diff options
Diffstat (limited to 'figures')
| -rw-r--r-- | figures/Makefile | 8 | ||||
| -rw-r--r-- | figures/ldap.tex | 151 | ||||
| -rw-r--r-- | figures/network.tex | 18 | 
3 files changed, 117 insertions, 60 deletions
| diff --git a/figures/Makefile b/figures/Makefile index 0b2fd5a..7c3783b 100644 --- a/figures/Makefile +++ b/figures/Makefile @@ -18,17 +18,17 @@ png: $(PNG)  %.svg: %.pdf -	inkscape $*-cropped.pdf --export-plain-svg=$@ +	inkscape $*-trimmed.pdf --export-plain-svg=$@  %.png: %.pdf -#	inkscape $^ --export-area-drawing --export-png=$@ -	convert -density 120 -quality 85 $*-cropped.pdf $@ +#	inkscape $*-trimmed.pdf --export-area-drawing --export-png=$@ +	convert -density 120 -quality 85 $*-trimmed.pdf $@  %.pdf: %.tex  	pdflatex -shell-escape $^  clean: -	rm -rf *.aux *.log *.auxlock network-cropped* ldap-cropped* $(PDF) $(SVG) $(PNG) +	rm -f *.aux *.log *.auxlock network-trimmed* ldap-trimmed* $(PDF) $(SVG) $(PNG)  wc: $(PDF) diff --git a/figures/ldap.tex b/figures/ldap.tex index 123ab83..1d435eb 100644 --- a/figures/ldap.tex +++ b/figures/ldap.tex @@ -5,49 +5,73 @@  \usepackage{array}  \usepackage{ae}  \usepackage{tikz} -\usetikzlibrary{trees,calc,external} +\usetikzlibrary{trees,fit,shapes,calc,external} +\tikzset{external/force remake}  \tikzexternalize  \def\dn#1{\texttt{#1}} -\newenvironment{entry}[1] -  {\begin{minipage}[t][0pt][t]{10cm} -     \texttt{#1} -     \\[.1\baselineskip] \phantom{cn=}% -     \begin{tabular}[!t]{@{}>{\ttfamily\bgroup}l<{\egroup}@{:~}% -                            >{\sffamily\bgroup}l<{\egroup}@{}}% -  } -  {  \end{tabular} -   \end{minipage}} - -\tikzset{ -  ldaptree/.style = { -    grow via three points={one child at (1cm,-1.5\baselineskip) and two children at (1cm,-1.5\baselineskip) and (1cm,-3\baselineskip)}, -    growth parent anchor=south west, -    edge from parent path={($(\tikzparentnode.south west)+(2.5ex,0)$) |- (\tikzchildnode.west)}, -  }, -  every node/.style = {anchor=west}, -  dn/.style = {font=\ttfamily} +\newenvironment{entry}[1]{% +  \begin{tabular}[t]{@{}l@{}} +    \dn{#1} +    \\[.1\baselineskip] \phantom{cn=}% +    \begin{tabular}{@{}>{\ttfamily\bgroup}l<{\egroup:}@{~}% +                       >{\sffamily\bgroup}l<{\egroup}@{}}% +}{% +    \end{tabular} +  \end{tabular} +} + +\tikzstyle{ldaptree} = [% +  anchor=west, +  grow via three points={one child at (1cm,-1.5\baselineskip) and two children at (1cm,-1.5\baselineskip) and (1cm,-3\baselineskip)}, +  growth parent anchor=south west, +  edge from parent path={($(\tikzparentnode.south west)+(2.5ex,0)$) |- (\tikzchildnode.mid west) +}, +  edge from parent/.style = {draw=black!20} +] + + +\tikzstyle{entry} = [line width=1pt,dashed,rounded corners] +\tikzstyle{manager} = [entry,fill=red!30,draw=red] +\tikzstyle{service} = [entry,fill=blue!30,draw=blue] +\tikzstyle{vdomain} = [entry,fill=green!30,draw=green] +\tikzstyle{valias} = [vdomain] +\tikzstyle{vuser} = [vdomain] +\tikzstyle{dn} = [font=\ttfamily] +\tikzstyle{ACL} = [line width=1.5pt,fill=none,solid] + +\pgfdeclarelayer{background} +\pgfdeclarelayer{foreground} +\pgfsetlayers{background,main,foreground} + + +\def\noSSHA{% +  \tikz[baseline,anchor=text,inner sep=0,outer sep=0] +    \node [anchor=text,service,ACL,cross out,draw opacity=.75] +      {\{SSHA\}xxxxxx};  }  \thispagestyle{empty}  \begin{document} -\tikzsetnextfilename{ldap-cropped} + +\centering +\tikzsetnextfilename{ldap-trimmed}  \begin{tikzpicture}[ldaptree]    \node[dn] { {o=mailhosting,dc=fripost,dc=org} }      child {        node[dn] { ou=managers }         child { -        node { +        node[manager] (gustav) {            \begin{entry}{cn=gustav}              userPassword & \{SSHA\}xxxxxx            \end{entry}          }        }         child [missing] {} -      child[dn] { -        node { +      child { +        node[manager] (ljo) {            \begin{entry}{cn=ljo}              userPassword & \dots            \end{entry} @@ -61,7 +85,7 @@      child {        node[dn] { ou=services }         child { -        node { +        node[service] (SMTP) {            \begin{entry}{cn=SMTP}              userPassword & \{SSHA\}xxxxxx            \end{entry} @@ -69,7 +93,7 @@        }         child [missing] {}        child { -        node { +        node[service] (SASLauth) {            \begin{entry}{cn=SASLauth}              userPassword & \dots            \end{entry} @@ -81,17 +105,16 @@      child [missing] {}      child [missing] {}      child { -      node[dn] { ou=virtual } +      node[dn] (virtual) { ou=virtual }        child { -        node { +        node[vdomain] {            \begin{entry}{dc=fripost.org}              isActive & TRUE            \end{entry} -        } -        child [missing] {} -        child  +        } [every child node/.style={yshift=-\baselineskip}] +        child          { -          node { +          node[valias] {              \begin{entry}{mailTarget=user@fripost.org}                mailLocalAddress & user-alias \\                isActive & TRUE  @@ -99,23 +122,22 @@            }          }          child [missing] {} -        child [missing] {}          child  -        { node { \dn{mailTarget=\dots} }  +        { node[valias] { \dn{mailTarget=\dots} }           } +        child [missing] {}          child           { -          node { +          node[vuser] (user-fripost-org) {              \begin{entry}{uid=user} -              userPassword & \{SSHA\}xxxxxx \\ +              userPassword & \noSSHA \\                isactive & TRUE               \end{entry}            }          }          child [missing] {} -        child [missing] {}          child  -        { node { \dn{uid=\dots} }  +        { node[vuser] { \dn{uid=\dots} }           }        }        child [missing] {} @@ -129,16 +151,15 @@        child [missing] {}        child [missing] {}        child { -        node { +        node[vdomain] (example-org) {            \begin{entry}{dc=example.org}              owner & \texttt{uid=user,dc=fripost.org,ou=virtual,\dots} \\              isActive & TRUE            \end{entry} -        } -        child [missing] {} +        } [every child node/.style={yshift=-\baselineskip}]          child             { -          node { +          node[valias] {              \begin{entry}{mailTarget=user@fripost.org}                mailLocalAddress & user \\                isActive & TRUE @@ -146,15 +167,57 @@            }          }          child [missing] {} -        child [missing] {}          child  -        { node { \dn{mailTarget=\dots} }  +        { node[valias] { \dn{mailTarget=\dots} }           }          child  -        { node { \dn{uid=\dots} }  +        { node[vuser] (example-org-uid-etc) { \dn{uid=\dots} }           }        }      }; + +\begin{pgfonlayer}{background} +  \node[fit=(example-org)(example-org-uid-etc),inner sep=3pt, +        fill=yellow!50, opacity=.3, rounded corners, draw, dashed] +    (example-org-fit) {}; + +  \node[fit=(virtual)(example-org-fit),inner sep=3pt, +        fill=yellow!50, opacity=.3, rounded corners, draw, dashed] +    (virtual-fit) {}; +\end{pgfonlayer} +\tikzset{trim left=0,trim right=(virtual-fit.east)} + +\draw[->,manager,ACL] +    (gustav.north east) +    .. controls +(0:5cm) and +(45:4cm) .. +    (virtual-fit.north east) +    node[pos=.3,above,sloped] {read, write}; +\draw[->,manager,ACL] +    (ljo.north east) +    .. controls +(0:5cm) and +(45:4cm) .. +    (virtual-fit.north east); + +\draw[->,vuser,ACL] +    (user-fripost-org.north east) +    .. controls +(45:3cm) and +(45:3cm) .. +    (example-org-fit.north east) +    node[pos=.5,above,sloped] {read, write}; + +\draw[->,vuser,ACL] +    (user-fripost-org.north west) +    .. controls +(135:1cm) and +(180:3cm) .. +    ($(user-fripost-org.mid west)+(2em,-\baselineskip)$) +    node[pos=.5,above,sloped] {write}; + +\draw[->,service,ACL] +    (SMTP.north west) +    .. controls +(180:6cm) and +(180:5cm) .. +    (virtual-fit.west) +    node[pos=.45,above,sloped] {read}; +\draw[->,service,ACL] +    (SASLauth.north west) +    .. controls +(180:5cm) and +(180:4cm) .. +    (virtual-fit.west);  \end{tikzpicture}  \end{document} diff --git a/figures/network.tex b/figures/network.tex index 6cebbf8..8be726a 100644 --- a/figures/network.tex +++ b/figures/network.tex @@ -6,11 +6,7 @@  \usepackage{ae}  \usepackage{tikz}  \usetikzlibrary{shadows,positioning,calc,fit,fadings,external} - -\tikzset{% -  external/optimize command away=\withCurrentBoundingBox -} -\def\withCurrentBoundingBox{\pgfusepath{use as bounding box}} +\tikzset{external/force remake}  \tikzexternalize  \newcommand{\machine}[2][]{ @@ -73,8 +69,8 @@  \centering  \vspace*{\fill} -\tikzsetnextfilename{network-cropped} -\begin{tikzpicture} +\tikzsetnextfilename{network-trimmed} +\begin{tikzpicture}[trim left=10cm, trim right=10cm]    \begin{scope}[node distance=5pt]      % The member's machine @@ -116,7 +112,6 @@      \machine[gnu]{ (MSA) (MTA) }    \end{scope} -  \withCurrentBoundingBox    \begin{pgfonlayer}{background}      \begin{scope} @@ -181,8 +176,8 @@                (SMTP-client.north)                .. controls +(0,5cm) and +(-5cm,0) ..                ($0.5*(SMTP-server)+0.5*(LDAP-consumer)+(0,1.5cm)$) -          node[pos=1,above,proto] {ESMTPSA} -          node[pos=1,below,what]  {\texttt{sendmail}} +          node[pos=.5,above,proto] {ESMTPSA} +          node[pos=.5,below,what]  {\texttt{sendmail}}                .. controls +(5cm,0) and +(0,5cm) ..                (MSA.north)            node[pos=0.985,above,port] {587}; @@ -208,8 +203,7 @@              .. controls +(30:8cm) and +(0,-2.5cm) ..              (LDAP-producer.south)          node[pos=0.5,above,proto] {LDAP \textnormal{(over \texttt{SSH})}} -        node[pos=0.15,above,what] {auth. bind to} -        node[pos=0.15,below,what] {mod. password} +        node[pos=0.15,below,what] {mod. \texttt{userPassword}}          node[pos=0.96,above,port] {389};      \draw[->,route] (MSA) edge | 
