#!/usr/bin/perl
-# $Id: ud-fingerserv,v 1.2 1999/10/05 02:54:29 tausq Exp $
+# $Id: ud-fingerserv,v 1.14 2000/02/21 06:08:32 tausq Exp $
# (c) 1999 Randolph Chung. Licensed under the GPL. <tausq@debian.org>
-use lib 'web';
+use lib '/var/www/userdir-ldap/';
+#use lib '/home/randolph/projects/userdir-ldap/web';
use strict vars;
-#use Apache::Registry;
+use IO::Handle;
use IO::Socket;
+use POSIX qw(:sys_wait_h);
+use Getopt::Std;
use Util;
use Net::LDAP qw(:all);
# Global settings...
my %config = &Util::ReadConfigFile;
+my %opts;
+getopts("iqhv", \%opts);
+my $use_inetd = $config{use_inetd} || $opts{i};
+$| = 1;
my %attrs = (
'cn' => 'First name',
'mn' => 'Middle name',
'sn' => 'Last name',
+ 'email' => 'Email',
'keyfingerprint' => 'Fingerprint',
'key' => 'Key block',
- 'ircnick' => 'IRC nickname'
+ 'ircnick' => 'IRC nickname',
+ 'labeledurl' => 'URL'
);
-my @summarykeys = ('cn', 'mn', 'sn', 'ircnick', 'keyfingerprint', 'key');
-
-my ($ldap, $mesg, $dn, $entries, $data, %output, $key, $hostlist, $hostdetails, $selected, %summary);
-sub DieHandler {
- $ldap->unbind if (defined($ldap));
-}
+my @summarykeys = ('cn', 'mn', 'sn', 'email', 'labeledurl', 'ircnick', 'keyfingerprint', 'key');
$SIG{__DIE__} = \&DieHandler;
+$SIG{INT} = \&DieHandler;
+$SIG{CHLD} = \&Reaper;
+
+&help if (defined($opts{h}));
+#my $logfh = STDOUT; #TODO
-$ldap = Net::LDAP->new($config{ldaphost}) || &Util::HTMLError($!);
-$mesg;
+&log("Binding to LDAP server at $config{ldaphost}") if (defined($opts{v}));
+my $ldap = Net::LDAP->new($config{ldaphost}) || die $1;
$ldap->bind;
-my $server = IO::Socket::INET->new(Proto => 'tcp',
- LocalPort => 'finger(79)',
- Listen => SOMAXCONN,
- Reuse => 1);
+if (!$use_inetd) {
+ &log("Binding to port 79") if (defined($opts{v}));
+ my $server = IO::Socket::INET->new(Proto => 'tcp',
+ LocalPort => 'finger(79)',
+ Listen => SOMAXCONN,
+ Reuse => 1);
+
+ die "Cannot listen on finger port" unless $server;
+ &log("[Server listening for connections]");
+
+ my ($pid, $client, $hostinfo);
+
+ while ($client = $server->accept()) {
+ &log("Forking to handle client request") if (defined($opts{v}));
+ next if $pid = fork; # parent
+ die "fork: $!" unless defined $pid;
+
+ # child
+ $client->autoflush(1);
+ my $hostinfo = gethostbyaddr($client->peeraddr, AF_INET);
+ &log(sprintf("[Connect from %s]", $hostinfo || $client->peerhost));
+ my $query = &readdata($client);
+ &ProcessQuery($client, $query) if (defined($query));
+ $client->close;
+ exit;
+ } continue {
+ $client->close;
+ }
+} else { # inetd
+ &log("inetd mode");
+ my $sockaddr = getpeername(STDIN);
+ my ($port, $addr) = unpack_sockaddr_in(getpeername(STDIN));
+ &log(sprintf("[Connect from %s (%s)]", gethostbyaddr($addr, AF_INET), inet_ntoa($addr)));
+ my $query = &readdata(\*STDIN);
+ &ProcessQuery(\*STDOUT, $query) if (defined($query));
+ exit;
+}
+
+$ldap->unbind;
-die "Cannot listen on finger port" unless $server;
-print "[Server listening for connections]\n";
+sub DieHandler {
+ $ldap->unbind if (defined($ldap));
+ exit 0;
+}
-my ($mesg, %entries, $dn, $key);
+sub Reaper {
+ 1 until (-1 == waitpid(-1, WNOHANG));
+ $SIG{CHLD} = \&Reaper;
+}
+
+sub ProcessQuery {
+ my $client = shift;
+ my $query = shift;
+
+ my ($uid, $fields, $mesg, $entries, $dn, $key, $pid, $data);
-my $client;
-while ($client = $server->accept()) {
- $client->autoflush(1);
- my $hostinfo = gethostbyaddr($client->peeraddr, AF_INET);
- printf "[Connect from %s]\n", $hostinfo || $client->peerhost;
- my $query = <$client>;
$query =~ s/[^\/,0-9a-z]//gi; # be paranoid about input
my ($uid, $fields) = split(/\//, $query, 2);
- print "Looking up $uid at $config{basedn}, uid=$uid\n";
+ if (($uid eq "") || ($uid =~ /^help$/i)) {
+ &sendhelp($client);
+ return;
+ }
+
+ &log("Looking up $uid at $config{basedn}, uid=$uid");
$mesg = $ldap->search(base => $config{basedn}, filter => "uid=$uid");
$mesg->code && die $mesg->error;
$entries = $mesg->as_struct;
+ if ($mesg->count == 0) {
+ print $client "$uid not found at db.debian.org\n";
+ exit 0;
+ }
+
foreach $dn (sort {$entries->{$a}->{sn}->[0] <=> $entries->{$b}->{sn}->[0]} keys(%$entries)) {
$data = $entries->{$dn};
foreach (@{$data->{keyfingerprint}}) {
push (@{$data->{key}}, "\n".&Util::FetchKey($_));
}
-
+
+ $data->{email}->[0] = sprintf("%s %s %s <%s>", $data->{cn}->[0],
+ $data->{mn}->[0], $data->{sn}->[0],
+ $data->{uid}->[0]."\@$config{emailappend}");
+
+ $data->{email}->[0] =~ s/\s+/ /g;
+
print $client "$dn\n";
if (!$fields) {
foreach $key (@summarykeys) {
}
}
} else {
-# print "$fields\n";
+ # print "$fields\n";
foreach $key (split(/,/, $fields)) {
foreach (@{$data->{$key}}) {
print $client "$attrs{$key}: ";
}
}
}
- $client->close;
+}
+
+sub help {
+ print "fingerserv [-i | -q | -v | -h]\n";
+ print "-i = inetd mode; otherwise runs standalone\n";
+ print "-q = quiet mode; no output\n";
+ print "-v = verbose mode\n";
+ print "-h = this help message\n";
+ exit 0;
}
-$ldap->unbind;
+sub log {
+ my $msg = shift;
+ return if (defined($opts{q}));
+
+ my $time = localtime;
+ print STDERR "$time $msg\n";
+}
+
+sub readdata {
+ my $fh = shift;
+ my $in = undef;
+ my $out = undef;
+ my $bytesread = 0;
+ my $ret;
+
+ my $flags= fcntl($fh, F_GETFL, 0)
+ or die "Can't get flags for socket: $!\n";
+ fcntl($fh, F_SETFL, $flags | O_NONBLOCK)
+ or die "Can't make socket nonblocking: $!\n";
+
+ while (($bytesread < 1024) && ($out !~ /\n/)) {
+ $ret = sysread($fh, $in, 1024);
+ return undef if (!defined($ret) || ($ret == 0));
+ $bytesread += $ret;
+ $out .= $in;
+ }
+
+ $out =~ /(.*?)\n/;
+ return $1;
+}
+
+sub sendhelp {
+ my $client = shift;
+
+ print $client "userdir-ldap finger daemon\n";
+ print $client "--------------------------\n";
+ print $client "finger <uid>[/<attributes>]\@db.debian.org\n";
+ print $client " where uid is the user id of the user\n";
+ print $client " the optional attributes parameter specifies what to return\n";
+ print $client " if nothing is specified, all attributes are returned.\n";
+ print $client " The following attributes are currently supported:\n";
+ foreach (@summarykeys) {
+ print $client " $_ : $attrs{$_}\n";
+ }
+ print $client " Multiple attributes can be separated by commas, like this:\n";
+ print $client " finger tux/email,key\@db.debian.org\n";
+}