![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server
index d391e2de71a3bd1a3f384d333094e4095ff5265a..be587d2700a65f0d7216157a71defd54aa17daa4 100755 (executable)
--- a/gosa-si/gosa-si-server
+++ b/gosa-si/gosa-si-server
$server_ip, $server_port, $ClientPackages_key, $dns_lookup,
$arp_activ, $gosa_unit_tag,
$GosaPackages_key, $gosa_timeout,
- $foreign_server_string, $server_domain, $ServerPackages_key, $foreign_servers_register_delay,
+ $serverPackages_enabled, $foreign_server_string, $server_domain, $ServerPackages_key, $foreign_servers_register_delay,
$wake_on_lan_passwd, $job_synchronization, $modified_jobs_loop_delay,
$arp_enabled, $arp_interface,
$opsi_enabled, $opsi_server, $opsi_admin, $opsi_password,
@@ -269,6 +269,7 @@ my @monthnames = ("Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep",
"user-date-of-expiry" => [\$logged_in_user_date_of_expiry, 600],
},
"ServerPackages"=> {
+ "enabled" => [\$serverPackages_enabled, "true"],
"address" => [\$foreign_server_string, ""],
"dns-lookup" => [\$dns_lookup, "true"],
"domain" => [\$server_domain, ""],
2 : sending messages
4 : encrypting/decrypting messages
8 : verification if a message complies gosa-si requirements
- 16 :
-
+ 16 : message processing
+ 32 : ldap connectivity
+ 64 : database status and connectivity
+ 128 : main process
EOF
- print "\n" ;
+ exit(0);
}
}
# Exit if an error occour
- if( $err_counter > 0 )
- {
- &usage( "", 1 );
- exit( -1 );
- }
+ if( $err_counter > 0 ) { &usage( "", 1 ); }
}
if( $file =~ /ArpHandler.pm/ ) {
if( $arp_enabled eq "false" ) { next; }
}
+
+ # ServerPackages switch
+ if ($file eq "ServerPackages.pm" && $serverPackages_enabled eq "false")
+ {
+ $dns_lookup = "false";
+ next;
+ }
eval { require $file; };
if ($@) {
die 'source has length 0';
}
- # Check if source contains hostname instead of ip address
- if($source =~ /^[a-z][a-z0-9\.]+:\d+$/i) {
- my ($hostname,$port) = split(/:/, $source);
- my $ip_address = inet_ntoa(scalar gethostbyname($hostname));
- if(defined($ip_address) && $ip_address =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/ && $port =~ /^\d+$/) {
- # Write ip address to $source variable
- $source = "$ip_address:$port";
- }
- }
+ # Check if source contains hostname instead of ip address
+ if($source =~ /^[a-z][\w\-\.]+:\d+$/i) {
+ my ($hostname,$port) = split(/:/, $source);
+ my $ip_address = inet_ntoa(scalar gethostbyname($hostname));
+ if(defined($ip_address) && $ip_address =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/ && $port =~ /^\d+$/) {
+ # Write ip address to $source variable
+ $source = "$ip_address:$port";
+ $msg_hash->{source}[0] = $source ;
+ $msg =~ s/<source>.*<\/source>/<source>$source<\/source>/;
+ }
+ }
unless( $source =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ ||
$source =~ /^GOSA$/i) {
die "source '$source' is neither a complete ip-address with port nor 'GOSA'";
$msg_hash = undef;
}
- return ($msg_hash);
+ return ($msg, $msg_hash);
}
sub update_jobdb_status_for_send_msgs {
my ($session_id, $answer, $error) = @_;
- &daemon_log("$session_id DEBUG: try to update job status", 7);
if( $answer =~ /<jobdb_id>(\d+)<\/jobdb_id>/ ) {
+ &daemon_log("$session_id DEBUG: try to update job status", 138);
my $jobdb_id = $1;
$answer =~ /<header>(.*)<\/header>/;
||($job_header eq "trigger_action_halt")
) {
my $sql_statement = "UPDATE $job_queue_tn SET status='done' WHERE id=$jobdb_id";
- &daemon_log("$session_id DEBUG: $sql_statement", 7);
my $res = $job_db->update_dbentry($sql_statement);
# Reactivate jobs, jobs need to deliver their message
my $sql_statement = "UPDATE $job_queue_tn ".
"SET status='error', result='can not deliver msg, please consult log file' ".
"WHERE id=$jobdb_id";
- &daemon_log("$session_id DEBUG: $sql_statement", 7);
my $res = $job_db->update_dbentry($sql_statement);
}
my $sql_statement = "UPDATE $job_queue_tn ".
"SET status='done' ".
"WHERE id=$jobdb_id AND status='processed'";
- &daemon_log("$session_id DEBUG: $sql_statement", 7);
my $res = $job_db->update_dbentry($sql_statement);
} else {
- &daemon_log("$session_id DEBUG: sending message succeed but cannot update job status.", 7);
+ &daemon_log("$session_id DEBUG: sending message succeed but cannot update job status.", 138);
}
}
} else {
- &daemon_log("$session_id DEBUG: cannot update job status, msg has no jobdb_id-tag.", 7);
+ &daemon_log("$session_id DEBUG: cannot update job status, msg has no jobdb_id-tag.", 138);
}
}
my $res = $job_db->update_dbentry($sql);
daemon_log("$session_id INFO: '$header'-job will be reactivated at '$delay_timestamp' ".
"cause client '$target' is currently not available", 5);
- daemon_log("$session_id $sql", 7);
return;
}
($msg, $msg_hash, $module) = &input_from_unknown_host($next_msg, $session_id);
# msg is from a gosa-si-server
- if(( !$msg ) || ( !$msg_hash ) || ( !$module )){
+ if(((!$msg) || (!$msg_hash) || (!$module)) && ($serverPackages_enabled eq "true")){
if (not defined $msg_source)
{
# Only needed, to be compatible with older gosa-si-server versions
# or a server. In case of a client, send a ping. If the client could not understand a msg from its
# server the client cause a re-registering process. In case of a server, decrease update_time in kown_server_db
# and trigger a re-registering process for servers
- if (defined $msg_source && $msg_source =~ /:$server_port$/)
+ if (defined $msg_source && $msg_source =~ /:$server_port$/ && $serverPackages_enabled eq "true")
{
daemon_log("$session_id WARNING: Cannot understand incoming msg from server '$msg_source'. Cause re-registration process for servers.", 3);
my $update_statement = "UPDATE $known_server_tn SET update_time='19700101000000' WHERE hostname='$msg_source'";
my $upadte_res = $known_server_db->exec_statement($update_statement);
$kernel->yield("register_at_foreign_servers");
}
- elsif (defined $msg_source)
+ elsif ((defined $msg_source) && (not $msg_source =~ /:$server_port$/))
{
daemon_log("$session_id WARNING: Cannot understand incoming msg from client '$msg_source'. Send ping-msg to cause a re-registering of the client if necessary", 3);
#my $remote_ip = $heap->{'remote_ip'};
#my $remote_port = $heap->{'remote_port'};
my $ping_msg = "<xml> <header>gosa_ping</header> <source>$server_address</source><target>$msg_source</target></xml>";
my ($test_error, $test_error_string) = &send_msg_to_target($ping_msg, "$msg_source", "dummy-key", "gosa_ping", $session_id);
- daemon_log("$session_id WARNING: sending msg to cause re-registering: $ping_msg", 3);
+ daemon_log("$session_id WARNING: Sending msg to cause re-registering: $ping_msg", 3);
}
else
{
my $foreign_host = defined $msg_source ? $msg_source : $heap->{'remote_ip'};
- daemon_log("$session_id ERROR: incoming message from host '$foreign_host' cannot be understood. Processing aborted: $tmp_next_msg", 1);
+ daemon_log("$session_id ERROR: Incoming message from host '$foreign_host' cannot be understood. Processing aborted!", 1);
+ daemon_log("$session_id DEBUG: Aborted message: $tmp_next_msg", 11);
}
$error++
# process incoming msg
if( $error == 0) {
daemon_log("$session_id INFO: Incoming msg (session_id=$session_id) with header '".@{$msg_hash->{'header'}}[0]."'", 5);
- daemon_log("$session_id DEBUG: Processing module ".$module, 7);
+ daemon_log("$session_id DEBUG: Processing module ".$module, 26);
$answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash, $session_id);
if ( 0 < @{$answer_l} ) {
my $answer_str = join("\n", @{$answer_l});
+ my @headers;
while ($answer_str =~ /<header>(\w+)<\/header>/g) {
- daemon_log("$session_id INFO: got answer message with header '$1'", 5);
+ push(@headers, $1);
}
- daemon_log("$session_id DEBUG: $module: got answer from module: \n".$answer_str,9);
+ daemon_log("$session_id INFO: got answer message(s) with header: '".join("', '", @headers)."'", 5);
+ daemon_log("$session_id DEBUG: $module: got answer from module: \n".$answer_str,26);
} else {
- daemon_log("$session_id DEBUG: $module: got no answer from module!" ,7);
+ daemon_log("$session_id DEBUG: $module: got no answer from module!" ,26);
}
}
foreach my $answer ( @{$answer_l} ) {
# check outgoing msg to xml validity
- my $answer_hash = &check_outgoing_xml_validity($answer, $session_id);
+ my ($answer, $answer_hash) = &check_outgoing_xml_validity($answer, $session_id);
if( not defined $answer_hash ) { next; }
$answer_header = @{$answer_hash->{'header'}}[0];
# select outgoing messages
my $sql_statement = "SELECT * FROM $messaging_tn WHERE ( flag='p' AND direction='out' )";
- #&daemon_log("0 DEBUG: $sql", 7);
my $res = $messaging_db->exec_statement( $sql_statement );
# build out msg for each usr
# resolve usr -> host where usr is logged in
my $sql = "SELECT * FROM $login_users_tn WHERE (user='$receiver')";
- #&daemon_log("0 DEBUG: $sql", 7);
my $res = $login_users_db->exec_statement($sql);
# receiver is logged in nowhere
my ($kernel,$heap) = @_[KERNEL, HEAP];
my $sql = "SELECT * FROM $messaging_tn WHERE (flag='p' AND direction='in')";
- #&daemon_log("0 DEBUG: $sql", 7);
my $res = $messaging_db->exec_statement($sql);
foreach my $hit (@{$res}) {
my $msg_id = @{$hit}[0];
my $sql = "SELECT * FROM $messaging_tn WHERE (id='$msg_id' AND direction='out' AND (NOT flag='s'))";
- #&daemon_log("0 DEBUG: $sql", 7);
my $res = $messaging_db->exec_statement($sql);
# not all usr msgs have been seen till now
if ( ref(@$res[0]) eq "ARRAY") { next; }
$sql = "DELETE FROM $messaging_tn WHERE (id='$msg_id')";
- #&daemon_log("0 DEBUG: $sql", 7);
$res = $messaging_db->exec_statement($sql);
}
}
my $message_id = $hit->{'id'};
my $session_id = $hit->{'sessionid'};
- &daemon_log("$session_id DEBUG: start processing for message with incoming id: '$message_id'", 7);
+ &daemon_log("$session_id DEBUG: start processing for message with incoming id: '$message_id'", 11);
$kernel->yield('next_task', $hit);
if ($subroutine eq "(eval)") {
$caller_text = "eval block within file '$file' for '$evalText'";
}
- daemon_log("$session_id INFO: new ldap handle for '$caller_text' required!", 7);
+ daemon_log("$session_id DEBUG: new ldap handle for '$caller_text' required!", 42);
get_handle:
my $ldap_handle = Net::LDAP->new( $ldap_uri );
usleep(100000);
goto get_handle;
} else {
- daemon_log("$session_id DEBUG: Connection to LDAP URI '$ldap_uri' established.", 6);
+ daemon_log("$session_id DEBUG: Connection to LDAP URI '$ldap_uri' established.", 42);
}
$ldap_handle->bind($ldap_admin_dn, password => $ldap_admin_password) or &daemon_log("$session_id ERROR: Could not bind as '$ldap_admin_dn' to LDAP URI '$ldap_uri'!", 1);
sub release_ldap_handle {
- my ($ldap_handle) = @_ ;
+ my ($ldap_handle, $session_id) = @_ ;
+ if (not defined $session_id ) { $session_id = 0 };
+
if(ref $ldap_handle) {
$ldap_handle->disconnect();
}
- &main::daemon_log("0 DEBUG: Released a ldap handle!", 6);
+ &main::daemon_log("$session_id DEBUG: Released a ldap handle!", 42);
return;
}
daemon_log("$session_id Error: Setting FAIstate to '$state' for ".$entry->dn. "failed: ".$result->error, 1);
}
} else {
- daemon_log("$session_id DEBUG FAIstate at host '".$entry->dn."' already at state '$st'", 7);
+ daemon_log("$session_id DEBUG FAIstate at host '".$entry->dn."' already at state '$st'", 42);
}
}
} else {
daemon_log("$session_id ERROR: LDAP search failed: ldap_base=$ldap_base, filter=$search", 1);
}
- &release_ldap_handle($ldap_handle);
+ &release_ldap_handle($ldap_handle, $session_id);
return;
}
}
}
- &release_ldap_handle($ldap_handle);
+ &release_ldap_handle($ldap_handle, $session_id);
return;
}
);
if(($mesg->code == 0) && ($mesg->count != 0))
{
- daemon_log("$session_id DEBUG: create_fai_release_db: count " . $mesg->count,8);
+ daemon_log("$session_id DEBUG: create_fai_release_db: count " . $mesg->count,138);
# Walk through all possible FAI container ou's
my @sql_list;
}
}
- daemon_log("$session_id DEBUG: create_fai_release_db: Inserting ".scalar @sql_list." entries to DB",8);
+ daemon_log("$session_id DEBUG: create_fai_release_db: Inserting ".scalar @sql_list." entries to DB",138);
&release_ldap_handle($ldap_handle);
if(@sql_list) {
unshift @sql_list, "VACUUM";
unshift @sql_list, "DELETE FROM $table_name";
$fai_release_db->exec_statementlist(\@sql_list);
}
- daemon_log("$session_id DEBUG: create_fai_release_db: Done with inserting",7);
+ daemon_log("$session_id DEBUG: create_fai_release_db: Done with inserting",138);
} else {
daemon_log("$session_id INFO: create_fai_release_db: error: " . $mesg->code, 5);
}
my $fai_filter= "(|(&(objectClass=FAIclass)(|(objectClass=".join(")(objectClass=", @possible_fai_classes).")))(objectClass=FAIbranch))";
my $fai_classes;
- daemon_log("$session_id DEBUG: Searching for FAI entries in base $fai_base",7);
+ daemon_log("$session_id DEBUG: Searching for FAI entries in base $fai_base", 138);
my $mesg= $ldap_handle->search(
base => $fai_base,
scope => 'sub',
attrs => ['cn','objectClass','FAIstate'],
filter => $fai_filter,
);
- daemon_log("$session_id DEBUG: Found ".$mesg->count()." FAI entries",7);
+ daemon_log("$session_id DEBUG: Found ".$mesg->count()." FAI entries", 138);
if($mesg->{'resultCode'} == 0 &&
$mesg->count != 0) {
}
+sub prepare_server_registration
+{
+ # Add foreign server from cfg file
+ my @foreign_server_list;
+ if ($foreign_server_string ne "") {
+ my @cfg_foreign_server_list = split(",", $foreign_server_string);
+ foreach my $foreign_server (@cfg_foreign_server_list) {
+ push(@foreign_server_list, $foreign_server);
+ }
+
+ daemon_log("0 INFO: found foreign server in config file: ".join(", ", @foreign_server_list), 5);
+ }
+
+ # Perform a DNS lookup for server registration if flag is true
+ if ($dns_lookup eq "true") {
+ # Add foreign server from dns
+ my @tmp_servers;
+ if (not $server_domain) {
+ # Try our DNS Searchlist
+ for my $domain(get_dns_domains()) {
+ chomp($domain);
+ my ($tmp_domains, $error_string) = &get_server_addresses($domain);
+ if(@$tmp_domains) {
+ for my $tmp_server(@$tmp_domains) {
+ push @tmp_servers, $tmp_server;
+ }
+ }
+ }
+ if(@tmp_servers && length(@tmp_servers)==0) {
+ daemon_log("0 WARNING: no foreign gosa-si-server found in DNS for domain '$server_domain'", 3);
+ }
+ } else {
+ @tmp_servers = &get_server_addresses($server_domain);
+ if( 0 == @tmp_servers ) {
+ daemon_log("0 WARNING: no foreign gosa-si-server found in DNS for domain '$server_domain'", 3);
+ }
+ }
+
+ daemon_log("0 INFO: found foreign server via DNS ".join(", ", @tmp_servers), 5);
+
+ foreach my $server (@tmp_servers) {
+ unshift(@foreign_server_list, $server);
+ }
+ } else {
+ daemon_log("0 INFO: DNS lookup for server registration is disabled", 5);
+ }
+
+ # eliminate duplicate entries
+ @foreign_server_list = &del_doubles(@foreign_server_list);
+ my $all_foreign_server = join(", ", @foreign_server_list);
+ daemon_log("0 INFO: found foreign server in config file and DNS: '$all_foreign_server'", 5);
+
+ # add all found foreign servers to known_server
+ my $cur_timestamp = &get_time();
+ foreach my $foreign_server (@foreign_server_list) {
+
+ # do not add myself to known_server_db
+ if (&is_local($foreign_server)) { next; }
+ ######################################
+
+ my $res = $known_server_db->add_dbentry( {table=>$known_server_tn,
+ primkey=>['hostname'],
+ hostname=>$foreign_server,
+ macaddress=>"",
+ status=>'not_yet_registered',
+ hostkey=>"none",
+ loaded_modules => "none",
+ timestamp=>$cur_timestamp,
+ update_time=>'19700101000000',
+ } );
+ }
+}
+
sub register_at_foreign_servers {
my ($kernel) = $_[KERNEL];
# block them for race conditional registration processes of other si-servers.
my $act_time = &get_time();
my $block_statement = "UPDATE $known_server_tn SET status='new_server',update_time='19700101000000' WHERE (CAST(update_time AS UNSIGNED))<$act_time ";
- &daemon_log("0 DEBUG: $block_statement", 7);
my $block_res = $known_server_db->exec_statement($block_statement);
# Fetch all si-server from db where update_time is younger than act_time
my $fetch_statement = "SELECT * FROM $known_server_tn WHERE update_time='19700101000000'";
- &daemon_log("0 DEBUG: $fetch_statement", 7);
my $fetch_res = $known_server_db->exec_statement($fetch_statement);
# Detect already connected clients. Will be added to registration msg later.
# Check if all registration processes succeed or not
my $select_statement = "SELECT * FROM $known_server_tn WHERE status='new_server'";
- &daemon_log("0 DEBUG $select_statement", 7);
my $select_res = $known_server_db->exec_statement($select_statement);
# If at least one registration process failed, maybe in case of a race condition
# Release block statement 'new_server' to make the server accessible
# for foreign registration processes
my $update_statement = "UPDATE $known_server_tn SET status='waiting' WHERE status='new_server'";
- &daemon_log("0 DEBUG: $update_statement", 7);
my $update_res = $known_server_db->exec_statement($update_statement);
# Set a random delay to avoid the registration race condition
"v|verbose+" => \$verbose,
"no-arp+" => \$no_arp,
"d=s" => \$debug_parts,
- ) or (&usage("", 1)&&(exit(-1)));
+ ) or &usage("", 1);
# read and set config parameters
&check_cmdline_param ;
chown($root_uid, $adm_gid, $foreign_clients_file_name);
# connect to known_server_db
- #unlink($known_server_file_name);
+ unlink($known_server_file_name); # do not delete, gosa-si-server should be forced to check config file and dns at each start
$known_server_db = GOSA::DBsqlite->new($known_server_file_name);
chmod(0640, $known_server_file_name);
chown($root_uid, $adm_gid, $known_server_file_name);
}
}
-
# Creating tables
$messaging_db->create_table($messaging_tn, \@messaging_col_names);
$packages_list_db->create_table($packages_list_tn, \@packages_list_col_names);
# create xml object used for en/decrypting
$xml = new XML::Simple();
-
-# foreign servers
-my @foreign_server_list;
-
-# add foreign server from cfg file
-if ($foreign_server_string ne "") {
- my @cfg_foreign_server_list = split(",", $foreign_server_string);
- foreach my $foreign_server (@cfg_foreign_server_list) {
- push(@foreign_server_list, $foreign_server);
- }
-
- daemon_log("0 INFO: found foreign server in config file: ".join(", ", @foreign_server_list), 5);
-}
-
-# Perform a DNS lookup for server registration if flag is true
-if ($dns_lookup eq "true") {
- # Add foreign server from dns
- my @tmp_servers;
- if (not $server_domain) {
- # Try our DNS Searchlist
- for my $domain(get_dns_domains()) {
- chomp($domain);
- my ($tmp_domains, $error_string) = &get_server_addresses($domain);
- if(@$tmp_domains) {
- for my $tmp_server(@$tmp_domains) {
- push @tmp_servers, $tmp_server;
- }
- }
- }
- if(@tmp_servers && length(@tmp_servers)==0) {
- daemon_log("0 WARNING: no foreign gosa-si-server found in DNS for domain '$server_domain'", 3);
- }
- } else {
- @tmp_servers = &get_server_addresses($server_domain);
- if( 0 == @tmp_servers ) {
- daemon_log("0 WARNING: no foreign gosa-si-server found in DNS for domain '$server_domain'", 3);
- }
- }
-
- daemon_log("0 INFO: found foreign server via DNS ".join(", ", @tmp_servers), 5);
-
- foreach my $server (@tmp_servers) {
- unshift(@foreign_server_list, $server);
- }
-} else {
- daemon_log("0 INFO: DNS lookup for server registration is disabled", 5);
-}
-
-
-# eliminate duplicate entries
-@foreign_server_list = &del_doubles(@foreign_server_list);
-my $all_foreign_server = join(", ", @foreign_server_list);
-daemon_log("0 INFO: found foreign server in config file and DNS: '$all_foreign_server'", 5);
-
-# add all found foreign servers to known_server
-my $cur_timestamp = &get_time();
-foreach my $foreign_server (@foreign_server_list) {
-
- # do not add myself to known_server_db
- if (&is_local($foreign_server)) { next; }
- ######################################
-
- my $res = $known_server_db->add_dbentry( {table=>$known_server_tn,
- primkey=>['hostname'],
- hostname=>$foreign_server,
- macaddress=>"",
- status=>'not_yet_registered',
- hostkey=>"none",
- loaded_modules => "none",
- timestamp=>$cur_timestamp,
- update_time=>'19700101000000',
- } );
-}
-
-
# Import all modules
&import_modules;
# Check wether all modules are gosa-si valid passwd check
&password_check;
+# Check DNS and config file for server registration
+if ($serverPackages_enabled eq "true") { &prepare_server_registration; }
+
# Create functions hash
-#print STDERR Dumper $known_modules;
while (my ($module, @mod_info) = each %$known_modules)
{
-#print STDERR Dumper $module;
while (my ($plugin, $functions) = each %{$mod_info[0][2]})
{
-#print STDERR Dumper $functions;
while (my ($function, $nothing) = each %$functions )
{
$known_functions->{$function} = $nothing;
ClientInput => sub {
my ($kernel, $input, $heap, $session) = @_[KERNEL, ARG0, HEAP, SESSION];
my $session_id = $session->ID;
- if ($input =~ /;([\d\.]+:[\d]+)$/)
+ if ($input =~ /;([\d\.]+):([\d]+)$/)
{
- &daemon_log("$session_id DEBUG: incoming message from '$1'", 11);
+ # Messages from other servers should be blocked if config option is set
+ if (($2 eq $server_port) && ($serverPackages_enabled eq "false"))
+ {
+ return;
+ }
+ &daemon_log("$session_id DEBUG: incoming message from '$1:$2'", 11);
}
else
{