From 4f9776c6df2439c41415cabd0c4dc972e0575fc4 Mon Sep 17 00:00:00 2001
From: Ken Moore <moorekou@gmail.com>
Date: Tue, 17 May 2016 11:33:09 -0400
Subject: [PATCH] Finish up all the new CLI options for sysadm-bridge: 1) Add a
 "-h" or "help" option which lists all the current CLI flags and their usage.
 2) Adjust the "-import_ssl_file" and "-import_ssl_pubkey" options to now take
 2 argument, with the first being some nickname for the key. 3) Add a
 "-remove_ssl [nickname]" option for removing a key.

---
 src/bridge/main.cpp | 62 ++++++++++++++++++++++++++++++++++-----------
 1 file changed, 47 insertions(+), 15 deletions(-)

diff --git a/src/bridge/main.cpp b/src/bridge/main.cpp
index 07cfdd6..822c38d 100644
--- a/src/bridge/main.cpp
+++ b/src/bridge/main.cpp
@@ -14,7 +14,7 @@
 #define USELOG 1 //turn this to "0" for dumping all output to the CLI (for debugging)
 
 //Create any global classes/settings
-QSettings *CONFIG = new QSettings(SETTINGSFILE, QSettings::IniFormat);
+QSettings *CONFIG = new QSettings("sysadm","bridge");
 AuthorizationManager *AUTHSYSTEM = new AuthorizationManager();
 
 //Create the default logfile
@@ -43,9 +43,25 @@ void MessageOutput(QtMsgType type, const QMessageLogContext &context, const QStr
   out << txt;
   if(!txt.endsWith("\n")){ out << "\n"; }
 }
+void showUsage(){
+qDebug() << "sysadm-bridge usage:";
+qDebug() << "Starting the bridge:";
+qDebug() << "    \"sysadm-bridge [-port <portnumber>]\"";
+qDebug() << "CLI flags for configuring the bridge:";
+qDebug() << "  \"-h\" or \"help\": Show this help text";
+qDebug() << "  \"-import_ssl_file <nickname> <filepath>\": Loads a .crt or .key file and enables the public key for authorization access later";
+qDebug() << "  \"-import_ssl_pubkey <nickname> <key>\": Enables the public key for authorization access later";
+qDebug() << "  \"-list_ssl\":  Show all known SSL keys";
+qDebug() << "  \"-remove_ssl <nickname>\": Removes a public key from allowing authorization access";
+qDebug() << "  \"-set <variable>=<value>\": Used for adjusting individual settings for the bridge";
+qDebug() << "  - Possible variables:";
+qDebug() << "    \"blacklist/block_minutes\" (integer): Number of minutes a system remains on the automatic blacklist";
+qDebug() << "    \"blacklist/fails_to_block\" (integer): Number of times a system must fail authentication to be placed on blacklist";
+}
 
 int main( int argc, char ** argv )
 {
+  qDebug() << "Using Config file:" << CONFIG->fileName();
     //Evaluate input arguments
     quint16 port = 12149; //port number
     bool settingchange = false;
@@ -57,13 +73,17 @@ int main( int argc, char ** argv )
 	qDebug() << "Changing bridge setting:" << info;
         if(var=="blacklist/block_minutes"){ CONFIG->setValue("blacklist_settings/block_minutes",val.toInt()); }
         else if(var=="blacklist/fails_to_block"){ CONFIG->setValue("blacklist_settings/fails_to_block",val.toInt()); }
-        //else if(var=="blacklist_settings/block_minutes"){ CONFIG->setValue("blacklist_settings/block_minutes",val.toInt()); }
       }
+ // -------------------------
+      else if( QString(argv[i])=="-h" || QString(argv[i]).contains("help") ){ showUsage(); return 0; }
+ // -------------------------
       else if( (QString(argv[i])=="-port" || QString(argv[i])=="-p") && (i+1<argc)){ i++; port = QString(argv[i]).toUInt(); }
+ // -------------------------
       else if( QString(argv[i])=="-set" && i+1<argc){ settingchange = true; }
-      else if( QString(argv[i])=="-import_ssl_file" && i+1<argc){
-        i++;
-        QFile file(argv[i]);
+ // -------------------------
+      else if( QString(argv[i])=="-import_ssl_file" && i+2<argc){
+        i++; QString id = QString(argv[i]);
+	i++; QFile file(argv[i]);
  	if(!file.open(QIODevice::ReadOnly)){ qDebug() << "Could not open file:" << file.fileName(); }
         else{
           QString enc_key;
@@ -71,29 +91,41 @@ int main( int argc, char ** argv )
           else if(file.fileName().endsWith(".key")){ QSslKey key(&file); enc_key = QString(key.toPem().toBase64());  }
           if(enc_key.isEmpty()){ qDebug() << "Could not read key (need .crt or .key file)"; }
           else{
-            qDebug() << "Registered Key:" << enc_key << "(base64)";
-            CONFIG->setValue("RegisteredCerts/cli-import/"+enc_key, "Date Registered: "+QDateTime::currentDateTime().toString(Qt::ISODate) );
+            qDebug() << "Registered Key:" << id << enc_key << "(base64)";
+            QStringList dupkeys = CONFIG->allKeys().filter("RegisteredCerts/"+id+"/");
+            for(int i=0; i<dupkeys.length(); i++){ CONFIG->remove(dupkeys[i]); }
+            CONFIG->setValue("RegisteredCerts/"+id+"/"+enc_key, "Date Registered: "+QDateTime::currentDateTime().toString(Qt::ISODate) );
           }
 	}
         settingchange=true;
-
-      }else if( QString(argv[i])=="-import_ssl_pubkey" && i+1<argc){
-        i++;
-        QString enc_key = QByteArray(argv[i]).toBase64();
-        CONFIG->setValue("RegisteredCerts/cli-import/"+enc_key, "Date Registered: "+QDateTime::currentDateTime().toString(Qt::ISODate) );
-        qDebug() << "Registered Key:" << enc_key << "(base64)";
+ // -------------------------
+      }else if( QString(argv[i])=="-import_ssl_pubkey" && i+2<argc){
+        i++;  QString id = QString(argv[i]);
+        i++;  QString enc_key = QByteArray(argv[i]).toBase64();
+        qDebug() << "Registered Key:" << id << enc_key << "(base64)";
+        QStringList dupkeys = CONFIG->allKeys().filter("RegisteredCerts/"+id+"/");
+        for(int i=0; i<dupkeys.length(); i++){ CONFIG->remove(dupkeys[i]); }
+        CONFIG->setValue("RegisteredCerts/"+id+"/"+enc_key, "Date Registered: "+QDateTime::currentDateTime().toString(Qt::ISODate) );
         settingchange=true;
-
+ // -------------------------
       }else if( QString(argv[i])=="-list_ssl" ){
         qDebug() << "Known SSL Keys (base64)";
         settingchange = true;
         QStringList keys = QStringList(CONFIG->allKeys());//.filter("RegisteredCerts/");
         for(int i=0; i<keys.length(); i++){
-          qDebug() << keys[i].section("/",2,-1) << CONFIG->value(keys[i]).toString();
+          qDebug() << keys[i].section("/",1,1) << keys[i].section("/",2,-1) << CONFIG->value(keys[i]).toString();
         }
+ // -------------------------
+      }else if( QString(argv[i])=="-remove_ssl" && i+1<argc){
+        i++; QString id = QString(argv[i]);
+        settingchange = true;
+        QStringList dupkeys = CONFIG->allKeys().filter("RegisteredCerts/"+id+"/");
+        for(int i=0; i<dupkeys.length(); i++){ qDebug() << "Removed Key:" << dupkeys[i].section("/",2,-1); CONFIG->remove(dupkeys[i]); }
+ // -------------------------
       }else{
         qDebug() << "Unknown Option:" << argv[i];
       }
+ // -------------------------
     } //end loop over argc
     if(settingchange){ CONFIG->sync(); return 0; }