File:  [LON-CAPA] / loncom / auth / lonracc.pm
Revision 1.6: download - view: text, annotated - select for diffs
Mon Oct 21 19:15:10 2002 UTC (22 years, 2 months ago) by bowersj2
Branches: MAIN
CVS tags: HEAD
This took way longer then it should have.

lonracc and lontokacc will now be accepting when one of two conditions
is met:

* The double-reverse lookup, according to $r->get_remote_host(REMOTE_DOUBLE_REV)
  is successful. This is identical to before.
* The claimed host is the same as the current server, which works even with
  wonky /etc/hosts files.

I was initially worried this might be a potential security problem, but I do
not believe it is. The reason is that this clause ONLY comes into effect
when you're trying to spoof yourself as the server you are talking to. Even
if you succeed, the server will then proceed to send itself a subscription
request, which is not a big deal, PLUS the reason this is occuring in the
first place is that the name maps back to 127.0.0.1, SO this request will
go through the local interface anyhow, meaning Mr. Remote Attacker can't even
see the subscription request that wouldn't help him anyhow.

So in the end, all this does is hypothetically allow an attacker to cause a
server machine to subscribe itself to resources it hosts. This does not give
the hypothetical attacker any benefit. Thus, this is not a security hole.

# The LearningOnline Network
# Access Handler for File Transfers
#
# $Id: lonracc.pm,v 1.6 2002/10/21 19:15:10 bowersj2 Exp $
#
# Copyright Michigan State University Board of Trustees
#
# This file is part of the LearningOnline Network with CAPA (LON-CAPA).
#
# LON-CAPA is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# LON-CAPA is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with LON-CAPA; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
# /home/httpd/html/adm/gpl.txt
#
# http://www.lon-capa.org/
#
# (lonacc: Cookie Based Access Handler
# 5/21/99,5/22,5/29,5/31,6/15 Gerd Kortemeyer)
# 6/16,6/18,7/3,
# 6/30/00 Gerd Kortemeyer

package Apache::lonracc;

use strict;
use Apache::Constants qw(:common :remotehost);
use Apache::lonnet();
use Apache::File();

sub subscribed {
    my ($filename,$id) = @_;
    my $found=0;
    my $expr='^'.$id.':'.$Apache::lonnet::hostip{$id}.':';
    $expr =~ s/\./\\\./g;
    my $sh;
    if ($sh=Apache::File->new("$filename.subscription")) {
	while (my $subline=<$sh>) { if ($subline =~ /$expr/) { $found=1; } }
	$sh->close();
    }
    return $found;
}

sub handler {
    my $r = shift;
    my $reqhost = $r->get_remote_host(REMOTE_DOUBLE_REV);
    if (!$reqhost && $r->get_remote_host(REMOTE_NOLOOKUP) eq $r->get_server_name()) { 
        $reqhost = $r->get_server_name();
    } 
    unless ($reqhost)
       $r->log_reason("Spoof request from ".$ENV{'REMOTE_ADDR'});
       return FORBIDDEN;
    }
    my $readline;
    my $lontabdir=$r->dir_config('lonTabDir');
    {
       my $fh;
       unless ($fh=Apache::File->new("$lontabdir/hosts.tab")) {
          $r->log_reason("Could not find host tab file");
          return FORBIDDEN;
       }
       while ($readline=<$fh>) {
          my ($id,$domain,$role,$name,$ip)=split(/:/,$readline);
          if ($name =~ /$reqhost/i) {
              my $filename=$r->filename;
              if ((-e "$filename.$id") ||
		  &subscribed($filename,$id) ||
		  ($filename=~/\.meta$/)) {
	         return OK;
              } else {
                 $r->log_reason("$id not subscribed", $r->filename);
                 return FORBIDDEN;
              }
          }
       }

    }
    $r->log_reason("Invalid request for file transfer from $reqhost", 
                   $r->filename); 
    return FORBIDDEN;
}

1;
__END__

=head1 NAME

Apache::lonracc - Access Handler for File Transfers

=head1 SYNOPSIS

Invoked by /etc/httpd/conf/loncapa.conf:

 <LocationMatch "^/raw.*">
 PerlAccessHandler Apache::lonracc
 </LocationMatch>

=head1 INTRODUCTION

This module enables authentication for file transfers and works
against the /res tree.

Only lond invokes the /raw namespace through its subscribe function.

This is part of the LearningOnline Network with CAPA project
described at http://www.lon-capa.org.

=head1 HANDLER SUBROUTINE

This routine is called by Apache and mod_perl.

=over 4

=item *

Determine requesting host

=item *

See whether or not the requesting host is subscribed.

=item *

Respond with status of request and make log entry in case of unallowed
access.

=back

=cut








FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>