Diff for /loncom/lond between versions 1.138 and 1.140

version 1.138, 2003/08/22 16:07:11 version 1.140, 2003/08/26 11:15:57
Line 87  my $currenthostid; Line 87  my $currenthostid;
 my $currentdomainid;  my $currentdomainid;
   
 my $client;  my $client;
   my $clientip;
   
 my $server;  my $server;
 my $thisserver;  my $thisserver;
   
Line 133  my @adderrors    = ("ok", Line 135  my @adderrors    = ("ok",
   
   
 #  #
   #   GetCertificate: Given a transaction that requires a certificate,
   #   this function will extract the certificate from the transaction
   #   request.  Note that at this point, the only concept of a certificate
   #   is the hostname to which we are connected.
   #
   #   Parameter:
   #      request   - The request sent by our client (this parameterization may
   #                  need to change when we really use a certificate granting
   #                  authority.
   #
   sub GetCertificate {
       my $request = shift;
   
       return $clientip;
   }
   
   
   #
   #  ValidManager: Determines if a given certificate represents a valid manager.
   #                in this primitive implementation, the 'certificate' is
   #                just the connecting loncapa client name.  This is checked
   #                against a valid client list in the configuration.
   #
   #                  
   sub ValidManager {
       my $certificate = shift; 
   
       my $hostentry   = $hostid{$certificate};
       if ($hostentry ne undef) {
    &logthis('<font color="yellow">Authenticating manager'.
    " $hostentry</font>");
    return 1;
       } else {
    &logthis('<font color="red"> Failed manager authentication '.
    "$certificate </font>");
       }
   }
   #
 #  Convert an error return code from lcpasswd to a string value.  #  Convert an error return code from lcpasswd to a string value.
 #  #
 sub lcpasswdstrerror {  sub lcpasswdstrerror {
Line 534  sub make_new_child { Line 574  sub make_new_child {
     sigprocmask(SIG_BLOCK, $sigset)      sigprocmask(SIG_BLOCK, $sigset)
         or die "Can't block SIGINT for fork: $!\n";          or die "Can't block SIGINT for fork: $!\n";
   
     my $clientip;  
     die "fork: $!" unless defined ($pid = fork);      die "fork: $!" unless defined ($pid = fork);
           
     if ($pid) {      if ($pid) {
Line 703  sub make_new_child { Line 742  sub make_new_child {
      }       }
 #--------------------------------------------------------------------- pushfile  #--------------------------------------------------------------------- pushfile
    } elsif($userinput =~ /^pushfile/) {      } elsif($userinput =~ /^pushfile/) { 
        print $client "ok\n";         if($wasenc == 1) {
      my $cert = GetCertificate($userinput);
      if(ValidManager($cert)) {
          print $client "ok\n";
      } else {
          print $client "refused\n";
      } 
          } else {
      print $client "refused\n";
          }
 #--------------------------------------------------------------------- reinit  #--------------------------------------------------------------------- reinit
    } elsif($userinput =~ /^reinit/) {     } elsif($userinput =~ /^reinit/) {
        print $client "ok\n";         if ($wasenc == 1) {
      my $cert = GetCertificate($userinput);
      if(ValidManager($cert)) {
          print $client "ok\n";
      } else {
          print $client "refused\n";
      }
          } else {
      print $client "refused\n";
          }
 # ------------------------------------------------------------------------ auth  # ------------------------------------------------------------------------ auth
                    } elsif ($userinput =~ /^auth/) {                     } elsif ($userinput =~ /^auth/) {
      if ($wasenc==1) {       if ($wasenc==1) {
Line 818  sub make_new_child { Line 875  sub make_new_child {
      my $salt=time;       my $salt=time;
                              $salt=substr($salt,6,2);                               $salt=substr($salt,6,2);
      my $ncpass=crypt($npass,$salt);       my $ncpass=crypt($npass,$salt);
                              { my $pf = IO::File->new(">$passfilename");                               {
           print $pf "internal:$ncpass\n"; }                my $pf;
      &logthis("Result of password change for $uname: pwchange_success");   if ($pf = IO::File->new(">$passfilename")) {
                              print $client "ok\n";       print $pf "internal:$ncpass\n";
        &logthis("Result of password change for $uname: pwchange_success");
        print $client "ok\n";
    } else {
        &logthis("Unable to open $uname passwd to change password");
        print $client "non_authorized\n";
    }
        }             
        
                            } else {                             } else {
                              print $client "non_authorized\n";                               print $client "non_authorized\n";
                            }                             }

Removed from v.1.138  
changed lines
  Added in v.1.140


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>