--- loncom/lond 2004/02/18 10:43:02 1.178.2.1 +++ loncom/lond 2004/02/23 10:25:52 1.178.2.2 @@ -2,7 +2,7 @@ # The LearningOnline Network # lond "LON Daemon" Server (port "LOND" 5663) # -# $Id: lond,v 1.178.2.1 2004/02/18 10:43:02 foxr Exp $ +# $Id: lond,v 1.178.2.2 2004/02/23 10:25:52 foxr Exp $ # # Copyright Michigan State University Board of Trustees # @@ -48,12 +48,12 @@ use localauth; use File::Copy; use LONCAPA::ConfigFileEdit; -my $DEBUG = 0; # Non zero to enable debug log entries. +my $DEBUG = 1; # Non zero to enable debug log entries. my $status=''; my $lastlog=''; -my $VERSION='$Revision: 1.178.2.1 $'; #' stupid emacs +my $VERSION='$Revision: 1.178.2.2 $'; #' stupid emacs my $remoteVERSION; my $currenthostid; my $currentdomainid; @@ -626,6 +626,7 @@ sub AuthenticateHandler { # upass - User's password. my ($udom,$uname,$upass)=split(/:/,$tail); + Debug(" Authenticate domain = $udom, user = $uname, password = $upass"); chomp($upass); $upass=unescape($upass); my $proname=propath($udom,$uname); @@ -634,6 +635,8 @@ sub AuthenticateHandler { # The user's 'personal' loncapa passworrd file describes how to authenticate: if (-e $passfilename) { + Debug("Located password file: $passfilename"); + my $pf = IO::File->new($passfilename); my $realpasswd=<$pf>; chomp($realpasswd); @@ -642,6 +645,7 @@ sub AuthenticateHandler { # # Authenticate against password stored in the internal file. # + Debug("Authenticating via $howpwd"); if ($howpwd eq 'internal') { &Debug("Internal auth"); $pwdcorrect= (crypt($upass,$contentpwd) eq $contentpwd); @@ -2453,7 +2457,9 @@ sub ProcessRequest { # Split off the request keyword from the rest of the stuff. my ($command, $tail) = split(/:/, $userinput, 2); - + + Debug("Command received: $command, encoded = $wasenc"); + # ------------------------------------------------------------- Normal commands @@ -2466,24 +2472,33 @@ sub ProcessRequest { my $Handler = $$DispatchInfo[0]; my $NeedEncode = $$DispatchInfo[1]; my $ClientTypes = $$DispatchInfo[2]; + Debug("Matched dispatch hash: mustencode: $NeedEncode ClientType $ClientTypes"); # Validate the request: my $ok = 1; - if($NeedEncode && (!$wasenc)) { - Reply($client, "refused\n", $userinput); - $ok = 0; + my $requesterprivs = 0; + if(isClient()) { + $requesterprivs |= $CLIENT_OK; } - if(isClient && (($ClientTypes & $CLIENT_OK) == 0)) { - Reply($client, "refused\n", $userinput); - $ok = 0; + if(isManager()) { + $requesterprivs |= $MANAGER_OK; } - if(isManager && (($ClientTypes & $MANAGER_OK) == 0)) { - Reply($client, "refused\n", $userinput); + if($NeedEncode && (!$wasenc)) { + Debug("Must encode but wasn't: $NeedEncode $wasenc"); $ok = 0; } + if(($ClientTypes & $requesterprivs) == 0) { + Debug("Client not privileged to do this operation"); + $ok = 0; + } + if($ok) { + Debug("Dispatching to handler $command $tail"); $KeepGoing = &$Handler($command, $tail, $client); + } else { + Debug("Refusing to dispatch because ok is false"); + Failure($client, "refused", $userinput); }