diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server
index 04063e6f320286aeca851f38587d2fa843824c3a..91a627c56dd2aaf2f599ef3ced5fd7c152565fc6 100755 (executable)
--- a/gosa-si/gosa-si-server
+++ b/gosa-si/gosa-si-server
use Sys::Syslog qw( :DEFAULT setlogsock);
use Cwd;
use File::Spec;
+use File::Basename;
use GOSA::DBsqlite;
+use GOSA::GosaSupportDaemon;
use POE qw(Component::Server::TCP);
my $modules_path = "/usr/lib/gosa-si/modules";
# variables declared in config file are always set to 'our'
our (%cfg_defaults, $log_file, $pid_file,
$server_ip, $server_port, $SIPackages_key,
- $arp_activ,
+ $arp_activ, $gosa_unit_tag,
$GosaPackages_key, $gosa_ip, $gosa_port, $gosa_timeout,
);
$no_arp = 0;
-# name of table for storing gosa jobs
-our $job_queue_table_name = 'jobs';
+# holds all gosa jobs
our $job_db;
+our $job_queue_table_name = 'jobs';
# holds all other gosa-sd as well as the gosa-sd-bus
our $known_server_db;
# holds all registrated clients
our $known_clients_db;
+our $prg= basename($0);
%cfg_defaults = (
"general" => {
- "log-file" => [\$log_file, "/var/run/".$0.".log"],
- "pid-file" => [\$pid_file, "/var/run/".$0.".pid"],
+ "log-file" => [\$log_file, "/var/run/".$prg.".log"],
+ "pid-file" => [\$pid_file, "/var/run/".$prg.".pid"],
},
"bus" => {
"activ" => [\$bus_activ, "true"],
},
"server" => {
-# "ip" => [\$server_ip, "0.0.0.0"],
+# "ip" => [\$server_ip, "0.0.0.0"],
"port" => [\$server_port, "20081"],
"known-clients" => [\$known_clients_file_name, '/var/lib/gosa-si/clients.db' ],
"known-servers" => [\$known_server_file_name, '/var/lib/gosa-si/servers.db'],
+ "gosa-unit-tag" => [\$gosa_unit_tag, ""],
},
"GOsaPackages" => {
"ip" => [\$gosa_ip, "0.0.0.0"],
#===============================================================================
sub usage {
print STDERR << "EOF" ;
-usage: $0 [-hvf] [-c config]
+usage: $prg [-hvf] [-c config]
-h : this (help) message
-c <file> : config file
-f : foreground, process will not be forked to background
-v : be verbose (multiple to increase verbosity)
- -no-bus : starts $0 without connection to bus
- -no-arp : starts $0 without connection to arp module
+ -no-bus : starts $prg without connection to bus
+ -no-arp : starts $prg without connection to arp module
EOF
print "\n" ;
$month = $monthnames[$month];
$monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday;
$year+=1900;
- my $name = $0;
- $name =~ s/\.\///;
+ my $name = $prg;
my $log_msg = "$month $monthday $hours:$minutes:$seconds $name $msg\n";
print LOG_HANDLE $log_msg;
}
-sub get_time {
- my ($seconds, $minutes, $hours, $monthday, $month,
- $year, $weekday, $yearday, $sommertime) = localtime(time);
- $hours = $hours < 10 ? $hours = "0".$hours : $hours;
- $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes;
- $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds;
- $month+=1;
- $month = $month < 10 ? $month = "0".$month : $month;
- $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday;
- $year+=1900;
- return "$year$month$monthday$hours$minutes$seconds";
-
-}
-
-
#=== FUNCTION ================================================================
# NAME: check_cmdline_param
# PARAMETERS: nothing
sub check_key_and_xml_validity {
my ($crypted_msg, $module_key) = @_;
-#print STDERR "crypted_msg:$crypted_msg\n";
-#print STDERR "modul_key:$module_key\n";
-
my $msg;
my $msg_hash;
+ my $error_string;
eval{
$msg = &decrypt_msg($crypted_msg, $module_key);
&main::daemon_log("decrypted_msg: \n$msg", 8);
$msg_hash = $xml->XMLin($msg, ForceArray=>1);
+ ##############
# check header
+ if( not exists $msg_hash->{'header'} ) { die "no header specified"; }
my $header_l = $msg_hash->{'header'};
- if( 1 != @{$header_l} ) {
- die 'header error';
- }
+ if( 1 > @{$header_l} ) { die 'empty header tag'; }
+ if( 1 < @{$header_l} ) { die 'more than one header specified'; }
my $header = @{$header_l}[0];
- if( 0 == length $header) {
- die 'header error';
- }
+ if( 0 == length $header) { die 'empty string in header tag'; }
+ ##############
# check source
+ if( not exists $msg_hash->{'source'} ) { die "no source specified"; }
my $source_l = $msg_hash->{'source'};
- if( not defined @{$source_l} or 1 != @{$source_l} ) {
- die 'source error';
- }
+ if( 1 > @{$source_l} ) { die 'empty source tag'; }
+ if( 1 < @{$source_l} ) { die 'more than one source specified'; }
my $source = @{$source_l}[0];
- if( 0 == length $source) {
- die 'source error';
- }
+ if( 0 == length $source) { die 'source error'; }
+ ##############
# check target
+ if( not exists $msg_hash->{'target'} ) { die "no target specified"; }
my $target_l = $msg_hash->{'target'};
- if( 1 != @{$target_l} ) {
- die'target error';
- }
- my $target = @{$target_l}[0];
- if( 0 == length $target) {
- die 'target error';
- }
+ if( 1 > @{$target_l} ) { die 'empty target tag'; }
}
};
if($@) {
&main::daemon_log("WARNING: do not understand the message", 5);
&main::daemon_log("$@", 8);
+ $msg = undef;
+ $msg_hash = undef;
}
return ($msg, $msg_hash);
}
+sub check_outgoing_xml_validity {
+ my ($msg) = @_;
+
+ my $msg_hash;
+ eval{
+ $msg_hash = $xml->XMLin($msg, ForceArray=>1);
+
+ ##############
+ # check header
+ my $header_l = $msg_hash->{'header'};
+ if( 1 != @{$header_l} ) {
+ die 'no or more than one headers specified';
+ }
+ my $header = @{$header_l}[0];
+ if( 0 == length $header) {
+ die 'header has length 0';
+ }
+
+ ##############
+ # check source
+ my $source_l = $msg_hash->{'source'};
+ if( 1 != @{$source_l} ) {
+ die 'no or more than 1 sources specified';
+ }
+ my $source = @{$source_l}[0];
+ if( 0 == length $source) {
+ die 'source has length 0';
+ }
+ unless( $source =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ ||
+ $source =~ /^GOSA$/i ) {
+ die "source '$source' is neither a complete ip-address with port nor 'GOSA'";
+ }
+
+ ##############
+ # check target
+ my $target_l = $msg_hash->{'target'};
+ if( 0 == @{$target_l} ) {
+ die "no targets specified";
+ }
+ foreach my $target (@$target_l) {
+ if( 0 == length $target) {
+ die "target has length 0";
+ }
+ unless( $target =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ ||
+ $target =~ /^GOSA$/i ||
+ $target =~ /^\*$/ ||
+ $target =~ /KNOWN_SERVER/i ||
+ $target =~ /JOBDB/i ||
+ $target =~ /^([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})$/i ){
+ die "target '$target' is not a complete ip-address with port or a valid target name or a mac-address";
+ }
+ }
+ };
+ if($@) {
+ daemon_log("WARNING: outgoing msg is not gosa-si envelope conform", 5);
+ daemon_log("$@ ".(defined($msg) && length($msg)>0)?$msg:"Empty Message", 8);
+ $msg_hash = undef;
+ }
+
+ return ($msg_hash);
+}
+
+
sub input_from_known_server {
my ($input, $remote_ip) = @_ ;
my ($msg, $msg_hash, $module);
while( my ($hit_num, $hit) = each %{ $query_res } ) {
my $host_name = $hit->{hostname};
if( not $host_name =~ /^$remote_ip:\d*$/) {
- next;
+ next;
}
my $host_key = $hit->{hostkey};
&daemon_log("SIPackages: known_client host_name: $host_name", 7);
no strict "refs";
my ($input) = @_ ;
my ($msg, $msg_hash, $module);
+ my $error_string;
my %act_modules = %$known_modules;
# check a key exists for this module
my $module_key = ${$mod."_key"};
- if( ! $module_key ) {
+ if( not defined $module_key ) {
+ if( $mod eq 'ArpHandler' ) {
+ next;
+ }
daemon_log("ERROR: no key specified in config file for $mod", 1);
next;
}
# check if module can open msg envelope with module key
($msg, $msg_hash) = &check_key_and_xml_validity($input, $module_key);
- if( (!$msg) || (!$msg_hash) ) {
- #daemon_log("$mod: deciphering failed", 5);
+ if( (not defined $msg) || (not defined $msg_hash) ) {
next;
}
else {
}
if( (!$msg) || (!$msg_hash) || (!$module)) {
- daemon_log("Incoming message is not from a unknown host", 5);
+ daemon_log("Incoming message is not from an unknown host", 5);
}
return ($msg, $msg_hash, $module);
}
+
sub create_ciphering {
my ($passwd) = @_;
if((!defined($passwd)) || length($passwd)==0) {
sub decrypt_msg {
+
my ($msg, $key) = @_ ;
$msg = &decode_base64($msg);
my $my_cipher = &create_ciphering($key);
# opensocket
my $socket = &open_socket($address);
if( !$socket ) {
- daemon_log("cannot send ".$header."msg to $address , host not reachable", 1);
+ daemon_log("ERROR: cannot send ".$header."msg to $address , host not reachable", 1);
$error++;
}
# send xml msg
print $socket $crypted_msg."\n";
- daemon_log("send ".$header."msg to $address", 1);
+ daemon_log("INFO: send ".$header."msg to $address", 5);
daemon_log("message:\n$msg", 8);
}
}
}
}
-
- return;
+ return $error;
}
sub client_input {
no strict "refs";
- my ($heap,$input,$wheel) = @_[HEAP, ARG0, ARG1];
+ my ($kernel, $session, $heap,$input,$wheel) = @_[KERNEL, SESSION, HEAP, ARG0, ARG1];
+ my $session_id = $session->ID;
my ($msg, $msg_hash, $module);
my $error = 0;
my $answer_l;
my $client_answer;
daemon_log("Incoming msg from '".$heap->{'remote_ip'}."'", 7);
- daemon_log("\n$input", 8);
+ daemon_log("message:\n$input", 8);
+ ####################
+ # check incoming msg
# msg is from a new client or gosa
($msg, $msg_hash, $module) = &input_from_unknown_host($input);
-
# msg is from a gosa-si-server or gosa-si-bus
if(( !$msg ) || ( !$msg_hash ) || ( !$module )){
($msg, $msg_hash, $module) = &input_from_known_server($input, $heap->{'remote_ip'});
}
-
# msg is from a gosa-si-client
if(( !$msg ) || ( !$msg_hash ) || ( !$module )){
($msg, $msg_hash, $module) = &input_from_known_client($input, $heap->{'remote_ip'});
}
-
# an error occurred
if(( !$msg ) || ( !$msg_hash ) || ( !$module )){
$error++;
# process incoming msg
if( $error == 0) {
daemon_log("Processing module ".$module, 5);
- $answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash, $heap->{'remote_ip'});
+ $answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash, $session_id);
if ( 0 > @{$answer_l} ) {
my $answer_str = join("\n", @{$answer_l});
# answer
if( $error == 0 ) {
- # for each answer in answer list
foreach my $answer ( @{$answer_l} ) {
-
- my $error = 0;
- # check answer if gosa-si envelope conform
- if(defined($answer)) {
- my $answer_hash = $xml->XMLin($answer, ForceArray=>1);
- $answer_header = @{$answer_hash->{'header'}}[0];
- @answer_target_l = @{$answer_hash->{'target'}};
- $answer_source = @{$answer_hash->{'source'}}[0];
- if( !$answer_header ) {
- daemon_log('ERROR: module answer is not gosa-si envelope conform: no header', 1);
- daemon_log("\n$answer", 8);
- $error++;
- }
- if( 0 == length @answer_target_l ) {
- daemon_log('ERROR: module answer is not gosa-si envelope conform: no targets', 1);
- daemon_log("\n$answer", 8);
- $error++;
- }
- if( !$answer_source ) {
- daemon_log('ERROR: module answer is not gosa-si envelope conform: no source', 1);
- daemon_log("\n$answer", 8);
- $error++;
- }
-
- if( $error != 0 ) {
- next;
- }
+ # for each answer in answer list
+
+ # check outgoing msg to xml validity
+ my $answer_hash = &check_outgoing_xml_validity($answer);
+ if( not defined $answer_hash ) {
+ next;
}
+
+ $answer_header = @{$answer_hash->{'header'}}[0];
+ @answer_target_l = @{$answer_hash->{'target'}};
+ $answer_source = @{$answer_hash->{'source'}}[0];
# deliver msg to all targets
foreach my $answer_target ( @answer_target_l ) {
+
+ # targets of msg are all gosa-si-clients in known_clients_db
if( $answer_target eq "*" ) {
# answer is for all clients
my $sql_statement= "SELECT * FROM known_clients";
&send_msg_to_target($answer, $host_name, $host_key, $answer_header);
}
}
- elsif( $answer_target eq "GOSA" ) {
- # answer is for GOSA and has to returned to connected client
- my $gosa_answer = &encrypt_msg($answer, $GosaPackages_key);
- $client_answer = $gosa_answer;
- }
+
+ # targets of msg are all gosa-si-server in known_server_db
elsif( $answer_target eq "KNOWN_SERVER" ) {
# answer is for all server in known_server
my $sql_statement= "SELECT * FROM known_server";
&send_msg_to_target($answer, $host_name, $host_key, $answer_header);
}
}
+
+ # target of msg is GOsa
+ elsif( $answer_target eq "GOSA" ) {
+ $answer =~ /<session_id>(\d+)<\/session_id>/;
+ my $session_id = $1;
+ my $add_on = "";
+ if( defined $session_id ) {
+ $add_on = ".session_id=$session_id";
+ }
+ # answer is for GOSA and has to returned to connected client
+ my $gosa_answer = &encrypt_msg($answer, $GosaPackages_key);
+ $client_answer = $gosa_answer.$add_on;
+ }
+
+ # target of msg is job queue at this host
+ elsif( $answer_target eq "JOBDB") {
+ $answer =~ /<header>(\S+)<\/header>/;
+ my $header;
+ if( defined $1 ) { $header = $1; }
+ &send_msg_to_target($answer, $server_address, $GosaPackages_key, $header);
+ }
+
+ # target of msg is a mac address
elsif( $answer_target =~ /^([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})$/i ) {
daemon_log("target is mac address '$answer_target', looking for host in known_clients", 3);
my $sql_statement = "SELECT * FROM known_clients WHERE macaddress='$answer_target'";
my $host_name = $hit->{hostname};
my $host_key = $hit->{hostkey};
$answer =~ s/$answer_target/$host_name/g;
- daemon_log("found host '$host_name', assoziated to '$answer_target'", 3);
+ daemon_log("found host '$host_name', associated to '$answer_target'", 3);
&send_msg_to_target($answer, $host_name, $host_key, $answer_header);
$found_ip_flag++ ;
}
}
}
- } else {
- # ... answer is for one specific host
+ # answer is for one specific host
+ } else {
# get encrypt_key
my $encrypt_key = &get_encrypt_key($answer_target);
if( not defined $encrypt_key ) {
}
if( $client_answer ) {
- $heap->{client}->put($client_answer);
+ if( $client_answer =~ s/session_id=(\d+)$// ) {
+ my $session_id = $1;
+ if( defined $session_id ) {
+ my $session_reference = $kernel->ID_id_to_session($session_id);
+ $heap = $session_reference->get_heap();
+ }
+ }
+ $heap->{client}->put($client_answer);
}
return;
# check gosa job queue for jobs with executable timestamp
my $timestamp = &get_time();
-
my $sql_statement = "SELECT * FROM ".$job_queue_table_name.
" WHERE status='waiting' AND timestamp<'$timestamp'";
-
my $res = $job_db->select_dbentry( $sql_statement );
while( my ($id, $hit) = each %{$res} ) {
-
my $jobdb_id = $hit->{id};
- my $macaddress = $hit->{macaddress};
- my $job_msg_hash = &transform_msg2hash($hit->{xmlmessage});
- my $out_msg_hash = $job_msg_hash;
+ my $macaddress = $hit->{'macaddress'};
+ my $job_msg = $hit->{'xmlmessage'};
+ my $header = $hit->{'headertag'};
my $sql_statement = "SELECT * FROM known_clients WHERE macaddress='$macaddress'";
my $res_hash = $known_clients_db->select_dbentry( $sql_statement );
# expect macaddress is unique!!!!!!
my $target = $res_hash->{1}->{hostname};
if (not defined $target) {
- &daemon_log("ERROR: no host found for mac address: $job_msg_hash->{mac}[0]", 1);
- &daemon_log("xml message: $hit->{xmlmessage}", 5);
+ &daemon_log("ERROR: no host found for mac address: $macaddress", 1);
+ &daemon_log("$hit->{xmlmessage}", 8);
my $sql_statement = "UPDATE $job_queue_table_name ".
"SET status='error', result='no host found for mac address' ".
"WHERE id='$jobdb_id'";
next;
}
- # add target
- &add_content2xml_hash($out_msg_hash, "target", $target);
-
- # add new header
- my $out_header = $job_msg_hash->{header}[0];
- $out_header =~ s/job_/gosa_/;
- delete $out_msg_hash->{header};
- &add_content2xml_hash($out_msg_hash, "header", $out_header);
+ # change header
+ $job_msg =~ s/<header>job_/<header>gosa_/;
# add sqlite_id
- &add_content2xml_hash($out_msg_hash, "jobdb_id", $jobdb_id);
-
- my $out_msg = &create_xml_string($out_msg_hash);
+ $job_msg =~ s/<\/xml>$/<jobdb_id>$jobdb_id<\/jobdb_id><\/xml>/;
- # encrypt msg as a GosaPackage module
- my $cipher = &create_ciphering($GosaPackages_key);
- my $crypted_out_msg = &encrypt_msg($out_msg, $cipher);
+ my $func_error = &send_msg_to_target($job_msg, $server_address, $GosaPackages_key, $header);
- my $error = &send_msg_hash2address($out_msg_hash, "$gosa_ip:$gosa_port", $GosaPackages_key);
-
- if ($error == 0) {
- my $sql_statement = "UPDATE $job_queue_table_name ".
- "SET status='processing', targettag='$target' ".
- "WHERE id='$jobdb_id'";
- my $res = $job_db->update_dbentry($sql_statement);
- } else {
- my $sql_statement = "UPDATE $job_queue_table_name ".
- "SET status='error' ".
- "WHERE id='$jobdb_id'";
- my $res = $job_db->update_dbentry($sql_statement);
- }
- }
+# if ( $func_error ) {
+#print STDERR "========================================\n";
+#print STDERR "func_error: $func_error\n";
+#
+# my $sql_statement = "UPDATE $job_queue_table_name ".
+# "SET status='error', targettag='$target' ".
+# "WHERE id='$jobdb_id'";
+#print STDERR "sql: $sql_statement\n";
+# my $res = $job_db->update_dbentry($sql_statement);
+#print STDERR "res: ".Dumper($res);
+#
+# } else {
+#print STDERR "========================================\n";
+#print STDERR "func_error: $func_error\n";
+#
+# my $sql_statement = "UPDATE $job_queue_table_name ".
+# "SET status='done', targettag='$target' ".
+# "WHERE id='$jobdb_id'";
+#print STDERR "sql: $sql_statement\n";
+# my $res = $job_db->update_dbentry($sql_statement);
+#print STDERR "res: ".Dumper($res);
+# }
+ }
$kernel->delay_set('watch_for_new_jobs',3);
}
#unlink('/tmp/gosa_si_lock*');
# connect to gosa-si job queue
-my @job_col_names = ("id INTEGER", "timestamp", "status", "result", "headertag", "targettag", "xmlmessage", "macaddress");
+my @job_col_names = ("id INTEGER", "timestamp", "status", "result", "progress", "headertag", "targettag", "xmlmessage", "macaddress");
$job_db = GOSA::DBsqlite->new($job_queue_file_name);
$job_db->create_table('jobs', \@job_col_names);