--- loncom/lonnet/perl/lonnet.pm	2010/10/01 14:26:24	1.1056.2.7
+++ loncom/lonnet/perl/lonnet.pm	2010/08/18 12:22:39	1.1056.4.7
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # TCP networking package
 #
-# $Id: lonnet.pm,v 1.1056.2.7 2010/10/01 14:26:24 raeburn Exp $
+# $Id: lonnet.pm,v 1.1056.4.7 2010/08/18 12:22:39 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -76,7 +76,7 @@ use HTTP::Date;
 use Image::Magick;
 
 use vars qw(%perlvar %spareid %pr %prp $memcache %packagetab $tmpdir
-            $_64bit %env %protocol);
+            $_64bit %env %protocol %loncaparevs %serverhomeIDs %needsrelease);
 
 my (%badServerCache, $memcache, %courselogs, %accesshash, %domainrolehash,
     %userrolehash, $processmarker, $dumpcount, %coursedombuf,
@@ -196,7 +196,7 @@ sub get_server_timezone {
 }
 
 sub get_server_loncaparev {
-    my ($dom,$lonhost) = @_;
+    my ($dom,$lonhost,$ignore_cache,$caller) = @_;
     if (defined($lonhost)) {
         if (!defined(&hostname($lonhost))) {
             undef($lonhost);
@@ -211,15 +211,74 @@ sub get_server_loncaparev {
         }
     }
     if (defined($lonhost)) {
-        my $cachetime = 24*3600;
-        my ($loncaparev,$cached)=&is_cached_new('serverloncaparev',$lonhost);
+        my $cachetime = 12*3600;
+        if (!$ignore_cache) {
+            my ($loncaparev,$cached)=&is_cached_new('serverloncaparev',$lonhost);
+            if (defined($cached)) {
+                return $loncaparev;
+            }
+        }
+        my ($answer,$loncaparev);
+        my @ids=&current_machine_ids();
+        if (grep(/^\Q$lonhost\E$/,@ids)) {
+            $answer = $perlvar{'lonVersion'};
+            if ($answer =~ /^[\'\"]?([\w.\-]+)[\'\"]?$/) {
+                $loncaparev = $1;
+            }
+        } else {
+            $answer = &reply('serverloncaparev',$lonhost);
+            if (($answer eq 'unknown_cmd') || ($answer eq 'con_lost')) {
+                if ($caller eq 'loncron') {
+                    my $ua=new LWP::UserAgent;
+                    $ua->timeout(20);
+                    my $protocol = $protocol{$lonhost};
+                    $protocol = 'http' if ($protocol ne 'https');
+                    my $url = $protocol.'://'.&hostname($lonhost).'/adm/about.html';
+                    my $request=new HTTP::Request('GET',$url);
+                    my $response=$ua->request($request);
+                    unless ($response->is_error()) {
+                        my $content = $response->content;
+                        if ($content =~ /<p>VERSION\:\s*([\w.\-]+)<\/p>/) {
+                            $loncaparev = $1;
+                        }
+                    }
+                } else {
+                    $loncaparev = $loncaparevs{$lonhost};
+                }
+            } elsif ($answer =~ /^[\'\"]?([\w.\-]+)[\'\"]?$/) {
+                $loncaparev = $1;
+            }
+        }
+        return &do_cache_new('serverloncaparev',$lonhost,$loncaparev,$cachetime);
+    }
+}
+
+sub get_server_homeID {
+    my ($hostname,$ignore_cache,$caller) = @_;
+    unless ($ignore_cache) {
+        my ($serverhomeID,$cached)=&is_cached_new('serverhomeID',$hostname);
         if (defined($cached)) {
-            return $loncaparev;
-        } else {
-            my $loncaparev = &reply('serverloncaparev',$lonhost);
-            return &do_cache_new('serverloncaparev',$lonhost,$loncaparev,$cachetime);
+            return $serverhomeID;
         }
     }
+    my $cachetime = 12*3600;
+    my $serverhomeID;
+    if ($caller eq 'loncron') {
+        my @machine_ids = &machine_ids($hostname);
+        foreach my $id (@machine_ids) {
+            my $response = &reply('serverhomeID',$id);
+            unless (($response eq 'unknown_cmd') || ($response eq 'con_lost')) {
+                $serverhomeID = $response;
+                last;
+            }
+        }
+        if ($serverhomeID eq '') {
+            $serverhomeID = $machine_ids[-1];
+        }
+    } else {
+        $serverhomeID = $serverhomeIDs{$hostname};
+    }
+    return &do_cache_new('serverhomeID',$hostname,$serverhomeID,$cachetime);
 }
 
 # -------------------------------------------------- Non-critical communication
@@ -734,7 +793,7 @@ sub compare_server_load {
     my $userloadans = &reply('userload',$try_server);
 
     if ($loadans !~ /\d/ && $userloadans !~ /\d/) {
-	next; #didn't get a number from the server
+        return; #didn't get a number from the server
     }
 
     my $load;
@@ -777,6 +836,27 @@ sub has_user_session {
     return 0;
 }
 
+# --------- determine least loaded server in a user's domain which allows login
+
+sub choose_server {
+    my ($udom) = @_;
+    my %domconfhash = &Apache::loncommon::get_domainconf($udom);
+    my %servers = &get_servers($udom);
+    my $lowest_load = 30000;
+    my ($login_host,$hostname);
+    foreach my $lonhost (keys(%servers)) {
+        my $loginvia = $domconfhash{$udom.'.login.loginvia_'.$lonhost};
+        if ($loginvia eq '') {
+            ($login_host, $lowest_load) =
+            &compare_server_load($lonhost, $login_host, $lowest_load);
+        }
+    }
+    if ($login_host ne '') {
+        $hostname = $servers{$login_host};
+    }
+    return ($login_host,$hostname);
+}
+
 # --------------------------------------------- Try to change a user's password
 
 sub changepass {
@@ -835,7 +915,7 @@ sub queryauthenticate {
 # --------- Try to authenticate user from domain's lib servers (first this one)
 
 sub authenticate {
-    my ($uname,$upass,$udom,$checkdefauth)=@_;
+    my ($uname,$upass,$udom,$checkdefauth,$clientcancheckhost)=@_;
     $upass=&escape($upass);
     $uname= &LONCAPA::clean_username($uname);
     my $uhome=&homeserver($uname,$udom,1);
@@ -858,7 +938,7 @@ sub authenticate {
 	    return 'no_host';
         }
     }
-    my $answer=reply("encrypt:auth:$udom:$uname:$upass:$checkdefauth",$uhome);
+    my $answer=reply("encrypt:auth:$udom:$uname:$upass:$checkdefauth:$clientcancheckhost",$uhome);
     if ($answer eq 'authorized') {
         if ($newhome) {
             &logthis("User $uname at $udom authorized by $uhome, but needs account");
@@ -876,6 +956,64 @@ sub authenticate {
     return 'no_host';
 }
 
+sub can_host_session {
+    my ($udom,$lonhost,$remoterev,$remotesessions,$hostedsessions) = @_;
+    my $canhost = 1;
+    my $host_idn = &Apache::lonnet::internet_dom($lonhost);
+    if (ref($remotesessions) eq 'HASH') {
+        if (ref($remotesessions->{'excludedomain'}) eq 'ARRAY') {
+            if (grep(/^\Q$host_idn\E$/,@{$remotesessions->{'excludedomain'}})) {
+                $canhost = 0;
+            } else {
+                $canhost = 1;
+            }
+        }
+        if (ref($remotesessions->{'includedomain'}) eq 'ARRAY') {
+            if (grep(/^\Q$host_idn\E$/,@{$remotesessions->{'includedomain'}})) {
+                $canhost = 1;
+            } else {
+                $canhost = 0;
+            }
+        }
+        if ($canhost) {
+            if ($remotesessions->{'version'} ne '') {
+                my ($reqmajor,$reqminor) = ($remotesessions->{'version'} =~ /^(\d+)\.(\d+)$/);
+                if ($reqmajor ne '' && $reqminor ne '') {
+                    if ($remoterev =~ /^\'?(\d+)\.(\d+)/) {
+                        my $major = $1;
+                        my $minor = $2;
+                        if (($major < $reqmajor ) ||
+                            (($major == $reqmajor) && ($minor < $reqminor))) {
+                            $canhost = 0;
+                        }
+                    } else {
+                        $canhost = 0;
+                    }
+                }
+            }
+        }
+    }
+    if ($canhost) {
+        if (ref($hostedsessions) eq 'HASH') {
+            if (ref($hostedsessions->{'excludedomain'}) eq 'ARRAY') {
+                if (grep(/^\Q$udom\E$/,@{$hostedsessions->{'excludedomain'}})) {
+                    $canhost = 0;
+                } else {
+                    $canhost = 1;
+                }
+            }
+            if (ref($hostedsessions->{'includedomain'}) eq 'ARRAY') {
+                if (grep(/^\Q$udom\E$/,@{$hostedsessions->{'includedomain'}})) {
+                    $canhost = 1;
+                } else {
+                    $canhost = 0;
+                }
+            }
+        }
+    }
+    return $canhost;
+}
+
 # ---------------------- Find the homebase for a user from domain's lib servers
 
 my %homecache;
@@ -1352,7 +1490,7 @@ sub get_domain_defaults {
     my %domconfig =
          &Apache::lonnet::get_dom('configuration',['defaults','quotas',
                                   'requestcourses','inststatus',
-                                  'coursedefaults'],$domain);
+                                  'coursedefaults','usersessions'],$domain);
     if (ref($domconfig{'defaults'}) eq 'HASH') {
         $domdefaults{'lang_def'} = $domconfig{'defaults'}{'lang_def'}; 
         $domdefaults{'auth_def'} = $domconfig{'defaults'}{'auth_def'};
@@ -1392,6 +1530,14 @@ sub get_domain_defaults {
             $domdefaults{$item} = $domconfig{'coursedefaults'}{$item};
         }
     }
+    if (ref($domconfig{'usersessions'}) eq 'HASH') {
+        if (ref($domconfig{'usersessions'}{'remote'}) eq 'HASH') {
+            $domdefaults{'remotesessions'} = $domconfig{'usersessions'}{'remote'};
+        }
+        if (ref($domconfig{'usersessions'}{'hosted'}) eq 'HASH') {
+            $domdefaults{'hostedsessions'} = $domconfig{'usersessions'}{'hosted'};
+        }
+    }
     &Apache::lonnet::do_cache_new('domdefaults',$domain,\%domdefaults,
                                   $cachetime);
     return %domdefaults;
@@ -3867,6 +4013,44 @@ sub coursedescription {
     return %returnhash;
 }
 
+sub update_released_required {
+    my ($needsrelease,$cdom,$cnum,$chome,$cid) = @_;
+    if ($cdom eq '' || $cnum eq '' || $chome eq '' || $cid eq '') {
+        $cid = $env{'request.course.id'};
+        $cdom = $env{'course.'.$cid.'.domain'};
+        $cnum = $env{'course.'.$cid.'.num'};
+        $chome = $env{'course.'.$cid.'.home'};
+    }
+    if ($needsrelease) {
+        my %curr_reqd_hash = &userenvironment($cdom,$cnum,'internal.releaserequired');
+        my $needsupdate;
+        if ($curr_reqd_hash{'internal.releaserequired'} eq '') {
+            $needsupdate = 1;
+        } else {
+            my ($currmajor,$currminor) = split(/\./,$curr_reqd_hash{'internal.releaserequired'});
+            my ($needsmajor,$needsminor) = split(/\./,$needsrelease);
+            if (($currmajor < $needsmajor) || ($currmajor == $needsmajor && $currminor < $needsminor)) {
+                $needsupdate = 1;
+            }
+        }
+        if ($needsupdate) {
+            my %needshash = (
+                             'internal.releaserequired' => $needsrelease,
+                            );
+            my $putresult = &put('environment',\%needshash,$cdom,$cnum);
+            if ($putresult eq 'ok') {
+                &appenv({'course.'.$cid.'.internal.releaserequired' => $needsrelease});
+                my %crsinfo = &courseiddump($cdom,'.',1,'.','.',$cnum,undef,undef,'.');
+                if (ref($crsinfo{$cid}) eq 'HASH') {
+                    $crsinfo{$cid}{'releaserequired'} = $needsrelease;
+                    &courseidput($cdom,\%crsinfo,$chome,'notime');
+                }
+            }
+        }
+    }
+    return;
+}
+
 # -------------------------------------------------See if a user is privileged
 
 sub privileged {
@@ -3906,9 +4090,10 @@ sub rolesinit {
     my ($domain,$username,$authhost)=@_;
     my $now=time;
     my %userroles = ('user.login.time' => $now);
-    my $rolesdump=reply("dump:$domain:$username:roles",$authhost);
+    my $extra = &freeze_escape({'clientcheckrole' => 1});
+    my $rolesdump=reply("dump:$domain:$username:roles:.::$extra",$authhost);
     if (($rolesdump eq 'con_lost') || ($rolesdump eq '') || 
-        ($rolesdump =~ /^error:/)) { 
+        ($rolesdump =~ /^error:/)) {
         return \%userroles;
     }
     my %allroles=();
@@ -4057,7 +4242,7 @@ sub set_userprivs {
                         foreach my $group (keys(%{$$allgroups{$area}})) {
                             my $spec = $trole.'.'.$extendedarea;
                             $grouproles{$spec.'.'.$area.'/'.$group} = 
-                                                  $$allgroups{$area}{$group};
+                                                $$allgroups{$area}{$group};
                         }
                     }
                 }
@@ -6580,7 +6765,7 @@ sub modifyuser {
     }
     &logthis('Call to modify user '.$udom.', '.$uname.', '.$uid.', '.
              $umode.', '.$first.', '.$middle.', '.
-	     $last.', '.$gene.'(forceid: '.$forceid.'; candelete: '.$showcandelete.')'.
+             $last.', '.$gene.'(forceid: '.$forceid.'; candelete: '.$showcandelete.')'.
              (defined($desiredhome) ? ' desiredhome = '.$desiredhome :
                                      ' desiredhome not specified'). 
              ' by '.$env{'user.name'}.' at '.$env{'user.domain'}.
@@ -6652,8 +6837,9 @@ sub modifyuser {
 #
 # If name, email and/or uid are blank (e.g., because an uploaded file
 # of users did not contain them), do not overwrite existing values
-# unless field is in $candelete array ref.
+# unless field is in $candelete array ref.  
 #
+
     my @fields = ('firstname','middlename','lastname','generation',
                   'permanentemail','id');
     my %newvalues;
@@ -6666,7 +6852,7 @@ sub modifyuser {
                     $names{$field} = $middle;
                 } elsif ($field eq 'lastname') {
                     $names{$field} = $last;
-                } elsif ($field eq 'generation') {
+                } elsif ($field eq 'generation') { 
                     $names{$field} = $gene;
                 } elsif ($field eq 'permanentemail') {
                     $names{$field} = $email;
@@ -6676,7 +6862,6 @@ sub modifyuser {
             }
         }
     }
-
     if ($first)  { $names{'firstname'}  = $first; }
     if (defined($middle)) { $names{'middlename'} = $middle; }
     if ($last)   { $names{'lastname'}   = $last; }
@@ -6703,7 +6888,7 @@ sub modifyuser {
     }
     my $logmsg = $udom.', '.$uname.', '.$uid.', '.
                  $umode.', '.$first.', '.$middle.', '.
-	         $last.', '.$gene.', '.$email.', '.$inststatus;
+                 $last.', '.$gene.', '.$email.', '.$inststatus;
     if ($env{'user.name'} ne '' && $env{'user.domain'}) {
         $logmsg .= ' by '.$env{'user.name'}.' at '.$env{'user.domain'};
     } else {
@@ -6729,9 +6914,6 @@ sub modifyuser {
     if ($reply ne 'ok') {
         return 'error: '.$reply;
     }
-    if ($names{'permanentemail'} ne $oldnames{'permanentemail'}) {
-        &Apache::lonnet::devalidate_cache_new('emailscache',$uname.':'.$udom);
-    }
     my $sqlresult = &update_allusers_table($uname,$udom,\%names);
     &devalidate_cache_new('namescache',$uname.':'.$udom);
     $logmsg = 'Success modifying user '.$logmsg;
@@ -8406,7 +8588,6 @@ sub metadata {
 			    }
 			}
 		    } else { 
-			
 			if (defined($token->[2]->{'name'})) { 
 			    $unikey.='_'.$token->[2]->{'name'}; 
 			}
@@ -9756,6 +9937,7 @@ sub get_dns {
     my %libserv;
     my $loaded;
     my %name_to_host;
+    my %internetdom;
 
     sub parse_hosts_tab {
 	my ($file) = @_;
@@ -9763,7 +9945,7 @@ sub get_dns {
 	    next if ($configline =~ /^(\#|\s*$ )/x);
 	    next if ($configline =~ /^\^/);
 	    chomp($configline);
-	    my ($id,$domain,$role,$name,$protocol)=split(/:/,$configline);
+	    my ($id,$domain,$role,$name,$protocol,$intdom)=split(/:/,$configline);
 	    $name=~s/\s//g;
 	    if ($id && $domain && $role && $name) {
 		$hostname{$id}=$name;
@@ -9779,6 +9961,9 @@ sub get_dns {
                 } else {
                     $protocol{$id} = 'http';
                 }
+                if (defined($intdom)) {
+                    $internetdom{$id} = $intdom;
+                }
 	    }
 	}
     }
@@ -9840,6 +10025,12 @@ sub get_dns {
 	return %libserv;
     }
 
+    sub unique_library {
+        #2x reverse removes all hostnames that appear more than once
+        my %unique = reverse &all_library();
+        return reverse %unique;
+    }
+
     sub get_servers {
 	&load_hosts_tab() if (!$loaded);
 
@@ -9863,6 +10054,11 @@ sub get_dns {
 	return %result;
     }
 
+    sub get_unique_servers {
+        my %unique = reverse &get_servers(@_);
+        return reverse %unique;
+    }
+
     sub host_domain {
 	&load_hosts_tab() if (!$loaded);
 
@@ -9877,6 +10073,13 @@ sub get_dns {
 	my @uniq = grep(!$seen{$_}++, values(%hostdom));
 	return @uniq;
     }
+
+    sub internet_dom {
+        &load_hosts_tab() if (!$loaded);
+
+        my ($lonid) = @_;
+        return $internetdom{$lonid};
+    }
 }
 
 { 
@@ -9994,6 +10197,40 @@ sub get_dns {
         return undef;
     }
 
+    sub get_internet_names {
+        my ($lonid) = @_;
+        return if ($lonid eq '');
+        my ($idnref,$cached)=
+            &Apache::lonnet::is_cached_new('internetnames',$lonid);
+        if ($cached) {
+            return $idnref;
+        }
+        my $ip = &get_host_ip($lonid);
+        my @hosts = &get_hosts_from_ip($ip);
+        my %iphost = &get_iphost();
+        my (@idns,%seen);
+        foreach my $id (@hosts) {
+            my $dom = &host_domain($id);
+            my $prim_id = &domain($dom,'primary');
+            my $prim_ip = &get_host_ip($prim_id);
+            next if ($seen{$prim_ip});
+            if (ref($iphost{$prim_ip}) eq 'ARRAY') {
+                foreach my $id (@{$iphost{$prim_ip}}) {
+                    my $intdom = &internet_dom($id);
+                    unless (grep(/^\Q$intdom\E$/,@idns)) {
+                        push(@idns,$intdom);
+                    }
+                }
+            }
+            $seen{$prim_ip} = 1;
+        }
+        return &Apache::lonnet::do_cache_new('internetnames',$lonid,\@idns,12*60*60);
+    }
+
+}
+
+sub all_loncaparevs {
+    return qw(1.1 1.2 1.3 2.0 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9 2.10);
 }
 
 BEGIN {
@@ -10071,6 +10308,53 @@ BEGIN {
     close($config);
 }
 
+# ---------------------------------------------------------- Read loncaparev table
+{
+    if (-e "$perlvar{'lonTabDir'}/loncaparevs.tab") {
+        if (open(my $config,"<$perlvar{'lonTabDir'}/loncaparevs.tab")) {
+            while (my $configline=<$config>) {
+                chomp($configline);
+                my ($hostid,$loncaparev)=split(/:/,$configline);
+                $loncaparevs{$hostid}=$loncaparev;
+            }
+            close($config);
+        }
+    }
+}
+
+# ---------------------------------------------------------- Read serverhostID table
+{
+    if (-e "$perlvar{'lonTabDir'}/serverhomeIDs.tab") {
+        if (open(my $config,"<$perlvar{'lonTabDir'}/serverhomeIDs.tab")) {
+            while (my $configline=<$config>) {
+                chomp($configline);
+                my ($name,$id)=split(/:/,$configline);
+                $serverhomeIDs{$name}=$id;
+            }
+            close($config);
+        }
+    }
+}
+
+{
+    my $file = $Apache::lonnet::perlvar{'lonTabDir'}.'/releaseslist.xml';
+    if (-e $file) {
+        my $parser = HTML::LCParser->new($file);
+        while (my $token = $parser->get_token()) {
+            if ($token->[0] eq 'S') {
+                my $item = $token->[1];
+                my $name = $token->[2]{'name'};
+                my $value = $token->[2]{'value'};
+                if ($item ne '' && $name ne '' && $value ne '') {
+                    my $release = $parser->get_text();
+                    $release =~ s/(^\s*|\s*$ )//gx;
+                    $needsrelease{$item.':'.$name.':'.$value} = $release;
+                }
+            }
+        }
+    }
+}
+
 # ------------- set up temporary directory
 {
     $tmpdir = $perlvar{'lonDaemons'}.'/tmp/';
@@ -10301,9 +10585,14 @@ authentication scheme
 
 =item *
 X<authenticate()>
-B<authenticate($uname,$upass,$udom)>: try to
+B<authenticate($uname,$upass,$udom,$checkdefauth,$clientcancheckhost)>: try to
 authenticate user from domain's lib servers (first use the current
 one). C<$upass> should be the users password.
+$checkdefauth is optional (value is 1 if a check should be made to
+   authenticate user using default authentication method, and allow
+   account creation if username does not have account in the domain).
+$clientcancheckhost is optional (value is 1 if checking whether the
+   server can host will occur on the client side in lonauth.pm).
 
 =item *
 X<homeserver()>
@@ -10431,7 +10720,7 @@ modifyuser($udom,$uname,$uid,$umode,$upa
 will update user information (firstname,middlename,lastname,generation,
 permanentemail), and if forceid is true, student/employee ID also.
 A user's institutional affiliation(s) can also be updated.
-User information fields will not be overwritten with empty entries
+User information fields will not be overwritten with empty entries 
 unless the field is included in the $candelete array reference.
 This array is included when a single user is modified via "Manage Users",
 or when Autoupdate.pl is run by cron in a domain.