Rev 1266 | Rev 1293 | Go to most recent revision | Only display areas with differences | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 1266 | Rev 1267 | ||
|---|---|---|---|
| 1 | <?php |
1 | <?php |
| 2 | 2 | ||
| 3 | /* |
3 | /* |
| 4 | * OIDplus 2.0 |
4 | * OIDplus 2.0 |
| 5 | * Copyright 2019 - 2023 Daniel Marschall, ViaThinkSoft |
5 | * Copyright 2019 - 2023 Daniel Marschall, ViaThinkSoft |
| 6 | * |
6 | * |
| 7 | * Licensed under the Apache License, Version 2.0 (the "License"); |
7 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 8 | * you may not use this file except in compliance with the License. |
8 | * you may not use this file except in compliance with the License. |
| 9 | * You may obtain a copy of the License at |
9 | * You may obtain a copy of the License at |
| 10 | * |
10 | * |
| 11 | * http://www.apache.org/licenses/LICENSE-2.0 |
11 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 12 | * |
12 | * |
| 13 | * Unless required by applicable law or agreed to in writing, software |
13 | * Unless required by applicable law or agreed to in writing, software |
| 14 | * distributed under the License is distributed on an "AS IS" BASIS, |
14 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 16 | * See the License for the specific language governing permissions and |
16 | * See the License for the specific language governing permissions and |
| 17 | * limitations under the License. |
17 | * limitations under the License. |
| 18 | */ |
18 | */ |
| 19 | 19 | ||
| 20 | namespace ViaThinkSoft\OIDplus; |
20 | namespace ViaThinkSoft\OIDplus; |
| 21 | 21 | ||
| 22 | // phpcs:disable PSR1.Files.SideEffects |
22 | // phpcs:disable PSR1.Files.SideEffects |
| 23 | \defined('INSIDE_OIDPLUS') or die; |
23 | \defined('INSIDE_OIDPLUS') or die; |
| 24 | // phpcs:enable PSR1.Files.SideEffects |
24 | // phpcs:enable PSR1.Files.SideEffects |
| 25 | 25 | ||
| 26 | class OIDplusPageAdminRegistration extends OIDplusPagePluginAdmin |
26 | class OIDplusPageAdminRegistration extends OIDplusPagePluginAdmin |
| 27 | implements INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_1, /* oobeRequested, oobeEntry */ |
27 | implements INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_1, /* oobeRequested, oobeEntry */ |
| 28 | INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_8 /* getNotifications */ |
28 | INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_8 /* getNotifications */ |
| 29 | { |
29 | { |
| 30 | 30 | ||
| 31 | /** |
31 | /** |
| 32 | * |
32 | * |
| 33 | */ |
33 | */ |
| 34 | /*private*/ const QUERY_REGISTER_V1 = '1.3.6.1.4.1.37476.2.5.2.1.1.1'; |
34 | /*private*/ const QUERY_REGISTER_V1 = '1.3.6.1.4.1.37476.2.5.2.1.1.1'; |
| 35 | 35 | ||
| 36 | /** |
36 | /** |
| 37 | * |
37 | * |
| 38 | */ |
38 | */ |
| 39 | /*private*/ const QUERY_UNREGISTER_V1 = '1.3.6.1.4.1.37476.2.5.2.1.2.1'; |
39 | /*private*/ const QUERY_UNREGISTER_V1 = '1.3.6.1.4.1.37476.2.5.2.1.2.1'; |
| 40 | 40 | ||
| 41 | /** |
41 | /** |
| 42 | * |
42 | * |
| 43 | */ |
43 | */ |
| 44 | /*private*/ const QUERY_LISTALLSYSTEMIDS_V1 = '1.3.6.1.4.1.37476.2.5.2.1.3.1'; |
44 | /*private*/ const QUERY_LISTALLSYSTEMIDS_V1 = '1.3.6.1.4.1.37476.2.5.2.1.3.1'; |
| 45 | 45 | ||
| 46 | /** |
46 | /** |
| 47 | * |
47 | * |
| 48 | */ |
48 | */ |
| 49 | /*private*/ const QUERY_LIVESTATUS_V1 = '1.3.6.1.4.1.37476.2.5.2.1.4.1'; |
49 | /*private*/ const QUERY_LIVESTATUS_V1 = '1.3.6.1.4.1.37476.2.5.2.1.4.1'; |
| 50 | 50 | ||
| 51 | /** |
51 | /** |
| 52 | * @param string $actionID |
52 | * @param string $actionID |
| 53 | * @return bool |
53 | * @return bool |
| 54 | */ |
54 | */ |
| 55 | public function csrfUnlock(string $actionID): bool { |
55 | public function csrfUnlock(string $actionID): bool { |
| 56 | if ($actionID == 'verify_pubkey') return true; |
56 | if ($actionID == 'verify_pubkey') return true; |
| 57 | return parent::csrfUnlock($actionID); |
57 | return parent::csrfUnlock($actionID); |
| 58 | } |
58 | } |
| 59 | 59 | ||
| 60 | /** |
60 | /** |
| 61 | * @param string $actionID |
61 | * @param string $actionID |
| 62 | * @param array $params |
62 | * @param array $params |
| 63 | * @return array |
63 | * @return array |
| 64 | * @throws OIDplusException |
64 | * @throws OIDplusException |
| 65 | */ |
65 | */ |
| 66 | public function action(string $actionID, array $params): array { |
66 | public function action(string $actionID, array $params): array { |
| 67 | if ($actionID == 'verify_pubkey') { |
67 | if ($actionID == 'verify_pubkey') { |
| 68 | // This action is called by the ViaThinkSoft server in order to verify that the system is in the ownership of the correct private key |
68 | // This action is called by the ViaThinkSoft server in order to verify that the system is in the ownership of the correct private key |
| 69 | 69 | ||
| 70 | _CheckParamExists($params, 'challenge'); |
70 | _CheckParamExists($params, 'challenge'); |
| 71 | 71 | ||
| 72 | $payload = 'oidplus-verify-pubkey:'.sha3_512($params['challenge']); |
72 | $payload = 'oidplus-verify-pubkey:'.sha3_512($params['challenge']); |
| 73 | 73 | ||
| 74 | $signature = ''; |
74 | $signature = ''; |
| 75 | if (!OIDplus::getPkiStatus() || !@openssl_sign($payload, $signature, OIDplus::getSystemPrivateKey())) { |
75 | if (!OIDplus::getPkiStatus() || !@openssl_sign($payload, $signature, OIDplus::getSystemPrivateKey())) { |
| 76 | throw new OIDplusException(_L('Signature failed')); |
76 | throw new OIDplusException(_L('Signature failed')); |
| 77 | } |
77 | } |
| 78 | 78 | ||
| 79 | return array( |
79 | return array( |
| 80 | "status" => 0, |
80 | "status" => 0, |
| 81 | "response" => base64_encode($signature) |
81 | "response" => base64_encode($signature) |
| 82 | ); |
82 | ); |
| 83 | } else { |
83 | } else { |
| 84 | return parent::action($actionID, $params); |
84 | return parent::action($actionID, $params); |
| 85 | } |
85 | } |
| 86 | } |
86 | } |
| 87 | 87 | ||
| 88 | /** |
88 | /** |
| 89 | * @param string $id |
89 | * @param string $id |
| 90 | * @param array $out |
90 | * @param array $out |
| 91 | * @param bool $handled |
91 | * @param bool $handled |
| 92 | * @return void |
92 | * @return void |
| 93 | * @throws OIDplusConfigInitializationException |
93 | * @throws OIDplusConfigInitializationException |
| 94 | * @throws OIDplusException |
94 | * @throws OIDplusException |
| 95 | */ |
95 | */ |
| 96 | public function gui(string $id, array &$out, bool &$handled) { |
96 | public function gui(string $id, array &$out, bool &$handled) { |
| 97 | if ($id === 'oidplus:srv_registration') { |
97 | if ($id === 'oidplus:srv_registration') { |
| 98 | $handled = true; |
98 | $handled = true; |
| 99 | $out['title'] = _L('System registration settings'); |
99 | $out['title'] = _L('System registration settings'); |
| 100 | $out['icon'] = file_exists(__DIR__.'/img/main_icon.png') ? OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon.png' : ''; |
100 | $out['icon'] = file_exists(__DIR__.'/img/main_icon.png') ? OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon.png' : ''; |
| 101 | 101 | ||
| 102 | if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
102 | if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
| 103 | throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), $out['title'], 401); |
103 | throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), $out['title'], 401); |
| 104 | } |
104 | } |
| 105 | 105 | ||
| 106 | if (file_exists(__DIR__ . '/info$'.OIDplus::getCurrentLang().'.html')) { |
106 | if (file_exists(__DIR__ . '/info$'.OIDplus::getCurrentLang().'.html')) { |
| 107 | $info = file_get_contents(__DIR__ . '/info$'.OIDplus::getCurrentLang().'.html'); |
107 | $info = file_get_contents(__DIR__ . '/info$'.OIDplus::getCurrentLang().'.html'); |
| 108 | } else { |
108 | } else { |
| 109 | $info = file_get_contents(__DIR__ . '/info.html'); |
109 | $info = file_get_contents(__DIR__ . '/info.html'); |
| 110 | } |
110 | } |
| 111 | 111 | ||
| 112 | list($html, $js, $css) = extractHtmlContents($info); |
112 | list($html, $js, $css) = extractHtmlContents($info); |
| 113 | $info = ''; |
113 | $info = ''; |
| 114 | if (!empty($js)) $info .= "<script>\n$js\n</script>"; |
114 | if (!empty($js)) $info .= "<script>\n$js\n</script>"; |
| 115 | if (!empty($css)) $info .= "<style>\n$css\n</style>"; |
115 | if (!empty($css)) $info .= "<style>\n$css\n</style>"; |
| 116 | $info .= stripHtmlComments($html); |
116 | $info .= stripHtmlComments($html); |
| 117 | 117 | ||
| 118 | $out['text'] = $info; |
118 | $out['text'] = $info; |
| 119 | 119 | ||
| 120 | if (!OIDplus::getPkiStatus()) { |
120 | if (!OIDplus::getPkiStatus()) { |
| 121 | $out['text'] .= '<p><font color="red">'._L('Error: Your system could not generate a private/public key pair. (OpenSSL is probably missing on your system). Therefore, you cannot register/unregister your OIDplus instance.').'</font></p>'; |
121 | $out['text'] .= '<p><font color="red">'._L('Error: Your system could not generate a private/public key pair. (OpenSSL is probably missing on your system). Therefore, you cannot register/unregister your OIDplus instance.').'</font></p>'; |
| 122 | } else if (!url_post_contents_available(true, $reason)) { |
122 | } else if (!url_post_contents_available(true, $reason)) { |
| 123 | $out['text'] .= '<p><font color="red">'; |
123 | $out['text'] .= '<p><font color="red">'; |
| 124 | $out['text'] .= _L('OIDplus cannot connect to the Internet (%1). Therefore, you <b>cannot</b> register your OIDplus instance now.', $reason); |
124 | $out['text'] .= _L('OIDplus cannot connect to the Internet (%1). Therefore, you <b>cannot</b> register your OIDplus instance now.', $reason); |
| 125 | $out['text'] .= '</font></p>'; |
125 | $out['text'] .= '</font></p>'; |
| 126 | } else { |
126 | } else { |
| 127 | $out['text'] .= '<p><input type="button" onclick="openOidInPanel(\'oidplus:srvreg_status\');" value="'._L('Check status of the registration and collected data').'"></p>'; |
127 | $out['text'] .= '<p><input type="button" onclick="openOidInPanel(\'oidplus:srvreg_status\');" value="'._L('Check status of the registration and collected data').'"></p>'; |
| 128 | 128 | ||
| 129 | if (OIDplus::baseConfig()->getValue('REGISTRATION_HIDE_SYSTEM', false)) { |
129 | if (OIDplus::baseConfig()->getValue('REGISTRATION_HIDE_SYSTEM', false)) { |
| 130 | $out['text'] .= '<p><font color="red"><b>'._L('Attention!').'</b> '._L('<code>REGISTRATION_HIDE_SYSTEM</code> is set in the local configuration file! Therefore, this system will not register itself, despite of the settings below.').'</font></p>'; |
130 | $out['text'] .= '<p><font color="red"><b>'._L('Attention!').'</b> '._L('<code>REGISTRATION_HIDE_SYSTEM</code> is set in the local configuration file! Therefore, this system will not register itself, despite of the settings below.').'</font></p>'; |
| 131 | } |
131 | } |
| 132 | 132 | ||
| 133 | $out['text'] .= '<p>'._L('You can adjust your privacy level here').':</p><p><select name="reg_privacy" id="reg_privacy">'; |
133 | $out['text'] .= '<p>'._L('You can adjust your privacy level here').':</p><p><select name="reg_privacy" id="reg_privacy">'; |
| 134 | 134 | ||
| 135 | # --- |
135 | # --- |
| 136 | 136 | ||
| 137 | $out['text'] .= '<option value="0"'; |
137 | $out['text'] .= '<option value="0"'; |
| 138 | if (OIDplus::config()->getValue('reg_privacy') == 0) { |
138 | if (OIDplus::config()->getValue('reg_privacy') == 0) { |
| 139 | $out['text'] .= ' selected'; |
139 | $out['text'] .= ' selected'; |
| 140 | } else { |
140 | } else { |
| 141 | $out['text'] .= ''; |
141 | $out['text'] .= ''; |
| 142 | } |
142 | } |
| 143 | $out['text'] .= '>'._L('0 = Register to directory service and automatically publish RA/OID data at oid-info.com').'</option>'; |
143 | $out['text'] .= '>'._L('0 = Register to directory service and automatically publish RA/OID data at oid-info.com').'</option>'; |
| 144 | 144 | ||
| 145 | # --- |
145 | # --- |
| 146 | 146 | ||
| 147 | $out['text'] .= '<option value="1"'; |
147 | $out['text'] .= '<option value="1"'; |
| 148 | if (OIDplus::config()->getValue('reg_privacy') == 1) { |
148 | if (OIDplus::config()->getValue('reg_privacy') == 1) { |
| 149 | $out['text'] .= ' selected'; |
149 | $out['text'] .= ' selected'; |
| 150 | } else { |
150 | } else { |
| 151 | $out['text'] .= ''; |
151 | $out['text'] .= ''; |
| 152 | } |
152 | } |
| 153 | $out['text'] .= '>'._L('1 = Only register to directory service').'</option>'; |
153 | $out['text'] .= '>'._L('1 = Only register to directory service').'</option>'; |
| 154 | 154 | ||
| 155 | # --- |
155 | # --- |
| 156 | 156 | ||
| 157 | $out['text'] .= '<option value="2"'; |
157 | $out['text'] .= '<option value="2"'; |
| 158 | if (OIDplus::config()->getValue('reg_privacy') == 2) { |
158 | if (OIDplus::config()->getValue('reg_privacy') == 2) { |
| 159 | $out['text'] .= ' selected'; |
159 | $out['text'] .= ' selected'; |
| 160 | } else { |
160 | } else { |
| 161 | $out['text'] .= ''; |
161 | $out['text'] .= ''; |
| 162 | } |
162 | } |
| 163 | $out['text'] .= '>'._L('2 = Hide system').'</option>'; |
163 | $out['text'] .= '>'._L('2 = Hide system').'</option>'; |
| 164 | 164 | ||
| 165 | # --- |
165 | # --- |
| 166 | 166 | ||
| 167 | $out['text'] .= '</select> <input type="button" value="'._L('Change').'" onclick="OIDplusPageAdminRegistration.crudActionRegPrivacyUpdate()"></p>'; |
167 | $out['text'] .= '</select> <input type="button" value="'._L('Change').'" onclick="OIDplusPageAdminRegistration.crudActionRegPrivacyUpdate()"></p>'; |
| 168 | 168 | ||
| 169 | $out['text'] .= '<p>'._L('After clicking "change", your OIDplus system will contact the ViaThinkSoft server to adjust (add or remove information) your privacy setting. This may take a few minutes.').'</p>'; |
169 | $out['text'] .= '<p>'._L('After clicking "change", your OIDplus system will contact the ViaThinkSoft server to adjust (add or remove information) your privacy setting. This may take a few minutes.').'</p>'; |
| 170 | 170 | ||
| 171 | $out['text'] .= '<p>'._L('<i>Privacy information:</i> Please note that removing your system from the directory does not automatically delete information about OIDs which are already published at oid-info.com. To remove already submitted OIDs at oid-info.com, please contact the <a href="mailto:admin@oid-info.com">OID Repository Webmaster</a>.').'</p>'; |
171 | $out['text'] .= '<p>'._L('<i>Privacy information:</i> Please note that removing your system from the directory does not automatically delete information about OIDs which are already published at oid-info.com. To remove already submitted OIDs at oid-info.com, please contact the <a href="mailto:admin@oid-info.com">OID Repository Webmaster</a>.').'</p>'; |
| 172 | } |
172 | } |
| 173 | } |
173 | } |
| 174 | if ($id === 'oidplus:srvreg_status') { |
174 | if ($id === 'oidplus:srvreg_status') { |
| 175 | $handled = true; |
175 | $handled = true; |
| 176 | $out['title'] = _L('Registration live status'); |
176 | $out['title'] = _L('Registration live status'); |
| 177 | $out['icon'] = file_exists(__DIR__.'/img/main_icon.png') ? OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon.png' : ''; |
177 | $out['icon'] = file_exists(__DIR__.'/img/main_icon.png') ? OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon.png' : ''; |
| 178 | 178 | ||
| 179 | if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
179 | if (!OIDplus::authUtils()->isAdminLoggedIn()) { |
| 180 | throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), $out['title'], 401); |
180 | throw new OIDplusHtmlException(_L('You need to <a %1>log in</a> as administrator.',OIDplus::gui()->link('oidplus:login$admin')), $out['title'], 401); |
| 181 | } |
181 | } |
| 182 | 182 | ||
| 183 | $query = self::QUERY_LIVESTATUS_V1; |
183 | $query = self::QUERY_LIVESTATUS_V1; |
| 184 | 184 | ||
| 185 | $payload = array( |
185 | $payload = array( |
| 186 | "query" => $query, // we must include $query to the playload, because we want to sign it |
186 | "query" => $query, // we must include $query to the playload, because we want to sign it |
| 187 | "lang" => OIDplus::getCurrentLang(), |
187 | "lang" => OIDplus::getCurrentLang(), |
| 188 | "system_id" => OIDplus::getSystemId(false) |
188 | "system_id" => OIDplus::getSystemId(false) |
| 189 | ); |
189 | ); |
| 190 | 190 | ||
| 191 | $signature = ''; |
191 | $signature = ''; |
| 192 | if (!OIDplus::getPkiStatus() || !@openssl_sign(json_encode($payload), $signature, OIDplus::getSystemPrivateKey())) { |
192 | if (!OIDplus::getPkiStatus() || !@openssl_sign(json_encode($payload), $signature, OIDplus::getSystemPrivateKey())) { |
| 193 | throw new OIDplusException(_L('Signature failed')); |
193 | throw new OIDplusException(_L('Signature failed')); |
| 194 | } |
194 | } |
| 195 | 195 | ||
| 196 | $data = array( |
196 | $data = array( |
| 197 | "payload" => $payload, |
197 | "payload" => $payload, |
| 198 | "signature" => base64_encode($signature) |
198 | "signature" => base64_encode($signature) |
| 199 | ); |
199 | ); |
| 200 | 200 | ||
| 201 | if (function_exists('gzdeflate')) { |
201 | if (function_exists('gzdeflate')) { |
| 202 | $compressed = "1"; |
202 | $compressed = "1"; |
| 203 | $data2 = gzdeflate(json_encode($data)); |
203 | $data2 = gzdeflate(json_encode($data)); |
| 204 | } else { |
204 | } else { |
| 205 | $compressed = "0"; |
205 | $compressed = "0"; |
| 206 | $data2 = json_encode($data); |
206 | $data2 = json_encode($data); |
| 207 | } |
207 | } |
| 208 | 208 | ||
| 209 | $res = url_post_contents( |
209 | $res = url_post_contents( |
| 210 | 'https://oidplus.viathinksoft.com/reg2/query.php', |
210 | 'https://oidplus.viathinksoft.com/reg2/query.php', |
| 211 | array( |
211 | array( |
| 212 | "query" => $query, |
212 | "query" => $query, |
| 213 | "compressed" => $compressed, |
213 | "compressed" => $compressed, |
| 214 | "data" => base64_encode($data2) |
214 | "data" => base64_encode($data2) |
| 215 | ) |
215 | ) |
| 216 | ); |
216 | ); |
| 217 | 217 | ||
| 218 | if ($res === false) { |
218 | if ($res === false) { |
| 219 | throw new OIDplusException(_L('Communication with %1 server failed', 'ViaThinkSoft')); |
219 | throw new OIDplusException(_L('Communication with %1 server failed', 'ViaThinkSoft')); |
| 220 | } |
220 | } |
| 221 | 221 | ||
| 222 | $json = @json_decode($res, true); |
222 | $json = @json_decode($res, true); |
| 223 | 223 | ||
| 224 | if (!$json) { |
224 | if (!$json) { |
| 225 | throw new OIDplusException(_L('JSON reply from ViaThinkSoft decoding error: %1',$res), $out['title']); |
225 | throw new OIDplusException(_L('JSON reply from ViaThinkSoft decoding error: %1',$res), $out['title']); |
| 226 | } |
226 | } |
| 227 | 227 | ||
| 228 | if (isset($json['error']) || ($json['status'] < 0)) { |
228 | if (isset($json['error']) || ($json['status'] < 0)) { |
| 229 | if (isset($json['error'])) { |
229 | if (isset($json['error'])) { |
| 230 | throw new OIDplusException(_L('Received error status code: %1',$json['error']), $out['title']); |
230 | throw new OIDplusException(_L('Received error status code: %1',$json['error']), $out['title']); |
| 231 | } else { |
231 | } else { |
| 232 | throw new OIDplusException(_L('Received error status code: %1',$json['status']), $out['title']); |
232 | throw new OIDplusException(_L('Received error status code: %1',$json['status']), $out['title']); |
| 233 | } |
233 | } |
| 234 | } |
234 | } |
| 235 | 235 | ||
| 236 | $out['text'] = '<p><a '.OIDplus::gui()->link('oidplus:srv_registration').'><img src="img/arrow_back.png" width="16" alt="'._L('Go back').'"> '._L('Go back to registration settings').'</a></p>' . |
236 | $out['text'] = '<p><a '.OIDplus::gui()->link('oidplus:srv_registration').'><img src="img/arrow_back.png" width="16" alt="'._L('Go back').'"> '._L('Go back to registration settings').'</a></p>' . |
| 237 | $json['content']; |
237 | $json['content']; |
| 238 | } |
238 | } |
| 239 | } |
239 | } |
| 240 | 240 | ||
| 241 | /** |
241 | /** |
| 242 | * @return bool |
242 | * @return bool |
| 243 | * @throws OIDplusException |
243 | * @throws OIDplusException |
| 244 | */ |
244 | */ |
| 245 | protected function areWeRegistered(): bool { |
245 | protected function areWeRegistered(): bool { |
| 246 | // To check if we are registered. Check it "anonymously" (i.e. without revealing our system ID) |
246 | // To check if we are registered. Check it "anonymously" (i.e. without revealing our system ID) |
| 247 | $res = url_get_contents('https://oidplus.viathinksoft.com/reg2/query.php?query='.self::QUERY_LISTALLSYSTEMIDS_V1); |
247 | $res = url_get_contents('https://oidplus.viathinksoft.com/reg2/query.php?query='.self::QUERY_LISTALLSYSTEMIDS_V1); |
| 248 | if ($res === false) return false; |
248 | if ($res === false) return false; |
| 249 | 249 | ||
| 250 | $json = @json_decode($res, true); |
250 | $json = @json_decode($res, true); |
| 251 | 251 | ||
| 252 | if (!$json) { |
252 | if (!$json) { |
| 253 | return false; // throw new OIDplusException(_L('JSON reply from ViaThinkSoft decoding error: %1',$res)); |
253 | return false; // throw new OIDplusException(_L('JSON reply from ViaThinkSoft decoding error: %1',$res)); |
| 254 | } |
254 | } |
| 255 | 255 | ||
| 256 | if (isset($json['error']) || ($json['status'] < 0)) { |
256 | if (isset($json['error']) || ($json['status'] < 0)) { |
| 257 | if (isset($json['error'])) { |
257 | if (isset($json['error'])) { |
| 258 | return false; // throw new OIDplusException(_L('Received error status code: %1',$json['error'])); |
258 | return false; // throw new OIDplusException(_L('Received error status code: %1',$json['error'])); |
| 259 | } else { |
259 | } else { |
| 260 | return false; // throw new OIDplusException(_L('Received error status code: %1',$json['status'])); |
260 | return false; // throw new OIDplusException(_L('Received error status code: %1',$json['status'])); |
| 261 | } |
261 | } |
| 262 | } |
262 | } |
| 263 | 263 | ||
| 264 | $list = $json['list']; |
264 | $list = $json['list']; |
| 265 | 265 | ||
| 266 | return in_array(OIDplus::getSystemId(false), $list); |
266 | return in_array(OIDplus::getSystemId(false), $list); |
| 267 | } |
267 | } |
| 268 | 268 | ||
| 269 | /** |
269 | /** |
| 270 | * @param int|null $privacy_level |
270 | * @param int|null $privacy_level |
| 271 | * @return false|void |
271 | * @return false|void |
| 272 | * @throws OIDplusException|\OIDInfoException |
272 | * @throws OIDplusException|\OIDInfoException |
| 273 | */ |
273 | */ |
| 274 | public function sendRegistrationQuery(int $privacy_level=null) { |
274 | public function sendRegistrationQuery(int $privacy_level=null) { |
| 275 | 275 | ||
| 276 | if (is_null($privacy_level)) { |
276 | if (is_null($privacy_level)) { |
| 277 | $privacy_level = OIDplus::config()->getValue('reg_privacy'); |
277 | $privacy_level = OIDplus::config()->getValue('reg_privacy'); |
| 278 | } |
278 | } |
| 279 | 279 | ||
| 280 | $system_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL); |
280 | $system_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL); |
| 281 | 281 | ||
| 282 | // It is very important that we set the ping time NOW, because ViaThinkSoft might contact us during the ping, |
282 | // It is very important that we set the ping time NOW, because ViaThinkSoft might contact us during the ping, |
| 283 | // and this would cause an endless loop! |
283 | // and this would cause an endless loop! |
| 284 | OIDplus::config()->setValue('reg_last_ping', time()); |
284 | OIDplus::config()->setValue('reg_last_ping', time()); |
| 285 | 285 | ||
| 286 | if (!OIDplus::getPkiStatus()) return false; |
286 | if (!OIDplus::getPkiStatus()) return false; |
| 287 | 287 | ||
| 288 | if (!url_post_contents_available(true)) return false; |
288 | if (!url_post_contents_available(true)) return false; |
| 289 | 289 | ||
| 290 | if ($privacy_level == 2) { |
290 | if ($privacy_level == 2) { |
| 291 | // The user wants to unregister, but we only unregister if we are registered |
291 | // The user wants to unregister, but we only unregister if we are registered |
| 292 | if ($this->areWeRegistered()) { |
292 | if ($this->areWeRegistered()) { |
| 293 | $query = self::QUERY_UNREGISTER_V1; |
293 | $query = self::QUERY_UNREGISTER_V1; |
| 294 | 294 | ||
| 295 | $payload = array( |
295 | $payload = array( |
| 296 | "query" => $query, // we must include $query to the payload, because we want to sign it |
296 | "query" => $query, // we must include $query to the payload, because we want to sign it |
| 297 | "system_id" => OIDplus::getSystemId(false) |
297 | "system_id" => OIDplus::getSystemId(false) |
| 298 | ); |
298 | ); |
| 299 | 299 | ||
| 300 | $signature = ''; |
300 | $signature = ''; |
| 301 | if (!OIDplus::getPkiStatus() || !@openssl_sign(json_encode($payload), $signature, OIDplus::getSystemPrivateKey())) { |
301 | if (!OIDplus::getPkiStatus() || !@openssl_sign(json_encode($payload), $signature, OIDplus::getSystemPrivateKey())) { |
| 302 | return false; // throw new OIDplusException(_L('Signature failed')); |
302 | return false; // throw new OIDplusException(_L('Signature failed')); |
| 303 | } |
303 | } |
| 304 | 304 | ||
| 305 | $data = array( |
305 | $data = array( |
| 306 | "payload" => $payload, |
306 | "payload" => $payload, |
| 307 | "signature" => base64_encode($signature) |
307 | "signature" => base64_encode($signature) |
| 308 | ); |
308 | ); |
| 309 | 309 | ||
| 310 | if (function_exists('gzdeflate')) { |
310 | if (function_exists('gzdeflate')) { |
| 311 | $compressed = "1"; |
311 | $compressed = "1"; |
| 312 | $data2 = gzdeflate(json_encode($data)); |
312 | $data2 = gzdeflate(json_encode($data)); |
| 313 | } else { |
313 | } else { |
| 314 | $compressed = "0"; |
314 | $compressed = "0"; |
| 315 | $data2 = json_encode($data); |
315 | $data2 = json_encode($data); |
| 316 | } |
316 | } |
| 317 | 317 | ||
| 318 | $res = url_post_contents( |
318 | $res = url_post_contents( |
| 319 | 'https://oidplus.viathinksoft.com/reg2/query.php', |
319 | 'https://oidplus.viathinksoft.com/reg2/query.php', |
| 320 | array( |
320 | array( |
| 321 | "query" => $query, |
321 | "query" => $query, |
| 322 | "compressed" => $compressed, |
322 | "compressed" => $compressed, |
| 323 | "data" => base64_encode($data2) |
323 | "data" => base64_encode($data2) |
| 324 | ) |
324 | ) |
| 325 | ); |
325 | ); |
| 326 | 326 | ||
| 327 | if ($res === false) return false; // throw new OIDplusException(_L('Communication with %1 server failed', 'ViaThinkSoft')); |
327 | if ($res === false) return false; // throw new OIDplusException(_L('Communication with %1 server failed', 'ViaThinkSoft')); |
| 328 | 328 | ||
| 329 | $json = @json_decode($res, true); |
329 | $json = @json_decode($res, true); |
| 330 | 330 | ||
| 331 | if (!$json) { |
331 | if (!$json) { |
| 332 | return false; // throw new OIDplusException(_L('JSON reply from ViaThinkSoft decoding error: %1',$res)); |
332 | return false; // throw new OIDplusException(_L('JSON reply from ViaThinkSoft decoding error: %1',$res)); |
| 333 | } |
333 | } |
| 334 | 334 | ||
| 335 | if (isset($json['error']) || ($json['status'] < 0)) { |
335 | if (isset($json['error']) || ($json['status'] < 0)) { |
| 336 | return false; // throw new OIDplusException(_L('Received error status code: %1',isset($json['error']) ? $json['error'] : $json['status'])); |
336 | return false; // throw new OIDplusException(_L('Received error status code: %1',isset($json['error']) ? $json['error'] : $json['status'])); |
| 337 | } |
337 | } |
| 338 | } |
338 | } |
| 339 | } else { |
339 | } else { |
| 340 | if ($privacy_level == 0) { |
340 | if ($privacy_level == 0) { |
| 341 | $adminExportPlugin = OIDplus::getPluginByOid('1.3.6.1.4.1.37476.2.5.2.4.3.400'); // OIDplusPageAdminOIDInfoExport |
341 | $adminExportPlugin = OIDplus::getPluginByOid('1.3.6.1.4.1.37476.2.5.2.4.3.400'); // OIDplusPageAdminOIDInfoExport |
| 342 | if (!is_null($adminExportPlugin)) { |
342 | if (!is_null($adminExportPlugin)) { |
| 343 | list($oidinfo_xml, $dummy_content_type) = OIDplusPageAdminOIDInfoExport::outputXML(false); // no online check, because the query should be short (since the query is done while a visitor waits for the response) |
343 | list($oidinfo_xml, $dummy_content_type) = OIDplusPageAdminOIDInfoExport::outputXML(false); // no online check, because the query should be short (since the query is done while a visitor waits for the response) |
| 344 | } else { |
344 | } else { |
| 345 | $oidinfo_xml = false; |
345 | $oidinfo_xml = false; |
| 346 | } |
346 | } |
| 347 | } else { |
347 | } else { |
| 348 | $oidinfo_xml = false; |
348 | $oidinfo_xml = false; |
| 349 | } |
349 | } |
| 350 | 350 | ||
| 351 | $query = self::QUERY_REGISTER_V1; |
351 | $query = self::QUERY_REGISTER_V1; |
| 352 | 352 | ||
| 353 | $root_oids = array(); |
353 | $root_oids = array(); |
| 354 | foreach (OIDplus::getEnabledObjectTypes() as $ot) { |
354 | foreach (OIDplus::getEnabledObjectTypes() as $ot) { |
| 355 | if ($ot::ns() == 'oid') { |
355 | if ($ot::ns() == 'oid') { |
| 356 | $res = OIDplus::db()->query("select id from ###objects where " . |
356 | $res = OIDplus::db()->query("select id from ###objects where " . |
| 357 | "(parent = 'oid:' or " . |
357 | "(parent = 'oid:' or " . |
| 358 | // The following two cases are special cases e.g. if there are multiple PEN or UUID-OIDs, and the system owner decides to use the IANA PEN as root OID, but actually, it is not "his" root then! The OIDs inside the IANA PEN root are his root then! |
358 | // The following two cases are special cases e.g. if there are multiple PEN or UUID-OIDs, and the system owner decides to use the IANA PEN as root OID, but actually, it is not "his" root then! The OIDs inside the IANA PEN root are his root then! |
| 359 | "parent in (select oid from ###asn1id where well_known = ?) or " . |
359 | "parent in (select oid from ###asn1id where well_known = ?) or " . |
| 360 | "parent in (select oid from ###iri where well_known = ?)) and " . |
360 | "parent in (select oid from ###iri where well_known = ?)) and " . |
| 361 | // We assume hereby that RAs of well-known OIDs (e.g. IANA) will not use OIDplus for allocating OIDs: |
361 | // We assume hereby that RAs of well-known OIDs (e.g. IANA) will not use OIDplus for allocating OIDs: |
| 362 | "id not in (select oid from ###asn1id where well_known = ?) and " . |
362 | "id not in (select oid from ###asn1id where well_known = ?) and " . |
| 363 | "id not in (select oid from ###iri where well_known = ?)", array(true, true, true, true)); |
363 | "id not in (select oid from ###iri where well_known = ?)", array(true, true, true, true)); |
| 364 | $res->naturalSortByField('id'); |
364 | $res->naturalSortByField('id'); |
| 365 | while ($row = $res->fetch_array()) { |
365 | while ($row = $res->fetch_array()) { |
| 366 | $root_oids[] = substr($row['id'],strlen('oid:')); |
366 | $root_oids[] = substr($row['id'],strlen('oid:')); |
| 367 | } |
367 | } |
| 368 | } |
368 | } |
| 369 | } |
369 | } |
| 370 | $payload = array( |
370 | $payload = array( |
| 371 | "query" => $query, // we must include $query to the payload, because we want to sign it |
371 | "query" => $query, // we must include $query to the payload, because we want to sign it |
| 372 | "privacy_level" => $privacy_level, |
372 | "privacy_level" => $privacy_level, |
| 373 | "system_id" => OIDplus::getSystemId(false), |
373 | "system_id" => OIDplus::getSystemId(false), |
| 374 | "public_key" => OIDplus::getSystemPublicKey(), |
374 | "public_key" => OIDplus::getSystemPublicKey(), |
| 375 | "system_url" => $system_url, |
375 | "system_url" => $system_url, |
| 376 | "hide_system_url" => 0, |
376 | "hide_system_url" => 0, |
| 377 | "hide_public_key" => 0, |
377 | "hide_public_key" => 0, |
| 378 | "admin_email" => OIDplus::config()->getValue('admin_email'), |
378 | "admin_email" => OIDplus::config()->getValue('admin_email'), |
| 379 | "system_title" => OIDplus::config()->getValue('system_title'), |
379 | "system_title" => OIDplus::config()->getValue('system_title'), |
| 380 | "oidinfo_xml" => @base64_encode($oidinfo_xml), |
380 | "oidinfo_xml" => @base64_encode($oidinfo_xml), |
| 381 | "root_oids" => $root_oids, |
381 | "root_oids" => $root_oids, |
| 382 | "system_version" => OIDplus::getVersion(), |
382 | "system_version" => OIDplus::getVersion(), |
| 383 | "system_install_type" => OIDplus::getInstallType() |
383 | "system_install_type" => OIDplus::getInstallType() |
| 384 | ); |
384 | ); |
| 385 | 385 | ||
| 386 | $signature = ''; |
386 | $signature = ''; |
| 387 | if (!OIDplus::getPkiStatus() || !@openssl_sign(json_encode($payload), $signature, OIDplus::getSystemPrivateKey())) { |
387 | if (!OIDplus::getPkiStatus() || !@openssl_sign(json_encode($payload), $signature, OIDplus::getSystemPrivateKey())) { |
| 388 | return false; // throw new OIDplusException(_L('Signature failed')); |
388 | return false; // throw new OIDplusException(_L('Signature failed')); |
| 389 | } |
389 | } |
| 390 | 390 | ||
| 391 | $data = array( |
391 | $data = array( |
| 392 | "payload" => $payload, |
392 | "payload" => $payload, |
| 393 | "signature" => base64_encode($signature) |
393 | "signature" => base64_encode($signature) |
| 394 | ); |
394 | ); |
| 395 | 395 | ||
| 396 | if (function_exists('gzdeflate')) { |
396 | if (function_exists('gzdeflate')) { |
| 397 | $compressed = "1"; |
397 | $compressed = "1"; |
| 398 | $data2 = gzdeflate(json_encode($data)); |
398 | $data2 = gzdeflate(json_encode($data)); |
| 399 | } else { |
399 | } else { |
| 400 | $compressed = "0"; |
400 | $compressed = "0"; |
| 401 | $data2 = json_encode($data); |
401 | $data2 = json_encode($data); |
| 402 | } |
402 | } |
| 403 | 403 | ||
| 404 | $res = url_post_contents( |
404 | $res = url_post_contents( |
| 405 | 'https://oidplus.viathinksoft.com/reg2/query.php', |
405 | 'https://oidplus.viathinksoft.com/reg2/query.php', |
| 406 | array( |
406 | array( |
| 407 | "query" => $query, |
407 | "query" => $query, |
| 408 | "compressed" => $compressed, |
408 | "compressed" => $compressed, |
| 409 | "data" => base64_encode($data2) |
409 | "data" => base64_encode($data2) |
| 410 | ) |
410 | ) |
| 411 | ); |
411 | ); |
| 412 | 412 | ||
| 413 | if ($res === false) return false; // throw new OIDplusException(_L('Communication with %1 server failed', 'ViaThinkSoft')); |
413 | if ($res === false) return false; // throw new OIDplusException(_L('Communication with %1 server failed', 'ViaThinkSoft')); |
| 414 | 414 | ||
| 415 | $json = @json_decode($res, true); |
415 | $json = @json_decode($res, true); |
| 416 | 416 | ||
| 417 | if (!$json) { |
417 | if (!$json) { |
| 418 | return false; // throw new OIDplusException(_L('JSON reply from ViaThinkSoft decoding error: %1',$res)); |
418 | return false; // throw new OIDplusException(_L('JSON reply from ViaThinkSoft decoding error: %1',$res)); |
| 419 | } |
419 | } |
| 420 | 420 | ||
| 421 | if (isset($json['error']) || ($json['status'] < 0)) { |
421 | if (isset($json['error']) || ($json['status'] < 0)) { |
| 422 | if (isset($json['error'])) { |
422 | if (isset($json['error'])) { |
| 423 | return false; // throw new OIDplusException(_L('Received error status code: %1',$json['error'])); |
423 | return false; // throw new OIDplusException(_L('Received error status code: %1',$json['error'])); |
| 424 | } else { |
424 | } else { |
| 425 | return false; // throw new OIDplusException(_L('Received error status code: %1',$json['status'])); |
425 | return false; // throw new OIDplusException(_L('Received error status code: %1',$json['status'])); |
| 426 | } |
426 | } |
| 427 | } else if ($json['status'] == 99/*Hash conflict*/) { |
427 | } else if ($json['status'] == 99/*Hash conflict*/) { |
| 428 | OIDplus::logger()->log("[WARN]A!", "Removing SystemID and key pair because there is a hash conflict with another OIDplus system!"); |
428 | OIDplus::logger()->log("V2:[WARN]A", "Removing SystemID and key pair because there is a hash conflict with another OIDplus system!"); |
| 429 | 429 | ||
| 430 | // Delete the system ID since we have a conflict with the 31-bit hash! |
430 | // Delete the system ID since we have a conflict with the 31-bit hash! |
| 431 | OIDplus::config()->setValue('oidplus_private_key', ''); |
431 | OIDplus::config()->setValue('oidplus_private_key', ''); |
| 432 | OIDplus::config()->setValue('oidplus_public_key', ''); |
432 | OIDplus::config()->setValue('oidplus_public_key', ''); |
| 433 | 433 | ||
| 434 | // Try to generate a new system ID |
434 | // Try to generate a new system ID |
| 435 | OIDplus::getPkiStatus(true); |
435 | OIDplus::getPkiStatus(true); |
| 436 | 436 | ||
| 437 | // Enforce a new registration attempt at the next page visit |
437 | // Enforce a new registration attempt at the next page visit |
| 438 | // We will not try again here, because that might lead to an endless loop if the VTS server would always return 'HASH_CONFLCIT' |
438 | // We will not try again here, because that might lead to an endless loop if the VTS server would always return 'HASH_CONFLCIT' |
| 439 | OIDplus::config()->setValue('reg_last_ping', 0); |
439 | OIDplus::config()->setValue('reg_last_ping', 0); |
| 440 | } else if ($json['status'] == 0/*OK*/) { |
440 | } else if ($json['status'] == 0/*OK*/) { |
| 441 | // Note: whois.viathinksoft.de:43 uses VGWhoIs, which uses these patterns: https://github.com/danielmarschall/vgwhois/blob/master/main/pattern/oid |
441 | // Note: whois.viathinksoft.de:43 uses VGWhoIs, which uses these patterns: https://github.com/danielmarschall/vgwhois/blob/master/main/pattern/oid |
| 442 | // If your system gets acknowledged by ViaThinkSoft, then vts_whois will be filled with that server name whois.viathinksoft.de:43 |
442 | // If your system gets acknowledged by ViaThinkSoft, then vts_whois will be filled with that server name whois.viathinksoft.de:43 |
| 443 | if (isset($json['vts_whois'])) OIDplus::config()->setValue('vts_whois', $json['vts_whois']); |
443 | if (isset($json['vts_whois'])) OIDplus::config()->setValue('vts_whois', $json['vts_whois']); |
| 444 | 444 | ||
| 445 | // ViaThinkSoft certifies the system public key and other system attributes and root objects (requires human verification) |
445 | // ViaThinkSoft certifies the system public key and other system attributes and root objects (requires human verification) |
| 446 | if (isset($json['vts_cert'])) OIDplus::config()->setValue('vts_cert', $json['vts_cert']); |
446 | if (isset($json['vts_cert'])) OIDplus::config()->setValue('vts_cert', $json['vts_cert']); |
| 447 | if (isset($json['vts_ca'])) OIDplus::config()->setValue('vts_ca', $json['vts_ca']); |
447 | if (isset($json['vts_ca'])) OIDplus::config()->setValue('vts_ca', $json['vts_ca']); |
| 448 | } |
448 | } |
| 449 | } |
449 | } |
| 450 | } |
450 | } |
| 451 | 451 | ||
| 452 | /** |
452 | /** |
| 453 | * @param bool $html |
453 | * @param bool $html |
| 454 | * @return void |
454 | * @return void |
| 455 | * @throws OIDplusException |
455 | * @throws OIDplusException |
| 456 | */ |
456 | */ |
| 457 | public function init(bool $html=true) { |
457 | public function init(bool $html=true) { |
| 458 | if (OIDplus::getEditionInfo()['vendor'] != 'ViaThinkSoft') { |
458 | if (OIDplus::getEditionInfo()['vendor'] != 'ViaThinkSoft') { |
| 459 | throw new OIDplusException(_L('This plugin is only available in the ViaThinkSoft edition of OIDplus')); |
459 | throw new OIDplusException(_L('This plugin is only available in the ViaThinkSoft edition of OIDplus')); |
| 460 | } |
460 | } |
| 461 | 461 | ||
| 462 | // Note: It is important that the default value is '2', otherwise, systems which don't have CURL will fail |
462 | // Note: It is important that the default value is '2', otherwise, systems which don't have CURL will fail |
| 463 | OIDplus::config()->prepareConfigKey('reg_privacy', '2=Hide your system, 1=Register your system to the ViaThinkSoft directory and oid-info.com, 0=Publish your system to ViaThinkSoft directory and all public contents (RA/OID) to oid-info.com', '2', OIDplusConfig::PROTECTION_EDITABLE, function($value) { |
463 | OIDplus::config()->prepareConfigKey('reg_privacy', '2=Hide your system, 1=Register your system to the ViaThinkSoft directory and oid-info.com, 0=Publish your system to ViaThinkSoft directory and all public contents (RA/OID) to oid-info.com', '2', OIDplusConfig::PROTECTION_EDITABLE, function($value) { |
| 464 | if (($value != '0') && ($value != '1') && ($value != '2')) { |
464 | if (($value != '0') && ($value != '1') && ($value != '2')) { |
| 465 | throw new OIDplusException(_L('Please enter either 0, 1 or 2.')); |
465 | throw new OIDplusException(_L('Please enter either 0, 1 or 2.')); |
| 466 | } |
466 | } |
| 467 | // Now do a recheck and notify the ViaThinkSoft server |
467 | // Now do a recheck and notify the ViaThinkSoft server |
| 468 | if (($value == 2) || !OIDplus::baseConfig()->getValue('REGISTRATION_HIDE_SYSTEM', false)) { |
468 | if (($value == 2) || !OIDplus::baseConfig()->getValue('REGISTRATION_HIDE_SYSTEM', false)) { |
| 469 | OIDplus::config()->setValue('reg_last_ping', 0); |
469 | OIDplus::config()->setValue('reg_last_ping', 0); |
| 470 | if (!url_post_contents_available(true, $reason)) throw new OIDplusException(_L('The system cannot contact the ViaThinkSoft server to change the registration settings.').' '.$reason); |
470 | if (!url_post_contents_available(true, $reason)) throw new OIDplusException(_L('The system cannot contact the ViaThinkSoft server to change the registration settings.').' '.$reason); |
| 471 | $this->sendRegistrationQuery($value); |
471 | $this->sendRegistrationQuery($value); |
| 472 | } |
472 | } |
| 473 | }); |
473 | }); |
| 474 | OIDplus::config()->prepareConfigKey('reg_ping_interval', 'Registration ping interval (in seconds)', '3600', OIDplusConfig::PROTECTION_HIDDEN, function($value) { |
474 | OIDplus::config()->prepareConfigKey('reg_ping_interval', 'Registration ping interval (in seconds)', '3600', OIDplusConfig::PROTECTION_HIDDEN, function($value) { |
| 475 | 475 | ||
| 476 | }); |
476 | }); |
| 477 | OIDplus::config()->prepareConfigKey('reg_last_ping', 'Last ping to ViaThinkSoft directory services', '0', OIDplusConfig::PROTECTION_HIDDEN, function($value) { |
477 | OIDplus::config()->prepareConfigKey('reg_last_ping', 'Last ping to ViaThinkSoft directory services', '0', OIDplusConfig::PROTECTION_HIDDEN, function($value) { |
| 478 | 478 | ||
| 479 | }); |
479 | }); |
| 480 | OIDplus::config()->prepareConfigKey('vts_whois', 'ViaThinkSoft Whois Server (if this system is recognized)', '', OIDplusConfig::PROTECTION_READONLY, function($value) { |
480 | OIDplus::config()->prepareConfigKey('vts_whois', 'ViaThinkSoft Whois Server (if this system is recognized)', '', OIDplusConfig::PROTECTION_READONLY, function($value) { |
| 481 | 481 | ||
| 482 | }); |
482 | }); |
| 483 | OIDplus::config()->prepareConfigKey('vts_cert', 'ViaThinkSoft certificate (requires registration)', '', OIDplusConfig::PROTECTION_HIDDEN, function($value) { |
483 | OIDplus::config()->prepareConfigKey('vts_cert', 'ViaThinkSoft certificate (requires registration)', '', OIDplusConfig::PROTECTION_HIDDEN, function($value) { |
| 484 | 484 | ||
| 485 | }); |
485 | }); |
| 486 | OIDplus::config()->prepareConfigKey('vts_ca', 'ViaThinkSoft certificate root (requires registration)', '', OIDplusConfig::PROTECTION_HIDDEN, function($value) { |
486 | OIDplus::config()->prepareConfigKey('vts_ca', 'ViaThinkSoft certificate root (requires registration)', '', OIDplusConfig::PROTECTION_HIDDEN, function($value) { |
| 487 | 487 | ||
| 488 | }); |
488 | }); |
| 489 | OIDplus::config()->prepareConfigKey('oobe_registration_done', '"Out Of Box Experience" wizard for OIDplusPageAdminRegistration done once?', '0', OIDplusConfig::PROTECTION_HIDDEN, function($value) {}); |
489 | OIDplus::config()->prepareConfigKey('oobe_registration_done', '"Out Of Box Experience" wizard for OIDplusPageAdminRegistration done once?', '0', OIDplusConfig::PROTECTION_HIDDEN, function($value) {}); |
| 490 | 490 | ||
| 491 | // Is it time to register / renew the directory entry? |
491 | // Is it time to register / renew the directory entry? |
| 492 | // Note: REGISTRATION_HIDE_SYSTEM is an undocumented constant that can be put in the userdata/baseconfig/config.inc.php files of a test system accessing the same database as the productive system that is registered. |
492 | // Note: REGISTRATION_HIDE_SYSTEM is an undocumented constant that can be put in the userdata/baseconfig/config.inc.php files of a test system accessing the same database as the productive system that is registered. |
| 493 | // This avoids that the URL of a productive system is overridden with the URL of a cloned test system (since they use the same database, they also have the same system ID) |
493 | // This avoids that the URL of a productive system is overridden with the URL of a cloned test system (since they use the same database, they also have the same system ID) |
| 494 | 494 | ||
| 495 | if (OIDplus::config()->getValue('oobe_registration_done') == '1') { |
495 | if (OIDplus::config()->getValue('oobe_registration_done') == '1') { |
| 496 | if (!OIDplus::baseConfig()->getValue('REGISTRATION_HIDE_SYSTEM', false)) { |
496 | if (!OIDplus::baseConfig()->getValue('REGISTRATION_HIDE_SYSTEM', false)) { |
| 497 | $privacy_level = OIDplus::config()->getValue('reg_privacy'); |
497 | $privacy_level = OIDplus::config()->getValue('reg_privacy'); |
| 498 | 498 | ||
| 499 | if (PHP_SAPI !== 'cli') { // don't register when called from CLI, otherwise the oidinfo XML can't convert relative links into absolute links |
499 | if (PHP_SAPI !== 'cli') { // don't register when called from CLI, otherwise the oidinfo XML can't convert relative links into absolute links |
| 500 | $last_ping = OIDplus::config()->getValue('reg_last_ping'); |
500 | $last_ping = OIDplus::config()->getValue('reg_last_ping'); |
| 501 | if (!is_numeric($last_ping)) $last_ping = 0; |
501 | if (!is_numeric($last_ping)) $last_ping = 0; |
| 502 | $last_ping_interval = OIDplus::config()->getValue('reg_ping_interval'); |
502 | $last_ping_interval = OIDplus::config()->getValue('reg_ping_interval'); |
| 503 | if (!is_numeric($last_ping_interval)) $last_ping_interval = 3600; |
503 | if (!is_numeric($last_ping_interval)) $last_ping_interval = 3600; |
| 504 | 504 | ||
| 505 | // Cronjobs get half ping interval, to make sure that a web visitor won't get any delay |
505 | // Cronjobs get half ping interval, to make sure that a web visitor won't get any delay |
| 506 | if (OIDplus::isCronjob()) $last_ping_interval /= 2; |
506 | if (OIDplus::isCronjob()) $last_ping_interval /= 2; |
| 507 | 507 | ||
| 508 | if ((time()-$last_ping >= $last_ping_interval)) { |
508 | if ((time()-$last_ping >= $last_ping_interval)) { |
| 509 | try { |
509 | try { |
| 510 | $this->sendRegistrationQuery(); |
510 | $this->sendRegistrationQuery(); |
| 511 | } catch (\Exception $e) { |
511 | } catch (\Exception $e) { |
| 512 | // Don't do anything, because we don't want that a failed registration query blocks the system |
512 | // Don't do anything, because we don't want that a failed registration query blocks the system |
| 513 | OIDplus::logger()->log('[WARN]A!', 'System registration query crashed: %1', $e->getMessage()); |
513 | OIDplus::logger()->log('V2:[WARN]A', 'System registration query crashed: %1', $e->getMessage()); |
| 514 | } |
514 | } |
| 515 | } |
515 | } |
| 516 | } |
516 | } |
| 517 | } |
517 | } |
| 518 | } |
518 | } |
| 519 | } |
519 | } |
| 520 | 520 | ||
| 521 | /** |
521 | /** |
| 522 | * @param array $json |
522 | * @param array $json |
| 523 | * @param string|null $ra_email |
523 | * @param string|null $ra_email |
| 524 | * @param bool $nonjs |
524 | * @param bool $nonjs |
| 525 | * @param string $req_goto |
525 | * @param string $req_goto |
| 526 | * @return bool |
526 | * @return bool |
| 527 | * @throws OIDplusException |
527 | * @throws OIDplusException |
| 528 | */ |
528 | */ |
| 529 | public function tree(array &$json, string $ra_email=null, bool $nonjs=false, string $req_goto=''): bool { |
529 | public function tree(array &$json, string $ra_email=null, bool $nonjs=false, string $req_goto=''): bool { |
| 530 | if (!OIDplus::authUtils()->isAdminLoggedIn()) return false; |
530 | if (!OIDplus::authUtils()->isAdminLoggedIn()) return false; |
| 531 | 531 | ||
| 532 | if (file_exists(__DIR__.'/img/main_icon16.png')) { |
532 | if (file_exists(__DIR__.'/img/main_icon16.png')) { |
| 533 | $tree_icon = OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon16.png'; |
533 | $tree_icon = OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon16.png'; |
| 534 | } else { |
534 | } else { |
| 535 | $tree_icon = null; // default icon (folder) |
535 | $tree_icon = null; // default icon (folder) |
| 536 | } |
536 | } |
| 537 | 537 | ||
| 538 | $json[] = array( |
538 | $json[] = array( |
| 539 | 'id' => 'oidplus:srv_registration', |
539 | 'id' => 'oidplus:srv_registration', |
| 540 | 'icon' => $tree_icon, |
540 | 'icon' => $tree_icon, |
| 541 | 'text' => _L('System registration') |
541 | 'text' => _L('System registration') |
| 542 | ); |
542 | ); |
| 543 | 543 | ||
| 544 | return true; |
544 | return true; |
| 545 | } |
545 | } |
| 546 | 546 | ||
| 547 | /** |
547 | /** |
| 548 | * @param string $request |
548 | * @param string $request |
| 549 | * @return array|false |
549 | * @return array|false |
| 550 | */ |
550 | */ |
| 551 | public function tree_search(string $request) { |
551 | public function tree_search(string $request) { |
| 552 | return false; |
552 | return false; |
| 553 | } |
553 | } |
| 554 | 554 | ||
| 555 | /** |
555 | /** |
| 556 | * Implements interface INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_1 |
556 | * Implements interface INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_1 |
| 557 | * @return bool |
557 | * @return bool |
| 558 | * @throws OIDplusException |
558 | * @throws OIDplusException |
| 559 | */ |
559 | */ |
| 560 | public function oobeRequested(): bool { |
560 | public function oobeRequested(): bool { |
| 561 | return OIDplus::config()->getValue('oobe_registration_done') == '0'; |
561 | return OIDplus::config()->getValue('oobe_registration_done') == '0'; |
| 562 | } |
562 | } |
| 563 | 563 | ||
| 564 | /** |
564 | /** |
| 565 | * Implements interface INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_1 |
565 | * Implements interface INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_1 |
| 566 | * @param int $step |
566 | * @param int $step |
| 567 | * @param bool $do_edits |
567 | * @param bool $do_edits |
| 568 | * @param bool $errors_happened |
568 | * @param bool $errors_happened |
| 569 | * @return void |
569 | * @return void |
| 570 | * @throws OIDplusConfigInitializationException |
570 | * @throws OIDplusConfigInitializationException |
| 571 | * @throws OIDplusException |
571 | * @throws OIDplusException |
| 572 | */ |
572 | */ |
| 573 | public function oobeEntry(int $step, bool $do_edits, bool &$errors_happened)/*: void*/ { |
573 | public function oobeEntry(int $step, bool $do_edits, bool &$errors_happened)/*: void*/ { |
| 574 | echo '<h2>'._L('Step %1: System registration and automatic publishing (optional)',$step).'</h2>'; |
574 | echo '<h2>'._L('Step %1: System registration and automatic publishing (optional)',$step).'</h2>'; |
| 575 | 575 | ||
| 576 | if (file_exists(__DIR__ . '/info$'.OIDplus::getCurrentLang().'.html')) { |
576 | if (file_exists(__DIR__ . '/info$'.OIDplus::getCurrentLang().'.html')) { |
| 577 | $info = file_get_contents(__DIR__ . '/info$'.OIDplus::getCurrentLang().'.html'); |
577 | $info = file_get_contents(__DIR__ . '/info$'.OIDplus::getCurrentLang().'.html'); |
| 578 | } else { |
578 | } else { |
| 579 | $info = file_get_contents(__DIR__ . '/info.html'); |
579 | $info = file_get_contents(__DIR__ . '/info.html'); |
| 580 | } |
580 | } |
| 581 | 581 | ||
| 582 | // make sure the program works even if the user provided HTML is not UTF-8 |
582 | // make sure the program works even if the user provided HTML is not UTF-8 |
| 583 | $info = convert_to_utf8_no_bom($info); |
583 | $info = convert_to_utf8_no_bom($info); |
| 584 | 584 | ||
| 585 | echo $info; |
585 | echo $info; |
| 586 | 586 | ||
| 587 | if (!url_post_contents_available(true, $reason)) { |
587 | if (!url_post_contents_available(true, $reason)) { |
| 588 | echo '<p><font color="red">'; |
588 | echo '<p><font color="red">'; |
| 589 | echo _L('OIDplus cannot connect to the Internet (%1). Therefore, you <b>cannot</b> register your OIDplus instance now.', $reason); |
589 | echo _L('OIDplus cannot connect to the Internet (%1). Therefore, you <b>cannot</b> register your OIDplus instance now.', $reason); |
| 590 | echo '</font></p>'; |
590 | echo '</font></p>'; |
| 591 | if ($do_edits) { |
591 | if ($do_edits) { |
| 592 | OIDplus::config()->setValue('oobe_registration_done', '1'); |
592 | OIDplus::config()->setValue('oobe_registration_done', '1'); |
| 593 | } |
593 | } |
| 594 | return; |
594 | return; |
| 595 | } |
595 | } |
| 596 | 596 | ||
| 597 | $pki_status = OIDplus::getPkiStatus(); |
597 | $pki_status = OIDplus::getPkiStatus(); |
| 598 | 598 | ||
| 599 | if (!$pki_status) { |
599 | if (!$pki_status) { |
| 600 | echo '<p><font color="red">'; |
600 | echo '<p><font color="red">'; |
| 601 | echo _L('Your system could not generate a private/public key pair. (OpenSSL is probably missing on your system).').' '; |
601 | echo _L('Your system could not generate a private/public key pair. (OpenSSL is probably missing on your system).').' '; |
| 602 | echo _L('Therefore, you <b>cannot</b> register your OIDplus instance now.'); |
602 | echo _L('Therefore, you <b>cannot</b> register your OIDplus instance now.'); |
| 603 | echo '</font></p>'; |
603 | echo '</font></p>'; |
| 604 | if ($do_edits) { |
604 | if ($do_edits) { |
| 605 | OIDplus::config()->setValue('oobe_registration_done', '1'); |
605 | OIDplus::config()->setValue('oobe_registration_done', '1'); |
| 606 | } |
606 | } |
| 607 | return; |
607 | return; |
| 608 | } |
608 | } |
| 609 | 609 | ||
| 610 | echo '<p>'._L('Privacy level').':</p><select name="reg_privacy" id="reg_privacy">'; |
610 | echo '<p>'._L('Privacy level').':</p><select name="reg_privacy" id="reg_privacy">'; |
| 611 | 611 | ||
| 612 | # --- |
612 | # --- |
| 613 | 613 | ||
| 614 | echo '<option value="0"'; |
614 | echo '<option value="0"'; |
| 615 | if (isset($_POST['sent'])) { |
615 | if (isset($_POST['sent'])) { |
| 616 | if (isset($_POST['reg_privacy']) && ($_POST['reg_privacy'] == 0)) echo ' selected'; |
616 | if (isset($_POST['reg_privacy']) && ($_POST['reg_privacy'] == 0)) echo ' selected'; |
| 617 | } else { |
617 | } else { |
| 618 | if ((OIDplus::config()->getValue('reg_privacy') == 0) || !OIDplus::config()->getValue('oobe_registration_done')) { |
618 | if ((OIDplus::config()->getValue('reg_privacy') == 0) || !OIDplus::config()->getValue('oobe_registration_done')) { |
| 619 | echo ' selected'; |
619 | echo ' selected'; |
| 620 | } else { |
620 | } else { |
| 621 | echo ''; |
621 | echo ''; |
| 622 | } |
622 | } |
| 623 | } |
623 | } |
| 624 | echo '>'._L('0 = Register to directory service and automatically publish RA/OID data at oid-info.com').'</option>'; |
624 | echo '>'._L('0 = Register to directory service and automatically publish RA/OID data at oid-info.com').'</option>'; |
| 625 | 625 | ||
| 626 | # --- |
626 | # --- |
| 627 | 627 | ||
| 628 | echo '<option value="1"'; |
628 | echo '<option value="1"'; |
| 629 | if (isset($_POST['sent'])) { |
629 | if (isset($_POST['sent'])) { |
| 630 | if (isset($_POST['reg_privacy']) && ($_POST['reg_privacy'] == 1)) echo ' selected'; |
630 | if (isset($_POST['reg_privacy']) && ($_POST['reg_privacy'] == 1)) echo ' selected'; |
| 631 | } else { |
631 | } else { |
| 632 | if ((OIDplus::config()->getValue('reg_privacy') == 1)) { |
632 | if ((OIDplus::config()->getValue('reg_privacy') == 1)) { |
| 633 | echo ' selected'; |
633 | echo ' selected'; |
| 634 | } else { |
634 | } else { |
| 635 | echo ''; |
635 | echo ''; |
| 636 | } |
636 | } |
| 637 | } |
637 | } |
| 638 | echo '>'._L('1 = Only register to directory service').'</option>'; |
638 | echo '>'._L('1 = Only register to directory service').'</option>'; |
| 639 | 639 | ||
| 640 | # --- |
640 | # --- |
| 641 | 641 | ||
| 642 | echo '<option value="2"'; |
642 | echo '<option value="2"'; |
| 643 | if (isset($_POST['sent'])) { |
643 | if (isset($_POST['sent'])) { |
| 644 | if (isset($_POST['reg_privacy']) && ($_POST['reg_privacy'] == 2)) echo ' selected'; |
644 | if (isset($_POST['reg_privacy']) && ($_POST['reg_privacy'] == 2)) echo ' selected'; |
| 645 | } else { |
645 | } else { |
| 646 | if ((OIDplus::config()->getValue('reg_privacy') == 2)) { |
646 | if ((OIDplus::config()->getValue('reg_privacy') == 2)) { |
| 647 | echo ' selected'; |
647 | echo ' selected'; |
| 648 | } else { |
648 | } else { |
| 649 | echo ''; |
649 | echo ''; |
| 650 | } |
650 | } |
| 651 | } |
651 | } |
| 652 | echo '>'._L('2 = Hide system').'</option>'; |
652 | echo '>'._L('2 = Hide system').'</option>'; |
| 653 | 653 | ||
| 654 | # --- |
654 | # --- |
| 655 | 655 | ||
| 656 | echo '</select>'; |
656 | echo '</select>'; |
| 657 | 657 | ||
| 658 | $htmlmsg = ''; |
658 | $htmlmsg = ''; |
| 659 | if ($do_edits) { |
659 | if ($do_edits) { |
| 660 | try { |
660 | try { |
| 661 | OIDplus::config()->setValue('reg_privacy', $_POST['reg_privacy'] ?? 1); |
661 | OIDplus::config()->setValue('reg_privacy', $_POST['reg_privacy'] ?? 1); |
| 662 | OIDplus::config()->setValue('oobe_registration_done', '1'); |
662 | OIDplus::config()->setValue('oobe_registration_done', '1'); |
| 663 | } catch (\Exception $e) { |
663 | } catch (\Exception $e) { |
| 664 | $htmlmsg = $e instanceof OIDplusException ? $e->getHtmlMessage() : htmlentities($e->getMessage()); |
664 | $htmlmsg = $e instanceof OIDplusException ? $e->getHtmlMessage() : htmlentities($e->getMessage()); |
| 665 | $errors_happened = true; |
665 | $errors_happened = true; |
| 666 | } |
666 | } |
| 667 | } |
667 | } |
| 668 | if (!empty($htmlmsg)) echo ' <font color="red"><b>'.$htmlmsg.'</b></font>'; |
668 | if (!empty($htmlmsg)) echo ' <font color="red"><b>'.$htmlmsg.'</b></font>'; |
| 669 | 669 | ||
| 670 | echo '<p>'._L('<i>Privacy information:</i> This setting can always be changed in the administrator login / control panel.').'<br>'; |
670 | echo '<p>'._L('<i>Privacy information:</i> This setting can always be changed in the administrator login / control panel.').'<br>'; |
| 671 | echo _L('<a %1>Click here</a> for more information about privacy related topics.','href="../../../../res/OIDplus/privacy_documentation.html" target="_blank"'); |
671 | echo _L('<a %1>Click here</a> for more information about privacy related topics.','href="../../../../res/OIDplus/privacy_documentation.html" target="_blank"'); |
| 672 | echo '</p>'; |
672 | echo '</p>'; |
| 673 | } |
673 | } |
| 674 | 674 | ||
| 675 | /** |
675 | /** |
| 676 | * Implements interface INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_8 |
676 | * Implements interface INTF_OID_1_3_6_1_4_1_37476_2_5_2_3_8 |
| 677 | * @param string|null $user |
677 | * @param string|null $user |
| 678 | * @return array |
678 | * @return array |
| 679 | * @throws OIDplusException |
679 | * @throws OIDplusException |
| 680 | */ |
680 | */ |
| 681 | public function getNotifications(string $user=null): array { |
681 | public function getNotifications(string $user=null): array { |
| 682 | $notifications = array(); |
682 | $notifications = array(); |
| 683 | if ((!$user || ($user == 'admin')) && OIDplus::authUtils()->isAdminLoggedIn()) { |
683 | if ((!$user || ($user == 'admin')) && OIDplus::authUtils()->isAdminLoggedIn()) { |
| 684 | if (!url_post_contents_available(true, $reason)) { |
684 | if (!url_post_contents_available(true, $reason)) { |
| 685 | $title = _L('System registration'); |
685 | $title = _L('System registration'); |
| 686 | $notifications[] = new OIDplusNotification('ERR', _L('OIDplus plugin "%1" is enabled, but OIDplus cannot connect to the Internet.', '<a '.OIDplus::gui()->link('oidplus:srv_registration').'>'.htmlentities($title).'</a>').' '.$reason); |
686 | $notifications[] = new OIDplusNotification('ERR', _L('OIDplus plugin "%1" is enabled, but OIDplus cannot connect to the Internet.', '<a '.OIDplus::gui()->link('oidplus:srv_registration').'>'.htmlentities($title).'</a>').' '.$reason); |
| 687 | } |
687 | } |
| 688 | } |
688 | } |
| 689 | return $notifications; |
689 | return $notifications; |
| 690 | } |
690 | } |
| 691 | 691 | ||
| 692 | } |
692 | } |
| 693 | 693 | ||