--- loncom/lond 2004/06/17 10:15:46 1.195
+++ loncom/lond 2004/06/17 11:02:25 1.196
@@ -2,7 +2,7 @@
# The LearningOnline Network
# lond "LON Daemon" Server (port "LOND" 5663)
#
-# $Id: lond,v 1.195 2004/06/17 10:15:46 foxr Exp $
+# $Id: lond,v 1.196 2004/06/17 11:02:25 foxr Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -51,12 +51,12 @@ use LONCAPA::ConfigFileEdit;
use LONCAPA::lonlocal;
use LONCAPA::lonssl;
-my $DEBUG = 0; # Non zero to enable debug log entries.
+my $DEBUG = 11; # Non zero to enable debug log entries.
my $status='';
my $lastlog='';
-my $VERSION='$Revision: 1.195 $'; #' stupid emacs
+my $VERSION='$Revision: 1.196 $'; #' stupid emacs
my $remoteVERSION;
my $currenthostid;
my $currentdomainid;
@@ -1527,6 +1527,25 @@ sub make_new_child {
# If the remote is attempting a local init... give that a try:
#
my ($i, $inittype) = split(/:/, $remotereq);
+
+ # If the connection type is ssl, but I didn't get my
+ # certificate files yet, then I'll drop back to
+ # insecure (if allowed).
+
+ if($inittype eq "ssl") {
+ my ($ca, $cert) = lonssl::CertificateFile;
+ my $kfile = lonssl::KeyFile;
+ if((!$ca) ||
+ (!$cert) ||
+ (!$kfile)) {
+ $inittype = ""; # This forces insecure attempt.
+ &logthis(" Certificates not "
+ ."installed -- trying insecure auth");
+ }
+ else { # SSL certificates are in place so
+ } # Leave the inittype alone.
+ }
+
if($inittype eq "local") {
my $key = LocalConnection($client, $remotereq);
if($key) {
@@ -1550,7 +1569,7 @@ sub make_new_child {
my $cipherkey = pack("H32", $key);
$cipher = new IDEA($cipherkey);
&logthis(''
- ."Successfull ssl authentication ");
+ ."Successfull ssl authentication with $clientname ");
} else {
$clientok = 0;
@@ -1562,7 +1581,7 @@ sub make_new_child {
if($ok) {
$clientok = 1;
&logthis(''
- ."Successful insecure authentication ");
+ ."Successful insecure authentication with $clientname ");
print $client "ok\n";
} else {
&logthis(''