1 #!/usr/bin/perl
2 #===============================================================================
3 #
4 # FILE: gosa-server
5 #
6 # USAGE: gosa-si-client
7 #
8 # DESCRIPTION:
9 #
10 # OPTIONS: ---
11 # REQUIREMENTS: libnetaddr-ip-perl
12 # BUGS: ---
13 # NOTES:
14 # AUTHOR: (Andreas Rettenberger), <rettenberger@gonicus.de>
15 # COMPANY:
16 # VERSION: 1.0
17 # CREATED: 12.09.2007 08:54:41 CEST
18 # REVISION: ---
19 #===============================================================================
21 use strict;
22 use warnings;
23 use Getopt::Long;
24 use Config::IniFiles;
25 use POSIX;
27 use POE qw(Component::Server::TCP);
28 use IO::Socket::INET;
29 use NetAddr::IP;
30 use Data::Dumper;
31 use Crypt::Rijndael;
32 use GOSA::GosaSupportDaemon;
33 use Digest::MD5 qw(md5_hex);
34 use MIME::Base64;
35 use XML::Simple;
36 #use Fcntl;
37 #use Sys::Syslog qw( :DEFAULT setlogsock);
38 #use File::Spec;
39 #use Cwd;
41 my $event_dir = "/usr/lib/gosa-si/client/events";
42 use lib "/usr/lib/gosa-si/client/events";
44 my ($cfg_file, %cfg_defaults, $foreground, $verbose, $pid_file, $procid, $pid, $log_file);
45 my ($server_ip, $server_port, $server_key, $server_timeout, $server_domain);
46 my ($client_ip, $client_port, $ldap_enabled, $ldap_config, $pam_config, $nss_config);
48 my $server_address;
49 my @servers;
50 my $client_address;
51 my $client_mac_address;
52 my $xml;
53 my $default_server_key;
54 my $event_hash;
56 # default variables
57 our $REGISTERED_FLAG = 1;
59 %cfg_defaults = (
60 "general" =>
61 {"log_file" => [\$log_file, "/var/run/".$0.".log"],
62 "pid_file" => [\$pid_file, "/var/run/".$0.".pid"],
63 },
64 "client" =>
65 {"client_port" => [\$client_port, "20083"],
66 "client_ip" => [\$client_ip, "0.0.0.0"],
67 "ldap" => [\$ldap_enabled, 1],
68 "ldap_config" => [\$ldap_config, "/etc/ldap/ldap.conf"],
69 "pam_config" => [\$pam_config, "/etc/pam_ldap.conf"],
70 "nss_config" => [\$nss_config, "/etc/libnss_ldap.conf"],
71 },
72 "server" =>
73 {"server_ip" => [\$server_ip, "127.0.0.1"],
74 "server_port" => [\$server_port, "20081"],
75 "server_key" => [\$server_key, ""],
76 "server_timeout" => [\$server_timeout, 10],
77 "server_domain" => [\$server_domain, ""],
78 },
80 );
83 #=== FUNCTIONS = functions =====================================================
85 #=== FUNCTION ================================================================
86 # NAME: check_cmdline_param
87 # PARAMETERS:
88 # RETURNS:
89 # DESCRIPTION:
90 #===============================================================================
91 sub check_cmdline_param () {
92 my $err_config;
93 my $err_counter = 0;
94 if(not defined($cfg_file)) {
95 $cfg_file = "/etc/gosa-si/client.conf";
96 if(! -r $cfg_file) {
97 $err_config = "please specify a config file";
98 $err_counter += 1;
99 }
100 }
101 if( $err_counter > 0 ) {
102 &usage( "", 1 );
103 if( defined( $err_config)) { print STDERR "$err_config\n"}
104 print STDERR "\n";
105 exit( -1 );
106 }
107 }
110 #=== FUNCTION ================================================================
111 # NAME: read_configfile
112 # PARAMETERS: cfg_file - string -
113 # RETURNS:
114 # DESCRIPTION:
115 #===============================================================================
116 sub read_configfile {
117 my $cfg;
118 if( defined( $cfg_file) && ( length($cfg_file) > 0 )) {
119 if( -r $cfg_file ) {
120 $cfg = Config::IniFiles->new( -file => $cfg_file );
121 } else {
122 print STDERR "Couldn't read config file!";
123 }
124 } else {
125 $cfg = Config::IniFiles->new() ;
126 }
127 foreach my $section (keys %cfg_defaults) {
128 foreach my $param (keys %{$cfg_defaults{ $section }}) {
129 my $pinfo = $cfg_defaults{ $section }{ $param };
130 ${@$pinfo[ 0 ]} = $cfg->val( $section, $param, @$pinfo[ 1 ] );
131 }
132 }
133 }
136 #=== FUNCTION ================================================================
137 # NAME: check_pid
138 # PARAMETERS:
139 # RETURNS:
140 # DESCRIPTION:
141 #===============================================================================
142 sub check_pid {
143 $pid = -1;
144 # Check, if we are already running
145 if( open(LOCK_FILE, "<$pid_file") ) {
146 $pid = <LOCK_FILE>;
147 if( defined $pid ) {
148 chomp( $pid );
149 if( -f "/proc/$pid/stat" ) {
150 my($stat) = `cat /proc/$pid/stat` =~ m/$pid \((.+)\).*/;
151 if( $0 eq $stat ) {
152 close( LOCK_FILE );
153 exit -1;
154 }
155 }
156 }
157 close( LOCK_FILE );
158 unlink( $pid_file );
159 }
161 # create a syslog msg if it is not to possible to open PID file
162 if (not sysopen(LOCK_FILE, $pid_file, O_WRONLY|O_CREAT|O_EXCL, 0644)) {
163 my($msg) = "Couldn't obtain lockfile '$pid_file' ";
164 if (open(LOCK_FILE, '<', $pid_file)
165 && ($pid = <LOCK_FILE>))
166 {
167 chomp($pid);
168 $msg .= "(PID $pid)\n";
169 } else {
170 $msg .= "(unable to read PID)\n";
171 }
172 if( ! ($foreground) ) {
173 openlog( $0, "cons,pid", "daemon" );
174 syslog( "warning", $msg );
175 closelog();
176 }
177 else {
178 print( STDERR " $msg " );
179 }
180 exit( -1 );
181 }
182 }
185 #=== FUNCTION ================================================================
186 # NAME: logging
187 # PARAMETERS: level - string - default 'info'
188 # msg - string -
189 # facility - string - default 'LOG_DAEMON'
190 # RETURNS:
191 # DESCRIPTION:
192 #===============================================================================
193 sub daemon_log {
194 # log into log_file
195 my( $msg, $level ) = @_;
196 if(not defined $msg) { return }
197 if(not defined $level) { $level = 1 }
198 if(defined $log_file){
199 open(LOG_HANDLE, ">>$log_file");
200 if(not defined open( LOG_HANDLE, ">>$log_file" )) {
201 print STDERR "cannot open $log_file: $!";
202 return }
203 chomp($msg);
204 if($level <= $verbose){
205 my ($seconds, $minutes, $hours, $monthday, $month,
206 $year, $weekday, $yearday, $sommertime) = localtime(time);
207 $hours = $hours < 10 ? $hours = "0".$hours : $hours;
208 $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes;
209 $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds;
210 my @monthnames = ("Jan", "Feb", "Mar", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec");
211 $month = $monthnames[$month];
212 $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday;
213 $year+=1900;
214 my $name = $0;
215 $name =~ s/\.\///;
217 my $log_msg = "$month $monthday $hours:$minutes:$seconds $name $msg\n";
218 print LOG_HANDLE $log_msg;
219 if( $foreground ) {
220 print STDERR $log_msg;
221 }
222 }
223 close( LOG_HANDLE );
224 }
225 #log into syslog
226 # my ($msg, $level, $facility) = @_;
227 # if(not defined $msg) {return}
228 # if(not defined $level) {$level = "info"}
229 # if(not defined $facility) {$facility = "LOG_DAEMON"}
230 # openlog($0, "pid,cons,", $facility);
231 # syslog($level, $msg);
232 # closelog;
233 # return;
234 }
237 #=== FUNCTION ================================================================
238 # NAME: get_interfaces
239 # PARAMETERS: none
240 # RETURNS: (list of interfaces)
241 # DESCRIPTION: Uses proc fs (/proc/net/dev) to get list of interfaces.
242 #===============================================================================
243 sub get_interfaces {
244 my @result;
245 my $PROC_NET_DEV= ('/proc/net/dev');
247 open(PROC_NET_DEV, "<$PROC_NET_DEV")
248 or die "Could not open $PROC_NET_DEV";
250 my @ifs = <PROC_NET_DEV>;
252 close(PROC_NET_DEV);
254 # Eat first two line
255 shift @ifs;
256 shift @ifs;
258 chomp @ifs;
259 foreach my $line(@ifs) {
260 my $if= (split /:/, $line)[0];
261 $if =~ s/^\s+//;
262 push @result, $if;
263 }
265 return @result;
266 }
268 #=== FUNCTION ================================================================
269 # NAME: get_mac
270 # PARAMETERS: interface name (i.e. eth0)
271 # RETURNS: (mac address)
272 # DESCRIPTION: Uses ioctl to get mac address directly from system.
273 #===============================================================================
274 sub get_mac {
275 my $ifreq= shift;
276 my $result;
277 if ($ifreq && length($ifreq) > 0) {
278 if($ifreq eq "all") {
279 if(defined($server_ip)) {
280 $result = &get_local_mac_for_remote_ip($server_ip);
281 } elsif {
282 $result = &client_mac_address;
283 } else {
284 $result = "00:00:00:00:00:00";
285 }
286 } else {
287 my $SIOCGIFHWADDR= 0x8927; # man 2 ioctl_list
289 # A configured MAC Address should always override a guessed value
290 if ($client_mac_address and length($client_mac_address) > 0) {
291 $result= $client_mac_address;
292 }
294 socket SOCKET, PF_INET, SOCK_DGRAM, getprotobyname('ip')
295 or die "socket: $!";
297 if(ioctl SOCKET, $SIOCGIFHWADDR, $ifreq) {
298 my ($if, $mac)= unpack 'h36 H12', $ifreq;
300 if (length($mac) > 0) {
301 $mac=~ m/^([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])$/;
302 $mac= sprintf("%s:%s:%s:%s:%s:%s", $1, $2, $3, $4, $5, $6);
303 $result = $mac;
304 }
305 }
306 }
307 }
308 return $result;
309 }
312 #=== FUNCTION ================================================================
313 # NAME: get_interface_for_ip
314 # PARAMETERS: ip address (i.e. 192.168.0.1)
315 # RETURNS: array: list of interfaces if ip=0.0.0.0, matching interface if found, undef else
316 # DESCRIPTION: Uses proc fs (/proc/net/dev) to get list of interfaces.
317 #===============================================================================
318 sub get_interface_for_ip {
319 my $result;
320 my $ip= shift;
321 if ($ip && length($ip) > 0) {
322 my @ifs= &get_interfaces();
323 if($ip eq "0.0.0.0") {
324 $result = "all";
325 } else {
326 foreach (@ifs) {
327 my $if=$_;
328 if(get_ip($if) eq $ip) {
329 $result = $if;
330 last;
331 }
332 }
333 }
334 }
335 return $result;
336 }
339 #=== FUNCTION ================================================================
340 # NAME: get_ip
341 # PARAMETERS: interface name (i.e. eth0)
342 # RETURNS: (ip address)
343 # DESCRIPTION: Uses ioctl to get ip address directly from system.
344 #===============================================================================
345 sub get_ip {
346 my $ifreq= shift;
347 my $result= "";
348 my $SIOCGIFADDR= 0x8915; # man 2 ioctl_list
349 my $proto= getprotobyname('ip');
351 socket SOCKET, PF_INET, SOCK_DGRAM, $proto
352 or die "socket: $!";
354 if(ioctl SOCKET, $SIOCGIFADDR, $ifreq) {
355 my ($if, $sin) = unpack 'a16 a16', $ifreq;
356 my ($port, $addr) = sockaddr_in $sin;
357 my $ip = inet_ntoa $addr;
359 if ($ip && length($ip) > 0) {
360 $result = $ip;
361 }
362 }
364 return $result;
365 }
368 #=== FUNCTION ================================================================
369 # NAME: get_local_mac_for_remote_ip
370 # PARAMETERS: none (takes server_ip from global variable)
371 # RETURNS: (ip address from interface that is used for communication)
372 # DESCRIPTION: Uses ioctl to get routing table from system, checks which entry
373 # matches (defaultroute last).
374 #===============================================================================
375 sub get_local_mac_for_remote_ip {
376 my $ifreq= shift;
377 my $result= "00:00:00:00:00:00";
378 my $PROC_NET_ROUTE= ('/proc/net/route');
380 open(PROC_NET_ROUTE, "<$PROC_NET_ROUTE")
381 or die "Could not open $PROC_NET_ROUTE";
383 my @ifs = <PROC_NET_ROUTE>;
385 close(PROC_NET_ROUTE);
387 # Eat header line
388 shift @ifs;
389 chomp @ifs;
390 foreach my $line(@ifs) {
391 my ($Iface,$Destination,$Gateway,$Flags,$RefCnt,$Use,$Metric,$Mask,$MTU,$Window,$IRTT)=split(/\s/, $line);
392 my $destination;
393 my $mask;
394 my ($d,$c,$b,$a)=unpack('a2 a2 a2 a2', $Destination);
395 $destination= sprintf("%d.%d.%d.%d", hex($a), hex($b), hex($c), hex($d));
396 ($d,$c,$b,$a)=unpack('a2 a2 a2 a2', $Mask);
397 $mask= sprintf("%d.%d.%d.%d", hex($a), hex($b), hex($c), hex($d));
398 if(new NetAddr::IP($server_ip)->within(new NetAddr::IP($destination, $mask))) {
399 # destination matches route, save mac and exit
400 $result= &get_mac($Iface);
401 last;
402 }
403 }
406 return $result;
407 }
410 sub create_passwd {
411 my $new_passwd = "";
412 for(my $i=0; $i<31; $i++) {
413 $new_passwd .= ("a".."z","A".."Z",0..9)[int(rand(62))]
414 }
416 return $new_passwd;
417 }
420 sub get_server_addresses {
421 my $domain= shift;
422 my @result;
423 my $dig_cmd= 'dig +nocomments srv _gosad._tcp.'.$domain;
425 my $output= `$dig_cmd 2>&1`;
426 open (PIPE, "$dig_cmd 2>&1 |");
427 while(<PIPE>) {
428 chomp $_;
429 # If it's not a comment
430 if($_ =~ m/^[^;]/) {
431 my @matches= split /\s+/;
433 # Push hostname with port
434 if($matches[3] eq 'SRV') {
435 push @result, $matches[7].':'.$matches[6];
436 } elsif ($matches[3] eq 'A') {
437 my $i=0;
439 # Substitute the hostname with the ip address of the matching A record
440 foreach my $host (@result) {
441 if ((split /\:/, $host)[0] eq $matches[0]) {
442 $result[$i]= $matches[4].':'.(split /\:/, $host)[1];
443 }
444 $i++;
445 }
446 }
447 }
448 }
449 close(PIPE);
450 return @result;
451 }
454 ##=== FUNCTION ================================================================
455 ## NAME: create_ciphering
456 ## PARAMETERS: passwd - string - used to create ciphering
457 ## RETURNS: cipher - object
458 ## DESCRIPTION: creates a Crypt::Rijndael::MODE_CBC object with passwd as key
459 ##===============================================================================
460 #sub create_ciphering {
461 # my ($passwd) = @_;
462 # $passwd = substr(md5_hex("$passwd") x 32, 0, 32);
463 # my $iv = substr(md5_hex('GONICUS GmbH'),0, 16);
464 #
465 # #daemon_log("iv: $iv", 7);
466 # #daemon_log("key: $passwd", 7);
467 # my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC());
468 # $my_cipher->set_iv($iv);
469 # return $my_cipher;
470 #}
471 #
472 #
473 #sub create_ciphering {
474 # my ($passwd) = @_;
475 # $passwd = substr(md5_hex("$passwd") x 32, 0, 32);
476 # my $iv = substr(md5_hex('GONICUS GmbH'),0, 16);
477 # my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC());
478 # $my_cipher->set_iv($iv);
479 # return $my_cipher;
480 #}
481 #
482 #
483 #sub encrypt_msg {
484 # my ($msg, $key) = @_;
485 # my $my_cipher = &create_ciphering($key);
486 # {
487 # use bytes;
488 # $msg = "\0"x(16-length($msg)%16).$msg;
489 # }
490 # $msg = $my_cipher->encrypt($msg);
491 # chomp($msg = &encode_base64($msg));
492 # # there are no newlines allowed inside msg
493 # $msg=~ s/\n//g;
494 # return $msg;
495 #}
496 #
497 #
498 #sub decrypt_msg {
499 # my ($msg, $key) = @_ ;
500 # $msg = &decode_base64($msg);
501 # my $my_cipher = &create_ciphering($key);
502 # $msg = $my_cipher->decrypt($msg);
503 # $msg =~ s/\0*//g;
504 # return $msg;
505 #}
508 #=== FUNCTION ================================================================
509 # NAME: send_msg_hash2address
510 # PARAMETERS: msg_hash - hash - xml_hash created with function create_xml_hash
511 # PeerAddr string - socket address to send msg
512 # PeerPort string - socket port, if not included in socket address
513 # RETURNS: nothing
514 # DESCRIPTION: ????
515 #===============================================================================
516 sub send_msg_hash2address {
517 my ($msg_hash, $address, $passwd) = @_ ;
519 # fetch header for logging
520 my $header = @{$msg_hash->{header}}[0];
522 # generate xml string
523 my $msg_xml = &create_xml_string($msg_hash);
525 # encrypt xml msg
526 my $crypted_msg = &encrypt_msg($msg_xml, $passwd);
528 # opensocket
529 my $socket = &open_socket($address);
530 if(not defined $socket){
531 daemon_log("cannot send '$header'-msg to $address , server not reachable", 5);
532 return 1;
533 }
535 # send xml msg
536 print $socket $crypted_msg."\n";
538 close $socket;
540 daemon_log("send '$header'-msg to $address", 1);
541 daemon_log("message:\n$msg_xml", 8);
542 return 0;
543 }
546 sub open_socket {
547 my ($PeerAddr, $PeerPort) = @_ ;
548 if(defined($PeerPort)){
549 $PeerAddr = $PeerAddr.":".$PeerPort;
550 }
551 my $socket;
552 $socket = new IO::Socket::INET(PeerAddr => $PeerAddr,
553 Porto => "tcp",
554 Type => SOCK_STREAM,
555 Timeout => 5,
556 );
557 if(not defined $socket) {
558 return;
559 }
560 &daemon_log("open_socket: $PeerAddr", 7);
561 return $socket;
562 }
565 #=== FUNCTION ================================================================
566 # NAME: register_at_server
567 # PARAMETERS:
568 # RETURNS:
569 # DESCRIPTION:
570 #===============================================================================
571 sub register_at_gosa_si_server {
572 my ($kernel) = $_[KERNEL];
574 if( $REGISTERED_FLAG == 1 ) {
576 # create new passwd and ciphering object for client-server communication
577 $server_key = &create_passwd();
579 my $events = join( ", ", keys %{$event_hash} );
581 while(1) {
583 # fetch first gosa-si-server from @servers
584 my $server = shift(@servers);
586 if( !$server ) {
587 daemon_log("no gosa-si-server left in list of servers", 1);
588 daemon_log("unable to register at a gosa-si-server, force shutdown", 1);
589 exit(1);
590 }
592 # create registration msg
593 my $register_hash = &create_xml_hash("here_i_am", $client_address, $server);
594 &add_content2xml_hash($register_hash, "new_passwd", $server_key);
595 &add_content2xml_hash($register_hash, "mac_address", $client_mac_address);
596 &add_content2xml_hash($register_hash, "events", $events);
598 # send xml hash to server with general server passwd
599 my $res = &send_msg_hash2address($register_hash, $server, $default_server_key);
600 # if( $res == 1 ) {
601 # next;
602 # }
603 #
604 last;
605 }
606 daemon_log("waiting for msg 'register_at_gosa_si_server'",1);
607 $kernel->delay_set('register_at_gosa_si_server',2);
608 }
609 return;
610 }
613 # my ($rout, $wout, $reg_server);
614 # foreach my $server (@servers) {
615 #
616 # # create msg hash
617 # my $register_hash = &create_xml_hash("here_i_am", $client_address, $server);
618 # &add_content2xml_hash($register_hash, "new_passwd", $new_server_key);
619 # &add_content2xml_hash($register_hash, "mac_address", $client_mac_address);
620 # &add_content2xml_hash($register_hash, "events", $events);
621 #
622 # # send xml hash to server with general server passwd
623 # my $answer = &send_msg_hash2address($register_hash, $server, $server_passwd);
624 #
625 # if ($answer != 0) { next; }
626 #
627 # # waiting for response
628 # daemon_log("waiting for response...\n", 5);
629 # my $nf = select($rout=$rbits, $wout=$wbits, undef, $server_timeout);
630 #
631 # # something is coming in
632 # if(vec $rout, fileno $input_socket, 1) {
633 # my $crypted_msg;
634 # my $client = $input_socket->accept();
635 # my $other_end = getpeername($client);
636 # if(not defined $other_end) {
637 # daemon_log("client cannot be identified: $!\n");
638 # } else {
639 # my ($port, $iaddr) = unpack_sockaddr_in($other_end);
640 # my $actual_ip = inet_ntoa($iaddr);
641 # daemon_log("\naccept client from $actual_ip\n", 5);
642 # my $in_msg = &read_from_socket($client);
643 # if(defined $in_msg){
644 # chomp($in_msg);
645 # $crypted_msg = $in_msg;
646 # } else {
647 # daemon_log("cannot read from $actual_ip\n", 5);
648 # }
649 # }
650 # close($client);
651 #
652 # # validate acknowledge msg from server
653 # $new_server_cipher = &create_ciphering($new_server_passwd);
654 # my $msg_hash;
655 # eval {
656 # my $decrypted_msg = &decrypt_msg($crypted_msg, $new_server_cipher);
657 # daemon_log("decrypted register msg: $decrypted_msg", 5);
658 # $msg_hash = $xml->XMLin($decrypted_msg, ForceArray=>1);
659 # };
660 # if($@) {
661 # daemon_log("ERROR: do not understand the incoming message:" , 5);
662 # daemon_log("$@", 7);
663 # } else {
664 # my $header = @{$msg_hash->{header}}[0];
665 # if($header eq "registered") {
666 # $reg_server = $server;
667 # last;
668 # } elsif($header eq "denied") {
669 # my $reason = (&get_content_from_xml_hash($msg_hash, "denied"))[0];
670 # daemon_log("registration at $server denied: $reason", 1);
671 # } else {
672 # daemon_log("cannot register at $server", 1);
673 # }
674 # }
675 # }
676 # # if no answer arrive, try next server in list
677 #
678 # }
679 #
680 # if(defined $reg_server) {
681 # daemon_log("registered at $reg_server", 1);
682 # } else {
683 # daemon_log("cannot register at any server", 1);
684 # daemon_log("exiting!!!", 1);
685 # exit(1);
686 # }
687 #
688 # # update the global available variables
689 # $server_address = $reg_server;
690 # $server_passwd = $new_server_passwd;
691 # $server_cipher = $new_server_cipher;
694 # return;
695 #}
699 sub check_key_and_xml_validity {
700 my ($crypted_msg, $module_key) = @_;
701 #print STDERR "crypted_msg:$crypted_msg\n";
702 #print STDERR "modul_key:$module_key\n";
704 my $msg;
705 my $msg_hash;
706 eval{
707 $msg = &decrypt_msg($crypted_msg, $module_key);
708 &main::daemon_log("decrypted_msg: \n$msg", 8);
710 $msg_hash = $xml->XMLin($msg, ForceArray=>1);
712 # check header
713 my $header_l = $msg_hash->{'header'};
714 if( 1 != @{$header_l} ) {
715 die 'no or more headers specified';
716 }
717 my $header = @{$header_l}[0];
718 if( 0 == length $header) {
719 die 'header has length 0';
720 }
722 # check source
723 my $source_l = $msg_hash->{'source'};
724 if( 1 != @{$source_l} ) {
725 die 'no or more sources specified';
726 }
727 my $source = @{$source_l}[0];
728 if( 0 == length $source) {
729 die 'source has length 0';
730 }
732 # check target
733 my $target_l = $msg_hash->{'target'};
734 if( 1 != @{$target_l} ) {
735 die 'no or more targets specified ';
736 }
737 my $target = @{$target_l}[0];
738 if( 0 == length $target) {
739 die 'target has length 0 ';
740 }
742 };
743 if($@) {
744 &main::daemon_log("WARNING: do not understand the message or msg is not gosa-si envelope conform:", 5);
745 &main::daemon_log("$@", 8);
746 }
748 return ($msg, $msg_hash);
749 }
752 sub import_events {
754 if (not -e $event_dir) {
755 daemon_log("ERROR: cannot find directory or directory is not readable: $event_dir", 1);
756 }
757 opendir (DIR, $event_dir) or die "ERROR while loading gosa-si-events from directory $event_dir : $!\n";
759 while (defined (my $event = readdir (DIR))) {
760 if( $event eq "." || $event eq ".." ) { next; }
762 eval{ require $event; };
763 if( $@ ) {
764 daemon_log("import of event module '$event' failed", 1);
765 daemon_log("$@", 8);
766 next;
767 }
769 $event =~ /(\S*?).pm$/;
770 my $event_module = $1;
771 my $events_l = eval( $1."::get_events()") ;
772 foreach my $event_name (@{$events_l}) {
773 $event_hash->{$event_name} = $event_module;
774 }
776 }
777 }
780 sub server_input {
781 my ($heap,$input,$wheel) = @_[HEAP, ARG0, ARG1];
782 my $error = 0;
783 my $answer;
785 daemon_log("Incoming msg:\n$input\n", 8);
787 my ($msg, $msg_hash) = &check_key_and_xml_validity($input, $server_key);
788 if( (!$msg) || (!$msg_hash) ) {
789 daemon_log("Deciphering of incoming msg failed", 5);
790 $error++;
791 }
793 if( $error == 0 ) {
794 my $header = @{$msg_hash->{header}}[0];
795 my $source = @{$msg_hash->{source}}[0];
797 if( exists $event_hash->{$header} ) {
798 # a event exists with the header as name
799 daemon_log("found event '$header' at event-module '".$event_hash->{$header}."'", 5);
800 no strict 'refs';
801 $answer = &{$event_hash->{$header}."::$header"}($msg, $msg_hash);
802 if( $header eq "registered") {
803 $REGISTERED_FLAG = $answer;
804 }
805 }
806 else {
807 # maybe header is a core function
808 daemon_log("WARNING: no event assigned to msg $header", 5);
809 if ($header eq 'new_ldap_config') { if ($ldap_enabled == 1) {&new_ldap_config($msg_hash)}}
810 elsif ($header eq 'ping') { &got_ping($msg_hash) }
811 elsif ($header eq 'wake_up') { &execute_event($msg_hash)}
812 elsif ($header eq 'new_passwd') { &new_passwd()}
813 elsif ($header eq 'compute_hardware') { &compute_hardware() }
814 else { daemon_log("ERROR: no core function assigned to msg $header", 5) }
815 }
816 }
818 return;
819 }
821 #==== MAIN = main ==============================================================
822 # parse commandline options
823 Getopt::Long::Configure( "bundling" );
824 GetOptions("h|help" => \&usage,
825 "c|config=s" => \$cfg_file,
826 "f|foreground" => \$foreground,
827 "v|verbose+" => \$verbose,
828 );
830 # read and set config parameters
831 &check_cmdline_param ;
832 &read_configfile;
833 &check_pid;
836 # forward error messages to logfile
837 if ( ! $foreground ) {
838 open STDIN, '/dev/null' or die "Can’t read /dev/null: $!";
839 open STDOUT, '>>/dev/null' or die "Can't write to /dev/null: $!";
840 open STDERR, '>>/dev/null' or die "Can't write to /dev/null: $!";
841 }
843 # Just fork, if we are not in foreground mode
844 if( ! $foreground ) {
845 chdir '/' or die "Can't chdir to /: $!";
846 $pid = fork;
847 setsid or die "Can't start a new session: $!";
848 umask 0;
849 }
850 else {
851 $pid = $$;
852 }
854 # Do something useful - put our PID into the pid_file
855 if( 0 != $pid ) {
856 open( LOCK_FILE, ">$pid_file" );
857 print LOCK_FILE "$pid\n";
858 close( LOCK_FILE );
859 if( !$foreground ) {
860 exit( 0 )
861 };
862 }
864 daemon_log(" ", 1);
865 daemon_log("$0 started!", 1);
867 # delete old DBsqlite lock files
868 system('rm -f /tmp/gosa_si_lock*gosa-si-client*');
871 # complete client_address
872 $client_address = $client_ip.":".$client_port;
875 # detect own ip and mac address
876 my $network_interface= &get_interface_for_ip($client_ip);
877 $client_mac_address= &get_mac($network_interface);
878 daemon_log("gosa-si-client ip address detected: $client_ip", 1);
879 daemon_log("gosa-si-client mac address detected: $client_mac_address", 1);
882 # import events
883 &import_events();
886 # create socket for incoming xml messages
887 POE::Component::Server::TCP->new(
888 Alias => 'gosa-si-client',
889 Port => $client_port,
890 ClientInput => \&server_input,
891 );
892 daemon_log("start socket for incoming xml messages at port '$client_port' ", 1);
895 # prepare variables
896 if (defined $server_ip && defined $server_port) {
897 $server_address = $server_ip.":".$server_port;
898 }
899 $xml = new XML::Simple();
900 $default_server_key = $server_key;
903 # find all possible gosa-si-servers in DNS
904 if (defined $server_domain) {
905 my @tmp_servers = &get_server_addresses($server_domain);
906 foreach my $server (@tmp_servers) {
907 unshift(@servers, $server);
908 }
909 }
910 # add gosa-si-server address from config file at first position of server list
911 if (defined $server_address) {
912 unshift(@servers, $server_address);
913 }
914 my $servers_string = join(", ", @servers);
915 daemon_log("found servers in configuration file and via DNS: $servers_string", 5);
918 POE::Session->create(
919 inline_states => {
920 _start => \®ister_at_gosa_si_server ,
921 register_at_gosa_si_server => \®ister_at_gosa_si_server,
922 }
923 );
925 POE::Kernel->run();
926 exit;