4 # curvetun_ldap.pl: a minimal curvetun/clients generator that fetches
5 # user/pubkey entries from LDAP
8 # Copyright 2011 Daniel Borkmann <borkmann@gnumaniacs.org>
9 # Subject to the GNU GPL, version 2.
11 # Used attributes are 'uid' and 'public_ctun_key', but they may be changed
12 # int the source, of course. For Debian users: apt-get install libnet-ldap-perl
21 my ($server, $base, $filter, $file);
23 my $client_name_attr = "uid";
24 my $client_pkey_attr = "public_ctun_key";
28 print "\ncurvetun_ldap.pl, LDAP client file generator\n";
29 print "http://www.netsniff-ng.org\n\n";
30 print "Usage: curvetun_ldap.pl [options]\n";
32 print " -s <ldap-server> LDAP server\n";
33 print " -p <ldap-port> LDAP port (default: 389)\n";
34 print " -b <string> LDAP base domain\n";
35 print " -f <string> LDAP filter expression\n";
36 print " -o <file> Output curvetun client file\n";
37 print " -h Show this help\n";
40 print " curvetun_ldap.pl -s ldap.host.ch \\\n";
41 print " -b \"l=Bar,ou=Fu,o=Host,c=CH\" \\\n";
42 print " -f \"(cn=*)\" -o ~/.curvetun/clients\n";
44 print "Please report bugs to <bugs\@netsniff-ng.org>\n";
45 print "Copyright (C) 2011 Daniel Borkmann <dborkma\@tik.ee.ethz.ch>,\n";
46 print "Swiss federal institute of technology (ETH Zurich)\n";
47 print "License: GNU GPL version 2\n";
48 print "This is free software: you are free to change and redistribute it.\n";
49 print "There is NO WARRANTY, to the extent permitted by law.\n\n";
54 getopt
('hs:p:b:f:o:', \
%opts);
55 if ((not $opts{s
} and not $opts{b
} and not $opts{f
}) or
61 $port = $opts{p
} if $opts{p
};
64 $file = $opts{o
} if $opts{o
};
71 open FH
, ">", $file or die $!;
73 $ldap = Net
::LDAP
->new($server, port
=> $port, timeout
=> 30) or die "$!";
74 $ldap->bind(version
=> 3);
75 $res = $ldap->search(filter
=> $filter, base
=> $base);
76 if ($res->count == 0) {
77 die "No results from LDAP query!\n";
79 @entries = $res->entries;
80 foreach my $entry (@entries) {
81 next if (not $entry->get_value($client_name_attr) or
82 not $entry->get_value($client_pkey_attr));
84 print FH
$entry->get_value($client_name_attr).";".
85 $entry->get_value($client_pkey_attr)."\n";
87 print $entry->get_value($client_name_attr).";".
88 $entry->get_value($client_pkey_attr)."\n";