X-Git-Url: https://git.adam-barratt.org.uk/?p=mirror%2Fuserdir-ldap.git;a=blobdiff_plain;f=ud-fingerserv;h=fcdd57a5a7c3b5ab096eb3d5bf5edf3ad41c44fc;hp=915715df07438542ee08082e5f5e1e9bbd267f6a;hb=HEAD;hpb=5364d2c2f24115fd1c27a19099a2321fe93fa5d4 diff --git a/ud-fingerserv b/ud-fingerserv index 915715d..fcdd57a 100755 --- a/ud-fingerserv +++ b/ud-fingerserv @@ -1,75 +1,172 @@ #!/usr/bin/perl -# $Id: ud-fingerserv,v 1.2 1999/10/05 02:54:29 tausq Exp $ +# $Id: ud-fingerserv,v 1.19 2004/11/18 19:10:57 joey Exp $ # (c) 1999 Randolph Chung. Licensed under the GPL. +# (c) 2004 Martin Schulze. Licensed under the GPL. +# Copyright (c) 2008 Peter Palfrader -use lib 'web'; +use lib '/var/www/userdir-ldap/'; +#use lib '/home/randolph/projects/userdir-ldap/web'; use strict vars; -#use Apache::Registry; +use IO::Handle; use IO::Socket; +use POSIX qw(:sys_wait_h); +use Getopt::Std; use Util; -use Net::LDAP qw(:all); +use Net::LDAP; # Global settings... my %config = &Util::ReadConfigFile; +my %opts; +getopts("fiqhvl:", \%opts); +my $use_inetd = $config{use_inetd} || $opts{i}; +$| = 1; my %attrs = ( 'cn' => 'First name', 'mn' => 'Middle name', 'sn' => 'Last name', + 'email' => 'Email', 'keyfingerprint' => 'Fingerprint', 'key' => 'Key block', - 'ircnick' => 'IRC nickname' + 'ircnick' => 'IRC nickname', + 'icquin' => 'ICQ UIN', + 'jabberjid' => 'Jabber ID', + 'labeleduri' => 'URL' ); -my @summarykeys = ('cn', 'mn', 'sn', 'ircnick', 'keyfingerprint', 'key'); - -my ($ldap, $mesg, $dn, $entries, $data, %output, $key, $hostlist, $hostdetails, $selected, %summary); -sub DieHandler { - $ldap->unbind if (defined($ldap)); -} +my @summarykeys = ('cn', 'mn', 'sn', 'email', 'labeleduri', 'ircnick', 'icquin', 'jabberjid', 'keyfingerprint', 'key'); $SIG{__DIE__} = \&DieHandler; +$SIG{INT} = \&DieHandler; +$SIG{CHLD} = \&Reaper; + +&help if (defined($opts{h})); + +my $logfh; +unless ($opts{i} || $opts{f}) { + die "Need logfile unless running foreground\n" unless (defined($opts{l})); + open ($logfh, $opts{l}) or die "Can't open logfile: $!\n"; +} else { + $logfh = \*STDOUT; +} -$ldap = Net::LDAP->new($config{ldaphost}) || &Util::HTMLError($!); -$mesg; +&log("Binding to LDAP server at $config{ldaphost}") if (defined($opts{v})); +my $ldap = Net::LDAP->new($config{ldaphost}) || die $1; $ldap->bind; -my $server = IO::Socket::INET->new(Proto => 'tcp', - LocalPort => 'finger(79)', - Listen => SOMAXCONN, - Reuse => 1); +if (!$use_inetd) { + + unless ($opts{f}) { + use POSIX 'setsid'; + chdir '/' or die "Can't chdir to /: $!"; + open STDIN, '/dev/null' or die "Can't read /dev/null: $!"; + open STDOUT, '>/dev/null' or die "Can't write to /dev/null: $!"; + my $pid; + defined($pid = fork) or die "Can't fork: $!"; + exit if $pid; + setsid or die "Can't start a new session: $!"; + defined($pid = fork) or die "Can't fork: $!"; + exit if $pid; + open STDERR, '>&STDOUT' or die "Can't dup stdout: $!"; + } + + &log("Binding to port 79") if (defined($opts{v})); + my $server = IO::Socket::INET->new(Proto => 'tcp', + LocalPort => 'finger(79)', + Listen => SOMAXCONN, + Reuse => 1); + + mydie("Cannot listen on finger port") unless $server; + &log("[Server listening for connections]"); + + my ($pid, $client, $hostinfo); + + while ($client = $server->accept()) { + &log("Forking to handle client request") if (defined($opts{v})); + next if $pid = fork; # parent + mydie("fork: $!") unless defined $pid; + + # child + $client->autoflush(1); + my $hostinfo = gethostbyaddr($client->peeraddr, AF_INET); + &log(sprintf("[Connect from %s]", $hostinfo || $client->peerhost)); + my $query = &readdata($client); + &ProcessQuery($client, $query) if (defined($query)); + $client->close; + exit; + } continue { + $client->close; + } +} else { # inetd + &log("inetd mode"); + my $sockaddr = getpeername(STDIN); + if ($sockaddr) { + my ($port, $addr) = unpack_sockaddr_in(getpeername(STDIN)); + &log(sprintf("[Connect from %s (%s)]", gethostbyaddr($addr, AF_INET), inet_ntoa($addr))); + } else { + &log("[Connect via terminal]"); + } + my $query = &readdata(\*STDIN); + &ProcessQuery(\*STDOUT, $query) if (defined($query)); + exit; +} + +$ldap->unbind; + +sub DieHandler { + $ldap->unbind if (defined($ldap)); + exit 0; +} -die "Cannot listen on finger port" unless $server; -print "[Server listening for connections]\n"; +sub Reaper { + 1 until (-1 == waitpid(-1, WNOHANG)); + $SIG{CHLD} = \&Reaper; +} -my ($mesg, %entries, $dn, $key); +sub ProcessQuery { + my $client = shift; + my $query = shift; + + my ($uid, $fields, $mesg, $entries, $dn, $key, $pid, $data); -my $client; -while ($client = $server->accept()) { - $client->autoflush(1); - my $hostinfo = gethostbyaddr($client->peeraddr, AF_INET); - printf "[Connect from %s]\n", $hostinfo || $client->peerhost; - my $query = <$client>; $query =~ s/[^\/,0-9a-z]//gi; # be paranoid about input my ($uid, $fields) = split(/\//, $query, 2); - print "Looking up $uid at $config{basedn}, uid=$uid\n"; + if (($uid eq "") || ($uid =~ /^help$/i)) { + &sendhelp($client); + return; + } + + &log("Looking up $uid at $config{basedn}, uid=$uid"); $mesg = $ldap->search(base => $config{basedn}, filter => "uid=$uid"); - $mesg->code && die $mesg->error; + $mesg->code && mydie $mesg->error; $entries = $mesg->as_struct; + if ($mesg->count == 0) { + print $client "$uid not found at db.debian.org\n"; + exit 0; + } + foreach $dn (sort {$entries->{$a}->{sn}->[0] <=> $entries->{$b}->{sn}->[0]} keys(%$entries)) { $data = $entries->{$dn}; - $data->{key} = []; - foreach (@{$data->{keyfingerprint}}) { - push (@{$data->{key}}, "\n".&Util::FetchKey($_)); + $data->{email}->[0] = sprintf("%s %s %s <%s>", $data->{cn}->[0], + $data->{mn}->[0], $data->{sn}->[0], + $data->{uid}->[0]."\@$config{emailappend}"); + + $data->{email}->[0] =~ s/\s+/ /g; + + my @keyfingerprint = (); + for (my $i=0; $i <= $#{$data->{'keyfingerprint'}}; $i++) { + push (@keyfingerprint, $data->{keyfingerprint}->[$i]); + $data->{keyfingerprint}->[$i] = &Util::FormatFingerPrint($data->{keyfingerprint}->[$i]); + $data->{keyfingerprint}->[$i] =~ s, , ,; } - print $client "$dn\n"; if (!$fields) { + push (@{$data->{key}}, sprintf ("finger %s/key\@db.debian.org", $uid)); foreach $key (@summarykeys) { foreach (@{$data->{$key}}) { print $client "$attrs{$key}: "; @@ -77,8 +174,13 @@ while ($client = $server->accept()) { } } } else { -# print "$fields\n"; + # print "$fields\n"; foreach $key (split(/,/, $fields)) { + if ($key eq 'key') { + foreach (@keyfingerprint) { + push (@{$data->{key}}, "\n".&Util::FetchKey($_), 0); + } + } foreach (@{$data->{$key}}) { print $client "$attrs{$key}: "; print $client "$_\n"; @@ -86,7 +188,69 @@ while ($client = $server->accept()) { } } } - $client->close; +} + +sub help { + print "fingerserv [-f | -l | -i | -q | -v | -h]\n"; + print "-f = foreground; do not detach from tty\n"; + print "-i = inetd mode; otherwise runs standalone\n"; + print "-q = quiet mode; no output\n"; + print "-v = verbose mode\n"; + print "-h = this help message\n"; + print "-l = log file. Necessary if not using -f or -i\n"; + exit 0; } -$ldap->unbind; +sub log { + my $msg = shift; + return if (defined($opts{q})); + + my $time = localtime; + print $logfh "$time $msg\n"; +} + +sub mydie { + my $msg = shift; + log($msg); + exit 1; +} + +sub readdata { + my $fh = shift; + my $in = undef; + my $out = undef; + my $bytesread = 0; + my $ret; + + my $flags= fcntl($fh, F_GETFL, 0) + or mydie "Can't get flags for socket: $!\n"; + fcntl($fh, F_SETFL, $flags | O_NONBLOCK) + or mydie "Can't make socket nonblocking: $!\n"; + + while (($bytesread < 1024) && ($out !~ /\n/)) { + $ret = sysread($fh, $in, 1024); + return undef if (!defined($ret) || ($ret == 0)); + $bytesread += $ret; + $out .= $in; + } + + $out =~ /(.*?)\n/; + return $1; +} + +sub sendhelp { + my $client = shift; + + print $client "userdir-ldap finger daemon\n"; + print $client "--------------------------\n"; + print $client "finger [/]\@db.debian.org\n"; + print $client " where uid is the user id of the user\n"; + print $client " the optional attributes parameter specifies what to return\n"; + print $client " if nothing is specified, all attributes are returned.\n"; + print $client " The following attributes are currently supported:\n"; + foreach (@summarykeys) { + print $client " $_ : $attrs{$_}\n"; + } + print $client " Multiple attributes can be separated by commas, like this:\n"; + print $client " finger tux/email,key\@db.debian.org\n"; +}