CVS log for loncom/auth/lontokacc.pm

[BACK] Up to [LON-CAPA] / loncom / auth

Request diff between arbitrary revisions


Keyword substitution: kv
Default branch: MAIN


Revision 1.20: download - view: text, markup, annotated - select for diffs
Fri Dec 18 15:23:03 2020 UTC (4 years ago) by raeburn
Branches: MAIN
CVS tags: version_2_12_X, version_2_11_X, version_2_11_5_msu, version_2_11_5, version_2_11_4_uiuc, version_2_11_4_msu, version_2_11_4, version_2_11_3_uiuc, version_2_11_3_msu, version_2_11_3, HEAD
Diff to previous 1.19: preferred, unified
Changes since revision 1.19: +2 -2 lines
- Retrieval of requestor's IP address centralized in lonnet::get_requestor_ip()
- Domain configuration to allow domain's LON-CAPA nodes to operate behind a
  WAF/Reverse Proxy using aliased hostname (CNAME).
- Web requests from other nodes bypass the WAF as their requests are made
  directly to the server hostname (A record); same for internal LON-CAPA
  connections for lonc -> lond.

Revision 1.19: download - view: text, markup, annotated - select for diffs
Wed May 16 09:45:58 2007 UTC (17 years, 7 months ago) by albertel
Branches: MAIN
CVS tags: version_2_9_X, version_2_9_99_0, version_2_9_1, version_2_9_0, version_2_8_X, version_2_8_99_1, version_2_8_99_0, version_2_8_2, version_2_8_1, version_2_8_0, version_2_7_X, version_2_7_99_1, version_2_7_99_0, version_2_7_1, version_2_7_0, version_2_6_X, version_2_6_99_1, version_2_6_99_0, version_2_6_3, version_2_6_2, version_2_6_1, version_2_6_0, version_2_5_X, version_2_5_99_1, version_2_5_99_0, version_2_5_2, version_2_5_1, version_2_5_0, version_2_4_X, version_2_4_99_0, version_2_4_2, version_2_4_1, version_2_4_0, version_2_3_99_0, version_2_11_2_uiuc, version_2_11_2_msu, version_2_11_2_educog, version_2_11_2, version_2_11_1, version_2_11_0_RC3, version_2_11_0_RC2, version_2_11_0_RC1, version_2_11_0, version_2_10_X, version_2_10_1, version_2_10_0_RC2, version_2_10_0_RC1, version_2_10_0, loncapaMITrelate_1, language_hyphenation_merge, language_hyphenation, bz6209-base, bz6209, bz5969, bz2851, PRINT_INCOMPLETE_base, PRINT_INCOMPLETE, GCI_3, GCI_2, GCI_1, BZ5971-printing-apage, BZ5434-fox, BZ4492-merge, BZ4492-feature_horizontal_radioresponse, BZ4492-feature_Support_horizontal_radioresponse, BZ4492-Support_horizontal_radioresponse
Diff to previous 1.18: preferred, unified
Changes since revision 1.18: +2 -24 lines
- if there is a hostid returned from get_hosts_from_ip then it's a valid host to send the file to

Revision 1.18: download - view: text, markup, annotated - select for diffs
Fri Mar 2 23:43:29 2007 UTC (17 years, 9 months ago) by albertel
Branches: MAIN
Diff to previous 1.17: preferred, unified
Changes since revision 1.17: +5 -6 lines
- maiking this get_iphost thing more targeted easier to dns with

Revision 1.17: download - view: text, markup, annotated - select for diffs
Fri Mar 2 23:17:48 2007 UTC (17 years, 9 months ago) by albertel
Branches: MAIN
Diff to previous 1.16: preferred, unified
Changes since revision 1.16: +2 -2 lines
- starting work on moving to distributed DNS, eliminate usage of the lonnet hostanme global

Revision 1.16: download - view: text, markup, annotated - select for diffs
Tue Feb 7 19:46:26 2006 UTC (18 years, 10 months ago) by albertel
Branches: MAIN
CVS tags: version_2_3_X, version_2_3_2, version_2_3_1, version_2_3_0, version_2_2_X, version_2_2_99_1, version_2_2_99_0, version_2_2_2, version_2_2_1, version_2_2_0, version_2_1_X, version_2_1_99_3, version_2_1_99_2, version_2_1_99_1, version_2_1_99_0, version_2_1_3
Diff to previous 1.15: preferred, unified
Changes since revision 1.15: +2 -1 lines
- Apache 2 doesn't like it when PerlCleanupHandlers don't return an Apache::Constant (like OK or DECLINED ...)

Revision 1.15: download - view: text, markup, annotated - select for diffs
Thu Mar 3 05:44:51 2005 UTC (19 years, 9 months ago) by albertel
Branches: MAIN
CVS tags: version_2_1_2, version_2_1_1, version_2_1_0, version_2_0_X, version_2_0_99_1, version_2_0_2, version_2_0_1, version_2_0_0, version_1_99_3, version_1_99_2, version_1_99_1_tmcc, version_1_99_1, version_1_99_0_tmcc, version_1_99_0
Diff to previous 1.14: preferred, unified
Changes since revision 1.14: +4 -3 lines
- tokacc was trying to compares lon-capa host ids and DNS name, silly tokacc

Revision 1.14: download - view: text, markup, annotated - select for diffs
Thu Feb 10 22:30:56 2005 UTC (19 years, 10 months ago) by albertel
Branches: MAIN
Diff to previous 1.13: preferred, unified
Changes since revision 1.13: +11 -8 lines
- more delayed IP rsoultion work

Revision 1.13: download - view: text, markup, annotated - select for diffs
Mon Feb 7 17:04:53 2005 UTC (19 years, 10 months ago) by albertel
Branches: MAIN
Diff to previous 1.12: preferred, unified
Changes since revision 1.12: +2 -2 lines
- need that use

Revision 1.12: download - view: text, markup, annotated - select for diffs
Sun Feb 6 07:23:40 2005 UTC (19 years, 10 months ago) by albertel
Branches: MAIN
Diff to previous 1.11: preferred, unified
Changes since revision 1.11: +8 -2 lines
- better job of finding our whose asking for stuff

Revision 1.11: download - view: text, markup, annotated - select for diffs
Sat Feb 5 22:20:56 2005 UTC (19 years, 10 months ago) by albertel
Branches: MAIN
Diff to previous 1.10: preferred, unified
Changes since revision 1.10: +7 -13 lines
- removing IP number use from webserver some of BUG#2330

Revision 1.10: download - view: text, markup, annotated - select for diffs
Tue May 11 06:49:58 2004 UTC (20 years, 7 months ago) by albertel
Branches: MAIN
CVS tags: version_1_3_X, version_1_3_3, version_1_3_2, version_1_3_1, version_1_3_0, version_1_2_X, version_1_2_99_1, version_1_2_99_0, version_1_2_1, version_1_2_0, version_1_1_99_5, version_1_1_99_4, version_1_1_99_3, version_1_1_99_2, version_1_1_99_1, version_1_1_99_0
Diff to previous 1.9: preferred, unified
Changes since revision 1.9: +2 -2 lines
- these seem to cause a bit much spew

Revision 1.9: download - view: text, markup, annotated - select for diffs
Fri Aug 1 17:25:40 2003 UTC (21 years, 4 months ago) by www
Branches: MAIN
CVS tags: version_1_1_X, version_1_1_3, version_1_1_2, version_1_1_1, version_1_1_0, version_1_0_99_3, version_1_0_99_2, version_1_0_99_1, version_1_0_99, version_1_0_3, version_1_0_2, version_1_0_1, version_1_0_0, version_0_99_5, version_0_99_4
Diff to previous 1.8: preferred, unified
Changes since revision 1.8: +1 -3 lines
Problem with lontokacc running twice on high school machines if cleanup
was registered dynamically.

Revision 1.8: download - view: text, markup, annotated - select for diffs
Fri Aug 1 15:46:10 2003 UTC (21 years, 4 months ago) by www
Branches: MAIN
Diff to previous 1.7: preferred, unified
Changes since revision 1.7: +2 -2 lines
Remove debugging code

Revision 1.7: download - view: text, markup, annotated - select for diffs
Mon Oct 21 19:15:10 2002 UTC (22 years, 2 months ago) by bowersj2
Branches: MAIN
CVS tags: version_0_99_3, version_0_99_2, version_0_99_1, version_0_99_0, version_0_6_2, version_0_6, conference_2003
Diff to previous 1.6: preferred, unified
Changes since revision 1.6: +9 -5 lines
This took way longer then it should have.

lonracc and lontokacc will now be accepting when one of two conditions
is met:

* The double-reverse lookup, according to $r->get_remote_host(REMOTE_DOUBLE_REV)
  is successful. This is identical to before.
* The claimed host is the same as the current server, which works even with
  wonky /etc/hosts files.

I was initially worried this might be a potential security problem, but I do
not believe it is. The reason is that this clause ONLY comes into effect
when you're trying to spoof yourself as the server you are talking to. Even
if you succeed, the server will then proceed to send itself a subscription
request, which is not a big deal, PLUS the reason this is occuring in the
first place is that the name maps back to 127.0.0.1, SO this request will
go through the local interface anyhow, meaning Mr. Remote Attacker can't even
see the subscription request that wouldn't help him anyhow.

So in the end, all this does is hypothetically allow an attacker to cause a
server machine to subscribe itself to resources it hosts. This does not give
the hypothetical attacker any benefit. Thus, this is not a security hole.

Revision 1.6: download - view: text, markup, annotated - select for diffs
Thu Aug 8 13:45:21 2002 UTC (22 years, 4 months ago) by www
Branches: MAIN
CVS tags: version_0_5_1, version_0_5
Diff to previous 1.5: preferred, unified
Changes since revision 1.5: +8 -3 lines
Routines for file upload

Revision 1.5: download - view: text, markup, annotated - select for diffs
Fri Aug 2 14:45:04 2002 UTC (22 years, 4 months ago) by www
Branches: MAIN
Diff to previous 1.4: preferred, unified
Changes since revision 1.4: +14 -3 lines
Towards inter-server document transfer

Revision 1.4: download - view: text, markup, annotated - select for diffs
Thu Aug 1 22:36:11 2002 UTC (22 years, 4 months ago) by www
Branches: MAIN
Diff to previous 1.3: preferred, unified
Changes since revision 1.3: +29 -19 lines
Completely new version, derived from lonracc, to control access to
userfile temp storage to registered servers only.

Revision 1.3: download - view: text, markup, annotated - select for diffs
Wed Jul 31 15:23:55 2002 UTC (22 years, 5 months ago) by www
Branches: MAIN
Diff to previous 1.2: preferred, unified
Changes since revision 1.2: +7 -5 lines
Token security file upload

Revision 1.2: download - view: text, markup, annotated - select for diffs
Sat Jul 27 19:06:41 2002 UTC (22 years, 5 months ago) by www
Branches: MAIN
Diff to previous 1.1: preferred, unified
Changes since revision 1.1: +9 -7 lines
Toward bug 481.

To use token-based access, use for example

'<img src="'.&Apache::lonnet::tokenwrapper($fulluri).'" />'

Revision 1.1: download - view: text, markup, annotated - select for diffs
Sat Jul 27 18:48:19 2002 UTC (22 years, 5 months ago) by www
Branches: MAIN
Bug #481
Simple token-based access mechanism.

Diff request

This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Log view options

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>