implemented user+passwd in STDIN
This commit is contained in:
parent
3fe5a3a924
commit
1888ebc53c
|
@ -58,7 +58,7 @@ things to get it to work:
|
||||||
You have to run the command as the user your webserver is running, e.g.
|
You have to run the command as the user your webserver is running, e.g.
|
||||||
|
|
||||||
wwwrun@tilo:/srv/www/htdocs/lam/lib> /srv/www/htdocs/lam/lib/lamdaemon.pl \
|
wwwrun@tilo:/srv/www/htdocs/lam/lib> /srv/www/htdocs/lam/lib/lamdaemon.pl \
|
||||||
127.0.0.1 /srv/www/htdocs/lam/lib/lamdaemon.pl root secret *test
|
127.0.0.1 /srv/www/htdocs/lam/lib/lamdaemon.pl adminuser secret *test
|
||||||
|
|
||||||
You should get the following response:
|
You should get the following response:
|
||||||
|
|
||||||
|
@ -74,4 +74,12 @@ things to get it to work:
|
||||||
|
|
||||||
Now everything should work fine.
|
Now everything should work fine.
|
||||||
|
|
||||||
|
|
||||||
|
Security warning:
|
||||||
|
-----------------
|
||||||
|
|
||||||
|
If you use PHP < 4.3 your admin user and password are passed as commandline argument.
|
||||||
|
This can be a security risk. Upgrade your PHP version for productive use.
|
||||||
|
|
||||||
|
|
||||||
Please send a mail to TiloLutz@gmx.de if you have any suggestions.
|
Please send a mail to TiloLutz@gmx.de if you have any suggestions.
|
||||||
|
|
|
@ -40,16 +40,12 @@ $Id$
|
||||||
function lamdaemon($commands) {
|
function lamdaemon($commands) {
|
||||||
// get username and password of the current lam-admin
|
// get username and password of the current lam-admin
|
||||||
$ldap_q = $_SESSION['ldap']->decrypt_login();
|
$ldap_q = $_SESSION['ldap']->decrypt_login();
|
||||||
/* $towrite has the following syntax:
|
|
||||||
* admin-username, admin-password, owner of homedir, 'home', operation='add'
|
|
||||||
* use escapeshellarg to make exec() shell-safe
|
|
||||||
*/
|
|
||||||
$towrite = escapeshellarg($_SESSION['config']->scriptServer)." ".escapeshellarg($_SESSION['config']->scriptPath)." ".
|
|
||||||
escapeshellarg($ldap_q[0]).' '.escapeshellarg($ldap_q[1]);
|
|
||||||
|
|
||||||
$userstring = implode ("\n", $commands);
|
$userstring = implode ("\n", $commands);
|
||||||
if (function_exists(proc_open)) {
|
$output_array = array();
|
||||||
|
if (function_exists('proc_open')) {
|
||||||
// New Code, requires PHP 4.3
|
// New Code, requires PHP 4.3
|
||||||
|
$towrite = escapeshellarg($_SESSION['config']->scriptServer)." ".escapeshellarg($_SESSION['config']->scriptPath)." - -";
|
||||||
$descriptorspec = array(
|
$descriptorspec = array(
|
||||||
0 => array("pipe", "r"), // stdin
|
0 => array("pipe", "r"), // stdin
|
||||||
1 => array("pipe", "w"), // stout
|
1 => array("pipe", "w"), // stout
|
||||||
|
@ -64,6 +60,9 @@ function lamdaemon($commands) {
|
||||||
* $pipes[1] is readable handle to child stdout
|
* $pipes[1] is readable handle to child stdout
|
||||||
* any error is send to /dev/null
|
* any error is send to /dev/null
|
||||||
*/
|
*/
|
||||||
|
// user+passwd
|
||||||
|
fwrite($pipes[0], $ldap_q[0] . "\n");
|
||||||
|
fwrite($pipes[0], $ldap_q[1] . "\n");
|
||||||
// Write to stdin
|
// Write to stdin
|
||||||
fwrite($pipes[0], $userstring);
|
fwrite($pipes[0], $userstring);
|
||||||
}
|
}
|
||||||
|
@ -76,6 +75,8 @@ function lamdaemon($commands) {
|
||||||
proc_close($process);
|
proc_close($process);
|
||||||
}
|
}
|
||||||
else { // PHP 4.3>
|
else { // PHP 4.3>
|
||||||
|
$towrite = escapeshellarg($_SESSION['config']->scriptServer)." ".escapeshellarg($_SESSION['config']->scriptPath)." ".
|
||||||
|
escapeshellarg($ldap_q[0]).' '.escapeshellarg($ldap_q[1]);
|
||||||
$command = escapeshellarg($_SESSION['lampath']."lib/lamdaemon.pl")." ".$towrite;
|
$command = escapeshellarg($_SESSION['lampath']."lib/lamdaemon.pl")." ".$towrite;
|
||||||
$pipe = popen("echo \"$userstring\"|$command" , 'r');
|
$pipe = popen("echo \"$userstring\"|$command" , 'r');
|
||||||
while(!feof($pipe)) {
|
while(!feof($pipe)) {
|
||||||
|
@ -85,7 +86,12 @@ function lamdaemon($commands) {
|
||||||
}
|
}
|
||||||
pclose($pipe);
|
pclose($pipe);
|
||||||
}
|
}
|
||||||
|
if (sizeof($output_array) > 0) {
|
||||||
return $output_array;
|
return $output_array;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -205,9 +205,23 @@ else {
|
||||||
$remotepath = shift @ARGV;
|
$remotepath = shift @ARGV;
|
||||||
use Net::SSH::Perl;
|
use Net::SSH::Perl;
|
||||||
if ($ARGV[2] eq "*test") { print "Net::SSH::Perl successfully installed.\n"; }
|
if ($ARGV[2] eq "*test") { print "Net::SSH::Perl successfully installed.\n"; }
|
||||||
|
if (($ARGV[0] eq "-") and ($ARGV[1] eq "-")) { # user+passwd are in STDIN
|
||||||
|
$username = <STDIN>;
|
||||||
|
chop($username);
|
||||||
|
@username = split (',', $username);
|
||||||
|
$username[0] =~ s/uid=//;
|
||||||
|
$username[0] =~ s/cn=//;
|
||||||
|
$username = $username[0];
|
||||||
|
$password = <STDIN>;
|
||||||
|
chop($password);
|
||||||
|
}
|
||||||
|
else {
|
||||||
@username = split (',', $ARGV[0]);
|
@username = split (',', $ARGV[0]);
|
||||||
$username[0] =~ s/uid=//;
|
$username[0] =~ s/uid=//;
|
||||||
|
$username[0] =~ s/cn=//;
|
||||||
|
$username = $username[0];
|
||||||
$password = $ARGV[1];
|
$password = $ARGV[1];
|
||||||
|
}
|
||||||
# Put all transfered lines in one string
|
# Put all transfered lines in one string
|
||||||
if ($ARGV[2] ne "*test") {
|
if ($ARGV[2] ne "*test") {
|
||||||
$string = do {local $/;<STDIN>};
|
$string = do {local $/;<STDIN>};
|
||||||
|
@ -216,7 +230,7 @@ else {
|
||||||
my $ssh = Net::SSH::Perl->new($hostname, options=>[
|
my $ssh = Net::SSH::Perl->new($hostname, options=>[
|
||||||
"UserKnownHostsFile /dev/null"],
|
"UserKnownHostsFile /dev/null"],
|
||||||
protocol => "2,1" );
|
protocol => "2,1" );
|
||||||
$ssh->login($username[0], $password);
|
$ssh->login($username, $password);
|
||||||
# Change needed to prevent buffer overrun
|
# Change needed to prevent buffer overrun
|
||||||
@string2 = split ("\n", $string);
|
@string2 = split ("\n", $string);
|
||||||
for ($i=0; $i<=$#string2; $i++) {
|
for ($i=0; $i<=$#string2; $i++) {
|
||||||
|
|
Loading…
Reference in New Issue