File:  [LON-CAPA] / loncom / lonenc.pm
Revision 1.25: download - view: text, annotated - select for diffs
Fri Sep 30 15:58:05 2011 UTC (12 years, 6 months ago) by raeburn
Branches: MAIN
CVS tags: version_2_11_2_uiuc, version_2_11_2_msu, version_2_11_2_educog, version_2_11_2, version_2_11_1, version_2_11_0_RC3, version_2_11_0_RC2, version_2_11_0_RC1, version_2_11_0, language_hyphenation_merge, language_hyphenation, HEAD, BZ4492-merge, BZ4492-feature_horizontal_radioresponse, BZ4492-feature_Support_horizontal_radioresponse, BZ4492-Support_horizontal_radioresponse
- Only add extension if &encrypted() returned an encryted URL.

    1: # The LearningOnline Network
    2: # URL translation for encrypted filenames
    3: #
    4: # $Id: lonenc.pm,v 1.25 2011/09/30 15:58:05 raeburn Exp $
    5: #
    6: # Copyright Michigan State University Board of Trustees
    7: #
    8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
    9: #
   10: # LON-CAPA is free software; you can redistribute it and/or modify
   11: # it under the terms of the GNU General Public License as published by
   12: # the Free Software Foundation; either version 2 of the License, or
   13: # (at your option) any later version.
   14: #
   15: # LON-CAPA is distributed in the hope that it will be useful,
   16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
   17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   18: # GNU General Public License for more details.
   19: #
   20: # You should have received a copy of the GNU General Public License
   21: # along with LON-CAPA; if not, write to the Free Software
   22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   23: #
   24: # /home/httpd/html/adm/gpl.txt
   25: #
   26: # http://www.lon-capa.org/
   27: #
   28: 
   29: package Apache::lonenc;
   30: 
   31: use strict;
   32: use Apache::lonnet;
   33: use Crypt::IDEA;
   34: use Time::HiRes qw(gettimeofday);
   35: use LONCAPA;
   36:  
   37: 
   38: #
   39: #  If a module makes multiple SSI calls and some of the ssi calls result in a
   40: #  resource for an encoded URL, and this can be done in an unprivileged role,
   41: #  there must be a mechanism t oreset the 'request.enc' environment variable.
   42: #  This sub centralizes that mechanism:
   43: #
   44: sub reset_enc {
   45:     $env{'request.enc'} = 0;
   46: }
   47: 
   48: sub encryptseed {
   49:     my ($cid) = @_;
   50:     if (!defined($cid)) {
   51:         $cid = $env{'request.course.id'};
   52:     }
   53:     my $seed;
   54:     if (defined($cid)) {
   55:         if (defined$env{'course.'.$cid.'.internal.encseed'}) {
   56:             $seed = $env{'course.'.$cid.'.internal.encseed'};
   57:         } else {
   58:             my %descargs = ( 'one_time' => 1);
   59:             my %course = 
   60:                &Apache::lonnet::coursedescription($cid,\%descargs);
   61:             $seed = $course{'internal.encseed'};
   62:         }
   63:     }
   64:     if (defined($seed)) {
   65:         $seed=~s/[^0-9a-f]/0/g;
   66:         $seed.='0123456789abcdef';
   67:         $seed=substr($seed.$seed,0,32);
   68:         return pack("H32",$seed);
   69:     } else {
   70:         return pack("H32",1);
   71:     }
   72: }
   73: 
   74: sub unencrypted {
   75:     my ($uri,$cid) = @_;
   76:     $uri=~s/^\/enc\/(\d+)\///;
   77:     my $cmdlength=$1;
   78:     # strip any added extension
   79:     $uri=~s/\.[^.]*//;
   80:     my $seed=&encryptseed($cid);
   81:     unless ($seed) {
   82: 	return '/'.$uri;
   83:     }
   84:     $uri=&unescape($uri);
   85:     my $cipher=new IDEA $seed;
   86:     my $decuri='';
   87:     for (my $encidx=0;$encidx<length($uri);$encidx+=16) {
   88: 	$decuri.=$cipher->decrypt(
   89: 				  pack("H16",substr($uri,$encidx,16))
   90: 				  );
   91:     }
   92:     $env{'request.enc'}=1;
   93:     $decuri=&remove_noise($decuri);
   94:     return substr($decuri,0,$cmdlength);
   95: }
   96: 
   97: # add a randomish character after every 4th caharacter
   98: sub add_noise {
   99:     my ($uri)=@_;
  100:     my @noise=split(/(.)/,(&gettimeofday())[1]);
  101:     my $noisy;
  102:     my $i;
  103:     foreach my $chunk (split(/(....)/,$uri)) {
  104: 	$noisy.=$chunk;
  105: 	$noisy.=$noise[($i++)%(scalar@noise)];
  106:     }
  107:     return $noisy;
  108: }
  109: 
  110: # remove every fifth character
  111: sub remove_noise {
  112:     my ($uri)=@_;
  113:     my $clean;
  114:     foreach my $chunk (split(/(....)./,$uri)) { $clean.=$chunk; }
  115:     return $clean;
  116: }
  117: 
  118: sub encrypted {
  119:     my ($uri,$force_enc) = @_;
  120:     if (!$force_enc && $env{'request.role.adv'}) { return($uri); }
  121:     my $seed=&encryptseed();
  122:     unless ($seed) {
  123: 	return $uri;
  124:     }
  125:     my $cmdlength=length($uri);
  126:     # add noise before enc so that that same url's look different
  127:     $uri=&add_noise($uri);
  128:     my $noiselength=length($uri);
  129:     $uri.=time;
  130:     my $encuri='';
  131:     my $cipher=new IDEA $seed;
  132:     for (my $encidx=0;$encidx<=$noiselength;$encidx+=8) {
  133: 	$encuri.=unpack("H16",
  134: 			$cipher->encrypt(substr($uri,$encidx,8)));
  135:     }
  136:     return '/enc/'.$cmdlength.'/'.&escape($encuri);
  137: }
  138: 
  139: sub check_encrypt {
  140:     my $str=shift;
  141:     if (ref($str)) {
  142:         if ($env{'request.enc'}) { $$str = &Apache::lonenc::encrypted($$str); }
  143:         return;
  144:     } else {
  145:         if ($env{'request.enc'}) { return &Apache::lonenc::encrypted($str); }
  146:     }
  147:     return $str;
  148: }
  149: 
  150: sub check_decrypt {
  151:     my ($str)=@_;
  152:     if (ref($str)) {
  153: 	if ($$str=~m|^/enc/|) { $$str=&Apache::lonenc::unencrypted($$str); }
  154: 	return;
  155:     }
  156:     if ($str=~m|^/enc/|) { return &Apache::lonenc::unencrypted($str); }
  157:     return $str;
  158: }
  159: 
  160: sub encrypt_ref {
  161:     my ($token,$elements,$force_enc)=@_;
  162:     my $html;
  163:     if ($force_enc || $env{'request.enc'}) {
  164: 	while (my ($name,$value)= each(%{ $elements })) {
  165: 	    next if (!$value); 
  166: 	    next if ($value =~ /^\w+:/); # explict javascript: or http: link
  167: 	    my $href=&Apache::lonnet::hreflocation($Apache::lonxml::pwd[-1],$value);
  168: 	    if ($href !~ /^https?\:/) {
  169: 		# IE really wants an extension
  170: 		my ($extension) = ($href =~ m/(\.[^.]*)$/);
  171: 		my $newhref = &Apache::lonenc::encrypted($href,$force_enc);
  172: 		unless ($newhref eq $href) {
  173: 		    $href = $newhref.$extension;
  174: 		}
  175: 	    }
  176: 	    $token->[2]->{$name}=$href;
  177: 	}
  178: 	delete($token->[2]->{'encrypturl'});
  179: 	$html = &Apache::edit::rebuild_tag($token);
  180:     } else {
  181: 	$html = $token->[4];
  182:     }
  183:     return $html;
  184: }
  185: 1;
  186: __END__
  187: 
  188: 
  189: 
  190: 
  191: 
  192: 
  193: 

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>