[BACK]Return to lonenc.pm CVS log [TXT] [DIR] Up to [LON-CAPA] / loncom

Diff for /loncom/lonenc.pm between versions 1.4 and 1.11

version 1.4, 2004/11/10 22:20:50 version 1.11, 2005/04/07 06:56:20
Line 30  package Apache::lonenc; Line 30  package Apache::lonenc;
   
 use strict;  use strict;
 use Apache::Constants qw(:common :remotehost);  use Apache::Constants qw(:common :remotehost);
 use Apache::lonnet();  use Apache::lonnet;
 use Apache::File();  use Apache::File();
 use Apache::loncommon;  use Apache::loncommon;
 use Crypt::IDEA;  use Crypt::IDEA;
   use Time::HiRes qw(gettimeofday);
   
 sub handler {  sub handler {
     my $r = shift;      my $r = shift;
Line 44  sub handler { Line 45  sub handler {
  my $handle=$lonid->value;   my $handle=$lonid->value;
         $handle=~s/\W//g;          $handle=~s/\W//g;
         my $lonidsdir=$r->dir_config('lonIDsDir');          my $lonidsdir=$r->dir_config('lonIDsDir');
  $ENV{'request.enc'}=1;   $env{'request.enc'}=1;
         if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {          if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
 # Initialize Environment  # Initialize Environment
             &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);              &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
 # Decrypt URL and redirect  # Decrypt URL and redirect
     &Apache::lonnet::logthis("args ".$r->args);      my $redirect=&unencrypted($r->uri);
     &Apache::lonnet::logthis("uri ".$r->uri);      if ($r->args) { $redirect.='?'.$r->args; }
     $r->internal_redirect(&unencrypted($r->uri).'?'.$r->args);      $r->internal_redirect($redirect);
     return OK;      return OK;
  }    } 
     }      }
Line 59  sub handler { Line 60  sub handler {
 }  }
   
 sub encryptseed {  sub encryptseed {
     my $seed=$ENV{'course.'.$ENV{'request.course.id'}.'.internal.encseed'};      my $seed=$env{'course.'.$env{'request.course.id'}.'.internal.encseed'};
     $seed=~s/[^0-9a-f]/0/g;      $seed=~s/[^0-9a-f]/0/g;
     $seed.='0123456789abcdef';      $seed.='0123456789abcdef';
     $seed=substr($seed.$seed,0,32);      $seed=substr($seed.$seed,0,32);
Line 82  sub unencrypted { Line 83  sub unencrypted {
   pack("H16",substr($uri,$encidx,16))    pack("H16",substr($uri,$encidx,16))
   );    );
     }      }
       $env{'request.enc'}=1;
       $decuri=&remove_noise($decuri);
     return substr($decuri,0,$cmdlength);      return substr($decuri,0,$cmdlength);
 }  }
   
   # add a randomish character after every 4th caharacter
   sub add_noise {
       my ($uri)=@_;
       my @noise=split(/(.)/,(&gettimeofday())[1]);
       my $noisy;
       my $i;
       foreach my $chunk (split(/(....)/,$uri)) {
    $noisy.=$chunk;
    $noisy.=$noise[($i++)%(scalar@noise)];
       }
       return $noisy;
   }
   
   # remove every fifth character
   sub remove_noise {
       my ($uri)=@_;
       my $clean;
       foreach my $chunk (split(/(....)./,$uri)) { $clean.=$chunk; }
       return $clean;
   }
   
 sub encrypted {  sub encrypted {
     my $uri=shift;      my $uri=shift;
     if ($ENV{'request.role.adv'}) { return($uri); }      if ($env{'request.role.adv'}) { return($uri); }
     my $seed=&encryptseed();      my $seed=&encryptseed();
     unless ($seed) {      unless ($seed) {
  return $uri;   return $uri;
     }      }
     my $cmdlength=length($uri);      my $cmdlength=length($uri);
     $uri.='00000000';      # add noise before enc so that that same url's look different
       $uri=&add_noise($uri);
       my $noiselength=length($uri);
       $uri.=time;
     my $encuri='';      my $encuri='';
     my $cipher=new IDEA $seed;      my $cipher=new IDEA $seed;
     for (my $encidx=0;$encidx<=$cmdlength;$encidx+=8) {      for (my $encidx=0;$encidx<=$noiselength;$encidx+=8) {
  $encuri.=unpack("H16",   $encuri.=unpack("H16",
  $cipher->encrypt(substr($uri,$encidx,8)));   $cipher->encrypt(substr($uri,$encidx,8)));
     }      }
     return '/enc/'.$cmdlength.'/'.&Apache::lonnet::escape($encuri);      return '/enc/'.$cmdlength.'/'.&Apache::lonnet::escape($encuri);
 }  }
   
   sub check_encrypt {
       my $str=shift;
       if ($env{'request.enc'}) { return &Apache::lonenc::encrypted($str); }
       return $str;
   }
   
   sub check_decrypt {
       my ($str)=@_;
       if (ref($str)) {
    if ($$str=~m|^/enc/|) { $$str=&Apache::lonenc::unencrypted($$str); }
    return;
       }
       if ($str=~m|^/enc/|) { return &Apache::lonenc::unencrypted($str); }
       return $str;
   }
   
   sub encrypt_ref {
       my ($token,$elements)=@_;
       my $html;
       if ($env{'request.enc'}) {
    while (my ($name,$value)= each(%{ $elements })) {
       if (!$value) { next; }
       my $href=&Apache::lonnet::hreflocation($Apache::lonxml::pwd[-1],$value);
       if ($href !~ /^http:/) { $href=&Apache::lonenc::encrypted($href); }
       $token->[2]->{$name}=$href;
    }
    $html = &Apache::edit::rebuild_tag($token);
       } else {
    $html = $token->[4];
       }
       return $html;
   }
 1;  1;
 __END__  __END__
   
Removed from v.1.4  
changed lines
  Added in v.1.11

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
500 Internal Server Error

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at root@localhost to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.