[pisa-src] r2729 - in trunk: Makefile.am pairing pairing/README pairing/uci pairing/uci/update-pisasd-conf pairing/webif pairing/webif/apply.sh.patch pairing/webif/categories.patch pairing/webif/mobileaccess-...
- From: Christoph Viethen <christoph.viethen@xxxxxxxxxxxxxx>
- To: pisa-src@xxxxxxxxxxxxx
- Date: Mon, 29 Aug 2011 01:58:52 +0200
Author: viethen
Date: Mon Aug 29 01:58:50 2011
New Revision: 2729
Log:
add a number of scripts to enable pairing mobile devices with Trust Points,
as an extension to the OpenWrt webif GUI
Added:
trunk/pairing/
trunk/pairing/README
trunk/pairing/uci/
trunk/pairing/uci/update-pisasd-conf (contents, props changed)
trunk/pairing/webif/
trunk/pairing/webif/apply.sh.patch
trunk/pairing/webif/categories.patch
trunk/pairing/webif/mobileaccess-add.sh (contents, props changed)
trunk/pairing/webif/mobileaccess-cand.sh (contents, props changed)
trunk/pairing/webif/mobileaccess.sh (contents, props changed)
Modified:
trunk/Makefile.am
Modified: trunk/Makefile.am
==============================================================================
--- trunk/Makefile.am Sun Aug 28 22:50:43 2011 (r2728)
+++ trunk/Makefile.am Mon Aug 29 01:58:50 2011 (r2729)
@@ -15,6 +15,8 @@
# distcleancheck has trouble building the C files below tools/.
DIST_WILDCARDS = community-operator-legacy/*.cfg \
debian/* \
+ pairing/webif/*.patch \
+ pairing/webif/*.sh \
pairing-legacy/*.cfg \
pairing-legacy/*.txt \
pisacd/*.sh \
@@ -35,6 +37,8 @@
docs \
kernel \
openwrt \
+ pairing/README \
+ pairing/uci/update-pisasd-conf \
pairing-legacy/defaults \
pairing-legacy/pisaum \
tools/convenience-scripts \
Added: trunk/pairing/README
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ trunk/pairing/README Mon Aug 29 01:58:50 2011 (r2729)
@@ -0,0 +1,18 @@
+pairing subdirectory: Pairing code for PiSA
+
+List of files / directories
+===========================
+README this file
+
+uci contains a script that will copy the current UCI configuration
+ of paired hosts into /etc/pisa/pisasd.conf, section
+ allowed_hosts
+
+webif contains a number of scripts in order to extend the
+ webif GUI of a Trust Point with pairing functionality
+
+
+
+
+C. Viethen, August 2011
+
Added: trunk/pairing/uci/update-pisasd-conf
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ trunk/pairing/uci/update-pisasd-conf Mon Aug 29 01:58:50 2011
(r2729)
@@ -0,0 +1,188 @@
+#!/bin/sh
+#
+# This script will try to find the right place to enter an
+# "allowed_hosts" block into a pisasd.conf file, and, if
+# successful, will dump the current set of paired hosts
+# (according to what is recorded in this system's UCI config)
+# to that place.
+#
+
+. /etc/functions.sh
+. /lib/config/uci.sh
+
+# global settings
+expiry_date="2099-12-31:23:59:59.99999";
+pisasdconf_path="/etc/pisa/pisasd.conf"
+
+# global vars
+paired_devices_count=0
+paired_devices=""
+linenum_allowed_hosts=0
+linenum_closing_brace=0
+
+# callback function called automagically by uci_load
+config_cb() {
+ local cfg_type="$1"
+ local cfg_name="$2"
+
+ case "$cfg_type" in
+ paired_device)
+ paired_devices_count=$((paired_devices_count+1))
+ export paired_device_${paired_devices_count}=$cfg_name
+ ;;
+ esac
+}
+
+#
+# this function will dump the list of paired devices in the format required
+# for the allowed_hosts section within pisasd.conf, into the global
+# variable $paired_devices
+#
+generate_allowed_hosts()
+{
+ local device_i
+ local paired_devices_tmp
+ local cfg_name_ref
+ local cfg_name
+ local device_id_ref
+ local device_id
+ local device_hit_ref
+ local device_hit
+
+ if [ $((paired_devices_count)) -gt 0 ]; then
+ device_i=1
+
+ paired_devices_tmp="allowed_hosts = (
+"
+
+ while [ $((device_i)) -lt $((paired_devices_count+1)) ]; do
+
+ if [ "$device_i" -gt "1" ]; then
+ paired_devices_tmp=${paired_devices_tmp}",
+"
+ fi
+
+ cfg_name_ref=\${paired_device_$((device_i))}
+ eval cfg_name=$cfg_name_ref
+ unset cfg_name_ref
+
+ device_id_ref=\${CONFIG_${cfg_name}_identifier}
+ eval device_id=$device_id_ref
+ unset device_id_ref
+
+ device_hit_ref=\${CONFIG_${cfg_name}_hit}
+ eval device_hit=$device_hit_ref
+ unset device_hit_ref
+
+ paired_devices_tmp=${paired_devices_tmp}" {
+ # ${device_id}
+ hit=\"${device_hit}\";
+ expires=\"${expiry_date}\";
+ }"
+
+ device_i=$((device_i+1))
+ done
+
+ paired_devices=$paired_devices_tmp"
+);
+"
+
+ fi
+}
+
+
+#
+# this function will find the line numbers within pisasd.conf that mark
+# the section that will need to be replaced by a newly-generated
+# allowed_hosts section, and write them to the following global
+# vars: linenum_allowed_hosts, linenum_closing_brace
+#
+find_config_lines()
+{
+ local matchline_allowed_hosts
+ local matchline_closing_brace
+ local linenum_closing_brace_rel
+
+ # find number of first line in config to contain "allowed_hosts = ("
+ matchline_allowed_hosts=$(grep -m 1 -n '^allowed_hosts = ($'
"${pisasdconf_path}")
+ linenum_allowed_hosts=$(echo "${matchline_allowed_hosts}" | awk -F ':' '{
print $1 }')
+
+ if [ $((linenum_allowed_hosts)) -gt "0" ]; then
+ # find first occurence of line containing only ");" in the remaining
config
+ matchline_closing_brace=$(tail -n +"${linenum_allowed_hosts}"
"${pisasdconf_path}" | grep -m 1 -n '^);$')
+
+ linenum_closing_brace_rel=$(echo "${matchline_closing_brace}" | awk -F
':' '{ print $1 }')
+ linenum_closing_brace=$(($((linenum_allowed_hosts)) +
$((linenum_closing_brace_rel)) - 1))
+
+ if [ $((linenum_closing_brace_rel)) -le "0" ]; then # something's
broken
+ return 1
+ fi
+ else # allowed_hosts section not in config file
+ linenum_allowed_hosts=0
+ linenum_closing_brace=0
+ fi
+
+ return 0
+}
+
+#
+# this function updates the actual config file, overwriting the section
+# containing allowed_hosts with the new one
+#
+update_configfile()
+{
+ echo -n "${paired_devices}" > /tmp/pisasdconf_middle
+
+ # find head and tail to glue around the new config
+ if [ $((linenum_allowed_hosts)) -gt "0" ]; then
+ head -n $(($((linenum_allowed_hosts)) - 1)) "${pisasdconf_path}" >
/tmp/pisasdconf_head
+ tail -n +$(($((linenum_closing_brace)) + 1)) "${pisasdconf_path}" >
/tmp/pisasdconf_tail
+ else
+ # or just take the whole file for head and an empty file for tail in case
+ # the allowed_hosts section could not be found in the config file
+ cp "${pisasdconf_path}" /tmp/pisasdconf_head
+
+ rm 2>/dev/null -f /tmp/pisasdconf_tail
+ touch /tmp/pisasdconf_tail
+ fi
+
+ cat > /tmp/pisasd.conf-new /tmp/pisasdconf_head /tmp/pisasdconf_middle
/tmp/pisasdconf_tail
+
+ rm -f /tmp/pisasdconf_head
+ rm -f /tmp/pisasdconf_middle
+ rm -f /tmp/pisasdconf_tail
+
+ mv -f /tmp/pisasd.conf-new "${pisasdconf_path}"
+}
+
+#
+# actual execution starts here
+#
+
+uci_load mobileaccess
+
+if [ "$?" -ne "0" ]; then # fail
+ exit 1
+fi
+
+# check whether pisasd.conf exists and is writable
+if [ ! -w "${pisasdconf_path}" ]; then # fail
+ exit 1
+fi
+
+# if there are any paired devices at all ...
+if [ "${paired_devices_count}" -gt "0" ]; then
+ # generate a chunk of text to be inserted into pisasd.conf
+ generate_allowed_hosts
+fi
+
+# find out where exactly to insert it
+if ! find_config_lines; then
+ # something's inconsistent about the config file - don't touch it
+ exit 1
+fi
+
+# perform the actual insertion
+update_configfile
+
+
Added: trunk/pairing/webif/apply.sh.patch
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ trunk/pairing/webif/apply.sh.patch Mon Aug 29 01:58:50 2011 (r2729)
@@ -0,0 +1,13 @@
+--- apply.sh-orig
++++ apply.sh
+@@ -229,6 +229,10 @@
+ for package in $process_packages; do
+ # process settings
+ case "$package" in
++ "mobileaccess")
++ /usr/bin/update-pisasd-conf
++ /usr/bin/pisasdconf reload
++ ;;
+ "qos")
+ reload_qos
+ ;;
Added: trunk/pairing/webif/categories.patch
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ trunk/pairing/webif/categories.patch Mon Aug 29 01:58:50 2011
(r2729)
@@ -0,0 +1,9 @@
+--- .categories-orig
++++ .categories
+@@ -8,4 +8,6 @@
+ ##WEBIF:category:HotSpot
+ ##WEBIF:category:VPN
+ ##WEBIF:category:-
++##WEBIF:category:MobileACcess
++##WEBIF:category:-
+ ##WEBIF:category:Logout
Added: trunk/pairing/webif/mobileaccess-add.sh
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ trunk/pairing/webif/mobileaccess-add.sh Mon Aug 29 01:58:50 2011
(r2729)
@@ -0,0 +1,172 @@
+#!/usr/bin/webif-page
+<?
+#################################
+# MobileACcess page
+#
+# Description:
+# Special functions for MobileACcess
+# pairing functionality (TP side).
+#
+# Author(s) [in order of work date]:
+# <christoph.viethen@xxxxxxxxxxxxxx>
+#
+# Major revisions:
+#
+#
+# Configuration files referenced:
+# /etc/config/mobileaccess
+#
+#
+# TODO:
+
+. /usr/lib/webif/webif.sh
+
+paired_devices_count=0
+
+config_cb() {
+ local cfg_type="$1"
+ local cfg_name="$2"
+
+ case "$cfg_type" in
+ paired_device)
+ paired_devices_count=$((paired_devices_count+1))
+ export paired_device_${paired_devices_count}=$cfg_name
+ ;;
+ esac
+}
+
+ident_in_use() {
+ local no_match_found=1
+ local device_i=1
+ local cfg_name_ref
+ local cfg_name
+ local idstring_ref
+ local idstring
+
+ while [ "(" "${device_i}" -le "${paired_devices_count}" ")" -a "("
"${no_match_found}" -eq "1" ")" ]; do
+
+ cfg_name_ref=\${paired_device_$((device_i))}
+ eval cfg_name=$cfg_name_ref
+
+ idstring_ref=\${CONFIG_"${cfg_name}"_identifier}
+ eval idstring=$idstring_ref
+
+ if [ "$1" = "${idstring}" ]; then
+ no_match_found=0
+ fi
+
+ device_i=$((device_i+1))
+ done
+
+ return "${no_match_found}"
+}
+
+uci_load mobileaccess
+
+header "MobileACcess" "Pair with one Device" "" ' onload="modechange()" '
"$SCRIPT_NAME" "" 0
+
+if [ "${REQUEST_METHOD}" = 'POST' ]; then
+ postline_first=$( set | egrep '^POST_pair_' | head -q -n 1 )
+ postline_second=$( set | egrep '^POST_pairnow_' | head -q -n 1 )
+
+ if [ -n "$postline_first" ]; then
+ tmp_part=${postline_first#POST_pair_*}
+ hit=${tmp_part%%=*}
+
+ pagecontent='<h2>Really pair with this device?</h2><u>Please read
carefully:</u>
+ <p style="padding-top:1ex">By pairing this Trust Point with the
following device,
+ the user of the device will be permitted to use your Internet
access.</p>
+ <p style="padding-top:2ex"><em>You</em> will be held accountable for
anything
+ the user of this device does.</p>
+ <p style="padding-top:2ex">Make sure you immediately revoke its
pairing in case
+ a device gets lost or stolen, or if you are not sure that it can only
be used by a
+ person that you trust.</p> '"<p>(You can easily pair the device again
later when it's back in your hands.)</p>"
+
+ confirmation_form='<form enctype="multipart/form-data"
action="'"${SCRIPT_NAME}"'" method="post">
+ <table style="padding-top:2ex" border="0" cellpadding="0"
cellspacing="4">
+ <tr>
+ <td align="right">HIT:</td>
+ <td>'$hit'</td>
+ </tr>
+ <tr>
+ <td align="right">Identifier:</td>
+ <td><input name="identifier" type="text" size="50"
maxlength="40"></td>
+ </tr>
+ <tr>
+ <td />
+ <td><input name="pairnow_'$hit'" type="submit" value="Pair
now!"></td>
+ </tr>
+ </table>
+ </form>'
+
+ final_text='<p style="padding-top:2ex">Please specify an identifier
(containing only a-z, 0-9 and spaces) for the device that you want to pair.
+ Use an easy-to-remember description for the device, for example "New
laptop"
+ or "My xyPhone" or the like. You will need to know this identifier
+ later in case you want to revoke a pairing.</p>'
+
+ unset postline_first
+
+ elif [ -n "$postline_second" ]; then
+
+ tmp_part=${postline_second#POST_pairnow_*}
+ hit=${tmp_part%%=*}
+
+ # check whether the identifier (in $POST_identifier) conforms to our
specs
+ num_of_conforming_chars=$(expr "$POST_identifier" : '[a-zA-Z0-9 ]*')
+
+ if [ "$num_of_conforming_chars" -ne ${#POST_identifier} ]; then
+ pagecontent='<h2>Error</h2>Invalid chars in the identifier you
chose - click "Add Devices" up in the menu bar to try again.'
+ confirmation_form=''
+ final_text=''
+ elif [ "(" ${#POST_identifier} -gt 40 ")" -o "(" ${#POST_identifier}
-le 0 ")" ]; then
+ pagecontent='<h2>Error</h2>Identifier has invalid size - click
"Add Devices" up in the menu bar to try again.'
+ confirmation_form=''
+ final_text=''
+ elif ident_in_use "${POST_identifier}"; then
+ pagecontent='<h2>Error</h2>Identifier is in use already - click
"Add Devices" up in the menu bar and try a different one.'
+ confirmation_form=''
+ final_text=''
+ else
+ uci_add mobileaccess paired_device
+ uci_set mobileaccess "${CONFIG_SECTION}" identifier
"${POST_identifier}"
+ uci_set mobileaccess "${CONFIG_SECTION}" hit "${hit}"
+
+ pagecontent='<h2>Done ...</h2>Don'"'"'t forget to "Apply" the
change if you want it to become active.'
+
+ confirmation_form=''
+ final_text=''
+
+ unset postline_second
+ fi
+
+ unset num_of_conforming_chars
+
+ else
+ pagecontent='<h2>Click on "Status" to continue.</h2>'
+ confirmation_form=''
+ final_text=''
+ fi
+
+ unset postline_first
+ unset postline_second
+ unset tmp_part
+
+ paired_devices_count=0
+ uci_load mobileaccess
+fi
+
+###################################################################
+# show form
+#
+display_form <<EOF
+onchange|modechange
+EOF
+
+echo "$pagecontent"
+echo "$confirmation_form"
+echo "$final_text"
+
+footer ?>
+
+<!--
+-->
Added: trunk/pairing/webif/mobileaccess-cand.sh
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ trunk/pairing/webif/mobileaccess-cand.sh Mon Aug 29 01:58:50 2011
(r2729)
@@ -0,0 +1,41 @@
+#!/usr/bin/webif-page
+<?
+#################################
+# MobileACcess page
+#
+# Description:
+# Special functions for MobileACcess
+# pairing functionality (TP side).
+#
+# Author(s) [in order of work date]:
+# <christoph.viethen@xxxxxxxxxxxxxx>
+#
+# Major revisions:
+#
+#
+# Configuration files referenced:
+#
+#
+# TODO:
+
+. /usr/lib/webif/webif.sh
+
+header "MobileACcess" "Pairing Candidates" "Pairing Candidates" '
onload="modechange()" ' "/cgi-bin/webif/mobileaccess-add.sh" "" 0
+
+###################################################################
+# show form
+#
+display_form <<EOF
+onchange|modechange
+EOF
+
+echo "The following list shows devices this Trust Point currently is
associated with."
+echo '<P style="padding-top:1ex">Click on "Pair ..." to add a device to the
list of paired devices.</P>'
+
+/root/pairing/pairing-candidates
+
+footer ?>
+
+<!--
+##WEBIF:name:MobileACcess:2:Add Devices
+-->
Added: trunk/pairing/webif/mobileaccess.sh
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ trunk/pairing/webif/mobileaccess.sh Mon Aug 29 01:58:50 2011 (r2729)
@@ -0,0 +1,120 @@
+#!/usr/bin/webif-page
+<?
+#################################
+# MobileACcess page
+#
+# Description:
+# Special functions for MobileACcess
+# pairing functionality (TP side).
+#
+# Author(s) [in order of work date]:
+# <christoph.viethen@xxxxxxxxxxxxxx>
+#
+# Major revisions:
+#
+#
+# Configuration files referenced:
+# /etc/config/mobileaccess
+#
+#
+# TODO:
+
+. /usr/lib/webif/webif.sh
+
+paired_devices_count=0
+
+config_cb() {
+ local cfg_type="$1"
+ local cfg_name="$2"
+
+ case "$cfg_type" in
+ paired_device)
+ paired_devices_count=$((paired_devices_count+1))
+ export paired_device_${paired_devices_count}=$cfg_name
+ ;;
+ esac
+}
+
+uci_load mobileaccess
+
+header "MobileACcess" "Pairing Status" "Paired Devices" '
onload="modechange()" ' "$SCRIPT_NAME" "" 0
+
+if [ -n "$POST_submit" ]; then
+ postline=`set | egrep '^POST_revoke_pairing_' | head -q -n 1`
+ tmp_part=${postline#POST_revoke_pairing_*}
+ cfg_name=${tmp_part%%=*}
+ unset postline
+ unset tmp_part
+
+ uci_remove mobileaccess $cfg_name
+
+ paired_devices_count=0
+ uci_load mobileaccess
+fi
+
+if [ $((paired_devices_count)) -gt 0 ]; then
+ device_i=1
+ paired_devices_tmp=
+
+ while [ $((device_i)) -lt $((paired_devices_count+1)) ]; do
+
+ cfg_name_ref=\${paired_device_$((device_i))}
+ eval cfg_name=$cfg_name_ref
+ unset cfg_name_ref
+
+ device_id_ref=\${CONFIG_${cfg_name}_identifier}
+ eval device_id=$device_id_ref
+ unset device_id_ref
+
+ device_hit_ref=\${CONFIG_${cfg_name}_hit}
+ eval device_hit=$device_hit_ref
+ unset device_hit_ref
+
+ paired_devices_tmp=${paired_devices_tmp}"start_form|"${device_id}"
+field|HIT
+string|"${device_hit}"
+submit|revoke_pairing_"${cfg_name}"|Revoke Pairing|
+
+end_form
+"
+ device_i=$((device_i+1))
+ done
+else
+ echo "No paired devices found. In order to pair devices, select "Add
Devices" from the MobileACcess menu."
+fi
+
+paired_devices=$paired_devices_tmp
+
+#####################################################################
+# modechange script
+#
+cat <<EOF
+<script type="text/javascript" src="/webif.js"></script>
+<script type="text/javascript">
+<!--
+function modechange()
+{
+ var v;
+ $js
+
+ hide('save');
+ show('save');
+}
+-->
+</script>
+
+EOF
+
+###################################################################
+# show form
+#
+display_form <<EOF
+onchange|modechange
+$paired_devices
+EOF
+
+footer ?>
+
+<!--
+##WEBIF:name:MobileACcess:1:Status
+-->
--
This is the pisa developer mailing list. Please also subscribe to the main pisa
list at:
//www.freelists.org/list/pisa
Other related posts:
- » [pisa-src] r2729 - in trunk: Makefile.am pairing pairing/README pairing/uci pairing/uci/update-pisasd-conf pairing/webif pairing/webif/apply.sh.patch pairing/webif/categories.patch pairing/webif/mobileaccess-... - Christoph Viethen
