Helix SwarmHelix Swarm
Loading...

p4auth-ldap-trigger

  • //
  • guest/
  • jai_siddagangappa/
  • Triggers/
  • LDAP-authentication/
  • p4auth-ldap-trigger #1
  • View
  • Commits
  • Open Download .zip Download (4 KB) 
  1. #!/usr/bin/perl
  2.  
  3. use Net::LDAP;
  4. use Net::LDAP::Search;
  5. use Getopt::Std;
  6. use POSIX;
  7.  
  8. $vers="1.1.00.beta";
  9.  
  10. sub ldap_err
  11. {
  12. 	my $sub=$_[0];
  13. 	my $rval=$_[1];
  14. 	my $token=$_[2];
  15. 	printf("%s: %s:\n\t%s: %s\n\t%s: %s (%s)\n\t%s: %s\n\t%s:\n\n%s\n",
  16. 		$arg0, $sub, "value", $token, 
  17. 		"mesg",$rval->error_name,$rval->code,
  18. 		"m id",$rval->mesg_id,
  19. 		"text",$rval->error_text)
  20. }
  21.  
  22. sub get_current_user
  23. {
  24. 	my $sub=(caller(0))[3];
  25. 	$clogin=getlogin();
  26.  
  27. 	#$template = "s i A32 A6 A32 A256 b55";
  28.     	#my ($type, $tpid, $line, $itabid, $name, $host, $time) = unpack $template, $buf;
  29. }
  30.  
  31. sub read_ldap_conf
  32. {
  33. 	open(LDAPCONF,"<","/etc/ldap.conf");
  34. 	%ldapconf=map {/([^\s+ ]*?)\s+/,[split(/\s+/)]} <LDAPCONF>;
  35. 	close(LDAPCONF);
  36.  
  37. 	$host=$ldapconf{'uri'}[1];
  38. 	$base=$ldapconf{'base'}[1];
  39. 	$rootbinddn=$ldapconf{'rootbinddn'}[1];
  40. 	$binddn=$ldapconf{'binddn'}[1];
  41. 	$bindpw=$ldapconf{'bindpw'}[1];
  42. }
  43.  
  44. sub show_conf
  45. {
  46. 	print("$arg0: conf: uri $host\n");
  47. 	print("$arg0: conf: ldap base: $base\n");
  48. 	print("$arg0: conf: binddn: $binddn\n");
  49. 	print("$arg0: conf: ldap proxy pw: $bindpw\n");
  50. }
  51.  
  52.  
  53. sub save_password_old
  54. {
  55. 	my $passwd=$_[0];
  56. 	my $ldap_entry=$_[1];
  57.  
  58. 	$home_d=$ldap_entry->get_value("homeDirectory");
  59. 	if (!$home_d)
  60. 	{
  61. 		$home_d=$ldap_entry->get_value("unixHomeDirectory");
  62. 	}
  63. 	if (!$home_d)
  64. 	{
  65. 		printf("%s: %s: error: cannot detemine home - password cannot be saved\n",$arg0,$login); # if ($opt_d);
  66. 		return(1);
  67. 	}
  68. 	$p4pass_f="$home_d/.p4-$arg0";
  69. 	$rval=open(P4PASS,">",$p4pass_f);
  70. 	if (!$rval)
  71. 	{
  72. 		printf("%s: error: cannot open password file: %s: %s\n",$arg0,$p4pass_f,$!); # if ($opt_d);
  73. 		return(1);
  74. 	}
  75. 	chmod(S_IRUSR|S_IWUSR,$p4pass_f);
  76. 	printf(P4PASS "%s",$passwd);
  77. 	print("$arg0: password for $login written to $p4pass_f\n") if ($opt_d);
  78. 	close(P4PASS);
  79. }
  80.  
  81. $arg0=$0;
  82. $arg0=~(s%.*/%%);
  83.  
  84. $cfe_vars_f='/etc/bch/conf/vars.pli';
  85. my $sub=(caller(0))[3];
  86. $sub="main" if (!$sub);
  87.  
  88. my ($os_type,$hostname,$os_ver,$kern_info,$arch_type) = POSIX::uname();
  89.  
  90. getopts('du:p:r:s');
  91. if ($?)
  92. {
  93. 	die "FATAL: options: $!\n";
  94. }
  95.  
  96. if (-r $cfe_vars_f)
  97. {
  98. 	do $cfe_vars_f;
  99. }
  100.  
  101. &read_ldap_conf;
  102. &show_conf if ($opt_d);
  103.  
  104. $login=$opt_u if ($opt_u);
  105. $password=$opt_p if ($opt_p);
  106. $p4root=$opt_r if ($opt_r);
  107.  
  108. if (!$password)
  109. {
  110. 	$password = <STDIN>;
  111. 	$password =~ s/\n//;
  112. }
  113.  
  114. if (!$login)
  115. {
  116. 	$login=$ARGV[0];
  117. }
  118.  
  119. if (!$login)
  120. {
  121. 	printf(STDERR "%s: error: FATAL: no login specified\n",$arg0);
  122. 	exit(1);
  123. }
  124.  
  125. if (!$password)
  126. {
  127. 	printf(STDERR "%s: error: FATAL: no password specified\n",$arg0);
  128. 	exit(1);
  129. }
  130.  
  131. $p4root="/data/perforce-main" if (!$p4root);
  132.  
  133. if (!$host)
  134. {
  135. 	printf(STDERR "%s: error: FATAL: no LDAP host found/specified\n",$arg0);
  136. 	exit(1);
  137. }
  138.  
  139. if (!$base)
  140. {
  141. 	printf(STDERR "%s: error: FATAL: no LDAP base found/specified\n",$arg0);
  142. 	exit(1);
  143. }
  144.  
  145. if (!$binddn)
  146. {
  147. 	printf(STDERR "%s: error: FATAL: no LDAP bind DN found/specified\n",$arg0);
  148. 	exit(1);
  149. }
  150.  
  151. if (!$bindpw)
  152. {
  153. 	printf(STDERR "%s: error: FATAL: no LDAP bind password found/specified\n",$arg0);
  154. 	exit(1);
  155. }
  156.  
  157. $ldap = Net::LDAP->new ( $host );
  158.  
  159. $mesg=$ldap->bind("$binddn",password => "$bindpw",version => 3);
  160. if ($mesg->code)
  161. {
  162. 	ldap_err($sub,$mesg,"bind") if ($opt_d);
  163. 	exit(1);
  164. }
  165. $search = $ldap->search (
  166. 	base => "$base",
  167. 	scope => "sub",
  168. 	filter => "( &(objectClass=user) (|(uid=$login)(sAMAccountName=$login))  )",
  169. 	attrs => [ 'uid', 'uidNumber', 'sAMAccountName', 'homeDirectory', 'unixHomeDirectory' ]
  170. );
  171. if ($search->count == 0)
  172. {
  173. 	printf("%s: %s: error: FATAL: no such user\n",$arg0,$login);
  174. 	exit(1);
  175. }
  176. elsif ($search->count > 1)
  177. {
  178. 	printf("%s: error: FATAL: %s: more than one entry found\n",$arg0,$login);
  179. 	exit(1);
  180. }
  181.  
  182. my $entry = $search->entry ( 0 );
  183. $dn=$entry->dn();
  184. print("$arg0: dn found: $dn\n") if ($opt_d);
  185. $mesg=$ldap->bind("$dn",password => "$password",version => 3);
  186. if ($mesg->code)
  187. {
  188. 	#ldap_err($sub,$mesg,"bind") if ($opt_d);
  189. 	printf("%s: authentication failed for %s: %s\n",$arg0,$login,$mesg->error_text);
  190. 	exit(1);
  191. }
  192. else
  193. {
  194. 	print("$arg0: authentication for $login: success\n") if ($opt_d);
  195. }
  196.  
  197. save_password($password,$entry) if ($opt_s);
  198.  
  199. $mesg=$ldap->unbind;
  200. if ($mesg->code)
  201. {
  202. 	ldap_err($sub,$mesg,"unbind") if ($opt_d);
  203. }
  204. exit(0);
# Change User Description Committed
#1 7827 Jai Siddagangappa LDAP authentication trigger for Perforce-JIRA 14 years ago
//guest/jai_siddagangappa/Triggers/Perforce-JIRA/p4auth-ldap-trigger
#1 7826 Jai Siddagangappa LDAP authentication script that was used with for the Perforce-JIRA triggers. 14 years ago