Check that the enablenetworking config var is on (and specify an exception)

4be7bc9d · Donal McMullan · ad9fecdb · 4be7bc9d · 4be7bc9d · 4be7bc9d
Commit 4be7bc9d authored Jun 25, 2007 by Donal McMullan
5 changed files
--- a/htdocs/api/xmlrpc/server.php
+++ b/htdocs/api/xmlrpc/server.php
@@ -50,10 +50,14 @@ ob_start();
    $errors = trim(ob_get_contents());
 ob_end_clean();

-// If networking is off, return a 404
+// If networking is off, return a '403 Forbidden' response
 $networkenabled = get_config('enablenetworking');
 if (empty($networkenabled)) {
-    header("HTTP/1.0 404 Not Found");
+    $protocol = strtoupper($_SERVER['SERVER_PROTOCOL']);
+    if ($protocol != 'HTTP/1.1') {
+        $protocol = 'HTTP/1.0';
+    }
+    header($protocol.' 403 Forbidden');
    exit;
 }


--- a/htdocs/auth/xmlrpc/jump.php
+++ b/htdocs/auth/xmlrpc/jump.php
@@ -22,6 +22,10 @@ $remotewwwroot = param_variable('wr');
 $instanceid    = param_variable('ins');
 $wantsurl      = '';

+if (!get_config('enablenetworking')) {
+    throw new XmlrpcClientException('Sorry - networking has been disabled for this Mahara site.');
+}
+
 $peer = new Peer();
 $peer->findByWwwroot($remotewwwroot);
 $url = $remotewwwroot.$peer->application->ssolandurl;
@@ -32,7 +36,7 @@ $approved  = false;
 $url = start_jump_session($peer, $instanceid);

 if (empty($url)) {
-    throw new Exception('DEBUG: Jump session was not started correctly or blank URL returned.'); // TODO: errors
+    throw new XmlrpcClientException('DEBUG: Jump session was not started correctly or blank URL returned.'); // TODO: errors
 }
 redirect($url);


--- a/htdocs/auth/xmlrpc/land.php
+++ b/htdocs/auth/xmlrpc/land.php
@@ -19,6 +19,17 @@ define('XMLRPC', 1);


 require(dirname(dirname(dirname(__FILE__))).'/init.php');
+
+// If networking is turned off, it's safer to die immediately
+if (!get_config('enablenetworking')) {
+    $protocol = strtoupper($_SERVER['SERVER_PROTOCOL']);
+    if ($protocol != 'HTTP/1.1') {
+        $protocol = 'HTTP/1.0';
+    }
+    header($protocol.' 403 Forbidden');
+    exit;
+}
+
 require_once(get_config('docroot') .'api/xmlrpc/client.php');
 require_once(get_config('docroot') .'auth/xmlrpc/lib.php');
 require_once(get_config('libroot') .'institution.php');
@@ -27,7 +38,6 @@ $token         = param_variable('token');
 $remotewwwroot = param_variable('idp');
 $wantsurl      = param_variable('wantsurl', '/');

-
 $institution = new Institution();
 $institution->findByWwwroot($remotewwwroot);
 $instances = auth_get_auth_instances_for_wwwroot($remotewwwroot);

--- a/htdocs/lib/errors.php
+++ b/htdocs/lib/errors.php
@@ -649,7 +649,7 @@ class RemoteServerException extends SystemException {}
 class XmlrpcServerException extends SystemException {}

 /**
- * Xmlrpc Server exception - must output well formed XMLRPC error to the client
+ * Xmlrpc Client exception - Something has gone wrong in the networking
 */
 class XmlrpcClientException extends SystemException {}


--- a/htdocs/lib/web.php
+++ b/htdocs/lib/web.php
@@ -288,13 +288,15 @@ EOF;
        );
    }

-    require_once(get_config('docroot') .'api/xmlrpc/lib.php');
-    if ($ssopeers = get_service_providers($USER->authinstance)) {
-        $SIDEBLOCKS[] = array(
-            'name'   => 'ssopeers',
-            'weight' => 1,
-            'data'   => $ssopeers,
-        );
+    if (get_config('enablenetworking')) {
+        require_once(get_config('docroot') .'api/xmlrpc/lib.php');
+        if ($ssopeers = get_service_providers($USER->authinstance)) {
+            $SIDEBLOCKS[] = array(
+                'name'   => 'ssopeers',
+                'weight' => 1,
+                'data'   => $ssopeers,
+            );
+        }
    }

    if (isset($extraconfig['sideblocks']) && is_array($extraconfig['sideblocks'])) {