1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
#!/usr/bin/perl
our $ID = q$Id$;
#
# wallet-backend -- Wallet server for storing and retrieving secure data.
#
# Written by Russ Allbery <rra@stanford.edu>
# Copyright 2007 Board of Trustees, Leland Stanford Jr. University
#
# See README for licensing terms.
##############################################################################
# Declarations and site configuration
##############################################################################
use strict;
use DBI;
use DBD::MySQL;
use Sys::Syslog qw(openlog syslog);
use Wallet::Config;
use Wallet::Server;
##############################################################################
# Implementation
##############################################################################
# Separately log our actions. remctl keeps some logs and we store extensive
# logs of successful actions in the database, but neither logs failed actions.
openlog ('wallet-backend', 'pid', 'auth');
# Get our trace information.
my $user = $ENV{REMOTE_USER} or die "REMOTE_USER not set\n";
my $host = $ENV{REMOTE_HOST} || $ENV{REMOTE_ADDR}
or die "Neither REMOTE_HOST nor REMOTE_USER set\n";
# Instantiate the server object.
my $server = Wallet::Server->new ($user, $host);
# Parse command-line options and dispatch to the appropriate calls.
my ($command, @args) = @ARGV;
if ($command eq 'acl') {
my $action = shift @args;
if ($action eq 'add') {
check_args (3, [], @args);
$server->acl_add (@args) or die $server->error;
} elsif ($action eq 'create') {
check_args (1, [], @args);
$server->acl_create (@args) or die $server->error;
} elsif ($action eq 'remove') {
check_args (3, [], @args);
$server->acl_remove (@args) or die $server->error;
} elsif ($action eq 'rename') {
check_args (2, [], @args);
$server->acl_rename (@args) or die $server->error;
}
} elsif ($command eq 'create') {
check_args (2, [], @args);
$server->create (@args) or die $server->error;
} elsif ($command eq 'destroy') {
check_args (2, [], @args);
$server->destroy (@args) or die $server->error;
} elsif ($command eq 'expires') {
if (@args > 2) {
check_args (3, [], @args);
$server->expires (@args) or die $server->error;
} else {
check_args (2, [], @args);
my $output = $server->expires (@args);
if (defined $output) {
print $output;
} else {
die $server->error;
}
}
} elsif ($command eq 'get') {
check_args (2, [], @args);
my $output = $server->get (@args);
if (defined $output) {
print $output;
} else {
die $server->error;
}
} elsif ($command eq 'getacl') {
check_args (3, [], @args);
my $output = $server->acl (@args);
if (defined $output) {
print $output;
} else {
die $server->error;
}
} elsif ($command eq 'owner') {
if (@args > 2) {
check_args (3, [], @args);
$server->owner (@args) or die $server->error;
} else {
check_args (2, [], @args);
my $output = $server->owner (@args);
if (defined $output) {
print $output;
} else {
die $server->error;
}
}
} elsif ($command eq 'setacl') {
check_args (4, [], @args);
$server->acl (@args) or die $server->error;
} elsif ($command eq 'show') {
check_args (2, [], @args);
my $output = $server->show (@args);
if (defined $output) {
print $output;
} else {
die $server->error;
}
} elsif ($command eq 'store') {
check_args (3, [2], @args);
$server->store (@args) or die $server->error;
}
|
