--- loncom/lontrans.pm 2006/05/30 12:45:12 1.11
+++ loncom/lontrans.pm 2020/12/23 22:03:42 1.28
@@ -1,7 +1,7 @@
# The LearningOnline Network
# URL translation for User Files
#
-# $Id: lontrans.pm,v 1.11 2006/05/30 12:45:12 www Exp $
+# $Id: lontrans.pm,v 1.28 2020/12/23 22:03:42 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -29,15 +29,77 @@
package Apache::lontrans;
use strict;
-use Apache::Constants qw(:common :remotehost);
-use Apache::lonnet();
+use Apache::Constants qw(:common :remotehost REDIRECT);
+use Apache::lonnet;
use Apache::File();
-use lib '/home/httpd/lib/perl';
-use LONCAPA;
-
+use LONCAPA qw(:DEFAULT :match);
sub handler {
my $r = shift;
+ # FIXME line remove when mod_perl fixes BUG#4948
+ $r->notes->set('error-notes' => '');
+ my $hdrhost = $r->headers_in->get('Host');
+ if ($r->uri=~m{^/raw/}) {
+ if ($hdrhost) {
+ unless ($hdrhost =~ /^internal\-/) {
+ my $remote_ip = &Apache::lonnet::get_requestor_ip($r,REMOTE_NOLOOKUP,1);
+ my $lonhost = $r->dir_config('lonHostID');
+ if (&redirect_raw($remote_ip,$lonhost)) {
+ my $location = 'https://internal-'.$hdrhost.$r->uri;
+ $r->headers_out->set(Location => $location);
+ return REDIRECT;
+ }
+ }
+ }
+ }
+ my $alias = &Apache::lonnet::get_proxy_alias();
+ if ($alias) {
+ my $lonhost = $r->dir_config('lonHostID');
+ my $hostname = &Apache::lonnet::hostname($lonhost);
+ if (($hdrhost eq $alias) || ($hdrhost eq $hostname)) {
+ my $proxyinfo = &Apache::lonnet::get_proxy_settings($r->dir_config('lonDefDomain'));
+ my ($vpnpriv,$vpnnat);
+ if (ref($proxyinfo) eq 'HASH') {
+ $vpnpriv = $proxyinfo->{'exempt'};
+ $vpnnat = '35.12.16.96-35.12.16.111';
+ }
+ my $redirect;
+ if ($hdrhost eq $alias) {
+ my $remote_ip = &Apache::lonnet::get_requestor_ip($r,REMOTE_NOLOOKUP);
+ if ($vpnnat && &Apache::lonnet::ip_match($remote_ip,$vpnnat)) {
+ $redirect = $hostname;
+ if ($redirect eq $hdrhost) {
+ undef($redirect);
+ }
+ }
+ } elsif ($hdrhost eq $hostname) {
+ my $remote_ip = &Apache::lonnet::get_requestor_ip($r,REMOTE_NOLOOKUP,1);
+ unless (($remote_ip eq '127.0.0.1') ||
+ ($remote_ip eq &Apache::lonnet::get_host_ip($lonhost)) ||
+ ($vpnpriv && &Apache::lonnet::ip_match($remote_ip,$vpnpriv))) {
+ $redirect = $alias;
+ if ($r->uri=~m{^/raw/}){
+ my %iphost = &Apache::lonnet::get_iphost();
+ if (exists($iphost{$remote_ip})) {
+ undef($redirect);
+ }
+ }
+ }
+ }
+ if ($redirect) {
+ my $uri = $r->uri;
+ my $protocol = 'http';
+ my $port = $r->get_server_port();
+ if ($port eq '443') {
+ $protocol = 'https';
+ }
+# FIXME should check if logged in, and if so use switchserver/migrateuser approach,
+# possibly moved to Access Handler?
+ $r->header_out(Location => $protocol.'://'.$redirect.$uri);
+ return REDIRECT;
+ }
+ }
+ }
if ($r->uri=~m|^(/raw)?/uploaded/|) {
my $fn = $r->uri();
$fn=~s/^\/raw//;
@@ -48,25 +110,67 @@ sub handler {
my @ids=&Apache::lonnet::current_machine_ids();
foreach my $id (@ids) { if ($id eq $chome) { $allowed=1; } }
if ($allowed) {
- $r->filename(&propath($udom,$uname).
- '/userfiles/'.(join('/',@ufile)));
+ $r->filename(&propath($udom,$uname).
+ '/userfiles/'.(join('/',@ufile)));
+ }
+ return OK;
+ } elsif ($r->uri =~ m{^\Q/adm/wrapper/ext/https:/\E[^/]}) {
+ my $uri = $r->uri;
+ $uri =~ s{^(\Q/adm/wrapper/ext/https:/\E)}{$1/};
+ $r->uri($uri);
+ }
+ return DECLINED;
+}
+
+sub redirect_raw {
+ my ($remote_ip,$lonhost) = @_;
+ my @remhostids = &Apache::lonnet::get_hosts_from_ip($remote_ip);
+ my $redirect;
+ while (@remhostids) {
+ my $try_server = pop(@remhostids);
+ my $remhostname = &Apache::lonnet::hostname($try_server);
+ if ($remhostname) {
+ my $remoterev = &Apache::lonnet::get_server_loncaparev(undef,$try_server);
+ my ($remmajor,$remminor) = ($remoterev =~ /^(\d+)\.(\d+)/);
+ if (($remmajor > 2) || (($remmajor == 2) && $remminor >= 12)) {
+ my $internet_names = &Apache::lonnet::get_internet_names($try_server);
+ if (ref($internet_names) eq 'ARRAY') {
+ my $intdom = &Apache::lonnet::internet_dom($lonhost);
+ unless (grep(/^\Q$intdom\E$/,@{$internet_names})) {
+ my $lonhostname = &Apache::lonnet::hostname($lonhost);
+ my $serverhomeID = &Apache::lonnet::get_server_homeID($lonhostname);
+ my $serverhomedom = &Apache::lonnet::host_domain($serverhomeID);
+ my %domdefaults = &Apache::lonnet::get_domain_defaults($serverhomedom);
+ my $replication = $domdefaults{'replication'};
+ if (ref($replication) eq 'HASH') {
+ my $remhomeID = &Apache::lonnet::get_server_homeID($remhostname);
+ my $remhomedom = &Apache::lonnet::host_domain($remhomeID);
+ my $remprimary = &Apache::lonnet::domain($remhomedom,'primary');
+ my $remintdom = &Apache::lonnet::internet_dom($remprimary);
+ if (ref($replication->{'certreq'}) eq 'ARRAY') {
+ if (grep(/^\Q$remintdom\E$/,@{$replication->{'certreq'}})) {
+ $redirect = 0;
+ } else {
+ $redirect = 1;
+ }
+ }
+ if (ref($replication->{'nocertreq'}) eq 'ARRAY') {
+ if (grep(/^\Q$remintdom\E$/,@{$replication->{'nocertreq'}})) {
+ $redirect = 1;
+ } else {
+ $redirect = 0;
+ }
+ }
+ }
+ }
+ }
+ }
+ last;
}
- } elsif ($r->uri=~m|^/~|) {
- #internal authentication, needs fixup.
- my $fn = $r->uri(); # non users do not get the full path request
- # through SCRIPT_FILENAME
- $fn=~s|^/~(\w+)|/home/$1/public_html|;
- $r->filename($fn);
- } else { return DECLINED; }
- return OK;
+ }
+ return $redirect;
}
1;
__END__
-
-
-
-
-
-
500 Internal Server Error
Internal Server Error
The server encountered an internal error or
misconfiguration and was unable to complete
your request.
Please contact the server administrator at
root@localhost to inform them of the time this error occurred,
and the actions you performed just before this error.
More information about this error may be available
in the server error log.