--- loncom/auth/lonracc.pm 2003/05/27 18:07:22 1.9 +++ loncom/auth/lonracc.pm 2004/05/03 19:52:19 1.13 @@ -1,7 +1,7 @@ # The LearningOnline Network # Access Handler for File Transfers # -# $Id: lonracc.pm,v 1.9 2003/05/27 18:07:22 albertel Exp $ +# $Id: lonracc.pm,v 1.13 2004/05/03 19:52:19 www Exp $ # # Copyright Michigan State University Board of Trustees # @@ -25,10 +25,6 @@ # # http://www.lon-capa.org/ # -# (lonacc: Cookie Based Access Handler -# 5/21/99,5/22,5/29,5/31,6/15 Gerd Kortemeyer) -# 6/16,6/18,7/3, -# 6/30/00 Gerd Kortemeyer package Apache::lonracc; @@ -60,33 +56,30 @@ sub handler { $r->log_reason("Spoof request from ".$ENV{'REMOTE_ADDR'}); return FORBIDDEN; } - my $readline; - my $lontabdir=$r->dir_config('lonTabDir'); - { - my $fh; - unless ($fh=Apache::File->new("$lontabdir/hosts.tab")) { - $r->log_reason("Could not find host tab file"); - return FORBIDDEN; - } - my $return; - my @ids=(); - while ($readline=<$fh>) { - my ($id,$domain,$role,$name,$ip)=split(/:/,$readline); - if ($name =~ /$reqhost/i) { - my $filename=$r->filename; - if ((-e "$filename.$id") || - &subscribed($filename,$id) || - ($filename=~/\.meta$/)) { - return OK; - } else { - $return=FORBIDDEN; - push(@ids,$id); - } - } - } - if ($return == FORBIDDEN) { - $r->log_reason(join(':',@ids)." not subscribed", $r->filename); - } + if ($reqhost eq 'localhost.localdomain') { + return OK; + } + my $return; + my @ids=(); + my $id; + foreach $id (keys %Apache::lonnet::hostname) { + if ($Apache::lonnet::hostname{$id} =~ /$reqhost/i) { + my $filename=$r->filename; + my $uri =$r->uri; + if ((-e "$filename.$id") || + &subscribed($filename,$id) || + ($filename=~/\.meta$/) || + ($uri=~m|^/raw/uploaded|)) { + return OK; + } else { + $return=FORBIDDEN; + push(@ids,$id); + } + } + } + if ($return == FORBIDDEN) { + $r->log_reason(join(':',@ids)." not subscribed", $r->filename); + return FORBIDDEN; } $r->log_reason("Invalid request for file transfer from $reqhost", $r->filename);