From c3ec4e03a095feddc8bacb01d1e4375039b21092 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Wed, 10 Jul 2013 14:46:50 -0400
Subject: Teach HAproxy about sync usernames (though the code in the main repo
 still needs to catch up)

---
 config/haproxy/haproxy.inc        | 15 +++++++++++----
 config/haproxy/haproxy_global.php | 10 ++++++++++
 2 files changed, 21 insertions(+), 4 deletions(-)

(limited to 'config/haproxy')

diff --git a/config/haproxy/haproxy.inc b/config/haproxy/haproxy.inc
index 45dce95c..332cc8f7 100644
--- a/config/haproxy/haproxy.inc
+++ b/config/haproxy/haproxy.inc
@@ -602,15 +602,18 @@ function haproxy_writeconf() {
 	if(isset($config['installedpackages']['haproxy']['enablesync'])) {
 		if($config['installedpackages']['haproxy']['synchost1']) {
 			haproxy_do_xmlrpc_sync($config['installedpackages']['haproxy']['synchost1'], 
+				$config['installedpackages']['haproxy']['syncusername'],
 				$config['installedpackages']['haproxy']['syncpassword']);
 		}
 		if($config['installedpackages']['haproxy']['synchost2']) {
 			haproxy_do_xmlrpc_sync($config['installedpackages']['haproxy']['synchost2'], 
+				$config['installedpackages']['haproxy']['syncusername'],
 				$config['installedpackages']['haproxy']['syncpassword']);
 		}
 		if($config['installedpackages']['haproxy']['synchost3']) {
 			haproxy_do_xmlrpc_sync($config['installedpackages']['haproxy']['synchost3'], 
-				$config['installedpackages']['haproxy']['syncpassword']);				
+				$config['installedpackages']['haproxy']['syncusername'],
+				$config['installedpackages']['haproxy']['syncpassword']);
 		}
 	}
 
@@ -673,7 +676,7 @@ function haproxy_check_run($reload) {
 	
 }
 
-function haproxy_do_xmlrpc_sync($sync_to_ip, $password) {
+function haproxy_do_xmlrpc_sync($sync_to_ip, $username, $password) {
 	global $config, $g;
 
 	if(!$password)
@@ -681,6 +684,9 @@ function haproxy_do_xmlrpc_sync($sync_to_ip, $password) {
 
 	if(!$sync_to_ip)
 		return;
+
+	if (empty($username))
+		$username = "admin";
 	
 	// Do not allow syncing to self.
 	$donotsync = false;
@@ -723,6 +729,7 @@ function haproxy_do_xmlrpc_sync($sync_to_ip, $password) {
 	unset($xml['synchost1']);
 	unset($xml['synchost2']);
 	unset($xml['synchost3']);
+	unset($xml['syncusername']);
 	unset($xml['syncpassword']);
 
 	/* assemble xmlrpc payload */
@@ -737,7 +744,7 @@ function haproxy_do_xmlrpc_sync($sync_to_ip, $password) {
 	$method = 'pfsense.merge_installedpackages_section_xmlrpc';
 	$msg = new XML_RPC_Message($method, $params);
 	$cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
-	$cli->setCredentials('admin', $password);
+	$cli->setCredentials($username, $password);
 	if($g['debug'])
 		$cli->setDebug(1);
 	/* send our XMLRPC message and timeout after 250 seconds */
@@ -770,7 +777,7 @@ function haproxy_do_xmlrpc_sync($sync_to_ip, $password) {
 	log_error("HAProxy XMLRPC reload data {$url}:{$port}.");
 	$msg = new XML_RPC_Message($method, $params);
 	$cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
-	$cli->setCredentials('admin', $password);
+	$cli->setCredentials($username, $password);
 	$resp = $cli->send($msg, "250");
 	if(!$resp) {
 		$error = "A communications error occurred while attempting HAProxy XMLRPC sync with {$url}:{$port} (exec_php).";
diff --git a/config/haproxy/haproxy_global.php b/config/haproxy/haproxy_global.php
index 340c578b..3d64e946 100755
--- a/config/haproxy/haproxy_global.php
+++ b/config/haproxy/haproxy_global.php
@@ -82,6 +82,7 @@ if ($_POST) {
 			$config['installedpackages']['haproxy']['logfacility'] = $_POST['logfacility'] ? $_POST['logfacility'] : false;
 			$config['installedpackages']['haproxy']['loglevel'] = $_POST['loglevel'] ? $_POST['loglevel'] : false;
 			$config['installedpackages']['haproxy']['carpdev'] = $_POST['carpdev'] ? $_POST['carpdev'] : false;
+			$config['installedpackages']['haproxy']['syncusername'] = $_POST['syncusername'] ? $_POST['syncusername'] : false;
 			$config['installedpackages']['haproxy']['syncpassword'] = $_POST['syncpassword'] ? $_POST['syncpassword'] : false;
 			$config['installedpackages']['haproxy']['advanced'] = base64_encode($_POST['advanced']) ? $_POST['advanced'] : false;
 			$config['installedpackages']['haproxy']['nbproc'] = $_POST['nbproc'] ? $_POST['nbproc'] : false;			
@@ -95,6 +96,7 @@ if ($_POST) {
 $pconfig['enable'] = isset($config['installedpackages']['haproxy']['enable']);
 $pconfig['maxconn'] = $config['installedpackages']['haproxy']['maxconn'];
 $pconfig['enablesync'] = isset($config['installedpackages']['haproxy']['enablesync']);
+$pconfig['syncusername'] = $config['installedpackages']['haproxy']['syncusername'];
 $pconfig['syncpassword'] = $config['installedpackages']['haproxy']['syncpassword'];
 $pconfig['synchost1'] = $config['installedpackages']['haproxy']['synchost1'];
 $pconfig['synchost2'] = $config['installedpackages']['haproxy']['synchost2'];
@@ -335,6 +337,14 @@ function enable_change(enable_change) {
 					<strong>Sync HAProxy configuration to backup CARP members via XMLRPC.</strong>
 				</td>
 			</tr>
+			<tr>
+				<td width="22%" valign="top" class="vncell">Synchronization username</td>
+				<td width="78%" class="vtable">
+					<input name="syncusername" type="text" value="<?= empty($pconfig['syncusername']) ? 'admin' : $pconfig['syncusername'];?>">
+					<br/>
+					<strong>Enter the usernmame that will be used during configuration synchronization.  This is generally "admin" or an admin-level privileged account on the target system..</strong>
+				</td>
+			</tr>
 			<tr>
 				<td width="22%" valign="top" class="vncell">Synchronization password</td>
 				<td width="78%" class="vtable">
-- 
cgit v1.2.3