version 1.8, 2004/12/17 21:44:19
|
version 1.13, 2006/03/22 19:55:39
|
Line 30 package Apache::lonenc;
|
Line 30 package Apache::lonenc;
|
|
|
use strict; |
use strict; |
use Apache::Constants qw(:common :remotehost); |
use Apache::Constants qw(:common :remotehost); |
use Apache::lonnet(); |
use Apache::lonnet; |
use Apache::File(); |
use Apache::File(); |
use Apache::loncommon; |
use Apache::loncommon; |
use Crypt::IDEA; |
use Crypt::IDEA; |
|
use Time::HiRes qw(gettimeofday); |
|
|
sub handler { |
sub handler { |
my $r = shift; |
my $r = shift; |
Line 44 sub handler {
|
Line 45 sub handler {
|
my $handle=$lonid->value; |
my $handle=$lonid->value; |
$handle=~s/\W//g; |
$handle=~s/\W//g; |
my $lonidsdir=$r->dir_config('lonIDsDir'); |
my $lonidsdir=$r->dir_config('lonIDsDir'); |
$ENV{'request.enc'}=1; |
$env{'request.enc'}=1; |
if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) { |
if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) { |
# Initialize Environment |
# Initialize Environment |
&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle); |
&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle); |
Line 59 sub handler {
|
Line 60 sub handler {
|
} |
} |
|
|
sub encryptseed { |
sub encryptseed { |
my $seed=$ENV{'course.'.$ENV{'request.course.id'}.'.internal.encseed'}; |
my $seed=$env{'course.'.$env{'request.course.id'}.'.internal.encseed'}; |
$seed=~s/[^0-9a-f]/0/g; |
$seed=~s/[^0-9a-f]/0/g; |
$seed.='0123456789abcdef'; |
$seed.='0123456789abcdef'; |
$seed=substr($seed.$seed,0,32); |
$seed=substr($seed.$seed,0,32); |
Line 82 sub unencrypted {
|
Line 83 sub unencrypted {
|
pack("H16",substr($uri,$encidx,16)) |
pack("H16",substr($uri,$encidx,16)) |
); |
); |
} |
} |
$ENV{'request.enc'}=1; |
$env{'request.enc'}=1; |
|
$decuri=&remove_noise($decuri); |
return substr($decuri,0,$cmdlength); |
return substr($decuri,0,$cmdlength); |
} |
} |
|
|
|
# add a randomish character after every 4th caharacter |
|
sub add_noise { |
|
my ($uri)=@_; |
|
my @noise=split(/(.)/,(&gettimeofday())[1]); |
|
my $noisy; |
|
my $i; |
|
foreach my $chunk (split(/(....)/,$uri)) { |
|
$noisy.=$chunk; |
|
$noisy.=$noise[($i++)%(scalar@noise)]; |
|
} |
|
return $noisy; |
|
} |
|
|
|
# remove every fifth character |
|
sub remove_noise { |
|
my ($uri)=@_; |
|
my $clean; |
|
foreach my $chunk (split(/(....)./,$uri)) { $clean.=$chunk; } |
|
return $clean; |
|
} |
|
|
sub encrypted { |
sub encrypted { |
my $uri=shift; |
my ($uri,$force_enc) = @_; |
if ($ENV{'request.role.adv'}) { return($uri); } |
if (!$force_enc && $env{'request.role.adv'}) { return($uri); } |
my $seed=&encryptseed(); |
my $seed=&encryptseed(); |
unless ($seed) { |
unless ($seed) { |
return $uri; |
return $uri; |
} |
} |
my $cmdlength=length($uri); |
my $cmdlength=length($uri); |
$uri.='00000000'; |
# add noise before enc so that that same url's look different |
|
$uri=&add_noise($uri); |
|
my $noiselength=length($uri); |
|
$uri.=time; |
my $encuri=''; |
my $encuri=''; |
my $cipher=new IDEA $seed; |
my $cipher=new IDEA $seed; |
for (my $encidx=0;$encidx<=$cmdlength;$encidx+=8) { |
for (my $encidx=0;$encidx<=$noiselength;$encidx+=8) { |
$encuri.=unpack("H16", |
$encuri.=unpack("H16", |
$cipher->encrypt(substr($uri,$encidx,8))); |
$cipher->encrypt(substr($uri,$encidx,8))); |
} |
} |
Line 106 sub encrypted {
|
Line 132 sub encrypted {
|
|
|
sub check_encrypt { |
sub check_encrypt { |
my $str=shift; |
my $str=shift; |
if ($ENV{'request.enc'}) { return &Apache::lonenc::encrypted($str); } |
if ($env{'request.enc'}) { return &Apache::lonenc::encrypted($str); } |
return $str; |
return $str; |
} |
} |
|
|
Line 120 sub check_decrypt {
|
Line 146 sub check_decrypt {
|
return $str; |
return $str; |
} |
} |
|
|
|
sub encrypt_ref { |
|
my ($token,$elements,$force_enc)=@_; |
|
my $html; |
|
if ($force_enc || $env{'request.enc'}) { |
|
while (my ($name,$value)= each(%{ $elements })) { |
|
if (!$value) { next; } |
|
my $href=&Apache::lonnet::hreflocation($Apache::lonxml::pwd[-1],$value); |
|
if ($href !~ /^http:/) { |
|
$href = &Apache::lonenc::encrypted($href,$force_enc); |
|
} |
|
$token->[2]->{$name}=$href; |
|
} |
|
delete($token->[2]->{'encrypturl'}); |
|
$html = &Apache::edit::rebuild_tag($token); |
|
} else { |
|
$html = $token->[4]; |
|
} |
|
return $html; |
|
} |
1; |
1; |
__END__ |
__END__ |
|
|