|
version 1.48, 2010/07/06 07:48:38
|
version 1.55, 2017/10/20 20:20:21
|
|
Line 40 use LONCAPA::lonlocal;
|
Line 40 use LONCAPA::lonlocal;
|
| use LONCAPA::lonssl; |
use LONCAPA::lonssl; |
| |
|
| |
|
| |
|
| |
|
| my $DebugLevel=0; |
my $DebugLevel=0; |
| my %perlvar; |
my %perlvar; |
| |
my %secureconf; |
| |
my %hosttypes; |
| my $InsecureOk; |
my $InsecureOk; |
| |
|
| # |
# |
|
Line 70 sub ReadConfig {
|
Line 70 sub ReadConfig {
|
| my $perlvarref = read_conf('loncapa.conf'); |
my $perlvarref = read_conf('loncapa.conf'); |
| %perlvar = %{$perlvarref}; |
%perlvar = %{$perlvarref}; |
| $ConfigRead = 1; |
$ConfigRead = 1; |
| |
|
| $InsecureOk = $perlvar{loncAllowInsecure}; |
$InsecureOk = $perlvar{loncAllowInsecure}; |
| |
|
| |
unless (lonssl::Read_Connect_Config(\%secureconf,\%perlvar) eq 'ok') { |
| |
Debug(1,"Failed to retrieve secureconf hash.\n"); |
| |
} |
| |
unless (lonssl::Read_Host_Types(\%hosttypes,\%perlvar) eq 'ok') { |
| |
Debug(1,"Failed to retrieve hosttypes hash.\n"); |
| |
} |
| |
} |
| |
|
| |
sub ResetReadConfig { |
| |
$ConfigRead = 0; |
| } |
} |
| |
|
| sub Debug { |
sub Debug { |
|
Line 184 sub new {
|
Line 195 sub new {
|
| TimeoutCallback => undef, |
TimeoutCallback => undef, |
| TransitionCallback => undef, |
TransitionCallback => undef, |
| Timeoutable => 0, |
Timeoutable => 0, |
| TimeoutValue => 300, |
TimeoutValue => 30, |
| TimeoutRemaining => 0, |
TimeoutRemaining => 0, |
| LocalKeyFile => "", |
LocalKeyFile => "", |
| CipherKey => "", |
CipherKey => "", |
| LondVersion => "Unknown", |
LondVersion => "Unknown", |
| Cipher => undef}; |
Cipher => undef, |
| |
ClientData => undef}; |
| bless($self, $class); |
bless($self, $class); |
| unless ($self->{Socket} = IO::Socket::INET->new(PeerHost => $self->{Host}, |
unless ($self->{Socket} = IO::Socket::INET->new(PeerHost => $self->{Host}, |
| PeerPort => $self->{Port}, |
PeerPort => $self->{Port}, |
|
Line 200 sub new {
|
Line 212 sub new {
|
| return undef; # Inidicates the socket could not be made. |
return undef; # Inidicates the socket could not be made. |
| } |
} |
| my $socket = $self->{Socket}; # For local use only. |
my $socket = $self->{Socket}; # For local use only. |
| |
$socket->sockopt(SO_KEEPALIVE, 1); # Turn on keepalive probes when idle. |
| # If we are local, we'll first try local auth mode, otherwise, we'll try |
# If we are local, we'll first try local auth mode, otherwise, we'll try |
| # the ssl auth mode: |
# the ssl auth mode: |
| |
|
|
Line 214 sub new {
|
Line 227 sub new {
|
| # allowed...else give up right away. |
# allowed...else give up right away. |
| |
|
| if(!(defined $key) || !(defined $keyfile)) { |
if(!(defined $key) || !(defined $keyfile)) { |
| if($InsecureOk) { |
my $canconnect = 0; |
| |
if (ref($secureconf{'connto'}) eq 'HASH') { |
| |
unless ($secureconf{'connto'}->{'dom'} eq 'req') { |
| |
$canconnect = 1; |
| |
} |
| |
} else { |
| |
$canconnect = $InsecureOk; |
| |
} |
| |
if ($canconnect) { |
| $self->{AuthenticationMode} = "insecure"; |
$self->{AuthenticationMode} = "insecure"; |
| $self->{TransactionRequest} = "init\n"; |
$self->{TransactionRequest} = "init\n"; |
| } |
} |
|
Line 238 sub new {
|
Line 259 sub new {
|
| my ($ca, $cert) = lonssl::CertificateFile; |
my ($ca, $cert) = lonssl::CertificateFile; |
| my $sslkeyfile = lonssl::KeyFile; |
my $sslkeyfile = lonssl::KeyFile; |
| |
|
| if((defined $ca) && (defined $cert) && (defined $sslkeyfile)) { |
my ($conntype,$gotconninfo); |
| |
if ((ref($secureconf{'connto'}) eq 'HASH') && |
| |
(exists($hosttypes{$lonid}))) { |
| |
$conntype = $secureconf{'connto'}{$hosttypes{$lonid}}; |
| |
if ($conntype ne '') { |
| |
$gotconninfo = 1; |
| |
} |
| |
} |
| |
if (($conntype ne 'no') && (defined($ca)) && (defined($cert)) && (defined($sslkeyfile))) { |
| $self->{AuthenticationMode} = "ssl"; |
$self->{AuthenticationMode} = "ssl"; |
| $self->{TransactionRequest} = "init:ssl:$perlvar{'lonVersion'}\n"; |
$self->{TransactionRequest} = "init:ssl:$perlvar{'lonVersion'}\n"; |
| |
} elsif (($gotconninfo && $conntype ne 'req') || (!$gotconninfo && $InsecureOk)) { |
| |
# Allowed to do insecure: |
| |
$self->{AuthenticationMode} = "insecure"; |
| |
$self->{TransactionRequest} = "init::$perlvar{'lonVersion'}\n"; |
| } else { |
} else { |
| if($InsecureOk) { # Allowed to do insecure: |
# Not allowed to do insecure... |
| $self->{AuthenticationMode} = "insecure"; |
$socket->close; |
| $self->{TransactionRequest} = "init::$perlvar{'lonVersion'}\n"; |
return undef; |
| } |
|
| else { # Not allowed to do insecure... |
|
| $socket->close; |
|
| return undef; |
|
| } |
|
| } |
} |
| } |
} |
| |
|
|
Line 340 sub Readable {
|
Line 367 sub Readable {
|
| $self->Transition("Disconnected"); |
$self->Transition("Disconnected"); |
| return -1; |
return -1; |
| } |
} |
| |
# If we actually got data, reset the timeout. |
| |
|
| |
if (length $data) { |
| |
$self->{TimeoutRemaining} = $self->{TimeoutValue}; # getting data resets the timeout period. |
| |
} |
| # Append the data to the buffer. And figure out if the read is done: |
# Append the data to the buffer. And figure out if the read is done: |
| |
|
| &Debug(9,"Received from host: ".$data); |
&Debug(9,"Received from host: ".$data); |
|
Line 501 sub Readable {
|
Line 533 sub Readable {
|
| $self->{InformWritable} = 1; |
$self->{InformWritable} = 1; |
| $self->{InformReadable} = 0; |
$self->{InformReadable} = 0; |
| $self->{Timeoutable} = 1; |
$self->{Timeoutable} = 1; |
| $self->{TimeoutRemaining} = $self->{TimeoutValue}; |
|
| $self->Transition("SendingRequest"); |
$self->Transition("SendingRequest"); |
| return 0; |
return 0; |
| } else { |
} else { |
|
Line 563 sub Writable {
|
Line 594 sub Writable {
|
| ($errno == POSIX::EAGAIN) || |
($errno == POSIX::EAGAIN) || |
| ($errno == POSIX::EINTR) || |
($errno == POSIX::EINTR) || |
| ($errno == 0)) { |
($errno == 0)) { |
| $self->{TimeoutRemaining} = $self->{TimeoutValue}; |
$self->{TimeoutRemaining} = $self->{TimeoutValue}; |
| substr($self->{TransactionRequest}, 0, $nwritten) = ""; # rmv written part |
substr($self->{TransactionRequest}, 0, $nwritten) = ""; # rmv written part |
| if(length $self->{TransactionRequest} == 0) { |
if(length $self->{TransactionRequest} == 0) { |
| $self->{InformWritable} = 0; |
$self->{InformWritable} = 0; |
| $self->{InformReadable} = 1; |
$self->{InformReadable} = 1; |
| $self->{TransactionReply} = ''; |
$self->{TransactionReply} = ''; |
| # |
# |
| # Figure out the next state: |
# Figure out the next state: |
| # |
# |
| if($self->{State} eq "Connected") { |
if($self->{State} eq "Connected") { |
| $self->Transition("Initialized"); |
$self->Transition("Initialized"); |
| } elsif($self->{State} eq "ChallengeReceived") { |
} elsif($self->{State} eq "ChallengeReceived") { |
| $self->Transition("ChallengeReplied"); |
$self->Transition("ChallengeReplied"); |
| } elsif($self->{State} eq "RequestingVersion") { |
} elsif($self->{State} eq "RequestingVersion") { |
| $self->Transition("ReadingVersionString"); |
$self->Transition("ReadingVersionString"); |
| } elsif ($self->{State} eq "SetHost") { |
} elsif ($self->{State} eq "SetHost") { |
| $self->Transition("HostSet"); |
$self->Transition("HostSet"); |
| } elsif($self->{State} eq "RequestingKey") { |
} elsif($self->{State} eq "RequestingKey") { |
| $self->Transition("ReceivingKey"); |
$self->Transition("ReceivingKey"); |
| # $self->{InformWritable} = 0; |
# $self->{InformWritable} = 0; |
| # $self->{InformReadable} = 1; |
# $self->{InformReadable} = 1; |
| # $self->{TransactionReply} = ''; |
# $self->{TransactionReply} = ''; |
| } elsif ($self->{State} eq "SendingRequest") { |
} elsif ($self->{State} eq "SendingRequest") { |
| $self->Transition("ReceivingReply"); |
$self->Transition("ReceivingReply"); |
| $self->{TimeoutRemaining} = $self->{TimeoutValue}; |
$self->{TimeoutRemaining} = $self->{TimeoutValue}; |
| } elsif ($self->{State} eq "Disconnected") { |
} elsif ($self->{State} eq "Disconnected") { |
| return -1; |
return -1; |
| } |
} |
| return 0; |
return 0; |
| } |
} |
| } else { # The write failed (e.g. partner disconnected). |
} else { # The write failed (e.g. partner disconnected). |
| $self->Transition("Disconnected"); |
$self->Transition("Disconnected"); |
| $socket->close(); |
$socket->close(); |
| return -1; |
return -1; |
| } |
} |
| |
|
| } |
} |
| =pod |
=pod |
| |
|
|
Line 745 sub Shutdown {
|
Line 776 sub Shutdown {
|
| $socket->shutdown(2); |
$socket->shutdown(2); |
| } |
} |
| } |
} |
| |
$self->{Timeoutable} = 0; # Shutdown sockets can't timeout. |
| } |
} |
| |
|
| =pod |
=pod |
|
Line 1050 sub ExchangeKeysViaSSL {
|
Line 1082 sub ExchangeKeysViaSSL {
|
| # |
# |
| sub CompleteInsecure { |
sub CompleteInsecure { |
| my $self = shift; |
my $self = shift; |
| if($InsecureOk) { |
$self->{LoncapaHim}; |
| |
my ($conntype,$gotconninfo); |
| |
if ((ref($secureconf{'connto'}) eq 'HASH') && |
| |
(exists($hosttypes{$self->{LoncapaHim}}))) { |
| |
$conntype = $secureconf{'connto'}{$hosttypes{$self->{LoncapaHim}}}; |
| |
if ($conntype ne '') { |
| |
$gotconninfo = 1; |
| |
} |
| |
} |
| |
if ((($gotconninfo) && ($conntype ne 'req')) || (!$gotconninfo && $InsecureOk)) { |
| $self->{AuthenticationMode} = "insecure"; |
$self->{AuthenticationMode} = "insecure"; |
| &Debug(8," Transition out of Initialized:insecure"); |
&Debug(8," Transition out of Initialized:insecure"); |
| $self->{TransactionRequest} = $self->{TransactionReply}; |
$self->{TransactionRequest} = $self->{TransactionReply}; |
|
Line 1138 sub PeerVersion {
|
Line 1179 sub PeerVersion {
|
| return $version; |
return $version; |
| } |
} |
| |
|
| |
# |
| |
# Manipulate the client data field |
| |
# |
| |
sub SetClientData { |
| |
my ($self, $newData) = @_; |
| |
$self->{ClientData} = $newData; |
| |
} |
| |
# |
| |
# Get the current client data field. |
| |
# |
| |
sub GetClientData { |
| |
my $self = shift; |
| |
return $self->{ClientData}; |
| |
} |
| |
|
| |
# |
| |
# Get the HostID of our peer |
| |
# |
| |
|
| |
sub PeerLoncapaHim { |
| |
my $self = shift; |
| |
return $self->{LoncapaHim}; |
| |
} |
| |
|
| 1; |
1; |
| |
|
| =pod |
=pod |
![[BACK]](/icons/back.gif){kind=icon}
Return to LondConnection.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom