--- loncom/lond	2004/02/17 20:07:25	1.175
+++ loncom/lond	2004/04/29 07:18:10	1.187
@@ -2,7 +2,7 @@
 # The LearningOnline Network
 # lond "LON Daemon" Server (port "LOND" 5663)
 #
-# $Id: lond,v 1.175 2004/02/17 20:07:25 albertel Exp $
+# $Id: lond,v 1.187 2004/04/29 07:18:10 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -53,7 +53,7 @@ my $DEBUG = 0;		       # Non zero to ena
 my $status='';
 my $lastlog='';
 
-my $VERSION='$Revision: 1.175 $'; #' stupid emacs
+my $VERSION='$Revision: 1.187 $'; #' stupid emacs
 my $remoteVERSION;
 my $currenthostid;
 my $currentdomainid;
@@ -812,7 +812,6 @@ $server = IO::Socket::INET->new(LocalPor
 # global variables
 
 my %children               = ();       # keys are current child process IDs
-my $children               = 0;        # current number of children
 
 sub REAPER {                        # takes care of dead children
     $SIG{CHLD} = \&REAPER;
@@ -822,12 +821,18 @@ sub REAPER {                        # ta
 	$pid = waitpid(-1,&WNOHANG());
 	if (defined($children{$pid})) {
 	    &logthis("Child $pid died");
-	    $children --;
-	    delete $children{$pid};
-	} else {
+	    delete($children{$pid});
+	} elsif ($pid > 0) {
 	    &logthis("Unknown Child $pid died");
 	}
     } while ( $pid > 0 );
+    foreach my $child (keys(%children)) {
+	$pid = waitpid($child,&WNOHANG());
+	if ($pid > 0) {
+	    &logthis("Child $child - $pid looks like we missed it's death");
+	    delete($children{$pid});
+	}
+    }
     &status("Finished Handling child death");
 }
 
@@ -882,12 +887,14 @@ sub ReadHostTable {
     open (CONFIG,"$perlvar{'lonTabDir'}/hosts.tab") || die "Can't read host file";
     
     while (my $configline=<CONFIG>) {
-	my ($id,$domain,$role,$name,$ip)=split(/:/,$configline);
-	chomp($ip); $ip=~s/\D+$//;
-	$hostid{$ip}=$id;
-	$hostdom{$id}=$domain;
-	$hostip{$id}=$ip;
-	if ($id eq $perlvar{'lonHostID'}) { $thisserver=$name; }
+	if (!($configline =~ /^\s*\#/)) {
+	    my ($id,$domain,$role,$name,$ip)=split(/:/,$configline);
+	    chomp($ip); $ip=~s/\D+$//;
+	    $hostid{$ip}=$id;
+	    $hostdom{$id}=$domain;
+	    $hostip{$id}=$ip;
+	    if ($id eq $perlvar{'lonHostID'}) { $thisserver=$name; }
+	}
     }
     close(CONFIG);
 }
@@ -1251,15 +1258,24 @@ sub make_new_child {
     #  the pid hash.
     #
     my $caller = getpeername($client);
-    my ($port,$iaddr)=unpack_sockaddr_in($caller);
-    $clientip=inet_ntoa($iaddr);
+    my ($port,$iaddr);
+    if (defined($caller) && length($caller) > 0) {
+	($port,$iaddr)=unpack_sockaddr_in($caller);
+    } else {
+	&logthis("Unable to determine who caller was, getpeername returned nothing");
+    }
+    if (defined($iaddr)) {
+	$clientip=inet_ntoa($iaddr);
+    } else {
+	&logthis("Unable to determine clinetip");
+	$clientip='Unavailable';
+    }
     
     if ($pid) {
         # Parent records the child's birth and returns.
         sigprocmask(SIG_UNBLOCK, $sigset)
             or die "Can't unblock SIGINT for fork: $!\n";
         $children{$pid} = $clientip;
-        $children++;
         &status('Started child '.$pid);
         return;
     } else {
@@ -1812,12 +1828,21 @@ sub make_new_child {
 		} elsif ($userinput =~ /^fetchuserfile/) { # Client clear or enc.
 		    if(isClient) {
 			my ($cmd,$fname)=split(/:/,$userinput);
-			my ($udom,$uname,$ufile)=split(/\//,$fname);
+			my ($udom,$uname,$ufile) = ($fname =~ m|^([^/]+)/([^/]+)/(.+)$|);
 			my $udir=propath($udom,$uname).'/userfiles';
 			unless (-e $udir) { mkdir($udir,0770); }
 			if (-e $udir) {
-			    $ufile=~s/^[\.\~]+//;
-			    $ufile=~s/\///g;
+                            $ufile=~s/^[\.\~]+//;
+                            my $path = $udir;
+                            if ($ufile =~m|(.+)/([^/]+)$|) {
+                                my @parts=split('/',$1);
+                                foreach my $part (@parts) {
+                                    $path .= '/'.$part;
+                                    if ((-e $path)!=1) {
+                                        mkdir($path,0770);
+                                    }
+                                }
+                            }
 			    my $destname=$udir.'/'.$ufile;
 			    my $transname=$udir.'/'.$ufile.'.in.transit';
 			    my $remoteurl='http://'.$clientip.'/userfiles/'.$fname;
@@ -1846,7 +1871,37 @@ sub make_new_child {
 			}
 		    } else {
 			Reply($client, "refused\n", $userinput);
-
+		    }
+# --------------------------------------------------------- remove a user file 
+		} elsif ($userinput =~ /^removeuserfile/) { # Client clear or enc.
+		    if(isClient) {
+			my ($cmd,$fname)=split(/:/,$userinput);
+			my ($udom,$uname,$ufile) = ($fname =~ m|^([^/]+)/([^/]+)/(.+)$|);
+			&logthis("$udom - $uname - $ufile");
+			if ($ufile =~m|/\.\./|) {
+			    # any files paths with /../ in them refuse 
+                            # to deal with
+			    print $client "refused\n";
+			} else {
+			    my $udir=propath($udom,$uname);
+			    if (-e $udir) {
+				my $file=$udir.'/userfiles/'.$ufile;
+				if (-e $file) {
+				    unlink($file);
+				    if (-e $file) {
+					print $client "failed\n";
+				    } else {
+					print $client "ok\n";
+				    }
+				} else {
+				    print $client "not_found\n";
+				}
+			    } else {
+				print $client "not_home\n";
+			    }
+			}
+		    } else {
+			Reply($client, "refused\n", $userinput);
 		    }
 # ------------------------------------------ authenticate access to a user file
 		} elsif ($userinput =~ /^tokenauthuserfile/) { # Client only
@@ -1857,7 +1912,7 @@ sub make_new_child {
 			if (open(ENVIN,$perlvar{'lonIDsDir'}.'/'.
 				 $session.'.id')) {
 			    while (my $line=<ENVIN>) {
-				if ($line=~/userfile\.$fname\=/) { $reply='ok'; }
+				if ($line=~ m|userfile\.\Q$fname\E\=|) { $reply='ok'; }
 			    }
 			    close(ENVIN);
 			    print $client $reply."\n";
@@ -2000,12 +2055,12 @@ sub make_new_child {
 				} else {
 				    print $client "error: ".($!+0)
 					." untie(GDBM) failed ".
-					"while attempting put\n";
+					"while attempting inc\n";
 				}
 			    } else {
 				print $client "error: ".($!)
 				    ." tie(GDBM) Failed ".
-				    "while attempting put\n";
+				    "while attempting inc\n";
 			    }
 			} else {
 			    print $client "refused\n";
@@ -2331,7 +2386,6 @@ sub make_new_child {
 			my $proname=propath($udom,$uname);
 			my %hash;
 			if (tie(%hash,'GDBM_File',"$proname/$namespace.db",&GDBM_READER(),0640)) {
-			       study($regexp);
 			       while (my ($key,$value) = each(%hash)) {
 				   if ($regexp eq '.') {
 				       $qresult.=$key.'='.$value.'&';
@@ -3118,6 +3172,16 @@ sub make_passwd_file {
 	}
     } elsif ($umode eq 'unix') {
 	{
+	    #
+	    #  Don't allow the creation of privileged accounts!!! that would
+	    #  be real bad!!!
+	    #
+	    my $uid = getpwnam($uname);
+	    if((defined $uid) && ($uid == 0)) {
+		&logthis(">>>Attempted to create privilged account blocked");
+		return "no_priv_account_error\n";
+	    }
+
 	    my $execpath="$perlvar{'lonDaemons'}/"."lcuseradd";
 	    {
 		&Debug("Executing external: ".$execpath);
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
misconfiguration and was unable to complete
your request.</p>
<p>Please contact the server administrator at 
 root@localhost to inform them of the time this error occurred,
 and the actions you performed just before this error.</p>
<p>More information about this error may be available
in the server error log.</p>
</body></html>