Top Level Namespace

Instance Method Summary

• #_host ⇒ Object
• #_lu_password ⇒ Object
• #_port ⇒ Object
• #_ru_password ⇒ Object
• #add_nl(s) ⇒ Object
• #become_root ⇒ Object
• #debug(string) ⇒ Object
• #disable_echo(&block) ⇒ Object
• #extract_action(raw_assignment) ⇒ Object
• #extract_cff_profiles(raw_proxy_profile) ⇒ Object
• #extract_profiles(http) ⇒ Object
• #fingerprint_prompt?(string) ⇒ Boolean
• #get(x, command = 'get') ⇒ Object
• #get_action(raw_assignment) ⇒ Object
• #get_comment(raw) ⇒ Object
• #get_name(raw) ⇒ Object
• #get_object(x) ⇒ Object
• #log(string = String.new) ⇒ Object
• #log_accessed?(action) ⇒ Boolean
• #log_blocked?(action) ⇒ Boolean
• #login ⇒ Object
• #print_raction(raw_action) ⇒ Object
• #print_results(results) ⇒ Object
• #prompt(question, password = false) ⇒ Object
• #run ⇒ Object
• #search_profiles(profiles) ⇒ Object
• #until_prompt(prompt) ⇒ Object

Instance Method Details

#_host ⇒ Object

# File 'lib/utm-plc.rb', line 25

def _host; 					prompt('Which host?: ') end

#_lu_password ⇒ Object

# File 'lib/utm-plc.rb', line 27

def _lu_password;   prompt('What is the password for loginuser?: ', true) end

#_port ⇒ Object

# File 'lib/utm-plc.rb', line 26

def _port;					prompt('What port?: ')  end

#_ru_password ⇒ Object

# File 'lib/utm-plc.rb', line 28

def _ru_password; 	prompt('What is the password for root?: ', true) end

#add_nl(s) ⇒ Object

# File 'lib/utm-plc.rb', line 42

def add_nl s
	#append a "\n" (newline) to a string if it doesn't already end with one.
	(s[/\\n$/].nil? ? s+"\n" : s)
end

#become_root ⇒ Object

# File 'lib/utm-plc.rb', line 67

def become_root
	log "Using su to become root..."
	$in.printf( "su\n" )
	debug until_prompt( 'Password:' )
	$in.printf( "#{_ru_password}\n" )
	debug until_prompt( '/home/login #' )
	log "Am now root."
end

#debug(string) ⇒ Object

# File 'lib/utm-plc.rb', line 54

def debug string
	if $logging and $debugging
		printf add_nl(string) 
	end
	string
end

#disable_echo(&block) ⇒ Object

# File 'lib/utm-plc.rb', line 33

def disable_echo &block
	system('stty -echo')
	x=yield
	system('stty echo')
	#so that the next line doesn't start on the same line as the password prompt
	log
	x
end

#extract_action(raw_assignment) ⇒ Object

# File 'lib/utm-plc.rb', line 95

def extract_action raw_assignment
	raw_assignment[/'action' => '[^']*/].gsub(/'action' => '/,'').strip
end

#extract_cff_profiles(raw_proxy_profile) ⇒ Object

# File 'lib/utm-plc.rb', line 87

def extract_cff_profiles raw_proxy_profile
	log "Found cff_profiles: "
	cff_p=raw_proxy_profile[/'cff_profiles' => \[[^\]]*/].gsub( "'cff_profiles' => \[",'' ).
		strip.gsub(',','').strip.gsub(/^'/,'').gsub(/'$/,'').strip.gsub(/^'/,'').gsub(/'$/,'')
	log "               -- "+cff_p
	cff_p
end

#extract_profiles(http) ⇒ Object

# File 'lib/utm-plc.rb', line 76

def extract_profiles http
	debug "Extracting profiles from 'http'="
	profiles=http[/'profiles' => \[[^\]]*/].gsub( "'profiles' => \[",'' ).split(',').collect {|p| 
		p.strip.gsub(/^'/,'').gsub(/'$/,'') 
	}
	log "Found #{profiles.size} profiles:"
	profiles.each {|p|
	    log "               -- "+p
	}
end

#fingerprint_prompt?(string) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/utm-plc.rb', line 175

def fingerprint_prompt? string
	!string[/\(yes\/no\)\?/].nil?
end

#get(x, command = 'get') ⇒ Object

# File 'lib/utm-plc.rb', line 148

def get x, command='get'
	debug "Running: 'cc #{command} #{x}'..."
	$in.printf("cc #{command} #{x}\n")
	debug until_prompt(':/home/login #')
end

#get_action(raw_assignment) ⇒ Object

# File 'lib/utm-plc.rb', line 167

def get_action raw_assignment
	raw_assignment[/'action' => '[^']*/].gsub(/'action' => '/,'').strip
end

#get_comment(raw) ⇒ Object

# File 'lib/utm-plc.rb', line 163

def get_comment raw
	raw[/'comment' => '[^']*/].gsub(/'comment' => '/,'')
end

#get_name(raw) ⇒ Object

# File 'lib/utm-plc.rb', line 159

def get_name raw
	raw[/'name' => '[^']*/].gsub(/'name' => '/,'')
end

#get_object(x) ⇒ Object

# File 'lib/utm-plc.rb', line 171

def get_object x
	get x, 'get_object'
end

#log(string = String.new) ⇒ Object

# File 'lib/utm-plc.rb', line 47

def log string=String.new
	if $logging==true
		printf add_nl(string)
	end
	string
end

#log_accessed?(action) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/utm-plc.rb', line 123

def log_accessed? action
	if action[/'log_access' => \d/].nil?
		raise ArgumentError "log_accessed?(action): action doesn't contain a 'log_access' attribute?"
	end
	action[/'log_access' => \d/].gsub(/'log_access' => /,'')=='1'
end

#log_blocked?(action) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/utm-plc.rb', line 130

def log_blocked? action
	if action[/'log_blocked' => \d/].nil?
		raise ArgumentError "log_blocked?(action): action doesn't contain a 'log_blocked' attribute?"
	end
	action[/'log_blocked' => \d/].gsub(/'log_blocked' => /,'')=='1'
end

#login ⇒ Object

# File 'lib/utm-plc.rb', line 61

def login
	log "Logging in as loginuser..."
	$in.printf( _lu_password + "\n" )
	debug until_prompt( '/home/login >' )
end

#print_raction(raw_action) ⇒ Object

# File 'lib/utm-plc.rb', line 154

def print_raction raw_action
	log "Name: #{get_name(raw_action)}"
	log "Comment: #{get_comment(raw_action)}"
end

#print_results(results) ⇒ Object

# File 'lib/utm-plc.rb', line 137

def print_results results
	log "\n\nPrinting results:"
	results.each {|action|
		if !log_accessed?(action)
			log "Please activate the 'Log Accessed Pages' option for the Web Filter Action named: #{get_name(action)}"
		elsif !log_blocked?(action)
			log "Please activate the 'Log Blocked Pages' option for the Web Filter Action named: #{get_name(action)}"
		end
	}
end

#prompt(question, password = false) ⇒ Object

# File 'lib/utm-plc.rb', line 202

def prompt question, password=false
	printf question
	if password==true
		disable_echo {
			(s=gets.strip).empty? ? prompt(question) : s
		}
	else
		(s=gets.strip).empty? ? prompt(question) : s
	end
end

#run ⇒ Object

# File 'lib/utm-plc.rb', line 213

def run 
	PTY.spawn("ssh -p #{_port} loginuser@#{_host}") {|stdout,stdin,pid|
		old_out=$out; $out=stdout
		old_in=$in;   $in =stdin
		$logging=true

		debug( until_prompt('password:') )
		login
		become_root

		#Because the main Web Filter is treated as a profile, this
		#will operate on all Web Filters and proxy profiles.
	  results= search_profiles( extract_profiles( get('http') ) )

		print_results( results )

		stdin.printf( "exit\n" )
		until_prompt( ":/home/login >" )
		stdin.printf( "exit\n" )

		$out=old_out
		$in=old_in
	}
	log 'Done'
end

#search_profiles(profiles) ⇒ Object

# File 'lib/utm-plc.rb', line 99

def search_profiles profiles
	if profiles.class!=Array
		raise ArgumentError "search_profiles(profiles): 'profiles' must be an array but it's something else, possibly a cheeseburger..."
	elsif profiles.empty?
		raise ArgumentError "search_profiles(profiles): 'profiles' must be a non-empty array! What have you done?!?"
	end
	results=[]
	profiles.each {|profile|
		debug raw_proxy_profile=get_object(profile)
		log "\nChecking profile: #{get_name(raw_proxy_profile)}"
		debug raw_assignment=get_object( extract_cff_profiles(raw_proxy_profile) )
		log "Got the assignment for that profile..."
		action= get_action(raw_assignment)
		raw_action= get_object( extract_action(raw_assignment) )
		log "Got the action for that assignment..."

		if !log_accessed?(raw_action) || !log_blocked?(raw_action)
			log "Found an action that isn't logging everything: #{get_name(raw_action)}"
			results << raw_action
		end
	}
	results
end

#until_prompt(prompt) ⇒ Object

# File 'lib/utm-plc.rb', line 179

def until_prompt( prompt )
	buffer= ""
	begin
		Timeout.timeout( 5 ) {
			loop do
				buffer << $out.getc.chr
				if fingerprint_prompt?(buffer)
					printf "SSH Fingerprint prompt detected.\nPlease SSH to this system at least once before using this program to verify the SSH fingerprint manually, then run this program again.\n\n"
					exit
				end
				break if buffer =~ Regexp.new(prompt)
			end
		}
		buffer
	rescue Timeout::Error => error
		printf "Error - Timed out waiting for \"#{prompt.gsub('"','\"') }\", printing stacktrace...\n "
    printf error.backtrace.join("\n") + "\n" 
		printf "Dumping buffer...\n"
		pp buffer
		printf "-------\n\n"
	end	
end