[LON-CAPA-cvs] cvs: loncom / lond
foxr
lon-capa-cvs@mail.lon-capa.org
Tue, 27 Jul 2004 11:34:50 -0000
foxr Tue Jul 27 07:34:50 2004 EDT
Modified files:
/loncom lond
Log:
Added ekey to the set of hash dispatched command handlers.
Index: loncom/lond
diff -u loncom/lond:1.215 loncom/lond:1.216
--- loncom/lond:1.215 Tue Jul 27 07:21:48 2004
+++ loncom/lond Tue Jul 27 07:34:49 2004
@@ -2,7 +2,7 @@
# The LearningOnline Network
# lond "LON Daemon" Server (port "LOND" 5663)
#
-# $Id: lond,v 1.215 2004/07/27 11:21:48 foxr Exp $
+# $Id: lond,v 1.216 2004/07/27 11:34:49 foxr Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -56,7 +56,7 @@
my $status='';
my $lastlog='';
-my $VERSION='$Revision: 1.215 $'; #' stupid emacs
+my $VERSION='$Revision: 1.216 $'; #' stupid emacs
my $remoteVERSION;
my $currenthostid="default";
my $currentdomainid;
@@ -1039,6 +1039,8 @@
# declaration:
#
+#++
+#
# Handles ping requests.
# Parameters:
# $cmd - the actual keyword that invoked us.
@@ -1063,6 +1065,7 @@
}
®ister_handler("ping", \&ping_handler, 0, 1, 1); # Ping unencoded, client or manager.
+#++
#
# Handles pong requests. Pong replies with our current host id, and
# the results of a ping sent to us via our lonc.
@@ -1089,6 +1092,51 @@
}
®ister_handler("pong", \&pong_handler, 0, 1, 1); # Pong unencoded, client or manager
+#++
+# Called to establish an encrypted session key with the remote client.
+# Note that with secure lond, in most cases this function is never
+# invoked. Instead, the secure session key is established either
+# via a local file that's locked down tight and only lives for a short
+# time, or via an ssl tunnel...and is generated from a bunch-o-random
+# bits from /dev/urandom, rather than the predictable pattern used by
+# by this sub. This sub is only used in the old-style insecure
+# key negotiation.
+# Parameters:
+# $cmd - the actual keyword that invoked us.
+# $tail - the tail of the request that invoked us.
+# $replyfd- File descriptor connected to the client
+# Implicit Inputs:
+# $currenthostid - Global variable that carries the name of the host
+# known as.
+# $clientname - Global variable that carries the name of the hsot we're connected to.
+# Returns:
+# 1 - Ok to continue processing.
+# 0 - Program should exit.
+# Implicit Outputs:
+# Reply information is sent to the client.
+# $cipher is set with a reference to a new IDEA encryption object.
+#
+sub establish_key_handler {
+ my ($cmd, $tail, $replyfd) = @_;
+
+ my $buildkey=time.$$.int(rand 100000);
+ $buildkey=~tr/1-6/A-F/;
+ $buildkey=int(rand 100000).$buildkey.int(rand 100000);
+ my $key=$currenthostid.$clientname;
+ $key=~tr/a-z/A-Z/;
+ $key=~tr/G-P/0-9/;
+ $key=~tr/Q-Z/0-9/;
+ $key=$key.$buildkey.$key.$buildkey.$key.$buildkey;
+ $key=substr($key,0,32);
+ my $cipherkey=pack("H32",$key);
+ $cipher=new IDEA $cipherkey;
+ &Reply($replyfd, "$buildkey\n", "$cmd:$tail");
+
+ return 1;
+
+}
+®ister_handler("ekey", \&establish_key_handler, 0, 1,1);
+
#---------------------------------------------------------------
@@ -1204,22 +1252,8 @@
#------------------- Commands not yet in spearate handlers. --------------
-# ------------------------------------------------------------------------ ekey
- if ($userinput =~ /^ekey/) { # ok for both clients & mgrs
- my $buildkey=time.$$.int(rand 100000);
- $buildkey=~tr/1-6/A-F/;
- $buildkey=int(rand 100000).$buildkey.int(rand 100000);
- my $key=$currenthostid.$clientname;
- $key=~tr/a-z/A-Z/;
- $key=~tr/G-P/0-9/;
- $key=~tr/Q-Z/0-9/;
- $key=$key.$buildkey.$key.$buildkey.$key.$buildkey;
- $key=substr($key,0,32);
- my $cipherkey=pack("H32",$key);
- $cipher=new IDEA $cipherkey;
- print $client "$buildkey\n";
# ------------------------------------------------------------------------ load
- } elsif ($userinput =~ /^load/) { # client only
+ if ($userinput =~ /^load/) { # client only
if (isClient) {
my $loadavg;
{