version 1.52, 2011/01/24 11:02:32
|
version 1.55, 2017/10/20 20:20:21
|
Line 40 use LONCAPA::lonlocal;
|
Line 40 use LONCAPA::lonlocal;
|
use LONCAPA::lonssl; |
use LONCAPA::lonssl; |
|
|
|
|
|
|
|
|
my $DebugLevel=0; |
my $DebugLevel=0; |
my %perlvar; |
my %perlvar; |
|
my %secureconf; |
|
my %hosttypes; |
my $InsecureOk; |
my $InsecureOk; |
|
|
# |
# |
Line 70 sub ReadConfig {
|
Line 70 sub ReadConfig {
|
my $perlvarref = read_conf('loncapa.conf'); |
my $perlvarref = read_conf('loncapa.conf'); |
%perlvar = %{$perlvarref}; |
%perlvar = %{$perlvarref}; |
$ConfigRead = 1; |
$ConfigRead = 1; |
|
|
$InsecureOk = $perlvar{loncAllowInsecure}; |
$InsecureOk = $perlvar{loncAllowInsecure}; |
|
|
|
unless (lonssl::Read_Connect_Config(\%secureconf,\%perlvar) eq 'ok') { |
|
Debug(1,"Failed to retrieve secureconf hash.\n"); |
|
} |
|
unless (lonssl::Read_Host_Types(\%hosttypes,\%perlvar) eq 'ok') { |
|
Debug(1,"Failed to retrieve hosttypes hash.\n"); |
|
} |
|
} |
|
|
|
sub ResetReadConfig { |
|
$ConfigRead = 0; |
} |
} |
|
|
sub Debug { |
sub Debug { |
Line 216 sub new {
|
Line 227 sub new {
|
# allowed...else give up right away. |
# allowed...else give up right away. |
|
|
if(!(defined $key) || !(defined $keyfile)) { |
if(!(defined $key) || !(defined $keyfile)) { |
if($InsecureOk) { |
my $canconnect = 0; |
|
if (ref($secureconf{'connto'}) eq 'HASH') { |
|
unless ($secureconf{'connto'}->{'dom'} eq 'req') { |
|
$canconnect = 1; |
|
} |
|
} else { |
|
$canconnect = $InsecureOk; |
|
} |
|
if ($canconnect) { |
$self->{AuthenticationMode} = "insecure"; |
$self->{AuthenticationMode} = "insecure"; |
$self->{TransactionRequest} = "init\n"; |
$self->{TransactionRequest} = "init\n"; |
} |
} |
Line 240 sub new {
|
Line 259 sub new {
|
my ($ca, $cert) = lonssl::CertificateFile; |
my ($ca, $cert) = lonssl::CertificateFile; |
my $sslkeyfile = lonssl::KeyFile; |
my $sslkeyfile = lonssl::KeyFile; |
|
|
if((defined $ca) && (defined $cert) && (defined $sslkeyfile)) { |
my ($conntype,$gotconninfo); |
|
if ((ref($secureconf{'connto'}) eq 'HASH') && |
|
(exists($hosttypes{$lonid}))) { |
|
$conntype = $secureconf{'connto'}{$hosttypes{$lonid}}; |
|
if ($conntype ne '') { |
|
$gotconninfo = 1; |
|
} |
|
} |
|
if (($conntype ne 'no') && (defined($ca)) && (defined($cert)) && (defined($sslkeyfile))) { |
$self->{AuthenticationMode} = "ssl"; |
$self->{AuthenticationMode} = "ssl"; |
$self->{TransactionRequest} = "init:ssl:$perlvar{'lonVersion'}\n"; |
$self->{TransactionRequest} = "init:ssl:$perlvar{'lonVersion'}\n"; |
|
} elsif (($gotconninfo && $conntype ne 'req') || (!$gotconninfo && $InsecureOk)) { |
|
# Allowed to do insecure: |
|
$self->{AuthenticationMode} = "insecure"; |
|
$self->{TransactionRequest} = "init::$perlvar{'lonVersion'}\n"; |
} else { |
} else { |
if($InsecureOk) { # Allowed to do insecure: |
# Not allowed to do insecure... |
$self->{AuthenticationMode} = "insecure"; |
$socket->close; |
$self->{TransactionRequest} = "init::$perlvar{'lonVersion'}\n"; |
return undef; |
} |
|
else { # Not allowed to do insecure... |
|
$socket->close; |
|
return undef; |
|
} |
|
} |
} |
} |
} |
|
|
Line 342 sub Readable {
|
Line 367 sub Readable {
|
$self->Transition("Disconnected"); |
$self->Transition("Disconnected"); |
return -1; |
return -1; |
} |
} |
# Append the data to the buffer. And figure out if the read is done: |
# If we actually got data, reset the timeout. |
|
|
$self->{TimeoutRemaining} = $self->{TimeoutValue}; # getting data resets the timeout period. |
if (length $data) { |
|
$self->{TimeoutRemaining} = $self->{TimeoutValue}; # getting data resets the timeout period. |
|
} |
|
# Append the data to the buffer. And figure out if the read is done: |
|
|
&Debug(9,"Received from host: ".$data); |
&Debug(9,"Received from host: ".$data); |
$self->{TransactionReply} .= $data; |
$self->{TransactionReply} .= $data; |
Line 1054 sub ExchangeKeysViaSSL {
|
Line 1082 sub ExchangeKeysViaSSL {
|
# |
# |
sub CompleteInsecure { |
sub CompleteInsecure { |
my $self = shift; |
my $self = shift; |
if($InsecureOk) { |
$self->{LoncapaHim}; |
|
my ($conntype,$gotconninfo); |
|
if ((ref($secureconf{'connto'}) eq 'HASH') && |
|
(exists($hosttypes{$self->{LoncapaHim}}))) { |
|
$conntype = $secureconf{'connto'}{$hosttypes{$self->{LoncapaHim}}}; |
|
if ($conntype ne '') { |
|
$gotconninfo = 1; |
|
} |
|
} |
|
if ((($gotconninfo) && ($conntype ne 'req')) || (!$gotconninfo && $InsecureOk)) { |
$self->{AuthenticationMode} = "insecure"; |
$self->{AuthenticationMode} = "insecure"; |
&Debug(8," Transition out of Initialized:insecure"); |
&Debug(8," Transition out of Initialized:insecure"); |
$self->{TransactionRequest} = $self->{TransactionReply}; |
$self->{TransactionRequest} = $self->{TransactionReply}; |
Line 1157 sub GetClientData {
|
Line 1194 sub GetClientData {
|
return $self->{ClientData}; |
return $self->{ClientData}; |
} |
} |
|
|
|
# |
|
# Get the HostID of our peer |
|
# |
|
|
|
sub PeerLoncapaHim { |
|
my $self = shift; |
|
return $self->{LoncapaHim}; |
|
} |
|
|
1; |
1; |
|
|
=pod |
=pod |