[LON-CAPA-cvs] cvs: loncom / clusteradmin lond

raeburn raeburn at source.lon-capa.org
Mon Aug 20 18:42:06 EDT 2018 

raeburn		Mon Aug 20 22:42:06 2018 EDT

  Modified files:              
    /loncom	clusteradmin lond 
  Log:
  - Cluster manager can push updated Certificate Revocation List to cluster's
    "name servers".
  
  
Index: loncom/clusteradmin
diff -u loncom/clusteradmin:1.7 loncom/clusteradmin:1.8
--- loncom/clusteradmin:1.7	Mon Aug 20 22:31:49 2018
+++ loncom/clusteradmin	Mon Aug 20 22:42:05 2018
@@ -2,7 +2,7 @@
 # The LearningOnline Network with CAPA
 # Push admin files from cluster manager to cluster's "name servers".
 #
-# $Id: clusteradmin,v 1.7 2018/08/20 22:31:49 raeburn Exp $
+# $Id: clusteradmin,v 1.8 2018/08/20 22:42:05 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -156,7 +156,8 @@
     print STDERR "   subcommand describes what to actually do:\n";
     print STDERR "    help    - Prints this message (args ignored)\n";
     print STDERR "    update  - Updates an administrative file\n";
-    print STDERR "              args is one of dns_hosts.tab or dns_domain.tab\n";
+    print STDERR "              args is one of dns_hosts.tab, dns_domain.tab\n";
+    print STDERR "              or loncapaCAcrl.pem\n";
 
 }
 
@@ -185,8 +186,14 @@
 
 sub construct_table_path {
     my ($basename) = @_;
-    my $directory = $config{'lonTabDir'};
-
+    my $directory;
+    if ($basename eq 'managers.tab') {
+        $directory = $config{'lonTabDir'};
+    } elsif ($basename eq 'loncapaCAcrl.pem') {
+        $directory = $config{'lonCertificateDirectory'};
+    } elsif ($basename =~ /^(dns_|)(hosts|domain)\.tab$/) {
+        $directory = $config{'lonTabDir'};
+    }
     return $directory . '/' . $basename;
 }
 
@@ -200,14 +207,15 @@
 {
     my @result;
     my $hosts_tab = &construct_table_path('hosts.tab');
-    open(HOSTS, "<$hosts_tab");
-    while (my $line = <HOSTS>) {
-	chomp($line);
-	if ($line =~ /^\^/) {
-            if ($line =~ /^\^([\w.\-]+)/) {
-                push(@result,$1);
-            }
-	}
+    if (open(HOSTS,'<',$hosts_tab)) {
+        while (my $line = <HOSTS>) {
+	    chomp($line);
+	    if ($line =~ /^\^/) {
+                if ($line =~ /^\^([\w.\-]+)/) {
+                    push(@result,$1);
+                }
+	    }
+        }
     }
     return (@result);
 }
@@ -233,7 +241,7 @@
 
     my $contents;
     my $line;
-    open(FILE, "<$pushfile");
+    open(FILE,'<',$pushfile);
     while ($line = <FILE>) {
 	$contents .= $line;
     }
@@ -284,16 +292,22 @@
 	# Validate the filename:
 
 	if (($filename eq 'dns_hosts.tab') || ($filename eq 'dns_domain.tab') || 
-            ($filename eq 'hosts.tab') || ($filename eq 'domain.tab')) {
+            ($filename eq 'hosts.tab') || ($filename eq 'domain.tab') ||
+            ($filename eq 'loncapaCAcrl.pem')) {
             my ($result,$fh);
             if (!-e $logfile) {
                 system("touch $logfile");
                 system("chown www:www $logfile");
             }
-            if (open ($fh,">>$logfile")) {
+            if (open ($fh,'>>',$logfile)) {
                 print $fh "clusteradmin update started: ".localtime(time)."\n";
 	        my $pushfile   = &construct_table_path($filename);
-	        my $specifier  = basename($filename, ('.tab'));
+                my @hosts         = (&get_dns_hosts());
+                my $ext = 'tab';
+                if ($filename eq 'loncapaCAcrl.pem') {
+                    $ext = 'pem';
+                }
+	        my $specifier  = basename($filename, (".$ext"));
 	        my @hosts         = (&get_dns_hosts());
 	        $result = &push_file($specifier, $pushfile,  \@hosts, $fh);
                 print $fh "ended: ".localtime(time)."\n";                 
@@ -303,7 +317,7 @@
             }
             return $result;
 	} else {
-	    print STDERR "Only dns_hosts.tab or dns_domain.tab can be updated\n";
+	    print STDERR "Only dns_hosts.tab, dns_domain.tab or loncapaCAcrl.pem can be updated\n";
 	    &usage();
 	    return 0;
 	}
Index: loncom/lond
diff -u loncom/lond:1.548 loncom/lond:1.549
--- loncom/lond:1.548	Sat Aug 18 22:07:48 2018
+++ loncom/lond	Mon Aug 20 22:42:05 2018
@@ -2,7 +2,7 @@
 # The LearningOnline Network
 # lond "LON Daemon" Server (port "LOND" 5663)
 #
-# $Id: lond,v 1.548 2018/08/18 22:07:48 raeburn Exp $
+# $Id: lond,v 1.549 2018/08/20 22:42:05 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -65,7 +65,7 @@
 my $status='';
 my $lastlog='';
 
-my $VERSION='$Revision: 1.548 $'; #' stupid emacs
+my $VERSION='$Revision: 1.549 $'; #' stupid emacs
 my $remoteVERSION;
 my $currenthostid="default";
 my $currentdomainid;
@@ -792,10 +792,17 @@
     my $selector   = shift;
     my $tablefile;
 
-    my $tabledir = $perlvar{'lonTabDir'}.'/';
-    if (($selector eq "hosts") || ($selector eq "domain") || 
-        ($selector eq "dns_hosts") || ($selector eq "dns_domain")) {
-	$tablefile =  $tabledir.$selector.'.tab';
+    if ($selector eq 'loncapaCAcrl') {
+        my $tabledir = $perlvar{'lonCertificateDirectory'};
+        if (-d $tabledir) {
+            $tablefile =  $tabledir.'/'.$selector.'.pem';
+        }
+    } else {
+        my $tabledir = $perlvar{'lonTabDir'}.'/';
+        if (($selector eq "hosts") || ($selector eq "domain") || 
+            ($selector eq "dns_hosts") || ($selector eq "dns_domain")) {
+	    $tablefile =  $tabledir.$selector.'.tab';
+        }
     }
     return $tablefile;
 }
@@ -819,12 +826,13 @@
     my ($command, $filename, $contents) = split(":", $request, 3);
     &Debug("PushFile");
     
-    #  At this point in time, pushes for only the following tables are
-    #  supported:
+    #  At this point in time, pushes for only the following tables and
+    #  CRL file are supported:
     #   hosts.tab  ($filename eq host).
     #   domain.tab ($filename eq domain).
     #   dns_hosts.tab ($filename eq dns_host).
     #   dns_domain.tab ($filename eq dns_domain). 
+    #   loncapaCAcrl.pem ($filename eq loncapaCAcrl);   
     # Construct the destination filename or reject the request.
     #
     # lonManage is supposed to ensure this, however this session could be
@@ -845,7 +853,8 @@
 
     if($filename eq "host") {
 	$contents = AdjustHostContents($contents);
-    } elsif ($filename eq 'dns_host' || $filename eq 'dns_domain') {
+    } elsif (($filename eq 'dns_host') || ($filename eq 'dns_domain') ||
+             ($filename eq 'loncapaCAcrl')) {
         if ($contents eq '') {
             &logthis('<font color="red"> Pushfile: unable to install '
                     .$tablefile." - no data received from push. </font>");
@@ -856,8 +865,13 @@
             if ($managers{$clientip} eq $clientname) {
                 my $clientprotocol = $Apache::lonnet::protocol{$clientname};
                 $clientprotocol = 'http' if ($clientprotocol ne 'https');
-                my $url = '/adm/'.$filename;
-                $url =~ s{_}{/};
+                my $url;
+                if ($filename eq 'loncapaCAcrl') {
+                    $url = '/adm/dns/loncapaCRL';
+                } else {
+                    $url = '/adm/'.$filename;
+                    $url =~ s{_}{/};
+                }
                 my $request=new HTTP::Request('GET',"$clientprotocol://$clienthost$url");
                 my $response = LONCAPA::LWPReq::makerequest($clientname,$request,'',\%perlvar,60,0);
                 if ($response->is_error()) {
@@ -8922,7 +8936,7 @@
 =item Red CRITICAL Can't get key file <error>        
 
 SSL key negotiation is being attempted but the call to
-lonssl::KeyFile  failed.  This usually means that the
+lonssl::KeyFile failed.  This usually means that the
 configuration file is not correctly defining or protecting
 the directories/files lonCertificateDirectory or
 lonnetPrivateKey

More information about the LON-CAPA-cvs mailing list