Mercurial Mercurial > hg > sap-vpn / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
sap-vpn.pl
changeset 10 13b84a92a65a
parent 9 b8eabdc8e452
child 11 16e6b1683c63
equal deleted inserted replaced
9:b8eabdc8e452 10:13b84a92a65a 
    15 ($EUID, $UID) = ($UID, $EUID);    # release ROOT, doesn't harm, if not suid
 
    15 ($EUID, $UID) = ($UID, $EUID);    # release ROOT, doesn't harm, if not suid
 
    16 ($0) = ($0 =~ /([.\/\w-]+)/);     # untaint $0
 
    16 ($0) = ($0 =~ /([.\/\w-]+)/);     # untaint $0
 
    17 
    17 
    18 use constant ME => basename $0;
 
    18 use constant ME => basename $0;
 
    19 
    19 
       
    20 
    20 delete @ENV{ grep /PATH/, keys %ENV };
 
    21 delete @ENV{ grep /PATH/, keys %ENV };
 
    21 $ENV{PATH} = "/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/sbin:/bin";
 
    22 $ENV{PATH} = "/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/sbin:/bin";
 
    22 
    23 
    23 ###
 
    24 ###
 
    24 ### STEP 0 :: Verify that we have the necessary requirements.
 
    25 ### STEP 0 :: Verify that we have the necessary requirements.
 
    37 
    38 
    38 # Default values for the FQDN or IP of the FirePass we wish to connect to, the
 
    39 # Default values for the FQDN or IP of the FirePass we wish to connect to, the
 
    39 # name of our Network Access favorite, and our username/pasword.  All of these
 
    40 # name of our Network Access favorite, and our username/pasword.  All of these
 
    40 # can be passed as arguments, if desired.
 
    41 # can be passed as arguments, if desired.
 
    41 
    42 
    42 my $opt_user;
 
    43 my $opt_user     = "";
 
    43 my $opt_passcode;
 
    44 my $opt_passcode = "";
 
    44 my $opt_host     = 'connectwdf.sap.com';
 
    45 my $opt_host     = 'connectwdf.sap.com';
 
    45 my $opt_name     = 'SAP Network Access';
 
    46 my $opt_name     = 'SAP Network Access';
 
    46 my $opt_linkname = basename $0;
 
    47 my $opt_linkname = basename $0;
 
    47 my $opt_help     = 0;
 
    48 my $opt_help     = 0;
 
    48 my $opt_man      = 0;
 
    49 my $opt_man      = 0;
 
    49 my @ppp_opts     = ();
 
    50 my @ppp_opts     = ();
 
    50 my $opt_debug    = 0;
 
    51 my $opt_debug    = 0;
 
    51 my $opt_verbose  = 0;
 
    52 my $opt_verbose  = 0;
 
    52 my $opt_script;
 
    53 my $opt_script   = undef;
 
    53 my $opt_ppp  = 1;
 
    54 my $opt_ppp      = 1;
 
    54 my $opt_kill = 0;
 
    55 my $opt_kill     = undef;
 
    55 
    56 
    56 sub untaint(;$) {
 
    57 sub untaint(;$) {
 
    57     my $ref = @_ ? \$_[0] : \$_;
 
    58     my $ref = @_ ? \$_[0] : \$_;
 
       
    59     return $$ref if not defined $$ref;
 
    58     my ($x) = ($$ref =~ /([\/\w.-]+)/i);
 
    60     my ($x) = ($$ref =~ /([\/\w.-]+)/i);
 
    59     return $$ref = $$ref eq $x ? $x : undef;
 
    61     return $$ref = (defined $x and $$ref eq $x) ? $x : undef;
 
    60 }
 
    62 }
 
    61 
    63 
    62 sub verbose(@) { print STDERR @_ if $opt_verbose }
 
    64 sub verbose(@) { print STDERR @_ if $opt_verbose }
 
    63 sub debug(@)   { warn @_         if $opt_debug }
 
    65 sub debug(@)   { warn @_         if $opt_debug }
 
    64 sub do_kill($);
 
    66 sub do_kill($);
 
    99       if not $EUID == 0 || $UID == 0;
 
   101       if not $EUID == 0 || $UID == 0;
 
   100 
   102 
   101     exit do_kill($opt_linkname) if $opt_kill;
 
   103     exit do_kill($opt_linkname) if $opt_kill;
 
   102 
   104 
   103     untaint($opt_user)
 
   105     untaint($opt_user)
 
   104       or die ME . ": username \"$opt_user\" didn't pass verification\n";
 
   106       or die ME . ": username didn't pass verification\n";
 
   105 
   107 
   106     if (not defined $opt_passcode) {
 
   108     if (not defined $opt_passcode) {
 
   107         chomp(my $settings = qx{stty "-g"});
 
   109         chomp(my $settings = qx{stty "-g"});
 
   108         open(IN, "/dev/tty") or die ME . ": Can't open /dev/tty: $!\n";
 
   110         open(IN, "/dev/tty") or die ME . ": Can't open /dev/tty: $!\n";
 
   109         print "Passcode for $opt_user: ";
 
   111         print "Passcode for $opt_user: ";
 
   298 =head1 SYNOPSIS
 
   300 =head1 SYNOPSIS
 
   299 
   301 
   300  sap-vpn [-d|--debug] [-v|--verbose] [--[no]ppp] 
   302  sap-vpn [-d|--debug] [-v|--verbose] [--[no]ppp] 
   301      [-o|--opt <ppp option>]
 
   303      [-o|--opt <ppp option>]
 
   302      [-l|--linkname <link name>]
 
   304      [-l|--linkname <link name>]
 
   303      [-u|--user <user>] [-p|--passcode <passcode>]
 
       
   304      [-H|--host <host>]
 
   305      [-H|--host <host>]
 
   305      [-s|--script <script>]
 
   306      [-s|--script <script>]
 
       
   307      -u|--user <user> -p|--passcode <passcode>
 
   306 
   308 
   307  sap-vpn [-l|--linkname <link name>] -k|--kill
 
   309  sap-vpn [-l|--linkname <link name>] -k|--kill
 
   308 
   310 
   309  sap-vpn [-h|--help]
 
   311  sap-vpn [-h|--help]
 
   310  sap-vpn [-m|--man]
 
   312  sap-vpn [-m|--man]
 
   361 B<Note:> The C<nodefaultroute> is set automatically.
 
   363 B<Note:> The C<nodefaultroute> is set automatically.
 
   362 
   364 
   363 =item B<-p>|B<--passcode> I<passcode>
 
   365 =item B<-p>|B<--passcode> I<passcode>
 
   364 
   366 
   365 Your passcode, if not supplied, F</dev/tty> is opened for reading
 
   367 Your passcode, if not supplied, F</dev/tty> is opened for reading
 
   366 the passcode. (no default)
 
   368 the passcode. Not really optional. (no default)
 
   367 
   369 
   368 =item B<--[no]ppp>
 
   370 =item B<--[no]ppp>
 
   369 
   371 
   370 Start (don't start) the PPP daemon. This option is for debugging purpose
 
   372 Start (don't start) the PPP daemon. This option is for debugging purpose
 
   371 only. (default: on)
 
   373 only. (default: on)
sap-vpn