|
version 1.542, 2018/02/01 04:50:41
|
version 1.545, 2018/08/07 17:12:09
|
|
Line 108 my %perlvar; # Will have the apache co
|
Line 108 my %perlvar; # Will have the apache co
|
| my %secureconf; # Will have requirements for security |
my %secureconf; # Will have requirements for security |
| # of lond connections |
# of lond connections |
| |
|
| |
my %crlchecked; # Will contain clients for which the client's SSL |
| |
# has been checked against the cluster's Certificate |
| |
# Revocation List. |
| |
|
| my $dist; |
my $dist; |
| |
|
| # |
# |
|
Line 420 sub SSLConnection {
|
Line 424 sub SSLConnection {
|
| Debug("Approving promotion -> ssl"); |
Debug("Approving promotion -> ssl"); |
| # And do so: |
# And do so: |
| |
|
| |
my $CRLFile; |
| |
unless ($crlchecked{$clientname}) { |
| |
$CRLFile = lonssl::CRLFile(); |
| |
$crlchecked{$clientname} = 1; |
| |
} |
| |
|
| my $SSLSocket = lonssl::PromoteServerSocket($Socket, |
my $SSLSocket = lonssl::PromoteServerSocket($Socket, |
| $CACertificate, |
$CACertificate, |
| $Certificate, |
$Certificate, |
| $KeyFile); |
$KeyFile, |
| |
$clientname, |
| |
$CRLFile); |
| if(! ($SSLSocket) ) { # SSL socket promotion failed. |
if(! ($SSLSocket) ) { # SSL socket promotion failed. |
| my $err = lonssl::LastError(); |
my $err = lonssl::LastError(); |
| &logthis("<font color=\"red\"> CRITICAL " |
&logthis("<font color=\"red\"> CRITICAL " |
|
Line 6992 sub UpdateHosts {
|
Line 7004 sub UpdateHosts {
|
| |
|
| my %oldconf = %secureconf; |
my %oldconf = %secureconf; |
| my %connchange; |
my %connchange; |
| if (lonssl::Read_Connect_Config(\%secureconf,\%perlvar) eq 'ok') { |
if (lonssl::Read_Connect_Config(\%secureconf,\%crlchecked,\%perlvar) eq 'ok') { |
| logthis('<font color="blue"> Reloaded SSL connection rules </font>'); |
logthis('<font color="blue"> Reloaded SSL connection rules and cleared CRL checking history </font>'); |
| } else { |
} else { |
| logthis('<font color="yellow"> Failed to reload SSL connection rules </font>'); |
logthis('<font color="yellow"> Failed to reload SSL connection rules and clear CRL checking history </font>'); |
| } |
} |
| if ((ref($oldconf{'connfrom'}) eq 'HASH') && (ref($secureconf{'connfrom'}) eq 'HASH')) { |
if ((ref($oldconf{'connfrom'}) eq 'HASH') && (ref($secureconf{'connfrom'}) eq 'HASH')) { |
| foreach my $type ('dom','intdom','other') { |
foreach my $type ('dom','intdom','other') { |
|
Line 7274 if ($arch eq 'unknown') {
|
Line 7286 if ($arch eq 'unknown') {
|
| chomp($arch); |
chomp($arch); |
| } |
} |
| |
|
| unless (lonssl::Read_Connect_Config(\%secureconf,\%perlvar) eq 'ok') { |
unless (lonssl::Read_Connect_Config(\%secureconf,\%crlchecked,\%perlvar) eq 'ok') { |
| &logthis('<font color="blue">No connectionrules table. Will fallback to loncapa.conf</font>'); |
&logthis('<font color="blue">No connectionrules table. Will fallback to loncapa.conf</font>'); |
| } |
} |
| |
|
|
Line 8369 sub make_passwd_file {
|
Line 8381 sub make_passwd_file {
|
| $result = "pass_file_failed_error"; |
$result = "pass_file_failed_error"; |
| } |
} |
| } |
} |
| |
} elsif ($umode eq 'lti') { |
| |
my $pf = IO::File->new(">$passfilename"); |
| |
if($pf) { |
| |
print $pf "lti:\n"; |
| |
&update_passwd_history($uname,$udom,$umode,$action); |
| |
} else { |
| |
$result = "pass_file_failed_error"; |
| |
} |
| } else { |
} else { |
| $result="auth_mode_error"; |
$result="auth_mode_error"; |
| } |
} |
![[BACK]](/icons/back.gif){kind=icon}
Return to lond CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom