--- loncom/auth/lontokacc.pm 2003/08/01 15:46:10 1.8 +++ loncom/auth/lontokacc.pm 2007/05/16 09:45:58 1.19 @@ -1,7 +1,7 @@ # The LearningOnline Network # Access Handler for User File Transfers # -# $Id: lontokacc.pm,v 1.8 2003/08/01 15:46:10 www Exp $ +# $Id: lontokacc.pm,v 1.19 2007/05/16 09:45:58 albertel Exp $ # # Copyright Michigan State University Board of Trustees # @@ -32,52 +32,32 @@ use strict; use Apache::Constants qw(:common :remotehost); use Apache::lonnet(); use Apache::File(); - +use IO::Socket; sub handler { my $r = shift; - my $reqhost = $r->get_remote_host(REMOTE_DOUBLE_REV); - if (!$reqhost && $r->get_remote_host(REMOTE_NOLOOKUP) eq $r->get_server_name()) { - $reqhost = $r->get_server_name(); - } - unless ($reqhost) { - $r->log_reason("Spoof request from ". $reqhost); - return FORBIDDEN; + my $reqhost = $r->get_remote_host(REMOTE_NOLOOKUP); + my @hostids= &Apache::lonnet::get_hosts_from_ip($reqhost); + if (!@hostids && $reqhost ne '127.0.0.1' ) { + $r->log_reason("Unable to find a host for ". + $r->get_remote_host(REMOTE_NOLOOKUP)); + return FORBIDDEN; } - if ($reqhost eq 'localhost.localdomain') { - $r->register_cleanup(\&removefile); + if ($reqhost eq '127.0.0.1') { return OK; } - my $readline; - my $lontabdir=$r->dir_config('lonTabDir'); - { - my $fh; - unless ($fh=Apache::File->new("$lontabdir/hosts.tab")) { - $r->log_reason("Could not find host tab file"); - return FORBIDDEN; - } - while ($readline=<$fh>) { - my ($id,$domain,$role,$name,$ip)=split(/:/,$readline); - if ($name =~ /$reqhost/i) { - $r->register_cleanup(\&removefile); - return OK; - } - } - - } - $r->log_reason("Invalid request for user file transfer from $reqhost", - $r->filename); - return FORBIDDEN; + return OK; } sub removefile { my $r=shift; if ($r->status==200) { unlink($r->filename); - &Apache::lonnet::logthis('Unlinking '.$r->filename); + #&Apache::lonnet::logthis('Unlinking '.$r->filename); } else { &Apache::lonnet::logthis('Failed to transfer '.$r->filename); } + return OK; } 1; __END__