summaryrefslogtreecommitdiffstats
path: root/bin/flogin.in
diff options
context:
space:
mode:
authorTar Committer <tar@ocjtech.us>2004-01-12 03:17:26 +0000
committerTar Committer <tar@ocjtech.us>2004-01-12 03:17:26 +0000
commit989312339ea2e16579803a48700628c5469e327a (patch)
tree967ee77195819d70f2dc675444e92340bb98e0d6 /bin/flogin.in
parentff168ecfe045c690c24d5bbc5a3062bf9d64120c (diff)
downloadrancid-989312339ea2e16579803a48700628c5469e327a.zip
rancid-989312339ea2e16579803a48700628c5469e327a.tar.gz
rancid-989312339ea2e16579803a48700628c5469e327a.tar.xz
Imported from rancid-2.3.rc1.tar.gz.rancid-2.3.rc1
Diffstat (limited to 'bin/flogin.in')
-rw-r--r--[-rwxr-xr-x]bin/flogin.in95
1 files changed, 64 insertions, 31 deletions
diff --git a/bin/flogin.in b/bin/flogin.in
index 1a34068..169e522 100755..100644
--- a/bin/flogin.in
+++ b/bin/flogin.in
@@ -1,21 +1,26 @@
-#!@EXPECT_PATH@ --
+#! @EXPECT_PATH@ --
##
+## $Id: flogin.in,v 1.32 2004/01/11 05:39:15 heas Exp $
##
-## Copyright (C) 1997-2001 by Henry Kilmer, Erik Sherk and Pete Whiting.
+## Copyright (C) 1997-2004 by Terrapin Communications, Inc.
## All rights reserved.
##
-## This software may be freely copied, modified and redistributed without
-## fee for non-commerical purposes provided that this copyright notice is
-## preserved intact on all copies and modified copies.
-##
+## This software may be freely copied, modified and redistributed
+## without fee for non-commerical purposes provided that this license
+## remains intact and unmodified with any RANCID distribution.
+##
## There is no warranty or other guarantee of fitness of this software.
-## It is provided solely "as is". The author(s) disclaim(s) all
+## It is provided solely "as is". The author(s) disclaim(s) all
## responsibility and liability with respect to this software's usage
## or its effect upon hardware, computer systems, other software, or
## anything else.
##
+## Except where noted otherwise, rancid was written by and is maintained by
+## Henry Kilmer, John Heasley, Andrew Partan, Pete Whiting, and Austin Schutz.
##
#
+# The login expect scripts were based on Erik Sherk's gwtn, by permission.
+#
# flogin - foundry login
#
# Most options are intuitive for logging into a foundry switch.
@@ -46,8 +51,9 @@ set do_command 0
set do_script 0
# The default is to automatically enable
set enable 1
-# The default is that you login non-enabled (tacacs can have you login already enabled)
-set autoenable 0
+# The default is that you login non-enabled (tacacs can have you login already
+# enabled)
+set avautoenable 0
# The default is to look in the password file to find the passwords. This
# tracks if we receive them on the command line.
set do_passwd 1
@@ -58,6 +64,8 @@ if {[ info exists env(CISCO_USER) ] } {
set default_user $env(CISCO_USER)
} elseif {[ info exists env(USER) ]} {
set default_user $env(USER)
+} elseif {[ info exists env(LOGNAME) ]} {
+ set default_user $env(LOGNAME)
} else {
# This uses "id" which I think is portable. At least it has existed
# (without options) on all machines/OSes I've been on recently -
@@ -113,7 +121,7 @@ for {set i 0} {$i < $argc} {incr i} {
if {[ regexp .\[E\](.+)=(.+) $arg ignore varname varvalue]} {
set E$varname $varvalue
} else {
- send_user "Error: invalid format for -E in $arg\n"
+ send_user "\nError: invalid format for -E in $arg\n"
exit 1
}
# Enable Password
@@ -181,7 +189,7 @@ for {set i 0} {$i < $argc} {incr i} {
set enable 0
# Does tacacs automatically enable us?
} -autoenable {
- set autoenable 1
+ set avautoenable 1
set enable 0
} -* {
send_user "\nError: Unknown argument! $arg\n"
@@ -277,7 +285,7 @@ proc source_password_file { password_file } {
# Log into the router.
proc login { router user userpswd passwd enapasswd cmethod cyphertype } {
global spawn_id in_proc do_command do_script platform
- global prompt u_prompt p_prompt e_prompt
+ global prompt u_prompt p_prompt e_prompt sshcmd
set in_proc 1
set uprompt_seen 0
@@ -296,8 +304,8 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } {
exit 1
}
} elseif ![string compare $prog "ssh"] {
- if [ catch {spawn ssh -c $cyphertype -x -l $user $router} reason ] {
- send_user "\nError: ssh failed: $reason\n"
+ if [ catch {spawn $sshcmd -c $cyphertype -x -l $user $router} reason ] {
+ send_user "\nError: $sshcmd failed: $reason\n"
exit 1
}
} elseif ![string compare $prog "rsh"] {
@@ -341,24 +349,39 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } {
# then it will just send the passwd.
# if telnet fails with connection refused, try ssh
expect {
- -re "(Connection refused|Secure connection \[^\n\r]+ refused|Connection closed by|Telnet server disabled)" {
+ -re "(Connection refused|Secure connection \[^\n\r]+ refused)" {
+ catch {close}; wait
+ if !$progs {
+ send_user "\nError: Connection Refused ($prog): $router\n"
+ return 1
+ }
+ }
+ -re "(Connection closed by|Connection to \[^\n\r]+ closed)" {
catch {close}; wait
if !$progs {
- send_user "\nError: Connection Refused ($prog)\n"; return 1
+ send_user "\nError: Connection closed ($prog): $router\n"
+ return 1
+ }
+ }
+ -re "Telnet server disabled" {
+ catch {close}; wait
+ if !$progs {
+ send_user "\nError: Connection Refused ($prog): $router\n"
+ return 1
}
}
eof { send_user "\nError: Couldn't login\n"; wait; return 1 }
-nocase "unknown host\r" {
catch {close};
- send_user "\nError: Unknown host\n"; wait; return 1
+ send_user "\nError: Unknown host $router\n"; wait; return 1
}
"Host is unreachable" {
catch {close};
- send_user "\nError: Host Unreachable!\n"; wait; return 1
+ send_user "\nError: Host Unreachable: $router\n"; wait; return 1
}
"No address associated with name" {
catch {close};
- send_user "\nError: Unknown host\n"; wait; return 1
+ send_user "\nError: Unknown host $router\n"; wait; return 1
}
-re "(Host key not found |The authenticity of host .* be established).*\(yes\/no\)\?" {
send "yes\r"
@@ -406,7 +429,7 @@ proc login { router user userpswd passwd enapasswd cmethod cyphertype } {
}
"$prompt" { break; }
"Login invalid" {
- send_user "\nError: Invalid login\n";
+ send_user "\nError: Invalid login: $router\n";
catch {close}; wait; return 1
}
}
@@ -432,6 +455,10 @@ proc do_enable { enauser enapasswd } {
denied { send_user "\nError: Check your Enable passwd\n";
return 1
}
+ "Incorrect username or password" {
+ send_user "\nError: Check your Enable passwd\n";
+ return 1
+ }
"% Bad passwords" { send_user "\nError: Check your Enable passwd\n";
return 1
}
@@ -496,7 +523,9 @@ foreach router [lrange $argv $i end] {
# Since autoenable is off by default, if we have it defined, it
# was done on the command line. If it is not specifically set on the
# command line, check the password file.
- if $autoenable {
+ if $avautoenable {
+ set autoenable 1
+ set enable 0
set prompt "#"
} else {
set ae [find autoenable $router]
@@ -514,15 +543,15 @@ foreach router [lrange $argv $i end] {
if { $do_passwd || $do_enapasswd } {
set pswd [find password $router]
if { [llength $pswd] == 0 } {
- send_user "Error: no password for $router in $password_file.\n"
+ send_user "\nError: no password for $router in $password_file.\n"
continue
}
if { $enable && $do_enapasswd && $autoenable == 0 && [llength $pswd] < 2 } {
- send_user "Error: no enable password for $router in $password_file.\n"
+ send_user "\nError: no enable password for $router in $password_file.\n"
continue
}
- set passwd [lindex $pswd 0]
- set enapasswd [lindex $pswd 1]
+ set passwd [join [lindex $pswd 0] ""]
+ set enapasswd [join [lindex $pswd 1] ""]
}
# Figure out username
@@ -530,7 +559,7 @@ foreach router [lrange $argv $i end] {
# command line username
set ruser $username
} else {
- set ruser [find user $router]
+ set ruser [join [find user $router] ""]
if { "$ruser" == "" } { set ruser $default_user }
}
@@ -539,7 +568,7 @@ foreach router [lrange $argv $i end] {
# command line username
set userpswd $userpasswd
} else {
- set userpswd [find userpassword $router]
+ set userpswd [join [find userpassword $router] ""]
if { "$userpswd" == "" } { set userpswd $passwd }
}
@@ -548,7 +577,7 @@ foreach router [lrange $argv $i end] {
# command line enausername
set enauser $enausername
} else {
- set enauser [find enauser $router]
+ set enauser [join [find enauser $router] ""]
if { "$enauser" == "" } { set enauser $ruser }
}
@@ -557,19 +586,19 @@ foreach router [lrange $argv $i end] {
if { "$u_prompt" == "" } {
set u_prompt "(Username|login|Name|User Name):"
} else {
- set u_prompt [lindex $u_prompt 0]
+ set u_prompt [join [lindex $u_prompt 0] ""]
}
set p_prompt [find passprompt $router]
if { "$p_prompt" == "" } {
set p_prompt "(\[Pp]assword):"
} else {
- set p_prompt [lindex $p_prompt 0]
+ set p_prompt [join [lindex $p_prompt 0] ""]
}
set e_prompt [find enableprompt $router]
if { "$e_prompt" == "" } {
set e_prompt "\[Pp]assword:"
} else {
- set e_prompt [lindex $e_prompt 0]
+ set e_prompt [join [lindex $e_prompt 0] ""]
}
# Figure out cypher tpye
@@ -585,6 +614,10 @@ foreach router [lrange $argv $i end] {
set cmethod [find method $router]
if { "$cmethod" == "" } { set cmethod {{telnet} {ssh}} }
+ # Figure out the SSH executable name
+ set sshcmd [find sshcmd $router]
+ if { "$sshcmd" == "" } { set sshcmd {ssh} }
+
# Login to the router
if {[login $router $ruser $userpswd $passwd $enapasswd $cmethod $cyphertype]} {
continue