diff options
Diffstat (limited to 'base/tps/forms/esc/cgi-bin/sow/cfg.pl')
-rwxr-xr-x | base/tps/forms/esc/cgi-bin/sow/cfg.pl | 174 |
1 files changed, 174 insertions, 0 deletions
diff --git a/base/tps/forms/esc/cgi-bin/sow/cfg.pl b/base/tps/forms/esc/cgi-bin/sow/cfg.pl new file mode 100755 index 000000000..d616fa136 --- /dev/null +++ b/base/tps/forms/esc/cgi-bin/sow/cfg.pl @@ -0,0 +1,174 @@ +#! /usr/bin/perl +# +# --- BEGIN COPYRIGHT BLOCK --- +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301 USA +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +# + +use Mozilla::LDAP::Conn; +use PKI::TPS::Common; + +# +# Feel free to modify the following parameters: +# +my $ldapHost = "localhost"; +my $ldapPort = "389"; +my $basedn = "ou=People,dc=sfbay,dc=redhat,dc=com"; +my $port = "7888"; +my $secure_port = "7889"; +my $host = "localhost"; + +my $cfg = "/var/lib/pki-tps/conf/CS.cfg"; + +sub get_ldap_host() +{ + my $ldapport = `grep auth.instance.0.hostport $cfg | cut -c26-`; + chomp($ldapport); + my ($ldapHost, $p) = split(/:/, $ldapport); + return $ldapHost; +} + +sub get_ldap_port() +{ + my $ldapport = `grep auth.instance.0.hostport $cfg | cut -c26-`; + chomp($ldapport); + my ($p, $ldapPort) = split(/:/, $ldapport); + return $ldapPort; +} + +sub get_ldap_secure() +{ + my $ldapsecure = `grep auth.instance.0.ssl $cfg | cut -c21-`; + chomp($ldapsecure); + return $ldapsecure; +} + +sub get_ldap_certdir() +{ + my $ldapcertdir = `grep service.instanceDir $cfg | cut -c21-`; + chomp($ldapcertdir); + return $ldapcertdir . "/alias"; +} + +sub get_base_dn() +{ + my $basedn = `grep auth.instance.0.baseDN $cfg | cut -c24-`; + chomp($basedn); + return $basedn; +} + +sub get_port() +{ + my $port = `grep service.unsecurePort $cfg | cut -c22-`; + chomp($port); + return $port; +} + +sub get_secure_port() +{ + my $secure_port = `grep service.securePort $cfg | cut -c20-`; + chomp($secure_port); + return $secure_port; +} + +sub get_host() +{ + my $host = `grep service.machineName $cfg | cut -c21-`; + chomp($host); + return $host; +} + +sub is_agent() +{ + my ($dn) = @_; + + my $uid = $dn; + # need to map a subject dn into user DN + $uid =~ /uid=([^,]*)/; # retrieve the uid + $uid = $1; + + my $x_hostport = `grep -e "^tokendb.hostport" $cfg | cut -c18-`; + chomp($x_hostport); + my ($x_host, $x_port) = split(/:/, $x_hostport); + + my $x_secureconn = `grep -e "^tokendb.ssl" $cfg | cut -c13-`; + chomp($x_secureconn); + my $x_basedn = `grep -e "^tokendb.userBaseDN" $cfg | cut -c20-`; + chomp($x_basedn); + my $x_binddn = `grep -e "^tokendb.bindDN" $cfg | cut -c16-`; + chomp($x_binddn); + my $x_bindpwdpath = `grep -e "^tokendb.bindPassPath" $cfg | cut -c22-`; + chomp($x_bindpwdpath); + my $x_bindpwd = `grep -e "^tokendbBindPass" $x_bindpwdpath | cut -c17-`; + chomp($x_bindpwd); + + my $ldap = PKI::TPS::Common::make_connection( + {host => $x_host, port => $x_port, pswd => $x_bindpwd, bind => $x_binddn, cert => $x_certdir}, + $x_secureconn); + + return 0 if (! $ldap); + + my $entry = $ldap->search ( "cn=TUS Officers,ou=Groups,$x_basedn", + "sub", + "uid=$uid", + 0 + ); + + $ldap->close(); + + if ($entry) { + return 1; + } + return 0; +} + +sub is_user() +{ + my ($dn) = @_; + + my $uid = $dn; + # need to map a subject dn into user DN + $uid =~ /uid=([^,]*)/; # retrieve the uid + $uid = $1; + + my $x_host = get_ldap_host(); + my $x_port = get_ldap_port(); + my $x_secureconn = get_ldap_secure(); + my $x_basedn = get_base_dn(); + my $x_certdir = get_ldap_certdir(); + + my $ldap = PKI::TPS::Common::make_connection( + {host => $x_host, port => $x_port, cert => $x_certdir}, + $x_secureconn); + + return 0 if (! $ldap); + + my $entry = $ldap->search ( "ou=people,$x_basedn", + "sub", + "uid=$uid", + 0 + ); + + $ldap->close(); + + if ($entry) { + return 1; + } + return 0; +} + |