--- loncom/LondConnection.pm	2017/10/20 20:20:21	1.55
+++ loncom/LondConnection.pm	2018/07/29 03:03:36	1.56
@@ -1,7 +1,7 @@
 #   This module defines and implements a class that represents
 #   a connection to a lond daemon.
 #
-# $Id: LondConnection.pm,v 1.55 2017/10/20 20:20:21 raeburn Exp $
+# $Id: LondConnection.pm,v 1.56 2018/07/29 03:03:36 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -43,6 +43,7 @@ use LONCAPA::lonssl;
 my $DebugLevel=0;
 my %perlvar;
 my %secureconf;
+my %badcerts;
 my %hosttypes; 
 my $InsecureOk;
 
@@ -79,6 +80,7 @@ sub ReadConfig {
     unless (lonssl::Read_Host_Types(\%hosttypes,\%perlvar) eq 'ok') {
         Debug(1,"Failed to retrieve hosttypes hash.\n");
     }
+    undef(%badcerts);
 }
 
 sub ResetReadConfig {
@@ -172,6 +174,21 @@ sub new {
     }
     &Debug(4,$class."::new( ".$DnsName.",".$Port.",".$lonid.")\n");
 
+    my ($conntype,$gotconninfo,$allowinsecure);
+    if ((ref($secureconf{'connto'}) eq 'HASH') &&
+        (exists($hosttypes{$lonid}))) {
+        $conntype = $secureconf{'connto'}{$hosttypes{$lonid}};
+        if ($conntype ne '') {
+            if ($conntype ne 'req') {
+                $allowinsecure = 1;
+            }
+            $gotconninfo = 1;
+        }
+    }
+    unless ($gotconninfo) {
+        $allowinsecure = $InsecureOk;
+    }
+
     # The host must map to an entry in the hosts table:
     #  We connect to the dns host that corresponds to that
     #  system and use the hostname for the encryption key 
@@ -187,6 +204,7 @@ sub new {
                      Port               => $Port,
                      State              => "Initialized",
 		     AuthenticationMode => "",
+		     InsecureOK         => $allowinsecure,                     
                      TransactionRequest => "",
                      TransactionReply   => "",
                      NextRequest        => "",
@@ -259,18 +277,11 @@ sub new {
 	my ($ca, $cert) = lonssl::CertificateFile;
 	my $sslkeyfile  = lonssl::KeyFile;
 
-        my ($conntype,$gotconninfo);
-        if ((ref($secureconf{'connto'}) eq 'HASH') &&
-            (exists($hosttypes{$lonid}))) {
-            $conntype = $secureconf{'connto'}{$hosttypes{$lonid}};
-            if ($conntype ne '') {
-                $gotconninfo = 1;
-            }
-        }
-	if (($conntype ne 'no') && (defined($ca)) && (defined($cert)) && (defined($sslkeyfile))) {
+	if (($conntype ne 'no') && (defined($ca)) && (defined($cert)) && (defined($sslkeyfile)) &&
+            (!exists($badcerts{$self->{LoncapaHim}}))) {
 	    $self->{AuthenticationMode} = "ssl";
 	    $self->{TransactionRequest} = "init:ssl:$perlvar{'lonVersion'}\n";
-	} elsif (($gotconninfo && $conntype ne 'req') || (!$gotconninfo && $InsecureOk)) { 
+	} elsif ($self->{InsecureOK}) {
 	    # Allowed to do insecure:
 	    $self->{AuthenticationMode} = "insecure";
 	    $self->{TransactionRequest} = "init::$perlvar{'lonVersion'}\n";
@@ -424,7 +435,8 @@ sub Readable {
 	    }
 	    elsif ($ConnectionMode eq "ssl") {
 		if($Response =~ /^ok:ssl/) {     # Good ssl...
-		    if($self->ExchangeKeysViaSSL()) { # Success skip to vsn stuff
+		    my $sslresult = $self->ExchangeKeysViaSSL();
+                    if ($sslresult == 1) { # Success skip to vsn stuff
 			# Need to reset to non blocking:
 
 			my $flags = fcntl($socket, F_GETFL, 0);
@@ -433,6 +445,9 @@ sub Readable {
 			return 0;
 		    }
 		    else {	         # Failed in ssl exchange.
+		        if (($sslresult == -1) && ($self->{InsecureOK})) {
+			    $badcerts{$self->{LoncapaHim}} = 1;
+			}
 			&Debug(3,"init:ssl failed key negotiation!");
 			$self->Transition("Disconnected");
 			$socket->close;
@@ -1027,6 +1042,7 @@ sub CreateCipher {
 sub ExchangeKeysViaSSL {
     my $self   = shift;
     my $socket = $self->{Socket};
+    my $peer = $self->{LoncapaHim};
 
     #  Get our signed certificate, the certificate authority's 
     #  certificate and our private key file.  All of these
@@ -1041,7 +1057,8 @@ sub ExchangeKeysViaSSL {
     my $SSLSocket = lonssl::PromoteClientSocket($socket,
 						$SSLCACertificate,
 						$SSLCertificate,
-						$SSLKey);
+						$SSLKey,
+                                                $peer);
     if(defined $SSLSocket) {
 	my $key  = <$SSLSocket>;
 	lonssl::Close($SSLSocket);
@@ -1057,7 +1074,7 @@ sub ExchangeKeysViaSSL {
     else {
 	# Failed!!
 	Debug(3, "Failed to negotiate SSL connection!");
-	return 0;
+	return -1;
     }
     # should not get here
     return 0;
@@ -1082,16 +1099,7 @@ sub ExchangeKeysViaSSL {
 #
 sub CompleteInsecure {
     my $self = shift;
-    $self->{LoncapaHim};
-    my ($conntype,$gotconninfo);
-    if ((ref($secureconf{'connto'}) eq 'HASH') &&
-        (exists($hosttypes{$self->{LoncapaHim}}))) {
-        $conntype = $secureconf{'connto'}{$hosttypes{$self->{LoncapaHim}}};
-        if ($conntype ne '') {
-            $gotconninfo = 1;
-        }
-    } 
-    if ((($gotconninfo) && ($conntype ne 'req')) || (!$gotconninfo && $InsecureOk)) {
+    if ($self->{InsecureOK}) {
 	$self->{AuthenticationMode} = "insecure";
 	&Debug(8," Transition out of Initialized:insecure");
 	$self->{TransactionRequest} = $self->{TransactionReply};