diff options
Diffstat (limited to 'lib/class')
| -rw-r--r-- | lib/class/catalog.class.php | 69 | ||||
| -rw-r--r-- | lib/class/xmlrpcserver.class.php | 15 |
2 files changed, 53 insertions, 31 deletions
diff --git a/lib/class/catalog.class.php b/lib/class/catalog.class.php index d0388477..6c93e549 100644 --- a/lib/class/catalog.class.php +++ b/lib/class/catalog.class.php @@ -1274,40 +1274,57 @@ class Catalog { else { $client = new xmlrpc_client("/$path/server/xmlrpc.server.php", $server, 80); } + + // 6 that's right, the secret level because if you do have debug on most likely you're + // going to just crash your browser... sorry folks + if (Config::get('debug') AND Config::get('debug_level') == '6') { $client->setDebug(1); } + + // Before we do anything else we need to do a handshake with the remote server + $timestamp = time(); + $handshake_key = md5($timestamp . $this->key); + + $encoded_key = new xmlrpcval($handshake_key,"string"); + $timestamp = new xmlrpcval($timestamp,"int"); + $xmlrpc_message = new xmlrpcmsg('xmlrpcserver.handshake',array($encoded_key,$timestamp)); + + // Send it off + $response = $client->send($xmlrpc_message,10); + if ($response->faultCode()) { + $error_msg = _("Error connecting to") . " " . $server . " " . _("Code") . ": " . $response->faultCode() . " " . _("Reason") . ": " . $response->faultString(); + debug_event('XMLCLIENT',$error_msg,'1'); + echo "<p class=\"error\">$error_msg</p>"; + return; + } + + $token = php_xmlrpc_decode($response->value()); /* encode the variables we need to send over */ - $encoded_key = new xmlrpcval($this->key,"string"); + $encoded_key = new xmlrpcval($token,"string"); $encoded_path = new xmlrpcval(Config::get('web_path'),"string"); $xmlrpc_message = new xmlrpcmsg('xmlrpcserver.get_catalogs', array($encoded_key,$encoded_path)); - - // 6 that's right, the secret level because if you do have debug on most likely you're - // going to just crash your browser... sorry folks - if (Config::get('debug') AND Config::get('debug_level') == '6') { $client->setDebug(1); } - $response = $client->send($xmlrpc_message,30); - $value = $response->value(); - if ( !$response->faultCode() ) { - $data = php_xmlrpc_decode($value); - - // Print out the catalogs we are going to sync - foreach ($data as $vars) { - $catalog_name = $vars['name']; - $count = $vars['count']; - print("<b>Reading Remote Catalog: $catalog_name ($count Songs)</b> [$this->path]<br />\n"); - $total += $count; - } - // Flush the output - flush(); - - } // if we didn't get an error - else { + if ($response->faultCode() ) { $error_msg = _("Error connecting to") . " " . $server . " " . _("Code") . ": " . $response->faultCode() . " " . _("Reason") . ": " . $response->faultString(); debug_event('XMLCLIENT',$error_msg,'1'); echo "<p class=\"error\">$error_msg</p>"; return; - } + } + + + $data = php_xmlrpc_decode($response->value()); + + // Print out the catalogs we are going to sync + foreach ($data as $vars) { + $catalog_name = $vars['name']; + $count = $vars['count']; + print("<b>Reading Remote Catalog: $catalog_name ($count Songs)</b> [$this->path]<br />\n"); + $total += $count; + } + + // Flush the output + flush(); // Hardcoded for now $step = '500'; @@ -1316,7 +1333,7 @@ class Catalog { while ($total > $current) { $start = $current; $current += $step; - $this->get_remote_song($client,$start,$step); + $this->get_remote_song($client,$token,$start,$step); } echo "<p>" . _('Completed updating remote catalog(s)') . ".</p><hr />\n"; @@ -1331,11 +1348,11 @@ class Catalog { * This functions takes a start and end point for gathering songs from a remote server. It is broken up * in attempt to get around the problem of very large target catalogs */ - public function get_remote_song($client,$start,$end) { + public function get_remote_song($client,$token,$start,$end) { $encoded_start = new xmlrpcval($start,"int"); $encoded_end = new xmlrpcval($end,"int"); - $encoded_key = new xmlrpcval($this->key,"string"); + $encoded_key = new xmlrpcval($token,"string"); $query_array = array($encoded_key,$encoded_start,$encoded_end); diff --git a/lib/class/xmlrpcserver.class.php b/lib/class/xmlrpcserver.class.php index abb8076e..e5f3eff3 100644 --- a/lib/class/xmlrpcserver.class.php +++ b/lib/class/xmlrpcserver.class.php @@ -41,7 +41,7 @@ class xmlRpcServer { $key = $variable->scalarval(); // Check it and make sure we're super green - if (!Access::check_network('rpc',$_SERVER['REMOTE_ADDR'],'','5',$key)) { + if (!vauth::session_exists('xml-rpc',$key)) { debug_event('XMLSERVER','Error ' . $_SERVER['REMOTE_ADDR'] . ' with key ' . $key . ' does not match any ACLs','1'); return new xmlrpcresp(0,'503','Key/IP Mis-match Access Denied'); } @@ -85,7 +85,7 @@ class xmlRpcServer { $key = $variable->scalarval(); // Check it and make sure we're super green - if (!Access::check_network('rpc',$_SERVER['REMOTE_ADDR'],'','5',$key)) { + if (!vauth::session_exists('xml-rpc',$key)) { debug_event('XMLSERVER','Error ' . $_SERVER['REMOTE_ADDR'] . ' with key ' . $key . ' does not match any ACLs','1'); return new xmlrpcresp(0,'503','Key/IP Mis-match Access Denied'); } @@ -134,12 +134,12 @@ class xmlRpcServer { // Pull out the params $encoded_key = $xmlrpc_object->params['0']->me['string']; - $timestamp = $xmlrpc_object->params['0']->me['int']; + $timestamp = $xmlrpc_object->params['1']->me['int']; // Check the timestamp make sure it's recent if ($timestamp < (time() - 14400)) { debug_event('XMLSERVER','Handshake failure, timestamp too old','1'); - return new xmlrpcresp(php_xmlrpc_encoded("Handshake failure")); + return new xmlrpcresp(0,'503','Handshaek failure, timestamp too old'); } // Log the attempt @@ -158,11 +158,16 @@ class xmlRpcServer { $md5pass = md5($timestamp . $row['key']); if ($md5pass == $encoded_key) { - $token = ''; + $data['type'] = 'xml-rpc'; + $data['username'] = 'System'; + $data['value'] = 'Handshake'; + $token = vauth::session_create($data); + return new xmlrpcresp(php_xmlrpc_encode($token)); } } // end while rows + return new xmlrpcresp(0,'503','Handshaek failure, Key/IP Incorrect'); } // handshake |