5 * @author Donal McMullan donal@catalyst.net.nz
7 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
11 // Make certain that config.php doesn't display any errors, and that it doesn't
12 // override our do-not-display-errors setting:
13 // disable moodle specific debug messages and any errors in output
14 define('NO_DEBUG_DISPLAY', true);
15 // cookies are not used, makes sure there is empty global $USER
16 define('NO_MOODLE_COOKIES', true);
18 define('MNET_SERVER', true);
20 require(__DIR__
.'/../../config.php');
22 $mnet = get_mnet_environment();
23 // Include MNET stuff:
24 require_once $CFG->dirroot
.'/mnet/lib.php';
25 require_once $CFG->dirroot
.'/mnet/remote_client.php';
26 require_once $CFG->dirroot
.'/mnet/xmlrpc/serverlib.php';
29 if ($CFG->mnet_dispatcher_mode
=== 'off') {
30 print_error('mnetdisabled', 'mnet');
33 // Content type for output is not html:
34 header('Content-type: text/xml; charset=utf-8');
36 $rawpostdata = file_get_contents("php://input");
37 mnet_debug("RAW POST DATA", 2);
38 mnet_debug($rawpostdata, 2);
40 if (!isset($_SERVER)) {
41 exit(mnet_server_fault(712, get_string('phperror', 'mnet')));
45 // New global variable which ONLY gets set in this server page, so you know that
46 // if you've been called by a remote Moodle, this should be set:
47 $remoteclient = new mnet_remote_client();
48 set_mnet_remote_client($remoteclient);
51 $plaintextmessage = mnet_server_strip_encryption($rawpostdata);
52 $xmlrpcrequest = mnet_server_strip_signature($plaintextmessage);
53 } catch (Exception
$e) {
54 mnet_debug('encryption strip exception thrown: ' . $e->getMessage());
55 exit(mnet_server_fault($e->getCode(), $e->getMessage(), $e->a
));
58 mnet_debug('XMLRPC Payload', 2);
59 mnet_debug($xmlrpcrequest, 2);
61 if($remoteclient->pushkey
== true) {
62 // The peer used one of our older public keys, we will return a
63 // signed/encrypted error message containing our new public key
64 // Sign message with our old key, and encrypt to the peer's private key.
65 mnet_debug('sending back new key');
66 exit(mnet_server_fault_xml(7025, $mnet->public_key
, $remoteclient->useprivatekey
));
68 // Have a peek at what the request would be if we were to process it
69 $params = xmlrpc_decode_request($xmlrpcrequest, $method);
70 mnet_debug("incoming mnet request $method");
72 // One of three conditions need to be met before we continue processing this request:
73 // 1. Request is properly encrypted and signed
74 // 2. Request is for a keyswap (we don't mind enencrypted or unsigned requests for a public key)
75 // 3. Request is properly signed and we're happy with it being unencrypted
76 if ((($remoteclient->request_was_encrypted
== true) && ($remoteclient->signatureok
== true))
77 ||
(($method == 'system.keyswap') ||
($method == 'system/keyswap'))
78 ||
(($remoteclient->signatureok
== true) && ($remoteclient->plaintext_is_ok() == true))) {
80 // main dispatch call. will echo the response directly
81 mnet_server_dispatch($xmlrpcrequest);
82 mnet_debug('exiting cleanly');
84 } catch (Exception
$e) {
85 mnet_debug('dispatch exception thrown: ' . $e->getMessage());
86 exit(mnet_server_fault($e->getCode(), $e->getMessage(), $e->a
));
89 // if we get to here, something is wrong
90 // so detect a few common cases and send appropriate errors
91 if (($remoteclient->request_was_encrypted
== false) && ($remoteclient->plaintext_is_ok() == false)) {
92 mnet_debug('non encrypted request');
93 exit(mnet_server_fault(7021, get_string('forbidden-transport', 'mnet')));
96 if ($remoteclient->request_was_signed
== false) {
97 // Request was not signed
98 mnet_debug('non signed request');
99 exit(mnet_server_fault(711, get_string('verifysignature-error', 'mnet')));
102 if ($remoteclient->signatureok
== false) {
103 // We were unable to verify the signature
104 mnet_debug('non verified signature');
105 exit(mnet_server_fault(710, get_string('verifysignature-invalid', 'mnet')));
107 mnet_debug('unknown error');
108 exit(mnet_server_fault(7000, get_string('unknownerror', 'mnet')));
