![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server
index 52729a954de58cba958b6f18cdc5230d6cb2a40d..e3849b442ae309a6a56b12b402b7fffab0883c0a 100755 (executable)
--- a/gosa-si/gosa-si-server
+++ b/gosa-si/gosa-si-server
use Sys::Syslog qw( :DEFAULT setlogsock);
use Cwd;
use File::Spec;
+use File::Basename;
use GOSA::DBsqlite;
use POE qw(Component::Server::TCP);
use lib "/usr/lib/gosa-si/modules";
my (%cfg_defaults, $foreground, $verbose, $ping_timeout);
-my ($bus, $msg_to_bus, $bus_cipher);
+my ($bus_activ, $bus, $msg_to_bus, $bus_cipher);
my ($server, $server_mac_address);
my ($gosa_server, $job_queue_timeout, $job_queue_table_name, $job_queue_file_name,$job_queue_loop_delay);
my ($known_modules, $known_clients_file_name, $known_server_file_name);
$ping_timeout = 5;
$no_bus = 0;
+$bus_activ = "true";
$no_arp = 0;
# holds all registrated clients
our $known_clients_db;
+our $prg= basename($0);
%cfg_defaults = (
"general" => {
- "log-file" => [\$log_file, "/var/run/".$0.".log"],
- "pid-file" => [\$pid_file, "/var/run/".$0.".pid"],
+ "log-file" => [\$log_file, "/var/run/".$prg.".log"],
+ "pid-file" => [\$pid_file, "/var/run/".$prg.".pid"],
+ },
+"bus" => {
+ "activ" => [\$bus_activ, "true"],
},
"server" => {
# "ip" => [\$server_ip, "0.0.0.0"],
#===============================================================================
sub usage {
print STDERR << "EOF" ;
-usage: $0 [-hvf] [-c config]
+usage: $prg [-hvf] [-c config]
-h : this (help) message
-c <file> : config file
-f : foreground, process will not be forked to background
-v : be verbose (multiple to increase verbosity)
- -no-bus : starts $0 without connection to bus
- -no-arp : starts $0 without connection to arp module
+ -no-bus : starts $prg without connection to bus
+ -no-arp : starts $prg without connection to arp module
EOF
print "\n" ;
$month = $monthnames[$month];
$monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday;
$year+=1900;
- my $name = $0;
- $name =~ s/\.\///;
+ my $name = $prg;
my $log_msg = "$month $monthday $hours:$minutes:$seconds $name $msg\n";
print LOG_HANDLE $log_msg;
eval{
$msg = &decrypt_msg($crypted_msg, $module_key);
- if ($msg =~ /<xml>/i){
- &main::daemon_log("decrypted_msg: \n$msg", 8);
- $msg_hash = $xml->XMLin($msg, ForceArray=>1);
+ if ($msg =~ /<xml>/i){
+ &main::daemon_log("decrypted_msg: \n$msg", 8);
+ $msg_hash = $xml->XMLin($msg, ForceArray=>1);
- # check header
- my $header_l = $msg_hash->{'header'};
- if( 1 != @{$header_l} ) {
- die 'header error';
- }
- my $header = @{$header_l}[0];
- if( 0 == length $header) {
- die 'header error';
- }
+ # check header
+ my $header_l = $msg_hash->{'header'};
+ if( 1 != @{$header_l} ) {
+ die 'header error';
+ }
+ my $header = @{$header_l}[0];
+ if( 0 == length $header) {
+ die 'header error';
+ }
- # check source
- my $source_l = $msg_hash->{'source'};
- if( not defined @{$source_l} or 1 != @{$source_l} ) {
- die 'source error';
- }
- my $source = @{$source_l}[0];
- if( 0 == length $source) {
- die 'source error';
- }
+ # check source
+ my $source_l = $msg_hash->{'source'};
+ if( not defined @{$source_l} or 1 != @{$source_l} ) {
+ die 'source error';
+ }
+ my $source = @{$source_l}[0];
+ if( 0 == length $source) {
+ die 'source error';
+ }
- # check target
- my $target_l = $msg_hash->{'target'};
- if( 1 != @{$target_l} ) {
- die'target error';
- }
- my $target = @{$target_l}[0];
- if( 0 == length $target) {
- die 'target error';
- }
- }
+ # check target
+ my $target_l = $msg_hash->{'target'};
+ if( 1 != @{$target_l} ) {
+ die'target error';
+ }
+ my $target = @{$target_l}[0];
+ if( 0 == length $target) {
+ die 'target error';
+ }
+ }
};
if($@) {
&main::daemon_log("WARNING: do not understand the message", 5);
}
+sub check_outgoing_xml_validity {
+ my ($msg) = @_;
+
+ my $msg_hash;
+ eval{
+ $msg_hash = $xml->XMLin($msg, ForceArray=>1);
+
+ ##############
+ # check header
+ my $header_l = $msg_hash->{'header'};
+ if( 1 != @{$header_l} ) {
+ die 'no or more than one headers specified';
+ }
+ my $header = @{$header_l}[0];
+ if( 0 == length $header) {
+ die 'header has length 0';
+ }
+
+ ##############
+ # check source
+ my $source_l = $msg_hash->{'source'};
+ if( 1 != @{$source_l} ) {
+ die 'no or more than 1 sources specified';
+ }
+ my $source = @{$source_l}[0];
+ if( 0 == length $source) {
+ die 'source has length 0';
+ }
+ unless( $source =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ ||
+ $source =~ /^GOSA$/i ) {
+ die "source '$source' is neither a complete ip-address with port nor 'GOSA'";
+ }
+
+ ##############
+ # check target
+ my $target_l = $msg_hash->{'target'};
+ if( 0 == @{$target_l} ) {
+ die "no targets specified";
+ }
+ foreach my $target (@$target_l) {
+ if( 0 == length $target) {
+ die "target has length 0";
+ }
+ unless( $target =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ ||
+ $target =~ /^GOSA$/i ||
+ $target =~ /^\*$/ ||
+ $target =~ /KNOWN_SERVER/i ||
+ $target =~ /^([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})$/i ){
+ die "target '$target' is not a complete ip-address with port or a valid target name or a mac-address";
+ }
+ }
+ };
+ if($@) {
+ daemon_log("WARNING: outgoing msg is not gosa-si envelope conform", 5);
+ daemon_log("$@ $msg", 8);
+ $msg_hash = undef;
+ }
+
+ return ($msg_hash);
+}
+
+
sub input_from_known_server {
my ($input, $remote_ip) = @_ ;
my ($msg, $msg_hash, $module);
# check a key exists for this module
my $module_key = ${$mod."_key"};
if( ! $module_key ) {
+ if( $mod eq 'ArpHandler' ) {
+ next;
+ }
daemon_log("ERROR: no key specified in config file for $mod", 1);
next;
}
last;
}
}
-
# target can be in known_client
if( not defined $encrypt_key ) {
$act_status = $res->{1}->{'status'};
if( $act_status eq "down" ) {
$sql_statement = "DELETE FROM known_server WHERE hostname='$address'";
- $res = $known_clients_db->del_dbentry($sql_statement);
+ $res = $known_server_db->del_dbentry($sql_statement);
daemon_log("WARNING: failed 2x to a send msg to host '$address', delete host from known_server", 3);
}
else {
# msg is from a new client or gosa
($msg, $msg_hash, $module) = &input_from_unknown_host($input);
-
# msg is from a gosa-si-server or gosa-si-bus
if(( !$msg ) || ( !$msg_hash ) || ( !$module )){
($msg, $msg_hash, $module) = &input_from_known_server($input, $heap->{'remote_ip'});
}
-
# msg is from a gosa-si-client
if(( !$msg ) || ( !$msg_hash ) || ( !$module )){
($msg, $msg_hash, $module) = &input_from_known_client($input, $heap->{'remote_ip'});
}
-
# an error occurred
if(( !$msg ) || ( !$msg_hash ) || ( !$module )){
$error++;
# answer
if( $error == 0 ) {
- # for each answer in answer list
foreach my $answer ( @{$answer_l} ) {
-
- my $error = 0;
- # check answer if gosa-si envelope conform
- if(defined($answer)) {
- my $answer_hash = $xml->XMLin($answer, ForceArray=>1);
- $answer_header = @{$answer_hash->{'header'}}[0];
- @answer_target_l = @{$answer_hash->{'target'}};
- $answer_source = @{$answer_hash->{'source'}}[0];
- if( !$answer_header ) {
- daemon_log('ERROR: module answer is not gosa-si envelope conform: no header', 1);
- daemon_log("\n$answer", 8);
- $error++;
- }
- if( 0 == length @answer_target_l ) {
- daemon_log('ERROR: module answer is not gosa-si envelope conform: no targets', 1);
- daemon_log("\n$answer", 8);
- $error++;
- }
- if( !$answer_source ) {
- daemon_log('ERROR: module answer is not gosa-si envelope conform: no source', 1);
- daemon_log("\n$answer", 8);
- $error++;
- }
-
- if( $error != 0 ) {
- next;
- }
- }
+ # for each answer in answer list
+
+ # check outgoing msg to xml validity
+ my $answer_hash = &check_outgoing_xml_validity($answer);
+ if( not defined $answer_hash ) {
+ next;
+ }
+
+ $answer_header = @{$answer_hash->{'header'}}[0];
+ @answer_target_l = @{$answer_hash->{'target'}};
+ $answer_source = @{$answer_hash->{'source'}}[0];
# deliver msg to all targets
foreach my $answer_target ( @answer_target_l ) {
my $host_name = $hit->{hostname};
my $host_key = $hit->{hostkey};
&send_msg_to_target($answer, $host_name, $host_key, $answer_header);
- }
+ }
}
elsif( $answer_target eq "GOSA" ) {
# answer is for GOSA and has to returned to connected client
$found_ip_flag++ ;
}
if( $found_ip_flag == 0) {
- daemon_log("WARNING: no host found in known_clients with mac address '$answer_target', forward msg to bus", 1);
- my $sql_statement = "SELECT * FROM known_server WHERE hostname='$bus_address'";
- my $query_res = $known_server_db->select_dbentry( $sql_statement );
- while( my ($hit_num, $hit) = each %{ $query_res } ) {
- my $bus_address = $hit->{hostname};
- my $bus_key = $hit->{hostkey};
- &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header);
- last;
+ daemon_log("WARNING: no host found in known_clients with mac address '$answer_target'", 3);
+ if( $bus_activ eq "true" ) {
+ daemon_log("INFO: try to forward msg '$answer_header' to bus '$bus_address'", 5);
+ my $sql_statement = "SELECT * FROM known_server WHERE hostname='$bus_address'";
+ my $query_res = $known_server_db->select_dbentry( $sql_statement );
+ while( my ($hit_num, $hit) = each %{ $query_res } ) {
+ my $bus_address = $hit->{hostname};
+ my $bus_key = $hit->{hostkey};
+ &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header);
+ last;
+ }
}
}
- }
- else {
- # answer is for one specific host
+ } else {
+ # ... answer is for one specific host
+
# get encrypt_key
my $encrypt_key = &get_encrypt_key($answer_target);
- if( !$encrypt_key ) {
+ if( not defined $encrypt_key ) {
# unknown target, forward msg to bus
- daemon_log("WARNING: unknown target '$answer_target', forward msg to bus", 3);
- my $sql_statement = "SELECT * FROM known_server WHERE hostname='$bus_address'";
- my $query_res = $known_server_db->select_dbentry( $sql_statement );
- my $bus_key = $query_res->{1}->{hostkey};
- &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header);
+ daemon_log("WARNING: unknown target '$answer_target'", 3);
+ if( $bus_activ eq "true" ) {
+ daemon_log("INFO: try to forward msg '$answer_header' to bus '$bus_address'", 5);
+ my $sql_statement = "SELECT * FROM known_server WHERE hostname='$bus_address'";
+ my $query_res = $known_server_db->select_dbentry( $sql_statement );
+ my $res_length = keys( %{$query_res} );
+ if( $res_length == 0 ){
+ daemon_log("WARNING: send '$answer_header' to '$bus_address' failed, no bus found in known_server", 3);
+ }
+ else {
+ while( my ($hit_num, $hit) = each %{ $query_res } ) {
+ my $bus_key = $hit->{hostkey};
+ &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header);
+ }
+ }
+ }
next;
}
# send_msg
}
if( $client_answer ) {
- $heap->{client}->put($client_answer);
+ $heap->{client}->put($client_answer);
}
return;
daemon_log(" ", 1);
daemon_log("$0 started!", 1);
+if ($no_bus > 0) {
+ $bus_activ = "false"
+}
+
+
+
# delete old DBsqlite lock files
-unlink('/tmp/gosa_si_lock*');
+#unlink('/tmp/gosa_si_lock*');
# connect to gosa-si job queue
my @job_col_names = ("id INTEGER", "timestamp", "status", "result", "headertag", "targettag", "xmlmessage", "macaddress");