--- D:/wwwroot/MOODLE_1.9_STABLE/moodle/mnet/xmlrpc/server.php Wed Jul 14 14:46:38 2010 +++ D:/wwwroot/MOODLE_1.9_STABLE/moodle_diffs/mnet/xmlrpc/server.php Wed Jul 14 14:46:54 2010 @@ -248,7 +248,7 @@ * @return string $text The text of the error message */ function mnet_server_fault($code, $text, $param = null) { - global $MNET_REMOTE_CLIENT; + global $MNET_REMOTE_CLIENT, $CFG; if (!is_numeric($code)) { $code = 0; } @@ -754,14 +754,36 @@ global $CFG, $MNET; $return = array(); - if (!empty($CFG->mnet_register_allhosts)) { + // PATCH : allows forcing for automated key rotation + $wwwroot = $params[0]; + $pubkey = $params[1]; + $application = $params[2]; + $forcerenew = $params[3]; + + if ($forcerenew == 0){ + // standard keyswap for first key recording + if (!empty($CFG->mnet_register_allhosts)) { + $mnet_peer = new mnet_peer(); + $keyok = $mnet_peer->bootstrap($wwwroot, $pubkey, $application); + if ($keyok) { + $mnet_peer->commit(); + } + } + } else { $mnet_peer = new mnet_peer(); - @list($wwwroot, $pubkey, $application) = each($params); - $keyok = $mnet_peer->bootstrap($wwwroot, $pubkey, $application); - if ($keyok) { + + // we can only renew hosts that we know something about. + if ($mnet_peer->set_wwwroot($wwwroot)){ + $mnet_peer->public_key = clean_param($pubkey, PARAM_PEM); + $mnet_peer->public_key_expires = $mnet_peer->check_common_name($pubkey); + $mnet_peer->updateparams->public_key = clean_param($pubkey, PARAM_PEM); + $mnet_peer->updateparams->public_key_expires = $mnet_peer->check_common_name($pubkey); $mnet_peer->commit(); + } else { + return false; // avoid giving our key to unkown hosts. } } + // /PATCH return $MNET->public_key; } --- D:/wwwroot/MOODLE_1.9_STABLE/moodle/mnet/lib.php Fri Mar 12 14:32:06 2010 +++ D:/wwwroot/MOODLE_1.9_STABLE/moodle_diffs/mnet/lib.php Wed Jul 14 14:49:20 2010 @@ -21,6 +21,9 @@ define('RPC_NOSUCHMETHOD', 5); define('RPC_FORBIDDENMETHOD', 6); +// PATCH : Can fix some MNET issues in crons +global $MNET; +// /PATCH $MNET = new mnet_environment(); $MNET->init(); @@ -45,21 +48,31 @@ * its http:// or https:// prefix * @return string A PEM formatted SSL Certificate. */ -function mnet_get_public_key($uri, $application=null) { +// PATCH : Mnet automated key renewal : adding force +function mnet_get_public_key($uri, $application=null, $force=0) { global $CFG, $MNET; + // The key may be cached in the mnet_set_public_key function... // check this first - $key = mnet_set_public_key($uri); - if ($key != false) { - return $key; + + // cache location of key must be bypassed when we need an automated renew. + if (!$force){ + $key = mnet_set_public_key($uri); + if ($key != false) { + return $key; + } } +// /PATCH if (empty($application)) { $application = get_record('mnet_application', 'name', 'moodle'); } - $rq = xmlrpc_encode_request('system/keyswap', array($CFG->wwwroot, $MNET->public_key, $application->name), array("encoding" => "utf-8")); - $ch = curl_init($uri . $application->xmlrpc_server_url); + // PATCH : Mnet automated key renewal + $rq = xmlrpc_encode_request('system/keyswap', array($CFG->wwwroot, $MNET->public_key, $application->name, $force), array("encoding" => "utf-8")); + $ch = curl_init($uri . $application->xmlrpc_server_url); + // /PATCH + curl_setopt($ch, CURLOPT_TIMEOUT, 60); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); @@ -88,7 +101,7 @@ if (!is_array($res)) { // ! error $public_certificate = $res; - $credentials=array(); + $credentials = array(); if (strlen(trim($public_certificate))) { $credentials = openssl_x509_parse($public_certificate); $host = $credentials['subject']['CN'];