/'. $dir) != 'dir') {
+ continue;
+ }
+
+ mnet_get_functions('mod', $dir);
+
+ }
+ }
+
+ $basedir = $CFG->dirroot.'/auth';
+ if (file_exists($basedir) && filetype($basedir) == 'dir') {
+ $dirhandle = opendir($basedir);
+ while (false !== ($dir = readdir($dirhandle))) {
+ $firstchar = substr($dir, 0, 1);
+ if ($firstchar == '.' or $dir == 'CVS' or $dir == '_vti_cnf') {
+ continue;
+ }
+ if (filetype($basedir .'/'. $dir) != 'dir') {
+ continue;
+ }
+
+ mnet_get_functions('auth', $dir);
+ }
+ }
+
+ $basedir = $CFG->dirroot.'/enrol';
+ if (file_exists($basedir) && filetype($basedir) == 'dir') {
+ $dirhandle = opendir($basedir);
+ while (false !== ($dir = readdir($dirhandle))) {
+ $firstchar = substr($dir, 0, 1);
+ if ($firstchar == '.' or $dir == 'CVS' or $dir == '_vti_cnf') {
+ continue;
+ }
+ if (filetype($basedir .'/'. $dir) != 'dir') {
+ continue;
+ }
+
+ mnet_get_functions('enrol', $dir);
+ }
+ }
+}
+?>
--- /dev/null
+<?php
+print_header("$site->shortname: $strmnetsettings", "$site->fullname",
+ '<a href="'.$CFG->wwwroot.'/admin/index.php">'.$stradministration.'</a> -> '.
+ '<a href="'.$CFG->wwwroot.'/admin/mnet/index.php">'.get_string('mnetsettings', 'mnet').'</a> -> Delete host');
+
+print_heading(get_string('mnetsettings', 'mnet'));
+?>
+<center>
+ <table align="center" class="generalbox" border="0" cellpadding="5" cellspacing="0">
+ <tr>
+ <td class="generalboxcontent">
+ <table cellpadding="9" cellspacing="0" >
+ <tr valign="top">
+ <td colspan="2" class="header" cellpadding="0"><span>Deleting a Server</span></td>
+ </tr>
+ <?php
+ if (count($warn) > 0):
+ ?>
+ <tr valign="top">
+ <td align="right" colspan="2">The following warnings were received:<br />
+ <?php foreach($warn as $warning) echo $warning .'<br />'; ?>
+ </td>
+ </tr>
+ <?php
+ endif;
+ ?>
+ <tr valign="top">
+ <td colspan="2">Are you sure you want to delete the server: "<?php echo $mnet_peer->name; ?>"?</td>
+ </tr>
+ <tr valign="top">
+ <td width="80">
+ <form method="POST" action="delete.php">
+ <input type="hidden" name="sesskey" value="<?php echo $USER->sesskey ?>" />
+ <input type="hidden" name="hostid" value="<?php echo $mnet_peer->id; ?>" />
+ <input type="hidden" name="step" value="delete" />
+ <input type="submit" name="submit" value="<?php print_string('delete'); ?>"/>
+ </form>
+ </td>
+ <td>
+ <form method="GET" action="index.php">
+ <input type="submit" name="ignore" value="<?php print_string('cancel'); ?>"/>
+ </form>
+ </td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ </table>
+</center>
+<?php
+print_footer();
+?>
--- /dev/null
+<?PHP // $Id$
+
+ require_once(dirname(dirname(dirname(__FILE__))) . '/config.php');
+ include_once($CFG->dirroot.'/mnet/lib.php');
+ $stradministration = get_string('administration');
+ $strconfiguration = get_string('configuration');
+ $strmnetsettings = get_string('mnetsettings', 'mnet');
+ $strmnetservices = get_string('mnetservices', 'mnet');
+ $strmnetlog = get_string('mnetlog', 'mnet');
+ $strmnetedithost = get_string('reviewhostdetails', 'mnet');
+ require_login();
+
+ if (!isadmin()) {
+ error('Only administrators can use this page!');
+ }
+
+ $context = get_context_instance(CONTEXT_SYSTEM, SITEID);
+
+ require_capability('moodle/site:config', $context, $USER->id, true, "nopermissions");
+
+ if (!$site = get_site()) {
+ error('Site isn\'t defined!');
+ }
+
+/// Initialize variables.
+
+ // Step must be one of:
+ // input Parse the details of a new host and fetch its public key
+ // commit Save our changes (to a new OR existing host)
+ $step = optional_param('step', 'verify', PARAM_ALPHA);
+ $hostid = required_param('hostid', PARAM_INT);
+ $warn = array();
+
+ if ($_SERVER['REQUEST_METHOD'] != 'POST') {
+ redirect('index.php', "The delete function requires a POST request.",7);
+ }
+
+ if ('verify' == $step) {
+ $mnet_peer = new mnet_peer();
+ $mnet_peer->set_id($hostid);
+ $live_users = $mnet_peer->count_live_sessions();
+ if ($live_users > 0) {
+ $warn[] = get_string('usersareonline', 'mnet', $live_users);
+ }
+ include('delete.html');
+ } elseif ('delete' == $step) {
+ $mnet_peer = new mnet_peer();
+ $mnet_peer->set_id($hostid);
+ $mnet_peer->delete();
+ redirect('peers.php', 'Ok - host deleted', 5);
+ }
+?>
--- /dev/null
+<?php
+admin_externalpage_print_header($adminroot);
+?>
+<center>
+<form method="post" action="index.php">
+ <table align="center" class="generalbox" border="0" cellpadding="5" cellspacing="0">
+ <tr>
+ <td class="generalboxcontent">
+ <table cellpadding="9" cellspacing="0" >
+ <tr valign="top">
+ <td colspan="2" class="header" cellpadding="0"><span><?php print_string('aboutyourhost', 'mnet'); ?></span></td>
+ </tr>
+ <tr valign="top">
+ <td align="right">Public Key:</td>
+ <td><pre><?php echo $keypair['certificate']; ?></pre></td>
+ </tr>
+ <tr valign="top">
+ <td align="right">Networking:</td>
+ <td><input type="hidden" name="sesskey" value="<?php echo $USER->sesskey ?>" />
+ <input type="radio" name="mode" value="off" <?php echo ("off" == $CFG->mnet_dispatcher_mode)? 'checked="true"' : '' ?> /> <?php print_string('off', 'mnet'); ?> <br />
+ <input type="radio" name="mode" value="strict" <?php echo ("strict" == $CFG->mnet_dispatcher_mode)? 'checked="true"' : '' ?> /> <?php print_string('on', 'mnet'); ?><br />
+ <input type="submit" name="submit" value="submitNet" />
+ </td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ </table>
+</form>
+</center>
+<?php
+admin_externalpage_print_footer($adminroot);
+?>
\ No newline at end of file
--- /dev/null
+<?PHP // $Id$
+
+ // Allows the admin to configure mnet stuff
+
+ require_once(dirname(dirname(dirname(__FILE__))) . '/config.php');
+ require_once($CFG->libdir.'/adminlib.php');
+ include_once($CFG->dirroot.'/mnet/lib.php');
+
+ require_login();
+ $adminroot = admin_get_root();
+ admin_externalpage_setup('net', $adminroot);
+
+ $context = get_context_instance(CONTEXT_SYSTEM, SITEID);
+
+ require_capability('moodle/site:config', $context, $USER->id, true, "nopermissions");
+
+ if (!$site = get_site()) {
+ error('Site isn\'t defined!');
+ }
+
+ if (!function_exists('curl_init') ) {
+ error('PHP Curl library is not installed');
+ }
+
+ $keypair = unserialize($CFG->openssl);
+
+ if (!isset($CFG->mnet_dispatcher_mode)) set_config('mnet_dispatcher_mode', 'off');
+
+/// If data submitted, process and store
+ if (($form = data_submitted()) && confirm_sesskey()) {
+ if (in_array($form->mode, array("off", "strict", "promiscuous"))) {
+ if (set_config('mnet_dispatcher_mode', $form->mode)) {
+ redirect('index.php', get_string('changessaved'));
+ } else {
+ error('Invalid action parameter.', 'index.php');
+ }
+ }
+ }
+ $hosts = get_records_select('mnet_host', " id != '{$CFG->mnet_localhost_id}' AND deleted = '0' ",'wwwroot ASC' );
+ include('./index.html');
+?>
--- /dev/null
+<?php
+
+
+ require_once(dirname(dirname(dirname(__FILE__))) . '/config.php');
+ include_once($CFG->dirroot.'/mnet/lib.php');
+
+ require_login();
+
+ if (!isadmin()) {
+ error('Only administrators can use this page!');
+ }
+
+ if (!$site = get_site()) {
+ error('Site isn\'t defined!');
+ }
+ $hostid = optional_param('hostid', NULL, PARAM_INT);
+ $stradministration = get_string('administration');
+ $strconfiguration = get_string('configuration');
+ $strmnetsettings = get_string('mnetsettings', 'mnet');
+ $strmnetservices = get_string('mnetservices', 'mnet');
+ $strmnetlog = get_string('mnetlog', 'mnet');
+ $strmnetedithost = get_string('reviewhostdetails', 'mnet');
+ $strmneteditservices = get_string('reviewhostservices', 'mnet');
+
+print_header("$site->shortname: $strmnetsettings", "$site->fullname",
+ '<a href="'.$CFG->wwwroot.'/admin/index.php">'.$stradministration.'</a> -> '.
+ '<a href="'.$CFG->wwwroot.'/admin/mnet/index.php">'.get_string('mnetsettings', 'mnet').'</a> -> '.get_string('hostsettings', 'mnet'));
+
+print_heading(get_string('mnetsettings', 'mnet'));
+$tabs[] = new tabobject('mnetdetails', 'index.php?step=update&hostid='.$hostid, $strmnetedithost, $strmnetedithost, false);
+$tabs[] = new tabobject('mnetservices', 'mnet_services.php?step=list&hostid='.$hostid, $strmnetservices, $strmnetservices, false);
+$tabs[] = new tabobject('mnetlog', 'mnet_log.php?step=list&hostid='.$hostid, $strmnetlog, $strmnetlog, false);
+print_tabs(array($tabs), 'mnetlog');
+print_simple_box_start("center", "");
+
+?>
+
+<table cellpadding="9" cellspacing="0" >
+<tr>
+ <td align="left" valign="top" colspan="2">
+ Activity Logs
+ </td>
+</tr>
+
+<tr>
+ <td align="left" valign="top" colspan="2">
+ <div id="formElements"><input type="hidden" name="outer" value="4" /></div>
+ </td>
+</tr>
+
+<?php
+
+echo ' </table>';
+print_simple_box_end();
+print_simple_box_end();
+
+?>
+</form>
+
+<?php
+
+print_footer();
+?>
--- /dev/null
+<?php
+$logurl = $CFG->wwwroot.
+ '/course/report/log/index.php?chooselog=1&showusers=1&showcourses=1&host_course='.$mnet_peer->id.
+ '%2F1&user='.'0'.
+ '&date=0'.
+ '&modid=&modaction=0&logformat=showashtml';
+
+admin_externalpage_print_header($adminroot);
+
+if (isset($mnet_peer->id) && $mnet_peer->id > 0) {
+ $tabs[] = new tabobject('mnetdetails', 'peers.php?step=update&hostid='.$mnet_peer->id, $strmnetedithost, $strmnetedithost, false);
+ $tabs[] = new tabobject('mnetservices', 'mnet_services.php?step=list&hostid='.$mnet_peer->id, $strmnetservices, $strmnetservices, false);
+ $tabs[] = new tabobject('mnetlog', $logurl, $strmnetlog, $strmnetlog, false);
+} else {
+ $tabs[] = new tabobject('mnetdetails', '#', $strmnetedithost, $strmnetedithost, false);
+}
+print_tabs(array($tabs), 'mnetdetails');
+
+print_simple_box_start("center", "");
+?>
+<form method="post" action="peers.php">
+<input type="hidden" name="sesskey" value="<?php echo $USER->sesskey ?>" />
+<input type="hidden" name="step" value="commit" />
+<input type="hidden" name="last_connect_time" value="<?php echo $mnet_peer->last_connect_time; ?>" />
+<input type="hidden" name="id" value="<?php echo isset($mnet_peer->id)? $mnet_peer->id : '0' ; ?>" />
+<table cellpadding="9" cellspacing="0" >
+
+<tr>
+ <td align="right" valign="top" nowrap><?php print_string('site'); ?>:</td>
+ <td valign="top"><input type="text" name="name" size="30" value="<?php echo $mnet_peer->name; ?>" /></td>
+</tr>
+<tr>
+ <td align="right" valign="top" nowrap><?php print_string('hostname', 'mnet'); ?>:</td>
+ <td valign="top"><input type="text" name="wwwroot" size="30" value="<?php echo $mnet_peer->wwwroot; ?>" /></td>
+</tr>
+<?php
+if (empty($mnet_peer->public_key)) $mnet_peer->public_key = '';
+?>
+<tr>
+ <td align="right" valign="top" nowrap><?php
+ print_string('publickey', 'mnet');
+ echo ': <br />';
+ helpbutton("publickey", get_string('publickey', 'mnet'), "mnet", true, true);
+ ?></td>
+<?php
+if (isset($mnet_peer->deleted) && $mnet_peer->deleted > 0) {
+ $key = mnet_get_public_key($mnet_peer->wwwroot);
+ $mnet_peer->public_key = clean_param($key, PARAM_PEM);
+?>
+ <td valign="top">
+ <?php
+ if (empty($mnet_peer->public_key)) {
+ notice(get_string('invalidpubkey', 'mnet'));
+ }
+ ?>
+ <textarea rows="17" cols="65" name="public_key" style="font-size: 8px;"><?php echo $mnet_peer->public_key; ?></textarea></td>
+</tr>
+<?php
+} else {
+?>
+ <td valign="top">
+ <?php
+ if (empty($mnet_peer->public_key)) {
+ p(get_string('invalidpubkey', 'mnet'));
+ }
+ ?>
+ <pre style="font-size: 8px;">
+ <?php echo $mnet_peer->public_key; ?>
+ </pre></td>
+</tr>
+<?php
+}
+
+
+if (isset($mnet_peer->id) && $mnet_peer->id > 0):
+?>
+ <tr>
+ <td align="right" valign="top" nowrap><?php print_string('last_connect_time', 'mnet'); ?>:</td>
+ <td valign="top"><?php echo ($mnet_peer->last_connect_time == 0)? get_string('never','mnet') : date('H:i:s d/m/Y',$mnet_peer->last_connect_time);?></td>
+ </tr>
+<?php
+if (isset($mnet_peer->transport) && $mnet_peer->transport > 0):
+?>
+ <tr>
+ <td align="right" valign="top" nowrap><?php print_string('current_transport', 'mnet'); ?>:</td>
+ <td valign="top"><?php echo mnet_get_transport_name($mnet_peer->transport);?></td>
+ </tr>
+<?php
+endif;
+
+if (isset($mnet_peer->deleted) && $mnet_peer->deleted > 0):
+?>
+ <tr>
+ <td align="right" valign="top" nowrap><?php print_string('deleted'); ?>:</td>
+ <td valign="top">
+ <input type="radio" name="deleted" value="0" <?php echo ("off" == $CFG->mnet_dispatcher_mode)? 'checked="true"' : '' ?> /> No - select this option to re-enable this server. <br />
+ <input type="radio" name="deleted" value="1" <?php echo ("strict" == $CFG->mnet_dispatcher_mode)? 'checked="true"' : '' ?> /> Yes<br />
+ </td>
+ </tr>
+<?php
+endif;
+
+endif;
+
+if (isset($mnet_peer->ip_address) && '' != $mnet_peer->ip_address):
+?>
+ <tr>
+ <td align="right" valign="top" nowrap><?php print_string('ipaddress', 'mnet');
+ echo ': <br />';
+ helpbutton("ipaddress", get_string('ipaddress', 'mnet'), "mnet", true, true);
+ ?>:</td>
+ <td valign="top"><?php echo $mnet_peer->ip_address; ?></td>
+ </tr>
+
+<?php
+endif;
+?>
+<tr>
+ <td></td>
+ <td><input type="submit" value="<?php print_string("savechanges"); ?>" /></td>
+</tr>
+<?php
+
+echo ' </table>';
+print_simple_box_end();
+admin_externalpage_print_footer($adminroot);
+?>
--- /dev/null
+<?php
+admin_externalpage_print_header($adminroot);
+
+$tabs[] = new tabobject('mnetdetails', 'peers.php?step=update&hostid='.$mnet_peer->id, $strmnetedithost, $strmnetedithost, false);
+$tabs[] = new tabobject('mnetservices', 'mnet_services.php?step=list&hostid='.$mnet_peer->id, $strmnetservices, $strmnetservices, false);
+print_tabs(array($tabs), 'mnetdetails');
+
+print_simple_box_start("center", "");
+?>
+<table cellpadding="9" cellspacing="0" >
+<tr>
+ <td align="right" valign="top" nowrap><?php print_string('site'); ?>:</td>
+ <td valign="top"><?php echo $mnet_peer->name; ?></td>
+</tr>
+<tr>
+ <td align="right" valign="top" colspan="2"><?php print_string('allhosts_no_options'); ?>:</td>
+</tr>
+</table>
+<?php
+print_simple_box_end();
+admin_externalpage_print_footer($adminroot);
+?>
--- /dev/null
+<?php
+admin_externalpage_print_header($adminroot);
+
+$logurl = $CFG->wwwroot.
+ '/course/report/log/index.php?chooselog=1&showusers=1&showcourses=1&host_course='.$mnet_peer->id.
+ '%2F1&user='.'0'.
+ '&date=0'.
+ '&modid=&modaction=0&logformat=showashtml';
+
+$tabs[] = new tabobject('mnetdetails', 'peers.php?step=update&hostid='.$mnet_peer->id, $strmnetedithost, $strmnetedithost, false);
+$tabs[] = new tabobject('mnetservices', 'mnet_services.php?step=list&hostid='.$mnet_peer->id, $strmnetservices, $strmnetservices, false);
+if ($mnet_peer->id != $CFG->mnet_all_hosts_id) $tabs[] = new tabobject('mnetlog', $logurl, $strmnetlog, $strmnetlog, false);
+print_tabs(array($tabs), 'mnetservices');
+print_simple_box_start("center", "");
+
+?>
+
+<form method="post" action="mnet_services.php">
+<input type="hidden" name="sesskey" value="<?php echo $USER->sesskey ?>" />
+<input type="hidden" name="step" value="<?php echo $mnet_peer->nextstep; ?>" />
+<input type="hidden" name="hostid" value="<?php echo ($mnet_peer->id)? $mnet_peer->id : '0' ; ?>" />
+<table cellpadding="9" cellspacing="0" >
+<?php
+ foreach($myservices as $name => $versions):
+ $version = current($versions);
+?>
+<tr>
+ <td align="left" valign="top" colspan="2">
+ <h3><?php echo get_string($name.'_name', $version['parent_type'].'_'.$version['parent'] , $mnet_peer->name); ?></h3>
+ <p><?php echo get_string($name.'_description', $version['parent_type'].'_'.$version['parent'], $mnet_peer->name); ?></p>
+<?php
+ $breakstring = '';
+ foreach($versions as $version):
+ if (count($versions) > 1) {
+ $versionstring = '('.get_string('version','mnet') .' '.$version['apiversion'].')';
+ } else {
+ $versionstring = '';
+ }
+
+ echo $breakstring;
+?>
+ <input type="hidden" name="exists[<?php echo $version['serviceid']; ?>]" value="1" />
+ <input type="checkbox" name="publish[<?php echo $version['serviceid']; ?>]" <?php echo (!empty($version['I_publish']))? 'checked ': '' ; ?>/> Publish <?php echo $versionstring; if (!empty($version['hostsubscribes'])) echo '<a href="#" title="'.get_string('issubscribed','mnet', $mnet_peer->name).'">√</a> '; if (!empty($version['allhosts_publish'])) print_string("enabled_for_all",'mnet',!empty($version['I_publish'])); ?><br />
+ <input type="checkbox" name="subscribe[<?php echo $version['serviceid']; ?>]" <?php echo (!empty($version['I_subscribe']))? 'checked ': '' ; ?>/> Subscribe <?php echo $versionstring; if (!empty($version['hostpublishes'])) echo '<a href="#" title="'.get_string('ispublished','mnet', $mnet_peer->name).'">√</a> '; if (!empty($version['allhosts_subscribe'])) print_string("enabled_for_all",'mnet',!empty($version['I_subscribe'])); ?><br />
+<?php
+ $breakstring = '. . . . . . . . . . . . . . . . . . . . . . . . <br>';
+ endforeach;
+?>
+ </td>
+</tr>
+<?php
+ endforeach;
+?>
+<tr>
+ <td align="left" valign="top" colspan="2">
+ <div id="pubTreeLoc"></div>
+ </td>
+</tr>
+<tr>
+ <td align="left" valign="top" colspan="2">
+ <div id="subTreeLoc"></div>
+ </td>
+</tr>
+<tr>
+ <td colspan="2"><input type="submit" value="<?php print_string("savechanges") ?>" /></td>
+</tr>
+<tr>
+ <td align="left" valign="top" colspan="2">
+ <div id="formElements"><input type="hidden" name="outer" value="4" /></div>
+ </td>
+</tr>
+<?php
+
+echo '
+ </table>
+';
+print_simple_box_end();
+print_simple_box_end();
+
+echo '
+</form>
+';
+admin_externalpage_print_footer($adminroot);
+?>
--- /dev/null
+<?php
+ // Allows the admin to configure services for remote hosts
+
+ require_once(dirname(dirname(dirname(__FILE__))) . '/config.php');
+ require_once($CFG->libdir.'/adminlib.php');
+ include_once($CFG->dirroot.'/mnet/lib.php');
+
+ require_login();
+ $adminroot = admin_get_root();
+ admin_externalpage_setup('mnetpeers', $adminroot);
+
+ $context = get_context_instance(CONTEXT_SYSTEM, SITEID);
+
+ require_capability('moodle/site:config', $context, $USER->id, true, "nopermissions");
+
+ if (!$site = get_site()) {
+ error('Site isn\'t defined!');
+ }
+
+/// Initialize variables.
+
+ // Step must be one of:
+ // input Parse the details of a new host and fetch its public key
+ // commit Save our changes (to a new OR existing host)
+ // force Go ahead with something we've been warned is strange
+ $step = optional_param('step', NULL, PARAM_ALPHA);
+ $hostid = optional_param('hostid', NULL, PARAM_INT);
+ $nocertstring = '';
+ $nocertmatch = '';
+ $badcert = '';
+ $certerror = '';
+ $noipmatch = '';
+ $stradministration = get_string('administration');
+ $strconfiguration = get_string('configuration');
+ $strmnetsettings = get_string('mnetsettings', 'mnet');
+ $strmnetservices = get_string('mnetservices', 'mnet');
+ $strmnetlog = get_string('mnetlog', 'mnet');
+ $strmnetedithost = get_string('reviewhostdetails', 'mnet');
+ $strmneteditservices = get_string('reviewhostservices', 'mnet');
+
+ $mnet_peer = new mnet_peer();
+
+ if (($form = data_submitted()) && confirm_sesskey()) {
+ $mnet_peer->set_id($hostid);
+ $treevals = array();
+ foreach($_POST['exists'] as $key => $value) {
+ $host2service = get_record('mnet_host2service', 'hostid', $_POST['hostid'], 'serviceid', $key);
+ $publish = (isset($_POST['publish'][$key]) && $_POST['publish'][$key] == 'on')? 1 : 0;
+ $subscribe = (isset($_POST['subscribe'][$key]) && $_POST['subscribe'][$key] == 'on')? 1 : 0;
+
+ if (false == $host2service && ($publish == 1 || $subscribe == 1)) {
+ $host2service = new stdClass();
+ $host2service->hostid = $_POST['hostid'];
+ $host2service->serviceid = $key;
+
+ $host2service->publish = $publish;
+ $host2service->subscribe = $subscribe;
+
+ $host2service->id = insert_record('mnet_host2service', $host2service);
+ } elseif ($host2service->publish != $publish || $host2service->subscribe != $subscribe) {
+ $host2service->publish = $publish;
+ $host2service->subscribe = $subscribe;
+ $tf = update_record('mnet_host2service', $host2service);
+ }
+ }
+ }
+
+ if (is_int($hostid)) {
+ if (0 == $mnet_peer->id) $mnet_peer->set_id($hostid);
+ $mnet_peer->nextstep = 'verify';
+
+ $id_list = $mnet_peer->id;
+ if (!empty($CFG->mnet_all_hosts_id)) {
+ $id_list .= ', '.$CFG->mnet_all_hosts_id;
+ }
+
+ $query = "
+ SELECT DISTINCT
+ h2s.id,
+ svc.id as serviceid,
+ svc.name,
+ svc.offer,
+ svc.apiversion,
+ r.parent_type,
+ r.parent,
+ h2s.hostid,
+ h2s.publish,
+ h2s.subscribe
+ FROM
+ {$CFG->prefix}mnet_service2rpc s2r,
+ {$CFG->prefix}mnet_rpc r,
+ {$CFG->prefix}mnet_service svc
+ LEFT JOIN
+ {$CFG->prefix}mnet_host2service h2s
+ ON
+ h2s.hostid in ($id_list) AND
+ h2s.serviceid = svc.id
+ WHERE
+ svc.offer = '1' AND
+ s2r.serviceid = svc.id AND
+ s2r.rpcid = r.id
+ ORDER BY
+ svc.name ASC";
+
+ $resultset = get_records_sql($query);
+
+ if (is_array($resultset)) {
+ $resultset = array_values($resultset);
+ } else {
+ $resultset = array();
+ }
+
+ require_once $CFG->dirroot.'/mnet/xmlrpc/client.php';
+
+ $remoteservices = array();
+ if ($hostid != $CFG->mnet_all_hosts_id) {
+ // Create a new request object
+ $mnet_request = new mnet_xmlrpc_client();
+
+ // Tell it the path to the method that we want to execute
+ $mnet_request->set_method('system/listServices');
+ $mnet_request->send($mnet_peer);
+ if (is_array($mnet_request->response)) {
+ foreach($mnet_request->response as $service) {
+ $remoteservices[$service['name']][$service['apiversion']] = $service;
+ }
+ }
+ }
+
+ $myservices = array();
+ foreach($resultset as $result) {
+ $result->hostpublishes = false;
+ $result->hostsubscribes = false;
+ if (isset($remoteservices[$result->name][$result->apiversion])) {
+ if ($remoteservices[$result->name][$result->apiversion]['publish'] == 1) {
+ $result->hostpublishes = true;
+ }
+ if ($remoteservices[$result->name][$result->apiversion]['subscribe'] == 1) {
+ $result->hostsubscribes = true;
+ }
+ }
+
+ if (empty($myservices[$result->name][$result->apiversion])) {
+ $myservices[$result->name][$result->apiversion] = array('serviceid' => $result->serviceid,
+ 'name' => $result->name,
+ 'offer' => $result->offer,
+ 'apiversion' => $result->apiversion,
+ 'parent_type' => $result->parent_type,
+ 'parent' => $result->parent,
+ 'hostsubscribes' => $result->hostsubscribes,
+ 'hostpublishes' => $result->hostpublishes
+ );
+ }
+
+ // allhosts_publish allows us to tell the admin that even though he
+ // is disabling a service, it's still available to the host because
+ // he's also publishing it to 'all hosts'
+ if ($result->hostid == $CFG->mnet_all_hosts_id && $CFG->mnet_all_hosts_id != $mnet_peer->id) {
+ $myservices[$result->name][$result->apiversion]['allhosts_publish'] = $result->publish;
+ $myservices[$result->name][$result->apiversion]['allhosts_subscribe'] = $result->subscribe;
+ } elseif (!empty($result->hostid)) {
+ $myservices[$result->name][$result->apiversion]['I_publish'] = $result->publish;
+ $myservices[$result->name][$result->apiversion]['I_subscribe'] = $result->subscribe;
+ }
+
+ }
+
+ } else {
+ redirect('peers.php', get_string('nohostid','mnet'), '5');
+ exit;
+ }
+
+ include('./mnet_services.html');
+?>
--- /dev/null
+<?php
+admin_externalpage_print_header($adminroot);
+?>
+<center>
+<form method="POST" action="peers.php">
+<input type="hidden" name="sesskey" value="<?php echo $USER->sesskey ?>" />
+<input type="hidden" name="updateregisterall" value="1" />
+<table cellspacing="0" cellpadding="5" width="500" id="hosts" class="generaltable generalbox" >
+ <tr>
+ <th class="header c0" nowrap="nowrap" colspan="2"><?php print_string('registerallhosts', 'mnet'); ?></th>
+ </tr>
+ <tr>
+ <td class="cell c1" colspan="2"><?php print_string('registerallhostsexplain', 'mnet'); ?></td>
+ </tr>
+ <tr>
+ <td class="cell c1"><input type="checkbox" name="registerallhosts" <?php if (!empty($CFG->mnet_register_allhosts)) echo 'checked '; ?>/></td>
+ <td class="cell c1"> <?php print_string('registerallhosts', 'mnet'); ?> </td>
+ </tr>
+ <tr>
+ <td align="right" colspan="2"><input type="submit" name="submit" value="<?php print_string('savechanges'); ?>" /></td>
+ </tr>
+</table>
+</form>
+<table cellspacing="0" cellpadding="5" id="hosts" class="generaltable generalbox" >
+ <tr>
+ <th class="header c0" nowrap="nowrap"><?php print_string('site'); ?></th>
+ <th class="header c1" nowrap="nowrap"><?php print_string('system','mnet'); ?></th>
+ <th class="header c2" nowrap="nowrap"><?php print_string('last_connect_time', 'mnet'); ?></th>
+ <th class="header c3" nowrap="nowrap"></th>
+ </tr>
+<?php
+
+ foreach($hosts as $host):
+
+ if ($host->last_connect_time == 0) {
+ $last_connect = get_string('never');
+ } else {
+ $last_connect = date('H:i:s d/m/Y', $host->last_connect_time);
+ }
+
+?>
+ <tr>
+ <td class="cell c0"><a href="peers.php?step=update&hostid=<?php echo $host->id; ?>"><?php echo $host->name; ?></a></td>
+ <td class="cell c1"><a href="peers.php?step=update&hostid=<?php echo $host->id; ?>"><?php echo $host->wwwroot; ?></a></td>
+ <td class="cell c2" nowrap><?php if ($host->id != $CFG->mnet_all_hosts_id) echo $last_connect; ?></td>
+ <td class="cell c3">
+<?php if ($host->id != $CFG->mnet_all_hosts_id): ?>
+ <form method="POST" action="delete.php">
+ <input type="hidden" name="hostid" value="<?php echo $host->id; ?>" />
+ <input type="hidden" name="step" value="verify" />
+ <input type="submit" name="submit" value="<?php print_string('delete'); ?>"/>
+ </form>
+<?php endif; ?>
+ </td>
+ </tr>
+<?php
+ endforeach;
+?>
+ <tr>
+ <td class="cell c4" colspan="4"> </td>
+ </tr>
+ <form method="post" action="peers.php">
+ <tr>
+ <th class="header c4" nowrap="nowrap" colspan="4">
+ <?php print_string('addnewhost', 'mnet'); ?>
+ <input type="hidden" name="sesskey" value="<?php echo $USER->sesskey ?>" />
+ <input type="hidden" name="step" value="input" />
+ </th>
+ </tr>
+ <tr>
+ <td class="cell c0"></td>
+ <td class="cell c1"><input type="text" name="wwwroot" value=""></td>
+ <td class="cell c2"></td>
+ <td class="cell c3"></td>
+ </tr>
+ <tr>
+ <td class="cell c4" align="right" colspan="4"><input type="submit" value="<?php print_string('addhost','mnet'); ?>" /></td>
+ </tr>
+ </form>
+</table>
+</center>
+<?php
+admin_externalpage_print_footer($adminroot);
+?>
\ No newline at end of file
--- /dev/null
+<?PHP // $Id$
+
+// Allows the admin to configure other Moodle hosts info
+
+require_once(dirname(dirname(dirname(__FILE__))) . '/config.php');
+require_once($CFG->libdir.'/adminlib.php');
+include_once($CFG->dirroot.'/mnet/lib.php');
+
+require_login();
+$adminroot = admin_get_root();
+admin_externalpage_setup('mnetpeers', $adminroot);
+
+$context = get_context_instance(CONTEXT_SYSTEM, SITEID);
+
+require_capability('moodle/site:config', $context, $USER->id, true, "nopermissions");
+
+if (!$site = get_site()) {
+ error('Site isn\'t defined!');
+}
+
+if (!function_exists('curl_init') ) {
+ error('PHP Curl library is not installed');
+}
+
+/// Initialize variables.
+
+// Step must be one of:
+// input Parse the details of a new host and fetch its public key
+// commit Save our changes (to a new OR existing host)
+$step = optional_param('step', NULL, PARAM_ALPHA);
+$hostid = optional_param('hostid', NULL, PARAM_INT);
+
+// Fetch some strings for the HTML templates
+$strmnetservices = get_string('mnetservices', 'mnet');
+$strmnetlog = get_string('mnetlog', 'mnet');
+$strmnetedithost = get_string('reviewhostdetails', 'mnet');
+
+$keypair = unserialize($CFG->openssl);
+
+if (!isset($CFG->mnet_dispatcher_mode)) set_config('mnet_dispatcher_mode', 'off');
+
+/// If data submitted, process and store
+if (($form = data_submitted()) && confirm_sesskey()) {
+
+ if (!empty($form->updateregisterall)) {
+ if (!empty($form->registerallhosts)) {
+ set_config('mnet_register_allhosts',1);
+ } else {
+ set_config('mnet_register_allhosts',0);
+ }
+ redirect('peers.php', get_string('changessaved'));
+ } else {
+
+ $mnet_peer = new mnet_peer();
+
+ if (!empty($form->id)) {
+ $form->id = clean_param($form->id, PARAM_INT);
+ $mnet_peer->set_id($form->id);
+ } else {
+ // PARAM_URL requires a genuine TLD (I think) This breaks my testing
+ $temp_wwwroot = $form->wwwroot; //clean_param($form->wwwroot, PARAM_URL);
+ if ($temp_wwwroot !== $form->wwwroot) {
+ trigger_error("We now parse the wwwroot with PARAM_URL");
+ error('Invalid URL parameter.', 'peers.php');
+ }
+ unset($temp_wwwroot);
+ $mnet_peer->bootstrap($form->wwwroot);
+ }
+
+ if (isset($form->name) && $form->name != $mnet_peer->name) {
+ $form->name = clean_param($form->name, PARAM_NOTAGS);
+ $mnet_peer->set_name($form->name);
+ }
+
+ if (isset($form->deleted) && ($form->deleted == '0' || $form->deleted == '1')) {
+ $mnet_peer->deleted = $form->deleted;
+ }
+
+ if (isset($form->public_key)) {
+ $form->public_key = clean_param($form->public_key, PARAM_PEM);
+ if (empty($form->public_key)) {
+ // Public key was not in a correct format
+ } else {
+ $oldkey = $mnet_peer->public_key;
+ $mnet_peer->public_key = $form->public_key;
+ $mnet_peer->public_key_expires = $mnet_peer->check_common_name($form->public_key);
+ if ($mnet_peer->public_key_expires == false) {
+ $mnet_peer->public_key == $oldkey;
+ }
+ }
+ }
+
+ // PREVENT DUPLICATE RECORDS ///////////////////////////////////////////
+ if ('input' == $form->step) {
+ if ( isset($mnet_peer->id) && $mnet_peer->id > 0 ) {
+ error(get_string("hostexists ".$mnet_peer->id, 'mnet', $mnet_peer->id),'peers.php?step=update&hostid='.$mnet_peer->id);
+ }
+ }
+
+ if ('input' == $form->step) {
+ include('./mnet_review.html');
+ } elseif ('commit' == $form->step) {
+ $bool = $mnet_peer->commit();
+ if ($bool) {
+ redirect('peers.php?step=update&hostid='.$mnet_peer->id, get_string('changessaved'));
+ } else {
+ error('Invalid action parameter.', 'index.php');
+ }
+ }
+ }
+} elseif (is_int($hostid)) {
+ $mnet_peer = new mnet_peer();
+ $mnet_peer->set_id($hostid);
+ $form = new stdClass();
+ if ($hostid != $CFG->mnet_all_hosts_id) {
+ include('./mnet_review.html');
+ } else {
+ include('./mnet_review_allhosts.html');
+ }
+} else {
+ $hosts = get_records_select('mnet_host', " id != '{$CFG->mnet_localhost_id}' AND deleted = '0' ",'wwwroot ASC' );
+ if (empty($hosts)) $hosts = array();
+ include('./peers.html');
+}
+?>
\ No newline at end of file
--- /dev/null
+<?php
+admin_externalpage_print_header($adminroot);
+?>
+<center>
+<table cellspacing="0" cellpadding="5" width="500" id="hosts" class="generaltable generalbox" >
+ <tr>
+ <th class="header c0" nowrap="nowrap" colspan="2"><?php print_string('trustedhosts', 'mnet'); ?></th>
+ </tr>
+ <tr>
+ <td class="cell c1" colspan="2"><?php print_string('trustedhostsexplain', 'mnet'); ?></td>
+ </tr>
+ <tr>
+ <td class="cell c1" colspan="2"><form method="POST" action="trustedhosts.php">
+ <input type="hidden" name="sesskey" value="<?php echo $USER->sesskey ?>" />
+ <textarea name="hostlist" cols="40" rows="20"><?php echo $trusted_hosts; ?></textarea><br />
+ <input type="submit" value="<?php print_string('savechanges'); ?>" />
+ </form>
+ </td>
+ </tr>
+</table>
+<table cellspacing="0" cellpadding="5" width="500" id="hosts" class="generaltable generalbox" >
+ <tr>
+ <th class="header c0" nowrap="nowrap" colspan="2"><?php print_string('testtrustedhosts', 'mnet'); ?></th>
+ </tr>
+<?php
+ if (!empty($test_ip_address)):
+?>
+ <tr>
+ <td class="cell c1" colspan="2">
+ <?php
+ if ($in_range) {
+ print_string('is_in_range', 'mnet', $test_ip_address);
+ echo '<br>';
+ print_string('validated_by', 'mnet', $validated_by);
+ } else {
+ print_string('not_in_range', 'mnet', $test_ip_address);
+ }
+ ?>
+ </td>
+ </tr>
+<?php
+ else:
+?>
+ <tr>
+ <td class="cell c1" colspan="2"><?php print_string('testtrustedhostsexplain', 'mnet'); ?></td>
+ </tr>
+<?php
+ endif;
+?>
+ <tr>
+ <td class="cell c1" colspan="2"><form method="GET" action="trustedhosts.php">
+ <input type="hidden" name="sesskey" value="<?php echo $USER->sesskey ?>" />
+ <input type="text" name="testipaddress" value="<?php echo $test_ip_address; ?>" />
+ <input type="submit" value="<?php print_string('go'); ?>" />
+ </form>
+ </td>
+ </tr>
+</table>
+<?php
+admin_externalpage_print_footer($adminroot);
+?>
\ No newline at end of file
--- /dev/null
+<?php
+ // Allows the admin to configure services for remote hosts
+
+ require_once(dirname(dirname(dirname(__FILE__))) . '/config.php');
+ require_once($CFG->libdir.'/adminlib.php');
+ include_once($CFG->dirroot.'/mnet/lib.php');
+
+ require_login();
+ $adminroot = admin_get_root();
+ admin_externalpage_setup('trustedhosts', $adminroot);
+
+ $context = get_context_instance(CONTEXT_SYSTEM, SITEID);
+
+ require_capability('moodle/site:config', $context, $USER->id, true, "nopermissions");
+
+ if (!$site = get_site()) {
+ error('Site isn\'t defined!');
+ }
+
+ $trusted_hosts = '';//array();
+ $old_trusted_hosts = get_config('mnet', 'mnet_trusted_hosts');
+
+ $test_ip_address = optional_param('testipaddress', NULL, PARAM_HOST);
+ $in_range = false;
+ if (!empty($test_ip_address)) {
+ foreach(explode(',', $old_trusted_hosts->value) as $host) {
+ list($network, $mask) = explode('/', $host.'/');
+ if (empty($network)) continue;
+ if (strlen($mask) == 0) $mask = 32;
+
+ if (ip_in_range($test_ip_address, $network, $mask)) {
+ $in_range = true;
+ $validated_by = $network.'/'.$mask;
+ break;
+ }
+ }
+ }
+
+ /// If data submitted, process and store
+ if (($form = data_submitted()) && confirm_sesskey()) {
+ echo 'a';
+ $hostlist = preg_split("/[\s,]+/", $form->hostlist);
+ foreach($hostlist as $host) {
+ list($address, $mask) = explode('/', $host.'/');
+ if (empty($address)) continue;
+ if (strlen($mask) == 0) $mask = 32;
+ $trusted_hosts .= trim($address).'/'.trim($mask)."\n";
+ unset($address, $mask);
+ }
+ set_config('mnet_trusted_hosts', str_replace("\n", ',', $trusted_hosts), 'mnet');
+ } elseif (!empty($old_trusted_hosts->value)) {
+ foreach(explode(',', $old_trusted_hosts->value) as $host) {
+ list($address, $mask) = explode('/', $host.'/');
+ if (empty($address)) continue;
+ if (strlen($mask) == 0) $mask = 32;
+ $trusted_hosts .= trim($address).'/'.trim($mask)."\n";
+ unset($address, $mask);
+ }
+ }
+
+ include('./trustedhosts.html');
+?>
--- /dev/null
+<?php
+/**
+ * Info about the local environment, wrt RPC
+ *
+ * This should really be a singleton. A PHP5 Todo I guess.
+ */
+
+class mnet_environment {
+
+ var $id = 0;
+ var $wwwroot = '';
+ var $ip_address = '';
+ var $public_key = '';
+ var $public_key_expires = 0;
+ var $last_connect_time = 0;
+ var $last_log_id = 0;
+ var $keypair = array();
+
+ function mnet_environment() {
+ return true;
+ }
+
+ function init() {
+ global $CFG;
+
+ // Bootstrap the object data on first load.
+ if (empty($CFG->mnet_localhost_id) ) {
+ $this->get_keypair();
+
+ $hostobject = new stdClass();
+ $hostobject->wwwroot = $CFG->wwwroot;
+ $hostobject->ip_address = $_SERVER['SERVER_ADDR'];
+ $hostobject->public_key = $this->keypair['certificate'];
+ $hostobject->public_key_expires = '';
+ $hostobject->last_connect_time = '0';
+ $hostobject->last_log_id = '0';
+ $hostobject->deleted = 0;
+
+ $this->id = insert_record('mnet_host',$hostobject, true);
+
+ $temparr = (array)get_object_vars($hostobject);
+
+ foreach($temparr as $key => $value) {
+ $this->$key = $value;
+ }
+
+ unset($temparr, $hostobject);
+
+ set_config('mnet_localhost_id', $this->id);
+ $CFG->mnet_localhost_id = $this->id;
+ } else {
+ $hostobject = get_record('mnet_host','id', $CFG->mnet_localhost_id);
+ $temparr = (array)get_object_vars($hostobject);
+
+ foreach($temparr as $key => $value) {
+ $this->$key = $value;
+ }
+
+ unset($temparr, $hostobject);
+ }
+
+ // We need to set up a record that represents 'all hosts'. Any rights
+ // granted to this host will be conferred on all hosts.
+ if (empty($CFG->mnet_all_hosts_id) ) {
+ $hostobject = new stdClass();
+ $hostobject->wwwroot = '';
+ $hostobject->ip_address = '';
+ $hostobject->public_key = '';
+ $hostobject->public_key_expires = '';
+ $hostobject->last_connect_time = '0';
+ $hostobject->last_log_id = '0';
+ $hostobject->deleted = 0;
+ $hostobject->name = 'All Hosts';
+
+ $hostobject->id = insert_record('mnet_host',$hostobject, true);
+ set_config('mnet_all_hosts_id', $hostobject->id);
+ $CFG->mnet_all_hosts_id = $hostobject->id;
+ unset($hostobject);
+ }
+ }
+
+ function get_keypair() {
+ if (!empty($this->keypair)) return true;
+ if ($result = get_record_select('config', " name = 'openssl'")) {
+ $this->keypair = unserialize($result->value);
+ $this->keypair['privatekey'] = openssl_pkey_get_private($this->keypair['keypair_PEM']);
+ $this->keypair['publickey'] = openssl_pkey_get_public($this->keypair['certificate']);
+ } else {
+ $this->keypair = mnet_generate_keypair();
+ }
+ return true;
+ }
+
+ function get_private_key() {
+ if (empty($this->keypair)) $this->get_keypair();
+ if (isset($this->keypair['privatekey'])) return $this->keypair['privatekey'];
+ $this->keypair['privatekey'] = openssl_pkey_get_private($this->keypair['keypair_PEM']);
+ return $this->keypair['privatekey'];
+ }
+
+ function get_public_key() {
+ if (!isset($this->keypair)) $this->get_keypair();
+ if (isset($this->keypair['publickey'])) return $this->keypair['publickey'];
+ $this->keypair['publickey'] = openssl_pkey_get_public($this->keypair['certificate']);
+ return $this->keypair['publickey'];
+ }
+
+ /**
+ * Note that the openssl_sign function computes the sha1 hash, and then
+ * signs the hash.
+ */
+ function sign_message($message) {
+ $bool = openssl_sign($message, $signature, $this->get_private_key());
+ return $signature;
+ }
+}
+
+?>
--- /dev/null
+<?php
+/**
+ * Library functions for mnet
+ *
+ * @author Donal McMullan donal@catalyst.net.nz
+ * @version 0.0.1
+ * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
+ * @package mnet
+ */
+require_once $CFG->dirroot.'/mnet/xmlrpc/xmlparser.php';
+require_once $CFG->dirroot.'/mnet/peer.php';
+require_once $CFG->dirroot.'/mnet/environment.php';
+
+/// CONSTANTS ///////////////////////////////////////////////////////////
+
+define('RPC_OK', 0);
+define('RPC_NOSUCHFILE', 1);
+define('RPC_NOSUCHCLASS', 2);
+define('RPC_NOSUCHFUNCTION', 3);
+define('RPC_FORBIDDENFUNCTION', 4);
+define('RPC_NOSUCHMETHOD', 5);
+define('RPC_FORBIDDENMETHOD', 6);
+
+$MNET = new mnet_environment();
+$MNET->init();
+
+/**
+ * Strip extraneous detail from a URL or URI and return the hostname
+ *
+ * @param string $uri The URI of a file on the remote computer, optionally
+ * including its http:// prefix like
+ * http://www.example.com/index.html
+ * @return string Just the hostname
+ */
+function mnet_get_hostname_from_uri($uri = null) {
+ $count = preg_match("@^(?:http[s]?://)?([A-Z0-9\-\.]+).*@i", $uri, $matches);
+ if ($count > 0) return $matches[1];
+ return false;
+}
+
+/**
+ * Get the remote machine's SSL Cert
+ *
+ * @param string $uri The URI of a file on the remote computer, including
+ * its http:// or https:// prefix
+ * @param bool $verify True if the SSL Cert must be signed by a trusted 3rd
+ * party. [TODO! NOT IMPLEMENTED]
+ * @return string A PEM formatted SSL Certificate.
+ */
+function mnet_get_public_key($uri, $verify=false) {
+ global $CFG;
+ // The key may be cached in the mnet_set_public_key function...
+ // check this first
+ $key = mnet_set_public_key($uri);
+ if ($key != false) {
+ return $key;
+ }
+
+ $rq = xmlrpc_encode_request('system/keyswap', $CFG->wwwroot);
+ $ch = curl_init($uri.'/mnet/xmlrpc/server.php');
+
+ curl_setopt($ch, CURLOPT_TIMEOUT, 60);
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+ curl_setopt($ch, CURLOPT_POST, true);
+ curl_setopt($ch, CURLOPT_USERAGENT, 'Moodle');
+ curl_setopt($ch, CURLOPT_POSTFIELDS, $rq);
+ curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: text/xml charset=UTF-8"));
+
+ $res = xmlrpc_decode(curl_exec($ch));
+ curl_close($ch);
+
+ if (!is_array($res)) { // ! error
+ $public_certificate = $res;
+ $credentials=array();
+ if (strlen(trim($public_certificate))) {
+ $credentials = openssl_x509_parse($public_certificate);
+ $host = $credentials['subject']['CN'];
+ if (strpos($uri, $host) !== false) {
+ mnet_set_public_key($uri, $public_certificate);
+ return $public_certificate;
+ }
+ }
+ }
+ return false;
+}
+
+/**
+ * Store a URI's public key in a static variable, or retrieve the key for a URI
+ *
+ * @param string $uri The URI of a file on the remote computer, including its
+ * https:// prefix
+ * @param mixed $key A public key to store in the array OR null. If the key
+ * is null, the function will return the previously stored
+ * key for the supplied URI, should it exist.
+ * @return mixed A public key OR true/false.
+ */
+function mnet_set_public_key($uri, $key = null) {
+ static $keyarray = array();
+ if (isset($keyarray[$uri]) && empty($key)) {
+ return $keyarray[$uri];
+ } elseif (!empty($key)) {
+ $keyarray[$uri] = $key;
+ return true;
+ }
+ return false;
+}
+
+/**
+ * Sign a message and return it in an XML-Signature document
+ *
+ * This function can sign any content, but it was written to provide a system of
+ * signing XML-RPC request and response messages. The message will be base64
+ * encoded, so it does not need to be text.
+ *
+ * We compute the SHA1 digest of the message.
+ * We compute a signature on that digest with our private key.
+ * We link to the public key that can be used to verify our signature.
+ * We base64 the message data.
+ * We identify our wwwroot - this must match our certificate's CN
+ *
+ * The XML-RPC document will be parceled inside an XML-SIG document, which holds
+ * the base64_encoded XML as an object, the SHA1 digest of that document, and a
+ * signature of that document using the local private key. This signature will
+ * uniquely identify the RPC document as having come from this server.
+ *
+ * See the {@Link http://www.w3.org/TR/xmldsig-core/ XML-DSig spec} at the W3c
+ * site
+ *
+ * @param string $message The data you want to sign
+ * @return string An XML-DSig document
+ */
+function mnet_sign_message($message) {
+ global $CFG, $MNET;
+ $digest = sha1($message);
+ $sig = $MNET->sign_message($message);
+
+ $message = '<?xml version="1.0" encoding="iso-8859-1"?>
+ <signedMessage>
+ <Signature Id="MoodleSignature" xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SignedInfo>
+ <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+ <Reference URI="#XMLRPC-MSG">
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <DigestValue>'.$digest.'</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue>'.base64_encode($sig).'</SignatureValue>
+ <KeyInfo>
+ <RetrievalMethod URI="'.$CFG->wwwroot.'/mnet/publickey.php"/>
+ </KeyInfo>
+ </Signature>
+ <object ID="XMLRPC-MSG">'.base64_encode($message).'</object>
+ <wwwroot>'.$MNET->wwwroot.'</wwwroot>
+ </signedMessage>';
+ return $message;
+}
+
+/**
+ * Encrypt a message and return it in an XML-Encrypted document
+ *
+ * This function can encrypt any content, but it was written to provide a system
+ * of encrypting XML-RPC request and response messages. The message will be
+ * base64 encoded, so it does not need to be text - binary data should work.
+ *
+ * We compute the SHA1 digest of the message.
+ * We compute a signature on that digest with our private key.
+ * We link to the public key that can be used to verify our signature.
+ * We base64 the message data.
+ * We identify our wwwroot - this must match our certificate's CN
+ *
+ * The XML-RPC document will be parceled inside an XML-SIG document, which holds
+ * the base64_encoded XML as an object, the SHA1 digest of that document, and a
+ * signature of that document using the local private key. This signature will
+ * uniquely identify the RPC document as having come from this server.
+ *
+ * See the {@Link http://www.w3.org/TR/xmlenc-core/ XML-ENC spec} at the W3c
+ * site
+ *
+ * @param string $message The data you want to sign
+ * @param string $remote_certificate Peer's certificate in PEM format
+ * @return string An XML-ENC document
+ */
+function mnet_encrypt_message($message, $remote_certificate) {
+ global $MNET;
+
+ // Generate a key resource from the remote_certificate text string
+ $publickey = openssl_get_publickey($remote_certificate);
+
+ if ( gettype($publickey) != 'resource' ) {
+ // Remote certificate is faulty.
+ return false;
+ }
+
+ // Initialize vars
+ $encryptedstring = '';
+ $symmetric_keys = array();
+
+ // passed by ref -> &$encryptedstring &$symmetric_keys
+ $bool = openssl_seal($message, $encryptedstring, $symmetric_keys, array($publickey));
+ $message = $encryptedstring;
+ $symmetrickey = array_pop($symmetric_keys);
+
+ $message = '<?xml version="1.0" encoding="iso-8859-1"?>
+ <encryptedMessage>
+ <EncryptedData Id="ED" xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#arcfour"/>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:RetrievalMethod URI="#EK" Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"/>
+ <ds:KeyName>XMLENC</ds:KeyName>
+ </ds:KeyInfo>
+ <CipherData>
+ <CipherValue>'.base64_encode($message).'</CipherValue>
+ </CipherData>
+ </EncryptedData>
+ <EncryptedKey Id="EK" xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>SSLKEY</ds:KeyName>
+ </ds:KeyInfo>
+ <CipherData>
+ <CipherValue>'.base64_encode($symmetrickey).'</CipherValue>
+ </CipherData>
+ <ReferenceList>
+ <DataReference URI="#ED"/>
+ </ReferenceList>
+ <CarriedKeyName>XMLENC</CarriedKeyName>
+ </EncryptedKey>
+ <wwwroot>'.$MNET->wwwroot.'</wwwroot>
+ </encryptedMessage>';
+ return $message;
+}
+
+/**
+ * Get your SSL keys from the database, or create them (if they don't exist yet)
+ *
+ * Get your SSL keys from the database, or (if they don't exist yet) call
+ * mnet_generate_keypair to create them
+ *
+ * @param string $string The text you want to sign
+ * @return string The signature over that text
+ */
+function mnet_get_keypair() {
+ global $CFG;
+ static $keypair = null;
+ if (!is_null($keypair)) return $keypair;
+ if ($result = get_record_select('config', " name = 'openssl'")) {
+ $keypair = unserialize($result->value);
+ $keypair['privatekey'] = openssl_pkey_get_private($keypair['keypair_PEM']);
+ $keypair['publickey'] = openssl_pkey_get_public($keypair['certificate']);
+ return $keypair;
+ } else {
+ $keypair = mnet_generate_keypair();
+ return $keypair;
+ }
+}
+
+/**
+ * Generate public/private keys and store in the config table
+ *
+ * Use the distinguished name provided to create a CSR, and then sign that CSR
+ * with the same credentials. Store the keypair you create in the config table.
+ * If a distinguished name is not provided, create one using the fullname of
+ * 'the course with ID 1' as your organization name, and your hostname (as
+ * detailed in $CFG->wwwroot).
+ *
+ * @param array $dn The distinguished name of the server
+ * @return string The signature over that text
+ */
+function mnet_generate_keypair($dn = null) {
+ global $CFG;
+ $host = strtolower($CFG->wwwroot);
+ $host = ereg_replace("^http(s)?://",'',$host);
+ $break = strpos($host.'/' , '/');
+ $host = substr($host, 0, $break);
+
+ if ($result = get_record_select('course'," id ='1' ")) {
+ $organization = $result->fullname;
+ } else {
+ $organization = 'None';
+ }
+
+ $keypair = array();
+ // TODO: fix this with a redirect, form, etc.
+
+ if (is_null($dn)) {
+ $dn = array(
+ "countryName" => 'NZ',
+ "stateOrProvinceName" => 'Wellington',
+ "localityName" => 'Wellington',
+ "organizationName" => $organization,
+ "organizationalUnitName" => 'Moodle',
+ "commonName" => $CFG->wwwroot,
+ "emailAddress" => $CFG->noreplyaddress
+ );
+ }
+
+ $new_key = openssl_pkey_new();
+ $csr_rsc = openssl_csr_new($dn, $new_key, array('private_key_bits',2048));
+ $selfSignedCert = openssl_csr_sign($csr_rsc, null, $new_key, 365);
+
+ // You'll want to keep your certificate signing request, so we'll
+ // export that to a property - csr_txt.
+ openssl_csr_export($csr_rsc, $csr_txt);
+ unset($csr_rsc); // Free up the resource
+
+ // We export our self-signed certificate to a string as well.
+ openssl_x509_export($selfSignedCert, $keypair['certificate']);
+ openssl_x509_free($selfSignedCert);
+
+ // Export your public/private key pair as a PEM encoded string. You
+ // can protect it with an optional passphrase if you wish.
+ $export = openssl_pkey_export($new_key, $keypair['keypair_PEM'] /* , $passphrase */);
+ openssl_pkey_free($new_key);
+ unset($new_key); // Free up the resource
+
+ $record = new stdClass();
+ $record->name = 'openssl';
+ // Normally we would just serialize the object, but that's not
+ // working, nor behaving as the docs suggest it should. Casting the
+ // object to an array and serializing the array works fine.
+ $record->value = serialize($keypair);
+
+ insert_record('config', $record);
+ // unset $record
+
+ $keypair['privatekey'] = openssl_pkey_get_private($keypair['keypair_PEM']);
+ $keypair['publickey'] = openssl_pkey_get_public($keypair['certificate']);
+
+ return $keypair;
+}
+
+/**
+ * Check that an IP address falls within the given network/mask
+ * ok for export
+ *
+ * @param string $address Dotted quad
+ * @param string $network Dotted quad
+ * @param string $mask A number, e.g. 16, 24, 32
+ * @return bool
+ */
+function ip_in_range($address, $network, $mask) {
+ $lnetwork = ip2long($network);
+ $laddress = ip2long($address);
+
+ $binnet = str_pad( decbin($lnetwork),32,"0","STR_PAD_LEFT" );
+ $firstpart = substr($binnet,0,$mask);
+
+ $binip = str_pad( decbin($laddress),32,"0","STR_PAD_LEFT" );
+ $firstip = substr($binip,0,$mask);
+ return(strcmp($firstpart,$firstip)==0);
+}
+
+/**
+ * Check that a given function (or method) in an include file has been designated
+ * ok for export
+ *
+ * @param string $includefile The path to the include file
+ * @param string $functionname The name of the function (or method) to
+ * execute
+ * @param mixed $class A class name, or false if we're just testing
+ * a function
+ * @return int Zero (RPC_OK) if all ok - appropriate
+ * constant otherwise
+ */
+function mnet_permit_rpc_call($includefile, $functionname, $class=false) {
+ global $CFG, $MNET_REMOTE_CLIENT;
+
+ if (file_exists($CFG->dirroot . $includefile)) {
+ include_once $CFG->dirroot . $includefile;
+ // $callprefix matches the rpc convention
+ // of not having a leading slash
+ $callprefix = preg_replace('!^/!', '', $includefile);
+ } else {
+ return RPC_NOSUCHFILE;
+ }
+
+ if ($functionname != clean_param($functionname, PARAM_PATH)) {
+ // Under attack?
+ // Todo: Should really return a much more BROKEN! response
+ return RPC_FORBIDDENMETHOD;
+ }
+
+ $id_list = $MNET_REMOTE_CLIENT->id;
+ if (!empty($CFG->mnet_all_hosts_id)) {
+ $id_list .= ', '.$CFG->mnet_all_hosts_id;
+ }
+
+ // TODO: change to left-join so we can disambiguate:
+ // 1. method doesn't exist
+ // 2. method exists but is prohibited
+ $sql = "
+ SELECT
+ count(r.id)
+ FROM
+ {$CFG->prefix}mnet_host2service h2s,
+ {$CFG->prefix}mnet_service2rpc s2r,
+ {$CFG->prefix}mnet_rpc r
+ WHERE
+ h2s.serviceid = s2r.serviceid AND
+ s2r.rpcid = r.id AND
+ r.xmlrpc_path = '$callprefix/$functionname' AND
+ h2s.hostid in ($id_list) AND
+ h2s.publish = '1'";
+
+ $permissionobj = record_exists_sql($sql);
+
+ if ($permissionobj === false) {
+ return RPC_FORBIDDENMETHOD;
+ }
+
+ // WE'RE LOOKING AT A CLASS/METHOD
+ if (false != $class) {
+ if (!class_exists($class)) {
+ // Generate error response - unable to locate class
+ return RPC_NOSUCHCLASS;
+ }
+
+ $object = new $class();
+
+ if (!method_exists($object, $functionname)) {
+ // Generate error response - unable to locate method
+ return RPC_NOSUCHMETHOD;
+ }
+
+ if (!method_exists($object, 'mnet_publishes')) {
+ // Generate error response - the class doesn't publish
+ // *any* methods, because it doesn't have an mnet_publishes
+ // method
+ return RPC_FORBIDDENMETHOD;
+ }
+
+ // Get the list of published services - initialise method array
+ $servicelist = $object->mnet_publishes();
+ $methodapproved = false;
+
+ // If the method is in the list of approved methods, set the
+ // methodapproved flag to true and break
+ foreach($servicelist as $service) {
+ if (in_array($functionname, $service['methods'])) {
+ $methodapproved = true;
+ break;
+ }
+ }
+
+ if (!$methodapproved) {
+ return RPC_FORBIDDENMETHOD;
+ }
+
+ // Stash the object so we can call the method on it later
+ $MNET_REMOTE_CLIENT->object_to_call($object);
+ // WE'RE LOOKING AT A FUNCTION
+ } else {
+ if (!function_exists($functionname)) {
+ // Generate error response - unable to locate function
+ return RPC_NOSUCHFUNCTION;
+ }
+
+ }
+
+ return RPC_OK;
+}
+
+function mnet_update_sso_access_control($username, $mnet_host_id, $access) {
+ $mnethost = get_record('mnet_host', 'id', $mnet_host_id);
+ if ($aclrecord = get_record('mnet_sso_access_control', 'username', $username, 'mnet_host_id', $mnet_host_id)) {
+ // update
+ $aclrecord->access = $access;
+ if (update_record('mnet_sso_access_control', $aclrecord)) {
+ add_to_log(SITEID, 'admin/mnet', 'update', 'admin/mnet/access_control.php',
+ "SSO ACL: $access user '$username' from {$mnethost->name}");
+ } else {
+ error("Failed to write to the MNET access control list for user '$username'.");
+ return false;
+ }
+ } else {
+ // insert
+ $aclrecord->username = $username;
+ $aclrecord->access = $access;
+ $aclrecord->mnet_host_id = $mnet_host_id;
+ if ($id = insert_record('mnet_sso_access_control', $aclrecord)) {
+ add_to_log(SITEID, 'admin/mnet', 'add', 'admin/mnet/access_control.php',
+ "SSO ACL: $access user '$username' from {$mnethost->name}");
+ } else {
+ error("Failed to write to the MNET access control list for user '$username'.");
+ return false;
+ }
+ }
+ return true;
+}
+?>
--- /dev/null
+<?php
+/**
+ * An object to represent lots of information about an RPC-peer machine
+ *
+ * @author Donal McMullan donal@catalyst.net.nz
+ * @version 0.0.1
+ * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
+ * @package mnet
+ */
+
+class mnet_peer {
+
+ var $id = 0;
+ var $wwwroot = '';
+ var $ip_address = '';
+ var $name = '';
+ var $public_key = '';
+ var $public_key_expires = 0;
+ var $last_connect_time = 0;
+ var $last_log_id = 0;
+ var $keypair = array();
+ var $error = array();
+
+ function mnet_peer() {
+ return true;
+ }
+
+ function bootstrap($wwwroot) {
+
+ if ( ! $this->set_wwwroot($wwwroot) ) {
+ $hostname = mnet_get_hostname_from_uri($wwwroot);
+
+ // Get the IP address for that host - if this fails, it will
+ // return the hostname string
+ $ip_address = gethostbyname($hostname);
+
+ // Couldn't find the IP address?
+ if ($ip_address === $hostname && !preg_match('/^\d+\.\d+\.\d+.\d+$/',$hostname)) {
+ $this->error[] = array('code' => 2, 'text' => get_string("noaddressforhost", 'mnet'));
+ return false;
+ }
+
+ $this->name = $wwwroot;
+
+ // TODO: In reality, this will be prohibitively slow... need another
+ // default - maybe blank string
+ $homepage = file_get_contents($wwwroot);
+ if (!empty($homepage)) {
+ $count = preg_match("@<title>(.*)</title>@siU", $homepage, $matches);
+ if ($count > 0) {
+ $this->name = $matches[1];
+ }
+ }
+
+ if (substr($wwwroot, 0, -1) == '/') {
+ $wwwroot = substr($wwwroot, 0, -1);
+ }
+
+ $this->wwwroot = $wwwroot;
+ $this->ip_address = $ip_address;
+ $this->deleted = 0;
+ $this->public_key = clean_param(mnet_get_public_key($this->wwwroot), PARAM_PEM);
+ $this->public_key_expires = $this->check_common_name($this->public_key);
+ $this->last_connect_time = 0;
+ $this->last_log_id = 0;
+ if ($this->public_key_expires == false) {
+ $this->public_key == '';
+ return false;
+ }
+ }
+
+ return true;
+ }
+
+ function delete() {
+ if ($this->deleted) return true;
+
+ $users = count_records('user','mnethostid', $this->id);
+ if ($users > 0) {
+ $this->deleted = 1;
+ }
+
+ $actions = count_records('mnet_log','hostid', $this->id);
+ if ($actions > 0) {
+ $this->deleted = 1;
+ }
+
+ $obj = delete_records('mnet_rpc2host', 'host_id', $this->id);
+
+ $this->delete_all_sessions();
+
+ // If we don't have any activity records for which the mnet_host table
+ // provides a foreign key, then we can delete the record. Otherwise, we
+ // just mark it as deleted.
+ if (0 == $this->deleted) {
+ delete_records('mnet_host', "id", $this->id);
+ } else {
+ $this->commit();
+ }
+ }
+
+ function count_live_sessions() {
+ $obj = $this->delete_expired_sessions();
+ return count_records('mnet_session','mnethostid', $this->id);
+ }
+
+ function delete_expired_sessions() {
+ $now = time();
+ return delete_records_select('mnet_session', " mnethostid = '{$this->id}' AND expires < '$now' ");
+ }
+
+ function delete_all_sessions() {
+ global $CFG;
+ // TODO: Expires each PHP session individually
+ // $sessions = get_records('mnet_session', 'mnethostid', $this->id);
+ $sessions = get_records('mnet_session', 'mnethostid', $this->id);
+
+ if (count($sessions) > 0 && file_exists($CFG->dirroot.'/auth/mnet/auth.php')) {
+ require_once($CFG->dirroot.'/auth/mnet/auth.php');
+ $auth = new auth_plugin_mnet();
+ $auth->end_local_sessions($sessions);
+ }
+
+ $deletereturn = delete_records_select('mnet_session', " mnethostid = '{$this->id}'");
+ return true;
+ }
+
+ function check_common_name($key) {
+ $credentials = openssl_x509_parse($key);
+ if ($credentials == false) {
+ $this->error[] = array('code' => 3, 'text' => get_string("nonmatchingcert", 'mnet', array('','')));
+ return false;
+ } elseif ($credentials['subject']['CN'] != $this->wwwroot) {
+ $a[] = $credentials['subject']['CN'];
+ $a[] = $this->wwwroot;
+ $this->error[] = array('code' => 4, 'text' => get_string("nonmatchingcert", 'mnet', $a));
+ return false;
+ } else {
+ return $credentials['validTo_time_t'];
+ }
+ }
+
+ function commit() {
+ $obj = new stdClass();
+
+ $obj->wwwroot = $this->wwwroot;
+ $obj->ip_address = $this->ip_address;
+ $obj->name = $this->name;
+ $obj->public_key = $this->public_key;
+ $obj->public_key_expires = $this->public_key_expires;
+ $obj->deleted = $this->deleted;
+ $obj->last_connect_time = $this->last_connect_time;
+ $obj->last_log_id = $this->last_log_id;
+
+ if (isset($this->id) && $this->id > 0) {
+ $obj->id = $this->id;
+ return update_record('mnet_host', $obj);
+ } else {
+ $this->id = insert_record('mnet_host', $obj);
+ return $this->id > 0;
+ }
+ }
+
+ function set_name($newname) {
+ if (is_string($newname) && strlen($newname <= 80)) {
+ $this->name = $newname;
+ return true;
+ }
+ return false;
+ }
+
+ function set_wwwroot($wwwroot) {
+ global $CFG;
+
+ $hostinfo = get_record('mnet_host', 'wwwroot', $wwwroot);
+
+ if ($hostinfo != false) {
+ $this->populate($hostinfo);
+ return true;
+ }
+ return false;
+ }
+
+ function set_id($id) {
+ global $CFG;
+
+ if (clean_param($id, PARAM_INT) != $id) {
+ $this->errno[] = 1;
+ $this->errmsg[] = 'Your id ('.$id.') is not legal';
+ return false;
+ }
+
+ $sql = "
+ SELECT
+ h.*
+ FROM
+ {$CFG->prefix}mnet_host h
+ WHERE
+ h.id = '". $id ."'";
+
+ if ($hostinfo = get_record_sql($sql)) {
+ $this->populate($hostinfo);
+ return true;
+ }
+ return false;
+ }
+
+ // PRIVATE METHOD
+ function populate($hostinfo) {
+ $this->id = $hostinfo->id;
+ $this->wwwroot = $hostinfo->wwwroot;
+ $this->ip_address = $hostinfo->ip_address;
+ $this->name = $hostinfo->name;
+ $this->deleted = $hostinfo->deleted;
+ $this->public_key = $hostinfo->public_key;
+ $this->public_key_expires = $hostinfo->public_key_expires;
+ $this->last_connect_time = $hostinfo->last_connect_time;
+ $this->last_log_id = $hostinfo->last_log_id;
+ }
+
+ function get_public_key() {
+ if (isset($this->public_key_ref)) return $this->public_key_ref;
+ $this->public_key_ref = openssl_pkey_get_public($this->public_key);
+ return $this->public_key_ref;
+ }
+}
+
+?>
--- /dev/null
+<?php
+/**
+ * Print this server's public key and exit
+ *
+ * @author Donal McMullan donal@catalyst.net.nz
+ * @version 0.0.1
+ * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
+ * @package mnet
+ */
+
+require_once(dirname(dirname(__FILE__)) . '/config.php');
+require_once $CFG->dirroot.'/mnet/lib.php';
+header("Content-type: text/plain");
+$keypair = mnet_get_keypair();
+echo $keypair['certificate'];
+?>
--- /dev/null
+<?php
+/**
+ * An object to represent lots of information about an RPC-peer machine
+ *
+ * @author Donal McMullan donal@catalyst.net.nz
+ * @version 0.0.1
+ * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
+ * @package mnet
+ */
+
+class mnet_remote_client extends mnet_peer {
+
+ // If the remote client is trying to execute a method on an object instead
+ // of just a function, we'll instantiate the proper class and store it in
+ // this 'object_to_call' property.
+ var $object_to_call = false;
+ var $request_was_encrypted = false;
+ var $request_was_signed = false;
+
+ function was_encrypted() {
+ $this->request_was_encrypted = true;
+ }
+
+ function was_signed() {
+ $this->request_was_signed = true;
+ }
+
+ function object_to_call($object) {
+ $this->object_to_call = $object;
+ }
+
+ function plaintext_is_ok() {
+ global $CFG;
+
+ $trusted_hosts = explode(',', get_config('mnet', 'mnet_trusted_hosts'));
+
+ foreach($trusted_hosts as $host) {
+ list($network, $mask) = explode('/', $host.'/');
+ if (empty($network)) continue;
+ if (strlen($mask) == 0) $mask = 32;
+
+ if (ip_in_range($_SERVER['REMOTE_ADDR'], $network, $mask)) {
+ return true;
+ }
+ }
+
+ return false;
+ }
+}
+?>
\ No newline at end of file
--- /dev/null
+<?php
+/**
+ * Some dummy functions to test XML-RPC with
+ */
+
+/**
+ * The xxxx_RPC_OK must exist and return TRUE for the remote call to be
+ * permitted
+ *
+ * @return bool True if the related function can be executed remotely
+ */
+function mnet_concatenate_strings_RPC_OK() {
+ return true;
+}
+
+function mnet_publishes() {
+ $servicelist = array();
+ $service['name'] = 'sso';
+ $function['name'] = 'mnet_concatenate_strings';
+
+ // first argument
+ $argument['type'] = 'string';
+ $argument['default'] = '';
+ $function['arguments'][] = $argument;
+
+ // second argument
+ $argument['type'] = 'string';
+ $argument['default'] = '';
+ $function['arguments'][] = $argument;
+
+ // third argument
+ $argument['type'] = 'string';
+ $argument['default'] = '';
+ $function['arguments'][] = $argument;
+
+ $function['description'] = get_string($function['name'], 'mnet');
+ $service['functions'][] = $function;
+ $servicelist[] = $service;
+
+ return $servicelist;
+}
+//header('Content-type: text/plain');
+//var_dump(mnet_publishes());
+
+/**
+ * Concatenate (up to) 3 strings and return the result
+ * @service sso
+ * @param string $string1 Some string
+ * @param string $string2 Some string
+ * @param string $string3 Some string
+ * @return string The parameter strings, concatenated together
+ */
+function mnet_concatenate_strings($string1='', $string2='', $string3='') {
+ return $string1.$string2.$string3;
+}
+
+class testClass {
+ function testClass() {
+ $this->first = 'last';
+ $this->last = 'first';
+ }
+
+ function augment_first($newval) {
+ $this->first = $this->first.$newval;
+ return $this->first;
+ }
+
+ function augment_first_RPC_OK() {
+ return true;
+ }
+
+ function mnet_concatenate_strings_RPC_OK() {
+ return true;
+ }
+ function mnet_concatenate_strings($string1='', $string2='', $string3='') {
+ return $string1.$string2.$string3;
+ }
+}
+
+?>
\ No newline at end of file
--- /dev/null
+<?php
+/**
+ * A template to test Moodle's XML-RPC feature
+ *
+ * This script 'remotely' executes the mnet_concatenate_strings function in
+ * mnet/testlib.php
+ * It steps through each stage of the process, printing some data as it goes
+ * along. It should help you to get your remote method working.
+ *
+ * @author Donal McMullan donal@catalyst.net.nz
+ * @version 0.0.1
+ * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
+ * @package mnet
+ */
+require_once(dirname(dirname(__FILE__)) . '/config.php');
+require_once $CFG->dirroot.'/mnet/xmlrpc/client.php';
+
+error_reporting(E_ALL);
+
+if (isset($_GET['func']) && is_numeric($_GET['func'])) {
+ $func = $_GET['func'];
+
+
+// Some HTML sugar
+echo '<?xml version="1.0" encoding="utf-8"?>';
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
+<head><title>Moodle MNET Test Client</title></head><body>
+<?php
+
+// For the demo, our 'remote' host is actually our local host.
+$wwwroot = $CFG->wwwroot;
+
+// Enter the complete path to the file that contains the function you want to
+// call on the remote server. In our example the function is in
+// mnet/testlib/
+// The function itself is added to that path to complete the $path_to_function
+// variable
+$path_to_function[0] = 'mnet/rpclib/mnet_concatenate_strings';
+$path_to_function[1] = 'mod/scorm/rpclib/scorm_add_floats';
+$path_to_function[2] = 'system/listMethods';
+$path_to_function[3] = 'system/methodSignature';
+$path_to_function[4] = 'system/methodHelp';
+$path_to_function[5] = 'system/listServices';
+$path_to_function[6] = 'system/listMethods';
+$path_to_function[7] = 'system/listMethods';
+
+$paramArray[0] = array(array('some string, ', 'string'),
+array('some other string, ', 'string'),
+array('and a final string', 'string'));
+
+$paramArray[1] = array(array(5.3, 'string'),
+array(7.1, 'string'),
+array(8.25323, 'string'));
+
+$paramArray[2] = array();
+
+$paramArray[3] = array(array('auth/mnet/auth/user_authorise', 'string'));
+
+$paramArray[4] = array(array('auth/mnet/auth/user_authorise', 'string'));
+
+$paramArray[5] = array();
+
+$paramArray[6] = array(array('sso', 'string'));
+
+$paramArray[7] = array(array('concatenate', 'string'));
+
+echo 'Your local wwwroot appears to be <strong>'. $wwwroot ."</strong>.<br />\n";
+echo "We will use this as the local <em>and</em> remote hosts.<br /><br />\n";
+flush();
+
+// mnet_peer pulls information about a remote host from the database.
+$mnet_peer = new mnet_peer();
+$mnet_peer->set_wwwroot($wwwroot);
+
+echo "Your \$mnet_peer from the database looks like:<br />\n<pre>";
+$h2 = get_object_vars($mnet_peer);
+while(list($key, $val) = each($h2)) {
+ if (!is_numeric($key)) echo '<strong>'.$key.':</strong> '. $val."\n";
+}
+echo "</pre><br/>It's ok if that info is not complete - the required field is:<br />\nwwwroot: <b>{$mnet_peer->wwwroot}</b>.<br /><br/>\n";
+flush();
+
+// The transport id is one of:
+// RPC_HTTPS_VERIFIED 1
+// RPC_HTTPS_SELF_SIGNED 2
+// RPC_HTTP_VERIFIED 3
+// RPC_HTTP_SELF_SIGNED 4
+
+if (!$mnet_peer->transport) exit('No transport method is approved for this host in your DB table. Please enable a transport method and try again.');
+$t[1] = 'http2 (port 443 encrypted) with a verified certificate.';
+$t[2] = 'https (port 443 encrypted) with a self-signed certificate.';
+$t[4] = 'http (port 80 unencrypted) with a verified certificate.';
+$t[8] = 'http (port 80 unencrypted) with a self-signed certificate.';
+$t[16] = 'http (port 80 unencrypted) unencrypted with no certificate.';
+
+echo 'Your transportid is <strong>'.$mnet_peer->transport.'</strong> which represents <em>'.$t[$mnet_peer->transport]."</em><br /><br />\n";
+flush();
+
+// Create a new request object
+$mnet_request = new mnet_xmlrpc_client();
+
+// Tell it the path to the method that we want to execute
+$mnet_request->set_method($path_to_function[$func]);
+// Add parameters for your function. The mnet_concatenate_strings takes three
+// parameters, like mnet_concatenate_strings($string1, $string2, $string3)
+// PHP is weakly typed, so you can get away with calling most things strings,
+// unless it's non-scalar (i.e. an array or object or something).
+foreach($paramArray[$func] as $param) {
+ $mnet_request->add_param($param[0], $param[1]);
+}
+
+if (count($mnet_request->params)) {
+ echo 'Your parameters are:<br />';
+ while(list($key, $val) = each($mnet_request->params)) {
+ echo ' <strong>'.$key.':</strong> '. $val."<br/>\n";
+ }
+}
+flush();
+
+// We send the request:
+$mnet_request->send($mnet_peer);
+
+?>
+
+A var_dump of the decoded response: <strong><pre><?php var_dump($mnet_request->response); ?></pre></strong><br />
+
+<?php
+ if (count($mnet_request->params)) {
+?>
+ A var_dump of the parameters you sent: <strong><pre><?php var_dump($mnet_request->params); ?></pre></strong><br />
+<?php
+ }
+}
+ ?>
+ <p>
+ Choose a function to call:<br />
+ <a href="testclient.php?func=2">system/listMethods</a><br />
+ <a href="testclient.php?func=3">system/methodSignature</a><br />
+ <a href="testclient.php?func=4">system/methodHelp</a><br />
+ <a href="testclient.php?func=5">listServices</a><br />
+ <a href="testclient.php?func=6">system/listMethods(SSO)</a><br />
+ <a href="testclient.php?func=7">system/listMethods(concatenate)</a><br />
+
+</body></html>
--- /dev/null
+<?php
+/**
+ * An XML-RPC client
+ *
+ * @author Donal McMullan donal@catalyst.net.nz
+ * @version 0.0.1
+ * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
+ * @package mnet
+ */
+
+require_once $CFG->dirroot.'/mnet/lib.php';
+
+/**
+ * Class representing an XMLRPC request against a remote machine
+ */
+class mnet_xmlrpc_client {
+
+ var $method = '';
+ var $params = array();
+ var $timeout = 60;
+ var $error = array();
+ var $response = '';
+
+ /**
+ * Constructor returns true
+ */
+ function mnet_xmlrpc_client() {
+ return true;
+ }
+
+ /**
+ * Allow users to override the default timeout
+ * @param int $timeout Request timeout in seconds
+ * $return bool True if param is an integer or integer string
+ */
+ function set_timeout($timeout) {
+ if (!is_integer($timeout)) {
+ if (is_numeric($timeout)) {
+ $this->timeout = (integer($timeout));
+ return true;
+ }
+ return false;
+ }
+ $this->timeout = $timeout;
+ return true;
+ }
+
+ /**
+ * Set the path to the method or function we want to execute on the remote
+ * machine. Examples:
+ * mod/scorm/functionname
+ * auth/mnet/methodname
+ * In the case of auth and enrolment plugins, an object will be created and
+ * the method on that object will be called
+ */
+ function set_method($xmlrpcpath) {
+ if (is_string($xmlrpcpath)) {
+ $this->method = $xmlrpcpath;
+ $this->params = array();
+ return true;
+ }
+ $this->method = '';
+ $this->params = array();
+ return false;
+ }
+
+ /**
+ * Add a parameter to the array of parameters.
+ *
+ * @param string $argument A transport ID, as defined in lib.php
+ * @param string $type The argument type, can be one of:
+ * none
+ * empty
+ * base64
+ * boolean
+ * datetime
+ * double
+ * int
+ * string
+ * array
+ * struct
+ * In its weakly-typed wisdom, PHP will (currently)
+ * ignore everything except datetime and base64
+ * @return bool True on success
+ */
+ function add_param($argument, $type = 'string') {
+
+ $allowed_types = array('none',
+ 'empty',
+ 'base64',
+ 'boolean',
+ 'datetime',
+ 'double',
+ 'int',
+ 'i4',
+ 'string',
+ 'array',
+ 'struct');
+ if (!in_array($type, $allowed_types)) {
+ return false;
+ }
+
+ if ($type != 'datetime' && $type != 'base64') {
+ $this->params[] = $argument;
+ return true;
+ }
+
+ // Note weirdness - The type of $argument gets changed to an object with
+ // value and type properties.
+ // bool xmlrpc_set_type ( string &value, string type )
+ xmlrpc_set_type($argument, $type);
+ $this->params[] = $argument;
+ return true;
+ }
+
+ /**
+ * Send the request to the server - decode and return the response
+ *
+ * @param object $mnet_peer A mnet_peer object with details of the
+ * remote host we're connecting to
+ * @return mixed A PHP variable, as returned by the
+ * remote function
+ */
+ function send($mnet_peer) {
+ global $CFG, $MNET;
+
+ $this->uri = $mnet_peer->wwwroot.
+ '/mnet/xmlrpc/server.php';
+
+ // Initialize with the target URL
+ $ch = curl_init($this->uri);
+
+ $system_methods = array('system/listMethods', 'system/methodSignature', 'system/methodHelp', 'system/listServices');
+
+ if (in_array($this->method, $system_methods) ) {
+
+ // Executing any system method is permitted.
+
+ } else {
+
+ // Find methods that we subscribe to on this host
+ $sql = "
+ SELECT
+ *
+ FROM
+ {$CFG->prefix}mnet_rpc r,
+ {$CFG->prefix}mnet_service2rpc s2r,
+ {$CFG->prefix}mnet_host2service h2s
+ WHERE
+ r.xmlrpc_path = '{$this->method}' AND
+ s2r.rpcid = r.id AND
+ s2r.serviceid = h2s.serviceid AND
+ h2s.subscribe = '1'";
+
+ $permission = get_record_sql($sql);
+ if ($permission == false) {
+ // TODO: Handle attempt to call not-permitted method
+ echo '<pre>'.$sql.'</pre>';
+ return false;
+ }
+
+ }
+ $this->requesttext = xmlrpc_encode_request($this->method, $this->params);
+ $rq = $this->requesttext;
+ $rq = mnet_sign_message($this->requesttext);
+ $this->signedrequest = $rq;
+ $rq = mnet_encrypt_message($rq, $mnet_peer->public_key);
+ $this->encryptedrequest = $rq;
+
+ curl_setopt($ch, CURLOPT_TIMEOUT, $this->timeout);
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+ curl_setopt($ch, CURLOPT_POST, true);
+ curl_setopt($ch, CURLOPT_USERAGENT, 'Moodle');
+ curl_setopt($ch, CURLOPT_POSTFIELDS, $rq);
+ curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: text/xml charset=UTF-8"));
+
+ $this->rawresponse = curl_exec($ch);
+ if ($this->rawresponse == false) {
+ $this->error[] = array(curl_errno($ch), curl_error($ch));
+ }
+
+ $crypt_parser = new mnet_encxml_parser();
+ $crypt_parser->parse($this->rawresponse);
+
+ if ($crypt_parser->payload_encrypted) {
+
+ $key = array_pop($crypt_parser->cipher);
+ $data = array_pop($crypt_parser->cipher);
+
+ $crypt_parser->free_resource();
+
+ // Initialize payload var
+ $payload = '';
+
+ // &$payload
+ $isOpen = openssl_open(base64_decode($data), $payload, base64_decode($key), $MNET->get_private_key());
+
+ if (!$isOpen) {
+ return false;
+ }
+
+ if (strpos(substr($payload, 0, 100), '<signedMessage>')) {
+ $sig_parser = new mnet_encxml_parser();
+ $sig_parser->parse($payload);
+ } else {
+ return false;
+ }
+
+ } else {
+ $crypt_parser->free_resource();
+ return false;
+ }
+
+ $this->xmlrpcresponse = base64_decode($sig_parser->data_object);
+ $this->response = xmlrpc_decode($this->xmlrpcresponse);
+ curl_close($ch);
+
+ // xmlrpc errors are pushed onto the $this->error stack
+ if (isset($this->response['faultCode'])) {
+ $this->error[] = $this->response['faultCode'] . " : " . $this->response['faultString'];
+ }
+ return empty($this->error);
+ }
+}
+?>
--- /dev/null
+<?php
+/**
+ * An XML-RPC server
+ *
+ * @author Donal McMullan donal@catalyst.net.nz
+ * @version 0.0.1
+ * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
+ * @package mnet
+ */
+
+// Make certain that config.php doesn't display any errors, and that it doesn't
+// override our do-not-display-errors setting:
+ini_set('display_errors',0);
+require_once(dirname(dirname(dirname(__FILE__))) . '/config.php');
+ini_set('display_errors',0);
+
+// Include MNET stuff:
+require_once $CFG->dirroot.'/mnet/lib.php';
+require_once $CFG->dirroot.'/mnet/remote_client.php';
+
+// Content type for output is not html:
+header('Content-type: text/xml');
+
+if (!empty($CFG->mnet_rpcdebug)) {
+ trigger_error("HTTP_RAW_POST_DATA");
+ trigger_error($HTTP_RAW_POST_DATA);
+}
+
+// New global variable which ONLY gets set in this server page, so you know that
+// if you've been called by a remote Moodle, this should be set:
+$MNET_REMOTE_CLIENT = new mnet_remote_client();
+
+// Peek at the message to see if it's an XML-ENC document. If it is, note that
+// the client connection was encrypted, and strip the xml-encryption and
+// xml-signature wrappers from the XML-RPC payload
+if (strpos(substr($HTTP_RAW_POST_DATA, 0, 100), '<encryptedMessage>')) {
+ $MNET_REMOTE_CLIENT->was_encrypted();
+// Extract the XML-RPC payload from the XML-ENC and XML-SIG wrappers.
+ $payload = mnet_server_strip_wrappers($HTTP_RAW_POST_DATA);
+} else {
+ $params = xmlrpc_decode_request($HTTP_RAW_POST_DATA, $method);
+ if ($method == 'system.keyswap' ||
+ $method == 'system/keyswap') {
+
+ // OK
+
+ } elseif ($MNET_REMOTE_CLIENT->plaintext_is_ok() == false) {
+ exit(mnet_server_fault(7021, 'forbidden-transport'));
+ }
+ // Looks like plaintext is ok. It is assumed that a plaintext call:
+ // 1. Came from a trusted host on your local network
+ // 2. Is *not* from a Moodle - otherwise why skip encryption/signing?
+ // 3. Is free to execute ANY function in Moodle
+ // 4. Cannot execute any methods (as it can't instantiate a class first)
+ // To execute a method, you'll need to create a wrapper function that first
+ // instantiates the class, and then calls the method.
+ $payload = $HTTP_RAW_POST_DATA;
+}
+
+if (!empty($CFG->mnet_rpcdebug)) {
+ trigger_error("XMLRPC Payload");
+ trigger_error(print_r($payload,1));
+}
+
+// Parse and action the XML-RPC payload
+$response = mnet_server_dispatch($payload);
+
+/**
+ * Strip the encryption (XML-ENC) and signature (XML-SIG) wrappers and return the XML-RPC payload
+ *
+ * IF COMMUNICATION TAKES PLACE OVER UNENCRYPTED HTTP:
+ * The payload will have been encrypted with a symmetric key. This key will
+ * itself have been encrypted using your public key. The key is decrypted using
+ * your private key, and then used to decrypt the XML payload.
+ *
+ * IF COMMUNICATION TAKES PLACE OVER UNENCRYPTED HTTP *OR* ENCRYPTED HTTPS:
+ * In either case, there will be an XML wrapper which contains your XML-RPC doc
+ * as an object element, a signature for that doc, and various standards-
+ * compliant info to aid in verifying the signature.
+ *
+ * This function parses the encryption wrapper, decrypts the contents, parses
+ * the signature wrapper, and if the signature matches the payload, it returns
+ * the payload, which should be an XML-RPC request.
+ * If there is an error, or the signatures don't match, it echoes an XML-RPC
+ * error and exits.
+ *
+ * See the W3C's {@link http://www.w3.org/TR/xmlenc-core/ XML Encryption Syntax and Processing}
+ * and {@link http://www.w3.org/TR/2001/PR-xmldsig-core-20010820/ XML-Signature Syntax and Processing}
+ * guidelines for more detail on the XML.
+ *
+ * -----XML-Envelope---------------------------------
+ * | |
+ * | Encrypted-Symmetric-key---------------- |
+ * | |_____________________________________| |
+ * | |
+ * | Encrypted data------------------------- |
+ * | | | |
+ * | | -XML-Envelope------------------ | |
+ * | | | | | |
+ * | | | --Signature------------- | | |
+ * | | | |______________________| | | |
+ * | | | | | |
+ * | | | --Signed-Payload-------- | | |
+ * | | | | | | | |
+ * | | | | XML-RPC Request | | | |
+ * | | | |______________________| | | |
+ * | | | | | |
+ * | | |_____________________________| | |
+ * | |_____________________________________| |
+ * | |
+ * |________________________________________________|
+ *
+ * @uses $db
+ * @param string $HTTP_RAW_POST_DATA The XML that the client sent
+ * @return string The XMLRPC payload.
+ */
+function mnet_server_strip_wrappers($HTTP_RAW_POST_DATA) {
+ global $MNET, $MNET_REMOTE_CLIENT;
+ if (isset($_SERVER)) {
+
+ $crypt_parser = new mnet_encxml_parser();
+ $crypt_parser->parse($HTTP_RAW_POST_DATA);
+
+ if ($crypt_parser->payload_encrypted) {
+
+ $key = array_pop($crypt_parser->cipher);
+ $data = array_pop($crypt_parser->cipher);
+
+ $crypt_parser->free_resource();
+
+ // Initialize payload var
+ $payload = '';
+
+ // &$payload
+ $isOpen = openssl_open(base64_decode($data), $payload, base64_decode($key), $MNET->get_private_key());
+
+ if (!$isOpen) {
+ exit(mnet_server_fault(7023, 'encryption-invalid'));
+ }
+
+ if (strpos(substr($payload, 0, 100), '<signedMessage>')) {
+ $MNET_REMOTE_CLIENT->was_signed();
+ $sig_parser = new mnet_encxml_parser();
+ $sig_parser->parse($payload);
+ } else {
+ exit(mnet_server_fault(7022, 'verifysignature-error'));
+ }
+
+ } else {
+ exit(mnet_server_fault(7024, 'payload-not-encrypted'));
+ }
+
+ unset($payload);
+
+ $host_record_exists = $MNET_REMOTE_CLIENT->set_wwwroot($sig_parser->remote_wwwroot);
+
+ if (false == $host_record_exists) {
+ exit(mnet_server_fault(7020, 'wrong-wwwroot', $sig_parser->remote_wwwroot));
+ } elseif (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] != $MNET_REMOTE_CLIENT->ip_address) {
+ exit(mnet_server_fault(7017, 'wrong-ip'));
+ }
+
+ /**
+ * Get the certificate (i.e. public key) from the remote server.
+ */
+ $certificate = $MNET_REMOTE_CLIENT->public_key;
+
+ if ($certificate == false) {
+ exit(mnet_server_fault(709, 'nosuchpublickey'));
+ }
+
+ $payload = base64_decode($sig_parser->data_object);
+
+ // Does the signature match the data and the public cert?
+ $signature_verified = openssl_verify($payload, base64_decode($sig_parser->signature), $certificate);
+ if ($signature_verified == 1) {
+ // Parse the XML
+ } elseif ($signature_verified == 0) {
+ exit(mnet_server_fault(710, 'verifysignature-invalid'));
+ } else {
+ exit(mnet_server_fault(711, 'verifysignature-error'));
+ }
+
+ $sig_parser->free_resource();
+
+ return $payload;
+ } else {
+ exit(mnet_server_fault(712, "phperror"));
+ }
+}
+
+/**
+ * Return the proper XML-RPC content to report an error.
+ *
+ * @param int $code The ID code of the error message
+ * @return string $text The text of the error message
+ */
+function mnet_server_fault($code, $text, $param = null) {
+ if (!is_numeric($code)) {
+ $code = 0;
+ }
+ $code = intval($code);
+
+ $text = get_string($text, 'mnet', $param);
+
+ // Replace illegal XML chars - is this already in a lib somewhere?
+ $text = str_replace(array('<','>','&','"',"'"), array('<','>','&','"','''), $text);
+
+ $return = mnet_server_prepare_response('<?xml version="1.0"?>
+<methodResponse>
+ <fault>
+ <value>
+ <struct>
+ <member>
+ <name>faultCode</name>
+ <value><int>'.$code.'</int></value>
+ </member>
+ <member>
+ <name>faultString</name>
+ <value><string>'.$text.'</string></value>
+ </member>
+ </struct>
+ </value>
+ </fault>
+ </methodResponse>');
+ return $return;
+}
+
+/**
+ * Dummy function for the XML-RPC dispatcher - use to call a method on an object
+ * or to call a function
+ *
+ * Translate XML-RPC's strange function call syntax into a more straightforward
+ * PHP-friendly alternative. This dummy function will be called by the
+ * dispatcher, and can be used to call a method on an object, or just a function
+ *
+ * The methodName argument (eg. mnet/testlib/mnet_concatenate_strings)
+ * is ignored.
+ *
+ * @param string $methodname We discard this - see 'functionname'
+ * @param array $argsarray Each element is an argument to the real
+ * function
+ * @param string $functionname The name of the PHP function you want to call
+ * @return mixed The return value will be that of the real
+ * function, whateber it may be.
+ */
+function mnet_server_dummy_method($methodname, $argsarray, $functionname) {
+ global $MNET_REMOTE_CLIENT;
+
+ if ($MNET_REMOTE_CLIENT->object_to_call == false) {
+ return @call_user_func_array($functionname, $argsarray);
+ } else {
+ return @call_user_method_array($functionname, $MNET_REMOTE_CLIENT->object_to_call, $argsarray);
+ }
+}
+
+/**
+ * Package a response in any required envelope, and return it to the client
+ *
+ * @param string $response The XMLRPC response string
+ * @return string The encoded response string
+ */
+function mnet_server_prepare_response($response) {
+ global $MNET_REMOTE_CLIENT;
+
+ if ($MNET_REMOTE_CLIENT->request_was_signed) {
+ $response = mnet_sign_message($response);
+ }
+
+ if ($MNET_REMOTE_CLIENT->request_was_encrypted) {
+ $response = mnet_encrypt_message($response, $MNET_REMOTE_CLIENT->public_key);
+ }
+
+ return $response;
+}
+
+/**
+ * If security checks are passed, dispatch the request to the function/method
+ *
+ * The config variable 'mnet_dispatcher_mode' can be:
+ * strict: Only execute functions that are in specific files
+ * off: The default - don't execute anything
+ *
+ * @param string $payload The XML-RPC request
+ * @return No return val - just echo the response
+ */
+function mnet_server_dispatch($payload) {
+ global $CFG, $MNET_REMOTE_CLIENT;
+ // xmlrpc_decode_request returns an array of parameters, and the $method
+ // variable (which is passed by reference) is instantiated with the value from
+ // the methodName tag in the xml payload
+ // xmlrpc_decode_request($xml, &$method)
+ $params = xmlrpc_decode_request($payload, $method);
+
+ // $method is something like: "mod/forum/lib/forum_add_instance"
+ // $params is an array of parameters. A parameter might itself be an array.
+
+ // Whitelist characters that are permitted in a method name
+ // The method name must not begin with a / - avoid absolute paths
+ // A dot character . is only allowed in the filename, i.e. something.php
+ if (0 == preg_match("@^[A-Za-z0-9]+/[A-Za-z0-9/_-]+(\.php/)?[A-Za-z0-9_-]+$@",$method)) {
+ exit(mnet_server_fault(713, 'nosuchfunction'));
+ }
+
+ $callstack = explode('/', $method);
+ // callstack will look like array('mod', 'forum', 'lib', 'forum_add_instance');
+
+ /**
+ * What has the site administrator chosen as his dispatcher setting?
+ * strict: Only execute functions that are in specific files
+ * off: The default - don't execute anything
+ */
+ ////////////////////////////////////// OFF
+ if (!isset($CFG->mnet_dispatcher_mode) ) {
+ set_config('mnet_dispatcher_mode', 'off');
+ exit(mnet_server_fault(704, 'nosuchservice'));
+ } elseif ('off' == $CFG->mnet_dispatcher_mode) {
+ exit(mnet_server_fault(704, 'nosuchservice'));
+
+ ////////////////////////////////////// SYSTEM METHODS
+ } elseif ($callstack[0] == 'system') {
+ $functionname = $callstack[1];
+ $xmlrpcserver = xmlrpc_server_create();
+
+ // I'm adding the canonical xmlrpc references here, however we've
+ // already forbidden that the period (.) should be allowed in the call
+ // stack, so if someone tries to access our XMLRPC in the normal way,
+ // they'll already have received a RPC server fault message.
+
+ // Maybe we should allow an easement so that regular XMLRPC clients can
+ // call our system methods, and find out what we have to offer?
+
+ xmlrpc_server_register_method($xmlrpcserver, 'system.listMethods', 'mnet_system');
+ xmlrpc_server_register_method($xmlrpcserver, 'system/listMethods', 'mnet_system');
+
+ xmlrpc_server_register_method($xmlrpcserver, 'system.methodSignature', 'mnet_system');
+ xmlrpc_server_register_method($xmlrpcserver, 'system/methodSignature', 'mnet_system');
+
+ xmlrpc_server_register_method($xmlrpcserver, 'system.methodHelp', 'mnet_system');
+ xmlrpc_server_register_method($xmlrpcserver, 'system/methodHelp', 'mnet_system');
+
+ xmlrpc_server_register_method($xmlrpcserver, 'system.listServices', 'mnet_system');
+ xmlrpc_server_register_method($xmlrpcserver, 'system/listServices', 'mnet_system');
+
+ xmlrpc_server_register_method($xmlrpcserver, 'system.keyswap', 'mnet_keyswap');
+ xmlrpc_server_register_method($xmlrpcserver, 'system/keyswap', 'mnet_keyswap');
+
+ if ($method == 'system.listMethods' ||
+ $method == 'system/listMethods' ||
+ $method == 'system.methodSignature' ||
+ $method == 'system/methodSignature' ||
+ $method == 'system.methodHelp' ||
+ $method == 'system/methodHelp' ||
+ $method == 'system.listServices' ||
+ $method == 'system/listServices' ||
+ $method == 'system.keyswap' ||
+ $method == 'system/keyswap') {
+
+ $response = xmlrpc_server_call_method($xmlrpcserver, $payload, $MNET_REMOTE_CLIENT);
+ $response = mnet_server_prepare_response($response);
+ } else {
+ exit(mnet_server_fault(7018, 'nosuchfunction'));
+ }
+
+ xmlrpc_server_destroy($xmlrpcserver);
+ echo $response;
+ ////////////////////////////////////// STRICT AUTH
+ } elseif ($callstack[0] == 'auth') {
+
+ // Break out the callstack into its elements
+ list($base, $plugin, $filename, $methodname) = $callstack;
+
+ // We refuse to include anything that is not auth.php
+ if ($filename == 'auth.php' && is_enabled_auth($plugin)) {
+ $authclass = 'auth_plugin_'.$plugin;
+ $includefile = '/auth/'.$plugin.'/auth.php';
+ $response = mnet_server_invoke_method($includefile, $methodname, $method, $payload, $authclass);
+ $response = mnet_server_prepare_response($response);
+ echo $response;
+ } else {
+ // Generate error response - unable to locate function
+ exit(mnet_server_fault(702, 'nosuchfunction'));
+ }
+
+ ////////////////////////////////////// STRICT ENROL
+ } elseif ($callstack[0] == 'enrol') {
+
+ // Break out the callstack into its elements
+ list($base, $plugin, $filename, $methodname) = $callstack;
+
+ if ($filename == 'enrol.php' && is_enabled_enrol($plugin)) {
+ $enrolclass = 'enrolment_plugin_'.$plugin;
+ $includefile = '/enrol/'.$plugin.'/enrol.php';
+ $response = mnet_server_invoke_method($includefile, $methodname, $method, $payload, $enrolclass);
+ $response = mnet_server_prepare_response($response);
+ echo $response;
+ } else {
+ // Generate error response - unable to locate function
+ exit(mnet_server_fault(703, 'nosuchfunction'));
+ }
+
+ ////////////////////////////////////// STRICT MOD/*
+ } elseif ($callstack[0] == 'mod' || 'promiscuous' == $CFG->mnet_dispatcher_mode) {
+ list($base, $module, $filename, $functionname) = $callstack;
+
+ ////////////////////////////////////// STRICT MOD/*
+ if ($base == 'mod' && $filename == 'rpclib.php') {
+ $includefile = '/mod/'.$module.'/rpclib.php';
+ $response = mnet_server_invoke_method($includefile, $functionname, $method, $payload);
+ $response = mnet_server_prepare_response($response);
+ echo $response;
+
+ ////////////////////////////////////// PROMISCUOUS
+ } elseif ('promiscuous' == $CFG->mnet_dispatcher_mode && $MNET_REMOTE_CLIENT->plaintext_is_ok()) {
+
+ $functionname = array_pop($callstack);
+ $filename = array_pop($callstack);
+
+ if ($MNET_REMOTE_CLIENT->plaintext_is_ok()) {
+
+ // The call stack holds the path to any include file
+ $includefile = $CFG->dirroot.'/'.implode('/',$callstack).'/'.$filename.'.php';
+
+ $response = mnet_server_invoke_function($includefile, $functionname, $method, $payload);
+ echo $response;
+ }
+
+ } else {
+ // Generate error response - unable to locate function
+ exit(mnet_server_fault(7012, 'nosuchfunction'));
+ }
+
+ } else {
+ // Generate error response - unable to locate function
+ exit(mnet_server_fault(7012, 'nosuchfunction'));
+ }
+}
+
+/**
+ * Execute the system functions - mostly for introspection
+ *
+ * @param string $method XMLRPC method name, e.g. system.listMethods
+ * @param array $params Array of parameters from the XMLRPC request
+ * @param string $hostinfo Hostinfo object from the mnet_host table
+ * @return mixed Response data - any kind of PHP variable
+ */
+function mnet_system($method, $params, $hostinfo) {
+ global $CFG;
+
+ if (empty($hostinfo)) return array();
+
+ $id_list = $hostinfo->id;
+ if (!empty($CFG->mnet_all_hosts_id)) {
+ $id_list .= ', '.$CFG->mnet_all_hosts_id;
+ }
+
+ if ('system.listMethods' == $method || 'system/listMethods' == $method) {
+ if (count($params) == 0) {
+ $query = '
+ SELECT DISTINCT
+ rpc.function_name,
+ rpc.xmlrpc_path,
+ rpc.enabled,
+ rpc.help,
+ rpc.profile
+ FROM
+ '.$CFG->prefix.'mnet_host2service h2s,
+ '.$CFG->prefix.'mnet_service2rpc s2r,
+ '.$CFG->prefix.'mnet_rpc rpc
+ WHERE
+ s2r.rpcid = rpc.id AND
+ h2s.serviceid = s2r.serviceid AND
+ h2s.hostid in ('.$id_list .')
+ ORDER BY
+ rpc.xmlrpc_path ASC';
+
+ } else {
+ $query = '
+ SELECT DISTINCT
+ rpc.function_name,
+ rpc.xmlrpc_path,
+ rpc.enabled,
+ rpc.help,
+ rpc.profile
+ FROM
+ '.$CFG->prefix.'mnet_host2service h2s,
+ '.$CFG->prefix.'mnet_service2rpc s2r,
+ '.$CFG->prefix.'mnet_service svc,
+ '.$CFG->prefix.'mnet_rpc rpc
+ WHERE
+ s2r.rpcid = rpc.id AND
+ h2s.serviceid = s2r.serviceid AND
+ h2s.hostid in ('.$id_list .') AND
+ svc.id = h2s.serviceid AND
+ svc.name = \''.$params[0].'\'
+ ORDER BY
+ rpc.xmlrpc_path ASC';
+
+ }
+ $resultset = array_values(get_records_sql($query));
+ $methods = array();
+ foreach($resultset as $result) {
+ $methods[] = $result->xmlrpc_path;
+ }
+ return $methods;
+ } elseif ('system.methodSignature' == $method || 'system/methodSignature' == $method) {
+ $query = '
+ SELECT DISTINCT
+ rpc.function_name,
+ rpc.xmlrpc_path,
+ rpc.enabled,
+ rpc.help,
+ rpc.profile
+ FROM
+ '.$CFG->prefix.'mnet_host2service h2s,
+ '.$CFG->prefix.'mnet_service2rpc s2r,
+ '.$CFG->prefix.'mnet_rpc rpc
+ WHERE
+ rpc.xmlrpc_path = \''.$params[0].'\' AND
+ s2r.rpcid = rpc.id AND
+ h2s.serviceid = s2r.serviceid AND
+ h2s.hostid in ('.$id_list .')';
+
+ $result = get_records_sql($query);
+ $methodsigs = array();
+
+ if (is_array($result)) {
+ foreach($result as $method) {
+ $methodsigs[] = unserialize($method->profile);
+ }
+ }
+
+ return $methodsigs;
+ } elseif ('system.methodHelp' == $method || 'system/methodHelp' == $method) {
+ $query = '
+ SELECT DISTINCT
+ rpc.function_name,
+ rpc.xmlrpc_path,
+ rpc.enabled,
+ rpc.help,
+ rpc.profile
+ FROM
+ '.$CFG->prefix.'mnet_host2service h2s,
+ '.$CFG->prefix.'mnet_service2rpc s2r,
+ '.$CFG->prefix.'mnet_rpc rpc
+ WHERE
+ rpc.xmlrpc_path = \''.$params[0].'\' AND
+ s2r.rpcid = rpc.id AND
+ h2s.serviceid = s2r.serviceid AND
+ h2s.hostid in ('.$id_list .')';
+
+ $result = get_record_sql($query);
+
+ if (is_object($result)) {
+ return $result->help;
+ }
+ } elseif ('system.listServices' == $method || 'system/listServices' == $method) {
+ $query = '
+ SELECT DISTINCT
+ s.id,
+ s.name,
+ s.apiversion,
+ h2s.publish,
+ h2s.subscribe
+ FROM
+ '.$CFG->prefix.'mnet_host2service h2s,
+ '.$CFG->prefix.'mnet_service s
+ WHERE
+ h2s.serviceid = s.id AND
+ h2s.hostid in ('.$id_list .')
+ ORDER BY
+ s.name ASC';
+
+ $result = get_records_sql($query);
+ $services = array();
+
+ if (is_array($result)) {
+ foreach($result as $service) {
+ $services[] = array('name' => $service->name,
+ 'apiversion' => $service->apiversion,
+ 'publish' => $service->publish,
+ 'subscribe' => $service->subscribe);
+ }
+ }
+
+ return $services;
+ }
+ exit(mnet_server_fault(7019, 'nosuchfunction'));
+}
+
+/**
+ * Initialize the object (if necessary), execute the method or function, and
+ * return the response
+ *
+ * @param string $includefile The file that contains the object definition
+ * @param string $methodname The name of the method to execute
+ * @param string $method The full path to the method
+ * @param string $payload The XML-RPC request payload
+ * @param string $class The name of the class to instantiate (or false)
+ * @return string The XML-RPC response
+ */
+function mnet_server_invoke_method($includefile, $methodname, $method, $payload, $class=false) {
+
+ $permission = mnet_permit_rpc_call($includefile, $methodname, $class);
+
+ if (RPC_NOSUCHFILE == $permission) {
+ // Generate error response - unable to locate function
+ exit(mnet_server_fault(705, 'nosuchfile', $includefile));
+ }
+
+ if (RPC_NOSUCHFUNCTION == $permission) {
+ // Generate error response - unable to locate function
+ exit(mnet_server_fault(706, 'nosuchfunction'));
+ }
+
+ if (RPC_FORBIDDENFUNCTION == $permission) {
+ // Generate error response - unable to locate function
+ exit(mnet_server_fault(707, 'forbidden-function'));
+ }
+
+ if (RPC_NOSUCHCLASS == $permission) {
+ // Generate error response - unable to locate function
+ exit(mnet_server_fault(7013, 'nosuchfunction'));
+ }
+
+ if (RPC_NOSUCHMETHOD == $permission) {
+ // Generate error response - unable to locate function
+ exit(mnet_server_fault(7014, 'nosuchmethod'));
+ }
+
+ if (RPC_NOSUCHFUNCTION == $permission) {
+ // Generate error response - unable to locate function
+ exit(mnet_server_fault(7014, 'nosuchmethod'));
+ }
+
+ if (RPC_FORBIDDENMETHOD == $permission) {
+ // Generate error response - unable to locate function
+ exit(mnet_server_fault(7015, 'nosuchfunction'));
+ }
+
+ if (0 < $permission) {
+ // Generate error response - unable to locate function
+ exit(mnet_server_fault(7019, 'unknownerror'));
+ }
+
+ if (RPC_OK == $permission) {
+ $xmlrpcserver = xmlrpc_server_create();
+ $bool = xmlrpc_server_register_method($xmlrpcserver, $method, 'mnet_server_dummy_method');
+ $response = xmlrpc_server_call_method($xmlrpcserver, $payload, $methodname);
+ $bool = xmlrpc_server_destroy($xmlrpcserver);
+ return $response;
+ }
+}
+
+function mnet_keyswap($function, $params) {
+ global $CFG;
+ $return = array();
+
+ if (!empty($CFG->mnet_register_allhosts)) {
+ $mnet_peer = new mnet_peer();
+ $keyok = $mnet_peer->bootstrap($params[0]);
+ if ($keyok) {
+ $mnet_peer->commit();
+ }
+ }
+ $keypair = mnet_get_keypair();
+ return $keypair['certificate'];
+}
+?>
--- /dev/null
+<?php
+/**
+ * Custom XML parser for signed and/or encrypted XML Docs
+ *
+ * @author Donal McMullan donal@catalyst.net.nz
+ * @version 0.0.1
+ * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
+ * @package mnet
+ */
+
+/**
+ * Custom XML parser class for signed and/or encrypted XML Docs
+ */
+class mnet_encxml_parser {
+ /**
+ * Constructor creates and initialises parser resource and calls initialise
+ *
+ * @return bool True
+ */
+ function mnet_encxml_parser() {
+ return $this->initialise();
+ }
+
+ /**
+ * Set default element handlers and initialise properties to empty.
+ *
+ * @return bool True
+ */
+ function initialise() {
+ $this->parser = xml_parser_create();
+ xml_set_object($this->parser, $this);
+
+ xml_set_element_handler($this->parser, "start_element", "end_element");
+ xml_set_character_data_handler($this->parser, "discard_data");
+
+ $this->tag_number = 0; // Just a unique ID for each tag
+ $this->digest = '';
+ $this->remote_wwwroot = '';
+ $this->signature = '';
+ $this->data_object = '';
+ $this->key_URI = '';
+ $this->payload_encrypted = false;
+ $this->cipher = array();
+ return true;
+ }
+
+ /**
+ * Parse a block of XML text
+ *
+ * The XML Text will be an XML-RPC request which is wrapped in an XML doc
+ * with a signature from the sender. This envelope may be encrypted and
+ * delivered within another XML envelope with a symmetric key. The parser
+ * should first decrypt this XML, and then place the XML-RPC request into
+ * the data_object property, and the signature into the signature property.
+ *
+ * See the W3C's {@link http://www.w3.org/TR/xmlenc-core/ XML Encryption Syntax and Processing}
+ * and {@link http://www.w3.org/TR/2001/PR-xmldsig-core-20010820/ XML-Signature Syntax and Processing}
+ * guidelines for more detail on the XML.
+ *
+ * -----XML-Envelope---------------------------------
+ * | |
+ * | Symmetric-key-------------------------- |
+ * | |_____________________________________| |
+ * | |
+ * | Encrypted data------------------------- |
+ * | | | |
+ * | | -XML-Envelope------------------ | |
+ * | | | | | |
+ * | | | --Signature------------- | | |
+ * | | | |______________________| | | |
+ * | | | | | |
+ * | | | --Signed-Payload-------- | | |
+ * | | | | | | | |
+ * | | | | XML-RPC Request | | | |
+ * | | | |______________________| | | |
+ * | | | | | |
+ * | | |_____________________________| | |
+ * | |_____________________________________| |
+ * | |
+ * |________________________________________________|
+ *
+ * @uses $MNET
+ * @param string $data The XML that you want to parse
+ * @return bool True on success - false on failure
+ */
+ function parse($data) {
+ global $MNET, $MNET_REMOTE_CLIENT;
+
+ $p = xml_parse($this->parser, $data);
+
+ if (count($this->cipher) > 0) {
+ $this->payload_encrypted = true;
+ }
+
+ return (bool)$p;
+ }
+
+ /**
+ * Destroy the parser and free up any related resource.
+ */
+ function free_resource() {
+ $free = xml_parser_free($this->parser);
+ }
+
+ /**
+ * Set the character-data handler to the right function for each element
+ *
+ * For each tag (element) name, this function switches the character-data
+ * handler to the function that handles that element. Note that character
+ * data is referred to the handler in blocks of 1024 bytes.
+ *
+ * @param mixed $parser The XML parser
+ * @param string $name The name of the tag, e.g. method_call
+ * @param array $attrs The tag's attributes (if any exist).
+ * @return bool True
+ */
+ function start_element($parser, $name, $attrs) {
+ $this->tag_number++;
+ $handler = 'discard_data';
+ switch(strtoupper($name)) {
+ case 'DIGESTVALUE':
+ $handler = 'parse_digest';
+ break;
+ case 'SIGNATUREVALUE':
+ $handler = 'parse_signature';
+ break;
+ case 'OBJECT':
+ $handler = 'parse_object';
+ break;
+ case 'RETRIEVALMETHOD':
+ $this->key_URI = $attrs['URI'];
+ break;
+ case 'WWWROOT':
+ $handler = 'parse_wwwroot';
+ break;
+ case 'CIPHERVALUE':
+ $this->cipher[$this->tag_number] = '';
+ $handler = 'parse_cipher';
+ break;
+ default:
+ break;
+ }
+ xml_set_character_data_handler($this->parser, $handler);
+ return true;
+ }
+
+ /**
+ * Add the next chunk of character data to the cipher string for that tag
+ *
+ * The XML parser calls the character-data handler with 1024-character
+ * chunks of data. This means that the handler may be called several times
+ * for a single tag, so we use the concatenate operator (.) to build the
+ * tag content into a string.
+ * We should not encounter more than one of each tag type, except for the
+ * cipher tag. We will often see two of those. We prevent the content of
+ * these two tags being concatenated together by counting each tag, and
+ * using its 'number' as the key to an array of ciphers.
+ *
+ * @param mixed $parser The XML parser
+ * @param string $data The content of the current tag (1024 byte chunk)
+ * @return bool True
+ */
+ function parse_cipher($parser, $data) {
+ $this->cipher[$this->tag_number] .= $data;
+ return true;
+ }
+
+ /**
+ * Add the next chunk of character data to the remote_wwwroot string
+ *
+ * @param mixed $parser The XML parser
+ * @param string $data The content of the current tag (1024 byte chunk)
+ * @return bool True
+ */
+ function parse_wwwroot($parser, $data) {
+ $this->remote_wwwroot .= $data;
+ return true;
+ }
+
+ /**
+ * Add the next chunk of character data to the digest string
+ *
+ * @param mixed $parser The XML parser
+ * @param string $data The content of the current tag (1024 byte chunk)
+ * @return bool True
+ */
+ function parse_digest($parser, $data) {
+ $this->digest .= $data;
+ return true;
+ }
+
+ /**
+ * Add the next chunk of character data to the signature string
+ *
+ * @param mixed $parser The XML parser
+ * @param string $data The content of the current tag (1024 byte chunk)
+ * @return bool True
+ */
+ function parse_signature($parser, $data) {
+ $this->signature .= $data;
+ return true;
+ }
+
+ /**
+ * Add the next chunk of character data to the data_object string
+ *
+ * @param mixed $parser The XML parser
+ * @param string $data The content of the current tag (1024 byte chunk)
+ * @return bool True
+ */
+ function parse_object($parser, $data) {
+ $this->data_object .= $data;
+ return true;
+ }
+
+ /**
+ * Discard the next chunk of character data
+ *
+ * This is used for tags that we're not interested in.
+ *
+ * @param mixed $parser The XML parser
+ * @param string $data The content of the current tag (1024 byte chunk)
+ * @return bool True
+ */
+ function discard_data($parser, $data) {
+ // Not interested
+ return true;
+ }
+
+ /**
+ * Switch the character-data handler to ignore the next chunk of data
+ *
+ * @param mixed $parser The XML parser
+ * @param string $name The name of the tag, e.g. method_call
+ * @return bool True
+ */
+ function end_element($parser, $name) {
+ $ok = xml_set_character_data_handler($this->parser, "discard_data");
+ return true;
+ }
+}
+?>
projects / moodle.git / commitdiff