Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-66198

Defensive improvement in mnet key comparison

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 3.7.1
    • Fix Version/s: None
    • Component/s: MNet
    • Labels:
      None
    • Affected Branches:
      MOODLE_37_STABLE

      Description

      this has been used for a very long time to secure the key comparison in mnet exchanges, specially when mixing Windows and Linux underlyig servers.

      Code is in /admin/mnet/peers.php

      // editing a host - load up the review form
      if (!empty($hostid)) {
      // TODO print a nice little heading
      $mnet_peer->set_id($hostid);
      echo $OUTPUT->header();
      $currenttab = 'mnetdetails';
      require_once($CFG->dirroot . '/' . $CFG->admin . '/mnet/tabs.php');

      if ($hostid != $CFG->mnet_all_hosts_id) {
      $mnet_peer->currentkey = mnet_get_public_key($mnet_peer->wwwroot, $mnet_peer->application);
      // PATCH+ : Secures the comparison.
      $mnet_peer->currentkey = str_replace("\r", '', trim($mnet_peer->currentkey));
      $mnet_peer->public_key = str_replace("\r", '', trim($mnet_peer->public_key));
      // PATCH-.
      if ($mnet_peer->currentkey == $mnet_peer->public_key)

      { unset($mnet_peer->currentkey); }

      else

      { error_log($mnet_peer->currentkey); error_log($mnet_peer->public_key); error_log(md5($mnet_peer->currentkey)); error_log(md5($mnet_peer->public_key)); }

      $credentials = $mnet_peer->check_credentials($mnet_peer->public_key);
      $reviewform = new mnet_review_host_form(null, array('peer' => $mnet_peer)); // the second step (also the edit host form)
      $mnet_peer->oldpublickey = $mnet_peer->public_key; // set this so we can confirm on form post without having to recreate the mnet_peer object
      $reviewform->set_data((object)$mnet_peer);
      echo $OUTPUT->box_start();
      $reviewform->display();
      echo $OUTPUT->box_end();
      } else

      { // no options for allhosts host - just let the tabs display and print a notification echo $OUTPUT->notification(get_string('allhosts_no_options', 'mnet')); }

      echo $OUTPUT->footer();
      exit;
      }

      This addresses a very odd situation in which moodle reports that the key do NOT match, although display tells the opposite (same visible key).

      the patch secures the key endlines to be sure they match Linux standards.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              vf Valery Fremaux
              Participants:
              Component watchers:
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: