teach/adlin
Archived
0
0
Fork 0
Code Issues 1 Pull requests 4 Releases Activity

login-validator: handle iPXE tpl

Browse source
This commit is contained in:
nemunaire 2019-02-26 12:34:31 +01:00
commit e08c9306da
2 changed files with 32 additions and 44 deletions
Download patch file Download diff file Expand all files Collapse all files

23
pkg/login-validator/cmd/pxetpl.go
View file

@ -1,7 +1,8 @@
package main
import (
"errors"
"crypto/hmac"
"crypto/sha512"
"fmt"
"io/ioutil"
"net"
@ -11,32 +12,34 @@ import (
)
const pxeUserTplPath = "pxelinux.cfg/tpl"
const ipxeUserTplPath = "pxelinux.cfg/tpl.ipxe"
const pxeUserPath = "pxelinux.cfg"
func RegisterUserMAC(ip net.IP, username string) error {
if tab, err := ARPAnalyze(); err != nil {
func RegisterUserMAC(ent ARPEntry, username string) error {
if err := registerUser(ipxeUserTplPath, fmt.Sprintf("%02x:%02x:%02x:%02x:%02x:%02x.ipxe", ent.HWAddress[0], ent.HWAddress[1], ent.HWAddress[2], ent.HWAddress[3], ent.HWAddress[4], ent.HWAddress[5]), username); err != nil {
return err
} else if ent := ARPContainsIP(tab, ip); ent == nil {
return errors.New(fmt.Sprintf("Unable to find MAC address for given IP (%s)", ip))
} else {
return registerUser(fmt.Sprintf("%02X-%02X-%02X-%02X-%02X-%02X-%02X", ent.HWType, ent.HWAddress[0], ent.HWAddress[1], ent.HWAddress[2], ent.HWAddress[3], ent.HWAddress[4], ent.HWAddress[5]), username)
return registerUser(pxeUserTplPath, fmt.Sprintf("%02x-%02x-%02x-%02x-%02x-%02x-%02x", ent.HWType, ent.HWAddress[0], ent.HWAddress[1], ent.HWAddress[2], ent.HWAddress[3], ent.HWAddress[4], ent.HWAddress[5]), username)
}
}
func RegisterUserIP(ip net.IP, username string) error {
return registerUser(fmt.Sprintf("%02X%02X%02X%02X", ip.To4()[0], ip.To4()[1], ip.To4()[2], ip.To4()[3]), username)
return registerUser(pxeUserTplPath, fmt.Sprintf("%02X%02X%02X%02X", ip.To4()[0], ip.To4()[1], ip.To4()[2], ip.To4()[3]), username)
}
func registerUser(filename string, username string) error {
if pxeTplCnt, err := ioutil.ReadFile(path.Join(tftpDir, pxeUserTplPath)); err != nil {
func registerUser(tplPath string, filename string, username string) error {
if pxeTplCnt, err := ioutil.ReadFile(path.Join(tftpDir, tplPath)); err != nil {
return err
} else if userfd, err := os.OpenFile(path.Join(tftpDir, pxeUserPath, filename), os.O_RDWR|os.O_CREATE, 0644); err != nil {
return err
} else {
defer userfd.Close()
pkey := hmac.New(sha512.New512_224, []byte(loginSalt))
if pxeTmpl, err := template.New("pxeUser").Parse(string(pxeTplCnt)); err != nil {
return err
} else if err := pxeTmpl.Execute(userfd, map[string]string{"username": username}); err != nil {
} else if err := pxeTmpl.Execute(userfd, map[string]string{"username": username, "pkey": fmt.Sprintf("%x", pkey.Sum([]byte(username)))}); err != nil {
return err
}
}