diff --git a/gosa-si/gosa-si-bus b/gosa-si/gosa-si-bus
index b7711101e7802233739f69454bc27cb8b542aa01..37d54002cfa8899372b8036ca35b34742401e97e 100755 (executable)
--- a/gosa-si/gosa-si-bus
+++ b/gosa-si/gosa-si-bus
use POE qw(Component::Server::TCP);
use Data::Dumper;
use Crypt::Rijndael;
-use GOSA::DBsqlite;
-use GOSA::GosaSupportDaemon;
use IO::Socket::INET;
use NetAddr::IP;
use XML::Simple;
use MIME::Base64;
+use File::Basename;
use Digest::MD5 qw(md5 md5_hex md5_base64);
+use GOSA::GosaSupportDaemon;
+use GOSA::DBsqlite;
my ($cfg_file, $default_cfg_file, %cfg_defaults, $foreground, $verbose, $pid_file, $procid, $pid, $log_file,);
my ($bus_address, $bus_key, $bus_ip, $bus_port, $bus_mac_address);
my ($bus_known_server_db, $bus_known_server_file_name, $bus_known_clients_db, $bus_known_clients_file_name);
my $xml;
+our $prg= basename($0);
$foreground = 0 ;
%cfg_defaults = (
"general" => {
- "log_file" => [\$log_file, "/var/run/".$0.".log"],
- "pid_file" => [\$pid_file, "/var/run/".$0.".pid"],
- "bus_known_server_file_name" => [\$bus_known_server_file_name, "/var/lib/gosa-si/gosa-si-bus_known_server.db"],
- "bus_known_clients_file_name" => [\$bus_known_clients_file_name, "/var/lib/gosa-si/gosa-si-bus_known_clients.db"],
+ "log_file" => [\$log_file, "/var/run/".$prg.".log"],
+ "pid_file" => [\$pid_file, "/var/run/".$prg.".pid"],
},
-"GOsa-si-bus" => {
+"bus" => {
"key" => [\$bus_key, "secret-bus-password"],
"ip" => [\$bus_ip, "0.0.0.0"],
"port" => [\$bus_port, "20080"],
- },
+ "known-servers" => [\$bus_known_server_file_name, "/var/lib/gosa-si/bus-servers.db"],
+ "known-clients" => [\$bus_known_clients_file_name, "/var/lib/gosa-si/bus-clients.db"],
+ },
);
#=== FUNCTIONS = functions =====================================================
#===============================================================================
sub usage {
print STDERR << "EOF" ;
-usage: $0 [-hvf] [-c config]
+usage: $prg [-hvf] [-c config]
-h : this (help) message
-c <file> : config file
$month = $monthnames[$month];
$monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday;
$year+=1900;
- my $name = $0;
- $name =~ s/\.\///;
- my $log_msg = "$month $monthday $hours:$minutes:$seconds $name $msg\n";
+ my $log_msg = "$month $monthday $hours:$minutes:$seconds $prg $msg\n";
print LOG_HANDLE $log_msg;
if( $foreground ) {
print STDERR $log_msg;
return $result;
}
+sub bus_matches {
+ my $target = shift;
+ my $target_ip = sprintf("%s", $target =~ /^([0-9\.]*?):.*$/);
+ my $result = 0;
+
+ if($bus_ip eq $target_ip) {
+ $result= 1;
+ } elsif ($bus_ip eq "0.0.0.0") {
+ if ($target_ip eq "127.0.0.1") {
+ $result= 1;
+ } else {
+ my $PROC_NET_ROUTE= ('/proc/net/route');
+
+ open(PROC_NET_ROUTE, "<$PROC_NET_ROUTE")
+ or die "Could not open $PROC_NET_ROUTE";
+
+ my @ifs = <PROC_NET_ROUTE>;
+
+ close(PROC_NET_ROUTE);
+
+ # Eat header line
+ shift @ifs;
+ chomp @ifs;
+ foreach my $line(@ifs) {
+ my ($Iface,$Destination,$Gateway,$Flags,$RefCnt,$Use,$Metric,$Mask,$MTU,$Window,$IRTT)=split(/\s/, $line);
+ my $destination;
+ my $mask;
+ my ($d,$c,$b,$a)=unpack('a2 a2 a2 a2', $Destination);
+ $destination= sprintf("%d.%d.%d.%d", hex($a), hex($b), hex($c), hex($d));
+ ($d,$c,$b,$a)=unpack('a2 a2 a2 a2', $Mask);
+ $mask= sprintf("%d.%d.%d.%d", hex($a), hex($b), hex($c), hex($d));
+ if(new NetAddr::IP($target_ip)->within(new NetAddr::IP($destination, $mask))) {
+ # destination matches route, save mac and exit
+ $result= 1;
+ last;
+ }
+ }
+ }
+ } else {
+ &main::daemon_log("Target ip $target_ip does not match bus ip $bus_ip",1);
+ }
+
+ return $result;
+}
#=== FUNCTION ================================================================
# NAME: create_passwd
sub create_ciphering {
my ($passwd) = @_;
+ if((!defined($passwd)) || length($passwd)==0) {
+ $passwd = "";
+ }
$passwd = substr(md5_hex("$passwd") x 32, 0, 32);
my $iv = substr(md5_hex('GONICUS GmbH'),0, 16);
my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC());
sub encrypt_msg {
my ($msg, $key) = @_;
my $my_cipher = &create_ciphering($key);
+ my $len;
{
- use bytes;
- $msg = "\0"x(16-length($msg)%16).$msg;
+ use bytes;
+ $len= 16-length($msg)%16;
}
+ $msg = "\0"x($len).$msg;
$msg = $my_cipher->encrypt($msg);
chomp($msg = &encode_base64($msg));
# there are no newlines allowed inside msg
sub decrypt_msg {
+
my ($msg, $key) = @_ ;
$msg = &decode_base64($msg);
my $my_cipher = &create_ciphering($key);
my $target_string = join(",", @target_l);
daemon_log("got msg '$header' with target '$target_string' from ".$heap->{'remote_ip'}, 3);
- if( 1 == length(@target_l) && $target_l[0] eq $bus_address ) {
+ if( 1 == length(@target_l) && &bus_matches($target_l[0]) ) {
# msg is for bus
#print STDERR "msg is for bus\n";
$kernel->post('gosa_si_bus_session', $header, $msg, $msg_hash);
}
elsif( $target =~ /([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})/ ) {
# target is a mac address
- my $sql_statement = "SELECT * FROM bus_known_clients WHERE macaddress='$target'";
+ my $sql_statement = "SELECT * FROM bus_known_clients WHERE macaddress LIKE '$target'";
my $query_res = $bus_known_clients_db->select_dbentry( $sql_statement );
if( 1 > keys(%{$query_res})) {
daemon_log("ERROR: there are more than one hosts in bus_known_clients_db with mac address '$target'", 1);
# forward error messages to logfile
if ( ! $foreground ) {
- open STDIN, '/dev/null' or die "Can’t read /dev/null: $!";
- open STDOUT, '>>/dev/null' or die "Can't write to /dev/null: $!";
- open STDERR, '>>/dev/null' or die "Can't write to /dev/null: $!";
+ open( STDIN, '+>/dev/null' );
+ open( STDOUT, '+>&STDIN' );
+ open( STDERR, '+>&STDIN' );
}
# Just fork, if we are not in foreground mode