![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
index 7ae02e44dd302cce9f0e2f91827f5822bf0be326..f714cd46608c47190ce216a4742670e9586fe968 100644 (file)
package ClientPackages;
-use Exporter;
-@ISA = ("Exporter");
-
# Each module has to have a function 'process_incoming_msg'. This function works as a interface to gosa-sd and receives the msg hash from gosa-sd. 'process_incoming_function checks, wether it has a function to process the incoming msg and forward the msg to it.
use strict;
use warnings;
+
+use Exporter;
use GOSA::GosaSupportDaemon;
use IO::Socket::INET;
use XML::Simple;
use Socket;
use Net::hostent;
+our @ISA = ("Exporter");
+
my $event_dir = "/usr/lib/gosa-si/server/ClientPackages";
use lib "/usr/lib/gosa-si/server/ClientPackages";
END {}
my ($server_ip, $server_port, $ClientPackages_key, $max_clients, $ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password, $server_interface);
-#my ($bus_activ, $bus_key, $bus_ip, $bus_port);
my $server;
my $network_interface;
-#my $no_bus;
my (@ldap_cfg, @pam_cfg, @nss_cfg, $goto_admin, $goto_secret);
my $mesg;
foreach my $log_line (@$result) {
if ($log_line =~ / succeed: /) {
- &main::daemon_log("0 DEBUG: ClientPackages - $log_line", 7);
+ &main::daemon_log("0 INFO: ClientPackages - $log_line", 5);
} else {
&main::daemon_log("0 ERROR: ClientPackages - $log_line", 1);
}
@@ -147,12 +146,39 @@ if((not defined($main::gosa_unit_tag)) || length($main::gosa_unit_tag) == 0) {
} else {
&main::daemon_log("0 INFO: Using gosaUnitTag from config-file: $main::gosa_unit_tag",5);
}
+ &main::release_ldap_handle($ldap_handle);
}
my $server_address = "$server_ip:$server_port";
$main::server_address = $server_address;
+{
+ # Check if ou=incoming exists
+ # TODO: This should be transferred to a module init-function
+ my $ldap_handle = &main::get_ldap_handle();
+ if( defined($ldap_handle) ) {
+ &main::daemon_log("0 INFO: Searching for ou=incoming container for new clients", 5);
+ # Perform search
+ my $mesg = $ldap_handle->search(
+ base => $ldap_base,
+ scope => 'one',
+ filter => "(&(ou=incoming)(objectClass=organizationalUnit))"
+ );
+ if(not defined($mesg->count) or $mesg->count == 0) {
+ my $incomingou = Net::LDAP::Entry->new();
+ $incomingou->dn('ou=incoming,'.$ldap_base);
+ $incomingou->add('objectClass' => 'organizationalUnit');
+ $incomingou->add('ou' => 'incoming');
+ my $result = $incomingou->update($ldap_handle);
+ if($result->code != 0) {
+ &main::daemon_log("0 ERROR: Problem adding ou=incoming: '".$result->error()."'!", 1);
+ }
+ }
+ }
+ &main::release_ldap_handle($ldap_handle);
+}
+
### functions #################################################################
# skip PREFIX
$header =~ s/^CLMSG_//;
- &main::daemon_log("$session_id DEBUG: ClientPackages: msg to process: $header", 7);
+ &main::daemon_log("$session_id DEBUG: ClientPackages: msg to process: $header", 26);
if( 0 == length @target_l){
&main::daemon_log("$session_id ERROR: no target specified for msg $header", 1);
$error++;
- }
-
- if( 1 == length @target_l) {
+ } elsif( 1 == length @target_l) {
my $target = $target_l[0];
- if(&server_matches($target)) {
+ if(&server_matches($target, $session_id)) {
if ($header eq 'new_key') {
@out_msg_l = &new_key($msg_hash)
} elsif ($header eq 'here_i_am') {
} else {
# a event exists with the header as name
if( exists $event2module_hash->{$header} ) {
- &main::daemon_log("$session_id INFO: found event '$header' at event-module '".$event2module_hash->{$header}."'", 5);
+ &main::daemon_log("$session_id DEBUG: found event '$header' at event-module '".$event2module_hash->{$header}."'", 26);
no strict 'refs';
@out_msg_l = &{$event2module_hash->{$header}."::$header"}($msg, $msg_hash, $session_id);
&main::daemon_log("$session_id ERROR: client '$target' is not registered for event '$header', processing is aborted", 1);
@out_msg_l = ();
}
-
-
-
-
- }
- else {
- &main::daemon_log("INFO: msg is not for gosa-si-server '$server_address', deliver it to target '$target'", 5);
+ } else {
+ &main::daemon_log("DEBUG: msg is not for gosa-si-server '$server_address', deliver it to target '$target'", 26);
push(@out_msg_l, $msg);
}
}
if ( defined($msg_hash->{'force-hostname'}[0]) &&
length($msg_hash->{'force-hostname'}[0]) > 0){
# $heap->{force-hostname}->{$mac_address}= $msg_hash->{'force-hostname'}[0];
- open (TFILE, ">/var/tmp/$mac_address");
- print TFILE $msg_hash->{'force-hostname'}[0];
- close (TFILE);
+ open (my $TFILE, ">", "/var/tmp/$mac_address");
+ print $TFILE $msg_hash->{'force-hostname'}[0];
+ close ($TFILE);
} else {
# $heap->{force-hostname}->{$mac_address}= undef;
if ( -e "/var/tmp/$mac_address") {
my $db_res= $main::known_clients_db->select_dbentry( $sql_statement );
if ( 1 == keys %{$db_res} ) {
- &main::daemon_log("$session_id WARNING: $source is already known as a client", 1);
- &main::daemon_log("$session_id WARNING: values for $source are being overwritten", 1);
+ &main::daemon_log("$session_id WARNING: $source is already known as a client", 3);
+ &main::daemon_log("$session_id WARNING: values for $source are being overwritten", 3);
$nu_clients --;
}
# number of current active clients
my $act_nu_clients = $nu_clients;
- &main::daemon_log("$session_id INFO: number of current active clients: $act_nu_clients", 5);
- &main::daemon_log("$session_id INFO: number of maximal allowed clients: $max_clients", 5);
+ &main::daemon_log("$session_id DEBUG: number of current active clients: $act_nu_clients", 26);
+ &main::daemon_log("$session_id DEBUG: number of maximal allowed clients: $max_clients", 26);
if($max_clients <= $act_nu_clients) {
my $out_hash = &create_xml_hash("denied", $server_address, $source);
} );
if ($res != 0) {
- &main::daemon_log("$session_id ERROR: cannot add entry to known_clients: $res");
+ &main::daemon_log("$session_id ERROR: cannot add entry to known_clients: $res",1);
return;
}
# return acknowledgement to client
$out_hash = &create_xml_hash("registered", $server_address, $source);
-
# give the new client his ldap config
# Workaround: Send within the registration response, if the client will get an ldap config later
my $new_ldap_config_out = &new_ldap_config($source, $session_id);
"SET status='error', result='$new_ldap_config_out' ".
"WHERE status='processing' AND macaddress LIKE '$mac_address'";
my $res = $main::job_db->update_dbentry($sql_statement);
- &main::daemon_log("$session_id DEBUG: $sql_statement RESULT: $res", 7);
+ &main::daemon_log("$session_id DEBUG: $sql_statement RESULT: $res", 26);
}
my $register_out = &create_xml_string($out_hash);
push(@out_msg_l, $register_out);
push(@out_msg_l, $syslog_config_out);
}
+ # update ldap entry if exists
+ my $ldap_handle= &main::get_ldap_handle();
+ my $ldap_res= $ldap_handle->search(
+ base => $ldap_base,
+ scope => 'sub',
+ #attrs => ['ipHostNumber'],
+ filter => "(&(objectClass=GOhard)(macAddress=$mac_address))");
+ if($ldap_res->code) {
+ &main::daemon_log("$session_id ERROR: LDAP Entry for client with mac address $mac_address not found: ".$ldap_res->error, 1);
+ } elsif ($ldap_res->count != 1) {
+ &main::daemon_log("$session_id ERROR: client with mac address $mac_address not found/unique/active - not updating ldap entry".
+ "\n\tbase: $ldap_base".
+ "\n\tscope: sub".
+ "\n\tattrs: ipHostNumber".
+ "\n\tfilter: (&(objectClass=GOhard)(macaddress=$mac_address))", 1);
+ } else {
+ my $entry= $ldap_res->pop_entry();
+ my $ip_address= $entry->get_value('ipHostNumber');
+ my $source_ip= ($1) if $source =~ /^([0-9\.]*?):[0-9]*$/;
+ if(not defined($ip_address) and defined($source_ip)) {
+ $entry->add( 'ipHostNumber' => $source_ip );
+ my $mesg= $entry->update($ldap_handle);
+ $mesg->code && &main::daemon_log("$session_id ERROR: Updating IP Address for client with mac address $mac_address failed with '".$mesg->mesg()."'", 1);
+ } elsif(defined($source_ip) and not ($source_ip eq $ip_address)) {
+ $entry->replace( 'ipHostNumber' => $source_ip );
+ my $mesg= $entry->update($ldap_handle);
+ $mesg->code && &main::daemon_log("$session_id ERROR: Updating IP Address for client with mac address $mac_address failed with '".$mesg->mesg()."'", 1);
+ } elsif (not defined($source_ip)) {
+ &main::daemon_log("ERROR: Could not parse source value '$source' perhaps not an ip address?", 1);
+ }
+ }
+ &main::release_ldap_handle($ldap_handle);
+
# notify registered client to all other server
my %mydata = ( 'client' => $source, 'macaddress' => $mac_address);
my $mymsg = &build_msg('new_foreign_client', $main::server_address, "KNOWN_SERVER", \%mydata);
push(@out_msg_l, $mymsg);
- &main::daemon_log("$session_id INFO: register client $source ($mac_address)", 5);
- &main::daemon_log("$session_id INFO: client version: $client_status - $client_revision", 5);
+ &main::daemon_log("$session_id INFO: register client $source ($mac_address), $client_status - $client_revision", 5);
return @out_msg_l;
}
# what is your search pattern
my $search_pattern = @{$msg_hash->{who_has}}[0];
my $search_element = @{$msg_hash->{$search_pattern}}[0];
- &main::daemon_log("who_has-msg looking for $search_pattern $search_element", 7);
+ #&main::daemon_log("who_has-msg looking for $search_pattern $search_element", 7);
# scanning known_clients for search_pattern
my @host_addresses = keys %$main::known_clients;
sub new_syslog_config {
my ($mac_address, $session_id) = @_;
my $syslog_msg;
-
- # Build LDAP connection
- my $ldap_handle = &main::get_ldap_handle($session_id);
- if( not defined $ldap_handle ) {
- &main::daemon_log("$session_id ERROR: cannot connect to ldap: $ldap_uri", 1);
- return;
- }
+ my $ldap_handle=&main::get_ldap_handle();
# Perform search
my $ldap_res = $ldap_handle->search( base => $ldap_base,
attrs => ['gotoSyslogServer'],
filter => "(&(objectClass=GOhard)(macaddress=$mac_address))");
if($ldap_res->code) {
- &main::daemon_log("$session_id ".$ldap_res->error, 1);
+ &main::daemon_log("$session_id ERROR: new_syslog_config: ldap search: ".$ldap_res->error, 1);
+ &main::release_ldap_handle($ldap_handle);
return;
}
"\n\tscope: sub".
"\n\tattrs: gotoSyslogServer".
"\n\tfilter: (&(objectClass=GOhard)(macaddress=$mac_address))", 1);
+ &main::release_ldap_handle($ldap_handle);
return;
}
my $ldap_res = $ldap_handle->search( base => $ldap_base,
scope => 'sub',
attrs => ['gotoSyslogServer'],
- filter => "(&(objectClass=gosaGroupOfNames)(member=$filter_dn))");
+ filter => "(&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))");
if($ldap_res->code) {
- &main::daemon_log("$session_id ".$ldap_res->error, 1);
+ &main::daemon_log("$session_id ERROR: new_syslog_config: ldap search: ".$ldap_res->error, 1);
+ &main::release_ldap_handle($ldap_handle);
return;
}
"\n\tbase: $ldap_base".
"\n\tscope: sub".
"\n\tattrs: gotoSyslogServer".
- "\n\tfilter: (&(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1);
+ "\n\tfilter: (&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1);
+ &main::release_ldap_handle($ldap_handle);
return;
}
# Return if no syslog server specified
if (not defined $syslog_server) {
&main::daemon_log("$session_id WARNING: no syslog server specified for this host '$mac_address'", 3);
+ &main::release_ldap_handle($ldap_handle);
return;
}
my $syslog_msg_hash = &create_xml_hash("new_syslog_config", $server_address, $mac_address);
&add_content2xml_hash($syslog_msg_hash, "server", $syslog_server);
+ &main::release_ldap_handle($ldap_handle);
return &create_xml_string($syslog_msg_hash);
}
sub new_ntp_config {
my ($address, $session_id) = @_;
my $ntp_msg;
-
- # Build LDAP connection
- my $ldap_handle = &main::get_ldap_handle($session_id);
- if( not defined $ldap_handle ) {
- &main::daemon_log("$session_id ERROR: cannot connect to ldap: $ldap_uri", 1);
- return;
- }
+ my $ldap_handle=&main::get_ldap_handle();
# Perform search
my $ldap_res = $ldap_handle->search( base => $ldap_base,
attrs => ['gotoNtpServer'],
filter => "(&(objectClass=GOhard)(macaddress=$address))");
if($ldap_res->code) {
- &main::daemon_log("$session_id ".$ldap_res->error, 1);
+ &main::daemon_log("$session_id ERROR: new_ntp_config: ldap search: ".$ldap_res->error, 1);
+ &main::release_ldap_handle($ldap_handle);
return;
}
"\n\tscope: sub".
"\n\tattrs: gotoNtpServer".
"\n\tfilter: (&(objectClass=GOhard)(macaddress=$address))", 1);
+ &main::release_ldap_handle($ldap_handle);
return;
}
my $ldap_res = $ldap_handle->search( base => $ldap_base,
scope => 'sub',
attrs => ['gotoNtpServer'],
- filter => "(&(objectClass=gosaGroupOfNames)(member=$filter_dn))");
+ filter => "(&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))");
if($ldap_res->code) {
- &main::daemon_log("$session_id ".$ldap_res->error, 1);
+ &main::daemon_log("$session_id ERROR: new_ntp_config: ldap search: ".$ldap_res->error, 1);
+ &main::release_ldap_handle($ldap_handle);
return;
}
"\n\tbase: $ldap_base".
"\n\tscope: sub".
"\n\tattrs: gotoNtpServer".
- "\n\tfilter: (&(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1);
+ "\n\tfilter: (&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1);
+ &main::release_ldap_handle($ldap_handle);
return;
}
# Return if no ntp server specified
if ((not @ntp_servers) || (@ntp_servers == 0)) {
&main::daemon_log("$session_id WARNING: no ntp server specified for this host '$address'", 3);
+ &main::release_ldap_handle($ldap_handle);
return;
}
&add_content2xml_hash($ntp_msg_hash, "server", $ntp_server);
}
+ &main::release_ldap_handle($ldap_handle);
return &create_xml_string($ntp_msg_hash);
}
# check hit
my $hit_counter = keys %{$res};
if( not $hit_counter == 1 ) {
- &main::daemon_log("$session_id ERROR: more or no hit found in known_clients_db by query '$sql_statement'", 1);
+ &main::daemon_log("$session_id ERROR: new_ldap_config: more or no hit found in known_clients_db by query '$sql_statement'", 1);
+ return;
}
$address = $res->{1}->{hostname};
my $macaddress = $res->{1}->{macaddress};
my $hostkey = $res->{1}->{hostkey};
-
+
if (not defined $macaddress) {
- &main::daemon_log("$session_id ERROR: no mac address found for client $address", 1);
+ &main::daemon_log("$session_id ERROR: new_ldap_config: no mac address found for client $address", 1);
return;
}
- # Build LDAP connection
- my $ldap_handle = &main::get_ldap_handle($session_id);
- if( not defined $ldap_handle ) {
- &main::daemon_log("$session_id ERROR: cannot connect to ldap: $ldap_uri", 1);
- return;
- }
-
# Perform search
+ my $ldap_handle=&main::get_ldap_handle();
$mesg = $ldap_handle->search( base => $ldap_base,
scope => 'sub',
attrs => ['dn', 'gotoLdapServer', 'gosaUnitTag', 'FAIclass'],
filter => "(&(objectClass=GOhard)(macaddress=$macaddress))");
if($mesg->code) {
- &main::daemon_log("$session_id ".$mesg->error, 1);
+ &main::daemon_log("$session_id ERROR: new_ldap_config: ldap search: ".$mesg->error, 1);
+ &main::release_ldap_handle($ldap_handle);
return;
}
"\n\tscope: sub".
"\n\tattrs: dn, gotoLdapServer".
"\n\tfilter: (&(objectClass=GOhard)(macaddress=$macaddress))", 1);
+ &main::release_ldap_handle($ldap_handle);
return;
}
$mesg = $ldap_handle->search( base => $ldap_base,
scope => 'sub',
attrs => ['dn', 'gotoLdapServer', 'FAIclass'],
- filter => "(&(objectClass=gosaGroupOfNames)(member=$filter_dn))");
+ filter => "(&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))");
if($mesg->code) {
- &main::daemon_log("$session_id ERROR: unable to search for '(&(objectClass=gosaGroupOfNames)(member=$filter_dn))': ".$mesg->error, 1);
+ &main::daemon_log("$session_id ERROR: new_ldap_config: unable to search for '(&(objectClass=gosaGroupOfNames)(member=$filter_dn))': ".$mesg->error, 1);
+ &main::release_ldap_handle($ldap_handle);
return;
}
# Sanity check
if ($mesg->count != 1) {
- &main::daemon_log("$session_id ERROR: client with mac address $macaddress not found/unique/active - not sending ldap config".
+ &main::daemon_log("$session_id ERROR: new_ldap_config: client with mac address $macaddress not found/unique/active - not sending ldap config".
"\n\tbase: $ldap_base".
"\n\tscope: sub".
"\n\tattrs: dn, gotoLdapServer, FAIclass".
- "\n\tfilter: (&(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1);
+ "\n\tfilter: (&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1);
+ &main::release_ldap_handle($ldap_handle);
return;
}
filter => "(&(objectClass=gosaAdministrativeUnit)(gosaUnitTag=$unit_tag))");
#$mesg->code && die $mesg->error;
if($mesg->code) {
- &main::daemon_log($mesg->error, 1);
+ &main::daemon_log("$session_id ERROR: new_ldap_config: ldap search: ".$mesg->error, 1);
+ &main::release_ldap_handle($ldap_handle);
return "error-unit-tag-count-0";
}
# Sanity check
if ($mesg->count != 1) {
- &main::daemon_log("WARNING: cannot find administrative unit for client with tag $unit_tag", 1);
+ &main::daemon_log("WARNING: cannot find administrative unit for client with tag $unit_tag", 3);
+ &main::release_ldap_handle($ldap_handle);
return "error-unit-tag-count-".$mesg->count;
}
# Append unit Tag
$data{'unit_tag'}= $unit_tag;
}
+ &main::release_ldap_handle($ldap_handle);
# Send information
return &build_msg("new_ldap_config", $server_address, $address, \%data);
# check hit
my $hit_counter = keys %{$res};
if( not $hit_counter == 1 ) {
- &main::daemon_log("$session_id ERROR: more or no hit found in known_clients_db by query by '$address'", 1);
+ &main::daemon_log("$session_id ERROR: hardware_config: more or no hit found in known_clients_db by query by '$address'", 1);
}
my $macaddress = $res->{1}->{macaddress};
my $hostkey = $res->{1}->{hostkey};
if (not defined $macaddress) {
- &main::daemon_log("$session_id ERROR: no mac address found for client $address", 1);
+ &main::daemon_log("$session_id ERROR: hardware_config: no mac address found for client $address", 1);
return;
}
- # Build LDAP connection
- my $ldap_handle = &main::get_ldap_handle($session_id);
- if( not defined $ldap_handle ) {
- &main::daemon_log("$session_id ERROR: cannot connect to ldap: $ldap_uri", 1);
- return;
- }
-
# Perform search
+ my $ldap_handle=&main::get_ldap_handle();
$mesg = $ldap_handle->search(
base => $ldap_base,
scope => 'sub',
);
if($mesg->count() == 0) {
- &main::daemon_log("Host was not found in LDAP!", 1);
+ &main::daemon_log("$session_id INFO: Host was not found in LDAP!", 5);
# set status = hardware_detection at jobqueue if entry exists
# TODO
} else {
my $entry= $mesg->entry(0);
if (defined($entry->get_value("gotoHardwareChecksum"))) {
- if (! $entry->get_value("gotoHardwareChecksum") eq $gotoHardwareChecksum) {
+ if (! ($entry->get_value("gotoHardwareChecksum") eq $gotoHardwareChecksum)) {
$entry->replace(gotoHardwareChecksum => $gotoHardwareChecksum);
if($entry->update($ldap_handle)) {
&main::daemon_log("$session_id INFO: Hardware changed! Detection triggered.", 5);
}
} else {
# Nothing to do
+ &main::release_ldap_handle($ldap_handle);
return;
}
}
$data{'goto_secret'}= $goto_secret;
}
+ &main::release_ldap_handle($ldap_handle);
+
# Send information
return &build_msg("detect_hardware", $server_address, $address, \%data);
}
sub server_matches {
- my $target = shift;
+ my ($target, $session_id) = @_ ;
my $target_ip = ($1) if $target =~ /^([0-9\.]*?):.*$/;
if(!defined($target_ip) or length($target_ip) == 0) {
return;
} else {
my $PROC_NET_ROUTE= ('/proc/net/route');
- open(PROC_NET_ROUTE, "<$PROC_NET_ROUTE")
+ open(my $FD_PROC_NET_ROUTE, "<", "$PROC_NET_ROUTE")
or die "Could not open $PROC_NET_ROUTE";
- my @ifs = <PROC_NET_ROUTE>;
+ my @ifs = <$FD_PROC_NET_ROUTE>;
- close(PROC_NET_ROUTE);
+ close($FD_PROC_NET_ROUTE);
# Eat header line
shift @ifs;
}
}
} else {
- &main::daemon_log("Target ip $target_ip does not match Server ip $server_ip",1);
+ &main::daemon_log("$session_id INFO: Target ip $target_ip does not match Server ip $server_ip",5);
}
return $result;