![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server
index f0deffab049cfce1549e8ed01e14413fc96392af..a3764f4cdedf481179965270c7f6985acd88669c 100755 (executable)
--- a/gosa-si/gosa-si-server
+++ b/gosa-si/gosa-si-server
use Getopt::Long;
use Config::IniFiles;
use POSIX;
-use Time::HiRes qw( gettimeofday );
use Fcntl;
use IO::Socket::INET;
# variables declared in config file are always set to 'our'
our (%cfg_defaults, $log_file, $pid_file,
- $bus_activ, $bus_passwd, $bus_ip, $bus_port,
+ $bus_activ, $bus_key, $bus_ip, $bus_port,
$server_activ, $server_ip, $server_port, $SIPackages_key, $max_clients,
$arp_activ, $arp_fifo_path,
$gosa_activ, $GosaPackages_key, $gosa_ip, $gosa_port, $gosa_timeout,
"child_min" => [\$child_min, 3],
"child_timeout" => [\$child_timeout, 180],
"job_queue_timeout" => [\$job_queue_timeout, undef],
- "job_queue_file_name" => [\$job_queue_file_name, '/var/lib/gosa-si/jobs.db'],
+ "job_queue_file_name" => [\$job_queue_file_name, '/var/lib/gosa-si/gosa-si-server_jobs.db'],
"job_queue_loop_delay" => [\$job_queue_loop_delay, 3],
- "known_clients_file_name" => [\$known_clients_file_name, '/var/lib/gosa-si/known_clients.db' ],
- "known_server_file_name" => [\$known_server_file_name, '/var/lib/gosa-si/known_server.db'],
+ "known_clients_file_name" => [\$known_clients_file_name, '/var/lib/gosa-si/gosa-si-server_known_clients.db' ],
+ "known_server_file_name" => [\$known_server_file_name, '/var/lib/gosa-si/gosa-si-server_known_server.db'],
},
"bus" =>
{"bus_activ" => [\$bus_activ, "on"],
- "bus_passwd" => [\$bus_passwd, ""],
+ "bus_passwd" => [\$bus_key, ""],
"bus_ip" => [\$bus_ip, "0.0.0.0"],
"bus_port" => [\$bus_port, "20080"],
},
$hours = $hours < 10 ? $hours = "0".$hours : $hours;
$minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes;
$seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds;
- my @monthnames = ("Jan", "Feb", "Mar", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec");
+ my @monthnames = ("Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec");
$month = $monthnames[$month];
$monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday;
$year+=1900;
} else {
my $info = eval($mod_name.'::get_module_info()');
# Only load module if get_module_info() returns a non-null object
- if(defined($info)) {
+ if( $info ) {
my ($input_address, $input_key, $input, $input_active, $input_type) = @{$info};
$known_modules->{$mod_name} = $info;
daemon_log("module $mod_name loaded", 1);
sub check_key_and_xml_validity {
my ($crypted_msg, $module_key) = @_;
#print STDERR "crypted_msg:$crypted_msg\n";
-#print STDERR "modul:$module\n";
#print STDERR "modul_key:$module_key\n";
my $msg;
my ($input, $remote_ip) = @_ ;
my ($msg, $msg_hash, $module);
-
my $sql_statement= "SELECT * FROM known_server";
my $query_res = $known_server_db->select_dbentry( $sql_statement );
+
while( my ($hit_num, $hit) = each %{ $query_res } ) {
my $host_name = $hit->{hostname};
if( not $host_name =~ "^$remote_ip") {
next;
}
my $host_key = $hit->{hostkey};
- daemon_log("SIPackages: host_name: $host_name", 7);
- daemon_log("SIPackages: host_key: $host_key", 7);
+ daemon_log("SIPackages: known_server host_name: $host_name", 7);
+ daemon_log("SIPackages: known_server host_key: $host_key", 7);
# check if module can open msg envelope with module key
- my ($msg, $msg_hash) = &check_key_and_xml_validity($input, $host_key);
- if( (!$msg) || (!$msg_hash) ) {
+ my ($tmp_msg, $tmp_msg_hash) = &check_key_and_xml_validity($input, $host_key);
+ if( (!$tmp_msg) || (!$tmp_msg_hash) ) {
daemon_log("SIPackages: deciphering raise error", 7);
daemon_log("$@", 8);
next;
}
else {
+ $msg = $tmp_msg;
+ $msg_hash = $tmp_msg_hash;
$module = "SIPackages";
last;
}
next;
}
my $host_key = $hit->{hostkey};
- &daemon_log("SIPackages: host_name: $host_name", 7);
- &daemon_log("SIPackages: host_key: $host_key", 7);
+ &daemon_log("SIPackages: known_client host_name: $host_name", 7);
+ &daemon_log("SIPackages: known_client host_key: $host_key", 7);
# check if module can open msg envelope with module key
($msg, $msg_hash) = &check_key_and_xml_validity($input, $host_key);
# target can be in known_server
if( !$encrypt_key ) {
- my $sql_statement= "SELECT * FROM known_server";
+ my $sql_statement= "SELECT * FROM known_server WHERE hostname='$target'";
my $query_res = $known_server_db->select_dbentry( $sql_statement );
while( my ($hit_num, $hit) = each %{ $query_res } ) {
my $host_name = $hit->{hostname};
if( $host_name ne $target ) {
next;
}
- my $host_key = $hit->{hostkey};
+ $encrypt_key = $hit->{hostkey};
last;
}
}
# target can be in known_client
if( !$encrypt_key ) {
- my $sql_statement= "SELECT * FROM known_clients";
+ my $sql_statement= "SELECT * FROM known_clients WHERE hostname='$target'";
my $query_res = $known_clients_db->select_dbentry( $sql_statement );
while( my ($hit_num, $hit) = each %{ $query_res } ) {
my $host_name = $hit->{hostname};
my ($msg, $address, $encrypt_key, $msg_header) = @_ ;
my $error = 0;
- if( !$msg_header ) {
+ if( $msg_header ) {
+ $msg_header = "'$msg_header'-";
+ }
+ else {
$msg_header = "";
}
# opensocket
my $socket = &open_socket($address);
- if(not defined $socket){
- daemon_log("cannot send $msg_header msg to $address , host not reachable", 1);
+ if( !$socket ) {
+ daemon_log("cannot send ".$msg_header."msg to $address , host not reachable", 1);
$error++;
}
if( $error == 0 ) {
-
# send xml msg
print $socket $crypted_msg."\n";
- close $socket;
-
- daemon_log("send msg to $address", 1);
+ daemon_log("send ".$msg_header."msg to $address", 1);
daemon_log("message:\n$msg", 8);
}
+ # close socket in any case
+ if( $socket ) {
+ close $socket;
+ }
+
return;
}
+sub _start {
+ my ($kernel) = $_[KERNEL];
+ &trigger_db_loop($kernel);
+}
+
+
sub client_input {
no strict "refs";
my ($heap,$input,$wheel) = @_[HEAP, ARG0, ARG1];
my ($answer_header, @answer_target_l, $answer_source);
my $client_answer;
- daemon_log("Incoming msg:\n$input\n", 8);
+ daemon_log("Incoming msg from '".$heap->{'remote_ip'}."'", 7);
+ daemon_log("\n$input", 8);
# msg is from a new client or gosa
($msg, $msg_hash, $module) = &input_from_unknown_host($input);
# process incoming msg
if( $error == 0) {
daemon_log("Processing module ".$module, 3);
- $answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash);
+ $answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash, $heap->{'remote_ip'});
if ( 0 > @{$answer_l} ) {
my $answer_str = join("\n", @{$answer_l});
}
if( !$answer_l ) { $error++ };
- # for each answer in answer list
- foreach my $answer ( @{$answer_l} ) {
+ ########
+ # answer
+ if( $error == 0 ) {
+
+ # for each answer in answer list
+ foreach my $answer ( @{$answer_l} ) {
+
- # check answer if gosa-si envelope conform
- if( $error == 0 ) {
+
+
+
+ my $error = 0;
+ # check answer if gosa-si envelope conform
my $answer_hash = $xml->XMLin($answer, ForceArray=>1);
$answer_header = @{$answer_hash->{'header'}}[0];
@answer_target_l = @{$answer_hash->{'target'}};
$answer_source = @{$answer_hash->{'source'}}[0];
if( !$answer_header ) {
daemon_log('ERROR: module answer is not gosa-si envelope conform: no header', 1);
+ daemon_log("\n$answer", 8);
$error++;
}
if( 0 == length @answer_target_l ) {
daemon_log('ERROR: module answer is not gosa-si envelope conform: no targets', 1);
+ daemon_log("\n$answer", 8);
$error++;
}
if( !$answer_source ) {
daemon_log('ERROR: module answer is not gosa-si envelope conform: no source', 1);
+ daemon_log("\n$answer", 8);
$error++;
}
- }
- # deliver msg to all targets
- foreach my $answer_target ( @answer_target_l ) {
- if( $answer_target eq "*" ) {
- # answer is for all clients
- my $sql_statement= "SELECT * FROM known_clients";
- my $query_res = $known_clients_db->select_dbentry( $sql_statement );
- while( my ($hit_num, $hit) = each %{ $query_res } ) {
- my $host_name = $hit->{hostname};
- my $host_key = $hit->{hostkey};
- &send_msg_to_target($answer, $host_name, $host_key);
- }
- }
- elsif( $answer_target eq "GOSA" ) {
- # answer is for GOSA and has to returned to connected client
- my $gosa_answer = &encrypt_msg($answer, $GosaPackages_key);
- $client_answer = $gosa_answer;
+ if( $error != 0 ) {
+ next;
}
- else {
- # answer is for one specific host
- # get encrypt_key
- my $encrypt_key = &get_encrypt_key($answer_target);
- if( !$encrypt_key ) {
- daemon_log("ERROR: no encrypt key found for answer target '$answer_target'", 1);
- next;
+
+ # deliver msg to all targets
+ foreach my $answer_target ( @answer_target_l ) {
+ if( $answer_target eq "*" ) {
+ # answer is for all clients
+ my $sql_statement= "SELECT * FROM known_clients";
+ my $query_res = $known_clients_db->select_dbentry( $sql_statement );
+ while( my ($hit_num, $hit) = each %{ $query_res } ) {
+ my $host_name = $hit->{hostname};
+ my $host_key = $hit->{hostkey};
+ &send_msg_to_target($answer, $host_name, $host_key, $answer_header);
+ }
+ }
+ elsif( $answer_target eq "GOSA" ) {
+ # answer is for GOSA and has to returned to connected client
+ my $gosa_answer = &encrypt_msg($answer, $GosaPackages_key);
+ $client_answer = $gosa_answer;
+ }
+ elsif( $answer_target eq "KNOWN_SERVER" ) {
+ # answer is for all server in known_server
+ my $sql_statement= "SELECT * FROM known_server";
+ my $query_res = $known_server_db->select_dbentry( $sql_statement );
+ while( my ($hit_num, $hit) = each %{ $query_res } ) {
+ my $host_name = $hit->{hostname};
+ my $host_key = $hit->{hostkey};
+ $answer =~ s/KNOWN_SERVER/$host_name/g;
+ &send_msg_to_target($answer, $host_name, $host_key, $answer_header);
+ }
+ }
+ else {
+ # answer is for one specific host
+ # get encrypt_key
+ my $encrypt_key = &get_encrypt_key($answer_target);
+ if( !$encrypt_key ) {
+ daemon_log("ERROR: no encrypt key found for answer target '$answer_target'", 1);
+ daemon_log("\n$answer", 8);
+ next;
+ }
+ # send_msg
+ &send_msg_to_target($answer, $answer_target, $encrypt_key, $answer_header);
}
- # send_msg
- &send_msg_to_target($answer, $answer_target, $encrypt_key);
}
}
}
}
+
sub trigger_db_loop {
- my ($kernel) = $_[KERNEL];
+# my ($kernel) = $_[KERNEL];
+ my ($kernel) = @_ ;
$kernel->delay_set('watch_for_new_jobs',3);
}
daemon_log("$0 started!", 1);
# delete old DBsqlite lock files
-system('rm -f /tmp/gosa_si_lock*');
+system('rm -f /tmp/gosa_si_lock*gosa-si-server*');
# connect to gosa-si job queue
my @job_col_names = ("id", "timestamp", "status", "result", "headertag", "targettag", "xmlmessage", "macaddress");
$known_server_db = GOSA::DBsqlite->new($known_server_file_name);
$known_server_db->create_table('known_server', \@server_col_names);
-# import all modules
-&import_modules;
-
-# check wether all modules are gosa-si valid passwd check
-
# create xml object used for en/decrypting
$xml = new XML::Simple();
+# create socket for incoming xml messages
+POE::Component::Server::TCP->new(
+ Port => $server_port,
+ ClientInput => \&client_input,
+);
+daemon_log("start socket for incoming xml messages at port '$server_port' ", 1);
+
# create session for repeatedly checking the job queue for jobs
POE::Session->create(
inline_states => {
- _start => \&trigger_db_loop,
+ _start => \&_start,
watch_for_new_jobs => \&watch_for_new_jobs,
}
);
-# create socket for incoming xml messages
-POE::Component::Server::TCP->new(
- Port => $server_port,
- ClientInput => \&client_input,
-);
-daemon_log("start socket for incoming xml messages at port '$server_port' ", 1);
+
+# import all modules
+&import_modules;
+
+# check wether all modules are gosa-si valid passwd check
POE::Kernel->run();
exit;