--- loncom/lonnet/perl/lonnet.pm 2020/10/06 20:02:55 1.1172.2.118.2.9
+++ loncom/lonnet/perl/lonnet.pm 2021/02/10 15:38:15 1.1172.2.118.2.17
@@ -1,7 +1,7 @@
# The LearningOnline Network
# TCP networking package
#
-# $Id: lonnet.pm,v 1.1172.2.118.2.9 2020/10/06 20:02:55 raeburn Exp $
+# $Id: lonnet.pm,v 1.1172.2.118.2.17 2021/02/10 15:38:15 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -125,12 +125,13 @@ our @EXPORT = qw(%env);
$logid ++;
my $now = time();
my $id=$now.'00000'.$$.'00000'.$logid;
+ my $ip = &get_requestor_ip();
my $logentry = {
$id => {
'exe_uname' => $env{'user.name'},
'exe_udom' => $env{'user.domain'},
'exe_time' => $now,
- 'exe_ip' => $ENV{'REMOTE_ADDR'},
+ 'exe_ip' => $ip,
'delflag' => $delflag,
'logentry' => $storehash,
'uname' => $uname,
@@ -1082,6 +1083,21 @@ sub check_for_balancer_cookie {
return ($otherserver,$cookie);
}
+sub updatebalcookie {
+ my ($cookie,$balancer,$lastentry)=@_;
+ if ($cookie =~ /^($match_domain)\_($match_username)\_[a-f0-9]{32}$/) {
+ my ($udom,$uname) = ($1,$2);
+ my $uprimary_id = &domain($udom,'primary');
+ my $uintdom = &internet_dom($uprimary_id);
+ my $intdom = &internet_dom($balancer);
+ my $serverhomedom = &host_domain($balancer);
+ if (($uintdom ne '') && ($uintdom eq $intdom)) {
+ return &reply('updatebalcookie:'.&escape($cookie).':'.&escape($lastentry),$balancer);
+ }
+ }
+ return;
+}
+
sub delbalcookie {
my ($cookie,$balancer) =@_;
if ($cookie =~ /^($match_domain)\_($match_username)\_[a-f0-9]{32}$/) {
@@ -1091,7 +1107,7 @@ sub delbalcookie {
my $intdom = &internet_dom($balancer);
my $serverhomedom = &host_domain($balancer);
if (($uintdom ne '') && ($uintdom eq $intdom)) {
- return &reply("delbalcookie:$cookie",$balancer);
+ return &reply('delbalcookie:'.&escape($cookie),$balancer);
}
}
}
@@ -1360,6 +1376,15 @@ sub spare_can_host {
$canhost = 0;
}
}
+ if ($canhost) {
+ if (ref($defdomdefaults{'offloadoth'}) eq 'HASH') {
+ if ($defdomdefaults{'offloadoth'}{$try_server}) {
+ unless (&shared_institution($udom,$try_server)) {
+ $canhost = 0;
+ }
+ }
+ }
+ }
if (($canhost) && ($uint_dom)) {
my @intdoms;
my $internet_names = &get_internet_names($try_server);
@@ -1578,7 +1603,7 @@ sub check_loadbalancing {
if ($domneedscache) {
&do_cache_new('loadbalancing',$domneedscache,$is_balancer,$cachetime);
}
- if ($is_balancer) {
+ if (($is_balancer) && ($caller ne 'switchserver')) {
my $lowest_load = 30000;
if (ref($offloadto) eq 'HASH') {
if (ref($offloadto->{'primary'}) eq 'ARRAY') {
@@ -1618,9 +1643,9 @@ sub check_loadbalancing {
}
}
}
- unless ($homeintdom) {
- undef($setcookie);
- }
+ }
+ if (($is_balancer) && (!$homeintdom)) {
+ undef($setcookie);
}
return ($is_balancer,$otherserver,$setcookie);
}
@@ -2409,6 +2434,9 @@ sub get_domain_defaults {
if (ref($domconfig{'usersessions'}{'offloadnow'}) eq 'HASH') {
$domdefaults{'offloadnow'} = $domconfig{'usersessions'}{'offloadnow'};
}
+ if (ref($domconfig{'usersessions'}{'offloadoth'}) eq 'HASH') {
+ $domdefaults{'offloadoth'} = $domconfig{'usersessions'}{'offloadoth'};
+ }
}
if (ref($domconfig{'selfenrollment'}) eq 'HASH') {
if (ref($domconfig{'selfenrollment'}{'admin'}) eq 'HASH') {
@@ -4718,7 +4746,11 @@ sub courseacclog {
if ($formitem =~ /^HWFILE(?:SIZE|TOOBIG)/) {
$what.=':'.$formitem.'='.$env{$key};
} elsif ($formitem !~ /^HWFILE(?:[^.]+)$/) {
- $what.=':'.$formitem.'='.$env{$key};
+ if ($formitem eq 'proctorpassword') {
+ $what.=':'.$formitem.'=' . '*' x length($env{$key});
+ } else {
+ $what.=':'.$formitem.'='.$env{$key};
+ }
}
}
}
@@ -5550,13 +5582,14 @@ sub checkout {
my ($symb,$tuname,$tudom,$tcrsid)=@_;
my $now=time;
my $lonhost=$perlvar{'lonHostID'};
+ my $ip = &get_requestor_ip();
my $infostr=&escape(
'CHECKOUTTOKEN&'.
$tuname.'&'.
$tudom.'&'.
$tcrsid.'&'.
$symb.'&'.
- $now.'&'.$ENV{'REMOTE_ADDR'});
+ $now.'&'.$ip);
my $token=&reply('tmpput:'.$infostr,$lonhost);
if ($token=~/^error\:/) {
&logthis("<font color=\"blue\">WARNING: ".
@@ -5570,7 +5603,7 @@ sub checkout {
my %infohash=('resource.0.outtoken' => $token,
'resource.0.checkouttime' => $now,
- 'resource.0.outremote' => $ENV{'REMOTE_ADDR'});
+ 'resource.0.outremote' => $ip);
unless (&cstore(\%infohash,$symb,$tcrsid,$tudom,$tuname) eq 'ok') {
return '';
@@ -5601,6 +5634,7 @@ sub checkin {
$lonhost=~tr/A-Z/a-z/;
my $dtoken=$ta.'_'.&hostname($lonhost).'_'.$tb;
$dtoken=~s/\W/\_/g;
+ my $ip = &get_requestor_ip();
my ($dummy,$tuname,$tudom,$tcrsid,$symb,$chtim,$rmaddr)=
split(/\&/,&unescape(&reply('tmpget:'.$dtoken,$lonhost)));
@@ -5617,7 +5651,7 @@ sub checkin {
my %infohash=('resource.0.intoken' => $token,
'resource.0.checkintime' => $now,
- 'resource.0.inremote' => $ENV{'REMOTE_ADDR'});
+ 'resource.0.inremote' => $ip);
unless (&cstore(\%infohash,$symb,$tcrsid,$tudom,$tuname) eq 'ok') {
return '';
@@ -5885,7 +5919,7 @@ sub tmpreset {
if (!$domain) { $domain=$env{'user.domain'}; }
if (!$stuname) { $stuname=$env{'user.name'}; }
if ($domain eq 'public' && $stuname eq 'public') {
- $stuname=$ENV{'REMOTE_ADDR'};
+ $stuname=&get_requestor_ip();
}
my $path=LONCAPA::tempdir();
my %hash;
@@ -5922,7 +5956,7 @@ sub tmpstore {
if (!$domain) { $domain=$env{'user.domain'}; }
if (!$stuname) { $stuname=$env{'user.name'}; }
if ($domain eq 'public' && $stuname eq 'public') {
- $stuname=$ENV{'REMOTE_ADDR'};
+ $stuname=&get_requestor_ip();
}
my $now=time;
my %hash;
@@ -5966,7 +6000,7 @@ sub tmprestore {
if (!$domain) { $domain=$env{'user.domain'}; }
if (!$stuname) { $stuname=$env{'user.name'}; }
if ($domain eq 'public' && $stuname eq 'public') {
- $stuname=$ENV{'REMOTE_ADDR'};
+ $stuname=&get_requestor_ip();
}
my %returnhash;
$namespace=~s/\//\_/g;
@@ -6022,7 +6056,7 @@ sub store {
}
if (!$home) { $home=$env{'user.home'}; }
- $$storehash{'ip'}=$ENV{'REMOTE_ADDR'};
+ $$storehash{'ip'}=&get_requestor_ip();
$$storehash{'host'}=$perlvar{'lonHostID'};
my $namevalue='';
@@ -6058,7 +6092,7 @@ sub cstore {
}
if (!$home) { $home=$env{'user.home'}; }
- $$storehash{'ip'}=$ENV{'REMOTE_ADDR'};
+ $$storehash{'ip'}=&get_requestor_ip();
$$storehash{'host'}=$perlvar{'lonHostID'};
my $namevalue='';
@@ -7050,7 +7084,8 @@ sub putstore {
foreach my $key (keys(%{$storehash})) {
$namevalue.=&escape($key).'='.&freeze_escape($storehash->{$key}).'&';
}
- $namevalue .= 'ip='.&escape($ENV{'REMOTE_ADDR'}).
+ my $ip = &get_requestor_ip();
+ $namevalue .= 'ip='.&escape($ip).
'&host='.&escape($perlvar{'lonHostID'}).
'&version='.$esc_v.
'&by='.&escape($env{'user.name'}.':'.$env{'user.domain'});
@@ -7848,7 +7883,7 @@ sub allowed {
if (defined($env{'allowed.'.$priv})) { return $env{'allowed.'.$priv}; }
# Free bre access to adm and meta resources
- if (((($uri=~/^adm\//) && ($uri !~ m{/(?:smppg|bulletinboard|ext\.tool)$}))
+ if (((($uri=~/^adm\//) && ($uri !~ m{/(?:smppg|bulletinboard|viewclasslist|aboutme|ext\.tool)$}))
|| (($uri=~/\.meta$/) && ($uri!~m|^uploaded/|) ))
&& ($priv eq 'bre')) {
return 'F';
@@ -8535,14 +8570,23 @@ sub get_commblock_resources {
if ($mapsymb) {
if (ref($navmap)) {
my $mapres = $navmap->getBySymb($mapsymb);
- @to_test = $mapres->retrieveResources($mapres,undef,0,0,0,1);
- foreach my $res (@to_test) {
- my $symb = $res->symb();
- next if ($symb eq $mapsymb);
- if ($symb ne '') {
- @interval=&EXT("resource.0.interval",$symb);
- if ($interval[1] eq 'map') {
- last;
+ if (ref($mapres)) {
+ my $first = $mapres->map_start();
+ my $finish = $mapres->map_finish();
+ my $it = $navmap->getIterator($first,$finish,undef,0,0);
+ if (ref($it)) {
+ my $res;
+ while ($res = $it->next(undef,1)) {
+ next unless (ref($res));
+ my $symb = $res->symb();
+ next if (($symb eq $mapsymb) || ($symb eq ''));
+ @interval=&EXT("resource.0.interval",$symb);
+ if ($interval[1] eq 'map') {
+ if ($res->answerable()) {
+ push(@to_test,$res);
+ last;
+ }
+ }
}
}
}
@@ -9966,13 +10010,14 @@ sub modifyuserauth {
' in domain '.$env{'request.role.domain'});
my $reply=&reply('encrypt:changeuserauth:'.$udom.':'.$uname.':'.$umode.':'.
&escape($upass),$uhome);
+ my $ip = &get_requestor_ip();
&log($env{'user.domain'},$env{'user.name'},$env{'user.home'},
'Authentication changed for '.$udom.', '.$uname.', '.$umode.
- '(Remote '.$ENV{'REMOTE_ADDR'}.'): '.$reply);
+ '(Remote '.$ip.'): '.$reply);
&log($udom,,$uname,$uhome,
'Authentication changed by '.$env{'user.domain'}.', '.
$env{'user.name'}.', '.$umode.
- '(Remote '.$ENV{'REMOTE_ADDR'}.'): '.$reply);
+ '(Remote '.$ip.'): '.$reply);
unless ($reply eq 'ok') {
&logthis('Authentication mode error: '.$reply);
return 'error: '.$reply;
@@ -10493,7 +10538,7 @@ sub store_userdata {
if (($uhome eq '') || ($uhome eq 'no_host')) {
$result = 'error: no_host';
} else {
- $storehash->{'ip'} = $ENV{'REMOTE_ADDR'};
+ $storehash->{'ip'} = &get_requestor_ip();
$storehash->{'host'} = $perlvar{'lonHostID'};
my $namevalue='';
@@ -11344,33 +11389,40 @@ sub resdata {
return undef;
}
-sub get_domain_ltitools {
- my ($cdom) = @_;
- my %ltitools;
- my ($result,$cached)=&is_cached_new('ltitools',$cdom);
+sub get_domain_lti {
+ my ($cdom,$context) = @_;
+ my ($name,%lti);
+ if ($context eq 'consumer') {
+ $name = 'ltitools';
+ } elsif ($context eq 'provider') {
+ $name = 'lti';
+ } else {
+ return %lti;
+ }
+ my ($result,$cached)=&is_cached_new($name,$cdom);
if (defined($cached)) {
if (ref($result) eq 'HASH') {
- %ltitools = %{$result};
+ %lti = %{$result};
}
} else {
- my %domconfig = &get_dom('configuration',['ltitools'],$cdom);
- if (ref($domconfig{'ltitools'}) eq 'HASH') {
- %ltitools = %{$domconfig{'ltitools'}};
- my %encdomconfig = &get_dom('encconfig',['ltitools'],$cdom);
- if (ref($encdomconfig{'ltitools'}) eq 'HASH') {
- foreach my $id (keys(%ltitools)) {
- if (ref($encdomconfig{'ltitools'}{$id}) eq 'HASH') {
+ my %domconfig = &get_dom('configuration',[$name],$cdom);
+ if (ref($domconfig{$name}) eq 'HASH') {
+ %lti = %{$domconfig{$name}};
+ my %encdomconfig = &get_dom('encconfig',[$name],$cdom);
+ if (ref($encdomconfig{$name}) eq 'HASH') {
+ foreach my $id (keys(%lti)) {
+ if (ref($encdomconfig{$name}{$id}) eq 'HASH') {
foreach my $item ('key','secret') {
- $ltitools{$id}{$item} = $encdomconfig{'ltitools'}{$id}{$item};
+ $lti{$id}{$item} = $encdomconfig{$name}{$id}{$item};
}
}
}
}
}
my $cachetime = 24*60*60;
- &do_cache_new('ltitools',$cdom,\%ltitools,$cachetime);
+ &do_cache_new($name,$cdom,\%lti,$cachetime);
}
- return %ltitools;
+ return %lti;
}
sub get_numsuppfiles {
@@ -13396,9 +13448,12 @@ sub default_login_domain {
}
sub shared_institution {
- my ($dom) = @_;
+ my ($dom,$lonhost) = @_;
+ if ($lonhost eq '') {
+ $lonhost = $perlvar{'lonHostID'};
+ }
my $same_intdom;
- my $hostintdom = &internet_dom($perlvar{'lonHostID'});
+ my $hostintdom = &internet_dom($lonhost);
if ($hostintdom ne '') {
my %iphost = &get_iphost();
my $primary_id = &domain($dom,'primary');
@@ -13455,6 +13510,17 @@ sub uses_sts {
return;
}
+sub get_requestor_ip {
+ my ($r,$nolookup,$noproxy) = @_;
+ my $from_ip;
+ if (ref($r)) {
+ $from_ip = $r->get_remote_host($nolookup);
+ } else {
+ $from_ip = $ENV{'REMOTE_ADDR'};
+ }
+ return $from_ip;
+}
+
# ------------------------------------------------------------- Declutters URLs
sub declutter {