|
version 1.9, 2004/12/20 19:26:53
|
version 1.20, 2006/12/27 17:11:08
|
|
Line 29
|
Line 29
|
| package Apache::lonenc; |
package Apache::lonenc; |
| |
|
| use strict; |
use strict; |
| use Apache::Constants qw(:common :remotehost); |
use Apache::lonnet; |
| use Apache::lonnet(); |
|
| use Apache::File(); |
|
| use Apache::loncommon; |
|
| use Crypt::IDEA; |
use Crypt::IDEA; |
| use Time::HiRes qw(gettimeofday); |
use Time::HiRes qw(gettimeofday); |
| |
use LONCAPA; |
| sub handler { |
|
| my $r = shift; |
|
| my %cookies=CGI::Cookie->parse($r->header_in('Cookie')); |
|
| my $lonid=$cookies{'lonID'}; |
|
| my $cookie; |
|
| if ($lonid) { |
|
| my $handle=$lonid->value; |
|
| $handle=~s/\W//g; |
|
| my $lonidsdir=$r->dir_config('lonIDsDir'); |
|
| $ENV{'request.enc'}=1; |
|
| if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) { |
|
| # Initialize Environment |
|
| &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle); |
|
| # Decrypt URL and redirect |
|
| my $redirect=&unencrypted($r->uri); |
|
| if ($r->args) { $redirect.='?'.$r->args; } |
|
| $r->internal_redirect($redirect); |
|
| return OK; |
|
| } |
|
| } |
|
| return FORBIDDEN; |
|
| } |
|
| |
|
| sub encryptseed { |
sub encryptseed { |
| my $seed=$ENV{'course.'.$ENV{'request.course.id'}.'.internal.encseed'}; |
my ($cid) = @_; |
| $seed=~s/[^0-9a-f]/0/g; |
if (!defined($cid)) { |
| $seed.='0123456789abcdef'; |
$cid = $env{'request.course.id'}; |
| $seed=substr($seed.$seed,0,32); |
} |
| return pack("H32",$seed); |
my $seed; |
| |
if (defined($cid)) { |
| |
if (defined$env{'course.'.$cid.'.internal.encseed'}) { |
| |
$seed = $env{'course.'.$cid.'.internal.encseed'}; |
| |
} else { |
| |
my %descargs = ( 'one_time' => 1); |
| |
my %course = |
| |
&Apache::lonnet::coursedescription($cid,\%descargs); |
| |
$seed = $course{'internal.encseed'}; |
| |
} |
| |
} |
| |
if (defined($seed)) { |
| |
$seed=~s/[^0-9a-f]/0/g; |
| |
$seed.='0123456789abcdef'; |
| |
$seed=substr($seed.$seed,0,32); |
| |
return pack("H32",$seed); |
| |
} else { |
| |
return; |
| |
} |
| } |
} |
| |
|
| sub unencrypted { |
sub unencrypted { |
| my $uri=shift; |
my ($uri,$cid) = @_; |
| $uri=~s/^\/enc\/(\d+)\///; |
$uri=~s/^\/enc\/(\d+)\///; |
| my $cmdlength=$1; |
my $cmdlength=$1; |
| my $seed=&encryptseed(); |
# strip any added extension |
| |
$uri=~s/\.[^.]*//; |
| |
my $seed=&encryptseed($cid); |
| unless ($seed) { |
unless ($seed) { |
| return '/'.$uri; |
return '/'.$uri; |
| } |
} |
| $uri=&Apache::lonnet::unescape($uri); |
$uri=&unescape($uri); |
| my $cipher=new IDEA $seed; |
my $cipher=new IDEA $seed; |
| my $decuri=''; |
my $decuri=''; |
| for (my $encidx=0;$encidx<length($uri);$encidx+=16) { |
for (my $encidx=0;$encidx<length($uri);$encidx+=16) { |
|
Line 83 sub unencrypted {
|
Line 78 sub unencrypted {
|
| pack("H16",substr($uri,$encidx,16)) |
pack("H16",substr($uri,$encidx,16)) |
| ); |
); |
| } |
} |
| $ENV{'request.enc'}=1; |
$env{'request.enc'}=1; |
| $decuri=&remove_noise($decuri); |
$decuri=&remove_noise($decuri); |
| return substr($decuri,0,$cmdlength); |
return substr($decuri,0,$cmdlength); |
| } |
} |
|
Line 110 sub remove_noise {
|
Line 105 sub remove_noise {
|
| } |
} |
| |
|
| sub encrypted { |
sub encrypted { |
| my $uri=shift; |
my ($uri,$force_enc) = @_; |
| if ($ENV{'request.role.adv'}) { return($uri); } |
if (!$force_enc && $env{'request.role.adv'}) { return($uri); } |
| my $seed=&encryptseed(); |
my $seed=&encryptseed(); |
| unless ($seed) { |
unless ($seed) { |
| return $uri; |
return $uri; |
|
Line 127 sub encrypted {
|
Line 122 sub encrypted {
|
| $encuri.=unpack("H16", |
$encuri.=unpack("H16", |
| $cipher->encrypt(substr($uri,$encidx,8))); |
$cipher->encrypt(substr($uri,$encidx,8))); |
| } |
} |
| return '/enc/'.$cmdlength.'/'.&Apache::lonnet::escape($encuri); |
return '/enc/'.$cmdlength.'/'.&escape($encuri); |
| } |
} |
| |
|
| sub check_encrypt { |
sub check_encrypt { |
| my $str=shift; |
my $str=shift; |
| if ($ENV{'request.enc'}) { return &Apache::lonenc::encrypted($str); } |
if (ref($str)) { |
| |
if ($env{'request.enc'}) { $$str = &Apache::lonenc::encrypted($$str); } |
| |
return; |
| |
} else { |
| |
if ($env{'request.enc'}) { return &Apache::lonenc::encrypted($str); } |
| |
} |
| return $str; |
return $str; |
| } |
} |
| |
|
|
Line 146 sub check_decrypt {
|
Line 146 sub check_decrypt {
|
| return $str; |
return $str; |
| } |
} |
| |
|
| |
sub encrypt_ref { |
| |
my ($token,$elements,$force_enc)=@_; |
| |
my $html; |
| |
if ($force_enc || $env{'request.enc'}) { |
| |
while (my ($name,$value)= each(%{ $elements })) { |
| |
if (!$value) { next; } |
| |
my $href=&Apache::lonnet::hreflocation($Apache::lonxml::pwd[-1],$value); |
| |
if ($href !~ /^http:/) { |
| |
# IE really wants an extension |
| |
my ($extension) = ($href =~ m/(\.[^.]*)$/); |
| |
$href = &Apache::lonenc::encrypted($href,$force_enc); |
| |
$href .= $extension; |
| |
} |
| |
$token->[2]->{$name}=$href; |
| |
} |
| |
delete($token->[2]->{'encrypturl'}); |
| |
$html = &Apache::edit::rebuild_tag($token); |
| |
} else { |
| |
$html = $token->[4]; |
| |
} |
| |
return $html; |
| |
} |
| 1; |
1; |
| __END__ |
__END__ |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to lonenc.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom