Diff for /loncom/lonlocal.pm between versions 1.4 and 1.5

version 1.4, 2004/06/01 09:53:44 version 1.5, 2004/06/17 09:27:23
Line 56  my $fileindex = 0;  # Per process lonc u Line 56  my $fileindex = 0;  # Per process lonc u
 my $lastError; # Reason for last failure.  my $lastError; # Reason for last failure.
   
   
   #  Debugging:
   
   my $DEBUG = 1;
   
   sub Debug {
       my $msg = shift;
       print STDERR "$msg\n";
   }
   
 # Initialization  # Initialization
   
 $perlvar = LONCAPA::Configuration::read_conf('loncapa.conf');  $perlvar = LONCAPA::Configuration::read_conf('loncapa.conf');
Line 63  $perlvar = LONCAPA::Configuration::read_ Line 72  $perlvar = LONCAPA::Configuration::read_
   
 #------------------------------------------------------------------------  #------------------------------------------------------------------------
 #  #
 # Name          BuildKey  # Name          CreateCipherKey
 # Description:  Create an encryption key.  # Description:  Create an encryption key.
 # Returns:      The key.  # Returns:      The key.
 #  #
Line 73  sub CreateCipherKey { Line 82  sub CreateCipherKey {
     my $binaryKey;      my $binaryKey;
     my $cipherkey;      my $cipherkey;
           
     # we'll use the output of /dev/random to produce our key.      # we'll use the output of /dev/urandom to produce our key.
     # On a system with decent entropy, this ought to be much more      # On a system with decent entropy, this ought to be much more
     # random than all the playing that used to be done to get a key.      # random than all the playing that used to be done to get a key.
     #      # On a system with not so decent entropy we'll still get an ok key.
       # My concern with /dev/random is that we may block for an indefinite
       # time period...where for us decent keys are probably good enough.
           
     $keylength   =  IDEA::keysize();      $keylength   =  IDEA::keysize();
     open(RANDOM, "</dev/random");      open(RANDOM, "</dev/urandom");
     sysread(RANDOM, $binaryKey, $keylength);      sysread(RANDOM, $binaryKey, $keylength);
     close RANDOM;      close RANDOM;
           
Line 111  sub CreateKeyFile { Line 122  sub CreateKeyFile {
     #      #
     $fileindex++;      $fileindex++;
     my $CertificateDir = $perlvar->{lonCertificateDirectory};      my $CertificateDir = $perlvar->{lonCertificateDirectory};
     my $Filename       = $CertificateDir.$pathsep.".$fileindex.".$PID;      my $Filename       = $CertificateDir.$pathsep.".$fileindex.".$$;
   
     # If this file already exists, this is a recoverable error... we just      # If this file already exists, this is a recoverable error... we just
     # delete the earlier incarnation of the file.      # delete the earlier incarnation of the file.
Line 134  sub CreateKeyFile { Line 145  sub CreateKeyFile {
     # the file is created with the appropriate locked down permissions.      # the file is created with the appropriate locked down permissions.
   
     if(! sysopen(KEYFILE, $Filename, O_CREAT | O_EXCL | O_WRONLY, 0600)) {      if(! sysopen(KEYFILE, $Filename, O_CREAT | O_EXCL | O_WRONLY, 0600)) {
  $lastError = "Creation of key file failed ".$ERRNO;   $lastError = "Creation of key file failed ".$!;
  return undef;   return undef;
     }      }
     # Create the key, write it to the file and close the file:      # Create the key, write it to the file and close the file:
Line 143  sub CreateKeyFile { Line 154  sub CreateKeyFile {
     print KEYFILE "$key\n";      print KEYFILE "$key\n";
     close KEYFILE;      close KEYFILE;
   
     return \($key, $Filename);      return ($key, $Filename);
   
           
 }  }
Line 165  sub CreateKeyFile { Line 176  sub CreateKeyFile {
 #  #
 sub ReadKeyFile {  sub ReadKeyFile {
     my $Filename = shift;      my $Filename = shift;
       Debug("ReadKeyFile: $Filename");
   
   
     if(! open(KEYFILE, "<$Filename")) {      if(! open(KEYFILE, "<$Filename")) {
    Debug(" Open of $Filename failed\n");
  $lastError = "Key file open failed";   $lastError = "Key file open failed";
  return undef   return undef
     }      }
     my $key = <KEYFILE>;      my $key = <KEYFILE>;
     chomp;      chomp($key);
       Debug(" Read key: $key");
     close KEYFILE;      close KEYFILE;
     unlink $Filename;      unlink $Filename;
     #      #
Line 179  sub ReadKeyFile { Line 194  sub ReadKeyFile {
     #  permissions:      #  permissions:
     #      #
     if(-e $Filename) {      if(-e $Filename) {
    Debug("File did not get deleted");
  $lastError = "Key file still exists after unlink";   $lastError = "Key file still exists after unlink";
  return undef;   return undef;
     }      }
Line 189  sub ReadKeyFile { Line 205  sub ReadKeyFile {
     #  replacing our file... of course if they read this comment they'll      #  replacing our file... of course if they read this comment they'll
     #  be too smart to put an incorrectly sized file      #  be too smart to put an incorrectly sized file
     #      #
     if(length($key) != IDEA::keysize*2) {      my $keylen = length($key);
       my $rightlen= IDEA::keysize()*2;
       if($keylen != $rightlen) {
    Debug("Key is incorrect length is $keylen sb $rightlen");
  $lastError = "Key file has incorrect length";   $lastError = "Key file has incorrect length";
  return undef;   return undef;
     }      }
       Debug("Returning key: $key to caller");
     return $key;         return $key;   
 }  }

Removed from v.1.4  
changed lines
  Added in v.1.5


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>