mirror of
https://github.com/Yetangitu/ampache
synced 2025-10-04 10:19:25 +02:00
XML-RPC uses now a sha256 digest
This commit is contained in:
dipsol
parent
93f3c4e929
commit
f3bb93b2bf
2 changed files with 30 additions and 30 deletions
|
|
@ -45,31 +45,31 @@ class xmlRpcClient {
|
||||||
// Generate the client
|
// Generate the client
|
||||||
$client = self::create_client($target_url);
|
$client = self::create_client($target_url);
|
||||||
|
|
||||||
// 6 that's right, the secret level because if you do have debug on most likely you're
|
// 6 that's right, the secret level because if you do have debug on most likely you're
|
||||||
// going to just crash your browser... sorry folks
|
// going to just crash your browser... sorry folks
|
||||||
if (Config::get('debug') AND Config::get('debug_level') == '6') { $client->setDebug(1); }
|
if (Config::get('debug') AND Config::get('debug_level') == '6') { $client->setDebug(1); }
|
||||||
|
|
||||||
// Build our key
|
// Build our key
|
||||||
$timestamp = time();
|
$timestamp = time();
|
||||||
$handshake_key = md5($timestamp . $key);
|
$handshake_key = hash('sha256',$timestamp . hash('sha256',$key));
|
||||||
|
|
||||||
$encoded_key = new XML_RPC_Value($handshake_key,'string');
|
$encoded_key = new XML_RPC_Value($handshake_key,'string');
|
||||||
$timestamp = new XML_RPC_Value($timestamp,'int');
|
$timestamp = new XML_RPC_Value($timestamp,'int');
|
||||||
$xmlrpc_message = new XML_RPC_Message('xmlrpcserver.handshake',array($encoded_key,$timestamp));
|
$xmlrpc_message = new XML_RPC_Message('xmlrpcserver.handshake',array($encoded_key,$timestamp));
|
||||||
|
|
||||||
// Send it off
|
// Send it off
|
||||||
$response = $client->send($xmlrpc_message,10);
|
$response = $client->send($xmlrpc_message,10);
|
||||||
|
|
||||||
if ($response->faultCode()) {
|
if ($response->faultCode()) {
|
||||||
$error_msg = _('Error connecting to') . " " . $server . " " . _("Code") . ": " . $response->faultCode() . " " . _("Reason") . ": " . $response->faultString();
|
$error_msg = _('Error connecting to') . " " . $client->server . " " . _("Code") . ": " . $response->faultCode() . " " . _("Reason") . ": " . $response->faultString();
|
||||||
debug_event('XMLCLIENT',$error_msg,'1');
|
debug_event('XMLCLIENT',$error_msg,'1');
|
||||||
Error::add('general',$error_msg);
|
Error::add('general',$error_msg);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$token = XML_RPC_Decode($response->value());
|
$token = XML_RPC_Decode($response->value());
|
||||||
|
|
||||||
debug_event('XML-RPC',$token . ' returned from ' . $server,'3');
|
debug_event('XML-RPC',$token . ' returned from ' . $client->server,'3');
|
||||||
|
|
||||||
return $token;
|
return $token;
|
||||||
|
|
||||||
|
|
@ -84,24 +84,24 @@ class xmlRpcClient {
|
||||||
|
|
||||||
$client = self::create_client($target_url);
|
$client = self::create_client($target_url);
|
||||||
|
|
||||||
// 6 that's right, the secret level because if you do have debug on most likely you're
|
// 6 that's right, the secret level because if you do have debug on most likely you're
|
||||||
// going to just crash your browser... sorry folks
|
// going to just crash your browser... sorry folks
|
||||||
if (Config::get('debug') AND Config::get('debug_level') == '6') { $client->setDebug(1); }
|
if (Config::get('debug') AND Config::get('debug_level') == '6') { $client->setDebug(1); }
|
||||||
|
|
||||||
$encoded_key = new XML_RPC_Value($token,'string');
|
$encoded_key = new XML_RPC_Value($token,'string');
|
||||||
$xmlrpc_message = new XML_RPC_Message('xmlrpcserver.create_stream_session',array($encoded_key));
|
$xmlrpc_message = new XML_RPC_Message('xmlrpcserver.create_stream_session',array($encoded_key));
|
||||||
|
|
||||||
$response = $client->send($xmlrpc_message,4);
|
$response = $client->send($xmlrpc_message,4);
|
||||||
|
|
||||||
if ($response->faultCode() ) {
|
if ($response->faultCode() ) {
|
||||||
$error_msg = _("Error connecting to") . " " . $server . " " . _("Code") . ": " . $response->faultCode() . " " .
|
$error_msg = _("Error connecting to") . " " . $client->server . " " . _("Code") . ": " . $response->faultCode() . " " .
|
||||||
debug_event('XMLCLIENT',$error_msg,'1');
|
debug_event('XMLCLIENT',$error_msg,'1');
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
$sid = XML_RPC_Decode($response->value());
|
$sid = XML_RPC_Decode($response->value());
|
||||||
|
|
||||||
debug_event('XML-RPC', $sid . ' stream session ID returned from ' . $server,'3');
|
debug_event('XML-RPC', $sid . ' stream session ID returned from ' . $client->server,'3');
|
||||||
|
|
||||||
return $sid;
|
return $sid;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -222,8 +222,8 @@ class xmlRpcServer {
|
||||||
while ($row = Dba::fetch_assoc($db_results)) {
|
while ($row = Dba::fetch_assoc($db_results)) {
|
||||||
|
|
||||||
// Build our encoded passphrase
|
// Build our encoded passphrase
|
||||||
$md5pass = md5($timestamp . $row['key']);
|
$sha256pass = hash('sha256',$timestamp . hash('sha256',$row['key']));
|
||||||
if ($md5pass == $encoded_key) {
|
if ($sha256pass == $encoded_key) {
|
||||||
$data['type'] = 'xml-rpc';
|
$data['type'] = 'xml-rpc';
|
||||||
$data['username'] = 'System';
|
$data['username'] = 'System';
|
||||||
$data['value'] = 'Handshake';
|
$data['value'] = 'Handshake';
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue