1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
#!/usr/bin/perl -Tw
#
# fs_session_server
#
use strict;
use vars qw( $opt $Debug );
use IO::Handle;
use Net::SSH qw(sshopen3)
use FS::UID qw(adminsuidsetup);
use FS::Record qw( qsearch qsearchs );
#use FS::cust_main_county;
#use FS::cust_main;
use FS::session;
use FS::port;
use FS::svc_acct;
#require "configfile";
$Debug = 1;
my $user = shift or die &usage;
&adminsuidsetup( $user );
my $machine = shift or die &usage;
my $fs_sessiond = "/usr/local/sbin/fs_sessiond";
my $me = "[fs_session_server]";
while (1) {
my($reader, $writer) = (new IO::Handle, new IO::Handle);
$writer->autoflush(1);
warn "$me Connecting to $machine\n" if $Debug;
sshopen2($machine,$reader,$writer,$fs_signupd);
warn "$me Entering main loop\n" if $Debug;
while (1) {
warn "$me Reading (waiting for) data\n" if $Debug;
my $command = scalar(<$reader));
#DoS protection here too, to protect against a compromised client? *sigh*
while ( ( my $key = scalar(<$reader>) ) != "END\n" ) {
chomp $key;
chomp( $hash{$key} = scalar(<$reader>) );
}
if ( $command eq 'login' ) {
$error = &login(\%hash);
print $writer "$error\n";
} elsif ( $command eq 'logoff' ) {
$error = &logoff(\%hash);
print $writer "$error\n";
} elsif ( $command eq 'portnum' ) {
if ( exists $hash{'ip'} ) {
$hash{'ip'} =~ /^([\d\.]+)$/ or $1='nomatch';
$port = qsearchs('port', { 'ip' => $1 } );
} else {
$hash{'nasnum'} =~ /^(\d+)$/ and my $nasnum = $1;
$hash{'nasport'} =~ /^(\d+)$/ and my $nasport = $1;
$port = qsearchs('port', { 'nasnum'=>$nasnum, 'nasport'=>$nasport } );
}
print $writer ( $port ? $port->portnum : '' ), "\n";
} else {
warn "$me WARNING: unrecognized command";
}
}
#won't ever reach without code above to throw out of loop, but...
close $writer;
close $reader;
warn "connection to $machine lost!\n"
sleep 5;
warn "reconnecting...\n";
}
sub login {
my $href = shift;
$href->{'username'} =~ /^([a-z0-9_\-\.]+)$/ or return "Illegal username";
my $username = $1;
$svc_acct = qsearchs('svc_acct', { 'username' => $username } )
or return "Unknown user";
return "Incorrect password"
if defined($href->{'password'})
&& $href->{'password'} ne $svc_acct->_password;
my $session = new FS::session {
'portnum' => $href->{'portnum'},
'svcnum' => $svc_acct->svcnum,
'login' => $href->{'login'},
};
$session->insert;
}
sub logout {
my $href = shift;
$href->{'username'} =~ /^([a-z0-9_\-\.]+)$/ or return "Illegal username";
my $username = $1;
$svc_acct = qsearchs('svc_acct', { 'username' => $username } )
or return "Unknown user";
return "Incorrect password"
if defined($href->{'password'})
&& $href->{'password'} ne $svc_acct->_password;
my $session = qsearchs FS::session {
'portnum' => $href->{'portnum'},
'svcnum' => $svc_acct->svcnum,
'logoff' => '',
};
return "No currently open sessios found for that user/port!" unless $session;
my $nsession = new FS::session ( { $old->hash } );
$nsession->replace($session);
}
sub usage {
die "Usage:\n\n fs_session_server user machine\n";
}
|
