--- loncom/lond 2017/05/09 03:04:21 1.536 +++ loncom/lond 2017/06/06 13:32:38 1.538 @@ -2,7 +2,7 @@ # The LearningOnline Network # lond "LON Daemon" Server (port "LOND" 5663) # -# $Id: lond,v 1.536 2017/05/09 03:04:21 raeburn Exp $ +# $Id: lond,v 1.538 2017/06/06 13:32:38 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -65,7 +65,7 @@ my $DEBUG = 0; # Non zero to ena my $status=''; my $lastlog=''; -my $VERSION='$Revision: 1.536 $'; #' stupid emacs +my $VERSION='$Revision: 1.538 $'; #' stupid emacs my $remoteVERSION; my $currenthostid="default"; my $currentdomainid; @@ -1610,8 +1610,9 @@ sub du2_handler { # (c) /home/httpd/lonUsers//<1>/<2>/<3>//userfiles # or is: # -# 2. for a file, and the path (after prepending) does not begin with: -# /home/httpd/lonUsers//<1>/<2>/<3>// +# 2. for a file, and the path (after prepending) does not begin with one of: +# (a) /home/httpd/lonUsers//<1>/<2>/<3>// +# (b) /home/httpd/html/res/// # # the response will be "refused". # @@ -1670,7 +1671,8 @@ sub ls_handler { closedir(LSDIR); } } else { - unless ($ulsdir =~ m{/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_username/}) { + unless (($ulsdir =~ m{/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_username/}) || + ($ulsdir =~ m{/home/httpd/html/res/$LONCAPA::match_domain/$LONCAPA::match_username/})) { &Failure($client,"refused\n",$userinput); return 1; } @@ -1707,8 +1709,9 @@ sub ls_handler { # (c) /home/httpd/lonUsers//<1>/<2>/<3>//userfiles # or is: # -# 2. for a file, and the path (after prepending) does not begin with: -# /home/httpd/lonUsers//<1>/<2>/<3>// +# 2. for a file, and the path (after prepending) does not begin with one of: +# (a) /home/httpd/lonUsers//<1>/<2>/<3>// +# (b) /home/httpd/html/res/// # # the response will be "refused". # @@ -1767,7 +1770,9 @@ sub ls2_handler { closedir(LSDIR); } } else { - unless ($ulsdir =~ m{/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_username/}) { + unless (($ulsdir =~ m{/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_username/}) || + ($ulsdir =~ m{/home/httpd/html/res/$LONCAPA::match_domain/$LONCAPA::match_username/})) { + &Failure($client,"refused\n",$userinput); return 1; } @@ -1798,8 +1803,9 @@ sub ls2_handler { # # or is: # -# 2. for a file, and the path (after prepending) does not begin with: -# /home/httpd/lonUsers//<1>/<2>/<3>// +# 2. for a file, and the path (after prepending) does not begin with one of: +# (a) /home/httpd/lonUsers//<1>/<2>/<3>// +# (b) /home/httpd/html/res/// # # the response will be "refused". # @@ -1907,7 +1913,8 @@ sub ls3_handler { } } else { unless (($getpropath) || ($getuserdir) || - ($ulsdir =~ m{/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_username/})) { + ($ulsdir =~ m{/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_username/}) || + ($ulsdir =~ m{/home/httpd/html/res/$LONCAPA::match_domain/$LONCAPA::match_username/})) { &Failure($client,"refused\n",$userinput); return 1; } @@ -2591,15 +2598,10 @@ sub update_resource_handler { my $transname="$fname.in.transfer"; my $remoteurl=&Apache::lonnet::reply("sub:$fname","$clientname"); my $response; -# FIXME: cannot replicate files that take more than two minutes to transfer? -# alarm(120); -# FIXME: this should use the LWP mechanism, not internal alarms. - alarm(1200); - { - my $request=new HTTP::Request('GET',"$remoteurl"); - $response=&LONCAPA::LWPReq::makerequest($clientname,$request,$transname,\%perlvar,1200,0,1); - } - alarm(0); +# FIXME: cannot replicate files that take more than two minutes to transfer -- needs checking now 1200s timeout used +# for LWP request. + my $request=new HTTP::Request('GET',"$remoteurl"); + $response=&LONCAPA::LWPReq::makerequest($clientname,$request,$transname,\%perlvar,1200,0,1); if ($response->is_error()) { # FIXME: we should probably clean up here instead of just whine unlink($transname); @@ -2607,16 +2609,11 @@ sub update_resource_handler { &logthis("LWP GET: $message for $fname ($remoteurl)"); } else { if ($remoteurl!~/\.meta$/) { -# FIXME: isn't there an internal LWP mechanism for this? - alarm(120); - { - my $mrequest=new HTTP::Request('GET',$remoteurl.'.meta'); - my $mresponse = &LONCAPA::LWPReq::makerequest($clientname,$mrequest,$fname.'.meta',\%perlvar,120,0,1); - if ($mresponse->is_error()) { - unlink($fname.'.meta'); - } + my $mrequest=new HTTP::Request('GET',$remoteurl.'.meta'); + my $mresponse = &LONCAPA::LWPReq::makerequest($clientname,$mrequest,$fname.'.meta',\%perlvar,120,0,1); + if ($mresponse->is_error()) { + unlink($fname.'.meta'); } - alarm(0); } # we successfully transfered, copy file over to real name rename($transname,$fname); @@ -2686,17 +2683,13 @@ sub fetch_user_file_handler { my $remoteurl=$clientprotocol.'://'.$clienthost.'/userfiles/'.$fname; my $response; Debug("Remote URL : $remoteurl Transfername $transname Destname: $destname"); - alarm(1200); - { - my $request=new HTTP::Request('GET',"$remoteurl"); - my $verifycert = 1; - my @machine_ids = &Apache::lonnet::current_machine_ids(); - if (grep(/^\Q$clientname\E$/,@machine_ids)) { - $verifycert = 0; - } - $response = &LONCAPA::LWPReq::makerequest($clientname,$request,$transname,\%perlvar,1200,$verifycert); - } - alarm(0); + my $request=new HTTP::Request('GET',"$remoteurl"); + my $verifycert = 1; + my @machine_ids = &Apache::lonnet::current_machine_ids(); + if (grep(/^\Q$clientname\E$/,@machine_ids)) { + $verifycert = 0; + } + $response = &LONCAPA::LWPReq::makerequest($clientname,$request,$transname,\%perlvar,1200,$verifycert); if ($response->is_error()) { unlink($transname); my $message=$response->status_line; @@ -8742,7 +8735,6 @@ IO::File Apache::File POSIX Crypt::IDEA -LWP::UserAgent() GDBM_File Authen::Krb4 Authen::Krb5