/mnet/environment.php

https://github.com/sbourget/moodle · PHP · 167 lines · 122 code · 26 blank · 19 comment · 27 complexity · a0ea90dc6b89df0df29ca16b2e2c3cd8 MD5 · raw file 

    

  1. <?php
    2. 

  2. /**
    3. 

  3.  * Info about the local environment, wrt RPC
    4. 

  4.  *
    5. 

  5.  * This should really be a singleton. A PHP5 Todo I guess.
    6. 

  6.  */
    7. 

  7. 

  8. class mnet_environment {
    9. 

  9. 

  10.     var $id                 = 0;
    11. 

  11.     var $wwwroot            = '';
    12. 

  12.     var $ip_address         = '';
    13. 

  13.     var $public_key         = '';
    14. 

  14.     var $public_key_expires = 0;
    15. 

  15.     var $last_connect_time  = 0;
    16. 

  16.     var $last_log_id        = 0;
    17. 

  17.     var $keypair            = array();
    18. 

  18.     var $deleted            = 0;
    19. 

  19. 

  20.     function init() {
    21. 

  21.         global $CFG, $DB;
    22. 

  22. 

  23.         // Bootstrap the object data on first load.
    24. 

  24.         if (!$hostobject = $DB->get_record('mnet_host', array('id'=>$CFG->mnet_localhost_id))) {
    25. 

  25.             return false;
    26. 

  26.         }
    27. 

  27.         $temparr = get_object_vars($hostobject);
    28. 

  28.         foreach($temparr as $key => $value) {
    29. 

  29.             $this->$key = $value;
    30. 

  30.         }
    31. 

  31.         unset($hostobject, $temparr);
    32. 

  32. 

  33.         // Unless this is an install/upgrade, generate the SSL keys.
    34. 

  34.         if (empty($this->public_key)) {
    35. 

  35.             $this->get_keypair();
    36. 

  36.         }
    37. 

  37. 

  38.         // We need to set up a record that represents 'all hosts'. Any rights
    39. 

  39.         // granted to this host will be conferred on all hosts.
    40. 

  40.         if (empty($CFG->mnet_all_hosts_id) ) {
    41. 

  41.             $hostobject                     = new stdClass();
    42. 

  42.             $hostobject->wwwroot            = '';
    43. 

  43.             $hostobject->ip_address         = '';
    44. 

  44.             $hostobject->public_key         = '';
    45. 

  45.             $hostobject->public_key_expires = 0;
    46. 

  46.             $hostobject->last_connect_time  = 0;
    47. 

  47.             $hostobject->last_log_id        = 0;
    48. 

  48.             $hostobject->deleted            = 0;
    49. 

  49.             $hostobject->name               = 'All Hosts';
    50. 

  50. 

  51.             $hostobject->id = $DB->insert_record('mnet_host',$hostobject);
    52. 

  52.             set_config('mnet_all_hosts_id', $hostobject->id);
    53. 

  53.             $CFG->mnet_all_hosts_id = $hostobject->id;
    54. 

  54.             unset($hostobject);
    55. 

  55.         }
    56. 

  56.     }
    57. 

  57. 

  58.     function get_keypair() {
    59. 

  59.         global $DB, $CFG;
    60. 

  60. 

  61.         // We don't generate keys on install/upgrade because we want the USER
    62. 

  62.         // record to have an email address, city and country already.
    63. 

  63.         if (during_initial_install()) return true;
    64. 

  64.         if ($CFG->mnet_dispatcher_mode == 'off') return true;
    65. 

  65.         if (!extension_loaded("openssl")) return true;
    66. 

  66.         if (!empty($this->keypair)) return true;
    67. 

  67. 

  68.         $this->keypair = array();
    69. 

  69.         $keypair = get_config('mnet', 'openssl');
    70. 

  70. 

  71.         if (!empty($keypair)) {
    72. 

  72.             // Explode/Implode is faster than Unserialize/Serialize
    73. 

  73.             list($this->keypair['certificate'], $this->keypair['keypair_PEM']) = explode('@@@@@@@@', $keypair);
    74. 

  74.         }
    75. 

  75. 

  76.         if ($this->public_key_expires > time()) {
    77. 

  77.             $this->keypair['privatekey'] = openssl_pkey_get_private($this->keypair['keypair_PEM']);
    78. 

  78.             $this->keypair['publickey']  = openssl_pkey_get_public($this->keypair['certificate']);
    79. 

  79.         } else {
    80. 

  80.             // Key generation/rotation
    81. 

  81. 

  82.             // 1. Archive the current key (if there is one).
    83. 

  83.             $result = get_config('mnet', 'openssl_history');
    84. 

  84.             if(empty($result)) {
    85. 

  85.                 set_config('openssl_history', serialize(array()), 'mnet');
    86. 

  86.                 $openssl_history = array();
    87. 

  87.             } else {
    88. 

  88.                 $openssl_history = unserialize($result);
    89. 

  89.             }
    90. 

  90. 

  91.             if(count($this->keypair)) {
    92. 

  92.                 $this->keypair['expires'] = $this->public_key_expires;
    93. 

  93.                 array_unshift($openssl_history, $this->keypair);
    94. 

  94.             }
    95. 

  95. 

  96.             // 2. How many old keys do we want to keep? Use array_slice to get
    97. 

  97.             // rid of any we don't want
    98. 

  98.             $openssl_generations = get_config('mnet', 'openssl_generations');
    99. 

  99.             if(empty($openssl_generations)) {
    100. 

  100.                 set_config('openssl_generations', 3, 'mnet');
    101. 

  101.                 $openssl_generations = 3;
    102. 

  102.             }
    103. 

  103. 

  104.             if(count($openssl_history) > $openssl_generations) {
    105. 

  105.                 $openssl_history = array_slice($openssl_history, 0, $openssl_generations);
    106. 

  106.             }
    107. 

  107. 

  108.             set_config('openssl_history', serialize($openssl_history), 'mnet');
    109. 

  109. 

  110.             // 3. Generate fresh keys
    111. 

  111.             $this->replace_keys();
    112. 

  112.         }
    113. 

  113.         return true;
    114. 

  114.     }
    115. 

  115. 

  116.     function replace_keys() {
    117. 

  117.         global $DB, $CFG;
    118. 

  118. 

  119.         $keypair = mnet_generate_keypair();
    120. 

  120.         if (empty($keypair)) {
    121. 

  121.             error_log('Can not generate keypair, sorry');
    122. 

  122.             return;
    123. 

  123.         }
    124. 

  124. 

  125.         $this->keypair = array();
    126. 

  126.         $this->keypair            = $keypair;
    127. 

  127.         $this->public_key         = $this->keypair['certificate'];
    128. 

  128.         $details                  = openssl_x509_parse($this->public_key);
    129. 

  129.         $this->public_key_expires = $details['validTo_time_t'];
    130. 

  130. 

  131.         $this->wwwroot            = $CFG->wwwroot;
    132. 

  132.         if (empty($_SERVER['SERVER_ADDR'])) {
    133. 

  133.             // SERVER_ADDR is only returned by Apache-like webservers
    134. 

  134.             $my_hostname = mnet_get_hostname_from_uri($CFG->wwwroot);
    135. 

  135.             $my_ip       = gethostbyname($my_hostname);  // Returns unmodified hostname on failure. DOH!
    136. 

  136.             if ($my_ip == $my_hostname) {
    137. 

  137.                 $this->ip_address = 'UNKNOWN';
    138. 

  138.             } else {
    139. 

  139.                 $this->ip_address = $my_ip;
    140. 

  140.             }
    141. 

  141.         } else {
    142. 

  142.             $this->ip_address = $_SERVER['SERVER_ADDR'];
    143. 

  143.         }
    144. 

  144. 

  145.         set_config('openssl', implode('@@@@@@@@', $this->keypair), 'mnet');
    146. 

  146. 

  147.         $DB->update_record('mnet_host', $this);
    148. 

  148.         if (!PHPUNIT_TEST) {
    149. 

  149.             // We don't want to output this log for PHPUnit since it will make the test to fail as risky.
    150. 

  150.             error_log('New public key has been generated. It expires ' . date('Y/m/d h:i:s', $this->public_key_expires));
    151. 

  151.         }
    152. 

  152.     }
    153. 

  153. 

  154.     function get_private_key() {
    155. 

  155.         if (empty($this->keypair)) $this->get_keypair();
    156. 

  156.         if (isset($this->keypair['privatekey'])) return $this->keypair['privatekey'];
    157. 

  157.         $this->keypair['privatekey'] = openssl_pkey_get_private($this->keypair['keypair_PEM']);
    158. 

  158.         return $this->keypair['privatekey'];
    159. 

  159.     }
    160. 

  160. 

  161.     function get_public_key() {
    162. 

  162.         if (!isset($this->keypair)) $this->get_keypair();
    163. 

  163.         if (isset($this->keypair['publickey'])) return $this->keypair['publickey'];
    164. 

  164.         $this->keypair['publickey'] = openssl_pkey_get_public($this->keypair['certificate']);
    165. 

  165.         return $this->keypair['publickey'];
    166. 

  166.     }
    167. 

  167. }
    168.