log(LOG_INFO, $str); die($str . "\n"); } function getHttpVal ($key, $default) { if (array_key_exists($key, $_GET)) { $val = $_GET[$key]; } elseif (array_key_exists($key, $_POST)) { $val = $_POST[$key]; } else { $val = $default; } $val = trim($val); $val = str_replace('\\', '', $val); return $val; } function log_format() { $str = ""; foreach (func_get_args() as $msg) { if (is_array($msg)) { foreach ($msg as $key => $value) { $str .= "$key=$value "; } } else { $str .= $msg . " "; } } return $str; } // Sign a http query string in the array of key-value pairs // return b64 encoded hmac hash function sign($a, $apiKey, $logger) { ksort($a); $qs = http_build_query($a); $qs = urldecode($qs); $qs = utf8_encode($qs); // base64 encoded binary digest $hmac = hash_hmac('sha1', $qs, $apiKey, TRUE); $hmac = base64_encode($hmac); $logger->log(LOG_DEBUG, "SIGN: $qs H=$hmac"); return $hmac; } function curl_settings($logger, $ident, $ch, $url, $timeout, $opts) { $logger->log(LOG_DEBUG, "$ident adding URL : $url"); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); curl_setopt($ch, CURLOPT_USERAGENT, 'YK-VAL'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($ch, CURLOPT_FAILONERROR, TRUE); if (is_array($opts) === FALSE) { $logger->log(LOG_WARN, $ident . 'curl options must be an array'); return; } foreach ($opts as $key => $val) if (curl_setopt($ch, $key, $val) === FALSE) $logger->log(LOG_WARN, "$ident failed to set " . curl_opt_name($key)); } // returns the string name of a curl constant, // or "curl option" if constant not found. // e.g. // curl_opt_name(CURLOPT_URL) returns "CURLOPT_URL" // curl_opt_name(CURLOPT_BLABLA) returns "curl option" function curl_opt_name($opt) { $consts = get_defined_constants(true); $consts = $consts['curl']; $name = array_search($opt, $consts, TRUE); // array_search may return either on failure... if ($name === FALSE || $name === NULL) return 'curl option'; return $name; } // This function takes a list of URLs. It will return the content of // the first successfully retrieved URL, whose content matches ^OK. // The request are sent asynchronously. Some of the URLs can fail // with unknown host, connection errors, or network timeout, but as // long as one of the URLs given work, data will be returned. If all // URLs fail, data from some URL that did not match parameter $match // (defaults to ^OK) is returned, or if all URLs failed, false. function retrieveURLasync($ident, $urls, $logger, $ans_req=1, $match="^OK", $returl=False, $timeout=10, $curlopts) { $mh = curl_multi_init(); $ch = array(); foreach ($urls as $url) { $handle = curl_init(); curl_settings($logger, $ident, $handle, $url, $timeout, $curlopts); curl_multi_add_handle($mh, $handle); $ch[$handle] = $handle; } $ans_arr = array(); do { while (curl_multi_exec($mh, $active) == CURLM_CALL_MULTI_PERFORM); while ($info = curl_multi_info_read($mh)) { $logger->log(LOG_DEBUG, "$ident curl multi info : ", $info); if ($info['result'] == CURLE_OK) { $str = curl_multi_getcontent($info['handle']); $logger->log(LOG_DEBUG, "$ident curl multi content : $str"); if (preg_match("/$match/", $str)) { $logger->log(LOG_DEBUG, "$ident response matches $match"); $error = curl_error($info['handle']); $errno = curl_errno($info['handle']); $cinfo = curl_getinfo($info['handle']); $logger->log(LOG_INFO, "$ident errno/error: $errno/$error", $cinfo); if ($returl) $ans_arr[] = "url=" . $cinfo['url'] . "\n" . $str; else $ans_arr[] = $str; } if (count($ans_arr) >= $ans_req) { foreach ($ch as $h) { curl_multi_remove_handle($mh, $h); curl_close($h); } curl_multi_close($mh); return $ans_arr; } curl_multi_remove_handle($mh, $info['handle']); curl_close($info['handle']); unset($ch[$info['handle']]); } curl_multi_select($mh); } } while($active); foreach ($ch as $h) { curl_multi_remove_handle($mh, $h); curl_close($h); } curl_multi_close($mh); if (count($ans_arr) > 0) return $ans_arr; return false; } function KSMdecryptOTP($urls, $logger, $curlopts) { if (!is_array($urls)) { $urls = array($urls); } $response = retrieveURLasync('YK-KSM', $urls, $logger, $ans_req=1, $match='^OK', $returl=False, $timeout=10, $curlopts); if ($response === FALSE) { return false; } $response = array_shift($response); $logger->log(LOG_DEBUG, log_format('YK-KSM response: ', $response)); $ret = array(); if (sscanf($response, 'OK counter=%04x low=%04x high=%02x use=%02x', $ret['session_counter'], $ret['low'], $ret['high'], $ret['session_use']) !== 4) { return false; } return $ret; } function sendResp($status, $logger, $apiKey = '', $extra = null) { $a['status'] = $status; // 2008-11-21T06:11:55Z0711 $t = substr(microtime(false), 2, 3); $t = gmdate('Y-m-d\TH:i:s\Z0') . $t; $a['t'] = $t; if ($extra) foreach ($extra as $param => $value) $a[$param] = $value; $h = sign($a, $apiKey, $logger); $str = ""; $str .= "h=" . $h . "\r\n"; $str .= "t=" . $a['t'] . "\r\n"; if ($extra) foreach ($extra as $param => $value) $str .= $param . "=" . $value . "\r\n"; $str .= "status=" . $a['status'] . "\r\n"; $str .= "\r\n"; $logger->log(LOG_INFO, "Response: " . $str . " (at " . gmdate("c") . " " . microtime() . ")"); echo $str; exit; } // backport from PHP 5.6 if (function_exists('hash_equals') === FALSE) { function hash_equals($a, $b) { // hashes are a (known) fixed length, // so this doesn't leak anything. if (strlen($a) != strlen($b)) return false; $result = 0; for ($i = 0; $i < strlen($a); $i++) $result |= ord($a[$i]) ^ ord($b[$i]); return (0 === $result); } }