mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-22 23:00:56 +01:00
Add create_server() verify_server() for the 'special' needs they have
This commit is contained in:
parent
5989616d8c
commit
21e323111d
@ -29,6 +29,7 @@
|
|||||||
var $accounts;
|
var $accounts;
|
||||||
var $table = 'phpgw_interserv';
|
var $table = 'phpgw_interserv';
|
||||||
var $total = 0;
|
var $total = 0;
|
||||||
|
var $result = '';
|
||||||
|
|
||||||
var $servers = array();
|
var $servers = array();
|
||||||
var $serverid = 0;
|
var $serverid = 0;
|
||||||
@ -112,12 +113,9 @@
|
|||||||
/* send command to remote server */
|
/* send command to remote server */
|
||||||
function send($method_name, $args, $url, $debug=True)
|
function send($method_name, $args, $url, $debug=True)
|
||||||
{
|
{
|
||||||
$cmd = '$return = $this->_send_' . $this->mode . '_' . $this->security . '($method_name, $args, $url, $debug);';
|
$cmd = '$this->_send_' . $this->mode . '_' . $this->security . '($method_name, $args, $url, $debug);';
|
||||||
eval($cmd);
|
eval($cmd);
|
||||||
if($return)
|
return $this->result;
|
||||||
{
|
|
||||||
return $return;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function _split_url($url)
|
function _split_url($url)
|
||||||
@ -193,8 +191,8 @@
|
|||||||
{
|
{
|
||||||
$this->debug('Error: no response from '.$hostpart.'!');
|
$this->debug('Error: no response from '.$hostpart.'!');
|
||||||
}
|
}
|
||||||
|
$this->result = $retval;
|
||||||
return $retval;
|
return $this->result;
|
||||||
}
|
}
|
||||||
|
|
||||||
function _send_xmlrpc_($method_name, $args, $url, $debug=True)
|
function _send_xmlrpc_($method_name, $args, $url, $debug=True)
|
||||||
@ -232,7 +230,8 @@
|
|||||||
$this->debug('Fault Code: ' . $r->faultCode() . ' Reason "' . $r->faultString() . '"<br>',$debug);
|
$this->debug('Fault Code: ' . $r->faultCode() . ' Reason "' . $r->faultString() . '"<br>',$debug);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $v;
|
$this->result = xmlrpc_decode($v);
|
||||||
|
return $this->result;
|
||||||
}
|
}
|
||||||
|
|
||||||
function _send_soap_ssl($method_name, $args, $url, $debug=True)
|
function _send_soap_ssl($method_name, $args, $url, $debug=True)
|
||||||
@ -419,6 +418,7 @@
|
|||||||
{
|
{
|
||||||
$sql = "SELECT * FROM $this->table";
|
$sql = "SELECT * FROM $this->table";
|
||||||
$this->db->query($sql,__LINE__,__FILE__);
|
$this->db->query($sql,__LINE__,__FILE__);
|
||||||
|
|
||||||
while ($this->db->next_record())
|
while ($this->db->next_record())
|
||||||
{
|
{
|
||||||
$this->servers[$this->db->f('server_name')]['server_id'] = $this->db->f('server_id');
|
$this->servers[$this->db->f('server_name')]['server_id'] = $this->db->f('server_id');
|
||||||
@ -431,7 +431,7 @@
|
|||||||
$this->servers[$this->db->f('server_name')]['admin_name'] = $this->db->f('admin_name');
|
$this->servers[$this->db->f('server_name')]['admin_name'] = $this->db->f('admin_name');
|
||||||
$this->servers[$this->db->f('server_name')]['admin_email'] = $this->db->f('admin_email');
|
$this->servers[$this->db->f('server_name')]['admin_email'] = $this->db->f('admin_email');
|
||||||
}
|
}
|
||||||
$this->total = $this->db->num_rows();
|
$this->total = $this->db->num_rows() + 1;
|
||||||
return $this->servers;
|
return $this->servers;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -447,7 +447,7 @@
|
|||||||
{
|
{
|
||||||
$select .= ' selected';
|
$select .= ' selected';
|
||||||
}
|
}
|
||||||
$select .= '>' . lang('Local') . '</option>'."\n";
|
$select .= '>' . lang('Please Select') . '</option>'."\n";
|
||||||
|
|
||||||
while (list($key,$val) = each($this->get_list()))
|
while (list($key,$val) = each($this->get_list()))
|
||||||
{
|
{
|
||||||
@ -552,8 +552,7 @@
|
|||||||
$this->db->f('trust_rel') >= 1)
|
$this->db->f('trust_rel') >= 1)
|
||||||
{
|
{
|
||||||
$this->authed = True;
|
$this->authed = True;
|
||||||
$sessionid = $GLOBALS['phpgw']->session->create('anonymous','anonymous1');
|
return True;
|
||||||
return $sessionid;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return False;
|
return False;
|
||||||
|
@ -301,6 +301,179 @@
|
|||||||
return $this->sessionid;
|
return $this->sessionid;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function verify_server($sessionid, $kp3)
|
||||||
|
{
|
||||||
|
global $phpgw, $phpgw_info;
|
||||||
|
|
||||||
|
$phpgw->interserver = CreateObject('phpgwapi.interserver');
|
||||||
|
$db = $phpgw->db;
|
||||||
|
$db2 = $phpgw->db;
|
||||||
|
$this->sessionid = $sessionid;
|
||||||
|
$this->kp3 = $kp3;
|
||||||
|
|
||||||
|
$phpgw->common->key = md5($this->kp3 . $this->sessionid . $phpgw_info['server']['encryptkey']);
|
||||||
|
$phpgw->common->iv = $phpgw_info['server']['mcrypt_iv'];
|
||||||
|
|
||||||
|
$cryptovars[0] = $phpgw->common->key;
|
||||||
|
$cryptovars[1] = $phpgw->common->iv;
|
||||||
|
$phpgw->crypto = CreateObject('phpgwapi.crypto', $cryptovars);
|
||||||
|
|
||||||
|
$db->query("select * from phpgw_sessions where session_id='" . $this->sessionid . "'",__LINE__,__FILE__);
|
||||||
|
$db->next_record();
|
||||||
|
|
||||||
|
$this->session_flags = $db->f('session_flags');
|
||||||
|
|
||||||
|
$login_array = explode('@', $db->f('session_lid'));
|
||||||
|
$this->account_lid = $login_array[0];
|
||||||
|
|
||||||
|
if (@$login_array[1] != '')
|
||||||
|
{
|
||||||
|
$this->account_domain = $login_array[1];
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
$this->account_domain = $phpgw_info['server']['default_domain'];
|
||||||
|
}
|
||||||
|
|
||||||
|
$phpgw_info['user']['kp3'] = $this->kp3;
|
||||||
|
$phpgw_info_flags = $phpgw_info['flags'];
|
||||||
|
|
||||||
|
$phpgw_info['flags'] = $phpgw_info_flags;
|
||||||
|
$userid_array = explode('@',$db->f('session_lid'));
|
||||||
|
// Thinking this might solve auth_http problems
|
||||||
|
if(@$userid_array[1] == '') { $userid_array[1] = 'default'; }
|
||||||
|
$this->account_lid = $userid_array[1];
|
||||||
|
$this->update_dla();
|
||||||
|
$this->account_id = $phpgw->interserver->name2id($this->account_lid);
|
||||||
|
|
||||||
|
if (!$this->account_id)
|
||||||
|
{
|
||||||
|
return False;
|
||||||
|
}
|
||||||
|
|
||||||
|
$phpgw_info['user']['account_id'] = $this->account_id;
|
||||||
|
|
||||||
|
$this->read_repositories(@$phpgw_info['server']['cache_phpgw_info']);
|
||||||
|
|
||||||
|
$phpgw_info['user'] = $this->user;
|
||||||
|
$phpgw_info['hooks'] = $this->hooks;
|
||||||
|
|
||||||
|
$phpgw_info['user']['session_ip'] = $db->f('session_ip');
|
||||||
|
$phpgw_info['user']['passwd'] = base64_decode($this->appsession('password','phpgwapi'));
|
||||||
|
|
||||||
|
if ($userid_array[1] != $phpgw_info['user']['domain'])
|
||||||
|
{
|
||||||
|
$phpgw->log->message('W-VerifySession, the domains %1 and %2 don\t match',$userid_array[1],$phpgw_info['user']['domain']);
|
||||||
|
$phpgw->log->commit();
|
||||||
|
|
||||||
|
return False;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (@$phpgw_info['server']['sessions_checkip'])
|
||||||
|
{
|
||||||
|
if (PHP_OS != 'Windows' && (! $phpgw_info['user']['session_ip'] || $phpgw_info['user']['session_ip'] != $this->getuser_ip()))
|
||||||
|
{
|
||||||
|
// This needs some better wording
|
||||||
|
$phpgw->log->message('W-VerifySession, IP %1 doesn\'t match IP %2 in session table',$this->getuser_ip(),$phpgw_info['user']['session_ip']);
|
||||||
|
$phpgw->log->commit();
|
||||||
|
|
||||||
|
return False;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$phpgw->acl->acl($this->account_id);
|
||||||
|
$phpgw->accounts->accounts($this->account_id);
|
||||||
|
$phpgw->preferences->preferences($this->account_id);
|
||||||
|
$phpgw->applications->applications($this->account_id);
|
||||||
|
|
||||||
|
if (! $this->account_lid)
|
||||||
|
{
|
||||||
|
// This needs some better wording
|
||||||
|
$phpgw->log->message('W-VerifySession, account_id is empty');
|
||||||
|
$phpgw->log->commit();
|
||||||
|
|
||||||
|
return False;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
return True;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function create_server($login,$passwd)
|
||||||
|
{
|
||||||
|
global $phpgw_info, $phpgw, $PHP_SELF;
|
||||||
|
|
||||||
|
$phpgw->interserver = CreateObject('phpgwapi.interserver');
|
||||||
|
$this->login = $login;
|
||||||
|
$this->passwd = $passwd;
|
||||||
|
$this->clean_sessions();
|
||||||
|
$login_array = explode('@', $login);
|
||||||
|
$this->account_lid = $login_array[0];
|
||||||
|
$now = time();
|
||||||
|
|
||||||
|
if ($login_array[1] != '')
|
||||||
|
{
|
||||||
|
$this->account_domain = $login_array[1];
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
$this->account_domain = $phpgw_info['server']['default_domain'];
|
||||||
|
}
|
||||||
|
|
||||||
|
$serverdata = array(
|
||||||
|
'server_name' => $this->account_domain,
|
||||||
|
'username' => $this->account_lid,
|
||||||
|
'password' => $passwd
|
||||||
|
);
|
||||||
|
if (!$phpgw->interserver->auth($serverdata))
|
||||||
|
{
|
||||||
|
return False;
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!$phpgw->interserver->exists($this->account_lid))
|
||||||
|
{
|
||||||
|
$this->account_id = $phpgw->interserver->name2id($this->account_lid);
|
||||||
|
}
|
||||||
|
$phpgw_info['user']['account_id'] = $this->account_id;
|
||||||
|
$phpgw->interserver->serverid = $this->account_id;
|
||||||
|
|
||||||
|
$this->sessionid = md5($phpgw->common->randomstring(10));
|
||||||
|
$this->kp3 = md5($phpgw->common->randomstring(15));
|
||||||
|
|
||||||
|
$phpgw->common->key = md5($this->kp3 . $this->sessionid . $phpgw_info['server']['encryptkey']);
|
||||||
|
$phpgw->common->iv = $phpgw_info['server']['mcrypt_iv'];
|
||||||
|
$cryptovars[0] = $phpgw->common->key;
|
||||||
|
$cryptovars[1] = $phpgw->common->iv;
|
||||||
|
$phpgw->crypto = CreateObject('phpgwapi.crypto', $cryptovars);
|
||||||
|
|
||||||
|
//$this->read_repositories(False);
|
||||||
|
|
||||||
|
$phpgw_info['user'] = $this->user;
|
||||||
|
$phpgw_info['hooks'] = $this->hooks;
|
||||||
|
|
||||||
|
$this->appsession('password','phpgwapi',base64_encode($this->passwd));
|
||||||
|
$session_flags = 'S';
|
||||||
|
|
||||||
|
$user_ip = $this->getuser_ip();
|
||||||
|
|
||||||
|
$phpgw->db->transaction_begin();
|
||||||
|
$phpgw->db->query("INSERT INTO phpgw_sessions VALUES ('" . $this->sessionid
|
||||||
|
. "','".$login."','" . $user_ip . "','"
|
||||||
|
. $now . "','" . $now . "','" . $PHP_SELF . "','" . $session_flags
|
||||||
|
. "')",__LINE__,__FILE__);
|
||||||
|
|
||||||
|
$phpgw->db->query("INSERT INTO phpgw_access_log VALUES ('" . $this->sessionid . "','"
|
||||||
|
. "$login','" . $user_ip . "','$now','','" . $this->account_id . "')",__LINE__,__FILE__);
|
||||||
|
|
||||||
|
$this->appsession('account_previous_login','phpgwapi',$phpgw->auth->previous_login);
|
||||||
|
$phpgw->auth->update_lastlogin($this->account_id,$user_ip);
|
||||||
|
$phpgw->db->transaction_commit();
|
||||||
|
|
||||||
|
return array($this->sessionid,$this->kp3);
|
||||||
|
}
|
||||||
|
|
||||||
// This will update the DateLastActive column, so the login does not expire
|
// This will update the DateLastActive column, so the login does not expire
|
||||||
function update_dla()
|
function update_dla()
|
||||||
{
|
{
|
||||||
|
@ -652,7 +652,7 @@
|
|||||||
}
|
}
|
||||||
|
|
||||||
$GLOBALS['_xmlrpcs_auth_sig'] = array(array(xmlrpcString,xmlrpcString,xmlrpcString,xmlrpcString));
|
$GLOBALS['_xmlrpcs_auth_sig'] = array(array(xmlrpcString,xmlrpcString,xmlrpcString,xmlrpcString));
|
||||||
$GLOBALS['_xmlrpcs_auth_doc'] = 'Verify server authentication';
|
$GLOBALS['_xmlrpcs_auth_doc'] = 'Server authentication';
|
||||||
function _xmlrpcs_auth($server,$m)
|
function _xmlrpcs_auth($server,$m)
|
||||||
{
|
{
|
||||||
$server_name = $m->getParam(0);
|
$server_name = $m->getParam(0);
|
||||||
@ -662,10 +662,39 @@
|
|||||||
$serverdata['username'] = $username->scalarval();
|
$serverdata['username'] = $username->scalarval();
|
||||||
$serverdata['password'] = $password->scalarval();
|
$serverdata['password'] = $password->scalarval();
|
||||||
|
|
||||||
$is = CreateObject('phpgwapi.interserver');
|
list($sessionid,$kp3) = $GLOBALS['phpgw']->session->create_server($serverdata['username'].'@'.$serverdata['server_name'],$serverdata['password']);
|
||||||
$sessionid = $is->auth($serverdata);
|
|
||||||
|
|
||||||
if($sessionid)
|
if($sessionid && $kp3)
|
||||||
|
{
|
||||||
|
$rtrn[] = CreateObject('phpgwapi.xmlrpcval','sessionid','string');
|
||||||
|
$rtrn[] = CreateObject('phpgwapi.xmlrpcval',$sessionid,'string');
|
||||||
|
$rtrn[] = CreateObject('phpgwapi.xmlrpcval','kp3','string');
|
||||||
|
$rtrn[] = CreateObject('phpgwapi.xmlrpcval',$kp3,'string');
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
$rtrn[] = CreateObject('phpgwapi.xmlrpcval','GOAWAY','string');
|
||||||
|
$rtrn[] = CreateObject('phpgwapi.xmlrpcval','XOXO','string');
|
||||||
|
}
|
||||||
|
$r = CreateObject('phpgwapi.xmlrpcresp',CreateObject('phpgwapi.xmlrpcval',$rtrn,'struct'));
|
||||||
|
return $r;
|
||||||
|
}
|
||||||
|
|
||||||
|
$GLOBALS['_xmlrpcs_auth_verify_sig'] = array(array(xmlrpcString,xmlrpcString,xmlrpcString,xmlrpcString));
|
||||||
|
$GLOBALS['_xmlrpcs_auth_verify_doc'] = 'Verify Server authentication';
|
||||||
|
function _xmlrpcs_auth_verify($server,$m)
|
||||||
|
{
|
||||||
|
$xserver_name = $m->getParam(0);
|
||||||
|
$xsessionid = $m->getParam(1);
|
||||||
|
$xkp3 = $m->getParam(2);
|
||||||
|
|
||||||
|
$server_name = $xserver_name->scalarval();
|
||||||
|
$sessionid = $xsessionid->scalarval();
|
||||||
|
$kp3 = $xkp3->scalarval();
|
||||||
|
|
||||||
|
$verified = $GLOBALS['phpgw']->session->verify_server($sessionid,$kp3);
|
||||||
|
|
||||||
|
if($verified)
|
||||||
{
|
{
|
||||||
$rtrn[] = CreateObject('phpgwapi.xmlrpcval','HELO','string');
|
$rtrn[] = CreateObject('phpgwapi.xmlrpcval','HELO','string');
|
||||||
$rtrn[] = CreateObject('phpgwapi.xmlrpcval',$sessionid,'string');
|
$rtrn[] = CreateObject('phpgwapi.xmlrpcval',$sessionid,'string');
|
||||||
@ -704,6 +733,11 @@
|
|||||||
'function' => '_xmlrpcs_auth',
|
'function' => '_xmlrpcs_auth',
|
||||||
'signature' => $GLOBALS['_xmlrpcs_auth_sig'],
|
'signature' => $GLOBALS['_xmlrpcs_auth_sig'],
|
||||||
'docstring' => $GLOBALS['_xmlrpcs_auth_doc']
|
'docstring' => $GLOBALS['_xmlrpcs_auth_doc']
|
||||||
|
),
|
||||||
|
'system.auth_verify' => array(
|
||||||
|
'function' => '_xmlrpcs_auth_verify',
|
||||||
|
'signature' => $GLOBALS['_xmlrpcs_auth_verify_sig'],
|
||||||
|
'docstring' => $GLOBALS['_xmlrpcs_auth_verify_doc']
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user