--- loncom/auth/lonracc.pm	2004/05/03 19:52:19	1.13
+++ loncom/auth/lonracc.pm	2005/02/10 22:30:56	1.16
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Access Handler for File Transfers
 #
-# $Id: lonracc.pm,v 1.13 2004/05/03 19:52:19 www Exp $
+# $Id: lonracc.pm,v 1.16 2005/02/10 22:30:56 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -32,11 +32,15 @@ use strict;
 use Apache::Constants qw(:common :remotehost);
 use Apache::lonnet();
 use Apache::File();
+use IO::Socket;
 
 sub subscribed {
     my ($filename,$id) = @_;
     my $found=0;
-    my $expr='^'.$id.':'.$Apache::lonnet::hostip{$id}.':';
+    my $hostname=$Apache::lonnet::hostname{$id};
+    my (undef,undef,undef,undef,$ip) = gethostbyname($hostname);
+    $ip=inet_ntoa($ip);
+    my $expr='^'.$id.':'.$ip.':';
     $expr =~ s/\./\\\./g;
     my $sh;
     if ($sh=Apache::File->new("$filename.subscription")) {
@@ -48,33 +52,32 @@ sub subscribed {
 
 sub handler {
     my $r = shift;
-    my $reqhost = $r->get_remote_host(REMOTE_DOUBLE_REV);
-    if (!$reqhost && $r->get_remote_host(REMOTE_NOLOOKUP) eq $r->get_server_name()) { 
-        $reqhost = $r->get_server_name();
-    } 
-    unless ($reqhost) {
-       $r->log_reason("Spoof request from ".$ENV{'REMOTE_ADDR'});
-       return FORBIDDEN;
+    my $reqhost = $r->get_remote_host(REMOTE_NOLOOKUP);
+    my %iphost=&Apache::lonnet::get_iphost();
+    my $hostids=$iphost{$reqhost};
+    if (!$hostids && $reqhost ne '127.0.0.1' ) {
+	$r->log_reason("Unable to find a host for ".
+		       $r->get_remote_host(REMOTE_NOLOOKUP));
+	return FORBIDDEN;
     }
-    if ($reqhost eq 'localhost.localdomain') {
-       return OK;
+    if ($reqhost eq '127.0.0.1') {
+	return OK;
     }
     my $return;
     my @ids=();
     my $id;
-    foreach $id (keys %Apache::lonnet::hostname) {
-	if ($Apache::lonnet::hostname{$id} =~ /$reqhost/i) {
-	    my $filename=$r->filename;
-	    my $uri =$r->uri;
-	    if ((-e "$filename.$id") ||
-		&subscribed($filename,$id) ||
-		($filename=~/\.meta$/) ||
-		($uri=~m|^/raw/uploaded|)) {
-		return OK;
-	    } else {
-		$return=FORBIDDEN;
-		push(@ids,$id);
-	    }
+
+    foreach $id (@{$hostids}) {
+	my $filename=$r->filename;
+	my $uri =$r->uri;
+	if ((-e "$filename.$id") ||
+	    &subscribed($filename,$id) ||
+	    ($filename=~/\.meta$/) ||
+	    ($uri=~m|^/raw/uploaded|)) {
+	    return OK;
+	} else {
+	    $return=FORBIDDEN;
+	    push(@ids,$id);
 	}
     }
     if ($return == FORBIDDEN) {