loncom/lond - diff

Return to lond CVS log

Up to [LON-CAPA] / loncom

Diff for /loncom/lond between versions 1.215 and 1.216

-version 1.215, 2004/07/27 11:21:48
+version 1.216, 2004/07/27 11:34:49
  Line 1039  sub tie_user_hash {
  #   declaration:
  #
+ #++
+ #
  #  Handles ping requests.
  #  Parameters:
  #      $cmd    - the actual keyword that invoked us.
- Line 1063  sub ping_handler {
+ Line 1065  sub ping_handler {
  }
  &register_handler("ping", \&ping_handler, 0, 1, 1);       # Ping unencoded, client or manager.
+ #++
  #
  # Handles pong requests.  Pong replies with our current host id, and
  #                         the results of a ping sent to us via our lonc.
- Line 1089  sub pong_handler {
+ Line 1092  sub pong_handler {
  }
  &register_handler("pong", \&pong_handler, 0, 1, 1);       # Pong unencoded, client or manager
+ #++
+ #      Called to establish an encrypted session key with the remote client.
+ #      Note that with secure lond, in most cases this function is never
+ #      invoked.  Instead, the secure session key is established either
+ #      via a local file that's locked down tight and only lives for a short
+ #      time, or via an ssl tunnel...and is generated from a bunch-o-random
+ #      bits from /dev/urandom, rather than the predictable pattern used by
+ #      by this sub.  This sub is only used in the old-style insecure
+ #      key negotiation.
+ # Parameters:
+ #      $cmd    - the actual keyword that invoked us.
+ #      $tail   - the tail of the request that invoked us.
+ #      $replyfd- File descriptor connected to the client
+ #  Implicit Inputs:
+ #      $currenthostid - Global variable that carries the name of the host
+ #                       known as.
+ #      $clientname    - Global variable that carries the name of the hsot we're connected to.
+ #  Returns:
+ #      1       - Ok to continue processing.
+ #      0       - Program should exit.
+ #  Implicit Outputs:
+ #      Reply information is sent to the client.
+ #      $cipher is set with a reference to a new IDEA encryption object.
+ #
+ sub establish_key_handler {
+     my ($cmd, $tail, $replyfd) = @_;
+     my $buildkey=time.$$.int(rand 100000);
+     $buildkey=~tr/1-6/A-F/;
+     $buildkey=int(rand 100000).$buildkey.int(rand 100000);
+     my $key=$currenthostid.$clientname;
+     $key=~tr/a-z/A-Z/;
+     $key=~tr/G-P/0-9/;
+     $key=~tr/Q-Z/0-9/;
+     $key=$key.$buildkey.$key.$buildkey.$key.$buildkey;
+     $key=substr($key,0,32);
+     my $cipherkey=pack("H32",$key);
+     $cipher=new IDEA $cipherkey;
+     &Reply($replyfd, "$buildkey\n", "$cmd:$tail");
+     return 1;
+ }
+ &register_handler("ekey", \&establish_key_handler, 0, 1,1);
  #---------------------------------------------------------------
- Line 1204  sub process_request {
+ Line 1252  sub process_request {
  #------------------- Commands not yet in spearate handlers. --------------
- # ------------------------------------------------------------------------ ekey
-     if ($userinput =~ /^ekey/) { # ok for both clients & mgrs
- 	my $buildkey=time.$$.int(rand 100000);
- 	$buildkey=~tr/1-6/A-F/;
- 	$buildkey=int(rand 100000).$buildkey.int(rand 100000);
- 	my $key=$currenthostid.$clientname;
- 	$key=~tr/a-z/A-Z/;
- 	$key=~tr/G-P/0-9/;
- 	$key=~tr/Q-Z/0-9/;
- 	$key=$key.$buildkey.$key.$buildkey.$key.$buildkey;
- 	$key=substr($key,0,32);
- 	my $cipherkey=pack("H32",$key);
- 	$cipher=new IDEA $cipherkey;
- 	print $client "$buildkey\n";
  # ------------------------------------------------------------------------ load
-     } elsif ($userinput =~ /^load/) { # client only
+     if ($userinput =~ /^load/) { # client only
  	if (isClient) {
  	    my $loadavg;
  	    {

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.215
changed lines
	Added in v.1.216