1 files changed, 64 insertions, 9 deletions

diff --git a/server/mfad.py b/server/mfad.py
index d045e14..46fc0cc 100755
--- a/server/mfad.py
+++ b/server/mfad.py
@@ -7,6 +7,8 @@ import threading
 import pyotp
 import sqlite3
 import re
+import configparser
+import argparse
 
 ## Listens for authentication request from PAM module
 ## Recevies connection from client
@@ -16,7 +18,7 @@ import re
 ## Return pass or fail response to PAM moudle
 
 
-DB_NAME = "mfa.db"
+DB_NAME = ""
 HEADER_LENGTH = 64
 KEY_LENGTH = 64
 DISCONNECT_LENGTH = ACK_LENGTH = 3
@@ -41,6 +43,22 @@ CLIENT_SECRET_INDEX = 2
 # key and a tuple of (socket,(addr,port)) as the value
 client_connections = dict()
 
+def parse_arguments():
+    parser = argparse.ArgumentParser()
+    parser.add_argument("--address",type=str,help="Bind Address")
+    parser.add_argument("--pam-port",type=int,help="Port to listen for PAM requests")
+    parser.add_argument("--client-port",type=int,help="Port for client connections")
+    parser.add_argument("--database",type=str,help="Path to alternate database file")
+    parser.add_argument("--config",type=str,help="Alternate config file location",\
+                         default="/etc/mfa/mfa.conf")
+    return parser.parse_args()
+
+
+def read_config(config):
+    parser = configparser.ConfigParser(inline_comment_prefixes="#")
+    parser.read(config)
+    return parser
+
 
 def eval_mfa(client_key, mfa_methods, client_response):
     print("response: " + client_response)
@@ -228,14 +246,14 @@ def listen_pam(addr, port):
 
 ################################################################################
 
-def create_db():
-    with sqlite3.connect(DB_NAME) as conn:
+def create_db(db):
+    with sqlite3.connect(db) as conn:
         c = conn.cursor()
         c.execute("""CREATE TABLE applications (
                     username text,
                     hostname text,
                     service text,
-                    client_key text,
+                    alias text,
                     mfa_methods text
                 )""")
         c.execute("""CREATE TABLE clients (
@@ -243,16 +261,53 @@ def create_db():
                     key text,
                     totp_secret text
                  )""")
+        conn.commit()
+
+
+def get_vars(args,confparser):
+    if not os.path.exists(args.config):
+        print("Unable to open config file")
+        sys.exit(1)
+
+    bind_addr = None
+    client_port = None
+    pam_port = None
+    database = None
+
+    # Set values from config file first
+    if confparser.has_section("mfad"):
+        bind_addr = confparser.get("mfad","address",fallback=None) 
+        client_port = confparser.get("mfad","client-port",fallback=None) 
+        pam_port = confparser.get("mfad","pam-port",fallback=None) 
+        database = confparser.get("mfad","database",fallback=None) 
+        
+    # Let command line args overwrite any values
+    if args.address:
+        bind_addr = args.address
+    if args.client_port:
+        client_port = args.client_port
+    if args.pam_port:
+        pam_port = args.pam_port
+    if args.database:
+        database = args.database
+
+    # Exit if any value is null
+    if None in [bind_addr,client_port,pam_port,database]:
+        print("error: one or more items unspecified")
+        sys.exit(1)
+
+    return bind_addr, int(client_port), int(pam_port), database
 
 
 def main():
-    global connection_list
-    bind_addr = "127.0.0.1"
-    pam_port = 8000
-    client_port = 8001
+    args = parse_arguments()
+    confparser = read_config(args.config)
+
+    bind_addr, client_port, pam_port, DB_NAME = get_vars(args,confparser)
 
     if not os.path.exists(DB_NAME):
-        create_db()
+        print("Creating DB")
+        create_db(DB_NAME)
 
     clients = threading.Thread(target=listen_client,args=(bind_addr,client_port))
     pam = threading.Thread(target=listen_pam,args=(bind_addr,pam_port))