CVSROOT : /home/coder-com/cvs
Module : ircu2.10
Branch tags: u2_10_11_02
Commit time: 2002-09-20 01:37:15 UTC
Added files:
Tag: u2_10_11_02
tools/linesync/linesync.conf tools/linesync/linesync.sh
Log message:
Author: Kev <[EMAIL PROTECTED]>
Log message:
How did these get removed from this branch?
---------------------- diff included ----------------------
Index: ircu2.10/tools/linesync/linesync.conf
diff -u /dev/null ircu2.10/tools/linesync/linesync.conf:1.1.4.1
--- /dev/null Thu Sep 19 20:37:15 2002
+++ ircu2.10/tools/linesync/linesync.conf Thu Sep 19 20:37:05 2002
@@ -0,0 +1,15 @@
+
+# Configuration for linesync.sh
+#
+# - This file must be placed in the same directory as ircd.conf
+# - Note that all URL's *MUST* have a trailing /
+# - Since we are using wget, you could use ftp:// URL's as well if you want to
+
+# Where do we get our ircd.conf update?
+LINE_SERVER="http://some.domain/";
+
+# Check servers, as many as you like, seperated by spaces
+LINE_CHECK="http://host1.other.domain/lsync/ http://host-19.domain-x.net/
+http://www.domain.what";
+
+# What .conf lines are allowed in the downloaded updates?
+ALLOWED_LINES="kKQU"
Index: ircu2.10/tools/linesync/linesync.sh
diff -u /dev/null ircu2.10/tools/linesync/linesync.sh:1.1.4.1
--- /dev/null Thu Sep 19 20:37:16 2002
+++ ircu2.10/tools/linesync/linesync.sh Thu Sep 19 20:37:05 2002
@@ -0,0 +1,208 @@
+#!/bin/sh
+# linesync.sh, Copyright (c) 2002 Arjen Wolfs
+# 20020604, [EMAIL PROTECTED]
+#
+# The code contained is in this file is licenced under the terms
+# and conditions as specified in the GNU General Public License.
+#
+# linesync.sh - centralized ircd.conf updates.
+# The purpose of this little shell script is to allow a section of an ircd.conf to be
+# updated from a central location. Hence it is intended to facilitate the automated
+# distribution of k, K, Q, and U lines; or any other .conf lines you may wish to keep
+# synchronized accross all servers on a network.
+#
+# This script will download a file called linesync from a specified web server (see
+# below for configuration), and calculate an md5sum from it. It will then download
+# a file called linesync.sum from a configurable number of other web servers and
+# compare the contents of these files against the checksum calculated. If any of the
+# downloaded checksums mismatch, the program will abort. This provides security to
+# the centralized update mechanism - in order for it to be compromised, multiple
+# web servers would have to compromised.
+#
+# If all checksums match, the script inspects the .conf lines contained within the
+# downloaded file. If any .conf lines are found that are not specifically allowed,
+# the program will abort. This will prevent malicious/dangerous .conf lines (such as
+# O: or C: lines) from being inserted into ircd.conf.
+#
+# If all the checks mentioned above are passed, the script checks ircd.conf for a
+section
+# that begins with "# BEGIN LINESYNC", and ends with "# END LINESYNC". The section
+contained
+# between these two comments is the section maintained by this program. If these
+lines are not
+# found in the ircd.conf, they will be appended to it.
+# Next, the script will build a new ircd.conf by removing all lines present between
+the two
+# commented lines mentioned above, and replace them with the contents of the file
+downloaded.
+#
+# Once this has been completed, ircd.conf is backed up and replaced with the newly
+built version,
+# and ircd will be rehashed.
+#
+# Configuration: This script requires two parameters - the full path to your
+ircd.conf, and the
+# full path to your ircd.pid. It will look for a configuration file called
+linesync.conf in the
+# same directory as ircd.conf. See the included sample linesync.conf for information
+on how to
+# set it up. Obviously, you will need to have web server(s) to use for the
+distribution of your
+# .conf update and checksums. This script requires the presence of wget and md5sum,
+and various
+# other programs that should be present by default on any Unix system.
+#
+# This program should be run from crontab, i.e something like:
+# 0 0 * * * /home/irc/bin/linesync.sh /home/irc/lib/ircd.conf /home/irc/lib/ircd.pid
+#
+# This program has been tested on and works on FreeBSD, Solaris, and Linux.
+# md5sum is included in GNU textutils.
+#
+# Good Luck!
+# Arjen Wolfs ([EMAIL PROTECTED]), June 9 2002.
+#
+
+# This checks for the presence of an executable file in $PATH
+locate_program() {
+ if [ ! -x "`which $1 2>&1`" ]; then
+ echo "You don't seem to have $1. Sorry."
+ exit 1
+ fi
+}
+
+# This checks for the presence of any file
+check_file() {
+ if [ ! -f "$1" ]; then
+ echo "There doesn't appear to be a $1. Sorry."
+ exit 1
+ fi
+}
+
+# Try to find programs we will need
+locate_program wget && locate_program egrep && locate_program md5sum
+
+# try to find GNU awk
+awk_cmd=`which gawk`
+if [ $? ]; then
+ awk_cmd=""
+fi
+if [ -z "$awk_cmd" ]; then
+ locate_program awk
+ is_gawk=`echo | awk --version | head -1 | egrep '^GNU.+$'`
+ if [ -z "$is_gawk" ]; then
+ echo "Your version of awk is not GNU awk. Sorry."
+ exit 1
+ fi
+ awk_cmd="awk"
+fi
+
+# Check for required command line parameters
+if [ -z "$1" -o -z "$2" ]; then
+ echo "Usage: $0 <conf_path> <pid_path>"
+ echo " <conf_path> Full path to ircd.conf (/home/irc/lib/ircd.conf)"
+ echo " <pid_path> Full path to ircd.pid (/home/irc/lib/ircd.pid)"
+ exit 1
+fi
+
+# check and set up stuff
+cpath=$1
+ppath=$2
+check_file $cpath
+dpath=`dirname $cpath`
+lpath="$dpath/linesync.conf"
+check_file $lpath
+save_dir=$PWD; cd $dpath
+tpath=$PWD; cd $save_dir
+tmp_path="$dpath/tmp"
+mkdir $tmp_path > /dev/null 2>&1
+
+# load and check configuration
+. $lpath
+if [ -z "$LINE_SERVER" -o -z "$LINE_CHECK" -o -z "$ALLOWED_LINES" ]; then
+ echo "Please setup $lpath correctly."
+ exit 1
+fi
+
+# Not all versions of date support %s, work around it
+TS=`date +%Y%m%d%H%M%S`
+TMPFILE="$tmp_path/linesync.$TS"
+LSFILE="$LINE_SERVER""linesync"
+# Attempt to download our .conf update
+wget --cache=off --quiet --output-document=$TMPFILE $LSFILE > /dev/null 2>&1
+if [ ! -s "$TMPFILE" ]; then
+ echo "Unable to retrieve $LSFILE. Sorry."
+ rm $TMPFILE > /dev/null 2>&1
+ exit 1
+fi
+
+# Check wether the file contains any disallowed .conf lines
+bad_lines=`egrep '^[^'$ALLOWED_LINES'#]+' $TMPFILE`
+if [ ! -z "$bad_lines" ]; then
+ echo "The file downloaded in $TMPFILE contains the following disallowed
+line(s):"
+ echo $bad_lines
+ exit 1
+fi
+
+# check our ircd.conf
+ircd_setup=`egrep '^# (BEGIN|END) LINESYNC$' $cpath|wc -l`
+if [ $ircd_setup != 2 ]; then
+ cp $cpath $cpath.orig
+ echo "Performing initial merge on $cpath, original file saved as $cpath.orig."
+
+ echo "# Do NOT remove the following line, linesync.sh depends on it!" >>
+$cpath
+ echo "# BEGIN LINESYNC" >> $cpath
+ echo "# END LINESYNC" >> $cpath
+ echo "# Do not remove the previous line, linesync.sh depends on it!" >> $cpath
+
+ # Do an initial merge to remove duplicates
+ inpath="$tmp_path/linesync.tmp.$TS"
+ $awk_cmd '
+ {
+ if (!loaded_template) {
+ command="cat " tempfile; tlines=0;
+ while ((command | getline avar) > 0) { template[tlines]=avar;
+tlines++ }
+ close(command)
+ loaded_template++
+ }
+ dup_line=0
+ for (i=0; i<tlines; i++) {
+ if ($0==template[i]) { dup_line++; break }
+ }
+ if (!dup_line) print $0
+ } ' tempfile=$TMPFILE < $cpath > $inpath
+else
+ inpath=$cpath
+fi
+
+# Get the checksum
+CKSUM=`md5sum $TMPFILE|cut -d' ' -f1`
+
+check_file="$tmp_path/linesync.sum.$TS"
+for ck_server in $LINE_CHECK; do
+ sumfile="$ck_server""linesync.sum"
+ wget --cache=off --quiet --output-document=$check_file $sumfile > /dev/null
+2>&1
+ if [ ! -s "$check_file" ]; then
+ echo "Unable to retrieve checksum from $sumfile"
+ exit 1
+ fi
+ if [ "$CKSUM" != "`cat $check_file`" ]; then
+ echo "Checksum retrieved from $sumfile does not match!"
+ exit 1
+ fi
+ rm -f $check_file
+done
+# It all checks out, proceed...
+
+# Replace the marked block in ircd.conf with the new version
+
+$awk_cmd '
+$0=="# BEGIN LINESYNC" { chop++; print $0; next }
+$0=="# END LINESYNC" {
+ command="cat " syncfile
+ #while ((command | getline avar) > 0) { print avar }
+ close(command)
+ chop--
+}
+{ if (!chop) print $0 }
+' syncfile=$TMPFILE < $inpath > $tmp_path/linesync.new.$TS
+exit
+# Back up the current ircd.conf and replace it with the new one
+cp $cpath $dpath/ircd.conf.bk
+cp $tmp_path/linesync.new.$TS $cpath
+
+# Rehash ircd (without caring wether or not it succeeds)
+kill -HUP `cat $ppath 2>/dev/null` > /dev/null 2>&1
+
+# (Try to) clean up
+rm -rf $tmp_path > /dev/null 2>&1
+
+# That's it...
----------------------- End of diff -----------------------
