-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathlaps_model.php
executable file
·109 lines (90 loc) · 3.56 KB
/
laps_model.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
<?php
use CFPropertyList\CFPropertyList;
use Defuse\Crypto\Crypto;
use Defuse\Crypto\Key;
class Laps_model extends \Model
{
private $cryptokey;
public function __construct($serial = '')
{
parent::__construct('id', 'laps'); //primary key, tablename
$this->rs['id'] = 0;
$this->rs['serial_number'] = $serial;
$this->rs['useraccount'] = '';
$this->rs['password'] = '';
$this->rs['dateset'] = '';
$this->rs['dateexpires'] = '';
$this->rs['days_till_expiration'] = '';
$this->rs['pass_length'] = '';
$this->rs['alpha_numeric_only'] = 1; //Boolean
$this->rs['script_enabled'] = 1; //Boolean
$this->rs['keychain_remove'] = 1; //Boolean
$this->rs['remote_management'] = 1; //Boolean
$this->rs['audit'] = '';
$this->module_dir = dirname(__FILE__);
// Add local config
configAppendFile(__DIR__ . '/config.php');
// Check if encryption key exists
if( ! conf('laps_encryption_key')){
throw new \Exception("No LAPS encryption key found in config", 1);
}
// Load encryption key from config.php
$cryptokey = Key::loadFromAsciiSafeString(conf('laps_encryption_key'));
// Retrieve data
if ($serial) {
$this->retrieve_record($serial);
}
$this->serial = $serial;
}
// Process audit trail
public function process_audit($data)
{
// Add audit trail JSON to machine record
$this->audit = json_encode($data);
// Save the data
$this->save();
}
// Process admin save
public function process_admin_save($data)
{
// Save new data to machine record
if (array_key_exists('dateexpires', $data)) {
$this->dateexpires = $data->dateexpires;
}
$this->days_till_expiration = $data->days_till_expiration;
$this->pass_length = $data->pass_length;
$this->alpha_numeric_only = $data->alpha_numeric_only;
$this->script_enabled = $data->script_enabled;
$this->keychain_remove = $data->keychain_remove;
// Save the data
$this->save();
}
// Process incoming plist data
public function process($data)
{
$parser = new CFPropertyList();
$parser->parse($data);
$plist = $parser->toArray();
// Check if password key exists, only save if it does
if (array_key_exists('password', $plist)) {
// Process each item for saving into the database
foreach (array('useraccount', 'password', 'dateset', 'dateexpires', 'days_till_expiration', 'pass_length', 'alpha_numeric_only', 'script_enabled', 'keychain_remove', 'remote_management') as $item) {
if (isset($plist[$item])) {
$this->$item = $plist[$item];
} else {
$this->$item = '';
}
}
// Check if encryption key exists
if( ! conf('laps_encryption_key')){
throw new \Exception("No LAPS encryption key found in config", 1);
}
// Load encryption key from config.php
$cryptokey = Key::loadFromAsciiSafeString(conf('laps_encryption_key'));
// Encrypt password
$this->password = Crypto::encrypt($this->password, $cryptokey);
// Save the data, because we can't lose the password
$this->save();
}
}
}