CVS log for loncom/auth/lonracc.pm

[BACK] Up to [LON-CAPA] / loncom / auth

Request diff between arbitrary revisions


Keyword substitution: kv
Default branch: MAIN


Revision 1.24: download - view: text, markup, annotated - select for diffs
Fri Dec 18 15:23:03 2020 UTC (4 years ago) by raeburn
Branches: MAIN
CVS tags: version_2_12_X, version_2_11_X, version_2_11_5_msu, version_2_11_5, version_2_11_4_uiuc, version_2_11_4_msu, version_2_11_4, version_2_11_3_uiuc, version_2_11_3_msu, version_2_11_3, HEAD
Diff to previous 1.23: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.23: +2 -2 lines
- Retrieval of requestor's IP address centralized in lonnet::get_requestor_ip()
- Domain configuration to allow domain's LON-CAPA nodes to operate behind a
  WAF/Reverse Proxy using aliased hostname (CNAME).
- Web requests from other nodes bypass the WAF as their requests are made
  directly to the server hostname (A record); same for internal LON-CAPA
  connections for lonc -> lond.

Revision 1.23: download - view: text, markup, annotated - select for diffs
Wed Nov 12 20:01:09 2008 UTC (16 years, 1 month ago) by jms
Branches: MAIN
CVS tags: version_2_9_X, version_2_9_99_0, version_2_9_1, version_2_9_0, version_2_8_99_1, version_2_8_99_0, version_2_11_2_uiuc, version_2_11_2_msu, version_2_11_2_educog, version_2_11_2, version_2_11_1, version_2_11_0_RC3, version_2_11_0_RC2, version_2_11_0_RC1, version_2_11_0, version_2_10_X, version_2_10_1, version_2_10_0_RC2, version_2_10_0_RC1, version_2_10_0, loncapaMITrelate_1, language_hyphenation_merge, language_hyphenation, bz6209-base, bz6209, bz5969, bz2851, PRINT_INCOMPLETE_base, PRINT_INCOMPLETE, GCI_3, GCI_2, BZ5971-printing-apage, BZ5434-fox, BZ4492-merge, BZ4492-feature_horizontal_radioresponse, BZ4492-feature_Support_horizontal_radioresponse, BZ4492-Support_horizontal_radioresponse
Diff to previous 1.22: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.22: +48 -44 lines
Added/modified POD documentation

Revision 1.22: download - view: text, markup, annotated - select for diffs
Fri Mar 2 23:43:29 2007 UTC (17 years, 9 months ago) by albertel
Branches: MAIN
CVS tags: version_2_8_X, version_2_8_2, version_2_8_1, version_2_8_0, version_2_7_X, version_2_7_99_1, version_2_7_99_0, version_2_7_1, version_2_7_0, version_2_6_X, version_2_6_99_1, version_2_6_99_0, version_2_6_3, version_2_6_2, version_2_6_1, version_2_6_0, version_2_5_X, version_2_5_99_1, version_2_5_99_0, version_2_5_2, version_2_5_1, version_2_5_0, version_2_4_X, version_2_4_99_0, version_2_4_2, version_2_4_1, version_2_4_0, version_2_3_99_0, GCI_1
Diff to previous 1.21: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.21: +4 -5 lines
- maiking this get_iphost thing more targeted easier to dns with

Revision 1.21: download - view: text, markup, annotated - select for diffs
Fri Mar 2 23:17:48 2007 UTC (17 years, 9 months ago) by albertel
Branches: MAIN
Diff to previous 1.20: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.20: +2 -2 lines
- starting work on moving to distributed DNS, eliminate usage of the lonnet hostanme global

Revision 1.20: download - view: text, markup, annotated - select for diffs
Thu Feb 1 07:13:04 2007 UTC (17 years, 10 months ago) by albertel
Branches: MAIN
Diff to previous 1.19: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.19: +2 -2 lines
- got the logic backwards

Revision 1.19: download - view: text, markup, annotated - select for diffs
Thu Feb 1 06:31:33 2007 UTC (17 years, 10 months ago) by albertel
Branches: MAIN
Diff to previous 1.18: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.18: +7 -2 lines
- if the file doesn't exist return NOT_FOUND rather thaen letting it
  end up loggin the error message in the webserver error logs

Revision 1.18: download - view: text, markup, annotated - select for diffs
Thu Feb 1 06:20:34 2007 UTC (17 years, 10 months ago) by albertel
Branches: MAIN
Diff to previous 1.17: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.17: +18 -13 lines
- performace enhancements (no need to do hostname lookups in the uploaded case or if the .subscription file doesn't exist or its a meta file)
- some style
- notice when gethostbyname fails and fail gracefully rather than ISE

Revision 1.17: download - view: text, markup, annotated - select for diffs
Thu Apr 7 06:56:21 2005 UTC (19 years, 8 months ago) by albertel
Branches: MAIN
CVS tags: version_2_3_X, version_2_3_2, version_2_3_1, version_2_3_0, version_2_2_X, version_2_2_99_1, version_2_2_99_0, version_2_2_2, version_2_2_1, version_2_2_0, version_2_1_X, version_2_1_99_3, version_2_1_99_2, version_2_1_99_1, version_2_1_99_0, version_2_1_3, version_2_1_2, version_2_1_1, version_2_1_0, version_2_0_X, version_2_0_99_1, version_2_0_2, version_2_0_1, version_2_0_0, version_1_99_3, version_1_99_2, version_1_99_1_tmcc, version_1_99_1, version_1_99_0_tmcc, version_1_99_0
Diff to previous 1.16: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.16: +2 -2 lines
- ENV -> env

Revision 1.16: download - view: text, markup, annotated - select for diffs
Thu Feb 10 22:30:56 2005 UTC (19 years, 10 months ago) by albertel
Branches: MAIN
Diff to previous 1.15: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.15: +19 -19 lines
- more delayed IP rsoultion work

Revision 1.15: download - view: text, markup, annotated - select for diffs
Sun Feb 6 07:23:40 2005 UTC (19 years, 10 months ago) by albertel
Branches: MAIN
Diff to previous 1.14: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.14: +7 -4 lines
- better job of finding our whose asking for stuff

Revision 1.14: download - view: text, markup, annotated - select for diffs
Sat Feb 5 22:20:56 2005 UTC (19 years, 10 months ago) by albertel
Branches: MAIN
Diff to previous 1.13: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.13: +11 -11 lines
- removing IP number use from webserver some of BUG#2330

Revision 1.13: download - view: text, markup, annotated - select for diffs
Mon May 3 19:52:19 2004 UTC (20 years, 7 months ago) by www
Branches: MAIN
CVS tags: version_1_3_X, version_1_3_3, version_1_3_2, version_1_3_1, version_1_3_0, version_1_2_X, version_1_2_99_1, version_1_2_99_0, version_1_2_1, version_1_2_0, version_1_1_99_5, version_1_1_99_4, version_1_1_99_3, version_1_1_99_2, version_1_1_99_1, version_1_1_99_0
Diff to previous 1.12: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.12: +22 -31 lines
Bug #2951: do not read hosts.tab every time somebody wants a /raw resource.

Need to make sure that this still works for multi-domain servers, since I
remember that at some point the order of entries in either hosts.tab or
domain.tab mattered - this is now in random hash order.

Revision 1.12: download - view: text, markup, annotated - select for diffs
Mon Apr 26 00:07:29 2004 UTC (20 years, 8 months ago) by www
Branches: MAIN
Diff to previous 1.11: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.11: +4 -5 lines
Copying lines from lontokacc.pm to make DOCS-style courses work on
standalone machines again.

Revision 1.11: download - view: text, markup, annotated - select for diffs
Wed Mar 31 17:42:21 2004 UTC (20 years, 9 months ago) by raeburn
Branches: MAIN
Diff to previous 1.10: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.10: +4 -2 lines
Requests for files in /raw/uploaded on the home server for a course, generated  by lonnet::getuploaded() now use lonracc.pm for the AccessHandler phase.

Revision 1.10: download - view: text, markup, annotated - select for diffs
Tue May 27 18:31:31 2003 UTC (21 years, 7 months ago) by albertel
Branches: MAIN
CVS tags: version_1_1_X, version_1_1_3, version_1_1_2, version_1_1_1, version_1_1_0, version_1_0_99_3, version_1_0_99_2, version_1_0_99_1, version_1_0_99, version_1_0_3, version_1_0_2, version_1_0_1, version_1_0_0, version_0_99_5, version_0_99_4, version_0_99_3, version_0_99_2, version_0_99_1, conference_2003
Diff to previous 1.9: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.9: +2 -1 lines
- actually returning the FORBIDDEN now

Revision 1.9: download - view: text, markup, annotated - select for diffs
Tue May 27 18:07:22 2003 UTC (21 years, 7 months ago) by albertel
Branches: MAIN
Diff to previous 1.8: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.8: +5 -3 lines
- ctually declare variables in proper scope.
- shows list of all non subscribed hosts if it can't find a subscribed host

Revision 1.8: download - view: text, markup, annotated - select for diffs
Fri May 23 07:13:27 2003 UTC (21 years, 7 months ago) by albertel
Branches: MAIN
CVS tags: version_0_99_0
Diff to previous 1.7: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.7: +6 -4 lines
- machines multiple have multiple entries in hosts.tab, check if any of them are subscribed before giving up

Revision 1.7: download - view: text, markup, annotated - select for diffs
Tue Oct 29 18:34:33 2002 UTC (22 years, 2 months ago) by matthew
Branches: MAIN
CVS tags: version_0_6_2, version_0_6
Diff to previous 1.6: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.6: +2 -2 lines
Minor bug squish.  Added forgotten '{'.

Revision 1.6: download - view: text, markup, annotated - select for diffs
Mon Oct 21 19:15:10 2002 UTC (22 years, 2 months ago) by bowersj2
Branches: MAIN
Diff to previous 1.5: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.5: +7 -4 lines
This took way longer then it should have.

lonracc and lontokacc will now be accepting when one of two conditions
is met:

* The double-reverse lookup, according to $r->get_remote_host(REMOTE_DOUBLE_REV)
  is successful. This is identical to before.
* The claimed host is the same as the current server, which works even with
  wonky /etc/hosts files.

I was initially worried this might be a potential security problem, but I do
not believe it is. The reason is that this clause ONLY comes into effect
when you're trying to spoof yourself as the server you are talking to. Even
if you succeed, the server will then proceed to send itself a subscription
request, which is not a big deal, PLUS the reason this is occuring in the
first place is that the name maps back to 127.0.0.1, SO this request will
go through the local interface anyhow, meaning Mr. Remote Attacker can't even
see the subscription request that wouldn't help him anyhow.

So in the end, all this does is hypothetically allow an attacker to cause a
server machine to subscribe itself to resources it hosts. This does not give
the hypothetical attacker any benefit. Thus, this is not a security hole.

Revision 1.5: download - view: text, markup, annotated - select for diffs
Fri Jul 26 19:35:20 2002 UTC (22 years, 5 months ago) by albertel
Branches: MAIN
CVS tags: version_0_5_1, version_0_5
Diff to previous 1.4: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.4: +18 -2 lines

- Now have .subscription files, implemntation should be backward compatible and also should start migrating subscriptions over
- BUG#332

Revision 1.4: download - view: text, markup, annotated - select for diffs
Thu Jan 17 19:25:31 2002 UTC (22 years, 11 months ago) by harris41
Branches: MAIN
CVS tags: version_0_4, stable_2002_spring, stable_2002_july, stable_2002_april, STABLE
Diff to previous 1.3: preferred, unified
Changes since revision 1.3: +45 -1 lines
PODing this file

Revision 1.3: download - view: text, markup, annotated - [selected for diffs]
Thu Nov 29 19:12:44 2001 UTC (23 years, 1 month ago) by www
Branches: MAIN
Diff to previous 1.2: preferred, unified
Changes since revision 1.2: +25 -0 lines
GPL

Revision 1.2: download - view: text, markup, annotated - select for diffs
Fri Jun 30 17:09:51 2000 UTC (24 years, 6 months ago) by www
Branches: MAIN
CVS tags: stable_2001_fall
Diff to previous 1.1: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.1: +3 -2 lines
Now also replicate metadata files, filename.meta

Revision 1.1.1.1 (vendor branch): download - view: text, markup, annotated - select for diffs
Wed Oct 13 17:48:52 1999 UTC (25 years, 2 months ago) by albertel
Branches: loncom
CVS tags: start, LATEST, Bacillus, Aquifex
Diff to previous 1.1: preferred, unified to selected 1.3: preferred, unified
Changes since revision 1.1: +0 -0 lines
LON-CAPA Communication Module

Revision 1.1: download - view: text, markup, annotated - select for diffs
Wed Oct 13 17:48:52 1999 UTC (25 years, 2 months ago) by albertel
Branches: MAIN
Diff to selected 1.3: preferred, unified
Initial revision

Diff request

This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Log view options

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>