forked from seccubus/seccubus
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathSeccubusV2.pm
133 lines (96 loc) · 2.95 KB
/
SeccubusV2.pm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
# ------------------------------------------------------------------------------
# Copyright 2017 Frank Breedijk, Glenn ten Cate
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
package SeccubusV2;
=head1 NAME $RCSfile: SeccubusV2.pm,v $
This Pod documentation generated from the module SeccubusV2 gives a list of all
functions within the module.
=cut
@ISA = ('Exporter');
@EXPORT = qw(
VERSION
get_config
check_param
);
use XML::Simple;
use Data::Dumper;
our $config = "config.xml"; # Change this value to match your setup
# if your configuration file cannot be
# found
$config = "/home/seccubus/etc/config.xml" unless -e $config;
# Bug #62 - /home/seccubus/etc missing
$config = "/etc/seccubus/config.xml" unless -e $config;
$config = "/opt/seccubus/etc/config.xml" unless -e $config;
# This line should prevent issue 21 dummy.config.xml should never exist
$config = "etc/dummy.config.xml" unless -e $config;
# Module directory
use lib "/opt/seccubus/SeccubusV2";
push (@main::INC, @INC);
$VERSION = '2.29';
use strict;
use Carp;
#use SeccubusConfig;
use SeccubusHelpers;
push (@main::INC, @INC);
if ( ! $ENV{REMOTE_USER} ) {
my $conf = get_config();
if ( $config->{auth}->{http_auth_header} && $ENV{"HTTP_" . $conf->{auth}->{http_auth_header}} ) {
# A REMOTE_USER header is sent
$ENV{REMOTE_USER} = $ENV{"HTTP_" . $conf->{auth}->{http_auth_header}};
} else {
$ENV{REMOTE_USER} = "admin" # Run as admin user if the web server auth is not setup
}
}
check_config();
=head1 Utility functions
=head2 get_config
=over 2
=item Returns
Reference to a hash containing the config in XML
=back
=cut
sub get_config() {
if ( ! ref($config) ) {
$config = XMLin($config, ForceArray => [qw(monkey)], KeyAttr => [ qw(id) ], SuppressEmpty => '');
}
return $config;
}
=head2 check_param
Function to check CGI parameters
=over 2
=item Parameters
=over 4
=item name - name of the parameter
=item value - value of the parameter
=item is_numeric - Optional parameter, if set the function checks if the parameter is numeric
=item Returns
False if parameter is ok, error text if otherwise
=back
=cut
sub check_param($$;$) {
my $name = shift or die "No name provided";
my $value = shift;
my $is_numeric = shift;
if ( not defined $value ) {
return "Parameter $name is missing";
} elsif ( $is_numeric ) {
if ( $value + 0 eq $value ) {
return undef;
} else {
return "Parameter $name is not numeric";
}
}
}
# Close the PM file.
return 1;