[BACK]Return to lontokacc.pm CVS log [TXT] [DIR] Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lontokacc.pm between versions 1.3 and 1.4

version 1.3, 2002/07/31 15:23:55 version 1.4, 2002/08/01 22:36:11
Line 1 Line 1
 # The LearningOnline Network  # The LearningOnline Network
 # Low security Access Handler for Token-based access   # Access Handler for User File Transfers
 # (clearance given by other loncapa host)  
 #  #
 # $Id$  # $Id$
 #  #
Line 30 Line 29
 package Apache::lontokacc;  package Apache::lontokacc;
   
 use strict;  use strict;
 use Apache::Constants qw(:common);  use Apache::Constants qw(:common :remotehost);
 use Apache::lonnet();  use Apache::lonnet();
 use Apache::loncommon();  use Apache::File();
   
 sub handler {  sub handler {
     my $r = shift;      my $r = shift;
     my $query=$r->args;      my $reqhost;
     &Apache::loncommon::get_unprocessed_cgi($query,['token','server']);      unless ($reqhost=$r->get_remote_host(REMOTE_DOUBLE_REV)) {
     my $tmpinfo='no_token';         $r->log_reason("Spoof request");
     if (($ENV{'form.token'}) || ($ENV{'form.server'})) {         return FORBIDDEN;
         $tmpinfo=&Apache::lonnet::unescape(  
                    &Apache::lonnet::reply('tmpget:'.$ENV{'form.token'},  
                                                     $ENV{'form.server'}));  
         chomp($tmpinfo);  
         my $uri=$r->uri;  
         if ($tmpinfo=~/$uri$/) {  
    return OK;  
         }  
     }      }
     $r->log_reason("Invalid token-based access:".$r->uri.' for '.$tmpinfo.'.',      my $readline;
         $r->filename);       my $lontabdir=$r->dir_config('lonTabDir');
       {
          my $fh;
          unless ($fh=Apache::File->new("$lontabdir/hosts.tab")) {
             $r->log_reason("Could not find host tab file");
             return FORBIDDEN;
          }
          while ($readline=<$fh>) {
             my ($id,$domain,$role,$name,$ip)=split(/:/,$readline);
             if ($name =~ /$reqhost/i) { return OK; }
          }
   
       }
       $r->log_reason("Invalid request for user file transfer from $reqhost", 
                      $r->filename); 
     return FORBIDDEN;      return FORBIDDEN;
 }  }
   
Line 58  sub handler { Line 63  sub handler {
 __END__  __END__
   
   
   
   
   
   
   
Removed from v.1.3  
changed lines
  Added in v.1.4

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>