--- loncom/auth/lontokacc.pm	2003/08/01 17:25:40	1.9
+++ loncom/auth/lontokacc.pm	2005/02/06 07:23:40	1.12
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Access Handler for User File Transfers
 #
-# $Id: lontokacc.pm,v 1.9 2003/08/01 17:25:40 www Exp $
+# $Id: lontokacc.pm,v 1.12 2005/02/06 07:23:40 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -36,13 +36,12 @@ use Apache::File();
 
 sub handler {
     my $r = shift;
-    my $reqhost = $r->get_remote_host(REMOTE_DOUBLE_REV);
-    if (!$reqhost && $r->get_remote_host(REMOTE_NOLOOKUP) eq $r->get_server_name()) { 
-        $reqhost = $r->get_server_name(); 
-    }
-    unless ($reqhost) {
-        $r->log_reason("Spoof request from ". $reqhost);
-        return FORBIDDEN;
+    my $reqhost = $r->get_remote_host(REMOTE_NOLOOKUP);
+    my $netaddr=inet_aton($reqhost);
+    ($reqhost) = gethostbyaddr($netaddr,AF_INET);
+    if (!$reqhost) {
+	$r->log_reason("Unable to do hostname $reqhost lookup for ".$r->get_remote_host(REMOTE_NOLOOKUP));
+	return FORBIDDEN;
     }
     if ($reqhost eq 'localhost.localdomain') {
        return OK;
@@ -56,10 +55,11 @@ sub handler {
           return FORBIDDEN;
        }
        while ($readline=<$fh>) {
-          my ($id,$domain,$role,$name,$ip)=split(/:/,$readline);
-          if ($name =~ /$reqhost/i) {
-             return OK; 
-          }
+	   $readline=~s/\s*$//;
+	   my ($id,$domain,$role,$name)=split(/:/,$readline);
+	   if ($name =~ /\Q$reqhost\E/i) {
+	       return OK; 
+	   }
        }
 
     }
@@ -72,7 +72,7 @@ sub removefile {
     my $r=shift;
     if ($r->status==200) {
         unlink($r->filename);
-	&Apache::lonnet::logthis('Unlinking '.$r->filename);
+	#&Apache::lonnet::logthis('Unlinking '.$r->filename);
     } else {
         &Apache::lonnet::logthis('Failed to transfer '.$r->filename);
     }