X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-core%2Finclude%2Fclass_gosaSupportDaemon.inc;h=571a3f89f72b54401df4cfc24f742f21c8d9db57;hb=8242fde1a538dd582896d842945b121a4bb985d4;hp=28f77e33d3257be1a9fa80c14f986683a11d424d;hpb=9edba67afa6879eb26e8da592beca5f4b82dbc06;p=gosa.git diff --git a/gosa-core/include/class_gosaSupportDaemon.inc b/gosa-core/include/class_gosaSupportDaemon.inc index 28f77e33d..571a3f89f 100644 --- a/gosa-core/include/class_gosaSupportDaemon.inc +++ b/gosa-core/include/class_gosaSupportDaemon.inc @@ -47,12 +47,12 @@ class gosaSupportDaemon global $config; # load from config, store statically - if (isset($config->current['GOSA_SI'])){ + if ($config->get_cfg_value("gosa_si") != ""){ if ($this->s_host == ""){ - $this->s_host= preg_replace("/^.*@([^:]+):.*$/", "$1", $config->current['GOSA_SI']); - $this->i_port= preg_replace("/^.*@[^:]+:(.*)$/", "$1", $config->current['GOSA_SI']); - $this->s_encryption_key = preg_replace("/^(.*)@[^:]+:.*$/", "$1", $config->current['GOSA_SI']); + $this->s_host= preg_replace("/^.*@([^:]+):.*$/", "$1", $config->get_cfg_value("gosa_si")); + $this->i_port= preg_replace("/^.*@[^:]+:(.*)$/", "$1", $config->get_cfg_value("gosa_si")); + $this->s_encryption_key = preg_replace("/^(.*)@[^:]+:.*$/", "$1", $config->get_cfg_value("gosa_si")); } $this->f_timeout = $timeout; @@ -84,6 +84,16 @@ class gosaSupportDaemon return($this->is_connected); } + + /*! \brief Returns TRUE whether we are connected or not + @return BOOLEAN Returns TRUE when connected else FALSE + */ + public function is_connected() + { + return($this->is_connected); + } + + /*! \brief Disconnect from gosa daemon. */ @@ -129,8 +139,16 @@ class gosaSupportDaemon public function get_error() { $str = $this->s_error; - $str = preg_replace("/ /"," ",$str); - return($str); + $ret = ""; + if(is_string($str)){ + $ret = $str; + }else{ + foreach($str as $msg){ + $ret .= $msg." "; + } + } + $ret = preg_replace("/ /"," ",$ret); + return($ret); } @@ -514,7 +532,7 @@ class gosaSupportDaemon $entries = $this->xml_to_array($str); if(isset($entries['XML']) && is_array($entries['XML'])){ foreach($entries['XML'] as $entry){ - if(isset($entry['ID'])){ + if(is_array($entry) && array_key_exists("ID",$entry)){ $ret[] = $entry['ID']; } } @@ -818,12 +836,23 @@ class gosaSupportDaemon } } if ($xml_elem['type'] == 'complete') { + $start_level = 1; $test2 = &$params; while($start_level < $xml_elem['level']) { $test2 = &$test2[$level[$start_level]]; $start_level++; } + + /* Save tag attributes too. + e.g. + */ + if(isset($xml_elem['attributes'])){ + foreach($xml_elem['attributes'] as $name => $value){ + $test2['ATTRIBUTES'][$name] = $value; + } + } + if(!isset($test2[$xml_elem['tag']])){ if(isset($xml_elem['value'])){ $test2[$xml_elem['tag']] = $xml_elem['value']; @@ -869,6 +898,7 @@ class gosaSupportDaemon $attr = ""; foreach($data as $key => $value){ + $key = strtolower($key); if(is_array($value)){ foreach($value as $sub_value){ $attr.= "<$key>".strtolower($sub_value)."\n"; @@ -1107,7 +1137,7 @@ class gosaSupportDaemon foreach ($data as $key => $value){ if(is_array($value)){ foreach($value as $sub_val){ - $xml_message.= "<$key>$sub_value"; + $xml_message.= "<$key>$sub_val"; } }else{ $xml_message.= "<$key>$value"; @@ -1217,6 +1247,13 @@ class gosaSupportDaemon { $res = array(); + /* Check if the given server is a valid mac address + */ + if(!tests::is_mac($server)){ + trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address"); + return($ret); + } + /* Prepare request event */ $xml_msg = @@ -1226,7 +1263,12 @@ class gosaSupportDaemon "".$server."". ""; - return($this->_send($xml_msg,TRUE)); + $tmp = $this->_send($xml_msg,TRUE); + if(isset($tmp['XML']['PRINCIPAL'])){ + return($tmp['XML']['PRINCIPAL']); + }else{ + return($res); + } } @@ -1235,7 +1277,7 @@ class gosaSupportDaemon @pram String The name of the requested principal. (e.g. peter@EXAMPLE.DE) @return Array A list containing the names of all configured principals. */ - public function krb5_get_principal($name) + public function krb5_get_principal($server,$name) { $ret = array(); @@ -1246,6 +1288,13 @@ class gosaSupportDaemon return($ret); } + /* Check if the given server is a valid mac address + */ + if(!tests::is_mac($server)){ + trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address"); + return($ret); + } + /* Prepare request event */ $xml_msg = @@ -1253,20 +1302,101 @@ class gosaSupportDaemon "
gosa_krb5_get_principal
". "".$name."". "GOSA". - "GOSA". + "".$server."". + ""; + + $res = $this->_send($xml_msg,TRUE); + if(isset($res['XML'])){ + return($res['XML']); + }else{ + return($ret); + } + } + + + /*! \brief Creates a given principal with a set of configuration settings. + For a list of configurable attributes have a look at 'krb5_get_principal()'. + (Uses the GOsa support daemon instead of the ldap database.) + @pram String The name of the principal to update. (e.g. peter@EXAMPLE.DE) + @return Boolean TRUE on success else FALSE. + */ + public function krb5_add_principal($server,$name,$values) + { + $ret = FALSE; + + /* Check if the given name is a valid request value + */ + if(!is_string($name) || empty($name)){ + trigger_error("The given principal name is not of type string or it is empty."); + return($ret); + } + if(!is_array($values)){ + trigger_error("No valid update settings given. The parameter must be of type array and must contain at least one entry"); + return($ret); + } + + /* Check if the given server is a valid mac address + */ + if(!tests::is_mac($server)){ + trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address"); + return($ret); + } + + $attrs = ""; + foreach($values as $key => $value){ + if(empty($key) || is_numeric($key)){ + trigger_error("Invalid configuration attribute given '".$key."=".$value."'."); + return($ret); + } + $key = strtolower($key); + if(is_array($value)){ + foreach($value as $val){ + $attrs.= "<$key>$val\n"; + } + }else{ + $attrs.= "<$key>$value\n"; + } + } + + /* Prepare request event + */ + $xml_msg = + "". + "
gosa_krb5_create_principal
". + "".$name."". + $attrs. + "GOSA". + "".$server."". + ""; + + return($this->_send($xml_msg,TRUE) == TRUE && !$this->is_error()); + } + + + function krb5_ramdomize_key($server,$name) + { + /* Prepare request event + */ + $xml_msg = + "". + "
gosa_krb5_randomize_key
". + "".$name."". + "GOSA". + "".$server."". ""; - return($this->_send($xml_msg,TRUE)); + return($this->_send($xml_msg,TRUE) == TRUE && !$this->is_error()); } + - /*! \brief Creates/Updates a given principal with a set of configuration settings. + /*! \brief Updates a given principal with a set of configuration settings. For a list of configurable attributes have a look at 'krb5_get_principal()'. (Uses the GOsa support daemon instead of the ldap database.) @pram String The name of the principal to update. (e.g. peter@EXAMPLE.DE) @return Boolean TRUE on success else FALSE. */ - public function krb5_set_principal($name,$values) + public function krb5_set_principal($server,$name,$values) { $ret = FALSE; @@ -1281,27 +1411,41 @@ class gosaSupportDaemon return($ret); } + /* Check if the given server is a valid mac address + */ + if(!tests::is_mac($server)){ + trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address"); + return($ret); + } + $attrs = ""; - foreach($values as $name => $value){ - if(empty($name) || is_numeric($name)){ - trigger_error("Invalid configuration attribute given '".$name."=".$value."'."); + foreach($values as $key => $value){ + if(empty($key) || is_numeric($key)){ + trigger_error("Invalid configuration attribute given '".$key."=".$value."'."); return($ret); } - $attrs = "<$name>$value\n"; + $key = strtolower($key); + if(is_array($value)){ + foreach($value as $val){ + $attrs.= "<$key>$val\n"; + } + }else{ + $attrs.= "<$key>$value\n"; + } } /* Prepare request event */ $xml_msg = "". - "
gosa_krb5_set_principal
". + "
gosa_krb5_modify_principal
". "".$name."". $attrs. "GOSA". - "GOSA". + "".$server."". ""; - return($this->_send($xml_msg,TRUE)); + return($this->_send($xml_msg,TRUE) == TRUE && !$this->is_error()); } @@ -1310,7 +1454,7 @@ class gosaSupportDaemon @pram String The name of the principal. (e.g. peter@EXAMPLE.DE) @return Boollean TRUE on success else FALSE */ - public function krb5_del_principal($name) + public function krb5_del_principal($server,$name) { $ret = FALSE; @@ -1321,6 +1465,13 @@ class gosaSupportDaemon return($ret); } + /* Check if the given server is a valid mac address + */ + if(!tests::is_mac($server)){ + trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address"); + return($ret); + } + /* Prepare request event */ $xml_msg = @@ -1328,11 +1479,10 @@ class gosaSupportDaemon "
gosa_krb5_del_principal
". "".$name."". "GOSA". - "GOSA". + "".$server."". ""; - - return($this->_send($xml_msg,TRUE)); + return($this->_send($xml_msg,TRUE) == TRUE && !$this->is_error()); } @@ -1344,6 +1494,13 @@ class gosaSupportDaemon { $res = array(); + /* Check if the given server is a valid mac address + */ + if(!tests::is_mac($server)){ + trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address"); + return($ret); + } + /* Prepare request event */ $xml_msg = @@ -1376,7 +1533,7 @@ class gosaSupportDaemon (Uses the GOsa support daemon instead of the ldap database.) @return Array The policy settings for the given policy name. */ - public function krb5_get_policy($name) + public function krb5_get_policy($server,$name) { $res = array(); @@ -1387,6 +1544,13 @@ class gosaSupportDaemon return($ret); } + /* Check if the given server is a valid mac address + */ + if(!tests::is_mac($server)){ + trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address"); + return($ret); + } + /* Prepare request event */ $xml_msg = @@ -1394,20 +1558,36 @@ class gosaSupportDaemon "
gosa_krb5_get_policy
". "".$name."". "GOSA". - "GOSA". + "".$server."". ""; - return($this->_send($xml_msg,TRUE)); + /* Possible attributes */ + $attrs = array("MASK","POLICY","PW_HISTORY_NUM","PW_MAX_LIFE", + "PW_MIN_CLASSES","PW_MIN_LENGTH","PW_MIN_LIFE","POLICY_REFCNT"); + + + $tmp = $this->_send($xml_msg,TRUE); + if(isset($tmp['XML'])){ + foreach($attrs as $attr){ + if(isset($tmp['XML'][$attr])){ + $ret[$attr] = $tmp['XML'][$attr]; + }else{ + $ret[$attr] = ""; + } + } + } + return($ret); } - /*! \brief Creates/Updates a given policy with a set of configuration settings. + /*! \brief Creates a new policy with a given set of configuration settings. For a list of configurable attributes have a look at 'krb5_get_policy()'. (Uses the GOsa support daemon instead of the ldap database.) @pram String The name of the policy to update. + @pram Array The attributes to update @return Boolean TRUE on success else FALSE. */ - public function krb5_set_policy($name,$values) + public function krb5_add_policy($server,$name,$values) { $ret = FALSE; @@ -1422,29 +1602,94 @@ class gosaSupportDaemon return($ret); } + /* Check if the given server is a valid mac address + */ + if(!tests::is_mac($server)){ + trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address"); + return($ret); + } + + /* Transform array into */ $attrs = ""; - foreach($values as $name => $value){ - if(empty($name) || is_numeric($name)){ - trigger_error("Invalid policy configuration attribute given '".$name."=".$value."'."); + foreach($values as $id => $value){ + if(empty($id) || is_numeric($id)){ + trigger_error("Invalid policy configuration attribute given '".$id."=".$value."'."); return($ret); } - $attrs = "<$name>$value\n"; + $id = strtolower($id); + $attrs.= "<$id>$value\n"; } /* Prepare request event */ $xml_msg = "". - "
gosa_krb5_set_policy
". + "
gosa_krb5_create_policy
". "".$name."". $attrs. "GOSA". - "GOSA". + "".$server."". ""; - return($this->_send($xml_msg,TRUE)); + return($this->_send($xml_msg,TRUE) == TRUE && !$this->is_error()); + } + + + /*! \brief Updates a given policy with a set of configuration settings. + For a list of configurable attributes have a look at 'krb5_get_policy()'. + (Uses the GOsa support daemon instead of the ldap database.) + @pram String The name of the policy to update. + @return Boolean TRUE on success else FALSE. + */ + public function krb5_set_policy($server,$name,$values) + { + $ret = FALSE; + + /* Check if the given name is a valid request value + */ + if(!is_string($name) || empty($name)){ + trigger_error("The given policy name is not of type string or it is empty."); + return($ret); + } + if(!is_array($values) || !count($values)){ + trigger_error("No valid policy settings given. The parameter must be of type array and must contain at least one entry"); + return($ret); + } + + /* Check if the given server is a valid mac address + */ + if(!tests::is_mac($server)){ + trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address"); + return($ret); + } + + /* Transform array into + */ + $attrs = ""; + foreach($values as $id => $value){ + if(preg_match("/^policy$/i",$id)) continue; + if(empty($id) || is_numeric($id)){ + trigger_error("Invalid policy configuration attribute given '".$id."=".$value."'."); + return($ret); + } + $id = strtolower($id); + $attrs.= "<$id>$value\n"; + } + + /* Prepare request event + */ + $xml_msg = + "". + "
gosa_krb5_modify_policy
". + "".$name."". + $attrs. + "GOSA". + "".$server."". + ""; + + return($this->_send($xml_msg,TRUE) == TRUE && !$this->is_error()); } @@ -1452,10 +1697,17 @@ class gosaSupportDaemon (Uses the GOsa support daemon instead of the ldap database.) @return Boolean TRUE on success else FALSE */ - public function krb5_del_policy($name) + public function krb5_del_policy($server,$name) { $ret = FALSE; + /* Check if the given server is a valid mac address + */ + if(!tests::is_mac($server)){ + trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address"); + return($ret); + } + /* Check if the given name is a valid request value */ if(!is_string($name) || empty($name)){ @@ -1470,11 +1722,240 @@ class gosaSupportDaemon "
gosa_krb5_del_policy
". "".$name."". "GOSA". - "GOSA". + "".$server."". ""; - return($this->_send($xml_msg,TRUE)); + return($this->_send($xml_msg,TRUE) == TRUE && !$this->is_error()); } + + /*! \brief Sets the password of for the given principal. + (Uses the GOsa support daemon instead of the ldap database.) + @param String The servers mac + @param String The principals name + @param String $the new password. + @return Boolean TRUE on success else FALSE + */ + public function krb5_set_password($server,$name,$password) + { + $ret = FALSE; + + /* Check if the given server is a valid mac address + */ + if(!tests::is_mac($server)){ + trigger_error("The given server address '".$server."' is invalid, it must be a valid mac address"); + return($ret); + } + + /* Check if the given name is a valid request value + */ + if(!is_string($name) || empty($name)){ + trigger_error("The given principal name is not of type string or it is empty."); + return($ret); + } + + /* Prepare request event + */ + $xml_msg = + "". + "
gosa_krb5_set_password
". + "".$name."". + "".$password."". + "GOSA". + "".$server."". + ""; + return($this->_send($xml_msg,TRUE) == TRUE && !$this->is_error()); + } + + + /*! \brief Returns log file informations for a given mac address + @param $mac The mac address to fetch logs for. + @retrun Array A Multidimensional array containing log infos. + MAC_00_01_6C_9D_B9_FA['install_20080311_090900'][0]=debconf.log + MAC_00_01_6C_9D_B9_FA['install_20080311_090900'][1]=syslog.log + install_20080313_144450 ... + */ + public function get_log_info_for_mac($mac) + { + $xml_msg = " + +
gosa_show_log_by_mac
+ GOSA + GOSA + ".$mac." + "; + + $res = $this->_send($xml_msg,TRUE); + $ret = array(); + if(isset($res['XML'])){ + + /* Filter all entry that look like this + MAC_00_01_6C_9D_B9_FA + */ + foreach($res['XML'] as $name => $entry){ + if(preg_match("/^MAC/",$name)){ + + /* Get list of available log files + */ + foreach($entry as $log_date){ + $xml_msg2 = " +
gosa_show_log_files_by_date_and_mac
+ GOSA + GOSA + ".$log_date." + ".$mac." + "; + + $ret[$mac][$log_date] = array(); + $res = $this->_send($xml_msg2,TRUE); + $ret[$mac][$log_date]['DATE_STR'] = $log_date; + $ret[$mac][$log_date]['REAL_DATE'] = strtotime(preg_replace("/[^0-9]*/","",$log_date)); + if(isset($res['XML']['SHOW_LOG_FILES_BY_DATE_AND_MAC'])){ + $ret[$mac][$log_date]['FILES'] = $res['XML']['SHOW_LOG_FILES_BY_DATE_AND_MAC']; + } + } + } + } + } + return($ret); + } + + public function get_log_file($mac,$date,$file) + { + $xml_msg =" + +
gosa_get_log_file_by_date_and_mac
+ GOSA + GOSA + ".$date." + ".$mac." + ".$file." + "; + + $res = $this->_send($xml_msg,TRUE); + if(isset($res['XML'][strtoupper($file)])){ + return(base64_decode($res['XML'][strtoupper($file)])); + } + return(""); + } + + + + + + /***************** + * DAK - Functions + *****************/ + + /*! \brief Returns all currenlty queued entries for a given DAK repository + @param ... + @return Array All queued entries. + */ + public function DAK_keyring_entries($server) + { + /* Ensure that we send the event to a valid mac address + */ + if(!is_string($server) || !tests::is_mac($server)){ + trigger_error("No valid mac address given '".$server."'."); + return; + } + + /* Create query + */ + $xml_msg = " +
gosa_get_dak_keyring
+ ".$server." + GOSA + "; + + $res = $this->_send($xml_msg,TRUE); + + /* Check if there are results for POLICY + */ + if(isset($res['XML'])){ + $ret = array(); + foreach($res['XML'] as $key => $entry){ + if(preg_match("/^ANSWER/",$key)){ + $ret[] = $entry; + } + } + return($ret); + }else{ + return(array()); + } + } + + + /*! \brief Imports the given key into the specified keyring (Servers mac address) + @param String The servers mac address + @param String The gpg key. + @return Boolean TRUE on success else FALSE + */ + public function DAK_import_key($server,$key) + { + /* Ensure that we send the event to a valid mac address + */ + if(!is_string($server) || !tests::is_mac($server)){ + trigger_error("No valid mac address given '".$server."'."); + return; + } + + /* Check if there is some cleanup required before importing the key. + There may be some Header lines like: + -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.6 (GNU/Linux) + */ + if(preg_match("/".normalizePreg("BEGIN PGP PUBLIC KEY BLOCK")."/",$key)){ + + /* Remove header */ + $key = preg_replace("/^.*\n\n/sim","",$key); + /* Remove footer */ + $key = preg_replace("/-----.*$/sim","",$key); + }elseif (!preg_match('%^[a-zA-Z0-9/+]*={0,2}$%', $key)) { + + /* Encode key if it is raw. + */ + $key = base64_encode($key); + } + + /* Create query + */ + $xml_msg = " +
gosa_import_dak_key
+ ".$server." + ".$key." + GOSA + "; + + $res = $this->_send($xml_msg,TRUE); + return($this->is_error()); + } + + + /*! \brief Removes a key from the keyring on the given server. + @param String The servers mac address + @param String The gpg key uid. + @return Boolean TRUE on success else FALSE + */ + public function DAK_remove_key($server,$key) + { + /* Ensure that we send the event to a valid mac address + */ + if(!is_string($server) || !tests::is_mac($server)){ + trigger_error("No valid mac address given '".$server."'."); + return; + } + + /* Create query + */ + $xml_msg = " +
gosa_remove_dak_key
+ ".$server." + ".$key." + GOSA + "; + + $res = $this->_send($xml_msg,TRUE); + return($this->is_error()); + } } // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: