1 package ServerPackages;
3 use Exporter;
4 @ISA = ("Exporter");
6 # Each module has to have a function 'process_incoming_msg'. This function works as a interface to gosa-sd and receives the msg hash from gosa-sd. 'process_incoming_function checks, wether it has a function to process the incoming msg and forward the msg to it.
9 use strict;
10 use warnings;
11 use GOSA::GosaSupportDaemon;
12 use IO::Socket::INET;
13 use XML::Simple;
14 use Data::Dumper;
15 use Net::LDAP;
16 use Socket qw/PF_INET SOCK_DGRAM inet_ntoa sockaddr_in/;
18 BEGIN{}
19 END {}
21 my ($known_clients_file_name);
22 my ($server_activ, $server_ip, $server_mac_address, $server_port, $server_passwd, $max_clients, $ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password);
23 my ($bus_activ, $bus_passwd, $bus_ip, $bus_port);
24 my $server;
25 my $network_interface;
26 my $no_bus;
27 my (@ldap_cfg, @pam_cfg, @nss_cfg, $goto_admin, $goto_secret);
30 my %cfg_defaults =
31 (
32 "server" =>
33 {"server_activ" => [\$server_activ, "on"],
34 "server_ip" => [\$server_ip, "0.0.0.0"],
35 "server_mac_address" => [\$server_mac_address, ""],
36 "server_port" => [\$server_port, "20081"],
37 "server_passwd" => [\$server_passwd, ""],
38 "max_clients" => [\$max_clients, 100],
39 "ldap_uri" => [\$ldap_uri, ""],
40 "ldap_base" => [\$ldap_base, ""],
41 "ldap_admin_dn" => [\$ldap_admin_dn, ""],
42 "ldap_admin_password" => [\$ldap_admin_password, ""],
43 },
44 "bus" =>
45 {"bus_activ" => [\$bus_activ, "on"],
46 "bus_passwd" => [\$bus_passwd, ""],
47 "bus_ip" => [\$bus_ip, ""],
48 "bus_port" => [\$bus_port, "20080"],
49 },
50 );
52 ### START #####################################################################
54 # read configfile and import variables
55 &read_configfile();
57 # detect interfaces and mac address
58 $network_interface= &get_interface_for_ip($server_ip);
59 $server_mac_address= &get_mac($network_interface);
61 # complete addresses
62 my $server_address = "$server_ip:$server_port";
63 my $bus_address = "$bus_ip:$bus_port";
65 # create general settings for this module
66 my $xml = new XML::Simple();
68 # register at bus
69 if ($main::no_bus > 0) {
70 $bus_activ = "off"
71 }
72 if($bus_activ eq "on") {
73 ®ister_at_bus();
74 }
76 ### functions #################################################################
79 sub get_module_info {
80 my @info = ($server_address,
81 $server_passwd,
82 $server,
83 $server_activ,
84 "socket",
85 );
86 return \@info;
87 }
90 #=== FUNCTION ================================================================
91 # NAME: read_configfile
92 # PARAMETERS: cfg_file - string -
93 # RETURNS: nothing
94 # DESCRIPTION: read cfg_file and set variables
95 #===============================================================================
96 sub read_configfile {
97 my $cfg;
98 if( defined( $main::cfg_file) && ( length($main::cfg_file) > 0 )) {
99 if( -r $main::cfg_file ) {
100 $cfg = Config::IniFiles->new( -file => $main::cfg_file );
101 } else {
102 print STDERR "Couldn't read config file!";
103 }
104 } else {
105 $cfg = Config::IniFiles->new() ;
106 }
107 foreach my $section (keys %cfg_defaults) {
108 foreach my $param (keys %{$cfg_defaults{ $section }}) {
109 my $pinfo = $cfg_defaults{ $section }{ $param };
110 ${@$pinfo[0]} = $cfg->val( $section, $param, @$pinfo[1] );
111 }
112 }
114 # Read non predefined sections
115 my $param;
116 if ($cfg->SectionExists('ldap')){
117 foreach $param ($cfg->Parameters('ldap')){
118 push (@ldap_cfg, "$param ".$cfg->val('ldap', $param));
119 }
120 }
121 if ($cfg->SectionExists('pam_ldap')){
122 foreach $param ($cfg->Parameters('pam_ldap')){
123 push (@pam_cfg, "$param ".$cfg->val('pam_ldap', $param));
124 }
125 }
126 if ($cfg->SectionExists('nss_ldap')){
127 foreach $param ($cfg->Parameters('nss_ldap')){
128 push (@nss_cfg, "$param ".$cfg->val('nss_ldap', $param));
129 }
130 }
131 if ($cfg->SectionExists('goto')){
132 $goto_admin= $cfg->val('goto', 'terminal_admin');
133 $goto_secret= $cfg->val('goto', 'terminal_secret');
134 } else {
135 $goto_admin= undef;
136 $goto_secret= undef;
137 }
139 }
141 #=== FUNCTION ================================================================
142 # NAME: get_interface_for_ip
143 # PARAMETERS: ip address (i.e. 192.168.0.1)
144 # RETURNS: array: list of interfaces if ip=0.0.0.0, matching interface if found, undef else
145 # DESCRIPTION: Uses proc fs (/proc/net/dev) to get list of interfaces.
146 #===============================================================================
147 sub get_interface_for_ip {
148 my $result;
149 my $ip= shift;
150 if ($ip && length($ip) > 0) {
151 my @ifs= &get_interfaces();
152 if($ip eq "0.0.0.0") {
153 $result = "all";
154 } else {
155 foreach (@ifs) {
156 my $if=$_;
157 if(get_ip($if) eq $ip) {
158 $result = $if;
159 }
160 }
161 }
162 }
163 return $result;
164 }
166 #=== FUNCTION ================================================================
167 # NAME: get_interfaces
168 # PARAMETERS: none
169 # RETURNS: (list of interfaces)
170 # DESCRIPTION: Uses proc fs (/proc/net/dev) to get list of interfaces.
171 #===============================================================================
172 sub get_interfaces {
173 my @result;
174 my $PROC_NET_DEV= ('/proc/net/dev');
176 open(PROC_NET_DEV, "<$PROC_NET_DEV")
177 or die "Could not open $PROC_NET_DEV";
179 my @ifs = <PROC_NET_DEV>;
181 close(PROC_NET_DEV);
183 # Eat first two line
184 shift @ifs;
185 shift @ifs;
187 chomp @ifs;
188 foreach my $line(@ifs) {
189 my $if= (split /:/, $line)[0];
190 $if =~ s/^\s+//;
191 push @result, $if;
192 }
194 return @result;
195 }
197 #=== FUNCTION ================================================================
198 # NAME: get_mac
199 # PARAMETERS: interface name (i.e. eth0)
200 # RETURNS: (mac address)
201 # DESCRIPTION: Uses ioctl to get mac address directly from system.
202 #===============================================================================
203 sub get_mac {
204 my $ifreq= shift;
205 my $result;
206 if ($ifreq && length($ifreq) > 0) {
207 if($ifreq eq "all") {
208 $result = "00:00:00:00:00:00";
209 } else {
210 my $SIOCGIFHWADDR= 0x8927; # man 2 ioctl_list
212 # A configured MAC Address should always override a guessed value
213 if ($server_mac_address and length($server_mac_address) > 0) {
214 $result= $server_mac_address;
215 }
217 socket SOCKET, PF_INET, SOCK_DGRAM, getprotobyname('ip')
218 or die "socket: $!";
220 if(ioctl SOCKET, $SIOCGIFHWADDR, $ifreq) {
221 my ($if, $mac)= unpack 'h36 H12', $ifreq;
223 if (length($mac) > 0) {
224 $mac=~ m/^([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])$/;
225 $mac= sprintf("%s:%s:%s:%s:%s:%s", $1, $2, $3, $4, $5, $6);
226 $result = $mac;
227 }
228 }
229 }
230 }
231 return $result;
232 }
234 #=== FUNCTION ================================================================
235 # NAME: get_ip
236 # PARAMETERS: interface name (i.e. eth0)
237 # RETURNS: (ip address)
238 # DESCRIPTION: Uses ioctl to get ip address directly from system.
239 #===============================================================================
240 sub get_ip {
241 my $ifreq= shift;
242 my $result= "";
243 my $SIOCGIFADDR= 0x8915; # man 2 ioctl_list
244 my $proto= getprotobyname('ip');
246 socket SOCKET, PF_INET, SOCK_DGRAM, $proto
247 or die "socket: $!";
249 if(ioctl SOCKET, $SIOCGIFADDR, $ifreq) {
250 my ($if, $sin) = unpack 'a16 a16', $ifreq;
251 my ($port, $addr) = sockaddr_in $sin;
252 my $ip = inet_ntoa $addr;
254 if ($ip && length($ip) > 0) {
255 $result = $ip;
256 }
257 }
259 return $result;
260 }
262 #=== FUNCTION ================================================================
263 # NAME: open_socket
264 # PARAMETERS: PeerAddr string something like 192.168.1.1 or 192.168.1.1:10000
265 # [PeerPort] string necessary if port not appended by PeerAddr
266 # RETURNS: socket IO::Socket::INET
267 # DESCRIPTION: open a socket to PeerAddr
268 #===============================================================================
269 #sub open_socket {
270 # my ($PeerAddr, $PeerPort) = @_ ;
271 # if(defined($PeerPort)){
272 # $PeerAddr = $PeerAddr.":".$PeerPort;
273 # }
274 # my $socket;
275 # $socket = new IO::Socket::INET(PeerAddr => $PeerAddr ,
276 # Porto => "tcp" ,
277 # Type => SOCK_STREAM,
278 # Timeout => 5,
279 # );
280 # if(not defined $socket) {
281 # return;
282 # }
283 # &main::daemon_log("open_socket to: $PeerAddr", 7);
284 # return $socket;
285 #}
287 #=== FUNCTION ================================================================
288 # NAME: register_at_bus
289 # PARAMETERS: nothing
290 # RETURNS: nothing
291 # DESCRIPTION: creates an entry in known_daemons and send a 'here_i_am' msg to bus
292 #===============================================================================
293 sub register_at_bus {
297 print STDERR ">>>>>>>>>>>>>>>>>>>>>>>>1\n";
299 # add bus to known_server_db
300 my $res = $main::known_server_db->add_dbentry( {table=>'known_server',
301 primkey=>'hostname',
302 hostname=>$bus_address,
303 status=>'bus',
304 hostkey=>$bus_passwd,
305 timestamp=>&get_time,
306 } );
307 print STDERR ">>>>>>>>>>>>>>>>>>>>>>>>2\n";
308 my $msg_hash = &create_xml_hash("here_i_am", $server_address, $bus_address);
309 my $answer = "";
310 $answer = &send_msg_hash2address($msg_hash, $bus_address, $bus_passwd);
311 if ($answer == 0) {
312 &main::daemon_log("register at bus: $bus_address", 1);
313 } else {
314 &main::daemon_log("unable to send 'register'-msg to bus '$bus_address': $answer", 1);
315 }
316 return;
317 }
319 #=== FUNCTION ================================================================
320 # NAME: process_incoming_msg
321 # PARAMETERS: crypted_msg - string - incoming crypted message
322 # RETURNS: nothing
323 # DESCRIPTION: handels the proceeded distribution to the appropriated functions
324 #===============================================================================
325 sub process_incoming_msg {
326 my ($crypted_msg) = @_ ;
327 if(not defined $crypted_msg) {
328 &main::daemon_log("function 'process_incoming_msg': got no msg", 7);
329 }
331 &main::daemon_log("ServerPackages: incoming msg: \n$crypted_msg", 8);
333 $crypted_msg =~ /^([\s\S]*?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)$/;
334 $crypted_msg = $1;
335 my $host="0.0.0.0";
336 if($1 && $2 && $3 && $4) {
337 $host = sprintf("%s.%s.%s.%s", $2, $3, $4, $5);
338 }
340 my $msg;
341 my $msg_hash;
342 my $host_name;
343 my $host_key;
345 # check wether incoming msg is a new msg
346 $host_name = $server_address;
347 $host_key = $server_passwd;
348 &main::daemon_log("ServerPackage: host_name: $host_name", 7);
349 &main::daemon_log("ServerPackage: host_key: $host_key", 7);
350 eval{
351 my $key_cipher = &create_ciphering($host_key);
352 $msg = &decrypt_msg($crypted_msg, $key_cipher);
353 $msg_hash = &transform_msg2hash($msg);
354 };
355 if($@) {
356 &main::daemon_log("ServerPackage: deciphering raise error", 7);
357 &main::daemon_log("$@", 8);
358 $msg = undef;
359 $msg_hash = undef;
360 $host_name = undef;
361 $host_key = undef;
362 }
364 # check wether incoming msg is from a known_server
365 if( not defined $msg ) {
366 #my $query_res = $main::known_server_db->select_dbentry( {table=>'known_server'} );
367 my $sql_statement= "SELECT * FROM known_server";
368 my $query_res = $main::known_server_db->select_dbentry( $sql_statement );
369 while( my ($hit_num, $hit) = each %{ $query_res } ) {
370 $host_name = $hit->{hostname};
371 if( not $host_name =~ "^$host") {
372 next;
373 }
374 $host_key = $hit->{hostkey};
375 &main::daemon_log("ServerPackage: host_name: $host_name", 7);
376 &main::daemon_log("ServerPackage: host_key: $host_key", 7);
377 eval{
378 my $key_cipher = &create_ciphering($host_key);
379 $msg = &decrypt_msg($crypted_msg, $key_cipher);
380 $msg_hash = &transform_msg2hash($msg);
381 };
382 if($@) {
383 &main::daemon_log("ServerPackage: deciphering raise error", 7);
384 &main::daemon_log("$@", 8);
385 $msg = undef;
386 $msg_hash = undef;
387 $host_name = undef;
388 $host_key = undef;
389 } else {
390 last;
391 }
392 }
393 }
395 # check wether incoming msg is from a known_client
396 if( not defined $msg ) {
397 #my $query_res = $main::known_clients_db->select_dbentry( {table=>'known_clients'} );
398 my $sql_statement= "SELECT * FROM known_clients";
399 my $query_res = $main::known_clients_db->select_dbentry( $sql_statement );
400 while( my ($hit_num, $hit) = each %{ $query_res } ) {
401 $host_name = $hit->{hostname};
402 if( not $host_name =~ "^$host") {
403 next;
404 }
405 $host_key = $hit->{hostkey};
406 &main::daemon_log("ServerPackage: host_name: $host_name", 7);
407 &main::daemon_log("ServerPackage: host_key: $host_key", 7);
408 eval{
409 my $key_cipher = &create_ciphering($host_key);
410 $msg = &decrypt_msg($crypted_msg, $key_cipher);
411 $msg_hash = &transform_msg2hash($msg);
412 };
413 if($@) {
414 &main::daemon_log("ServerPackage: deciphering raise error", 7);
415 &main::daemon_log("$@", 8);
416 $msg = undef;
417 $msg_hash = undef;
418 $host_name = undef;
419 $host_key = undef;
420 } else {
421 last;
422 }
423 }
424 }
426 if( not defined $msg ) {
427 &main::daemon_log("WARNING: ServerPackage do not understand the message:", 5);
428 &main::daemon_log("$@", 8);
429 return;
430 }
432 # process incoming msg
433 my $header = @{$msg_hash->{header}}[0];
434 my $source = @{$msg_hash->{source}}[0];
436 &main::daemon_log("receive '$header' at ServerPackages from $host", 1);
437 &main::daemon_log("ServerPackages: msg to process: \n$msg", 5);
439 my @targets = @{$msg_hash->{target}};
440 my $len_targets = @targets;
441 if ($len_targets == 0){
442 &main::daemon_log("ERROR: ServerPackages: no target specified for msg $header", 1);
444 } elsif ($len_targets == 1){
445 # we have only one target symbol
446 my $target = $targets[0];
447 &main::daemon_log("SeverPackages: msg is for: $target", 7);
449 # msg is for server
450 if ($header eq 'new_passwd'){ &new_passwd($msg_hash)}
451 elsif ($header eq 'here_i_am') { &here_i_am($msg_hash)}
452 elsif ($header eq 'who_has') { &who_has($msg_hash) }
453 elsif ($header eq 'who_has_i_do') { &who_has_i_do($msg_hash)}
454 elsif ($header eq 'update_status') { &update_status($msg_hash) }
455 elsif ($header eq 'got_ping') { &got_ping($msg_hash)}
456 elsif ($header eq 'get_load') { &execute_actions($msg_hash)}
457 else {
458 if ($target eq "*") {
459 # msg is for all clients
460 my $sql_statement = "SELECT * FROM known_clients";
461 my $query_res = $main::known_clients_db->select_dbentry( $sql_statement );
462 while( my ($hit_num, $hit) = each %{ $query_res } ) {
463 $host_name = $hit->{hostname};
464 $host_key = $hit->{hostkey};
465 $msg_hash->{target} = [$host_name];
466 &send_msg_hash2address($msg_hash, $host_name, $host_key);
467 }
469 } else {
470 # msg is for one host
471 my $host_key;
474 if( not defined $host_key ) {
475 my $sql_statement = "SELECT * FROM known_clients WHERE hostname='$target'";
476 my $query_res = $main::known_clients_db->select_dbentry( $sql_statement );
477 if( 1 == keys %{$query_res} ) {
478 $host_key = $query_res->{1}->{host_key};
479 }
480 }
482 if( not defined $host_key ) {
483 my $sql_statement = "SELECT * FROM known_server WHERE hostname='$target'";
484 my $query_res = $main::known_server_db->select_dbentry( $sql_statement );
485 if( 1 == keys %{$query_res} ) {
486 $host_key = $query_res->{1}->{host_key};
487 }
488 }
490 if( not defined $host_key ) {
491 &main::daemon_log("ERROR: ServerPackages: target '".$target.
492 "' is not known neither in known_clients nor in known_server",1);
493 } else {
494 &send_msg_hash2address($msg_hash, $target, $host_key);
495 }
496 }
497 }
499 } elsif ($len_targets > 1 ) {
500 # we have more than one target
501 # TODO to be implemented
502 }
504 return ;
505 }
508 #=== FUNCTION ================================================================
509 # NAME: got_ping
510 # PARAMETERS: msg_hash - hash - hash from function create_xml_hash
511 # RETURNS: nothing
512 # DESCRIPTION: process this incoming message
513 #===============================================================================
514 sub got_ping {
515 my ($msg_hash) = @_;
517 my $source = @{$msg_hash->{source}}[0];
518 my $target = @{$msg_hash->{target}}[0];
519 my $header = @{$msg_hash->{header}}[0];
521 if(exists $main::known_daemons->{$source}) {
522 &main::add_content2known_daemons(hostname=>$source, status=>$header);
523 } else {
524 &main::add_content2known_clients(hostname=>$source, status=>$header);
525 }
527 return;
528 }
531 #=== FUNCTION ================================================================
532 # NAME: new_passwd
533 # PARAMETERS: msg_hash - ref - hash from function create_xml_hash
534 # RETURNS: nothing
535 # DESCRIPTION: process this incoming message
536 #===============================================================================
537 sub new_passwd {
538 my ($msg_hash) = @_;
540 my $header = @{$msg_hash->{header}}[0];
541 my $source_name = @{$msg_hash->{source}}[0];
542 my $source_key = @{$msg_hash->{new_passwd}}[0];
543 my $query_res;
545 # check known_clients_db
546 my $sql_statement = "SELECT * FROM known_clients WHERE hostname='$source_name'";
547 $query_res = $main::known_clients_db->select_dbentry( $sql_statement );
548 if( 1 == keys %{$query_res} ) {
549 my $update_hash = { table=>'known_clients' };
550 $update_hash->{where} = [ { hostname=>[$source_name] } ];
551 $update_hash->{update} = [ {
552 hostkey=>[$source_key],
553 timestamp=>[&get_time],
554 } ];
555 my $res = $main::known_clients_db->update_dbentry( $update_hash );
557 my $hash = &create_xml_hash("confirm_new_passwd", $server_address, $source_name);
558 &send_msg_hash2address($hash, $source_name, $source_key);
559 return;
560 }
562 # check known_server_db
563 $query_res = $main::known_server_db->select_dbentry( {table=>'known_server', hostname=>$source_name } );
564 if( 1 == keys %{$query_res} ) {
565 my $update_hash = { table=>'known_server' };
566 $update_hash->{where} = [ { hostname=>[$source_name] } ];
567 $update_hash->{update} = [ {
568 hostkey=>[$source_key],
569 timestamp=>[&get_time],
570 } ];
571 my $res = $main::known_server_db->update_dbentry( $update_hash );
573 my $hash = &create_xml_hash("confirm_new_passwd", $server_address, $source_name);
574 &send_msg_hash2address($hash, $source_name, $source_key);
575 return;
576 }
578 &main::daemon_log("ERROR: $source_name not known for '$header'-msg", 1);
579 return;
580 }
583 sub send_msg_hash {
584 my ($hash, $host_name, $host_key);
587 my $answer = &send_msg_hash2address($hash, $host_name, $host_key);
589 return;
590 }
593 #=== FUNCTION ================================================================
594 # NAME: here_i_am
595 # PARAMETERS: msg_hash - hash - hash from function create_xml_hash
596 # RETURNS: nothing
597 # DESCRIPTION: process this incoming message
598 #===============================================================================
599 sub here_i_am {
600 my ($msg_hash) = @_;
602 my $source = @{$msg_hash->{source}}[0];
603 my $mac_address = @{$msg_hash->{mac_address}}[0];
604 my $out_hash;
606 # number of known clients
607 my $nu_clients = keys %{ $main::known_clients_db->select_dbentry( {table=>'known_clients'} ) };
609 # check wether client address or mac address is already known
610 if (exists $main::known_clients->{$source}) {
611 &main::daemon_log("WARNING: $source is already known as a client", 1);
612 &main::daemon_log("WARNING: values for $source are being overwritten", 1);
613 $nu_clients --;
614 }
616 # number of actual activ clients
617 my $act_nu_clients = $nu_clients;
619 &main::daemon_log("number of actual activ clients: $act_nu_clients", 5);
620 &main::daemon_log("number of maximal allowed clients: $max_clients", 5);
622 if($max_clients <= $act_nu_clients) {
623 my $out_hash = &create_xml_hash("denied", $server_address, $source);
624 &add_content2xml_hash($out_hash, "denied", "I_cannot_take_any_more_clients!");
625 my $passwd = @{$msg_hash->{new_passwd}}[0];
626 &send_msg_hash2address($out_hash, $source, $passwd);
627 return;
628 }
630 # new client accepted
631 my $new_passwd = @{$msg_hash->{new_passwd}}[0];
633 # create entry in known_clients
634 my $events = @{$msg_hash->{events}}[0];
636 # add entry to known_clients_db
637 my $res = $main::known_clients_db->add_dbentry( {table=>'known_clients',
638 primkey=>'hostname',
639 hostname=>$source,
640 events=>$events,
641 macaddress=>$mac_address,
642 status=>'registered',
643 hostkey=>$new_passwd,
644 timestamp=>&get_time,
645 } );
647 if ($res != 0) {
648 &main::daemon_log("ERROR: cannot add entry to known_clients: $res");
649 return;
650 }
652 # return acknowledgement to client
653 $out_hash = &create_xml_hash("registered", $server_address, $source);
654 &send_msg_hash2address($out_hash, $source, $new_passwd);
656 # notify registered client to bus
657 if( $bus_activ eq "on") {
658 # fetch actual bus key
659 my $query_res = $main::known_server_db->select_dbentry( {table=>'known_server'} );
660 my $hostkey = $query_res->{1}->{hostkey};
662 # send update msg to bus
663 $out_hash = &create_xml_hash("new_client", $server_address, $bus_address, $source);
664 &send_msg_hash2address($out_hash, $bus_address, $hostkey);
666 &main::daemon_log("send bus msg that client '$source' has registerd at server '$server_address'", 3);
667 }
669 # give the new client his ldap config
670 &new_ldap_config($source);
672 return;
673 }
676 #=== FUNCTION ================================================================
677 # NAME: who_has
678 # PARAMETERS: msg_hash - hash - hash from function create_xml_hash
679 # RETURNS: nothing
680 # DESCRIPTION: process this incoming message
681 #===============================================================================
682 sub who_has {
683 my ($msg_hash) = @_ ;
685 # what is your search pattern
686 my $search_pattern = @{$msg_hash->{who_has}}[0];
687 my $search_element = @{$msg_hash->{$search_pattern}}[0];
688 &main::daemon_log("who_has-msg looking for $search_pattern $search_element", 7);
690 # scanning known_clients for search_pattern
691 my @host_addresses = keys %$main::known_clients;
692 my $known_clients_entries = length @host_addresses;
693 my $host_address;
694 foreach my $host (@host_addresses) {
695 my $client_element = $main::known_clients->{$host}->{$search_pattern};
696 if ($search_element eq $client_element) {
697 $host_address = $host;
698 last;
699 }
700 }
702 # search was successful
703 if (defined $host_address) {
704 my $source = @{$msg_hash->{source}}[0];
705 my $out_msg = &create_xml_hash("who_has_i_do", $server_address, $source, "mac_address");
706 &add_content2xml_hash($out_msg, "mac_address", $search_element);
707 &send_msg_hash2address($out_msg, $bus_address);
708 }
709 return;
710 }
713 sub who_has_i_do {
714 my ($msg_hash) = @_ ;
715 my $header = @{$msg_hash->{header}}[0];
716 my $source = @{$msg_hash->{source}}[0];
717 my $search_param = @{$msg_hash->{$header}}[0];
718 my $search_value = @{$msg_hash->{$search_param}}[0];
719 print "\ngot msg $header:\nserver $source has client with $search_param $search_value\n";
720 }
723 #=== FUNCTION ================================================================
724 # NAME: new_ldap_config
725 # PARAMETERS: address - string - ip address and port of a host
726 # RETURNS: nothing
727 # DESCRIPTION: send to address the ldap configuration found for dn gotoLdapServer
728 #===============================================================================
729 sub new_ldap_config {
730 my ($address) = @_ ;
732 my $res = $main::known_clients_db->select_dbentry( { table=>'known_clients', hostname=>$address } );
734 # check hit
735 my $hit_counter = keys %{$res};
736 if( not $hit_counter == 1 ) {
737 &main::daemon_log("ERROR: more or no hit found in known_clients_db by query by '$address'", 1);
738 }
740 my $macaddress = $res->{1}->{macaddress};
741 my $hostkey = $res->{1}->{hostkey};
743 if (not defined $macaddress) {
744 &main::daemon_log("ERROR: no mac address found for client $address", 1);
745 return;
746 }
748 # Build LDAP connection
749 my $ldap = Net::LDAP->new($ldap_uri);
750 if( not defined $ldap ) {
751 &main::daemon_log("ERROR: cannot connect to ldap: $ldap_uri", 1);
752 return;
753 }
756 # Bind to a directory with dn and password
757 my $mesg= $ldap->bind($ldap_admin_dn, $ldap_admin_password);
759 # Perform search
760 $mesg = $ldap->search( base => $ldap_base,
761 scope => 'sub',
762 attrs => ['dn', 'gotoLdapServer'],
763 filter => "(&(objectClass=GOhard)(macaddress=$macaddress))");
764 $mesg->code && die $mesg->error;
766 # Sanity check
767 if ($mesg->count != 1) {
768 &main::daemon_log("WARNING: client mac address $macaddress not found/not unique in ldap search", 1);
769 &main::daemon_log("\tbase: $ldap_base", 1);
770 &main::daemon_log("\tscope: sub", 1);
771 &main::daemon_log("\tattrs: dn, gotoLdapServer", 1);
772 &main::daemon_log("\tfilter: (&(objectClass=GOhard)(macaddress=$macaddress))", 1);
773 return;
774 }
776 my $entry= $mesg->entry(0);
777 my $dn= $entry->dn;
778 my @servers= $entry->get_value("gotoLdapServer");
779 my @ldap_uris;
780 my $server;
781 my $base;
783 # Do we need to look at an object class?
784 if ($#servers < 1){
785 $mesg = $ldap->search( base => $ldap_base,
786 scope => 'sub',
787 attrs => ['dn', 'gotoLdapServer'],
788 filter => "(&(objectClass=gosaGroupOfNames)(member=$dn))");
789 $mesg->code && die $mesg->error;
791 # Sanity check
792 if ($mesg->count != 1) {
793 &main::daemon_log("WARNING: no LDAP information found for client mac $macaddress", 1);
794 return;
795 }
797 $entry= $mesg->entry(0);
798 $dn= $entry->dn;
799 @servers= $entry->get_value("gotoLdapServer");
800 }
802 @servers= sort (@servers);
804 foreach $server (@servers){
805 $base= $server;
806 $server =~ s%^[^:]+:[^:]+:(ldap.*://[^/]+)/.*$%$1%;
807 $base =~ s%^[^:]+:[^:]+:ldap.*://[^/]+/(.*)$%$1%;
808 push (@ldap_uris, $server);
809 }
811 # Unbind
812 $mesg = $ldap->unbind;
814 # Assemble data package
815 my %data = ( 'ldap_uri' => \@ldap_uris, 'ldap_base' => $base,
816 'ldap_cfg' => \@ldap_cfg, 'pam_cfg' => \@pam_cfg,'nss_cfg' => \@nss_cfg );
818 # Need to append GOto settings?
819 if (defined $goto_admin and defined $goto_secret){
820 $data{'goto_admin'}= $goto_admin;
821 $data{'goto_secret'}= $goto_secret;
822 }
824 # Send information
825 send_msg("new_ldap_config", $server_address, $address, \%data, $hostkey);
827 return;
828 }
831 #=== FUNCTION ================================================================
832 # NAME: execute_actions
833 # PARAMETERS: msg_hash - hash - hash from function create_xml_hash
834 # RETURNS: nothing
835 # DESCRIPTION: invokes the script specified in msg_hash which is located under
836 # /etc/gosad/actions
837 #===============================================================================
838 sub execute_actions {
839 my ($msg_hash) = @_ ;
840 my $configdir= '/etc/gosad/actions/';
841 my $result;
843 my $header = @{$msg_hash->{header}}[0];
844 my $source = @{$msg_hash->{source}}[0];
845 my $target = @{$msg_hash->{target}}[0];
847 if((not defined $source)
848 && (not defined $target)
849 && (not defined $header)) {
850 &main::daemon_log("ERROR: Entries missing in XML msg for gosad actions under /etc/gosad/actions");
851 } else {
852 my $parameters="";
853 my @params = @{$msg_hash->{$header}};
854 my $params = join(", ", @params);
855 &main::daemon_log("execute_actions: got parameters: $params", 5);
857 if (@params) {
858 foreach my $param (@params) {
859 my $param_value = (&get_content_from_xml_hash($msg_hash, $param))[0];
860 &main::daemon_log("execute_actions: parameter -> value: $param -> $param_value", 7);
861 $parameters.= " ".$param_value;
862 }
863 }
865 my $cmd= $configdir.$header."$parameters";
866 &main::daemon_log("execute_actions: executing cmd: $cmd", 7);
867 $result= "";
868 open(PIPE, "$cmd 2>&1 |");
869 while(<PIPE>) {
870 $result.=$_;
871 }
872 close(PIPE);
873 }
875 # process the event result
878 return;
879 }
882 1;