Annotation of loncom/lonenc.pm, revision 1.8

1.1       www         1: # The LearningOnline Network
                      2: # URL translation for encrypted filenames
                      3: #
1.8     ! albertel    4: # $Id: lonenc.pm,v 1.7 2004/11/16 15:26:36 albertel Exp $
1.1       www         5: #
                      6: # Copyright Michigan State University Board of Trustees
                      7: #
                      8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
                      9: #
                     10: # LON-CAPA is free software; you can redistribute it and/or modify
                     11: # it under the terms of the GNU General Public License as published by
                     12: # the Free Software Foundation; either version 2 of the License, or
                     13: # (at your option) any later version.
                     14: #
                     15: # LON-CAPA is distributed in the hope that it will be useful,
                     16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
                     17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
                     18: # GNU General Public License for more details.
                     19: #
                     20: # You should have received a copy of the GNU General Public License
                     21: # along with LON-CAPA; if not, write to the Free Software
                     22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
                     23: #
                     24: # /home/httpd/html/adm/gpl.txt
                     25: #
                     26: # http://www.lon-capa.org/
                     27: #
                     28: 
                     29: package Apache::lonenc;
                     30: 
                     31: use strict;
                     32: use Apache::Constants qw(:common :remotehost);
                     33: use Apache::lonnet();
                     34: use Apache::File();
                     35: use Apache::loncommon;
                     36: use Crypt::IDEA;
                     37: 
                     38: sub handler {
                     39:     my $r = shift;
                     40:     my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
                     41:     my $lonid=$cookies{'lonID'};
                     42:     my $cookie;
                     43:     if ($lonid) {
                     44: 	my $handle=$lonid->value;
                     45:         $handle=~s/\W//g;
                     46:         my $lonidsdir=$r->dir_config('lonIDsDir');
1.4       albertel   47: 	$ENV{'request.enc'}=1;
1.1       www        48:         if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
                     49: # Initialize Environment
                     50:             &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
                     51: # Decrypt URL and redirect
1.8     ! albertel   52: 	    my $redirect=&unencrypted($r->uri);
        !            53: 	    if ($r->args) { $redirect.='?'.$r->args; }
        !            54: 	    $r->internal_redirect($redirect);
1.1       www        55: 	    return OK;
                     56: 	} 
                     57:     }
                     58:     return FORBIDDEN;
                     59: }
                     60: 
1.2       www        61: sub encryptseed {
                     62:     my $seed=$ENV{'course.'.$ENV{'request.course.id'}.'.internal.encseed'};
                     63:     $seed=~s/[^0-9a-f]/0/g;
                     64:     $seed.='0123456789abcdef';
                     65:     $seed=substr($seed.$seed,0,32);
                     66:     return pack("H32",$seed);
                     67: }
                     68: 
1.1       www        69: sub unencrypted {
                     70:     my $uri=shift;
                     71:     $uri=~s/^\/enc\/(\d+)\///;
                     72:     my $cmdlength=$1;
1.2       www        73:     my $seed=&encryptseed();
                     74:     unless ($seed) {
1.1       www        75: 	return '/'.$uri;
                     76:     }
                     77:     $uri=&Apache::lonnet::unescape($uri);
1.2       www        78:     my $cipher=new IDEA $seed;
1.1       www        79:     my $decuri='';
                     80:     for (my $encidx=0;$encidx<length($uri);$encidx+=16) {
                     81: 	$decuri.=$cipher->decrypt(
                     82: 				  pack("H16",substr($uri,$encidx,16))
                     83: 				  );
                     84:     }
1.5       albertel   85:     $ENV{'request.enc'}=1;
1.1       www        86:     return substr($decuri,0,$cmdlength);
                     87: }
                     88: 
                     89: sub encrypted {
                     90:     my $uri=shift;
1.3       albertel   91:     if ($ENV{'request.role.adv'}) { return($uri); }
1.2       www        92:     my $seed=&encryptseed();
                     93:     unless ($seed) {
                     94: 	return $uri;
                     95:     }
1.1       www        96:     my $cmdlength=length($uri);
1.2       www        97:     $uri.='00000000';
1.1       www        98:     my $encuri='';
1.2       www        99:     my $cipher=new IDEA $seed;
1.1       www       100:     for (my $encidx=0;$encidx<=$cmdlength;$encidx+=8) {
                    101: 	$encuri.=unpack("H16",
                    102: 			$cipher->encrypt(substr($uri,$encidx,8)));
                    103:     }
                    104:     return '/enc/'.$cmdlength.'/'.&Apache::lonnet::escape($encuri);
                    105: }
                    106: 
1.5       albertel  107: sub check_encrypt {
                    108:     my $str=shift;
                    109:     if ($ENV{'request.enc'}) { return &Apache::lonenc::encrypted($str); }
                    110:     return $str;
                    111: }
                    112: 
1.6       albertel  113: sub check_decrypt {
                    114:     my ($str)=@_;
1.7       albertel  115:     if (ref($str)) {
                    116: 	if ($$str=~m|^/enc/|) { $$str=&Apache::lonenc::unencrypted($$str); }
                    117: 	return;
                    118:     }
                    119:     if ($str=~m|^/enc/|) { return &Apache::lonenc::unencrypted($str); }
                    120:     return $str;
1.6       albertel  121: }
                    122: 
1.1       www       123: 1;
                    124: __END__
                    125: 
                    126: 
                    127: 
                    128: 
                    129: 
                    130: 
                    131: 

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>