--- loncom/loncron	2017/10/20 13:38:34	1.103.2.1
+++ loncom/loncron	2017/10/20 11:54:54	1.105
@@ -2,7 +2,7 @@
 
 # Housekeeping program, started by cron, loncontrol and loncron.pl
 #
-# $Id: loncron,v 1.103.2.1 2017/10/20 13:38:34 raeburn Exp $
+# $Id: loncron,v 1.105 2017/10/20 11:54:54 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -41,6 +41,8 @@ use IO::File;
 use IO::Socket;
 use HTML::Entities;
 use Getopt::Long;
+use GDBM_File;
+use Storable qw(thaw);
 #globals
 use vars qw (%perlvar %simplestatus $errors $warnings $notices $totalcount);
 
@@ -819,6 +821,127 @@ sub write_checksums {
     return;
 }
 
+sub write_connection_config {
+    my ($isprimary,$domconf,$url,%connectssl);
+    my $primaryLibServer = &Apache::lonnet::domain($perlvar{'lonDefDomain'},'primary');
+    if ($primaryLibServer eq $perlvar{'lonHostID'}) {
+        $isprimary = 1;
+    } elsif ($primaryLibServer ne '') {
+        my $protocol = $Apache::lonnet::protocol{$primaryLibServer};
+        my $hostname = &Apache::lonnet::hostname($primaryLibServer);
+        unless ($protocol eq 'https') {
+            $protocol = 'http';
+        }
+        $url = $protocol.'://'.$hostname.'/cgi-bin/listdomconfig.pl';
+    }
+    my $domconf = &get_domain_config($perlvar{'lonDefDomain'},$primaryLibServer,$isprimary,
+                                     $url);
+    if (ref($domconf) eq 'HASH') {
+        if (ref($domconf->{'ssl'}) eq 'HASH') {
+            foreach my $connect ('connto','connfrom') {
+                if (ref($domconf->{'ssl'}->{$connect}) eq 'HASH') {
+                    my ($sslreq,$sslnoreq,$currsetting);
+                    my %contypes;
+                    foreach my $type ('dom','intdom','other') {
+                        $connectssl{$connect.'_'.$type} = $domconf->{'ssl'}->{$connect}->{$type};
+                    }
+                }
+            }
+        }
+        if (keys(%connectssl)) {
+            if (open(my $fh,">$perlvar{'lonTabDir'}/connectionrules.tab")) {
+                my $count = 0;
+                foreach my $key (sort(keys(%connectssl))) { 
+                    print $fh "$key=$connectssl{$key}\n";
+                    $count ++;
+                }
+                close($fh);
+                print "Completed writing SSL options for lonc/lond for $count items.\n";
+            }
+        } else {
+            print "Writing of SSL options skipped - no connection rules in domain configuration.\n";
+        }
+    } else {
+        print "Retrieval of SSL options for lonc/lond skipped - no configuration data available for domain.\n";
+    }
+}
+
+sub get_domain_config {
+    my ($dom,$primlibserv,$isprimary,$url) = @_;
+    my %confhash;
+    if ($isprimary) {
+        my $lonusersdir = $perlvar{'lonUsersDir'};
+        my $fname = $lonusersdir.'/'.$dom.'/configuration.db';
+        if (-e $fname) {
+            my $dbref=&LONCAPA::locking_hash_tie($fname,&GDBM_READER());
+            if (ref($dbref) eq 'HASH') {
+                foreach my $key (sort(keys(%{$dbref}))) {
+                    my $value = $dbref->{$key};
+                    if ($value =~ s/^__FROZEN__//) {
+                        $value = thaw(&LONCAPA::unescape($value));
+                    } else {
+                        $value = &LONCAPA::unescape($value);
+                    }
+                    $confhash{$key} = $value;
+                }
+                &LONCAPA::locking_hash_untie($dbref);
+            }
+        }
+    } else {
+        if (open(PIPE,"wget --no-check-certificate '$url?primary=$primlibserv&format=raw' |")) {
+            my $config = '';
+            while (<PIPE>) {
+                $config .= $_;
+            }
+            close(PIPE);
+            if ($config) {
+                my @pairs=split(/\&/,$config);
+                foreach my $item (@pairs) {
+                    my ($key,$value)=split(/=/,$item,2);
+                    my $what = &LONCAPA::unescape($key);
+                    if ($value =~ s/^__FROZEN__//) {
+                        $value = thaw(&LONCAPA::unescape($value));
+                    } else {
+                        $value = &LONCAPA::unescape($value);
+                    }
+                    $confhash{$what}=$value;
+                }
+            }
+        }
+    }
+    return \%confhash;
+}
+
+sub write_hosttypes {
+    my %intdom = &Apache::lonnet::all_host_intdom();
+    my %hostdom = &Apache::lonnet::all_host_domain();
+    my $dom = $hostdom{$perlvar{'lonHostID'}};
+    my $internetdom = $intdom{$perlvar{'lonHostID'}};
+    if (($dom ne '') && ($internetdom ne '')) {
+        if (keys(%hostdom)) {
+            if (open(my $fh,">$perlvar{'lonTabDir'}/hosttypes.tab")) {
+                my $count = 0;
+                foreach my $lonid (sort(keys(%hostdom))) {
+                    my $type = 'other';
+                    if ($hostdom{$lonid} eq $dom) {
+                        $type = 'dom'; 
+                    } elsif ($intdom{$lonid} eq $internetdom) {
+                        $type = 'intdom';
+                    }
+                    print $fh "$lonid:$type\n";
+                    $count ++;
+                }
+                close($fh);
+                print "Completed writing host type data for $count hosts.\n";
+            }
+        } else {
+            print "Writing of host types skipped - no hosts found.\n";
+        }
+    } else {
+        print "Writing of host types skipped - could not determine this host's LON-CAPA domain or 'internet' domain.\n";
+    }
+}
+
 sub send_mail {
     my $defdom = $perlvar{'lonDefDomain'};
     my $origmail = $perlvar{'lonAdmEMail'};
@@ -994,6 +1117,8 @@ sub main () {
         &checkon_daemon($fh,'lonr',40000);
     }
     if ($justreload) {
+        &write_connection_config();
+        &write_hosttypes();
 	&checkon_daemon($fh,'lond',40000,'USR2');
 	&checkon_daemon($fh,'lonc',40000,'USR2');
     }
@@ -1007,6 +1132,8 @@ sub main () {
         &write_loncaparevs();
         &write_serverhomeIDs();
 	&write_checksums();
+        &write_connection_config();
+        &write_hosttypes();
 	if ($totalcount>200 && !$noemail) { &send_mail(); }
     }
 }