--- loncom/lond	2021/06/15 20:52:27	1.567
+++ loncom/lond	2021/08/01 19:28:10	1.568
@@ -2,7 +2,7 @@
 # The LearningOnline Network
 # lond "LON Daemon" Server (port "LOND" 5663)
 #
-# $Id: lond,v 1.567 2021/06/15 20:52:27 raeburn Exp $
+# $Id: lond,v 1.568 2021/08/01 19:28:10 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -65,7 +65,7 @@ my $DEBUG = 0;		       # Non zero to ena
 my $status='';
 my $lastlog='';
 
-my $VERSION='$Revision: 1.567 $'; #' stupid emacs
+my $VERSION='$Revision: 1.568 $'; #' stupid emacs
 my $remoteVERSION;
 my $currenthostid="default";
 my $currentdomainid;
@@ -239,6 +239,7 @@ my %trust = (
                du2 => {remote => 1, enroll => 1},
                dump => {remote => 1, enroll => 1, domroles => 1},
                edit => {institutiononly => 1},  #not used currently
+               edump => {remote => 1, enroll => 1, domroles => 1},
                eget => {remote => 1, domroles => 1, enroll => 1}, #not used currently
                egetdom => {remote => 1, domroles => 1, enroll => 1, },
                ekey => {anywhere => 1},
@@ -3829,6 +3830,47 @@ sub dump_with_regexp {
 }
 &register_handler("dump", \&dump_with_regexp, 0, 1, 0);
 
+#
+#  Process the encrypted dump request. Original call should
+#  be from lonnet::dump() with seventh arg ($encrypt) set to
+#  1, to ensure that both request and response are encrypted.
+#
+#  Parameters:
+#     $cmd               - Command keyword of request (edump).
+#     $tail              - Tail of the command.
+#                          See &dump_with_regexp for more
+#                          information about this.
+#     $client            - File open on the client.
+#  Returns:
+#     1      - Continue processing
+#     0      - server should exit.
+#
+
+sub encrypted_dump_with_regexp {
+    my ($cmd, $tail, $client) = @_;
+    my $res = LONCAPA::Lond::dump_with_regexp($tail, $clientversion);
+
+    if ($res =~ /^error:/) {
+        Failure($client, \$res, "$cmd:$tail");
+    } else {
+        if ($cipher) {
+            my $cmdlength=length($res);
+            $res.="         ";
+            my $encres='';
+            for (my $encidx=0;$encidx<=$cmdlength;$encidx+=8) {
+                $encres.= unpack("H16",
+                                 $cipher->encrypt(substr($res,
+                                                         $encidx,
+                                                         8)));
+            }
+            &Reply( $client,"enc:$cmdlength:$encres\n","$cmd:$tail");
+        } else {
+            &Failure( $client, "error:no_key\n","$cmd:$tail");
+        }
+    }
+}
+&register_handler("edump", \&encrypted_dump_with_regexp, 0, 1, 0);
+
 #  Store a set of key=value pairs associated with a versioned name.
 #
 #  Parameters: