) {
- if ($configline !~ /^\s*\#/ && $configline !~ /^\s*$/ ) {
- my ($id,$domain,$role,$name)=split(/:/,$configline);
- $name=~s/\s//g;
- my $ip;
- if (!exists($name_to_ip{$name})) {
- $ip = gethostbyname($name);
- if (!$ip || length($ip) ne 4) {
- &logthis("Skipping host $id name $name no IP found\n");
- next;
- }
- $ip=inet_ntoa($ip);
- $name_to_ip{$name} = $ip;
- } else {
- $ip = $name_to_ip{$name};
- }
- $hostid{$ip}=$id; # LonCAPA name of host by IP.
- $hostdom{$id}=$domain; # LonCAPA domain name of host.
- $hostname{$id}=$name; # LonCAPA name -> DNS name
- $hostip{$id}=$ip; # IP address of host.
- $hostdns{$name} = $id; # LonCAPA name of host by DNS.
-
- if ($id eq $perlvar{'lonHostID'}) {
- Debug("Found me in the host table: $name");
- $thisserver=$name;
- }
- }
- }
- close(CONFIG);
-}
-#
# Reload the Apache daemon's state.
# This is done by invoking /home/httpd/perl/apachereload
# a setuid perl script that can be root for us to do this job.
@@ -5096,13 +5601,12 @@ sub UpdateHosts {
# either dropped or changed hosts. Note that the re-read of the table
# will take care of new and changed hosts as connections come into being.
+ &Apache::lonnet::reset_hosts_info();
- KillHostHashes;
- ReadHostTable;
-
- foreach my $child (keys %children) {
+ foreach my $child (keys(%children)) {
my $childip = $children{$child};
- if(!$hostid{$childip}) {
+ if ($childip ne '127.0.0.1'
+ && !defined(&Apache::lonnet::get_hosts_from_ip($childip))) {
logthis(' UpdateHosts killing child '
." $child for ip $childip ");
kill('INT', $child);
@@ -5187,9 +5691,14 @@ sub Debug {
#
sub Reply {
my ($fd, $reply, $request) = @_;
- print $fd $reply;
- Debug("Request was $request Reply was $reply");
-
+ if (ref($reply)) {
+ print $fd $$reply;
+ print $fd "\n";
+ if ($DEBUG) { Debug("Request was $request Reply was $$reply"); }
+ } else {
+ print $fd $reply;
+ if ($DEBUG) { Debug("Request was $request Reply was $reply"); }
+ }
$Transactions++;
}
@@ -5262,63 +5771,6 @@ sub status {
$0='lond: '.$what.' '.$local;
}
-# ----------------------------------------------------------- Send USR1 to lonc
-
-sub reconlonc {
- my $peerfile=shift;
- &logthis("Trying to reconnect for $peerfile");
- my $loncfile="$perlvar{'lonDaemons'}/logs/lonc.pid";
- if (my $fh=IO::File->new("$loncfile")) {
- my $loncpid=<$fh>;
- chomp($loncpid);
- if (kill 0 => $loncpid) {
- &logthis("lonc at pid $loncpid responding, sending USR1");
- kill USR1 => $loncpid;
- } else {
- &logthis(
- "CRITICAL: "
- ."lonc at pid $loncpid not responding, giving up");
- }
- } else {
- &logthis('CRITICAL: lonc not running, giving up');
- }
-}
-
-# -------------------------------------------------- Non-critical communication
-
-sub subreply {
- my ($cmd,$server)=@_;
- my $peerfile="$perlvar{'lonSockDir'}/".$hostname{$server};
- my $sclient=IO::Socket::UNIX->new(Peer =>"$peerfile",
- Type => SOCK_STREAM,
- Timeout => 10)
- or return "con_lost";
- print $sclient "sethost:$server:$cmd\n";
- my $answer=<$sclient>;
- chomp($answer);
- if (!$answer) { $answer="con_lost"; }
- return $answer;
-}
-
-sub reply {
- my ($cmd,$server)=@_;
- my $answer;
- if ($server ne $currenthostid) {
- $answer=subreply($cmd,$server);
- if ($answer eq 'con_lost') {
- $answer=subreply("ping",$server);
- if ($answer ne $server) {
- &logthis("sub reply: answer != server answer is $answer, server is $server");
- &reconlonc("$perlvar{'lonSockDir'}/".$hostname{$server});
- }
- $answer=subreply($cmd,$server);
- }
- } else {
- $answer='self_reply';
- }
- return $answer;
-}
-
# -------------------------------------------------------------- Talk to lonsql
sub sql_reply {
@@ -5387,8 +5839,7 @@ $SIG{USR1} = \&checkchildren;
$SIG{USR2} = \&UpdateHosts;
# Read the host hashes:
-
-ReadHostTable;
+&Apache::lonnet::load_hosts_tab();
my $dist=`$perlvar{'lonDaemons'}/distprobe`;
@@ -5467,8 +5918,8 @@ sub make_new_child {
# my $tmpsnum=0; # Now global
#---------------------------------------------------- kerberos 5 initialization
&Authen::Krb5::init_context();
- unless (($dist eq 'fedora5') || ($dist eq 'fedora4')
- || ($dist eq 'suse9.3')) {
+ unless (($dist eq 'fedora5') || ($dist eq 'fedora4') ||
+ ($dist eq 'fedora6') || ($dist eq 'suse9.3')) {
&Authen::Krb5::init_ets();
}
@@ -5478,19 +5929,17 @@ sub make_new_child {
# -----------------------------------------------------------------------------
# see if we know client and 'check' for spoof IP by ineffective challenge
- ReadManagerTable; # May also be a manager!!
-
my $outsideip=$clientip;
if ($clientip eq '127.0.0.1') {
- $outsideip=$hostip{$perlvar{'lonHostID'}};
+ $outsideip=&Apache::lonnet::get_host_ip($perlvar{'lonHostID'});
}
- my $clientrec=($hostid{$outsideip} ne undef);
+ my $clientrec=defined(&Apache::lonnet::get_hosts_from_ip($outsideip));
my $ismanager=($managers{$outsideip} ne undef);
$clientname = "[unknonwn]";
if($clientrec) { # Establish client type.
$ConnectionType = "client";
- $clientname = $hostid{$outsideip};
+ $clientname = (&Apache::lonnet::get_hosts_from_ip($outsideip))[-1];
if($ismanager) {
$ConnectionType = "both";
}
@@ -5597,14 +6046,9 @@ sub make_new_child {
if ($clientok) {
# ---------------- New known client connecting, could mean machine online again
-
- foreach my $id (keys(%hostip)) {
- if ($hostip{$id} ne $clientip ||
- $hostip{$currenthostid} eq $clientip) {
- # no need to try to do recon's to myself
- next;
- }
- &reconlonc("$perlvar{'lonSockDir'}/".$hostname{$id});
+ if (&Apache::lonnet::get_host_ip($currenthostid) ne $clientip
+ && $clientip ne '127.0.0.1') {
+ &Apache::lonnet::reconlonc($clientname);
}
&logthis("Established connection: $clientname");
&status('Will listen to '.$clientname);
@@ -5807,8 +6251,7 @@ sub get_auth_type
# 0 - The domain,user,password triplet is not a valid user.
#
sub validate_user {
- my ($domain, $user, $password) = @_;
-
+ my ($domain, $user, $password, $checkdefauth) = @_;
# Why negative ~pi you may well ask? Well this function is about
# authentication, and therefore very important to get right.
@@ -5831,8 +6274,21 @@ sub validate_user {
my $null = pack("C",0); # Used by kerberos auth types.
+ if ($howpwd eq 'nouser') {
+ if ($checkdefauth) {
+ my %domdefaults = &Apache::lonnet::get_domain_defaults($domain);
+ if ($domdefaults{'auth_def'} eq 'localauth') {
+ $howpwd = $domdefaults{'auth_def'};
+ $contentpwd = $domdefaults{'auth_arg_def'};
+ } elsif ((($domdefaults{'auth_def'} eq 'krb4') ||
+ ($domdefaults{'auth_def'} eq 'krb5')) &&
+ ($domdefaults{'auth_arg_def'} ne '')) {
+ $howpwd = $domdefaults{'auth_def'};
+ $contentpwd = $domdefaults{'auth_arg_def'};
+ }
+ }
+ }
if ($howpwd ne 'nouser') {
-
if($howpwd eq "internal") { # Encrypted is in local password file.
$validated = (crypt($password, $contentpwd) eq $contentpwd);
}
@@ -5881,12 +6337,24 @@ sub validate_user {
my $krbservice = "krbtgt/".$contentpwd."\@".$contentpwd;
my $krbserver = &Authen::Krb5::parse_name($krbservice);
my $credentials= &Authen::Krb5::cc_default();
- $credentials->initialize($krbclient);
- my $krbreturn = &Authen::Krb5::get_in_tkt_with_password($krbclient,
- $krbserver,
- $password,
- $credentials);
- $validated = ($krbreturn == 1);
+ $credentials->initialize(&Authen::Krb5::parse_name($user.'@'
+ .$contentpwd));
+ my $krbreturn;
+ if (exists(&Authen::Krb5::get_init_creds_password)) {
+ $krbreturn =
+ &Authen::Krb5::get_init_creds_password($krbclient,$password,
+ $krbservice);
+ $validated = (ref($krbreturn) eq 'Authen::Krb5::Creds');
+ } else {
+ $krbreturn =
+ &Authen::Krb5::get_in_tkt_with_password($krbclient,$krbserver,
+ $password,$credentials);
+ $validated = ($krbreturn == 1);
+ }
+ if (!$validated) {
+ &logthis('krb5: '.$user.', '.$contentpwd.', '.
+ &Authen::Krb5::error());
+ }
} else {
$validated = 0;
}
@@ -5896,6 +6364,10 @@ sub validate_user {
$password,
$contentpwd,
$domain);
+ if ($validated < 0) {
+ &logthis("localauth for $contentpwd $user:$domain returned a $validated");
+ $validated = 0;
+ }
} else { # Unrecognized auth is also bad.
$validated = 0;
}
@@ -6128,7 +6600,7 @@ sub subscribe {
# the metadata
unless ($fname=~/\.meta$/) { &unsub("$fname.meta",$clientip); }
$fname=~s/\/home\/httpd\/html\/res/raw/;
- $fname="http://$thisserver/".$fname;
+ $fname="http://".&Apache::lonnet::hostname($perlvar{'lonHostID'})."/".$fname;
$result="$fname\n";
}
} else {
@@ -6171,7 +6643,7 @@ sub change_unix_password {
sub make_passwd_file {
my ($uname, $umode,$npass,$passfilename)=@_;
- my $result="ok\n";
+ my $result="ok";
if ($umode eq 'krb4' or $umode eq 'krb5') {
{
my $pf = IO::File->new(">$passfilename");
@@ -6239,7 +6711,7 @@ sub make_passwd_file {
if($useraddok > 0) {
my $error_text = &lcuseraddstrerror($useraddok);
&logthis("Failed lcuseradd: $error_text");
- $result = "lcuseradd_failed:$error_text\n";
+ $result = "lcuseradd_failed:$error_text";
} else {
my $pf = IO::File->new(">$passfilename");
if($pf) {
@@ -6263,7 +6735,7 @@ sub make_passwd_file {
}
}
} else {
- $result="auth_mode_error\n";
+ $result="auth_mode_error";
}
return $result;
}
@@ -6282,9 +6754,10 @@ sub sethost {
}
if (!defined($hostid)) { $hostid=$perlvar{'lonHostID'}; }
- if ($hostip{$perlvar{'lonHostID'}} eq $hostip{$hostid}) {
+ if (&Apache::lonnet::get_host_ip($perlvar{'lonHostID'})
+ eq &Apache::lonnet::get_host_ip($hostid)) {
$currenthostid =$hostid;
- $currentdomainid=$hostdom{$hostid};
+ $currentdomainid=&Apache::lonnet::host_domain($hostid);
&logthis("Setting hostid to $hostid, and domain to $currentdomainid");
} else {
&logthis("Requested host id $hostid not an alias of ".
@@ -6300,96 +6773,6 @@ sub version {
return "version:$VERSION";
}
-#There is a copy of this in lonnet.pm
-sub userload {
- my $numusers=0;
- {
- opendir(LONIDS,$perlvar{'lonIDsDir'});
- my $filename;
- my $curtime=time;
- while ($filename=readdir(LONIDS)) {
- if ($filename eq '.' || $filename eq '..') {next;}
- my ($mtime)=(stat($perlvar{'lonIDsDir'}.'/'.$filename))[9];
- if ($curtime-$mtime < 1800) { $numusers++; }
- }
- closedir(LONIDS);
- }
- my $userloadpercent=0;
- my $maxuserload=$perlvar{'lonUserLoadLim'};
- if ($maxuserload) {
- $userloadpercent=100*$numusers/$maxuserload;
- }
- $userloadpercent=sprintf("%.2f",$userloadpercent);
- return $userloadpercent;
-}
-
-# Routines for serializing arrays and hashes (copies from lonnet)
-
-sub array2str {
- my (@array) = @_;
- my $result=&arrayref2str(\@array);
- $result=~s/^__ARRAY_REF__//;
- $result=~s/__END_ARRAY_REF__$//;
- return $result;
-}
-
-sub arrayref2str {
- my ($arrayref) = @_;
- my $result='__ARRAY_REF__';
- foreach my $elem (@$arrayref) {
- if(ref($elem) eq 'ARRAY') {
- $result.=&arrayref2str($elem).'&';
- } elsif(ref($elem) eq 'HASH') {
- $result.=&hashref2str($elem).'&';
- } elsif(ref($elem)) {
- #print("Got a ref of ".(ref($elem))." skipping.");
- } else {
- $result.=&escape($elem).'&';
- }
- }
- $result=~s/\&$//;
- $result .= '__END_ARRAY_REF__';
- return $result;
-}
-
-sub hash2str {
- my (%hash) = @_;
- my $result=&hashref2str(\%hash);
- $result=~s/^__HASH_REF__//;
- $result=~s/__END_HASH_REF__$//;
- return $result;
-}
-
-sub hashref2str {
- my ($hashref)=@_;
- my $result='__HASH_REF__';
- foreach (sort(keys(%$hashref))) {
- if (ref($_) eq 'ARRAY') {
- $result.=&arrayref2str($_).'=';
- } elsif (ref($_) eq 'HASH') {
- $result.=&hashref2str($_).'=';
- } elsif (ref($_)) {
- $result.='=';
- #print("Got a ref of ".(ref($_))." skipping.");
- } else {
- if ($_) {$result.=&escape($_).'=';} else { last; }
- }
-
- if(ref($hashref->{$_}) eq 'ARRAY') {
- $result.=&arrayref2str($hashref->{$_}).'&';
- } elsif(ref($hashref->{$_}) eq 'HASH') {
- $result.=&hashref2str($hashref->{$_}).'&';
- } elsif(ref($hashref->{$_})) {
- $result.='&';
- #print("Got a ref of ".(ref($hashref->{$_}))." skipping.");
- } else {
- $result.=&escape($hashref->{$_}).'&';
- }
- }
- $result=~s/\&$//;
- $result .= '__END_HASH_REF__';
- return $result;
-}
# ----------------------------------- POD (plain old documentation, CPAN style)
500 Internal Server Error
Internal Server Error
The server encountered an internal error or
misconfiguration and was unable to complete
your request.
Please contact the server administrator at
root@localhost to inform them of the time this error occurred,
and the actions you performed just before this error.
More information about this error may be available
in the server error log.