--- loncom/lonnet/perl/lonnet.pm 2018/07/18 13:45:03 1.1379
+++ loncom/lonnet/perl/lonnet.pm 2018/08/18 22:07:59 1.1383
@@ -1,7 +1,7 @@
# The LearningOnline Network
# TCP networking package
#
-# $Id: lonnet.pm,v 1.1379 2018/07/18 13:45:03 raeburn Exp $
+# $Id: lonnet.pm,v 1.1383 2018/08/18 22:07:59 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -230,7 +230,12 @@ sub get_server_distarch {
}
sub get_servercerts_info {
- my ($lonhost,$context) = @_;
+ my ($lonhost,$hostname,$context) = @_;
+ return if ($lonhost eq '');
+ if ($hostname eq '') {
+ $hostname = &hostname($lonhost);
+ }
+ return if ($hostname eq '');
my ($rep,$uselocal);
if (grep { $_ eq $lonhost } ¤t_machine_ids()) {
$uselocal = 1;
@@ -250,16 +255,11 @@ sub get_servercerts_info {
}
}
if ($uselocal) {
- $rep = LONCAPA::Lond::server_certs(\%perlvar);
+ $rep = LONCAPA::Lond::server_certs(\%perlvar,$lonhost,$hostname);
} else {
$rep=&reply('servercerts',$lonhost);
}
my ($result,%returnhash);
- if (defined($lonhost)) {
- if (!defined(&hostname($lonhost))) {
- return;
- }
- }
if (($rep=~/^(refused|rejected|error)/) || ($rep eq 'con_lost') ||
($rep eq 'unknown_cmd')) {
$result = $rep;
@@ -10041,12 +10041,25 @@ sub is_course {
my ($cdom, $cnum) = scalar(@_) == 1 ?
($_[0] =~ /^($match_domain)_($match_courseid)$/) : @_;
- return unless $cdom and $cnum;
-
- my %courses = &courseiddump($cdom, '.', 1, '.', '.', $cnum, undef, undef,
- '.');
-
- return unless(exists($courses{$cdom.'_'.$cnum}));
+ return unless (($cdom =~ /^$match_domain$/) && ($cnum =~ /^$match_courseid$/));
+ my $uhome=&homeserver($cnum,$cdom);
+ my $iscourse;
+ if (grep { $_ eq $uhome } current_machine_ids()) {
+ $iscourse = &LONCAPA::Lond::is_course($cdom,$cnum);
+ } else {
+ my $hashid = $cdom.':'.$cnum;
+ ($iscourse,my $cached) = &is_cached_new('iscourse',$hashid);
+ unless (defined($cached)) {
+ my %courses = &courseiddump($cdom, '.', 1, '.', '.',
+ $cnum,undef,undef,'.');
+ $iscourse = 0;
+ if (exists($courses{$cdom.'_'.$cnum})) {
+ $iscourse = 1;
+ }
+ &do_cache_new('iscourse',$hashid,$iscourse,3600);
+ }
+ }
+ return unless ($iscourse);
return wantarray ? ($cdom, $cnum) : $cdom.'_'.$cnum;
}
@@ -13629,7 +13642,7 @@ sub fetch_crl_pemfile {
sub save_crl_pem {
my ($response) = @_;
- my $msg;
+ my ($msg,$hadchanges);
if (ref($response)) {
my $now = time;
my $lonca = $perlvar{'lonCertificateDirectory'}.'/'.$perlvar{'lonnetCertificateAuthority'};
@@ -13644,11 +13657,43 @@ sub save_crl_pem {
chomp($check);
if ($check eq 'verify OK') {
my $dest = "$perlvar{'lonCertificateDirectory'}/$perlvar{'lonnetCertRevocationList'}";
+ my $backup;
if (-e $dest) {
- &File::Copy::move($dest,"$dest.bak");
+ if (&File::Copy::move($dest,"$dest.bak")) {
+ $backup = 'ok';
+ }
}
if (&File::Copy::move($tmpcrl,$dest)) {
$msg = 'ok';
+ if ($backup) {
+ my (%oldnums,%newnums);
+ if (open(PIPE, "openssl crl -inform PEM -text -noout -in $dest.bak |grep 'Serial Number' |")) {
+ while (<PIPE>) {
+ $oldnums{(split(/:/))[1]} = 1;
+ }
+ close(PIPE);
+ }
+ if (open(PIPE, "openssl crl -inform PEM -text -noout -in $dest |grep 'Serial Number' |")) {
+ while(<PIPE>) {
+ $newnums{(split(/:/))[1]} = 1;
+ }
+ close(PIPE);
+ }
+ foreach my $key (sort {$b <=> $a } (keys(%newnums))) {
+ unless (exists($oldnums{$key})) {
+ $hadchanges = 1;
+ last;
+ }
+ }
+ unless ($hadchanges) {
+ foreach my $key (sort {$b <=> $a } (keys(%oldnums))) {
+ unless (exists($newnums{$key})) {
+ $hadchanges = 1;
+ last;
+ }
+ }
+ }
+ }
}
} else {
unlink($tmpcrl);
@@ -13661,7 +13706,7 @@ sub save_crl_pem {
}
}
}
- return $msg;
+ return ($msg,$hadchanges);
}
# ------------------------------------------------------------ Read domain file