[LON-CAPA-cvs] cvs: loncom / loncapa_apache.conf lonenc.pm
www
lon-capa-cvs@mail.lon-capa.org
Wed, 31 Mar 2004 04:38:06 -0000
www Tue Mar 30 23:38:06 2004 EDT
Added files:
/loncom lonenc.pm
Modified files:
/loncom loncapa_apache.conf
Log:
Work on encrypted URLs
Index: loncom/loncapa_apache.conf
diff -u loncom/loncapa_apache.conf:1.73 loncom/loncapa_apache.conf:1.74
--- loncom/loncapa_apache.conf:1.73 Tue Mar 16 18:02:43 2004
+++ loncom/loncapa_apache.conf Tue Mar 30 23:38:06 2004
@@ -1,7 +1,7 @@
##
## loncapa_apache.conf -- Apache HTTP LON-CAPA configuration file
##
-## $Id: loncapa_apache.conf,v 1.73 2004/03/16 23:02:43 raeburn Exp $
+## $Id: loncapa_apache.conf,v 1.74 2004/03/31 04:38:06 www Exp $
##
#
@@ -54,6 +54,12 @@
ErrorDocument 403 /adm/login
ErrorDocument 404 /adm/notfound.html
ErrorDocument 406 /adm/roles
+ErrorDocument 500 /adm/errorhandler
+</LocationMatch>
+
+<LocationMatch "^/+enc.*">
+PerlAccessHandler Apache::lonenc
+ErrorDocument 403 /adm/login
ErrorDocument 500 /adm/errorhandler
</LocationMatch>
Index: loncom/lonenc.pm
+++ loncom/lonenc.pm
# The LearningOnline Network
# URL translation for encrypted filenames
#
# $Id: lonenc.pm,v 1.1 2004/03/31 04:38:06 www Exp $
#
# Copyright Michigan State University Board of Trustees
#
# This file is part of the LearningOnline Network with CAPA (LON-CAPA).
#
# LON-CAPA is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# LON-CAPA is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with LON-CAPA; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
# /home/httpd/html/adm/gpl.txt
#
# http://www.lon-capa.org/
#
package Apache::lonenc;
use strict;
use Apache::Constants qw(:common :remotehost);
use Apache::lonnet();
use Apache::File();
use Apache::loncommon;
use Crypt::IDEA;
sub handler {
my $r = shift;
my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
my $lonid=$cookies{'lonID'};
my $cookie;
if ($lonid) {
my $handle=$lonid->value;
$handle=~s/\W//g;
my $lonidsdir=$r->dir_config('lonIDsDir');
if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
# Initialize Environment
&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
# Decrypt URL and redirect
$r->internal_redirect(&unencrypted($r->uri));
return OK;
}
}
return FORBIDDEN;
}
sub unencrypted {
my $uri=shift;
$uri=~s/^\/enc\/(\d+)\///;
&Apache::lonnet::logthis($uri);
my $cmdlength=$1;
unless ($ENV{'course.'.$ENV{'request.course.id'}.'.internal.encseed'}) {
return '/'.$uri;
}
$uri=&Apache::lonnet::unescape($uri);
my $cipher=
new IDEA $ENV{'course.'.$ENV{'request.course.id'}.'.internal.encseed'};
&Apache::lonnet::logthis($ENV{'course.'.$ENV{'request.course.id'}.'.internal.encseed'});
my $decuri='';
for (my $encidx=0;$encidx<length($uri);$encidx+=16) {
$decuri.=$cipher->decrypt(
pack("H16",substr($uri,$encidx,16))
);
}
return substr($decuri,0,$cmdlength);
}
sub encrypted {
my $uri=shift;
my $cmdlength=length($uri);
my $encuri='';
my $cipher=
new IDEA $ENV{'course.'.$ENV{'request.course.id'}.'.internal.encseed'};
for (my $encidx=0;$encidx<=$cmdlength;$encidx+=8) {
$encuri.=unpack("H16",
$cipher->encrypt(substr($uri,$encidx,8)));
}
return '/enc/'.$cmdlength.'/'.&Apache::lonnet::escape($encuri);
}
1;
__END__