![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
1 #!/usr/bin/perl
2 #===============================================================================
3 #
4 # FILE: gosa-sd
5 #
6 # USAGE: ./gosa-sd
7 #
8 # DESCRIPTION:
9 #
10 # OPTIONS: ---
11 # REQUIREMENTS: libconfig-inifiles-perl libcrypt-rijndael-perl libxml-simple-perl
12 # libdata-dumper-simple-perl libdbd-sqlite3-perl libnet-ldap-perl
13 # libpoe-perl
14 # BUGS: ---
15 # NOTES:
16 # AUTHOR: (Andreas Rettenberger), <rettenberger@gonicus.de>
17 # COMPANY:
18 # VERSION: 1.0
19 # CREATED: 12.09.2007 08:54:41 CEST
20 # REVISION: ---
21 #===============================================================================
23 use strict;
24 use warnings;
25 use Getopt::Long;
26 use Config::IniFiles;
27 use POSIX;
28 use utf8;
30 use Fcntl;
31 use IO::Socket::INET;
32 use IO::Handle;
33 use IO::Select;
34 use Symbol qw(qualify_to_ref);
35 use Crypt::Rijndael;
36 use MIME::Base64;
37 use Digest::MD5 qw(md5 md5_hex md5_base64);
38 use XML::Simple;
39 use Data::Dumper;
40 use Sys::Syslog qw( :DEFAULT setlogsock);
41 use Cwd;
42 use File::Spec;
43 use File::Basename;
44 use File::Path;
45 use GOSA::DBsqlite;
46 use GOSA::GosaSupportDaemon;
47 use POE qw(Component::Server::TCP);
48 use Net::LDAP;
49 use Net::LDAP::Util qw(:escape);
51 my $modules_path = "/usr/lib/gosa-si/modules";
52 use lib "/usr/lib/gosa-si/modules";
54 my (%cfg_defaults, $foreground, $verbose, $ping_timeout);
55 my ($bus_activ, $bus, $msg_to_bus, $bus_cipher);
56 my ($server, $server_mac_address);
57 my ($gosa_server, $job_queue_timeout, $job_queue_loop_delay);
58 my ($known_modules);
59 my ($pid_file, $procid, $pid, $log_file);
60 my ($arp_activ, $arp_fifo);
61 my ($xml);
62 my $sources_list;
63 my $max_clients;
64 # variables declared in config file are always set to 'our'
65 our (%cfg_defaults, $log_file, $pid_file,
66 $server_ip, $server_port, $SIPackages_key,
67 $arp_activ, $gosa_unit_tag,
68 $GosaPackages_key, $gosa_ip, $gosa_port, $gosa_timeout,
69 );
71 # additional variable which should be globaly accessable
72 our $server_address;
73 our $bus_address;
74 our $gosa_address;
75 our $no_bus;
76 our $no_arp;
77 our $verbose;
78 our $forground;
79 our $cfg_file;
80 our ($ldap_handle, $ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password );
83 # specifies the verbosity of the daemon_log
84 $verbose = 0 ;
86 # if foreground is not null, script will be not forked to background
87 $foreground = 0 ;
89 # specifies the timeout seconds while checking the online status of a registrating client
90 $ping_timeout = 5;
92 $no_bus = 0;
93 $bus_activ = "true";
95 $no_arp = 0;
97 our $prg= basename($0);
99 # holds all gosa jobs
100 our $job_db;
101 our $job_queue_tn = 'jobs';
102 my $job_queue_file_name;
103 my @job_queue_col_names = ("id INTEGER", "timestamp", "status", "result", "progress INTEGER",
104 "headertag", "targettag", "xmlmessage", "macaddress");
106 # holds all other gosa-sd as well as the gosa-sd-bus
107 our $known_server_db;
108 our $known_server_tn = "known_server";
109 my $known_server_file_name;
110 my @known_server_col_names = ('hostname', 'status', 'hostkey', 'timestamp');
112 # holds all registrated clients
113 our $known_clients_db;
114 our $known_clients_tn = "known_clients";
115 my $known_clients_file_name;
116 my @known_clients_col_names = ('hostname', 'status', 'hostkey', 'timestamp', 'macaddress', 'events');
118 # holds all logged in user at each client
119 our $login_users_db;
120 our $login_users_tn = "login_users";
121 my $login_users_file_name;
122 my @login_users_col_names = ('client', 'user', 'timestamp');
124 # holds all fai server, the debian release and tag
125 our $fai_server_db;
126 our $fai_server_tn = "fai_server";
127 my $fai_server_file_name;
128 our @fai_server_col_names = ('timestamp', 'server', 'release', 'tag');
129 our $fai_release_tn = "fai_release";
130 our @fai_release_col_names = ('timestamp', 'release', 'class', 'type');
132 # holds all packages available from different repositories
133 our $packages_list_db;
134 our $packages_list_tn = "packages_list";
135 my $packages_list_file_name;
136 our @packages_list_col_names = ('distribution', 'package', 'version', 'section', 'description', 'template', 'timestamp');
137 my $outdir = "/tmp/packages_list_db";
138 my $arch = "i386";
140 # holds all messages which should be delivered to a user
141 our $messaging_db;
142 our $messaging_tn = "messaging";
143 our @messaging_col_names = ('subject', 'from', 'to', 'flag', 'direction', 'delivery_time', 'message', 'timestamp', 'id INTEGER', );
144 my $messaging_file_name;
146 %cfg_defaults = (
147 "general" => {
148 "log-file" => [\$log_file, "/var/run/".$prg.".log"],
149 "pid-file" => [\$pid_file, "/var/run/".$prg.".pid"],
150 },
151 "bus" => {
152 "activ" => [\$bus_activ, "true"],
153 },
154 "server" => {
155 "port" => [\$server_port, "20081"],
156 "known-clients" => [\$known_clients_file_name, '/var/lib/gosa-si/clients.db' ],
157 "known-servers" => [\$known_server_file_name, '/var/lib/gosa-si/servers.db'],
158 "login-users" => [\$login_users_file_name, '/var/lib/gosa-si/users.db'],
159 "fai-server" => [\$fai_server_file_name, '/var/lib/gosa-si/fai.db'],
160 "packages-list" => [\$packages_list_file_name, '/var/lib/gosa-si/packages.db'],
161 "messaging" => [\$messaging_file_name, '/var/lib/gosa-si/messaging.db'],
162 "source-list" => [\$sources_list, '/etc/apt/sources.list'],
163 "ldap-uri" => [\$ldap_uri, ""],
164 "ldap-base" => [\$ldap_base, ""],
165 "ldap-admin-dn" => [\$ldap_admin_dn, ""],
166 "ldap-admin-password" => [\$ldap_admin_password, ""],
167 "gosa-unit-tag" => [\$gosa_unit_tag, ""],
168 "max-clients" => [\$max_clients, 10],
169 },
170 "GOsaPackages" => {
171 "ip" => [\$gosa_ip, "0.0.0.0"],
172 "port" => [\$gosa_port, "20082"],
173 "job-queue" => [\$job_queue_file_name, '/var/lib/gosa-si/jobs.db'],
174 "job-queue-loop-delay" => [\$job_queue_loop_delay, 3],
175 "key" => [\$GosaPackages_key, "none"],
176 },
177 "SIPackages" => {
178 "key" => [\$SIPackages_key, "none"],
179 },
180 );
183 #=== FUNCTION ================================================================
184 # NAME: usage
185 # PARAMETERS: nothing
186 # RETURNS: nothing
187 # DESCRIPTION: print out usage text to STDERR
188 #===============================================================================
189 sub usage {
190 print STDERR << "EOF" ;
191 usage: $prg [-hvf] [-c config]
193 -h : this (help) message
194 -c <file> : config file
195 -f : foreground, process will not be forked to background
196 -v : be verbose (multiple to increase verbosity)
197 -no-bus : starts $prg without connection to bus
198 -no-arp : starts $prg without connection to arp module
200 EOF
201 print "\n" ;
202 }
205 #=== FUNCTION ================================================================
206 # NAME: read_configfile
207 # PARAMETERS: cfg_file - string -
208 # RETURNS: nothing
209 # DESCRIPTION: read cfg_file and set variables
210 #===============================================================================
211 sub read_configfile {
212 my $cfg;
213 if( defined( $cfg_file) && ( length($cfg_file) > 0 )) {
214 if( -r $cfg_file ) {
215 $cfg = Config::IniFiles->new( -file => $cfg_file );
216 } else {
217 print STDERR "Couldn't read config file!\n";
218 }
219 } else {
220 $cfg = Config::IniFiles->new() ;
221 }
222 foreach my $section (keys %cfg_defaults) {
223 foreach my $param (keys %{$cfg_defaults{ $section }}) {
224 my $pinfo = $cfg_defaults{ $section }{ $param };
225 ${@$pinfo[ 0 ]} = $cfg->val( $section, $param, @$pinfo[ 1 ] );
226 }
227 }
228 }
231 #=== FUNCTION ================================================================
232 # NAME: logging
233 # PARAMETERS: level - string - default 'info'
234 # msg - string -
235 # facility - string - default 'LOG_DAEMON'
236 # RETURNS: nothing
237 # DESCRIPTION: function for logging
238 #===============================================================================
239 sub daemon_log {
240 # log into log_file
241 my( $msg, $level ) = @_;
242 if(not defined $msg) { return }
243 if(not defined $level) { $level = 1 }
244 if(defined $log_file){
245 open(LOG_HANDLE, ">>$log_file");
246 if(not defined open( LOG_HANDLE, ">>$log_file" )) {
247 print STDERR "cannot open $log_file: $!";
248 return }
249 chomp($msg);
250 if($level <= $verbose){
251 my ($seconds, $minutes, $hours, $monthday, $month,
252 $year, $weekday, $yearday, $sommertime) = localtime(time);
253 $hours = $hours < 10 ? $hours = "0".$hours : $hours;
254 $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes;
255 $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds;
256 my @monthnames = ("Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec");
257 $month = $monthnames[$month];
258 $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday;
259 $year+=1900;
260 my $name = $prg;
262 my $log_msg = "$month $monthday $hours:$minutes:$seconds $name $msg\n";
263 print LOG_HANDLE $log_msg;
264 if( $foreground ) {
265 print STDERR $log_msg;
266 }
267 }
268 close( LOG_HANDLE );
269 }
270 }
273 #=== FUNCTION ================================================================
274 # NAME: check_cmdline_param
275 # PARAMETERS: nothing
276 # RETURNS: nothing
277 # DESCRIPTION: validates commandline parameter
278 #===============================================================================
279 sub check_cmdline_param () {
280 my $err_config;
281 my $err_counter = 0;
282 if(not defined($cfg_file)) {
283 $cfg_file = "/etc/gosa-si/server.conf";
284 if(! -r $cfg_file) {
285 $err_config = "please specify a config file";
286 $err_counter += 1;
287 }
288 }
289 if( $err_counter > 0 ) {
290 &usage( "", 1 );
291 if( defined( $err_config)) { print STDERR "$err_config\n"}
292 print STDERR "\n";
293 exit( -1 );
294 }
295 }
298 #=== FUNCTION ================================================================
299 # NAME: check_pid
300 # PARAMETERS: nothing
301 # RETURNS: nothing
302 # DESCRIPTION: handels pid processing
303 #===============================================================================
304 sub check_pid {
305 $pid = -1;
306 # Check, if we are already running
307 if( open(LOCK_FILE, "<$pid_file") ) {
308 $pid = <LOCK_FILE>;
309 if( defined $pid ) {
310 chomp( $pid );
311 if( -f "/proc/$pid/stat" ) {
312 my($stat) = `cat /proc/$pid/stat` =~ m/$pid \((.+)\).*/;
313 if( $0 eq $stat ) {
314 close( LOCK_FILE );
315 exit -1;
316 }
317 }
318 }
319 close( LOCK_FILE );
320 unlink( $pid_file );
321 }
323 # create a syslog msg if it is not to possible to open PID file
324 if (not sysopen(LOCK_FILE, $pid_file, O_WRONLY|O_CREAT|O_EXCL, 0644)) {
325 my($msg) = "Couldn't obtain lockfile '$pid_file' ";
326 if (open(LOCK_FILE, '<', $pid_file)
327 && ($pid = <LOCK_FILE>))
328 {
329 chomp($pid);
330 $msg .= "(PID $pid)\n";
331 } else {
332 $msg .= "(unable to read PID)\n";
333 }
334 if( ! ($foreground) ) {
335 openlog( $0, "cons,pid", "daemon" );
336 syslog( "warning", $msg );
337 closelog();
338 }
339 else {
340 print( STDERR " $msg " );
341 }
342 exit( -1 );
343 }
344 }
346 #=== FUNCTION ================================================================
347 # NAME: import_modules
348 # PARAMETERS: module_path - string - abs. path to the directory the modules
349 # are stored
350 # RETURNS: nothing
351 # DESCRIPTION: each file in module_path which ends with '.pm' and activation
352 # state is on is imported by "require 'file';"
353 #===============================================================================
354 sub import_modules {
355 daemon_log(" ", 1);
357 if (not -e $modules_path) {
358 daemon_log("ERROR: cannot find directory or directory is not readable: $modules_path", 1);
359 }
361 opendir (DIR, $modules_path) or die "ERROR while loading modules from directory $modules_path : $!\n";
362 while (defined (my $file = readdir (DIR))) {
363 if (not $file =~ /(\S*?).pm$/) {
364 next;
365 }
366 my $mod_name = $1;
368 if( $file =~ /ArpHandler.pm/ ) {
369 if( $no_arp > 0 ) {
370 next;
371 }
372 }
374 eval { require $file; };
375 if ($@) {
376 daemon_log("ERROR: gosa-si-server could not load module $file", 1);
377 daemon_log("$@", 5);
378 } else {
379 my $info = eval($mod_name.'::get_module_info()');
380 # Only load module if get_module_info() returns a non-null object
381 if( $info ) {
382 my ($input_address, $input_key, $input, $input_active, $input_type) = @{$info};
383 $known_modules->{$mod_name} = $info;
384 daemon_log("INFO: module $mod_name loaded", 5);
385 }
386 }
387 }
388 close (DIR);
389 }
392 #=== FUNCTION ================================================================
393 # NAME: sig_int_handler
394 # PARAMETERS: signal - string - signal arose from system
395 # RETURNS: noting
396 # DESCRIPTION: handels tasks to be done befor signal becomes active
397 #===============================================================================
398 sub sig_int_handler {
399 my ($signal) = @_;
401 daemon_log("shutting down gosa-si-server", 1);
402 exit(1);
403 }
404 $SIG{INT} = \&sig_int_handler;
408 sub check_key_and_xml_validity {
409 my ($crypted_msg, $module_key) = @_;
410 my $msg;
411 my $msg_hash;
412 my $error_string;
413 eval{
414 $msg = &decrypt_msg($crypted_msg, $module_key);
416 if ($msg =~ /<xml>/i){
417 &main::daemon_log("decrypted_msg: \n$msg", 8);
418 $msg_hash = $xml->XMLin($msg, ForceArray=>1);
420 ##############
421 # check header
422 if( not exists $msg_hash->{'header'} ) { die "no header specified"; }
423 my $header_l = $msg_hash->{'header'};
424 if( 1 > @{$header_l} ) { die 'empty header tag'; }
425 if( 1 < @{$header_l} ) { die 'more than one header specified'; }
426 my $header = @{$header_l}[0];
427 if( 0 == length $header) { die 'empty string in header tag'; }
429 ##############
430 # check source
431 if( not exists $msg_hash->{'source'} ) { die "no source specified"; }
432 my $source_l = $msg_hash->{'source'};
433 if( 1 > @{$source_l} ) { die 'empty source tag'; }
434 if( 1 < @{$source_l} ) { die 'more than one source specified'; }
435 my $source = @{$source_l}[0];
436 if( 0 == length $source) { die 'source error'; }
438 ##############
439 # check target
440 if( not exists $msg_hash->{'target'} ) { die "no target specified"; }
441 my $target_l = $msg_hash->{'target'};
442 if( 1 > @{$target_l} ) { die 'empty target tag'; }
443 }
444 };
445 if($@) {
446 &main::daemon_log("WARNING: do not understand the message: $@", 5);
447 $msg = undef;
448 $msg_hash = undef;
449 }
451 return ($msg, $msg_hash);
452 }
455 sub check_outgoing_xml_validity {
456 my ($msg) = @_;
458 my $msg_hash;
459 eval{
460 $msg_hash = $xml->XMLin($msg, ForceArray=>1);
462 ##############
463 # check header
464 my $header_l = $msg_hash->{'header'};
465 if( 1 != @{$header_l} ) {
466 die 'no or more than one headers specified';
467 }
468 my $header = @{$header_l}[0];
469 if( 0 == length $header) {
470 die 'header has length 0';
471 }
473 ##############
474 # check source
475 my $source_l = $msg_hash->{'source'};
476 if( 1 != @{$source_l} ) {
477 die 'no or more than 1 sources specified';
478 }
479 my $source = @{$source_l}[0];
480 if( 0 == length $source) {
481 die 'source has length 0';
482 }
483 unless( $source =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ ||
484 $source =~ /^GOSA$/i ) {
485 die "source '$source' is neither a complete ip-address with port nor 'GOSA'";
486 }
488 ##############
489 # check target
490 my $target_l = $msg_hash->{'target'};
491 if( 0 == @{$target_l} ) {
492 die "no targets specified";
493 }
494 foreach my $target (@$target_l) {
495 if( 0 == length $target) {
496 die "target has length 0";
497 }
498 unless( $target =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ ||
499 $target =~ /^GOSA$/i ||
500 $target =~ /^\*$/ ||
501 $target =~ /KNOWN_SERVER/i ||
502 $target =~ /JOBDB/i ||
503 $target =~ /^([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})$/i ){
504 die "target '$target' is not a complete ip-address with port or a valid target name or a mac-address";
505 }
506 }
507 };
508 if($@) {
509 daemon_log("WARNING: outgoing msg is not gosa-si envelope conform", 5);
510 daemon_log("$@ ".(defined($msg) && length($msg)>0)?$msg:"Empty Message", 8);
511 $msg_hash = undef;
512 }
514 return ($msg_hash);
515 }
518 sub input_from_known_server {
519 my ($input, $remote_ip) = @_ ;
520 my ($msg, $msg_hash, $module);
522 my $sql_statement= "SELECT * FROM known_server";
523 my $query_res = $known_server_db->select_dbentry( $sql_statement );
525 while( my ($hit_num, $hit) = each %{ $query_res } ) {
526 my $host_name = $hit->{hostname};
527 if( not $host_name =~ "^$remote_ip") {
528 next;
529 }
530 my $host_key = $hit->{hostkey};
531 daemon_log("DEBUG: input_from_known_server: host_name: $host_name", 7);
532 daemon_log("DEBUG: input_from_known_server: host_key: $host_key", 7);
534 # check if module can open msg envelope with module key
535 my ($tmp_msg, $tmp_msg_hash) = &check_key_and_xml_validity($input, $host_key);
536 if( (!$tmp_msg) || (!$tmp_msg_hash) ) {
537 daemon_log("DEBUG: input_from_known_server: deciphering raise error", 7);
538 daemon_log("$@", 8);
539 next;
540 }
541 else {
542 $msg = $tmp_msg;
543 $msg_hash = $tmp_msg_hash;
544 $module = "SIPackages";
545 last;
546 }
547 }
549 if( (!$msg) || (!$msg_hash) || (!$module) ) {
550 daemon_log("INFO: Incoming message is not from a known server", 5);
551 }
553 return ($msg, $msg_hash, $module);
554 }
557 sub input_from_known_client {
558 my ($input, $remote_ip) = @_ ;
559 my ($msg, $msg_hash, $module);
561 my $sql_statement= "SELECT * FROM known_clients";
562 my $query_res = $known_clients_db->select_dbentry( $sql_statement );
563 while( my ($hit_num, $hit) = each %{ $query_res } ) {
564 my $host_name = $hit->{hostname};
565 if( not $host_name =~ /^$remote_ip:\d*$/) {
566 next;
567 }
568 my $host_key = $hit->{hostkey};
569 &daemon_log("DEBUG: input_from_known_client: host_name: $host_name", 7);
570 &daemon_log("DEBUG: input_from_known_client: host_key: $host_key", 7);
572 # check if module can open msg envelope with module key
573 ($msg, $msg_hash) = &check_key_and_xml_validity($input, $host_key);
575 if( (!$msg) || (!$msg_hash) ) {
576 &daemon_log("DEGUG: input_from_known_client: deciphering raise error", 7);
577 &daemon_log("$@", 8);
578 next;
579 }
580 else {
581 $module = "SIPackages";
582 last;
583 }
584 }
586 if( (!$msg) || (!$msg_hash) || (!$module) ) {
587 &daemon_log("INFO: Incoming message is not from a known client", 5);
588 }
590 return ($msg, $msg_hash, $module);
591 }
594 sub input_from_unknown_host {
595 no strict "refs";
596 my ($input) = @_ ;
597 my ($msg, $msg_hash, $module);
598 my $error_string;
600 my %act_modules = %$known_modules;
602 while( my ($mod, $info) = each(%act_modules)) {
604 # check a key exists for this module
605 my $module_key = ${$mod."_key"};
606 if( not defined $module_key ) {
607 if( $mod eq 'ArpHandler' ) {
608 next;
609 }
610 daemon_log("ERROR: no key specified in config file for $mod", 1);
611 next;
612 }
613 daemon_log("DEBUG: $mod: $module_key", 7);
615 # check if module can open msg envelope with module key
616 ($msg, $msg_hash) = &check_key_and_xml_validity($input, $module_key);
617 if( (not defined $msg) || (not defined $msg_hash) ) {
618 next;
619 }
620 else {
621 $module = $mod;
622 last;
623 }
624 }
626 if( (!$msg) || (!$msg_hash) || (!$module)) {
627 daemon_log("INFO: Incoming message is not from an unknown host", 5);
628 }
630 return ($msg, $msg_hash, $module);
631 }
634 sub create_ciphering {
635 my ($passwd) = @_;
636 if((!defined($passwd)) || length($passwd)==0) {
637 $passwd = "";
638 }
639 $passwd = substr(md5_hex("$passwd") x 32, 0, 32);
640 my $iv = substr(md5_hex('GONICUS GmbH'),0, 16);
641 my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC());
642 $my_cipher->set_iv($iv);
643 return $my_cipher;
644 }
647 sub encrypt_msg {
648 my ($msg, $key) = @_;
649 my $my_cipher = &create_ciphering($key);
650 my $len;
651 {
652 use bytes;
653 $len= 16-length($msg)%16;
654 }
655 $msg = "\0"x($len).$msg;
656 $msg = $my_cipher->encrypt($msg);
657 chomp($msg = &encode_base64($msg));
658 # there are no newlines allowed inside msg
659 $msg=~ s/\n//g;
660 return $msg;
661 }
664 sub decrypt_msg {
666 my ($msg, $key) = @_ ;
667 $msg = &decode_base64($msg);
668 my $my_cipher = &create_ciphering($key);
669 $msg = $my_cipher->decrypt($msg);
670 $msg =~ s/\0*//g;
671 return $msg;
672 }
675 sub get_encrypt_key {
676 my ($target) = @_ ;
677 my $encrypt_key;
678 my $error = 0;
680 # target can be in known_server
681 if( not defined $encrypt_key ) {
682 my $sql_statement= "SELECT * FROM known_server WHERE hostname='$target'";
683 my $query_res = $known_server_db->select_dbentry( $sql_statement );
684 while( my ($hit_num, $hit) = each %{ $query_res } ) {
685 my $host_name = $hit->{hostname};
686 if( $host_name ne $target ) {
687 next;
688 }
689 $encrypt_key = $hit->{hostkey};
690 last;
691 }
692 }
694 # target can be in known_client
695 if( not defined $encrypt_key ) {
696 my $sql_statement= "SELECT * FROM known_clients WHERE hostname='$target'";
697 my $query_res = $known_clients_db->select_dbentry( $sql_statement );
698 while( my ($hit_num, $hit) = each %{ $query_res } ) {
699 my $host_name = $hit->{hostname};
700 if( $host_name ne $target ) {
701 next;
702 }
703 $encrypt_key = $hit->{hostkey};
704 last;
705 }
706 }
708 return $encrypt_key;
709 }
712 #=== FUNCTION ================================================================
713 # NAME: open_socket
714 # PARAMETERS: PeerAddr string something like 192.168.1.1 or 192.168.1.1:10000
715 # [PeerPort] string necessary if port not appended by PeerAddr
716 # RETURNS: socket IO::Socket::INET
717 # DESCRIPTION: open a socket to PeerAddr
718 #===============================================================================
719 sub open_socket {
720 my ($PeerAddr, $PeerPort) = @_ ;
721 if(defined($PeerPort)){
722 $PeerAddr = $PeerAddr.":".$PeerPort;
723 }
724 my $socket;
725 $socket = new IO::Socket::INET(PeerAddr => $PeerAddr,
726 Porto => "tcp",
727 Type => SOCK_STREAM,
728 Timeout => 5,
729 );
730 if(not defined $socket) {
731 return;
732 }
733 # &daemon_log("DEBUG: open_socket: $PeerAddr", 7);
734 return $socket;
735 }
738 #=== FUNCTION ================================================================
739 # NAME: get_ip
740 # PARAMETERS: interface name (i.e. eth0)
741 # RETURNS: (ip address)
742 # DESCRIPTION: Uses ioctl to get ip address directly from system.
743 #===============================================================================
744 sub get_ip {
745 my $ifreq= shift;
746 my $result= "";
747 my $SIOCGIFADDR= 0x8915; # man 2 ioctl_list
748 my $proto= getprotobyname('ip');
750 socket SOCKET, PF_INET, SOCK_DGRAM, $proto
751 or die "socket: $!";
753 if(ioctl SOCKET, $SIOCGIFADDR, $ifreq) {
754 my ($if, $sin) = unpack 'a16 a16', $ifreq;
755 my ($port, $addr) = sockaddr_in $sin;
756 my $ip = inet_ntoa $addr;
758 if ($ip && length($ip) > 0) {
759 $result = $ip;
760 }
761 }
763 return $result;
764 }
766 sub get_local_ip_for_remote_ip {
767 my $remote_ip= shift;
768 my $result="0.0.0.0";
770 if($remote_ip =~ /^(\d\d?\d?\.){3}\d\d?\d?$/) {
771 if($remote_ip eq "127.0.0.1") {
772 $result = "127.0.0.1";
773 } else {
774 my $PROC_NET_ROUTE= ('/proc/net/route');
776 open(PROC_NET_ROUTE, "<$PROC_NET_ROUTE")
777 or die "Could not open $PROC_NET_ROUTE";
779 my @ifs = <PROC_NET_ROUTE>;
781 close(PROC_NET_ROUTE);
783 # Eat header line
784 shift @ifs;
785 chomp @ifs;
786 foreach my $line(@ifs) {
787 my ($Iface,$Destination,$Gateway,$Flags,$RefCnt,$Use,$Metric,$Mask,$MTU,$Window,$IRTT)=split(/\s/, $line);
788 my $destination;
789 my $mask;
790 my ($d,$c,$b,$a)=unpack('a2 a2 a2 a2', $Destination);
791 $destination= sprintf("%d.%d.%d.%d", hex($a), hex($b), hex($c), hex($d));
792 ($d,$c,$b,$a)=unpack('a2 a2 a2 a2', $Mask);
793 $mask= sprintf("%d.%d.%d.%d", hex($a), hex($b), hex($c), hex($d));
794 if(new NetAddr::IP($remote_ip)->within(new NetAddr::IP($destination, $mask))) {
795 # destination matches route, save mac and exit
796 $result= &get_ip($Iface);
797 last;
798 }
799 }
800 }
801 } else {
802 daemon_log("get_local_ip_for_remote_ip was called with a non-ip parameter: $remote_ip", 1);
803 }
804 return $result;
805 }
808 sub send_msg_to_target {
809 my ($msg, $address, $encrypt_key, $msg_header) = @_ ;
810 my $error = 0;
811 my $header;
812 my $new_status;
813 my $act_status;
814 my ($sql_statement, $res);
816 if( $msg_header ) {
817 $header = "'$msg_header'-";
818 } else {
819 $header = "";
820 }
822 # Patch the source ip
823 if($msg =~ /<source>0\.0\.0\.0:\d*?<\/source>/) {
824 my $remote_ip = &get_local_ip_for_remote_ip(sprintf("%s", $address =~ /^([0-9\.]*?):.*$/));
825 $msg =~ s/<source>(0\.0\.0\.0):(\d*?)<\/source>/<source>$remote_ip:$2<\/source>/s;
826 }
828 # encrypt xml msg
829 my $crypted_msg = &encrypt_msg($msg, $encrypt_key);
831 # opensocket
832 my $socket = &open_socket($address);
833 if( !$socket ) {
834 daemon_log("ERROR: cannot send ".$header."msg to $address , host not reachable", 1);
835 $error++;
836 }
838 if( $error == 0 ) {
839 # send xml msg
840 print $socket $crypted_msg."\n";
842 daemon_log("INFO: send ".$header."msg to $address", 5);
843 daemon_log("message:\n$msg", 8);
845 }
847 # close socket in any case
848 if( $socket ) {
849 close $socket;
850 }
852 if( $error > 0 ) { $new_status = "down"; }
853 else { $new_status = $msg_header; }
856 # known_clients
857 $sql_statement = "SELECT * FROM known_clients WHERE hostname='$address'";
858 $res = $known_clients_db->select_dbentry($sql_statement);
859 if( keys(%$res) > 0) {
860 $act_status = $res->{1}->{'status'};
861 if( $act_status eq "down" ) {
862 $sql_statement = "DELETE FROM known_clients WHERE hostname='$address'";
863 $res = $known_clients_db->del_dbentry($sql_statement);
864 daemon_log("WARNING: failed 2x to send msg to host '$address', delete host from known_clients", 3);
865 } else {
866 $sql_statement = "UPDATE known_clients SET status='$new_status' WHERE hostname='$address'";
867 $res = $known_clients_db->update_dbentry($sql_statement);
868 if($new_status eq "down"){
869 daemon_log("WARNING: set '$address' from status '$act_status' to '$new_status'", 3);
870 } else {
871 daemon_log("INFO: set '$address' from status '$act_status' to '$new_status'", 5);
872 }
873 }
874 }
876 # known_server
877 $sql_statement = "SELECT * FROM known_server WHERE hostname='$address'";
878 $res = $known_server_db->select_dbentry($sql_statement);
879 if( keys(%$res) > 0 ) {
880 $act_status = $res->{1}->{'status'};
881 if( $act_status eq "down" ) {
882 $sql_statement = "DELETE FROM known_server WHERE hostname='$address'";
883 $res = $known_server_db->del_dbentry($sql_statement);
884 daemon_log("WARNING: failed 2x to a send msg to host '$address', delete host from known_server", 3);
885 }
886 else {
887 $sql_statement = "UPDATE known_server SET status='$new_status' WHERE hostname='$address'";
888 $res = $known_server_db->update_dbentry($sql_statement);
889 if($new_status eq "down"){
890 daemon_log("WARNING: set '$address' from status '$act_status' to '$new_status'", 3);
891 }
892 else {
893 daemon_log("INFO: set '$address' from status '$act_status' to '$new_status'", 5);
894 }
895 }
896 }
897 return $error;
898 }
901 sub update_jobdb_status_for_send_msgs {
902 my ($answer, $error) = @_;
903 if( $answer =~ /<jobdb_id>(\d+)<\/jobdb_id>/ ) {
904 my $jobdb_id = $1;
905 if( $error ) {
906 # sending msg faild
907 my $sql_statement = "UPDATE $job_queue_tn ".
908 "SET status='error', result='can not deliver msg, please consult log file' ".
909 "WHERE id='$jobdb_id'";
910 my $res = $job_db->update_dbentry($sql_statement);
911 } else {
912 # sending msg was successful
913 my $sql_statement = "UPDATE $job_queue_tn ".
914 "SET status='done' ".
915 "WHERE id='$jobdb_id'";
916 my $res = $job_db->update_dbentry($sql_statement);
917 }
918 }
919 }
922 sub _start {
923 my ($kernel) = $_[KERNEL];
924 &trigger_db_loop($kernel);
925 $kernel->yield('create_fai_server_db', $fai_server_tn );
926 #$kernel->yield('create_fai_release_db', $fai_release_tn );
927 #$kernel->yield('create_packages_list_db', $sources_list );
928 }
931 sub client_input {
932 no strict "refs";
933 my ($kernel, $session, $heap, $input, $wheel) = @_[KERNEL, SESSION, HEAP, ARG0, ARG1];
934 my $session_id = $session->ID;
935 my ($msg, $msg_hash, $module);
936 my $error = 0;
937 my $answer_l;
938 my ($answer_header, @answer_target_l, $answer_source);
939 my $client_answer;
941 daemon_log("INFO: Incoming msg from '".$heap->{'remote_ip'}."'", 5);
942 daemon_log("DEBUG: Incoming message:\n$input", 8);
944 ####################
945 # check incoming msg
946 # msg is from a new client or gosa
947 ($msg, $msg_hash, $module) = &input_from_unknown_host($input);
948 # msg is from a gosa-si-server or gosa-si-bus
949 if(( !$msg ) || ( !$msg_hash ) || ( !$module )){
950 ($msg, $msg_hash, $module) = &input_from_known_server($input, $heap->{'remote_ip'});
951 }
952 # msg is from a gosa-si-client
953 if(( !$msg ) || ( !$msg_hash ) || ( !$module )){
954 ($msg, $msg_hash, $module) = &input_from_known_client($input, $heap->{'remote_ip'});
955 }
956 # an error occurred
957 if(( !$msg ) || ( !$msg_hash ) || ( !$module )){
958 $error++;
959 }
961 ######################
962 # process incoming msg
963 if( $error == 0) {
964 daemon_log("DEBUG: Processing module ".$module, 7);
965 $answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash, $session_id);
967 if ( 0 > @{$answer_l} ) {
968 my $answer_str = join("\n", @{$answer_l});
969 daemon_log("DEGUB: $module: Got answer from module: \n".$answer_str,8);
970 }
971 }
972 if( !$answer_l ) { $error++ };
974 ########
975 # answer
976 if( $error == 0 ) {
978 foreach my $answer ( @{$answer_l} ) {
979 # for each answer in answer list
981 # check outgoing msg to xml validity
982 my $answer_hash = &check_outgoing_xml_validity($answer);
983 if( not defined $answer_hash ) {
984 next;
985 }
987 $answer_header = @{$answer_hash->{'header'}}[0];
988 @answer_target_l = @{$answer_hash->{'target'}};
989 $answer_source = @{$answer_hash->{'source'}}[0];
991 # deliver msg to all targets
992 foreach my $answer_target ( @answer_target_l ) {
994 # targets of msg are all gosa-si-clients in known_clients_db
995 if( $answer_target eq "*" ) {
996 # answer is for all clients
997 my $sql_statement= "SELECT * FROM known_clients";
998 my $query_res = $known_clients_db->select_dbentry( $sql_statement );
999 while( my ($hit_num, $hit) = each %{ $query_res } ) {
1000 my $host_name = $hit->{hostname};
1001 my $host_key = $hit->{hostkey};
1002 my $error = &send_msg_to_target($answer, $host_name, $host_key, $answer_header);
1003 &update_jobdb_status_for_send_msgs($answer, $error);
1004 }
1005 }
1007 # targets of msg are all gosa-si-server in known_server_db
1008 elsif( $answer_target eq "KNOWN_SERVER" ) {
1009 # answer is for all server in known_server
1010 my $sql_statement= "SELECT * FROM known_server";
1011 my $query_res = $known_server_db->select_dbentry( $sql_statement );
1012 while( my ($hit_num, $hit) = each %{ $query_res } ) {
1013 my $host_name = $hit->{hostname};
1014 my $host_key = $hit->{hostkey};
1015 $answer =~ s/KNOWN_SERVER/$host_name/g;
1016 my $error = &send_msg_to_target($answer, $host_name, $host_key, $answer_header);
1017 &update_jobdb_status_for_send_msgs($answer, $error);
1018 }
1019 }
1021 # target of msg is GOsa
1022 elsif( $answer_target eq "GOSA" ) {
1023 $answer =~ /<session_id>(\d+)<\/session_id>/;
1024 my $session_id = $1;
1025 my $add_on = "";
1026 if( defined $session_id ) {
1027 $add_on = ".session_id=$session_id";
1028 }
1029 # answer is for GOSA and has to returned to connected client
1030 my $gosa_answer = &encrypt_msg($answer, $GosaPackages_key);
1031 $client_answer = $gosa_answer.$add_on;
1032 }
1034 # target of msg is job queue at this host
1035 elsif( $answer_target eq "JOBDB") {
1036 $answer =~ /<header>(\S+)<\/header>/;
1037 my $header;
1038 if( defined $1 ) { $header = $1; }
1039 my $error = &send_msg_to_target($answer, $server_address, $GosaPackages_key, $header);
1040 &update_jobdb_status_for_send_msgs($answer, $error);
1041 }
1043 # target of msg is a mac address
1044 elsif( $answer_target =~ /^([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})$/i ) {
1045 daemon_log("INFO: target is mac address '$answer_target', looking for host in known_clients", 5);
1046 my $sql_statement = "SELECT * FROM known_clients WHERE macaddress='$answer_target'";
1047 my $query_res = $known_clients_db->select_dbentry( $sql_statement );
1048 my $found_ip_flag = 0;
1049 while( my ($hit_num, $hit) = each %{ $query_res } ) {
1050 my $host_name = $hit->{hostname};
1051 my $host_key = $hit->{hostkey};
1052 $answer =~ s/$answer_target/$host_name/g;
1053 daemon_log("INFO: found host '$host_name', associated to '$answer_target'", 5);
1054 my $error = &send_msg_to_target($answer, $host_name, $host_key, $answer_header);
1055 &update_jobdb_status_for_send_msgs($answer, $error);
1056 $found_ip_flag++ ;
1057 }
1058 if( $found_ip_flag == 0) {
1059 daemon_log("WARNING: no host found in known_clients with mac address '$answer_target'", 3);
1060 if( $bus_activ eq "true" ) {
1061 daemon_log("INFO: try to forward msg '$answer_header' to bus '$bus_address'", 5);
1062 my $sql_statement = "SELECT * FROM known_server WHERE hostname='$bus_address'";
1063 my $query_res = $known_server_db->select_dbentry( $sql_statement );
1064 while( my ($hit_num, $hit) = each %{ $query_res } ) {
1065 my $bus_address = $hit->{hostname};
1066 my $bus_key = $hit->{hostkey};
1067 my $error = &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header);
1068 &update_jobdb_status_for_send_msgs($answer, $error);
1069 last;
1070 }
1071 }
1073 }
1075 # answer is for one specific host
1076 } else {
1077 # get encrypt_key
1078 my $encrypt_key = &get_encrypt_key($answer_target);
1079 if( not defined $encrypt_key ) {
1080 # unknown target, forward msg to bus
1081 daemon_log("WARNING: unknown target '$answer_target'", 3);
1082 if( $bus_activ eq "true" ) {
1083 daemon_log("INFO: try to forward msg '$answer_header' to bus '$bus_address'", 5);
1084 my $sql_statement = "SELECT * FROM known_server WHERE hostname='$bus_address'";
1085 my $query_res = $known_server_db->select_dbentry( $sql_statement );
1086 my $res_length = keys( %{$query_res} );
1087 if( $res_length == 0 ){
1088 daemon_log("WARNING: send '$answer_header' to '$bus_address' failed, ".
1089 "no bus found in known_server", 3);
1090 }
1091 else {
1092 while( my ($hit_num, $hit) = each %{ $query_res } ) {
1093 my $bus_key = $hit->{hostkey};
1094 my $error = &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header);
1095 &update_jobdb_status_for_send_msgs($answer, $error);
1096 }
1097 }
1098 }
1099 next;
1100 }
1101 my $error = &send_msg_to_target($answer, $answer_target, $encrypt_key, $answer_header);
1102 &update_jobdb_status_for_send_msgs($answer, $error);
1103 }
1104 }
1105 }
1106 }
1108 if( $client_answer ) {
1109 if( $client_answer =~ s/session_id=(\d+)$// ) {
1110 my $session_id = $1;
1111 if( defined $session_id ) {
1112 my $session_reference = $kernel->ID_id_to_session($session_id);
1113 if( defined $session_reference ) {
1114 $heap = $session_reference->get_heap();
1115 }
1116 }
1117 }
1118 $heap->{client}->put($client_answer);
1119 }
1121 return;
1122 }
1126 sub trigger_db_loop {
1127 my ($kernel) = @_ ;
1128 $kernel->delay_set('watch_for_new_jobs', $job_queue_loop_delay);
1129 $kernel->delay_set('watch_for_done_jobs', $job_queue_loop_delay);
1130 }
1132 sub watch_for_done_jobs {
1133 my ($kernel,$heap) = @_[KERNEL, HEAP];
1135 my $sql_statement = "SELECT * FROM ".$job_queue_tn.
1136 " WHERE status='done'";
1137 my $res = $job_db->select_dbentry( $sql_statement );
1139 while( my ($id, $hit) = each %{$res} ) {
1140 my $jobdb_id = $hit->{id};
1141 my $sql_statement = "DELETE FROM $job_queue_tn WHERE id='$jobdb_id'";
1142 my $res = $job_db->del_dbentry($sql_statement);
1143 }
1145 $kernel->delay_set('watch_for_done_jobs',$job_queue_loop_delay);
1146 }
1148 sub watch_for_new_jobs {
1149 my ($kernel,$heap) = @_[KERNEL, HEAP];
1151 # check gosa job queue for jobs with executable timestamp
1152 my $timestamp = &get_time();
1153 my $sql_statement = "SELECT * FROM ".$job_queue_tn.
1154 " WHERE status='waiting' AND timestamp<'$timestamp'";
1155 my $res = $job_db->select_dbentry( $sql_statement );
1157 while( my ($id, $hit) = each %{$res} ) {
1158 my $jobdb_id = $hit->{id};
1159 my $macaddress = $hit->{'macaddress'};
1160 my $job_msg = $hit->{'xmlmessage'};
1161 daemon_log("DEBUG: its time to execute $job_msg", 7);
1162 my $header = $hit->{'headertag'};
1163 my $sql_statement = "SELECT * FROM known_clients WHERE macaddress='$macaddress'";
1164 my $res_hash = $known_clients_db->select_dbentry( $sql_statement );
1165 # expect macaddress is unique!!!!!!
1166 my $target = $res_hash->{1}->{hostname};
1168 if (not defined $target) {
1169 &daemon_log("ERROR: no host found for mac address: $macaddress", 1);
1170 &daemon_log("$hit->{xmlmessage}", 8);
1171 my $sql_statement = "UPDATE $job_queue_tn ".
1172 "SET status='error', result='no host found for mac address' ".
1173 "WHERE id='$jobdb_id'";
1174 my $res = $job_db->update_dbentry($sql_statement);
1175 next;
1176 }
1178 # change header
1179 $job_msg =~ s/<header>job_/<header>gosa_/;
1181 # add sqlite_id
1182 $job_msg =~ s/<\/xml>$/<jobdb_id>$jobdb_id<\/jobdb_id><\/xml>/;
1184 my $func_error = &send_msg_to_target($job_msg, $server_address, $GosaPackages_key, $header);
1186 # update status in job queue to 'processing'
1187 $sql_statement = "UPDATE $job_queue_tn SET status='processing' WHERE id='$jobdb_id'";
1188 my $res = $job_db->update_dbentry($sql_statement);
1189 }
1191 $kernel->delay_set('watch_for_new_jobs', $job_queue_loop_delay);
1192 }
1195 sub refresh_ldap_handle {
1196 my $mesg;
1198 # Get an ldap handle, if we don't have one
1199 if( ! defined $ldap_handle ){
1200 $ldap_handle = Net::LDAP->new( $ldap_uri );
1201 }
1202 # Still not defined?
1203 if( ! defined $ldap_handle ) {
1204 daemon_log( "ch $$: Net::LDAP constructor failed: $!\n" );
1205 return 0;
1206 }
1208 # Bind to ldap server - eventually authenticate
1209 if( defined $ldap_admin_dn ) {
1210 if( defined $ldap_admin_password ) {
1211 $mesg = $ldap_handle->bind( $ldap_admin_dn, password => $ldap_admin_password );
1212 } else {
1213 $mesg = $ldap_handle->bind( $ldap_admin_dn );
1214 }
1215 } else {
1216 $mesg = $ldap_handle->bind();
1217 }
1219 if( 0 != $mesg->code ) {
1220 undef( $ldap_handle ) if( 81 == $mesg->code );
1221 daemon_log( "ch $$: LDAP bind: error (". $mesg->code . ') - ' . $mesg->error . "\n", 1);
1222 return 0;
1223 }
1225 return 1;
1226 }
1229 sub create_fai_server_db {
1230 my ($table_name) = $_[ARG0];
1231 my $result;
1233 if(defined($ldap_handle)) {
1234 my $mesg= $ldap_handle->search(
1235 base => $main::ldap_base,
1236 scope => 'sub',
1237 attrs => ['FAIrepository', 'gosaUnitTag'],
1238 filter => "(&(FAIrepository=*)(objectClass=FAIrepositoryServer))",
1239 );
1240 if($mesg->{'resultCode'} == 0 &&
1241 $mesg->count != 0) {
1242 foreach my $entry (@{$mesg->{entries}}) {
1243 if($entry->exists('FAIrepository')) {
1244 # Add an entry for each Repository configured for server
1245 foreach my $repo(@{$entry->get_value('FAIrepository', asref => 1)}) {
1246 my($tmp_url,$tmp_server,$tmp_release,$tmp_sections) = split(/\|/, $repo);
1247 my $tmp_tag= $entry->get_value('gosaUnitTag') || "";
1248 $result= $fai_server_db->add_dbentry( {
1249 table => $table_name,
1250 primkey => ['server', 'release', 'tag'],
1251 server => $tmp_url,
1252 release => $tmp_release,
1253 tag => (length($tmp_tag)>0)?$tmp_tag:"",
1254 } );
1255 }
1256 }
1257 }
1258 }
1259 }
1261 return $result;
1262 }
1265 sub create_fai_release_db {
1266 my ($table_name) = $_[ARG0];
1267 my $result;
1269 if(defined($ldap_handle)) {
1270 my $mesg= $ldap_handle->search(
1271 base => $main::ldap_base,
1272 scope => 'sub',
1273 attrs => [],
1274 filter => "(&(objectClass=organizationalUnit)(ou=fai))",
1275 );
1276 if($mesg->{'resultCode'} == 0 &&
1277 $mesg->count != 0) {
1278 # Walk through all possible FAI container ou's
1279 foreach my $ou (@{$mesg->{entries}}) {
1280 my $tmp_classes= resolve_fai_classes($ou->dn);
1281 my @fai_release_entries=@{get_fai_release_entries($tmp_classes)}[0];
1282 foreach my $entry (@fai_release_entries) {
1283 $fai_server_db->add_dbentry( {
1284 table => $table_name,
1285 primkey => ['release', 'class', 'type'],
1286 release => $entry->{'release'},
1287 class => $entry->{'class'},
1288 type => $entry->{'type'}
1289 } );
1290 }
1291 }
1292 }
1293 }
1295 return $result;
1296 }
1298 sub get_fai_release_entries {
1299 my $tmp_classes = shift || return;
1300 my $result = shift || undef;
1301 my $parent = shift || undef;
1303 foreach my $entry (keys %{$tmp_classes}) {
1304 if (ref($tmp_classes->{$entry}) eq 'HASH') {
1305 if($entry =~ /^ou=.*$/) {
1306 my @res;
1307 my $rel = $entry;
1308 $rel =~ s/ou=//g;
1309 my @ent = get_fai_release_entries($tmp_classes->{$entry}, $result, $rel);
1310 while(my $tmp_entry = pop(@{$ent[0]})) {
1311 $tmp_entry->{'release'} = (defined($parent) && length($parent)>0)?$parent."/".$rel:$rel;
1312 push @res, $tmp_entry;
1313 }
1314 foreach my $tmp_entry(@res) {
1315 push @$result, $tmp_entry;
1316 }
1317 } else {
1318 my $hash = {
1319 'class' => $entry,
1320 'type' => get_fai_types($tmp_classes->{$entry}),
1321 };
1322 push @$result, $hash;
1323 }
1324 }
1325 }
1327 return $result;
1328 }
1330 sub get_fai_types {
1331 my $tmp_classes = shift || return undef;
1332 my $result = "";
1334 foreach my $type(keys %{$tmp_classes}) {
1335 if(defined($tmp_classes->{$type}[0]) && (!($tmp_classes->{$type}[0] =~ /^.*?removed.*?$/))) {
1336 $result.= "$type|";
1337 }
1338 }
1339 chop($result);
1340 return $result;
1341 }
1343 sub resolve_fai_classes {
1344 my $result;
1345 my $fai_base= shift;
1346 my $fai_hash= shift;
1347 my @possible_fai_classes= ("FAIscript", "FAIhook", "FAIpartitionTable", "FAItemplate", "FAIvariable", "FAIprofile", "FAIpackageList");
1348 my $fai_filter= "(&(objectClass=FAIclass)(|(objectClass=".join(")(objectClass=", @possible_fai_classes).")))";
1349 my $fai_classes;
1351 my $mesg= $ldap_handle->search(
1352 base => $fai_base,
1353 scope => 'sub',
1354 attrs => ['cn','objectClass','FAIstate'],
1355 filter => $fai_filter,
1356 );
1358 if($mesg->{'resultCode'} == 0 &&
1359 $mesg->count != 0) {
1360 foreach my $entry (@{$mesg->{entries}}) {
1361 if($entry->exists('cn') && (!($entry->get_value('cn') eq 'LAST')) ) {
1362 my $tmp_dn= $entry->dn();
1364 # Skip classname and ou dn parts for class
1365 my $tmp_release = ($1) if $tmp_dn =~ /^[^,]+,[^,]+,(.*?),$fai_base$/;
1367 # Skip classes without releases
1368 if((!defined($tmp_release)) || length($tmp_release)==0) {
1369 next;
1370 }
1372 my $tmp_cn= $entry->get_value('cn');
1373 my $tmp_state= $entry->get_value('FAIstate');
1375 my $tmp_type;
1376 # Get FAI type
1377 for my $oclass(@{$entry->get_value('objectClass', asref => 1)}) {
1378 if(grep $_ eq $oclass, @possible_fai_classes) {
1379 $tmp_type= $oclass;
1380 last;
1381 }
1382 }
1384 if($tmp_release =~ /^.*?,.*?$/ && (!($tmp_release =~ /^.*?\\,.*?$/))) {
1385 # A Subrelease
1386 my @sub_releases = split(/,/, $tmp_release);
1388 # Walk through subreleases and build hash tree
1389 my $hash;
1390 while(my $tmp_sub_release = pop @sub_releases) {
1391 $hash .= "\{'$tmp_sub_release'\}->";
1392 }
1393 eval('push @{$fai_classes->'.$hash.'{$tmp_cn}->{$tmp_type}}, (defined($tmp_state) && length($tmp_state)>0)?$tmp_state:"";');
1394 } else {
1395 # A branch, no subrelease
1396 push @{$fai_classes->{$tmp_release}->{$tmp_cn}->{$tmp_type}}, (defined($tmp_state) && length($tmp_state)>0)?$tmp_state:"";
1397 }
1398 }
1399 }
1401 # The hash is complete, now we can honor the copy-on-write based missing entries
1402 foreach my $release (keys %$fai_classes) {
1403 # Prepare the classes
1404 my $tmp_classes;
1406 # Get the classes from the branch
1407 foreach my $class (keys %{$fai_classes->{$release}}) {
1408 # Skip subreleases
1409 if($class =~ /^ou=.*$/) {
1410 next;
1411 } else {
1412 $tmp_classes->{$class}= deep_copy($fai_classes->{$release}->{$class});
1413 }
1414 }
1416 # Apply to each subrelease
1417 # TODO infinite deep
1418 if(ref $fai_classes->{$release} eq 'HASH') {
1419 my $i=0;
1420 foreach my $sub_release (keys %{$fai_classes->{$release}}) {
1421 if($sub_release =~ /^ou=.*$/) {
1422 foreach my $class (keys %{$tmp_classes}) {
1423 if(!exists($fai_classes->{$release}->{$sub_release}->{$class})) {
1424 $fai_classes->{$release}->{$sub_release}->{$class} =
1425 deep_copy($tmp_classes->{$class});
1426 } else {
1427 foreach my $type (keys %{$fai_classes->{$release}->{$sub_release}->{$class}}) {
1428 if(!exists($fai_classes->{$release}->{$sub_release}->{$class}->{$type})) {
1429 daemon_log("Type $type doesn't exist in class $class",1);
1430 $fai_classes->{$release}->{$sub_release}->{$class}->{$type} =
1431 deep_copy($tmp_classes->{$class}->{$type});
1432 }
1433 }
1434 }
1435 }
1436 }
1437 }
1438 }
1439 }
1441 $result= $fai_classes;
1442 }
1444 return $result;
1445 }
1447 sub deep_copy {
1448 my $this = shift;
1449 if (not ref $this) {
1450 $this;
1451 } elsif (ref $this eq "ARRAY") {
1452 [map deep_copy($_), @$this];
1453 } elsif (ref $this eq "HASH") {
1454 +{map { $_ => deep_copy($this->{$_}) } keys %$this};
1455 } else { die "what type is $_?" }
1456 }
1458 sub create_packages_list_db {
1459 my ($sources_file) = $_[ARG0] ;
1460 my $line;
1462 open(CONFIG, "<$sources_file") or do {
1463 daemon_log( "ERROR: Failed to open '$sources_file', creating packages.db stopped", 1);
1464 return;
1465 };
1467 # Read lines
1468 while ($line = <CONFIG>){
1469 # Unify
1470 chop($line);
1471 $line =~ s/^\s+//;
1472 $line =~ s/^\s+/ /;
1474 # Strip comments
1475 $line =~ s/#.*$//g;
1477 # Skip empty lines
1478 if ($line =~ /^\s*$/){
1479 next;
1480 }
1482 # Interpret deb line
1483 if ($line =~ /^deb [^\s]+\s[^\s]+\s[^\s]+/){
1484 my( $baseurl, $dist, $sections ) = ($line =~ /^deb\s([^\s]+)\s+([^\s]+)\s+(.*)$/);
1485 my $section;
1486 foreach $section (split(' ', $sections)){
1487 &parse_package_info( $baseurl, $dist, $section );
1488 }
1489 }
1490 }
1492 close (CONFIG);
1495 return;
1496 }
1497 sub parse_package_info {
1498 my ($baseurl, $dist, $section)= @_;
1499 my ($package);
1501 my ($path) = ($baseurl =~ m%://[^/]*(.*)$%);
1503 foreach $package ("Packages.gz"){
1504 print "getting $baseurl , $dist , $section... \n";
1505 get_package( "$baseurl/dists/$dist/$section/binary-$arch/$package", "$outdir/$dist/$section" );
1506 print "done\n";
1507 print "parsing packages... \n";
1508 parse_package( "$outdir/$dist/$section", $dist, $path );
1509 print "done\n";
1510 last;
1511 }
1512 }
1513 sub get_package {
1514 my ($url, $dest)= @_;
1516 my $tpath = dirname($dest);
1517 -d "$tpath" || mkpath "$tpath";
1519 # This is ugly, but I've no time to take a look at "how it works in perl"
1520 if( system("wget '$url' -O '$dest' 2>/dev/null") ) {
1521 system("gzip -cd '$dest' > '$dest.in'");
1522 system("rm -f '$dest'");
1523 }
1525 return 0;
1526 }
1527 sub parse_package {
1528 my ($path, $dist, $srv_path )= @_;
1529 my ($package, $version, $section, $description);
1530 my @sql_list;
1532 open(PACKAGES, "<$path.in") or return;
1534 # Read lines
1535 while (my $line = <PACKAGES>){
1536 # Unify
1537 chop($line);
1539 # Use empty lines as a trigger
1540 if ($line =~ /^\s*$/){
1541 my $sql = "INSERT INTO packages_list VALUES ('$dist', '$package', '$version', '$section', 'xxx', 'none', '0')";
1542 push(@sql_list, $sql);
1543 $package = "none";
1544 $version = "none";
1545 $section = "none";
1546 $description = "none";
1547 next;
1548 }
1550 # Trigger for package name
1551 if ($line =~ /^Package:\s/){
1552 ($package)= ($line =~ /^Package: (.*)$/);
1553 next;
1554 }
1556 # Trigger for version
1557 if ($line =~ /^Version:\s/){
1558 ($version)= ($line =~ /^Version: (.*)$/);
1559 next;
1560 }
1562 # Trigger for description
1563 if ($line =~ /^Description:\s/){
1564 ($description)= ($line =~ /^Description: (.*)$/);
1565 next;
1566 }
1568 # Trigger for section
1569 if ($line =~ /^Section:\s/){
1570 ($section)= ($line =~ /^Section: (.*)$/);
1571 next;
1572 }
1574 }
1576 close( PACKAGES );
1577 unlink( "$path.in" );
1579 $packages_list_db->exec_statementlist(\@sql_list);
1580 }
1582 #
1583 #sub store_fileinfo {
1584 # my( $package, $file, $dist, $path, $vers ) = @_;
1585 #
1586 # my %fileinfo = (
1587 # 'package' => $package,
1588 # 'dist' => $dist,
1589 # 'version' => $vers
1590 # );
1591 #
1592 # $repo_files{ "${srvdir}${path}/$file" } = \%fileinfo;
1593 #}
1595 sub next_task {
1596 my ($heap) = $_[HEAP];
1598 if( keys(%{$heap->{task}}) < $max_clients ) {
1600 }
1602 #$heap->{task}->{$task->ID} = $task;
1603 }
1605 sub task_result {
1607 }
1609 #==== MAIN = main ==============================================================
1610 # parse commandline options
1611 Getopt::Long::Configure( "bundling" );
1612 GetOptions("h|help" => \&usage,
1613 "c|config=s" => \$cfg_file,
1614 "f|foreground" => \$foreground,
1615 "v|verbose+" => \$verbose,
1616 "no-bus+" => \$no_bus,
1617 "no-arp+" => \$no_arp,
1618 );
1620 # read and set config parameters
1621 &check_cmdline_param ;
1622 &read_configfile;
1623 &check_pid;
1625 $SIG{CHLD} = 'IGNORE';
1627 # forward error messages to logfile
1628 if( ! $foreground ) {
1629 open( STDIN, '+>/dev/null' );
1630 open( STDOUT, '+>&STDIN' );
1631 open( STDERR, '+>&STDIN' );
1632 }
1634 # Just fork, if we are not in foreground mode
1635 if( ! $foreground ) {
1636 chdir '/' or die "Can't chdir to /: $!";
1637 $pid = fork;
1638 setsid or die "Can't start a new session: $!";
1639 umask 0;
1640 } else {
1641 $pid = $$;
1642 }
1644 # Do something useful - put our PID into the pid_file
1645 if( 0 != $pid ) {
1646 open( LOCK_FILE, ">$pid_file" );
1647 print LOCK_FILE "$pid\n";
1648 close( LOCK_FILE );
1649 if( !$foreground ) {
1650 exit( 0 )
1651 };
1652 }
1654 daemon_log(" ", 1);
1655 daemon_log("$0 started!", 1);
1657 if ($no_bus > 0) {
1658 $bus_activ = "false"
1659 }
1663 # delete old DBsqlite lock files
1664 #unlink('/tmp/gosa_si_lock*');
1666 # connect to gosa-si job queue
1667 $job_db = GOSA::DBsqlite->new($job_queue_file_name);
1668 $job_db->create_table($job_queue_tn, \@job_queue_col_names);
1670 # connect to known_clients_db
1671 $known_clients_db = GOSA::DBsqlite->new($known_clients_file_name);
1672 $known_clients_db->create_table($known_clients_tn, \@known_clients_col_names);
1674 # connect to known_server_db
1675 $known_server_db = GOSA::DBsqlite->new($known_server_file_name);
1676 $known_server_db->create_table($known_server_tn, \@known_server_col_names);
1678 # connect to login_usr_db
1679 $login_users_db = GOSA::DBsqlite->new($login_users_file_name);
1680 $login_users_db->create_table($login_users_tn, \@login_users_col_names);
1682 # connect to fai_server_db and fai_release_db
1683 $fai_server_db = GOSA::DBsqlite->new($fai_server_file_name);
1684 $fai_server_db->create_table($fai_server_tn, \@fai_server_col_names);
1685 $fai_server_db->create_table($fai_release_tn, \@fai_release_col_names);
1687 # connect to packages_list_db
1688 unlink($packages_list_file_name);
1689 $packages_list_db = GOSA::DBsqlite->new($packages_list_file_name);
1690 $packages_list_db->create_table($packages_list_tn, \@packages_list_col_names);
1692 # connect to messaging_db
1693 $messaging_db = GOSA::DBsqlite->new($messaging_file_name);
1694 $messaging_db->create_table($messaging_tn, \@messaging_col_names);
1697 # create xml object used for en/decrypting
1698 $xml = new XML::Simple();
1700 # create socket for incoming xml messages
1701 POE::Component::Server::TCP->new(
1702 Port => $server_port,
1703 ClientInput => \&client_input,
1704 );
1705 daemon_log("start socket for incoming xml messages at port '$server_port' ", 1);
1707 # create session for repeatedly checking the job queue for jobs
1708 POE::Session->create(
1709 inline_states => {
1710 _start => \&_start,
1711 next_task => \&next_task,
1712 task_result => \&task_result,
1713 watch_for_new_jobs => \&watch_for_new_jobs,
1714 watch_for_done_jobs => \&watch_for_done_jobs,
1715 create_packages_list_db => \&create_packages_list_db,
1716 create_fai_server_db => \&create_fai_server_db,
1717 create_fai_release_db => \&create_fai_release_db,
1718 }
1719 );
1722 # import all modules
1723 &import_modules;
1725 # check wether all modules are gosa-si valid passwd check
1727 POE::Kernel->run();
1728 exit;