commit 9a9c62f3cfe087da29da32cf4281c3021533db72 Author: Alexandre Anriot Date: Mon Sep 12 19:51:19 2005 +0000 Initial revision diff --git a/AUTHORS b/AUTHORS new file mode 100644 index 0000000..488e4ec --- /dev/null +++ b/AUTHORS @@ -0,0 +1,7 @@ +Credits +------- + + Anriot Alexandre http://www.atlantilde.com/ + Colpart Gregory http://www.gcolpart.com/ + Dubois Sébastien http://morpheus.evolix.net/ + Evolix http://www.evolix.fr/ diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..aa8c9c5 --- /dev/null +++ b/LICENSE @@ -0,0 +1,340 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc. + 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Library General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Library General +Public License instead of this License. diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..41ba133 --- /dev/null +++ b/Makefile @@ -0,0 +1,60 @@ +# $Id$ +# +# Makefile pour Evoauth + +VERSION= 0.5 +SRC= ./ +WWWDIR= /var/www/htdocs +BINDIR= /usr/local/share +DOCDIR= /usr/local/share/doc +NAME= evoauth +TAR= tar + +install:all +all: web tools help msg + +web: + $(INSTALL) -d -m 0755 $(WWWDIR)/$(NAME)/{,includes,images} + $(INSTALL) -m 0644 htdocs/*.php $(WWWDIR)/$(NAME) + $(INSTALL) -m 0644 htdocs/includes/*.php $(WWWDIR)/$(NAME)/includes + $(INSTALL) -m 0664 htdocs/accueil.txt $(WWWDIR)/$(NAME)/htdocs + $(INSTALL) -m 0644 htdocs/images/*.* $(WWWDIR)/$(NAME)/images + $(INSTALL) -m 0644 htdocs/favicon.ico $(WWWDIR)/$(NAME) + +tools: module + $(INSTALL) -d -m 0755 $(BINDIR)/$(NAME) + $(INSTALL) -d -m 0774 /etc/evoauth + $(INSTALL) -m 0770 admin/Evoauth.pl $(BINDIR)/$(NAME) + $(INSTALL) -m 0644 evoauth.conf /etc/evoauth + +module: + cd admin/ && \ + perl Makefile.PL && \ + make && \ + make test && \ + make install && \ + make clean + +help: + $(INSTALL) -d -m 0755 $(DOCDIR)/$(NAME) + $(INSTALL) -m 0644 AUTHORS LICENSE README TODO $(DOCDIR)/$(NAME) + $(INSTALL) -d -m 0755 $(DOCDIR)/$(NAME)/install + $(INSTALL) -m 0644 install/* $(DOCDIR)/$(NAME)/install + $(INSTALL) -m 0664 install/evoauth.log $(BINDIR)/$(NAME) + +msg: + @echo + @echo Felicitations. Evoauth est a present installe. + @echo ---------------------------------------------- + @echo + @echo Consultez $(DOCDIR)/$(NAME) et $(DOCDIR)/$(NAME)/install + @echo pour plus d'informations. + @echo + +deinstall: + rm -rf $(BINDIR)/$(NAME) + rm -rf $(DOCDIR)/$(NAME) + rm -rf $(WWWDIR)/$(NAME) + + rm -rf /usr/libdata/perl5/Evoauth/ + cat /usr/local/libdata/perl5/site_perl/i386-openbsd/auto/Evoauth/.packlist | xargs sudo rm -rf diff --git a/README b/README new file mode 100644 index 0000000..74e3b0d --- /dev/null +++ b/README @@ -0,0 +1,84 @@ +Fonctionnement d'EvoAuth +------------------------ + +1 - Partie WEB et utilisateur +----------------------------- + +Voici le déroulement d'une connexion authentifiée sur le logiciel +Evoauth. + +L'utilisateur saisit ses identifiants (login et mot de passe) et +parvient à une page sur laquelle il est authentifié. Il peut : + + - activer son accès : son adresse ip est récupérée et indexée dans + un fichier historique. une règle d'autorisation est chargée dans le + firewall et l'utilisateur reste connecté jusqu'à ce que la pop-up + soit fermée ou que sa connexion se termine (un script annexe + supprimera des connexions actives). + l'utilisateur peut consulter son crédit restant, celui-ci est + mis à jour chaque minute. + + - changer son mot de passe : l'utilisateur est invité à saisir + à deux reprises son nouveau mot de passe, sur une page dédiée + + - se déconnecter + + +2 - Partie WEB et administrateur +-------------------------------- + +Celui-ci possède toutes les possibilités précédemment évoquées, mais +peut également procéder à l'administration du logiciel : + +- ajout d'un compte utilisateur + + Le compte d'administration par défaut est : + + login : admin + pass : ... + +- suppression d'un ou plusieurs compte(s) utilisateur + +- déconnexion d'utilisateurs + +- désactivation d'utilisateurs + +- expulsion d'un utilisateur, et ce de façon provisoire + +- changement du texte de bienvenue de l'utilisateur + + +3 - Suivis de l'activité +------------------------ + +Lorsqu'une personne se connecte, se déconnecte ou est automatiquement +supprimée, un email est envoyé à l'administrateur evoauth (email +précisée dans le fichier de configuration). Il est ainsi possible +d'avoir un contrôle complet de l'activité. + +Un journal de l'activité (connexion, déconnexion, suppression d'ip) est +également disponible dans /usr/local/share/evoauth/evoauth.log. + + +4 - Maintenance +--------------- + +Le script perl "Evoauth.pl" doit être ajouté à la crontab (vous +pouvez pour celà vous inspirer du fichier crontab.sample) et permet de +supprimer du fichier de status les adresses ip des utilisateurs qui ne +sont plus connectées. + +Il travaille par défaut sur une durée de 2 minutes. + +Ce script gère également l'initialisation du firewall, lors de +l'installation du logiciel, ainsi que la réinitialisation et l'arrêt. + + +5 - Arborescence par defaut +--------------------------- + +/etc/evoauth/evoauth.conf : fichier de configuration (regles) +/var/www/evoauth/{,images,includes} : interface web +/var/www/evoauth/accueil.txt : texte d'accueil +/usr/local/share/evoauth : interface d'administration +/usr/local/share/doc/evoauth : documentation, licence diff --git a/TODO b/TODO new file mode 100644 index 0000000..0c77f0b --- /dev/null +++ b/TODO @@ -0,0 +1,9 @@ +Todo +---- + +* gestion des groupes +* filtre : voir les utilisateurs connectés +* durée de validité pour les tickets (date de création) +* adresses MAC (spoofing, une seule connexion etc.) +* interception http +* securite : solution plus elegante et sure que de lancer un "sudo" pour executer le script diff --git a/admin/Changes b/admin/Changes new file mode 100644 index 0000000..c10f2f9 --- /dev/null +++ b/admin/Changes @@ -0,0 +1,6 @@ +Revision history for Perl extension Evoauth::Admin. + +0.01 Sat Sep 10 23:50:18 2005 + - original version; created by h2xs 1.9 with options + -X -n Evoauth::Admin + diff --git a/admin/Evoauth.pl b/admin/Evoauth.pl new file mode 100644 index 0000000..c451d54 --- /dev/null +++ b/admin/Evoauth.pl @@ -0,0 +1,44 @@ +#!/usr/bin/perl + +package main; + +use strict; +use warnings; +use Getopt::Std; + +use Evoauth::Admin; +use Evoauth::Functions; +use Evoauth::Iptables; + +$SIG{INT} = $SIG{TERM} = $SIG{KILL} = ""; + +# choix des options +my %options=(); +getopts("icsrd:a:",\%options); + +if (defined $options{a}) + { &Evoauth::Iptables::Alter(1, $options{a}); } +elsif (defined $options{d}) + { &Evoauth::Iptables::Alter(3, $options{d});} +elsif (defined $options{c}) + { &Evoauth::Iptables::Alter(2); } +elsif (defined $options{i}) + { &Evoauth::Iptables::Control(1); } +elsif (defined $options{s}) + { &Evoauth::Iptables::Control(2); } +elsif (defined $options{r}) + { &Evoauth::Iptables::Control(3); } +else + { &Usage; } + +sub Usage() { + print "\nusage :\n"; + print "-i : initialisation du logiciel\n"; + print "-s : arrêt du logiciel\n"; + print "-r : redémarrage du logiciel\n"; + print "-a ip : ajout d'une ip a la base\n"; + print "-d ip : suppression d'une ip a la base\n"; + print "-c : vérification des bases de connexion\n"; + print "-h : aide\n"; + exit; +} diff --git a/admin/MANIFEST b/admin/MANIFEST new file mode 100644 index 0000000..bf34f08 --- /dev/null +++ b/admin/MANIFEST @@ -0,0 +1,9 @@ +Changes +Makefile.PL +MANIFEST +README +t/Evoauth-Admin.t +lib/Evoauth/Admin.pm +lib/Evoauth/Functions.pm +lib/Evoauth/Iptables.pm +META.yml Module meta-data (added by MakeMaker) diff --git a/admin/META.yml b/admin/META.yml new file mode 100644 index 0000000..07e3f5e --- /dev/null +++ b/admin/META.yml @@ -0,0 +1,10 @@ +# http://module-build.sourceforge.net/META-spec.html +#XXXXXXX This is a prototype!!! It will change in the future!!! XXXXX# +name: evoauth +version: 0.5 +version_from: +installdirs: site +requires: + +distribution_type: module +generated_by: ExtUtils::MakeMaker version 6.17 diff --git a/admin/Makefile.PL b/admin/Makefile.PL new file mode 100644 index 0000000..69e14f7 --- /dev/null +++ b/admin/Makefile.PL @@ -0,0 +1,20 @@ +use ExtUtils::MakeMaker; + +$NAME = "Evoauth"; +$DISTNAME = "evoauth"; + +my @clean = qw( *~ *.old ); + +WriteMakefile( + VERSION => "0.5", + DISTNAME => $DISTNAME, + NAME => $NAME, + dist => { + COMPRESS => 'gzip -9f', + SUFFIX => '.tar.gz', + DIST_DEFAULT => 'all tardist', + }, + clean => { + FILES => join( " ", @clean ) + } +); diff --git a/admin/README b/admin/README new file mode 100644 index 0000000..2b4689d --- /dev/null +++ b/admin/README @@ -0,0 +1,33 @@ +Evoauth-Admin version 0.04 +========================== + +Evoauth::Admin est utilise afin de gerer la liste des personnes connectees au logiciel. + +INSTALLATION + +To install this module type the following: + + perl Makefile.PL + make + make test + make install + +DEPENDENCIES + +This module requires these other modules and libraries: + + DBI + DBD::Mysql + MIME::Lite + +COPYRIGHT AND LICENCE + +Licence GPL + +Copyright (C) 2005 by Evolix + +This library is free software; you can redistribute it and/or modify +it under the same terms as Perl itself, either Perl version 5.8.6 or, +at your option, any later version of Perl 5 you may have available. + + diff --git a/admin/lib/Evoauth/Admin.pm b/admin/lib/Evoauth/Admin.pm new file mode 100644 index 0000000..6e1e352 --- /dev/null +++ b/admin/lib/Evoauth/Admin.pm @@ -0,0 +1,62 @@ +package Evoauth::Admin; + +use 5.008006; +use strict; +use warnings; + +require Exporter; +use AutoLoader qw(AUTOLOAD); + +our @ISA = qw(Exporter); + +our %EXPORT_TAGS = ( 'all' => [ qw( + +) ] ); + +our @EXPORT_OK = ( @{ $EXPORT_TAGS{'all'} } ); + +our @EXPORT = qw( + +); + +our $VERSION = '0.4'; + + +1; +__END__ + +=head1 NAME + +Evoauth::Admin - Admin + +=head1 SYNOPSIS + + use Evoauth::Admin; + +=head1 DESCRIPTION + +Fonctions d'administration d'Evoauth. + +=head2 EXPORT + +... + +=head1 SEE ALSO + +... + +=head1 AUTHOR + +Alexandre Anriot, Eaanriot@evolix.fr + +=head1 COPYRIGHT AND LICENSE + +Copyright (C) 2005 by Alexandre Anriot + +This library is free software; you can redistribute it and/or modify +it under the same terms as Perl itself, either Perl version 5.8.6 or, +at your option, any later version of Perl 5 you may have available. + + +=cut + diff --git a/admin/lib/Evoauth/Functions.pm b/admin/lib/Evoauth/Functions.pm new file mode 100644 index 0000000..165a88f --- /dev/null +++ b/admin/lib/Evoauth/Functions.pm @@ -0,0 +1,106 @@ +package Evoauth::Functions; + +use strict; +use warnings; +use Config::Tiny; +use DBI; +use MIME::Lite; + +# Renvoit la date courrante +sub Date() { + my ($sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst) = + localtime(time); + + $year += 1900; + my $temps = "$mday/$mon/$year - $hour:$min:$sec"; + + return $temps; +} + +# Envoit un mail +sub Mail() { + my ($event, $ip) = @_; + my $temps = Date(); + + # paramètres de connexion + my $Config = Config::Tiny->read( '/etc/evoauth/evoauth.conf' ); + my $db = $Config->{bdd}->{db}; + my $username = $Config->{bdd}->{username}; + my $userpass = $Config->{bdd}->{userpass}; + + # connexion + my $dbh = DBI->connect( $db, $username, $userpass ) + && &Log("La connexion a réussie.") || + &Log("La connexion a échoué : $DBI::errstr"); + + # récupération du login correspondant à l'ip + my $sql = "SELECT login FROM users where ip = '".$ip."'"; + + my $sth = $dbh->prepare($sql);; + $sth->execute(); + + my $login; + $sth->bind_columns(undef, \$login) && $sth->fetch(); + + my $msg = new MIME::Lite + From => 'evoauth@shaktiware.fr', + To => 'aanriot@nerim.net', + Subject => $event, + Type => 'TEXT', + Data => "$temps : $event de $login ($ip)."; + + $msg -> send && &Log("Un mail a été envoyé."); + $dbh->disconnect(); +} + +# Ecrit dans le journal +sub Log() { + my $file = "/usr/local/share/evoauth/evoauth.log"; + my $message = shift; + my $temps = &Date; + + open(LOG, ">> $file") or + die "L'ouverture du journal evoauth.log a échoué: $!.\n"; + + print LOG "$temps $message\n"; + + close(LOG); +} + +1; +__END__ + +=head1 NAME + +Evoauth::Functions - Fonctions + +=head1 SYNOPSIS + + use Evoauth::Functions; + +=head1 DESCRIPTION + +Fonctions d'administration d'Evoauth. + +=head2 EXPORT + +... + +=head1 SEE ALSO + +... + +=head1 AUTHOR + +Alexandre Anriot, Eaanriot@evolix.fr + +=head1 COPYRIGHT AND LICENSE + +Copyright (C) 2005 by Alexandre Anriot + +This library is free software; you can redistribute it and/or modify +it under the same terms as Perl itself, either Perl version 5.8.6 or, +at your option, any later version of Perl 5 you may have available. + + +=cut diff --git a/admin/lib/Evoauth/Iptables.pm b/admin/lib/Evoauth/Iptables.pm new file mode 100644 index 0000000..ad322a7 --- /dev/null +++ b/admin/lib/Evoauth/Iptables.pm @@ -0,0 +1,241 @@ +package Evoauth::Iptables; + +use strict; +use warnings; +use Config::Tiny; +use Evoauth::Functions; + +my $Config = Config::Tiny->read( '/etc/evoauth/evoauth.conf' ); + +# Paramètres de configuration +my $activation = $Config->{control}->{enable}; +my $timetorem = $Config->{control}->{timetorem}; + +# Connexion à la base de données +my $db = $Config->{bdd}->{db}; +my $username = $Config->{bdd}->{username}; +my $userpass = $Config->{bdd}->{userpass}; + +my $dbh = DBI->connect( $db, $username, $userpass ) + && &Evoauth::Functions::Log("La connexion a réussie.") || + &Evoauth::Functions::Log("La connexion a échoué : $DBI::errstr"); + +# Règles +our %conf; +my $cpt = 1; + +while ($cpt <= 4) { + $conf{"rule".$cpt} = $Config->{rules}->{"rule".$cpt}; + $cpt++; +} + +sub Alter() { + my $action = shift; + my $ip = shift; + + # ajout + if ($action == 1) { + system("/sbin/iptables -I EVOAUTH -s $ip -j ACCEPT > /dev/null") && + &Evoauth::Functions::Log("Ajout de $ip aux connectés.") && + &Evoauth::Functions::Mail("Connexion", $ip); + } + + # verification + elsif ($action == 2) { + &check_iptables; + &check_timestamp; + } + + # suppression + else { + my $sql = qq{ UPDATE users set statut = 0 where ip = '$ip' }; + my $sth = $dbh->prepare($sql); + + system("/sbin/iptables -D EVOAUTH -s $ip -j ACCEPT") && + $sth->execute() && + $sth->finish() && + &Evoauth::Functions::Log("$ip [supprimee]") && + &Evoauth::Functions::Mail("Déconnexion", $ip); + } + + return 0; +} + + +sub check_iptables() { + my ($ip, @ips); + + &Evoauth::Functions::Log("Suppression des règles obsolètes dans iptables."); + + # obtention de la liste des ips + system("/sbin/iptables -L EVOAUTH -n |grep ACCEPT |awk '{ print \$4 }' > /tmp/ips.txt"); + + # on ouvre le fichier des ips + open(IPS, "/tmp/ips.txt") || &ecriture("L'ouverture des IPs a échoué."); + @ips = ; + close(IPS); + + foreach $ip (@ips) + { + chomp $ip; + + my $sql = "SELECT statut FROM users where ip = '".$ip."'"; + my $sth = $dbh->prepare( $sql ); + $sth->execute(); + + my $statut; + $sth->bind_columns(undef, \$statut); + + $sth->fetch(); + + if ($statut != 1) { + &Evoauth::Functions::Log("$ip [supprimée]\n"); + &Evoauth::Functions::Mail("Suppression", $ip); + &delet($ip); + } + } +} + +sub check_timestamp() { + &Evoauth::Functions::Log("Suppression des règles obsolètes dans iptables."); + + # on travaille sur tous les utilisateurs présents + my $sql = "SELECT * FROM users"; + my $sth = $dbh->prepare($sql); + $sth->execute(); + + my($id, $login, $pass, $groupe, $utype, $credit, $ip, $statut, + $actif, $firstcon, $lastupdate, $kick); + + $sth->bind_columns(undef, \$id, \$login, \$pass, \$groupe, + \$utype, \$credit, \$ip, \$statut, \$actif, \$firstcon, + \$lastupdate, \$kick); + + my ($newtime, $oldtime); + + &Evoauth::Functions::Log("Vérification de la base."); + + my $cpt; #compteur + while ($sth->fetch() && $sth != 0) + { + if ($statut == 1) + { + $newtime = time(); + $oldtime = $lastupdate; + + my $timestamp = $newtime - $oldtime; + if ($timestamp > $conf{timetorem}) + { + # dernière connexion est < 1 min -> suppresion + &delet($ip) && &Evoauth::Functions::Log("$ip [supprimée]") && + &Evoauth::Functions::Mail("Suppression", $ip); + } + + else + { + # sinon conservation + &Evoauth::Functions::Log("$ip [conservée]"); + } + } + } + + $sth->finish(); + return 0; +} + +sub Control() { + my $action = shift; + my ( @tmp1, @tmp2, $key, $value ); + + # start + if ($action == 1) { + while ( ($key, $value) = each(%conf) ) { + @tmp1 = split (/\t/, $value); + system("/sbin/iptables -t nat -A PREROUTING -p $tmp1[2] -i ppp0 --dport $tmp1[1] -j DNAT --to $tmp1[0]:$tmp1[1]"); + } + + &Evoauth::Functions::Log("1 - Regles de PREROUTING charges"); + + system("/sbin/iptables -N EVOAUTH") && + system("/sbin/iptables -A EVOAUTH -j DROP"); + + &Evoauth::Functions::Log("2 - Tables crées"); + + while ( ($key, $value) = each(%conf) ) { + @tmp2 = split (/\t/, $value); + system("/sbin/iptables -A FORWARD -p $tmp2[2] -i ppp0 -o eth0 --dport $tmp2[1] -j EVOAUTH"); + } + + &Evoauth::Functions::Log("3 - Règles chargées"); + + &Evoauth::Functions::Log("Evoauth vient de démarrer."); + } + + # arret + elsif ($action == 2) { + system("/sbin/iptables -F EVOAUTH") && + &Evoauth::Functions::Log("1 - Flush de la table EVOAUTH"); + + my @tmp3; + + while ( ($key, $value) = each(%conf) ) { + @tmp3 = split $value; + system("/sbin/iptables -D FORWARD -p $tmp3[2] -i ppp0 -o eth0 --dport $tmp3[1] -j EVOAUTH"); + system("/sbin/iptables -t nat -D PREROUTING -p $tmp3[2] -i ppp0 --dport $tmp3[1] -j DNAT --to $tmp3[0]:$tmp3[1]"); + } + + &Evoauth::Functions::Log("2 - Annulation FORWARD + PREROUTING"); + + system("/sbin/iptables -X EVOAUTH") && + &Evoauth::Functions::Log("3 - Suppression de la table EVOAUTH"); + + &Evoauth::Functions::Log("Evoauth vient de s'arreter."); + } + + # restart + else { + &stop() && + &start() && + &Evoauth::Functions::Log("Evoauth vient de redémarrer."); + } + + return 0; +} + +1; +__END__ + +=head1 NAME + +Evoauth::Iptables - Firewall + +=head1 SYNOPSIS + + use Evoauth::Iptables; + +=head1 DESCRIPTION + +Fonctions d'administration d'Evoauth. + +=head2 EXPORT + +... + +=head1 SEE ALSO + +... + +=head1 AUTHOR + +Alexandre Anriot, Eaanriot@evolix.fr + +=head1 COPYRIGHT AND LICENSE + +Copyright (C) 2005 by Alexandre Anriot + +This library is free software; you can redistribute it and/or modify +it under the same terms as Perl itself, either Perl version 5.8.6 or, +at your option, any later version of Perl 5 you may have available. + + +=cut diff --git a/admin/t/Evoauth-Admin.t b/admin/t/Evoauth-Admin.t new file mode 100644 index 0000000..5c83a4d --- /dev/null +++ b/admin/t/Evoauth-Admin.t @@ -0,0 +1,15 @@ +# Before `make install' is performed this script should be runnable with +# `make test'. After `make install' it should work as `perl Evoauth-Admin.t' + +######################### + +# change 'tests => 1' to 'tests => last_test_to_print'; + +use Test::More tests => 1; +BEGIN { use_ok('Evoauth::Admin') }; + +######################### + +# Insert your test code below, the Test::More module is use()ed here so read +# its man page ( perldoc Test::More ) for help writing this test script. + diff --git a/evoauth.conf b/evoauth.conf new file mode 100644 index 0000000..e1ae917 --- /dev/null +++ b/evoauth.conf @@ -0,0 +1,16 @@ +[control] +# Crontab activée ? +enable = 1 +timetorem = 70 + +[rules] +rule1 = 192.168.1.104 1494 tcp +rule2 = 192.168.1.110 3000 tcp +rule3 = 192.168.1.4 5631 tcp +rule4 = 192.168.1.4 5632 udp + +[bdd] +bddtype = mysql +db = DBI:mysql:evoauth032005:localhost +username = evoauth_user +userpass = DofWebr2 diff --git a/htdocs/accueil.txt b/htdocs/accueil.txt new file mode 100644 index 0000000..3185c8a --- /dev/null +++ b/htdocs/accueil.txt @@ -0,0 +1,10 @@ +Vous avez accès aux services suivants : + +
    +
  • CITRIX +
  • PCAnywhere +
  • Mantis +
+ +Pour activer votre accès, vérifier que votre navigateur autorise les pop-ups +pour cette adresse et cliquer sur Activation de votre accès. diff --git a/htdocs/activation.php b/htdocs/activation.php new file mode 100644 index 0000000..66baf55 --- /dev/null +++ b/htdocs/activation.php @@ -0,0 +1,69 @@ +'; +// echo ''; + echo ''; + echo '

Vous êtes connecté...'; + echo '

Pour revenir à l\'accueil tout en restant connecté, cliquez ici.'; +// echo '

Pour vous déconnecter, cliquez ici.'; + echo ''; +} + +// accès non autorisé +else +{ + kick("Accès non autorisé."); +} + +// chargement des règles concernées +function loadrules() +{ + // activation des règles de firewall + // system("sudo /usr/local/evoauth/bin/evoauth_fw.pl -a ".$_SESSION['ip']." -m".$_SESSION['mac']); + system("sudo /usr/local/evoauth/bin/evoauth_fw.pl -a ".$_SESSION['ip']); + + // verrouillage + update_statut($_SESSION['login'], "1"); + + // lancement de la popup + popup(); +} + +// lancement de la popup de connexion +function popup() +{ + global $height; + global $width; +?> + + + + + +

Vous êtes connecté.

+

Pour revenir à l'accueil tout en restant connecté, cliquez ici. + + + diff --git a/htdocs/edit.php b/htdocs/edit.php new file mode 100644 index 0000000..7010ce3 --- /dev/null +++ b/htdocs/edit.php @@ -0,0 +1,553 @@ +'; + echo 'Le changement de mot de passe a été effectué.'; + } + + else + { + // le changement a échoué + echo ''; + echo 'Le changement a échoué.'; + } + } /* fin mode changement du mot de passe utilisateur */ + + + + /* mode ajout d'un utilisateur */ + + elseif ($mode == "add" && $flag == 1 && $_SESSION['login'] == "admin") + { + // l'utilisateur a créer existe déjà + $resultat = seek_for_user($_POST['newlogin']); + + if ($resultat == 1) + { + echo ''; + echo 'L\'utilisateur existe déjà.'; + } + + // les 2 mots de passe saisis sont différents + elseif ($_POST['pass1'] != $_POST['pass2']) + { + echo ''; + echo 'Les mots de passe sont différents.'; + } + + // le nouvel utilisateur a un crédit nul + elseif ($_POST['utype'] == 1 && $_POST['credit'] == 0) + { + echo ''; + echo 'Crédit nul impossible.'; + } + + // tout est OK, on peut ajouter l'utilisateur + else + { + // création des paramètres + $newlogin = $_POST['newlogin']; + $newpass = md5($_POST['pass1']); + (defined($_POST['newgroup'])) ? $newgroup=$_POST['newgroup'] : $newgroup="general"; + + if ($_POST['utype'] == 0) + $newutype="0"; + elseif ($_POST['utype'] == 1) + $newutype="1"; + else + $newutype="0"; + + $newcredit = $_POST['credit']; + + // ajout proprement dit + $resultat = add_user($newlogin, $newpass, $newgroup, $newutype, $newcredit); + + if ($resultat) + { + echo ''; + echo 'L\'ajout de l\'utilisateur a réussi.'; + } + + else + { + echo ''; + echo 'L\'Ajout de l\'utilisateur a échoué.'; + } + } + } /* fin mode ajout d'un utilisateur */ + + + + /* mode suppression */ + + elseif ($mode == "suppression" && $flag == 1 && $_SESSION['login'] == "admin") + { + if (!empty($_POST['coche'])) + { + foreach ($_POST['coche'] as $coche) + { + $connexion = connexion(); + + $requete= "delete from users where id='$coche'"; + $resultat =mysql_query($requete, $connexion); + + if ($resultat == 1) + { + echo ''; + echo "La suppression a été correctement effectuée.
"; + } + + else + { + echo ''; + echo "La suppression a échouée: ".mysql_error()."
"; + } + + } + } + + else + { + echo ''; + echo "Aucun utilisateur à supprimer.
"; + } + } /* mode suppresion */ + + + + /* mode activation */ + + elseif ($mode == "activation" && $flag == 1 && $_SESSION['login'] == "admin") + { + if (!empty($_POST['coche'])) + { + foreach ($_POST['coche'] as $coche) + { + $connexion = connexion(); + + $requete= "update users set actif = 1 where id='$coche'"; + $resultat =mysql_query($requete, $connexion); + + if ($resultat == 1) + { + echo ''; + echo "L'activation a été correctement effectuée.
"; + } + + else + { + echo ''; + echo "L'activation a échouée: ".mysql_error()."
"; + } + } + } + + else + { + echo ''; + echo "Aucun utilisateur à activer.
"; + } + } /* fin mode activation */ + + + + /* mode desactivation */ + + elseif ($mode == "desactivation" && $flag == 1 && $_SESSION['login'] == "admin") + { + if (!empty($_POST['coche'])) + { + foreach ($_POST['coche'] as $coche) + { + $connexion = connexion(); + + $requete= "update users set actif = 0 where id='$coche'"; + $resultat =mysql_query($requete, $connexion); + + if ($resultat == 1) + { + echo ''; + echo "La désactivation a été correctement effectuée.
"; + } + + else + { + echo ''; + echo "La désactivation a échouée: ".mysql_error()."
"; + } + } + } + + else + { + echo ''; + echo "Aucun utilisateur à désactiver.
"; + } + } /* fin mode desactivation */ + + + + /* mode kick */ + + elseif ($mode == "kick" && $flag == 1 && $_SESSION['login'] == "admin") + { + if (!empty($_POST['coche'])) + { + foreach ($_POST['coche'] as $coche) + { + $connexion = connexion(); + + $requete= "select ip from users where id='$coche' and statut='1'"; + $resultat = mysql_fetch_row(mysql_query ($requete, $connexion)); + + // l'utilisateur + if ($resultat == 0) + { + echo ''; + echo "L'utilisateur n'est pas connecté.
"; + } + + else + { + $ip = current($resultat); + + // désactivation de l'utilisateur dans le firewall + system("/usr/bin/sudo /usr/local/evoauth/bin/evoauth_fw.pl -d $ip"); + + // variable nécessaire pour interdir le prochain refresh + setkick($ip, "1"); + + echo ''; + echo "L'utilisateur a été kické.
"; + } + } + } + + else + { + echo ''; + echo "Aucun utilisateur à kicker.
"; + } + } /* fin mode kick */ + + + /* mode accueil */ + + elseif ($mode == accueil) + { +?> + + + + Intranet <?=$title;?> + + +

+
+ +

Modifier le texte d'accueil

+
+ + + + + + + + +
Votre texte : + +
+
+



+ Accueil + Déconnexion + + + + + + + Intranet <?=$title;?> + + +

+
+ +

Changer votre mot de passe

+
+ + + + + + + + + + + + + + + + + + + + +

Ajouter un utilisateur

+ +
Login :
Nouveau mot de passe :
Confirmation :
 
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Login :
Groupe :
Mot de passe :
Confirmation :
Type : + Permanent + Crédité +
Crédit (utile si utilisateur crédité) :
 
+ + + + + + + + + + + + +lastupdate != 0) + { + $horodatage = date("d/m/Y, H:i:s", $byblos->lastupdate); + } + + else { $horodatage = "Aucune"; } +?> + + + + + + + + + + +utype == 0) + { +?> + + + + + + + + + + + +
 LoginGroupeStatutDernière connexionCompteTypeCrédit restant
id?>>id?>login?>groupe?>statut==1)?"Connecté":"Non connecté"?>actif==1)?"Activé":"Désactivé"?>utype==0)?"Permanent":"Crédité"?>credit?> minutes
+ + + + + +
+



+ Accueil + Déconnexion + + + diff --git a/htdocs/evoauth.txt b/htdocs/evoauth.txt new file mode 100644 index 0000000..7798423 --- /dev/null +++ b/htdocs/evoauth.txt @@ -0,0 +1 @@ +Premier démarrage. diff --git a/htdocs/favicon.ico b/htdocs/favicon.ico new file mode 100644 index 0000000..e69de29 diff --git a/htdocs/fin.php b/htdocs/fin.php new file mode 100644 index 0000000..5d756a8 --- /dev/null +++ b/htdocs/fin.php @@ -0,0 +1,34 @@ + /dev/null"); + update_statut($_SESSION['login'], "0"); +} + +session_unset(EVOAUTH_PHPSESSION); +session_destroy(); + +?> + + + + + + + + + + +
À bientôt.
+ + diff --git a/htdocs/images/accueil-evolix.jpg b/htdocs/images/accueil-evolix.jpg new file mode 100644 index 0000000..132bd0c Binary files /dev/null and b/htdocs/images/accueil-evolix.jpg differ diff --git a/htdocs/images/accueil-numnet.jpg b/htdocs/images/accueil-numnet.jpg new file mode 100644 index 0000000..0f0d818 Binary files /dev/null and b/htdocs/images/accueil-numnet.jpg differ diff --git a/htdocs/images/accueil-shaktiware.jpg b/htdocs/images/accueil-shaktiware.jpg new file mode 100644 index 0000000..ca484f6 Binary files /dev/null and b/htdocs/images/accueil-shaktiware.jpg differ diff --git a/htdocs/images/accueil.jpg b/htdocs/images/accueil.jpg new file mode 100644 index 0000000..132bd0c Binary files /dev/null and b/htdocs/images/accueil.jpg differ diff --git a/htdocs/images/accueil.png b/htdocs/images/accueil.png new file mode 100644 index 0000000..aad12e1 Binary files /dev/null and b/htdocs/images/accueil.png differ diff --git a/htdocs/images/fin.png b/htdocs/images/fin.png new file mode 100644 index 0000000..d3c4f6e Binary files /dev/null and b/htdocs/images/fin.png differ diff --git a/htdocs/images/logo.gif b/htdocs/images/logo.gif new file mode 100644 index 0000000..d52a028 Binary files /dev/null and b/htdocs/images/logo.gif differ diff --git a/htdocs/images/popup.jpg b/htdocs/images/popup.jpg new file mode 100644 index 0000000..8da329e Binary files /dev/null and b/htdocs/images/popup.jpg differ diff --git a/htdocs/includes/config.php b/htdocs/includes/config.php new file mode 100644 index 0000000..4cfa175 --- /dev/null +++ b/htdocs/includes/config.php @@ -0,0 +1,22 @@ + diff --git a/htdocs/includes/database.php b/htdocs/includes/database.php new file mode 100644 index 0000000..eb0e2e1 --- /dev/null +++ b/htdocs/includes/database.php @@ -0,0 +1,241 @@ +pass; +} + + +# sélection du groupe en fonction du login +function getgroup($login) +{ + $connexion = connexion(); + + $query= 'select groupe from users where login = \''.$login.'\''; + + $resultat = mysql_query($query) or die("Erreur getgroup: ".mysql_error()); + $valeur = mysql_fetch_object($resultat); + mysql_close ($connexion); + + return $valeur->group; +} + + +# renvoie le crédit restant de l'utilisateur passé en paramètre +function getcredit($login) +{ + $connexion = connexion(); + + $query= 'select credit from users where login = \''.$login.'\''; + + $resultat = mysql_query($query) or die("Erreur getcredit: ".mysql_error()); + $valeur = mysql_fetch_object($resultat); + mysql_close ($connexion); + + return $valeur->credit; +} + + +# indique si l'utilisateur est activé ou désactivé +function getactif($login) +{ + $connexion = connexion(); + + $query= 'select actif from users where login = \''.$login.'\''; + + $resultat = mysql_query($query) or die("Erreur getactif: ".mysql_error()); + $valeur = mysql_fetch_object($resultat); + mysql_close ($connexion); + + return $valeur->actif; +} + + +# renvoit le type de l'utilisateur passé en paramètre +function getutype($login) +{ + $connexion = connexion(); + + $query= 'select utype from users where login = \''.$login.'\''; + + $resultat = mysql_query($query) or die("Erreur getutype: ".mysql_error()); + $valeur = mysql_fetch_object($resultat); + mysql_close ($connexion); + + return $valeur->utype; +} + + +# renvoit le statut de l'utilisateur passé en paramètre +function getstatut($login) +{ + $connexion = connexion(); + + $query= 'select statut from users where login = \''.$login.'\''; + + $resultat = mysql_query($query) or die("Erreur getstatut: ".mysql_error()); + $valeur = mysql_fetch_object($resultat); + mysql_close ($connexion); + + return $valeur->statut; +} + + +# mise à jour du crédit de l'utilisateur +function setcredit($login, $credit) +{ + $connexion = connexion(); + + $query = 'update users set credit = \''.$credit.'\' where + login = \''.$login.'\''; + + $resultat = mysql_query($query) or die("Erreur setcredit: ".mysql_error()); + mysql_close ($connexion); + + return 1; +} + + +# mise à jour du mot de passe +function update_pass($newpass) +{ + $connexion = connexion(); + + $query = 'update users set pass = \''.$newpass.'\' where + login = \''.$_SESSION['login'].'\''; + + $resultat = mysql_query($query) or die("Erreur update_pass: ".mysql_error()); + mysql_close ($connexion); + + return 1; +} + + +# mise à jour de l'adresse ip du client +function update_ip($log, $ip) +{ + $connexion = connexion(); + + $query = 'update users set ip = \''.$ip.'\' where + login = \''.$log.'\''; + + $resultat = mysql_query($query) or die("Erreur update_ip: ".mysql_error()); + mysql_close ($connexion); + + return 1; +} + + +# mise à jour du statut du client +function update_statut($log, $statut) +{ + $connexion = connexion(); + + $query = 'update users set statut = \''.$statut.'\' where + login = \''.$log.'\''; + + $resultat = mysql_query($query) or die("Erreur update_statut: ".mysql_error()); + mysql_close ($connexion); + + return 1; +} + + +# mise à jour de lastupdate +function update_lastupdate($log, $lastupdate) +{ + $connexion = connexion(); + + $query = 'update users set lastupdate = \''.$lastupdate.'\' where + login = \''.$log.'\''; + + $resultat = mysql_query($query) or die("Erreur update_lastupdate: ".mysql_error()); + mysql_close ($connexion); + + return 1; +} + + +# recherche d'un utilisateur du même nom +function seek_for_user($newlogin) +{ + $connexion = connexion(); + + $query = 'select login from users where login = \''.$newlogin.'\''; + + $resultat = mysql_query($query); + $nombre = mysql_num_rows($resultat); + mysql_close ($connexion); + + if ($nombre) { return 1; } + else { return 0; } +} + + +# mise à jour du mot de passe +function add_user($newlogin, $pass, $newgroup, $utype, $credit) +{ + $connexion = connexion(); + + $query = 'insert into users (login, pass, groupe, utype, credit, actif) VALUES(\''.$newlogin.'\', + \''.$pass. '\', \''.$newgroup.'\', \''.$utype.'\', \''.$credit.'\', "1")'; + + $resultat = mysql_query($query) or die("Erreur add_user: ".mysql_error()); + + return 1; +} + + +# mise à jour de la variable kick +function setkick($ip, $value) +{ + $connexion = connexion(); + + $query = 'update users set kick = \''.$value.'\' where + ip = \''.$ip.'\''; + + $resultat = mysql_query($query) or die("Erreur setkick: ".mysql_error()); + mysql_close ($connexion); + + return 1; +} + + +# renvoit la valeur de kick de l'utilisateur passé en paramètre +function getkick($login) +{ + $connexion = connexion(); + + $query= 'select kick from users where login = \''.$login.'\''; + + $resultat = mysql_query($query) or die("Erreur getkick: ".mysql_error()); + $valeur = mysql_fetch_object($resultat); + mysql_close ($connexion); + + return $valeur->kick; +} +?> diff --git a/htdocs/includes/fonctions.php b/htdocs/includes/fonctions.php new file mode 100644 index 0000000..7f3631b --- /dev/null +++ b/htdocs/includes/fonctions.php @@ -0,0 +1,17 @@ + '; + echo ''; +} + +# récupération de l'adresse MAC +function getmac($ip) +{ + //$mac = system('cat /proc/net/arp |grep '.$ip.' | awk \'{ print $4 }\'', $tmp); + $mac = exec("cat /proc/net/arp |grep $ip | awk '{ print $4 }'"); + + return $mac; +} +?> diff --git a/htdocs/index.php b/htdocs/index.php new file mode 100644 index 0000000..6d97956 --- /dev/null +++ b/htdocs/index.php @@ -0,0 +1,53 @@ + + + + + +<?=$website;?> + + +

+ + + + + + + + + + + + + + + + + + + + + + + + + + +
 
 
Login
Mot de passe
 
+
+ +

+


Evoauth version 0.4.1 +

+ + diff --git a/htdocs/login.php b/htdocs/login.php new file mode 100644 index 0000000..c64aa70 --- /dev/null +++ b/htdocs/login.php @@ -0,0 +1,68 @@ + diff --git a/htdocs/membre.php b/htdocs/membre.php new file mode 100644 index 0000000..bf123fc --- /dev/null +++ b/htdocs/membre.php @@ -0,0 +1,139 @@ + + + + + <?=$title;?> + + + + +

+

+ + + + + + + + + + 0 && $utype = 0) + { +?> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
 
+

+ Votre crédit est épuisé. +

+
+

+ Il vous reste minutes. +

+
Activation de votre accès
 
Activation de votre accès
 
Changement de votre mot de passe
Gestion des utilisateurs
 
Modification du texte d'accueil
 
Déconnexion
+ +
+ + + + diff --git a/htdocs/popup_debut.php b/htdocs/popup_debut.php new file mode 100644 index 0000000..1b830af --- /dev/null +++ b/htdocs/popup_debut.php @@ -0,0 +1,119 @@ +'; +} + +else +{ + // données à insérer + $temps = time(); + $ligne = $temps." ".$_SESSION['ip']; + + if ($prepaid == 1 && getutype($_SESSION['login']) == "1") + { + // on récupère le crédit restant de l'utilisateur + $credit = getcredit($_SESSION['login']); + + $credit--; + + // actualisation de la base de données + setcredit($_SESSION['login'], $credit); + } + + update_statut($_SESSION['login'], "1"); + + $newt = time(); + update_lastupdate($_SESSION['login'], $newt); + + // crédit épuisé + if (getutype($_SESSION['login']) == "1" && $prepaid == 1 && $credit <= 0) + { + echo ''; + } + + // il reste du crédit + else + { +?> + + + + + + + + + + + + 0) + { +?> + + + + + + + + + + + + + + +
+ Attention, dernière minute de connexion... + + Vous êtes connecté et il vous reste minutes. + + Vous êtes connecté. +
+ + + +
AccueilDéconnexion
+ + + diff --git a/htdocs/popup_fin.php b/htdocs/popup_fin.php new file mode 100644 index 0000000..97ee579 --- /dev/null +++ b/htdocs/popup_fin.php @@ -0,0 +1,39 @@ + /dev/null"); + update_statut($_SESSION['login'], "0"); +} + +session_unset(EVOAUTH_PHPSESSION); +session_destroy(); + +?> + + + + + + + + + + + + + + + +
A bientôt.
Fermer
+ + diff --git a/htdocs/style.css b/htdocs/style.css new file mode 100644 index 0000000..1abc44b --- /dev/null +++ b/htdocs/style.css @@ -0,0 +1,11 @@ +body {background-color: #FFFFFF; font-family: Arial; font-size: 14px;} + +h1 { border-left: solid; border-right: solid; border-top: solid; border-bottom: solid; border-width: 1px; color: #000; font-size: 20px; font-weight: bold; text-align: center;} + +.header{color:#000000; font-weight:bold;font-size:17px;} + +.size15 {font-size:15px;} + +img {border: 0;} + +/* Copyright (c) 2004-2005 Evolix - Tous droits reserves */ diff --git a/install/crontab.sample b/install/crontab.sample new file mode 100644 index 0000000..ae8ae45 --- /dev/null +++ b/install/crontab.sample @@ -0,0 +1,2 @@ +#minute hour day_of_month month day_of_week command +* * * * * /usr/local/share/evoauth/bin/evoauth.pl -c diff --git a/install/database.sql b/install/database.sql new file mode 100644 index 0000000..2248ab2 --- /dev/null +++ b/install/database.sql @@ -0,0 +1,25 @@ +DROP DATABASE IF EXISTS evoauth032005; +CREATE DATABASE evoauth032005; +USE evoauth032005; + +GRANT ALL PRIVILEGES ON evoauth032005.* to evoauth_user@localhost identified by ''; +GRANT ALL PRIVILEGES ON evoauth032005.* to evoauth_user identified by ''; + +CREATE TABLE users ( +id BIGINT NOT NULL AUTO_INCREMENT, +login VARCHAR(20) NOT NULL, +pass VARCHAR(255) NOT NULL, +groupe VARCHAR(20) NOT NULL, +utype INT(10) NOT NULL, +credit INT(10) NOT NULL, +ip VARCHAR(20) NOT NULL, +statut INT(1) NOT NULL, +actif INT(1) NOT NULL, +firstcon VARCHAR(30) NOT NULL, +lastupdate VARCHAR(30) NOT NULL, +kick INT(1) NOT NULL, +PRIMARY KEY (id) ); + +INSERT INTO users (login, pass, groupe, actif, utype) VALUES ("daphnee", "098f6bcdr4621d373cade4e832627b4f6", "general", "1", "0"); +INSERT INTO users (login, pass, groupe, actif, utype, credit) VALUES ("pierre", "098f6bcdr4621d373cade4e832627b4f6", "general", "1", "1", "60"); +INSERT INTO users (login, pass, groupe, actif, utype) VALUES ("paul", "098f6bcdr4621d373cade4e832627b4f6", "general", "1", "0"); diff --git a/install/evoauth.log b/install/evoauth.log new file mode 100644 index 0000000..7798423 --- /dev/null +++ b/install/evoauth.log @@ -0,0 +1 @@ +Premier démarrage. diff --git a/install/http-evoauth.conf b/install/http-evoauth.conf new file mode 100644 index 0000000..7a31281 --- /dev/null +++ b/install/http-evoauth.conf @@ -0,0 +1,6 @@ +Alias /evoauth /var/www/evoauth/htdocs/ + + + AllowOverride All + Allow from all +