--- loncom/auth/lonracc.pm 2002/07/26 19:35:20 1.5
+++ loncom/auth/lonracc.pm 2007/02/01 06:20:34 1.18
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Access Handler for File Transfers
#
-# $Id: lonracc.pm,v 1.5 2002/07/26 19:35:20 albertel Exp $
+# $Id: lonracc.pm,v 1.18 2007/02/01 06:20:34 albertel Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -25,25 +25,31 @@
#
# http://www.lon-capa.org/
#
-# (lonacc: Cookie Based Access Handler
-# 5/21/99,5/22,5/29,5/31,6/15 Gerd Kortemeyer)
-# 6/16,6/18,7/3,
-# 6/30/00 Gerd Kortemeyer
package Apache::lonracc;
use strict;
use Apache::Constants qw(:common :remotehost);
-use Apache::lonnet();
+use Apache::lonnet;
use Apache::File();
+use IO::Socket;
sub subscribed {
my ($filename,$id) = @_;
+
+ return 0 if (-e "$filename.subscription");
+
+ my $hostname=$Apache::lonnet::hostname{$id};
+ my (undef,undef,undef,undef,$ip) = gethostbyname($hostname);
+
+ return 0 if (length($ip) != 4);
+
+ $ip=inet_ntoa($ip);
+
+ my $expr='^'.quotemeta($id).':'.quotemeta($ip).':';
+
my $found=0;
- my $expr='^'.$id.':'.$Apache::lonnet::hostip{$id}.':';
- $expr =~ s/\./\\\./g;
- my $sh;
- if ($sh=Apache::File->new("$filename.subscription")) {
+ if (my $sh=Apache::File->new("$filename.subscription")) {
while (my $subline=<$sh>) { if ($subline =~ /$expr/) { $found=1; } }
$sh->close();
}
@@ -52,34 +58,36 @@ sub subscribed {
sub handler {
my $r = shift;
- my $reqhost;
- unless ($reqhost=$r->get_remote_host(REMOTE_DOUBLE_REV)) {
- $r->log_reason("Spoof request");
- return FORBIDDEN;
+ my $reqhost = $r->get_remote_host(REMOTE_NOLOOKUP);
+ my %iphost=&Apache::lonnet::get_iphost();
+ my $hostids=$iphost{$reqhost};
+ if (!$hostids && $reqhost ne '127.0.0.1' ) {
+ $r->log_reason("Unable to find a host for ".
+ $r->get_remote_host(REMOTE_NOLOOKUP));
+ return FORBIDDEN;
+ }
+ if ($reqhost eq '127.0.0.1') {
+ return OK;
}
- my $readline;
- my $lontabdir=$r->dir_config('lonTabDir');
- {
- my $fh;
- unless ($fh=Apache::File->new("$lontabdir/hosts.tab")) {
- $r->log_reason("Could not find host tab file");
- return FORBIDDEN;
- }
- while ($readline=<$fh>) {
- my ($id,$domain,$role,$name,$ip)=split(/:/,$readline);
- if ($name =~ /$reqhost/i) {
- my $filename=$r->filename;
- if ((-e "$filename.$id") ||
- &subscribed($filename,$id) ||
- ($filename=~/\.meta$/)) {
- return OK;
- } else {
- $r->log_reason("$id not subscribed", $r->filename);
- return FORBIDDEN;
- }
- }
- }
+ my $return;
+ my @ids;
+ foreach my $id (@{$hostids}) {
+ my $filename=$r->filename;
+ my $uri =$r->uri;
+ if (($filename=~/\.meta$/) ||
+ ($uri=~m|^/raw/uploaded|) ||
+ (-e "$filename.$id") ||
+ &subscribed($filename,$id) ) {
+ return OK;
+ } else {
+ $return=FORBIDDEN;
+ push(@ids,$id);
+ }
+ }
+ if ($return == FORBIDDEN) {
+ $r->log_reason(join(':',@ids)." not subscribed", $r->filename);
+ return FORBIDDEN;
}
$r->log_reason("Invalid request for file transfer from $reqhost",
$r->filename);
500 Internal Server Error
Internal Server Error
The server encountered an internal error or
misconfiguration and was unable to complete
your request.
Please contact the server administrator at
root@localhost to inform them of the time this error occurred,
and the actions you performed just before this error.
More information about this error may be available
in the server error log.