X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;ds=sidebyside;f=gosa-si%2Fgosa-si-server;h=2f224016e2d92408e090ab500892eb190d773533;hb=5993c371fd3cfc73eada2207230c0841cebd08d7;hp=b6d603042a055468665e565c493edd3b3c7f547e;hpb=2a118c6e1ce0d181a1083ca47bb3eae46fbdfc62;p=gosa.git diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server index b6d603042..2f224016e 100755 --- a/gosa-si/gosa-si-server +++ b/gosa-si/gosa-si-server @@ -84,9 +84,10 @@ my %repo_dirs=(); our (%cfg_defaults, $log_file, $pid_file, $server_ip, $server_port, $ClientPackages_key, $arp_activ, $gosa_unit_tag, - $GosaPackages_key, $gosa_ip, $gosa_port, $gosa_timeout, + $GosaPackages_key, $gosa_timeout, $foreign_server_string, $server_domain, $ServerPackages_key, $foreign_servers_register_delay, $wake_on_lan_passwd, $job_synchronization, $modified_jobs_loop_delay, + $arp_enabled, $arp_interface, ); # additional variable which should be globaly accessable @@ -99,12 +100,6 @@ our $forground; our $cfg_file; our ($ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password, $ldap_server_dn); -# dak variables -our $dak_base_directory; -our $dak_signing_keys_directory; -our $dak_queue_directory; -our $dak_user; - # specifies the verbosity of the daemon_log $verbose = 0 ; @@ -215,6 +210,7 @@ my $max_children = 2; "pid-file" => [\$pid_file, "/var/run/".$prg.".pid"], }, "server" => { + "ip" => [\$server_ip, "0.0.0.0"], "port" => [\$server_port, "20081"], "known-clients" => [\$known_clients_file_name, '/var/lib/gosa-si/clients.db' ], "known-servers" => [\$known_server_file_name, '/var/lib/gosa-si/servers.db'], @@ -236,16 +232,10 @@ my $max_children = 2; "wol-password" => [\$wake_on_lan_passwd, ""], }, "GOsaPackages" => { - "ip" => [\$gosa_ip, "0.0.0.0"], - "port" => [\$gosa_port, "20082"], "job-queue" => [\$job_queue_file_name, '/var/lib/gosa-si/jobs.db'], "job-queue-loop-delay" => [\$job_queue_loop_delay, 3], "messaging-db-loop-delay" => [\$messaging_db_loop_delay, 3], "key" => [\$GosaPackages_key, "none"], - "dak-base" => [\$dak_base_directory, "/srv/archive"], - "dak-keyring" => [\$dak_signing_keys_directory, "/srv/archive/keyrings"], - "dak-queue" => [\$dak_queue_directory, "/srv/archive/queue"], - "dak-user" => [\$dak_user, "deb-dak"], }, "ClientPackages" => { "key" => [\$ClientPackages_key, "none"], @@ -255,9 +245,14 @@ my $max_children = 2; "domain" => [\$server_domain, ""], "key" => [\$ServerPackages_key, "none"], "key-lifetime" => [\$foreign_servers_register_delay, 120], - "job-synchronization" => [\$job_synchronization, "true"], + "job-synchronization-enabled" => [\$job_synchronization, "true"], "synchronization-loop" => [\$modified_jobs_loop_delay, 5], -} + }, +"ArpHandler" => { + "enabled" => [\$arp_enabled, "true"], + "interface" => [\$arp_interface, "all"], + }, + ); @@ -288,24 +283,24 @@ EOF # RETURNS: nothing # DESCRIPTION: read cfg_file and set variables #=============================================================================== -sub read_configfile { - my $cfg; - if( defined( $cfg_file) && ( (-s $cfg_file) > 0 )) { - if( -r $cfg_file ) { - $cfg = Config::IniFiles->new( -file => $cfg_file ); - } else { - print STDERR "Couldn't read config file!\n"; - } - } else { - $cfg = Config::IniFiles->new() ; - } - foreach my $section (keys %cfg_defaults) { - foreach my $param (keys %{$cfg_defaults{ $section }}) { - my $pinfo = $cfg_defaults{ $section }{ $param }; - ${@$pinfo[ 0 ]} = $cfg->val( $section, $param, @$pinfo[ 1 ] ); - } - } -} +#sub read_configfile { +# my $cfg; +# if( defined( $cfg_file) && ( (-s $cfg_file) > 0 )) { +# if( -r $cfg_file ) { +# $cfg = Config::IniFiles->new( -file => $cfg_file ); +# } else { +# print STDERR "Couldn't read config file!\n"; +# } +# } else { +# $cfg = Config::IniFiles->new() ; +# } +# foreach my $section (keys %cfg_defaults) { +# foreach my $param (keys %{$cfg_defaults{ $section }}) { +# my $pinfo = $cfg_defaults{ $section }{ $param }; +# ${@$pinfo[ 0 ]} = $cfg->val( $section, $param, @$pinfo[ 1 ] ); +# } +# } +#} #=== FUNCTION ================================================================ @@ -449,10 +444,9 @@ sub import_modules { } my $mod_name = $1; + # ArpHandler switch if( $file =~ /ArpHandler.pm/ ) { - if( $no_arp > 0 ) { - next; - } + if( $arp_enabled eq "false" ) { next; } } eval { require $file; }; @@ -472,11 +466,36 @@ sub import_modules { close (DIR); } +#=== FUNCTION ================================================================ +# NAME: password_check +# PARAMETERS: nothing +# RETURNS: nothing +# DESCRIPTION: escalates an critical error if two modules exist which are avaialable by +# the same password +#=============================================================================== +sub password_check { + my $passwd_hash = {}; + while (my ($mod_name, $mod_info) = each %$known_modules) { + my $mod_passwd = @$mod_info[1]; + if (not defined $mod_passwd) { next; } + if (not exists $passwd_hash->{$mod_passwd}) { + $passwd_hash->{$mod_passwd} = $mod_name; + + # escalates critical error + } else { + &daemon_log("0 ERROR: two loaded modules do have the same password. Please modify the 'key'-parameter in config file"); + &daemon_log("0 ERROR: module='$mod_name' and module='".$passwd_hash->{$mod_passwd}."'"); + exit( -1 ); + } + } + +} + #=== FUNCTION ================================================================ # NAME: sig_int_handler # PARAMETERS: signal - string - signal arose from system -# RETURNS: noting +# RETURNS: nothing # DESCRIPTION: handels tasks to be done befor signal becomes active #=============================================================================== sub sig_int_handler { @@ -596,8 +615,8 @@ sub check_outgoing_xml_validity { } }; if($@) { - daemon_log("$session_id WARNING: outgoing msg is not gosa-si envelope conform: ", 5); - daemon_log("$@ ".(defined($msg) && length($msg)>0)?$msg:"Empty Message", 5); + daemon_log("$session_id ERROR: outgoing msg is not gosa-si envelope conform: $@", 1); + daemon_log("$@ ".(defined($msg) && length($msg)>0)?$msg:"Empty Message", 1); $msg_hash = undef; } @@ -825,36 +844,6 @@ sub open_socket { } -# moved to GosaSupportDaemon: 03-06-2008: rettenbe -#=== FUNCTION ================================================================ -# NAME: get_ip -# PARAMETERS: interface name (i.e. eth0) -# RETURNS: (ip address) -# DESCRIPTION: Uses ioctl to get ip address directly from system. -#=============================================================================== -#sub get_ip { -# my $ifreq= shift; -# my $result= ""; -# my $SIOCGIFADDR= 0x8915; # man 2 ioctl_list -# my $proto= getprotobyname('ip'); -# -# socket SOCKET, PF_INET, SOCK_DGRAM, $proto -# or die "socket: $!"; -# -# if(ioctl SOCKET, $SIOCGIFADDR, $ifreq) { -# my ($if, $sin) = unpack 'a16 a16', $ifreq; -# my ($port, $addr) = sockaddr_in $sin; -# my $ip = inet_ntoa $addr; -# -# if ($ip && length($ip) > 0) { -# $result = $ip; -# } -# } -# -# return $result; -#} - - sub get_local_ip_for_remote_ip { my $remote_ip= shift; my $result="0.0.0.0"; @@ -924,7 +913,7 @@ sub send_msg_to_target { # opensocket my $socket = &open_socket($address); if( !$socket ) { - daemon_log("$session_id ERROR: cannot send ".$header."msg to $address , host not reachable", 1); + daemon_log("$session_id WARNING: cannot send ".$header."msg to $address , host not reachable", 3); $error++; } @@ -1048,8 +1037,8 @@ sub msg_to_decrypt { if(( !$msg ) || ( !$msg_hash ) || ( !$module )){ # if an incoming msg could not be decrypted (maybe a wrong key), send client a ping. If the client # could not understand a msg from its server the client cause a re-registering process - daemon_log("$session_id INFO cannot understand incoming msg, send 'ping'-msg to all host with ip '".$heap->{remote_ip}. - "' to cause a re-registering of the client if necessary", 5); + daemon_log("$session_id WARNING cannot understand incoming msg, send 'ping'-msg to all host with ip '".$heap->{remote_ip}. + "' to cause a re-registering of the client if necessary", 3); my $sql_statement = "SELECT * FROM $main::known_clients_tn WHERE (hostname LIKE '".$heap->{'remote_ip'}."%')"; my $query_res = $known_clients_db->select_dbentry( $sql_statement ); while( my ($hit_num, $hit) = each %{ $query_res } ) { @@ -1113,6 +1102,11 @@ sub msg_to_decrypt { my $hostname = $res->{1}->{'hostname'}; $msg =~ s/$target<\/target>/$hostname<\/target>/; #print STDERR "target is a client address in known_clients -> process here\n"; + my $local_address = &get_local_ip_for_remote_ip($target_ip).":$server_port"; + if ($source eq "GOSA") { + $msg =~ s/<\/xml>/$local_address,$session_id<\/forward_to_gosa><\/xml>/; + } + } else { $not_found_in_known_clients_db = 1; } @@ -1166,6 +1160,7 @@ sub msg_to_decrypt { if(exists $heap->{'client'}) { $msg = &encrypt_msg($msg, $GosaPackages_key); $heap->{'client'}->put($msg); + &daemon_log("$session_id INFO: incoming '$header' message forwarded to GOsa", 5); } $done = 1; #print STDERR "target is own address with forward_to_gosa-tag pointing at myself -> forward to gosa\n"; @@ -1306,6 +1301,7 @@ sub handle_task_done { sub process_task { no strict "refs"; + #CHECK: Not @_[...]? my ($session, $heap, $task) = @_; my $error = 0; my $answer_l; @@ -1470,19 +1466,21 @@ sub session_start { $kernel->sig(USR2 => "recreate_packages_db"); $kernel->delay_set('watch_for_new_jobs', $job_queue_loop_delay); $kernel->delay_set('watch_for_done_jobs', $job_queue_loop_delay); - $kernel->delay_set('watch_for_modified_jobs', $modified_jobs_loop_delay); + $kernel->delay_set('watch_for_modified_jobs', $modified_jobs_loop_delay); $kernel->delay_set('watch_for_new_messages', $messaging_db_loop_delay); $kernel->delay_set('watch_for_delivery_messages', $messaging_db_loop_delay); $kernel->delay_set('watch_for_done_messages', $messaging_db_loop_delay); $kernel->delay_set('watch_for_old_known_clients', $job_queue_loop_delay); + } sub watch_for_done_jobs { + #CHECK: $heap for what? my ($kernel,$heap) = @_[KERNEL, HEAP]; - my $sql_statement = "SELECT * FROM ".$job_queue_tn." WHERE status='done'"; + my $sql_statement = "SELECT * FROM ".$job_queue_tn." WHERE ((status='done') AND (modified='0'))"; my $res = $job_db->select_dbentry( $sql_statement ); while( my ($id, $hit) = each %{$res} ) { @@ -1506,22 +1504,12 @@ sub watch_for_modified_jobs { # if db contains no jobs which should be update, do nothing if (keys %$res != 0) { - # make out of the db result a gosa-si message - my $update_msg = &db_res2si_msg ($res, "foreign_job_updates", "KNOWN_SERVER", "MY_LOCAL_ADDRESS"); - - # determine all other si-server a foreign_job_updates message should be send - my $sql_statement= "SELECT * FROM $known_server_tn"; - my $res = $known_server_db->select_dbentry( $sql_statement ); - while( my ($hit_num, $hit) = each %$res ) { - my $act_update_msg = $update_msg; - my $act_target_address = $hit->{hostname}; - my $act_target_key = $hit->{hostkey}; - my ($act_target_ip, $act_target_port) = split(/:/, $act_target_address); - my $act_source_address = &get_local_ip_for_remote_ip($act_target_ip).":$act_target_port"; - - $act_update_msg =~ s/KNOWN_SERVER<\/target>/$act_target_address<\/target>/g; - $act_update_msg =~ s/MY_LOCAL_ADDRESS<\/source>/$act_source_address<\/source>/g; - &send_msg_to_target($act_update_msg, $act_target_address, $act_target_key, "foreign_job_updates" , "J"); + if ($job_synchronization eq "true") { + # make out of the db result a gosa-si message + my $update_msg = &db_res2si_msg ($res, "foreign_job_updates", "KNOWN_SERVER", "MY_LOCAL_ADDRESS"); + + # update all other SI-server + &inform_all_other_si_server($update_msg); } # set jobs all jobs to modified = 0, wait until the next modification for updates of other si-server @@ -2053,9 +2041,9 @@ sub change_goto_state { sub run_recreate_packages_db { my ($kernel, $session, $heap) = @_[KERNEL, SESSION, HEAP]; my $session_id = $session->ID; - &main::daemon_log("$session_id INFO: Recreating FAI Packages DB ('$fai_release_tn', '$fai_server_tn', '$packages_list_tn')", 4); - $kernel->yield('create_fai_release_db'); - $kernel->yield('create_fai_server_db'); + &main::daemon_log("$session_id INFO: Recreating FAI Packages DB ('$fai_release_tn', '$fai_server_tn', '$packages_list_tn')", 5); + $kernel->yield('create_fai_release_db', $fai_release_tn); + $kernel->yield('create_fai_server_db', $fai_server_tn); return; } @@ -2885,7 +2873,7 @@ GetOptions("h|help" => \&usage, # read and set config parameters &check_cmdline_param ; -&read_configfile; +&read_configfile($cfg_file, %cfg_defaults); &check_pid; $SIG{CHLD} = 'IGNORE'; @@ -3044,6 +3032,12 @@ foreach my $foreign_server (@foreign_server_list) { } +# import all modules +&import_modules; +# check wether all modules are gosa-si valid passwd check +&password_check; + + POE::Component::Server::TCP->new( Alias => "TCP_SERVER", Port => $server_port, @@ -3095,14 +3089,6 @@ POE::Session->create( ); -# import all modules -&import_modules; - -# TODO -# check wether all modules are gosa-si valid passwd check - - - POE::Kernel->run(); exit;