Diff for /loncom/LondConnection.pm between versions 1.53 and 1.54

version 1.53, 2012/10/01 11:00:43 version 1.54, 2017/02/28 05:42:06
Line 40  use LONCAPA::lonlocal; Line 40  use LONCAPA::lonlocal;
 use LONCAPA::lonssl;  use LONCAPA::lonssl;
   
   
   
   
 my $DebugLevel=0;  my $DebugLevel=0;
 my %perlvar;  my %perlvar;
   my %secureconf;
   my %hosttypes; 
 my $InsecureOk;  my $InsecureOk;
   
 #  #
Line 70  sub ReadConfig { Line 70  sub ReadConfig {
     my $perlvarref = read_conf('loncapa.conf');      my $perlvarref = read_conf('loncapa.conf');
     %perlvar    = %{$perlvarref};      %perlvar    = %{$perlvarref};
     $ConfigRead = 1;      $ConfigRead = 1;
       
     $InsecureOk = $perlvar{loncAllowInsecure};      $InsecureOk = $perlvar{loncAllowInsecure};
   
       unless (lonssl::Read_Connect_Config(\%secureconf,\%perlvar) eq 'ok') {
           Debug(1,"Failed to retrieve secureconf hash.\n");
       }
       unless (lonssl::Read_Host_Types(\%hosttypes,\%perlvar) eq 'ok') {
           Debug(1,"Failed to retrieve hosttypes hash.\n");
       }
   }
   
   sub ResetReadConfig {
       $ConfigRead = 0;
 }  }
   
 sub Debug {  sub Debug {
Line 216  sub new { Line 227  sub new {
  #  allowed...else give up right away.   #  allowed...else give up right away.
   
  if(!(defined $key) || !(defined $keyfile)) {   if(!(defined $key) || !(defined $keyfile)) {
     if($InsecureOk) {              my $canconnect = 0;
               if (ref($secureconf{'connto'}) eq 'HASH') {
                   unless ($secureconf{'connto'}->{'dom'} eq 'req') {
                       $canconnect = 1;
                   }
               } else {
                   $canconnect = $InsecureOk;
               }
       if ($canconnect) {
  $self->{AuthenticationMode} = "insecure";   $self->{AuthenticationMode} = "insecure";
  $self->{TransactionRequest} = "init\n";   $self->{TransactionRequest} = "init\n";
     }       } 
Line 240  sub new { Line 259  sub new {
  my ($ca, $cert) = lonssl::CertificateFile;   my ($ca, $cert) = lonssl::CertificateFile;
  my $sslkeyfile  = lonssl::KeyFile;   my $sslkeyfile  = lonssl::KeyFile;
   
  if((defined $ca)  && (defined $cert) && (defined $sslkeyfile)) {          my ($conntype,$gotconninfo);
           if ((ref($secureconf{'connto'}) eq 'HASH') &&
               (exists($hosttypes{$lonid}))) {
               $conntype = $secureconf{'connto'}{$hosttypes{$lonid}};
               if ($conntype ne '') {
                   $gotconninfo = 1;
               }
           }
    if (($conntype ne 'no') && (defined($ca)) && (defined($cert)) && (defined($sslkeyfile))) {
     $self->{AuthenticationMode} = "ssl";      $self->{AuthenticationMode} = "ssl";
     $self->{TransactionRequest} = "init:ssl:$perlvar{'lonVersion'}\n";      $self->{TransactionRequest} = "init:ssl:$perlvar{'lonVersion'}\n";
    } elsif (($gotconninfo && $conntype ne 'req') || (!$gotconninfo && $InsecureOk)) { 
       # Allowed to do insecure:
       $self->{AuthenticationMode} = "insecure";
       $self->{TransactionRequest} = "init::$perlvar{'lonVersion'}\n";
  } else {   } else {
     if($InsecureOk) { # Allowed to do insecure:      # Not allowed to do insecure...
  $self->{AuthenticationMode} = "insecure";      $socket->close;
  $self->{TransactionRequest} = "init::$perlvar{'lonVersion'}\n";      return undef;
     }  
     else { # Not allowed to do insecure...  
  $socket->close;  
  return undef;  
     }  
  }   }
     }      }
   
Line 1057  sub ExchangeKeysViaSSL { Line 1082  sub ExchangeKeysViaSSL {
 #  #
 sub CompleteInsecure {  sub CompleteInsecure {
     my $self = shift;      my $self = shift;
     if($InsecureOk) {      $self->{LoncapaHim};
       my ($conntype,$gotconninfo);
       if ((ref($secureconf{'connto'}) eq 'HASH') &&
           (exists($hosttypes{$self->{LoncapaHim}}))) {
           $conntype = $secureconf{'connto'}{$hosttypes{$self->{LoncapaHim}}};
           if ($conntype ne '') {
               $gotconninfo = 1;
           }
       } 
       if ((($gotconninfo) && ($conntype ne 'req')) || (!$gotconninfo && $InsecureOk)) {
  $self->{AuthenticationMode} = "insecure";   $self->{AuthenticationMode} = "insecure";
  &Debug(8," Transition out of Initialized:insecure");   &Debug(8," Transition out of Initialized:insecure");
  $self->{TransactionRequest} = $self->{TransactionReply};   $self->{TransactionRequest} = $self->{TransactionReply};

Removed from v.1.53  
changed lines
  Added in v.1.54


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>