1 ## @file
2 # @details A GOsa-SI event module containing all functions used by GOsa dak
3 # @brief Implementation of a GOsa-SI-client event module.
5 package dak;
7 use strict;
8 use warnings;
9 use Exporter;
11 use GOSA::GosaSupportDaemon;
12 use MIME::Base64;
14 @ISA = qw(Exporter);
15 my @events = (
16 "get_events",
17 "get_dak_keyring",
18 "import_dak_key",
19 "remove_dak_key",
20 );
21 @EXPORT = @events;
23 BEGIN {}
25 END {}
27 our ($dak_base_directory, $dak_signing_keys_directory, $dak_queue_directory, $dak_user);
29 my %cfg_defaults = (
30 "client" =>
31 {"dak-base" => [\$dak_base_directory, "/srv/archive"],
32 "dak-keyring" => [\$dak_signing_keys_directory, "/srv/archive/keyrings"],
33 "dak-queue" => [\$dak_queue_directory, "/srv/archive/queue"],
34 "dak-user" => [\$dak_user, "deb-dak"],
35 },
36 );
37 &GOSA::GosaSupportDaemon::read_configfile($main::config_file, %cfg_defaults);
40 ## @method get_events()
41 # A brief function returning a list of functions which are exported by importing the module.
42 # @return List of all provided functions
43 sub get_events { return \@events; }
46 sub get_dak_keyring {
47 my ($msg, $msg_hash) = @_;
48 my $source = @{$msg_hash->{'source'}}[0];
49 my $target = @{$msg_hash->{'target'}}[0];
50 my $header= @{$msg_hash->{'header'}}[0];
51 my $session_id = @{$msg_hash->{'session_id'}}[0];
53 # build return message with twisted target and source
54 my $out_hash = &main::create_xml_hash("answer_$header", $target, $source);
55 &add_content2xml_hash($out_hash, "session_id", $session_id);
57 my @keys;
58 my %data;
60 my $keyring = $main::dak_signing_keys_directory."/keyring.gpg";
62 my $gpg_cmd = `which gpg`; chomp $gpg_cmd;
63 my $gpg = "$gpg_cmd --no-default-keyring --no-random-seed --keyring $keyring";
65 # Check if the keyrings are in place and readable
66 if(
67 &run_as($main::dak_user, "test -r $keyring")->{'resultCode'} != 0
68 ) {
69 &add_content2xml_hash($out_hash, "error", "DAK Keyring is not readable");
70 } else {
71 my $command = "$gpg --list-keys";
72 my $output = &run_as($main::dak_user, $command);
73 &main::daemon_log("$session_id DEBUG: ".$output->{'command'}, 7);
75 my $i=0;
76 foreach (@{$output->{'output'}}) {
77 if ($_ =~ m/^pub\s.*$/) {
78 ($keys[$i]->{'pub'}->{'length'}, $keys[$i]->{'pub'}->{'uid'}, $keys[$i]->{'pub'}->{'created'}) = ($1, $2, $3)
79 if $_ =~ m/^pub\s*?(\w*?)\/(\w*?)\s(\d{4}-\d{2}-\d{2})/;
80 $keys[$i]->{'pub'}->{'expires'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expires:\s(\d{4}-\d{2}-\d{2})\]/;
81 $keys[$i]->{'pub'}->{'expired'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expired:\s(\d{4}-\d{2}-\d{2})\]/;
82 } elsif ($_ =~ m/^sub\s.*$/) {
83 ($keys[$i]->{'sub'}->{'length'}, $keys[$i]->{'sub'}->{'uid'}, $keys[$i]->{'sub'}->{'created'}) = ($1, $2, $3)
84 if $_ =~ m/^sub\s*?(\w*?)\/(\w*?)\s(\d{4}-\d{2}-\d{2})/;
85 $keys[$i]->{'sub'}->{'expires'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expires:\s(\d{4}-\d{2}-\d{2})\]/;
86 $keys[$i]->{'sub'}->{'expired'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expired:\s(\d{4}-\d{2}-\d{2})\]/;
87 } elsif ($_ =~ m/^uid\s.*$/) {
88 push @{$keys[$i]->{'uid'}}, $1 if $_ =~ m/^uid\s*?([^\s].*?)$/;
89 } elsif ($_ =~ m/^$/) {
90 $i++;
91 }
92 }
93 }
95 my $i=0;
96 foreach my $key (@keys) {
97 &add_content2xml_hash($out_hash, "answer".$i++, $key);
98 }
99 my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0];
100 if (defined $forward_to_gosa) {
101 &add_content2xml_hash($out_hash, "forward_to_gosa", $forward_to_gosa);
102 }
103 return &create_xml_string($out_hash);
104 }
107 sub import_dak_key {
108 my ($msg, $msg_hash) = @_;
109 my $source = @{$msg_hash->{'source'}}[0];
110 my $target = @{$msg_hash->{'target'}}[0];
111 my $header= @{$msg_hash->{'header'}}[0];
112 my $session_id = @{$msg_hash->{'session_id'}}[0];
113 my $key = &decode_base64(@{$msg_hash->{'key'}}[0]);
115 # build return message with twisted target and source
116 my $out_hash = &main::create_xml_hash("answer_$header", $target, $source);
117 &add_content2xml_hash($out_hash, "session_id", $session_id);
119 my %data;
121 my $keyring = $main::dak_signing_keys_directory."/keyring.gpg";
123 my $gpg_cmd = `which gpg`; chomp $gpg_cmd;
124 my $gpg = "$gpg_cmd --no-default-keyring --no-random-seed --keyring $keyring";
126 # Check if the keyrings are in place and writable
127 if(
128 &run_as($main::dak_user, "test -w $keyring")->{'resultCode'} != 0
129 ) {
130 &add_content2xml_hash($out_hash, "error", "DAK Keyring is not writable");
131 } else {
132 my $keyfile;
133 open(my $keyfile, ">","/tmp/gosa_si_tmp_dak_key");
134 print $keyfile $key;
135 close($keyfile);
136 my $command = "$gpg --import /tmp/gosa_si_tmp_dak_key";
137 my $output = &run_as($main::dak_user, $command);
138 &main::daemon_log("$session_id DEBUG: ".$output->{'command'}, 7);
139 unlink("/tmp/gosa_si_tmp_dak_key");
141 if($output->{'resultCode'} != 0) {
142 &add_content2xml_hash($out_hash, "error", "Import of DAK key failed! Output was '".$output->{'output'}."'");
143 } else {
144 &add_content2xml_hash($out_hash, "answer", "Import of DAK key successfull! Output was '".$output->{'output'}."'");
145 }
146 }
148 my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0];
149 if (defined $forward_to_gosa) {
150 &add_content2xml_hash($out_hash, "forward_to_gosa", $forward_to_gosa);
151 }
152 return &create_xml_string($out_hash);
153 }
156 sub remove_dak_key {
157 my ($msg, $msg_hash) = @_;
158 my $source = @{$msg_hash->{'source'}}[0];
159 my $target = @{$msg_hash->{'target'}}[0];
160 my $header= @{$msg_hash->{'header'}}[0];
161 my $session_id = @{$msg_hash->{'session_id'}}[0];
162 my $key = @{$msg_hash->{'keyid'}}[0];
163 # build return message with twisted target and source
164 my $out_hash = &main::create_xml_hash("answer_$header", $target, $source);
165 &add_content2xml_hash($out_hash, "session_id", $session_id);
167 my %data;
169 my $keyring = $main::dak_signing_keys_directory."/keyring.gpg";
171 my $gpg_cmd = `which gpg`; chomp $gpg_cmd;
172 my $gpg = "$gpg_cmd --no-default-keyring --no-random-seed --homedir ".$main::dak_signing_keys_directory." --keyring $keyring";
174 # Check if the keyrings are in place and writable
175 if(
176 &run_as($main::dak_user, "test -w $keyring")->{'resultCode'} != 0
177 ) {
178 &add_content2xml_hash($out_hash, "error", "DAK keyring is not writable");
179 } else {
180 # Check if the key is present in the keyring
181 if(&run_as($main::dak_user, "$gpg --list-keys $key")->{'resultCode'} == 0) {
182 my $command = "$gpg --batch --yes --delete-key $key";
183 my $output = &run_as($main::dak_user, $command);
184 &main::daemon_log("$session_id DEBUG: ".$output->{'command'}, 7);
185 } else {
186 &add_content2xml_hash($out_hash, "error", "DAK key with id '$key' was not found in keyring");
187 }
188 }
190 my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0];
191 if (defined $forward_to_gosa) {
192 &add_content2xml_hash($out_hash, "forward_to_gosa", $forward_to_gosa);
193 }
194 return &create_xml_string($out_hash);
195 }
198 #sub get_dak_queue {
199 # my ($msg, $msg_hash, $session_id) = @_;
200 # my %data;
201 # my $source = @{$msg_hash->{'source'}}[0];
202 # my $target = @{$msg_hash->{'target'}}[0];
203 # my $header= @{$msg_hash->{'header'}}[0];
204 #
205 # my %data;
206 #
207 # foreach my $dir ("unchecked", "new", "accepted") {
208 # foreach my $file(<"$main::dak_queue_directory/$dir/*.changes">) {
209 # }
210 # }
211 #
212 # my $out_msg = &build_msg("get_dak_queue", $target, $source, \%data);
213 # my @out_msg_l = ($out_msg);
214 # return @out_msg_l;
215 #}
217 1;