mirror/ULib
1
0
Fork 0
mirror of https://github.com/stefanocasazza/ULib.git synced 2025-09-28 19:05:55 +08:00
Code Issues Releases Wiki Activity
f8a2d7b3a4
ULib/examples/lrp_session/session.cpp
stefanocasazza fc24169677 sync
2016-09-15 18:36:41 +02:00

215 lines
6.4 KiB
C++
Raw Blame History

// session.cpp
#include <ulib/base/utility.h>
#include <ulib/log.h>
#include <ulib/process.h>
#include <ulib/ldap/ldap.h>
#include <ulib/file_config.h>
#include <ulib/utility/semaphore.h>
#include <ulib/ssh/net/sshsocket.h>
#undef PACKAGE
#define PACKAGE "lrp_session"
#undef ARGS
#define ARGS "<operation(apply|drop)>"
#define U_OPTIONS \
"purpose \"start session - operation defined with ARG operation <apply|drop> on LRP device defined by filter... \"\n" \
"option c config 1 \"configuration file\" \"lrp.cfg\"\n" \
"option H host 1 \"LDAP server\" \"\"\n" \
"option p port 1 \"port on LDAP server\" \"\"\n" \
"option D bindDN 1 \"bind DN for LDAP query data processing\" \"\"\n" \
"option w password 1 \"bind password (for simple authentication)\" \"\"\n" \
"option b baseDN 1 \"DN filter - to get LDAP attribute value for filter specified\" \"\"\n" \
"option B baseDNDevice 1 \"base DN device - to get LDAP attribute value for device specified\" \"\"\n" \
"option u username 1 \"user name to connect LRP server on device (ssh mode)\" \"\"\n"
#include <ulib/application.h>
// ldap attribute for filter
#define FILTER_ATTR_CN_POS 0
#define FILTER_ATTR_CN_STRING "cn"
#define FILTER_ATTR_RULE_POS 1
#define FILTER_ATTR_RULE_STRING "tnetLrpFilterRule"
#define FILTER_NUM_ATTR 2
static const char* filter_attr_name[] = { FILTER_ATTR_CN_STRING, FILTER_ATTR_RULE_STRING, 0 };
// ldap attribute for policy
#define POLICY_ATTR_CN_POS 0
#define POLICY_ATTR_CN_STRING "cn"
#define POLICY_ATTR_POLICY_POS 1
#define POLICY_ATTR_POLICY_STRING "tnetLrpPolicylabel"
#define POLICY_ATTR_IPMASK_POS 2
#define POLICY_ATTR_IPMASK_STRING "tnetLrpIpNetworkNumber"
#define POLICY_NUM_ATTR 3
static const char* policy_attr_name[] = { POLICY_ATTR_CN_STRING, POLICY_ATTR_POLICY_STRING,
POLICY_ATTR_IPMASK_STRING, 0 };
class Application : public UApplication {
public:
void run(int argc, char* argv[], char* env[])
{
U_TRACE(5, "Application::run(%d,%p,%p)", argc, argv, env)
UApplication::run(argc, argv, env);
// LDAP attribute for devices
// manage arg operation
// manage file configuration
// manage options
// login to LDAP
# include "common1.cpp"
if (UApplication::isOptions())
{
value = opt['b'];
if (value.empty() == false) DN_filter = value;
}
// get filter attribute from LDAP
int i, n = ldap.search(DN_filter.c_str(), LDAP_SCOPE_BASE, (char**)filter_attr_name);
if (n != 1) U_ERROR("cannot get filter attribute from LDAP");
ULDAPEntry filter_entry(FILTER_NUM_ATTR, filter_attr_name);
ldap.get(filter_entry);
// dato filtro avvio ricerca policy usando valore attributo filtro <tnetLrpFilterRule>
const char* filtro = filter_entry.getCStr(FILTER_ATTR_CN_POS);
const char* rule = filter_entry.getCStr(FILTER_ATTR_RULE_POS);
U_INTERNAL_DUMP("RULE = %S FILTRO = %S", rule, filtro)
// get policy attribute from LDAP
ULDAP ldap_url;
char first_char = rule[0];
bool policy_by_url = (first_char != '(');
if (policy_by_url)
{
if (first_char == '/')
{
static char url[1024];
(void) u__snprintf(url, sizeof(url), U_CONSTANT_TO_PARAM("ldap://%v%s"), LDAP_host.rep, rule);
rule = url;
}
if (ldap_url.init(rule) == false ||
ldap_url.set_protocol() == false ||
ldap_url.simple_bind() == false)
{
U_ERROR("login to LDAP with URL failed");
}
n = ldap_url.search();
}
else
{
n = ldap.search("o=Policies,o=tnet", LDAP_SCOPE_SUBTREE, (char**)policy_attr_name, rule);
}
if (n <= 0) U_ERROR("cannot find policy from LDAP");
ULDAPEntry policy_entry(POLICY_NUM_ATTR, policy_attr_name, n);
if (policy_by_url) ldap_url.get(policy_entry);
else ldap.get(policy_entry);
// init log
const char* log_name = filtro;
# include "common2.cpp"
// loop for every policy
int j, k;
char ipmask[64];
const char* ptr;
const char* policy;
const char* ip_mask;
const char* ip_device;
char request_buffer[4096 * 4];
const char* binddn_device = LDAP_binddn_device.c_str();
for (i = 0; i < n; ++i)
{
policy = policy_entry.getCStr(POLICY_ATTR_CN_POS, i);
U_INTERNAL_DUMP("POLICY = %S %S", policy_entry[i], policy)
// data policy avvio ricerca lista device usando valore attributo policy <tnetLrpIpNetworkNumber>
ip_mask = policy_entry.getCStr(POLICY_ATTR_IPMASK_POS, i);
(void) u__snprintf(ipmask, sizeof(ipmask), U_CONSTANT_TO_PARAM("(tnetLrpIpHostNumber=%s*)"), ip_mask);
j = ldap.search(binddn_device, LDAP_SCOPE_SUBTREE, (char**)device_attr_name, ipmask);
if (j <= 0) continue;
ptr = policy_entry.getCStr(POLICY_ATTR_POLICY_POS, i);
// check if to skip xml header...
if (strncmp(ptr, U_CONSTANT_TO_PARAM("<?xml")) == 0)
{
ptr += 5;
while (*ptr++ != '\n');
}
// build request
// "<?xml version=\"1.0\" encoding=\"UTF-8\"?><!DOCTYPE REQUEST SYSTEM \"lrp_request.dtd\">"
request_size = u__snprintf(request_buffer, sizeof(request_buffer),
U_CONSTANT_TO_PARAM("<REQUEST sid=\"sid1\" version=\"1\"><IMPORT-POLICYLABEL name=\"%s\">%s</IMPORT-POLICYLABEL></REQUEST>"
"<REQUEST sid=\"sid2\" version=\"1\"><EXECUTE-POLICYLABEL name=\"%s\" command=\"%s\"/></REQUEST>"),
policy, ptr, policy, operation);
request = UString(request_buffer, request_size);
// write request to file
# include "common3.cpp"
// set devices attribute for LDAP
ULDAPEntry device_entry(DEVICE_NUM_ATTR, device_attr_name, j);
// get devices attribute from LDAP
// loop for every device
// fork: child
// send request to device
// write response to file
# include "common4.cpp"
// parent
}
exit_value = proc.waitAll();
log.close();
}
private:
};
U_MAIN
Reference in New Issue View Git Blame Copy Permalink