version 1.6, 2004/11/14 07:54:41
|
version 1.9, 2004/12/20 19:26:53
|
Line 34 use Apache::lonnet();
|
Line 34 use Apache::lonnet();
|
use Apache::File(); |
use Apache::File(); |
use Apache::loncommon; |
use Apache::loncommon; |
use Crypt::IDEA; |
use Crypt::IDEA; |
|
use Time::HiRes qw(gettimeofday); |
|
|
sub handler { |
sub handler { |
my $r = shift; |
my $r = shift; |
Line 49 sub handler {
|
Line 50 sub handler {
|
# Initialize Environment |
# Initialize Environment |
&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle); |
&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle); |
# Decrypt URL and redirect |
# Decrypt URL and redirect |
&Apache::lonnet::logthis("args ".$r->args); |
my $redirect=&unencrypted($r->uri); |
&Apache::lonnet::logthis("uri ".$r->uri); |
if ($r->args) { $redirect.='?'.$r->args; } |
$r->internal_redirect(&unencrypted($r->uri).'?'.$r->args); |
$r->internal_redirect($redirect); |
return OK; |
return OK; |
} |
} |
} |
} |
Line 83 sub unencrypted {
|
Line 84 sub unencrypted {
|
); |
); |
} |
} |
$ENV{'request.enc'}=1; |
$ENV{'request.enc'}=1; |
|
$decuri=&remove_noise($decuri); |
return substr($decuri,0,$cmdlength); |
return substr($decuri,0,$cmdlength); |
} |
} |
|
|
|
# add a randomish character after every 4th caharacter |
|
sub add_noise { |
|
my ($uri)=@_; |
|
my @noise=split(/(.)/,(&gettimeofday())[1]); |
|
my $noisy; |
|
my $i; |
|
foreach my $chunk (split(/(....)/,$uri)) { |
|
$noisy.=$chunk; |
|
$noisy.=$noise[($i++)%(scalar@noise)]; |
|
} |
|
return $noisy; |
|
} |
|
|
|
# remove every fifth character |
|
sub remove_noise { |
|
my ($uri)=@_; |
|
my $clean; |
|
foreach my $chunk (split(/(....)./,$uri)) { $clean.=$chunk; } |
|
return $clean; |
|
} |
|
|
sub encrypted { |
sub encrypted { |
my $uri=shift; |
my $uri=shift; |
if ($ENV{'request.role.adv'}) { return($uri); } |
if ($ENV{'request.role.adv'}) { return($uri); } |
Line 94 sub encrypted {
|
Line 117 sub encrypted {
|
return $uri; |
return $uri; |
} |
} |
my $cmdlength=length($uri); |
my $cmdlength=length($uri); |
$uri.='00000000'; |
# add noise before enc so that that same url's look different |
|
$uri=&add_noise($uri); |
|
my $noiselength=length($uri); |
|
$uri.=time; |
my $encuri=''; |
my $encuri=''; |
my $cipher=new IDEA $seed; |
my $cipher=new IDEA $seed; |
for (my $encidx=0;$encidx<=$cmdlength;$encidx+=8) { |
for (my $encidx=0;$encidx<=$noiselength;$encidx+=8) { |
$encuri.=unpack("H16", |
$encuri.=unpack("H16", |
$cipher->encrypt(substr($uri,$encidx,8))); |
$cipher->encrypt(substr($uri,$encidx,8))); |
} |
} |
Line 112 sub check_encrypt {
|
Line 138 sub check_encrypt {
|
|
|
sub check_decrypt { |
sub check_decrypt { |
my ($str)=@_; |
my ($str)=@_; |
if ($$str=~m|^/enc/|) { $$str=&Apache::lonenc::unencrypted($$str); } |
if (ref($str)) { |
|
if ($$str=~m|^/enc/|) { $$str=&Apache::lonenc::unencrypted($$str); } |
|
return; |
|
} |
|
if ($str=~m|^/enc/|) { return &Apache::lonenc::unencrypted($str); } |
|
return $str; |
} |
} |
|
|
1; |
1; |