version 1.136, 2003/08/12 19:46:04
|
version 1.140, 2003/08/26 11:15:57
|
Line 87 my $currenthostid;
|
Line 87 my $currenthostid;
|
my $currentdomainid; |
my $currentdomainid; |
|
|
my $client; |
my $client; |
|
my $clientip; |
|
|
my $server; |
my $server; |
my $thisserver; |
my $thisserver; |
|
|
Line 133 my @adderrors = ("ok",
|
Line 135 my @adderrors = ("ok",
|
|
|
|
|
# |
# |
|
# GetCertificate: Given a transaction that requires a certificate, |
|
# this function will extract the certificate from the transaction |
|
# request. Note that at this point, the only concept of a certificate |
|
# is the hostname to which we are connected. |
|
# |
|
# Parameter: |
|
# request - The request sent by our client (this parameterization may |
|
# need to change when we really use a certificate granting |
|
# authority. |
|
# |
|
sub GetCertificate { |
|
my $request = shift; |
|
|
|
return $clientip; |
|
} |
|
|
|
|
|
# |
|
# ValidManager: Determines if a given certificate represents a valid manager. |
|
# in this primitive implementation, the 'certificate' is |
|
# just the connecting loncapa client name. This is checked |
|
# against a valid client list in the configuration. |
|
# |
|
# |
|
sub ValidManager { |
|
my $certificate = shift; |
|
|
|
my $hostentry = $hostid{$certificate}; |
|
if ($hostentry ne undef) { |
|
&logthis('<font color="yellow">Authenticating manager'. |
|
" $hostentry</font>"); |
|
return 1; |
|
} else { |
|
&logthis('<font color="red"> Failed manager authentication '. |
|
"$certificate </font>"); |
|
} |
|
} |
|
# |
# Convert an error return code from lcpasswd to a string value. |
# Convert an error return code from lcpasswd to a string value. |
# |
# |
sub lcpasswdstrerror { |
sub lcpasswdstrerror { |
Line 534 sub make_new_child {
|
Line 574 sub make_new_child {
|
sigprocmask(SIG_BLOCK, $sigset) |
sigprocmask(SIG_BLOCK, $sigset) |
or die "Can't block SIGINT for fork: $!\n"; |
or die "Can't block SIGINT for fork: $!\n"; |
|
|
my $clientip; |
|
die "fork: $!" unless defined ($pid = fork); |
die "fork: $!" unless defined ($pid = fork); |
|
|
if ($pid) { |
if ($pid) { |
Line 652 sub make_new_child {
|
Line 691 sub make_new_child {
|
if ($userinput =~ /^ping/) { |
if ($userinput =~ /^ping/) { |
print $client "$currenthostid\n"; |
print $client "$currenthostid\n"; |
# ------------------------------------------------------------------------ pong |
# ------------------------------------------------------------------------ pong |
} elsif ($userinput =~ /^pong/) { |
}elsif ($userinput =~ /^pong/) { |
my $reply=&reply("ping",$hostid{$clientip}); |
my $reply=&reply("ping",$hostid{$clientip}); |
print $client "$currenthostid:$reply\n"; |
print $client "$currenthostid:$reply\n"; |
# ------------------------------------------------------------------------ ekey |
# ------------------------------------------------------------------------ ekey |
Line 683 sub make_new_child {
|
Line 722 sub make_new_child {
|
} elsif ($userinput =~ /^userload/) { |
} elsif ($userinput =~ /^userload/) { |
my $userloadpercent=&userload(); |
my $userloadpercent=&userload(); |
print $client "$userloadpercent\n"; |
print $client "$userloadpercent\n"; |
|
|
|
# |
|
# Transactions requiring encryption: |
|
# |
# ----------------------------------------------------------------- currentauth |
# ----------------------------------------------------------------- currentauth |
} elsif ($userinput =~ /^currentauth/) { |
} elsif ($userinput =~ /^currentauth/) { |
if ($wasenc==1) { |
if ($wasenc==1) { |
Line 697 sub make_new_child {
|
Line 740 sub make_new_child {
|
} else { |
} else { |
print $client "refused\n"; |
print $client "refused\n"; |
} |
} |
|
#--------------------------------------------------------------------- pushfile |
|
} elsif($userinput =~ /^pushfile/) { |
|
if($wasenc == 1) { |
|
my $cert = GetCertificate($userinput); |
|
if(ValidManager($cert)) { |
|
print $client "ok\n"; |
|
} else { |
|
print $client "refused\n"; |
|
} |
|
} else { |
|
print $client "refused\n"; |
|
} |
|
#--------------------------------------------------------------------- reinit |
|
} elsif($userinput =~ /^reinit/) { |
|
if ($wasenc == 1) { |
|
my $cert = GetCertificate($userinput); |
|
if(ValidManager($cert)) { |
|
print $client "ok\n"; |
|
} else { |
|
print $client "refused\n"; |
|
} |
|
} else { |
|
print $client "refused\n"; |
|
} |
# ------------------------------------------------------------------------ auth |
# ------------------------------------------------------------------------ auth |
} elsif ($userinput =~ /^auth/) { |
} elsif ($userinput =~ /^auth/) { |
if ($wasenc==1) { |
if ($wasenc==1) { |
Line 808 sub make_new_child {
|
Line 875 sub make_new_child {
|
my $salt=time; |
my $salt=time; |
$salt=substr($salt,6,2); |
$salt=substr($salt,6,2); |
my $ncpass=crypt($npass,$salt); |
my $ncpass=crypt($npass,$salt); |
{ my $pf = IO::File->new(">$passfilename"); |
{ |
print $pf "internal:$ncpass\n"; } |
my $pf; |
&logthis("Result of password change for $uname: pwchange_success"); |
if ($pf = IO::File->new(">$passfilename")) { |
print $client "ok\n"; |
print $pf "internal:$ncpass\n"; |
|
&logthis("Result of password change for $uname: pwchange_success"); |
|
print $client "ok\n"; |
|
} else { |
|
&logthis("Unable to open $uname passwd to change password"); |
|
print $client "non_authorized\n"; |
|
} |
|
} |
|
|
} else { |
} else { |
print $client "non_authorized\n"; |
print $client "non_authorized\n"; |
} |
} |
Line 2118 sub userload {
|
Line 2193 sub userload {
|
my $curtime=time; |
my $curtime=time; |
while ($filename=readdir(LONIDS)) { |
while ($filename=readdir(LONIDS)) { |
if ($filename eq '.' || $filename eq '..') {next;} |
if ($filename eq '.' || $filename eq '..') {next;} |
my ($atime)=(stat($perlvar{'lonIDsDir'}.'/'.$filename))[8]; |
my ($mtime)=(stat($perlvar{'lonIDsDir'}.'/'.$filename))[9]; |
if ($curtime-$atime < 3600) { $numusers++; } |
if ($curtime-$mtime < 3600) { $numusers++; } |
} |
} |
closedir(LONIDS); |
closedir(LONIDS); |
} |
} |