| 1 |
efrain |
1 |
<?php
|
|
|
2 |
/**
|
|
|
3 |
* An object to represent lots of information about an RPC-peer machine
|
|
|
4 |
*
|
|
|
5 |
* @author Donal McMullan donal@catalyst.net.nz
|
|
|
6 |
* @version 0.0.1
|
|
|
7 |
* @license http://www.gnu.org/copyleft/gpl.html GNU Public License
|
|
|
8 |
* @package mnet
|
|
|
9 |
*/
|
|
|
10 |
|
|
|
11 |
class mnet_remote_client extends mnet_peer {
|
|
|
12 |
|
|
|
13 |
// If the remote client is trying to execute a method on an object instead
|
|
|
14 |
// of just a function, we'll instantiate the proper class and store it in
|
|
|
15 |
// this 'object_to_call' property, or 'static_location' if it wants to be called statically
|
|
|
16 |
var $object_to_call = false;
|
|
|
17 |
var $static_location = false;
|
|
|
18 |
var $request_was_encrypted = false;
|
|
|
19 |
var $request_was_signed = false;
|
|
|
20 |
var $signatureok = false; // True if we have successfully verified that the request was signed by an established peer
|
|
|
21 |
var $pushkey = false; // True if we need to tell the remote peer about our current public key
|
|
|
22 |
var $useprivatekey = ''; // The private key we should use to sign pushkey response
|
|
|
23 |
|
|
|
24 |
function was_encrypted() {
|
|
|
25 |
$this->request_was_encrypted = true;
|
|
|
26 |
}
|
|
|
27 |
|
|
|
28 |
/* Record private key to use in pushkey response
|
|
|
29 |
* Called when we have decrypted a request using an old (but still acceptable) keypair
|
|
|
30 |
* @param $keyresource the private key we should use to sign the response.
|
|
|
31 |
*/
|
|
|
32 |
function encrypted_to($keyresource) {
|
|
|
33 |
$this->useprivatekey = $keyresource;
|
|
|
34 |
}
|
|
|
35 |
|
|
|
36 |
function set_pushkey() {
|
|
|
37 |
$this->pushkey = true;
|
|
|
38 |
}
|
|
|
39 |
|
|
|
40 |
function was_signed() {
|
|
|
41 |
$this->request_was_signed = true;
|
|
|
42 |
}
|
|
|
43 |
|
|
|
44 |
function signature_verified() {
|
|
|
45 |
$this->signatureok = true;
|
|
|
46 |
}
|
|
|
47 |
|
|
|
48 |
function object_to_call($object) {
|
|
|
49 |
$this->object_to_call = $object;
|
|
|
50 |
}
|
|
|
51 |
|
|
|
52 |
function static_location($location) {
|
|
|
53 |
$this->static_location = $location;
|
|
|
54 |
}
|
|
|
55 |
|
|
|
56 |
function plaintext_is_ok() {
|
|
|
57 |
global $CFG;
|
|
|
58 |
|
|
|
59 |
$trusted_hosts = explode(',', get_config('mnet', 'mnet_trusted_hosts'));
|
|
|
60 |
|
|
|
61 |
foreach($trusted_hosts as $host) {
|
|
|
62 |
if (address_in_subnet(getremoteaddr(), $host)) {
|
|
|
63 |
return true;
|
|
|
64 |
}
|
|
|
65 |
}
|
|
|
66 |
|
|
|
67 |
return false;
|
|
|
68 |
}
|
|
|
69 |
|
|
|
70 |
function refresh_key() {
|
|
|
71 |
mnet_debug("remote client refreshing key");
|
|
|
72 |
global $CFG;
|
|
|
73 |
// set up an RPC request
|
|
|
74 |
require_once $CFG->dirroot.'/mnet/xmlrpc/client.php';
|
|
|
75 |
$mnetrequest = new mnet_xmlrpc_client();
|
|
|
76 |
// Use any method - listServices is pretty lightweight.
|
|
|
77 |
$mnetrequest->set_method('system/listServices');
|
|
|
78 |
|
|
|
79 |
// Do RPC call and store response
|
|
|
80 |
if ($mnetrequest->send($this) === true) {
|
|
|
81 |
mnet_debug("refresh key request complete");
|
|
|
82 |
// Ok - we actually don't care about the result
|
|
|
83 |
$temp = new mnet_peer();
|
|
|
84 |
$temp->set_id($this->id);
|
|
|
85 |
if($this->public_key != $temp->public_key) {
|
|
|
86 |
$newkey = clean_param($temp->public_key, PARAM_PEM);
|
|
|
87 |
if(!empty($newkey)) {
|
|
|
88 |
$this->public_key = $newkey;
|
|
|
89 |
return true;
|
|
|
90 |
}
|
|
|
91 |
}
|
|
|
92 |
}
|
|
|
93 |
return false;
|
|
|
94 |
}
|
|
|
95 |
}
|