[MDL-74394] Make mnet public key validation php8 compatible - Moodle Tracker

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 3.11.6, 4.0
Fix Version/s: 3.11.7, 4.0.1
Component/s: MNet
Labels:
- ci

Affected Branches:
MOODLE_311_STABLE, MOODLE_400_STABLE
Fixed Branches:
MOODLE_311_STABLE, MOODLE_400_STABLE
Epic Link:
Prepare Moodle for PHP 8.0
Pull from Repository:
git://github.com/aolley/moodle.git
Pull 3.11 Branch:
~~MDL-74394~~_311
Pull 3.11 Diff URL:
https://github.com/moodle/moodle/compare/MOODLE_311_STABLE...aolley:MDL-74394_311
Pull 4.0 Branch:
~~MDL-74394~~_400
Pull 4.0 Diff URL:
https://github.com/moodle/moodle/compare/MOODLE_400_STABLE...aolley:MDL-74394_400
Pull Main Branch:
~~MDL-74394~~
Pull Main Diff URL:
https://github.com/aolley/moodle/compare/master...MDL-74394
Testing Instructions:
Hide

You will need to create ssl certificate https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-apache-in-ubuntu-20-04 and use ngrok for you moodles

Using php8:

Setup a couple of Moodle sites (site1 and site2), one with MOODLE_311_STABLE and another with MOODLE_400_STABLE or master.

Ensure that they have different $CFG->sessioncookie setting (can modify it from Administration).

In both sites, enable and configure MNet as explained @ https://docs.moodle.org/311/en/MNet#Peer_to_Peer_Network. You don't need to configure the "remote enrolments" steps, only the "get users roaming" ones.

Create user1 in site1 and user2 in site2.

Log as user1 in site1

Go to the home/front page of the site.

In the "network servers" block (that has been added as per the configuration instructions, click on site2.

Verify that now you are welcome to site2 as user1.

Log as user2in site2

Go to the home/front page of the site.

In the "network servers" block (that has been added as per the configuration instructions, click on site1.

Verify that now you are welcome to site1 as user2.

Done, now user1 and user2 do exist in both sites and SSO/roaming between them works ok.

Note: during the setup, depending of the debugging levels, it's possible that you see some notices, ignore them as far as the configuration happens ok.
Show
You will need to create ssl certificate https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-apache-in-ubuntu-20-04 and use ngrok for you moodles Using php8: Setup a couple of Moodle sites (site1 and site2), one with MOODLE_311_STABLE and another with MOODLE_400_STABLE or master. Ensure that they have different $CFG->sessioncookie setting (can modify it from Administration). In both sites, enable and configure MNet as explained @ https://docs.moodle.org/311/en/MNet#Peer_to_Peer_Network . You don't need to configure the "remote enrolments" steps, only the "get users roaming" ones. Create user1 in site1 and user2 in site2. Log as user1 in site1 Go to the home/front page of the site. In the "network servers" block (that has been added as per the configuration instructions, click on site2. Verify that now you are welcome to site2 as user1. Log as user2in site2 Go to the home/front page of the site. In the "network servers" block (that has been added as per the configuration instructions, click on site1. Verify that now you are welcome to site1 as user2. Done, now user1 and user2 do exist in both sites and SSO/roaming between them works ok. Note: during the setup, depending of the debugging levels, it's possible that you see some notices, ignore them as far as the configuration happens ok.

Description

As part of processing mnet requests - Moodle verifies that the public key associated with the mnet host is a valid key.

It does this by checking that the type returned by `openssl_get_publickey` for the key is a "resource". However, as of php 8.0, that function now returns an object of type "OpenSSLAsymmetricKey" on success.

By checking for either, we can support both php7 and 8 (the function still returns `false` on failure).

Reference:

https://www.php.net/manual/en/function.openssl-pkey-get-public.php (openssl_get_publickey is an alias to this func).

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

MDL-74394 - Step 12 - User2 in Site1 Moodle3.11.png
35 kB
22/Apr/22 10:39 PM
MDL-74394 - Step 7 - User1 in Site1 Moodle 3.11.png
40 kB
22/Apr/22 10:39 PM
MDL-74394 - Step 7 - User2 in Site2 Moodle 4.png
31 kB
22/Apr/22 10:39 PM
MDL-74394 - Step 8 - User1 in Site2 Moodle 4.png
56 kB
22/Apr/22 10:39 PM

Activity

People

Assignee:: Adam Olley

Reporter:: Adam Olley

Peer reviewer:: Eloy Lafuente (stronk7)

Integrator:: Ilya Tregubov

Tester:: Carlos Escobedo

Participants:: Adam Olley, Carlos Escobedo, CiBoT, Eloy Lafuente (stronk7), Ilya Tregubov

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 01/Apr/22 11:45 AM

Updated:: 23/Apr/22 12:34 AM

Resolved:: 23/Apr/22 12:34 AM

Fix Release Date:: 9/May/22

Time Tracking

Estimated:

Remaining:

Logged:

3h 55m