First import of ssh code, moving from gosa-25 branch

git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5-plugins@7678 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/ssh/doc/README.ssh b/ssh/doc/README.ssh
new file mode 100644 (file)
index 0000000..4141028
--- /dev/null
+++ b/ssh/doc/README.ssh
@@ -0,0 +1,29 @@
+To use the ssh connectivity extension
+
+1) Add the openssh-lpk_openldap.schema from contrib/openldap/ to your schema
+   directory
+
+# Not yet active
+#
+#2) Add the following entry in connectivity for ssh keys management of users  
+#
+#   <tab class="sshAccount" />
+
+3) Add the following entry in termtabs for ssh keys management of terminal
+
+    <tab class="servssh" name="SSH key" />
+
+4) Add the following entry in worktabs for the ssh keys management of workstations
+
+    <tab class="workssh" name="SSH key" />
+        
+5) Add the following entry in servtabs for ssh keys management of servers
+
+    <tab class="servssh" name="SSH key" />
+    
+6) if you want your ssh server to directly fetch key from the ldap, you need
+   a patched ssh with http://dev.inversepath.com/trac/openssh-lpk
+   
+    
+Mortier Benoit
+OpenSides July 2007

diff --git a/ssh/schema/openssh-lpk_openldap.schema b/ssh/schema/openssh-lpk_openldap.schema
new file mode 100644 (file)
index 0000000..409e3f5
--- /dev/null
+++ b/ssh/schema/openssh-lpk_openldap.schema
@@ -0,0 +1,29 @@
+#
+# LDAP Public Key Patch schema for use with openssh-ldappubkey
+# Author: Eric AUGE <eau@phear.org>
+# 
+# Based on the proposal of : Mark Ruijter
+#
+# Modfied july 2007 to accept key from host
+#
+# Benoit Mortier <benoit.mortier@opensides.be>
+#
+
+# octetString SYNTAX
+attributetype ( 1.3.6.1.4.1.24552.500.1.1.1.13 NAME 'sshPublicKey' 
+       DESC 'MANDATORY: OpenSSH Public key' 
+       EQUALITY octetStringMatch
+       SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+
+# printableString SYNTAX yes|no
+objectclass ( 1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' SUP top AUXILIARY
+       DESC 'MANDATORY: OpenSSH LPK objectclass'
+       MUST ( sshPublicKey $ uid ) 
+       )
+
+# printableString SYNTAX yes|no
+objectclass ( 1.3.6.1.4.1.24552.500.1.1.3.0 NAME 'HostldapPublicKey' SUP top AUXILIARY
+       DESC 'MANDATORY: OpenSSH LPK objectclass'
+       MUST ( sshPublicKey $ cn ) 
+       )
+

diff --git a/ssh/src/srv/class_servSsh.inc b/ssh/src/srv/class_servSsh.inc
new file mode 100644 (file)
index 0000000..1037fb4
--- /dev/null
+++ b/ssh/src/srv/class_servSsh.inc
@@ -0,0 +1,191 @@
+<?php
+
+/*
+  This code is part of GOsa (https://gosa.gonicus.de)
+  Copyright (C) 2007 Benoit Mortier
+
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free Software Foundation; either version 2 of the License, or
+  (at your option) any later version.
+
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+*/
+
+class servssh extends plugin
+{
+  /* Definitions */
+  var $plHeadline= "SSH systems keys";
+  var $plDescription= "This plugin store ssh public keys for systems";
+
+  var $sshPublicKey = "";
+  var $ignore_account= FALSE;
+
+  /* attribute list for save action */
+  var $attributes = array("sshPublicKey");
+  var $objectclasses = array("HostldapPublicKey");
+
+  var $uid ="";
+
+  /* Used to remember if this was an account (simply: is this an edited entry) */
+  var $initialy_was_account = false;
+
+  function servssh ($config, $dn= NULL, $parent= NULL)
+  {
+    plugin::plugin ($config, $dn, $parent);
+    
+    /* Copy needed attributes */
+    foreach($this->attributes as $val) {
+      $name = preg_replace('/_/', '-', $val);
+      if (isset($this->attrs["$name"][0])) {
+        $this->$val = $this->attrs["$name"][0];
+      }
+    }
+
+    $this->is_account            = false;
+    $this->initially_was_account = false;
+
+               if(isset($this->attrs['sshPublicKey'])) {
+        $this->is_account            = true;
+        $this->initially_was_account = true;
+    }
+
+
+  }
+
+  function execute()
+  {
+               /* Call parent execute */
+               plugin::execute();
+
+    /* Fill templating stuff 
+     */
+    $smarty= get_smarty();
+    $display= "";
+
+    /* Do we need to flip is_account state? 
+     */
+    if (isset($_POST['modify_state'])){
+
+      /* Only change account state if allowed */
+      if($this->is_account && $this->acl == "#all#"){
+        $this->is_account= !$this->is_account;
+        $this->is_modified = true;
+      }elseif(!$this->is_account && chkacl($this->acl,"create") == ""){
+        $this->is_account= !$this->is_account;
+        $this->is_modified = true;
+      }
+    }
+
+    if ($this->is_account){
+      $display= $this->show_header(_("Remove SSH keys"),
+          _("This server has SSH features enabled. You can disable them by clicking below."));
+    } else {
+      $display= $this->show_header(_("Add SSH keys"),
+          _("This server has SSH features disabled. You can enable them by clicking below."));
+      return ($display);
+    }
+
+    /* Load attributes */
+    foreach($this->attributes as $attr){
+      $smarty->assign("$attr", $this->$attr);
+      $smarty->assign($attr."ACL", chkacl($this->acl, "$attr"));
+    }
+
+
+    $smarty->assign("sshPublicKeyACL",chkacl($this->acl,"sshPublicKey"));
+
+    /* Display tempalte 
+     */
+    //$smarty->assign("ZoneList",$ZoneList->DrawList());
+    $display.= $smarty->fetch(get_template_path('servssh.tpl', TRUE));
+    return($display);
+
+  }
+
+  function remove_from_parent()
+  {
+    /* Cancel if there's nothing to do here */
+    if (!$this->initially_was_account){
+      return;
+    }
+
+      plugin::remove_from_parent();
+
+      $ldap= $this->config->get_ldap_link();
+
+      $ldap->cd($this->dn);
+      $this->cleanup();
+                       
+       $ldap->modify ($this->attrs);
+
+      show_ldap_error($ldap->get_error(), _("Removing SSH key failed"));
+
+      /* Optionally execute a command after we're done */
+//      $this->handle_post_events('remove',array("uid" => $this->uid));
+  }
+
+
+  /* Save data to object */
+  function save_object()
+  {
+       plugin::save_object();
+       }
+
+  /* Check values */
+  function check()
+  {
+    /* Call common method to give check the hook */
+    $message = plugin::check();
+
+    /* Check for empty or not */
+               if(empty($this->sshPublicKey)){
+        $message[]= _("Value specified as 'SSH Key' is not valid.");
+      }
+
+    return($message);
+  }
+
+  /* Save to LDAP */
+  function save()
+  {
+
+    plugin::save();
+
+
+    foreach($this->attributes as $attr){
+      if(chkacl($this->acl,$attr)!=""){
+        unset($this->attrs[$attr]);
+      }
+    }
+
+
+      /* Write back to ldap */
+      $ldap= $this->config->get_ldap_link();
+      $ldap->cd($this->dn);
+      $this->cleanup();
+      $ldap->modify ($this->attrs); 
+
+      show_ldap_error($ldap->get_error(), _("Saving SSH key failed"));
+
+      /* Optionally execute a command after we're done */
+      if ($this->initially_was_account == $this->is_account){
+        if ($this->is_modified){
+          $this->handle_post_events("modify",array("uid" => $this->uid));
+        }
+      } else {
+        $this->handle_post_events("add",array("uid" => $this->uid));
+      }
+  }
+
+}
+
+// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
+?>

diff --git a/ssh/src/srv/servssh.tpl b/ssh/src/srv/servssh.tpl
new file mode 100644 (file)
index 0000000..fed48d2
--- /dev/null
+++ b/ssh/src/srv/servssh.tpl
@@ -0,0 +1,23 @@
+<table summary="" style="width:100%; vertical-align:top; text-align:left;" cellpadding=0 border=0>
+
+ <!-- Headline container -->
+ <tr>
+   <td style="width:100%; vertical-align:top;">
+     <table summary="" style="margin-left:4px;width:100%">
+       <tr>
+         <td style="vertical-align:top;">
+                                               <textarea name="sshPublicKey" id="sshPublicKey" rows="4" style="width:80%" {$sshPublicKeyACL} >{$sshPublicKey}</textarea>
+       </tr>
+     </table>
+   </td>
+ </tr>
+</table>
+
+
+<!-- Place cursor -->
+<script language="JavaScript" type="text/javascript">
+  <!-- // First input field on page
+       focus_field('sshPublicKey');
+  -->
+</script>
+