--- loncom/interface/courseprefs.pm 2022/02/15 04:28:01 1.102 +++ loncom/interface/courseprefs.pm 2022/02/16 00:06:04 1.103 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # Handler to set configuration settings for a course # -# $Id: courseprefs.pm,v 1.102 2022/02/15 04:28:01 raeburn Exp $ +# $Id: courseprefs.pm,v 1.103 2022/02/16 00:06:04 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -224,6 +224,7 @@ use Apache::lonparmset; use Apache::courseclassifier; use Apache::lonlocal; use LONCAPA qw(:DEFAULT :match); +use Crypt::CBC; my $registered_cleanup; my $modified_courses; @@ -1477,7 +1478,7 @@ sub process_changes { sub process_linkprot { my ($cdom,$cnum,$values,$changes,$context) = @_; - my ($dest,$ltiauth,$errors,%linkprot); + my ($home,$dest,$ltiauth,$privkey,$privnum,$cipher,$errors,%linkprot); if (ref($values) eq 'HASH') { foreach my $id (keys(%{$values})) { if ($id =~ /^\d+$/) { @@ -1487,6 +1488,31 @@ sub process_linkprot { } } } + my %domdefs = &Apache::lonnet::get_domain_defaults($cdom); + my @ids=&Apache::lonnet::current_machine_ids(); + if ($context eq 'domain') { + $home = &Apache::lonnet::domain($cdom,'primary'); + } else { + $home = &Apache::lonnet::homeserver($cnum,$cdom); + } + if ((($context eq 'domain') && ($domdefs{'linkprotenc_dom'})) || + (($context eq 'course') && ($domdefs{'linkprotenc_crs'}))) { + unless (($home eq 'no_host') || ($home eq '')) { + if (grep(/^\Q$home\E$/,@ids)) { + if (ref($domdefs{'privhosts'}) eq 'ARRAY') { + if (grep(/^\Q$home\E$/,@{$domdefs{'privhosts'}})) { + my %privhash = &Apache::lonnet::restore_dom('lti','private',$cdom,$home,1); + $privkey = $privhash{'key'}; + $privnum = $privhash{'version'}; + if (($privnum) && ($privkey ne '')) { + $cipher = Crypt::CBC->new({'key' => $privkey, + 'cipher' => 'DES'}); + } + } + } + } + } + } if ($context eq 'domain') { $dest = '/adm/domainprefs'; $ltiauth = 1; @@ -1619,14 +1645,24 @@ sub process_linkprot { if ($current{'usable'}) { if ($env{'form.linkprot_changesecret_'.$idx}) { if ($env{$secretitem} ne '') { - $linkprot{$itemid}{'secret'} = $env{$secretitem}; + if ($privnum && $cipher) { + $linkprot{$itemid}{'secret'} = $cipher->encrypt_hex($env{$secretitem}); + $linkprot{$itemid}{'cipher'} = $privnum; + } else { + $linkprot{$itemid}{'secret'} = $env{$secretitem}; + } $haschanges{$itemid} = 1; } } else { $linkprot{$itemid}{'secret'} = $current{'secret'}; } } elsif ($env{$secretitem} ne '') { - $linkprot{$itemid}{'secret'} = $env{$secretitem}; + if ($privnum && $cipher) { + $linkprot{$itemid}{'secret'} = $cipher->encrypt_hex($env{$secretitem}); + $linkprot{$itemid}{'cipher'} = $privnum; + } else { + $linkprot{$itemid}{'secret'} = $env{$secretitem}; + } $haschanges{$itemid} = 1; } } @@ -2141,10 +2177,12 @@ sub store_changes { sub store_linkprot { my ($cdom,$cnum,$context,$changes,$oldlinkprot) = @_; - my ($ltiauth,$lti_save_error,$output,$error,%ltienc,@deletions); + my ($ltiauth,$home,$lti_save_error,$output,$error,%ltienc,@deletions); if ($context eq 'domain') { $ltiauth = 1; + $home = &Apache::lonnet::domain($cdom,'primary'); } else { + $home = &Apache::lonnet::homeserver($cnum,$cdom); if (exists($env{'course.'.$env{'request.course.id'}.'.internal.ltiauth'})) { $ltiauth = $env{'course.'.$env{'request.course.id'}.'.internal.ltiauth'}; } else { @@ -2170,7 +2208,6 @@ sub store_linkprot { } } } - my $chome = &Apache::lonnet::homeserver($cnum,$cdom); my @ids=&Apache::lonnet::current_machine_ids(); if (keys(%ltienc) > 0) { if ($context eq 'domain') { @@ -2180,7 +2217,7 @@ sub store_linkprot { } } } else { - unless (($chome eq 'no_host') || ($chome eq '')) { + unless (($home eq 'no_host') || ($home eq '')) { my $allowed; foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } } if ($allowed) { @@ -2202,8 +2239,8 @@ sub store_linkprot { if (&Apache::lonnet::put('lti',$changes,$cdom,$cnum,1) eq 'ok') { my $hashid=$cdom.'_'.$cnum; &Apache::lonnet::devalidate_cache_new('courselti',$hashid); - unless (($chome eq 'no_host') || ($chome eq '')) { - if (grep(/^\Q$chome\E$/,@ids)) { + unless (($home eq 'no_host') || ($home eq '')) { + if (grep(/^\Q$home\E$/,@ids)) { &Apache::lonnet::devalidate_cache_new('courseltienc',$hashid); } } @@ -2223,7 +2260,7 @@ sub store_linkprot { if (exists($ltienc{$id}{$title})) { if ($title eq 'secret') { my $length = length($ltienc{$id}{$title}); - $display .= $desc{$title}.': '.('*' x $length).', '; + $display .= $desc{$title}.': ['.&mt('not shown').'], '; } else { $display .= $desc{$title}.': '.$ltienc{$id}{$title}.', '; }