--- loncom/lond	2003/10/08 20:37:48	1.155
+++ loncom/lond	2003/10/13 08:49:54	1.156
@@ -2,7 +2,7 @@
 # The LearningOnline Network
 # lond "LON Daemon" Server (port "LOND" 5663)
 #
-# $Id: lond,v 1.155 2003/10/08 20:37:48 albertel Exp $
+# $Id: lond,v 1.156 2003/10/13 08:49:54 foxr Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -85,7 +85,7 @@ my $DEBUG = 0;		       # Non zero to ena
 my $status='';
 my $lastlog='';
 
-my $VERSION='$Revision: 1.155 $'; #' stupid emacs
+my $VERSION='$Revision: 1.156 $'; #' stupid emacs
 my $remoteVERSION;
 my $currenthostid;
 my $currentdomainid;
@@ -99,6 +99,7 @@ my $thisserver;
 my %hostid;
 my %hostdom;
 my %hostip;
+my %managers;			# If defined $managers{hostname} is a manager
 my %perlvar;			# Will have the apache conf defined perl vars.
 
 #
@@ -155,7 +156,37 @@ sub GetCertificate {
 
     return $clientip;
 }
+#
+#   ReadManagerTable: Reads in the current manager table. For now this is
+#                     done on each manager authentication because:
+#                     - These authentications are not frequent
+#                     - This allows dynamic changes to the manager table
+#                       without the need to signal to the lond.
+#
+
+sub ReadManagerTable {
+
+    #   Clean out the old table first..
+
+    foreach my $key (keys %managers) {
+	delete $managers{$key};
+    }
 
+    my $tablename = $perlvar{'lonTabDir'}."/managers.tab";
+    if (!open (MANAGERS, $tablename)) {
+	logthis('<font color="red">No manager table.  Nobody can manage!!</font>');
+	return;
+    }
+    while(my $host = <MANAGERS>) {
+	chomp($host);
+	if (!defined $hostip{$host}) {
+	    logthis('<font color="red"> manager '.$host.
+		    " not in hosts.tab, rejected as manager</font>");
+	} else {
+	    $managers{$host} = $hostip{$host}; # Whatever for now.
+	}
+    }
+}
 
 #
 #  ValidManager: Determines if a given certificate represents a valid manager.
@@ -167,14 +198,25 @@ sub GetCertificate {
 sub ValidManager {
     my $certificate = shift; 
 
-    my $hostentry   = $hostid{$certificate};
-    if ($hostentry ne undef) {
-	&logthis('<font color="yellow">Authenticating manager'.
-		 " $hostentry</font>");
-	return 1;
+    ReadManagerTable;
+
+    my $hostname   = $hostid{$certificate};
+
+
+    if ($hostname ne undef) {
+	if($managers{$hostname} ne undef) {
+	    &logthis('<font color="yellow">Authenticating manager'.
+		     " $hostname</font>");
+	    return 1;
+	} else {
+	    &logthis('<font color="red" failed manager authentication '.
+		     $hostname." is not a valid manager host</font>");
+	    return 0;
+	}
     } else {
 	&logthis('<font color="red"> Failed manager authentication '.
 		 "$certificate </font>");
+	return 0;
     }
 }
 #