mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-03-14 12:40:01 +01:00
Code Issues Projects Releases Wiki Activity

mnet MDL-16858 verify the signature in the xmlrpc response

Browse Source
This commit is contained in:
Penny Leach 2010-02-02 02:13:25 +00:00
parent 5a355930d9
commit cd8f1cf656
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
mnet/xmlrpc/client.php
View File

@ -281,6 +281,13 @@ class mnet_xmlrpc_client {
}
$this->error[] = $this->response['faultCode'] . " : " . $this->response['faultString'] ."\n".$guidance;
}
// ok, it's signed, but is it signed with the right certificate ?
// do this *after* we check for an out of date key
if (!openssl_verify($this->xmlrpcresponse, base64_decode($sig_parser->signature), $mnet_peer->public_key)) {
$this->error[] = 'Invalid signature';
}
return empty($this->error);
}