![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/gosa-core/include/class_gosaSupportDaemon.inc b/gosa-core/include/class_gosaSupportDaemon.inc
index b10d506dcd3ca3e1fe54727aee84344a1ea39607..571a3f89f72b54401df4cfc24f742f21c8d9db57 100644 (file)
global $config;
# load from config, store statically
- if (isset($config->current['GOSA_SI'])){
+ if ($config->get_cfg_value("gosa_si") != ""){
if ($this->s_host == ""){
- $this->s_host= preg_replace("/^.*@([^:]+):.*$/", "$1", $config->current['GOSA_SI']);
- $this->i_port= preg_replace("/^.*@[^:]+:(.*)$/", "$1", $config->current['GOSA_SI']);
- $this->s_encryption_key = preg_replace("/^(.*)@[^:]+:.*$/", "$1", $config->current['GOSA_SI']);
+ $this->s_host= preg_replace("/^.*@([^:]+):.*$/", "$1", $config->get_cfg_value("gosa_si"));
+ $this->i_port= preg_replace("/^.*@[^:]+:(.*)$/", "$1", $config->get_cfg_value("gosa_si"));
+ $this->s_encryption_key = preg_replace("/^(.*)@[^:]+:.*$/", "$1", $config->get_cfg_value("gosa_si"));
}
$this->f_timeout = $timeout;
return($this->is_connected);
}
+
+ /*! \brief Returns TRUE whether we are connected or not
+ @return BOOLEAN Returns TRUE when connected else FALSE
+ */
+ public function is_connected()
+ {
+ return($this->is_connected);
+ }
+
+
/*! \brief Disconnect from gosa daemon.
*/
public function get_error()
{
$str = $this->s_error;
- $str = preg_replace("/ /"," ",$str);
- return($str);
+ $ret = "";
+ if(is_string($str)){
+ $ret = $str;
+ }else{
+ foreach($str as $msg){
+ $ret .= $msg." ";
+ }
+ }
+ $ret = preg_replace("/ /"," ",$ret);
+ return($ret);
}
$entries = $this->xml_to_array($str);
if(isset($entries['XML']) && is_array($entries['XML'])){
foreach($entries['XML'] as $entry){
- if(isset($entry['ID'])){
+ if(is_array($entry) && array_key_exists("ID",$entry)){
$ret[] = $entry['ID'];
}
}
}
}
if ($xml_elem['type'] == 'complete') {
+
$start_level = 1;
$test2 = &$params;
while($start_level < $xml_elem['level']) {
$test2 = &$test2[$level[$start_level]];
$start_level++;
}
+
+ /* Save tag attributes too.
+ e.g. <tag attr="val">
+ */
+ if(isset($xml_elem['attributes'])){
+ foreach($xml_elem['attributes'] as $name => $value){
+ $test2['ATTRIBUTES'][$name] = $value;
+ }
+ }
+
if(!isset($test2[$xml_elem['tag']])){
if(isset($xml_elem['value'])){
$test2[$xml_elem['tag']] = $xml_elem['value'];
$attr = "";
foreach($data as $key => $value){
+ $key = strtolower($key);
if(is_array($value)){
foreach($value as $sub_value){
$attr.= "<$key>".strtolower($sub_value)."</$key>\n";
foreach ($data as $key => $value){
if(is_array($value)){
foreach($value as $sub_val){
- $xml_message.= "<$key>$sub_value</$key>";
+ $xml_message.= "<$key>$sub_val</$key>";
}
}else{
$xml_message.= "<$key>$value</$key>";
{
$res = array();
+ /* Check if the given server is a valid mac address
+ */
+ if(!tests::is_mac($server)){
+ trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address");
+ return($ret);
+ }
+
/* Prepare request event
*/
$xml_msg =
"<target>".$server."</target>".
"</xml>";
- return($this->_send($xml_msg,TRUE));
+ $tmp = $this->_send($xml_msg,TRUE);
+ if(isset($tmp['XML']['PRINCIPAL'])){
+ return($tmp['XML']['PRINCIPAL']);
+ }else{
+ return($res);
+ }
}
@pram String The name of the requested principal. (e.g. peter@EXAMPLE.DE)
@return Array A list containing the names of all configured principals.
*/
- public function krb5_get_principal($name)
+ public function krb5_get_principal($server,$name)
{
$ret = array();
return($ret);
}
+ /* Check if the given server is a valid mac address
+ */
+ if(!tests::is_mac($server)){
+ trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address");
+ return($ret);
+ }
+
/* Prepare request event
*/
$xml_msg =
"<header>gosa_krb5_get_principal</header>".
"<principal>".$name."</principal>".
"<source>GOSA</source>".
- "<target>GOSA</target>".
+ "<target>".$server."</target>".
+ "</xml>";
+
+ $res = $this->_send($xml_msg,TRUE);
+ if(isset($res['XML'])){
+ return($res['XML']);
+ }else{
+ return($ret);
+ }
+ }
+
+
+ /*! \brief Creates a given principal with a set of configuration settings.
+ For a list of configurable attributes have a look at 'krb5_get_principal()'.
+ (Uses the GOsa support daemon instead of the ldap database.)
+ @pram String The name of the principal to update. (e.g. peter@EXAMPLE.DE)
+ @return Boolean TRUE on success else FALSE.
+ */
+ public function krb5_add_principal($server,$name,$values)
+ {
+ $ret = FALSE;
+
+ /* Check if the given name is a valid request value
+ */
+ if(!is_string($name) || empty($name)){
+ trigger_error("The given principal name is not of type string or it is empty.");
+ return($ret);
+ }
+ if(!is_array($values)){
+ trigger_error("No valid update settings given. The parameter must be of type array and must contain at least one entry");
+ return($ret);
+ }
+
+ /* Check if the given server is a valid mac address
+ */
+ if(!tests::is_mac($server)){
+ trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address");
+ return($ret);
+ }
+
+ $attrs = "";
+ foreach($values as $key => $value){
+ if(empty($key) || is_numeric($key)){
+ trigger_error("Invalid configuration attribute given '".$key."=".$value."'.");
+ return($ret);
+ }
+ $key = strtolower($key);
+ if(is_array($value)){
+ foreach($value as $val){
+ $attrs.= "<$key>$val</$key>\n";
+ }
+ }else{
+ $attrs.= "<$key>$value</$key>\n";
+ }
+ }
+
+ /* Prepare request event
+ */
+ $xml_msg =
+ "<xml>".
+ "<header>gosa_krb5_create_principal</header>".
+ "<principal>".$name."</principal>".
+ $attrs.
+ "<source>GOSA</source>".
+ "<target>".$server."</target>".
+ "</xml>";
+
+ return($this->_send($xml_msg,TRUE) == TRUE && !$this->is_error());
+ }
+
+
+ function krb5_ramdomize_key($server,$name)
+ {
+ /* Prepare request event
+ */
+ $xml_msg =
+ "<xml>".
+ "<header>gosa_krb5_randomize_key</header>".
+ "<principal>".$name."</principal>".
+ "<source>GOSA</source>".
+ "<target>".$server."</target>".
"</xml>";
- return($this->_send($xml_msg,TRUE));
+ return($this->_send($xml_msg,TRUE) == TRUE && !$this->is_error());
}
+
- /*! \brief Creates/Updates a given principal with a set of configuration settings.
+ /*! \brief Updates a given principal with a set of configuration settings.
For a list of configurable attributes have a look at 'krb5_get_principal()'.
(Uses the GOsa support daemon instead of the ldap database.)
@pram String The name of the principal to update. (e.g. peter@EXAMPLE.DE)
@return Boolean TRUE on success else FALSE.
*/
- public function krb5_set_principal($name,$values)
+ public function krb5_set_principal($server,$name,$values)
{
$ret = FALSE;
return($ret);
}
+ /* Check if the given server is a valid mac address
+ */
+ if(!tests::is_mac($server)){
+ trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address");
+ return($ret);
+ }
+
$attrs = "";
- foreach($values as $name => $value){
- if(empty($name) || is_numeric($name)){
- trigger_error("Invalid configuration attribute given '".$name."=".$value."'.");
+ foreach($values as $key => $value){
+ if(empty($key) || is_numeric($key)){
+ trigger_error("Invalid configuration attribute given '".$key."=".$value."'.");
return($ret);
}
- $attrs = "<$name>$value</$name>\n";
+ $key = strtolower($key);
+ if(is_array($value)){
+ foreach($value as $val){
+ $attrs.= "<$key>$val</$key>\n";
+ }
+ }else{
+ $attrs.= "<$key>$value</$key>\n";
+ }
}
/* Prepare request event
*/
$xml_msg =
"<xml>".
- "<header>gosa_krb5_set_principal</header>".
+ "<header>gosa_krb5_modify_principal</header>".
"<principal>".$name."</principal>".
$attrs.
"<source>GOSA</source>".
- "<target>GOSA</target>".
+ "<target>".$server."</target>".
"</xml>";
- return($this->_send($xml_msg,TRUE));
+ return($this->_send($xml_msg,TRUE) == TRUE && !$this->is_error());
}
@pram String The name of the principal. (e.g. peter@EXAMPLE.DE)
@return Boollean TRUE on success else FALSE
*/
- public function krb5_del_principal($name)
+ public function krb5_del_principal($server,$name)
{
$ret = FALSE;
return($ret);
}
+ /* Check if the given server is a valid mac address
+ */
+ if(!tests::is_mac($server)){
+ trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address");
+ return($ret);
+ }
+
/* Prepare request event
*/
$xml_msg =
"<header>gosa_krb5_del_principal</header>".
"<principal>".$name."</principal>".
"<source>GOSA</source>".
- "<target>GOSA</target>".
+ "<target>".$server."</target>".
"</xml>";
-
- return($this->_send($xml_msg,TRUE));
+ return($this->_send($xml_msg,TRUE) == TRUE && !$this->is_error());
}
{
$res = array();
+ /* Check if the given server is a valid mac address
+ */
+ if(!tests::is_mac($server)){
+ trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address");
+ return($ret);
+ }
+
/* Prepare request event
*/
$xml_msg =
/* Possible attributes */
$attrs = array("MASK","POLICY","PW_HISTORY_NUM","PW_MAX_LIFE",
- "PW_MIN_CLASSES","PW_MIN_LENGTH","PW_MIN_LIFE","REF_COUNT");
+ "PW_MIN_CLASSES","PW_MIN_LENGTH","PW_MIN_LIFE","POLICY_REFCNT");
+
$tmp = $this->_send($xml_msg,TRUE);
if(isset($tmp['XML'])){
foreach($attrs as $attr){
}
- /*! \brief Creates/Updates a given policy with a set of configuration settings.
+ /*! \brief Creates a new policy with a given set of configuration settings.
For a list of configurable attributes have a look at 'krb5_get_policy()'.
(Uses the GOsa support daemon instead of the ldap database.)
@pram String The name of the policy to update.
+ @pram Array The attributes to update
@return Boolean TRUE on success else FALSE.
*/
- public function krb5_set_policy($name,$values)
+ public function krb5_add_policy($server,$name,$values)
{
$ret = FALSE;
return($ret);
}
+ /* Check if the given server is a valid mac address
+ */
+ if(!tests::is_mac($server)){
+ trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address");
+ return($ret);
+ }
+
+
/* Transform array into <xml>
*/
$attrs = "";
- foreach($values as $name => $value){
- if(empty($name) || is_numeric($name)){
- trigger_error("Invalid policy configuration attribute given '".$name."=".$value."'.");
+ foreach($values as $id => $value){
+ if(empty($id) || is_numeric($id)){
+ trigger_error("Invalid policy configuration attribute given '".$id."=".$value."'.");
return($ret);
}
- $attrs = "<$name>$value</$name>\n";
+ $id = strtolower($id);
+ $attrs.= "<$id>$value</$id>\n";
}
/* Prepare request event
*/
$xml_msg =
"<xml>".
- "<header>gosa_krb5_set_policy</header>".
+ "<header>gosa_krb5_create_policy</header>".
"<policy>".$name."</policy>".
$attrs.
"<source>GOSA</source>".
- "<target>GOSA</target>".
+ "<target>".$server."</target>".
"</xml>";
- return($this->_send($xml_msg,TRUE));
+ return($this->_send($xml_msg,TRUE) == TRUE && !$this->is_error());
+ }
+
+
+ /*! \brief Updates a given policy with a set of configuration settings.
+ For a list of configurable attributes have a look at 'krb5_get_policy()'.
+ (Uses the GOsa support daemon instead of the ldap database.)
+ @pram String The name of the policy to update.
+ @return Boolean TRUE on success else FALSE.
+ */
+ public function krb5_set_policy($server,$name,$values)
+ {
+ $ret = FALSE;
+
+ /* Check if the given name is a valid request value
+ */
+ if(!is_string($name) || empty($name)){
+ trigger_error("The given policy name is not of type string or it is empty.");
+ return($ret);
+ }
+ if(!is_array($values) || !count($values)){
+ trigger_error("No valid policy settings given. The parameter must be of type array and must contain at least one entry");
+ return($ret);
+ }
+
+ /* Check if the given server is a valid mac address
+ */
+ if(!tests::is_mac($server)){
+ trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address");
+ return($ret);
+ }
+
+ /* Transform array into <xml>
+ */
+ $attrs = "";
+ foreach($values as $id => $value){
+ if(preg_match("/^policy$/i",$id)) continue;
+ if(empty($id) || is_numeric($id)){
+ trigger_error("Invalid policy configuration attribute given '".$id."=".$value."'.");
+ return($ret);
+ }
+ $id = strtolower($id);
+ $attrs.= "<$id>$value</$id>\n";
+ }
+
+ /* Prepare request event
+ */
+ $xml_msg =
+ "<xml>".
+ "<header>gosa_krb5_modify_policy</header>".
+ "<policy>".$name."</policy>".
+ $attrs.
+ "<source>GOSA</source>".
+ "<target>".$server."</target>".
+ "</xml>";
+
+ return($this->_send($xml_msg,TRUE) == TRUE && !$this->is_error());
}
(Uses the GOsa support daemon instead of the ldap database.)
@return Boolean TRUE on success else FALSE
*/
- public function krb5_del_policy($name)
+ public function krb5_del_policy($server,$name)
{
$ret = FALSE;
+ /* Check if the given server is a valid mac address
+ */
+ if(!tests::is_mac($server)){
+ trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address");
+ return($ret);
+ }
+
/* Check if the given name is a valid request value
*/
if(!is_string($name) || empty($name)){
"<header>gosa_krb5_del_policy</header>".
"<policy>".$name."</policy>".
"<source>GOSA</source>".
- "<target>GOSA</target>".
+ "<target>".$server."</target>".
+ "</xml>";
+ return($this->_send($xml_msg,TRUE) == TRUE && !$this->is_error());
+ }
+
+
+ /*! \brief Sets the password of for the given principal.
+ (Uses the GOsa support daemon instead of the ldap database.)
+ @param String The servers mac
+ @param String The principals name
+ @param String $the new password.
+ @return Boolean TRUE on success else FALSE
+ */
+ public function krb5_set_password($server,$name,$password)
+ {
+ $ret = FALSE;
+
+ /* Check if the given server is a valid mac address
+ */
+ if(!tests::is_mac($server)){
+ trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address");
+ return($ret);
+ }
+
+ /* Check if the given name is a valid request value
+ */
+ if(!is_string($name) || empty($name)){
+ trigger_error("The given principal name is not of type string or it is empty.");
+ return($ret);
+ }
+
+ /* Prepare request event
+ */
+ $xml_msg =
+ "<xml>".
+ "<header>gosa_krb5_set_password</header>".
+ "<principal>".$name."</principal>".
+ "<password>".$password."</password>".
+ "<source>GOSA</source>".
+ "<target>".$server."</target>".
"</xml>";
- return($this->_send($xml_msg,TRUE));
+ return($this->_send($xml_msg,TRUE) == TRUE && !$this->is_error());
}
+
+ /*! \brief Returns log file informations for a given mac address
+ @param $mac The mac address to fetch logs for.
+ @retrun Array A Multidimensional array containing log infos.
+ MAC_00_01_6C_9D_B9_FA['install_20080311_090900'][0]=debconf.log
+ MAC_00_01_6C_9D_B9_FA['install_20080311_090900'][1]=syslog.log
+ install_20080313_144450 ...
+ */
+ public function get_log_info_for_mac($mac)
+ {
+ $xml_msg = "
+ <xml>
+ <header>gosa_show_log_by_mac</header>
+ <target>GOSA</target>
+ <source>GOSA</source>
+ <mac>".$mac."</mac>
+ </xml>";
+
+ $res = $this->_send($xml_msg,TRUE);
+ $ret = array();
+ if(isset($res['XML'])){
+
+ /* Filter all entry that look like this
+ MAC_00_01_6C_9D_B9_FA
+ */
+ foreach($res['XML'] as $name => $entry){
+ if(preg_match("/^MAC/",$name)){
+
+ /* Get list of available log files
+ */
+ foreach($entry as $log_date){
+ $xml_msg2 = "<xml>
+ <header>gosa_show_log_files_by_date_and_mac</header>
+ <target>GOSA</target>
+ <source>GOSA</source>
+ <date>".$log_date."</date>
+ <mac>".$mac."</mac>
+ </xml>";
+
+ $ret[$mac][$log_date] = array();
+ $res = $this->_send($xml_msg2,TRUE);
+ $ret[$mac][$log_date]['DATE_STR'] = $log_date;
+ $ret[$mac][$log_date]['REAL_DATE'] = strtotime(preg_replace("/[^0-9]*/","",$log_date));
+ if(isset($res['XML']['SHOW_LOG_FILES_BY_DATE_AND_MAC'])){
+ $ret[$mac][$log_date]['FILES'] = $res['XML']['SHOW_LOG_FILES_BY_DATE_AND_MAC'];
+ }
+ }
+ }
+ }
+ }
+ return($ret);
+ }
+
+ public function get_log_file($mac,$date,$file)
+ {
+ $xml_msg ="
+ <xml>
+ <header>gosa_get_log_file_by_date_and_mac</header>
+ <target>GOSA</target>
+ <source>GOSA</source>
+ <date>".$date."</date>
+ <mac>".$mac."</mac>
+ <log_file>".$file."</log_file>
+ </xml>";
+
+ $res = $this->_send($xml_msg,TRUE);
+ if(isset($res['XML'][strtoupper($file)])){
+ return(base64_decode($res['XML'][strtoupper($file)]));
+ }
+ return("");
+ }
+
+
+
+
+
+ /*****************
+ * DAK - Functions
+ *****************/
+
+ /*! \brief Returns all currenlty queued entries for a given DAK repository
+ @param ...
+ @return Array All queued entries.
+ */
+ public function DAK_keyring_entries($server)
+ {
+ /* Ensure that we send the event to a valid mac address
+ */
+ if(!is_string($server) || !tests::is_mac($server)){
+ trigger_error("No valid mac address given '".$server."'.");
+ return;
+ }
+
+ /* Create query
+ */
+ $xml_msg = "<xml>
+ <header>gosa_get_dak_keyring</header>
+ <target>".$server."</target>
+ <source>GOSA</source>
+ </xml>";
+
+ $res = $this->_send($xml_msg,TRUE);
+
+ /* Check if there are results for POLICY
+ */
+ if(isset($res['XML'])){
+ $ret = array();
+ foreach($res['XML'] as $key => $entry){
+ if(preg_match("/^ANSWER/",$key)){
+ $ret[] = $entry;
+ }
+ }
+ return($ret);
+ }else{
+ return(array());
+ }
+ }
+
+
+ /*! \brief Imports the given key into the specified keyring (Servers mac address)
+ @param String The servers mac address
+ @param String The gpg key.
+ @return Boolean TRUE on success else FALSE
+ */
+ public function DAK_import_key($server,$key)
+ {
+ /* Ensure that we send the event to a valid mac address
+ */
+ if(!is_string($server) || !tests::is_mac($server)){
+ trigger_error("No valid mac address given '".$server."'.");
+ return;
+ }
+
+ /* Check if there is some cleanup required before importing the key.
+ There may be some Header lines like:
+ -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.6 (GNU/Linux)
+ */
+ if(preg_match("/".normalizePreg("BEGIN PGP PUBLIC KEY BLOCK")."/",$key)){
+
+ /* Remove header */
+ $key = preg_replace("/^.*\n\n/sim","",$key);
+ /* Remove footer */
+ $key = preg_replace("/-----.*$/sim","",$key);
+ }elseif (!preg_match('%^[a-zA-Z0-9/+]*={0,2}$%', $key)) {
+
+ /* Encode key if it is raw.
+ */
+ $key = base64_encode($key);
+ }
+
+ /* Create query
+ */
+ $xml_msg = "<xml>
+ <header>gosa_import_dak_key</header>
+ <target>".$server."</target>
+ <key>".$key."</key>
+ <source>GOSA</source>
+ </xml>";
+
+ $res = $this->_send($xml_msg,TRUE);
+ return($this->is_error());
+ }
+
+
+ /*! \brief Removes a key from the keyring on the given server.
+ @param String The servers mac address
+ @param String The gpg key uid.
+ @return Boolean TRUE on success else FALSE
+ */
+ public function DAK_remove_key($server,$key)
+ {
+ /* Ensure that we send the event to a valid mac address
+ */
+ if(!is_string($server) || !tests::is_mac($server)){
+ trigger_error("No valid mac address given '".$server."'.");
+ return;
+ }
+
+ /* Create query
+ */
+ $xml_msg = "<xml>
+ <header>gosa_remove_dak_key</header>
+ <target>".$server."</target>
+ <keyid>".$key."</keyid>
+ <source>GOSA</source>
+ </xml>";
+
+ $res = $this->_send($xml_msg,TRUE);
+ return($this->is_error());
+ }
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: