--- loncom/lonnet/perl/lonnet.pm	2008/08/13 08:17:57	1.964
+++ loncom/lonnet/perl/lonnet.pm	2008/10/08 21:14:11	1.970
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # TCP networking package
 #
-# $Id: lonnet.pm,v 1.964 2008/08/13 08:17:57 bisitz Exp $
+# $Id: lonnet.pm,v 1.970 2008/10/08 21:14:11 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -34,7 +34,7 @@ use LWP::UserAgent();
 use HTTP::Date;
 # use Date::Parse;
 use vars qw(%perlvar %spareid %pr %prp $memcache %packagetab $tmpdir
-            $_64bit %env);
+            $_64bit %env %protocol);
 
 my (%badServerCache, $memcache, %courselogs, %accesshash, %domainrolehash,
     %userrolehash, $processmarker, $dumpcount, %coursedombuf,
@@ -643,7 +643,11 @@ sub spareserver {
     }
 
     if (!$want_server_name) {
-	$spare_server="http://".&hostname($spare_server);
+        my $protocol = 'http';
+        if ($protocol{$spare_server} eq 'https') {
+            $protocol = $protocol{$spare_server};
+        }
+	$spare_server = $protocol.'://'.&hostname($spare_server);
     }
     return $spare_server;
 }
@@ -3561,12 +3565,13 @@ sub privileged {
 
 sub rolesinit {
     my ($domain,$username,$authhost)=@_;
+    my %userroles;
     my $rolesdump=reply("dump:$domain:$username:roles",$authhost);
-    if (($rolesdump eq 'con_lost') || ($rolesdump eq '')) { return ''; }
+    if (($rolesdump eq 'con_lost') || ($rolesdump eq '')) { return \%userroles; }
     my %allroles=();
     my %allgroups=();   
     my $now=time;
-    my %userroles = ('user.login.time' => $now);
+    %userroles = ('user.login.time' => $now);
     my $group_privs;
 
     if ($rolesdump ne '') {
@@ -4891,6 +4896,9 @@ sub log_query {
 
 sub update_portfolio_table {
     my ($uname,$udom,$file_name,$query,$group,$action) = @_;
+    if ($group ne '') {
+        $file_name =~s /^\Q$group\E//;
+    }
     my $homeserver = &homeserver($uname,$udom);
     my $queryid=
         &reply("querysend:".$query.':'.&escape($uname.':'.$udom.':'.$group).
@@ -5879,7 +5887,7 @@ sub assigncustomrole {
 sub revokerole {
     my ($udom,$uname,$url,$role,$deleteflag,$selfenroll,$context)=@_;
     my $now=time;
-    return &assignrole($udom,$uname,$url,$role,$now,$deleteflag,$selfenroll,$context);
+    return &assignrole($udom,$uname,$url,$role,$now,undef,$deleteflag,$selfenroll,$context);
 }
 
 # ---------------------------------------------------------- Revoke Custom Role
@@ -6144,20 +6152,18 @@ sub modify_access_controls {
                 }
             }
         }
+        my ($group);
+        if (&is_course($domain,$user)) {
+            ($group,my $file) = split(/\//,$file_name,2);
+        }
         $deloutcome = &del('file_permissions',\@deletions,$domain,$user);
         $new_values{$file_name."\0".'accesscontrol'} = \%new_control;
         $outcome = &put('file_permissions',\%new_values,$domain,$user);
         #  remove lock
         my @del_lock = ($file_name."\0".'locked_access_records');
         my $dellockoutcome = &del('file_permissions',\@del_lock,$domain,$user);
-        my ($file,$group);
-        if (&is_course($domain,$user)) {
-            ($group,$file) = split(/\//,$file_name,2);
-        } else {
-            $file = $file_name;
-        }
         my $sqlresult =
-            &update_portfolio_table($user,$domain,$file,'portfolio_access',
+            &update_portfolio_table($user,$domain,$file_name,'portfolio_access',
                                     $group);
     } else {
         $outcome = "error: could not obtain lockfile\n";  
@@ -8535,13 +8541,22 @@ sub get_dns {
 	    next if ($configline =~ /^(\#|\s*$ )/x);
 	    next if ($configline =~ /^\^/);
 	    chomp($configline);
-	    my ($id,$domain,$role,$name)=split(/:/,$configline);
+	    my ($id,$domain,$role,$name,$protocol)=split(/:/,$configline);
 	    $name=~s/\s//g;
 	    if ($id && $domain && $role && $name) {
 		$hostname{$id}=$name;
 		push(@{$name_to_host{$name}}, $id);
 		$hostdom{$id}=$domain;
 		if ($role eq 'library') { $libserv{$id}=$name; }
+                if (defined($protocol)) {
+                    if ($protocol eq 'https') {
+                        $protocol{$id} = $protocol;
+                    } else {
+                        $protocol{$id} = 'http'; 
+                    }
+                } else {
+                    $protocol{$id} = 'http';
+                }
 	    }
 	}
     }
@@ -8984,7 +8999,7 @@ when the connection is brought back up
 =item * B<con_failed>: unable to contact remote host and unable to save message
 for later delivery
 
-=item * B<error:>: an error a occured, a description of the error follows the :
+=item * B<error:>: an error a occurred, a description of the error follows the :
 
 =item * B<no_such_host>: unable to fund a host associated with the user/domain
 that was requested
@@ -9564,7 +9579,7 @@ Returns:
  'key_exists: <key>' -> failed to anything out of $storehash, as at
                         least <key> already existed in the db (other
                         requested keys may also already exist)
- 'error: <msg>' -> unable to tie the DB or other erorr occured
+ 'error: <msg>' -> unable to tie the DB or other error occurred
  'con_lost' -> unable to contact request server
  'refused' -> action was not allowed by remote machine