--- loncom/LondConnection.pm 2004/06/17 09:26:09 1.31 +++ loncom/LondConnection.pm 2006/08/11 20:07:52 1.41 @@ -1,7 +1,7 @@ # This module defines and implements a class that represents # a connection to a lond daemon. # -# $Id: LondConnection.pm,v 1.31 2004/06/17 09:26:09 foxr Exp $ +# $Id: LondConnection.pm,v 1.41 2006/08/11 20:07:52 albertel Exp $ # # Copyright Michigan State University Board of Trustees # @@ -42,7 +42,7 @@ use LONCAPA::lonssl; -my $DebugLevel=11; +my $DebugLevel=0; my %hostshash; my %perlvar; my $LocalDns = ""; # Need not be defined for managers. @@ -153,9 +153,19 @@ Dump the internal state of the object: F sub Dump { my $self = shift; + my $level = shift; + my $now = time; + my $local = localtime($now); + + if ($level >= $DebugLevel) { + return; + } + + my $key; my $value; - print STDERR "Dumping LondConnectionObject:\n"; + print STDERR "[ $local ] Dumping LondConnectionObject:\n"; + print STDERR join(':',caller(1))."\n"; while(($key, $value) = each %$self) { print STDERR "$key -> $value\n"; } @@ -203,14 +213,13 @@ host the remote lond is on. This host is =cut sub new { - - my ($class, $Hostname, $Port) = @_; + my ($class, $DnsName, $Port) = @_; if (!$ConfigRead) { ReadConfig(); $ConfigRead = 1; } - &Debug(4,$class."::new( ".$Hostname.",".$Port.")\n"); + &Debug(4,$class."::new( ".$DnsName.",".$Port.")\n"); # The host must map to an entry in the hosts table: # We connect to the dns host that corresponds to that @@ -218,13 +227,16 @@ sub new { # negotion. In the objec these become the Host and # LoncapaHim fields of the object respectively. # - if (!exists $hostshash{$Hostname}) { - &Debug(8, "No Such host $Hostname"); + if (!exists $hostshash{$DnsName}) { + &Debug(8, "No Such host $DnsName"); return undef; # No such host!!! } - my @ConfigLine = @{$hostshash{$Hostname}}; - my $DnsName = $ConfigLine[3]; # 4'th item is dns of host. + my @ConfigLine = @{$hostshash{$DnsName}}; + my $Hostname = $ConfigLine[0]; # 0'th item is the msu id of host. Debug(5, "Connecting to ".$DnsName); + # if it is me use loopback for connection + if ($DnsName eq $LocalDns) { $DnsName="127.0.0.1"; } + Debug(8, "Connecting to $DnsName I am $LocalDns"); # Now create the object... my $self = { Host => $DnsName, LoncapaHim => $Hostname, @@ -233,6 +245,7 @@ sub new { AuthenticationMode => "", TransactionRequest => "", TransactionReply => "", + NextRequest => "", InformReadable => 0, InformWritable => 0, TimeoutCallback => undef, @@ -250,16 +263,16 @@ sub new { Type => SOCK_STREAM, Proto => "tcp", Timeout => 3)) { + Debug(8, "Error? \n$@ \n$!"); return undef; # Inidicates the socket could not be made. } my $socket = $self->{Socket}; # For local use only. - # If we are local, we'll first try local auth mode, otherwise, we'll try the - # ssl auth mode: + # If we are local, we'll first try local auth mode, otherwise, we'll try + # the ssl auth mode: - Debug(8, "Connecting to $DnsName I am $LocalDns"); my $key; my $keyfile; - if ($DnsName eq $LocalDns) { + if ($DnsName eq '127.0.0.1') { $self->{AuthenticationMode} = "local"; ($key, $keyfile) = lonlocal::CreateKeyFile(); Debug(8, "Local key: $key, stored in $keyfile"); @@ -284,10 +297,29 @@ sub new { return undef; } - } + } else { - $self->{AuthenticationMode} = "ssl"; - $self->{TransactionRequest} = "init:ssl\n"; + # Remote peer: I'd like to do ssl, but if my host key or certificates + # are not all installed, my only choice is insecure, if that's + # allowed: + + my ($ca, $cert) = lonssl::CertificateFile; + my $sslkeyfile = lonssl::KeyFile; + + if((defined $ca) && (defined $cert) && (defined $sslkeyfile)) { + + $self->{AuthenticationMode} = "ssl"; + $self->{TransactionRequest} = "init:ssl\n"; + } else { + if($InsecureOk) { # Allowed to do insecure: + $self->{AuthenticationMode} = "insecure"; + $self->{TransactionRequest} = "init\n"; + } + else { # Not allowed to do insecure... + $socket->close; + return undef; + } + } } # @@ -315,7 +347,7 @@ sub new { # return the object : Debug(9, "Initial object state: "); - $self->Dump(); + $self->Dump(9); return $self; } @@ -476,7 +508,8 @@ sub Readable { return 0; } elsif ($self->{State} eq "ReadingVersionString") { - $self->{LondVersion} = chomp($self->{TransactionReply}); + chomp($self->{TransactionReply}); + $self->{LondVersion} = $self->{TransactionReply}; $self->Transition("SetHost"); $self->{InformReadable} = 0; $self->{InformWritable} = 1; @@ -527,13 +560,25 @@ sub Readable { my $answer = $self->{TransactionReply}; if($answer =~ /^enc\:/) { $answer = $self->Decrypt($answer); - $self->{TransactionReply} = $answer; + $self->{TransactionReply} = "$answer\n"; } - + # if we have a NextRequest do it immeadiately + if ($self->{NextRequest}) { + $self->{TransactionRequest} = $self->{NextRequest}; + undef( $self->{NextRequest} ); + $self->{TransactionReply} = ""; + $self->{InformWritable} = 1; + $self->{InformReadable} = 0; + $self->{Timeoutable} = 1; + $self->{TimeoutRemaining} = $self->{TimeoutValue}; + $self->Transition("SendingRequest"); + return 0; + } else { # finish the transaction - $self->ToIdle(); - return 0; + $self->ToIdle(); + return 0; + } } elsif ($self->{State} eq "Disconnected") { # No connection. return -1; } else { # Internal error: Invalid state. @@ -685,14 +730,26 @@ sub InitiateTransaction { return -1; # Error indicator. } # if the transaction is to be encrypted encrypt the data: + (my $sethost, my $server,$data)=split(/:/,$data,3); if($data =~ /^encrypt\:/) { $data = $self->Encrypt($data); } # Setup the trasaction - - $self->{TransactionRequest} = $data; + # currently no version of lond supports inlining the sethost + if ($self->PeerVersion() <= 321) { + if ($server ne $self->{LoncapaHim}) { + $self->{NextRequest} = $data; + $self->{TransactionRequest} = "$sethost:$server\n"; + $self->{LoncapaHim} = $server; + } else { + $self->{TransactionRequest} = $data; + } + } else { + $self->{LoncapaHim} = $server; + $self->{TransactionRequest} = "$sethost:$server:$data"; + } $self->{TransactionReply} = ""; $self->{InformWritable} = 1; $self->{InformReadable} = 0; @@ -925,6 +982,7 @@ sub Decrypt { # $length tells us the actual length of the decrypted string: $decrypted = substr($decrypted, 0, $length); + Debug(9, "Decrypted $EncryptedString to $decrypted"); return $decrypted; @@ -978,7 +1036,7 @@ sub CreateCipher { if($cipher) { $self->{Cipher} = $cipher; Debug("Cipher created dumping socket: "); - $self->Dump(); + $self->Dump(9); return 1; } else { @@ -1089,7 +1147,7 @@ this iterator returns a reference to an information read from the hosts configuration file. Array elements are used as follows: - [0] - LonCapa host name. + [0] - LonCapa host id. [1] - LonCapa domain name. [2] - Loncapa role (e.g. library or access). [3] - DNS name server hostname. @@ -1156,7 +1214,7 @@ sub read_conf #---------------------- Subroutine read_hosts: Read a LON-CAPA hosts.tab # formatted configuration file. # -my $RequiredCount = 5; # Required item count in hosts.tab. +my $RequiredCount = 4; # Required item count in hosts.tab. my $DefaultMaxCon = 5; # Default value for maximum connections. my $DefaultIdle = 1000; # Default connection idle time in seconds. my $DefaultMinCon = 0; # Default value for minimum connections. @@ -1165,9 +1223,10 @@ sub read_hosts { my $Filename = shift; my %HostsTab; - open(CONFIG,'<'.$Filename) or die("Can't read $Filename"); + open(CONFIG,'<'.$Filename) or die("Can't read $Filename"); while (my $line = ) { - if (!($line =~ /^\s*\#/)) { + if ($line !~ /^\s*\#/) { + $line=~s/\s*$//; my @items = split(/:/, $line); if(scalar @items >= $RequiredCount) { if (scalar @items == $RequiredCount) { # Only required items: @@ -1182,7 +1241,7 @@ sub read_hosts { { my @list = @items; # probably not needed but I'm unsure of # about the scope of item so... - $HostsTab{$list[0]} = \@list; + $HostsTab{$list[3]} = \@list; } } } @@ -1199,8 +1258,8 @@ sub read_hosts { # sub PeerVersion { my $self = shift; - - return $self->{LondVersion}; + my ($version) = ($self->{LondVersion} =~ /Revision: 1\.(\d+)/); + return $version; } 1;