print_error('mnetdisabled', 'mnet');
}
// Content type for output is not html:
header('Content-type: text/xml; charset=utf-8');
$rawpostdata = file_get_contents("php://input");
mnet_debug("RAW POST DATA", 2);
mnet_debug($rawpostdata, 2);
if (!isset($_SERVER)) {
exit(mnet_server_fault(712, get_string('phperror', 'mnet')));
}
// New global variable which ONLY gets set in this server page, so you know that
// if you've been called by a remote Moodle, this should be set:
$remoteclient = new mnet_remote_client();
set_mnet_remote_client($remoteclient);
try {
$plaintextmessage = mnet_server_strip_encryption($rawpostdata);
$xmlrpcrequest = mnet_server_strip_signature($plaintextmessage);
} catch (Exception $e) {
mnet_debug('encryption strip exception thrown: ' . $e->getMessage());
exit(mnet_server_fault($e->getCode(), $e->getMessage(), $e->a));
}
mnet_debug('XMLRPC Payload', 2);
mnet_debug($xmlrpcrequest, 2);
if ($remoteclient->pushkey == true) {
// The peer used one of our older public keys, we will return a
// signed/encrypted error message containing our new public key
// Sign message with our old key, and encrypt to the peer's private key.
mnet_debug('sending back new key');
exit(mnet_server_fault_xml(7025, $mnet->public_key, $remoteclient->useprivatekey));
}
// Have a peek at what the request would be if we were to process it
// PHP 5.2.2: $HTTP_RAW_POST_DATA not populated bug:
// http://bugs.php.net/bug.php?id=41293
if (empty($HTTP_RAW_POST_DATA)) {
$HTTP_RAW_POST_DATA = file_get_contents('php://input');
}
if (!empty($CFG->mnet_rpcdebug)) {
trigger_error("HTTP_RAW_POST_DATA");
trigger_error($HTTP_RAW_POST_DATA);
}
if (!isset($_SERVER)) {
exit(mnet_server_fault(712, "phperror"));
}
// New global variable which ONLY gets set in this server page, so you know that
// if you've been called by a remote Moodle, this should be set:
$MNET_REMOTE_CLIENT = new mnet_remote_client();
$plaintextmessage = mnet_server_strip_encryption($HTTP_RAW_POST_DATA);
$xmlrpcrequest = mnet_server_strip_signature($plaintextmessage);
if ($MNET_REMOTE_CLIENT->pushkey == true) {
// The peer used one of our older public keys, we will return a
// signed/encrypted error message containing our new public key
// Sign message with our old key, and encrypt to the peer's private key.
exit(mnet_server_fault_xml(7025, $MNET->public_key, $MNET_REMOTE_CLIENT->useprivatekey));
}
// Have a peek at what the request would be if we were to process it
$params = xmlrpc_decode_request($xmlrpcrequest, $method);
// One of three conditions need to be met before we continue processing this request:
// 1. Request is properly encrypted and signed
// 2. Request is for a keyswap (we don't mind enencrypted or unsigned requests for a public key)
// 3. Request is properly signed and we're happy with it being unencrypted
if ($MNET_REMOTE_CLIENT->request_was_encrypted == true && $MNET_REMOTE_CLIENT->signatureok == true || ($method == 'system.keyswap' || $method == 'system/keyswap') || $MNET_REMOTE_CLIENT->signatureok == true && $MNET_REMOTE_CLIENT->plaintext_is_ok() == true) {
$response = mnet_server_dispatch($xmlrpcrequest);