Commit 4924cd0f authored by Nigel McNie's avatar Nigel McNie
Browse files

When we receive a request using an old key, respond with a signed and...

When we receive a request using an old key, respond with a signed and encrypted message with our new key.

This makes it so that when Moodle and Mahara are set up to network, and Mahara's key expires, Moodle can successfully grab the new key.
parent 5d132ce2
......@@ -99,16 +99,37 @@ try {
}
// Cascading switch. Kinda.
if ($xml->getName() == 'encryptedMessage') {
$payload_encrypted = true;
$REMOTEWWWROOT = (string)$xml->wwwroot;
$payload = xmlenc_envelope_strip($xml);
}
try {
if ($xml->getName() == 'encryptedMessage') {
$payload_encrypted = true;
$REMOTEWWWROOT = (string)$xml->wwwroot;
$payload = xmlenc_envelope_strip($xml);
}
if ($xml->getName() == 'signedMessage') {
$payload_signed = true;
$REMOTEWWWROOT = (string)$xml->wwwroot;
$payload = xmldsig_envelope_strip($xml);
if ($xml->getName() == 'signedMessage') {
$payload_signed = true;
$REMOTEWWWROOT = (string)$xml->wwwroot;
$payload = xmldsig_envelope_strip($xml);
}
}
catch (CryptException $e) {
if ($e->getCode() == 7025) {
// The key they used to contact us is old, respond with the new key correctly
// This sucks. Error handling of our mnet code needs to improve
ob_start();
xmlrpc_error($e->getMessage(), $e->getCode());
$response = ob_get_contents();
ob_end_clean();
// Sign and encrypt our response, even though we don't know if the
// request was signed and encrypted
$response = xmldsig_envelope($response);
$peer = get_peer($REMOTEWWWROOT);
$response = xmlenc_envelope($response, $peer->certificate);
echo $response;
exit;
}
}
if ($xml->getName() == 'methodCall') {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment