Merge branch 'MDL-80638-main' of https://github.com/laurentdavid/moodle
[moodle.git] / mnet / environment.php
blobb9f64b58cd2fe05a90dedd249d10889d4fd506cf
1 <?php
2 /**
3 * Info about the local environment, wrt RPC
5 * This should really be a singleton. A PHP5 Todo I guess.
6 */
8 class mnet_environment {
10 var $id = 0;
11 var $wwwroot = '';
12 var $ip_address = '';
13 var $public_key = '';
14 var $public_key_expires = 0;
15 var $last_connect_time = 0;
16 var $last_log_id = 0;
17 var $keypair = array();
18 var $deleted = 0;
20 /** @var string mnet host name. */
21 public $name;
23 /** @var int mnet host transport. */
24 public $transport;
26 /** @var int mnet host port number. */
27 public $portno;
29 /** @var int mnet host force theme. */
30 public $force_theme;
32 /** @var string mnet host theme. */
33 public $theme;
35 /** @var int mnet host application ID. */
36 public $applicationid;
38 /** @var int mnet host SSL verification. */
39 public $sslverification;
41 function init() {
42 global $CFG, $DB;
44 // Bootstrap the object data on first load.
45 if (!$hostobject = $DB->get_record('mnet_host', array('id'=>$CFG->mnet_localhost_id))) {
46 return false;
48 $temparr = get_object_vars($hostobject);
49 foreach($temparr as $key => $value) {
50 $this->$key = $value;
52 unset($hostobject, $temparr);
54 // Unless this is an install/upgrade, generate the SSL keys.
55 if (empty($this->public_key)) {
56 $this->get_keypair();
59 // We need to set up a record that represents 'all hosts'. Any rights
60 // granted to this host will be conferred on all hosts.
61 if (empty($CFG->mnet_all_hosts_id) ) {
62 $hostobject = new stdClass();
63 $hostobject->wwwroot = '';
64 $hostobject->ip_address = '';
65 $hostobject->public_key = '';
66 $hostobject->public_key_expires = 0;
67 $hostobject->last_connect_time = 0;
68 $hostobject->last_log_id = 0;
69 $hostobject->deleted = 0;
70 $hostobject->name = 'All Hosts';
72 $hostobject->id = $DB->insert_record('mnet_host',$hostobject);
73 set_config('mnet_all_hosts_id', $hostobject->id);
74 $CFG->mnet_all_hosts_id = $hostobject->id;
75 unset($hostobject);
79 function get_keypair() {
80 global $DB, $CFG;
82 // We don't generate keys on install/upgrade because we want the USER
83 // record to have an email address, city and country already.
84 if (during_initial_install()) return true;
85 if ($CFG->mnet_dispatcher_mode == 'off') return true;
86 if (!extension_loaded("openssl")) return true;
87 if (!empty($this->keypair)) return true;
89 $this->keypair = array();
90 $keypair = get_config('mnet', 'openssl');
92 if (!empty($keypair)) {
93 // Explode/Implode is faster than Unserialize/Serialize
94 list($this->keypair['certificate'], $this->keypair['keypair_PEM']) = explode('@@@@@@@@', $keypair);
97 if ($this->public_key_expires <= time()) {
98 // Key generation/rotation
100 // 1. Archive the current key (if there is one).
101 $result = get_config('mnet', 'openssl_history');
102 if(empty($result)) {
103 set_config('openssl_history', serialize(array()), 'mnet');
104 $openssl_history = array();
105 } else {
106 $openssl_history = unserialize($result);
109 if(count($this->keypair)) {
110 $this->keypair['expires'] = $this->public_key_expires;
111 array_unshift($openssl_history, $this->keypair);
114 // 2. How many old keys do we want to keep? Use array_slice to get
115 // rid of any we don't want
116 $openssl_generations = get_config('mnet', 'openssl_generations');
117 if(empty($openssl_generations)) {
118 set_config('openssl_generations', 3, 'mnet');
119 $openssl_generations = 3;
122 if(count($openssl_history) > $openssl_generations) {
123 $openssl_history = array_slice($openssl_history, 0, $openssl_generations);
126 set_config('openssl_history', serialize($openssl_history), 'mnet');
128 // 3. Generate fresh keys
129 $this->replace_keys();
131 return true;
134 function replace_keys() {
135 global $DB, $CFG;
137 $keypair = mnet_generate_keypair();
138 if (empty($keypair)) {
139 error_log('Can not generate keypair, sorry');
140 return;
143 $this->keypair = array();
144 $this->keypair = $keypair;
145 $this->public_key = $this->keypair['certificate'];
146 $details = openssl_x509_parse($this->public_key);
147 $this->public_key_expires = $details['validTo_time_t'];
149 $this->wwwroot = $CFG->wwwroot;
150 if (empty($_SERVER['SERVER_ADDR'])) {
151 // SERVER_ADDR is only returned by Apache-like webservers
152 $my_hostname = mnet_get_hostname_from_uri($CFG->wwwroot);
153 $my_ip = gethostbyname($my_hostname); // Returns unmodified hostname on failure. DOH!
154 if ($my_ip == $my_hostname) {
155 $this->ip_address = 'UNKNOWN';
156 } else {
157 $this->ip_address = $my_ip;
159 } else {
160 $this->ip_address = $_SERVER['SERVER_ADDR'];
163 set_config('openssl', implode('@@@@@@@@', $this->keypair), 'mnet');
165 $DB->update_record('mnet_host', $this);
166 error_log('New public key has been generated. It expires ' . date('Y/m/d h:i:s', $this->public_key_expires));
169 function get_private_key() {
170 if (empty($this->keypair)) $this->get_keypair();
171 return openssl_pkey_get_private($this->keypair['keypair_PEM']);
174 function get_public_key() {
175 if (!isset($this->keypair)) $this->get_keypair();
176 return openssl_pkey_get_public($this->keypair['certificate']);