1 ## @file
2 # @details A GOsa-SI event module containing all functions used by GOsa dak
3 # @brief Implementation of a GOsa-SI-client event module.
5 package dak;
7 use strict;
8 use warnings;
10 use GOsaSI::GosaSupportDaemon;
11 use MIME::Base64;
13 use Exporter;
15 our @ISA = qw(Exporter);
17 my @events = (
18 "get_events",
19 "get_dak_keyring",
20 "import_dak_key",
21 "remove_dak_key",
22 );
24 our @EXPORT = @events;
26 BEGIN {}
28 END {}
30 our ($dak_base_directory, $dak_signing_keys_directory, $dak_queue_directory, $dak_user);
32 my %cfg_defaults = (
33 "client" =>
34 {"dak-base" => [\$dak_base_directory, "/srv/archive"],
35 "dak-keyring" => [\$dak_signing_keys_directory, "/srv/archive/keyrings"],
36 "dak-queue" => [\$dak_queue_directory, "/srv/archive/queue"],
37 "dak-user" => [\$dak_user, "deb-dak"],
38 },
39 );
40 &GOsaSI::GosaSupportDaemon::read_configfile($main::config_file, %cfg_defaults);
43 ## @method get_events()
44 # A brief function returning a list of functions which are exported by importing the module.
45 # @return List of all provided functions
46 sub get_events { return \@events; }
49 sub get_dak_keyring {
50 my ($msg, $msg_hash) = @_;
51 my $source = @{$msg_hash->{'source'}}[0];
52 my $target = @{$msg_hash->{'target'}}[0];
53 my $header= @{$msg_hash->{'header'}}[0];
54 my $session_id = @{$msg_hash->{'session_id'}}[0];
56 # build return message with twisted target and source
57 my $out_hash = &main::create_xml_hash("answer_$header", $target, $source);
58 &add_content2xml_hash($out_hash, "session_id", $session_id);
60 my @keys;
61 my %data;
63 my $keyring = $main::dak_signing_keys_directory."/keyring.gpg";
65 my $gpg_cmd = `which gpg`; chomp $gpg_cmd;
66 my $gpg = "$gpg_cmd --no-default-keyring --no-random-seed --keyring $keyring";
68 # Check if the keyrings are in place and readable
69 if(
70 &run_as($main::dak_user, "test -r $keyring")->{'resultCode'} != 0
71 ) {
72 &add_content2xml_hash($out_hash, "error", "DAK Keyring is not readable");
73 } else {
74 my $command = "$gpg --list-keys";
75 my $output = &run_as($main::dak_user, $command);
76 &main::daemon_log("$session_id DEBUG: ".$output->{'command'}, 7);
78 my $i=0;
79 foreach (@{$output->{'output'}}) {
80 if ($_ =~ m/^pub\s.*$/) {
81 ($keys[$i]->{'pub'}->{'length'}, $keys[$i]->{'pub'}->{'uid'}, $keys[$i]->{'pub'}->{'created'}) = ($1, $2, $3)
82 if $_ =~ m/^pub\s*?(\w*?)\/(\w*?)\s(\d{4}-\d{2}-\d{2})/;
83 $keys[$i]->{'pub'}->{'expires'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expires:\s(\d{4}-\d{2}-\d{2})\]/;
84 $keys[$i]->{'pub'}->{'expired'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expired:\s(\d{4}-\d{2}-\d{2})\]/;
85 } elsif ($_ =~ m/^sub\s.*$/) {
86 ($keys[$i]->{'sub'}->{'length'}, $keys[$i]->{'sub'}->{'uid'}, $keys[$i]->{'sub'}->{'created'}) = ($1, $2, $3)
87 if $_ =~ m/^sub\s*?(\w*?)\/(\w*?)\s(\d{4}-\d{2}-\d{2})/;
88 $keys[$i]->{'sub'}->{'expires'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expires:\s(\d{4}-\d{2}-\d{2})\]/;
89 $keys[$i]->{'sub'}->{'expired'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expired:\s(\d{4}-\d{2}-\d{2})\]/;
90 } elsif ($_ =~ m/^uid\s.*$/) {
91 push @{$keys[$i]->{'uid'}}, $1 if $_ =~ m/^uid\s*?([^\s].*?)$/;
92 } elsif ($_ =~ m/^$/) {
93 $i++;
94 }
95 }
96 }
98 my $i=0;
99 foreach my $key (@keys) {
100 &add_content2xml_hash($out_hash, "answer".$i++, $key);
101 }
102 my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0];
103 if (defined $forward_to_gosa) {
104 &add_content2xml_hash($out_hash, "forward_to_gosa", $forward_to_gosa);
105 }
106 return &create_xml_string($out_hash);
107 }
110 sub import_dak_key {
111 my ($msg, $msg_hash) = @_;
112 my $source = @{$msg_hash->{'source'}}[0];
113 my $target = @{$msg_hash->{'target'}}[0];
114 my $header= @{$msg_hash->{'header'}}[0];
115 my $session_id = @{$msg_hash->{'session_id'}}[0];
116 my $key = &decode_base64(@{$msg_hash->{'key'}}[0]);
118 # build return message with twisted target and source
119 my $out_hash = &main::create_xml_hash("answer_$header", $target, $source);
120 &add_content2xml_hash($out_hash, "session_id", $session_id);
122 my %data;
124 my $keyring = $main::dak_signing_keys_directory."/keyring.gpg";
126 my $gpg_cmd = `which gpg`; chomp $gpg_cmd;
127 my $gpg = "$gpg_cmd --no-default-keyring --no-random-seed --keyring $keyring";
129 # Check if the keyrings are in place and writable
130 if(
131 &run_as($main::dak_user, "test -w $keyring")->{'resultCode'} != 0
132 ) {
133 &add_content2xml_hash($out_hash, "error", "DAK Keyring is not writable");
134 } else {
135 my $keyfile;
136 open(my $keyfile, ">","/tmp/gosa_si_tmp_dak_key");
137 print $keyfile $key;
138 close($keyfile);
139 my $command = "$gpg --import /tmp/gosa_si_tmp_dak_key";
140 my $output = &run_as($main::dak_user, $command);
141 &main::daemon_log("$session_id DEBUG: ".$output->{'command'}, 7);
142 unlink("/tmp/gosa_si_tmp_dak_key");
144 if($output->{'resultCode'} != 0) {
145 &add_content2xml_hash($out_hash, "error", "Import of DAK key failed! Output was '".$output->{'output'}."'");
146 } else {
147 &add_content2xml_hash($out_hash, "answer", "Import of DAK key successfull! Output was '".$output->{'output'}."'");
148 }
149 }
151 my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0];
152 if (defined $forward_to_gosa) {
153 &add_content2xml_hash($out_hash, "forward_to_gosa", $forward_to_gosa);
154 }
155 return &create_xml_string($out_hash);
156 }
159 sub remove_dak_key {
160 my ($msg, $msg_hash) = @_;
161 my $source = @{$msg_hash->{'source'}}[0];
162 my $target = @{$msg_hash->{'target'}}[0];
163 my $header= @{$msg_hash->{'header'}}[0];
164 my $session_id = @{$msg_hash->{'session_id'}}[0];
165 my $key = @{$msg_hash->{'keyid'}}[0];
166 # build return message with twisted target and source
167 my $out_hash = &main::create_xml_hash("answer_$header", $target, $source);
168 &add_content2xml_hash($out_hash, "session_id", $session_id);
170 my %data;
172 my $keyring = $main::dak_signing_keys_directory."/keyring.gpg";
174 my $gpg_cmd = `which gpg`; chomp $gpg_cmd;
175 my $gpg = "$gpg_cmd --no-default-keyring --no-random-seed --homedir ".$main::dak_signing_keys_directory." --keyring $keyring";
177 # Check if the keyrings are in place and writable
178 if(
179 &run_as($main::dak_user, "test -w $keyring")->{'resultCode'} != 0
180 ) {
181 &add_content2xml_hash($out_hash, "error", "DAK keyring is not writable");
182 } else {
183 # Check if the key is present in the keyring
184 if(&run_as($main::dak_user, "$gpg --list-keys $key")->{'resultCode'} == 0) {
185 my $command = "$gpg --batch --yes --delete-key $key";
186 my $output = &run_as($main::dak_user, $command);
187 &main::daemon_log("$session_id DEBUG: ".$output->{'command'}, 7);
188 } else {
189 &add_content2xml_hash($out_hash, "error", "DAK key with id '$key' was not found in keyring");
190 }
191 }
193 my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0];
194 if (defined $forward_to_gosa) {
195 &add_content2xml_hash($out_hash, "forward_to_gosa", $forward_to_gosa);
196 }
197 return &create_xml_string($out_hash);
198 }
201 #sub get_dak_queue {
202 # my ($msg, $msg_hash, $session_id) = @_;
203 # my %data;
204 # my $source = @{$msg_hash->{'source'}}[0];
205 # my $target = @{$msg_hash->{'target'}}[0];
206 # my $header= @{$msg_hash->{'header'}}[0];
207 #
208 # my %data;
209 #
210 # foreach my $dir ("unchecked", "new", "accepted") {
211 # foreach my $file(<"$main::dak_queue_directory/$dir/*.changes">) {
212 # }
213 # }
214 #
215 # my $out_msg = &build_msg("get_dak_queue", $target, $source, \%data);
216 # my @out_msg_l = ($out_msg);
217 # return @out_msg_l;
218 #}
220 1;