1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
#!/usr/bin/perl -Tw
#
# fs_session_server
#
use strict;
use vars qw( $opt $Debug );
use IO::Handle;
use Net::SSH qw(sshopen2);
use FS::UID qw(adminsuidsetup);
use FS::Record qw( qsearchs ); #qsearch );
#use FS::cust_main_county;
#use FS::cust_main;
use FS::session;
use FS::port;
use FS::svc_acct;
#require "configfile";
$Debug = 1;
my $user = shift or die &usage;
&adminsuidsetup( $user );
my $machine = shift or die &usage;
my $fs_sessiond = "/usr/local/sbin/fs_sessiond";
my $me = "[fs_session_server]";
while (1) {
my($reader, $writer) = (new IO::Handle, new IO::Handle);
$writer->autoflush(1);
warn "$me Connecting to $machine\n" if $Debug;
sshopen2($machine,$reader,$writer,$fs_sessiond);
warn "$me Entering main loop\n" if $Debug;
while (1) {
warn "$me Reading (waiting for) data\n" if $Debug;
my $command = scalar(<$reader>);
chomp $command;
#DoS protection here too, to protect against a compromised client? *sigh*
my %hash;
while ( ( my $key = scalar(<$reader>) ) ne "END\n" ) {
chomp $key;
chomp( $hash{$key} = scalar(<$reader>) );
}
if ( $command eq 'login' ) {
my $error = &login(\%hash);
print $writer "$error\n";
} elsif ( $command eq 'logout' ) {
my $error = &logout(\%hash);
print $writer "$error\n";
} elsif ( $command eq 'portnum' ) {
my $port;
if ( exists $hash{'ip'} ) {
$hash{'ip'} =~ /^([\d\.]+)$/ or $1='nomatch';
$port = qsearchs('port', { 'ip' => $1 } );
} else {
$hash{'nasnum'} =~ /^(\d+)$/ and my $nasnum = $1;
$hash{'nasport'} =~ /^(\d+)$/ and my $nasport = $1;
$port = qsearchs('port', { 'nasnum'=>$nasnum, 'nasport'=>$nasport } );
}
print $writer ( $port ? $port->portnum : '' ), "\n";
} else {
warn "$me WARNING: unrecognized command: $command";
}
}
#won't ever reach without code above to throw out of loop, but...
close $writer;
close $reader;
warn "connection to $machine lost!\n";
sleep 5;
warn "reconnecting...\n";
}
sub login {
my $href = shift;
$href->{'username'} =~ /^([a-z0-9_\-\.]+)$/ or return "Illegal username";
my $username = $1;
my $svc_acct = qsearchs('svc_acct', { 'username' => $username } )
or return "Unknown user";
return "Incorrect password"
if exists($href->{'password'})
&& $href->{'password'} ne $svc_acct->_password;
my $session = new FS::session {
'portnum' => $href->{'portnum'},
'svcnum' => $svc_acct->svcnum,
'login' => $href->{'login'},
};
$session->insert;
}
sub logout {
my $href = shift;
$href->{'username'} =~ /^([a-z0-9_\-\.]+)$/ or return "Illegal username";
my $username = $1;
my $svc_acct = qsearchs('svc_acct', { 'username' => $username } )
or return "Unknown user";
return "Incorrect password"
if exists($href->{'password'})
&& $href->{'password'} ne $svc_acct->_password;
my $session = qsearchs( 'session', {
'portnum' => $href->{'portnum'},
'svcnum' => $svc_acct->svcnum,
'logout' => '',
} );
return "No currently open sessions found for that user/port!" unless $session;
my $nsession = new FS::session ( { $session->hash } );
warn "$nsession replacing $session";
$nsession->replace($session);
}
sub usage {
die "Usage:\n\n fs_session_server user machine\n";
}
|
