b5fa53c44ab9e1f0bc31c2020e06e7ff4813db30
1 package ServerPackages;
3 use Exporter;
4 @ISA = ("Exporter");
6 # Each module has to have a function 'process_incoming_msg'. This function works as a interface to gosa-sd and recieves the msg hash from gosa-sd. 'process_incoming_function checks, wether it has a function to process the incoming msg and forward the msg to it.
9 use strict;
10 use warnings;
11 use GOSA::GosaSupportDaemon;
12 use IO::Socket::INET;
13 use XML::Simple;
14 use Net::LDAP;
16 BEGIN{}
17 END {}
20 my ($server_activ, $server_port, $server_passwd, $max_clients, $ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password);
21 my ($bus_activ, $bus_passwd, $bus_ip, $bus_port);
22 my $server;
23 my $no_bus;
24 my (@ldap_cfg, @pam_cfg, @nss_cfg);
26 my %cfg_defaults =
27 ("server" =>
28 {"server_activ" => [\$server_activ, "on"],
29 "server_port" => [\$server_port, "20081"],
30 "server_passwd" => [\$server_passwd, ""],
31 "max_clients" => [\$max_clients, 100],
32 "ldap_uri" => [\$ldap_uri, ""],
33 "ldap_base" => [\$ldap_base, ""],
34 "ldap_admin_dn" => [\$ldap_admin_dn, ""],
35 "ldap_admin_password" => [\$ldap_admin_password, ""],
36 },
37 "bus" =>
38 {"bus_activ" => [\$bus_activ, "on"],
39 "bus_passwd" => [\$bus_passwd, ""],
40 "bus_ip" => [\$bus_ip, ""],
41 "bus_port" => [\$bus_port, "20080"],
42 },
43 );
45 ### START #####################################################################
48 # read configfile and import variables
49 &read_configfile();
51 # detect own ip and mac address
52 my ($server_ip, $server_mac_address) = &get_ip_and_mac();
53 if (not defined $server_ip) {
54 die "EXIT: ip address of $0 could not be detected";
55 }
56 &main::daemon_log("server ip address detected: $server_ip", 1);
57 &main::daemon_log("server mac address detected: $server_mac_address", 1);
59 # complete addresses
60 my $server_address = "$server_ip:$server_port";
61 my $bus_address = "$bus_ip:$bus_port";
63 # create general settings for this module
64 my $xml = new XML::Simple();
66 # open server socket
67 if($server_activ eq "on"){
68 &main::daemon_log(" ", 1);
69 $server = IO::Socket::INET->new(LocalPort => $server_port,
70 Type => SOCK_STREAM,
71 Reuse => 1,
72 Listen => 20,
73 );
74 if(not defined $server){
75 &main::daemon_log("cannot be a tcp server at $server_port : $@");
76 } else {
77 &main::daemon_log("start server: $server_address", 1);
78 }
79 }
81 # register at bus
82 if ($main::no_bus > 0) {
83 $bus_activ = "off"
84 }
85 if($bus_activ eq "on") {
86 &main::daemon_log(" ", 1);
87 ®ister_at_bus();
88 }
90 ### functions #################################################################
92 #sub get_module_tags {
93 #
94 # # lese config file aus dort gibt es eine section Basic
95 # # dort stehen drei packettypen, für die sich das modul anmelden kann, gosa-admin-packages,
96 # # server-packages, client-packages
97 # my %tag_hash = (gosa_admin_packages => "yes",
98 # server_packages => "yes",
99 # client_packages => "yes",
100 # );
101 # return \%tag_hash;
102 #}
105 sub get_module_info {
106 my @info = ($server_address,
107 $server_passwd,
108 $server,
109 $server_activ,
110 "socket",
111 );
112 return \@info;
113 }
116 #=== FUNCTION ================================================================
117 # NAME: read_configfile
118 # PARAMETERS: cfg_file - string -
119 # RETURNS: nothing
120 # DESCRIPTION: read cfg_file and set variables
121 #===============================================================================
122 sub read_configfile {
123 my $cfg;
124 if( defined( $main::cfg_file) && ( length($main::cfg_file) > 0 )) {
125 if( -r $main::cfg_file ) {
126 $cfg = Config::IniFiles->new( -file => $main::cfg_file );
127 } else {
128 print STDERR "Couldn't read config file!";
129 }
130 } else {
131 $cfg = Config::IniFiles->new() ;
132 }
133 foreach my $section (keys %cfg_defaults) {
134 foreach my $param (keys %{$cfg_defaults{ $section }}) {
135 my $pinfo = $cfg_defaults{ $section }{ $param };
136 ${@$pinfo[0]} = $cfg->val( $section, $param, @$pinfo[1] );
137 }
138 }
140 # Read non predefined sections
141 my $param;
142 if ($cfg->SectionExists('ldap')){
143 foreach $param ($cfg->Parameters('ldap')){
144 push (@ldap_cfg, "$param ".$cfg->val('ldap', $param));
145 }
146 }
147 if ($cfg->SectionExists('pam_ldap')){
148 foreach $param ($cfg->Parameters('pam_ldap')){
149 push (@pam_cfg, "$param ".$cfg->val('pam_ldap', $param));
150 }
151 }
152 if ($cfg->SectionExists('nss_ldap')){
153 foreach $param ($cfg->Parameters('nss_ldap')){
154 push (@nss_cfg, "$param ".$cfg->val('nss_ldap', $param));
155 }
156 }
158 }
161 #=== FUNCTION ================================================================
162 # NAME: get_ip_and_mac
163 # PARAMETERS: nothing
164 # RETURNS: (ip, mac)
165 # DESCRIPTION: executes /sbin/ifconfig and parses the output, the first occurence
166 # of a inet address is returned as well as the mac address in the line
167 # above the inet address
168 #===============================================================================
169 sub get_ip_and_mac {
170 my $ip = "0.0.0.0.0"; # Defualt-IP
171 my $mac = "00:00:00:00:00:00"; # Default-MAC
172 my @ifconfig = qx(/sbin/ifconfig);
173 foreach(@ifconfig) {
174 if (/Hardware Adresse (\S{2}):(\S{2}):(\S{2}):(\S{2}):(\S{2}):(\S{2})/) {
175 $mac = "$1:$2:$3:$4:$5:$6";
176 next;
177 }
178 if (/inet Adresse:(\d+).(\d+).(\d+).(\d+)/) {
179 $ip = "$1.$2.$3.$4";
180 last;
181 }
182 }
183 return ($ip, $mac);
184 }
187 #=== FUNCTION ================================================================
188 # NAME: open_socket
189 # PARAMETERS: PeerAddr string something like 192.168.1.1 or 192.168.1.1:10000
190 # [PeerPort] string necessary if port not appended by PeerAddr
191 # RETURNS: socket IO::Socket::INET
192 # DESCRIPTION: open a socket to PeerAddr
193 #===============================================================================
194 sub open_socket {
195 my ($PeerAddr, $PeerPort) = @_ ;
196 if(defined($PeerPort)){
197 $PeerAddr = $PeerAddr.":".$PeerPort;
198 }
199 my $socket;
200 $socket = new IO::Socket::INET(PeerAddr => $PeerAddr ,
201 Porto => "tcp" ,
202 Type => SOCK_STREAM,
203 Timeout => 5,
204 );
205 if(not defined $socket) {
206 return;
207 }
208 &main::daemon_log("open_socket to: $PeerAddr", 7);
209 return $socket;
210 }
212 #=== FUNCTION ================================================================
213 # NAME: register_at_bus
214 # PARAMETERS: nothing
215 # RETURNS: nothing
216 # DESCRIPTION: creates an entry in known_daemons and send a 'here_i_am' msg to bus
217 #===============================================================================
218 sub register_at_bus {
220 # create known_daemons entry
221 &main::create_known_daemon($bus_address);
222 &main::add_content2known_daemons(hostname=>$bus_address, status=>"register_at_bus", passwd=>$bus_passwd);
224 my $msg_hash = &create_xml_hash("here_i_am", $server_address, $bus_address);
225 my $answer = "";
226 $answer = &send_msg_hash2address($msg_hash, $bus_address);
227 if ($answer == 0) {
228 &main::daemon_log("register at bus: $bus_address", 1);
229 } else {
230 &main::daemon_log("unable to send 'register'-msg to bus: $bus_address", 1);
231 }
232 return;
233 }
235 #=== FUNCTION ================================================================
236 # NAME: process_incoming_msg
237 # PARAMETERS: crypted_msg - string - incoming crypted message
238 # RETURNS: nothing
239 # DESCRIPTION: handels the proceeded distribution to the appropriated functions
240 #===============================================================================
241 sub process_incoming_msg {
242 my ($crypted_msg) = @_ ;
243 if(not defined $crypted_msg) {
244 &main::daemon_log("function 'process_incoming_msg': got no msg", 7);
245 }
247 $crypted_msg =~ /^([\s\S]*?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)$/;
248 $crypted_msg = $1;
249 my $host = sprintf("%s.%s.%s.%s", $2, $3, $4, $5);
251 # collect addresses from possible incoming clients
252 my @valid_keys;
253 my @host_keys = keys %$main::known_daemons;
254 foreach my $host_key (@host_keys) {
255 if($host_key =~ "^$host") {
256 push(@valid_keys, $host_key);
257 }
258 }
259 my @client_keys = keys %$main::known_clients;
260 foreach my $client_key (@client_keys) {
261 if($client_key =~ "^$host"){
262 push(@valid_keys, $client_key);
263 }
264 }
265 push(@valid_keys, $server_address);
267 my $l = @valid_keys;
268 my $msg_hash;
269 my $msg_flag = 0;
270 my $msg = "";
272 # determine the correct passwd for deciphering of the incoming msgs
273 foreach my $host_key (@valid_keys) {
274 eval{
275 &main::daemon_log("ServerPackage: host_key: $host_key", 7);
276 my $key_passwd;
277 if (exists $main::known_daemons->{$host_key}) {
278 $key_passwd = $main::known_daemons->{$host_key}->{passwd};
279 } elsif (exists $main::known_clients->{$host_key}) {
280 $key_passwd = $main::known_clients->{$host_key}->{passwd};
281 } elsif ($host_key eq $server_address) {
282 $key_passwd = $server_passwd;
283 }
284 &main::daemon_log("ServerPackage: key_passwd: $key_passwd", 7);
285 my $key_cipher = &create_ciphering($key_passwd);
286 $msg = &decrypt_msg($crypted_msg, $key_cipher);
287 &main::daemon_log("ServerPackages: decrypted msg: $msg", 7);
288 $msg_hash = $xml->XMLin($msg, ForceArray=>1);
289 #my $tmp = printf Dumper $msg_hash;
290 #&main::daemon_log("DEBUG: ServerPackages: xml hash: $tmp", 7);
291 };
292 if($@) {
293 &main::daemon_log("ServerPackage: key raise error: $@", 7);
294 $msg_flag += 1;
295 } else {
296 last;
297 }
298 }
300 if($msg_flag >= $l) {
301 &main::daemon_log("WARNING: ServerPackage do not understand the message:", 5);
302 &main::daemon_log("$@", 7);
303 return;
304 }
306 # process incoming msg
307 my $header = @{$msg_hash->{header}}[0];
308 my $source = @{$msg_hash->{source}}[0];
310 &main::daemon_log("recieve '$header' at ServerPackages from $host", 1);
311 # &main::daemon_log("ServerPackages: msg from host:", 5);
312 # &main::daemon_log("\t$host", 5);
313 # &main::daemon_log("ServerPackages: header from msg:", 5);
314 # &main::daemon_log("\t$header", 5);
315 &main::daemon_log("ServerPackages: msg to process:", 5);
316 &main::daemon_log("\t$msg", 5);
318 my @targets = @{$msg_hash->{target}};
319 my $len_targets = @targets;
320 if ($len_targets == 0){
321 &main::daemon_log("ERROR: ServerPackages: no target specified for msg $header", 1);
323 } elsif ($len_targets == 1){
324 # we have only one target symbol
326 my $target = $targets[0];
327 &main::daemon_log("SeverPackages: msg is for:", 7);
328 &main::daemon_log("\t$target", 7);
330 if ($target eq $server_address) {
331 # msg is for server
332 if ($header eq 'new_passwd'){ &new_passwd($msg_hash)}
333 elsif ($header eq 'here_i_am') { &here_i_am($msg_hash)}
334 elsif ($header eq 'who_has') { &who_has($msg_hash) }
335 elsif ($header eq 'who_has_i_do') { &who_has_i_do($msg_hash)}
336 elsif ($header eq 'update_status') { &update_status($msg_hash) }
337 elsif ($header eq 'got_ping') { &got_ping($msg_hash)}
338 elsif ($header eq 'get_load') { &execute_actions($msg_hash)}
339 else { &main::daemon_log("ERROR: ServerPackages: no function assigned to this msg", 5) }
342 } elsif ($target eq "*") {
343 # msg is for all clients
345 my @target_addresses = keys(%$main::known_clients);
346 foreach my $target_address (@target_addresses) {
347 if ($target_address eq $source) { next; }
348 $msg_hash->{target} = [$target_address];
349 &send_msg_hash2address($msg_hash, $target_address);
350 }
351 } else {
352 # msg is for one host
354 if (exists $main::known_clients->{$target}) {
355 &send_msg_hash2address($msg_hash, $target);
356 } elsif (exists $main::known_daemons->{$target}) {
357 # target is known
358 &send_msg_hash2address($msg_hash, $target);
359 } else {
360 # target is not known
361 &main::daemon_log("ERROR: ServerPackages: target $target is not known neither in known_clients nor in known_daemons", 1);
362 }
363 }
364 }
366 return ;
367 }
370 #=== FUNCTION ================================================================
371 # NAME: got_ping
372 # PARAMETERS: msg_hash - hash - hash from function create_xml_hash
373 # RETURNS: nothing
374 # DESCRIPTION: process this incoming message
375 #===============================================================================
376 sub got_ping {
377 my ($msg_hash) = @_;
379 my $source = @{$msg_hash->{source}}[0];
380 my $target = @{$msg_hash->{target}}[0];
381 my $header = @{$msg_hash->{header}}[0];
383 if(exists $main::known_daemons->{$source}) {
384 &main::add_content2known_daemons(hostname=>$source, status=>$header);
385 } else {
386 &main::add_content2known_clients(hostname=>$source, status=>$header);
387 }
389 return;
390 }
393 #=== FUNCTION ================================================================
394 # NAME: new_passwd
395 # PARAMETERS: msg_hash - ref - hash from function create_xml_hash
396 # RETURNS: nothing
397 # DESCRIPTION: process this incoming message
398 #===============================================================================
399 sub new_passwd {
400 my ($msg_hash) = @_;
402 my $source = @{$msg_hash->{source}}[0];
403 my $passwd = @{$msg_hash->{new_passwd}}[0];
405 if (exists $main::known_daemons->{$source}) {
406 &main::add_content2known_daemons(hostname=>$source, status=>"new_passwd", passwd=>$passwd);
407 my $hash = &create_xml_hash("confirm_new_passwd", $server_address, $source);
408 &send_msg_hash2address($hash, $source);
410 } elsif (exists $main::known_clients->{$source}) {
411 &main::add_content2known_clients(hostname=>$source, status=>"new_passwd", passwd=>$passwd);
413 } else {
414 &main::daemon_log("ERROR: $source not known, neither in known_daemons nor in known_clients", 1)
415 }
417 return;
418 }
421 #=== FUNCTION ================================================================
422 # NAME: here_i_am
423 # PARAMETERS: msg_hash - hash - hash from function create_xml_hash
424 # RETURNS: nothing
425 # DESCRIPTION: process this incoming message
426 #===============================================================================
427 sub here_i_am {
428 my ($msg_hash) = @_;
430 my $source = @{$msg_hash->{source}}[0];
431 my $mac_address = @{$msg_hash->{mac_address}}[0];
432 my $out_hash;
434 # number of known clients
435 my $nu_clients = keys %$main::known_clients;
437 # check wether client address or mac address is already known
438 if (exists $main::known_clients->{$source}) {
439 &main::daemon_log("WARNING: $source is already known as a client", 1);
440 &main::daemon_log("WARNING: values for $source are being overwritten", 1);
441 $nu_clients --;
442 }
444 # number of actual activ clients
445 my $act_nu_clients = $nu_clients;
447 &main::daemon_log("number of actual activ clients: $act_nu_clients", 5);
448 &main::daemon_log("number of maximal allowed clients: $max_clients", 5);
450 if($max_clients <= $act_nu_clients) {
451 my $out_hash = &create_xml_hash("denied", $server_address, $source);
452 &add_content2xml_hash($out_hash, "denied", "I_cannot_take_any_more_clients!");
453 my $passwd = @{$msg_hash->{new_passwd}}[0];
454 &send_msg_hash2address($out_hash, $source, $passwd);
455 return;
456 }
458 # new client accepted
459 my $new_passwd = @{$msg_hash->{new_passwd}}[0];
461 # create known_daemons entry
462 my $events = @{$msg_hash->{events}}[0];
463 &main::create_known_client($source);
464 &main::add_content2known_clients(hostname=>$source, events=>$events, mac_address=>$mac_address,
465 status=>"registered", passwd=>$new_passwd);
467 # return acknowledgement to client
468 $out_hash = &create_xml_hash("registered", $server_address, $source);
469 &send_msg_hash2address($out_hash, $source);
471 # notify registered client to bus
472 $out_hash = &create_xml_hash("new_client", $server_address, $bus_address, $source);
473 #&main::send_msg_hash2bus($out_hash);
474 &send_msg_hash2address($out_hash, $bus_address);
476 # give the new client his ldap config
477 &new_ldap_config($source);
479 return;
480 }
483 #=== FUNCTION ================================================================
484 # NAME: who_has
485 # PARAMETERS: msg_hash - hash - hash from function create_xml_hash
486 # RETURNS: nothing
487 # DESCRIPTION: process this incoming message
488 #===============================================================================
489 sub who_has {
490 my ($msg_hash) = @_ ;
492 # what is your search pattern
493 my $search_pattern = @{$msg_hash->{who_has}}[0];
494 my $search_element = @{$msg_hash->{$search_pattern}}[0];
495 &main::daemon_log("who_has-msg looking for $search_pattern $search_element", 7);
497 # scanning known_clients for search_pattern
498 my @host_addresses = keys %$main::known_clients;
499 my $known_clients_entries = length @host_addresses;
500 my $host_address;
501 foreach my $host (@host_addresses) {
502 my $client_element = $main::known_clients->{$host}->{$search_pattern};
503 if ($search_element eq $client_element) {
504 $host_address = $host;
505 last;
506 }
507 }
509 # search was successful
510 if (defined $host_address) {
511 my $source = @{$msg_hash->{source}}[0];
512 my $out_msg = &create_xml_hash("who_has_i_do", $server_address, $source, "mac_address");
513 &add_content2xml_hash($out_msg, "mac_address", $search_element);
514 &send_msg_hash2address($out_msg, $bus_address);
515 }
516 return;
517 }
520 sub who_has_i_do {
521 my ($msg_hash) = @_ ;
522 my $header = @{$msg_hash->{header}}[0];
523 my $source = @{$msg_hash->{source}}[0];
524 my $search_param = @{$msg_hash->{$header}}[0];
525 my $search_value = @{$msg_hash->{$search_param}}[0];
526 print "\ngot msg $header:\nserver $source has client with $search_param $search_value\n";
527 }
530 #=== FUNCTION ================================================================
531 # NAME: new_ldap_config
532 # PARAMETERS: address - string - ip address and port of a host
533 # RETURNS: nothing
534 # DESCRIPTION: send to address the ldap configuration found for dn gotoLdapServer
535 #===============================================================================
536 sub new_ldap_config {
537 my ($address) = @_ ;
539 if (not exists $main::known_clients->{$address}) {
540 &main::daemon_log("ERROR: $address does not exist in known_clients, cannot send him his ldap config", 1);
541 return;
542 }
544 my $mac_address = $main::known_clients->{$address}->{"mac_address"};
545 if (not defined $mac_address) {
546 &main::daemon_log("ERROR: no mac address found for client $address", 1);
547 return;
548 }
550 # Build LDAP connection
551 my $ldap;
552 $ldap= Net::LDAP->new($ldap_uri);
554 # Bind to a directory with dn and password
555 my $mesg= $ldap->bind($ldap_admin_dn, $ldap_admin_password);
557 # Perform search
558 $mesg = $ldap->search( base => $ldap_base,
559 scope => 'sub',
560 attrs => ['dn', 'gotoLdapServer'],
561 filter => "(&(objectClass=GOhard)(macaddress=$mac_address))");
562 $mesg->code && die $mesg->error;
564 # Sanity check
565 if ($mesg->count != 1) {
566 &main::daemon_log("WARNING: client mac address $mac_address not found/not unique", 1);
567 return;
568 }
570 my $entry= $mesg->entry(0);
571 my $dn= $entry->dn;
572 my @servers= $entry->get_value("gotoLdapServer");
573 my @ldap_uris;
574 my $server;
575 my $base;
577 # Do we need to look at an object class?
578 if ($#servers < 1){
579 $mesg = $ldap->search( base => $ldap_base,
580 scope => 'sub',
581 attrs => ['dn', 'gotoLdapServer'],
582 filter => "(&(objectClass=gosaGroupOfNames)(member=$dn))");
583 $mesg->code && die $mesg->error;
585 # Sanity check
586 if ($mesg->count != 1) {
587 &main::daemon_log("WARNING: no LDAP information found for client mac $mac_address", 1);
588 return;
589 }
591 $entry= $mesg->entry(0);
592 $dn= $entry->dn;
593 @servers= $entry->get_value("gotoLdapServer");
594 }
596 @servers= sort (@servers);
598 foreach $server (@servers){
599 $base= $server;
600 $server =~ s%^[^:]+:[^:]+:(ldap.*://[^/]+)/.*$%$1%;
601 $base =~ s%^[^:]+:[^:]+:ldap.*://[^/]+/(.*)$%$1%;
602 push (@ldap_uris, $server);
603 }
605 # Unbind
606 $mesg = $ldap->unbind;
608 # Send information
609 my %data = ( 'ldap_uri' => \@ldap_uris, 'ldap_base' => $base,
610 'ldap_cfg' => \@ldap_cfg, 'pam_cfg' => \@pam_cfg,'nss_cfg' => \@nss_cfg );
611 send_msg("new_ldap_config", $server_address, $address, \%data);
613 return;
614 }
617 #=== FUNCTION ================================================================
618 # NAME: execute_actions
619 # PARAMETERS: msg_hash - hash - hash from function create_xml_hash
620 # RETURNS: nothing
621 # DESCRIPTION: invokes the script specified in msg_hash which is located under
622 # /etc/gosad/actions
623 #===============================================================================
624 sub execute_actions {
625 my ($msg_hash) = @_ ;
626 my $configdir= '/etc/gosad/actions/';
627 my $result;
629 my $header = @{$msg_hash->{header}}[0];
630 my $source = @{$msg_hash->{source}}[0];
631 my $target = @{$msg_hash->{target}}[0];
633 if((not defined $source)
634 && (not defined $target)
635 && (not defined $header)) {
636 &main::daemon_log("ERROR: Entries missing in XML msg for gosad actions under /etc/gosad/actions");
637 } else {
638 my $parameters="";
639 my @params = @{$msg_hash->{$header}};
640 my $params = join(", ", @params);
641 &main::daemon_log("execute_actions: got parameters: $params", 5);
643 if (@params) {
644 foreach my $param (@params) {
645 my $param_value = (&get_content_from_xml_hash($msg_hash, $param))[0];
646 &main::daemon_log("execute_actions: parameter -> value: $param -> $param_value", 7);
647 $parameters.= " ".$param_value;
648 }
649 }
651 my $cmd= $configdir.$header."$parameters";
652 &main::daemon_log("execute_actions: executing cmd: $cmd", 7);
653 $result= "";
654 open(PIPE, "$cmd 2>&1 |");
655 while(<PIPE>) {
656 $result.=$_;
657 }
658 close(PIPE);
659 }
661 # process the event result
664 return;
665 }
668 1;