teach/adlin
Archived
0
0
Fork 0
Code Issues 1 Pull requests 4 Releases Activity

login-validator: handle iPXE tpl

Browse source
This commit is contained in:
nemunaire 2019-02-26 12:34:31 +01:00
commit e08c9306da
2 changed files with 32 additions and 44 deletions
Download patch file Download diff file Expand all files Collapse all files

53
pkg/login-validator/cmd/login.go
View file

@ -9,14 +9,10 @@ import (
"encoding/json"
"errors"
"fmt"
"io/ioutil"
"log"
"net"
"net/http"
"os"
"path"
"strings"
"text/template"
"time"
"gopkg.in/ldap.v2"
@ -156,30 +152,35 @@ func (l loginChecker) ServeHTTP(w http.ResponseWriter, r *http.Request) {
}
// Find corresponding MAC
var fname string
var ip net.IP
spl := strings.SplitN(r.RemoteAddr, ":", 2)
if ip := net.ParseIP(spl[0]); ip == nil {
if ip = net.ParseIP(spl[0]); ip == nil {
http.Error(w, "Unable to parse given IPv4: " + spl[0], http.StatusInternalServerError)
return
} else if arptable, err := ARPAnalyze(); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
} else if arpent := ARPContainsIP(arptable, ip); arpent == nil {
http.Error(w, "Unable to find MAC in ARP table", http.StatusInternalServerError)
}
var mac *ARPEntry
if tab, err := ARPAnalyze(); err != nil {
log.Println("Error on ARPAnalyze:", err)
http.Error(w, "Internal server error. Please retry in a few minutes", http.StatusInternalServerError)
return
} else {
fname = fmt.Sprintf("%02x-%02x-%02x-%02x-%02x-%02x-%02x", arpent.HWType, arpent.HWAddress[0], arpent.HWAddress[1], arpent.HWAddress[2], arpent.HWAddress[3], arpent.HWAddress[4], arpent.HWAddress[5])
mac = ARPContainsIP(tab, ip)
}
if mac == nil {
log.Printf("Unable to find MAC address for given IP (%s)\n", ip)
http.Error(w, "Internal server error. Please retry in a few minutes", http.StatusInternalServerError)
}
// Register the user remotely
if err := l.registerUser(lu.Username, r.RemoteAddr, fname); err != nil {
if err := l.registerUser(lu.Username, r.RemoteAddr, *mac); err != nil {
log.Println("Error on remote registration:", err)
http.Error(w, "Internal server error. Please retry in a few minutes", http.StatusInternalServerError)
return
}
// Generate PXE file
if err := l.lateLoginAction(lu.Username, r.RemoteAddr, fname); err != nil {
if err := l.lateLoginAction(lu.Username, r.RemoteAddr, *mac); err != nil {
log.Println("Error on late login action:", err)
http.Error(w, "Internal server error. Please retry in a few minutes", http.StatusInternalServerError)
return
@ -189,8 +190,8 @@ func (l loginChecker) ServeHTTP(w http.ResponseWriter, r *http.Request) {
http.Error(w, "Success", http.StatusOK)
}
func (l loginChecker) registerUser(username, remoteAddr, mac string) error {
bts, err := json.Marshal(map[string]interface{}{"login": username, "ip": remoteAddr, "mac": mac})
func (l loginChecker) registerUser(username, remoteAddr string, ent ARPEntry) error {
bts, err := json.Marshal(map[string]interface{}{"login": username, "ip": remoteAddr, "mac": fmt.Sprintf("%02x:%02x:%02x:%02x:%02x:%02x", ent.HWAddress[0], ent.HWAddress[1], ent.HWAddress[2], ent.HWAddress[3], ent.HWAddress[4], ent.HWAddress[5])})
if err != nil {
return nil
}
@ -215,22 +216,6 @@ func (l loginChecker) registerUser(username, remoteAddr, mac string) error {
}
}
func (l loginChecker) lateLoginAction(username, remoteAddr, fname string) error {
if tpl, err := ioutil.ReadFile(path.Join(tftpDir, "pxelinux.cfg", "tpl")); err != nil {
log.Println("Unable to open tpl: ", err)
} else if file, err := os.OpenFile(path.Join(tftpDir, "pxelinux.cfg", fname), os.O_CREATE|os.O_WRONLY|os.O_TRUNC, os.FileMode(0644)); err != nil {
log.Println("Unable to open destination file: ", err)
} else {
defer file.Close()
mac := hmac.New(sha512.New512_224, []byte(loginSalt))
if configTmpl, err := template.New("pxelinux.cfg").Parse(string(tpl)); err != nil {
log.Println("Cannot create template: ", err)
} else if err := configTmpl.Execute(file, map[string]string{"username": username, "remoteAddr": remoteAddr, "pkey": fmt.Sprintf("%x", mac.Sum([]byte(username))), "fname": fname}); err != nil {
log.Println("An error occurs during template execution: ", err)
}
}
return nil
func (l loginChecker) lateLoginAction(username, remoteAddr string, mac ARPEntry) error {
return RegisterUserMAC(mac, username)
}