[LON-CAPA-cvs] cvs: loncom(Refactoring) / lond
foxr
lon-capa-cvs@mail.lon-capa.org
Mon, 23 Feb 2004 10:25:53 -0000
foxr Mon Feb 23 05:25:53 2004 EDT
Modified files: (Branch: Refactoring)
/loncom lond
Log:
Corrected some (il)logic having to do with authenticating clients and manager.
This version seems to mostly work but there is a lot of refactoring left to go.
There are also some anomalies between lond/loncnew that have to be examined
when lond exits. I would not classify this as ready for prime-time.
Index: loncom/lond
diff -u loncom/lond:1.178.2.1 loncom/lond:1.178.2.2
--- loncom/lond:1.178.2.1 Wed Feb 18 05:43:02 2004
+++ loncom/lond Mon Feb 23 05:25:52 2004
@@ -2,7 +2,7 @@
# The LearningOnline Network
# lond "LON Daemon" Server (port "LOND" 5663)
#
-# $Id: lond,v 1.178.2.1 2004/02/18 10:43:02 foxr Exp $
+# $Id: lond,v 1.178.2.2 2004/02/23 10:25:52 foxr Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -48,12 +48,12 @@
use File::Copy;
use LONCAPA::ConfigFileEdit;
-my $DEBUG = 0; # Non zero to enable debug log entries.
+my $DEBUG = 1; # Non zero to enable debug log entries.
my $status='';
my $lastlog='';
-my $VERSION='$Revision: 1.178.2.1 $'; #' stupid emacs
+my $VERSION='$Revision: 1.178.2.2 $'; #' stupid emacs
my $remoteVERSION;
my $currenthostid;
my $currentdomainid;
@@ -626,6 +626,7 @@
# upass - User's password.
my ($udom,$uname,$upass)=split(/:/,$tail);
+ Debug(" Authenticate domain = $udom, user = $uname, password = $upass");
chomp($upass);
$upass=unescape($upass);
my $proname=propath($udom,$uname);
@@ -634,6 +635,8 @@
# The user's 'personal' loncapa passworrd file describes how to authenticate:
if (-e $passfilename) {
+ Debug("Located password file: $passfilename");
+
my $pf = IO::File->new($passfilename);
my $realpasswd=<$pf>;
chomp($realpasswd);
@@ -642,6 +645,7 @@
#
# Authenticate against password stored in the internal file.
#
+ Debug("Authenticating via $howpwd");
if ($howpwd eq 'internal') {
&Debug("Internal auth");
$pwdcorrect= (crypt($upass,$contentpwd) eq $contentpwd);
@@ -2453,7 +2457,9 @@
# Split off the request keyword from the rest of the stuff.
my ($command, $tail) = split(/:/, $userinput, 2);
-
+
+ Debug("Command received: $command, encoded = $wasenc");
+
# ------------------------------------------------------------- Normal commands
@@ -2466,24 +2472,33 @@
my $Handler = $$DispatchInfo[0];
my $NeedEncode = $$DispatchInfo[1];
my $ClientTypes = $$DispatchInfo[2];
+ Debug("Matched dispatch hash: mustencode: $NeedEncode ClientType $ClientTypes");
# Validate the request:
my $ok = 1;
- if($NeedEncode && (!$wasenc)) {
- Reply($client, "refused\n", $userinput);
- $ok = 0;
+ my $requesterprivs = 0;
+ if(isClient()) {
+ $requesterprivs |= $CLIENT_OK;
}
- if(isClient && (($ClientTypes & $CLIENT_OK) == 0)) {
- Reply($client, "refused\n", $userinput);
- $ok = 0;
+ if(isManager()) {
+ $requesterprivs |= $MANAGER_OK;
}
- if(isManager && (($ClientTypes & $MANAGER_OK) == 0)) {
- Reply($client, "refused\n", $userinput);
+ if($NeedEncode && (!$wasenc)) {
+ Debug("Must encode but wasn't: $NeedEncode $wasenc");
$ok = 0;
}
+ if(($ClientTypes & $requesterprivs) == 0) {
+ Debug("Client not privileged to do this operation");
+ $ok = 0;
+ }
+
if($ok) {
+ Debug("Dispatching to handler $command $tail");
$KeepGoing = &$Handler($command, $tail, $client);
+ } else {
+ Debug("Refusing to dispatch because ok is false");
+ Failure($client, "refused", $userinput);
}