3 * Info about the local environment, wrt RPC
5 * This should really be a singleton. A PHP5 Todo I guess.
8 class mnet_environment
{
14 var $public_key_expires = 0;
15 var $last_connect_time = 0;
17 var $keypair = array();
20 function mnet_environment() {
27 if (empty($CFG->mnet_dispatcher_mode
)) {
28 set_config('mnet_dispatcher_mode', 'off');
31 // Bootstrap the object data on first load.
32 if (empty($CFG->mnet_localhost_id
) ) {
33 if (!$CFG->mnet_localhost_id
= get_config(NULL, 'mnet_localhost_id')) { // Double-check db
34 $this->wwwroot
= $CFG->wwwroot
;
35 if (empty($_SERVER['SERVER_ADDR'])) {
36 // SERVER_ADDR is only returned by Apache-like webservers
37 $my_hostname = mnet_get_hostname_from_uri($CFG->wwwroot
);
38 $my_ip = gethostbyname($my_hostname); // Returns unmodified hostname on failure. DOH!
39 if ($my_ip == $my_hostname) {
40 $this->ip_address
= 'UNKNOWN';
42 $this->ip_address
= $my_ip;
45 $this->ip_address
= $_SERVER['SERVER_ADDR'];
48 if ($existingrecord = get_record('mnet_host', 'ip_address', $this->ipaddress
)) {
49 $this->id
= $existingrecord->id
;
50 } else { // make a new one
51 $this->id
= insert_record('mnet_host', $this, true);
54 set_config('mnet_localhost_id', $this->id
);
58 $hostobject = get_record('mnet_host','id', $CFG->mnet_localhost_id
);
59 if(is_object($hostobject)) {
60 $temparr = get_object_vars($hostobject);
61 foreach($temparr as $key => $value) {
64 unset($hostobject, $temparr);
69 // Unless this is an install/upgrade, generate the SSL keys.
70 if(empty($this->public_key
)) {
75 // We need to set up a record that represents 'all hosts'. Any rights
76 // granted to this host will be conferred on all hosts.
77 if (empty($CFG->mnet_all_hosts_id
) ) {
78 $hostobject = new stdClass();
79 $hostobject->wwwroot
= '';
80 $hostobject->ip_address
= '';
81 $hostobject->public_key
= '';
82 $hostobject->public_key_expires
= '';
83 $hostobject->last_connect_time
= '0';
84 $hostobject->last_log_id
= '0';
85 $hostobject->deleted
= 0;
86 $hostobject->name
= 'All Hosts';
88 $hostobject->id
= insert_record('mnet_host',$hostobject, true);
89 set_config('mnet_all_hosts_id', $hostobject->id
);
90 $CFG->mnet_all_hosts_id
= $hostobject->id
;
95 function get_keypair() {
96 // We don't generate keys on install/upgrade because we want the USER
97 // record to have an email address, city and country already.
98 if (!empty($_SESSION['upgraderunning'])) return true;
99 if (!extension_loaded("openssl")) return true;
100 if (!empty($this->keypair
)) return true;
102 $this->keypair
= array();
103 $keypair = get_field('config_plugins', 'value', 'plugin', 'mnet', 'name', 'openssl');
105 if (!empty($keypair)) {
106 // Explode/Implode is faster than Unserialize/Serialize
107 list($this->keypair
['certificate'], $this->keypair
['keypair_PEM']) = explode('@@@@@@@@', $keypair);
110 if ($this->public_key_expires
> time()) {
111 $this->keypair
['privatekey'] = openssl_pkey_get_private($this->keypair
['keypair_PEM']);
112 $this->keypair
['publickey'] = openssl_pkey_get_public($this->keypair
['certificate']);
114 // Key generation/rotation
116 // 1. Archive the current key (if there is one).
117 $result = get_field('config_plugins', 'value', 'plugin', 'mnet', 'name', 'openssl_history');
119 set_config('openssl_history', serialize(array()), 'mnet');
120 $openssl_history = array();
122 $openssl_history = unserialize($result);
125 if(count($this->keypair
)) {
126 $this->keypair
['expires'] = $this->public_key_expires
;
127 array_unshift($openssl_history, $this->keypair
);
130 // 2. How many old keys do we want to keep? Use array_slice to get
131 // rid of any we don't want
132 $openssl_generations = get_field('config_plugins', 'value', 'plugin', 'mnet', 'name', 'openssl_generations');
133 if(empty($openssl_generations)) {
134 set_config('openssl_generations', 3, 'mnet');
135 $openssl_generations = 3;
138 if(count($openssl_history) > $openssl_generations) {
139 $openssl_history = array_slice($openssl_history, 0, $openssl_generations);
142 set_config('openssl_history', serialize($openssl_history), 'mnet');
144 // 3. Generate fresh keys
145 $this->replace_keys();
150 function replace_keys() {
151 $this->keypair
= array();
152 $this->keypair
= mnet_generate_keypair();
153 $this->public_key
= $this->keypair
['certificate'];
154 $details = openssl_x509_parse($this->public_key
);
155 $this->public_key_expires
= $details['validTo_time_t'];
157 set_config('openssl', implode('@@@@@@@@', $this->keypair
), 'mnet');
159 update_record('mnet_host', $this);
162 function get_private_key() {
163 if (empty($this->keypair
)) $this->get_keypair();
164 if (isset($this->keypair
['privatekey'])) return $this->keypair
['privatekey'];
165 $this->keypair
['privatekey'] = openssl_pkey_get_private($this->keypair
['keypair_PEM']);
166 return $this->keypair
['privatekey'];
169 function get_public_key() {
170 if (!isset($this->keypair
)) $this->get_keypair();
171 if (isset($this->keypair
['publickey'])) return $this->keypair
['publickey'];
172 $this->keypair
['publickey'] = openssl_pkey_get_public($this->keypair
['certificate']);
173 return $this->keypair
['publickey'];
177 * Note that the openssl_sign function computes the sha1 hash, and then
180 function sign_message($message) {
181 $bool = openssl_sign($message, $signature, $this->get_private_key());