[BACK]Return to lonracc.pm CVS log [TXT] [DIR] Up to [LON-CAPA] / loncom / auth
File:  [LON-CAPA] / loncom / auth / lonracc.pm
Revision 1.22: download - view: text, annotated - select for diffs
Fri Mar 2 23:43:29 2007 UTC (17 years, 2 months ago) by albertel
Branches: MAIN
CVS tags: version_2_8_X, version_2_8_2, version_2_8_1, version_2_8_0, version_2_7_X, version_2_7_99_1, version_2_7_99_0, version_2_7_1, version_2_7_0, version_2_6_X, version_2_6_99_1, version_2_6_99_0, version_2_6_3, version_2_6_2, version_2_6_1, version_2_6_0, version_2_5_X, version_2_5_99_1, version_2_5_99_0, version_2_5_2, version_2_5_1, version_2_5_0, version_2_4_X, version_2_4_99_0, version_2_4_2, version_2_4_1, version_2_4_0, version_2_3_99_0, HEAD, GCI_1
- maiking this get_iphost thing more targeted easier to dns with

    1: # The LearningOnline Network
    2: # Access Handler for File Transfers
    3: #
    4: # $Id: lonracc.pm,v 1.22 2007/03/02 23:43:29 albertel Exp $
    5: #
    6: # Copyright Michigan State University Board of Trustees
    7: #
    8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
    9: #
   10: # LON-CAPA is free software; you can redistribute it and/or modify
   11: # it under the terms of the GNU General Public License as published by
   12: # the Free Software Foundation; either version 2 of the License, or
   13: # (at your option) any later version.
   14: #
   15: # LON-CAPA is distributed in the hope that it will be useful,
   16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
   17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   18: # GNU General Public License for more details.
   19: #
   20: # You should have received a copy of the GNU General Public License
   21: # along with LON-CAPA; if not, write to the Free Software
   22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   23: #
   24: # /home/httpd/html/adm/gpl.txt
   25: #
   26: # http://www.lon-capa.org/
   27: #
   28: 
   29: package Apache::lonracc;
   30: 
   31: use strict;
   32: use Apache::Constants qw(:common :remotehost);
   33: use Apache::lonnet;
   34: use Apache::File();
   35: use IO::Socket;
   36: 
   37: sub subscribed {
   38:     my ($filename,$id) = @_;
   39: 
   40:     return 0 if (!-e "$filename.subscription");
   41: 
   42:     my $hostname=&Apache::lonnet::hostname($id);
   43:     my (undef,undef,undef,undef,$ip) = gethostbyname($hostname);
   44:     
   45:     return 0 if (length($ip) != 4);
   46: 
   47:     $ip=inet_ntoa($ip);
   48: 
   49:     my $expr='^'.quotemeta($id).':'.quotemeta($ip).':';
   50: 
   51:     my $found=0;
   52:     if (my $sh=Apache::File->new("$filename.subscription")) {
   53: 	while (my $subline=<$sh>) { if ($subline =~ /$expr/) { $found=1; } }
   54: 	$sh->close();
   55:     }
   56:     return $found;
   57: }
   58: 
   59: sub handler {
   60:     my $r = shift;
   61: 
   62:     my $filename=$r->filename;
   63:     if (!-e $filename) {
   64: 	return NOT_FOUND;
   65:     }
   66: 
   67:     my $reqhost = $r->get_remote_host(REMOTE_NOLOOKUP);
   68:     my @hostids= &Apache::lonnet::get_hosts_from_ip($reqhost);
   69:     if (!@hostids && $reqhost ne '127.0.0.1' ) {
   70: 	$r->log_reason("Unable to find a host for ".
   71: 		       $r->get_remote_host(REMOTE_NOLOOKUP));
   72: 	return FORBIDDEN;
   73:     }
   74:     if ($reqhost eq '127.0.0.1') {
   75: 	return OK;
   76:     }
   77:     my $return;
   78:     my @ids;
   79: 
   80:     foreach my $id (@hostids) {
   81: 	my $uri =$r->uri;
   82: 	if (($filename=~/\.meta$/) ||
   83: 	    ($uri=~m|^/raw/uploaded|) ||
   84: 	    (-e "$filename.$id") ||
   85: 	    &subscribed($filename,$id) ) {
   86: 	    return OK;
   87: 	} else {
   88: 	    $return=FORBIDDEN;
   89: 	    push(@ids,$id);
   90: 	}
   91:     }
   92:     if ($return == FORBIDDEN) {
   93: 	$r->log_reason(join(':',@ids)." not subscribed", $r->filename);
   94: 	return FORBIDDEN;
   95:     }
   96:     $r->log_reason("Invalid request for file transfer from $reqhost", 
   97:                    $r->filename); 
   98:     return FORBIDDEN;
   99: }
  100: 
  101: 1;
  102: __END__
  103: 
  104: =head1 NAME
  105: 
  106: Apache::lonracc - Access Handler for File Transfers
  107: 
  108: =head1 SYNOPSIS
  109: 
  110: Invoked by /etc/httpd/conf/loncapa.conf:
  111: 
  112:  <LocationMatch "^/raw.*">
  113:  PerlAccessHandler Apache::lonracc
  114:  </LocationMatch>
  115: 
  116: =head1 INTRODUCTION
  117: 
  118: This module enables authentication for file transfers and works
  119: against the /res tree.
  120: 
  121: Only lond invokes the /raw namespace through its subscribe function.
  122: 
  123: This is part of the LearningOnline Network with CAPA project
  124: described at http://www.lon-capa.org.
  125: 
  126: =head1 HANDLER SUBROUTINE
  127: 
  128: This routine is called by Apache and mod_perl.
  129: 
  130: =over 4
  131: 
  132: =item *
  133: 
  134: Determine requesting host
  135: 
  136: =item *
  137: 
  138: See whether or not the requesting host is subscribed.
  139: 
  140: =item *
  141: 
  142: Respond with status of request and make log entry in case of unallowed
  143: access.
  144: 
  145: =back
  146: 
  147: =cut
  148: 
  149: 
  150: 
  151: 
  152: 
  153: 
  154:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>