version 1.567, 2021/06/15 20:52:27
|
version 1.570, 2021/12/20 03:13:29
|
Line 239 my %trust = (
|
Line 239 my %trust = (
|
du2 => {remote => 1, enroll => 1}, |
du2 => {remote => 1, enroll => 1}, |
dump => {remote => 1, enroll => 1, domroles => 1}, |
dump => {remote => 1, enroll => 1, domroles => 1}, |
edit => {institutiononly => 1}, #not used currently |
edit => {institutiononly => 1}, #not used currently |
|
edump => {remote => 1, enroll => 1, domroles => 1}, |
eget => {remote => 1, domroles => 1, enroll => 1}, #not used currently |
eget => {remote => 1, domroles => 1, enroll => 1}, #not used currently |
egetdom => {remote => 1, domroles => 1, enroll => 1, }, |
egetdom => {remote => 1, domroles => 1, enroll => 1, }, |
ekey => {anywhere => 1}, |
ekey => {anywhere => 1}, |
Line 2035 sub read_lonnet_global {
|
Line 2036 sub read_lonnet_global {
|
} |
} |
if ($what eq 'perlvar') { |
if ($what eq 'perlvar') { |
if (!exists($packagevars{$what}{'lonBalancer'})) { |
if (!exists($packagevars{$what}{'lonBalancer'})) { |
if ($dist =~ /^(centos|rhes|fedora|scientific|oracle)/) { |
if ($dist =~ /^(centos|rhes|fedora|scientific|oracle|rocky|alma)/) { |
my $othervarref=LONCAPA::Configuration::read_conf('httpd.conf'); |
my $othervarref=LONCAPA::Configuration::read_conf('httpd.conf'); |
if (ref($othervarref) eq 'HASH') { |
if (ref($othervarref) eq 'HASH') { |
$items->{'lonBalancer'} = $othervarref->{'lonBalancer'}; |
$items->{'lonBalancer'} = $othervarref->{'lonBalancer'}; |
Line 3829 sub dump_with_regexp {
|
Line 3830 sub dump_with_regexp {
|
} |
} |
®ister_handler("dump", \&dump_with_regexp, 0, 1, 0); |
®ister_handler("dump", \&dump_with_regexp, 0, 1, 0); |
|
|
|
# |
|
# Process the encrypted dump request. Original call should |
|
# be from lonnet::dump() with seventh arg ($encrypt) set to |
|
# 1, to ensure that both request and response are encrypted. |
|
# |
|
# Parameters: |
|
# $cmd - Command keyword of request (edump). |
|
# $tail - Tail of the command. |
|
# See &dump_with_regexp for more |
|
# information about this. |
|
# $client - File open on the client. |
|
# Returns: |
|
# 1 - Continue processing |
|
# 0 - server should exit. |
|
# |
|
|
|
sub encrypted_dump_with_regexp { |
|
my ($cmd, $tail, $client) = @_; |
|
my $res = LONCAPA::Lond::dump_with_regexp($tail, $clientversion); |
|
|
|
if ($res =~ /^error:/) { |
|
Failure($client, \$res, "$cmd:$tail"); |
|
} else { |
|
if ($cipher) { |
|
my $cmdlength=length($res); |
|
$res.=" "; |
|
my $encres=''; |
|
for (my $encidx=0;$encidx<=$cmdlength;$encidx+=8) { |
|
$encres.= unpack("H16", |
|
$cipher->encrypt(substr($res, |
|
$encidx, |
|
8))); |
|
} |
|
&Reply( $client,"enc:$cmdlength:$encres\n","$cmd:$tail"); |
|
} else { |
|
&Failure( $client, "error:no_key\n","$cmd:$tail"); |
|
} |
|
} |
|
} |
|
®ister_handler("edump", \&encrypted_dump_with_regexp, 0, 1, 0); |
|
|
# Store a set of key=value pairs associated with a versioned name. |
# Store a set of key=value pairs associated with a versioned name. |
# |
# |
# Parameters: |
# Parameters: |
Line 5567 sub tmp_put_handler {
|
Line 5609 sub tmp_put_handler {
|
} |
} |
my ($id,$store); |
my ($id,$store); |
$tmpsnum++; |
$tmpsnum++; |
if (($context eq 'resetpw') || ($context eq 'createaccount')) { |
my $numtries = 0; |
$id = &md5_hex(&md5_hex(time.{}.rand().$$)); |
my $execdir=$perlvar{'lonDaemons'}; |
|
if (($context eq 'resetpw') || ($context eq 'createaccount') || |
|
($context eq 'sso') || ($context eq 'link') || ($context eq 'retry')) { |
|
$id = &md5_hex(&md5_hex(time.{}.rand().$$.$tmpsnum)); |
|
while ((-e "$execdir/tmp/$id.tmp") && ($numtries <10)) { |
|
undef($id); |
|
$id = &md5_hex(&md5_hex(time.{}.rand().$$.$tmpsnum)); |
|
$numtries ++; |
|
} |
} else { |
} else { |
$id = $$.'_'.$clientip.'_'.$tmpsnum; |
$id = $$.'_'.$clientip.'_'.$tmpsnum; |
} |
} |
$id=~s/\W/\_/g; |
$id=~s/\W/\_/g; |
$record=~s/\n//g; |
$record=~s/\n//g; |
my $execdir=$perlvar{'lonDaemons'}; |
if (($id ne '') && |
if ($store=IO::File->new(">$execdir/tmp/$id.tmp")) { |
($store=IO::File->new(">$execdir/tmp/$id.tmp"))) { |
print $store $record; |
print $store $record; |
close $store; |
close $store; |
&Reply($client, \$id, $userinput); |
&Reply($client, \$id, $userinput); |
Line 7752 sub make_new_child {
|
Line 7802 sub make_new_child {
|
&Authen::Krb5::init_context(); |
&Authen::Krb5::init_context(); |
|
|
my $no_ets; |
my $no_ets; |
if ($dist =~ /^(?:centos|rhes|scientific|oracle)(\d+)$/) { |
if ($dist =~ /^(?:centos|rhes|scientific|oracle|rocky|alma)(\d+)$/) { |
if ($1 >= 7) { |
if ($1 >= 7) { |
$no_ets = 1; |
$no_ets = 1; |
} |
} |
Line 7941 sub make_new_child {
|
Line 7991 sub make_new_child {
|
Debug("Main: Got $user_input\n"); |
Debug("Main: Got $user_input\n"); |
$keep_going = &process_request($user_input); |
$keep_going = &process_request($user_input); |
alarm(0); |
alarm(0); |
&status('Listening to '.$clientname." ($keymode)"); |
&status('Listening to '.$clientname." ($keymode)"); |
} |
} |
|
|
# --------------------------------------------- client unknown or fishy, refuse |
# --------------------------------------------- client unknown or fishy, refuse |
Line 7957 sub make_new_child {
|
Line 8007 sub make_new_child {
|
|
|
&logthis("<font color='red'>CRITICAL: " |
&logthis("<font color='red'>CRITICAL: " |
."Disconnect from $clientip ($clientname)</font>"); |
."Disconnect from $clientip ($clientname)</font>"); |
|
|
|
|
# this exit is VERY important, otherwise the child will become |
# this exit is VERY important, otherwise the child will become |
# a producer of more and more children, forking yourself into |
# a producer of more and more children, forking yourself into |
# process death. |
# process death. |