1 ## @file
2 # @details A GOsa-SI event module containing all functions used by GOsa dak
3 # @brief Implementation of a GOsa-SI-client event module.
5 package dak;
7 use strict;
8 use warnings;
9 use Exporter;
11 use GOSA::GosaSupportDaemon;
12 use MIME::Base64;
14 our @ISA = qw(Exporter);
16 my @events = (
17 "get_events",
18 "get_dak_keyring",
19 "import_dak_key",
20 "remove_dak_key",
21 );
23 our @EXPORT = @events;
25 BEGIN {}
27 END {}
29 our ($dak_base_directory, $dak_signing_keys_directory, $dak_queue_directory, $dak_user);
31 my %cfg_defaults = (
32 "client" =>
33 {"dak-base" => [\$dak_base_directory, "/srv/archive"],
34 "dak-keyring" => [\$dak_signing_keys_directory, "/srv/archive/keyrings"],
35 "dak-queue" => [\$dak_queue_directory, "/srv/archive/queue"],
36 "dak-user" => [\$dak_user, "deb-dak"],
37 },
38 );
39 &GOSA::GosaSupportDaemon::read_configfile($main::config_file, %cfg_defaults);
42 ## @method get_events()
43 # A brief function returning a list of functions which are exported by importing the module.
44 # @return List of all provided functions
45 sub get_events { return \@events; }
48 sub get_dak_keyring {
49 my ($msg, $msg_hash) = @_;
50 my $source = @{$msg_hash->{'source'}}[0];
51 my $target = @{$msg_hash->{'target'}}[0];
52 my $header= @{$msg_hash->{'header'}}[0];
53 my $session_id = @{$msg_hash->{'session_id'}}[0];
55 # build return message with twisted target and source
56 my $out_hash = &main::create_xml_hash("answer_$header", $target, $source);
57 &add_content2xml_hash($out_hash, "session_id", $session_id);
59 my @keys;
60 my %data;
62 my $keyring = $main::dak_signing_keys_directory."/keyring.gpg";
64 my $gpg_cmd = `which gpg`; chomp $gpg_cmd;
65 my $gpg = "$gpg_cmd --no-default-keyring --no-random-seed --keyring $keyring";
67 # Check if the keyrings are in place and readable
68 if(
69 &run_as($main::dak_user, "test -r $keyring")->{'resultCode'} != 0
70 ) {
71 &add_content2xml_hash($out_hash, "error", "DAK Keyring is not readable");
72 } else {
73 my $command = "$gpg --list-keys";
74 my $output = &run_as($main::dak_user, $command);
75 &main::daemon_log("$session_id DEBUG: ".$output->{'command'}, 7);
77 my $i=0;
78 foreach (@{$output->{'output'}}) {
79 if ($_ =~ m/^pub\s.*$/) {
80 ($keys[$i]->{'pub'}->{'length'}, $keys[$i]->{'pub'}->{'uid'}, $keys[$i]->{'pub'}->{'created'}) = ($1, $2, $3)
81 if $_ =~ m/^pub\s*?(\w*?)\/(\w*?)\s(\d{4}-\d{2}-\d{2})/;
82 $keys[$i]->{'pub'}->{'expires'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expires:\s(\d{4}-\d{2}-\d{2})\]/;
83 $keys[$i]->{'pub'}->{'expired'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expired:\s(\d{4}-\d{2}-\d{2})\]/;
84 } elsif ($_ =~ m/^sub\s.*$/) {
85 ($keys[$i]->{'sub'}->{'length'}, $keys[$i]->{'sub'}->{'uid'}, $keys[$i]->{'sub'}->{'created'}) = ($1, $2, $3)
86 if $_ =~ m/^sub\s*?(\w*?)\/(\w*?)\s(\d{4}-\d{2}-\d{2})/;
87 $keys[$i]->{'sub'}->{'expires'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expires:\s(\d{4}-\d{2}-\d{2})\]/;
88 $keys[$i]->{'sub'}->{'expired'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expired:\s(\d{4}-\d{2}-\d{2})\]/;
89 } elsif ($_ =~ m/^uid\s.*$/) {
90 push @{$keys[$i]->{'uid'}}, $1 if $_ =~ m/^uid\s*?([^\s].*?)$/;
91 } elsif ($_ =~ m/^$/) {
92 $i++;
93 }
94 }
95 }
97 my $i=0;
98 foreach my $key (@keys) {
99 &add_content2xml_hash($out_hash, "answer".$i++, $key);
100 }
101 my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0];
102 if (defined $forward_to_gosa) {
103 &add_content2xml_hash($out_hash, "forward_to_gosa", $forward_to_gosa);
104 }
105 return &create_xml_string($out_hash);
106 }
109 sub import_dak_key {
110 my ($msg, $msg_hash) = @_;
111 my $source = @{$msg_hash->{'source'}}[0];
112 my $target = @{$msg_hash->{'target'}}[0];
113 my $header= @{$msg_hash->{'header'}}[0];
114 my $session_id = @{$msg_hash->{'session_id'}}[0];
115 my $key = &decode_base64(@{$msg_hash->{'key'}}[0]);
117 # build return message with twisted target and source
118 my $out_hash = &main::create_xml_hash("answer_$header", $target, $source);
119 &add_content2xml_hash($out_hash, "session_id", $session_id);
121 my %data;
123 my $keyring = $main::dak_signing_keys_directory."/keyring.gpg";
125 my $gpg_cmd = `which gpg`; chomp $gpg_cmd;
126 my $gpg = "$gpg_cmd --no-default-keyring --no-random-seed --keyring $keyring";
128 # Check if the keyrings are in place and writable
129 if(
130 &run_as($main::dak_user, "test -w $keyring")->{'resultCode'} != 0
131 ) {
132 &add_content2xml_hash($out_hash, "error", "DAK Keyring is not writable");
133 } else {
134 my $keyfile;
135 open(my $keyfile, ">","/tmp/gosa_si_tmp_dak_key");
136 print $keyfile $key;
137 close($keyfile);
138 my $command = "$gpg --import /tmp/gosa_si_tmp_dak_key";
139 my $output = &run_as($main::dak_user, $command);
140 &main::daemon_log("$session_id DEBUG: ".$output->{'command'}, 7);
141 unlink("/tmp/gosa_si_tmp_dak_key");
143 if($output->{'resultCode'} != 0) {
144 &add_content2xml_hash($out_hash, "error", "Import of DAK key failed! Output was '".$output->{'output'}."'");
145 } else {
146 &add_content2xml_hash($out_hash, "answer", "Import of DAK key successfull! Output was '".$output->{'output'}."'");
147 }
148 }
150 my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0];
151 if (defined $forward_to_gosa) {
152 &add_content2xml_hash($out_hash, "forward_to_gosa", $forward_to_gosa);
153 }
154 return &create_xml_string($out_hash);
155 }
158 sub remove_dak_key {
159 my ($msg, $msg_hash) = @_;
160 my $source = @{$msg_hash->{'source'}}[0];
161 my $target = @{$msg_hash->{'target'}}[0];
162 my $header= @{$msg_hash->{'header'}}[0];
163 my $session_id = @{$msg_hash->{'session_id'}}[0];
164 my $key = @{$msg_hash->{'keyid'}}[0];
165 # build return message with twisted target and source
166 my $out_hash = &main::create_xml_hash("answer_$header", $target, $source);
167 &add_content2xml_hash($out_hash, "session_id", $session_id);
169 my %data;
171 my $keyring = $main::dak_signing_keys_directory."/keyring.gpg";
173 my $gpg_cmd = `which gpg`; chomp $gpg_cmd;
174 my $gpg = "$gpg_cmd --no-default-keyring --no-random-seed --homedir ".$main::dak_signing_keys_directory." --keyring $keyring";
176 # Check if the keyrings are in place and writable
177 if(
178 &run_as($main::dak_user, "test -w $keyring")->{'resultCode'} != 0
179 ) {
180 &add_content2xml_hash($out_hash, "error", "DAK keyring is not writable");
181 } else {
182 # Check if the key is present in the keyring
183 if(&run_as($main::dak_user, "$gpg --list-keys $key")->{'resultCode'} == 0) {
184 my $command = "$gpg --batch --yes --delete-key $key";
185 my $output = &run_as($main::dak_user, $command);
186 &main::daemon_log("$session_id DEBUG: ".$output->{'command'}, 7);
187 } else {
188 &add_content2xml_hash($out_hash, "error", "DAK key with id '$key' was not found in keyring");
189 }
190 }
192 my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0];
193 if (defined $forward_to_gosa) {
194 &add_content2xml_hash($out_hash, "forward_to_gosa", $forward_to_gosa);
195 }
196 return &create_xml_string($out_hash);
197 }
200 #sub get_dak_queue {
201 # my ($msg, $msg_hash, $session_id) = @_;
202 # my %data;
203 # my $source = @{$msg_hash->{'source'}}[0];
204 # my $target = @{$msg_hash->{'target'}}[0];
205 # my $header= @{$msg_hash->{'header'}}[0];
206 #
207 # my %data;
208 #
209 # foreach my $dir ("unchecked", "new", "accepted") {
210 # foreach my $file(<"$main::dak_queue_directory/$dir/*.changes">) {
211 # }
212 # }
213 #
214 # my $out_msg = &build_msg("get_dak_queue", $target, $source, \%data);
215 # my @out_msg_l = ($out_msg);
216 # return @out_msg_l;
217 #}
219 1;