Return to lond CVS log

Up to [LON-CAPA] / loncom

Diff for /loncom/lond between versions 1.534 and 1.548

version 1.534, 2017/03/20 03:19:37	version 1.548, 2018/08/18 22:07:48
Line 108 my %perlvar; # Will have the apache co	Line 108 my %perlvar; # Will have the apache co
my %secureconf; # Will have requirements for security	my %secureconf; # Will have requirements for security
# of lond connections	# of lond connections

	my %crlchecked; # Will contain clients for which the client's SSL
	# has been checked against the cluster's Certificate
	# Revocation List.

my $dist;	my $dist;

#	#
Line 229 my %trust = (	Line 233 my %trust = (
dump => {remote => 1, enroll => 1, domroles => 1},	dump => {remote => 1, enroll => 1, domroles => 1},
edit => {institutiononly => 1}, #not used currently	edit => {institutiononly => 1}, #not used currently
eget => {remote => 1, domroles => 1, enroll => 1}, #not used currently	eget => {remote => 1, domroles => 1, enroll => 1}, #not used currently
	egetdom => {remote => 1, domroles => 1, enroll => 1, },
ekey => {}, #not used currently	ekey => {}, #not used currently
exit => {anywhere => 1},	exit => {anywhere => 1},
fetchuserfile => {remote => 1, enroll => 1},	fetchuserfile => {remote => 1, enroll => 1},
Line 265 my %trust = (	Line 270 my %trust = (
putstore => {remote => 1, enroll => 1},	putstore => {remote => 1, enroll => 1},
queryreply => {anywhere => 1},	queryreply => {anywhere => 1},
querysend => {anywhere => 1},	querysend => {anywhere => 1},
	querysend_activitylog => {remote => 1},
	querysend_allusers => {remote => 1, domroles => 1},
	querysend_courselog => {remote => 1},
	querysend_fetchenrollment => {remote => 1},
	querysend_getinstuser => {remote => 1},
	querysend_getmultinstusers => {remote => 1},
	querysend_instdirsearch => {remote => 1, domroles => 1, coaurem => 1},
	querysend_institutionalphotos => {remote => 1},
	querysend_portfolio_metadata => {remote => 1, content => 1},
	querysend_userlog => {remote => 1, domroles => 1},
	querysend_usersearch => {remote => 1, enroll => 1, coaurem => 1},
quit => {anywhere => 1},	quit => {anywhere => 1},
readlonnetglobal => {institutiononly => 1},	readlonnetglobal => {institutiononly => 1},
reinit => {manageronly => 1}, #not used currently	reinit => {manageronly => 1}, #not used currently
Line 408 sub SSLConnection {	Line 424 sub SSLConnection {
Debug("Approving promotion -> ssl");	Debug("Approving promotion -> ssl");
# And do so:	# And do so:

	my $CRLFile;
	unless ($crlchecked{$clientname}) {
	$CRLFile = lonssl::CRLFile();
	$crlchecked{$clientname} = 1;
	}

my $SSLSocket = lonssl::PromoteServerSocket($Socket,	my $SSLSocket = lonssl::PromoteServerSocket($Socket,
$CACertificate,	$CACertificate,
$Certificate,	$Certificate,
$KeyFile);	$KeyFile,
	$clientname,
	$CRLFile,
	$clientversion);
if(! ($SSLSocket) ) { # SSL socket promotion failed.	if(! ($SSLSocket) ) { # SSL socket promotion failed.
my $err = lonssl::LastError();	my $err = lonssl::LastError();
&logthis("<font color=\"red\"> CRITICAL "	&logthis("<font color=\"red\"> CRITICAL "
Line 1594 sub du2_handler {	Line 1619 sub du2_handler {
#	#
# 1. for a directory, and the path does not begin with one of:	# 1. for a directory, and the path does not begin with one of:
# (a) /home/httpd/html/res/<domain>	# (a) /home/httpd/html/res/<domain>
# (b) /home/httpd/html/res/userfiles/	# (b) /home/httpd/html/userfiles/
# (c) /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/userfiles	# (c) /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/userfiles
# or is:	# or is:
#	#
# 2. for a file, and the path (after prepending) does not begin with:	# 2. for a file, and the path (after prepending) does not begin with one of:
# /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/	# (a) /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/
	# (b) /home/httpd/html/res/<domain>/<username>/
	# (c) /home/httpd/html/userfiles/<domain>/<username>/
#	#
# the response will be "refused".	# the response will be "refused".
#	#
Line 1630 sub ls_handler {	Line 1657 sub ls_handler {
}	}
if (-e $ulsdir) {	if (-e $ulsdir) {
if(-d $ulsdir) {	if(-d $ulsdir) {
unless (($ulsdir =~ m{/home/httpd/html/(res/$LONCAPA::match_domain\|userfiles/)}) \|\|	unless (($ulsdir =~ m{^/home/httpd/html/(res/$LONCAPA::match_domain\|userfiles/)}) \|\|
($ulsdir =~ m{/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_username/userfiles/})) {	($ulsdir =~ m{^/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_name/userfiles})) {
&Failure($client,"refused\n",$userinput);	&Failure($client,"refused\n",$userinput);
return 1;	return 1;
}	}
Line 1658 sub ls_handler {	Line 1685 sub ls_handler {
closedir(LSDIR);	closedir(LSDIR);
}	}
} else {	} else {
unless ($ulsdir =~ m{/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_username/}) {	unless (($ulsdir =~ m{^/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_name/}) \|\|
	($ulsdir =~ m{^/home/httpd/html/(?:res\|userfiles)/$LONCAPA::match_domain/$LONCAPA::match_name/})) {
&Failure($client,"refused\n",$userinput);	&Failure($client,"refused\n",$userinput);
return 1;	return 1;
}	}
Line 1691 sub ls_handler {	Line 1719 sub ls_handler {
#	#
# 1. for a directory, and the path does not begin with one of:	# 1. for a directory, and the path does not begin with one of:
# (a) /home/httpd/html/res/<domain>	# (a) /home/httpd/html/res/<domain>
# (b) /home/httpd/html/res/userfiles/	# (b) /home/httpd/html/userfiles/
# (c) /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/userfiles	# (c) /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/userfiles
# or is:	# or is:
#	#
# 2. for a file, and the path (after prepending) does not begin with:	# 2. for a file, and the path (after prepending) does not begin with one of:
# /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/	# (a) /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/
	# (b) /home/httpd/html/res/<domain>/<username>/
	# (c) /home/httpd/html/userfiles/<domain>/<username>/
#	#
# the response will be "refused".	# the response will be "refused".
#	#
Line 1726 sub ls2_handler {	Line 1756 sub ls2_handler {
}	}
if (-e $ulsdir) {	if (-e $ulsdir) {
if(-d $ulsdir) {	if(-d $ulsdir) {
unless (($ulsdir =~ m{/home/httpd/html/(res/$LONCAPA::match_domain\|userfiles/)}) \|\|	unless (($ulsdir =~ m{^/home/httpd/html/(res/$LONCAPA::match_domain\|userfiles/)}) \|\|
($ulsdir =~ m{/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_username/userfiles/})) {	($ulsdir =~ m{^/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_name/userfiles})) {
&Failure($client,"refused\n","$userinput");	&Failure($client,"refused\n","$userinput");
return 1;	return 1;
}	}
Line 1755 sub ls2_handler {	Line 1785 sub ls2_handler {
closedir(LSDIR);	closedir(LSDIR);
}	}
} else {	} else {
unless ($ulsdir =~ m{/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_username/}) {	unless (($ulsdir =~ m{^/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_name/}) \|\|
	($ulsdir =~ m{^/home/httpd/html/(?:res\|userfiles)/$LONCAPA::match_domain/$LONCAPA::match_name/})) {
&Failure($client,"refused\n",$userinput);	&Failure($client,"refused\n",$userinput);
return 1;	return 1;
}	}
Line 1780 sub ls2_handler {	Line 1811 sub ls2_handler {
#	#
# 1. for a directory, and the path does not begin with one of:	# 1. for a directory, and the path does not begin with one of:
# (a) /home/httpd/html/res/<domain>	# (a) /home/httpd/html/res/<domain>
# (b) /home/httpd/html/res/userfiles/	# (b) /home/httpd/html/userfiles/
# (c) /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/userfiles	# (c) /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/userfiles
# (d) /home/httpd/html/priv/<domain>/ and client is the homeserver	# (d) /home/httpd/html/priv/<domain> and client is the homeserver
#	#
# or is:	# or is:
#	#
# 2. for a file, and the path (after prepending) does not begin with:	# 2. for a file, and the path (after prepending) does not begin with one of:
# /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/	# (a) /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/
	# (b) /home/httpd/html/res/<domain>/<username>/
	# (c) /home/httpd/html/userfiles/<domain>/<username>/
	# (d) /home/httpd/html/priv/<domain>/<username>/ and client is the homeserver
#	#
# the response will be "refused".	# the response will be "refused".
#	#
Line 1861 sub ls3_handler {	Line 1895 sub ls3_handler {
my $rights;	my $rights;
my $ulsout='';	my $ulsout='';
my $ulsfn;	my $ulsfn;

	my ($crscheck,$toplevel,$currdom,$currnum,$skip);
	unless ($islocal) {
	my ($major,$minor) = split(/\./,$clientversion);
	if (($major < 2) \|\| ($major == 2 && $minor < 12)) {
	$crscheck = 1;
	}
	}
if (-e $ulsdir) {	if (-e $ulsdir) {
if(-d $ulsdir) {	if(-d $ulsdir) {
unless (($getpropath) \|\| ($getuserdir) \|\|	unless (($getpropath) \|\| ($getuserdir) \|\|
($ulsdir =~ m{/home/httpd/html/(res/$LONCAPA::match_domain\|userfiles/)}) \|\|	($ulsdir =~ m{^/home/httpd/html/(res/$LONCAPA::match_domain\|userfiles/)}) \|\|
($ulsdir =~ m{/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_username/userfiles/}) \|\|	($ulsdir =~ m{^/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_name/userfiles}) \|\|
(($ulsdir =~ m{/home/httpd/html/priv/$LONCAPA::match_domain/}) && ($islocal))) {	(($ulsdir =~ m{^/home/httpd/html/priv/$LONCAPA::match_domain}) && ($islocal))) {
&Failure($client,"refused\n",$userinput);	&Failure($client,"refused\n",$userinput);
return 1;	return 1;
}	}
if (opendir(LSDIR,$ulsdir)) {	if (($crscheck) &&
	($ulsdir =~ m{^/home/httpd/html/res/($LONCAPA::match_domain)(/?$\|/$LONCAPA::match_courseid)})) {
	($currdom,my $posscnum) = ($1,$2);
	if (($posscnum eq '') \|\| ($posscnum eq '/')) {
	$toplevel = 1;
	} else {
	$posscnum =~ s{^/+}{};
	if (&LONCAPA::Lond::is_course($currdom,$posscnum)) {
	$skip = 1;
	}
	}
	}
	if ((!$skip) && (opendir(LSDIR,$ulsdir))) {
while ($ulsfn=readdir(LSDIR)) {	while ($ulsfn=readdir(LSDIR)) {
	if (($crscheck) && ($toplevel) && ($currdom ne '') &&
	($ulsfn =~ /^$LONCAPA::match_courseid$/) && (-d "$ulsdir/$ulsfn")) {
	if (&LONCAPA::Lond::is_course($currdom,$ulsfn)) {
	next;
	}
	}
undef($obs);	undef($obs);
undef($rights);	undef($rights);
my @ulsstats=stat($ulsdir.'/'.$ulsfn);	my @ulsstats=stat($ulsdir.'/'.$ulsfn);
Line 1895 sub ls3_handler {	Line 1955 sub ls3_handler {
}	}
} else {	} else {
unless (($getpropath) \|\| ($getuserdir) \|\|	unless (($getpropath) \|\| ($getuserdir) \|\|
($ulsdir =~ m{/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_username/})) {	($ulsdir =~ m{^/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_name/}) \|\|
	($ulsdir =~ m{^/home/httpd/html/(?:res\|userfiles)/$LONCAPA::match_domain/$LONCAPA::match_name/}) \|\|
	(($ulsdir =~ m{^/home/httpd/html/priv/$LONCAPA::match_domain/$LONCAPA::match_name/}) && ($islocal))) {
&Failure($client,"refused\n",$userinput);	&Failure($client,"refused\n",$userinput);
return 1;	return 1;
}	}
Line 2047 sub server_distarch_handler {	Line 2109 sub server_distarch_handler {
sub server_certs_handler {	sub server_certs_handler {
my ($cmd,$tail,$client) = @_;	my ($cmd,$tail,$client) = @_;
my $userinput = "$cmd:$tail";	my $userinput = "$cmd:$tail";
my $result;	my $hostname = &Apache::lonnet::hostname($perlvar{'lonHostID'});
my $result = &LONCAPA::Lond::server_certs(\%perlvar);	my $result = &LONCAPA::Lond::server_certs(\%perlvar,$perlvar{'lonHostID'},$hostname);
&Reply($client,\$result,$userinput);	&Reply($client,\$result,$userinput);
return;	return;
}	}
Line 2579 sub update_resource_handler {	Line 2641 sub update_resource_handler {
my $transname="$fname.in.transfer";	my $transname="$fname.in.transfer";
my $remoteurl=&Apache::lonnet::reply("sub:$fname","$clientname");	my $remoteurl=&Apache::lonnet::reply("sub:$fname","$clientname");
my $response;	my $response;
# FIXME: cannot replicate files that take more than two minutes to transfer?	# FIXME: cannot replicate files that take more than two minutes to transfer -- needs checking now 1200s timeout used
# alarm(120);	# for LWP request.
# FIXME: this should use the LWP mechanism, not internal alarms.	my $request=new HTTP::Request('GET',"$remoteurl");
alarm(1200);	$response=&LONCAPA::LWPReq::makerequest($clientname,$request,$transname,\%perlvar,1200,0,1);
{
my $request=new HTTP::Request('GET',"$remoteurl");
$response=&LONCAPA::LWPReq::makerequest($clientname,$request,$transname,\%perlvar,1200,0,1);
}
alarm(0);
if ($response->is_error()) {	if ($response->is_error()) {
# FIXME: we should probably clean up here instead of just whine	my $reply=&Apache::lonnet::reply("unsub:$fname","$clientname");
unlink($transname);	&devalidate_meta_cache($fname);
	if (-e $transname) {
	unlink($transname);
	}
	unlink($fname);
my $message=$response->status_line;	my $message=$response->status_line;
&logthis("LWP GET: $message for $fname ($remoteurl)");	&logthis("LWP GET: $message for $fname ($remoteurl)");
} else {	} else {
if ($remoteurl!~/\.meta$/) {	if ($remoteurl!~/\.meta$/) {
# FIXME: isn't there an internal LWP mechanism for this?	my $mrequest=new HTTP::Request('GET',$remoteurl.'.meta');
alarm(120);	my $mresponse = &LONCAPA::LWPReq::makerequest($clientname,$mrequest,$fname.'.meta',\%perlvar,120,0,1);
{	if ($mresponse->is_error()) {
my $mrequest=new HTTP::Request('GET',$remoteurl.'.meta');	unlink($fname.'.meta');
my $mresponse = &LONCAPA::LWPReq::makerequest($clientname,$mrequest,$fname.'.meta',\%perlvar,120,0,1);
if ($mresponse->is_error()) {
unlink($fname.'.meta');
}
}	}
alarm(0);
}	}
# we successfully transfered, copy file over to real name	# we successfully transfered, copy file over to real name
rename($transname,$fname);	rename($transname,$fname);
Line 2674 sub fetch_user_file_handler {	Line 2730 sub fetch_user_file_handler {
my $remoteurl=$clientprotocol.'://'.$clienthost.'/userfiles/'.$fname;	my $remoteurl=$clientprotocol.'://'.$clienthost.'/userfiles/'.$fname;
my $response;	my $response;
Debug("Remote URL : $remoteurl Transfername $transname Destname: $destname");	Debug("Remote URL : $remoteurl Transfername $transname Destname: $destname");
alarm(1200);	my $request=new HTTP::Request('GET',"$remoteurl");
{	my $verifycert = 1;
my $request=new HTTP::Request('GET',"$remoteurl");	my @machine_ids = &Apache::lonnet::current_machine_ids();
my $verifycert = 1;	if (grep(/^\Q$clientname\E$/,@machine_ids)) {
my @machine_ids = &Apache::lonnet::current_machine_ids();	$verifycert = 0;
if (grep(/^\Q$clientname\E$/,@machine_ids)) {	}
$verifycert = 0;	$response = &LONCAPA::LWPReq::makerequest($clientname,$request,$transname,\%perlvar,1200,$verifycert);
}
$response = &LONCAPA::LWPReq::makerequest($clientname,$request,$transname,\%perlvar,1200,$verifycert);
}
alarm(0);
if ($response->is_error()) {	if ($response->is_error()) {
unlink($transname);	unlink($transname);
my $message=$response->status_line;	my $message=$response->status_line;
Line 3382 sub get_profile_entry {	Line 3434 sub get_profile_entry {
#	#
# Parameters:	# Parameters:
# $cmd - Command keyword of request (eget).	# $cmd - Command keyword of request (eget).
# $tail - Tail of the command. See GetProfileEntry # for more information about this.	# $tail - Tail of the command. See GetProfileEntry
	# for more information about this.
# $client - File open on the client.	# $client - File open on the client.
# Returns:	# Returns:
# 1 - Continue processing	# 1 - Continue processing
Line 3954 sub retrieve_chat_handler {	Line 4007 sub retrieve_chat_handler {
# serviced.	# serviced.
#	#
# Parameters:	# Parameters:
# $cmd - COmmand keyword that initiated the request.	# $cmd - Command keyword that initiated the request.
# $tail - Remainder of the command after the keyword.	# $tail - Remainder of the command after the keyword.
# For this function, this consists of a query and	# For this function, this consists of a query and
# 3 arguments that are self-documentingly labelled	# 3 arguments that are self-documentingly labelled
Line 3968 sub retrieve_chat_handler {	Line 4021 sub retrieve_chat_handler {
sub send_query_handler {	sub send_query_handler {
my ($cmd, $tail, $client) = @_;	my ($cmd, $tail, $client) = @_;


my $userinput = "$cmd:$tail";	my $userinput = "$cmd:$tail";

my ($query,$arg1,$arg2,$arg3)=split(/\:/,$tail);	my ($query,$arg1,$arg2,$arg3)=split(/\:/,$tail);
Line 4866 sub get_domain_handler {	Line 4918 sub get_domain_handler {
my ($cmd, $tail, $client) = @_;	my ($cmd, $tail, $client) = @_;


my $userinput = "$client:$tail";	my $userinput = "$cmd:$tail";

	my ($udom,$namespace,$what)=split(/:/,$tail,3);
	chomp($what);
	if ($namespace =~ /^enc/) {
	&Failure( $client, "refused\n", $userinput);
	} else {
	my @queries=split(/\&/,$what);
	my $qresult='';
	my $hashref = &tie_domain_hash($udom, "$namespace", &GDBM_READER());
	if ($hashref) {
	for (my $i=0;$i<=$#queries;$i++) {
	$qresult.="$hashref->{$queries[$i]}&";
	}
	if (&untie_domain_hash($hashref)) {
	$qresult=~s/\&$//;
	&Reply($client, \$qresult, $userinput);
	} else {
	&Failure( $client, "error: ".($!+0)." untie(GDBM) Failed ".
	"while attempting getdom\n",$userinput);
	}
	} else {
	&Failure($client, "error: ".($!+0)." tie(GDBM) Failed ".
	"while attempting getdom\n",$userinput);
	}
	}

	return 1;
	}
	&register_handler("getdom", \&get_domain_handler, 0, 1, 0);

	sub encrypted_get_domain_handler {
	my ($cmd, $tail, $client) = @_;

	my $userinput = "$cmd:$tail";

my ($udom,$namespace,$what)=split(/:/,$tail,3);	my ($udom,$namespace,$what)=split(/:/,$tail,3);
chomp($what);	chomp($what);
Line 4879 sub get_domain_handler {	Line 4965 sub get_domain_handler {
}	}
if (&untie_domain_hash($hashref)) {	if (&untie_domain_hash($hashref)) {
$qresult=~s/\&$//;	$qresult=~s/\&$//;
&Reply($client, \$qresult, $userinput);	if ($cipher) {
	my $cmdlength=length($qresult);
	$qresult.=" ";
	my $encqresult='';
	for (my $encidx=0;$encidx<=$cmdlength;$encidx+=8) {
	$encqresult.= unpack("H16",
	$cipher->encrypt(substr($qresult,
	$encidx,
	8)));
	}
	&Reply( $client, "enc:$cmdlength:$encqresult\n", $userinput);
	} else {
	&Failure( $client, "error:no_key\n", $userinput);
	}
} else {	} else {
&Failure( $client, "error: ".($!+0)." untie(GDBM) Failed ".	&Failure( $client, "error: ".($!+0)." untie(GDBM) Failed ".
"while attempting getdom\n",$userinput);	"while attempting egetdom\n",$userinput);
}	}
} else {	} else {
&Failure($client, "error: ".($!+0)." tie(GDBM) Failed ".	&Failure($client, "error: ".($!+0)." tie(GDBM) Failed ".
"while attempting getdom\n",$userinput);	"while attempting egetdom\n",$userinput);
}	}

return 1;	return 1;
}	}
&register_handler("getdom", \&get_domain_handler, 0, 1, 0);	&register_handler("egetdom", \&encrypted_get_domain_handler, 1, 1, 0);

#	#
# Puts an id to a domains id database.	# Puts an id to a domains id database.
Line 5687 sub validate_course_section_handler {	Line 5785 sub validate_course_section_handler {
# Formal Parameters:	# Formal Parameters:
# $cmd - The command request that got us dispatched.	# $cmd - The command request that got us dispatched.
# $tail - The tail of the command. In this case this is a colon separated	# $tail - The tail of the command. In this case this is a colon separated
# set of words that will be split into:	# set of values that will be split into:
# $inst_class - Institutional code for the specific class section	# $inst_class - Institutional code for the specific class section
# $courseowner - The escaped username:domain of the course owner	# $ownerlist - An escaped comma-separated list of username:domain
	# of the course owner, and co-owner(s).
# $cdom - The domain of the course from the institution's	# $cdom - The domain of the course from the institution's
# point of view.	# point of view.
# $client - The socket open on the client.	# $client - The socket open on the client.
Line 5714 sub validate_class_access_handler {	Line 5813 sub validate_class_access_handler {
&register_handler("autovalidateclass_sec", \&validate_class_access_handler, 0, 1, 0);	&register_handler("autovalidateclass_sec", \&validate_class_access_handler, 0, 1, 0);

#	#
	# Validate course owner or co-owners(s) access to enrollment data for all sections
	# and crosslistings for a particular course.
	#
	#
	# Formal Parameters:
	# $cmd - The command request that got us dispatched.
	# $tail - The tail of the command. In this case this is a colon separated
	# set of values that will be split into:
	# $ownerlist - An escaped comma-separated list of username:domain
	# of the course owner, and co-owner(s).
	# $cdom - The domain of the course from the institution's
	# point of view.
	# $classes - Frozen hash of institutional course sections and
	# crosslistings.
	# $client - The socket open on the client.
	# Returns:
	# 1 - continue processing.
	#

	sub validate_classes_handler {
	my ($cmd, $tail, $client) = @_;
	my $userinput = "$cmd:$tail";
	my ($ownerlist,$cdom,$classes) = split(/:/, $tail);
	my $classesref = &Apache::lonnet::thaw_unescape($classes);
	my $owners = &unescape($ownerlist);
	my $result;
	eval {
	local($SIG{__DIE__})='DEFAULT';
	my %validations;
	my $response = &localenroll::check_instclasses($owners,$cdom,$classesref,
	\%validations);
	if ($response eq 'ok') {
	foreach my $key (keys(%validations)) {
	$result .= &escape($key).'='.&Apache::lonnet::freeze_escape($validations{$key}).'&';
	}
	$result =~ s/\&$//;
	} else {
	$result = 'error';
	}
	};
	if (!$@) {
	&Reply($client, \$result, $userinput);
	} else {
	&Failure($client,"unknown_cmd\n",$userinput);
	}
	return 1;
	}
	&register_handler("autovalidateinstclasses", \&validate_classes_handler, 0, 1, 0);

	#
# Create a password for a new LON-CAPA user added by auto-enrollment.	# Create a password for a new LON-CAPA user added by auto-enrollment.
# Only used for case where authentication method for new user is localauth	# Only used for case where authentication method for new user is localauth
#	#
Line 5791 sub auto_export_grades_handler {	Line 5940 sub auto_export_grades_handler {
return 1;	return 1;
}	}
&register_handler("autoexportgrades", \&auto_export_grades_handler,	&register_handler("autoexportgrades", \&auto_export_grades_handler,
0, 1, 0);	1, 1, 0);

# Retrieve and remove temporary files created by/during autoenrollment.	# Retrieve and remove temporary files created by/during autoenrollment.
#	#
Line 6542 sub process_request {	Line 6691 sub process_request {
$ok = 0;	$ok = 0;
}	}
if ($ok) {	if ($ok) {
	my $realcommand = $command;
	if ($command eq 'querysend') {
	my ($query,$rest)=split(/\:/,$tail,2);
	$query=~s/\n*$//g;
	my @possqueries =
	qw(userlog courselog fetchenrollment institutionalphotos usersearch instdirsearch getinstuser getmultinstusers);
	if (grep(/^\Q$query\E$/,@possqueries)) {
	$command .= '_'.$query;
	} elsif ($query eq 'prepare activity log') {
	$command .= '_activitylog';
	}
	}
if (ref($trust{$command}) eq 'HASH') {	if (ref($trust{$command}) eq 'HASH') {
my $donechecks;	my $donechecks;
if ($trust{$command}{'anywhere'}) {	if ($trust{$command}{'anywhere'}) {
Line 6583 sub process_request {	Line 6744 sub process_request {
}	}
}	}
}	}
	$command = $realcommand;
}	}

if($ok) {	if($ok) {
Line 6869 sub UpdateHosts {	Line 7031 sub UpdateHosts {

my %oldconf = %secureconf;	my %oldconf = %secureconf;
my %connchange;	my %connchange;
if (lonssl::Read_Connect_Config(\%secureconf,\%perlvar) eq 'ok') {	if (lonssl::Read_Connect_Config(\%secureconf,\%crlchecked,\%perlvar) eq 'ok') {
logthis('<font color="blue"> Reloaded SSL connection rules </font>');	logthis('<font color="blue"> Reloaded SSL connection rules and cleared CRL checking history </font>');
} else {	} else {
logthis('<font color="yellow"> Failed to reload SSL connection rules </font>');	logthis('<font color="yellow"> Failed to reload SSL connection rules and clear CRL checking history </font>');
}	}
if ((ref($oldconf{'connfrom'}) eq 'HASH') && (ref($secureconf{'connfrom'}) eq 'HASH')) {	if ((ref($oldconf{'connfrom'}) eq 'HASH') && (ref($secureconf{'connfrom'}) eq 'HASH')) {
foreach my $type ('dom','intdom','other') {	foreach my $type ('dom','intdom','other') {
Line 7151 if ($arch eq 'unknown') {	Line 7313 if ($arch eq 'unknown') {
chomp($arch);	chomp($arch);
}	}

unless (lonssl::Read_Connect_Config(\%secureconf,\%perlvar) eq 'ok') {	unless (lonssl::Read_Connect_Config(\%secureconf,\%crlchecked,\%perlvar) eq 'ok') {
&logthis('<font color="blue">No connectionrules table. Will fallback to loncapa.conf</font>');	&logthis('<font color="blue">No connectionrules table. Will fallback to loncapa.conf</font>');
}	}

Line 8246 sub make_passwd_file {	Line 8408 sub make_passwd_file {
$result = "pass_file_failed_error";	$result = "pass_file_failed_error";
}	}
}	}
	} elsif ($umode eq 'lti') {
	my $pf = IO::File->new(">$passfilename");
	if($pf) {
	print $pf "lti:\n";
	&update_passwd_history($uname,$udom,$umode,$action);
	} else {
	$result = "pass_file_failed_error";
	}
} else {	} else {
$result="auth_mode_error";	$result="auth_mode_error";
}	}
Line 8671 IO::File	Line 8841 IO::File
Apache::File	Apache::File
POSIX	POSIX
Crypt::IDEA	Crypt::IDEA
LWP::UserAgent()
GDBM_File	GDBM_File
Authen::Krb4	Authen::Krb4
Authen::Krb5	Authen::Krb5

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

500 Internal Server Error

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at root@localhost to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.

Removed from v.1.534
changed lines
	Added in v.1.548