index 77cc61880eb61881eb0c32824115e969e20ddbfd..fb8aab830dd33adcc62e5226f235e304b16f934c 100644 (file)
use Data::Dumper;
use NetAddr::IP;
use Net::LDAP;
use Data::Dumper;
use NetAddr::IP;
use Net::LDAP;
+use Net::LDAP::Util;
use Socket;
use Net::hostent;
use Socket;
use Net::hostent;
END {}
my ($server_ip, $server_port, $ClientPackages_key, $max_clients, $ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password, $server_interface);
END {}
my ($server_ip, $server_port, $ClientPackages_key, $max_clients, $ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password, $server_interface);
-#my ($bus_activ, $bus_key, $bus_ip, $bus_port);
my $server;
my $network_interface;
my $server;
my $network_interface;
-#my $no_bus;
my (@ldap_cfg, @pam_cfg, @nss_cfg, $goto_admin, $goto_secret);
my $mesg;
my %cfg_defaults = (
my (@ldap_cfg, @pam_cfg, @nss_cfg, $goto_admin, $goto_secret);
my $mesg;
my %cfg_defaults = (
-#"bus" => {
-# "activ" => [\$bus_activ, "on"],
-# "key" => [\$bus_key, ""],
-# "ip" => [\$bus_ip, ""],
-# "port" => [\$bus_port, "20080"],
-# },
"server" => {
"ip" => [\$server_ip, "0.0.0.0"],
"mac-address" => [\$main::server_mac_address, "00:00:00:00:00"],
"server" => {
"ip" => [\$server_ip, "0.0.0.0"],
"mac-address" => [\$main::server_mac_address, "00:00:00:00:00"],
### START #####################################################################
# read configfile and import variables
### START #####################################################################
# read configfile and import variables
-&read_configfile();
+&local_read_configfile();
# if server_ip is not an ip address but a name
# if server_ip is not an ip address but a name
# import local events
my ($error, $result, $event_hash) = &import_events($event_dir);
# import local events
my ($error, $result, $event_hash) = &import_events($event_dir);
-if ($error == 0) {
- foreach my $log_line (@$result) {
- &main::daemon_log("0 DEBUG: ClientPackages - $log_line", 7);
- }
-} else {
- foreach my $log_line (@$result) {
+
+foreach my $log_line (@$result) {
+ if ($log_line =~ / succeed: /) {
+ &main::daemon_log("0 INFO: ClientPackages - $log_line", 5);
+ } else {
&main::daemon_log("0 ERROR: ClientPackages - $log_line", 1);
}
&main::daemon_log("0 ERROR: ClientPackages - $log_line", 1);
}
+}
+# build vice versa event_hash, event_name => module
+my $event2module_hash = {};
+while (my ($module, $mod_events) = each %$event_hash) {
+ while (my ($event_name, $nothing) = each %$mod_events) {
+ $event2module_hash->{$event_name} = $module;
+ }
}
}
@@ -146,48 +145,38 @@ if((not defined($main::gosa_unit_tag)) || length($main::gosa_unit_tag) == 0) {
} else {
&main::daemon_log("0 INFO: Using gosaUnitTag from config-file: $main::gosa_unit_tag",5);
}
} else {
&main::daemon_log("0 INFO: Using gosaUnitTag from config-file: $main::gosa_unit_tag",5);
}
+ &main::release_ldap_handle($ldap_handle);
}
my $server_address = "$server_ip:$server_port";
$main::server_address = $server_address;
}
my $server_address = "$server_ip:$server_port";
$main::server_address = $server_address;
-
-#if( inet_aton($bus_ip) ){ $bus_ip = inet_ntoa(inet_aton($bus_ip)); }
-#######################################################
-## to change
-#if( $bus_ip eq "127.0.1.1" ) { $bus_ip = "127.0.0.1" }
-#######################################################
-#my $bus_address = "$bus_ip:$bus_port";
-#$main::bus_address = $bus_address;
-
-
-#my $hostkey = &create_passwd;
-#my $res = $main::known_server_db->add_dbentry( {table=>$main::known_server_tn,
-# primkey=>['hostname'],
-# hostname=>$main::server_address,
-# status=>'myself',
-# hostkey=>$hostkey,
-# timestamp=>&get_time(),
-# } );
-#if (not $res == 0) {
-# &main::daemon_log("0 ERROR: cannot add server to known_server_db: $res", 1);
-#} else {
-# &main::daemon_log("0 INFO: '$main::server_address' successfully added to known_server_db", 5);
-#}
-
-
-
-## create general settings for this module
-#my $xml = new XML::Simple();
-#
-## register at bus
-#if ($main::no_bus > 0) {
-# $bus_activ = "off"
-#}
-#if($bus_activ eq "on") {
-# ®ister_at_bus();
-#}
+{
+ # Check if ou=incoming exists
+ # TODO: This should be transferred to a module init-function
+ my $ldap_handle = &main::get_ldap_handle();
+ if( defined($ldap_handle) ) {
+ &main::daemon_log("0 INFO: Searching for ou=incoming container for new clients", 5);
+ # Perform search
+ my $mesg = $ldap_handle->search(
+ base => $ldap_base,
+ scope => 'one',
+ filter => "(&(ou=incoming)(objectClass=organizationalUnit))"
+ );
+ if(not defined($mesg->count) or $mesg->count == 0) {
+ my $incomingou = Net::LDAP::Entry->new();
+ $incomingou->dn('ou=incoming,'.$ldap_base);
+ $incomingou->add('objectClass' => 'organizationalUnit');
+ $incomingou->add('ou' => 'incoming');
+ my $result = $incomingou->update($ldap_handle);
+ if($result->code != 0) {
+ &main::daemon_log("0 ERROR: Problem adding ou=incoming: '".$result->error()."'!", 1);
+ }
+ }
+ }
+ &main::release_ldap_handle($ldap_handle);
+}
### functions #################################################################
### functions #################################################################
sub get_module_info {
my @info = ($server_address,
$ClientPackages_key,
sub get_module_info {
my @info = ($server_address,
$ClientPackages_key,
+ $event_hash,
);
return \@info;
}
#=== FUNCTION ================================================================
);
return \@info;
}
#=== FUNCTION ================================================================
-# NAME: read_configfile
+# NAME: local_read_configfile
# PARAMETERS: cfg_file - string -
# RETURNS: nothing
# DESCRIPTION: read cfg_file and set variables
#===============================================================================
# PARAMETERS: cfg_file - string -
# RETURNS: nothing
# DESCRIPTION: read cfg_file and set variables
#===============================================================================
-sub read_configfile {
+sub local_read_configfile {
my $cfg;
if( defined( $main::cfg_file) && ( (-s $main::cfg_file) > 0 )) {
if( -r $main::cfg_file ) {
my $cfg;
if( defined( $main::cfg_file) && ( (-s $main::cfg_file) > 0 )) {
if( -r $main::cfg_file ) {
}
}
-# moved to GosaSupportDaemon: 03-06-2008 rettenbe
-#=== FUNCTION ================================================================
-# NAME: get_interface_for_ip
-# PARAMETERS: ip address (i.e. 192.168.0.1)
-# RETURNS: array: list of interfaces if ip=0.0.0.0, matching interface if found, undef else
-# DESCRIPTION: Uses proc fs (/proc/net/dev) to get list of interfaces.
-#===============================================================================
-#sub get_interface_for_ip {
-# my $result;
-# my $ip= shift;
-# if ($ip && length($ip) > 0) {
-# my @ifs= &get_interfaces();
-# if($ip eq "0.0.0.0") {
-# $result = "all";
-# } else {
-# foreach (@ifs) {
-# my $if=$_;
-# if(&main::get_ip($if) eq $ip) {
-# $result = $if;
-# }
-# }
-# }
-# }
-# return $result;
-#}
-
-# moved to GosaSupportDaemon: 03-06-2008 rettenbe
-#=== FUNCTION ================================================================
-# NAME: get_interfaces
-# PARAMETERS: none
-# RETURNS: (list of interfaces)
-# DESCRIPTION: Uses proc fs (/proc/net/dev) to get list of interfaces.
-#===============================================================================
-#sub get_interfaces {
-# my @result;
-# my $PROC_NET_DEV= ('/proc/net/dev');
-#
-# open(PROC_NET_DEV, "<$PROC_NET_DEV")
-# or die "Could not open $PROC_NET_DEV";
-#
-# my @ifs = <PROC_NET_DEV>;
-#
-# close(PROC_NET_DEV);
-#
-# # Eat first two line
-# shift @ifs;
-# shift @ifs;
-#
-# chomp @ifs;
-# foreach my $line(@ifs) {
-# my $if= (split /:/, $line)[0];
-# $if =~ s/^\s+//;
-# push @result, $if;
-# }
-#
-# return @result;
-#}
#=== FUNCTION ================================================================
# NAME: get_mac
#=== FUNCTION ================================================================
# NAME: get_mac
}
}
-#=== FUNCTION ================================================================
-# NAME: register_at_bus
-# PARAMETERS: nothing
-# RETURNS: nothing
-# DESCRIPTION: creates an entry in known_daemons and send a 'here_i_am' msg to bus
-#===============================================================================
-#sub register_at_bus {
-#
-# # add bus to known_server_db
-# my $res = $main::known_server_db->add_dbentry( {table=>'known_server',
-# primkey=>['hostname'],
-# hostname=>$bus_address,
-# status=>'bus',
-# hostkey=>$bus_key,
-# timestamp=>&get_time,
-# } );
-# my $msg_hash = &create_xml_hash("here_i_am", $server_address, $bus_address);
-# my $msg = &create_xml_string($msg_hash);
-#
-# &main::send_msg_to_target($msg, $bus_address, $bus_key, "here_i_am");
-# return $msg;
-#}
-
-
-
-# outcommented from rettenbe: moved to GosaSupportDaemon.pm
-#sub import_events {
-# if (not -e $event_dir) {
-# &main::daemon_log("S ERROR: cannot find directory or directory is not readable: $event_dir", 1);
-# }
-# opendir (DIR, $event_dir) or die "ERROR while loading gosa-si-events from directory $event_dir : $!\n";
-#
-# while (defined (my $event = readdir (DIR))) {
-# if( $event eq "." || $event eq ".." ) { next; }
-# if( $event eq "gosaTriggered.pm" ) { next; } # only GOsa specific events
-#
-# eval{ require $event; };
-# if( $@ ) {
-# &main::daemon_log("S ERROR: import of event module '$event' failed", 1);
-# &main::daemon_log("$@", 8);
-# next;
-# }
-#
-# $event =~ /(\S*?).pm$/;
-# my $event_module = $1;
-# my $events_l = eval( $1."::get_events()") ;
-# foreach my $event_name (@{$events_l}) {
-# $event_hash->{$event_name} = $event_module;
-# }
-# my $events_string = join( ", ", @{$events_l});
-# &main::daemon_log("S DEBUG: ClientPackages imported events $events_string", 8);
-# }
-#}
-
-
#=== FUNCTION ================================================================
# NAME: process_incoming_msg
# PARAMETERS: crypted_msg - string - incoming crypted message
#=== FUNCTION ================================================================
# NAME: process_incoming_msg
# PARAMETERS: crypted_msg - string - incoming crypted message
# skip PREFIX
$header =~ s/^CLMSG_//;
# skip PREFIX
$header =~ s/^CLMSG_//;
- &main::daemon_log("$session_id DEBUG: ClientPackages: msg to process: $header", 7);
+ &main::daemon_log("$session_id DEBUG: ClientPackages: msg to process: $header", 26);
if( 0 == length @target_l){
&main::daemon_log("$session_id ERROR: no target specified for msg $header", 1);
$error++;
if( 0 == length @target_l){
&main::daemon_log("$session_id ERROR: no target specified for msg $header", 1);
$error++;
- }
-
- if( 1 == length @target_l) {
+ } elsif( 1 == length @target_l) {
my $target = $target_l[0];
my $target = $target_l[0];
- if(&server_matches($target)) {
+ if(&server_matches($target, $session_id)) {
if ($header eq 'new_key') {
@out_msg_l = &new_key($msg_hash)
} elsif ($header eq 'here_i_am') {
@out_msg_l = &here_i_am($msg, $msg_hash, $session_id)
} else {
# a event exists with the header as name
if ($header eq 'new_key') {
@out_msg_l = &new_key($msg_hash)
} elsif ($header eq 'here_i_am') {
@out_msg_l = &here_i_am($msg, $msg_hash, $session_id)
} else {
# a event exists with the header as name
- if( exists $event_hash->{$header} ) {
- &main::daemon_log("$session_id INFO: found event '$header' at event-module '".$event_hash->{$header}."'", 5);
+ if( exists $event2module_hash->{$header} ) {
+ &main::daemon_log("$session_id DEBUG: found event '$header' at event-module '".$event2module_hash->{$header}."'", 26);
no strict 'refs';
no strict 'refs';
- @out_msg_l = &{$event_hash->{$header}."::$header"}($msg, $msg_hash, $session_id);
+ @out_msg_l = &{$event2module_hash->{$header}."::$header"}($msg, $msg_hash, $session_id);
# if no event handler is implemented
} else {
# if no event handler is implemented
} else {
@out_msg_l = ();
} elsif ($out_msg_l[0] eq 'knownclienterror') {
&main::daemon_log("$session_id ERROR: no or more than 1 hits are found at known_clients_db with sql query: '$sql_events'", 1);
@out_msg_l = ();
} elsif ($out_msg_l[0] eq 'knownclienterror') {
&main::daemon_log("$session_id ERROR: no or more than 1 hits are found at known_clients_db with sql query: '$sql_events'", 1);
- &main::daemon_log("$session_id WARNING: processing is aborted and message will not be forwarded");
+ &main::daemon_log("$session_id ERROR: processing is aborted and message will not be forwarded", 1);
@out_msg_l = ();
} elsif ($out_msg_l[0] eq 'noeventerror') {
@out_msg_l = ();
} elsif ($out_msg_l[0] eq 'noeventerror') {
- &main::daemon_log("$session_id WARNING: client '$target' is not registered for event '$header', processing is aborted", 1);
+ &main::daemon_log("$session_id ERROR: client '$target' is not registered for event '$header', processing is aborted", 1);
@out_msg_l = ();
}
@out_msg_l = ();
}
-
-
-
-
- }
- else {
- &main::daemon_log("INFO: msg is not for gosa-si-server '$server_address', deliver it to target '$target'", 5);
+ } else {
+ &main::daemon_log("DEBUG: msg is not for gosa-si-server '$server_address', deliver it to target '$target'", 26);
push(@out_msg_l, $msg);
}
}
push(@out_msg_l, $msg);
}
}
my $client_revision = @{$msg_hash->{client_revision}}[0];
my $key_lifetime = @{$msg_hash->{key_lifetime}}[0];
my $client_revision = @{$msg_hash->{client_revision}}[0];
my $key_lifetime = @{$msg_hash->{key_lifetime}}[0];
+ # Move forced hostname to heap - if used
+ #FIXME: move to some global POE namespace - please
+ if ( defined($msg_hash->{'force-hostname'}[0]) &&
+ length($msg_hash->{'force-hostname'}[0]) > 0){
+ # $heap->{force-hostname}->{$mac_address}= $msg_hash->{'force-hostname'}[0];
+ open (TFILE, ">/var/tmp/$mac_address");
+ print TFILE $msg_hash->{'force-hostname'}[0];
+ close (TFILE);
+ } else {
+ # $heap->{force-hostname}->{$mac_address}= undef;
+ if ( -e "/var/tmp/$mac_address") {
+ unlink("/var/tmp/$mac_address")
+ };
+ }
+
# number of known clients
my $nu_clients= $main::known_clients_db->count_dbentries('known_clients');
# number of known clients
my $nu_clients= $main::known_clients_db->count_dbentries('known_clients');
my $db_res= $main::known_clients_db->select_dbentry( $sql_statement );
if ( 1 == keys %{$db_res} ) {
my $db_res= $main::known_clients_db->select_dbentry( $sql_statement );
if ( 1 == keys %{$db_res} ) {
- &main::daemon_log("$session_id WARNING: $source is already known as a client", 1);
- &main::daemon_log("$session_id WARNING: values for $source are being overwritten", 1);
+ &main::daemon_log("$session_id WARNING: $source is already known as a client", 3);
+ &main::daemon_log("$session_id WARNING: values for $source are being overwritten", 3);
$nu_clients --;
}
$nu_clients --;
}
- # number of actual activ clients
+ # number of current active clients
my $act_nu_clients = $nu_clients;
my $act_nu_clients = $nu_clients;
- &main::daemon_log("$session_id INFO: number of actual activ clients: $act_nu_clients", 5);
- &main::daemon_log("$session_id INFO: number of maximal allowed clients: $max_clients", 5);
+ &main::daemon_log("$session_id DEBUG: number of current active clients: $act_nu_clients", 26);
+ &main::daemon_log("$session_id DEBUG: number of maximal allowed clients: $max_clients", 26);
if($max_clients <= $act_nu_clients) {
my $out_hash = &create_xml_hash("denied", $server_address, $source);
if($max_clients <= $act_nu_clients) {
my $out_hash = &create_xml_hash("denied", $server_address, $source);
} );
if ($res != 0) {
} );
if ($res != 0) {
- &main::daemon_log("$session_id ERROR: cannot add entry to known_clients: $res");
+ &main::daemon_log("$session_id ERROR: cannot add entry to known_clients: $res",1);
return;
}
# return acknowledgement to client
$out_hash = &create_xml_hash("registered", $server_address, $source);
return;
}
# return acknowledgement to client
$out_hash = &create_xml_hash("registered", $server_address, $source);
-
# give the new client his ldap config
# Workaround: Send within the registration response, if the client will get an ldap config later
my $new_ldap_config_out = &new_ldap_config($source, $session_id);
# give the new client his ldap config
# Workaround: Send within the registration response, if the client will get an ldap config later
my $new_ldap_config_out = &new_ldap_config($source, $session_id);
"SET status='error', result='$new_ldap_config_out' ".
"WHERE status='processing' AND macaddress LIKE '$mac_address'";
my $res = $main::job_db->update_dbentry($sql_statement);
"SET status='error', result='$new_ldap_config_out' ".
"WHERE status='processing' AND macaddress LIKE '$mac_address'";
my $res = $main::job_db->update_dbentry($sql_statement);
- &main::daemon_log("$session_id DEBUG: $sql_statement RESULT: $res", 7);
+ &main::daemon_log("$session_id DEBUG: $sql_statement RESULT: $res", 26);
}
my $register_out = &create_xml_string($out_hash);
push(@out_msg_l, $register_out);
}
my $register_out = &create_xml_string($out_hash);
push(@out_msg_l, $register_out);
push(@out_msg_l, $new_ldap_config_out);
}
push(@out_msg_l, $new_ldap_config_out);
}
+ # Send client hardware configuration
my $hardware_config_out = &hardware_config($msg, $msg_hash, $session_id);
if( $hardware_config_out ) {
push(@out_msg_l, $hardware_config_out);
}
my $hardware_config_out = &hardware_config($msg, $msg_hash, $session_id);
if( $hardware_config_out ) {
push(@out_msg_l, $hardware_config_out);
}
+ # Send client ntp server
+ my $ntp_config_out = &new_ntp_config($mac_address, $session_id);
+ if ($ntp_config_out) {
+ push(@out_msg_l, $ntp_config_out);
+ }
+
+ # Send client syslog server
+ my $syslog_config_out = &new_syslog_config($mac_address, $session_id);
+ if ($syslog_config_out) {
+ push(@out_msg_l, $syslog_config_out);
+ }
+
+ # update ldap entry if exists
+ my $ldap_handle= &main::get_ldap_handle();
+ my $ldap_res= $ldap_handle->search(
+ base => $ldap_base,
+ scope => 'sub',
+ #attrs => ['ipHostNumber'],
+ filter => "(&(objectClass=GOhard)(macAddress=$mac_address))");
+ if($ldap_res->code) {
+ &main::daemon_log("$session_id ERROR: LDAP Entry for client with mac address $mac_address not found: ".$ldap_res->error, 1);
+ } elsif ($ldap_res->count != 1) {
+ &main::daemon_log("$session_id ERROR: client with mac address $mac_address not found/unique/active - not updating ldap entry".
+ "\n\tbase: $ldap_base".
+ "\n\tscope: sub".
+ "\n\tattrs: ipHostNumber".
+ "\n\tfilter: (&(objectClass=GOhard)(macaddress=$mac_address))", 1);
+ } else {
+ my $entry= $ldap_res->pop_entry();
+ my $ip_address= $entry->get_value('ipHostNumber');
+ my $source_ip= ($1) if $source =~ /^([0-9\.]*?):[0-9]*$/;
+ if(not defined($ip_address) and defined($source_ip)) {
+ $entry->add( 'ipHostNumber' => $source_ip );
+ my $mesg= $entry->update($ldap_handle);
+ $mesg->code && &main::daemon_log("$session_id ERROR: Updating IP Address for client with mac address $mac_address failed with '".$mesg->mesg()."'", 1);
+ } elsif(defined($source_ip) and not ($source_ip eq $ip_address)) {
+ $entry->replace( 'ipHostNumber' => $source_ip );
+ my $mesg= $entry->update($ldap_handle);
+ $mesg->code && &main::daemon_log("$session_id ERROR: Updating IP Address for client with mac address $mac_address failed with '".$mesg->mesg()."'", 1);
+ } elsif (not defined($source_ip)) {
+ &main::daemon_log("ERROR: Could not parse source value '$source' perhaps not an ip address?", 1);
+ }
+ }
+ &main::release_ldap_handle($ldap_handle);
+
# notify registered client to all other server
my %mydata = ( 'client' => $source, 'macaddress' => $mac_address);
my $mymsg = &build_msg('new_foreign_client', $main::server_address, "KNOWN_SERVER", \%mydata);
push(@out_msg_l, $mymsg);
# notify registered client to all other server
my %mydata = ( 'client' => $source, 'macaddress' => $mac_address);
my $mymsg = &build_msg('new_foreign_client', $main::server_address, "KNOWN_SERVER", \%mydata);
push(@out_msg_l, $mymsg);
- &main::daemon_log("$session_id INFO: register client $source ($mac_address)", 5);
- &main::daemon_log("$session_id INFO: client version: $client_status - $client_revision", 5);
+ &main::daemon_log("$session_id INFO: register client $source ($mac_address), $client_status - $client_revision", 5);
return @out_msg_l;
}
return @out_msg_l;
}
# what is your search pattern
my $search_pattern = @{$msg_hash->{who_has}}[0];
my $search_element = @{$msg_hash->{$search_pattern}}[0];
# what is your search pattern
my $search_pattern = @{$msg_hash->{who_has}}[0];
my $search_element = @{$msg_hash->{$search_pattern}}[0];
- &main::daemon_log("who_has-msg looking for $search_pattern $search_element", 7);
+ #&main::daemon_log("who_has-msg looking for $search_pattern $search_element", 7);
# scanning known_clients for search_pattern
my @host_addresses = keys %$main::known_clients;
# scanning known_clients for search_pattern
my @host_addresses = keys %$main::known_clients;
}
}
+sub new_syslog_config {
+ my ($mac_address, $session_id) = @_;
+ my $syslog_msg;
+ my $ldap_handle=&main::get_ldap_handle();
+
+ # Perform search
+ my $ldap_res = $ldap_handle->search( base => $ldap_base,
+ scope => 'sub',
+ attrs => ['gotoSyslogServer'],
+ filter => "(&(objectClass=GOhard)(macaddress=$mac_address))");
+ if($ldap_res->code) {
+ &main::daemon_log("$session_id ERROR: new_syslog_config: ldap search: ".$ldap_res->error, 1);
+ &main::release_ldap_handle($ldap_handle);
+ return;
+ }
+
+ # Sanity check
+ if ($ldap_res->count != 1) {
+ &main::daemon_log("$session_id ERROR: client with mac address $mac_address not found/unique/active - not sending syslog config".
+ "\n\tbase: $ldap_base".
+ "\n\tscope: sub".
+ "\n\tattrs: gotoSyslogServer".
+ "\n\tfilter: (&(objectClass=GOhard)(macaddress=$mac_address))", 1);
+ &main::release_ldap_handle($ldap_handle);
+ return;
+ }
+
+ my $entry= $ldap_res->entry(0);
+ my $filter_dn = &Net::LDAP::Util::escape_filter_value($entry->dn);
+ my $syslog_server = $entry->get_value("gotoSyslogServer");
+
+ # If no syslog server is specified at host, just have a look at the object group of the host
+ # Perform object group search
+ if (not defined $syslog_server) {
+ my $ldap_res = $ldap_handle->search( base => $ldap_base,
+ scope => 'sub',
+ attrs => ['gotoSyslogServer'],
+ filter => "(&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))");
+ if($ldap_res->code) {
+ &main::daemon_log("$session_id ERROR: new_syslog_config: ldap search: ".$ldap_res->error, 1);
+ &main::release_ldap_handle($ldap_handle);
+ return;
+ }
+
+ # Sanity check
+ if ($ldap_res->count != 1) {
+ &main::daemon_log("$session_id ERROR: client with mac address $mac_address not found/unique/active - not sending syslog config".
+ "\n\tbase: $ldap_base".
+ "\n\tscope: sub".
+ "\n\tattrs: gotoSyslogServer".
+ "\n\tfilter: (&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1);
+ &main::release_ldap_handle($ldap_handle);
+ return;
+ }
+
+ my $entry= $ldap_res->entry(0);
+ $syslog_server= $entry->get_value("gotoSyslogServer");
+ }
+
+ # Return if no syslog server specified
+ if (not defined $syslog_server) {
+ &main::daemon_log("$session_id WARNING: no syslog server specified for this host '$mac_address'", 3);
+ &main::release_ldap_handle($ldap_handle);
+ return;
+ }
+
+
+ # Add syslog server to 'syslog_config' message
+ my $syslog_msg_hash = &create_xml_hash("new_syslog_config", $server_address, $mac_address);
+ &add_content2xml_hash($syslog_msg_hash, "server", $syslog_server);
+
+ &main::release_ldap_handle($ldap_handle);
+ return &create_xml_string($syslog_msg_hash);
+}
+
+
+sub new_ntp_config {
+ my ($address, $session_id) = @_;
+ my $ntp_msg;
+ my $ldap_handle=&main::get_ldap_handle();
+
+ # Perform search
+ my $ldap_res = $ldap_handle->search( base => $ldap_base,
+ scope => 'sub',
+ attrs => ['gotoNtpServer'],
+ filter => "(&(objectClass=GOhard)(macaddress=$address))");
+ if($ldap_res->code) {
+ &main::daemon_log("$session_id ERROR: new_ntp_config: ldap search: ".$ldap_res->error, 1);
+ &main::release_ldap_handle($ldap_handle);
+ return;
+ }
+
+ # Sanity check
+ if ($ldap_res->count != 1) {
+ &main::daemon_log("$session_id ERROR: client with mac address $address not found/unique/active - not sending ntp config".
+ "\n\tbase: $ldap_base".
+ "\n\tscope: sub".
+ "\n\tattrs: gotoNtpServer".
+ "\n\tfilter: (&(objectClass=GOhard)(macaddress=$address))", 1);
+ &main::release_ldap_handle($ldap_handle);
+ return;
+ }
+
+ my $entry= $ldap_res->entry(0);
+ my $filter_dn = &Net::LDAP::Util::escape_filter_value($entry->dn);
+ my @ntp_servers= $entry->get_value("gotoNtpServer");
+
+ # If no ntp server is specified at host, just have a look at the object group of the host
+ # Perform object group search
+ if ((not @ntp_servers) || (@ntp_servers == 0)) {
+ my $ldap_res = $ldap_handle->search( base => $ldap_base,
+ scope => 'sub',
+ attrs => ['gotoNtpServer'],
+ filter => "(&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))");
+ if($ldap_res->code) {
+ &main::daemon_log("$session_id ERROR: new_ntp_config: ldap search: ".$ldap_res->error, 1);
+ &main::release_ldap_handle($ldap_handle);
+ return;
+ }
+
+ # Sanity check
+ if ($ldap_res->count != 1) {
+ &main::daemon_log("$session_id ERROR: client with mac address $address not found/unique/active - not sending ntp config".
+ "\n\tbase: $ldap_base".
+ "\n\tscope: sub".
+ "\n\tattrs: gotoNtpServer".
+ "\n\tfilter: (&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1);
+ &main::release_ldap_handle($ldap_handle);
+ return;
+ }
+
+ my $entry= $ldap_res->entry(0);
+ @ntp_servers= $entry->get_value("gotoNtpServer");
+ }
+
+ # Return if no ntp server specified
+ if ((not @ntp_servers) || (@ntp_servers == 0)) {
+ &main::daemon_log("$session_id WARNING: no ntp server specified for this host '$address'", 3);
+ &main::release_ldap_handle($ldap_handle);
+ return;
+ }
+
+ # Add each ntp server to 'ntp_config' message
+ my $ntp_msg_hash = &create_xml_hash("new_ntp_config", $server_address, $address);
+ foreach my $ntp_server (@ntp_servers) {
+ &add_content2xml_hash($ntp_msg_hash, "server", $ntp_server);
+ }
+
+ &main::release_ldap_handle($ldap_handle);
+ return &create_xml_string($ntp_msg_hash);
+}
+
+
#=== FUNCTION ================================================================
# NAME: new_ldap_config
# PARAMETERS: address - string - ip address and port of a host
#=== FUNCTION ================================================================
# NAME: new_ldap_config
# PARAMETERS: address - string - ip address and port of a host
# check hit
my $hit_counter = keys %{$res};
if( not $hit_counter == 1 ) {
# check hit
my $hit_counter = keys %{$res};
if( not $hit_counter == 1 ) {
- &main::daemon_log("$session_id ERROR: more or no hit found in known_clients_db by query '$sql_statement'", 1);
+ &main::daemon_log("$session_id ERROR: new_ldap_config: more or no hit found in known_clients_db by query '$sql_statement'", 1);
+ return;
}
$address = $res->{1}->{hostname};
my $macaddress = $res->{1}->{macaddress};
my $hostkey = $res->{1}->{hostkey};
}
$address = $res->{1}->{hostname};
my $macaddress = $res->{1}->{macaddress};
my $hostkey = $res->{1}->{hostkey};
-
+
if (not defined $macaddress) {
if (not defined $macaddress) {
- &main::daemon_log("$session_id ERROR: no mac address found for client $address", 1);
+ &main::daemon_log("$session_id ERROR: new_ldap_config: no mac address found for client $address", 1);
return;
}
return;
}
- # Build LDAP connection
- my $ldap_handle = &main::get_ldap_handle($session_id);
- if( not defined $ldap_handle ) {
- &main::daemon_log("$session_id ERROR: cannot connect to ldap: $ldap_uri", 1);
- return;
- }
-
# Perform search
# Perform search
+ my $ldap_handle=&main::get_ldap_handle();
$mesg = $ldap_handle->search( base => $ldap_base,
scope => 'sub',
attrs => ['dn', 'gotoLdapServer', 'gosaUnitTag', 'FAIclass'],
filter => "(&(objectClass=GOhard)(macaddress=$macaddress))");
if($mesg->code) {
$mesg = $ldap_handle->search( base => $ldap_base,
scope => 'sub',
attrs => ['dn', 'gotoLdapServer', 'gosaUnitTag', 'FAIclass'],
filter => "(&(objectClass=GOhard)(macaddress=$macaddress))");
if($mesg->code) {
- &main::daemon_log("$session_id ".$mesg->error, 1);
+ &main::daemon_log("$session_id ERROR: new_ldap_config: ldap search: ".$mesg->error, 1);
+ &main::release_ldap_handle($ldap_handle);
return;
}
# Sanity check
if ($mesg->count != 1) {
return;
}
# Sanity check
if ($mesg->count != 1) {
- &main::daemon_log("$session_id WARNING: client with mac address $macaddress not found/unique/active - not sending ldap config".
+ &main::daemon_log("$session_id ERROR: client with mac address $macaddress not found/unique/active - not sending ldap config".
"\n\tbase: $ldap_base".
"\n\tscope: sub".
"\n\tattrs: dn, gotoLdapServer".
"\n\tfilter: (&(objectClass=GOhard)(macaddress=$macaddress))", 1);
"\n\tbase: $ldap_base".
"\n\tscope: sub".
"\n\tattrs: dn, gotoLdapServer".
"\n\tfilter: (&(objectClass=GOhard)(macaddress=$macaddress))", 1);
+ &main::release_ldap_handle($ldap_handle);
return;
}
my $entry= $mesg->entry(0);
return;
}
my $entry= $mesg->entry(0);
- my $dn= $entry->dn;
+ my $filter_dn= &Net::LDAP::Util::escape_filter_value($entry->dn);
my @servers= $entry->get_value("gotoLdapServer");
my $unit_tag= $entry->get_value("gosaUnitTag");
my @ldap_uris;
my $server;
my $base;
my $release;
my @servers= $entry->get_value("gotoLdapServer");
my $unit_tag= $entry->get_value("gosaUnitTag");
my @ldap_uris;
my $server;
my $base;
my $release;
+ my $dn= $entry->dn;
# Fill release if available
my $FAIclass= $entry->get_value("FAIclass");
# Fill release if available
my $FAIclass= $entry->get_value("FAIclass");
$mesg = $ldap_handle->search( base => $ldap_base,
scope => 'sub',
attrs => ['dn', 'gotoLdapServer', 'FAIclass'],
$mesg = $ldap_handle->search( base => $ldap_base,
scope => 'sub',
attrs => ['dn', 'gotoLdapServer', 'FAIclass'],
- filter => "(&(objectClass=gosaGroupOfNames)(member=$dn))");
- #$mesg->code && die $mesg->error;
+ filter => "(&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))");
if($mesg->code) {
if($mesg->code) {
- &main::daemon_log("$session_id ".$mesg->error, 1);
+ &main::daemon_log("$session_id ERROR: new_ldap_config: unable to search for '(&(objectClass=gosaGroupOfNames)(member=$filter_dn))': ".$mesg->error, 1);
+ &main::release_ldap_handle($ldap_handle);
return;
}
# Sanity check
return;
}
# Sanity check
- if ($mesg->count != 1) {
- &main::daemon_log("$session_id WARNING: no LDAP information found for client mac $macaddress", 1);
- return;
- }
+ if ($mesg->count != 1) {
+ &main::daemon_log("$session_id ERROR: new_ldap_config: client with mac address $macaddress not found/unique/active - not sending ldap config".
+ "\n\tbase: $ldap_base".
+ "\n\tscope: sub".
+ "\n\tattrs: dn, gotoLdapServer, FAIclass".
+ "\n\tfilter: (&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1);
+ &main::release_ldap_handle($ldap_handle);
+ return;
+ }
$entry= $mesg->entry(0);
$dn= $entry->dn;
$entry= $mesg->entry(0);
$dn= $entry->dn;
@servers= sort (@servers);
@servers= sort (@servers);
+ # complain if no ldap information found
+ if (@servers == 0) {
+ &main::daemon_log("$session_id ERROR: no gotoLdapServer information for LDAP entry '$dn'", 1);
+ }
+
foreach $server (@servers){
# Conversation for backward compatibility
if (not $server =~ /^\d+:[^:]+:ldap[^:]*:\/\// ) {
foreach $server (@servers){
# Conversation for backward compatibility
if (not $server =~ /^\d+:[^:]+:ldap[^:]*:\/\// ) {
filter => "(&(objectClass=gosaAdministrativeUnit)(gosaUnitTag=$unit_tag))");
#$mesg->code && die $mesg->error;
if($mesg->code) {
filter => "(&(objectClass=gosaAdministrativeUnit)(gosaUnitTag=$unit_tag))");
#$mesg->code && die $mesg->error;
if($mesg->code) {
- &main::daemon_log($mesg->error, 1);
+ &main::daemon_log("$session_id ERROR: new_ldap_config: ldap search: ".$mesg->error, 1);
+ &main::release_ldap_handle($ldap_handle);
return "error-unit-tag-count-0";
}
# Sanity check
if ($mesg->count != 1) {
return "error-unit-tag-count-0";
}
# Sanity check
if ($mesg->count != 1) {
- &main::daemon_log("WARNING: cannot find administrative unit for client with tag $unit_tag", 1);
+ &main::daemon_log("WARNING: cannot find administrative unit for client with tag $unit_tag", 3);
+ &main::release_ldap_handle($ldap_handle);
return "error-unit-tag-count-".$mesg->count;
}
return "error-unit-tag-count-".$mesg->count;
}
# Append unit Tag
$data{'unit_tag'}= $unit_tag;
}
# Append unit Tag
$data{'unit_tag'}= $unit_tag;
}
+ &main::release_ldap_handle($ldap_handle);
# Send information
return &build_msg("new_ldap_config", $server_address, $address, \%data);
# Send information
return &build_msg("new_ldap_config", $server_address, $address, \%data);
# check hit
my $hit_counter = keys %{$res};
if( not $hit_counter == 1 ) {
# check hit
my $hit_counter = keys %{$res};
if( not $hit_counter == 1 ) {
- &main::daemon_log("$session_id ERROR: more or no hit found in known_clients_db by query by '$address'", 1);
+ &main::daemon_log("$session_id ERROR: hardware_config: more or no hit found in known_clients_db by query by '$address'", 1);
}
my $macaddress = $res->{1}->{macaddress};
my $hostkey = $res->{1}->{hostkey};
if (not defined $macaddress) {
}
my $macaddress = $res->{1}->{macaddress};
my $hostkey = $res->{1}->{hostkey};
if (not defined $macaddress) {
- &main::daemon_log("$session_id ERROR: no mac address found for client $address", 1);
+ &main::daemon_log("$session_id ERROR: hardware_config: no mac address found for client $address", 1);
return;
}
return;
}
- # Build LDAP connection
- my $ldap_handle = &main::get_ldap_handle($session_id);
- if( not defined $ldap_handle ) {
- &main::daemon_log("$session_id ERROR: cannot connect to ldap: $ldap_uri", 1);
- return;
- }
-
# Perform search
# Perform search
+ my $ldap_handle=&main::get_ldap_handle();
$mesg = $ldap_handle->search(
base => $ldap_base,
scope => 'sub',
$mesg = $ldap_handle->search(
base => $ldap_base,
scope => 'sub',
);
if($mesg->count() == 0) {
);
if($mesg->count() == 0) {
- &main::daemon_log("Host was not found in LDAP!", 1);
+ &main::daemon_log("$session_id INFO: Host was not found in LDAP!", 5);
# set status = hardware_detection at jobqueue if entry exists
# TODO
# set status = hardware_detection at jobqueue if entry exists
# TODO
xmlmessage=>'none',
macaddress=>$macaddress,
plainname=>'none',
xmlmessage=>'none',
macaddress=>$macaddress,
plainname=>'none',
+ siserver=>'localhost',
+ modified=>'1',
};
my $hd_res = $main::job_db->add_dbentry($func_dic);
&main::daemon_log("$session_id INFO: add '$macaddress' to job queue as an installing job", 5);
} else {
my $entry= $mesg->entry(0);
};
my $hd_res = $main::job_db->add_dbentry($func_dic);
&main::daemon_log("$session_id INFO: add '$macaddress' to job queue as an installing job", 5);
} else {
my $entry= $mesg->entry(0);
- my $dn= $entry->dn;
if (defined($entry->get_value("gotoHardwareChecksum"))) {
if (defined($entry->get_value("gotoHardwareChecksum"))) {
- if (! $entry->get_value("gotoHardwareChecksum") eq $gotoHardwareChecksum) {
+ if (! ($entry->get_value("gotoHardwareChecksum") eq $gotoHardwareChecksum)) {
$entry->replace(gotoHardwareChecksum => $gotoHardwareChecksum);
if($entry->update($ldap_handle)) {
&main::daemon_log("$session_id INFO: Hardware changed! Detection triggered.", 5);
}
} else {
# Nothing to do
$entry->replace(gotoHardwareChecksum => $gotoHardwareChecksum);
if($entry->update($ldap_handle)) {
&main::daemon_log("$session_id INFO: Hardware changed! Detection triggered.", 5);
}
} else {
# Nothing to do
+ &main::release_ldap_handle($ldap_handle);
return;
}
}
return;
}
}
$data{'goto_secret'}= $goto_secret;
}
$data{'goto_secret'}= $goto_secret;
}
+ &main::release_ldap_handle($ldap_handle);
+
# Send information
return &build_msg("detect_hardware", $server_address, $address, \%data);
}
sub server_matches {
# Send information
return &build_msg("detect_hardware", $server_address, $address, \%data);
}
sub server_matches {
- my $target = shift;
+ my ($target, $session_id) = @_ ;
my $target_ip = ($1) if $target =~ /^([0-9\.]*?):.*$/;
if(!defined($target_ip) or length($target_ip) == 0) {
return;
my $target_ip = ($1) if $target =~ /^([0-9\.]*?):.*$/;
if(!defined($target_ip) or length($target_ip) == 0) {
return;
}
}
} else {
}
}
} else {
- &main::daemon_log("Target ip $target_ip does not match Server ip $server_ip",1);
+ &main::daemon_log("$session_id INFO: Target ip $target_ip does not match Server ip $server_ip",5);
}
return $result;
}
}
return $result;
}
+# vim:ts=4:shiftwidth:expandtab
1;
1;