2013-03-11 16:55:19 +01:00
|
|
|
#!/usr/bin/php
|
|
|
|
<?php
|
|
|
|
|
|
|
|
# Copyright (c) 2013 Yubico AB
|
|
|
|
# All rights reserved.
|
|
|
|
#
|
|
|
|
# Redistribution and use in source and binary forms, with or without
|
|
|
|
# modification, are permitted provided that the following conditions are
|
|
|
|
# met:
|
|
|
|
#
|
|
|
|
# * Redistributions of source code must retain the above copyright
|
|
|
|
# notice, this list of conditions and the following disclaimer.
|
|
|
|
#
|
|
|
|
# * Redistributions in binary form must reproduce the above
|
|
|
|
# copyright notice, this list of conditions and the following
|
|
|
|
# disclaimer in the documentation and/or other materials provided
|
|
|
|
# with the distribution.
|
|
|
|
#
|
|
|
|
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
|
|
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
|
|
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
|
|
|
# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
|
|
# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
|
|
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
|
|
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
|
|
# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
|
|
# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
|
|
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
|
|
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
|
2015-09-08 10:57:26 +02:00
|
|
|
set_include_path(implode(PATH_SEPARATOR, array(
|
|
|
|
get_include_path(),
|
|
|
|
'/usr/share/yubikey-val',
|
|
|
|
'/etc/yubico/val',
|
|
|
|
)));
|
2013-03-11 16:55:19 +01:00
|
|
|
|
|
|
|
$options = getopt("h", array("help", "email::", "notes::", "otp::", "urandom"));
|
|
|
|
|
|
|
|
if(array_key_exists('h', $options) || array_key_exists('help', $options)) {
|
|
|
|
echo "Usage: ".$argv[0]." [ OPTIONS ] [ num_clients ]\n";
|
|
|
|
echo " Unless num_clients is defined, one client will be generated.\n\n";
|
|
|
|
echo "Options supported by ".$argv[0]."\n";
|
|
|
|
echo " --urandom\n";
|
2015-07-02 13:36:49 +02:00
|
|
|
echo " Use /dev/urandom instead of /dev/random as entropy source\n";
|
2013-03-11 16:55:19 +01:00
|
|
|
echo " --email=EMAIL\n";
|
|
|
|
echo " Sets the e-mail field of the created clients\n";
|
|
|
|
echo " --notes=NOTES\n";
|
|
|
|
echo " Sets the notes field of the created clients\n";
|
|
|
|
echo " --otp=OTP\n";
|
|
|
|
echo " Sets the otp field of the created clients\n";
|
|
|
|
exit(1);
|
|
|
|
}
|
|
|
|
|
2013-03-12 09:33:47 +01:00
|
|
|
require_once 'ykval-config.php';
|
|
|
|
require_once 'ykval-db.php';
|
|
|
|
|
|
|
|
$logname="ykval-gen-clients";
|
|
|
|
$myLog = new Log($logname);
|
|
|
|
|
2013-03-11 16:55:19 +01:00
|
|
|
$db = Db::GetDatabaseHandle($baseParams, $logname);
|
|
|
|
|
|
|
|
if(!$db->connect()) {
|
|
|
|
$myLog->log(LOG_WARNING, "Could not connect to database");
|
|
|
|
error_log("Could not connect to database");
|
|
|
|
exit(1);
|
|
|
|
}
|
|
|
|
|
|
|
|
$count=1;
|
|
|
|
if($last_arg = intval(array_pop($argv))) {
|
|
|
|
$count = $last_arg;
|
|
|
|
}
|
|
|
|
|
|
|
|
$result = $db->customQuery("SELECT id FROM clients ORDER BY id DESC LIMIT 1");
|
|
|
|
$row = $db->fetchArray($result);
|
|
|
|
$db->closeCursor($result);
|
|
|
|
if($row) {
|
|
|
|
$next_id = $row['id']+1;
|
|
|
|
} else {
|
|
|
|
$next_id = 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
$random = array_key_exists('urandom', $options) ? "/dev/urandom" : "/dev/random";
|
|
|
|
$fh = fopen($random, "r");
|
|
|
|
if(!$fh) {
|
|
|
|
die("cannot open ".$random);
|
|
|
|
}
|
|
|
|
|
|
|
|
for ($i=0; $i<$count; $i++) {
|
|
|
|
$client_id = $next_id++;
|
|
|
|
if (!($rnd = fread ($fh, 20))) {
|
|
|
|
die("cannot read from ".$random);
|
|
|
|
}
|
|
|
|
$secret = base64_encode($rnd);
|
|
|
|
|
|
|
|
$params = array(
|
|
|
|
"id" => $client_id,
|
|
|
|
"active" => 1,
|
|
|
|
"created" => time(),
|
|
|
|
"secret" => $secret,
|
|
|
|
"email" => array_key_exists('email', $options) ? $options['email'] : '',
|
|
|
|
"notes" => array_key_exists('notes', $options) ? $options['notes'] : '',
|
|
|
|
"otp" => array_key_exists('otp', $options) ? $options['otp'] : ''
|
|
|
|
);
|
|
|
|
|
|
|
|
$query="INSERT INTO clients " .
|
|
|
|
"(id,active,created,secret,email,notes,otp) VALUES " .
|
|
|
|
"('" . $params["id"] . "', " .
|
|
|
|
"'" . $params["active"] . "', " .
|
|
|
|
"'" . $params['created'] . "'," .
|
|
|
|
"'" . $params['secret'] . "'," .
|
|
|
|
"'" . $params['email'] . "'," .
|
|
|
|
"'" . $params['notes'] . "'," .
|
|
|
|
"'" . $params['otp'] . "')";
|
|
|
|
|
|
|
|
if(!$db->customQuery($query)){
|
|
|
|
$myLog->log(LOG_ERR, "Failed to insert new client with query " . $query);
|
|
|
|
error_log("Failed to insert new client with query " . $query);
|
|
|
|
exit(1);
|
|
|
|
}
|
|
|
|
|
2013-06-11 16:10:51 +02:00
|
|
|
echo $client_id.",".$secret."\n";
|
2013-03-11 16:55:19 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
fclose($fh);
|
|
|
|
|
|
|
|
$myLog->log(LOG_NOTICE, "Successfully inserted generated clients into database");
|