![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
776ef8197100f31970f875b037485d92b2e365b2
1 package ServerPackages;
3 use Exporter;
4 @ISA = ("Exporter");
6 # Each module has to have a function 'process_incoming_msg'. This function works as a interface to gosa-sd and recieves the msg hash from gosa-sd. 'process_incoming_function checks, wether it has a function to process the incoming msg and forward the msg to it.
9 use strict;
10 use warnings;
11 use GOSA::GosaSupportDaemon;
12 use IO::Socket::INET;
13 use XML::Simple;
14 use Data::Dumper;
15 use Net::LDAP;
16 use Socket qw/PF_INET SOCK_DGRAM inet_ntoa sockaddr_in/;
18 BEGIN{}
19 END {}
21 my ($known_clients_file_name);
22 my ($server_activ, $server_ip, $server_mac_address, $server_port, $server_passwd, $max_clients, $ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password);
23 my ($bus_activ, $bus_passwd, $bus_ip, $bus_port);
24 my $server;
25 my $no_bus;
26 my (@ldap_cfg, @pam_cfg, @nss_cfg, $goto_admin, $goto_secret);
29 my %cfg_defaults =
30 (
31 "server" =>
32 {"server_activ" => [\$server_activ, "on"],
33 "server_ip" => [\$server_ip, ""],
34 "server_mac_address" => [\$server_mac_address, ""],
35 "server_port" => [\$server_port, "20081"],
36 "server_passwd" => [\$server_passwd, ""],
37 "max_clients" => [\$max_clients, 100],
38 "ldap_uri" => [\$ldap_uri, ""],
39 "ldap_base" => [\$ldap_base, ""],
40 "ldap_admin_dn" => [\$ldap_admin_dn, ""],
41 "ldap_admin_password" => [\$ldap_admin_password, ""],
42 },
43 "bus" =>
44 {"bus_activ" => [\$bus_activ, "on"],
45 "bus_passwd" => [\$bus_passwd, ""],
46 "bus_ip" => [\$bus_ip, ""],
47 "bus_port" => [\$bus_port, "20080"],
48 },
49 );
51 ### START #####################################################################
54 # read configfile and import variables
55 &read_configfile();
57 # detect own ip and mac address
58 $server_mac_address= &get_mac();
59 if (not defined $server_ip) {
60 die "EXIT: ip address of $0 could not be detected";
61 }
62 &main::daemon_log("server ip address detected: $server_ip", 1);
63 &main::daemon_log("server mac address detected: $server_mac_address", 1);
65 # complete addresses
66 my $server_address = "$server_ip:$server_port";
67 my $bus_address = "$bus_ip:$bus_port";
69 # create general settings for this module
70 my $xml = new XML::Simple();
72 # open server socket
73 if($server_activ eq "on"){
74 &main::daemon_log(" ", 1);
75 $server = IO::Socket::INET->new(LocalPort => $server_port,
76 Type => SOCK_STREAM,
77 Reuse => 1,
78 Listen => 20,
79 );
80 if(not defined $server){
81 &main::daemon_log("cannot be a tcp server at $server_port : $@");
82 } else {
83 &main::daemon_log("start server: $server_address", 1);
84 }
85 }
87 # TODO
88 # füge den server selbst zu known_server hinzu, msgs können nämlich auch von sich selbst kommen (gosa!!!)
91 # register at bus
92 if ($main::no_bus > 0) {
93 $bus_activ = "off"
94 }
95 if($bus_activ eq "on") {
96 &main::daemon_log(" ", 1);
97 ®ister_at_bus();
98 }
100 ### functions #################################################################
102 #sub get_module_tags {
103 #
104 # # lese config file aus dort gibt es eine section Basic
105 # # dort stehen drei packettypen, für die sich das modul anmelden kann, gosa-admin-packages,
106 # # server-packages, client-packages
107 # my %tag_hash = (gosa_admin_packages => "yes",
108 # server_packages => "yes",
109 # client_packages => "yes",
110 # );
111 # return \%tag_hash;
112 #}
115 sub get_module_info {
116 my @info = ($server_address,
117 $server_passwd,
118 $server,
119 $server_activ,
120 "socket",
121 );
122 return \@info;
123 }
126 #=== FUNCTION ================================================================
127 # NAME: read_configfile
128 # PARAMETERS: cfg_file - string -
129 # RETURNS: nothing
130 # DESCRIPTION: read cfg_file and set variables
131 #===============================================================================
132 sub read_configfile {
133 my $cfg;
134 if( defined( $main::cfg_file) && ( length($main::cfg_file) > 0 )) {
135 if( -r $main::cfg_file ) {
136 $cfg = Config::IniFiles->new( -file => $main::cfg_file );
137 } else {
138 print STDERR "Couldn't read config file!";
139 }
140 } else {
141 $cfg = Config::IniFiles->new() ;
142 }
143 foreach my $section (keys %cfg_defaults) {
144 foreach my $param (keys %{$cfg_defaults{ $section }}) {
145 my $pinfo = $cfg_defaults{ $section }{ $param };
146 ${@$pinfo[0]} = $cfg->val( $section, $param, @$pinfo[1] );
147 }
148 }
150 # Read non predefined sections
151 my $param;
152 if ($cfg->SectionExists('ldap')){
153 foreach $param ($cfg->Parameters('ldap')){
154 push (@ldap_cfg, "$param ".$cfg->val('ldap', $param));
155 }
156 }
157 if ($cfg->SectionExists('pam_ldap')){
158 foreach $param ($cfg->Parameters('pam_ldap')){
159 push (@pam_cfg, "$param ".$cfg->val('pam_ldap', $param));
160 }
161 }
162 if ($cfg->SectionExists('nss_ldap')){
163 foreach $param ($cfg->Parameters('nss_ldap')){
164 push (@nss_cfg, "$param ".$cfg->val('nss_ldap', $param));
165 }
166 }
167 if ($cfg->SectionExists('goto')){
168 $goto_admin= $cfg->val('goto', 'terminal_admin');
169 $goto_secret= $cfg->val('goto', 'terminal_secret');
170 } else {
171 $goto_admin= undef;
172 $goto_secret= undef;
173 }
175 }
178 #=== FUNCTION ================================================================
179 # NAME: get_mac
180 # PARAMETERS: interface name (i.e. eth0)
181 # RETURNS: (mac address)
182 # DESCRIPTION: Uses ioctl to get mac address directly from system.
183 #===============================================================================
184 sub get_mac {
185 my $ifreq= $_;
186 my $result= "";
187 my $SIOCGIFHWADDR= 0x8927; # man 2 ioctl_list
189 # A configured MAC Address should always override a guessed value
190 if ($server_mac_address and length($server_mac_address) > 0) {
191 return $server_mac_address;
192 }
194 socket SOCKET, PF_INET, SOCK_DGRAM, getprotobyname('ip')
195 or die "socket: $!";
197 ioctl SOCKET, $SIOCGIFHWADDR, $ifreq
198 or die "ioctl: $!";
200 my ($if, $mac)= unpack 'h36 H12', $ifreq;
202 if (length($mac) > 0) {
203 $result = $mac
204 }
206 return $result;
207 }
209 #=== FUNCTION ================================================================
210 # NAME: get_ip
211 # PARAMETERS: interface name (i.e. eth0)
212 # RETURNS: (ip address)
213 # DESCRIPTION: Uses ioctl to get ip address directly from system.
214 #===============================================================================
215 sub get_ip {
216 my $ifreq= $_;
217 my $result= "";
218 my $SIOCGIFADDR= 0x8915; # man 2 ioctl_list
220 # A configured MAC Address should always override a guessed value
221 if ($server_ip and length($server_ip) > 0) {
222 return $server_ip;
223 }
225 socket SOCKET, PF_INET, SOCK_DGRAM, getprotobyname('ip')
226 or die "socket: $!";
228 ioctl SOCKET, $SIOCGIFADDR, $ifreq
229 or die "ioctl: $!";
231 my ($if, $sin) = unpack 'a16 a16', $ifreq;
232 my ($port, $addr) = sockaddr_in $sin;
233 my $ip = inet_ntoa $addr;
235 if (length($ip) > 0) {
236 $result = $ip
237 }
239 return $result;
240 }
242 #=== FUNCTION ================================================================
243 # NAME: open_socket
244 # PARAMETERS: PeerAddr string something like 192.168.1.1 or 192.168.1.1:10000
245 # [PeerPort] string necessary if port not appended by PeerAddr
246 # RETURNS: socket IO::Socket::INET
247 # DESCRIPTION: open a socket to PeerAddr
248 #===============================================================================
249 sub open_socket {
250 my ($PeerAddr, $PeerPort) = @_ ;
251 if(defined($PeerPort)){
252 $PeerAddr = $PeerAddr.":".$PeerPort;
253 }
254 my $socket;
255 $socket = new IO::Socket::INET(PeerAddr => $PeerAddr ,
256 Porto => "tcp" ,
257 Type => SOCK_STREAM,
258 Timeout => 5,
259 );
260 if(not defined $socket) {
261 return;
262 }
263 &main::daemon_log("open_socket to: $PeerAddr", 7);
264 return $socket;
265 }
267 #=== FUNCTION ================================================================
268 # NAME: register_at_bus
269 # PARAMETERS: nothing
270 # RETURNS: nothing
271 # DESCRIPTION: creates an entry in known_daemons and send a 'here_i_am' msg to bus
272 #===============================================================================
273 sub register_at_bus {
275 # add bus to known_server_db
276 my $res = $main::known_server_db->add_dbentry( {table=>'known_server',
277 primkey=>'hostname',
278 hostname=>$bus_address,
279 status=>'bus',
280 hostkey=>$bus_passwd,
281 timestamp=>&get_time,
282 } );
283 # if ($res == 3) {
284 # my $update_hash = { table=>'known_server' };
285 # $update_hash->{where} = [ { hostname=>[$bus_address] } ];
286 # $update_hash->{update} = [ {
287 # hostkey=>[$bus_passwd],
288 # timestamp=>[&get_time],
289 # } ];
290 # $res = $main::known_server_db->update_dbentry( $update_hash );
291 # }
293 my $msg_hash = &create_xml_hash("here_i_am", $server_address, $bus_address);
294 my $answer = "";
295 $answer = &send_msg_hash2address($msg_hash, $bus_address, $bus_passwd);
296 if ($answer == 0) {
297 &main::daemon_log("register at bus: $bus_address", 1);
298 } else {
299 &main::daemon_log("unable to send 'register'-msg to bus '$bus_address': $answer", 1);
300 }
301 return;
302 }
304 #=== FUNCTION ================================================================
305 # NAME: process_incoming_msg
306 # PARAMETERS: crypted_msg - string - incoming crypted message
307 # RETURNS: nothing
308 # DESCRIPTION: handels the proceeded distribution to the appropriated functions
309 #===============================================================================
310 sub process_incoming_msg {
311 my ($crypted_msg) = @_ ;
312 if(not defined $crypted_msg) {
313 &main::daemon_log("function 'process_incoming_msg': got no msg", 7);
314 }
316 &main::daemon_log("ServerPackages: incoming msg: \n$crypted_msg", 7);
318 $crypted_msg =~ /^([\s\S]*?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)$/;
319 $crypted_msg = $1;
320 my $host = sprintf("%s.%s.%s.%s", $2, $3, $4, $5);
322 my $msg;
323 my $msg_hash;
324 my $host_name;
325 my $host_key;
327 # check wether incoming msg is a new msg
328 $host_name = $server_address;
329 $host_key = $server_passwd;
330 &main::daemon_log("ServerPackage: host_name: $host_name", 7);
331 &main::daemon_log("ServerPackage: host_key: $host_key", 7);
332 eval{
333 my $key_cipher = &create_ciphering($host_key);
334 $msg = &decrypt_msg($crypted_msg, $key_cipher);
335 $msg_hash = &transform_msg2hash($msg);
336 };
337 if($@) {
338 &main::daemon_log("ServerPackage: deciphering raise error", 7);
339 &main::daemon_log("$@", 8);
340 $msg = undef;
341 $msg_hash = undef;
342 $host_name = undef;
343 $host_key = undef;
344 }
346 # check wether incoming msg is from a known_server
347 if( not defined $msg ) {
348 my $query_res = $main::known_server_db->select_dbentry( {table=>'known_server'} );
349 while( my ($hit_num, $hit) = each %{ $query_res } ) {
350 $host_name = $hit->{hostname};
351 if( not $host_name =~ "^$host") {
352 next;
353 }
354 $host_key = $hit->{hostkey};
355 &main::daemon_log("ServerPackage: host_name: $host_name", 7);
356 &main::daemon_log("ServerPackage: host_key: $host_key", 7);
357 eval{
358 my $key_cipher = &create_ciphering($host_key);
359 $msg = &decrypt_msg($crypted_msg, $key_cipher);
360 $msg_hash = &transform_msg2hash($msg);
361 };
362 if($@) {
363 &main::daemon_log("ServerPackage: deciphering raise error", 7);
364 &main::daemon_log("$@", 8);
365 $msg = undef;
366 $msg_hash = undef;
367 $host_name = undef;
368 $host_key = undef;
369 } else {
370 last;
371 }
372 }
373 }
375 # check wether incoming msg is from a known_client
376 if( not defined $msg ) {
377 my $query_res = $main::known_clients_db->select_dbentry( {table=>'known_clients'} );
378 while( my ($hit_num, $hit) = each %{ $query_res } ) {
379 $host_name = $hit->{hostname};
380 if( not $host_name =~ "^$host") {
381 next;
382 }
383 $host_key = $hit->{hostkey};
384 &main::daemon_log("ServerPackage: host_name: $host_name", 7);
385 &main::daemon_log("ServerPackage: host_key: $host_key", 7);
386 eval{
387 my $key_cipher = &create_ciphering($host_key);
388 $msg = &decrypt_msg($crypted_msg, $key_cipher);
389 $msg_hash = &transform_msg2hash($msg);
390 };
391 if($@) {
392 &main::daemon_log("ServerPackage: deciphering raise error", 7);
393 &main::daemon_log("$@", 8);
394 $msg = undef;
395 $msg_hash = undef;
396 $host_name = undef;
397 $host_key = undef;
398 } else {
399 last;
400 }
401 }
402 }
404 if( not defined $msg ) {
405 &main::daemon_log("WARNING: ServerPackage do not understand the message:", 5);
406 &main::daemon_log("$@", 7);
407 return;
408 }
410 # process incoming msg
411 my $header = @{$msg_hash->{header}}[0];
412 my $source = @{$msg_hash->{source}}[0];
414 &main::daemon_log("recieve '$header' at ServerPackages from $host", 1);
415 &main::daemon_log("ServerPackages: msg to process: \n$msg", 5);
417 my @targets = @{$msg_hash->{target}};
418 my $len_targets = @targets;
419 if ($len_targets == 0){
420 &main::daemon_log("ERROR: ServerPackages: no target specified for msg $header", 1);
422 } elsif ($len_targets == 1){
423 # we have only one target symbol
424 my $target = $targets[0];
425 &main::daemon_log("SeverPackages: msg is for: $target", 7);
427 if ($target eq $server_address) {
428 # msg is for server
429 if ($header eq 'new_passwd'){ &new_passwd($msg_hash)}
430 elsif ($header eq 'here_i_am') { &here_i_am($msg_hash)}
431 elsif ($header eq 'who_has') { &who_has($msg_hash) }
432 elsif ($header eq 'who_has_i_do') { &who_has_i_do($msg_hash)}
433 elsif ($header eq 'update_status') { &update_status($msg_hash) }
434 elsif ($header eq 'got_ping') { &got_ping($msg_hash)}
435 elsif ($header eq 'get_load') { &execute_actions($msg_hash)}
436 else { &main::daemon_log("ERROR: ServerPackages: no function assigned to this msg", 5) }
438 } elsif ($target eq "*") {
439 # msg is for all clients
440 my $query_res = $main::known_clients_db->select_dbentry( {table=>'known_clients'} );
441 while( my ($hit_num, $hit) = each %{ $query_res } ) {
442 $host_name = $hit->{hostname};
443 $host_key = $hit->{hostkey};
444 $msg_hash->{target} = [$host_name];
445 &send_msg_hash2address($msg_hash, $host_name, $host_key);
446 }
447 return;
449 } else {
450 # msg is for one host
451 my $query_res;
452 $query_res = $main::known_clients_db->select_dbentry( {table=>'known_clients', hostname=>$target} );
453 if( 1 == keys %{$query_res} ) {
454 $host_key = $query_res->{1}->{host_key};
455 &send_msg_hash2address($msg_hash, $target, $host_key);
456 return;
457 }
459 $query_res = $main::known_server_db->select_dbentry( {table=>'known_server', hostname=>$target} );
460 if( 1 == keys %{$query_res} ) {
461 $host_key = $query_res->{1}->{host_key};
462 &send_msg_hash2address($msg_hash, $target, $host_key);
463 return;
464 }
466 &main::daemon_log("ERROR: ServerPackages: target '$target' is not known neither in known_clients nor in known_server",1);
467 return;
468 }
470 } elsif ($len_targets > 1 ) {
471 # we have more than one target
472 return;
473 }
475 return ;
476 }
479 #=== FUNCTION ================================================================
480 # NAME: got_ping
481 # PARAMETERS: msg_hash - hash - hash from function create_xml_hash
482 # RETURNS: nothing
483 # DESCRIPTION: process this incoming message
484 #===============================================================================
485 sub got_ping {
486 my ($msg_hash) = @_;
488 my $source = @{$msg_hash->{source}}[0];
489 my $target = @{$msg_hash->{target}}[0];
490 my $header = @{$msg_hash->{header}}[0];
492 if(exists $main::known_daemons->{$source}) {
493 &main::add_content2known_daemons(hostname=>$source, status=>$header);
494 } else {
495 &main::add_content2known_clients(hostname=>$source, status=>$header);
496 }
498 return;
499 }
502 #=== FUNCTION ================================================================
503 # NAME: new_passwd
504 # PARAMETERS: msg_hash - ref - hash from function create_xml_hash
505 # RETURNS: nothing
506 # DESCRIPTION: process this incoming message
507 #===============================================================================
508 sub new_passwd {
509 my ($msg_hash) = @_;
511 my $header = @{$msg_hash->{header}}[0];
512 my $source_name = @{$msg_hash->{source}}[0];
513 my $source_key = @{$msg_hash->{new_passwd}}[0];
514 my $query_res;
516 # check known_clients_db
517 $query_res = $main::known_clients_db->select_dbentry( {table=>'known_clients', hostname=>$source_name} );
518 if( 1 == keys %{$query_res} ) {
519 my $update_hash = { table=>'known_clients' };
520 $update_hash->{where} = [ { hostname=>[$source_name] } ];
521 $update_hash->{update} = [ {
522 hostkey=>[$source_key],
523 timestamp=>[&get_time],
524 } ];
525 my $res = $main::known_clients_db->update_dbentry( $update_hash );
527 my $hash = &create_xml_hash("confirm_new_passwd", $server_address, $source_name);
528 &send_msg_hash2address($hash, $source_name, $source_key);
529 return;
530 }
532 # check known_server_db
533 $query_res = $main::known_server_db->select_dbentry( {table=>'known_server', hostname=>$source_name } );
534 if( 1 == keys %{$query_res} ) {
535 my $update_hash = { table=>'known_server' };
536 $update_hash->{where} = [ { hostname=>[$source_name] } ];
537 $update_hash->{update} = [ {
538 hostkey=>[$source_key],
539 timestamp=>[&get_time],
540 } ];
541 my $res = $main::known_server_db->update_dbentry( $update_hash );
543 my $hash = &create_xml_hash("confirm_new_passwd", $server_address, $source_name);
544 &send_msg_hash2address($hash, $source_name, $source_key);
545 return;
546 }
548 &main::daemon_log("ERROR: $source_name not known for '$header'-msg", 1);
549 return;
550 }
553 sub send_msg_hash {
554 my ($hash, $host_name, $host_key);
557 my $answer = &send_msg_hash2address($hash, $host_name, $host_key);
559 return;
560 }
563 #=== FUNCTION ================================================================
564 # NAME: here_i_am
565 # PARAMETERS: msg_hash - hash - hash from function create_xml_hash
566 # RETURNS: nothing
567 # DESCRIPTION: process this incoming message
568 #===============================================================================
569 sub here_i_am {
570 my ($msg_hash) = @_;
572 my $source = @{$msg_hash->{source}}[0];
573 my $mac_address = @{$msg_hash->{mac_address}}[0];
574 my $out_hash;
576 # number of known clients
577 my $nu_clients = keys %{$main::known_clients_db->select_dbentry( {table=>'known_clients'} )};
579 # check wether client address or mac address is already known
580 if (exists $main::known_clients->{$source}) {
581 &main::daemon_log("WARNING: $source is already known as a client", 1);
582 &main::daemon_log("WARNING: values for $source are being overwritten", 1);
583 $nu_clients --;
584 }
586 # number of actual activ clients
587 my $act_nu_clients = $nu_clients;
589 &main::daemon_log("number of actual activ clients: $act_nu_clients", 5);
590 &main::daemon_log("number of maximal allowed clients: $max_clients", 5);
592 if($max_clients <= $act_nu_clients) {
593 my $out_hash = &create_xml_hash("denied", $server_address, $source);
594 &add_content2xml_hash($out_hash, "denied", "I_cannot_take_any_more_clients!");
595 my $passwd = @{$msg_hash->{new_passwd}}[0];
596 &send_msg_hash2address($out_hash, $source, $passwd);
597 return;
598 }
600 # new client accepted
601 my $new_passwd = @{$msg_hash->{new_passwd}}[0];
603 # create entry in known_clients
604 my $events = @{$msg_hash->{events}}[0];
606 # add entry to known_clients_db
607 my $res = $main::known_clients_db->add_dbentry( {table=>'known_clients',
608 primkey=>'hostname',
609 hostname=>$source,
610 events=>$events,
611 macaddress=>$mac_address,
612 status=>'registered',
613 hostkey=>$new_passwd,
614 timestamp=>&get_time,
615 } );
617 if ($res != 0) {
618 &main::daemon_log("ERROR: cannot add entry to known_clients: $res");
619 return;
620 }
622 # return acknowledgement to client
623 $out_hash = &create_xml_hash("registered", $server_address, $source);
624 &send_msg_hash2address($out_hash, $source, $new_passwd);
626 # notify registered client to bus
627 if( $bus_activ eq "on") {
628 # fetch actual bus key
629 my $query_res = $main::known_server_db->select_dbentry( {table=>'known_server'} );
630 my $hostkey = $query_res->{1}->{hostkey};
632 # send update msg to bus
633 $out_hash = &create_xml_hash("new_client", $server_address, $bus_address, $source);
634 &send_msg_hash2address($out_hash, $bus_address, $hostkey);
636 &main::daemon_log("send bus msg that client '$source' has registerd at server '$server_address'", 3);
637 }
639 # give the new client his ldap config
640 &new_ldap_config($source);
642 return;
643 }
646 #=== FUNCTION ================================================================
647 # NAME: who_has
648 # PARAMETERS: msg_hash - hash - hash from function create_xml_hash
649 # RETURNS: nothing
650 # DESCRIPTION: process this incoming message
651 #===============================================================================
652 sub who_has {
653 my ($msg_hash) = @_ ;
655 # what is your search pattern
656 my $search_pattern = @{$msg_hash->{who_has}}[0];
657 my $search_element = @{$msg_hash->{$search_pattern}}[0];
658 &main::daemon_log("who_has-msg looking for $search_pattern $search_element", 7);
660 # scanning known_clients for search_pattern
661 my @host_addresses = keys %$main::known_clients;
662 my $known_clients_entries = length @host_addresses;
663 my $host_address;
664 foreach my $host (@host_addresses) {
665 my $client_element = $main::known_clients->{$host}->{$search_pattern};
666 if ($search_element eq $client_element) {
667 $host_address = $host;
668 last;
669 }
670 }
672 # search was successful
673 if (defined $host_address) {
674 my $source = @{$msg_hash->{source}}[0];
675 my $out_msg = &create_xml_hash("who_has_i_do", $server_address, $source, "mac_address");
676 &add_content2xml_hash($out_msg, "mac_address", $search_element);
677 &send_msg_hash2address($out_msg, $bus_address);
678 }
679 return;
680 }
683 sub who_has_i_do {
684 my ($msg_hash) = @_ ;
685 my $header = @{$msg_hash->{header}}[0];
686 my $source = @{$msg_hash->{source}}[0];
687 my $search_param = @{$msg_hash->{$header}}[0];
688 my $search_value = @{$msg_hash->{$search_param}}[0];
689 print "\ngot msg $header:\nserver $source has client with $search_param $search_value\n";
690 }
693 #=== FUNCTION ================================================================
694 # NAME: new_ldap_config
695 # PARAMETERS: address - string - ip address and port of a host
696 # RETURNS: nothing
697 # DESCRIPTION: send to address the ldap configuration found for dn gotoLdapServer
698 #===============================================================================
699 sub new_ldap_config {
700 my ($address) = @_ ;
702 my $res = $main::known_clients_db->select_dbentry( { table=>'known_clients', hostname=>$address } );
704 # check hit
705 my $hit_counter = keys %{$res};
706 if( not $hit_counter == 1 ) {
707 &main::daemon_log("ERROR: more or no hit found in known_clients_db by query by '$address'", 1);
708 }
710 my $macaddress = $res->{1}->{macaddress};
711 my $hostkey = $res->{1}->{hostkey};
713 if (not defined $macaddress) {
714 &main::daemon_log("ERROR: no mac address found for client $address", 1);
715 return;
716 }
718 # Build LDAP connection
719 my $ldap = Net::LDAP->new($ldap_uri);
720 if( not defined $ldap ) {
721 &main::daemon_log("ERROR: cannot connect to ldap: $ldap_uri", 1);
722 return;
723 }
726 # Bind to a directory with dn and password
727 my $mesg= $ldap->bind($ldap_admin_dn, $ldap_admin_password);
729 # Perform search
730 $mesg = $ldap->search( base => $ldap_base,
731 scope => 'sub',
732 attrs => ['dn', 'gotoLdapServer'],
733 filter => "(&(objectClass=GOhard)(macaddress=$macaddress))");
734 $mesg->code && die $mesg->error;
736 # Sanity check
737 if ($mesg->count != 1) {
738 &main::daemon_log("WARNING: client mac address $macaddress not found/not unique in ldap search", 1);
739 &main::daemon_log("\tbase: $ldap_base", 1);
740 &main::daemon_log("\tscope: sub", 1);
741 &main::daemon_log("\tattrs: dn, gotoLdapServer", 1);
742 &main::daemon_log("\tfilter: (&(objectClass=GOhard)(macaddress=$macaddress))", 1);
743 return;
744 }
746 my $entry= $mesg->entry(0);
747 my $dn= $entry->dn;
748 my @servers= $entry->get_value("gotoLdapServer");
749 my @ldap_uris;
750 my $server;
751 my $base;
753 # Do we need to look at an object class?
754 if ($#servers < 1){
755 $mesg = $ldap->search( base => $ldap_base,
756 scope => 'sub',
757 attrs => ['dn', 'gotoLdapServer'],
758 filter => "(&(objectClass=gosaGroupOfNames)(member=$dn))");
759 $mesg->code && die $mesg->error;
761 # Sanity check
762 if ($mesg->count != 1) {
763 &main::daemon_log("WARNING: no LDAP information found for client mac $macaddress", 1);
764 return;
765 }
767 $entry= $mesg->entry(0);
768 $dn= $entry->dn;
769 @servers= $entry->get_value("gotoLdapServer");
770 }
772 @servers= sort (@servers);
774 foreach $server (@servers){
775 $base= $server;
776 $server =~ s%^[^:]+:[^:]+:(ldap.*://[^/]+)/.*$%$1%;
777 $base =~ s%^[^:]+:[^:]+:ldap.*://[^/]+/(.*)$%$1%;
778 push (@ldap_uris, $server);
779 }
781 # Unbind
782 $mesg = $ldap->unbind;
784 # Assemble data package
785 my %data = ( 'ldap_uri' => \@ldap_uris, 'ldap_base' => $base,
786 'ldap_cfg' => \@ldap_cfg, 'pam_cfg' => \@pam_cfg,'nss_cfg' => \@nss_cfg );
788 # Need to append GOto settings?
789 if (defined $goto_admin and defined $goto_secret){
790 $data{'goto_admin'}= $goto_admin;
791 $data{'goto_secret'}= $goto_secret;
792 }
794 # Send information
795 send_msg("new_ldap_config", $server_address, $address, \%data, $hostkey);
797 return;
798 }
801 #=== FUNCTION ================================================================
802 # NAME: execute_actions
803 # PARAMETERS: msg_hash - hash - hash from function create_xml_hash
804 # RETURNS: nothing
805 # DESCRIPTION: invokes the script specified in msg_hash which is located under
806 # /etc/gosad/actions
807 #===============================================================================
808 sub execute_actions {
809 my ($msg_hash) = @_ ;
810 my $configdir= '/etc/gosad/actions/';
811 my $result;
813 my $header = @{$msg_hash->{header}}[0];
814 my $source = @{$msg_hash->{source}}[0];
815 my $target = @{$msg_hash->{target}}[0];
817 if((not defined $source)
818 && (not defined $target)
819 && (not defined $header)) {
820 &main::daemon_log("ERROR: Entries missing in XML msg for gosad actions under /etc/gosad/actions");
821 } else {
822 my $parameters="";
823 my @params = @{$msg_hash->{$header}};
824 my $params = join(", ", @params);
825 &main::daemon_log("execute_actions: got parameters: $params", 5);
827 if (@params) {
828 foreach my $param (@params) {
829 my $param_value = (&get_content_from_xml_hash($msg_hash, $param))[0];
830 &main::daemon_log("execute_actions: parameter -> value: $param -> $param_value", 7);
831 $parameters.= " ".$param_value;
832 }
833 }
835 my $cmd= $configdir.$header."$parameters";
836 &main::daemon_log("execute_actions: executing cmd: $cmd", 7);
837 $result= "";
838 open(PIPE, "$cmd 2>&1 |");
839 while(<PIPE>) {
840 $result.=$_;
841 }
842 close(PIPE);
843 }
845 # process the event result
848 return;
849 }
852 1;