diff --git a/gosa-si/gosa-si-client b/gosa-si/gosa-si-client
index eef48fdfa9ebdd7c76aeb0a7c458f0cd8eb40fcc..cbc3e571952a00d7474b602a6cc4650915c277bd 100755 (executable)
--- a/gosa-si/gosa-si-client
+++ b/gosa-si/gosa-si-client
my $event_dir = "/usr/lib/gosa-si/client/events";
use lib "/usr/lib/gosa-si/client/events";
-my ($cfg_file, %cfg_defaults, $foreground, $verbose, $pid_file, $opts_file, $procid, $pid, $log_file, $fai_logpath);
+my (%cfg_defaults, $foreground, $verbose, $pid_file, $procid, $pid, $log_file, $fai_logpath);
my ($server_ip, $server_port, $server_key, $server_timeout, $server_domain, $server_key_lifetime);
my ($client_ip, $client_port, $client_mac_address, $ldap_enabled, $ldap_config, $pam_config, $nss_config);
my $xml;
# globalise variables which are used in imported events
our $cfg_file;
+our $opts_file;
our $server_address;
our $client_address;
+our $client_ip;
+our $client_mac_address;
+our $client_dnsname;
+our $client_force_hostname;
our $server_key;
# default variables
my $delay_set_time = 5;
our $prg= basename($0);
+# all x seconds the client reports logged_in users to gosa-si-server
+my $trigger_logged_in_users_report_delay = 600;
+
%cfg_defaults = (
"general" =>
{"log-file" => [\$log_file, "/var/run/".$prg.".log"],
"pam-config" => [\$pam_config, "/etc/pam_ldap.conf"],
"nss-config" => [\$nss_config, "/etc/libnss_ldap.conf"],
"fai-logpath" => [\$fai_logpath, "/var/log/fai/fai.log"],
+ "force-hostname" => [\$client_force_hostname, "false"],
},
"server" => {
"ip" => [\$server_ip, "127.0.0.1"],
}
close( LOG_HANDLE );
}
-#log into syslog
-# my ($msg, $level, $facility) = @_;
-# if(not defined $msg) {return}
-# if(not defined $level) {$level = "info"}
-# if(not defined $facility) {$facility = "LOG_DAEMON"}
-# openlog($0, "pid,cons,", $facility);
-# syslog($level, $msg);
-# closelog;
-# return;
}
}
}
-# my $dig_cmd= 'dig +nocomments srv _gosa-si._tcp.'.$domain;
-#
-# my $output= `$dig_cmd 2>&1`;
-# open (PIPE, "$dig_cmd 2>&1 |");
-# while(<PIPE>) {
-# chomp $_;
-# # If it's not a comment
-# if($_ =~ m/^[^;]/) {
-# my @matches= split /\s+/;
-#
-# # Push hostname with port
-# if($matches[3] eq 'SRV') {
-# push @result, $matches[7].':'.$matches[6];
-# } elsif ($matches[3] eq 'A') {
-# my $i=0;
-#
-# # Substitute the hostname with the ip address of the matching A record
-# foreach my $host (@result) {
-# if ((split /\:/, $host)[0] eq $matches[0]) {
-# $result[$i]= $matches[4].':'.(split /\:/, $host)[1];
-# }
-# $i++;
-# }
-# }
-# }
-# }
-# close(PIPE);
return @result;
}
-##=== FUNCTION ================================================================
-## NAME: create_ciphering
-## PARAMETERS: passwd - string - used to create ciphering
-## RETURNS: cipher - object
-## DESCRIPTION: creates a Crypt::Rijndael::MODE_CBC object with passwd as key
-##===============================================================================
-#sub create_ciphering {
-# my ($passwd) = @_;
-# $passwd = substr(md5_hex("$passwd") x 32, 0, 32);
-# my $iv = substr(md5_hex('GONICUS GmbH'),0, 16);
-#
-# #daemon_log("iv: $iv", 7);
-# #daemon_log("key: $passwd", 7);
-# my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC());
-# $my_cipher->set_iv($iv);
-# return $my_cipher;
-#}
-#
-#
-#sub create_ciphering {
-# my ($passwd) = @_;
-# $passwd = substr(md5_hex("$passwd") x 32, 0, 32);
-# my $iv = substr(md5_hex('GONICUS GmbH'),0, 16);
-# my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC());
-# $my_cipher->set_iv($iv);
-# return $my_cipher;
-#}
-#
-#
-#sub encrypt_msg {
-# my ($msg, $key) = @_;
-# my $my_cipher = &create_ciphering($key);
-# {
-# use bytes;
-# $msg = "\0"x(16-length($msg)%16).$msg;
-# }
-# $msg = $my_cipher->encrypt($msg);
-# chomp($msg = &encode_base64($msg));
-# # there are no newlines allowed inside msg
-# $msg=~ s/\n//g;
-# return $msg;
-#}
-#
-#
-#sub decrypt_msg {
-# my ($msg, $key) = @_ ;
-# $msg = &decode_base64($msg);
-# my $my_cipher = &create_ciphering($key);
-# $msg = $my_cipher->decrypt($msg);
-# $msg =~ s/\0*//g;
-# return $msg;
-#}
-
-
#=== FUNCTION ================================================================
# NAME: send_msg_hash_to_target
# PARAMETERS: msg_hash - hash - xml_hash created with function create_xml_hash
my ($msg, $address, $encrypt_key, $msg_header) = @_ ;
my $error = 0;
- if( $msg_header ) {
- $msg_header = "'$msg_header'-";
- }
- else {
- $msg_header = "";
- }
+ if( $msg_header ) { $msg_header = "'$msg_header'-"; }
+ else { $msg_header = ""; }
# encrypt xml msg
my $crypted_msg = &encrypt_msg($msg, $encrypt_key);
$error++;
}
+ # send xml msg
if( $error == 0 ) {
- # send xml msg
print $socket $crypted_msg."\n";
-
daemon_log("send ".$msg_header."msg to $address", 1);
daemon_log("message:\n$msg", 8);
-
}
# close socket in any case
# DESCRIPTION:
#===============================================================================
sub register_at_gosa_si_server {
- my ($kernel) = $_[KERNEL];
- my $try_to_register = 0;
-
- if( not $REGISTERED ) {
- # create new passwd and ciphering object for client-server communication
- $server_key = &create_passwd();
-
- my $events = join( ", ", keys %{$event_hash} );
- while(1) {
-
- if( $try_to_register >= @servers ) {
- last;
- }
-
- # fetch first gosa-si-server from @servers
- my $server = shift(@servers);
-
- # append shifted gosa-si-server at the end of @servers, so looking for servers never stop if
- # a registration never occured
- push( @servers, $server );
-
- # Check if our ip is resolvable - if not: don't try to register
- my $ip= &get_local_ip_for_remote_ip(sprintf("%s", $server =~ /^([0-9\.]*?):.*$/));
- my $resolver= Net::DNS::Resolver->new;
- my $dnsresult= $resolver->search($ip);
- my $dnsname="";
- if(!defined($dnsresult)) {
- &write_to_file("goto-error-dns:$ip", $fai_logpath);
- exit(1);
- } else {
- $dnsname=$dnsresult->{answer}[0]->{ptrdname};
- }
-
- # create registration msg
- my $local_ip = &get_local_ip_for_remote_ip(sprintf("%s", $server =~ /^([0-9\.]*?):.*$/));
- my $local_mac = &get_local_mac_for_remote_ip(sprintf("%s", $server =~ /^([0-9\.]*?):.*$/));
- my $register_hash = &create_xml_hash("here_i_am", $local_ip.":".$client_port, $server);
- &add_content2xml_hash($register_hash, "new_passwd", $server_key);
- &add_content2xml_hash($register_hash, "mac_address", $local_mac);
- &add_content2xml_hash($register_hash, "events", $events);
- &add_content2xml_hash($register_hash, "gotoHardwareChecksum", $gotoHardwareChecksum);
-
- # send xml hash to server with general server passwd
- my $res = &send_msg_hash_to_target($register_hash, $server, $default_server_key);
- if($res == 0) {
- # reset try_to_register
- $try_to_register = 0;
-
- # Set fixed client address
- $client_ip= &get_local_ip_for_remote_ip(sprintf("%s", $server =~ /^([0-9\.]*?):.*$/));
- $client_address= "$client_ip:$client_port";
-
- # Write the MAC address to file
- if(stat($opts_file)) {
- unlink($opts_file);
- }
- my $opts_file_FH;
- my $hostname= $dnsname;
- $hostname =~ s/\..*$//;
- open($opts_file_FH, ">$opts_file");
- print $opts_file_FH "MAC=\"$local_mac\"\n";
- print $opts_file_FH "IPADDRESS=\"$client_ip\"\n";
- print $opts_file_FH "HOSTNAME=\"$hostname\"\n";
- print $opts_file_FH "FQDN=\"$dnsname\"\n";
- close($opts_file_FH);
- last;
- } else {
- $try_to_register++;
- # wait 1 sec until trying to register again
- sleep(1);
- next;
- }
- }
+ my ($kernel) = $_[KERNEL];
+ my $try_to_register = 0;
+
+ if( not $REGISTERED ) {
+ # create new passwd and ciphering object for client-server communication
+ $server_key = &create_passwd();
+
+ my $events = join( ",", keys %{$event_hash} );
+ while(1) {
+
+ if( $try_to_register >= @servers ) {
+ last;
+ }
+
+ # fetch first gosa-si-server from @servers
+ my $server = shift(@servers);
+
+ # append shifted gosa-si-server at the end of @servers, so looking for servers never stop if
+ # a registration never occured
+ push( @servers, $server );
+
+ # Check if our ip is resolvable - if not: don't try to register
+ my $ip= &get_local_ip_for_remote_ip(sprintf("%s", $server =~ /^([0-9\.]*?):.*$/));
+ my $dnsname= gethostbyaddr(inet_aton($ip), AF_INET);
+ if(!defined($dnsname)) {
+ &write_to_file("goto-error-dns:$ip", $fai_logpath);
+ exit(1);
+ }
+
+ # create registration msg
+ my $local_ip = &get_local_ip_for_remote_ip(sprintf("%s", $server =~ /^([0-9\.]*?):.*$/));
+ my $local_mac = &get_local_mac_for_remote_ip(sprintf("%s", $server =~ /^([0-9\.]*?):.*$/));
+ my $register_hash = &create_xml_hash("here_i_am", $local_ip.":".$client_port, $server);
+ &add_content2xml_hash($register_hash, "new_passwd", $server_key);
+ &add_content2xml_hash($register_hash, "mac_address", $local_mac);
+ &add_content2xml_hash($register_hash, "events", $events);
+ &add_content2xml_hash($register_hash, "gotoHardwareChecksum", $gotoHardwareChecksum);
+
+ # Add $HOSTNAME from ENV if force-hostname is set
+ if( defined($client_force_hostname) &&
+ $client_force_hostname eq "true") {
+ if(defined($ENV{HOSTNAME}) &&
+ length($ENV{HOSTNAME}) >0 ) {
+ &add_content2xml_hash($register_hash, "force-hostname", $ENV{HOSTNAME});
+ } else {
+ &main::daemon_log("force-hostname was set to true, but no \$HOSTNAME was found in Environment!",0);
+ }
+ }
+
+ # send xml hash to server with general server passwd
+ my $res = &send_msg_hash_to_target($register_hash, $server, $default_server_key);
+ if($res == 0) {
+ # reset try_to_register
+ $try_to_register = 0;
+
+ # Set fixed client address and mac address
+ $client_ip= &get_local_ip_for_remote_ip(sprintf("%s", $server =~ /^([0-9\.]*?):.*$/));
+ $client_address= "$client_ip:$client_port";
+ $client_mac_address = $local_mac;
+ $client_dnsname = $dnsname;
+
+ last;
+ } else {
+ $try_to_register++;
+
+ # wait 1 sec until trying to register again
+ sleep(1);
+ next;
+ }
+ }
- if( $try_to_register >= @servers ) {
- &write_to_file("gosa-si-no-server-available", $fai_logpath);
- $kernel->delay_set('register_at_gosa_si_server', $delay_set_time);
- }
- else {
- daemon_log("waiting for msg 'register_at_gosa_si_server'",1);
- $kernel->delay_set('register_at_gosa_si_server', $delay_set_time);
- # clear old settings and set it again
- $kernel->delay_set('trigger_new_key', $server_key_lifetime);
- }
+ if( $try_to_register >= @servers ) {
+ &write_to_file("gosa-si-no-server-available", $fai_logpath);
+ $kernel->delay_set('register_at_gosa_si_server', $delay_set_time);
+ }
+ else {
+ daemon_log("INFO: waiting for msg 'register_at_gosa_si_server'",5);
+ $kernel->delay_set('register_at_gosa_si_server', $delay_set_time);
+ # clear old settings and set it again
+ $kernel->delay_set('trigger_new_key', $server_key_lifetime);
}
- return;
+ }
+ return;
}
eval{ require $event; };
if( $@ ) {
daemon_log("ERROR: import of event module '$event' failed", 1);
- daemon_log("$@", 8);
+ daemon_log("$@", 1);
next;
}
&send_msg_to_target($msg, $client_address, $server_key, 'new_key');
$kernel->delay_set('trigger_new_key', $server_key_lifetime);
+}
+
+
+sub trigger_logged_in_users_report {
+ my ($kernel) = $_[KERNEL] ;
+
+ # just do if client is registered already
+ if( $REGISTERED ) {
+ my $result = qx(/usr/bin/w -hs);
+ my @res_lines;
+
+ if( defined $result ) {
+ chomp($result);
+ @res_lines = split("\n", $result);
+ }
+ my @logged_in_user_list;
+ foreach my $line (@res_lines) {
+ chomp($line);
+ my @line_parts = split(/\s+/, $line);
+ push(@logged_in_user_list, $line_parts[0]);
+ }
+ system("echo 'CURRENTLY_LOGGED_IN ".join(" ", @logged_in_user_list)."' > /var/run/gosa-si-client.socket");
+ $kernel->delay_set('trigger_logged_in_users_report', $trigger_logged_in_users_report_delay);
+ } else {
+ # try it in 1 sec again
+ $kernel->delay_set('trigger_logged_in_users_report', 1);
+ }
}
my $file_record = $_[ARG0];
my $header;
my $content = "";
+ daemon_log("DEBUG: fifo got record: $file_record", 7);
$file_record =~ /^(\S+)[ ]?([\s\S]+)?$/;
if( defined $1 ) {
my $clmsg_hash = &create_xml_hash("CLMSG_$header", $client_address, $server_address, $content);
&add_content2xml_hash($clmsg_hash, "macaddress", $client_mac_address);
my $clmsg = &create_xml_string($clmsg_hash);
- &send_msg_to_target($clmsg, $server_address, $server_key);
+ &send_msg_to_target($clmsg, $server_address, $server_key, "CLMSG_$header");
return;
}
$heap->{services}->{ $file_watcher->ID } = $file_name;
$heap->{watchers}->{ $file_watcher->ID } = $file_watcher;
}
+ $kernel->yield('trigger_logged_in_users_report');
+}
+
+
+sub _default {
+ daemon_log("ERROR: can not handle incoming msg with header '$_[ARG0]'", 1);
+ return;
}
$REGISTERED = 1;
}
else {
- &send_msg_to_target($answer, $server_address, $server_key);
+ $answer =~ /<header>(\S+)<\/header>/;
+ &send_msg_to_target($answer, $server_address, $server_key, $1);
}
# postprocessing
return;
}
-sub get_dns_domains() {
- my $line;
- my @searches;
- open(RESOLV, "</etc/resolv.conf");
- while(<RESOLV>){
- $line= $_;
- chomp $line;
- $line =~ s/^\s+//;
- $line =~ s/\s+$//;
- $line =~ s/\s+/ /;
- if ($line =~ /^domain (.*)$/ ){
- push(@searches, $1);
- } elsif ($line =~ /^search (.*)$/ ){
- push(@searches, split(/ /, $1));
- }
- }
- close(RESOLV);
-
- my %tmp = map { $_ => 1 } @searches;
- @searches = sort keys %tmp;
-
- return @searches;
-}
#==== MAIN = main ==============================================================
# parse commandline options
# forward error messages to logfile
if ( ! $foreground ) {
- open STDIN, '/dev/null' or die "Can’t read /dev/null: $!";
- open STDOUT, '>>/dev/null' or die "Can't write to /dev/null: $!";
- open STDERR, '>>/dev/null' or die "Can't write to /dev/null: $!";
+ open( STDIN, '+>/dev/null' );
+ open( STDOUT, '+>&STDIN' );
+ open( STDERR, '+>&STDIN' );
}
# Just fork, if we are not in foreground mode
system('rm -f /tmp/gosa_si_lock*gosa-si-client*');
# detect ip and mac address and complete host address
-#if( inet_aton($client_ip) ){
-#print STDERR "ip: $client_ip\n";
-# $client_ip = inet_ntoa(inet_aton($client_ip));
-#print STDERR "ip: $client_ip\n";
-#}
$client_address = $client_ip.":".$client_port;
my $network_interface= &get_interface_for_ip($client_ip);
$client_mac_address= &get_mac($network_interface);
POE::Session->create(
inline_states => {
_start => \&_start,
+ _default => \&_default,
register_at_gosa_si_server => \®ister_at_gosa_si_server,
+
+ # trigger periodical tasks
trigger_new_key => \&trigger_new_key,
+ trigger_logged_in_users_report => \&trigger_logged_in_users_report,
# handle records from each defined file differently
fifo_record => \&fifo_got_record,