From: joey <>
Date: Thu, 18 Nov 2004 13:27:46 +0000 (+0000)
Subject: Export the ssh key fingerprints for verification as well
X-Git-Tag: release-0.3.33~92
X-Git-Url: https://git.adam-barratt.org.uk/?p=mirror%2Fuserdir-ldap-cgi.git;a=commitdiff_plain;h=1b1626e3f21764ab7fbd733161df607699e8c940

Export the ssh key fingerprints for verification as well
---

diff --git a/machines.cgi b/machines.cgi
index 938e330..de4d30f 100755
--- a/machines.cgi
+++ b/machines.cgi
@@ -1,7 +1,8 @@
 #!/usr/bin/perl
-# $Id: machines.cgi,v 1.10 2001/12/03 05:02:13 rmurray Exp $
+# $Id: machines.cgi,v 1.11 2004/11/18 14:27:46 joey Exp $
 
 # (c) 1999 Randolph Chung. Licensed under the GPL. <tausq@debian.org>
+# (c) 2004 Martin Schulze. Licensed under the GPL. <joey@debian.org>
 
 use lib '.';
 use strict vars;
@@ -9,6 +10,8 @@ use strict vars;
 use CGI;
 use Util;
 use Net::LDAP qw(:all);
+use Fcntl;
+use POSIX;
 
 my (%attrs, @attrorder, %summaryattrs, @summaryorder);
 
@@ -28,6 +31,7 @@ my (%attrs, @attrorder, %summaryattrs, @summaryorder);
 	  'status' => 'Status',
 	  'notes' => 'Notes',
 	  'sshrsahostkey' => 'SSH host key',
+	  'sshrsahostfprint' => 'SSH host fingerprint',
 	  'description' => 'Description',
 	  'createtimestamp' => 'Entry created',
 	  'modifytimestamp' => 'Entry modified'
@@ -36,7 +40,7 @@ my (%attrs, @attrorder, %summaryattrs, @summaryorder);
 # This defines what fields are displayed, and in what order
 @attrorder = qw(hostname admin architecture distribution access
                 sponsor sponsor-admin location machine memory
-	        disk bandwidth status notes sshrsahostkey
+	        disk bandwidth status notes sshrsahostkey sshrsahostfprint
 		description createtimestamp modifytimestamp);
 
 # ditto for summary
@@ -57,6 +61,30 @@ sub DieHandler {
   $ldap->unbind if (defined($ldap));
 }
 
+sub sshfingerprint {
+    my $keys = shift;
+    my $res = '';
+    my $fn = '';
+
+    return '' if (!$keys);
+    do {
+	$fn = tmpnam();
+    } until sysopen(FH, $fn, O_RDWR|O_CREAT|O_EXCL, 0600);
+
+    foreach my $key (split(/<br>/, $keys)) {
+	printf FH "foo %s\n", $key;
+    }
+    close (FH);
+
+    if (open (S, "ssh-keygen -l -f $fn|")) {
+	$res = join("\n", <S>);
+	close (S);
+    }
+    $res =~ s/\n/<br>/g;
+    unlink ($fn);
+    return $res;
+}
+
 $SIG{__DIE__} = \&DieHandler;
 
 my $query = new CGI;
@@ -101,6 +129,8 @@ foreach $dn (sort {$entries->{$a}->{host}->[0] cmp $entries->{$b}->{host}->[0]}
     foreach $key (@{$data->{sshrsahostkey}}) {
       $output{sshrsahostkey} .= $key . "<br>";
     }
+
+    $output{sshrsahostfprint} = sshfingerprint($output{sshrsahostkey});
     
     # URL
     my ($sponsor, $url) = undef;