X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;ds=sidebyside;f=gosa-si%2Fgosa-si-server;h=92b803c75068938f059cb1e8ce8f1f90322a0914;hb=f64d03a847306387574cefcb73745ebf20f10b02;hp=14918ba322fa4033516072eccf19424d3555e585;hpb=2e1a7f272ac8f39bc8ebe2e6c33fe7bdd63ab03d;p=gosa.git diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server index 14918ba32..92b803c75 100755 --- a/gosa-si/gosa-si-server +++ b/gosa-si/gosa-si-server @@ -48,13 +48,12 @@ use File::Basename; use File::Find; use File::Copy; use File::Path; -use GOSA::DBsqlite; +use GOSA::DBmysql; use GOSA::GosaSupportDaemon; use POE qw(Component::Server::TCP Wheel::Run Filter::Reference); use Net::LDAP; use Net::LDAP::Util qw(:escape); use Time::HiRes qw( usleep); -use DateTime; my $modules_path = "/usr/lib/gosa-si/modules"; use lib "/usr/lib/gosa-si/modules"; @@ -68,11 +67,9 @@ our $prg= basename($0); our $global_kernel; my ($foreground, $ping_timeout); -my ($bus_activ, $bus, $msg_to_bus, $bus_cipher); my ($server); my ($gosa_server, $job_queue_timeout, $job_queue_loop_delay); my ($messaging_db_loop_delay); -my ($known_modules); my ($procid, $pid); my ($arp_fifo); my ($xml); @@ -81,25 +78,32 @@ my $max_clients; my %repo_files=(); my $repo_path; my %repo_dirs=(); -# variables declared in config file are always set to 'our' + +# Variables declared in config file are always set to 'our' our (%cfg_defaults, $log_file, $pid_file, - $server_ip, $server_port, $ClientPackages_key, + $server_ip, $server_port, $ClientPackages_key, $dns_lookup, $arp_activ, $gosa_unit_tag, - $GosaPackages_key, $gosa_ip, $gosa_port, $gosa_timeout, + $GosaPackages_key, $gosa_timeout, $foreign_server_string, $server_domain, $ServerPackages_key, $foreign_servers_register_delay, + $wake_on_lan_passwd, $job_synchronization, $modified_jobs_loop_delay, + $arp_enabled, $arp_interface, + $opsi_enabled, $opsi_server, $opsi_admin, $opsi_password, + $new_systems_ou, ); # additional variable which should be globaly accessable our $server_address; our $server_mac_address; -our $bus_address; our $gosa_address; -our $no_bus; our $no_arp; our $verbose; our $forground; our $cfg_file; our ($ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password, $ldap_server_dn); +our ($mysql_username, $mysql_password, $mysql_database, $mysql_host); +our $known_modules; +our $root_uid; +our $adm_gid; # specifies the verbosity of the daemon_log @@ -111,8 +115,6 @@ $foreground = 0 ; # specifies the timeout seconds while checking the online status of a registrating client $ping_timeout = 5; -$no_bus = 0; -$bus_activ = "true"; $no_arp = 0; my $packages_list_under_construction = "/tmp/packages_list_creation_in_progress"; my @packages_list_statements; @@ -122,135 +124,165 @@ my $watch_for_new_jobs_in_progress = 0; our $incoming_db; our $incoming_tn = 'incoming'; my $incoming_file_name; -my @incoming_col_names = ("id INTEGER PRIMARY KEY", - "timestamp DEFAULT 'none'", - "headertag DEFAULT 'none'", - "targettag DEFAULT 'none'", - "xmlmessage DEFAULT 'none'", - "module DEFAULT 'none'", - "sessionid DEFAULT '0'", - ); +my @incoming_col_names = ("id INTEGER PRIMARY KEY auto_increment", + "timestamp VARCHAR(14) DEFAULT 'none'", + "headertag VARCHAR(255) DEFAULT 'none'", + "targettag VARCHAR(255) DEFAULT 'none'", + "xmlmessage TEXT", + "module VARCHAR(255) DEFAULT 'none'", + "sessionid VARCHAR(255) DEFAULT '0'", +); # holds all gosa jobs our $job_db; our $job_queue_tn = 'jobs'; my $job_queue_file_name; -my @job_queue_col_names = ("id INTEGER PRIMARY KEY", - "timestamp DEFAULT 'none'", - "status DEFAULT 'none'", - "result DEFAULT 'none'", - "progress DEFAULT 'none'", - "headertag DEFAULT 'none'", - "targettag DEFAULT 'none'", - "xmlmessage DEFAULT 'none'", - "macaddress DEFAULT 'none'", - "plainname DEFAULT 'none'", - ); +my @job_queue_col_names = ("id INTEGER PRIMARY KEY auto_increment", + "timestamp VARCHAR(14) DEFAULT 'none'", + "status VARCHAR(255) DEFAULT 'none'", + "result TEXT", + "progress VARCHAR(255) DEFAULT 'none'", + "headertag VARCHAR(255) DEFAULT 'none'", + "targettag VARCHAR(255) DEFAULT 'none'", + "xmlmessage TEXT", + "macaddress VARCHAR(17) DEFAULT 'none'", + "plainname VARCHAR(255) DEFAULT 'none'", + "siserver VARCHAR(255) DEFAULT 'none'", + "modified INTEGER DEFAULT '0'", +); -# holds all other gosa-sd as well as the gosa-sd-bus +# holds all other gosa-si-server our $known_server_db; our $known_server_tn = "known_server"; my $known_server_file_name; -my @known_server_col_names = ("hostname", "status", "hostkey", "timestamp"); +my @known_server_col_names = ("hostname VARCHAR(255)", "macaddress VARCHAR(17)", "status VARCHAR(255)", "hostkey VARCHAR(255)", "loaded_modules TEXT", "timestamp VARCHAR(14)"); # holds all registrated clients our $known_clients_db; our $known_clients_tn = "known_clients"; my $known_clients_file_name; -my @known_clients_col_names = ("hostname", "status", "hostkey", "timestamp", "macaddress", "events", "keylifetime"); +my @known_clients_col_names = ("hostname VARCHAR(255)", "status VARCHAR(255)", "hostkey VARCHAR(255)", "timestamp VARCHAR(14)", "macaddress VARCHAR(17)", "events TEXT", "keylifetime VARCHAR(255)"); # holds all registered clients at a foreign server our $foreign_clients_db; our $foreign_clients_tn = "foreign_clients"; my $foreign_clients_file_name; -my @foreign_clients_col_names = ("hostname", "macaddress", "regserver", "timestamp"); +my @foreign_clients_col_names = ("hostname VARCHAR(255)", "macaddress VARCHAR(17)", "regserver VARCHAR(255)", "timestamp VARCHAR(14)"); # holds all logged in user at each client our $login_users_db; our $login_users_tn = "login_users"; my $login_users_file_name; -my @login_users_col_names = ("client", "user", "timestamp"); +my @login_users_col_names = ("client VARCHAR(255)", "user VARCHAR(255)", "timestamp VARCHAR(14)"); # holds all fai server, the debian release and tag our $fai_server_db; our $fai_server_tn = "fai_server"; my $fai_server_file_name; -our @fai_server_col_names = ("timestamp", "server", "release", "sections", "tag"); +our @fai_server_col_names = ("timestamp VARCHAR(14)", "server VARCHAR(255)", "fai_release VARCHAR(255)", "sections VARCHAR(255)", "tag VARCHAR(255)"); our $fai_release_db; our $fai_release_tn = "fai_release"; my $fai_release_file_name; -our @fai_release_col_names = ("timestamp", "release", "class", "type", "state"); +our @fai_release_col_names = ("timestamp VARCHAR(14)", "fai_release VARCHAR(255)", "class VARCHAR(255)", "type VARCHAR(255)", "state VARCHAR(255)"); # holds all packages available from different repositories our $packages_list_db; our $packages_list_tn = "packages_list"; my $packages_list_file_name; -our @packages_list_col_names = ("distribution", "package", "version", "section", "description", "template", "timestamp"); +our @packages_list_col_names = ("distribution VARCHAR(255)", "package VARCHAR(255)", "version VARCHAR(255)", "section VARCHAR(255)", "description TEXT", "template LONGBLOB", "timestamp VARCHAR(14)"); my $outdir = "/tmp/packages_list_db"; my $arch = "i386"; # holds all messages which should be delivered to a user our $messaging_db; our $messaging_tn = "messaging"; -our @messaging_col_names = ("id INTEGER", "subject", "message_from", "message_to", - "flag", "direction", "delivery_time", "message", "timestamp" ); +our @messaging_col_names = ("id INTEGER", "subject TEXT", "message_from VARCHAR(255)", "message_to VARCHAR(255)", + "flag VARCHAR(255)", "direction VARCHAR(255)", "delivery_time VARCHAR(255)", "message TEXT", "timestamp VARCHAR(14)" ); my $messaging_file_name; # path to directory to store client install log files our $client_fai_log_dir = "/var/log/fai"; # queue which stores taskes until one of the $max_children children are ready to process the task -my @tasks = qw(); +#my @tasks = qw(); my @msgs_to_decrypt = qw(); my $max_children = 2; +# loop delay for job queue to look for opsi jobs +my $job_queue_opsi_delay = 10; +our $opsi_client; +our $opsi_url; + +# Lifetime of logged in user information. If no update information comes after n seconds, +# the user is expeceted to be no longer logged in or the host is no longer running. Because +# of this, the user is deleted from login_users_db +our $logged_in_user_date_of_expiry = 600; + + %cfg_defaults = ( "general" => { "log-file" => [\$log_file, "/var/run/".$prg.".log"], "pid-file" => [\$pid_file, "/var/run/".$prg.".pid"], }, -"bus" => { - "activ" => [\$bus_activ, "true"], - }, "server" => { - "port" => [\$server_port, "20081"], - "known-clients" => [\$known_clients_file_name, '/var/lib/gosa-si/clients.db' ], - "known-servers" => [\$known_server_file_name, '/var/lib/gosa-si/servers.db'], - "incoming" => [\$incoming_file_name, '/var/lib/gosa-si/incoming.db'], - "login-users" => [\$login_users_file_name, '/var/lib/gosa-si/users.db'], - "fai-server" => [\$fai_server_file_name, '/var/lib/gosa-si/fai_server.db'], - "fai-release" => [\$fai_release_file_name, '/var/lib/gosa-si/fai_release.db'], - "packages-list" => [\$packages_list_file_name, '/var/lib/gosa-si/packages.db'], - "messaging" => [\$messaging_file_name, '/var/lib/gosa-si/messaging.db'], - "foreign-clients" => [\$foreign_clients_file_name, '/var/lib/gosa-si/foreign_clients.db'], - "source-list" => [\$sources_list, '/etc/apt/sources.list'], - "repo-path" => [\$repo_path, '/srv/www/repository'], - "ldap-uri" => [\$ldap_uri, ""], - "ldap-base" => [\$ldap_base, ""], - "ldap-admin-dn" => [\$ldap_admin_dn, ""], - "ldap-admin-password" => [\$ldap_admin_password, ""], - "gosa-unit-tag" => [\$gosa_unit_tag, ""], - "max-clients" => [\$max_clients, 10], + "ip" => [\$server_ip, "0.0.0.0"], + "port" => [\$server_port, "20081"], + "known-clients" => [\$known_clients_file_name, '/var/lib/gosa-si/clients.db' ], + "known-servers" => [\$known_server_file_name, '/var/lib/gosa-si/servers.db'], + "incoming" => [\$incoming_file_name, '/var/lib/gosa-si/incoming.db'], + "login-users" => [\$login_users_file_name, '/var/lib/gosa-si/users.db'], + "fai-server" => [\$fai_server_file_name, '/var/lib/gosa-si/fai_server.db'], + "fai-release" => [\$fai_release_file_name, '/var/lib/gosa-si/fai_release.db'], + "packages-list" => [\$packages_list_file_name, '/var/lib/gosa-si/packages.db'], + "messaging" => [\$messaging_file_name, '/var/lib/gosa-si/messaging.db'], + "foreign-clients" => [\$foreign_clients_file_name, '/var/lib/gosa-si/foreign_clients.db'], + "source-list" => [\$sources_list, '/etc/apt/sources.list'], + "repo-path" => [\$repo_path, '/srv/www/repository'], + "ldap-uri" => [\$ldap_uri, ""], + "ldap-base" => [\$ldap_base, ""], + "ldap-admin-dn" => [\$ldap_admin_dn, ""], + "ldap-admin-password" => [\$ldap_admin_password, ""], + "gosa-unit-tag" => [\$gosa_unit_tag, ""], + "max-clients" => [\$max_clients, 10], + "wol-password" => [\$wake_on_lan_passwd, ""], + "mysql-username" => [\$mysql_username, "gosa_si"], + "mysql-password" => [\$mysql_password, ""], + "mysql-database" => [\$mysql_database, "gosa_si"], + "mysql-host" => [\$mysql_host, "127.0.0.1"], }, "GOsaPackages" => { - "ip" => [\$gosa_ip, "0.0.0.0"], - "port" => [\$gosa_port, "20082"], "job-queue" => [\$job_queue_file_name, '/var/lib/gosa-si/jobs.db'], "job-queue-loop-delay" => [\$job_queue_loop_delay, 3], "messaging-db-loop-delay" => [\$messaging_db_loop_delay, 3], "key" => [\$GosaPackages_key, "none"], + "new-systems-ou" => [\$new_systems_ou, 'ou=workstations,ou=systems'], }, "ClientPackages" => { "key" => [\$ClientPackages_key, "none"], + "user-date-of-expiry" => [\$logged_in_user_date_of_expiry, 600], }, "ServerPackages"=> { "address" => [\$foreign_server_string, ""], + "dns-lookup" => [\$dns_lookup, "true"], "domain" => [\$server_domain, ""], "key" => [\$ServerPackages_key, "none"], "key-lifetime" => [\$foreign_servers_register_delay, 120], -} + "job-synchronization-enabled" => [\$job_synchronization, "true"], + "synchronization-loop" => [\$modified_jobs_loop_delay, 5], + }, +"ArpHandler" => { + "enabled" => [\$arp_enabled, "true"], + "interface" => [\$arp_interface, "all"], + }, +"Opsi" => { + "enabled" => [\$opsi_enabled, "false"], + "server" => [\$opsi_server, "localhost"], + "admin" => [\$opsi_admin, "opsi-admin"], + "password" => [\$opsi_password, "secret"], + }, + ); @@ -268,7 +300,6 @@ usage: $prg [-hvf] [-c config] -c : config file -f : foreground, process will not be forked to background -v : be verbose (multiple to increase verbosity) - -no-bus : starts $prg without connection to bus -no-arp : starts $prg without connection to arp module EOF @@ -276,32 +307,6 @@ EOF } -#=== FUNCTION ================================================================ -# NAME: read_configfile -# PARAMETERS: cfg_file - string - -# RETURNS: nothing -# DESCRIPTION: read cfg_file and set variables -#=============================================================================== -sub read_configfile { - my $cfg; - if( defined( $cfg_file) && ( (-s $cfg_file) > 0 )) { - if( -r $cfg_file ) { - $cfg = Config::IniFiles->new( -file => $cfg_file ); - } else { - print STDERR "Couldn't read config file!\n"; - } - } else { - $cfg = Config::IniFiles->new() ; - } - foreach my $section (keys %cfg_defaults) { - foreach my $param (keys %{$cfg_defaults{ $section }}) { - my $pinfo = $cfg_defaults{ $section }{ $param }; - ${@$pinfo[ 0 ]} = $cfg->val( $section, $param, @$pinfo[ 1 ] ); - } - } -} - - #=== FUNCTION ================================================================ # NAME: logging # PARAMETERS: level - string - default 'info' @@ -317,13 +322,12 @@ sub daemon_log { if(not defined $level) { $level = 1 } if(defined $log_file){ open(LOG_HANDLE, ">>$log_file"); - chmod 0600, $log_file; if(not defined open( LOG_HANDLE, ">>$log_file" )) { print STDERR "cannot open $log_file: $!"; return } chomp($msg); - $msg =~s/\n//g; # no newlines are allowed in log messages, this is important for later log parsing + #$msg =~s/\n//g; # no newlines are allowed in log messages, this is important for later log parsing if($level <= $verbose){ my ($seconds, $minutes, $hours, $monthday, $month, $year, $weekday, $yearday, $sommertime) = localtime(time); @@ -443,34 +447,60 @@ sub import_modules { } my $mod_name = $1; + # ArpHandler switch if( $file =~ /ArpHandler.pm/ ) { - if( $no_arp > 0 ) { - next; - } + if( $arp_enabled eq "false" ) { next; } } eval { require $file; }; if ($@) { daemon_log("0 ERROR: gosa-si-server could not load module $file", 1); - daemon_log("$@", 5); + daemon_log("$@", 1); + exit; } else { my $info = eval($mod_name.'::get_module_info()'); # Only load module if get_module_info() returns a non-null object if( $info ) { - my ($input_address, $input_key, $input, $input_active, $input_type) = @{$info}; + my ($input_address, $input_key, $event_hash) = @{$info}; $known_modules->{$mod_name} = $info; daemon_log("0 INFO: module $mod_name loaded", 5); } } } + close (DIR); } +#=== FUNCTION ================================================================ +# NAME: password_check +# PARAMETERS: nothing +# RETURNS: nothing +# DESCRIPTION: escalates an critical error if two modules exist which are avaialable by +# the same password +#=============================================================================== +sub password_check { + my $passwd_hash = {}; + while (my ($mod_name, $mod_info) = each %$known_modules) { + my $mod_passwd = @$mod_info[1]; + if (not defined $mod_passwd) { next; } + if (not exists $passwd_hash->{$mod_passwd}) { + $passwd_hash->{$mod_passwd} = $mod_name; + + # escalates critical error + } else { + &daemon_log("0 ERROR: two loaded modules do have the same password. Please modify the 'key'-parameter in config file"); + &daemon_log("0 ERROR: module='$mod_name' and module='".$passwd_hash->{$mod_passwd}."'"); + exit( -1 ); + } + } + +} + #=== FUNCTION ================================================================ # NAME: sig_int_handler # PARAMETERS: signal - string - signal arose from system -# RETURNS: noting +# RETURNS: nothing # DESCRIPTION: handels tasks to be done befor signal becomes active #=============================================================================== sub sig_int_handler { @@ -527,7 +557,7 @@ sub check_key_and_xml_validity { } }; if($@) { - daemon_log("$session_id DEBUG: do not understand the message: $@", 7); + daemon_log("$session_id ERROR: do not understand the message: $@", 1); $msg = undef; $msg_hash = undef; } @@ -537,7 +567,7 @@ sub check_key_and_xml_validity { sub check_outgoing_xml_validity { - my ($msg) = @_; + my ($msg, $session_id) = @_; my $msg_hash; eval{ @@ -590,8 +620,8 @@ sub check_outgoing_xml_validity { } }; if($@) { - daemon_log("WARNING: outgoing msg is not gosa-si envelope conform", 5); - daemon_log("$@ ".(defined($msg) && length($msg)>0)?$msg:"Empty Message", 8); + daemon_log("$session_id ERROR: outgoing msg is not gosa-si envelope conform: $@", 1); + daemon_log("$@ ".(defined($msg) && length($msg)>0)?$msg:"Empty Message", 1); $msg_hash = undef; } @@ -676,42 +706,41 @@ sub input_from_known_client { sub input_from_unknown_host { - no strict "refs"; - my ($input, $session_id) = @_ ; - my ($msg, $msg_hash, $module); - my $error_string; - + no strict "refs"; + my ($input, $session_id) = @_ ; + my ($msg, $msg_hash, $module); + my $error_string; + my %act_modules = %$known_modules; - - while( my ($mod, $info) = each(%act_modules)) { - # check a key exists for this module - my $module_key = ${$mod."_key"}; - if( not defined $module_key ) { - if( $mod eq 'ArpHandler' ) { - next; - } - daemon_log("$session_id ERROR: no key specified in config file for $mod", 1); - next; - } - daemon_log("$session_id DEBUG: $mod: $module_key", 7); + while( my ($mod, $info) = each(%act_modules)) { - # check if module can open msg envelope with module key - ($msg, $msg_hash) = &check_key_and_xml_validity($input, $module_key, $session_id); - if( (not defined $msg) || (not defined $msg_hash) ) { - next; - } - else { - $module = $mod; - last; - } - } + # check a key exists for this module + my $module_key = ${$mod."_key"}; + if( not defined $module_key ) { + if( $mod eq 'ArpHandler' ) { + next; + } + daemon_log("$session_id ERROR: no key specified in config file for $mod", 1); + next; + } + daemon_log("$session_id DEBUG: $mod: $module_key", 7); - if( (!$msg) || (!$msg_hash) || (!$module)) { - daemon_log("$session_id DEBUG: Incoming message is not from an unknown host", 7); - } + # check if module can open msg envelope with module key + ($msg, $msg_hash) = &check_key_and_xml_validity($input, $module_key, $session_id); + if( (not defined $msg) || (not defined $msg_hash) ) { + next; + } else { + $module = $mod; + last; + } + } - return ($msg, $msg_hash, $module); + if( (!$msg) || (!$msg_hash) || (!$module)) { + daemon_log("$session_id DEBUG: Incoming message is not from an unknown host", 7); + } + + return ($msg, $msg_hash, $module); } @@ -819,78 +848,48 @@ sub open_socket { } -# moved to GosaSupportDaemon: 03-06-2008: rettenbe -#=== FUNCTION ================================================================ -# NAME: get_ip -# PARAMETERS: interface name (i.e. eth0) -# RETURNS: (ip address) -# DESCRIPTION: Uses ioctl to get ip address directly from system. -#=============================================================================== -#sub get_ip { -# my $ifreq= shift; -# my $result= ""; -# my $SIOCGIFADDR= 0x8915; # man 2 ioctl_list -# my $proto= getprotobyname('ip'); +#sub get_local_ip_for_remote_ip { +# my $remote_ip= shift; +# my $result="0.0.0.0"; +# +# if($remote_ip =~ /^(\d\d?\d?\.){3}\d\d?\d?$/) { +# if($remote_ip eq "127.0.0.1") { +# $result = "127.0.0.1"; +# } else { +# my $PROC_NET_ROUTE= ('/proc/net/route'); # -# socket SOCKET, PF_INET, SOCK_DGRAM, $proto -# or die "socket: $!"; +# open(PROC_NET_ROUTE, "<$PROC_NET_ROUTE") +# or die "Could not open $PROC_NET_ROUTE"; # -# if(ioctl SOCKET, $SIOCGIFADDR, $ifreq) { -# my ($if, $sin) = unpack 'a16 a16', $ifreq; -# my ($port, $addr) = sockaddr_in $sin; -# my $ip = inet_ntoa $addr; +# my @ifs = ; # -# if ($ip && length($ip) > 0) { -# $result = $ip; +# close(PROC_NET_ROUTE); +# +# # Eat header line +# shift @ifs; +# chomp @ifs; +# foreach my $line(@ifs) { +# my ($Iface,$Destination,$Gateway,$Flags,$RefCnt,$Use,$Metric,$Mask,$MTU,$Window,$IRTT)=split(/\s/, $line); +# my $destination; +# my $mask; +# my ($d,$c,$b,$a)=unpack('a2 a2 a2 a2', $Destination); +# $destination= sprintf("%d.%d.%d.%d", hex($a), hex($b), hex($c), hex($d)); +# ($d,$c,$b,$a)=unpack('a2 a2 a2 a2', $Mask); +# $mask= sprintf("%d.%d.%d.%d", hex($a), hex($b), hex($c), hex($d)); +# if(new NetAddr::IP($remote_ip)->within(new NetAddr::IP($destination, $mask))) { +# # destination matches route, save mac and exit +# $result= &get_ip($Iface); +# last; +# } +# } # } +# } else { +# daemon_log("0 WARNING: get_local_ip_for_remote_ip() was called with a non-ip parameter: '$remote_ip'", 1); # } -# # return $result; #} -sub get_local_ip_for_remote_ip { - my $remote_ip= shift; - my $result="0.0.0.0"; - - if($remote_ip =~ /^(\d\d?\d?\.){3}\d\d?\d?$/) { - if($remote_ip eq "127.0.0.1") { - $result = "127.0.0.1"; - } else { - my $PROC_NET_ROUTE= ('/proc/net/route'); - - open(PROC_NET_ROUTE, "<$PROC_NET_ROUTE") - or die "Could not open $PROC_NET_ROUTE"; - - my @ifs = ; - - close(PROC_NET_ROUTE); - - # Eat header line - shift @ifs; - chomp @ifs; - foreach my $line(@ifs) { - my ($Iface,$Destination,$Gateway,$Flags,$RefCnt,$Use,$Metric,$Mask,$MTU,$Window,$IRTT)=split(/\s/, $line); - my $destination; - my $mask; - my ($d,$c,$b,$a)=unpack('a2 a2 a2 a2', $Destination); - $destination= sprintf("%d.%d.%d.%d", hex($a), hex($b), hex($c), hex($d)); - ($d,$c,$b,$a)=unpack('a2 a2 a2 a2', $Mask); - $mask= sprintf("%d.%d.%d.%d", hex($a), hex($b), hex($c), hex($d)); - if(new NetAddr::IP($remote_ip)->within(new NetAddr::IP($destination, $mask))) { - # destination matches route, save mac and exit - $result= &get_ip($Iface); - last; - } - } - } - } else { - daemon_log("get_local_ip_for_remote_ip was called with a non-ip parameter: $remote_ip", 1); - } - return $result; -} - - sub send_msg_to_target { my ($msg, $address, $encrypt_key, $msg_header, $session_id) = @_ ; my $error = 0; @@ -918,7 +917,7 @@ sub send_msg_to_target { # opensocket my $socket = &open_socket($address); if( !$socket ) { - daemon_log("$session_id ERROR: cannot send ".$header."msg to $address , host not reachable", 1); + daemon_log("$session_id WARNING: cannot send ".$header."msg to $address , host not reachable", 3); $error++; } @@ -1018,199 +1017,264 @@ sub sig_handler { sub msg_to_decrypt { - my ($kernel, $session, $heap) = @_[KERNEL, SESSION, HEAP]; - my $session_id = $session->ID; - my ($msg, $msg_hash, $module); - my $error = 0; + my ($kernel, $session, $heap) = @_[KERNEL, SESSION, HEAP]; + my $session_id = $session->ID; + my ($msg, $msg_hash, $module); + my $error = 0; - # hole neue msg aus @msgs_to_decrypt - my $next_msg = shift @msgs_to_decrypt; - - # entschlüssle sie + # hole neue msg aus @msgs_to_decrypt + my $next_msg = shift @msgs_to_decrypt; - # msg is from a new client or gosa - ($msg, $msg_hash, $module) = &input_from_unknown_host($next_msg, $session_id); - # msg is from a gosa-si-server or gosa-si-bus - if(( !$msg ) || ( !$msg_hash ) || ( !$module )){ - ($msg, $msg_hash, $module) = &input_from_known_server($next_msg, $heap->{'remote_ip'}, $session_id); - } - # msg is from a gosa-si-client - if(( !$msg ) || ( !$msg_hash ) || ( !$module )){ - ($msg, $msg_hash, $module) = &input_from_known_client($next_msg, $heap->{'remote_ip'}, $session_id); - } - # an error occurred - if(( !$msg ) || ( !$msg_hash ) || ( !$module )){ - # if an incoming msg could not be decrypted (maybe a wrong key), send client a ping. If the client - # could not understand a msg from its server the client cause a re-registering process - daemon_log("$session_id INFO cannot understand incoming msg, send 'ping'-msg to all host with ip '".$heap->{remote_ip}. - "' to cause a re-registering of the client if necessary", 5); - my $sql_statement = "SELECT * FROM $main::known_clients_tn WHERE (hostname LIKE '".$heap->{'remote_ip'}."%')"; - my $query_res = $known_clients_db->select_dbentry( $sql_statement ); - while( my ($hit_num, $hit) = each %{ $query_res } ) { - my $host_name = $hit->{'hostname'}; - my $host_key = $hit->{'hostkey'}; - my $ping_msg = "
gosa_ping
$server_address $host_name"; - my $error = &send_msg_to_target($ping_msg, $host_name, $host_key, "gosa_ping", $session_id); - &update_jobdb_status_for_send_msgs($ping_msg, $error); - } - $error++; - } + # entschlüssle sie + + # msg is from a new client or gosa + ($msg, $msg_hash, $module) = &input_from_unknown_host($next_msg, $session_id); + # msg is from a gosa-si-server + if(( !$msg ) || ( !$msg_hash ) || ( !$module )){ + ($msg, $msg_hash, $module) = &input_from_known_server($next_msg, $heap->{'remote_ip'}, $session_id); + } + # msg is from a gosa-si-client + if(( !$msg ) || ( !$msg_hash ) || ( !$module )){ + ($msg, $msg_hash, $module) = &input_from_known_client($next_msg, $heap->{'remote_ip'}, $session_id); + } + # an error occurred + if(( !$msg ) || ( !$msg_hash ) || ( !$module )){ + # if an incoming msg could not be decrypted (maybe a wrong key), send client a ping. If the client + # could not understand a msg from its server the client cause a re-registering process + daemon_log("$session_id WARNING cannot understand incoming msg, send 'ping'-msg to all host with ip '".$heap->{remote_ip}. + "' to cause a re-registering of the client if necessary", 3); + my $sql_statement = "SELECT * FROM $main::known_clients_tn WHERE (hostname LIKE '".$heap->{'remote_ip'}."%')"; + my $query_res = $known_clients_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{'hostname'}; + my $host_key = $hit->{'hostkey'}; + my $ping_msg = "
gosa_ping
$server_address $host_name"; + my $error = &send_msg_to_target($ping_msg, $host_name, $host_key, "gosa_ping", $session_id); + &update_jobdb_status_for_send_msgs($ping_msg, $error); + } + $error++; + } - my $header; - my $target; - my $source; - my $done = 0; - my $sql; - my $res; - # check whether this message should be processed here - if ($error == 0) { - $header = @{$msg_hash->{'header'}}[0]; - $target = @{$msg_hash->{'target'}}[0]; - $source = @{$msg_hash->{'source'}}[0]; - my ($target_ip, $target_port) = split(':', $target); + my $header; + my $target; + my $source; + my $done = 0; + my $sql; + my $res; + + # check whether this message should be processed here + if ($error == 0) { + $header = @{$msg_hash->{'header'}}[0]; + $target = @{$msg_hash->{'target'}}[0]; + $source = @{$msg_hash->{'source'}}[0]; + my $not_found_in_known_clients_db = 0; + my $not_found_in_known_server_db = 0; + my $not_found_in_foreign_clients_db = 0; + my $local_address; + my $local_mac; + my ($target_ip, $target_port) = split(':', $target); + + # Determine the local ip address if target is an ip address if ($target =~ /^\d+\.\d+\.\d+\.\d+:\d+$/) { - my $server_address = &get_local_ip_for_remote_ip($target_ip).":$server_port"; + $local_address = &get_local_ip_for_remote_ip($target_ip).":$server_port"; + } else { + $local_address = $server_address; } - # target and source is equal to GOSA -> process here - if (not $done) { - if ($target eq "GOSA" && $source eq "GOSA") { - $done = 1; - } - } + # Determine the local mac address if target is a mac address + if ($target =~ /^([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})$/i) { + my $loc_ip = &get_local_ip_for_remote_ip($heap->{'remote_ip'}); + my $network_interface= &get_interface_for_ip($loc_ip); + $local_mac = &get_mac_for_interface($network_interface); + } else { + $local_mac = $server_mac_address; + } - # target is own address without forward_to_gosa-tag -> process here - if (not $done) { - if (($target eq $server_address) && (not exists $msg_hash->{'forward_to_gosa'})) { - $done = 1; - if ($source eq "GOSA") { - $msg =~ s/<\/xml>/$server_address,$session_id<\/forward_to_gosa><\/xml>/; - } - print STDERR "target is own address without forward_to_gosa-tag -> process here\n"; - } - } + # target and source is equal to GOSA -> process here + if (not $done) { + if ($target eq "GOSA" && $source eq "GOSA") { + $done = 1; + &daemon_log("$session_id DEBUG: target and source is 'GOSA' -> process here", 7); + } + } - # target is a client address in known_clients -> process here - if (not $done) { - $sql = "SELECT * FROM $known_clients_tn WHERE (hostname='$target' OR macaddress LIKE '$target')"; - $res = $known_clients_db->select_dbentry($sql); - if (keys(%$res) > 0) { - $done = 1; - my $hostname = $res->{1}->{'hostname'}; - $msg =~ s/$target<\/target>/$hostname<\/target>/; - print STDERR "target is a client address in known_clients -> process here\n"; - } - } + # target is own address without forward_to_gosa-tag -> process here + if (not $done) { + #if ((($target eq $local_address) || ($target eq $local_mac) ) && (not exists $msg_hash->{'forward_to_gosa'})) { + if (($target eq $local_address) && (not exists $msg_hash->{'forward_to_gosa'})) { + $done = 1; + if ($source eq "GOSA") { + $msg =~ s/<\/xml>/$local_address,$session_id<\/forward_to_gosa><\/xml>/; + } + &daemon_log("$session_id DEBUG: target is own address without forward_to_gosa-tag -> process here", 7); + } + } - # target ist own address with forward_to_gosa-tag not pointing to myself -> process here - if (not $done) { - my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0]; - my $gosa_at; - my $gosa_session_id; - if (($target eq $server_address) && (defined $forward_to_gosa)){ - my ($gosa_at, $gosa_session_id) = split(/,/, $forward_to_gosa); - if ($gosa_at ne $server_address) { - $done = 1; - print STDERR "target is own address with forward_to_gosa-tag not pointing to myself -> process here\n"; - } - } - } + # target is a client address in known_clients -> process here + if (not $done) { + $sql = "SELECT * FROM $known_clients_tn WHERE (hostname='$target' OR macaddress LIKE '$target')"; + $res = $known_clients_db->select_dbentry($sql); + if (keys(%$res) > 0) { + $done = 1; + my $hostname = $res->{1}->{'hostname'}; + $msg =~ s/$target<\/target>/$hostname<\/target>/; + my $local_address = &get_local_ip_for_remote_ip($target_ip).":$server_port"; + if ($source eq "GOSA") { + $msg =~ s/<\/xml>/$local_address,$session_id<\/forward_to_gosa><\/xml>/; + } + &daemon_log("$session_id DEBUG: target is a client address in known_clients -> process here", 7); - # if message should be processed here -> add message to incoming_db - if ($done) { + } else { + $not_found_in_known_clients_db = 1; + } + } - # if a job or a gosa message comes from a foreign server, fake module to GosaPackages - # so gosa-si-server knows how to process this kind of messages - if ($header =~ /^gosa_/ || $header =~ /job_/) { - $module = "GosaPackages"; - } + # target ist own address with forward_to_gosa-tag not pointing to myself -> process here + if (not $done) { + my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0]; + my $gosa_at; + my $gosa_session_id; + if (($target eq $local_address) && (defined $forward_to_gosa)){ + my ($gosa_at, $gosa_session_id) = split(/,/, $forward_to_gosa); + if ($gosa_at ne $local_address) { + $done = 1; + &daemon_log("$session_id DEBUG: target is own address with forward_to_gosa-tag not pointing to myself -> process here", 7); + } + } + } - my $res = $incoming_db->add_dbentry( {table=>$incoming_tn, - primkey=>[], - headertag=>$header, - targettag=>$target, - xmlmessage=>&encode_base64($msg), - timestamp=>&get_time, - module=>$module, - sessionid=>$session_id, - } ); + # if message should be processed here -> add message to incoming_db + if ($done) { + # if a job or a gosa message comes from a foreign server, fake module to GosaPackages + # so gosa-si-server knows how to process this kind of messages + if ($header =~ /^gosa_/ || $header =~ /^job_/) { + $module = "GosaPackages"; + } - } + my $res = $incoming_db->add_dbentry( {table=>$incoming_tn, + primkey=>[], + headertag=>$header, + targettag=>$target, + xmlmessage=>&encode_base64($msg), + timestamp=>&get_time, + module=>$module, + sessionid=>$session_id, + } ); - # target is own address with forward_to_gosa-tag pointing at myself -> forward to gosa - if (not $done) { - my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0]; - my $gosa_at; - my $gosa_session_id; - if (($target eq $server_address) && (defined $forward_to_gosa)){ - my ($gosa_at, $gosa_session_id) = split(/,/, $forward_to_gosa); - if ($gosa_at eq $server_address) { - my $session_reference = $kernel->ID_id_to_session($gosa_session_id); - if( defined $session_reference ) { - $heap = $session_reference->get_heap(); - } - if(exists $heap->{'client'}) { - $msg = &encrypt_msg($msg, $GosaPackages_key); - $heap->{'client'}->put($msg); - } - $done = 1; - print STDERR "target is own address with forward_to_gosa-tag pointing at myself -> forward to gosa\n"; - } - } + } - } + # target is own address with forward_to_gosa-tag pointing at myself -> forward to gosa + if (not $done) { + my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0]; + my $gosa_at; + my $gosa_session_id; + if (($target eq $local_address) && (defined $forward_to_gosa)){ + my ($gosa_at, $gosa_session_id) = split(/,/, $forward_to_gosa); + if ($gosa_at eq $local_address) { + my $session_reference = $kernel->ID_id_to_session($gosa_session_id); + if( defined $session_reference ) { + $heap = $session_reference->get_heap(); + } + if(exists $heap->{'client'}) { + $msg = &encrypt_msg($msg, $GosaPackages_key); + $heap->{'client'}->put($msg); + &daemon_log("$session_id INFO: incoming '$header' message forwarded to GOsa", 5); + } + $done = 1; + &daemon_log("$session_id DEBUG: target is own address with forward_to_gosa-tag pointing at myself -> forward to gosa", 7); + } + } - # target is a client address in foreign_clients -> forward to registration server - if (not $done) { - $sql = "SELECT * FROM $foreign_clients_tn WHERE (hostname='$target' OR macaddress LIKE '$target')"; - $res = $foreign_clients_db->select_dbentry($sql); - if (keys(%$res) > 0) { - my $hostname = $res->{1}->{'hostname'}; - my $regserver = $res->{1}->{'regserver'}; - my $sql = "SELECT * FROM $known_server_tn WHERE hostname='$regserver'"; - my $res = $known_server_db->select_dbentry($sql); - if (keys(%$res) > 0) { - my $regserver_key = $res->{1}->{'hostkey'}; - $msg =~ s/GOSA<\/source>/$server_address<\/source>/; - $msg =~ s/$target<\/target>/$hostname<\/target>/; - if ($source eq "GOSA") { - $msg =~ s/<\/xml>/$server_address,$session_id<\/forward_to_gosa><\/xml>/; - } - &send_msg_to_target($msg, $regserver, $regserver_key, $header, $session_id); - } - $done = 1; - print STDERR "target is a client address in foreign_clients -> forward to registration server\n"; - } - } + } - # target is a server address -> forward to server - if (not $done) { - $sql = "SELECT * FROM $known_server_tn WHERE hostname='$target'"; - $res = $known_server_db->select_dbentry($sql); - if (keys(%$res) > 0) { - my $hostkey = $res->{1}->{'hostkey'}; + # target is a client address in foreign_clients -> forward to registration server + if (not $done) { + $sql = "SELECT * FROM $foreign_clients_tn WHERE (hostname='$target' OR macaddress LIKE '$target')"; + $res = $foreign_clients_db->select_dbentry($sql); + if (keys(%$res) > 0) { + my $hostname = $res->{1}->{'hostname'}; + my ($host_ip, $host_port) = split(/:/, $hostname); + my $local_address = &get_local_ip_for_remote_ip($host_ip).":$server_port"; + my $regserver = $res->{1}->{'regserver'}; + my $sql = "SELECT * FROM $known_server_tn WHERE hostname='$regserver'"; + my $res = $known_server_db->select_dbentry($sql); + if (keys(%$res) > 0) { + my $regserver_key = $res->{1}->{'hostkey'}; + $msg =~ s/GOSA<\/source>/$local_address<\/source>/; + $msg =~ s/$target<\/target>/$hostname<\/target>/; + if ($source eq "GOSA") { + $msg =~ s/<\/xml>/$local_address,$session_id<\/forward_to_gosa><\/xml>/; + } + &send_msg_to_target($msg, $regserver, $regserver_key, $header, $session_id); + } + $done = 1; + &daemon_log("$session_id DEBUG: target is a client address in foreign_clients -> forward to registration server", 7); + } else { + $not_found_in_foreign_clients_db = 1; + } + } - if ($source eq "GOSA") { - $msg =~ s/GOSA<\/source>/$server_address<\/source>/; - $msg =~ s/<\/xml>/$server_address,$session_id<\/forward_to_gosa><\/xml>/; + # target is a server address -> forward to server + if (not $done) { + $sql = "SELECT * FROM $known_server_tn WHERE (hostname='$target' OR macaddress LIKE '$target')"; + $res = $known_server_db->select_dbentry($sql); + if (keys(%$res) > 0) { + my $hostkey = $res->{1}->{'hostkey'}; - } + if ($source eq "GOSA") { + $msg =~ s/GOSA<\/source>/$local_address<\/source>/; + $msg =~ s/<\/xml>/$local_address,$session_id<\/forward_to_gosa><\/xml>/; - &send_msg_to_target($msg, $target, $hostkey, $header, $session_id); - $done = 1; - print STDERR "target is a server address -> forward to server\n"; - } + } + &send_msg_to_target($msg, $target, $hostkey, $header, $session_id); + $done = 1; + &daemon_log("$session_id DEBUG: target is a server address -> forward to server", 7); + } else { + $not_found_in_known_server_db = 1; + } + } - } - if (not $done) { - daemon_log("$session_id ERROR: do not know what to do with this message: $msg", 1); - } - } + # target is not in foreign_clients_db, known_server_db or known_clients_db, maybe it is a complete new one -> process here + if ( $not_found_in_foreign_clients_db + && $not_found_in_known_server_db + && $not_found_in_known_clients_db) { + my $res = $incoming_db->add_dbentry( {table=>$incoming_tn, + primkey=>[], + headertag=>$header, + targettag=>$target, + xmlmessage=>&encode_base64($msg), + timestamp=>&get_time, + module=>$module, + sessionid=>$session_id, + } ); + $done = 1; + &daemon_log("$session_id DEBUG: target is not in foreign_clients_db, known_server_db or known_clients_db, maybe it is a complete new one -> process here", 7); + } - return; + + if (not $done) { + daemon_log("$session_id ERROR: do not know what to do with this message: $msg", 1); + if ($source eq "GOSA") { + my %data = ('error_msg' => &encode_base64($msg), 'error_string' => "Do not know what to do with this message!"); + my $error_msg = &build_msg("error", $local_address, "GOSA", \%data ); + + my $session_reference = $kernel->ID_id_to_session($session_id); + if( defined $session_reference ) { + $heap = $session_reference->get_heap(); + } + if(exists $heap->{'client'}) { + $error_msg = &encrypt_msg($error_msg, $GosaPackages_key); + $heap->{'client'}->put($error_msg); + } + } + } + + } + + return; } @@ -1257,6 +1321,7 @@ sub handle_task_done { sub process_task { no strict "refs"; + #CHECK: Not @_[...]? my ($session, $heap, $task) = @_; my $error = 0; my $answer_l; @@ -1270,7 +1335,11 @@ sub process_task { my $module = $task->{'module'}; my $header = $task->{'headertag'}; my $session_id = $task->{'sessionid'}; - my $msg_hash = $xml->XMLin($msg, ForceArray=>1); + my $msg_hash; + eval { + $msg_hash = $xml->XMLin($msg, ForceArray=>1); + }; + daemon_log("ERROR: XML failure '$@'") if ($@); my $source = @{$msg_hash->{'source'}}[0]; # set timestamp of incoming client uptodate, so client will not @@ -1291,9 +1360,9 @@ sub process_task { while ($answer_str =~ /
(\w+)<\/header>/g) { daemon_log("$session_id INFO: got answer message with header '$1'", 5); } - daemon_log("$session_id DEBUG: $module: got answer from module: \n".$answer_str,8); + daemon_log("$session_id DEBUG: $module: got answer from module: \n".$answer_str,9); } else { - daemon_log("$session_id DEBUG: $module: got no answer from module!" ,8); + daemon_log("$session_id DEBUG: $module: got no answer from module!" ,7); } } @@ -1305,7 +1374,7 @@ sub process_task { foreach my $answer ( @{$answer_l} ) { # check outgoing msg to xml validity - my $answer_hash = &check_outgoing_xml_validity($answer); + my $answer_hash = &check_outgoing_xml_validity($answer, $session_id); if( not defined $answer_hash ) { next; } $answer_header = @{$answer_hash->{'header'}}[0]; @@ -1363,9 +1432,9 @@ sub process_task { &update_jobdb_status_for_send_msgs($answer, $error); } - # target of msg is a mac address + # Target of msg is a mac address elsif( $answer_target =~ /^([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})$/i ) { - daemon_log("$session_id INFO: target is mac address '$answer_target', looking for host in known_clients", 5); + daemon_log("$session_id INFO: target is mac address '$answer_target', looking for host in known_clients and foreign_clients", 5); my $sql_statement = "SELECT * FROM known_clients WHERE macaddress LIKE '$answer_target'"; my $query_res = $known_clients_db->select_dbentry( $sql_statement ); my $found_ip_flag = 0; @@ -1378,47 +1447,46 @@ sub process_task { &update_jobdb_status_for_send_msgs($answer, $error); $found_ip_flag++ ; } - if( $found_ip_flag == 0) { - daemon_log("$session_id WARNING: no host found in known_clients with mac address '$answer_target'", 3); - if( $bus_activ eq "true" ) { - daemon_log("$session_id INFO: try to forward msg '$answer_header' to bus '$bus_address'", 5); - my $sql_statement = "SELECT * FROM known_server WHERE hostname='$bus_address'"; - my $query_res = $known_server_db->select_dbentry( $sql_statement ); - while( my ($hit_num, $hit) = each %{ $query_res } ) { - my $bus_address = $hit->{hostname}; - my $bus_key = $hit->{hostkey}; - my $error = &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header, $session_id); + if ($found_ip_flag == 0) { + my $sql = "SELECT * FROM $foreign_clients_tn WHERE macaddress LIKE '$answer_target'"; + my $res = $foreign_clients_db->select_dbentry($sql); + while( my ($hit_num, $hit) = each %{ $res } ) { + my $host_name = $hit->{hostname}; + my $reg_server = $hit->{regserver}; + daemon_log("$session_id INFO: found host '$host_name' with mac '$answer_target', registered at '$reg_server'", 5); + + # Fetch key for reg_server + my $reg_server_key; + my $sql = "SELECT * FROM $known_server_tn WHERE hostname='$reg_server'"; + my $res = $known_server_db->select_dbentry($sql); + if (exists $res->{1}) { + $reg_server_key = $res->{1}->{'hostkey'}; + } else { + daemon_log("$session_id ERROR: cannot find hostkey for '$host_name' in '$known_server_tn'", 1); + daemon_log("$session_id ERROR: unable to forward answer to correct registration server, processing is aborted!", 1); + $reg_server_key = undef; + } + + # Send answer to server where client is registered + if (defined $reg_server_key) { + $answer =~ s/$answer_target/$host_name/g; + my $error = &send_msg_to_target($answer, $reg_server, $reg_server_key, $answer_header, $session_id); &update_jobdb_status_for_send_msgs($answer, $error); - last; + $found_ip_flag++ ; } } - + } + if( $found_ip_flag == 0) { + daemon_log("$session_id WARNING: no host found in known_clients with mac address '$answer_target'", 3); } - # answer is for one specific host + # Answer is for one specific host } else { # get encrypt_key my $encrypt_key = &get_encrypt_key($answer_target); if( not defined $encrypt_key ) { - # unknown target, forward msg to bus + # unknown target daemon_log("$session_id WARNING: unknown target '$answer_target'", 3); - if( $bus_activ eq "true" ) { - daemon_log("$session_id INFO: try to forward msg '$answer_header' to bus '$bus_address'", 5); - my $sql_statement = "SELECT * FROM known_server WHERE hostname='$bus_address'"; - my $query_res = $known_server_db->select_dbentry( $sql_statement ); - my $res_length = keys( %{$query_res} ); - if( $res_length == 0 ){ - daemon_log("$session_id WARNING: send '$answer_header' to '$bus_address' failed, ". - "no bus found in known_server", 3); - } - else { - while( my ($hit_num, $hit) = each %{ $query_res } ) { - my $bus_key = $hit->{hostkey}; - my $error = &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header,$session_id ); - &update_jobdb_status_for_send_msgs($answer, $error); - } - } - } next; } my $error = &send_msg_to_target($answer, $answer_target, $encrypt_key, $answer_header,$session_id); @@ -1442,38 +1510,34 @@ sub process_task { sub session_start { my ($kernel) = $_[KERNEL]; - &trigger_db_loop($kernel); $global_kernel = $kernel; $kernel->yield('register_at_foreign_servers'); $kernel->yield('create_fai_server_db', $fai_server_tn ); $kernel->yield('create_fai_release_db', $fai_release_tn ); $kernel->yield('watch_for_next_tasks'); $kernel->sig(USR1 => "sig_handler"); - $kernel->sig(USR2 => "create_packages_list_db"); + $kernel->sig(USR2 => "recreate_packages_db"); $kernel->delay_set('watch_for_new_jobs', $job_queue_loop_delay); $kernel->delay_set('watch_for_done_jobs', $job_queue_loop_delay); + $kernel->delay_set('watch_for_modified_jobs', $modified_jobs_loop_delay); $kernel->delay_set('watch_for_new_messages', $messaging_db_loop_delay); $kernel->delay_set('watch_for_delivery_messages', $messaging_db_loop_delay); $kernel->delay_set('watch_for_done_messages', $messaging_db_loop_delay); $kernel->delay_set('watch_for_old_known_clients', $job_queue_loop_delay); -} + # Start opsi check + if ($opsi_enabled eq "true") { + $kernel->delay_set('watch_for_opsi_jobs', $job_queue_opsi_delay); + } -sub trigger_db_loop { - my ($kernel) = @_ ; -# $kernel->delay_set('watch_for_new_jobs', $job_queue_loop_delay); -# $kernel->delay_set('watch_for_done_jobs', $job_queue_loop_delay); -# $kernel->delay_set('watch_for_new_messages', $messaging_db_loop_delay); -# $kernel->delay_set('watch_for_delivery_messages', $messaging_db_loop_delay); -# $kernel->delay_set('watch_for_done_messages', $messaging_db_loop_delay); -# $kernel->delay_set('watch_for_old_known_clients', $job_queue_loop_delay); } sub watch_for_done_jobs { + #CHECK: $heap for what? my ($kernel,$heap) = @_[KERNEL, HEAP]; - my $sql_statement = "SELECT * FROM ".$job_queue_tn." WHERE status='done'"; + my $sql_statement = "SELECT * FROM ".$job_queue_tn." WHERE ((status='done') AND (modified='0'))"; my $res = $job_db->select_dbentry( $sql_statement ); while( my ($id, $hit) = each %{$res} ) { @@ -1486,14 +1550,144 @@ sub watch_for_done_jobs { } +sub watch_for_opsi_jobs { + my ($kernel) = $_[KERNEL]; + + # This is not very nice to look for opsi install jobs, but headertag has to be trigger_action_reinstall. The only way to identify a + # opsi install job is to parse the xml message. There is still the correct header. + my $sql_statement = "SELECT * FROM ".$job_queue_tn." WHERE ((xmlmessage LIKE '%opsi_install_client
%') AND (status='processing') AND (siserver='localhost'))"; + my $res = $job_db->select_dbentry( $sql_statement ); + + # Ask OPSI for an update of the running jobs + while (my ($id, $hit) = each %$res ) { + # Determine current parameters of the job + my $hostId = $hit->{'plainname'}; + my $macaddress = $hit->{'macaddress'}; + my $progress = $hit->{'progress'}; + + my $result= {}; + + # For hosts, only return the products that are or get installed + my $callobj; + $callobj = { + method => 'getProductStates_hash', + params => [ $hostId ], + id => 1, + }; + + my $hres = $opsi_client->call($opsi_url, $callobj); + #my ($hres_err, $hres_err_string) = &check_opsi_res($hres); + if (not &check_opsi_res($hres)) { + my $htmp= $hres->result->{$hostId}; + + # Check state != not_installed or action == setup -> load and add + my $products= 0; + my $installed= 0; + my $installing = 0; + my $error= 0; + my @installed_list; + my @error_list; + my $act_status = "none"; + foreach my $product (@{$htmp}){ + + if ($product->{'installationStatus'} ne "not_installed" or + $product->{'actionRequest'} eq "setup"){ + + # Increase number of products for this host + $products++; + + if ($product->{'installationStatus'} eq "failed"){ + $result->{$product->{'productId'}}= "error"; + unshift(@error_list, $product->{'productId'}); + $error++; + } + if ($product->{'installationStatus'} eq "installed" && $product->{'actionRequest'} eq "none"){ + $result->{$product->{'productId'}}= "installed"; + unshift(@installed_list, $product->{'productId'}); + $installed++; + } + if ($product->{'installationStatus'} eq "installing"){ + $result->{$product->{'productId'}}= "installing"; + $installing++; + $act_status = "installing - ".$product->{'productId'}; + } + } + } + + # Estimate "rough" progress, avoid division by zero + if ($products == 0) { + $result->{'progress'}= 0; + } else { + $result->{'progress'}= int($installed * 100 / $products); + } + + # Set updates in job queue + if ((not $error) && (not $installing) && ($installed)) { + $act_status = "installed - ".join(", ", @installed_list); + } + if ($error) { + $act_status = "error - ".join(", ", @error_list); + } + if ($progress ne $result->{'progress'} ) { + # Updating progress and result + my $update_statement = "UPDATE $job_queue_tn SET modified='1', progress='".$result->{'progress'}."', result='$act_status' WHERE macaddress='$macaddress' AND siserver='localhost'"; + my $update_res = $job_db->update_dbentry($update_statement); + } + if ($progress eq 100) { + # Updateing status + my $done_statement = "UPDATE $job_queue_tn SET modified='1', "; + if ($error) { + $done_statement .= "status='error'"; + } else { + $done_statement .= "status='done'"; + } + $done_statement .= " WHERE macaddress='$macaddress' AND siserver='localhost'"; + my $done_res = $job_db->update_dbentry($done_statement); + } + + + } + } + + $kernel->delay_set('watch_for_opsi_jobs', $job_queue_opsi_delay); +} + + +# If a job got an update or was modified anyway, send to all other si-server an update message of this jobs. +sub watch_for_modified_jobs { + my ($kernel,$heap) = @_[KERNEL, HEAP]; + + my $sql_statement = "SELECT * FROM $job_queue_tn WHERE ((siserver='localhost') AND (modified='1'))"; + my $res = $job_db->select_dbentry( $sql_statement ); + + # if db contains no jobs which should be update, do nothing + if (keys %$res != 0) { + + if ($job_synchronization eq "true") { + # make out of the db result a gosa-si message + my $update_msg = &db_res2si_msg ($res, "foreign_job_updates", "KNOWN_SERVER", "MY_LOCAL_ADDRESS"); + + # update all other SI-server + &inform_all_other_si_server($update_msg); + } + + # set jobs all jobs to modified = 0, wait until the next modification for updates of other si-server + $sql_statement = "UPDATE $job_queue_tn SET modified='0' "; + $res = $job_db->update_dbentry($sql_statement); + } + + $kernel->delay_set('watch_for_modified_jobs', $modified_jobs_loop_delay); +} + + sub watch_for_new_jobs { if($watch_for_new_jobs_in_progress == 0) { $watch_for_new_jobs_in_progress = 1; my ($kernel,$heap) = @_[KERNEL, HEAP]; - # check gosa job queue for jobs with executable timestamp + # check gosa job quaeue for jobs with executable timestamp my $timestamp = &get_time(); - my $sql_statement = "SELECT * FROM $job_queue_tn WHERE status='waiting' AND (CAST (timestamp AS INTEGER)) < $timestamp ORDER BY timestamp"; + my $sql_statement = "SELECT * FROM $job_queue_tn WHERE status='waiting' AND (CAST(timestamp AS UNSIGNED)) < $timestamp ORDER BY timestamp"; my $res = $job_db->exec_statement( $sql_statement ); # Merge all new jobs that would do the same actions @@ -1540,6 +1734,17 @@ sub watch_for_new_jobs { # Skip new jobs for host if there is a processing job if(defined($res) and defined @{$res}[0]) { + # Prevent race condition if there is a trigger_activate job waiting and a goto-activation job processing + my $row = @{$res}[0] if (ref $res eq 'ARRAY'); + if(@{$row}[5] eq 'trigger_action_reinstall') { + my $sql_statement_2 = "SELECT * FROM $job_queue_tn WHERE macaddress LIKE '$macaddress' AND status='waiting' AND headertag = 'trigger_activate_new'"; + my $res_2 = $job_db->exec_statement( $sql_statement_2 ); + if(defined($res_2) and defined @{$res_2}[0]) { + # Set status from goto-activation to 'waiting' and update timestamp + $job_db->exec_statement("UPDATE $job_queue_tn SET status='waiting' WHERE macaddress LIKE '$macaddress' AND headertag = 'trigger_action_reinstall'"); + $job_db->exec_statement("UPDATE $job_queue_tn SET timestamp='".&get_time(30)."' WHERE macaddress LIKE '$macaddress' AND headertag = 'trigger_action_reinstall'"); + } + } next; } @@ -1588,7 +1793,7 @@ sub watch_for_new_messages { # check messaging_db for new incoming messages with executable timestamp my $timestamp = &get_time(); - my $sql_statement = "SELECT * FROM $messaging_tn WHERE ( (CAST(timestamp AS INTEGER))<$timestamp AND flag='n' AND direction='in' )"; + my $sql_statement = "SELECT * FROM $messaging_tn WHERE ( (CAST(timestamp AS UNSIGNED))<$timestamp AND flag='n' AND direction='in' )"; my $res = $messaging_db->exec_statement( $sql_statement ); foreach my $hit (@{$res}) { @@ -1695,32 +1900,75 @@ sub watch_for_delivery_messages { my $send_succeed = 0; foreach my $hit (@$res) { my $receiver_host = @$hit[0]; + my $delivered2host = 0; &daemon_log("M DEBUG: user '$receiver' is logged in at host '$receiver_host'", 7); - # fetch key to encrypt msg propperly for usr/host + # Looking for host in know_clients_db my $sql = "SELECT * FROM $known_clients_tn WHERE (hostname='$receiver_host')"; - &daemon_log("0 DEBUG: $sql", 7); - my $res = $known_clients_db->select_dbentry($sql); - - # host is already down - if (not ref(@$res[0]) eq "ARRAY") { next; } - - # host is on - my $receiver_key = @{@{$res}[0]}[2]; - my %data = ('subject' => $subject, 'message' => $message, 'usr' => $receiver); - my $out_msg = &build_msg("usr_msg", $server_address, $receiver_host, \%data ); - my $error = &send_msg_to_target($out_msg, $receiver_host, $receiver_key, "usr_msg", 0); - if ($error == 0 ) { - $send_succeed++ ; - } + my $res = $known_clients_db->exec_statement($sql); + + # Host is known in known_clients_db + if (ref(@$res[0]) eq "ARRAY") { + my $receiver_key = @{@{$res}[0]}[2]; + my %data = ('subject' => $subject, 'message' => $message, 'usr' => $receiver); + my $out_msg = &build_msg("usr_msg", $server_address, $receiver_host, \%data ); + my $error = &send_msg_to_target($out_msg, $receiver_host, $receiver_key, "usr_msg", 0); + if ($error == 0 ) { + $send_succeed++ ; + $delivered2host++ ; + &daemon_log("M DEBUG: send message for user '$receiver' to host '$receiver_host'", 7); + } else { + &daemon_log("M DEBUG: cannot send message for user '$receiver' to host '$receiver_host'", 7); + } + } + + # Message already send, do not need to do anything more, otherwise ... + if ($delivered2host) { next;} + + # ...looking for host in foreign_clients_db + $sql = "SELECT * FROM $foreign_clients_tn WHERE (hostname='$receiver_host')"; + $res = $foreign_clients_db->exec_statement($sql); + + # Host is known in foreign_clients_db + if (ref(@$res[0]) eq "ARRAY") { + my $registration_server = @{@{$res}[0]}[2]; + + # Fetch encryption key for registration server + my $sql = "SELECT * FROM $known_server_tn WHERE (hostname='$registration_server')"; + my $res = $known_server_db->exec_statement($sql); + if (ref(@$res[0]) eq "ARRAY") { + my $registration_server_key = @{@{$res}[0]}[3]; + my %data = ('subject' => $subject, 'message' => $message, 'usr' => $receiver); + my $out_msg = &build_msg("usr_msg", $server_address, $receiver_host, \%data ); + my $error = &send_msg_to_target($out_msg, $registration_server, $registration_server_key, "usr_msg", 0); + if ($error == 0 ) { + $send_succeed++ ; + $delivered2host++ ; + &daemon_log("M DEBUG: send message for user '$receiver' to server '$registration_server'", 7); + } else { + &daemon_log("M ERROR: cannot send message for user '$receiver' to server '$registration_server'", 1); + } + + } else { + &daemon_log("M ERROR: host '$receiver_host' is reported to be ". + "registrated at server '$registration_server', ". + "but no data available in known_server_db ", 1); + } + } + + if (not $delivered2host) { + &daemon_log("M ERROR: unable to send user message to host '$receiver_host'", 1); + } } if ($send_succeed) { # set outgoing msg at db to deliverd my $sql = "UPDATE $messaging_tn SET flag='d' WHERE (id='$msg_id' AND direction='out' AND message_to='$receiver')"; - &daemon_log("0 DEBUG: $sql", 7); my $res = $messaging_db->exec_statement($sql); - } + &daemon_log("M INFO: send message for user '$receiver' to logged in hosts", 5); + } else { + &daemon_log("M WARNING: failed to deliver message for user '$receiver'", 3); + } } $kernel->delay_set('watch_for_delivery_messages', $messaging_db_loop_delay); @@ -1776,7 +2024,7 @@ sub watch_for_old_known_clients { ); $dt->add( seconds => 2 * int($hit->{'keylifetime'}) ); - $expired_timestamp = $dt->ymd('').$dt->hms('')."\n"; + $expired_timestamp = $dt->ymd('').$dt->hms(''); if ($act_time > $expired_timestamp) { my $hostname = $hit->{'hostname'}; my $del_sql = "DELETE FROM $known_clients_tn WHERE hostname='$hostname'"; @@ -1825,7 +2073,11 @@ sub get_ldap_handle { if ($session_id == 0) { daemon_log("$session_id DEBUG: get_ldap_handle invoked without a session_id, create a new ldap_handle", 7); $ldap_handle = Net::LDAP->new( $ldap_uri ); - $ldap_handle->bind($ldap_admin_dn, password => $ldap_admin_password); + if (defined $ldap_handle) { + $ldap_handle->bind($ldap_admin_dn, password => $ldap_admin_password) or daemon_log("$session_id ERROR: Bind to LDAP $ldap_uri as $ldap_admin_dn failed!"); + } else { + daemon_log("$session_id ERROR: creation of a new LDAP handle failed (ldap_uri '$ldap_uri')"); + } } else { my $session_reference = $global_kernel->ID_id_to_session($session_id); @@ -1842,7 +2094,7 @@ sub get_ldap_handle { # used handle is still valid - or if we've to reconnect... #if (not exists $heap->{ldap_handle}) { $ldap_handle = Net::LDAP->new( $ldap_uri ); - $ldap_handle->bind($ldap_admin_dn, password => $ldap_admin_password); + $ldap_handle->bind($ldap_admin_dn, password => $ldap_admin_password) or daemon_log("$session_id ERROR: Bind to LDAP $ldap_uri as $ldap_admin_dn failed!"); $heap->{ldap_handle} = $ldap_handle; #} } @@ -1995,13 +2247,23 @@ sub change_goto_state { } } } else { - daemon_log("$session_id ERROR: LDAP search failed: ldap_base=$ldap_base, filter=$search", 1); + daemon_log("$session_id ERROR: LDAP search failed in function change_goto_state: ldap_base=$ldap_base, filter=$search", 1); } } } +sub run_recreate_packages_db { + my ($kernel, $session, $heap) = @_[KERNEL, SESSION, HEAP]; + my $session_id = $session->ID; + &main::daemon_log("$session_id INFO: Recreating FAI Packages DB ('$fai_release_tn', '$fai_server_tn', '$packages_list_tn')", 5); + $kernel->yield('create_fai_release_db', $fai_release_tn); + $kernel->yield('create_fai_server_db', $fai_server_tn); + return; +} + + sub run_create_fai_server_db { my ($kernel, $session, $heap, $table_name) = @_[KERNEL, SESSION, HEAP, ARG0]; my $session_id = $session->ID; @@ -2018,11 +2280,11 @@ sub run_create_fai_server_db { sub create_fai_server_db { - my ($table_name, $kernel, $dont_create_packages_list, $session_id) = @_; + my ($table_name, $kernel, $dont_create_packages_list, $session_id) = @_; my $result; if (not defined $session_id) { $session_id = 0; } - my $ldap_handle = &get_ldap_handle(); + my $ldap_handle = &get_ldap_handle(); if(defined($ldap_handle)) { daemon_log("$session_id INFO: create_fai_server_db: start", 5); my $mesg= $ldap_handle->search( @@ -2032,25 +2294,25 @@ sub create_fai_server_db { filter => "(&(FAIrepository=*)(objectClass=FAIrepositoryServer))", ); if($mesg->{'resultCode'} == 0 && - $mesg->count != 0) { - foreach my $entry (@{$mesg->{entries}}) { - if($entry->exists('FAIrepository')) { - # Add an entry for each Repository configured for server - foreach my $repo(@{$entry->get_value('FAIrepository', asref => 1)}) { - my($tmp_url,$tmp_server,$tmp_release,$tmp_sections) = split(/\|/, $repo); - my $tmp_tag= $entry->get_value('gosaUnitTag') || ""; - $result= $fai_server_db->add_dbentry( { - table => $table_name, - primkey => ['server', 'release', 'tag'], - server => $tmp_url, - release => $tmp_release, - sections => $tmp_sections, - tag => (length($tmp_tag)>0)?$tmp_tag:"", - } ); - } - } - } - } + $mesg->count != 0) { + foreach my $entry (@{$mesg->{entries}}) { + if($entry->exists('FAIrepository')) { + # Add an entry for each Repository configured for server + foreach my $repo(@{$entry->get_value('FAIrepository', asref => 1)}) { + my($tmp_url,$tmp_server,$tmp_release,$tmp_sections) = split(/\|/, $repo); + my $tmp_tag= $entry->get_value('gosaUnitTag') || ""; + $result= $fai_server_db->add_dbentry( { + table => $table_name, + primkey => ['server', 'fai_release', 'tag'], + server => $tmp_url, + fai_release => $tmp_release, + sections => $tmp_sections, + tag => (length($tmp_tag)>0)?$tmp_tag:"", + } ); + } + } + } + } daemon_log("$session_id INFO: create_fai_server_db: finished", 5); # TODO: Find a way to post the 'create_packages_list_db' event @@ -2058,24 +2320,24 @@ sub create_fai_server_db { &create_packages_list_db(undef, undef, $session_id); } } - - $ldap_handle->disconnect; - return $result; + + $ldap_handle->disconnect; + return $result; } sub run_create_fai_release_db { - my ($session, $heap, $table_name) = @_[SESSION, HEAP, ARG0]; + my ($session, $heap, $table_name) = @_[SESSION, HEAP, ARG0]; my $session_id = $session->ID; - my $task = POE::Wheel::Run->new( - Program => sub { &create_fai_release_db($table_name, $session_id) }, - StdoutEvent => "session_run_result", - StderrEvent => "session_run_debug", - CloseEvent => "session_run_done", - ); + my $task = POE::Wheel::Run->new( + Program => sub { &create_fai_release_db($table_name, $session_id) }, + StdoutEvent => "session_run_result", + StderrEvent => "session_run_debug", + CloseEvent => "session_run_done", + ); - $heap->{task}->{ $task->ID } = $task; - return; + $heap->{task}->{ $task->ID } = $task; + return; } @@ -2083,10 +2345,10 @@ sub create_fai_release_db { my ($table_name, $session_id) = @_; my $result; - # used for logging - if (not defined $session_id) { $session_id = 0; } + # used for logging + if (not defined $session_id) { $session_id = 0; } - my $ldap_handle = &get_ldap_handle(); + my $ldap_handle = &get_ldap_handle(); if(defined($ldap_handle)) { daemon_log("$session_id INFO: create_fai_release_db: start",5); my $mesg= $ldap_handle->search( @@ -2109,7 +2371,7 @@ sub create_fai_release_db { if(defined($entry) && ref($entry) eq 'HASH') { my $sql= "INSERT INTO $table_name " - ."(timestamp, release, class, type, state) VALUES (" + ."(timestamp, fai_release, class, type, state) VALUES (" .$timestamp."," ."'".$entry->{'release'}."'," ."'".$entry->{'class'}."'," @@ -2124,7 +2386,6 @@ sub create_fai_release_db { daemon_log("$session_id DEBUG: Inserting ".scalar @sql_list." entries to DB",8); if(@sql_list) { - unshift @sql_list, "VACUUM"; unshift @sql_list, "DELETE FROM $table_name"; $fai_release_db->exec_statementlist(\@sql_list); } @@ -2132,7 +2393,7 @@ sub create_fai_release_db { } daemon_log("$session_id INFO: create_fai_release_db: finished",5); } - $ldap_handle->disconnect; + $ldap_handle->disconnect; return $result; } @@ -2511,10 +2772,12 @@ sub create_packages_list_db { close (CONFIG); - find(\&cleanup_and_extract, keys( %repo_dirs )); - &main::strip_packages_list_statements(); - unshift @packages_list_statements, "VACUUM"; - $packages_list_db->exec_statementlist(\@packages_list_statements); + + if(keys(%repo_dirs)) { + find(\&cleanup_and_extract, keys( %repo_dirs )); + &main::strip_packages_list_statements(); + $packages_list_db->exec_statementlist(\@packages_list_statements); + } unlink($packages_list_under_construction); daemon_log("$session_id INFO: create_packages_list_db: finished", 5); return; @@ -2728,7 +2991,6 @@ sub parse_package { close( $PACKAGES ); unlink( "$path.in" ); - &main::daemon_log("$session_id DEBUG: unlink '$path.in'", 1); } @@ -2746,24 +3008,22 @@ sub store_fileinfo { sub cleanup_and_extract { - my $fileinfo = $repo_files{ $File::Find::name }; - - if( defined $fileinfo ) { + my $fileinfo = $repo_files{ $File::Find::name }; - my $dir = "$outdir/$fileinfo->{ 'dist' }/debconf.d"; - my $sql; - my $package = $fileinfo->{ 'package' }; - my $newver = $fileinfo->{ 'version' }; + if( defined $fileinfo ) { + my $dir = "$outdir/$fileinfo->{ 'dist' }/debconf.d"; + my $sql; + my $package = $fileinfo->{ 'package' }; + my $newver = $fileinfo->{ 'version' }; - mkpath($dir); - system( "dpkg -e '$File::Find::name' '$dir/DEBIAN'" ); + mkpath($dir); + system( "dpkg -e '$File::Find::name' '$dir/DEBIAN'" ); if( -f "$dir/DEBIAN/templates" ) { - daemon_log("DEBUG: Found debconf templates in '$package' - $newver", 5); + daemon_log("DEBUG: Found debconf templates in '$package' - $newver", 7); - my $tmpl= ""; - { + my $tmpl= ""; { local $/=undef; open FILE, "$dir/DEBIAN/templates"; $tmpl = &encode_base64(); @@ -2772,11 +3032,11 @@ sub cleanup_and_extract { rmtree("$dir/DEBIAN/templates"); $sql= "update $main::packages_list_tn set template = '$tmpl' where package = '$package' and version = '$newver';"; - push @packages_list_statements, $sql; + push @packages_list_statements, $sql; } - } + } - return; + return; } @@ -2805,6 +3065,24 @@ sub register_at_foreign_servers { my $myhash = &create_xml_hash('new_server', $server_address, $hostname); &add_content2xml_hash($myhash, 'key', $hostkey); map(&add_content2xml_hash($myhash, 'client', @{$_}[0].",".@{$_}[4]), @$client_res); + + # add locally loaded gosa-si modules to registration message + my $loaded_modules = {}; + while (my ($package, $pck_info) = each %$known_modules) { + next if ((!defined(@$pck_info[2])) || (!(ref (@$pck_info[2]) eq 'HASH'))); + foreach my $act_module (keys(%{@$pck_info[2]})) { + $loaded_modules->{$act_module} = ""; + } + } + + map(&add_content2xml_hash($myhash, "loaded_modules", $_), keys(%$loaded_modules)); + + # add macaddress to registration message + my ($host_ip, $host_port) = split(/:/, $hostname); + my $local_ip = &get_local_ip_for_remote_ip($host_ip); + my $network_interface= &get_interface_for_ip($local_ip); + my $host_mac = &get_mac_for_interface($network_interface); + &add_content2xml_hash($myhash, 'macaddress', $host_mac); # build registration message and send it my $foreign_server_msg = &create_xml_string($myhash); @@ -2823,13 +3101,12 @@ GetOptions("h|help" => \&usage, "c|config=s" => \$cfg_file, "f|foreground" => \$foreground, "v|verbose+" => \$verbose, - "no-bus+" => \$no_bus, "no-arp+" => \$no_arp, ); # read and set config parameters &check_cmdline_param ; -&read_configfile; +&read_configfile($cfg_file, %cfg_defaults); &check_pid; $SIG{CHLD} = 'IGNORE'; @@ -2873,60 +3150,86 @@ if ($server_headURL =~ /\/tag\// || $server_status = "developmental" ; } +# Prepare log file +$root_uid = getpwnam('root'); +$adm_gid = getgrnam('adm'); +chmod(0640, $log_file); +chown($root_uid, $adm_gid, $log_file); +chown($root_uid, $adm_gid, "/var/lib/gosa-si"); daemon_log(" ", 1); daemon_log("$0 started!", 1); daemon_log("status: $server_status", 1); daemon_log($server_status_hash->{$server_status}.": $server_revision", 1); -if ($no_bus > 0) { - $bus_activ = "false" -} - # connect to incoming_db unlink($incoming_file_name); -$incoming_db = GOSA::DBsqlite->new($incoming_file_name); +$incoming_db = GOSA::DBmysql->new($main::mysql_database, $main::mysql_host, $main::mysql_username, $main::mysql_password); $incoming_db->create_table($incoming_tn, \@incoming_col_names); # connect to gosa-si job queue -$job_db = GOSA::DBsqlite->new($job_queue_file_name); +unlink($job_queue_file_name); ## just for debugging +$job_db = GOSA::DBmysql->new($main::mysql_database, $main::mysql_host, $main::mysql_username, $main::mysql_password); $job_db->create_table($job_queue_tn, \@job_queue_col_names); +chmod(0660, $job_queue_file_name); +chown($root_uid, $adm_gid, $job_queue_file_name); # connect to known_clients_db -$known_clients_db = GOSA::DBsqlite->new($known_clients_file_name); +unlink($known_clients_file_name); ## just for debugging +$known_clients_db = GOSA::DBmysql->new($main::mysql_database, $main::mysql_host, $main::mysql_username, $main::mysql_password); $known_clients_db->create_table($known_clients_tn, \@known_clients_col_names); +chmod(0660, $known_clients_file_name); +chown($root_uid, $adm_gid, $known_clients_file_name); # connect to foreign_clients_db -$foreign_clients_db = GOSA::DBsqlite->new($foreign_clients_file_name); +unlink($foreign_clients_file_name); +$foreign_clients_db = GOSA::DBmysql->new($main::mysql_database, $main::mysql_host, $main::mysql_username, $main::mysql_password); $foreign_clients_db->create_table($foreign_clients_tn, \@foreign_clients_col_names); +chmod(0660, $foreign_clients_file_name); +chown($root_uid, $adm_gid, $foreign_clients_file_name); # connect to known_server_db unlink($known_server_file_name); -$known_server_db = GOSA::DBsqlite->new($known_server_file_name); +$known_server_db = GOSA::DBmysql->new($main::mysql_database, $main::mysql_host, $main::mysql_username, $main::mysql_password); $known_server_db->create_table($known_server_tn, \@known_server_col_names); +chmod(0660, $known_server_file_name); +chown($root_uid, $adm_gid, $known_server_file_name); # connect to login_usr_db -$login_users_db = GOSA::DBsqlite->new($login_users_file_name); +unlink($login_users_file_name); +$login_users_db = GOSA::DBmysql->new($main::mysql_database, $main::mysql_host, $main::mysql_username, $main::mysql_password); $login_users_db->create_table($login_users_tn, \@login_users_col_names); +chmod(0660, $login_users_file_name); +chown($root_uid, $adm_gid, $login_users_file_name); -# connect to fai_server_db and fai_release_db +# connect to fai_server_db unlink($fai_server_file_name); -$fai_server_db = GOSA::DBsqlite->new($fai_server_file_name); +$fai_server_db = GOSA::DBmysql->new($main::mysql_database, $main::mysql_host, $main::mysql_username, $main::mysql_password); $fai_server_db->create_table($fai_server_tn, \@fai_server_col_names); +chmod(0660, $fai_server_file_name); +chown($root_uid, $adm_gid, $fai_server_file_name); +# connect to fai_release_db unlink($fai_release_file_name); -$fai_release_db = GOSA::DBsqlite->new($fai_release_file_name); +$fai_release_db = GOSA::DBmysql->new($main::mysql_database, $main::mysql_host, $main::mysql_username, $main::mysql_password); $fai_release_db->create_table($fai_release_tn, \@fai_release_col_names); +chmod(0660, $fai_release_file_name); +chown($root_uid, $adm_gid, $fai_release_file_name); # connect to packages_list_db #unlink($packages_list_file_name); unlink($packages_list_under_construction); -$packages_list_db = GOSA::DBsqlite->new($packages_list_file_name); +$packages_list_db = GOSA::DBmysql->new($main::mysql_database, $main::mysql_host, $main::mysql_username, $main::mysql_password); $packages_list_db->create_table($packages_list_tn, \@packages_list_col_names); +chmod(0660, $packages_list_file_name); +chown($root_uid, $adm_gid, $packages_list_file_name); # connect to messaging_db -$messaging_db = GOSA::DBsqlite->new($messaging_file_name); +unlink($messaging_file_name); +$messaging_db = GOSA::DBmysql->new($main::mysql_database, $main::mysql_host, $main::mysql_username, $main::mysql_password); $messaging_db->create_table($messaging_tn, \@messaging_col_names); +chmod(0660, $messaging_file_name); +chown($root_uid, $adm_gid, $messaging_file_name); # create xml object used for en/decrypting @@ -2942,71 +3245,107 @@ if ($foreign_server_string ne "") { foreach my $foreign_server (@cfg_foreign_server_list) { push(@foreign_server_list, $foreign_server); } -} -# add foreign server from dns -my @tmp_servers; -if ( !$server_domain) { - # Try our DNS Searchlist - for my $domain(get_dns_domains()) { - chomp($domain); - my @tmp_domains= &get_server_addresses($domain); - if(@tmp_domains) { - for my $tmp_server(@tmp_domains) { - push @tmp_servers, $tmp_server; + daemon_log("0 INFO: found foreign server in config file: ".join(", ", @foreign_server_list), 5); +} + +# Perform a DNS lookup for server registration if flag is true +if ($dns_lookup eq "true") { + # Add foreign server from dns + my @tmp_servers; + if (not $server_domain) { + # Try our DNS Searchlist + for my $domain(get_dns_domains()) { + chomp($domain); + my ($tmp_domains, $error_string) = &get_server_addresses($domain); + if(@$tmp_domains) { + for my $tmp_server(@$tmp_domains) { + push @tmp_servers, $tmp_server; + } } } + if(@tmp_servers && length(@tmp_servers)==0) { + daemon_log("0 WARNING: no foreign gosa-si-server found in DNS for domain '$server_domain'", 3); + } + } else { + @tmp_servers = &get_server_addresses($server_domain); + if( 0 == @tmp_servers ) { + daemon_log("0 WARNING: no foreign gosa-si-server found in DNS for domain '$server_domain'", 3); + } } - if(@tmp_servers && length(@tmp_servers)==0) { - daemon_log("0 WARNING: no foreign gosa-si-server found in DNS for domain '$server_domain'", 3); + + daemon_log("0 INFO: found foreign server via DNS ".join(", ", @tmp_servers), 5); + + foreach my $server (@tmp_servers) { + unshift(@foreign_server_list, $server); } } else { - @tmp_servers = &get_server_addresses($server_domain); - if( 0 == @tmp_servers ) { - daemon_log("0 WARNING: no foreign gosa-si-server found in DNS for domain '$server_domain'", 3); - } -} -foreach my $server (@tmp_servers) { - unshift(@foreign_server_list, $server); + daemon_log("0 INFO: DNS lookup for server registration is disabled", 5); } + + # eliminate duplicate entries @foreign_server_list = &del_doubles(@foreign_server_list); my $all_foreign_server = join(", ", @foreign_server_list); -daemon_log("0 INFO: found foreign server in config file and DNS: $all_foreign_server", 5); +daemon_log("0 INFO: found foreign server in config file and DNS: '$all_foreign_server'", 5); # add all found foreign servers to known_server my $act_timestamp = &get_time(); foreach my $foreign_server (@foreign_server_list) { + + # do not add myself to known_server_db + if (&is_local($foreign_server)) { next; } + ###################################### + my $res = $known_server_db->add_dbentry( {table=>$known_server_tn, primkey=>['hostname'], hostname=>$foreign_server, + macaddress=>"", status=>'not_jet_registered', hostkey=>"none", + loaded_modules => "none", timestamp=>$act_timestamp, } ); } +# Import all modules +&import_modules; + +# Check wether all modules are gosa-si valid passwd check +&password_check; + +# Prepare for using Opsi +if ($opsi_enabled eq "true") { + use JSON::RPC::Client; + use XML::Quote qw(:all); + $opsi_url= "https://".$opsi_admin.":".$opsi_password."@".$opsi_server.":4447/rpc"; + $opsi_client = new JSON::RPC::Client; +} + + POE::Component::Server::TCP->new( - Alias => "TCP_SERVER", + Alias => "TCP_SERVER", Port => $server_port, ClientInput => sub { - my ($kernel, $input) = @_[KERNEL, ARG0]; - push(@tasks, $input); - push(@msgs_to_decrypt, $input); - $kernel->yield("msg_to_decrypt"); - }, - InlineStates => { - msg_to_decrypt => \&msg_to_decrypt, - next_task => \&next_task, - task_result => \&handle_task_result, - task_done => \&handle_task_done, - task_debug => \&handle_task_debug, - child_reap => sub { "Do nothing special. I'm just a comment, but i'm necessary!" }, - } + my ($kernel, $input, $heap, $session) = @_[KERNEL, ARG0, HEAP, SESSION]; + my $session_id = $session->ID; + my $remote_ip = $heap->{'remote_ip'}; + push(@msgs_to_decrypt, $input); + &daemon_log("$session_id DEBUG: incoming message from '$remote_ip'", 7); + $kernel->yield("msg_to_decrypt"); + }, + InlineStates => { + msg_to_decrypt => \&msg_to_decrypt, + next_task => \&next_task, + task_result => \&handle_task_result, + task_done => \&handle_task_done, + task_debug => \&handle_task_debug, + child_reap => sub { "Do nothing special. I'm just a comment, but i'm necessary!" }, + } ); -daemon_log("start socket for incoming xml messages at port '$server_port' ", 1); +daemon_log("0 INFO: start socket for incoming xml messages at port '$server_port' ", 1); # create session for repeatedly checking the job queue for jobs POE::Session->create( @@ -3023,11 +3362,14 @@ POE::Session->create( watch_for_delivery_messages => \&watch_for_delivery_messages, watch_for_done_messages => \&watch_for_done_messages, watch_for_new_jobs => \&watch_for_new_jobs, + watch_for_modified_jobs => \&watch_for_modified_jobs, watch_for_done_jobs => \&watch_for_done_jobs, + watch_for_opsi_jobs => \&watch_for_opsi_jobs, watch_for_old_known_clients => \&watch_for_old_known_clients, create_packages_list_db => \&run_create_packages_list_db, create_fai_server_db => \&run_create_fai_server_db, create_fai_release_db => \&run_create_fai_release_db, + recreate_packages_db => \&run_recreate_packages_db, session_run_result => \&session_run_result, session_run_debug => \&session_run_debug, session_run_done => \&session_run_done, @@ -3036,14 +3378,6 @@ POE::Session->create( ); -# import all modules -&import_modules; - -# TODO -# check wether all modules are gosa-si valid passwd check - - - POE::Kernel->run(); exit;