'';
}
+=item ut_ip COLUMN
+
+Check/untaint ip addresses. IPv4 only for now.
+
+=cut
+
+sub ut_ip {
+ my( $self, $field ) = @_;
+ $self->getfield($field) =~ /^(\d+)\.(\d+)\.(\d+)\.(\d+)$/;
+ or return "Illegal (IP address) $field: ". $self->getfield($field);
+ for ( $1 $2 $3 $4 ) { return "Illegal (IP address) $field" if $_ > 255; };
+ $self->$setfield($field, "$1.$2.$3.$3");
+ '';
+}
+
+=item ut_ipn COLUMN
+
+Check/untaint ip addresses. IPv4 only for now. May be null.
+
+=cut
+
+sub ut_ipn {
+ my( $self, $field ) = @_;
+ if ( $self->getfield($field) =~ /^()$/ ) {
+ $self->setfield($field,'');
+ '';
+ } else {
+ $self->ut_ip($field);
+ }
+}
+
+=item ut_domain COLUMN
+
+Check/untaint host and domain names.
+
+=cut
+
+sub ut_domain {
+ my( $self, $field ) = @_;
+ #$self->getfield($field) =~/^(\w+\.)*\w+$/
+ $self->getfield($field) =~/^(\w+\.)*\w+$/
+ or return "Illegal (domain) $field: ". $self->getfield($field);
+ $self->setfield($field,$1);
+ '';
+}
+
+=cut
+
=item ut_anything COLUMN
Untaints arbitrary data. Be careful.
=head1 VERSION
-$Id: Record.pm,v 1.7 2000-06-27 12:15:37 ivan Exp $
+$Id: Record.pm,v 1.8 2000-10-27 20:15:50 ivan Exp $
=head1 BUGS
-$Id: TODO,v 1.51 2000-10-15 12:58:25 ivan Exp $
+$Id: TODO,v 1.52 2000-10-27 20:15:50 ivan Exp $
If you are interested in helping with any of these, please join the
*development* mailing list (send a blank message to
---
+> 1. A Web Form to the user get his account added automatically . The
+> /etc/raddb/users and /etc/passwd would be updated automatically (these
+> file are on the same machine Freeside is). I guess the the Add
+> Customer
+> page with some customization could be the work.
+> 2. A Canceling Account Web Form available to user cancel his account
+> at
+> any time he wants.
+> 3. A Password Changing Web Form where the user could change your
+> password by sending your username, old and new password.
+> 4. Additional POP Accounts Creation where the user supply only his
+> main
+> username/password (probably provided from a PPP Account already
+> created)
+> and his POP username/password for this specific account.
+(actually need something more general i guess - probably need some way to say
+which accounts (svc_acct) can log in and make changes per customer (cust_main) )
+
this is awfully vauge, perhaps email for more info? don't want to alientate
someone with accounting experience, but i just don't have time right now.
.
#!/usr/bin/perl -Tw
#
-# $Id: fs-setup,v 1.26 2000-07-06 08:57:27 ivan Exp $
+# $Id: fs-setup,v 1.27 2000-10-27 20:15:50 ivan Exp $
#
# ivan@sisd.com 97-nov-8,9
#
# fix radius attributes ivan@sisd.com 98-sep-27
#
# $Log: fs-setup,v $
-# Revision 1.26 2000-07-06 08:57:27 ivan
+# Revision 1.27 2000-10-27 20:15:50 ivan
+# session monitor
+#
+# Revision 1.26 2000/07/06 08:57:27 ivan
# support for radius check attributes (except importing). poorly documented.
#
# Revision 1.25 2000/06/29 12:00:49 ivan
'index' => [ [] ],
},
+ 'port' => {
+ 'columns' => [
+ 'portnum', 'int', '', '',
+ 'ip', 'varchar', NULL, 15,
+ 'nasport' 'int', NULL, '',
+ 'nasnum', 'int', '', '',
+ ],
+ 'primary_key' => 'portnum',
+ 'unique' => [],
+ 'index' => [],
+ },
+
+ 'nas' => {
+ 'columns' => [
+ 'nasnum', 'int', '', '',
+ 'nas', 'varchar', '', $char_d,
+ 'nasip', 'varchar', '', 15,
+ 'nasfqdn', 'varchar', '', $char_d,
+# 'last', 'timestamp', NULL, '',
+#change to above when move to DBIx::DBSchema!!!
+ 'last', 'datetime', NULL, '',
+ ],
+ 'primary_key' => 'nasnum',
+ 'unique' => [ [ 'nas' ], [ 'nasip' ] ],
+ 'index' => [ [ 'last' ] ],
+ },
+
+ 'session' => {
+ 'columns' => [
+ 'sessionnum', 'int', '', '',
+ 'portnum', 'int', '', '',
+ 'svcnum', 'int', '', '',
+# 'login', 'timestamp', '', '',
+# 'logout', 'timestamp', '', '',
+#change to above when move to DBIx::DBSchema!!!
+ 'login', 'datetime', '', '',
+ 'logout', 'datetime', NULL, '',
+ ],
+ 'primary_key' => 'sessionnum',
+ 'unique' => [],
+ 'index' => [ [ 'portnum' ] ],
+ },
+
);
%tables;
=head1 VERSION
-$Id: table_template.pm,v 1.1 1999-08-04 08:03:03 ivan Exp $
+$Id: table_template.pm,v 1.2 2000-10-27 20:15:50 ivan Exp $
=head1 BUGS
L<FS::Record>, schema.html from the base documentation.
-=head1 HISTORY
-
-ivan@voicenet.com 97-jul-1
-
-added hfields
-ivan@sisd.com 97-nov-13
-
-$Log: table_template.pm,v $
-Revision 1.1 1999-08-04 08:03:03 ivan
-move table subclass examples out of production directory
-
-Revision 1.4 1998/12/29 11:59:57 ivan
-mostly properly OO, some work still to be done with svc_ stuff
-
-Revision 1.3 1998/11/15 04:33:00 ivan
-updates for newest versoin
-
-Revision 1.2 1998/11/15 03:48:49 ivan
-update for current version
-
-
=cut
1;
--- /dev/null
+Revision history for Perl extension FS::SessionClient
+
+0.01 Wed Oct 18 16:34:36 1999
+ - original version; created by ivan 1.0
+
--- /dev/null
+Changes
+MANIFEST
+MANIFEST.SKIP
+Makefile.PL
+SessionClient.pm
+test.pl
+fs_sessiond
+cgi/logon.cgi
+cgi/logoff.cgi
--- /dev/null
+use ExtUtils::MakeMaker;
+# See lib/ExtUtils/MakeMaker.pm for details of how to influence
+# the contents of the Makefile that is written.
+WriteMakefile(
+ 'NAME' => 'FS::SessionClient',
+ 'VERSION_FROM' => 'SessionClient.pm', # finds $VERSION
+ 'EXE_FILES' => [ 'fs_sessiond' ],
+ 'INSTALLSCRIPT' => '/usr/local/sbin',
+ 'PERM_RWX' => '750',
+);
--- /dev/null
+package FS::SessionClient;
+
+use strict;
+use vars qw($VERSION @ISA @EXPORT_OK $fs_sessiond_socket);
+use Exporter;
+use Socket;
+use FileHandle;
+use IO::Handle;
+
+$VERSION = '0.01';
+
+@ISA = qw( Exporter );
+@EXPORT_OK = qw( login logoff );
+
+$fs_sessiond_socket = "/usr/local/freeside/fs_sessiond_socket";
+
+$ENV{'PATH'} ='/usr/bin:/bin';
+$ENV{'SHELL'} = '/bin/sh';
+$ENV{'IFS'} = " \t\n";
+$ENV{'CDPATH'} = '';
+$ENV{'ENV'} = '';
+$ENV{'BASH_ENV'} = '';
+
+my $freeside_uid = scalar(getpwnam('freeside'));
+die "not running as the freeside user\n" if $> != $freeside_uid;
+
+=head1 NAME
+
+FS::SessionClient - Freeside session client API
+
+=head1 SYNOPSIS
+
+ use FS::SessionClient qw( login portnum logoff );
+
+ $error = login ( {
+ 'username' => $username,
+ 'password' => $password,
+ 'login' => $timestamp,
+ 'portnum' => $portnum,
+ } );
+
+ $portnum = portnum( { 'ip' => $ip } ) or die "unknown ip!"
+ $portnum = portnum( { 'nasnum' => $nasnum, 'nasport' => $nasport } )
+ or die "unknown nasnum/nasport";
+
+ $error = logoff ( {
+ 'username' => $username,
+ 'password' => $password,
+ 'logoff' => $timestamp,
+ 'portnum' => $portnum,
+ } );
+
+=head1 DESCRIPTION
+
+This modules provides an API for a remote session application.
+
+It needs to be run as the freeside user. Because of this, the program which
+calls these subroutines should be written very carefully.
+
+=head1 SUBROUTINES
+
+=over 4
+
+=item login HASHREF
+
+HASHREF should have the following keys: username, password, login and portnum.
+login is a UNIX timestamp; if not specified, will default to the current time.
+Starts a new session for the specified user and portnum. The password is
+optional, but must be correct if specified.
+
+Returns a scalar error message, or the empty string for success.
+
+=item portnum
+
+HASHREF should contain a single key: ip, or the two keys: nasnum and nasport.
+Returns a portnum suitable for the login and logoff subroutines, or false
+on error.
+
+=item logoff HASHREF
+
+HASHREF should have the following keys: usrename, password, logoff and portnum.
+logoff is a UNIX timestamp; if not specified, will default to the current time.
+Starts a new session for the specified user and portnum. The password is
+optional, but must be correct if specified.
+
+Returns a scalar error message, or the empty string for success.
+
+=cut
+
+sub AUTOLOAD {
+ my $hashref = shift;
+ socket(SOCK, PF_UNIX, SOCK_STREAM, 0) or die "socket: $!";
+ connect(SOCK, sockaddr_un($fs_sessiond_socket)) or die "connect: $!";
+ print SOCK "$AUTOLOAD\n";
+
+ print SOCK join("\n", %{$hashref}, 'END' ), "\n";
+ SOCK->flush;
+
+ chomp( my $r = <SOCK> );
+ $r;
+}
+
+=back
+
+=head1 VERSION
+
+$Id: SessionClient.pm,v 1.1 2000-10-27 20:15:50 ivan Exp $
+
+=head1 BUGS
+
+=head1 SEE ALSO
+
+L<fs_sessiond>
+
+=cut
+
+1;
+
+
+
--- /dev/null
+#!/usr/bin/perl -Tw
+#
+# fs_sessiond
+#
+# This is run REMOTELY over ssh by fs_session_server
+#
+
+use strict;
+use Socket;
+
+use vars qw( $Debug );
+
+$Debug = 1;
+
+my $fs_session_socket = "/usr/local/freeside/fs_sessiond_socket";
+
+$ENV{'PATH'} ='/usr/local/bin:/usr/bin:/usr/ucb:/bin';
+$ENV{'SHELL'} = '/bin/sh';
+$ENV{'IFS'} = " \t\n";
+$ENV{'CDPATH'} = '';
+$ENV{'ENV'} = '';
+$ENV{'BASH_ENV'} = '';
+
+$|=1;
+
+my $me = "[fs_sessiond]";
+
+warn "$me starting\n" if $Debug;
+#nothing to read from server
+
+warn "$me creating $fs_sessiond_socket\n" if $Debug;
+my $uaddr = sockaddr_un($fs_signupd_socket);
+my $proto = getprotobyname('tcp');
+socket(Server,PF_UNIX,SOCK_STREAM,0) or die "socket: $!";
+unlink($fs_signup_socket);
+bind(Server, $uaddr) or die "bind: $!";
+listen(Server,SOMAXCONN) or die "listen: $!";
+
+warn "$me entering main loop\n" if $Debug;
+my $paddr;
+for ( ; $paddr = accept(Client,Server); close Client) {
+
+ chomp( my $command = <Client> );
+
+ if ( $command eq 'login' || $command eq 'logout' || $command eq 'portnum' ) {
+ warn "$me reading data from local client\n" if $Debug;
+ my @data, $dos;
+ push @data, scalar(<Client>) until $dos++ == 99 || $data[$#data] != "END\n";
+ if ( $dos == 99 ) {
+ warn "$me WARNING: DoS attempt!"
+ } else {
+ warn "$me sending data to remote server\n" if $Debug;
+ print "$command\n", @data;
+ warn "$me reading result from remote server\n" if $Debug;
+ my $error = <STDIN>;
+ warn "$me sending error to local client\n" if $Debug;
+ print Client $error;
+ }
+ } else {
+ warn "$me WARNING: unexpected command from client: $command";
+ }
+
+}
+
--- /dev/null
+# Before `make install' is performed this script should be runnable with
+# `make test'. After `make install' it should work as `perl test.pl'
+
+######################### We start with some black magic to print on failure.
+
+# Change 1..1 below to 1..last_test_to_print .
+# (It may become useful if the test is moved to ./t subdirectory.)
+
+BEGIN { $| = 1; print "1..1\n"; }
+END {print "not ok 1\n" unless $loaded;}
+use FS::SessionClient;
+$loaded = 1;
+print "ok 1\n";
+
+######################### End of black magic.
+
+# Insert your test code below (better if it prints "ok 13"
+# (correspondingly "not ok 13") depending on the success of chunk 13
+# of the test code):
+
--- /dev/null
+#!/usr/bin/perl -Tw
+#
+# fs_session_server
+#
+
+use strict;
+use vars qw( $opt $Debug );
+use IO::Handle;
+use Net::SSH qw(sshopen3)
+use FS::UID qw(adminsuidsetup);
+use FS::Record qw( qsearch qsearchs );
+#use FS::cust_main_county;
+#use FS::cust_main;
+use FS::session;
+
+#require "configfile";
+$Debug = 1;
+
+my $user = shift or die &usage;
+&adminsuidsetup( $user );
+
+my $machine = shift or die &usage;
+
+my $fs_sessiond = "/usr/local/sbin/fs_sessiond";
+
+my $me = "[fs_session_server]";
+
+while (1) {
+ my($reader, $writer) = (new IO::Handle, new IO::Handle);
+ $writer->autoflush(1);
+ warn "$me Connecting to $machine\n" if $Debug;
+ sshopen2($machine,$reader,$writer,$fs_signupd);
+
+ warn "$me Entering main loop\n" if $Debug;
+ while (1) {
+ warn "$me Reading (waiting for) data\n" if $Debug;
+ my $command = scalar(<$reader));
+ #DoS protection here too, to protect against a compromised client? *sigh*
+ while ( ( my $key = scalar(<$reader>) ) != "END\n" ) {
+ chomp $key;
+ chomp( $hash{$key} = scalar(<$reader>) );
+ }
+
+ if ( $command eq 'login' ) {
+
+ } elsif ( $command eq 'logoff' ) {
+
+ } elsif ( $command eq 'portnum' ) {
+
+ } else {
+ warn "$me WARNING: unrecognized command";
+ }
+
projects / freeside.git / commitdiff