[BACK]Return to lonenc.pm CVS log [TXT] [DIR] Up to [LON-CAPA] / loncom

Diff for /loncom/lonenc.pm between versions 1.5 and 1.12

version 1.5, 2004/11/11 20:05:56 version 1.12, 2006/03/22 19:37:44
Line 30  package Apache::lonenc; Line 30  package Apache::lonenc;
   
 use strict;  use strict;
 use Apache::Constants qw(:common :remotehost);  use Apache::Constants qw(:common :remotehost);
 use Apache::lonnet();  use Apache::lonnet;
 use Apache::File();  use Apache::File();
 use Apache::loncommon;  use Apache::loncommon;
 use Crypt::IDEA;  use Crypt::IDEA;
   use Time::HiRes qw(gettimeofday);
   
 sub handler {  sub handler {
     my $r = shift;      my $r = shift;
Line 44  sub handler { Line 45  sub handler {
  my $handle=$lonid->value;   my $handle=$lonid->value;
         $handle=~s/\W//g;          $handle=~s/\W//g;
         my $lonidsdir=$r->dir_config('lonIDsDir');          my $lonidsdir=$r->dir_config('lonIDsDir');
  $ENV{'request.enc'}=1;   $env{'request.enc'}=1;
         if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {          if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
 # Initialize Environment  # Initialize Environment
             &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);              &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
 # Decrypt URL and redirect  # Decrypt URL and redirect
     &Apache::lonnet::logthis("args ".$r->args);      my $redirect=&unencrypted($r->uri);
     &Apache::lonnet::logthis("uri ".$r->uri);      if ($r->args) { $redirect.='?'.$r->args; }
     $r->internal_redirect(&unencrypted($r->uri).'?'.$r->args);      $r->internal_redirect($redirect);
     return OK;      return OK;
  }    } 
     }      }
Line 59  sub handler { Line 60  sub handler {
 }  }
   
 sub encryptseed {  sub encryptseed {
     my $seed=$ENV{'course.'.$ENV{'request.course.id'}.'.internal.encseed'};      my $seed=$env{'course.'.$env{'request.course.id'}.'.internal.encseed'};
     $seed=~s/[^0-9a-f]/0/g;      $seed=~s/[^0-9a-f]/0/g;
     $seed.='0123456789abcdef';      $seed.='0123456789abcdef';
     $seed=substr($seed.$seed,0,32);      $seed=substr($seed.$seed,0,32);
Line 82  sub unencrypted { Line 83  sub unencrypted {
   pack("H16",substr($uri,$encidx,16))    pack("H16",substr($uri,$encidx,16))
   );    );
     }      }
     $ENV{'request.enc'}=1;      $env{'request.enc'}=1;
       $decuri=&remove_noise($decuri);
     return substr($decuri,0,$cmdlength);      return substr($decuri,0,$cmdlength);
 }  }
   
   # add a randomish character after every 4th caharacter
   sub add_noise {
       my ($uri)=@_;
       my @noise=split(/(.)/,(&gettimeofday())[1]);
       my $noisy;
       my $i;
       foreach my $chunk (split(/(....)/,$uri)) {
    $noisy.=$chunk;
    $noisy.=$noise[($i++)%(scalar@noise)];
       }
       return $noisy;
   }
   
   # remove every fifth character
   sub remove_noise {
       my ($uri)=@_;
       my $clean;
       foreach my $chunk (split(/(....)./,$uri)) { $clean.=$chunk; }
       return $clean;
   }
   
 sub encrypted {  sub encrypted {
     my $uri=shift;      my ($uri,$force_enc) = @_;
     if ($ENV{'request.role.adv'}) { return($uri); }      if (!$force_enc && $env{'request.role.adv'}) { return($uri); }
     my $seed=&encryptseed();      my $seed=&encryptseed();
     unless ($seed) {      unless ($seed) {
  return $uri;   return $uri;
     }      }
     my $cmdlength=length($uri);      my $cmdlength=length($uri);
     $uri.='00000000';      # add noise before enc so that that same url's look different
       $uri=&add_noise($uri);
       my $noiselength=length($uri);
       $uri.=time;
     my $encuri='';      my $encuri='';
     my $cipher=new IDEA $seed;      my $cipher=new IDEA $seed;
     for (my $encidx=0;$encidx<=$cmdlength;$encidx+=8) {      for (my $encidx=0;$encidx<=$noiselength;$encidx+=8) {
  $encuri.=unpack("H16",   $encuri.=unpack("H16",
  $cipher->encrypt(substr($uri,$encidx,8)));   $cipher->encrypt(substr($uri,$encidx,8)));
     }      }
Line 106  sub encrypted { Line 132  sub encrypted {
   
 sub check_encrypt {  sub check_encrypt {
     my $str=shift;      my $str=shift;
     if ($ENV{'request.enc'}) { return &Apache::lonenc::encrypted($str); }      if ($env{'request.enc'}) { return &Apache::lonenc::encrypted($str); }
     return $str;      return $str;
 }  }
   
   sub check_decrypt {
       my ($str)=@_;
       if (ref($str)) {
    if ($$str=~m|^/enc/|) { $$str=&Apache::lonenc::unencrypted($$str); }
    return;
       }
       if ($str=~m|^/enc/|) { return &Apache::lonenc::unencrypted($str); }
       return $str;
   }
   
   sub encrypt_ref {
       my ($token,$elements,$force_enc)=@_;
       my $html;
       &Apache::lonnet::logthis("hrrm $force_enc");
       if ($force_enc || $env{'request.enc'}) {
    while (my ($name,$value)= each(%{ $elements })) {
       if (!$value) { next; }
       my $href=&Apache::lonnet::hreflocation($Apache::lonxml::pwd[-1],$value);
       if ($href !~ /^http:/) {
    $href = &Apache::lonenc::encrypted($href,$force_enc);
       }
       $token->[2]->{$name}=$href;
    }
    delete($token->[2]->{'encrypturl'});
    $html = &Apache::edit::rebuild_tag($token);
       } else {
    $html = $token->[4];
       }
       return $html;
   }
 1;  1;
 __END__  __END__
   
Removed from v.1.5  
changed lines
  Added in v.1.12

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>