1 package ServerPackages;
3 use Exporter;
4 @ISA = ("Exporter");
6 # Each module has to have a function 'process_incoming_msg'. This function works as a interface to gosa-sd and recieves the msg hash from gosa-sd. 'process_incoming_function checks, wether it has a function to process the incoming msg and forward the msg to it.
9 use strict;
10 use warnings;
11 use GOSA::GosaSupportDaemon;
12 use IO::Socket::INET;
13 use XML::Simple;
14 use Data::Dumper;
15 use Net::LDAP;
16 use Socket qw/PF_INET SOCK_DGRAM inet_ntoa sockaddr_in/;
18 BEGIN{}
19 END {}
21 my ($known_clients_file_name);
22 my ($server_activ, $server_ip, $server_mac_address, $server_port, $server_passwd, $max_clients, $ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password);
23 my ($bus_activ, $bus_passwd, $bus_ip, $bus_port);
24 my $server;
25 my $network_interface;
26 my $no_bus;
27 my (@ldap_cfg, @pam_cfg, @nss_cfg, $goto_admin, $goto_secret);
30 my %cfg_defaults =
31 (
32 "server" =>
33 {"server_activ" => [\$server_activ, "on"],
34 "server_ip" => [\$server_ip, "0.0.0.0"],
35 "server_mac_address" => [\$server_mac_address, ""],
36 "server_port" => [\$server_port, "20081"],
37 "server_passwd" => [\$server_passwd, ""],
38 "max_clients" => [\$max_clients, 100],
39 "ldap_uri" => [\$ldap_uri, ""],
40 "ldap_base" => [\$ldap_base, ""],
41 "ldap_admin_dn" => [\$ldap_admin_dn, ""],
42 "ldap_admin_password" => [\$ldap_admin_password, ""],
43 },
44 "bus" =>
45 {"bus_activ" => [\$bus_activ, "on"],
46 "bus_passwd" => [\$bus_passwd, ""],
47 "bus_ip" => [\$bus_ip, ""],
48 "bus_port" => [\$bus_port, "20080"],
49 },
50 );
52 ### START #####################################################################
54 # read configfile and import variables
55 &read_configfile();
57 # detect interfaces and mac address
58 $network_interface= &get_interface_for_ip($server_ip);
59 $server_mac_address= &get_mac($network_interface);
61 &main::daemon_log("server ip address detected: $server_ip", 1);
62 &main::daemon_log("server mac address detected: $server_mac_address", 1);
64 # complete addresses
65 my $server_address = "$server_ip:$server_port";
66 my $bus_address = "$bus_ip:$bus_port";
68 # create general settings for this module
69 my $xml = new XML::Simple();
71 # open server socket
72 if($server_activ eq "on"){
73 &main::daemon_log(" ", 1);
74 $server = IO::Socket::INET->new(LocalPort => $server_port,
75 Type => SOCK_STREAM,
76 Reuse => 1,
77 Listen => 20,
78 );
79 if(not defined $server){
80 &main::daemon_log("cannot be a tcp server at $server_port : $@");
81 die;
82 } else {
83 &main::daemon_log("start server: $server_address", 1);
84 }
85 }
87 # TODO
88 # füge den server selbst zu known_server hinzu, msgs können nämlich auch von sich selbst kommen (gosa!!!)
91 # register at bus
92 if ($main::no_bus > 0) {
93 $bus_activ = "off"
94 }
95 if($bus_activ eq "on") {
96 &main::daemon_log(" ", 1);
97 ®ister_at_bus();
98 }
100 ### functions #################################################################
102 #sub get_module_tags {
103 #
104 # # lese config file aus dort gibt es eine section Basic
105 # # dort stehen drei packettypen, für die sich das modul anmelden kann, gosa-admin-packages,
106 # # server-packages, client-packages
107 # my %tag_hash = (gosa_admin_packages => "yes",
108 # server_packages => "yes",
109 # client_packages => "yes",
110 # );
111 # return \%tag_hash;
112 #}
115 sub get_module_info {
116 my @info = ($server_address,
117 $server_passwd,
118 $server,
119 $server_activ,
120 "socket",
121 );
122 return \@info;
123 }
126 #=== FUNCTION ================================================================
127 # NAME: read_configfile
128 # PARAMETERS: cfg_file - string -
129 # RETURNS: nothing
130 # DESCRIPTION: read cfg_file and set variables
131 #===============================================================================
132 sub read_configfile {
133 my $cfg;
134 if( defined( $main::cfg_file) && ( length($main::cfg_file) > 0 )) {
135 if( -r $main::cfg_file ) {
136 $cfg = Config::IniFiles->new( -file => $main::cfg_file );
137 } else {
138 print STDERR "Couldn't read config file!";
139 }
140 } else {
141 $cfg = Config::IniFiles->new() ;
142 }
143 foreach my $section (keys %cfg_defaults) {
144 foreach my $param (keys %{$cfg_defaults{ $section }}) {
145 my $pinfo = $cfg_defaults{ $section }{ $param };
146 ${@$pinfo[0]} = $cfg->val( $section, $param, @$pinfo[1] );
147 }
148 }
150 # Read non predefined sections
151 my $param;
152 if ($cfg->SectionExists('ldap')){
153 foreach $param ($cfg->Parameters('ldap')){
154 push (@ldap_cfg, "$param ".$cfg->val('ldap', $param));
155 }
156 }
157 if ($cfg->SectionExists('pam_ldap')){
158 foreach $param ($cfg->Parameters('pam_ldap')){
159 push (@pam_cfg, "$param ".$cfg->val('pam_ldap', $param));
160 }
161 }
162 if ($cfg->SectionExists('nss_ldap')){
163 foreach $param ($cfg->Parameters('nss_ldap')){
164 push (@nss_cfg, "$param ".$cfg->val('nss_ldap', $param));
165 }
166 }
167 if ($cfg->SectionExists('goto')){
168 $goto_admin= $cfg->val('goto', 'terminal_admin');
169 $goto_secret= $cfg->val('goto', 'terminal_secret');
170 } else {
171 $goto_admin= undef;
172 $goto_secret= undef;
173 }
175 }
177 #=== FUNCTION ================================================================
178 # NAME: get_interface_for_ip
179 # PARAMETERS: ip address (i.e. 192.168.0.1)
180 # RETURNS: array: list of interfaces if ip=0.0.0.0, matching interface if found, undef else
181 # DESCRIPTION: Uses proc fs (/proc/net/dev) to get list of interfaces.
182 #===============================================================================
183 sub get_interface_for_ip {
184 my $result;
185 my $ip= shift;
186 if ($ip && length($ip) > 0) {
187 my @ifs= &get_interfaces();
188 if($ip eq "0.0.0.0") {
189 $result = "all";
190 } else {
191 foreach (@ifs) {
192 my $if=$_;
193 if(get_ip($if) eq $ip) {
194 $result = $if;
195 }
196 }
197 }
198 }
199 return $result;
200 }
202 #=== FUNCTION ================================================================
203 # NAME: get_interfaces
204 # PARAMETERS: none
205 # RETURNS: (list of interfaces)
206 # DESCRIPTION: Uses proc fs (/proc/net/dev) to get list of interfaces.
207 #===============================================================================
208 sub get_interfaces {
209 my @result;
210 my $PROC_NET_DEV= ('/proc/net/dev');
212 open(PROC_NET_DEV, "<$PROC_NET_DEV")
213 or die "Could not open $PROC_NET_DEV";
215 my @ifs = <PROC_NET_DEV>;
217 close(PROC_NET_DEV);
219 # Eat first two line
220 shift @ifs;
221 shift @ifs;
223 chomp @ifs;
224 foreach my $line(@ifs) {
225 my $if= (split /:/, $line)[0];
226 $if =~ s/^\s+//;
227 push @result, $if;
228 }
230 return @result;
231 }
233 #=== FUNCTION ================================================================
234 # NAME: get_mac
235 # PARAMETERS: interface name (i.e. eth0)
236 # RETURNS: (mac address)
237 # DESCRIPTION: Uses ioctl to get mac address directly from system.
238 #===============================================================================
239 sub get_mac {
240 my $ifreq= shift;
241 my $result;
242 if ($ifreq && length($ifreq) > 0) {
243 if($ifreq eq "all") {
244 $result = "00:00:00:00:00:00";
245 } else {
246 my $SIOCGIFHWADDR= 0x8927; # man 2 ioctl_list
248 # A configured MAC Address should always override a guessed value
249 if ($server_mac_address and length($server_mac_address) > 0) {
250 $result= $server_mac_address;
251 }
253 socket SOCKET, PF_INET, SOCK_DGRAM, getprotobyname('ip')
254 or die "socket: $!";
256 if(ioctl SOCKET, $SIOCGIFHWADDR, $ifreq) {
257 my ($if, $mac)= unpack 'h36 H12', $ifreq;
259 if (length($mac) > 0) {
260 $mac=~ m/^([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])$/;
261 $mac= sprintf("%s:%s:%s:%s:%s:%s", $1, $2, $3, $4, $5, $6);
262 $result = $mac;
263 }
264 }
265 }
266 }
267 return $result;
268 }
270 #=== FUNCTION ================================================================
271 # NAME: get_ip
272 # PARAMETERS: interface name (i.e. eth0)
273 # RETURNS: (ip address)
274 # DESCRIPTION: Uses ioctl to get ip address directly from system.
275 #===============================================================================
276 sub get_ip {
277 my $ifreq= shift;
278 my $result= "";
279 my $SIOCGIFADDR= 0x8915; # man 2 ioctl_list
280 my $proto= getprotobyname('ip');
282 socket SOCKET, PF_INET, SOCK_DGRAM, $proto
283 or die "socket: $!";
285 if(ioctl SOCKET, $SIOCGIFADDR, $ifreq) {
286 my ($if, $sin) = unpack 'a16 a16', $ifreq;
287 my ($port, $addr) = sockaddr_in $sin;
288 my $ip = inet_ntoa $addr;
290 if ($ip && length($ip) > 0) {
291 $result = $ip;
292 }
293 }
295 return $result;
296 }
298 #=== FUNCTION ================================================================
299 # NAME: open_socket
300 # PARAMETERS: PeerAddr string something like 192.168.1.1 or 192.168.1.1:10000
301 # [PeerPort] string necessary if port not appended by PeerAddr
302 # RETURNS: socket IO::Socket::INET
303 # DESCRIPTION: open a socket to PeerAddr
304 #===============================================================================
305 sub open_socket {
306 my ($PeerAddr, $PeerPort) = @_ ;
307 if(defined($PeerPort)){
308 $PeerAddr = $PeerAddr.":".$PeerPort;
309 }
310 my $socket;
311 $socket = new IO::Socket::INET(PeerAddr => $PeerAddr ,
312 Porto => "tcp" ,
313 Type => SOCK_STREAM,
314 Timeout => 5,
315 );
316 if(not defined $socket) {
317 return;
318 }
319 &main::daemon_log("open_socket to: $PeerAddr", 7);
320 return $socket;
321 }
323 #=== FUNCTION ================================================================
324 # NAME: register_at_bus
325 # PARAMETERS: nothing
326 # RETURNS: nothing
327 # DESCRIPTION: creates an entry in known_daemons and send a 'here_i_am' msg to bus
328 #===============================================================================
329 sub register_at_bus {
331 # add bus to known_server_db
332 my $res = $main::known_server_db->add_dbentry( {table=>'known_server',
333 primkey=>'hostname',
334 hostname=>$bus_address,
335 status=>'bus',
336 hostkey=>$bus_passwd,
337 timestamp=>&get_time,
338 } );
339 # if ($res == 3) {
340 # my $update_hash = { table=>'known_server' };
341 # $update_hash->{where} = [ { hostname=>[$bus_address] } ];
342 # $update_hash->{update} = [ {
343 # hostkey=>[$bus_passwd],
344 # timestamp=>[&get_time],
345 # } ];
346 # $res = $main::known_server_db->update_dbentry( $update_hash );
347 # }
349 my $msg_hash = &create_xml_hash("here_i_am", $server_address, $bus_address);
350 my $answer = "";
351 $answer = &send_msg_hash2address($msg_hash, $bus_address, $bus_passwd);
352 if ($answer == 0) {
353 &main::daemon_log("register at bus: $bus_address", 1);
354 } else {
355 &main::daemon_log("unable to send 'register'-msg to bus '$bus_address': $answer", 1);
356 }
357 return;
358 }
360 #=== FUNCTION ================================================================
361 # NAME: process_incoming_msg
362 # PARAMETERS: crypted_msg - string - incoming crypted message
363 # RETURNS: nothing
364 # DESCRIPTION: handels the proceeded distribution to the appropriated functions
365 #===============================================================================
366 sub process_incoming_msg {
367 my ($crypted_msg) = @_ ;
368 if(not defined $crypted_msg) {
369 &main::daemon_log("function 'process_incoming_msg': got no msg", 7);
370 }
372 &main::daemon_log("ServerPackages: incoming msg: \n$crypted_msg", 7);
374 $crypted_msg =~ /^([\s\S]*?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)$/;
375 $crypted_msg = $1;
376 my $host = sprintf("%s.%s.%s.%s", $2, $3, $4, $5);
378 my $msg;
379 my $msg_hash;
380 my $host_name;
381 my $host_key;
383 # check wether incoming msg is a new msg
384 $host_name = $server_address;
385 $host_key = $server_passwd;
386 &main::daemon_log("ServerPackage: host_name: $host_name", 7);
387 &main::daemon_log("ServerPackage: host_key: $host_key", 7);
388 eval{
389 my $key_cipher = &create_ciphering($host_key);
390 $msg = &decrypt_msg($crypted_msg, $key_cipher);
391 $msg_hash = &transform_msg2hash($msg);
392 };
393 if($@) {
394 &main::daemon_log("ServerPackage: deciphering raise error", 7);
395 &main::daemon_log("$@", 8);
396 $msg = undef;
397 $msg_hash = undef;
398 $host_name = undef;
399 $host_key = undef;
400 }
402 # check wether incoming msg is from a known_server
403 if( not defined $msg ) {
404 my $query_res = $main::known_server_db->select_dbentry( {table=>'known_server'} );
405 while( my ($hit_num, $hit) = each %{ $query_res } ) {
406 $host_name = $hit->{hostname};
407 if( not $host_name =~ "^$host") {
408 next;
409 }
410 $host_key = $hit->{hostkey};
411 &main::daemon_log("ServerPackage: host_name: $host_name", 7);
412 &main::daemon_log("ServerPackage: host_key: $host_key", 7);
413 eval{
414 my $key_cipher = &create_ciphering($host_key);
415 $msg = &decrypt_msg($crypted_msg, $key_cipher);
416 $msg_hash = &transform_msg2hash($msg);
417 };
418 if($@) {
419 &main::daemon_log("ServerPackage: deciphering raise error", 7);
420 &main::daemon_log("$@", 8);
421 $msg = undef;
422 $msg_hash = undef;
423 $host_name = undef;
424 $host_key = undef;
425 } else {
426 last;
427 }
428 }
429 }
431 # check wether incoming msg is from a known_client
432 if( not defined $msg ) {
433 my $query_res = $main::known_clients_db->select_dbentry( {table=>'known_clients'} );
434 while( my ($hit_num, $hit) = each %{ $query_res } ) {
435 $host_name = $hit->{hostname};
436 if( not $host_name =~ "^$host") {
437 next;
438 }
439 $host_key = $hit->{hostkey};
440 &main::daemon_log("ServerPackage: host_name: $host_name", 7);
441 &main::daemon_log("ServerPackage: host_key: $host_key", 7);
442 eval{
443 my $key_cipher = &create_ciphering($host_key);
444 $msg = &decrypt_msg($crypted_msg, $key_cipher);
445 $msg_hash = &transform_msg2hash($msg);
446 };
447 if($@) {
448 &main::daemon_log("ServerPackage: deciphering raise error", 7);
449 &main::daemon_log("$@", 8);
450 $msg = undef;
451 $msg_hash = undef;
452 $host_name = undef;
453 $host_key = undef;
454 } else {
455 last;
456 }
457 }
458 }
460 if( not defined $msg ) {
461 &main::daemon_log("WARNING: ServerPackage do not understand the message:", 5);
462 &main::daemon_log("$@", 7);
463 return;
464 }
466 # process incoming msg
467 my $header = @{$msg_hash->{header}}[0];
468 my $source = @{$msg_hash->{source}}[0];
470 &main::daemon_log("recieve '$header' at ServerPackages from $host", 1);
471 &main::daemon_log("ServerPackages: msg to process: \n$msg", 5);
473 my @targets = @{$msg_hash->{target}};
474 my $len_targets = @targets;
475 if ($len_targets == 0){
476 &main::daemon_log("ERROR: ServerPackages: no target specified for msg $header", 1);
478 } elsif ($len_targets == 1){
479 # we have only one target symbol
480 my $target = $targets[0];
481 &main::daemon_log("SeverPackages: msg is for: $target", 7);
483 if ($target eq $server_address) {
484 # msg is for server
485 if ($header eq 'new_passwd'){ &new_passwd($msg_hash)}
486 elsif ($header eq 'here_i_am') { &here_i_am($msg_hash)}
487 elsif ($header eq 'who_has') { &who_has($msg_hash) }
488 elsif ($header eq 'who_has_i_do') { &who_has_i_do($msg_hash)}
489 elsif ($header eq 'update_status') { &update_status($msg_hash) }
490 elsif ($header eq 'got_ping') { &got_ping($msg_hash)}
491 elsif ($header eq 'get_load') { &execute_actions($msg_hash)}
492 else { &main::daemon_log("ERROR: ServerPackages: no function assigned to this msg", 5) }
494 } elsif ($target eq "*") {
495 # msg is for all clients
496 my $query_res = $main::known_clients_db->select_dbentry( {table=>'known_clients'} );
497 while( my ($hit_num, $hit) = each %{ $query_res } ) {
498 $host_name = $hit->{hostname};
499 $host_key = $hit->{hostkey};
500 $msg_hash->{target} = [$host_name];
501 &send_msg_hash2address($msg_hash, $host_name, $host_key);
502 }
503 return;
505 } else {
506 # msg is for one host
507 my $query_res;
508 $query_res = $main::known_clients_db->select_dbentry( {table=>'known_clients', hostname=>$target} );
509 if( 1 == keys %{$query_res} ) {
510 $host_key = $query_res->{1}->{host_key};
511 &send_msg_hash2address($msg_hash, $target, $host_key);
512 return;
513 }
515 $query_res = $main::known_server_db->select_dbentry( {table=>'known_server', hostname=>$target} );
516 if( 1 == keys %{$query_res} ) {
517 $host_key = $query_res->{1}->{host_key};
518 &send_msg_hash2address($msg_hash, $target, $host_key);
519 return;
520 }
522 &main::daemon_log("ERROR: ServerPackages: target '$target' is not known neither in known_clients nor in known_server",1);
523 return;
524 }
526 } elsif ($len_targets > 1 ) {
527 # we have more than one target
528 return;
529 }
531 return ;
532 }
535 #=== FUNCTION ================================================================
536 # NAME: got_ping
537 # PARAMETERS: msg_hash - hash - hash from function create_xml_hash
538 # RETURNS: nothing
539 # DESCRIPTION: process this incoming message
540 #===============================================================================
541 sub got_ping {
542 my ($msg_hash) = @_;
544 my $source = @{$msg_hash->{source}}[0];
545 my $target = @{$msg_hash->{target}}[0];
546 my $header = @{$msg_hash->{header}}[0];
548 if(exists $main::known_daemons->{$source}) {
549 &main::add_content2known_daemons(hostname=>$source, status=>$header);
550 } else {
551 &main::add_content2known_clients(hostname=>$source, status=>$header);
552 }
554 return;
555 }
558 #=== FUNCTION ================================================================
559 # NAME: new_passwd
560 # PARAMETERS: msg_hash - ref - hash from function create_xml_hash
561 # RETURNS: nothing
562 # DESCRIPTION: process this incoming message
563 #===============================================================================
564 sub new_passwd {
565 my ($msg_hash) = @_;
567 my $header = @{$msg_hash->{header}}[0];
568 my $source_name = @{$msg_hash->{source}}[0];
569 my $source_key = @{$msg_hash->{new_passwd}}[0];
570 my $query_res;
572 # check known_clients_db
573 $query_res = $main::known_clients_db->select_dbentry( {table=>'known_clients', hostname=>$source_name} );
574 if( 1 == keys %{$query_res} ) {
575 my $update_hash = { table=>'known_clients' };
576 $update_hash->{where} = [ { hostname=>[$source_name] } ];
577 $update_hash->{update} = [ {
578 hostkey=>[$source_key],
579 timestamp=>[&get_time],
580 } ];
581 my $res = $main::known_clients_db->update_dbentry( $update_hash );
583 my $hash = &create_xml_hash("confirm_new_passwd", $server_address, $source_name);
584 &send_msg_hash2address($hash, $source_name, $source_key);
585 return;
586 }
588 # check known_server_db
589 $query_res = $main::known_server_db->select_dbentry( {table=>'known_server', hostname=>$source_name } );
590 if( 1 == keys %{$query_res} ) {
591 my $update_hash = { table=>'known_server' };
592 $update_hash->{where} = [ { hostname=>[$source_name] } ];
593 $update_hash->{update} = [ {
594 hostkey=>[$source_key],
595 timestamp=>[&get_time],
596 } ];
597 my $res = $main::known_server_db->update_dbentry( $update_hash );
599 my $hash = &create_xml_hash("confirm_new_passwd", $server_address, $source_name);
600 &send_msg_hash2address($hash, $source_name, $source_key);
601 return;
602 }
604 &main::daemon_log("ERROR: $source_name not known for '$header'-msg", 1);
605 return;
606 }
609 sub send_msg_hash {
610 my ($hash, $host_name, $host_key);
613 my $answer = &send_msg_hash2address($hash, $host_name, $host_key);
615 return;
616 }
619 #=== FUNCTION ================================================================
620 # NAME: here_i_am
621 # PARAMETERS: msg_hash - hash - hash from function create_xml_hash
622 # RETURNS: nothing
623 # DESCRIPTION: process this incoming message
624 #===============================================================================
625 sub here_i_am {
626 my ($msg_hash) = @_;
628 my $source = @{$msg_hash->{source}}[0];
629 my $mac_address = @{$msg_hash->{mac_address}}[0];
630 my $out_hash;
632 # number of known clients
633 my $nu_clients = keys %{$main::known_clients_db->select_dbentry( {table=>'known_clients'} )};
635 # check wether client address or mac address is already known
636 if (exists $main::known_clients->{$source}) {
637 &main::daemon_log("WARNING: $source is already known as a client", 1);
638 &main::daemon_log("WARNING: values for $source are being overwritten", 1);
639 $nu_clients --;
640 }
642 # number of actual activ clients
643 my $act_nu_clients = $nu_clients;
645 &main::daemon_log("number of actual activ clients: $act_nu_clients", 5);
646 &main::daemon_log("number of maximal allowed clients: $max_clients", 5);
648 if($max_clients <= $act_nu_clients) {
649 my $out_hash = &create_xml_hash("denied", $server_address, $source);
650 &add_content2xml_hash($out_hash, "denied", "I_cannot_take_any_more_clients!");
651 my $passwd = @{$msg_hash->{new_passwd}}[0];
652 &send_msg_hash2address($out_hash, $source, $passwd);
653 return;
654 }
656 # new client accepted
657 my $new_passwd = @{$msg_hash->{new_passwd}}[0];
659 # create entry in known_clients
660 my $events = @{$msg_hash->{events}}[0];
662 # add entry to known_clients_db
663 my $res = $main::known_clients_db->add_dbentry( {table=>'known_clients',
664 primkey=>'hostname',
665 hostname=>$source,
666 events=>$events,
667 macaddress=>$mac_address,
668 status=>'registered',
669 hostkey=>$new_passwd,
670 timestamp=>&get_time,
671 } );
673 if ($res != 0) {
674 &main::daemon_log("ERROR: cannot add entry to known_clients: $res");
675 return;
676 }
678 # return acknowledgement to client
679 $out_hash = &create_xml_hash("registered", $server_address, $source);
680 &send_msg_hash2address($out_hash, $source, $new_passwd);
682 # notify registered client to bus
683 if( $bus_activ eq "on") {
684 # fetch actual bus key
685 my $query_res = $main::known_server_db->select_dbentry( {table=>'known_server'} );
686 my $hostkey = $query_res->{1}->{hostkey};
688 # send update msg to bus
689 $out_hash = &create_xml_hash("new_client", $server_address, $bus_address, $source);
690 &send_msg_hash2address($out_hash, $bus_address, $hostkey);
692 &main::daemon_log("send bus msg that client '$source' has registerd at server '$server_address'", 3);
693 }
695 # give the new client his ldap config
696 &new_ldap_config($source);
698 return;
699 }
702 #=== FUNCTION ================================================================
703 # NAME: who_has
704 # PARAMETERS: msg_hash - hash - hash from function create_xml_hash
705 # RETURNS: nothing
706 # DESCRIPTION: process this incoming message
707 #===============================================================================
708 sub who_has {
709 my ($msg_hash) = @_ ;
711 # what is your search pattern
712 my $search_pattern = @{$msg_hash->{who_has}}[0];
713 my $search_element = @{$msg_hash->{$search_pattern}}[0];
714 &main::daemon_log("who_has-msg looking for $search_pattern $search_element", 7);
716 # scanning known_clients for search_pattern
717 my @host_addresses = keys %$main::known_clients;
718 my $known_clients_entries = length @host_addresses;
719 my $host_address;
720 foreach my $host (@host_addresses) {
721 my $client_element = $main::known_clients->{$host}->{$search_pattern};
722 if ($search_element eq $client_element) {
723 $host_address = $host;
724 last;
725 }
726 }
728 # search was successful
729 if (defined $host_address) {
730 my $source = @{$msg_hash->{source}}[0];
731 my $out_msg = &create_xml_hash("who_has_i_do", $server_address, $source, "mac_address");
732 &add_content2xml_hash($out_msg, "mac_address", $search_element);
733 &send_msg_hash2address($out_msg, $bus_address);
734 }
735 return;
736 }
739 sub who_has_i_do {
740 my ($msg_hash) = @_ ;
741 my $header = @{$msg_hash->{header}}[0];
742 my $source = @{$msg_hash->{source}}[0];
743 my $search_param = @{$msg_hash->{$header}}[0];
744 my $search_value = @{$msg_hash->{$search_param}}[0];
745 print "\ngot msg $header:\nserver $source has client with $search_param $search_value\n";
746 }
749 #=== FUNCTION ================================================================
750 # NAME: new_ldap_config
751 # PARAMETERS: address - string - ip address and port of a host
752 # RETURNS: nothing
753 # DESCRIPTION: send to address the ldap configuration found for dn gotoLdapServer
754 #===============================================================================
755 sub new_ldap_config {
756 my ($address) = @_ ;
758 my $res = $main::known_clients_db->select_dbentry( { table=>'known_clients', hostname=>$address } );
760 # check hit
761 my $hit_counter = keys %{$res};
762 if( not $hit_counter == 1 ) {
763 &main::daemon_log("ERROR: more or no hit found in known_clients_db by query by '$address'", 1);
764 }
766 my $macaddress = $res->{1}->{macaddress};
767 my $hostkey = $res->{1}->{hostkey};
769 if (not defined $macaddress) {
770 &main::daemon_log("ERROR: no mac address found for client $address", 1);
771 return;
772 }
774 # Build LDAP connection
775 my $ldap = Net::LDAP->new($ldap_uri);
776 if( not defined $ldap ) {
777 &main::daemon_log("ERROR: cannot connect to ldap: $ldap_uri", 1);
778 return;
779 }
782 # Bind to a directory with dn and password
783 my $mesg= $ldap->bind($ldap_admin_dn, $ldap_admin_password);
785 # Perform search
786 $mesg = $ldap->search( base => $ldap_base,
787 scope => 'sub',
788 attrs => ['dn', 'gotoLdapServer'],
789 filter => "(&(objectClass=GOhard)(macaddress=$macaddress))");
790 $mesg->code && die $mesg->error;
792 # Sanity check
793 if ($mesg->count != 1) {
794 &main::daemon_log("WARNING: client mac address $macaddress not found/not unique in ldap search", 1);
795 &main::daemon_log("\tbase: $ldap_base", 1);
796 &main::daemon_log("\tscope: sub", 1);
797 &main::daemon_log("\tattrs: dn, gotoLdapServer", 1);
798 &main::daemon_log("\tfilter: (&(objectClass=GOhard)(macaddress=$macaddress))", 1);
799 return;
800 }
802 my $entry= $mesg->entry(0);
803 my $dn= $entry->dn;
804 my @servers= $entry->get_value("gotoLdapServer");
805 my @ldap_uris;
806 my $server;
807 my $base;
809 # Do we need to look at an object class?
810 if ($#servers < 1){
811 $mesg = $ldap->search( base => $ldap_base,
812 scope => 'sub',
813 attrs => ['dn', 'gotoLdapServer'],
814 filter => "(&(objectClass=gosaGroupOfNames)(member=$dn))");
815 $mesg->code && die $mesg->error;
817 # Sanity check
818 if ($mesg->count != 1) {
819 &main::daemon_log("WARNING: no LDAP information found for client mac $macaddress", 1);
820 return;
821 }
823 $entry= $mesg->entry(0);
824 $dn= $entry->dn;
825 @servers= $entry->get_value("gotoLdapServer");
826 }
828 @servers= sort (@servers);
830 foreach $server (@servers){
831 $base= $server;
832 $server =~ s%^[^:]+:[^:]+:(ldap.*://[^/]+)/.*$%$1%;
833 $base =~ s%^[^:]+:[^:]+:ldap.*://[^/]+/(.*)$%$1%;
834 push (@ldap_uris, $server);
835 }
837 # Unbind
838 $mesg = $ldap->unbind;
840 # Assemble data package
841 my %data = ( 'ldap_uri' => \@ldap_uris, 'ldap_base' => $base,
842 'ldap_cfg' => \@ldap_cfg, 'pam_cfg' => \@pam_cfg,'nss_cfg' => \@nss_cfg );
844 # Need to append GOto settings?
845 if (defined $goto_admin and defined $goto_secret){
846 $data{'goto_admin'}= $goto_admin;
847 $data{'goto_secret'}= $goto_secret;
848 }
850 # Send information
851 send_msg("new_ldap_config", $server_address, $address, \%data, $hostkey);
853 return;
854 }
857 #=== FUNCTION ================================================================
858 # NAME: execute_actions
859 # PARAMETERS: msg_hash - hash - hash from function create_xml_hash
860 # RETURNS: nothing
861 # DESCRIPTION: invokes the script specified in msg_hash which is located under
862 # /etc/gosad/actions
863 #===============================================================================
864 sub execute_actions {
865 my ($msg_hash) = @_ ;
866 my $configdir= '/etc/gosad/actions/';
867 my $result;
869 my $header = @{$msg_hash->{header}}[0];
870 my $source = @{$msg_hash->{source}}[0];
871 my $target = @{$msg_hash->{target}}[0];
873 if((not defined $source)
874 && (not defined $target)
875 && (not defined $header)) {
876 &main::daemon_log("ERROR: Entries missing in XML msg for gosad actions under /etc/gosad/actions");
877 } else {
878 my $parameters="";
879 my @params = @{$msg_hash->{$header}};
880 my $params = join(", ", @params);
881 &main::daemon_log("execute_actions: got parameters: $params", 5);
883 if (@params) {
884 foreach my $param (@params) {
885 my $param_value = (&get_content_from_xml_hash($msg_hash, $param))[0];
886 &main::daemon_log("execute_actions: parameter -> value: $param -> $param_value", 7);
887 $parameters.= " ".$param_value;
888 }
889 }
891 my $cmd= $configdir.$header."$parameters";
892 &main::daemon_log("execute_actions: executing cmd: $cmd", 7);
893 $result= "";
894 open(PIPE, "$cmd 2>&1 |");
895 while(<PIPE>) {
896 $result.=$_;
897 }
898 close(PIPE);
899 }
901 # process the event result
904 return;
905 }
908 1;