version 1.3, 2002/07/31 15:23:55
|
version 1.16, 2006/02/07 19:46:26
|
Line 1
|
Line 1
|
# The LearningOnline Network |
# The LearningOnline Network |
# Low security Access Handler for Token-based access |
# Access Handler for User File Transfers |
# (clearance given by other loncapa host) |
|
# |
# |
# $Id$ |
# $Id$ |
# |
# |
Line 30
|
Line 29
|
package Apache::lontokacc; |
package Apache::lontokacc; |
|
|
use strict; |
use strict; |
use Apache::Constants qw(:common); |
use Apache::Constants qw(:common :remotehost); |
use Apache::lonnet(); |
use Apache::lonnet(); |
use Apache::loncommon(); |
use Apache::File(); |
|
use IO::Socket; |
|
|
sub handler { |
sub handler { |
my $r = shift; |
my $r = shift; |
my $query=$r->args; |
my $reqhost = $r->get_remote_host(REMOTE_NOLOOKUP); |
&Apache::loncommon::get_unprocessed_cgi($query,['token','server']); |
my %iphost=&Apache::lonnet::get_iphost(); |
my $tmpinfo='no_token'; |
my $hostids=$iphost{$reqhost}; |
if (($ENV{'form.token'}) || ($ENV{'form.server'})) { |
if (!$hostids && $reqhost ne '127.0.0.1' ) { |
$tmpinfo=&Apache::lonnet::unescape( |
$r->log_reason("Unable to find a host for ". |
&Apache::lonnet::reply('tmpget:'.$ENV{'form.token'}, |
$r->get_remote_host(REMOTE_NOLOOKUP)); |
$ENV{'form.server'})); |
return FORBIDDEN; |
chomp($tmpinfo); |
|
my $uri=$r->uri; |
|
if ($tmpinfo=~/$uri$/) { |
|
return OK; |
|
} |
|
} |
} |
$r->log_reason("Invalid token-based access:".$r->uri.' for '.$tmpinfo.'.', |
if ($reqhost eq '127.0.0.1') { |
$r->filename); |
return OK; |
|
} |
|
my $readline; |
|
my $lontabdir=$r->dir_config('lonTabDir'); |
|
{ |
|
my $fh; |
|
unless ($fh=Apache::File->new("$lontabdir/hosts.tab")) { |
|
$r->log_reason("Could not find host tab file"); |
|
return FORBIDDEN; |
|
} |
|
while ($readline=<$fh>) { |
|
$readline=~s/\s*$//; |
|
my ($id,$domain,$role,$name)=split(/:/,$readline); |
|
foreach my $hostid (@{$hostids}) { |
|
my $hostname=$Apache::lonnet::hostname{$hostid}; |
|
if ($name =~ /^\Q$hostname\E$/i) { |
|
return OK; |
|
} |
|
} |
|
} |
|
|
|
} |
|
$r->log_reason("Invalid request for user file transfer from $reqhost (".join(",",@{$hostids}).")", |
|
$r->filename); |
return FORBIDDEN; |
return FORBIDDEN; |
} |
} |
|
|
|
sub removefile { |
|
my $r=shift; |
|
if ($r->status==200) { |
|
unlink($r->filename); |
|
#&Apache::lonnet::logthis('Unlinking '.$r->filename); |
|
} else { |
|
&Apache::lonnet::logthis('Failed to transfer '.$r->filename); |
|
} |
|
return OK; |
|
} |
1; |
1; |
__END__ |
__END__ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|