loncom/lond - diff

Return to lond CVS log

Up to [LON-CAPA] / loncom

Diff for /loncom/lond between versions 1.427 and 1.465

version 1.427, 2009/09/28 19:13:32	version 1.465, 2010/11/12 19:12:46
Line 42 use Crypt::IDEA;	Line 42 use Crypt::IDEA;
use LWP::UserAgent();	use LWP::UserAgent();
use Digest::MD5 qw(md5_hex);	use Digest::MD5 qw(md5_hex);
use GDBM_File;	use GDBM_File;
use Authen::Krb4;
use Authen::Krb5;	use Authen::Krb5;
use localauth;	use localauth;
use localenroll;	use localenroll;
Line 67 my $currentdomainid;	Line 66 my $currentdomainid;
my $client;	my $client;
my $clientip; # IP address of client.	my $clientip; # IP address of client.
my $clientname; # LonCAPA name of client.	my $clientname; # LonCAPA name of client.
	my $clientversion; # LonCAPA version running on client.
	my $clienthomedom; # LonCAPA domain of homeID for client.
	# primary library server.

my $server;	my $server;

Line 975 sub read_profile {	Line 977 sub read_profile {
&GDBM_READER());	&GDBM_READER());
if ($hashref) {	if ($hashref) {
my @queries=split(/\&/,$what);	my @queries=split(/\&/,$what);
	if ($namespace eq 'roles') {
	@queries = map { &unescape($_); } @queries;
	}
my $qresult='';	my $qresult='';

for (my $i=0;$i<=$#queries;$i++) {	for (my $i=0;$i<=$#queries;$i++) {
Line 1068 sub pong_handler {	Line 1073 sub pong_handler {
# Implicit Inputs:	# Implicit Inputs:
# $currenthostid - Global variable that carries the name of the host	# $currenthostid - Global variable that carries the name of the host
# known as.	# known as.
# $clientname - Global variable that carries the name of the hsot we're connected to.	# $clientname - Global variable that carries the name of the host we're connected to.
# Returns:	# Returns:
# 1 - Ok to continue processing.	# 1 - Ok to continue processing.
# 0 - Program should exit.	# 0 - Program should exit.
Line 1107 sub establish_key_handler {	Line 1112 sub establish_key_handler {
# Implicit Inputs:	# Implicit Inputs:
# $currenthostid - Global variable that carries the name of the host	# $currenthostid - Global variable that carries the name of the host
# known as.	# known as.
# $clientname - Global variable that carries the name of the hsot we're connected to.	# $clientname - Global variable that carries the name of the host we're connected to.
# Returns:	# Returns:
# 1 - Ok to continue processing.	# 1 - Ok to continue processing.
# 0 - Program should exit.	# 0 - Program should exit.
Line 1116 sub establish_key_handler {	Line 1121 sub establish_key_handler {
sub load_handler {	sub load_handler {
my ($cmd, $tail, $replyfd) = @_;	my ($cmd, $tail, $replyfd) = @_;



# Get the load average from /proc/loadavg and calculate it as a percentage of	# Get the load average from /proc/loadavg and calculate it as a percentage of
# the allowed load limit as set by the perl global variable lonLoadLim	# the allowed load limit as set by the perl global variable lonLoadLim

Line 1144 sub load_handler {	Line 1151 sub load_handler {
# Implicit Inputs:	# Implicit Inputs:
# $currenthostid - Global variable that carries the name of the host	# $currenthostid - Global variable that carries the name of the host
# known as.	# known as.
# $clientname - Global variable that carries the name of the hsot we're connected to.	# $clientname - Global variable that carries the name of the host we're connected to.
# Returns:	# Returns:
# 1 - Ok to continue processing.	# 1 - Ok to continue processing.
# 0 - Program should exit	# 0 - Program should exit
Line 1653 sub server_loncaparev_handler {	Line 1660 sub server_loncaparev_handler {
}	}
&register_handler("serverloncaparev", \&server_loncaparev_handler, 0, 1, 0);	&register_handler("serverloncaparev", \&server_loncaparev_handler, 0, 1, 0);

	sub server_homeID_handler {
	my ($cmd,$tail,$client) = @_;
	my $userinput = "$cmd:$tail";
	&Reply($client,\$perlvar{'lonHostID'},$userinput);
	return 1;
	}
	&register_handler("serverhomeID", \&server_homeID_handler, 0, 1, 0);

# Process a reinit request. Reinit requests that either	# Process a reinit request. Reinit requests that either
# lonc or lond be reinitialized so that an updated	# lonc or lond be reinitialized so that an updated
# host.tab or domain.tab can be processed.	# host.tab or domain.tab can be processed.
Line 1762 sub authenticate_handler {	Line 1777 sub authenticate_handler {
# upass - User's password.	# upass - User's password.
# checkdefauth - Pass to validate_user() to try authentication	# checkdefauth - Pass to validate_user() to try authentication
# with default auth type(s) if no user account.	# with default auth type(s) if no user account.
	# clientcancheckhost - Passed by clients with functionality in lonauth.pm
	# to check if session can be hosted.

my ($udom, $uname, $upass, $checkdefauth)=split(/:/,$tail);	my ($udom, $uname, $upass, $checkdefauth, $clientcancheckhost)=split(/:/,$tail);
&Debug(" Authenticate domain = $udom, user = $uname, password = $upass, checkdefauth = $checkdefauth");	&Debug(" Authenticate domain = $udom, user = $uname, password = $upass, checkdefauth = $checkdefauth");
chomp($upass);	chomp($upass);
$upass=&unescape($upass);	$upass=&unescape($upass);

my $pwdcorrect = &validate_user($udom,$uname,$upass,$checkdefauth);	my $pwdcorrect = &validate_user($udom,$uname,$upass,$checkdefauth);
if($pwdcorrect) {	if($pwdcorrect) {
&Reply( $client, "authorized\n", $userinput);	my $canhost = 1;
	unless ($clientcancheckhost) {
	my $uprimary_id = &Apache::lonnet::domain($udom,'primary');
	my $uint_dom = &Apache::lonnet::internet_dom($uprimary_id);
	my @intdoms;
	my $internet_names = &Apache::lonnet::get_internet_names($clientname);
	if (ref($internet_names) eq 'ARRAY') {
	@intdoms = @{$internet_names};
	}
	unless ($uint_dom ne '' && grep(/^\Q$uint_dom\E$/,@intdoms)) {
	my ($remote,$hosted);
	my $remotesession = &get_usersession_config($udom,'remotesession');
	if (ref($remotesession) eq 'HASH') {
	$remote = $remotesession->{'remote'}
	}
	my $hostedsession = &get_usersession_config($clienthomedom,'hostedsession');
	if (ref($hostedsession) eq 'HASH') {
	$hosted = $hostedsession->{'hosted'};
	}
	my $loncaparev = $clientversion;
	if ($loncaparev eq '') {
	$loncaparev = $Apache::lonnet::loncaparevs{$clientname};
	}
	$canhost = &Apache::lonnet::can_host_session($udom,$clientname,
	$loncaparev,
	$remote,$hosted);
	}
	}
	if ($canhost) {
	&Reply( $client, "authorized\n", $userinput);
	} else {
	&Reply( $client, "not_allowed_to_host\n", $userinput);
	}
#	#
# Bad credentials: Failed to authorize	# Bad credentials: Failed to authorize
#	#
Line 1815 sub change_password_handler {	Line 1864 sub change_password_handler {
# npass - New password.	# npass - New password.
# context - Context in which this was called	# context - Context in which this was called
# (preferences or reset_by_email).	# (preferences or reset_by_email).
	# lonhost - HostID of server where request originated

my ($udom,$uname,$upass,$npass,$context)=split(/:/,$tail);	my ($udom,$uname,$upass,$npass,$context,$lonhost)=split(/:/,$tail);

$upass=&unescape($upass);	$upass=&unescape($upass);
$npass=&unescape($npass);	$npass=&unescape($npass);
Line 1825 sub change_password_handler {	Line 1875 sub change_password_handler {
# First require that the user can be authenticated with their	# First require that the user can be authenticated with their
# old password unless context was 'reset_by_email':	# old password unless context was 'reset_by_email':

my $validated;	my ($validated,$failure);
if ($context eq 'reset_by_email') {	if ($context eq 'reset_by_email') {
$validated = 1;	if ($lonhost eq '') {
	$failure = 'invalid_client';
	} else {
	$validated = 1;
	}
} else {	} else {
$validated = &validate_user($udom, $uname, $upass);	$validated = &validate_user($udom, $uname, $upass);
}	}
Line 1841 sub change_password_handler {	Line 1895 sub change_password_handler {
$salt=substr($salt,6,2);	$salt=substr($salt,6,2);
my $ncpass=crypt($npass,$salt);	my $ncpass=crypt($npass,$salt);
if(&rewrite_password_file($udom, $uname, "internal:$ncpass")) {	if(&rewrite_password_file($udom, $uname, "internal:$ncpass")) {
&logthis("Result of password change for "	my $msg="Result of password change for $uname: pwchange_success";
."$uname: pwchange_success");	if ($lonhost) {
	$msg .= " - request originated from: $lonhost";
	}
	&logthis($msg);
&Reply($client, "ok\n", $userinput);	&Reply($client, "ok\n", $userinput);
} else {	} else {
&logthis("Unable to open $uname passwd "	&logthis("Unable to open $uname passwd "
Line 1863 sub change_password_handler {	Line 1920 sub change_password_handler {
}	}

} else {	} else {
&Failure( $client, "non_authorized\n", $userinput);	if ($failure eq '') {
	$failure = 'non_authorized';
	}
	&Failure( $client, "$failure\n", $userinput);
}	}

return 1;	return 1;
Line 2050 sub is_home_handler {	Line 2110 sub is_home_handler {
&register_handler("home", \&is_home_handler, 0,1,0);	&register_handler("home", \&is_home_handler, 0,1,0);

#	#
# Process an update request for a resource?? I think what's going on here is	# Process an update request for a resource.
# that a resource has been modified that we hold a subscription to.	# A resource has been modified that we hold a subscription to.
# If the resource is not local, then we must update, or at least invalidate our	# If the resource is not local, then we must update, or at least invalidate our
# cached copy of the resource.	# cached copy of the resource.
# FUTURE WORK:
# I need to look at this logic carefully. My druthers would be to follow
# typical caching logic, and simple invalidate the cache, drop any subscription
# an let the next fetch start the ball rolling again... however that may
# actually be more difficult than it looks given the complex web of
# proxy servers.
# Parameters:	# Parameters:
# $cmd - The command that got us here.	# $cmd - The command that got us here.
# $tail - Tail of the command (remaining parameters).	# $tail - Tail of the command (remaining parameters).
Line 2083 sub update_resource_handler {	Line 2137 sub update_resource_handler {
my $ownership=ishome($fname);	my $ownership=ishome($fname);
if ($ownership eq 'not_owner') {	if ($ownership eq 'not_owner') {
if (-e $fname) {	if (-e $fname) {
	# Delete preview file, if exists
	unlink("$fname.tmp");
	# Get usage stats
my ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,	my ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,
$atime,$mtime,$ctime,$blksize,$blocks)=stat($fname);	$atime,$mtime,$ctime,$blksize,$blocks)=stat($fname);
my $now=time;	my $now=time;
my $since=$now-$atime;	my $since=$now-$atime;
	# If the file has not been used within lonExpire seconds,
	# unsubscribe from it and delete local copy
if ($since>$perlvar{'lonExpire'}) {	if ($since>$perlvar{'lonExpire'}) {
my $reply=&Apache::lonnet::reply("unsub:$fname","$clientname");	my $reply=&Apache::lonnet::reply("unsub:$fname","$clientname");
&devalidate_meta_cache($fname);	&devalidate_meta_cache($fname);
unlink("$fname");	unlink("$fname");
unlink("$fname.meta");	unlink("$fname.meta");
} else {	} else {
	# Yes, this is in active use. Get a fresh copy. Since it might be in
	# very active use and huge (like a movie), copy it to "in.transfer" filename first.
my $transname="$fname.in.transfer";	my $transname="$fname.in.transfer";
my $remoteurl=&Apache::lonnet::reply("sub:$fname","$clientname");	my $remoteurl=&Apache::lonnet::reply("sub:$fname","$clientname");
my $response;	my $response;
alarm(120);	# FIXME: cannot replicate files that take more than two minutes to transfer?
	# alarm(120);
	# FIXME: this should use the LWP mechanism, not internal alarms.
	alarm(1200);
{	{
my $ua=new LWP::UserAgent;	my $ua=new LWP::UserAgent;
my $request=new HTTP::Request('GET',"$remoteurl");	my $request=new HTTP::Request('GET',"$remoteurl");
Line 2104 sub update_resource_handler {	Line 2168 sub update_resource_handler {
}	}
alarm(0);	alarm(0);
if ($response->is_error()) {	if ($response->is_error()) {
	# FIXME: we should probably clean up here instead of just whine
unlink($transname);	unlink($transname);
my $message=$response->status_line;	my $message=$response->status_line;
&logthis("LWP GET: $message for $fname ($remoteurl)");	&logthis("LWP GET: $message for $fname ($remoteurl)");
} else {	} else {
if ($remoteurl!~/\.meta$/) {	if ($remoteurl!~/\.meta$/) {
	# FIXME: isn't there an internal LWP mechanism for this?
alarm(120);	alarm(120);
{	{
my $ua=new LWP::UserAgent;	my $ua=new LWP::UserAgent;
Line 2120 sub update_resource_handler {	Line 2186 sub update_resource_handler {
}	}
alarm(0);	alarm(0);
}	}
	# we successfully transfered, copy file over to real name
rename($transname,$fname);	rename($transname,$fname);
&devalidate_meta_cache($fname);	&devalidate_meta_cache($fname);
}	}
Line 3088 sub dump_with_regexp {	Line 3155 sub dump_with_regexp {

my $userinput = "$cmd:$tail";	my $userinput = "$cmd:$tail";

my ($udom,$uname,$namespace,$regexp,$range)=split(/:/,$tail);	my ($udom,$uname,$namespace,$regexp,$range,$extra)=split(/:/,$tail);
if (defined($regexp)) {	if (defined($regexp)) {
$regexp=&unescape($regexp);	$regexp=&unescape($regexp);
} else {	} else {
Line 3106 sub dump_with_regexp {	Line 3173 sub dump_with_regexp {
}	}
my $hashref = &tie_user_hash($udom, $uname, $namespace,	my $hashref = &tie_user_hash($udom, $uname, $namespace,
&GDBM_READER());	&GDBM_READER());
	my $skipcheck;
if ($hashref) {	if ($hashref) {
my $qresult='';	my $qresult='';
my $count=0;	my $count=0;
	if ($extra ne '') {
	$extra = &Apache::lonnet::thaw_unescape($extra);
	$skipcheck = $extra->{'skipcheck'};
	}
	my @ids = &Apache::lonnet::current_machine_ids();
	my (%homecourses,$major,$minor,$now);
	if (($namespace eq 'roles') && (!$skipcheck)) {
	my $loncaparev = $clientversion;
	if ($loncaparev eq '') {
	$loncaparev = $Apache::lonnet::loncaparevs{$clientname};
	}
	if ($loncaparev =~ /^\'?(\d+)\.(\d+)\.[\w.\-]+\'?/) {
	$major = $1;
	$minor = $2;
	}
	$now = time;
	}
while (my ($key,$value) = each(%$hashref)) {	while (my ($key,$value) = each(%$hashref)) {
	if ($namespace eq 'roles') {
	if ($key =~ m{^/($LONCAPA::match_domain)/($LONCAPA::match_courseid)(/?[^_]*)_(cc\|co\|in\|ta\|ep\|ad\|st\|cr)$}) {
	my $cdom = $1;
	my $cnum = $2;
	unless ($skipcheck) {
	my ($role,$end,$start) = split(/\_/,$value);
	if (!$end \|\| $end > $now) {
	next unless (&releasereqd_check($cnum,$cdom,$key,$value,$major,
	$minor,\%homecourses,\@ids));
	}
	}
	}
	}
if ($regexp eq '.') {	if ($regexp eq '.') {
$count++;	$count++;
if (defined($range) && $count >= $end) { last; }	if (defined($range) && $count >= $end) { last; }
Line 3126 sub dump_with_regexp {	Line 3224 sub dump_with_regexp {
}	}
}	}
if (&untie_user_hash($hashref)) {	if (&untie_user_hash($hashref)) {
	if (($namespace eq 'roles') && (!$skipcheck)) {
	if (keys(%homecourses) > 0) {
	$qresult .= &check_homecourses(\%homecourses,$udom,$regexp,$count,
	$range,$start,$end,$major,$minor);
	}
	}
chop($qresult);	chop($qresult);
&Reply($client, \$qresult, $userinput);	&Reply($client, \$qresult, $userinput);
} else {	} else {
Line 3703 sub put_course_id_hash_handler {	Line 3807 sub put_course_id_hash_handler {
# createdafter - include courses for which creation date followed this date.	# createdafter - include courses for which creation date followed this date.
# creationcontext - include courses created in specified context	# creationcontext - include courses created in specified context
#	#
	# domcloner - flag to indicate if user can create CCs in course's domain.
	# If so, ability to clone course is automatic.
	#
# $client - The socket open on the client.	# $client - The socket open on the client.
# Returns:	# Returns:
# 1 - Continue processing.	# 1 - Continue processing.
Line 3715 sub dump_course_id_handler {	Line 3822 sub dump_course_id_handler {
my ($udom,$since,$description,$instcodefilter,$ownerfilter,$coursefilter,	my ($udom,$since,$description,$instcodefilter,$ownerfilter,$coursefilter,
$typefilter,$regexp_ok,$rtn_as_hash,$selfenrollonly,$catfilter,$showhidden,	$typefilter,$regexp_ok,$rtn_as_hash,$selfenrollonly,$catfilter,$showhidden,
$caller,$cloner,$cc_clone_list,$cloneonly,$createdbefore,$createdafter,	$caller,$cloner,$cc_clone_list,$cloneonly,$createdbefore,$createdafter,
$creationcontext) =split(/:/,$tail);	$creationcontext,$domcloner) =split(/:/,$tail);
my $now = time;	my $now = time;
my ($cloneruname,$clonerudom,%cc_clone);	my ($cloneruname,$clonerudom,%cc_clone);
if (defined($description)) {	if (defined($description)) {
Line 3773 sub dump_course_id_handler {	Line 3880 sub dump_course_id_handler {
$cc_clone{$clonedom.'_'.$clonenum} = 1;	$cc_clone{$clonedom.'_'.$clonenum} = 1;
}	}
}	}
if (defined($createdbefore)) {	if ($createdbefore ne '') {
$createdbefore = &unescape($createdbefore);	$createdbefore = &unescape($createdbefore);
} else {	} else {
$createdbefore = 0;	$createdbefore = 0;
}	}
if (defined($createdafter)) {	if ($createdafter ne '') {
$createdafter = &unescape($createdafter);	$createdafter = &unescape($createdafter);
} else {	} else {
$createdafter = 0;	$createdafter = 0;
}	}
if (defined($creationcontext)) {	if ($creationcontext ne '') {
$creationcontext = &unescape($creationcontext);	$creationcontext = &unescape($creationcontext);
} else {	} else {
$creationcontext = '.';	$creationcontext = '.';
}	}

my $unpack = 1;	my $unpack = 1;
if ($description eq '.' && $instcodefilter eq '.' && $coursefilter eq '.' &&	if ($description eq '.' && $instcodefilter eq '.' && $coursefilter eq '.' &&
$typefilter eq '.') {	$typefilter eq '.') {
Line 3815 sub dump_course_id_handler {	Line 3921 sub dump_course_id_handler {
my ($canclone,$valchange);	my ($canclone,$valchange);
my $items = &Apache::lonnet::thaw_unescape($value);	my $items = &Apache::lonnet::thaw_unescape($value);
if (ref($items) eq 'HASH') {	if (ref($items) eq 'HASH') {
	if ($hashref->{$lasttime_key} eq '') {
	next if ($since > 1);
	}
$is_hash = 1;	$is_hash = 1;
if (defined($clonerudom)) {	if ($domcloner) {
	$canclone = 1;
	} elsif (defined($clonerudom)) {
if ($items->{'cloners'}) {	if ($items->{'cloners'}) {
my @cloneable = split(',',$items->{'cloners'});	my @cloneable = split(',',$items->{'cloners'});
if (@cloneable) {	if (@cloneable) {
Line 3844 sub dump_course_id_handler {	Line 3955 sub dump_course_id_handler {
$items->{'cloners'} = $cloneruname.':'.$clonerudom;	$items->{'cloners'} = $cloneruname.':'.$clonerudom;
$valchange = 1;	$valchange = 1;
}	}
	unless ($canclone) {
	if ($items->{'owner'} =~ /:/) {
	if ($items->{'owner'} eq $cloner) {
	$canclone = 1;
	}
	} elsif ($cloner eq $items->{'owner'}.':'.$udom) {
	$canclone = 1;
	}
	if ($canclone) {
	$items->{'cloners'} = $cloneruname.':'.$clonerudom;
	$valchange = 1;
	}
	}
}	}
}	}
if ($unpack \|\| !$rtn_as_hash) {	if ($unpack \|\| !$rtn_as_hash) {
Line 4044 sub dump_course_id_handler {	Line 4168 sub dump_course_id_handler {
}	}
&register_handler("courseiddump", \&dump_course_id_handler, 0, 1, 0);	&register_handler("courseiddump", \&dump_course_id_handler, 0, 1, 0);

	sub course_lastaccess_handler {
	my ($cmd, $tail, $client) = @_;
	my $userinput = "$cmd:$tail";
	my ($cdom,$cnum) = split(':',$tail);
	my (%lastaccess,$qresult);
	my $hashref = &tie_domain_hash($cdom, "nohist_courseids", &GDBM_WRCREAT());
	if ($hashref) {
	while (my ($key,$value) = each(%$hashref)) {
	my ($unesc_key,$lasttime);
	$unesc_key = &unescape($key);
	if ($cnum) {
	next unless ($unesc_key =~ /\Q$cdom\E_\Q$cnum\E$/);
	}
	if ($unesc_key =~ /^lasttime:($LONCAPA::match_domain\_$LONCAPA::match_courseid)/) {
	$lastaccess{$1} = $value;
	} else {
	my $items = &Apache::lonnet::thaw_unescape($value);
	if (ref($items) eq 'HASH') {
	unless ($lastaccess{$unesc_key}) {
	$lastaccess{$unesc_key} = '';
	}
	} else {
	my @courseitems = split(':',$value);
	$lastaccess{$unesc_key} = pop(@courseitems);
	}
	}
	}
	foreach my $cid (sort(keys(%lastaccess))) {
	$qresult.=&escape($cid).'='.$lastaccess{$cid}.'&';
	}
	if (&untie_domain_hash($hashref)) {
	if ($qresult) {
	chop($qresult);
	}
	&Reply($client, \$qresult, $userinput);
	} else {
	&Failure($client, "error: ".($!+0)." untie(GDBM) Failed ".
	"while attempting lastacourseaccess\n", $userinput);
	}
	} else {
	&Failure($client, "error: ".($!+0)." tie(GDBM) Failed ".
	"while attempting lastcourseaccess\n", $userinput);
	}
	return 1;
	}
	&register_handler("courselastaccess",\&course_lastaccess_handler, 0, 1, 0);

#	#
# Puts an unencrypted entry in a namespace db file at the domain level	# Puts an unencrypted entry in a namespace db file at the domain level
#	#
Line 4109 sub put_domain_handler {	Line 4280 sub put_domain_handler {
sub get_domain_handler {	sub get_domain_handler {
my ($cmd, $tail, $client) = @_;	my ($cmd, $tail, $client) = @_;


my $userinput = "$client:$tail";	my $userinput = "$client:$tail";

my ($udom,$namespace,$what)=split(/:/,$tail,3);	my ($udom,$namespace,$what)=split(/:/,$tail,3);
Line 4253 sub get_id_handler {	Line 4425 sub get_id_handler {
sub put_dcmail_handler {	sub put_dcmail_handler {
my ($cmd,$tail,$client) = @_;	my ($cmd,$tail,$client) = @_;
my $userinput = "$cmd:$tail";	my $userinput = "$cmd:$tail";


my ($udom,$what)=split(/:/,$tail);	my ($udom,$what)=split(/:/,$tail);
chomp($what);	chomp($what);
my $hashref = &tie_domain_hash($udom, "nohist_dcmail", &GDBM_WRCREAT());	my $hashref = &tie_domain_hash($udom, "nohist_dcmail", &GDBM_WRCREAT());
Line 4517 sub tmp_put_handler {	Line 4690 sub tmp_put_handler {
}	}
my ($id,$store);	my ($id,$store);
$tmpsnum++;	$tmpsnum++;
if ($context eq 'resetpw') {	if (($context eq 'resetpw') \|\| ($context eq 'createaccount')) {
$id = &md5_hex(&md5_hex(time.{}.rand().$$));	$id = &md5_hex(&md5_hex(time.{}.rand().$$));
} else {	} else {
$id = $$.'_'.$clientip.'_'.$tmpsnum;	$id = $$.'_'.$clientip.'_'.$tmpsnum;
Line 6064 sub logstatus {	Line 6237 sub logstatus {
sub initnewstatus {	sub initnewstatus {
my $docdir=$perlvar{'lonDocRoot'};	my $docdir=$perlvar{'lonDocRoot'};
my $fh=IO::File->new(">$docdir/lon-status/londstatus.txt");	my $fh=IO::File->new(">$docdir/lon-status/londstatus.txt");
my $now=time;	my $now=time();
my $local=localtime($now);	my $local=localtime($now);
print $fh "LOND status $local - parent $$\n\n";	print $fh "LOND status $local - parent $$\n\n";
opendir(DIR,"$docdir/lon-status/londchld");	opendir(DIR,"$docdir/lon-status/londchld");
Line 6153 $SIG{USR2} = \&UpdateHosts;	Line 6326 $SIG{USR2} = \&UpdateHosts;

# Read the host hashes:	# Read the host hashes:
&Apache::lonnet::load_hosts_tab();	&Apache::lonnet::load_hosts_tab();
	my %iphost = &Apache::lonnet::get_iphost(1);

my $dist=`$perlvar{'lonDaemons'}/distprobe`;	my $dist=`$perlvar{'lonDaemons'}/distprobe`;

Line 6213 sub make_new_child {	Line 6387 sub make_new_child {
or die "Can't unblock SIGINT for fork: $!\n";	or die "Can't unblock SIGINT for fork: $!\n";
$children{$pid} = $clientip;	$children{$pid} = $clientip;
&status('Started child '.$pid);	&status('Started child '.$pid);
	close($client);
return;	return;
} else {	} else {
# Child can not return from this subroutine.	# Child can not return from this subroutine.
Line 6249 sub make_new_child {	Line 6424 sub make_new_child {
&ReadManagerTable();	&ReadManagerTable();
my $clientrec=defined(&Apache::lonnet::get_hosts_from_ip($outsideip));	my $clientrec=defined(&Apache::lonnet::get_hosts_from_ip($outsideip));
my $ismanager=($managers{$outsideip} ne undef);	my $ismanager=($managers{$outsideip} ne undef);
$clientname = "[unknonwn]";	$clientname = "[unknown]";
if($clientrec) { # Establish client type.	if($clientrec) { # Establish client type.
$ConnectionType = "client";	$ConnectionType = "client";
$clientname = (&Apache::lonnet::get_hosts_from_ip($outsideip))[-1];	$clientname = (&Apache::lonnet::get_hosts_from_ip($outsideip))[-1];
Line 6277 sub make_new_child {	Line 6452 sub make_new_child {
#	#
# If the remote is attempting a local init... give that a try:	# If the remote is attempting a local init... give that a try:
#	#
my ($i, $inittype) = split(/:/, $remotereq);	(my $i, my $inittype, $clientversion) = split(/:/, $remotereq);

# If the connection type is ssl, but I didn't get my	# If the connection type is ssl, but I didn't get my
# certificate files yet, then I'll drop back to	# certificate files yet, then I'll drop back to
Line 6297 sub make_new_child {	Line 6472 sub make_new_child {
}	}

if($inittype eq "local") {	if($inittype eq "local") {
	$clientversion = $perlvar{'lonVersion'};
my $key = LocalConnection($client, $remotereq);	my $key = LocalConnection($client, $remotereq);
if($key) {	if($key) {
Debug("Got local key $key");	Debug("Got local key $key");
Line 6304 sub make_new_child {	Line 6480 sub make_new_child {
my $cipherkey = pack("H32", $key);	my $cipherkey = pack("H32", $key);
$cipher = new IDEA($cipherkey);	$cipher = new IDEA($cipherkey);
print $client "ok:local\n";	print $client "ok:local\n";
&logthis('<font color="green"'	&logthis('<font color="green">'
. "Successful local authentication </font>");	. "Successful local authentication </font>");
$keymode = "local"	$keymode = "local"
} else {	} else {
Line 6368 sub make_new_child {	Line 6544 sub make_new_child {
# ------------------------------------------------------------ Process requests	# ------------------------------------------------------------ Process requests
my $keep_going = 1;	my $keep_going = 1;
my $user_input;	my $user_input;
	my $clienthost = &Apache::lonnet::hostname($clientname);
	my $clientserverhomeID = &Apache::lonnet::get_server_homeID($clienthost);
	$clienthomedom = &Apache::lonnet::host_domain($clientserverhomeID);
while(($user_input = get_request) && $keep_going) {	while(($user_input = get_request) && $keep_going) {
alarm(120);	alarm(120);
Debug("Main: Got $user_input\n");	Debug("Main: Got $user_input\n");
Line 6526 sub rewrite_password_file {	Line 6705 sub rewrite_password_file {

# Returns the authorization type or nouser if there is no such user.	# Returns the authorization type or nouser if there is no such user.
#	#
sub get_auth_type	sub get_auth_type {
{

my ($domain, $user) = @_;	my ($domain, $user) = @_;

Debug("get_auth_type( $domain, $user ) \n");	Debug("get_auth_type( $domain, $user ) \n");
Line 6623 sub validate_user {	Line 6800 sub validate_user {
} else {	} else {
$validated = 0;	$validated = 0;
}	}
}	} elsif ($howpwd eq "krb4") { # user is in kerberos 4 auth. domain.
elsif ($howpwd eq "krb4") { # user is in kerberos 4 auth. domain.	my $checkwithkrb5 = 0;
if(! ($password =~ /$null/) ) {	if ($dist =~/^fedora(\d+)$/) {
my $k4error = &Authen::Krb4::get_pw_in_tkt($user,	if ($1 > 11) {
"",	$checkwithkrb5 = 1;
$contentpwd,,	}
'krbtgt',	} elsif ($dist =~ /^suse([\d.]+)$/) {
$contentpwd,	if ($1 > 11.1) {
1,	$checkwithkrb5 = 1;
$password);	}
if(!$k4error) {	}
$validated = 1;	if ($checkwithkrb5) {
} else {	$validated = &krb5_authen($password,$null,$user,$contentpwd);
$validated = 0;	} else {
&logthis('krb4: '.$user.', '.$contentpwd.', '.	$validated = &krb4_authen($password,$null,$user,$contentpwd);
&Authen::Krb4::get_err_txt($Authen::Krb4::error));	}
}
} else {
$validated = 0; # Password has a match with null.
}
} elsif ($howpwd eq "krb5") { # User is in kerberos 5 auth. domain.	} elsif ($howpwd eq "krb5") { # User is in kerberos 5 auth. domain.
if(!($password =~ /$null/)) { # Null password not allowed.	$validated = &krb5_authen($password,$null,$user,$contentpwd);
my $krbclient = &Authen::Krb5::parse_name($user.'@'
.$contentpwd);
my $krbservice = "krbtgt/".$contentpwd."\@".$contentpwd;
my $krbserver = &Authen::Krb5::parse_name($krbservice);
my $credentials= &Authen::Krb5::cc_default();
$credentials->initialize(&Authen::Krb5::parse_name($user.'@'
.$contentpwd));
my $krbreturn;
if (exists(&Authen::Krb5::get_init_creds_password)) {
$krbreturn =
&Authen::Krb5::get_init_creds_password($krbclient,$password,
$krbservice);
$validated = (ref($krbreturn) eq 'Authen::Krb5::Creds');
} else {
$krbreturn =
&Authen::Krb5::get_in_tkt_with_password($krbclient,$krbserver,
$password,$credentials);
$validated = ($krbreturn == 1);
}
if (!$validated) {
&logthis('krb5: '.$user.', '.$contentpwd.', '.
&Authen::Krb5::error());
}
} else {
$validated = 0;
}
} elsif ($howpwd eq "localauth") {	} elsif ($howpwd eq "localauth") {
# Authenticate via installation specific authentcation method:	# Authenticate via installation specific authentcation method:
$validated = &localauth::localauth($user,	$validated = &localauth::localauth($user,
Line 6701 sub validate_user {	Line 6848 sub validate_user {
return $validated;	return $validated;
}	}

	sub krb4_authen {
	my ($password,$null,$user,$contentpwd) = @_;
	my $validated = 0;
	if (!($password =~ /$null/) ) { # Null password not allowed.
	eval {
	require Authen::Krb4;
	};
	if (!$@) {
	my $k4error = &Authen::Krb4::get_pw_in_tkt($user,
	"",
	$contentpwd,,
	'krbtgt',
	$contentpwd,
	1,
	$password);
	if(!$k4error) {
	$validated = 1;
	} else {
	$validated = 0;
	&logthis('krb4: '.$user.', '.$contentpwd.', '.
	&Authen::Krb4::get_err_txt($Authen::Krb4::error));
	}
	} else {
	$validated = krb5_authen($password,$null,$user,$contentpwd);
	}
	}
	return $validated;
	}

	sub krb5_authen {
	my ($password,$null,$user,$contentpwd) = @_;
	my $validated = 0;
	if(!($password =~ /$null/)) { # Null password not allowed.
	my $krbclient = &Authen::Krb5::parse_name($user.'@'
	.$contentpwd);
	my $krbservice = "krbtgt/".$contentpwd."\@".$contentpwd;
	my $krbserver = &Authen::Krb5::parse_name($krbservice);
	my $credentials= &Authen::Krb5::cc_default();
	$credentials->initialize(&Authen::Krb5::parse_name($user.'@'
	.$contentpwd));
	my $krbreturn;
	if (exists(&Authen::Krb5::get_init_creds_password)) {
	$krbreturn =
	&Authen::Krb5::get_init_creds_password($krbclient,$password,
	$krbservice);
	$validated = (ref($krbreturn) eq 'Authen::Krb5::Creds');
	} else {
	$krbreturn =
	&Authen::Krb5::get_in_tkt_with_password($krbclient,$krbserver,
	$password,$credentials);
	$validated = ($krbreturn == 1);
	}
	if (!$validated) {
	&logthis('krb5: '.$user.', '.$contentpwd.', '.
	&Authen::Krb5::error());
	}
	}
	return $validated;
	}

sub addline {	sub addline {
my ($fname,$hostid,$ip,$newline)=@_;	my ($fname,$hostid,$ip,$newline)=@_;
Line 7071 sub sethost {	Line 7277 sub sethost {
eq &Apache::lonnet::get_host_ip($hostid)) {	eq &Apache::lonnet::get_host_ip($hostid)) {
$currenthostid =$hostid;	$currenthostid =$hostid;
$currentdomainid=&Apache::lonnet::host_domain($hostid);	$currentdomainid=&Apache::lonnet::host_domain($hostid);
&logthis("Setting hostid to $hostid, and domain to $currentdomainid");	# &logthis("Setting hostid to $hostid, and domain to $currentdomainid");
} else {	} else {
&logthis("Requested host id $hostid not an alias of ".	&logthis("Requested host id $hostid not an alias of ".
$perlvar{'lonHostID'}." refusing connection");	$perlvar{'lonHostID'}." refusing connection");
Line 7086 sub version {	Line 7292 sub version {
return "version:$VERSION";	return "version:$VERSION";
}	}

	sub get_usersession_config {
	my ($dom,$name) = @_;
	my ($usersessionconf,$cached)=&Apache::lonnet::is_cached_new($name,$dom);
	if (defined($cached)) {
	return $usersessionconf;
	} else {
	my %domconfig = &Apache::lonnet::get_dom('configuration',['usersessions'],$dom);
	if (ref($domconfig{'usersessions'}) eq 'HASH') {
	&Apache::lonnet::do_cache_new($name,$dom,$domconfig{'usersessions'},3600);
	return $domconfig{'usersessions'};
	}
	}
	return;
	}

	sub releasereqd_check {
	my ($cnum,$cdom,$key,$value,$major,$minor,$homecourses,$ids) = @_;
	my $home = &Apache::lonnet::homeserver($cnum,$cdom);
	return if ($home eq 'no_host');
	my ($reqdmajor,$reqdminor,$displayrole);
	if ($cnum =~ /$LONCAPA::match_community/) {
	if ($major eq '' && $minor eq '') {
	return unless ((ref($ids) eq 'ARRAY') &&
	(grep(/^\Q$home\E$/,@{$ids})));
	} else {
	$reqdmajor = 2;
	$reqdminor = 9;
	return unless (&useable_role($reqdmajor,$reqdminor,$major,$minor));
	}
	}
	my $hashid = $cdom.':'.$cnum;
	my ($courseinfo,$cached) =
	&Apache::lonnet::is_cached_new('courseinfo',$hashid);
	if (defined($cached)) {
	if (ref($courseinfo) eq 'HASH') {
	if (exists($courseinfo->{'releaserequired'})) {
	my ($reqdmajor,$reqdminor) = split(/\./,$courseinfo->{'releaserequired'});
	return unless (&useable_role($reqdmajor,$reqdminor,$major,$minor));
	}
	}
	} else {
	if (ref($ids) eq 'ARRAY') {
	if (grep(/^\Q$home\E$/,@{$ids})) {
	if (ref($homecourses) eq 'HASH') {
	if (ref($homecourses->{$hashid}) eq 'ARRAY') {
	push(@{$homecourses->{$hashid}},{$key=>$value});
	} else {
	$homecourses->{$hashid} = [{$key=>$value}];
	}
	}
	return;
	}
	}
	my $courseinfo = &get_courseinfo_hash($cnum,$cdom,$home);
	if (ref($courseinfo) eq 'HASH') {
	if (exists($courseinfo->{'releaserequired'})) {
	my ($reqdmajor,$reqdminor) = split(/\./,$courseinfo->{'releaserequired'});
	return unless (&useable_role($reqdmajor,$reqdminor,$major,$minor));
	}
	}
	}
	return 1;
	}

	sub get_courseinfo_hash {
	my ($cnum,$cdom,$home) = @_;
	my $hashid = $cdom.':'.$cnum;
	my %info = &Apache::lonnet::courseiddump($cdom,'.',1,'.','.',$cnum,1,[$home],'.');
	if (ref($info{$cdom.'_'.$cnum}) eq 'HASH') {
	return &Apache::lonnet::do_cache_new('courseinfo',$hashid,$info{$cdom.'_'.$cnum},600);
	}
	return;
	}

	sub check_homecourses {
	my ($homecourses,$udom,$regexp,$count,$range,$start,$end,$major,$minor) = @_;
	my ($result,%addtocache);
	my $yesterday = time - 24*3600;
	if (ref($homecourses) eq 'HASH') {
	my (%okcourses,%courseinfo,%recent);
	my $hashref = &tie_domain_hash($udom, "nohist_courseids", &GDBM_WRCREAT());
	if ($hashref) {
	while (my ($key,$value) = each(%$hashref)) {
	my $unesc_key = &unescape($key);
	if ($unesc_key =~ /^lasttime:(\w+)$/) {
	my $cid = $1;
	$cid =~ s/_/:/;
	if ($value > $yesterday ) {
	$recent{$cid} = 1;
	}
	next;
	}
	my $items = &Apache::lonnet::thaw_unescape($value);
	if (ref($items) eq 'HASH') {
	my $hashid = $unesc_key;
	$hashid =~ s/_/:/;
	$courseinfo{$hashid} = $items;
	if (ref($homecourses->{$hashid}) eq 'ARRAY') {
	my ($reqdmajor,$reqdminor) = split(/\./,$items->{'releaserequired'});
	if (&useable_role($reqdmajor,$reqdminor,$major,$minor)) {
	$okcourses{$hashid} = 1;
	}
	}
	}
	}
	unless (&untie_domain_hash($hashref)) {
	&logthis('Failed to untie tied hash for nohist_courseids.db');
	}
	} else {
	&logthis('Failed to tie hash for nohist_courseids.db');
	return;
	}
	foreach my $hashid (keys(%recent)) {
	my ($result,$cached)=&Apache::lonnet::is_cached_new('courseinfo',$hashid);
	unless ($cached) {
	&Apache::lonnet::do_cache_new('courseinfo',$hashid,$courseinfo{$hashid},600);
	}
	}
	foreach my $hashid (keys(%{$homecourses})) {
	next if ($recent{$hashid});
	&Apache::lonnet::do_cache_new('courseinfo',$hashid,$courseinfo{$hashid},600);
	}
	foreach my $hashid (keys(%okcourses)) {
	if (ref($homecourses->{$hashid}) eq 'ARRAY') {
	foreach my $role (@{$homecourses->{$hashid}}) {
	if (ref($role) eq 'HASH') {
	while (my ($key,$value) = each(%{$role})) {
	if ($regexp eq '.') {
	$count++;
	if (defined($range) && $count >= $end) { last; }
	if (defined($range) && $count < $start) { next; }
	$result.=$key.'='.$value.'&';
	} else {
	my $unescapeKey = &unescape($key);
	if (eval('$unescapeKey=~/$regexp/')) {
	$count++;
	if (defined($range) && $count >= $end) { last; }
	if (defined($range) && $count < $start) { next; }
	$result.="$key=$value&";
	}
	}
	}
	}
	}
	}
	}
	}
	return $result;
	}

	sub useable_role {
	my ($reqdmajor,$reqdminor,$major,$minor) = @_;
	if ($reqdmajor ne '' && $reqdminor ne '') {
	return if (($major eq '' && $minor eq '') \|\|
	($major < $reqdmajor) \|\|
	(($major == $reqdmajor) && ($minor < $reqdminor)));
	}
	return 1;
	}

# ----------------------------------- POD (plain old documentation, CPAN style)	# ----------------------------------- POD (plain old documentation, CPAN style)

Line 7821 string.	Line 8186 string.

=back	=back

	=back


=cut	=cut

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.427
changed lines
	Added in v.1.465