--- loncom/auth/lontokacc.pm	2002/10/21 19:15:10	1.7
+++ loncom/auth/lontokacc.pm	2005/03/03 05:44:51	1.15
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Access Handler for User File Transfers
 #
-# $Id: lontokacc.pm,v 1.7 2002/10/21 19:15:10 bowersj2 Exp $
+# $Id: lontokacc.pm,v 1.15 2005/03/03 05:44:51 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -32,20 +32,19 @@ use strict;
 use Apache::Constants qw(:common :remotehost);
 use Apache::lonnet();
 use Apache::File();
-use Data::Dumper;
+use IO::Socket;
 
 sub handler {
     my $r = shift;
-    my $reqhost = $r->get_remote_host(REMOTE_DOUBLE_REV);
-    if (!$reqhost && $r->get_remote_host(REMOTE_NOLOOKUP) eq $r->get_server_name()) { 
-        $reqhost = $r->get_server_name(); 
+    my $reqhost = $r->get_remote_host(REMOTE_NOLOOKUP);
+    my %iphost=&Apache::lonnet::get_iphost();
+    my $hostids=$iphost{$reqhost};
+    if (!$hostids && $reqhost ne '127.0.0.1' ) {
+	$r->log_reason("Unable to find a host for ".
+		       $r->get_remote_host(REMOTE_NOLOOKUP));
+	return FORBIDDEN;
     }
-    unless ($reqhost) {
-        $r->log_reason("Spoof request from ". $reqhost);
-        return FORBIDDEN;
-    }
-    if ($reqhost eq 'localhost.localdomain') {
-       $r->register_cleanup(\&removefile);
+    if ($reqhost eq '127.0.0.1') {
        return OK;
     }
     my $readline;
@@ -57,15 +56,18 @@ sub handler {
           return FORBIDDEN;
        }
        while ($readline=<$fh>) {
-          my ($id,$domain,$role,$name,$ip)=split(/:/,$readline);
-          if ($name =~ /$reqhost/i) {
-             $r->register_cleanup(\&removefile); 
-             return OK; 
-          }
+	   $readline=~s/\s*$//;
+	   my ($id,$domain,$role,$name)=split(/:/,$readline);
+	   foreach my $hostid (@{$hostids}) {
+	       my $hostname=$Apache::lonnet::hostname{$hostid};
+	       if ($name =~ /^\Q$hostname\E$/i) {
+		   return OK; 
+	       }
+	   }
        }
 
     }
-    $r->log_reason("Invalid request for user file transfer from $reqhost", 
+    $r->log_reason("Invalid request for user file transfer from $reqhost (".join(",",@{$hostids}).")", 
                    $r->filename); 
     return FORBIDDEN;
 }
@@ -74,7 +76,7 @@ sub removefile {
     my $r=shift;
     if ($r->status==200) {
         unlink($r->filename);
-	&Apache::lonnet::logthis('Unlinking '.$r->filename);
+	#&Apache::lonnet::logthis('Unlinking '.$r->filename);
     } else {
         &Apache::lonnet::logthis('Failed to transfer '.$r->filename);
     }