--- loncom/lonnet/perl/londns.pm	2013/02/02 00:22:47	1.2
+++ loncom/lonnet/perl/londns.pm	2018/07/30 14:39:51	1.6
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # A debugging harness.
-# $Id: londns.pm,v 1.2 2013/02/02 00:22:47 raeburn Exp $
+# $Id: londns.pm,v 1.6 2018/07/30 14:39:51 raeburn Exp $
 # Copyright Michigan State University Board of Trustees
@@ -31,30 +31,50 @@ package Apache::londns;
 use strict;
-use Apache::Constants qw(:common :http);
+use Apache::Constants qw(:common :http :remotehost);
 use Apache::lonnet;
 sub serve_file {
-    my ($r,$file,$type)=@_;
-    open(my $config,"<$Apache::lonnet::perlvar{'lonTabDir'}/$file");
-    my $file = join('',<$config>);
-    $r->content_type($type);
-    $r->send_http_header;
-    return OK if $r->header_only;
-    $r->print($file);
-    return OK;
+    my ($r,$dir,$file,$type)=@_;
+    if (($dir eq '') || ($file eq '')) {
+        return FORBIDDEN;
+    }
+    if (open(my $config,"<","$dir/$file")) {
+        my $contents = join('',<$config>);
+        $r->content_type($type);
+        $r->send_http_header;
+        return OK if $r->header_only;
+        $r->print($contents);
+        return OK;
+    } else {
+        return FORBIDDEN;
+    }
 sub handler {
     my ($r) = @_;
+    my $reqhost = $r->get_remote_host(REMOTE_NOLOOKUP);
+    my @hostids= &Apache::lonnet::get_hosts_from_ip($reqhost);
+    if (!@hostids && $reqhost ne '' ) {
+        $r->log_reason("Unable to find a host for ".
+                       $r->get_remote_host(REMOTE_NOLOOKUP));
+        return FORBIDDEN;
+    }
     my $command = (split('/',$r->uri))[3];
+    my $dir = $Apache::lonnet::perlvar{'lonTabDir'};
     if ($command eq 'hosts') {
-	return &serve_file($r,'dns_hosts.tab','loncapa/hosts');
+	return &serve_file($r,$dir,'dns_hosts.tab','loncapa/hosts');
     } elsif ($command eq 'domain') {
-	return &serve_file($r,'dns_domain.tab','loncapa/domain');
+	return &serve_file($r,$dir,'dns_domain.tab','loncapa/domain');
     } elsif ($command eq 'checksums') {
-        return &serve_file($r,'dns_checksums.tab','loncapa/versions');
+        my $version = (split('/',$r->uri))[4];
+        return &serve_file($r,$dir,"dns_checksums/$version.tab",'loncapa/versions');
+    } elsif ($command eq 'loncapaCRL') {
+        $dir = $Apache::lonnet::perlvar{'lonCertificateDirectory'};
+        return &serve_file($r,$dir,$Apache::lonnet::perlvar{'lonnetCertRevocationList'},
+                           'application/x-pem-file');
     return FORBIDDEN;