--- loncom/auth/lontokacc.pm	2002/08/08 13:45:21	1.6
+++ loncom/auth/lontokacc.pm	2005/02/06 07:23:40	1.12
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Access Handler for User File Transfers
 #
-# $Id: lontokacc.pm,v 1.6 2002/08/08 13:45:21 www Exp $
+# $Id: lontokacc.pm,v 1.12 2005/02/06 07:23:40 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -33,15 +33,17 @@ use Apache::Constants qw(:common :remote
 use Apache::lonnet();
 use Apache::File();
 
+
 sub handler {
     my $r = shift;
-    my $reqhost;
-    unless ($reqhost=$r->get_remote_host(REMOTE_DOUBLE_REV)) {
-       $r->log_reason("Spoof request ".$reqhost);
-       return FORBIDDEN;
+    my $reqhost = $r->get_remote_host(REMOTE_NOLOOKUP);
+    my $netaddr=inet_aton($reqhost);
+    ($reqhost) = gethostbyaddr($netaddr,AF_INET);
+    if (!$reqhost) {
+	$r->log_reason("Unable to do hostname $reqhost lookup for ".$r->get_remote_host(REMOTE_NOLOOKUP));
+	return FORBIDDEN;
     }
     if ($reqhost eq 'localhost.localdomain') {
-       $r->register_cleanup(\&removefile);
        return OK;
     }
     my $readline;
@@ -53,11 +55,11 @@ sub handler {
           return FORBIDDEN;
        }
        while ($readline=<$fh>) {
-          my ($id,$domain,$role,$name,$ip)=split(/:/,$readline);
-          if ($name =~ /$reqhost/i) {
-             $r->register_cleanup(\&removefile); 
-             return OK; 
-          }
+	   $readline=~s/\s*$//;
+	   my ($id,$domain,$role,$name)=split(/:/,$readline);
+	   if ($name =~ /\Q$reqhost\E/i) {
+	       return OK; 
+	   }
        }
 
     }
@@ -70,7 +72,7 @@ sub removefile {
     my $r=shift;
     if ($r->status==200) {
         unlink($r->filename);
-	&Apache::lonnet::logthis('Unlinking '.$r->filename);
+	#&Apache::lonnet::logthis('Unlinking '.$r->filename);
     } else {
         &Apache::lonnet::logthis('Failed to transfer '.$r->filename);
     }