![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/gosa-si/gosa-si-client b/gosa-si/gosa-si-client
index 3825940a7c6235ae4a5fb9b163f62f1ecccebf45..efb794374354ee2b95792330008da34b7e2f61c3 100755 (executable)
--- a/gosa-si/gosa-si-client
+++ b/gosa-si/gosa-si-client
#
# FILE: gosa-server
#
-# USAGE: ./gosasc
+# USAGE: gosa-si-client
#
# DESCRIPTION:
#
use Sys::Syslog qw( :DEFAULT setlogsock);
use File::Spec;
use Cwd;
-use GosaSupportDaemon;
+use GOSA::GosaSupportDaemon;
my ($cfg_file, %cfg_defaults, $foreground, $verbose, $pid_file, $procid, $pid, $log_file);
my ($server_address, $server_ip, $server_port, $server_domain, $server_passwd, $server_cipher, $server_timeout);
-my ($client_address, $client_ip, $client_port, $client_mac_address);
-my ($input_socket, $rbits, $wbits, $ebits, $xml, $known_hosts);
+my ($client_address, $client_ip, $client_port, $client_mac_address, $ldap_config, $pam_config, $nss_config);
+my ($input_socket, $rbits, $wbits, $ebits, $xml, $known_hosts, $ldap_enabled);
my (@events);
# default variables
-my $event_dir = "/etc/gosac/events";
+my $event_dir = "/etc/gosa-si/client/events";
$known_hosts = {};
$foreground = 0 ;
%cfg_defaults =
},
"client" =>
{"client_port" => [\$client_port, "20083"],
+ "ldap" => [\$ldap_enabled, 1],
+ "ldap_config" => [\$ldap_config, "/etc/ldap/ldap.conf"],
+ "pam_config" => [\$pam_config, "/etc/pam_ldap.conf"],
+ "nss_config" => [\$nss_config, "/etc/libnss_ldap.conf"],
},
"server" =>
{"server_ip" => [\$server_ip, ""],
#$err_config = "please specify a config file";
#$err_counter += 1;
my $cwd = getcwd;
- my $name = "/etc/gosa/gosa-si-client.conf";
+ my $name = "/etc/gosa-si/client.conf";
$cfg_file = File::Spec->catfile( $cwd, $name );
print STDERR "no conf file specified\n try to use default: $cfg_file\n";
}
# detect all client accepted events
opendir(DIR, $event_dir)
- or daemon_log("cannot find directory $event_dir!\ngosac starts without any accepting events!", 1);
+ or daemon_log("cannot find directory $event_dir!\ngosa-si-client starts without any accepting events!", 1);
my $file_name;
@events = ();
while(defined($file_name = readdir(DIR))){
# create msg hash
my $register_hash = &create_xml_hash("here_i_am", $client_address, $server);
&add_content2xml_hash($register_hash, "new_passwd", $new_server_passwd);
- &add_content2xml_hash($register_hash, "client_mac_address", $client_mac_address);
+ &add_content2xml_hash($register_hash, "mac_address", $client_mac_address);
&add_content2xml_hash($register_hash, "events", $events);
# send xml hash to server with general server passwd
my $answer = &send_msg_hash2address($register_hash, $server, $server_passwd);
-
- # sending fails, no sens to wait for response
- if ($answer ne "done") { next; }
-
+
+ if ($answer != 0) { next; }
+
# waiting for response
daemon_log("waiting for response...\n", 5);
my $nf = select($rout=$rbits, $wout=$wbits, undef, $server_timeout);
daemon_log("ERROR: do not understand the incoming message:" , 5);
daemon_log("$@", 7);
} else {
- my $header = &get_content_from_xml_hash($msg_hash, "header");
+ my $header = @{$msg_hash->{header}}[0];
if($header eq "registered") {
$reg_server = $server;
last;
}
}
}
- # kommt antwort nicht, dann probiere es mit dem nächsten in der liste
+ # if no answer arrive, try next server in list
}
# RETURNS:
# DESCRIPTION:
#===============================================================================
-sub create_xml_hash {
- my ($header, $source, $target, $header_value) = @_;
- my $hash = {
- header => [$header],
- source => [$source],
- target => [$target],
- $header => [$header_value],
- };
- daemon_log("create_xml_hash:", 7),
- chomp(my $tmp = Dumper $hash);
- daemon_log("\t$tmp\n", 7);
- return $hash
-}
+#sub create_xml_hash {
+# my ($header, $source, $target, $header_value) = @_;
+# my $hash = {
+# header => [$header],
+# source => [$source],
+# target => [$target],
+# $header => [$header_value],
+# };
+# daemon_log("create_xml_hash:", 7),
+# chomp(my $tmp = Dumper $hash);
+# daemon_log("\t$tmp\n", 7);
+# return $hash
+#}
#=== FUNCTION ================================================================
# RETURNS:
# DESCRIPTION:
#===============================================================================
-sub create_xml_string {
- my ($xml_hash) = @_ ;
- my $xml_string = $xml->XMLout($xml_hash, RootName => 'xml');
- $xml_string =~ s/[\n]+//g;
- daemon_log("create_xml_string:\n\t$xml_string\n", 7);
- return $xml_string;
-}
+#sub create_xml_string {
+# my ($xml_hash) = @_ ;
+# my $xml_string = $xml->XMLout($xml_hash, RootName => 'xml');
+# $xml_string =~ s/[\n]+//g;
+# daemon_log("create_xml_string:\n\t$xml_string\n", 7);
+# return $xml_string;
+#}
#=== FUNCTION ================================================================
# RETURNS:
# DESCRIPTION:
#===============================================================================
-sub add_content2xml_hash {
- my ($xml_ref, $element, $content) = @_;
- if(not exists $$xml_ref{$element} ) {
- $$xml_ref{$element} = [];
- }
- my $tmp = $$xml_ref{$element};
- push(@$tmp, $content);
- return;
-}
+#sub add_content2xml_hash {
+# my ($xml_ref, $element, $content) = @_;
+# if(not exists $$xml_ref{$element} ) {
+# $$xml_ref{$element} = [];
+# }
+# my $tmp = $$xml_ref{$element};
+# push(@$tmp, $content);
+# return;
+#}
#=== FUNCTION ================================================================
# function returns a string cause it is expected that these keys
# do just have one value, all other keys returns an array!!!
#===============================================================================
-sub get_content_from_xml_hash {
- my ($xml_ref, $element) = @_;
- my $result = $xml_ref->{$element};
- if( $element eq "header" || $element eq "target" || $element eq "source") {
- return @$result[0];
- }
- return @$result;
-}
+#sub get_content_from_xml_hash {
+# my ($xml_ref, $element) = @_;
+# my $result = $xml_ref->{$element};
+# if( $element eq "header" || $element eq "target" || $element eq "source") {
+# return @$result[0];
+# }
+# return @$result;
+#}
# my ($xml_ref, $element) = @_;
# if (exists $xml_ref->{$element}) {
# RETURNS:
# DESCRIPTION:
#===============================================================================
-sub encrypt_msg {
- my ($msg, $my_cipher) = @_;
- if(not defined $my_cipher) { print "no cipher object\n"; }
- $msg = "\0"x(16-length($msg)%16).$msg;
- my $crypted_msg = $my_cipher->encrypt($msg);
- chomp($crypted_msg = &encode_base64($crypted_msg));
- return $crypted_msg;
-}
+#sub encrypt_msg {
+# my ($msg, $my_cipher) = @_;
+# if(not defined $my_cipher) { print "no cipher object\n"; }
+# $msg = "\0"x(16-length($msg)%16).$msg;
+# my $crypted_msg = $my_cipher->encrypt($msg);
+# chomp($crypted_msg = &encode_base64($crypted_msg));
+# return $crypted_msg;
+#}
#=== FUNCTION ================================================================
# RETURNS:
# DESCRIPTION:
#===============================================================================
-sub decrypt_msg {
- my ($crypted_msg, $my_cipher) = @_ ;
- $crypted_msg = &decode_base64($crypted_msg);
- my $msg = $my_cipher->decrypt($crypted_msg);
- $msg =~ s/\0*//g;
- return $msg;
-}
+#sub decrypt_msg {
+# my ($crypted_msg, $my_cipher) = @_ ;
+# $crypted_msg = &decode_base64($crypted_msg);
+# my $msg = $my_cipher->decrypt($crypted_msg);
+# $msg =~ s/\0*//g;
+# return $msg;
+#}
#=== FUNCTION ================================================================
# RETURNS: cipher object
# DESCRIPTION:
#===============================================================================
-sub create_ciphering {
- my ($passwd) = @_;
- $passwd = substr(md5_hex("$passwd") x 32, 0, 32);
- my $iv = substr(md5_hex('GONICUS GmbH'),0, 16);
-
- #daemon_log("iv: $iv", 7);
- #daemon_log("key: $passwd", 7);
- my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC());
- $my_cipher->set_iv($iv);
- return $my_cipher;
-}
+#sub create_ciphering {
+# my ($passwd) = @_;
+# $passwd = substr(md5_hex("$passwd") x 32, 0, 32);
+# my $iv = substr(md5_hex('GONICUS GmbH'),0, 16);
+#
+# #daemon_log("iv: $iv", 7);
+# #daemon_log("key: $passwd", 7);
+# my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC());
+# $my_cipher->set_iv($iv);
+# return $my_cipher;
+#}
#=== FUNCTION ================================================================
# RETURNS: nothing
# DESCRIPTION: ????
#===============================================================================
-sub send_msg_hash2address {
- my ($msg_hash, $address, $passwd) = @_ ;
-
- # fetch header for logging
- my $header = @{$msg_hash->{header}}[0];
-
- # generiere xml string
- my $msg_xml = &create_xml_string($msg_hash);
-
- # hole das entsprechende passwd aus dem hash
- if(not defined $passwd) {
- if(exists $known_hosts->{$address}) {
- $passwd = $known_hosts->{$address}->{passwd};
- } elsif ($address eq $server_address) {
- $passwd = $server_passwd;
- } else {
- daemon_log("$address not known, neither as server nor as client", 1);
- return "failed";
- }
- }
-
- # erzeuge ein ciphering object
- my $act_cipher = &create_ciphering($passwd);
-
- # encrypt xml msg
- my $crypted_msg = &encrypt_msg($msg_xml, $act_cipher);
-
- # öffne socket
- my $socket = &open_socket($address);
- if(not defined $socket){
- daemon_log("cannot open socket to $address, server not reachable", 1);
- daemon_log("cannot send '$header'-msg", 1);
- return "failed";
- }
-
- # versende xml msg
- print $socket $crypted_msg."\n";
-
- # schließe socket
- close $socket;
-
- daemon_log("send '$header'-msg to $address", 5);
- daemon_log("crypted_msg:\n\t$crypted_msg", 7);
-
- return "done";
-}
+#sub send_msg_hash2address {
+# my ($msg_hash, $address, $passwd) = @_ ;
+#
+# # fetch header for logging
+# my $header = @{$msg_hash->{header}}[0];
+#
+# # generiere xml string
+# my $msg_xml = &create_xml_string($msg_hash);
+#
+# # hole das entsprechende passwd aus dem hash
+# if(not defined $passwd) {
+# if(exists $known_hosts->{$address}) {
+# $passwd = $known_hosts->{$address}->{passwd};
+# } elsif ($address eq $server_address) {
+# $passwd = $server_passwd;
+# } else {
+# daemon_log("$address not known, neither as server nor as client", 1);
+# return "failed";
+# }
+# }
+#
+# # erzeuge ein ciphering object
+# my $act_cipher = &create_ciphering($passwd);
+#
+# # encrypt xml msg
+# my $crypted_msg = &encrypt_msg($msg_xml, $act_cipher);
+#
+# # öffne socket
+# my $socket = &open_socket($address);
+# if(not defined $socket){
+# daemon_log("cannot open socket to $address, server not reachable", 1);
+# daemon_log("cannot send '$header'-msg", 1);
+# return "failed";
+# }
+#
+# # versende xml msg
+# print $socket $crypted_msg."\n";
+#
+# # schließe socket
+# close $socket;
+#
+# daemon_log("send '$header'-msg to $address", 5);
+# daemon_log("crypted_msg:\n\t$crypted_msg", 7);
+#
+# return "done";
+#}
#=== FUNCTION ================================================================
return;
}
- my $header = &get_content_from_xml_hash($msg_hash, "header");
+ my $header = @{$msg_hash->{header}}[0];
- daemon_log("header from msg:", 1);
- daemon_log("\t$header", 1);
- daemon_log("msg to process:", 7);
- daemon_log("\t$msg", 7);
+ daemon_log("recieve '$header' from $host", 1);
+# daemon_log("header from msg:", 1);
+# daemon_log("\t$header", 1);
+# daemon_log("msg to process:", 7);
+# daemon_log("\t$msg", 7);
#check whether msg to process is a event
opendir(DIR, $event_dir)
close(DIR);
daemon_log("could not assign the msg $header to an event", 5);
-
-
- if ($header eq 'new_ldap_config') { &new_ldap_config($msg_hash)}
+ if ($header eq 'new_ldap_config') { if ($ldap_enabled == 1) {&new_ldap_config($msg_hash)}}
elsif ($header eq 'ping') { &got_ping($msg_hash) }
elsif ($header eq 'wake_up') { &execute_event($msg_hash)}
elsif ($header eq 'new_passwd') { &new_passwd()}
sub new_ldap_config {
my ($msg_hash) = @_ ;
+ my $element;
+ my @ldap_uris;
+ my $ldap_base;
+ my @ldap_options;
+ my @pam_options;
+ my @nss_options;
+ my $goto_admin;
+ my $goto_secret;
+
+ # Transform input into array
+ while ( my ($key, $value) = each(%$msg_hash) ) {
+ if ($key =~ /^(source|target|header)$/) {
+ next;
+ }
+
+ foreach $element (@$value) {
+ if ($key =~ /^ldap_uri$/) {
+ push (@ldap_uris, $element);
+ next;
+ }
+ if ($key =~ /^ldap_base$/) {
+ $ldap_base= $element;
+ next;
+ }
+ if ($key =~ /^goto_admin$/) {
+ $goto_admin= $element;
+ next;
+ }
+ if ($key =~ /^goto_secret$/) {
+ $goto_secret= $element;
+ next;
+ }
+ if ($key =~ /^ldap_cfg$/) {
+ push (@ldap_options, "$element");
+ next;
+ }
+ if ($key =~ /^pam_cfg$/) {
+ push (@pam_options, "$element");
+ next;
+ }
+ if ($key =~ /^nss_cfg$/) {
+ push (@nss_options, "$element");
+ next;
+ }
+ }
+ }
- my @gotoLdapServer = &get_content_from_xml_hash($msg_hash, "new_ldap_config");
- print Dumper @gotoLdapServer;
-
+ # Setup ldap.conf
+ my $file1;
+ my $file2;
+ open(file1, "> $ldap_config");
+ print file1 "# This file was automatically generated by gosa-si-client. Do not change.\n";
+ print file1 "URI";
+ foreach $element (@ldap_uris) {
+ print file1 " $element";
+ }
+ print file1 "\nBASE $ldap_base\n";
+ foreach $element (@ldap_options) {
+ print file1 "$element\n";
+ }
+ close (file1);
+ daemon_log("wrote $ldap_config", 5);
+
+ # Setup pam_ldap.conf / libnss_ldap.conf
+ open(file1, "> $pam_config");
+ open(file2, "> $nss_config");
+ print file1 "# This file was automatically generated by gosa-si-client. Do not change.\n";
+ print file2 "# This file was automatically generated by gosa-si-client. Do not change.\n";
+ print file1 "uri";
+ print file2 "uri";
+ foreach $element (@ldap_uris) {
+ print file1 " $element";
+ print file2 " $element";
+ }
+ print file1 "\nbase $ldap_base\n";
+ print file2 "\nbase $ldap_base\n";
+ foreach $element (@pam_options) {
+ print file1 "$element\n";
+ }
+ foreach $element (@nss_options) {
+ print file2 "$element\n";
+ }
+ close (file2);
+ daemon_log("wrote $nss_config", 5);
+ close (file1);
+ daemon_log("wrote $pam_config", 5);
+
+ # Create goto.secrets if told so
+ if (defined $goto_admin){
+ open(file1, "> /etc/goto/secret");
+ close(file1);
+ chown(0,0, "/etc/goto/secret");
+ chmod(0600, "/etc/goto/secret");
+ open(file1, "> /etc/goto/secret");
+ print file1 $goto_admin.":".$goto_secret."\n";
+ close(file1);
+ daemon_log("wrote /etc/goto/secret", 5);
+ }
return;
sub execute_event {
my ($msg_hash)= @_;
- my $configdir= '/etc/gosac/events/';
+ my $configdir= '/etc/gosa-si/client/events/';
my $result;
my $header = &get_content_from_xml_hash($msg_hash, 'header');
if((not defined $source)
&& (not defined $target)
&& (not defined $header)) {
- daemon_log("ERROR: Entries missing in XML msg for gosa events under /etc/gosac/events");
+ daemon_log("ERROR: Entries missing in XML msg for gosa events under $configdir");
} else {
my $parameters="";
my @params = &get_content_from_xml_hash($msg_hash, $header);
# restart daemon log file
if(-e $log_file ) { unlink $log_file }
-daemon_log("started!");
+daemon_log(" ", 1);
+daemon_log("$0 started!", 1);
# Just fork, if we"re not in foreground mode
if( ! $foreground ) { $pid = fork(); }
$xml = new XML::Simple();
# create input socket
+daemon_log(" ", 1);
$rbits = $wbits = $ebits = "";
$input_socket = IO::Socket::INET->new(LocalPort => $client_port,
Type => SOCK_STREAM,
if(not defined $input_socket){
daemon_log("cannot be a tcp server at $client_port : $@\n");
} else {
- daemon_log("start server:\n\t$server_ip:$client_port",1) ;
+ daemon_log("start client at $client_address",1) ;
vec($rbits, fileno $input_socket, 1) = 1;
vec($wbits, fileno $input_socket, 1) = 1;
}
# register at server
+daemon_log(" ", 1);
®ister_at_server();