mnet/peer.php

   1 <?php
   2 /**
   3  * An object to represent lots of information about an RPC-peer machine
   4  *
   5  * @author  Donal McMullan  donal@catalyst.net.nz
   6  * @version 0.0.1
   7  * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
   8  * @package mnet
   9  */
  10
  11 require_once($CFG->libdir . '/filelib.php'); // download_file_content() used here
  12
  13 class mnet_peer {
  14
  15     /** No SSL verification. */
  16     const SSL_NONE = 0;
  17
  18     /** SSL verification for host. */
  19     const SSL_HOST = 1;
  20
  21     /** SSL verification for host and peer. */
  22     const SSL_HOST_AND_PEER = 2;
  23
  24     var $id                 = 0;
  25     var $wwwroot            = '';
  26     var $ip_address         = '';
  27     var $name               = '';
  28     var $public_key         = '';
  29     var $public_key_expires = 0;
  30     var $last_connect_time  = 0;
  31     var $last_log_id        = 0;
  32     var $force_theme        = 0;
  33     var $theme              = '';
  34     var $applicationid      = 1; // Default of 1 == Moodle
  35     var $keypair            = array();
  36     var $error              = array();
  37     var $bootstrapped       = false; // set when the object is populated
  38
  39     /** @var int $sslverification The level of SSL verification to apply. */
  40     public $sslverification = self::SSL_HOST_AND_PEER;
  41
  42     /** @var int deleted status. */
  43     public $deleted;
  44
  45     /** @var stdClass data from mnet_application table in DB. */
  46     public $application;
  47
  48     /**
  49      * Current SSL public key
  50      *
  51      * MNet need to compare the remote machine's SSL Cert and the public key to warn users of any mismatch.
  52      * The property is the remote machine's SSL Cert.
  53      *
  54      * @see admin/mnet/peers.php
  55      * @var string
  56      */
  57     public $currentkey;
  58
  59     /*
  60      * Fetch information about a peer identified by wwwroot
  61      * If information does not preexist in db, collect it together based on
  62      * supplied information
  63      *
  64      * @param string $wwwroot - address of peer whose details we want
  65      * @param string $pubkey - to use if we add a record to db for new peer
  66      * @param int $application - table id - what kind of peer are we talking to
  67      * @return bool - indication of success or failure
  68      */
  69     function bootstrap($wwwroot, $pubkey, $application) {
  70         global $DB;
  71
  72         if (substr($wwwroot, -1, 1) == '/') {
  73             $wwwroot = substr($wwwroot, 0, -1);
  74         }
  75
  76         // If a peer record already exists for this address,
  77         // load that info and return
  78         if ($this->set_wwwroot($wwwroot)) {
  79             return true;
  80         }
  81
  82         $hostname = mnet_get_hostname_from_uri($wwwroot);
  83         // Get the IP address for that host - if this fails, it will return the hostname string
  84         $ip_address = gethostbyname($hostname);
  85
  86         // Couldn't find the IP address?
  87         if ($ip_address === $hostname && !preg_match('/^\d+\.\d+\.\d+.\d+$/',$hostname)) {
  88             throw new moodle_exception('noaddressforhost', 'mnet', '', $hostname);
  89         }
  90
  91         $this->name = $wwwroot;
  92
  93         // TODO: In reality, this will be prohibitively slow... need another
  94         // default - maybe blank string
  95         $homepage = download_file_content($wwwroot);
  96         if (!empty($homepage)) {
  97             $count = preg_match("@<title>(.*)</title>@siU", $homepage, $matches);
  98             if ($count > 0) {
  99                 $this->name = $matches[1];
 100             }
 101         }
 102
 103         $this->wwwroot              = $wwwroot;
 104         $this->ip_address           = $ip_address;
 105         $this->deleted              = 0;
 106
 107         $this->application = $DB->get_record('mnet_application', array('name'=>$application));
 108         if (empty($this->application)) {
 109             $this->application = $DB->get_record('mnet_application', array('name'=>'moodle'));
 110         }
 111
 112         $this->applicationid = $this->application->id;
 113
 114         if(empty($pubkey)) {
 115             $this->public_key           = clean_param(mnet_get_public_key($this->wwwroot, $this->application), PARAM_PEM);
 116         } else {
 117             $this->public_key           = clean_param($pubkey, PARAM_PEM);
 118         }
 119         $this->public_key_expires   = $this->check_common_name($this->public_key);
 120         $this->last_connect_time    = 0;
 121         $this->last_log_id          = 0;
 122         if ($this->public_key_expires == false) {
 123             $this->public_key == '';
 124             return false;
 125         }
 126         $this->bootstrapped = true;
 127         return true;
 128     }
 129
 130     /*
 131      * Delete mnet peer
 132      * the peer is marked as deleted in the database
 133      * we delete current sessions.
 134      * @return bool - success
 135      */
 136     function delete() {
 137         global $DB;
 138
 139         if ($this->deleted) {
 140             return true;
 141         }
 142
 143         $this->delete_all_sessions();
 144
 145         $this->deleted = 1;
 146         return $this->commit();
 147     }
 148
 149     function count_live_sessions() {
 150         global $DB;
 151         $obj = $this->delete_expired_sessions();
 152         return $DB->count_records('mnet_session', array('mnethostid'=>$this->id));
 153     }
 154
 155     function delete_expired_sessions() {
 156         global $DB;
 157         $now = time();
 158         return $DB->delete_records_select('mnet_session', " mnethostid = ? AND expires < ? ", array($this->id, $now));
 159     }
 160
 161     function delete_all_sessions() {
 162         global $CFG, $DB;
 163         // TODO: Expires each PHP session individually
 164         $sessions = $DB->get_records('mnet_session', array('mnethostid'=>$this->id));
 165
 166         if (count($sessions) > 0 && file_exists($CFG->dirroot.'/auth/mnet/auth.php')) {
 167             require_once($CFG->dirroot.'/auth/mnet/auth.php');
 168             $auth = new auth_plugin_mnet();
 169             $auth->end_local_sessions($sessions);
 170         }
 171
 172         $deletereturn = $DB->delete_records('mnet_session', array('mnethostid'=>$this->id));
 173         return true;
 174     }
 175
 176     function check_common_name($key) {
 177         $credentials = $this->check_credentials($key);
 178         return $credentials['validTo_time_t'];
 179     }
 180
 181     function check_credentials($key) {
 182         $credentials = openssl_x509_parse($key);
 183         if ($credentials == false) {
 184             $this->error[] = array('code' => 3, 'text' => get_string("nonmatchingcert", 'mnet', array('subject' => '','host' => '')));
 185             return false;
 186         } elseif (array_key_exists('subjectAltName', $credentials['subject']) && $credentials['subject']['subjectAltName'] != $this->wwwroot) {
 187             $a['subject'] = $credentials['subject']['subjectAltName'];
 188             $a['host'] = $this->wwwroot;
 189             $this->error[] = array('code' => 5, 'text' => get_string("nonmatchingcert", 'mnet', $a));
 190             return false;
 191         } else if ($credentials['subject']['CN'] !== substr($this->wwwroot, 0, 64)) {
 192             $a['subject'] = $credentials['subject']['CN'];
 193             $a['host'] = $this->wwwroot;
 194             $this->error[] = array('code' => 4, 'text' => get_string("nonmatchingcert", 'mnet', $a));
 195             return false;
 196         } else {
 197             if (array_key_exists('subjectAltName', $credentials['subject'])) {
 198                 $credentials['wwwroot'] = $credentials['subject']['subjectAltName'];
 199             } else {
 200                 $credentials['wwwroot'] = $credentials['subject']['CN'];
 201             }
 202             return $credentials;
 203         }
 204     }
 205
 206     function commit() {
 207         global $DB;
 208         $obj = new stdClass();
 209
 210         $obj->wwwroot               = $this->wwwroot;
 211         $obj->ip_address            = $this->ip_address;
 212         $obj->name                  = $this->name;
 213         $obj->public_key            = $this->public_key;
 214         $obj->public_key_expires    = $this->public_key_expires;
 215         $obj->deleted               = $this->deleted;
 216         $obj->last_connect_time     = $this->last_connect_time;
 217         $obj->last_log_id           = $this->last_log_id;
 218         $obj->force_theme           = $this->force_theme;
 219         $obj->theme                 = $this->theme;
 220         $obj->applicationid         = $this->applicationid;
 221         $obj->sslverification       = $this->sslverification;
 222
 223         if (isset($this->id) && $this->id > 0) {
 224             $obj->id = $this->id;
 225             return $DB->update_record('mnet_host', $obj);
 226         } else {
 227             $this->id = $DB->insert_record('mnet_host', $obj);
 228             return $this->id > 0;
 229         }
 230     }
 231
 232     function touch() {
 233         $this->last_connect_time = time();
 234         $this->commit();
 235     }
 236
 237     function set_name($newname) {
 238         if (is_string($newname) && strlen($newname <= 80)) {
 239             $this->name = $newname;
 240             return true;
 241         }
 242         return false;
 243     }
 244
 245     function set_applicationid($applicationid) {
 246         if (is_numeric($applicationid) && $applicationid == intval($applicationid)) {
 247             $this->applicationid = $applicationid;
 248             return true;
 249         }
 250         return false;
 251     }
 252
 253     /**
 254      * Load information from db about an mnet peer into this object's properties
 255      *
 256      * @param string $wwwroot - address of peer whose details we want to load
 257      * @return bool - indication of success or failure
 258      */
 259     function set_wwwroot($wwwroot) {
 260         global $CFG, $DB;
 261
 262         $hostinfo = $DB->get_record('mnet_host', array('wwwroot'=>$wwwroot));
 263
 264         if ($hostinfo != false) {
 265             $this->populate($hostinfo);
 266             return true;
 267         }
 268         return false;
 269     }
 270
 271     function set_id($id) {
 272         global $CFG, $DB;
 273
 274         if (clean_param($id, PARAM_INT) != $id) {
 275             $this->error[] = ['code' => 1, 'text' => 'Your id ('.$id.') is not legal'];
 276             return false;
 277         }
 278
 279         $sql = "
 280                 SELECT
 281                     h.*
 282                 FROM
 283                     {mnet_host} h
 284                 WHERE
 285                     h.id = ?";
 286
 287         if ($hostinfo = $DB->get_record_sql($sql, array($id))) {
 288             $this->populate($hostinfo);
 289             return true;
 290         }
 291         return false;
 292     }
 293
 294     /**
 295      * Several methods can be used to get an 'mnet_host' record. They all then
 296      * send it to this private method to populate this object's attributes.
 297      *
 298      * @param   object  $hostinfo   A database record from the mnet_host table
 299      * @return  void
 300      */
 301     function populate($hostinfo) {
 302         global $DB;
 303         $this->id                   = $hostinfo->id;
 304         $this->wwwroot              = $hostinfo->wwwroot;
 305         $this->ip_address           = $hostinfo->ip_address;
 306         $this->name                 = $hostinfo->name;
 307         $this->deleted              = $hostinfo->deleted;
 308         $this->public_key           = $hostinfo->public_key;
 309         $this->public_key_expires   = $hostinfo->public_key_expires;
 310         $this->last_connect_time    = $hostinfo->last_connect_time;
 311         $this->last_log_id          = $hostinfo->last_log_id;
 312         $this->force_theme          = $hostinfo->force_theme;
 313         $this->theme                = $hostinfo->theme;
 314         $this->applicationid        = $hostinfo->applicationid;
 315         $this->sslverification      = $hostinfo->sslverification;
 316         $this->application = $DB->get_record('mnet_application', array('id'=>$this->applicationid));
 317         $this->bootstrapped = true;
 318     }
 319
 320     /**
 321      * Get public key.
 322      *
 323      * @deprecated since Moodle 4.3
 324      * @todo MDL-78304 Final deprecation.
 325      */
 326     function get_public_key() {
 327         debugging('Function get_public_key() is deprecated.', DEBUG_DEVELOPER);
 328         if (isset($this->public_key_ref)) return $this->public_key_ref;
 329         $this->public_key_ref = openssl_pkey_get_public($this->public_key);
 330         return $this->public_key_ref;
 331     }
 332 }