Updated shell scripts to be compatible with HTTP Digest authentication

Because curl and wget do not let use a hashed password as parameter,
YaCy shell scripts which require authentication are now interactive by
default when HTTP Digest is the only available authentication method.
Batch mode can still be available trough the use of an environment
variable : YACY_ADMIN_PASSWORD.  

Other improvements :
 - added backward compatibility for Basic Authentication
 - fixed curl/wget presence detection 
 - do not return with exit code 0 when an API call failed, and print an
error message when the case occurs
 - documented available authentication options for API calls
pull/122/head
luccioman 8 years ago
parent bdadbda5fa
commit 29e5110627

@ -1,14 +1,48 @@
#!/usr/bin/env sh #!/usr/bin/env sh
# Call an HTTP API on the local YaCy peer, authenticated as administrator
#
# Authentication options :
# - enable unauthenticated local access as administrator : set adminAccountForLocalhost=true in the DATA/SETTINGS/yacy.conf file
# - OR use the legacy Basic HTTP authentication mode (unsecured for remote access): set the "auth-method" to BASIC in the defaults/web.xml file
# - OR use the Digest HTTP authentication mode : set the "auth-method" to DIGEST in the defaults/web.xml file.
# With that last option, the script will run in interactive mode as default, prompting for the administrator password.
# To run in batch mode, you must first export an environment variable filled with the clear-text administrator password before using this script :
# For example with > export YACY_ADMIN_PASSWORD=your_admin_password
#
cd "`dirname $0`" cd "`dirname $0`"
port=$(grep ^port= ../DATA/SETTINGS/yacy.conf |cut -d= -f2) port=$(grep ^port= ../DATA/SETTINGS/yacy.conf |cut -d= -f2)
admin=$(grep ^adminAccountUserName= ../DATA/SETTINGS/yacy.conf |cut -d= -f2) admin=$(grep ^adminAccountUserName= ../DATA/SETTINGS/yacy.conf |cut -d= -f2)
pw=$(grep ^adminAccountBase64MD5= ../DATA/SETTINGS/yacy.conf |cut -d= -f2) adminAccountForLocalhost=$(grep ^adminAccountForLocalhost= ../DATA/SETTINGS/yacy.conf | cut -d= -f2)
if grep "<auth-method>BASIC</auth-method>" ../defaults/web.xml > /dev/null; then
# When authentication method is in basic mode, use directly the password hash from the configuration file
YACY_ADMIN_PASSWORD=$(grep ^adminAccountBase64MD5= ../DATA/SETTINGS/yacy.conf |cut -d= -f2)
fi
if which curl &>/dev/null; then if which curl > /dev/null; then
curl -s -u $admin:$pw "http://127.0.0.1:$port/$1" if [ "$adminAccountForLocalhost" = "true" ]; then
elif which wget &>/dev/null; then # localhost access as administrator without authentication is enabled
wget -q -t 1 --timeout=120 --http-user $admin --http-password $pw "http://127.0.0.1:$port/$1" -O - curl -sSf "http://127.0.0.1:$port/$1"
elif [ -n "$YACY_ADMIN_PASSWORD" ]; then
# admin password is provided as environment variable : let's use it
curl -sSf --anyauth -u "$admin:$YACY_ADMIN_PASSWORD" "http://127.0.0.1:$port/$1"
else
# no password environment variable : it will be asked interactively
curl -sSf --anyauth -u "$admin" "http://127.0.0.1:$port/$1"
fi
elif which wget > /dev/null; then
if [ "$adminAccountForLocalhost" = "true" ]; then
# localhost access as administrator without authentication is enabled
wget -nv -t 1 --timeout=120 "http://127.0.0.1:$port/$1" -O -
elif [ -n "$YACY_ADMIN_PASSWORD" ]; then
# admin password is provided as environment variable : let's use it
wget -nv -t 1 --timeout=120 --http-user "$admin" --http-password "$YACY_ADMIN_PASSWORD" "http://127.0.0.1:$port/$1" -O -
else
# no password environment variable : it will be asked interactively
wget -nv -t 1 --timeout=120 --http-user "$admin" --ask-password "http://127.0.0.1:$port/$1" -O -
fi
else else
echo "Please install curl or wget" > /dev/stderr
exit 1 exit 1
fi fi

@ -1,12 +1,49 @@
#!/usr/bin/env sh #!/usr/bin/env sh
# Call an HTTP API on the local YaCy peer, authenticated as administrator, then print the result on the standard output
# Almost the same as apicall.sh, except that wget doesn't print information messages to the standard output, only the result
#
# Authentication options :
# - enable unauthenticated local access as administrator : set adminAccountForLocalhost=true in the DATA/SETTINGS/yacy.conf file
# - OR use the legacy Basic HTTP authentication mode (unsecured for remote access): set the "auth-method" to BASIC in the defaults/web.xml file
# - OR use the Digest HTTP authentication mode : set the "auth-method" to DIGEST in the defaults/web.xml file.
# With that last option, the script will run in interactive mode as default, prompting for the administrator password.
# To run in batch mode, you must first export an environment variable filled with the clear-text administrator password before using this script :
# For example with > export YACY_ADMIN_PASSWORD=your_admin_password
#
cd "`dirname $0`" cd "`dirname $0`"
port=$(grep ^port= ../DATA/SETTINGS/yacy.conf |cut -d= -f2) port=$(grep ^port= ../DATA/SETTINGS/yacy.conf |cut -d= -f2)
pw=$(grep ^adminAccountBase64MD5= ../DATA/SETTINGS/yacy.conf |cut -d= -f2) admin=$(grep ^adminAccountUserName= ../DATA/SETTINGS/yacy.conf |cut -d= -f2)
adminAccountForLocalhost=$(grep ^adminAccountForLocalhost= ../DATA/SETTINGS/yacy.conf | cut -d= -f2)
if grep "<auth-method>BASIC</auth-method>" ../defaults/web.xml > /dev/null; then
# When authentication method is in basic mode, use directly the password hash from the configuration file
YACY_ADMIN_PASSWORD=$(grep ^adminAccountBase64MD5= ../DATA/SETTINGS/yacy.conf |cut -d= -f2)
fi
if which curl &>/dev/null; then if which curl > /dev/null; then
curl -s --header "Authorization: realm=$pw" "http://127.0.0.1:$port/$1" if [ "$adminAccountForLocalhost" = "true" ]; then
elif which wget &>/dev/null; then # localhost access as administrator without authentication is enabled
wget -q -t 1 --timeout=5 --header "Authorization: realm=$pw" "http://127.0.0.1:$port/$1" curl -sSf "http://127.0.0.1:$port/$1"
elif [ -n "$YACY_ADMIN_PASSWORD" ]; then
# admin password is provided as environment variable : let's use it
curl -sSf --anyauth -u "$admin:$YACY_ADMIN_PASSWORD" "http://127.0.0.1:$port/$1"
else
# no password environment variable : it will be asked interactively
curl -sSf --anyauth -u "$admin" "http://127.0.0.1:$port/$1"
fi
elif which wget > /dev/null; then
if [ "$adminAccountForLocalhost" = "true" ]; then
# localhost access as administrator without authentication is enabled
wget -q -t 1 --timeout=120 "http://127.0.0.1:$port/$1" -O -
elif [ -n "$YACY_ADMIN_PASSWORD" ]; then
# admin password is provided as environment variable : let's use it
wget -q -t 1 --timeout=120 --http-user "$admin" --http-password "$YACY_ADMIN_PASSWORD" "http://127.0.0.1:$port/$1" -O -
else
# no password environment variable : it will be asked interactively
wget -q -t 1 --timeout=120 --http-user "$admin" --ask-password "http://127.0.0.1:$port/$1" -O -
fi
else else
echo "Please install curl or wget" > /dev/stderr
exit 1 exit 1
fi fi

@ -1,11 +1,13 @@
#!/usr/bin/env sh #!/usr/bin/env sh
cd "`dirname $0`" cd "`dirname $0`"
port=$(grep ^port= ../DATA/SETTINGS/yacy.conf |cut -d= -f2) port=$(grep ^port= ../DATA/SETTINGS/yacy.conf |cut -d= -f2)
if which curl &>/dev/null; then
if which curl > /dev/null; then
curl -s "http://localhost:$port/Network.xml?page=2&ip=" | awk '/<address>/{ gsub("<address>","" );gsub("<\/address>","" ); print $0 }' | awk '{print $1}' curl -s "http://localhost:$port/Network.xml?page=2&ip=" | awk '/<address>/{ gsub("<address>","" );gsub("<\/address>","" ); print $0 }' | awk '{print $1}'
elif which wget &>/dev/null; then elif which wget > /dev/null; then
wget -q -O - "http://localhost:$port/Network.xml?page=2&ip=" | awk '/<address>/{ gsub("<address>","" );gsub("<\/address>","" ); print $0 }' | awk '{print $1}' wget -q -O - "http://localhost:$port/Network.xml?page=2&ip=" | awk '/<address>/{ gsub("<address>","" );gsub("<\/address>","" ); print $0 }' | awk '{print $1}'
else else
echo "Please install curl or wget" > /dev/stderr
exit 1 exit 1
fi fi

@ -1,4 +1,12 @@
#!/usr/bin/env sh #!/usr/bin/env sh
cd "`dirname $0`" cd "`dirname $0`"
./apicall.sh "/ConfigAccounts_p.html?setAdmin=&adminuser=admin&adminpw1=$1&adminpw2=$1&access=" > /dev/null
echo "Password for User Name 'admin' set to '$1'" if [ -z "$1" ]; then
echo "Usage : ./passwd.sh NEW_PASSWORD"
exit 2
fi
(./apicall.sh "ConfigAccounts_p.html?setAdmin=&adminuser=admin&adminpw1=$1&adminpw2=$1&access=" > /dev/null && \
echo "Password for User Name 'admin' set to '$1'") || \
(echo "Password setting failed" && \
exit 1)

@ -1,19 +1,19 @@
#!/usr/bin/env sh #!/usr/bin/env sh
cd "`dirname $0`" cd "`dirname $0`"
if which curl &>/dev/null; then if which curl > /dev/null; then
while getopts "ys" opt; do while getopts "ys" opt; do
case $opt in case $opt in
y) y)
shift; shift;
curl -s "http://$1/yacysearch.rss?query=$2" | awk '/^<link>/{ gsub("<link>","" );gsub("<\/link>","" ); print $0 }' curl -sSf "http://$1/yacysearch.rss?query=$2" | awk '/^<link>/{ gsub("<link>","" );gsub("<\/link>","" ); print $0 }'
;; ;;
s) s)
shift; shift;
curl -s "http://$1/solr/select?q=text_t:$2&start=0&rows=100&fl=sku&wt=rss" | awk '/^<link>/{ gsub("<link>","" );gsub("<\/link>","" ); print $0 }' curl -sSf "http://$1/solr/select?q=text_t:$2&start=0&rows=100&fl=sku&wt=rss" | awk '/^<link>/{ gsub("<link>","" );gsub("<\/link>","" ); print $0 }'
;; ;;
esac esac
done done
elif which wget &>/dev/null; then elif which wget > /dev/null; then
while getopts "ys" opt; do while getopts "ys" opt; do
case $opt in case $opt in
y) y)

@ -1,10 +1,11 @@
#!/usr/bin/env sh #!/usr/bin/env sh
cd `dirname $0` cd `dirname $0`
bin/apicall.sh "Steering.html?shutdown=true" > /dev/null (bin/apicall.sh "Steering.html?shutdown=true" > /dev/null && \
echo "Please wait until the YaCy daemon process terminates [wget]" echo "Please wait until the YaCy daemon process terminates [wget]" && \
echo "You can monitor this with 'tail -f DATA/LOG/yacy00.log' and 'fuser log/yacy00.log'" echo "You can monitor this with 'tail -f DATA/LOG/yacy00.log' and 'fuser log/yacy00.log'") || \
exit $?
# wait until the yacy.running file disappears which means that YaCy has terminated # wait until the yacy.running file disappears which means that YaCy has terminated
# If you don't want to wait, just run this concurrently # If you don't want to wait, just run this concurrently

Loading…
Cancel
Save