RyXéo » GLPI

#!/usr/bin/php -q

<?php

/** **************************************************************************

 * Copyright (C) 2004 Eric Seigne <eric.seigne@ryxeo.com>

 *

 * This program is free software; you can redistribute it and/or modify

 * it under the terms of the GNU General Public License as published by

 * the Free Software Foundation; either version 2 of the License.

 *

 * This program is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU General Public License for more details.

 *

 * You should have received a copy of the GNU General Public License

 * along with this program; if not, write to the Free Software

 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

 * ***************************************************************************

 * File  : net2dip.sendtohurlevent

 * Author  : Eric SEIGNE

 *           mailto:eric.seigne@ryxeo.com

 *           http://www.ryxeo.com/

 * Date    : 12/06/2004

 * Licence : GNU/GPL Version 2

 *

 * Description:

 * ------------

 *

 * @version    $Id: net2dip.sendtohurlevent,v 1.5 2004/12/09 11:31:49 erics Exp $

 * @author     Eric Seigne

 * @project   

 * @copyright  Eric Seigne 12/06/2004

 *

 * Passe de .NET  GnuDIP les infos ncessaires pour que le serveur GnuDIP

 * puisse faire son travail

 *

 * Depose egalement un fichier /home/webs/www.abuledu.net/htdocs/epack/export/checksum

 * dans lequel se trouve tous les htpasswd des comptes autorises a faire des apt-get

 * et les serveurs apt.ryxeo.com recuperent et de-gpg ce fichier via un cron

 *

 * ************************************************************************* */

$base_dir = dirname(__FILE__);

$text = "";

require_once "$base_dir/config/config.php";

require_once "$base_dir/libraries/fonctions.php";

//Creation automatique du fichier de mots de passe pour les restrictions de connexion

//sur les depot apt and co

$fic_htpass        = "/tmp/htpasswd-anet";

//Avec un nom checksum pour ne pas eveiller l'attention

$dir_htpass_public = "/home/webs/www.abuledu.net/htdocs/epack/export/";

$fic_htpass_public = "checksum";

$result = system("rm -f " . $fic_htpass . " " . $dir_htpass_public . $fic_htpass_public . "&& touch " . $fic_htpass);

function make_htpass($login,$pass) {

  global $fic_htpass;

  $l = $login;

  //debug

  //echo "login: $login / $pass\n";

  //Si $login est toujours sous forme de mac on vire les ":"

  if(strpos($login,":") > 0)

    $login = trim(str_replace(":","",$login));

  //Si $login est toujours sous forme xxx.dip.abuledu.net

  if(strpos($login,".dip.abuledu.net") > 0)

    $login = trim(str_replace(".dip.abuledu.net","",$login));

  //Et le login en MAG et MIN because a bug ou un truc a la con qqpart dans la chaine

  $result = shell_exec("htpasswd -mb " . $fic_htpass . " " . trim(strtolower($login)) . " " . trim($pass) . " 2>&1");

  $result = shell_exec("htpasswd -mb " . $fic_htpass . " " . trim(strtoupper($login)) . " " . trim($pass) . " 2>&1");

}

//Les serveurs avant 2009 ne sont pas des epacks et leur mot de passe est stocke en crypte

$query = "SELECT e.password as gnudip_pass,os_license_number as dns_alias0,os_license_id as dns_alias1 FROM glpi_computers AS c

LEFT JOIN glpi_plugin_anet_epacks AS e ON e.FK_serveur=c.ID

WHERE os_license_number!='' AND e.creation_date<'2009-07-07'";

if ( DB::isError($result = $dbglpi->query($query)) ) {

  die ("***\n$query\n" . DB::errorMessage($result) . "\n***\n\n");

 }

$nb = $result->NumRows();

for ( $i = 0; $i < $nb; $i++) {

  $row = $result->fetchrow();

  // pb 2010 avec implode si on a une espace qui termine les champs dyndns ou dip ca fait planter le serveur

  // dns a l autre bout ...

  //  $text .= implode(";",$row) . "\n";

  $text .= trim($row[0]) . ";" . trim($row[1]) . ";" . trim($row[2]) . ";\n";

  make_htpass($row[1],$row[0]);

}

//les serveurs post ENR sont des epacks reels et leur mot de passe n'est pas crypte

$query2 = "SELECT MD5(e.password),os_license_number,os_license_id FROM glpi_computers AS c

LEFT JOIN glpi_plugin_anet_epacks AS e ON e.FK_serveur=c.ID

WHERE os_license_number!='' AND e.creation_date>'2009-07-06'";

//fix #596

//On supprime les epacks qu'on a marque comme n etant plus sous maintenance

$query2 .= " AND e.FK_contract>'0'";

if ( DB::isError($result2 = $dbglpi->query($query2)) ) {

  die ("***\n$query2\n" . DB::errorMessage($result2) . "\n***\n\n");

 }

$nb = $result2->NumRows();

for ( $i = 0; $i < $nb; $i++) {

  $row = $result2->fetchrow();

  $text .= implode(";",$row) . "\n";

  make_htpass($row[1],$row[0]);

 }

//Et ensuite les comptes utilisateurs pour les espaces limites uniquement

//Seuls les revendeurs (profile=5) et les orga-upgrade (profile=7)

$query3 = "SELECT name, realname FROM glpi_users as gu

LEFT JOIN glpi_users_profiles as gup ON gup.FK_users=gu.ID

WHERE gup.FK_profiles = '5' OR gup.FK_profiles = '7'

GROUP BY name";

if ( DB::isError($result3 = $dbglpi->query($query3)) ) {

  die ("***\n$query2\n" . DB::errorMessage($result3) . "\n***\n\n");

 }

$nb = $result3->NumRows();

for ( $i = 0; $i < $nb; $i++) {

  $row = $result3->fetchrow();

  //le nom en minuscule, sans accents et sans espaces

  $nom = anti_speciaux($row[1],2);

  $login = trim($row[0]);

  make_htpass($login,$nom);

 }

/*

 *

 * EXPEDITION DES DONNEES POUR LE SERVEUR GNUDIP

 *

 */

$gpg="/usr/bin/gpg";

//Reception en clair pour tests

$user_clear="Eric Seigne <eric.seigne@ryxeo.com>";

//Expediteur

$user_from="AbulEdu Monitoring Robot on Horizon-2 <abuledu-monitoring@Horizon-2.ryxeo.com>";

//Destinataire serveur dyndns

$user_dyndns="Hurlevent GnuDIP Server <abuledu.gnudip.hurlevent@ryxeo.com>";

//Destinataire serveur apt

$user_apt="APT Filtered server <ryxeo.apt@apt.ryxeo.com>";

$command = 'echo "'.$text.'" | '.$gpg.' -a --always-trust --batch --no-secmem-warning -s -e -u "'.$user_from.'" -r "'.$user_dyndns.'"';

$result = exec($command, $encrypted, $errorcode);

$message = implode("\n", $encrypted);

/*

if( ereg("-----BEGIN PGP MESSAGE-----.*-----END PGP MESSAGE-----",$message) ) {

        echo "It Worked";

} else {

        echo "It failed";

}

*/

$subject="Update \"gnudip\" database table on abuledu.net";

$header="From: $user_from";

mail($user_dyndns,$subject,$message,$header);

mail($user_clear,$subject,$message,$header);

// tests mail($user_clear,$subject,$text,$header);

mail($user_clear,$subject,$text,$header);

//Ensuite on GPG Crypte le fichier de htpasswd avec la meme cle

$encrypted = "";

$message = "";

$command = 'rm -f "' . $dir_htpass_public . $fic_htpass_public  . '" && cat "' . $fic_htpass . '" | ' . $gpg . ' --always-trust --batch --no-secmem-warning -s -e -u "' . $user_from . '" -r "' . $user_apt . '" > ' . $dir_htpass_public . $fic_htpass_public;

//print $command;

$result = exec($command, $encrypted, $errorcode);

//le fichier de checksum que les serveurs vont downloader pour verifier si y a une mise a jour

$result = exec("cd " . $dir_htpass_public . " && md5sum " . $fic_htpass_public . " > " . $fic_htpass_public . ".md5");

?>