diff options
| -rw-r--r-- | auth/authentication.php | 58 | ||||
| -rw-r--r-- | auth/ssh.php | 107 | ||||
| -rw-r--r-- | auth/telnet.php | 72 | ||||
| -rw-r--r-- | router.php | 21 |
4 files changed, 242 insertions, 16 deletions
diff --git a/auth/authentication.php b/auth/authentication.php new file mode 100644 index 0000000..1ec3cb1 --- /dev/null +++ b/auth/authentication.php @@ -0,0 +1,58 @@ +<?php + +/* + * Looking Glass - An easy to deploy Looking Glass + * Copyright (C) 2014 Guillaume Mazoyer <gmazoyer@gravitons.in> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +require_once 'ssh.php'; +require_once 'telnet.php'; + +abstract class Authentication { + protected $config; + + public function __construct($config) { + $this->config = $config; + $this->check_config(); + } + + protected abstract function check_config(); + public abstract function connect(); + public abstract function disconnect(); + public abstract function send_command($command); + + public function __destruct() { + $this->disconnect(); + } + + public static final function instance($config) { + switch ($config['auth']) { + case 'ssh-password': + case 'ssh-key': + return new SSH($config); + + case 'telnet': + return new Telnet($config); + + default: + 'Unknown authentication mecanism "'.$config['auth'].'"."'; + return null; + } + } +} + +// End of authentication.php diff --git a/auth/ssh.php b/auth/ssh.php new file mode 100644 index 0000000..9d3506b --- /dev/null +++ b/auth/ssh.php @@ -0,0 +1,107 @@ +<?php + +/* + * Looking Glass - An easy to deploy Looking Glass + * Copyright (C) 2014 Guillaume Mazoyer <gmazoyer@gravitons.in> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +require_once 'authentication.php'; + +class SSH extends Authentication { + private $port; + + public function __construct($config) { + parent::__construct($config); + + $this->port = isset($this->config['port']) ? $this->config['port'] : 22; + } + + protected function check_config() { + if ($this->config['auth'] == 'ssh-password') { + if (!isset($this->config['user']) || !isset($this->config['pass'])) { + throw new Exception('User and password required for ssh-password.'); + } + } + + if ($this->config['auth'] == 'ssh-key') { + if (!isset($this->config['user']) || !isset($this->config['public_key']) + || !isset($this->config['private_key'])) { + throw new Exception('User and key pair required for ssh-key.'); + } + } + } + + public function connect() { + $this->connection = ssh2_connect($this->config['host'], $this->port); + if (!$this->connection) { + throw new Exception('Cannot connect to router.'); + } + + $success = false; + + if ($this->config['auth'] == 'ssh-password') { + $success = ssh2_auth_password($this->connection, $this->config['user'], + $this->config['pass']); + } else if ($this->config['auth'] == 'ssh-key') { + if (isset($this->config['pass'])) { + $success = ssh2_auth_pubkey_file($this->connection, $this->config['user'], + $this->config['public_key'], $this->config['private_key'], + $this->config['pass']); + } else { + $success = ssh2_auth_pubkey_file($this->connection, $this->config['user'], + $this->config['public_key'], $this->config['private_key']); + } + } else { + throw new Exception('Unknown type of connection for SSH.'); + } + + if (!success) { + throw new Exception('SSH authentication failed.'); + } + } + + public function send_command($command) { + if ($this->connection == null) { + $this->connect(); + } + + if (!($stream = ssh2_exec($this->connection, $command))) { + throw new Exception('SSH command failed'); + } + + stream_set_blocking($stream, true); + + $data = ''; + while ($buf = fread($stream, 4096)) { + $data .= $buf; + } + fclose($stream); + + return $data; + } + + public function disconnect() { + $this->send_command('exit'); + $this->connection = null; + } + + public function __destruct() { + parent::__destruct(); + } +} + +// End of ssh.php diff --git a/auth/telnet.php b/auth/telnet.php new file mode 100644 index 0000000..ce758f3 --- /dev/null +++ b/auth/telnet.php @@ -0,0 +1,72 @@ +<?php + +/* + * Looking Glass - An easy to deploy Looking Glass + * Copyright (C) 2014 Guillaume Mazoyer <gmazoyer@gravitons.in> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ + +require_once 'authentication.php'; + +class Telnet extends Authentication { + private $port; + + public function __construct($config) { + parent::__construct($config); + + $this->port = isset($this->config['port']) ? $this->config['port'] : 23; + } + + protected function check_config() { + if (!isset($this->config['user']) || !isset($this->config['pass'])) { + throw new Exception('User and password required for telnet.'); + } + } + + public function connect() { + $this->connection = fsockopen($this->config['host'], $this->port); + if (!$this->connection) { + throw new Exception('Cannot connect to router.'); + } + + fputs($this->connection, $this->config['user']."\r"); + fputs($this->connection, $this->config['pass']."\r"); + } + + public function send_command($command) { + if ($this->connection == null) { + $this->connect(); + } + + $data = ''; + while(!feof(!$this->connection)) { + $data .= fread($this->connection, 4096); + } + + return $data; + } + + public function disconnect() { + fclose($this->connection); + $this->connection = null; + } + + public function __destruct() { + parent::__destruct(); + } +} + +// End of telnet.php @@ -21,7 +21,7 @@ require_once 'config.php'; require_once 'utils.php'; -require_once 'auth/ssh.php'; +require_once 'auth/authentication.php'; class Router { private $id; @@ -106,21 +106,10 @@ class Router { } $data = null; - - if ($this->auth == 'ssh-password') { - if ($this->port != null) { - $connection = new SSH($this->host, $this->port); - } else { - $connection = new SSH($this->host); - } - - $connection->set_type_auth_password( - $config['routers'][$this->id]['user'], - $config['routers'][$this->id]['pass']); - $connection->connect(); - $data = $connection->send_command($complete_command); - $connection->disconnect(); - } + $auth = Authentication::instance($config['routers'][$this->id]); + $auth->connect(); + $data = $auth->send_command($complete_command); + $auth->disconnect(); $this->log_command('['.date("Y-m-d H:i:s").'] [client: '. $this->requester.'] '.$this->host.'> '.$complete_command."\n"); |