adlin: Pass SharedSecret in env
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
nemunaire 2022-02-19 11:52:09 +01:00
parent e39586338e
commit e8f58bad8d
4 changed files with 11 additions and 4 deletions

View File

@ -1,3 +1,3 @@
package adlin package adlin
var SharedSecret string var SharedSecret string = "adelina"

View File

@ -16,7 +16,7 @@ import (
) )
var ( var (
loginSalt string loginSalt string = "adelina"
justLogin bool justLogin bool
) )

View File

@ -18,13 +18,17 @@ var tftpDir string
func main() { func main() {
var studentsFile string var studentsFile string
if v, exists := os.LookupEnv("ADLIN_SHARED_SECRET"); exists {
loginSalt = v
}
flag.BoolVar(&justLogin, "just-login", justLogin, "Don't perform MAC assignation and remote registration") flag.BoolVar(&justLogin, "just-login", justLogin, "Don't perform MAC assignation and remote registration")
var bind = flag.String("bind", ":8081", "Bind port/socket") var bind = flag.String("bind", ":8081", "Bind port/socket")
flag.StringVar(&studentsFile, "students", "./students.csv", "Path to a CSV file containing students list") flag.StringVar(&studentsFile, "students", "./students.csv", "Path to a CSV file containing students list")
flag.StringVar(&ARPTable, "arp", ARPTable, "Path to ARP table") flag.StringVar(&ARPTable, "arp", ARPTable, "Path to ARP table")
flag.StringVar(&tftpDir, "tftpdir", "/var/tftp/", "Path to TFTPd directory") flag.StringVar(&tftpDir, "tftpdir", "/var/tftp/", "Path to TFTPd directory")
flag.StringVar(&loginSalt, "loginsalt", "adelina", "secret used in login HMAC") flag.StringVar(&loginSalt, "loginsalt", loginSalt, "secret used in login HMAC")
var auth = flag.String("auth", "none", "Auth method: none, fwd, ldap, krb5") var auth = flag.String("auth", "none", "Auth method: none, fwd, ldap, krb5")

View File

@ -73,6 +73,9 @@ func main() {
if v, exists := os.LookupEnv("ADLIN_TSIG_SECRET"); exists { if v, exists := os.LookupEnv("ADLIN_TSIG_SECRET"); exists {
tsigSecret = v tsigSecret = v
} }
if v, exists := os.LookupEnv("ADLIN_SHARED_SECRET"); exists {
adlin.SharedSecret = v
}
if v, exists := os.LookupEnv("ADLIN_COLLECTOR_SECRET"); !exists { if v, exists := os.LookupEnv("ADLIN_COLLECTOR_SECRET"); !exists {
log.Fatal("Please define ADLIN_COLLECTOR_SECRET environment variable") log.Fatal("Please define ADLIN_COLLECTOR_SECRET environment variable")
} else if t, err := base64.StdEncoding.DecodeString(v); err != nil { } else if t, err := base64.StdEncoding.DecodeString(v); err != nil {
@ -84,7 +87,7 @@ func main() {
var bind = flag.String("bind", ":8081", "Bind port/socket") var bind = flag.String("bind", ":8081", "Bind port/socket")
var dsn = flag.String("dsn", adlin.DSNGenerator(), "DSN to connect to the MySQL server") var dsn = flag.String("dsn", adlin.DSNGenerator(), "DSN to connect to the MySQL server")
flag.StringVar(&baseURL, "baseurl", baseURL, "URL prepended to each URL") flag.StringVar(&baseURL, "baseurl", baseURL, "URL prepended to each URL")
flag.StringVar(&adlin.SharedSecret, "sharedsecret", "adelina", "secret used to communicate with remote validator") flag.StringVar(&adlin.SharedSecret, "sharedsecret", adlin.SharedSecret, "secret used to communicate with remote validator")
flag.StringVar(&AuthorizedKeysLocation, "authorizedkeyslocation", AuthorizedKeysLocation, "File for allowing user to SSH to the machine") flag.StringVar(&AuthorizedKeysLocation, "authorizedkeyslocation", AuthorizedKeysLocation, "File for allowing user to SSH to the machine")
flag.StringVar(&SshPiperLocation, "sshPiperLocation", SshPiperLocation, "Directory containing directories for sshpiperd") flag.StringVar(&SshPiperLocation, "sshPiperLocation", SshPiperLocation, "Directory containing directories for sshpiperd")
flag.StringVar(&ControlSocket, "ns-host", ControlSocket, "Host:port of the nameserver to use") flag.StringVar(&ControlSocket, "ns-host", ControlSocket, "Host:port of the nameserver to use")