function drd_server_key in Drupal Remote Dashboard Server 7.2
Same name and namespace in other branches
- 6.2 drd_server.module \drd_server_key()
This is called to update the excryption keys for this server and all it's domains hosted in the same Drupal installation.
Parameters
string $api: The API used by DRD, is used to make sure that APIs from DRD and DRD_Server are compatible.
int $timestamp: Not used yet. Could be used to make sure that the request is not too old - to avoid hacking attacks. However, security by AES is sufficient and as timestamp is going to change for each valid request from DRD, the encrypted request will change as well all the time, so that a brute force attack is very unlikely.
string $langcode: Language used by the current user in DRD so that messages from here can be properly localized.
boolean $debug: TRUE if DRD is in debug mode so that more verbose messages get generated.
string $domainurl: The domain name for which AES keys should be set.
string $aes_key: The AES key to be set.
string $aes_cipher: The AES Cipher to be set.
string $aes_iv: The AES Initial Vector to be set.
string $aes_impl: The AES Implementation to be set.
string $cluster_token: The token to be used if in cluster mode.
Return value
string The result string to be sent back to DRD.
1 string reference to 'drd_server_key'
- drd_server_xmlrpc in ./
drd_server.module - Implementation of hook_xmlrpc().
File
- ./
drd_server.module, line 460 - Provides XMLRPC implementation to respond to requests from DRD.
Code
function drd_server_key($api, $timestamp, $langcode, $debug, $domainurl, $aes_key = '', $aes_cipher = '', $aes_iv = '', $aes_impl = '', $cluster_token = '') {
if ($timestamp != REQUEST_TIME) {
// We could verify that the request is current.
}
global $language;
$language->language = $langcode;
_drd_server_debug_mode($debug);
_drd_server_watchdog('AES key change request.');
$allowed = variable_get('drd_allowed_referer', '');
$referer = empty($cluster_token) ? ip_address() : $cluster_token;
if (empty($allowed)) {
return drd_server_error(t('Referer (%referer) not allowed, nothing configured yet.', array(
'%referer' => $referer,
)), DRD_SERVER_ERROR_NO_REFERER);
}
if (strpos($allowed, $referer) === FALSE) {
_drd_server_watchdog('AES key change request unauthorized.', array(), WATCHDOG_ALERT);
return drd_server_error(t('Referer (%referer) not allowed.', array(
'%referer' => $referer,
)), DRD_SERVER_ERROR_WRONG_REFERER);
}
$aes_keys = variable_get('drd_aes_keys', array());
if (!empty($cluster_token)) {
if (empty($aes_keys[$cluster_token]['cluster_mode']) || empty($aes_keys[$cluster_token]['cluster_ips']) || strpos($aes_keys[$cluster_token]['cluster_ips'], ip_address()) === FALSE) {
_drd_server_watchdog('AES key change request unauthorized due to ip address mismatch.', array(), WATCHDOG_ALERT);
return drd_server_error(t('Referer (%referer) not allowed from %address.', array(
'%referer' => $referer,
'%address' => ip_address(),
)), DRD_SERVER_ERROR_WRONG_REFERER);
}
}
if ($api !== DRD_SERVER_API_VERSION) {
_drd_server_watchdog('Wrong API: %api.', array(
'%api' => $api,
), WATCHDOG_ALERT);
return drd_server_error(t('Wrong API.'), DRD_SERVER_ERROR_WRONG_API);
}
$sites = drd_server_read_sites();
if (empty($domainurl)) {
$aes_keys[$referer] = array(
'key' => $aes_key,
'cipher' => $aes_cipher,
'iv' => $aes_iv,
'impl' => $aes_impl,
'cluster_mode' => !empty($cluster_token),
'cluster_ips' => empty($aes_keys[$cluster_token]['cluster_ips']) ? ip_address() : $aes_keys[$cluster_token]['cluster_ips'],
);
variable_set('drd_aes_keys', $aes_keys);
$domainurls = $sites;
}
else {
$domainurls = array(
$domainurl => $sites[$domainurl],
);
}
drd_server_key_remote($domainurls, $aes_keys);
return drd_server_result('drd.key', TRUE);
}