![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server
index 5ad1a8f3fce73dd8075752d08410d413faf13725..e4df616d29fcc7aa0976f2f00487b59bdaf7e1c6 100755 (executable)
--- a/gosa-si/gosa-si-server
+++ b/gosa-si/gosa-si-server
# OPTIONS: ---
# REQUIREMENTS: libconfig-inifiles-perl libcrypt-rijndael-perl libxml-simple-perl
# libdata-dumper-simple-perl libdbd-sqlite3-perl libnet-ldap-perl
+# libpoe-perl
# BUGS: ---
# NOTES:
# AUTHOR: (Andreas Rettenberger), <rettenberger@gonicus.de>
# REVISION: ---
#===============================================================================
-
use strict;
use warnings;
use Getopt::Long;
use Config::IniFiles;
use POSIX;
-use Time::HiRes qw( gettimeofday );
use Fcntl;
use IO::Socket::INET;
use Sys::Syslog qw( :DEFAULT setlogsock);
use Cwd;
use File::Spec;
-use GOSA::GosaSupportDaemon;
use GOSA::DBsqlite;
+use POE qw(Component::Server::TCP);
my $modules_path = "/usr/lib/gosa-si/modules";
use lib "/usr/lib/gosa-si/modules";
my (%cfg_defaults, $foreground, $verbose, $ping_timeout);
-my ($bus, $msg_to_bus, $bus_cipher);
-my ($server, $server_mac_address, $server_events);
-my ($gosa_server, $job_queue_timeout, $job_queue_table_name, $job_queue_file_name);
+my ($bus_activ, $bus, $msg_to_bus, $bus_cipher);
+my ($server, $server_mac_address);
+my ($gosa_server, $job_queue_timeout, $job_queue_table_name, $job_queue_file_name,$job_queue_loop_delay);
my ($known_modules, $known_clients_file_name, $known_server_file_name);
-my ($max_clients);
my ($pid_file, $procid, $pid, $log_file);
-my (%free_child, %busy_child, $child_max, $child_min, %child_alive_time, $child_timeout);
-my ($arp_activ, $arp_fifo, $arp_fifo_path);
+my ($arp_activ, $arp_fifo);
+my ($xml);
# variables declared in config file are always set to 'our'
our (%cfg_defaults, $log_file, $pid_file,
- $bus_activ, $bus_passwd, $bus_ip, $bus_port,
- $server_activ, $server_ip, $server_port, $server_passwd, $max_clients,
- $arp_activ, $arp_fifo_path,
- $gosa_activ, $gosa_passwd, $gosa_ip, $gosa_port, $gosa_timeout,
+ $server_ip, $server_port, $SIPackages_key,
+ $arp_activ,
+ $GosaPackages_key, $gosa_ip, $gosa_port, $gosa_timeout,
);
# additional variable which should be globaly accessable
-our $xml;
our $server_address;
our $bus_address;
our $gosa_address;
$ping_timeout = 5;
$no_bus = 0;
+$bus_activ = "true";
$no_arp = 0;
# holds all registrated clients
our $known_clients_db;
-%cfg_defaults =
-("general" =>
- {"log_file" => [\$log_file, "/var/run/".$0.".log"],
- "pid_file" => [\$pid_file, "/var/run/".$0.".pid"],
- "child_max" => [\$child_max, 10],
- "child_min" => [\$child_min, 3],
- "child_timeout" => [\$child_timeout, 180],
- "job_queue_timeout" => [\$job_queue_timeout, undef],
- "job_queue_file_name" => [\$job_queue_file_name, '/var/lib/gosa-si/jobs.db'],
- "known_clients_file_name" => [\$known_clients_file_name, '/var/lib/gosa-si/known_clients.db' ],
- "known_server_file_name" => [\$known_server_file_name, '/var/lib/gosa-si/known_server.db'],
- },
-"bus" =>
- {"bus_activ" => [\$bus_activ, "on"],
- "bus_passwd" => [\$bus_passwd, ""],
- "bus_ip" => [\$bus_ip, "0.0.0.0"],
- "bus_port" => [\$bus_port, "20080"],
+%cfg_defaults = (
+"general" => {
+ "log-file" => [\$log_file, "/var/run/".$0.".log"],
+ "pid-file" => [\$pid_file, "/var/run/".$0.".pid"],
+ },
+"bus" => {
+ "activ" => [\$bus_activ, "true"],
},
-"server" =>
- {"server_activ" => [\$server_activ, "on"],
- "server_ip" => [\$server_ip, "0.0.0.0"],
- "server_port" => [\$server_port, "20081"],
- "server_passwd" => [\$server_passwd, ""],
- "max_clients" => [\$max_clients, 100],
+"server" => {
+# "ip" => [\$server_ip, "0.0.0.0"],
+ "port" => [\$server_port, "20081"],
+ "known-clients" => [\$known_clients_file_name, '/var/lib/gosa-si/clients.db' ],
+ "known-servers" => [\$known_server_file_name, '/var/lib/gosa-si/servers.db'],
},
-"arp" =>
- {"arp_activ" => [\$arp_activ, "on"],
- "arp_fifo_path" => [\$arp_fifo_path, "/var/run/gosa-si/arp-notify"],
+"GOsaPackages" => {
+ "ip" => [\$gosa_ip, "0.0.0.0"],
+ "port" => [\$gosa_port, "20082"],
+ "job-queue" => [\$job_queue_file_name, '/var/lib/gosa-si/jobs.db'],
+ "job-queue-loop-delay" => [\$job_queue_loop_delay, 3],
+ "key" => [\$GosaPackages_key, "none"],
},
-"gosa" =>
- {"gosa_activ" => [\$gosa_activ, "on"],
- "gosa_ip" => [\$gosa_ip, "0.0.0.0"],
- "gosa_port" => [\$gosa_port, "20082"],
- "gosa_passwd" => [\$gosa_passwd, "none"],
+"SIPackages" => {
+ "key" => [\$SIPackages_key, "none"],
},
- );
+);
#=== FUNCTION ================================================================
$hours = $hours < 10 ? $hours = "0".$hours : $hours;
$minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes;
$seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds;
- my @monthnames = ("Jan", "Feb", "Mar", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec");
+ my @monthnames = ("Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec");
$month = $monthnames[$month];
$monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday;
$year+=1900;
}
+sub get_time {
+ my ($seconds, $minutes, $hours, $monthday, $month,
+ $year, $weekday, $yearday, $sommertime) = localtime(time);
+ $hours = $hours < 10 ? $hours = "0".$hours : $hours;
+ $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes;
+ $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds;
+ $month+=1;
+ $month = $month < 10 ? $month = "0".$month : $month;
+ $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday;
+ $year+=1900;
+ return "$year$month$monthday$hours$minutes$seconds";
+
+}
+
+
#=== FUNCTION ================================================================
# NAME: check_cmdline_param
# PARAMETERS: nothing
sub check_cmdline_param () {
my $err_config;
my $err_counter = 0;
- if( not defined( $cfg_file)) {
- #$err_config = "please specify a config file";
- #$err_counter += 1;
- my $cwd = getcwd;
- my $name = "/etc/gosa-si/server.conf";
- $cfg_file = File::Spec->catfile( $cwd, $name );
+ if(not defined($cfg_file)) {
+ $cfg_file = "/etc/gosa-si/server.conf";
+ if(! -r $cfg_file) {
+ $err_config = "please specify a config file";
+ $err_counter += 1;
+ }
}
if( $err_counter > 0 ) {
&usage( "", 1 );
# PARAMETERS: module_path - string - abs. path to the directory the modules
# are stored
# RETURNS: nothing
-# DESCRIPTION: each file in module_path which ends with '.pm' is imported by
-# "require 'file';"
+# DESCRIPTION: each file in module_path which ends with '.pm' and activation
+# state is on is imported by "require 'file';"
#===============================================================================
sub import_modules {
daemon_log(" ", 1);
if (not $file =~ /(\S*?).pm$/) {
next;
}
+ my $mod_name = $1;
+
+ if( $file =~ /ArpHandler.pm/ ) {
+ if( $no_arp > 0 ) {
+ next;
+ }
+ }
+
eval { require $file; };
if ($@) {
daemon_log("ERROR: gosa-si-server could not load module $file", 1);
daemon_log("$@", 5);
- } else {
- my $mod_name = $1;
- my $info = eval($mod_name.'::get_module_info()');
- my ($input_address, $input_key, $input, $input_active, $input_type) = @{$info};
- $known_modules->{$mod_name} = $info;
-
- daemon_log("module $mod_name loaded", 1);
- }
+ } else {
+ my $info = eval($mod_name.'::get_module_info()');
+ # Only load module if get_module_info() returns a non-null object
+ if( $info ) {
+ my ($input_address, $input_key, $input, $input_active, $input_type) = @{$info};
+ $known_modules->{$mod_name} = $info;
+ daemon_log("module $mod_name loaded", 1);
+ }
+ }
}
-
- # for debugging
- #while ( my ($module, $tag_hash) = each(%$known_modules)) {
- # print "\tmodule: $module"."\n";
- # print "\ttags: ".join(", ", keys(%$tag_hash))."\n";
- #}
close (DIR);
}
$SIG{INT} = \&sig_int_handler;
-#=== FUNCTION ================================================================
-# NAME: activating_child
-# PARAMETERS: msg - string - incoming message
-# host - string - host from which the incomming message comes
-# RETURNS: nothing
-# DESCRIPTION: handels the distribution of incoming messages to working childs
-#===============================================================================
-sub activating_child {
- my ($msg, $host, $client) = @_;
- my $child = &get_processing_child();
- my $pipe_wr = $$child{'pipe_wr'};
- my $pipe_rd = $$child{'pipe_rd'};
- $$child{client_ref} = $client;
-
- daemon_log("activating: childpid:$$child{'pid'}", 5);
- print $pipe_wr $msg.".".$host."\n";
+sub check_key_and_xml_validity {
+ my ($crypted_msg, $module_key) = @_;
+#print STDERR "crypted_msg:$crypted_msg\n";
+#print STDERR "modul_key:$module_key\n";
+
+ my $msg;
+ my $msg_hash;
+ eval{
+ $msg = &decrypt_msg($crypted_msg, $module_key);
+
+ if ($msg =~ /<xml>/i){
+ &main::daemon_log("decrypted_msg: \n$msg", 8);
+ $msg_hash = $xml->XMLin($msg, ForceArray=>1);
+
+ # check header
+ my $header_l = $msg_hash->{'header'};
+ if( 1 != @{$header_l} ) {
+ die 'header error';
+ }
+ my $header = @{$header_l}[0];
+ if( 0 == length $header) {
+ die 'header error';
+ }
+
+ # check source
+ my $source_l = $msg_hash->{'source'};
+ if( not defined @{$source_l} or 1 != @{$source_l} ) {
+ die 'source error';
+ }
+ my $source = @{$source_l}[0];
+ if( 0 == length $source) {
+ die 'source error';
+ }
+
+ # check target
+ my $target_l = $msg_hash->{'target'};
+ if( 1 != @{$target_l} ) {
+ die'target error';
+ }
+ my $target = @{$target_l}[0];
+ if( 0 == length $target) {
+ die 'target error';
+ }
+ }
+ };
+ if($@) {
+ &main::daemon_log("WARNING: do not understand the message", 5);
+ &main::daemon_log("$@", 8);
+ }
- return;
+ return ($msg, $msg_hash);
}
-#=== FUNCTION ================================================================
-# NAME: get_processing_child
-# PARAMETERS: nothing
-# RETURNS: child - hash - holding the process id and the references to the pipe
-# handles pipe_wr and pipe_rd
-# DESCRIPTION: handels the forking, reactivating and keeping alive tasks
-#===============================================================================
-sub get_processing_child {
- my $child;
+sub input_from_known_server {
+ my ($input, $remote_ip) = @_ ;
+ my ($msg, $msg_hash, $module);
- while(my ($key, $val) = each(%free_child)) {
- my $exitus_pid = waitpid($key, WNOHANG);
- if($exitus_pid != 0) {
- delete $free_child{$key};
+ my $sql_statement= "SELECT * FROM known_server";
+ my $query_res = $known_server_db->select_dbentry( $sql_statement );
+
+ while( my ($hit_num, $hit) = each %{ $query_res } ) {
+ my $host_name = $hit->{hostname};
+ if( not $host_name =~ "^$remote_ip") {
+ next;
}
- daemon_log("free child:$key", 5);
- }
- # check @free_child and @busy_child
- my $free_len = scalar(keys(%free_child));
- my $busy_len = scalar(keys(%busy_child));
- daemon_log("free children $free_len, busy children $busy_len", 5);
-
- # if there is a free child, let the child work
- if($free_len > 0){
- my @keys = keys(%free_child);
- $child = $free_child{$keys[0]};
- if(defined $child) {
- $busy_child{$$child{'pid'}} = $child ;
- delete $free_child{$$child{'pid'}};
+ my $host_key = $hit->{hostkey};
+ daemon_log("SIPackages: known_server host_name: $host_name", 7);
+ daemon_log("SIPackages: known_server host_key: $host_key", 7);
+
+ # check if module can open msg envelope with module key
+ my ($tmp_msg, $tmp_msg_hash) = &check_key_and_xml_validity($input, $host_key);
+ if( (!$tmp_msg) || (!$tmp_msg_hash) ) {
+ daemon_log("SIPackages: deciphering raise error", 7);
+ daemon_log("$@", 8);
+ next;
+ }
+ else {
+ $msg = $tmp_msg;
+ $msg_hash = $tmp_msg_hash;
+ $module = "SIPackages";
+ last;
}
- return $child;
}
- # no free child, try to fork another one
- if($free_len + $busy_len < $child_max) {
+ if( (!$msg) || (!$msg_hash) || (!$module) ) {
+ daemon_log("Incoming message is not from a known server", 3);
+ }
+
+ return ($msg, $msg_hash, $module);
+}
- daemon_log("not enough children, create a new one", 5);
- # New pipes for communication
- my( $PARENT_wr, $PARENT_rd );
- my( $CHILD_wr, $CHILD_rd );
- pipe( $CHILD_rd, $PARENT_wr );
- pipe( $PARENT_rd, $CHILD_wr );
- $PARENT_wr->autoflush(1);
- $CHILD_wr->autoflush(1);
+sub input_from_known_client {
+ my ($input, $remote_ip) = @_ ;
+ my ($msg, $msg_hash, $module);
- ############
- # fork child
- ############
- my $child_pid = fork();
-
- #CHILD
- if($child_pid == 0) {
- # Close unused pipes
- close( $CHILD_rd );
- close( $CHILD_wr );
- while( 1 ) {
- my $rbits = "";
- vec( $rbits, fileno $PARENT_rd , 1 ) = 1;
- my $nf = select($rbits, undef, undef, $child_timeout);
- if($nf < 0 ) {
- die "select(): $!\n";
- } elsif (! $nf) {
- # if already child_min childs are alive, then leave loop
- $free_len = scalar(keys(%free_child));
- $busy_len = scalar(keys(%busy_child));
- if($free_len + $busy_len >= $child_min) {
- last;
- } else {
- redo;
- }
- }
+ my $sql_statement= "SELECT * FROM known_clients";
+ my $query_res = $known_clients_db->select_dbentry( $sql_statement );
+ while( my ($hit_num, $hit) = each %{ $query_res } ) {
+ my $host_name = $hit->{hostname};
+ if( not $host_name =~ /^$remote_ip:\d*$/) {
+ next;
+ }
+ my $host_key = $hit->{hostkey};
+ &daemon_log("SIPackages: known_client host_name: $host_name", 7);
+ &daemon_log("SIPackages: known_client host_key: $host_key", 7);
- # a job for a child arise
- if ( vec $rbits, fileno $PARENT_rd, 1 ) {
- # read everything from pipe
- my $msg = "";
- $PARENT_rd->blocking(0);
- while(1) {
- my $read = <$PARENT_rd>;
- if(not defined $read) { last}
- $msg .= $read;
- }
+ # check if module can open msg envelope with module key
+ ($msg, $msg_hash) = &check_key_and_xml_validity($input, $host_key);
- ######################################
- # forward msg to all imported modules
- no strict "refs";
- my $answer;
- my %act_modules = %$known_modules;
- while( my ($module, $info) = each(%act_modules)) {
- my $tmp = &{ $module."::process_incoming_msg" }($msg);
- if (defined $tmp) {
- $answer = $tmp;
- }
- }
+ if( (!$msg) || (!$msg_hash) ) {
+ &daemon_log("SIPackages: deciphering raise error", 7);
+ &daemon_log("$@", 8);
+ next;
+ }
+ else {
+ $module = "SIPackages";
+ last;
+ }
+ }
- #&print_known_daemons();
- #&print_known_clients();
+ if( (!$msg) || (!$msg_hash) || (!$module) ) {
+ &daemon_log("Incoming message is not from a known client", 3);
+ }
- daemon_log("processing of msg finished", 5);
-
- if (defined $answer) {
- print $PARENT_wr $answer."\n";
- print $PARENT_wr "ENDMESSAGE\n";
- my $len_answer = length $answer;
- daemon_log("with answer: length of answer: $len_answer", 7);
- daemon_log("\n$answer", 7);
- } else {
- print $PARENT_wr "done"."\n";
- daemon_log(" ", 7);
- }
- redo;
- }
- }
- # childs leaving the loop are allowed to die
- exit(0);
+ return ($msg, $msg_hash, $module);
+}
- #PARENT
- } else {
- # Close unused pipes
- close( $PARENT_rd );
- close( $PARENT_wr );
-
- # add child to child alive hash
- my %child_hash = (
- 'pid' => $child_pid,
- 'pipe_wr' => $CHILD_wr,
- 'pipe_rd' => $CHILD_rd,
- 'client_ref' => "",
- );
-
- $child = \%child_hash;
- $busy_child{$$child{'pid'}} = $child;
- return $child;
+sub input_from_unknown_host {
+ no strict "refs";
+ my ($input) = @_ ;
+ my ($msg, $msg_hash, $module);
+
+ my %act_modules = %$known_modules;
+
+ while( my ($mod, $info) = each(%act_modules)) {
+
+ # check a key exists for this module
+ my $module_key = ${$mod."_key"};
+ if( ! $module_key ) {
+ daemon_log("ERROR: no key specified in config file for $mod", 1);
+ next;
+ }
+ daemon_log("$mod: $module_key", 5);
+
+ # check if module can open msg envelope with module key
+ ($msg, $msg_hash) = &check_key_and_xml_validity($input, $module_key);
+ if( (!$msg) || (!$msg_hash) ) {
+ #daemon_log("$mod: deciphering failed", 5);
+ next;
}
+ else {
+ $module = $mod;
+ last;
+ }
+ }
+
+ if( (!$msg) || (!$msg_hash) || (!$module)) {
+ daemon_log("Incoming message is not from a unknown host", 5);
}
+
+ return ($msg, $msg_hash, $module);
}
+sub create_ciphering {
+ my ($passwd) = @_;
+ if((!defined($passwd)) || length($passwd)==0) {
+ $passwd = "";
+ }
+ $passwd = substr(md5_hex("$passwd") x 32, 0, 32);
+ my $iv = substr(md5_hex('GONICUS GmbH'),0, 16);
+ my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC());
+ $my_cipher->set_iv($iv);
+ return $my_cipher;
+}
-#=== FUNCTION ================================================================
-# NAME: read_from_socket
-# PARAMETERS: socket fh -
-# RETURNS: result string - readed characters from socket
-# DESCRIPTION: reads data from socket in 16 byte steps
-#===============================================================================
-sub read_from_socket {
- my ($socket) = @_;
- my $result = "";
- $socket->blocking(1);
- $result = <$socket>;
+sub encrypt_msg {
+ my ($msg, $key) = @_;
+ my $my_cipher = &create_ciphering($key);
+ {
+ use bytes;
+ $msg = "\0"x(16-length($msg)%16).$msg;
+ }
+ $msg = $my_cipher->encrypt($msg);
+ chomp($msg = &encode_base64($msg));
+ # there are no newlines allowed inside msg
+ $msg=~ s/\n//g;
+ return $msg;
+}
- $socket->blocking(0);
- while ( my $char = <$socket> ) {
- if (not defined $char) { last }
- $result .= $char;
+
+sub decrypt_msg {
+ my ($msg, $key) = @_ ;
+ $msg = &decode_base64($msg);
+ my $my_cipher = &create_ciphering($key);
+ $msg = $my_cipher->decrypt($msg);
+ $msg =~ s/\0*//g;
+ return $msg;
+}
+
+
+sub get_encrypt_key {
+ my ($target) = @_ ;
+ my $encrypt_key;
+ my $error = 0;
+
+ # target can be in known_server
+ if( not defined $encrypt_key ) {
+ my $sql_statement= "SELECT * FROM known_server WHERE hostname='$target'";
+ my $query_res = $known_server_db->select_dbentry( $sql_statement );
+ while( my ($hit_num, $hit) = each %{ $query_res } ) {
+ my $host_name = $hit->{hostname};
+ if( $host_name ne $target ) {
+ next;
+ }
+ $encrypt_key = $hit->{hostkey};
+ last;
+ }
}
- return $result;
+ # target can be in known_client
+ if( not defined $encrypt_key ) {
+ my $sql_statement= "SELECT * FROM known_clients WHERE hostname='$target'";
+ my $query_res = $known_clients_db->select_dbentry( $sql_statement );
+ while( my ($hit_num, $hit) = each %{ $query_res } ) {
+ my $host_name = $hit->{hostname};
+ if( $host_name ne $target ) {
+ next;
+ }
+ $encrypt_key = $hit->{hostkey};
+ last;
+ }
+ }
+
+ return $encrypt_key;
}
#=== FUNCTION ================================================================
-# NAME: print_known_daemons
-# PARAMETERS: nothing
-# RETURNS: nothing
-# DESCRIPTION: nomen est omen
+# NAME: open_socket
+# PARAMETERS: PeerAddr string something like 192.168.1.1 or 192.168.1.1:10000
+# [PeerPort] string necessary if port not appended by PeerAddr
+# RETURNS: socket IO::Socket::INET
+# DESCRIPTION: open a socket to PeerAddr
#===============================================================================
-#sub print_known_daemons {
-# my ($tmp) = @_ ;
-# print "####################################\n";
-# print "# status of known_daemons\n";
-# $shmda->shlock(LOCK_EX);
-# my @hosts = keys %$known_daemons;
-# foreach my $host (@hosts) {
-# my $status = $known_daemons->{$host}->{status} ;
-# my $passwd = $known_daemons->{$host}->{passwd};
-# my $timestamp = $known_daemons->{$host}->{timestamp};
-# print "$host\n";
-# print "\tstatus: $status\n";
-# print "\tpasswd: $passwd\n";
-# print "\ttimestamp: $timestamp\n";
-# }
-# $shmda->shunlock(LOCK_EX);
-# print "####################################\n";
-# return;
-#}
+sub open_socket {
+ my ($PeerAddr, $PeerPort) = @_ ;
+ if(defined($PeerPort)){
+ $PeerAddr = $PeerAddr.":".$PeerPort;
+ }
+ my $socket;
+ $socket = new IO::Socket::INET(PeerAddr => $PeerAddr,
+ Porto => "tcp",
+ Type => SOCK_STREAM,
+ Timeout => 5,
+ );
+ if(not defined $socket) {
+ return;
+ }
+ &daemon_log("open_socket: $PeerAddr", 7);
+ return $socket;
+}
#=== FUNCTION ================================================================
-# NAME: create_known_daemon
-# PARAMETERS: hostname - string - key for the hash known_daemons
-# RETURNS: nothing
-# DESCRIPTION: creates a dummy entry for hostname in known_daemons
+# NAME: get_ip
+# PARAMETERS: interface name (i.e. eth0)
+# RETURNS: (ip address)
+# DESCRIPTION: Uses ioctl to get ip address directly from system.
#===============================================================================
-#sub create_known_daemon {
-# my ($hostname) = @_;
-# $shmda->shlock(LOCK_EX);
-# $known_daemons->{$hostname} = {};
-# $known_daemons->{$hostname}->{status} = "none";
-# $known_daemons->{$hostname}->{passwd} = "none";
-# $known_daemons->{$hostname}->{timestamp} = "none";
-# $shmda->shunlock(LOCK_EX);
-# return;
-#}
+sub get_ip {
+ my $ifreq= shift;
+ my $result= "";
+ my $SIOCGIFADDR= 0x8915; # man 2 ioctl_list
+ my $proto= getprotobyname('ip');
+
+ socket SOCKET, PF_INET, SOCK_DGRAM, $proto
+ or die "socket: $!";
+
+ if(ioctl SOCKET, $SIOCGIFADDR, $ifreq) {
+ my ($if, $sin) = unpack 'a16 a16', $ifreq;
+ my ($port, $addr) = sockaddr_in $sin;
+ my $ip = inet_ntoa $addr;
+
+ if ($ip && length($ip) > 0) {
+ $result = $ip;
+ }
+ }
+
+ return $result;
+}
+sub get_local_ip_for_remote_ip {
+ my $remote_ip= shift;
+ my $result="0.0.0.0";
+
+ if($remote_ip =~ /^(\d\d?\d?\.){3}\d\d?\d?$/) {
+ if($remote_ip eq "127.0.0.1") {
+ $result = "127.0.0.1";
+ } else {
+ my $PROC_NET_ROUTE= ('/proc/net/route');
+
+ open(PROC_NET_ROUTE, "<$PROC_NET_ROUTE")
+ or die "Could not open $PROC_NET_ROUTE";
+
+ my @ifs = <PROC_NET_ROUTE>;
+
+ close(PROC_NET_ROUTE);
+
+ # Eat header line
+ shift @ifs;
+ chomp @ifs;
+ foreach my $line(@ifs) {
+ my ($Iface,$Destination,$Gateway,$Flags,$RefCnt,$Use,$Metric,$Mask,$MTU,$Window,$IRTT)=split(/\s/, $line);
+ my $destination;
+ my $mask;
+ my ($d,$c,$b,$a)=unpack('a2 a2 a2 a2', $Destination);
+ $destination= sprintf("%d.%d.%d.%d", hex($a), hex($b), hex($c), hex($d));
+ ($d,$c,$b,$a)=unpack('a2 a2 a2 a2', $Mask);
+ $mask= sprintf("%d.%d.%d.%d", hex($a), hex($b), hex($c), hex($d));
+ if(new NetAddr::IP($remote_ip)->within(new NetAddr::IP($destination, $mask))) {
+ # destination matches route, save mac and exit
+ $result= &get_ip($Iface);
+ last;
+ }
+ }
+ }
+ } else {
+ daemon_log("get_local_ip_for_remote_ip was called with a non-ip parameter: $remote_ip", 1);
+ }
+ return $result;
+}
-#=== FUNCTION ================================================================
-# NAME: add_content2known_daemons
-# PARAMETERS: hostname - string - ip address and port of host (required)
-# status - string - (optional)
-# passwd - string - (optional)
-# mac_address - string - mac address of host (optional)
-# RETURNS: nothing
-# DESCRIPTION: nome est omen and updates each time the timestamp of hostname
-#===============================================================================
-#sub add_content2known_daemons {
-# my $arg = {
-# hostname => undef, status => undef, passwd => undef,
-# mac_address => undef, events => undef,
-# @_ };
-# my $hostname = $arg->{hostname};
-# my $status = $arg->{status};
-# my $passwd = $arg->{passwd};
-# my $mac_address = $arg->{mac_address};
-# my $events = $arg->{events};
-#
-# if (not defined $hostname) {
-# daemon_log("ERROR: function add_content2known_daemons is not invoked with requiered parameter 'hostname'", 1);
-# return;
-# }
-#
-# my ($seconds, $minutes, $hours, $monthday, $month,
-# $year, $weekday, $yearday, $sommertime) = localtime(time);
-# $hours = $hours < 10 ? $hours = "0".$hours : $hours;
-# $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes;
-# $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds;
-# $month+=1;
-# $month = $month < 10 ? $month = "0".$month : $month;
-# $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday;
-# $year+=1900;
-# my $t = "$year$month$monthday$hours$minutes$seconds";
-#
-# $shmda->shlock(LOCK_EX);
-# if (defined $status) {
-# $known_daemons->{$hostname}->{status} = $status;
-# }
-# if (defined $passwd) {
-# $known_daemons->{$hostname}->{passwd} = $passwd;
-# }
-# if (defined $mac_address) {
-# $known_daemons->{$hostname}->{mac_address} = $mac_address;
-# }
-# if (defined $events) {
-# $known_daemons->{$hostname}->{events} = $events;
-# }
-# $known_daemons->{$hostname}->{timestamp} = $t;
-# $shmda->shlock(LOCK_EX);
-# return;
-#}
+sub send_msg_to_target {
+ my ($msg, $address, $encrypt_key, $msg_header) = @_ ;
+ my $error = 0;
+ my $header;
+ my $new_status;
+ my $act_status;
+ my ($sql_statement, $res);
+
+ if( $msg_header ) {
+ $header = "'$msg_header'-";
+ }
+ else {
+ $header = "";
+ }
+ # Patch the source ip
+ if($msg =~ /<source>0\.0\.0\.0:\d*?<\/source>/) {
+ my $remote_ip = &get_local_ip_for_remote_ip(sprintf("%s", $address =~ /^([0-9\.]*?):.*$/));
+ $msg =~ s/<source>(0\.0\.0\.0):(\d*?)<\/source>/<source>$remote_ip:$2<\/source>/s;
+ }
-#=== FUNCTION ================================================================
-# NAME: update_known_daemons
-# PARAMETERS: hostname - string - ip address and port of host (required)
-# status - string - (optional)
-# passwd - string - (optional)
-# client - string - ip address and port of client (optional)
-# RETURNS: nothing
-# DESCRIPTION: nome est omen and updates each time the timestamp of hostname
-#===============================================================================
-#sub update_known_daemons {
-# my $arg = {
-# hostname => undef, status => undef, passwd => undef,
-# @_ };
-# my $hostname = $arg->{hostname};
-# my $status = $arg->{status};
-# my $passwd = $arg->{passwd};
-#
-# if (not defined $hostname) {
-# daemon_log("ERROR: function add_content2known_daemons is not invoked with requiered parameter 'hostname'", 1);
-# return;
-# }
-#
-# my ($seconds, $minutes, $hours, $monthday, $month,
-# $year, $weekday, $yearday, $sommertime) = localtime(time);
-# $hours = $hours < 10 ? $hours = "0".$hours : $hours;
-# $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes;
-# $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds;
-# $month+=1;
-# $month = $month < 10 ? $month = "0".$month : $month;
-# $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday;
-# $year+=1900;
-# my $t = "$year$month$monthday$hours$minutes$seconds";
-#
-# $shmda->shlock(LOCK_EX);
-# if (defined $status) {
-# $known_daemons->{$hostname}->{status} = $status;
-# }
-# if (defined $passwd) {
-# $known_daemons->{$hostname}->{passwd} = $passwd;
-# }
-# $known_daemons->{$hostname}->{timestamp} = $t;
-# $shmda->shunlock(LOCK_EX);
-# return;
-#}
+ # encrypt xml msg
+ my $crypted_msg = &encrypt_msg($msg, $encrypt_key);
+ # opensocket
+ my $socket = &open_socket($address);
+ if( !$socket ) {
+ daemon_log("cannot send ".$header."msg to $address , host not reachable", 1);
+ $error++;
+ }
+
+ if( $error == 0 ) {
+ # send xml msg
+ print $socket $crypted_msg."\n";
-#=== FUNCTION ================================================================
-# NAME: print_known_clients
-# PARAMETERS: nothing
-# RETURNS: nothing
-# DESCRIPTION: nomen est omen
-#===============================================================================
-#sub print_known_clients {
-#
-# print "####################################\n";
-# print "# status of known_clients\n";
-# $shmcl->shlock(LOCK_EX);
-# my @hosts = keys %$known_clients;
-# if (@hosts) {
-# foreach my $host (@hosts) {
-# my $status = $known_clients->{$host}->{status} ;
-# my $passwd = $known_clients->{$host}->{passwd};
-# my $timestamp = $known_clients->{$host}->{timestamp};
-# my $mac_address = $known_clients->{$host}->{mac_address};
-# my $events = $known_clients->{$host}->{events};
-# print "$host\n";
-# print "\tstatus: $status\n";
-# print "\tpasswd: $passwd\n";
-# print "\ttimestamp: $timestamp\n";
-# print "\tmac_address: $mac_address\n";
-# print "\tevents: $events\n";
-# }
-# }
-# $shmcl->shunlock(LOCK_EX);
-# print "####################################\n";
-# return;
-#}
+ daemon_log("send ".$header."msg to $address", 1);
+ daemon_log("message:\n$msg", 8);
+
+ }
+ # close socket in any case
+ if( $socket ) {
+ close $socket;
+ }
-#=== FUNCTION ================================================================
-# NAME: create_known_client
-# PARAMETERS: hostname - string - key for the hash known_clients
-# RETURNS: nothing
-# DESCRIPTION: creates a dummy entry for hostname in known_clients
-#===============================================================================
-sub create_known_client {
- my ($hostname) = @_;
-
- my $entry = { table=>'known_clients',
- hostname=>$hostname,
- status=>'none',
- hostkey=>'none',
- timestamp=>'none',
- macaddress=>'none',
- events=>'none',
- };
- my $res = $known_clients_db->add_dbentry($entry);
- if ($res > 0) {
- daemon_log("ERROR: cannot add entry to known_clients.db: $res", 1);
+ if( $error > 0 ) { $new_status = "down"; }
+ else { $new_status = $msg_header; }
+
+
+ # known_clients
+ $sql_statement = "SELECT * FROM known_clients WHERE hostname='$address'";
+ $res = $known_clients_db->select_dbentry($sql_statement);
+ if( keys(%$res) > 0) {
+ $act_status = $res->{1}->{'status'};
+ if( $act_status eq "down" ) {
+ $sql_statement = "DELETE FROM known_clients WHERE hostname='$address'";
+ $res = $known_clients_db->del_dbentry($sql_statement);
+ daemon_log("WARNING: failed 2x to send msg to host '$address', delete host from known_clients", 3);
+ }
+ else {
+ $sql_statement = "UPDATE known_clients SET status='$new_status' WHERE hostname='$address'";
+ $res = $known_clients_db->update_dbentry($sql_statement);
+ if($new_status eq "down"){
+ daemon_log("WARNING: set '$address' from status '$act_status' to '$new_status'", 3);
+ }
+ else {
+ daemon_log("INFO: set '$address' from status '$act_status' to '$new_status'", 5);
+ }
+ }
+ }
+
+ # known_server
+ $sql_statement = "SELECT * FROM known_server WHERE hostname='$address'";
+ $res = $known_server_db->select_dbentry($sql_statement);
+ if( keys(%$res) > 0 ) {
+ $act_status = $res->{1}->{'status'};
+ if( $act_status eq "down" ) {
+ $sql_statement = "DELETE FROM known_server WHERE hostname='$address'";
+ $res = $known_clients_db->del_dbentry($sql_statement);
+ daemon_log("WARNING: failed 2x to a send msg to host '$address', delete host from known_server", 3);
+ }
+ else {
+ $sql_statement = "UPDATE known_server SET status='$new_status' WHERE hostname='$address'";
+ $res = $known_server_db->update_dbentry($sql_statement);
+ if($new_status eq "down"){
+ daemon_log("WARNING: set '$address' from status '$act_status' to '$new_status'", 3);
+ }
+ else {
+ daemon_log("INFO: set '$address' from status '$act_status' to '$new_status'", 5);
+ }
+ }
}
- return;
+ return;
+}
+
+
+sub _start {
+ my ($kernel) = $_[KERNEL];
+ &trigger_db_loop($kernel);
}
-sub sysreadline(*;$) {
- my ($hd, $timeout) = @_;
- $hd = qualify_to_ref($hd, caller());
- my $infinitely_patient = (@_ == 1 || $timeout < 0);
- my $start_time = time();
- my $selector = IO::Select->new();
- $selector->add($hd);
- my $line = "";
+sub client_input {
+ no strict "refs";
+ my ($heap,$input,$wheel) = @_[HEAP, ARG0, ARG1];
+ my ($msg, $msg_hash, $module);
+ my $error = 0;
+ my $answer_l;
+ my ($answer_header, @answer_target_l, $answer_source);
+ my $client_answer;
+
+ daemon_log("Incoming msg from '".$heap->{'remote_ip'}."'", 7);
+ daemon_log("\n$input", 8);
-SLEEP:
- until( at_eol($line)) {
- if (not $infinitely_patient) {
- return $line if time() > ($start_time + $timeout);
+ # msg is from a new client or gosa
+ ($msg, $msg_hash, $module) = &input_from_unknown_host($input);
+
+ # msg is from a gosa-si-server or gosa-si-bus
+ if(( !$msg ) || ( !$msg_hash ) || ( !$module )){
+ ($msg, $msg_hash, $module) = &input_from_known_server($input, $heap->{'remote_ip'});
+ }
+
+ # msg is from a gosa-si-client
+ if(( !$msg ) || ( !$msg_hash ) || ( !$module )){
+ ($msg, $msg_hash, $module) = &input_from_known_client($input, $heap->{'remote_ip'});
+ }
+
+ # an error occurred
+ if(( !$msg ) || ( !$msg_hash ) || ( !$module )){
+ $error++;
+ }
+
+ ######################
+ # process incoming msg
+ if( $error == 0) {
+ daemon_log("Processing module ".$module, 5);
+ $answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash, $heap->{'remote_ip'});
+
+ if ( 0 > @{$answer_l} ) {
+ my $answer_str = join("\n", @{$answer_l});
+ daemon_log("$module: Got answer from module: \n".$answer_str,8);
}
- next SLEEP unless $selector->can_read(1.0);
-INPUT_READY:
- while( $selector->can_read(0.0)) {
- my $was_blocking = $hd->blocking(0);
-CHAR: while (sysread($hd, my $nextbyte, 1)) {
- $line .= $nextbyte;
- last CHAR if $nextbyte eq "\n";
+ }
+ if( !$answer_l ) { $error++ };
+
+ ########
+ # answer
+ if( $error == 0 ) {
+
+ # for each answer in answer list
+ foreach my $answer ( @{$answer_l} ) {
+
+ my $error = 0;
+ # check answer if gosa-si envelope conform
+ if(defined($answer)) {
+ my $answer_hash = $xml->XMLin($answer, ForceArray=>1);
+ $answer_header = @{$answer_hash->{'header'}}[0];
+ @answer_target_l = @{$answer_hash->{'target'}};
+ $answer_source = @{$answer_hash->{'source'}}[0];
+ if( !$answer_header ) {
+ daemon_log('ERROR: module answer is not gosa-si envelope conform: no header', 1);
+ daemon_log("\n$answer", 8);
+ $error++;
+ }
+ if( 0 == length @answer_target_l ) {
+ daemon_log('ERROR: module answer is not gosa-si envelope conform: no targets', 1);
+ daemon_log("\n$answer", 8);
+ $error++;
+ }
+ if( !$answer_source ) {
+ daemon_log('ERROR: module answer is not gosa-si envelope conform: no source', 1);
+ daemon_log("\n$answer", 8);
+ $error++;
+ }
+
+ if( $error != 0 ) {
+ next;
+ }
+ }
+
+ # deliver msg to all targets
+ foreach my $answer_target ( @answer_target_l ) {
+ if( $answer_target eq "*" ) {
+ # answer is for all clients
+ my $sql_statement= "SELECT * FROM known_clients";
+ my $query_res = $known_clients_db->select_dbentry( $sql_statement );
+ while( my ($hit_num, $hit) = each %{ $query_res } ) {
+ my $host_name = $hit->{hostname};
+ my $host_key = $hit->{hostkey};
+ &send_msg_to_target($answer, $host_name, $host_key, $answer_header);
+ }
+ }
+ elsif( $answer_target eq "GOSA" ) {
+ # answer is for GOSA and has to returned to connected client
+ my $gosa_answer = &encrypt_msg($answer, $GosaPackages_key);
+ $client_answer = $gosa_answer;
+ }
+ elsif( $answer_target eq "KNOWN_SERVER" ) {
+ # answer is for all server in known_server
+ my $sql_statement= "SELECT * FROM known_server";
+ my $query_res = $known_server_db->select_dbentry( $sql_statement );
+ while( my ($hit_num, $hit) = each %{ $query_res } ) {
+ my $host_name = $hit->{hostname};
+ my $host_key = $hit->{hostkey};
+ $answer =~ s/KNOWN_SERVER/$host_name/g;
+ &send_msg_to_target($answer, $host_name, $host_key, $answer_header);
+ }
+ }
+ elsif( $answer_target =~ /^([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})$/i ) {
+ daemon_log("target is mac address '$answer_target', looking for host in known_clients", 3);
+ my $sql_statement = "SELECT * FROM known_clients WHERE macaddress='$answer_target'";
+ my $query_res = $known_clients_db->select_dbentry( $sql_statement );
+ my $found_ip_flag = 0;
+ while( my ($hit_num, $hit) = each %{ $query_res } ) {
+ my $host_name = $hit->{hostname};
+ my $host_key = $hit->{hostkey};
+ $answer =~ s/$answer_target/$host_name/g;
+ daemon_log("found host '$host_name', assoziated to '$answer_target'", 3);
+ &send_msg_to_target($answer, $host_name, $host_key, $answer_header);
+ $found_ip_flag++ ;
+ }
+ if( $found_ip_flag == 0) {
+ daemon_log("WARNING: no host found in known_clients with mac address '$answer_target'", 3);
+ if( $bus_activ eq "true" ) {
+ daemon_log("INFO: try to forward msg '$answer_header' to bus '$bus_address'", 5);
+ my $sql_statement = "SELECT * FROM known_server WHERE hostname='$bus_address'";
+ my $query_res = $known_server_db->select_dbentry( $sql_statement );
+ while( my ($hit_num, $hit) = each %{ $query_res } ) {
+ my $bus_address = $hit->{hostname};
+ my $bus_key = $hit->{hostkey};
+ &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header);
+ last;
+ }
+ }
+ }
+ } else {
+ # ... answer is for one specific host
+
+ # get encrypt_key
+ my $encrypt_key = &get_encrypt_key($answer_target);
+ if( not defined $encrypt_key ) {
+ # unknown target, forward msg to bus
+ daemon_log("WARNING: unknown target '$answer_target'", 3);
+ if( $bus_activ eq "true" ) {
+ daemon_log("INFO: try to forward msg '$answer_header' to bus '$bus_address'", 5);
+ my $sql_statement = "SELECT * FROM known_server WHERE hostname='$bus_address'";
+ my $query_res = $known_server_db->select_dbentry( $sql_statement );
+ my $bus_key = $query_res->{1}->{hostkey};
+ &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header);
+ }
+ next;
+ }
+ # send_msg
+ &send_msg_to_target($answer, $answer_target, $encrypt_key, $answer_header);
+ }
}
- $hd->blocking($was_blocking);
- next SLEEP unless at_eol($line);
- last INPUT_READY;
}
}
- return $line;
+
+ if( $client_answer ) {
+ $heap->{client}->put($client_answer);
+ }
+
+ return;
}
-sub at_eol($) {
- $_[0] =~ /\n\z/ ;
+
+
+sub trigger_db_loop {
+# my ($kernel) = $_[KERNEL];
+ my ($kernel) = @_ ;
+ $kernel->delay_set('watch_for_new_jobs', $job_queue_loop_delay);
}
-#==== MAIN = main ==============================================================
+sub watch_for_new_jobs {
+ my ($kernel,$heap) = @_[KERNEL, HEAP];
+
+ # check gosa job queue for jobs with executable timestamp
+ my $timestamp = &get_time();
+
+ my $sql_statement = "SELECT * FROM ".$job_queue_table_name.
+ " WHERE status='waiting' AND timestamp<'$timestamp'";
+
+ my $res = $job_db->select_dbentry( $sql_statement );
+
+ while( my ($id, $hit) = each %{$res} ) {
+
+ my $jobdb_id = $hit->{id};
+ my $macaddress = $hit->{macaddress};
+ my $job_msg_hash = &transform_msg2hash($hit->{xmlmessage});
+ my $out_msg_hash = $job_msg_hash;
+ my $sql_statement = "SELECT * FROM known_clients WHERE macaddress='$macaddress'";
+ my $res_hash = $known_clients_db->select_dbentry( $sql_statement );
+ # expect macaddress is unique!!!!!!
+ my $target = $res_hash->{1}->{hostname};
+
+ if (not defined $target) {
+ &daemon_log("ERROR: no host found for mac address: $job_msg_hash->{mac}[0]", 1);
+ &daemon_log("xml message: $hit->{xmlmessage}", 5);
+ my $sql_statement = "UPDATE $job_queue_table_name ".
+ "SET status='error', result='no host found for mac address' ".
+ "WHERE id='$jobdb_id'";
+ my $res = $job_db->update_dbentry($sql_statement);
+ next;
+ }
+
+ # add target
+ &add_content2xml_hash($out_msg_hash, "target", $target);
+
+ # add new header
+ my $out_header = $job_msg_hash->{header}[0];
+ $out_header =~ s/job_/gosa_/;
+ delete $out_msg_hash->{header};
+ &add_content2xml_hash($out_msg_hash, "header", $out_header);
+
+ # add sqlite_id
+ &add_content2xml_hash($out_msg_hash, "jobdb_id", $jobdb_id);
+
+ my $out_msg = &create_xml_string($out_msg_hash);
+
+ # encrypt msg as a GosaPackage module
+ my $cipher = &create_ciphering($GosaPackages_key);
+ my $crypted_out_msg = &encrypt_msg($out_msg, $cipher);
+
+ my $error = &send_msg_hash2address($out_msg_hash, "$gosa_ip:$gosa_port", $GosaPackages_key);
+
+ if ($error == 0) {
+ my $sql_statement = "UPDATE $job_queue_table_name ".
+ "SET status='processing', targettag='$target' ".
+ "WHERE id='$jobdb_id'";
+ my $res = $job_db->update_dbentry($sql_statement);
+ } else {
+ my $sql_statement = "UPDATE $job_queue_table_name ".
+ "SET status='error' ".
+ "WHERE id='$jobdb_id'";
+ my $res = $job_db->update_dbentry($sql_statement);
+ }
+ }
+
+ $kernel->delay_set('watch_for_new_jobs',3);
+}
+
+
+#==== MAIN = main ==============================================================
# parse commandline options
Getopt::Long::Configure( "bundling" );
GetOptions("h|help" => \&usage,
daemon_log(" ", 1);
daemon_log("$0 started!", 1);
+if ($no_bus > 0) {
+ $bus_activ = "false"
+}
+
+
+
+# delete old DBsqlite lock files
+#unlink('/tmp/gosa_si_lock*');
# connect to gosa-si job queue
-my @job_col_names = ("id", "timestamp", "status", "result", "headertag", "targettag", "xmlmessage", "macaddress");
+my @job_col_names = ("id INTEGER", "timestamp", "status", "result", "headertag", "targettag", "xmlmessage", "macaddress");
$job_db = GOSA::DBsqlite->new($job_queue_file_name);
$job_db->create_table('jobs', \@job_col_names);
$known_server_db = GOSA::DBsqlite->new($known_server_file_name);
$known_server_db->create_table('known_server', \@server_col_names);
-# import all modules
-&import_modules;
-
-# check wether all modules are gosa-si valid passwd check
-
-# create reading and writing vectors
-my $rbits = my $wbits = my $ebits = "";
-
-# add all module inputs to listening vector
-while( my ($mod_name, $info) = each %$known_modules ) {
- my ($input_address, $input_key, $input, $input_activ, $input_type) = @{$info};
- vec($rbits, fileno $input, 1) = 1;
-
-}
-
-
-## start arp fifo
-#if ($no_arp > 0) {
-# $arp_activ = "off";
-#}
-#my $my_fifo;
-#if($arp_activ eq "on") {
-# daemon_log(" ", 1);
-# $my_fifo = &open_fifo($arp_fifo_path);
-# if($my_fifo == 0) { die "fifo file disappeared\n" }
-# sysopen($arp_fifo, $arp_fifo_path, O_RDWR) or die "can't read from $arp_fifo: $!" ;
-#
-# vec($rbits, fileno $arp_fifo, 1) = 1;
-#}
-#
-
-##################################
-#everything ready, okay, lets start
-##################################
-while(1) {
-
- # add all handles from the childs
- while ( my ($pid, $child_hash) = each %busy_child ) {
-
- # check whether process still exists
- my $exitus_pid = waitpid($pid, WNOHANG);
- if($exitus_pid != 0) {
- delete $busy_child{$pid};
- next;
- }
-
- # add child fhd to the listener
- my $fhd = $$child_hash{'pipe_rd'};
- vec($rbits, fileno $fhd, 1) = 1;
- }
-
- my ($rout, $wout);
- my $nf = select($rout=$rbits, $wout=$wbits, undef, $job_queue_timeout);
-
- # error handling
- if($nf < 0 ) {
- }
-
-
-# if($arp_activ eq "on" && vec($rout, fileno $arp_fifo, 1)) {
-# my $in_msg = <$arp_fifo>;
-# chomp($in_msg);
-# print "arp_activ: msg: $in_msg\n";
-# my $act_passwd = $known_daemons->{$bus_address}->{passwd};
-# print "arp_activ: arp_passwd: $act_passwd\n";
-#
-# my $in_msg_hash = $xml->XMLin($in_msg, ForceArray=>1);
-#
-# my $target = &get_content_from_xml_hash($in_msg_hash, 'target');
-#
-# if ($target eq $server_address) {
-# print "arp_activ: forward to server\n";
-# my $arp_cipher = &create_ciphering($act_passwd);
-# my $crypted_msg = &encrypt_msg($in_msg, $arp_cipher);
-# &activating_child($crypted_msg, $server_ip);
-# } else {
-# print "arp_activ: send to bus\n";
-# &send_msg_hash2address($in_msg_hash, $bus_address);
-# }
-# print "\n";
-# }
-
-
- # check input fhd of all modules
- while ( my ($mod_name, $info) = each %$known_modules) {
- my $input_fhd = @{$info}[2];
- my $input_activ = @{$info}[3];
- if (vec($rout, fileno $input_fhd, 1) && $input_activ eq 'on') {
- daemon_log(" ", 1);
- my $client = $input_fhd->accept();
- my $other_end = getpeername($client);
- if(not defined $other_end) {
- daemon_log("client cannot be identified: $!");
- } else {
- my ($port, $iaddr) = unpack_sockaddr_in($other_end);
- my $actual_ip = inet_ntoa($iaddr);
- daemon_log("accept client at daemon socket from $actual_ip", 5);
- my $in_msg = &read_from_socket($client);
- if(defined $in_msg){
- chomp($in_msg);
- &activating_child($in_msg, $actual_ip, $client);
- } else {
- daemon_log("cannot read from $actual_ip", 5);
- }
- }
- }
- }
-
- # check all processing childs whether they are finished ('done') or
- while ( my ($pid, $child_hash) = each %busy_child ) {
- my $fhd = $$child_hash{'pipe_rd'};
-
- if (vec($rout, fileno $fhd, 1) ) {
- daemon_log("process child $pid is ready to read", 5);
-
- my $in_msg;
- while (1) {
- my $part_in_msg = <$fhd>;
- if( $part_in_msg eq "ENDMESSAGE\n") {
- last;
- }
- $in_msg .= $part_in_msg;
- }
- chomp($in_msg);
-
- daemon_log("process child read:", 7);
- daemon_log("\n$in_msg", 7);
- if (not defined $in_msg) {
- next;
- } elsif ($in_msg =~ "done") {
- delete $busy_child{$pid};
- $free_child{$pid} = $child_hash;
-
- } else {
- # send computed answer back to connected client
- my $act_client = $busy_child{$pid}{client_ref};
- print $act_client $in_msg."\n";
-
- #my $act_pipe = $busy_child{$pid}{pipe_rd};
- delete $busy_child{$pid};
- $free_child{$pid} = $child_hash;
-
- # give the client a chance to read
- sleep(5);
- close ($act_client);
-
- }
- }
- }
-
- # check gosa job queue for jobs with executable timestamp
- my ($seconds, $minutes, $hours, $monthday, $month,
- $year, $weekday, $yearday, $sommertime) = localtime(time);
- $hours = $hours < 10 ? $hours = "0".$hours : $hours;
- $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes;
- $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds;
- $month+=1;
- $month = $month < 10 ? $month = "0".$month : $month;
- $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday;
- $year+=1900;
- my $timestamp = "$year$month$monthday$hours$minutes$seconds";
-
-
- my $res = $job_db->select_dbentry( { table=>$job_queue_table_name, status=>'waiting', timestamp=>$timestamp } );
+# create xml object used for en/decrypting
+$xml = new XML::Simple();
- while( my ($id, $hit) = each %{$res} ) {
-
- my $jobdb_id = $hit->{ROWID};
- my $macaddress = $hit->{macaddress};
- my $job_msg_hash = &transform_msg2hash($hit->{xmlmessage});
- my $out_msg_hash = $job_msg_hash;
- my $res_hash = $known_clients_db->select_dbentry( {table=>'known_clients', macaddress=>$macaddress} );
- # expect macaddress is unique!!!!!!
- my $target = $res_hash->{1}->{hostname};
-
- if (not defined $target) {
- &daemon_log("ERROR: no host found for mac address: $job_msg_hash->{mac}[0]", 1);
- &daemon_log("xml message: $hit->{xmlmessage}", 5);
- my $update_hash = { table=>$job_queue_table_name,
- update=> [ { status=>['error'], result=>["no host found for mac address"] } ],
- where=> [ { ROWID=>[$jobdb_id] } ],
- };
- my $res = $job_db->update_dbentry($update_hash);
-
- next;
- }
-
- # add target
- &add_content2xml_hash($out_msg_hash, "target", $target);
-
- # add new header
- my $out_header = $job_msg_hash->{header}[0];
- $out_header =~ s/job_/gosa_/;
- delete $out_msg_hash->{header};
- &add_content2xml_hash($out_msg_hash, "header", $out_header);
-
- # add sqlite_id
- &add_content2xml_hash($out_msg_hash, "jobdb_id", $jobdb_id);
-
- my $out_msg = &create_xml_string($out_msg_hash);
-
- # encrypt msg as a GosaPackage module
- my $cipher = &create_ciphering($gosa_passwd);
- my $crypted_out_msg = &encrypt_msg($out_msg, $cipher);
-
- my $error = &send_msg_hash2address($out_msg_hash, "$gosa_ip:$gosa_port", $gosa_passwd);
+# create socket for incoming xml messages
+POE::Component::Server::TCP->new(
+ Port => $server_port,
+ ClientInput => \&client_input,
+);
+daemon_log("start socket for incoming xml messages at port '$server_port' ", 1);
+
+# create session for repeatedly checking the job queue for jobs
+POE::Session->create(
+ inline_states => {
+ _start => \&_start,
+ watch_for_new_jobs => \&watch_for_new_jobs,
+ }
+);
-#######################
-# TODO exchange ROWID with jobid, insert column jobid in table jobs befor
- if ($error == 0) {
- my $sql = "UPDATE '$job_queue_table_name' SET status='processing', targettag='$target' WHERE ROWID='$jobdb_id'";
- my $res = $job_db->exec_statement($sql);
- } else {
- my $update_hash = { table=>$job_queue_table_name,
- update=> [ { status=>'error' } ],
- where=> [ { ROWID=>$jobdb_id } ],
- };
- my $res = $job_db->update_dbentry($update_hash);
- }
+# import all modules
+&import_modules;
- }
+# check wether all modules are gosa-si valid passwd check
+POE::Kernel->run();
+exit;
-}