|
Moodle
2.2.1
http://www.collinsharper.com
|
|
Moodle
2.2.1
http://www.collinsharper.com
|
00001 <?php 00008 class mnet_environment { 00009 00010 var $id = 0; 00011 var $wwwroot = ''; 00012 var $ip_address = ''; 00013 var $public_key = ''; 00014 var $public_key_expires = 0; 00015 var $last_connect_time = 0; 00016 var $last_log_id = 0; 00017 var $keypair = array(); 00018 var $deleted = 0; 00019 00020 function mnet_environment() { 00021 return true; 00022 } 00023 00024 function init() { 00025 global $CFG, $DB; 00026 00027 // Bootstrap the object data on first load. 00028 if (!$hostobject = $DB->get_record('mnet_host', array('id'=>$CFG->mnet_localhost_id))) { 00029 return false; 00030 } 00031 $temparr = get_object_vars($hostobject); 00032 foreach($temparr as $key => $value) { 00033 $this->$key = $value; 00034 } 00035 unset($hostobject, $temparr); 00036 00037 // Unless this is an install/upgrade, generate the SSL keys. 00038 if (empty($this->public_key)) { 00039 $this->get_keypair(); 00040 } 00041 00042 // We need to set up a record that represents 'all hosts'. Any rights 00043 // granted to this host will be conferred on all hosts. 00044 if (empty($CFG->mnet_all_hosts_id) ) { 00045 $hostobject = new stdClass(); 00046 $hostobject->wwwroot = ''; 00047 $hostobject->ip_address = ''; 00048 $hostobject->public_key = ''; 00049 $hostobject->public_key_expires = 0; 00050 $hostobject->last_connect_time = 0; 00051 $hostobject->last_log_id = 0; 00052 $hostobject->deleted = 0; 00053 $hostobject->name = 'All Hosts'; 00054 00055 $hostobject->id = $DB->insert_record('mnet_host',$hostobject); 00056 set_config('mnet_all_hosts_id', $hostobject->id); 00057 $CFG->mnet_all_hosts_id = $hostobject->id; 00058 unset($hostobject); 00059 } 00060 } 00061 00062 function get_keypair() { 00063 global $DB, $CFG; 00064 00065 // We don't generate keys on install/upgrade because we want the USER 00066 // record to have an email address, city and country already. 00067 if (during_initial_install()) return true; 00068 if ($CFG->mnet_dispatcher_mode == 'off') return true; 00069 if (!extension_loaded("openssl")) return true; 00070 if (!empty($this->keypair)) return true; 00071 00072 $this->keypair = array(); 00073 $keypair = get_config('mnet', 'openssl'); 00074 00075 if (!empty($keypair)) { 00076 // Explode/Implode is faster than Unserialize/Serialize 00077 list($this->keypair['certificate'], $this->keypair['keypair_PEM']) = explode('@@@@@@@@', $keypair); 00078 } 00079 00080 if ($this->public_key_expires > time()) { 00081 $this->keypair['privatekey'] = openssl_pkey_get_private($this->keypair['keypair_PEM']); 00082 $this->keypair['publickey'] = openssl_pkey_get_public($this->keypair['certificate']); 00083 } else { 00084 // Key generation/rotation 00085 00086 // 1. Archive the current key (if there is one). 00087 $result = get_config('mnet', 'openssl_history'); 00088 if(empty($result)) { 00089 set_config('openssl_history', serialize(array()), 'mnet'); 00090 $openssl_history = array(); 00091 } else { 00092 $openssl_history = unserialize($result); 00093 } 00094 00095 if(count($this->keypair)) { 00096 $this->keypair['expires'] = $this->public_key_expires; 00097 array_unshift($openssl_history, $this->keypair); 00098 } 00099 00100 // 2. How many old keys do we want to keep? Use array_slice to get 00101 // rid of any we don't want 00102 $openssl_generations = get_config('mnet', 'openssl_generations'); 00103 if(empty($openssl_generations)) { 00104 set_config('openssl_generations', 3, 'mnet'); 00105 $openssl_generations = 3; 00106 } 00107 00108 if(count($openssl_history) > $openssl_generations) { 00109 $openssl_history = array_slice($openssl_history, 0, $openssl_generations); 00110 } 00111 00112 set_config('openssl_history', serialize($openssl_history), 'mnet'); 00113 00114 // 3. Generate fresh keys 00115 $this->replace_keys(); 00116 } 00117 return true; 00118 } 00119 00120 function replace_keys() { 00121 global $DB, $CFG; 00122 00123 $keypair = mnet_generate_keypair(); 00124 if (empty($keypair)) { 00125 error_log('Can not generate keypair, sorry'); 00126 return; 00127 } 00128 00129 $this->keypair = array(); 00130 $this->keypair = $keypair; 00131 $this->public_key = $this->keypair['certificate']; 00132 $details = openssl_x509_parse($this->public_key); 00133 $this->public_key_expires = $details['validTo_time_t']; 00134 00135 $this->wwwroot = $CFG->wwwroot; 00136 if (empty($_SERVER['SERVER_ADDR'])) { 00137 // SERVER_ADDR is only returned by Apache-like webservers 00138 $my_hostname = mnet_get_hostname_from_uri($CFG->wwwroot); 00139 $my_ip = gethostbyname($my_hostname); // Returns unmodified hostname on failure. DOH! 00140 if ($my_ip == $my_hostname) { 00141 $this->ip_address = 'UNKNOWN'; 00142 } else { 00143 $this->ip_address = $my_ip; 00144 } 00145 } else { 00146 $this->ip_address = $_SERVER['SERVER_ADDR']; 00147 } 00148 00149 set_config('openssl', implode('@@@@@@@@', $this->keypair), 'mnet'); 00150 00151 $DB->update_record('mnet_host', $this); 00152 error_log('New public key has been generated. It expires ' . date('Y/m/d h:i:s', $this->public_key_expires)); 00153 } 00154 00155 function get_private_key() { 00156 if (empty($this->keypair)) $this->get_keypair(); 00157 if (isset($this->keypair['privatekey'])) return $this->keypair['privatekey']; 00158 $this->keypair['privatekey'] = openssl_pkey_get_private($this->keypair['keypair_PEM']); 00159 return $this->keypair['privatekey']; 00160 } 00161 00162 function get_public_key() { 00163 if (!isset($this->keypair)) $this->get_keypair(); 00164 if (isset($this->keypair['publickey'])) return $this->keypair['publickey']; 00165 $this->keypair['publickey'] = openssl_pkey_get_public($this->keypair['certificate']); 00166 return $this->keypair['publickey']; 00167 } 00168 }
1.7.6.1 
