--- loncom/auth/lonracc.pm	2002/01/17 19:25:31	1.4
+++ loncom/auth/lonracc.pm	2004/05/03 19:52:19	1.13
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Access Handler for File Transfers
 #
-# $Id: lonracc.pm,v 1.4 2002/01/17 19:25:31 harris41 Exp $
+# $Id: lonracc.pm,v 1.13 2004/05/03 19:52:19 www Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -25,45 +25,61 @@
 #
 # http://www.lon-capa.org/
 #
-# (lonacc: Cookie Based Access Handler
-# 5/21/99,5/22,5/29,5/31,6/15 Gerd Kortemeyer)
-# 6/16,6/18,7/3,
-# 6/30/00 Gerd Kortemeyer
 
 package Apache::lonracc;
 
 use strict;
 use Apache::Constants qw(:common :remotehost);
+use Apache::lonnet();
 use Apache::File();
 
+sub subscribed {
+    my ($filename,$id) = @_;
+    my $found=0;
+    my $expr='^'.$id.':'.$Apache::lonnet::hostip{$id}.':';
+    $expr =~ s/\./\\\./g;
+    my $sh;
+    if ($sh=Apache::File->new("$filename.subscription")) {
+	while (my $subline=<$sh>) { if ($subline =~ /$expr/) { $found=1; } }
+	$sh->close();
+    }
+    return $found;
+}
+
 sub handler {
     my $r = shift;
-    my $reqhost;
-    unless ($reqhost=$r->get_remote_host(REMOTE_DOUBLE_REV)) {
-       $r->log_reason("Spoof request");
+    my $reqhost = $r->get_remote_host(REMOTE_DOUBLE_REV);
+    if (!$reqhost && $r->get_remote_host(REMOTE_NOLOOKUP) eq $r->get_server_name()) { 
+        $reqhost = $r->get_server_name();
+    } 
+    unless ($reqhost) {
+       $r->log_reason("Spoof request from ".$ENV{'REMOTE_ADDR'});
        return FORBIDDEN;
     }
-    my $readline;
-    my $lontabdir=$r->dir_config('lonTabDir');
-    {
-       my $fh;
-       unless ($fh=Apache::File->new("$lontabdir/hosts.tab")) {
-          $r->log_reason("Could not find host tab file");
-          return FORBIDDEN;
-       }
-       while ($readline=<$fh>) {
-          my ($id,$domain,$role,$name,$ip)=split(/:/,$readline);
-          if ($name =~ /$reqhost/i) {
-              my $filename=$r->filename;
-              if ((-e "$filename.$id") || ($filename=~/\.meta$/)) {
-	         return OK;
-              } else {
-                 $r->log_reason("$id not subscribed", $r->filename);
-                 return FORBIDDEN;
-              }
-          }
-       }
-
+    if ($reqhost eq 'localhost.localdomain') {
+       return OK;
+    }
+    my $return;
+    my @ids=();
+    my $id;
+    foreach $id (keys %Apache::lonnet::hostname) {
+	if ($Apache::lonnet::hostname{$id} =~ /$reqhost/i) {
+	    my $filename=$r->filename;
+	    my $uri =$r->uri;
+	    if ((-e "$filename.$id") ||
+		&subscribed($filename,$id) ||
+		($filename=~/\.meta$/) ||
+		($uri=~m|^/raw/uploaded|)) {
+		return OK;
+	    } else {
+		$return=FORBIDDEN;
+		push(@ids,$id);
+	    }
+	}
+    }
+    if ($return == FORBIDDEN) {
+	$r->log_reason(join(':',@ids)." not subscribed", $r->filename);
+	return FORBIDDEN;
     }
     $r->log_reason("Invalid request for file transfer from $reqhost", 
                    $r->filename);