--- loncom/lond	2007/07/25 22:52:07	1.376
+++ loncom/lond	2007/09/12 20:29:13	1.381
@@ -2,7 +2,7 @@
 # The LearningOnline Network
 # lond "LON Daemon" Server (port "LOND" 5663)
 #
-# $Id: lond,v 1.376 2007/07/25 22:52:07 raeburn Exp $
+# $Id: lond,v 1.381 2007/09/12 20:29:13 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -59,7 +59,7 @@ my $DEBUG = 0;		       # Non zero to ena
 my $status='';
 my $lastlog='';
 
-my $VERSION='$Revision: 1.376 $'; #' stupid emacs
+my $VERSION='$Revision: 1.381 $'; #' stupid emacs
 my $remoteVERSION;
 my $currenthostid="default";
 my $currentdomainid;
@@ -135,7 +135,7 @@ my @adderrors    = ("ok",
 		    "lcuseradd Unable to make www member of users's group",
 		    "lcuseradd Unable to su to root",
 		    "lcuseradd Unable to set password",
-		    "lcuseradd Usrname has invalid characters",
+		    "lcuseradd Username has invalid characters",
 		    "lcuseradd Password has an invalid character",
 		    "lcuseradd User already exists",
 		    "lcuseradd Could not add user.",
@@ -2187,13 +2187,13 @@ sub subscribe_handler {
 &register_handler("sub", \&subscribe_handler, 0, 1, 0);
 
 #
-#   Determine the version of a resource (?) Or is it return
-#   the top version of the resource?  Not yet clear from the
-#   code in currentversion.
+#   Determine the latest version of a resource (it looks for the highest
+#   past version and then returns that +1)
 #
 # Parameters:
 #    $cmd      - The command that got us here.
 #    $tail     - Tail of the command (remaining parameters).
+#                 (Should consist of an absolute path to a file)
 #    $client   - File descriptor connected to client.
 # Returns
 #     0        - Requested to exit, caller should shut down.
@@ -4483,6 +4483,70 @@ sub get_institutional_defaults_handler {
 &register_handler("autoinstcodedefaults",
                   \&get_institutional_defaults_handler,0,1,0);
 
+sub get_institutional_user_rules {
+    my ($cmd, $tail, $client)   = @_;
+    my $userinput               = "$cmd:$tail";
+    my $dom = &unescape($tail);
+    my (%rules_hash,@rules_order);
+    my $outcome;
+    eval {
+        local($SIG{__DIE__})='DEFAULT';
+        $outcome = &localenroll::username_rules($dom,\%rules_hash,\@rules_order);
+    };
+    if (!$@) {
+        if ($outcome eq 'ok') {
+            my $result;
+            foreach my $key (keys(%rules_hash)) {
+                $result .= &escape($key).'='.&Apache::lonnet::freeze_escape($rules_hash{$key}).'&';
+            }
+            $result =~ s/\&$//;
+            $result .= ':';
+            if (@rules_order > 0) {
+                foreach my $item (@rules_order) {
+                    $result .= &escape($item).'&';
+                }
+            }
+            $result =~ s/\&$//;
+            &Reply($client,$result."\n",$userinput);
+        } else {
+            &Reply($client,"error\n", $userinput);
+        }
+    } else {
+        &Failure($client,"unknown_cmd\n",$userinput);
+    }
+}
+&register_handler("instuserrules",\&get_institutional_user_rules,0,1,0);
+
+
+sub institutional_username_check {
+    my ($cmd, $tail, $client)   = @_;
+    my $userinput               = "$cmd:$tail";
+    my %rulecheck;
+    my $outcome;
+    my ($udom,$uname,@rules) = split(/:/,$tail);
+    $udom = &unescape($udom);
+    $uname = &unescape($uname);
+    @rules = map {&unescape($_);} (@rules);
+    eval {
+        local($SIG{__DIE__})='DEFAULT';
+        $outcome = &localenroll::username_check($udom,$uname,\@rules,\%rulecheck);
+    };
+    if (!$@) {
+        if ($outcome eq 'ok') {
+            my $result='';
+            foreach my $key (keys(%rulecheck)) {
+                $result.=&escape($key).'='.&Apache::lonnet::freeze_escape($rulecheck{$key}).'&';
+            }
+            &Reply($client,$result."\n",$userinput);
+        } else {
+            &Reply($client,"error\n", $userinput);
+        }
+    } else {
+        &Failure($client,"unknown_cmd\n",$userinput);
+    }
+}
+&register_handler("instrulecheck",\&institutional_username_check,0,1,0);
+
 
 # Get domain specific conditions for import of student photographs to a course
 #
@@ -4640,30 +4704,6 @@ sub inst_usertypes_handler {
 }
 &register_handler("inst_usertypes", \&inst_usertypes_handler, 0, 1, 0);
 
-sub inst_dirsrch_handler {
-    my ($cmd, $tail, $client) = @_;
-    my ($domain,$srchby,$srchterm,$srchtype) = split(/:/, $tail);
-    $srchby = &unescape($srchby);
-    $srchterm = &unescape($srchterm);
-    my $userinput = $cmd.":".$tail; # For logging purposes.
-    my (%instusers,%instids,$result,$res);
-    eval {
-        local($SIG{__DIE__})='DEFAULT';
-        $result=&localenroll::get_userinfo($domain,undef,undef,\%instusers,\%instids,undef,$srchby,$srchterm,$srchtype);
-    };
-    if ($result eq 'ok') {
-        if (keys(%instusers) > 0) {
-            foreach my $key (keys(%instusers)) {
-                my $usrstr = &Apache::lonnet::hash2str(%{$instusers{$key}});
-                $res.=&escape($key).'='.&escape($usrstr).'&';
-            }
-        }
-        $res=~s/\&$//;
-    }
-    &Reply($client, "$res\n", $userinput);
-}
-&register_handler("instdirsrch", \&inst_dirsrch_handler, 0, 1, 0);
-
 # mkpath makes all directories for a file, expects an absolute path with a
 # file or a trailing / if just a dir is passed
 # returns 1 on success 0 on failure
@@ -5794,6 +5834,10 @@ sub validate_user {
 									 $password,
 									 $credentials);
 		$validated = ($krbreturn == 1);
+		if (!$validated) {
+		    &logthis('krb5: '.$user.', '.$contentpwd.', '.
+			     &Authen::Krb5::error());
+		}
 	    } else {
 		$validated = 0;
 	    }