1: #
2: # $Id: lonlocal.pm,v 1.2 2004/05/28 09:39:11 foxr Exp $
3: #
4: # Copyright Michigan State University Board of Trustees
5: #
6: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
7: #
8: # LON-CAPA is free software; you can redistribute it and/or modify
9: # it under the terms of the GNU General Public License as published by
10: # the Free Software Foundation; either version 2 of the License, or
11: # (at your option) any later version.
12: #
13: # LON-CAPA is distributed in the hope that it will be useful,
14: # but WITHOUT ANY WARRANTY; without even the implied warranty of
15: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16: # GNU General Public License for more details.
17: #
18: # You should have received a copy of the GNU General Public License
19: # along with LON-CAPA; if not, write to the Free Software
20: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21: #
22: # /home/httpd/html/adm/gpl.txt
23: #
24: # http://www.lon-capa.org/
25: #
26: package lonlocal;
27:
28: #
29: # Module that provides support for local connections between secure
30: # lonc and secure lond.
31: #
32: # A local connection exchanges one-time session keys through a
33: # file that is written in the certificate directory by lonc and
34: # read/deleted by lond. The file is created with permissions
35: # rw------- (0600) to prevent it from being snooped unless the system
36: # itself has been broken. In addition the file will not be around
37: # for very long so it will be hard to find.
38: #
39:
40: use strict;
41:
42: # CPAN/standard modules
43:
44: use English;
45: use Crypt::IDEA;
46:
47: # LONCAPA modules
48:
49: use LONCAPA::Configuration;
50:
51: # Global variables:
52:
53: my $perlvar; # Refers to the apache perlsetvar hash.
54:
55: # Initialization
56:
57: $perlvar = LONCAPA::Configuration::read_conf('loncapa.conf');
58:
59:
60: #------------------------------------------------------------------------
61: #
62: # Name BuildKey
63: # Description: Create an encryption key.
64: # Returns: The key.
65: #
66: sub CreateCipherKey {
67:
68: my $keylength;
69: my $binaryKey;
70: my $cipherkey;
71:
72: # we'll use the output of /dev/random to produce our key.
73: # On a system with decent entropy, this ought to be much more
74: # random than all the playing that used to be done to get a key.
75: #
76:
77: $keylength = IDEA::keysize();
78: open(RANDOM, "</dev/random");
79: sysread(RANDOM, $binaryKey, $keylength);
80: close RANDOM;
81:
82: # The key must be returned in a stringified form in order to be
83: # transmitted to the peer:
84:
85: my $hexdigits = $keylength*2; # Assume 8 bits/byte.
86: my $template = "H".$hexdigits;
87: $cipherkey = unpack($template, $binaryKey);
88:
89: return $cipherkey;
90: }
91:
92: #------------------------------------------------------------------------
93: #
94: # Name CreateKeyFile
95: # Description Creates a private key file and writes an IDEA key into it.
96: #
97: # Returns
98: # A two element list containing:
99: # - The private key that was created
100: # - The full path to the file that contains it.
101: #
102: sub CreateKeyFile {
103:
104: # To create the file we need some perlvars to tell us where the
105: # certificate directory. We'll make a file named localkey.$pid
106: # there, and set the mode before writing into it.
107: #
108:
109:
110: }
111:
112:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>