--- loncom/auth/lonracc.pm 2005/02/10 22:30:56 1.16
+++ loncom/auth/lonracc.pm 2008/11/12 20:01:09 1.23
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Access Handler for File Transfers
#
-# $Id: lonracc.pm,v 1.16 2005/02/10 22:30:56 albertel Exp $
+# $Id: lonracc.pm,v 1.23 2008/11/12 20:01:09 jms Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -26,24 +26,77 @@
# http://www.lon-capa.org/
#
+=pod
+
+=head1 NAME
+
+Apache::lonracc - Access Handler for File Transfers
+
+=head1 SYNOPSIS
+
+Invoked by /etc/httpd/conf/loncapa.conf:
+
+
+ PerlAccessHandler Apache::lonracc
+
+
+=head1 INTRODUCTION
+
+This module enables authentication for file transfers and works
+against the /res tree.
+
+Only lond invokes the /raw namespace through its subscribe function.
+
+This is part of the LearningOnline Network with CAPA project
+described at http://www.lon-capa.org.
+
+=head1 HANDLER SUBROUTINE
+
+This routine is called by Apache and mod_perl.
+
+=over 4
+
+=item *
+
+Determine requesting host
+
+=item *
+
+See whether or not the requesting host is subscribed.
+
+=item *
+
+Respond with status of request and make log entry in case of unallowed
+access.
+
+=back
+
+=cut
+
package Apache::lonracc;
use strict;
use Apache::Constants qw(:common :remotehost);
-use Apache::lonnet();
+use Apache::lonnet;
use Apache::File();
use IO::Socket;
sub subscribed {
my ($filename,$id) = @_;
- my $found=0;
- my $hostname=$Apache::lonnet::hostname{$id};
+
+ return 0 if (!-e "$filename.subscription");
+
+ my $hostname=&Apache::lonnet::hostname($id);
my (undef,undef,undef,undef,$ip) = gethostbyname($hostname);
+
+ return 0 if (length($ip) != 4);
+
$ip=inet_ntoa($ip);
- my $expr='^'.$id.':'.$ip.':';
- $expr =~ s/\./\\\./g;
- my $sh;
- if ($sh=Apache::File->new("$filename.subscription")) {
+
+ my $expr='^'.quotemeta($id).':'.quotemeta($ip).':';
+
+ my $found=0;
+ if (my $sh=Apache::File->new("$filename.subscription")) {
while (my $subline=<$sh>) { if ($subline =~ /$expr/) { $found=1; } }
$sh->close();
}
@@ -52,10 +105,15 @@ sub subscribed {
sub handler {
my $r = shift;
+
+ my $filename=$r->filename;
+ if (!-e $filename) {
+ return NOT_FOUND;
+ }
+
my $reqhost = $r->get_remote_host(REMOTE_NOLOOKUP);
- my %iphost=&Apache::lonnet::get_iphost();
- my $hostids=$iphost{$reqhost};
- if (!$hostids && $reqhost ne '127.0.0.1' ) {
+ my @hostids= &Apache::lonnet::get_hosts_from_ip($reqhost);
+ if (!@hostids && $reqhost ne '127.0.0.1' ) {
$r->log_reason("Unable to find a host for ".
$r->get_remote_host(REMOTE_NOLOOKUP));
return FORBIDDEN;
@@ -64,16 +122,14 @@ sub handler {
return OK;
}
my $return;
- my @ids=();
- my $id;
+ my @ids;
- foreach $id (@{$hostids}) {
- my $filename=$r->filename;
+ foreach my $id (@hostids) {
my $uri =$r->uri;
- if ((-e "$filename.$id") ||
- &subscribed($filename,$id) ||
- ($filename=~/\.meta$/) ||
- ($uri=~m|^/raw/uploaded|)) {
+ if (($filename=~/\.meta$/) ||
+ ($uri=~m|^/raw/uploaded|) ||
+ (-e "$filename.$id") ||
+ &subscribed($filename,$id) ) {
return OK;
} else {
$return=FORBIDDEN;
@@ -92,50 +148,7 @@ sub handler {
1;
__END__
-=head1 NAME
-
-Apache::lonracc - Access Handler for File Transfers
-
-=head1 SYNOPSIS
-
-Invoked by /etc/httpd/conf/loncapa.conf:
-
- PerlAccessHandler Apache::lonracc
-
-
-=head1 INTRODUCTION
-
-This module enables authentication for file transfers and works
-against the /res tree.
-
-Only lond invokes the /raw namespace through its subscribe function.
-
-This is part of the LearningOnline Network with CAPA project
-described at http://www.lon-capa.org.
-
-=head1 HANDLER SUBROUTINE
-
-This routine is called by Apache and mod_perl.
-
-=over 4
-
-=item *
-
-Determine requesting host
-
-=item *
-
-See whether or not the requesting host is subscribed.
-
-=item *
-
-Respond with status of request and make log entry in case of unallowed
-access.
-
-=back
-
-=cut