--- loncom/lond 2001/05/11 19:31:25 1.47
+++ loncom/lond 2001/11/16 06:19:33 1.55
@@ -15,8 +15,12 @@
# 03/15 Scott Harrison
# 03/24 Gerd Kortemeyer
# 04/02 Scott Harrison
-# 05/11 Gerd Kortemeyer
+# 05/11,05/28,08/30 Gerd Kortemeyer
+# 9/30,10/22,11/13,11/15 Scott Harrison
#
+# $Id: lond,v 1.55 2001/11/16 06:19:33 harris41 Exp $
+###
+
# based on "Perl Cookbook" ISBN 1-56592-243-3
# preforker - server who forks first
# runs as a daemon
@@ -32,6 +36,8 @@ use Crypt::IDEA;
use LWP::UserAgent();
use GDBM_File;
use Authen::Krb4;
+use lib '/home/httpd/lib/perl/';
+use localauth;
# grabs exception and records it to log before exiting
sub catchexception {
@@ -364,7 +370,8 @@ sub make_new_child {
my $clientip=inet_ntoa($iaddr);
my $clientrec=($hostid{$clientip} ne undef);
&logthis(
-"INFO: Connect from $clientip ($hostid{$clientip})");
+"INFO: Connection $i, $clientip ($hostid{$clientip})"
+ );
my $clientok;
if ($clientrec) {
my $remotereq=<$client>;
@@ -449,6 +456,28 @@ sub make_new_child {
$loadavg =~ s/\s.*//g;
my $loadpercent=100*$loadavg/$perlvar{'lonLoadLim'};
print $client "$loadpercent\n";
+# ----------------------------------------------------------------- currentauth
+ } elsif ($userinput =~ /^currentauth/) {
+ if ($wasenc==1) {
+ my ($cmd,$udom,$uname)=split(/:/,$userinput);
+ my $proname=propath($udom,$uname);
+ my $passfilename="$proname/passwd";
+ if (-e $passfilename) {
+ my $pf = IO::File->new($passfilename);
+ my $realpasswd=<$pf>;
+ chomp($realpasswd);
+ my ($howpwd,$contentpwd)=split(/:/,$realpasswd);
+ my $availablecontent='';
+ if ($howpwd eq 'krb4') {
+ $availablecontent=$contentpwd;
+ }
+ print $client "$howpwd:$availablecontent\n";
+ } else {
+ print $client "unknown_user\n";
+ }
+ } else {
+ print $client "refused\n";
+ }
# ------------------------------------------------------------------------ auth
} elsif ($userinput =~ /^auth/) {
if ($wasenc==1) {
@@ -468,14 +497,27 @@ sub make_new_child {
(crypt($upass,$contentpwd) eq $contentpwd);
} elsif ($howpwd eq 'unix') {
$contentpwd=(getpwnam($uname))[1];
- $pwdcorrect=
- (crypt($upass,$contentpwd) eq $contentpwd);
+ my $pwauth_path="/usr/local/sbin/pwauth";
+ unless ($contentpwd eq 'x') {
+ $pwdcorrect=
+ (crypt($upass,$contentpwd) eq $contentpwd);
+ }
+ elsif (-e $pwauth_path) {
+ open PWAUTH, "|$pwauth_path" or
+ die "Cannot invoke authentication";
+ print PWAUTH "$uname\n$upass\n";
+ close PWAUTH;
+ $pwdcorrect=!$?;
+ }
} elsif ($howpwd eq 'krb4') {
$pwdcorrect=(
Authen::Krb4::get_pw_in_tkt($uname,"",
$contentpwd,'krbtgt',$contentpwd,1,
$upass) == 0);
- }
+ } elsif ($howpwd eq 'localauth') {
+ $pwdcorrect=&localauth::localauth($uname,$upass,
+ $contentpwd);
+ }
if ($pwdcorrect) {
print $client "authorized\n";
} else {
@@ -562,9 +604,29 @@ sub make_new_child {
{
my $pf = IO::File->new(">$passfilename");
print $pf "internal:$ncpass\n";
- }
+ }
print $client "ok\n";
- } elsif ($umode eq 'none') {
+ } elsif ($umode eq 'localauth') {
+ {
+ my $pf = IO::File->new(">$passfilename");
+ print $pf "localauth:$npass\n";
+ }
+ print $client "ok\n";
+ } elsif ($umode eq 'unix') {
+ {
+ my $execpath="$perlvar{'lonDaemons'}/".
+ "lcuseradd";
+ {
+ my $se = IO::File->new("|$execpath");
+ print $se "$uname\n";
+ print $se "$npass\n";
+ print $se "$npass\n";
+ }
+ my $pf = IO::File->new(">$passfilename");
+ print $pf "unix:\n";
+ }
+ print $client "ok\n";
+ } elsif ($umode eq 'none') {
{
my $pf = IO::File->new(">$passfilename");
print $pf "none:\n";
@@ -580,6 +642,66 @@ sub make_new_child {
} else {
print $client "refused\n";
}
+# -------------------------------------------------------------- changeuserauth
+ } elsif ($userinput =~ /^changeuserauth/) {
+ if ($wasenc==1) {
+ my
+ ($cmd,$udom,$uname,$umode,$npass)=split(/:/,$userinput);
+ chomp($npass);
+ $npass=&unescape($npass);
+ my $proname=propath($udom,$uname);
+ my $passfilename="$proname/passwd";
+ if ($udom ne $perlvar{'lonDefDomain'}) {
+ print $client "not_right_domain\n";
+ } else {
+ if ($umode eq 'krb4') {
+ {
+ my $pf = IO::File->new(">$passfilename");
+ print $pf "krb4:$npass\n";
+ }
+ print $client "ok\n";
+ } elsif ($umode eq 'internal') {
+ my $salt=time;
+ $salt=substr($salt,6,2);
+ my $ncpass=crypt($npass,$salt);
+ {
+ my $pf = IO::File->new(">$passfilename");
+ print $pf "internal:$ncpass\n";
+ }
+ print $client "ok\n";
+ } elsif ($umode eq 'localauth') {
+ {
+ my $pf = IO::File->new(">$passfilename");
+ print $pf "localauth:$npass\n";
+ }
+ print $client "ok\n";
+ } elsif ($umode eq 'unix') {
+ {
+ my $execpath="$perlvar{'lonDaemons'}/".
+ "lcuseradd";
+ {
+ my $se = IO::File->new("|$execpath");
+ print $se "$uname\n";
+ print $se "$npass\n";
+ print $se "$npass\n";
+ }
+ my $pf = IO::File->new(">$passfilename");
+ print $pf "unix:\n";
+ }
+ print $client "ok\n";
+ } elsif ($umode eq 'none') {
+ {
+ my $pf = IO::File->new(">$passfilename");
+ print $pf "none:\n";
+ }
+ print $client "ok\n";
+ } else {
+ print $client "auth_mode_error\n";
+ }
+ }
+ } else {
+ print $client "refused\n";
+ }
# ------------------------------------------------------------------------ home
} elsif ($userinput =~ /^home/) {
my ($cmd,$udom,$uname)=split(/:/,$userinput);
@@ -709,7 +831,7 @@ sub make_new_child {
chomp($what);
my $proname=propath($udom,$uname);
my $now=time;
- {
+ unless ($namespace=~/^nohist\_/) {
my $hfh;
if (
$hfh=IO::File->new(">>$proname/$namespace.hist")
@@ -834,7 +956,7 @@ sub make_new_child {
chomp($what);
my $proname=propath($udom,$uname);
my $now=time;
- {
+ unless ($namespace=~/^nohist\_/) {
my $hfh;
if (
$hfh=IO::File->new(">>$proname/$namespace.hist")
@@ -905,7 +1027,7 @@ sub make_new_child {
chomp($what);
my $proname=propath($udom,$uname);
my $now=time;
- {
+ unless ($namespace=~/^nohist\_/) {
my $hfh;
if (
$hfh=IO::File->new(">>$proname/$namespace.hist")
@@ -1100,6 +1222,13 @@ sub make_new_child {
}
if ($ulsout eq '') { $ulsout='empty'; }
print $client "$ulsout\n";
+# ------------------------------------------------------------------ Hanging up
+ } elsif (($userinput =~ /^exit/) ||
+ ($userinput =~ /^init/)) {
+ &logthis(
+ "Client $clientip ($hostid{$clientip}) hanging up: $userinput");
+ print $client "bye\n";
+ last;
# ------------------------------------------------------------- unknown command
} else {
# unknown command