ARCv2
view release on metacpan or search on metacpan
- Name for ARCv2 command line interface (arcx, arcxd) 01/23/2004
- Arc Extended
- Makefile.PL improvements
- default values for host, path and port during Makefile.PL
- first DESY Zeuthen production release.
0.02 Thu Jan 22 2004
- removed Config::IniFiles from Arc classes
- improved signal handling
- added client and server scripts, to be
able to use the client and start the server
from command line
- documentation
- structured internal variable access
0.01 Tue Dec 9 16:46:42 2003
- original version; created by h2xs 1.22 with options
lib/Arc.pod view on Meta::CPAN
SASL-authenticated socket connection. The purpose is to convey
requests such as privileged commands (e.g. AFS, Crontab) to be executed on the
server under appropriate privileges. Given that all privileges are
confined to the server and the server can be programmed as to filter and
check the command to be executed, the client machine can be less trusted
than the server.
Because ARC-v1-Commands are written in perl anyway, implementing the client/server
in perl makes sense. Platform-independence and "easy-to-read" source code are welcome
too. This package provides two perl command line scripts (arcx, arcxd). They can
be used for working with the ARC server from the command line, resp. to start the
server.
=head1 SYNOPSIS
This is a abstract (known from c++) class.
This is the base class which defines the namespace for
the ARCv2 module suite.
=head1 Class VARIABLES
lib/Arc/Command.pod view on Meta::CPAN
SASL-authenticated socket connection. The purpose is to convey
requests such as privileged commands (e.g. AFS, Crontab) to be executed on the
server under appropriate privileges. Given that all privileges are
confined to the server and the server can be programmed as to filter and
check the command to be executed, the client machine can be less trusted
than the server.
Because ARC-v1-Commands are written in perl anyway, implementing the client/server
in perl makes sense. Platform-independence and "easy-to-read" source code are welcome
too. This package provides two perl command line scripts (arcx, arcxd). They can
be used for working with the ARC server from the command line, resp. to start the
server.
=head1 SYNOPSIS
This module is part of the module suite ARCv2.
This is the command module from ARCv2. If we would use C++, we would say
this is an abstract class of an ARC Command. All commands used by ARCv2 should
derive from this class.
=head1 HOW DOES IT WORKS
This abstract class is the base class for all existing ARCv2 commands and
should be the base class for all new ARCv2 commands.
When starting the ARCv2 Server you have to pass a important hash:
$arc = new Arc::Server (
[..] Arc::Server vars [..],
connection_vars => {
commands => {
'pv' => 'Arc::Command::Pv'
}
}
)
lib/Arc/Connection.pm view on Meta::CPAN
$cmd = "_R".$cmd;
$ret = $this->_SetError("Evaluation of command $cmd failed ($@).")
unless eval { $this->$cmd; }
} else {
$ret = $this->_SetError("Unexpected command: $cmd");
}
return $ret;
}
## send the ARCv2 SASL command. (protocol)
## This function encodes the output from sasl_*_start and sasl_*_step with Base-64 and sends
## it to the other side
##in> $saslstr
##out> true if successful, otherwise false
##eg> $this->_Sasl($sasl->client_start());
sub _Sasl
{
my ($this,$str) = @_;
return $this->_SendCommand("SASL",encode_base64($str,""));
}
## initialize sasl.
## This function initializes the C<__sasl> member with an object
## of C<Authen::SASL>.
##out> true if successful, otherwise false
lib/Arc/Connection.pod view on Meta::CPAN
SASL-authenticated socket connection. The purpose is to convey
requests such as privileged commands (e.g. AFS, Crontab) to be executed on the
server under appropriate privileges. Given that all privileges are
confined to the server and the server can be programmed as to filter and
check the command to be executed, the client machine can be less trusted
than the server.
Because ARC-v1-Commands are written in perl anyway, implementing the client/server
in perl makes sense. Platform-independence and "easy-to-read" source code are welcome
too. This package provides two perl command line scripts (arcx, arcxd). They can
be used for working with the ARC server from the command line, resp. to start the
server.
=head1 SYNOPSIS
This module is part of the module suite ARCv2.
This is the connection module from ARCv2. If we would use C++, we would say
this is an abstract class of an ARCv2 Connection. This class provides common
methods to its derived classes. Such as for authentication and basic ARCv2
protocols.
lib/Arc/Connection.pod view on Meta::CPAN
B<Example:>
if (my $line = $this->_RecvLine()) { ... }
=item _Sasl ( $saslstr )
B<Description>: send the ARCv2 SASL command. (protocol)
This function encodes the output from sasl_*_start and sasl_*_step with Base-64 and sends
it to the other side
B<Returns:> true if successful, otherwise false
B<Example:>
$this->_Sasl($sasl->client_start());
=item _SendCommand ( $cmd, $parameter )
B<Description>: send a command. (protocol)
Send a command to the ARCv2 socket.
B<Returns:> true if successful, otherwise false
lib/Arc/Connection/Client.pm view on Meta::CPAN
##eg> return $this->_StepAuthentication(1);
sub _StepAuthentication
{
my $this = shift;
my $first = shift;
my $sasl = $this->{_sasl};
my $ret = 0;
my $str;
if ($first) {
$str = $sasl->client_start();
} else {
$str = $sasl->client_step(decode_base64($this->{_cmdparameter}));
}
$str = "" unless defined $str;
if ($sasl->need_step || $sasl->code == 0) {
if ($sasl->code == 0) {
$this->_Sasl($str) if $str ne "";
lib/Arc/Connection/Client.pm view on Meta::CPAN
## parses DONE\r\n, sent by the server.
## This is received when a command is done.
sub _RDONE
{
my $this = shift;
@{$this->{_exceptedcmds}} = qw(ERR CMD);
return 1;
}
## start an ARCv2 session.
## This function which will change the status of the connection into a
## authenticated status. Users have to call this function
## to be able to run ARCv2 commands afterwards.
##out> true if authentication was successful, otherwise false.
##eg> if ($arc->StartSession()) { .. }
sub StartSession
{
my $this = shift;
return $this->_SetError("There is already a command running.") if $this->IsConnected();
return $this->_SetError("Connection to host ",$this->{server},":",$this->{port}," failed") unless $this->_Connect();
lib/Arc/Connection/Client.pm view on Meta::CPAN
my $this = shift;
return unless $this->CommandStart(@_);
STDOUT->autoflush(1);
$this->_ReadWriteBinary(*STDIN,*STDOUT);
return $this->CommandEnd();
}
## start an ARCv2 command
## This function starts the given ARCv2 Command and enables the Command* functions.
##in> ... (command and its parameters)
##out> true if successful, false if not. (IsError is set appropriatly)
##eg> if ($arc->CommandStart()) { ... }
sub CommandStart
{
my $this = shift;
return $this->_SetError("You are not authenticated.") unless $this->{_authenticated};
return $this->_SetError("Already running a command.") if defined $this->{_cmdclientsock};
return unless @_;
return unless $this->_Cmd(@_);
while (!$this->{_error} && (not defined $this->{_cmdclientsock}) && (my $cmd = $this->_RecvCommand()) ) {
$this->_ProcessLine($cmd);
last if $cmd eq "DONE";
}
return 1 if defined $this->{_cmdclientsock};
return;
}
## write something to the command.
## Write something to the standard input of the command started by C<CommandStart>.
##in> ... (data)
##out> true if successful, false if not. (IsError is set appropriatly)
##eg> last unless $this->CommandWrite();
sub CommandWrite
{
my $this = shift;
return $this->_SetError("There is no command running.") unless defined $this->{_cmdclientsock};
return unless @_;
my $str = join("",@_);
lib/Arc/Connection/Client.pod view on Meta::CPAN
SASL-authenticated socket connection. The purpose is to convey
requests such as privileged commands (e.g. AFS, Crontab) to be executed on the
server under appropriate privileges. Given that all privileges are
confined to the server and the server can be programmed as to filter and
check the command to be executed, the client machine can be less trusted
than the server.
Because ARC-v1-Commands are written in perl anyway, implementing the client/server
in perl makes sense. Platform-independence and "easy-to-read" source code are welcome
too. This package provides two perl command line scripts (arcx, arcxd). They can
be used for working with the ARC server from the command line, resp. to start the
server.
=head1 SYNOPSIS
Arc::Connection::Client - Client class for ARCv2
my $arc = new Arc::Connection::Client(
server => "hyade11",
port => 4242,
timeout => 30,
lib/Arc/Connection/Client.pod view on Meta::CPAN
B<Returns:> if successful the received data is returned, otherwise false.
B<Example:>
while (my $data = $arc->CommandRead()) { ... }
=item CommandStart ( ... (command and its parameters) )
B<Description>: start an ARCv2 command
This function starts the given ARCv2 Command and enables the Command* functions.
B<Returns:> true if successful, false if not. (IsError is set appropriatly)
B<Example:>
if ($arc->CommandStart()) { ... }
=item CommandWrite ( ... (data) )
B<Description>: write something to the command.
Write something to the standard input of the command started by C<CommandStart>.
B<Returns:> true if successful, false if not. (IsError is set appropriatly)
B<Example:>
last unless $this->CommandWrite();
lib/Arc/Connection/Client.pod view on Meta::CPAN
B<Returns:> always true
B<Example:>
$arc->Quit();
=item StartSession ( )
B<Description>: start an ARCv2 session.
This function which will change the status of the connection into a
authenticated status. Users have to call this function
to be able to run ARCv2 commands afterwards.
B<Returns:> true if authentication was successful, otherwise false.
B<Example:>
lib/Arc/Connection/Client.pod view on Meta::CPAN
B<Example:>
if (my $line = $this->_RecvLine()) { ... }
=item _Sasl ( $saslstr ) I<inherited from Arc::Connection>
B<Description>: send the ARCv2 SASL command. (protocol)
This function encodes the output from sasl_*_start and sasl_*_step with Base-64 and sends
it to the other side
B<Returns:> true if successful, otherwise false
B<Example:>
$this->_Sasl($sasl->client_start());
=item _SendCommand ( $cmd, $parameter ) I<inherited from Arc::Connection>
B<Description>: send a command. (protocol)
Send a command to the ARCv2 socket.
B<Returns:> true if successful, otherwise false
lib/Arc/Connection/Server.pm view on Meta::CPAN
sub _StepAuthentication
{
my $this = shift;
my $first = shift;
my $sasl = $this->{_sasl};
my $ret = 0;
my $str;
if ($first) {
if ($this->{_cmdparameter} =~ /^\s+$/) {
$this->_Debug("No cmdparameter, plain server start.");
$str = $sasl->server_start();
} else {
$this->_Debug("SASL parameter is present.");
$str = $sasl->server_start(decode_base64($this->{_cmdparameter}));
}
} else {
$str = $sasl->server_step(decode_base64($this->{_cmdparameter}));
}
$str = "" unless defined $str;
if ($sasl->need_step || $sasl->code == 0) {
if ($sasl->code == 0) {
$this->_Sasl($str) if $str ne "";
lib/Arc/Connection/Server.pod view on Meta::CPAN
SASL-authenticated socket connection. The purpose is to convey
requests such as privileged commands (e.g. AFS, Crontab) to be executed on the
server under appropriate privileges. Given that all privileges are
confined to the server and the server can be programmed as to filter and
check the command to be executed, the client machine can be less trusted
than the server.
Because ARC-v1-Commands are written in perl anyway, implementing the client/server
in perl makes sense. Platform-independence and "easy-to-read" source code are welcome
too. This package provides two perl command line scripts (arcx, arcxd). They can
be used for working with the ARC server from the command line, resp. to start the
server.
=head1 SYNOPSIS
Arc::Connection::Server - Server handle for ARCv2.
This class is called by Arc::Server for each incoming connection.
=head1 Class VARIABLES
lib/Arc/Connection/Server.pod view on Meta::CPAN
B<Example:>
if (my $line = $this->_RecvLine()) { ... }
=item _Sasl ( $saslstr ) I<inherited from Arc::Connection>
B<Description>: send the ARCv2 SASL command. (protocol)
This function encodes the output from sasl_*_start and sasl_*_step with Base-64 and sends
it to the other side
B<Returns:> true if successful, otherwise false
B<Example:>
$this->_Sasl($sasl->client_start());
=item _SendCommand ( $cmd, $parameter ) I<inherited from Arc::Connection>
B<Description>: send a command. (protocol)
Send a command to the ARCv2 socket.
B<Returns:> true if successful, otherwise false
lib/Arc/Server.pm view on Meta::CPAN
server => undef, # attributes for Net::Server::PreFork
};
}
sub _Init
{
my $this = shift;
return unless $this->SUPER::_Init(@_);
return $this->_SetError("You have to specify at least the SASL mechs and the commands you want to run, to start the ARCv2 Server.")
unless $this->{connection_vars};
unless (defined $this->{server}->{host}) {
$this->Log(LOG_SIDE,"No host (listenaddress) specified, falling back to all addresses (0).");
$this->{server}->{host} = 0;
}
unless (defined $this->{server}->{port}) {
$this->Log(LOG_SIDE,"No port specified, falling back to standard port $Arc::DefaultPort.");
$this->{server}->{port} = [$Arc::DefaultPort];
}
# net::server::* initilizations
$this->{server}->{proto} = 'tcp';
$this->{server}->{listen} = SOMAXCONN;
$this->{server}->{child_communication} = undef,
}
## start the server
## This function is used by the user to start the server and enter the main accept-loop.
## Only by calling the C<Interrupt> function this call can be aborted.
##out> return true if everything worked fine, otherwise false is returned and C<IsError> should be checked.
##eg> $arc->Start();
sub Start
{
my $this = shift;
my $ct = $this->{connection_type};
eval "require $ct";
croak "Please \"use $ct\" before calling Start(): $@" if $@;
$this->run();
lib/Arc/Server.pod view on Meta::CPAN
SASL-authenticated socket connection. The purpose is to convey
requests such as privileged commands (e.g. AFS, Crontab) to be executed on the
server under appropriate privileges. Given that all privileges are
confined to the server and the server can be programmed as to filter and
check the command to be executed, the client machine can be less trusted
than the server.
Because ARC-v1-Commands are written in perl anyway, implementing the client/server
in perl makes sense. Platform-independence and "easy-to-read" source code are welcome
too. This package provides two perl command line scripts (arcx, arcxd). They can
be used for working with the ARC server from the command line, resp. to start the
server.
=head1 SYNOPSIS
Arc::Server - Class for the standalone server for ARCv2
my $arc = new Arc::Server(
port => [4242],
loglevel => 7,
logdestination => "stderr",
lib/Arc/Server.pod view on Meta::CPAN
=over 2
=item child_init_hook ( )
=item post_accept ( )
=item process_request ( )
=item Start ( )
B<Description>: start the server
This function is used by the user to start the server and enter the main accept-loop.
Only by calling the C<Interrupt> function this call can be aborted.
B<Returns:> return true if everything worked fine, otherwise false is returned and C<IsError> should be checked.
B<Example:>
$arc->Start();
lib/arcx.pod view on Meta::CPAN
This file is a basic command line interface for the ARCv2.
=head1 SYNOPSIS
The command line interface arcx:
=over 4
=item arcx
Connect to the default host, on the default port and start the interactive
ARC-shell (Term::ReadLine).
=item arcx -h arcserver -p 1234 vos release scripts
Connection arcserver:1234 and run the ARCv2 command "vos" with the
parameters "release scripts"
=item cat /etc/passwd | arcx put /default/etc/passwd
Pipe the content of /etc/passwd through the encrypted connection and let
lib/arcxd.pod view on Meta::CPAN
=head1 NAME
arcxd - standalone ARCv2 server
=head1 DESCRIPTION
This file is the scripts, which can be used, to start the ARCv2 server from the command line.
=head1 SYNOPSIS
This are some examples how to run the ARCv2 server.
=over 4
=item arcxd
Start the ARCv2 server. The server will listen on the DefaultPort and all local addresses.
scripts/arcx.conf view on Meta::CPAN
# a very simple config file, which lists servers and their ARCv2 commands
[server_command_map]
hekate.ifh.de:4243 = kstart,fs;vos:blah
hekate.ifh.de:4242 = fs;vos:blah
hekate2.ifh.de = whoami,test,
# fallback
hekate.ifh.de = *
scripts/arcxd.conf view on Meta::CPAN
vos = Fs
pv = Pv
chown = Unix
mkdir = Unix
rmdir = Unix
mv = Unix
acl = Acl
kstart = Arc::Command::Kstart
[logging]
level = 7
destination = syslog
scripts/arcxd.init.d.solaris view on Meta::CPAN
do
echo "PID: $x"
[ ! -z "$pid" ] && echo killing $x && kill $pid &
done
}
ARCXD_PATH=/opt/products/perl/5.8.2/scripts
case "$1" in
'start')
ps -ef | grep "$ARCXD_PATH/arcxd" | grep -v grep > /dev/null 2>&1
if [ $? -eq 0 ]
then
echo "arcxd daemon already running."
echo "please check if there are running both"
echo " one with default port and one with port 4243"
exit 1
fi
scripts/arcxd.init.d.solaris view on Meta::CPAN
echo "Starting arcx service ..."
$ARCXD_PATH/arcxd
# for batch jobs
$ARCXD_PATH/arcxd -p 4243
fi
;;
'stop')
killproc arcxd
;;
'restart')
$0 stop && sleep 3 && $0 start;;
*)
echo "Usage: /etc/init.d/init.arcxd { start | restart | stop }"
;;
esac
( run in 0.557 second using v1.01-cache-2.11-cpan-0d8aa00de5b )