From: cajus <cajus@594d385d-05f5-0310-b6e9-bd551577e9d8>
Date: Mon, 31 Aug 2009 16:58:05 +0000 (+0000)
Subject: Added some ssh works. Not working in the moment.
X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=c7c87bf20a909ed7ff997aa879cd9146e74316af;p=gosa.git

Added some ssh works. Not working in the moment.


git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@14173 594d385d-05f5-0310-b6e9-bd551577e9d8
---

diff --git a/gosa-plugins/ssh/contrib/openssh-lpk.schema b/gosa-plugins/ssh/contrib/openssh-lpk.schema
new file mode 100644
index 000000000..a79870320
--- /dev/null
+++ b/gosa-plugins/ssh/contrib/openssh-lpk.schema
@@ -0,0 +1,20 @@
+#
+# LDAP Public Key Patch schema for use with openssh-ldappubkey
+# Author: Eric AUGE <eau@phear.org>
+# 
+# Based on the proposal of : Mark Ruijter
+#
+
+
+# octetString SYNTAX
+attributetype ( 1.3.6.1.4.1.24552.500.1.1.1.13 NAME 'sshPublicKey' 
+	DESC 'MANDATORY: OpenSSH Public key' 
+	EQUALITY octetStringMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
+
+# printableString SYNTAX yes|no
+objectclass ( 1.3.6.1.4.1.24552.500.1.1.2.0 NAME 'ldapPublicKey' SUP top AUXILIARY
+	DESC 'MANDATORY: OpenSSH LPK objectclass'
+	MAY ( sshPublicKey $ uid ) 
+	)
+
diff --git a/gosa-plugins/ssh/personal/ssh/class_sshPublicKey.inc b/gosa-plugins/ssh/personal/ssh/class_sshPublicKey.inc
new file mode 100644
index 000000000..d9500cbdc
--- /dev/null
+++ b/gosa-plugins/ssh/personal/ssh/class_sshPublicKey.inc
@@ -0,0 +1,223 @@
+<?php
+/*
+ * This code is part of GOsa (http://www.gosa-project.org)
+ * Copyright (C) 2003-2008 GONICUS GmbH
+ *
+ * ID: $$Id: class_posixAccount.inc 13605 2009-05-05 13:48:48Z hickert $$
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+class sshPublicKey
+{
+  var $config= null;
+  var $publicKeys= array();
+  var $storedPublicKeys= array();
+  var $modified= false;
+  var $dn;
+  var $dialog= false;
+  var $enabled= false;
+
+  function sshPublicKey(&$config, $dn)
+  {
+    /* Configuration is fine, allways */
+    $this->config= &$config;
+    $this->dn= $dn;
+
+    // Load list of public keys
+    $data= array();
+    $ldap= $this->config->get_ldap_link();
+    $ldap->cat($this->dn, array('objectClass'));
+    if ($attrs= $ldap->fetch()){
+      if(in_array_ics('ldapPublicKey', $attrs['objectClass'])){
+        $this->enabled= true;
+        $data= $ldap->get_attribute($this->dn, "sshPublicKey", 1);
+        if(is_array($data)){
+          unset($data['count']);
+        } 
+      }
+    }
+
+    // Analyze keys for type, bits and comment
+    foreach ($data as $key) {
+      list($type, $data, $comment)= preg_split('/\s/', $key);
+      $this->publicKeys[]= array("type" => $type,
+                                 "fingerprint" => $this->fingerprint(base64_decode($data)),
+                                 "comment" => $comment,
+                                 "data" => $data);
+    }
+
+    // Save copy for later usage
+    $this->storedPublicKeys= $this->publicKeys;
+  }
+
+
+  function setDN($dn)
+  {
+    $this->dn= $dn;
+  }
+
+
+  function execute()
+  {
+    global $ui;
+
+    // Check if we need to open a dialog
+    if (isset($_POST['edit_sshpublickey'])){
+      $this->dialog= true;
+    }
+    if (isset($_POST['cancel_sshpublickey'])){
+      $this->dialog= false;
+      if ($this->modified) {
+        $this->publicKeys= $this->storedPublicKeys;
+      }
+      $this->modified= false;
+    }
+
+    if (isset($_POST['save_sshpublickey'])){
+      $this->dialog= false;
+      if ($this->modified) {
+        $this->storedPublicKeys= $this->publicKeys;
+      }
+    }
+
+    // If we do not need the dialog, don't show it
+    if (!$this->dialog) {
+      return null;
+    }
+
+    // Remove action?
+    if (isset($_POST['remove_sshpublickey']) && isset($_POST['keylist'])){
+      foreach($_POST['keylist'] as $index){
+        if (isset($this->publicKeys[$index])){
+          unset($this->publicKeys[$index]);
+          $this->modified= true;
+        }
+      }
+      $this->publicKeys= array_values($this->publicKeys);
+    }
+
+    // Upload action?
+    if (isset($_POST['upload_sshpublickey'])) {
+      if ($_FILES['key']['error'] > 0){
+        msg_dialog::display(_("Upload error"), _("Error: uploading the key")." (".$_FILES['key']['error'].")", ERROR_DIALOG);
+      } else {
+
+        $lines= file($_FILES['key']['tmp_name']);
+        foreach ($lines as $line) {
+          if (preg_match('/^(ssh-(dss|rsa))\s+([a-zA-Z0-9+\/.=]+)\s+([[:print:]]+)$/', $line, $match)) {
+            $fingerprint= $this->fingerprint(base64_decode($match[3]));
+
+            // Check if we already have it
+            $found= false;
+            foreach ($this->publicKeys as $key) {
+              if ($key['fingerprint'] == $fingerprint) {
+                $found= true;
+                msg_dialog::display(_("Upload error"), _("This key is already used!"), ERROR_DIALOG);
+                break;
+              }
+            }
+
+            // If not used, just add it
+            if (!$found) {
+              $this->publicKeys[]= array("type" => $match[1],
+                                   "fingerprint" => $fingerprint,
+                                   "comment" => $match[4],
+                                   "data" => $line);
+               $this->modified= true;
+            }
+
+          } else {
+            msg_dialog::display(_("Upload error"), _("Unknown public key format!"), ERROR_DIALOG);
+          }
+        }
+      }
+    }
+
+    // Show the ssh page now
+    $smarty= get_smarty();
+    $data= array();
+    foreach ($this->publicKeys as $index => $info) {
+      $data[$index]= sprintf(_("SSH %s key, Fingerprint: %s, Comment: %s"), $info['type']=='ssh-dss'?"DSA":"RSA", $info['fingerprint'], $info['comment']);
+    }
+    $smarty->assign("keylist", $data);
+    return $smarty->fetch (get_template_path('sshPublicKey.tpl', TRUE, dirname(__FILE__)));
+  }
+
+
+  function save()
+  {
+    if ($this->modified) {
+      $attrs= array();
+      $ldap= $this->config->get_ldap_link();
+
+      // SSH stuff removed?
+      if (count($this->publicKeys) == 0) {
+        
+        $ldap->cat($this->dn, array("objectClass", "sshPublicKey"));
+        $nattrs= $ldap->fetch();
+        $attrs['objectClass']= array_remove_entries_ics(array("ldapPublicKey"), $nattrs['objectClass']);
+        unset($attrs['objectClass']['count']);
+        if (isset($nattrs['sshPublicKey'])){
+          $attrs['sshPublicKey']= array();
+        }
+         
+        $ldap->cd($this->dn);
+        $ldap->modify($attrs);
+        new log("modify","posix/ssh",$this->dn,array_keys($attrs),$ldap->get_error());
+
+      } else {
+
+        // If it was enabled before, we just need to update the
+        // attributes, elseways modify objectclasses, too.
+        if (!$this->enabled) {
+          $ldap->cat($this->dn, array("objectClass"));
+          $nattrs= $ldap->fetch();
+          $attrs['objectClass']= $nattrs['objectClass'];
+          unset($attrs['objectClass']['count']);
+          $attrs['objectClass'][]= "ldapPublicKey";
+        }
+        
+        // Save public key
+        $attrs['sshPublicKey']= array();
+        foreach($this->publicKeys as $key) {
+          $attrs['sshPublicKey'][]= $key['data'];
+        }
+
+        $ldap->cd($this->dn);
+        $ldap->modify($attrs);
+        new log("modify","posix/ssh",$this->dn,array_keys($attrs),$ldap->get_error());
+      }
+
+      // LDAP error?
+      if (!$ldap->success()) {
+        msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, LDAP_MOD, ERROR_DIALOG));
+      }
+     
+    }
+  }
+
+
+  function fingerprint($data)
+  {
+    $result= md5($data);
+    $result= preg_replace('/(..)/', '\1:', $result);
+    return rtrim($result, ':');
+  }
+
+}
+
+// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
+?>
diff --git a/gosa-plugins/ssh/personal/ssh/sshPublicKey.tpl b/gosa-plugins/ssh/personal/ssh/sshPublicKey.tpl
new file mode 100644
index 000000000..132eec558
--- /dev/null
+++ b/gosa-plugins/ssh/personal/ssh/sshPublicKey.tpl
@@ -0,0 +1,19 @@
+<p class="contentboxh" style="font-size:12px">
+  <b>{t}List of SSH public keys for this user{/t}</b><br>
+</p>
+<p class="contentboxb" style="border-top:1px solid #B0B0B0;background-color:#F8F8F8">
+  <select style="width:100%; margin-top:4px; height:450px;" name="keylist[]" size="15" multiple>
+     {html_options options=$keylist}
+  </select>
+</p>
+<input type=file name="key">
+&nbsp;
+<input type=submit name="upload_sshpublickey" value="{t}Upload key{/t}">
+&nbsp;
+<input type=submit name="remove_sshpublickey" value="{t}Remove key{/t}">
+
+<p class="plugbottom">
+  <input type=submit name="save_sshpublickey" value="{msgPool type=saveButton}">
+  &nbsp;
+  <input type=submit name="cancel_sshpublickey" value="{msgPool type=cancelButton}">
+</p>