|
version 1.489.2.35.2.5, 2021/06/20 18:41:28
|
version 1.489.2.43.2.4, 2022/02/25 10:00:00
|
|
Line 1795 sub read_lonnet_global {
|
Line 1795 sub read_lonnet_global {
|
| } |
} |
| if ($what eq 'perlvar') { |
if ($what eq 'perlvar') { |
| if (!exists($packagevars{$what}{'lonBalancer'})) { |
if (!exists($packagevars{$what}{'lonBalancer'})) { |
| if ($dist =~ /^(centos|rhes|fedora|scientific|oracle)/) { |
if ($dist =~ /^(centos|rhes|fedora|scientific|oracle|rocky|alma)/) { |
| my $othervarref=LONCAPA::Configuration::read_conf('httpd.conf'); |
my $othervarref=LONCAPA::Configuration::read_conf('httpd.conf'); |
| if (ref($othervarref) eq 'HASH') { |
if (ref($othervarref) eq 'HASH') { |
| $items->{'lonBalancer'} = $othervarref->{'lonBalancer'}; |
$items->{'lonBalancer'} = $othervarref->{'lonBalancer'}; |
|
Line 3536 sub dump_with_regexp {
|
Line 3536 sub dump_with_regexp {
|
| } |
} |
| ®ister_handler("dump", \&dump_with_regexp, 0, 1, 0); |
®ister_handler("dump", \&dump_with_regexp, 0, 1, 0); |
| |
|
| |
# |
| |
# Process the encrypted dump request. Original call should |
| |
# be from lonnet::dump() with seventh arg ($encrypt) set to |
| |
# 1, to ensure that both request and response are encrypted. |
| |
# |
| |
# Parameters: |
| |
# $cmd - Command keyword of request (edump). |
| |
# $tail - Tail of the command. |
| |
# See &dump_with_regexp for more |
| |
# information about this. |
| |
# $client - File open on the client. |
| |
# Returns: |
| |
# 1 - Continue processing |
| |
# 0 - server should exit. |
| |
# |
| |
|
| |
sub encrypted_dump_with_regexp { |
| |
my ($cmd, $tail, $client) = @_; |
| |
my $res = LONCAPA::Lond::dump_with_regexp($tail, $clientversion); |
| |
|
| |
if ($res =~ /^error:/) { |
| |
Failure($client, \$res, "$cmd:$tail"); |
| |
} else { |
| |
if ($cipher) { |
| |
my $cmdlength=length($res); |
| |
$res.=" "; |
| |
my $encres=''; |
| |
for (my $encidx=0;$encidx<=$cmdlength;$encidx+=8) { |
| |
$encres.= unpack("H16", |
| |
$cipher->encrypt(substr($res, |
| |
$encidx, |
| |
8))); |
| |
} |
| |
&Reply( $client,"enc:$cmdlength:$encres\n","$cmd:$tail"); |
| |
} else { |
| |
&Failure( $client, "error:no_key\n","$cmd:$tail"); |
| |
} |
| |
} |
| |
} |
| |
®ister_handler("edump", \&encrypted_dump_with_regexp, 0, 1, 0); |
| |
|
| # Store a set of key=value pairs associated with a versioned name. |
# Store a set of key=value pairs associated with a versioned name. |
| # |
# |
| # Parameters: |
# Parameters: |
|
Line 4682 sub get_domain_handler {
|
Line 4723 sub get_domain_handler {
|
| my $userinput = "$cmd:$tail"; |
my $userinput = "$cmd:$tail"; |
| |
|
| my ($udom,$namespace,$what)=split(/:/,$tail,3); |
my ($udom,$namespace,$what)=split(/:/,$tail,3); |
| if ($namespace =~ /^enc/) { |
if (($namespace =~ /^enc/) || ($namespace eq 'private')) { |
| &Failure( $client, "refused\n", $userinput); |
&Failure( $client, "refused\n", $userinput); |
| } else { |
} else { |
| my $res = LONCAPA::Lond::get_dom($userinput); |
my $res = LONCAPA::Lond::get_dom($userinput); |
|
Line 4702 sub encrypted_get_domain_handler {
|
Line 4743 sub encrypted_get_domain_handler {
|
| |
|
| my $userinput = "$cmd:$tail"; |
my $userinput = "$cmd:$tail"; |
| |
|
| my $res = LONCAPA::Lond::get_dom($userinput); |
my ($udom,$namespace,$what) = split(/:/,$tail,3); |
| |
if ($namespace eq 'private') { |
| |
&Failure( $client, "refused\n", $userinput); |
| |
} else { |
| |
my $res = LONCAPA::Lond::get_dom($userinput); |
| |
if ($res =~ /^error:/) { |
| |
&Failure($client, \$res, $userinput); |
| |
} else { |
| |
if ($cipher) { |
| |
my $cmdlength=length($res); |
| |
$res.=" "; |
| |
my $encres=''; |
| |
for (my $encidx=0;$encidx<=$cmdlength;$encidx+=8) { |
| |
$encres.= unpack("H16", |
| |
$cipher->encrypt(substr($res, |
| |
$encidx, |
| |
8))); |
| |
} |
| |
&Reply( $client,"enc:$cmdlength:$encres\n",$userinput); |
| |
} else { |
| |
&Failure( $client, "error:no_key\n",$userinput); |
| |
} |
| |
} |
| |
} |
| |
return 1; |
| |
} |
| |
®ister_handler("egetdom", \&encrypted_get_domain_handler, 1, 1, 0); |
| |
|
| |
# |
| |
# Encrypted get from the namespace database file at the domain level. |
| |
# This function retrieves a keyed item from a specific named database in the |
| |
# domain directory. |
| |
# |
| |
# Parameters: |
| |
# $cmd - Command request keyword (lti). |
| |
# $tail - Tail of the command. This is a colon-separated list |
| |
# consisting of the domain, coursenum, if for LTI- |
| |
# enabled deep-linking to course content using |
| |
# link protection configured within a course, |
| |
# context (=deeplink) if for LTI-enabled deep-linking |
| |
# to course content using LTI Provider settings |
| |
# configured within a course's domain, the (escaped) |
| |
# launch URL, the (escaped) method (typically POST), |
| |
# and a frozen hash of the LTI launch parameters |
| |
# from the LTI payload. |
| |
# $client - File descriptor open on the client. |
| |
# Returns: |
| |
# 1 - Continue processing. |
| |
# 0 - Exit. |
| |
# Side effects: |
| |
# The reply will contain an LTI itemID, if the signed LTI payload |
| |
# could be verified using the consumer key and the shared secret |
| |
# available for that key (for the itemID) for either the course or domain, |
| |
# depending on values for cnum and context. The reply is encrypted before |
| |
# being written to $client. |
| |
# |
| |
sub lti_handler { |
| |
my ($cmd, $tail, $client) = @_; |
| |
|
| |
my $userinput = "$cmd:$tail"; |
| |
|
| |
my ($cdom,$cnum,$context,$escurl,$escmethod,$items) = split(/:/,$tail); |
| |
my $url = &unescape($escurl); |
| |
my $method = &unescape($escmethod); |
| |
my $params = &Apache::lonnet::thaw_unescape($items); |
| |
my $res; |
| |
if ($cnum ne '') { |
| |
$res = &LONCAPA::Lond::crslti_itemid($cdom,$cnum,$url,$method,$params,$perlvar{'lonVersion'}); |
| |
} else { |
| |
$res = &LONCAPA::Lond::domlti_itemid($cdom,$context,$url,$method,$params,$perlvar{'lonVersion'}); |
| |
} |
| if ($res =~ /^error:/) { |
if ($res =~ /^error:/) { |
| &Failure($client, \$res, $userinput); |
&Failure($client, \$res, $userinput); |
| } else { |
} else { |
|
Line 4723 sub encrypted_get_domain_handler {
|
Line 4834 sub encrypted_get_domain_handler {
|
| } |
} |
| return 1; |
return 1; |
| } |
} |
| ®ister_handler("egetdom", \&encrypted_get_domain_handler, 1, 1, 0); |
®ister_handler("lti", \<i_handler, 1, 1, 0); |
| |
|
| # |
# |
| # Puts an id to a domains id database. |
# Puts an id to a domains id database. |
|
Line 5150 sub tmp_put_handler {
|
Line 5261 sub tmp_put_handler {
|
| } |
} |
| my ($id,$store); |
my ($id,$store); |
| $tmpsnum++; |
$tmpsnum++; |
| if (($context eq 'resetpw') || ($context eq 'createaccount')) { |
my $numtries = 0; |
| $id = &md5_hex(&md5_hex(time.{}.rand().$$)); |
my $execdir=$perlvar{'lonDaemons'}; |
| |
if (($context eq 'resetpw') || ($context eq 'createaccount') || |
| |
($context eq 'sso') || ($context eq 'link') || ($context eq 'retry')) { |
| |
$id = &md5_hex(&md5_hex(time.{}.rand().$$.$tmpsnum)); |
| |
while ((-e "$execdir/tmp/$id.tmp") && ($numtries <10)) { |
| |
undef($id); |
| |
$id = &md5_hex(&md5_hex(time.{}.rand().$$.$tmpsnum)); |
| |
$numtries ++; |
| |
} |
| } else { |
} else { |
| $id = $$.'_'.$clientip.'_'.$tmpsnum; |
$id = $$.'_'.$clientip.'_'.$tmpsnum; |
| } |
} |
| $id=~s/\W/\_/g; |
$id=~s/\W/\_/g; |
| $record=~s/\n//g; |
$record=~s/\n//g; |
| my $execdir=$perlvar{'lonDaemons'}; |
if (($id ne '') && |
| if ($store=IO::File->new(">$execdir/tmp/$id.tmp")) { |
($store=IO::File->new(">$execdir/tmp/$id.tmp"))) { |
| print $store $record; |
print $store $record; |
| close $store; |
close $store; |
| &Reply($client, \$id, $userinput); |
&Reply($client, \$id, $userinput); |
|
Line 7224 sub make_new_child {
|
Line 7343 sub make_new_child {
|
| &Authen::Krb5::init_context(); |
&Authen::Krb5::init_context(); |
| |
|
| my $no_ets; |
my $no_ets; |
| if ($dist =~ /^(?:centos|rhes|scientific|oracle)(\d+)$/) { |
if ($dist =~ /^(?:centos|rhes|scientific|oracle|rocky|alma)(\d+)/) { |
| if ($1 >= 7) { |
if ($1 >= 7) { |
| $no_ets = 1; |
$no_ets = 1; |
| } |
} |
|
Line 7390 sub make_new_child {
|
Line 7509 sub make_new_child {
|
| Debug("Main: Got $user_input\n"); |
Debug("Main: Got $user_input\n"); |
| $keep_going = &process_request($user_input); |
$keep_going = &process_request($user_input); |
| alarm(0); |
alarm(0); |
| &status('Listening to '.$clientname." ($keymode)"); |
&status('Listening to '.$clientname." ($keymode)"); |
| } |
} |
| |
|
| # --------------------------------------------- client unknown or fishy, refuse |
# --------------------------------------------- client unknown or fishy, refuse |
|
Line 7406 sub make_new_child {
|
Line 7525 sub make_new_child {
|
| |
|
| &logthis("<font color='red'>CRITICAL: " |
&logthis("<font color='red'>CRITICAL: " |
| ."Disconnect from $clientip ($clientname)</font>"); |
."Disconnect from $clientip ($clientname)</font>"); |
| |
|
| |
|
| # this exit is VERY important, otherwise the child will become |
# this exit is VERY important, otherwise the child will become |
| # a producer of more and more children, forking yourself into |
# a producer of more and more children, forking yourself into |
| # process death. |
# process death. |
|
Line 7627 sub validate_user {
|
Line 7746 sub validate_user {
|
| } elsif ((($domdefaults{'auth_def'} eq 'krb4') || |
} elsif ((($domdefaults{'auth_def'} eq 'krb4') || |
| ($domdefaults{'auth_def'} eq 'krb5')) && |
($domdefaults{'auth_def'} eq 'krb5')) && |
| ($domdefaults{'auth_arg_def'} ne '')) { |
($domdefaults{'auth_arg_def'} ne '')) { |
| $howpwd = $domdefaults{'auth_def'}; |
# |
| $contentpwd = $domdefaults{'auth_arg_def'}; |
# Don't attempt authentication for username and password supplied |
| |
# for user without an account if username contains @ to avoid |
| |
# call to &Authen::Krb5::parse_name() which will result in con_lost |
| |
# |
| |
unless ($user =~ /\@/) { |
| |
$howpwd = $domdefaults{'auth_def'}; |
| |
$contentpwd = $domdefaults{'auth_arg_def'}; |
| |
} |
| } |
} |
| } |
} |
| } |
} |
![[BACK]](/icons/back.gif){kind=icon}
Return to lond CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom