public function kill_parent($username) { require_once get_config('docroot') . 'api/xmlrpc/client.php'; // For some people, the call to kill_children fails (when the remote // site is a Moodle). We still haven't worked out why that is, but it's // not a problem on the Mahara site try { $client = new Client(); $client->set_method('auth/mnet/auth.php/kill_children')->add_param($username)->add_param(sha1($_SERVER['HTTP_USER_AGENT']))->send($this->wwwroot); } catch (XmlrpcClientException $e) { log_debug("XMLRPC error occurred while calling MNET method kill_children on {$this->wwwroot}"); log_debug("This means that single-signout probably didn't work properly, but the problem " . "is at the remote application"); log_debug("If the remote application is Moodle, you are likely a victim of " . "http://tracker.moodle.org/browse/MDL-16872 - try applying the attached patch to fix the issue"); log_debug("Exception message follows:"); log_debug($e->getMessage()); } }
/** * Check that the signature has been signed by the remote host. */ function xmldsig_envelope_strip(&$xml) { $signature = base64_decode($xml->Signature->SignatureValue); $payload = base64_decode($xml->object); $wwwroot = (string) $xml->wwwroot; $timestamp = $xml->timestamp; $peer = get_peer($wwwroot); // Does the signature match the data and the public cert? $signature_verified = openssl_verify($payload, $signature, $peer->certificate); if ($signature_verified == 0) { // Maybe the remote host is using a new key? // Make a dummy request so we'll be given a new key log_info("Signature verification for message from {$wwwroot} failed, checking to see if they have a new signature for us"); require_once get_config('docroot') . 'api/xmlrpc/client.php'; $client = new Client(); $client->set_method('system/listServices')->send($wwwroot); // Now use the new key and re-try verification $peer = get_peer($wwwroot, false); $signature_verified = openssl_verify($payload, $signature, $peer->certificate); } if ($signature_verified == 1) { // Parse the XML try { $xml = new SimpleXMLElement($payload); return $payload; } catch (Exception $e) { throw new MaharaException('Signed payload is not a valid XML document', 6007); } } throw new MaharaException('An error occurred while trying to verify your message signature', 6004); }
public function prepare_files() { require_once get_config('docroot') . 'api/xmlrpc/client.php'; $client = new Client(); try { $client->set_method('portfolio/mahara/lib.php/fetch_file')->add_param($this->token)->send($this->host->wwwroot); } catch (XmlrpcClientException $e) { throw new ImportException('Failed to retrieve zipfile from remote server: ' . $e->getMessage()); } if (!($filecontents = base64_decode($client->response))) { throw new ImportException('Failed to retrieve zipfile from remote server'); } $this->relativepath = 'temp/import/' . $this->importer->get('id') . '/'; if ($tmpdir = get_config('unziptempdir')) { $this->tempdir = $tmpdir . $this->relativepath; } else { $this->tempdir = get_config('dataroot') . $this->relativepath; } if (!check_dir_exists($this->tempdir)) { throw new ImportException('Failed to create the temporary directories to work in'); } $this->zipfilename = 'import.zip'; if (!file_put_contents($this->tempdir . $this->zipfilename, $filecontents)) { throw new ImportException('Failed to write out the zipfile to local temporary storage'); } }
/** * retrieves the files from the remote host */ public function prepare_files() { if (empty($this->importer)) { throw new ImportException(null, 'Failed to initialise XMLRPC file retrieval - no importer object'); } $this->prepare_tempdir(); $this->token = $this->importer->get('token'); require_once get_config('docroot') . 'api/xmlrpc/client.php'; $client = new Client(); try { $client->set_method('portfolio/mahara/lib.php/fetch_file')->add_param($this->token)->send($this->host->wwwroot); } catch (XmlrpcClientException $e) { throw new ImportException($this->importer, 'Failed to retrieve zipfile from remote server: ' . $e->getMessage()); } if (!($filecontents = base64_decode($client->response))) { throw new ImportException($this->importer, 'Failed to retrieve zipfile from remote server'); } $this->importfilename = 'import.zip'; $this->importfile = $this->tempdir . $this->importfilename; if (!file_put_contents($this->tempdir . $this->importfilename, $filecontents)) { throw new ImportException($this->importer, 'Failed to write out the zipfile to local temporary storage'); } // detect the filetype and bail if it's not a zip file safe_require('artefact', 'file'); require_once 'file.php'; $ziptypes = PluginArtefactFile::get_mimetypes_from_description('zip'); $this->mimetype = file_mime_type($this->tempdir . $this->importfilename); if (!in_array($this->mimetype, $ziptypes)) { throw new ImportException($this->importer, 'Not a valid zipfile - mimetype was ' . $this->mimetype); } }
public function kill_parent($username) { require_once get_config('docroot') . 'api/xmlrpc/client.php'; // For some people, the call to kill_children fails (when the remote // site is a Moodle). We still haven't worked out why that is, but it's // not a problem on the Mahara site try { $client = new Client(); $client->set_method('auth/mnet/auth.php/kill_children')->add_param($username)->add_param(sha1($_SERVER['HTTP_USER_AGENT']))->send($this->wwwroot); } catch (XmlrpcClientException $e) { log_debug("XMLRPC error occured while calling MNET method kill_children on {$this->wwwroot}"); log_debug("This means that single-signout probably didn't work properly, but the problem " . "is at the remote application"); log_debug("If the remote application is Moodle, and you're happy with a Mahara developer " . "getting access to your system so they can try and debug the problem, get in touch with dev@mahara.org"); log_debug("Exception message follows:"); log_debug($e->getMessage()); } }