X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-si%2Fgosa-si-client;h=992dda4c3cbadf1065374365ae6bae7b9d7520ad;hb=48802a3e0c3e3dc4a26332bf8edd39bab8612eea;hp=cfe60390cc535661552f6bb9a59e277af2ca00be;hpb=71bb75e1d44a5394b7a54f73e1082cc59bdc5c4a;p=gosa.git diff --git a/gosa-si/gosa-si-client b/gosa-si/gosa-si-client index cfe60390c..992dda4c3 100755 --- a/gosa-si/gosa-si-client +++ b/gosa-si/gosa-si-client @@ -1,7 +1,7 @@ #!/usr/bin/perl #=============================================================================== # -# FILE: gosa-server +# FILE: gosa-si-client # # USAGE: gosa-si-client # @@ -30,7 +30,6 @@ use Time::HiRes qw( gettimeofday ); use POE qw(Component::Server::TCP Wheel::FollowTail Wheel::Run); use IO::Socket::INET; use NetAddr::IP; -use Data::Dumper; use Crypt::Rijndael; use GOSA::GosaSupportDaemon; use Digest::MD5 qw(md5_hex md5 md5_base64); @@ -75,7 +74,7 @@ our $server_key; our $terminal_server_hash; # default variables -our $REGISTERED = 0; +my $REGISTERED = 0; # path to fifo for non-gosa-si-client messages to gosa-si-server my $fai_com_fifo = "/var/run/gosa-si-client.socket"; @@ -113,7 +112,7 @@ my $fai_log_dir = "/var/log/fai"; "nss-config" => [\$nss_config, "/etc/libnss-ldap.conf"], "fai-logpath" => [\$fai_logpath, "/var/log/fai/fai.log"], "force-hostname" => [\$client_force_hostname, "false"], - "system-com" => [\$system_com, "disabled"], + "system-com" => [\$system_com, "disabled"], }, "server" => { "ip" => [\$server_ip, "127.0.0.1"], @@ -261,7 +260,12 @@ sub daemon_log { $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; $year+=1900; - my $log_msg = "$month $monthday $hours:$minutes:$seconds $prg $msg\n"; + # Microseconds since epoch + my $microSeconds = sprintf("%.2f", &Time::HiRes::clock_gettime()); + $microSeconds =~ s/^\d*(.\d\d)$/$1/; + + + my $log_msg = "$month $monthday $hours:$minutes:$seconds$microSeconds $prg $msg\n"; print LOG_HANDLE $log_msg; if( $foreground ) { print STDERR $log_msg; @@ -378,6 +382,12 @@ sub generate_hw_digest { foreach my $line (split /\n/, `cat /proc/bus/pci/devices`) { $hw_data.= sprintf "%s", $line =~ /[^\s]+\s([^\s]+)\s.*/; } + # linux-vserver has no /proc/bus/pci/devices + if ( !$hw_data ) { + foreach my $line (split /\n/, `ifconfig | grep HWaddr`) { + $hw_data.= sprintf "%s", $line =~ /[^\s]+\s([^\s]+)\s.*/; + } + } return(md5_base64($hw_data)); } @@ -440,6 +450,12 @@ sub send_msg_hash_to_target { return $error; } +sub _setREGISTERED { + my $newStatus = shift; + &daemon_log("DEBUG: set REGISTERED flag from '$REGISTERED' to '$newStatus'", 7); + $REGISTERED = $newStatus; + return; +} sub send_msg_to_target { my ($msg, $address, $encrypt_key, $msg_header) = @_ ; @@ -460,7 +476,7 @@ sub send_msg_to_target { if( !$socket ) { daemon_log("WARNING: cannot send ".$msg_header."msg to '$address', host not reachable", 3); if ($REGISTERED == 1) { - $REGISTERED = 0; # if server is not available, cause reregistering + &_setREGISTERED(0); # if server is not available, cause reregistering daemon_log("INFO: cause reregistering at gosa-si-server", 5); $global_kernel->yield('register_at_gosa_si_server'); @@ -537,35 +553,35 @@ sub open_socket { # DESCRIPTION: #=============================================================================== sub register_at_gosa_si_server { - my ($kernel) = $_[KERNEL]; - my $try_to_register = 0; - - # if client is already registered, stop registration process - if ($REGISTERED) { - $kernel->delay('register_at_gosa_si_server'); + my ($kernel) = $_[KERNEL]; + my $try_to_register = 0; - # client is not registered, start registration process + if ($REGISTERED) { + # Client is already registered, clear all other registration events + $kernel->delay('register_at_gosa_si_server'); } else { - # clear all other triggered events and wait till registration was successful - $kernel->delay('trigger_new_key'); + # Client is not registered, start registration process + # Clear all other events and wait till registration was successful + $kernel->delay('register_at_gosa_si_server'); + $kernel->delay('trigger_new_key'); - # create new passwd and ciphering object for client-server communication - $server_key = &create_passwd(); + # Create new passwd and ciphering object for client-server communication + $server_key = &create_passwd(); - my $events = join( ",", keys %{$event_hash} ); - while(1) { - $try_to_register++; + my $events = join( ",", keys %{$event_hash} ); + while(1) { + $try_to_register++; - # after one complete round through all server, stop trying to register - if( $try_to_register > @servers ) { last; } + # after one complete round through all server, stop trying to register + if( $try_to_register > @servers ) { last; } - # fetch first gosa-si-server from @servers - # append shifted gosa-si-server at the end of @servers, so looking for servers never stop if - # a registration never occured - my $server = shift(@servers); - push( @servers, $server ); + # fetch first gosa-si-server from @servers + # append shifted gosa-si-server at the end of @servers, so looking for servers never stop if + # a registration never occured + my $server = shift(@servers); + push( @servers, $server ); - # Check if our ip is resolvable - if not: don't try to register + # Check if $server is a valid server address if(!(defined($server) && $server =~ m/^[0-9\.]*?:.*$/)) { &main::daemon_log("ERROR: Server with address '".defined($server)?$server:""."' is invalid!", 1); if (length(@servers) == 1) { @@ -574,30 +590,30 @@ sub register_at_gosa_si_server { } } - # Check if our ip is resolvable - if not: don't try to register - my $ip= &get_local_ip_for_remote_ip(sprintf("%s", $server =~ /^([0-9\.]*?):.*$/)); - my $dnsname= gethostbyaddr(inet_aton($ip), AF_INET); - if(!defined($dnsname)) { - if( defined($client_force_hostname) && $client_force_hostname eq "true") { - $dnsname = `hostname`; - } else { - &write_to_file("goto-error-dns:$ip", $fai_logpath); - &main::daemon_log("ERROR: ip is not resolvable, no registration possible. Write 'goto-error-dns:$ip' to $fai_logpath", 1); - exit(1); - } - } + # Check if our ip is resolvable - if not: don't try to register + my $ip= &get_local_ip_for_remote_ip(sprintf("%s", $server =~ /^([0-9\.]*?):.*$/)); + my $dnsname= gethostbyaddr(inet_aton($ip), AF_INET); + if(!defined($dnsname)) { + if( defined($client_force_hostname) && $client_force_hostname eq "true") { + $dnsname = `hostname`; + } else { + &write_to_file("goto-error-dns:$ip", $fai_logpath); + &main::daemon_log("ERROR: ip is not resolvable, no registration possible. Write 'goto-error-dns:$ip' to $fai_logpath", 1); + exit(1); + } + } - # create registration msg + # create registration msg my $local_ip = &get_local_ip_for_remote_ip(sprintf("%s", $server =~ /^([0-9\.]*?):.*$/)); my $local_mac = &get_local_mac_for_remote_ip(sprintf("%s", $server =~ /^([0-9\.]*?):.*$/)); my $register_hash = &create_xml_hash("here_i_am", $local_ip.":".$client_port, $server); &add_content2xml_hash($register_hash, "new_passwd", $server_key); &add_content2xml_hash($register_hash, "mac_address", $local_mac); &add_content2xml_hash($register_hash, "events", $events); - &add_content2xml_hash($register_hash, "client_status", $client_status); - &add_content2xml_hash($register_hash, "client_revision", $client_revision); + &add_content2xml_hash($register_hash, "client_status", $client_status); + &add_content2xml_hash($register_hash, "client_revision", $client_revision); &add_content2xml_hash($register_hash, "gotoHardwareChecksum", $gotoHardwareChecksum); - &add_content2xml_hash($register_hash, "key_lifetime", $server_key_lifetime); + &add_content2xml_hash($register_hash, "key_lifetime", $server_key_lifetime); # Add $HOSTNAME from ENV if force-hostname is set if( defined($client_force_hostname) && $client_force_hostname eq "true") { @@ -608,45 +624,45 @@ sub register_at_gosa_si_server { } } - # send xml hash to server with general server passwd + # send xml hash to server with general server passwd my $res = &send_msg_hash_to_target($register_hash, $server, $default_server_key); - # if delivery of registration msg succeed + # if delivery of registration msg succeed if($res eq "0") { - # reset try_to_register + # reset try_to_register $try_to_register = 0; - # Set fixed client address and mac address + # Set fixed client address and mac address $client_ip= &get_local_ip_for_remote_ip(sprintf("%s", $server =~ /^([0-9\.]*?):.*$/)); $client_address= "$client_ip:$client_port"; $client_mac_address = $local_mac; $client_dnsname = $dnsname; - last; + last; - # delivery of registration msg failed + # delivery of registration msg failed } else { - # wait 1 sec until trying to register again + # wait 1 sec until trying to register again sleep(1); next; } - } # end of while - # one circle through all servers finished and no registration succeed - if ( $try_to_register >= @servers ) { + } # end of while + + if ( $try_to_register >= @servers ) { + # One circle through all servers finished and no registration succeed &write_to_file("gosa-si-no-server-available", $fai_logpath); - $kernel->delay_set('register_at_gosa_si_server', $delay_set_time); - - # delivery of registraion msg succeed, waiting for server response - } else { + } else { + # Delivery of registraion msg succeed, waiting for server response daemon_log("INFO: waiting for msg 'register_at_gosa_si_server'",5); - $kernel->delay_set('register_at_gosa_si_server', $delay_set_time); - # clear old settings and set it again + # Clear old settings and set it again $kernel->delay('trigger_new_key'); $kernel->delay_set('trigger_new_key', $server_key_lifetime); - } + } - } - return; + # Set waiting time for 'register_at_gosa_si_server'-event + $kernel->delay_set('register_at_gosa_si_server', $delay_set_time); + } + return; } @@ -819,7 +835,7 @@ sub trigger_seen_messages { # Select all files under /tmp with prefix 'goto_notify' my $goto_dir = "/tmp"; opendir(DIR, $goto_dir); - my @goto_files = grep { /^goto_notify_/ && -f "$goto_dir/$_" } readdir(DIR); + my @goto_files = grep { /.+\.goto_notify$/ && -f "$goto_dir/$_" } readdir(DIR); closedir DIR; # Check if file has 'seen' tag @@ -1062,17 +1078,15 @@ sub server_input { if( (!$msg) || (!$msg_hash) ) { daemon_log("WARNING: Deciphering of incoming msg failed", 3); if($server_address =~ /$remote_ip/) { - # got a msg from gosa-si-server which can not be decrypted, may the secrete not up-to-date + # Got a msg from gosa-si-server which can not be decrypted, the secrete is not up-to-date # cause a reregistering with a new secrete handshake - daemon_log("WARNING: Message from gosa-si-server could not be understood, cause reregistering at server", 3); - - # if client is alread in a registration process, that means not registered, do nothing - # if not, cause re-registration - if (not $REGISTERED) { - &daemon_log("WARNING: gosa-si-client is already in a registration process so ignore this message", 3); - } else { - $REGISTERED = 0; + daemon_log("ERROR: Message from gosa-si-server could not be understood, cause reregistering at server", 1); + if ($REGISTERED) { + daemon_log("INFO: Client has currently status registered so throw new registering event", 5); + &_setREGISTERED(0); $kernel->post('client_session', 'register_at_gosa_si_server'); + } else { + daemon_log("INFO: Client is currently within a registration process so wait for the next registration itteration", 5); } } $error++; @@ -1114,31 +1128,13 @@ sub post_processing_and_sending # Check gosa-si envelope validity my $answer_hash = &check_outgoing_xml_validity($answer); - if( $answer_hash ) - { - # Answer is valid - # Pre-sending - if( $answer =~ "
registered
") - { - # Set registered flag to true to stop sending further registered msgs - $REGISTERED = 1; - } - else - { - $answer =~ /
(\S+)<\/header>/; - &send_msg_to_target($answer, $server_address, $server_key, $1); - } - - # Post-sending - if( $answer =~ "
new_key
") - { - # Set new key to global variable - $answer =~ /(\S*?)<\/new_key>/; - my $new_key = $1; - $server_key = $new_key; - } - } - + # If answer is valid go ahead + if( not defined $answer_hash ) { return; } + + # Sending + $answer =~ /
(\S+)<\/header>/; + &send_msg_to_target($answer, $server_address, $server_key, $1); + return; } @@ -1259,7 +1255,6 @@ if (defined $server_ip && defined $server_port) { $xml = new XML::Simple(); $default_server_key = $server_key; - # add gosa-si-server address from config file at first position of server list my $server_check_cfg = Config::IniFiles->new( -file => $cfg_file ); my $server_check = (defined($server_check_cfg))?$server_check_cfg->val( "server", "ip"):undef; @@ -1284,10 +1279,10 @@ if( defined $server_check ) { } } if (0 == @tmp_servers) { - my $log_string = "no gosa-si-server found!"; - $log_string .= "\n\tdetermined domains out of /etc/resolv.conf: ".join(", ", @domain_list) if (@domain_list); - $log_string .= "\n\tdetermined server addresses in domains: ".join(", ",@$tmp_domains) if (defined($tmp_domains)); - daemon_log("ERROR: $log_string", 1) if (defined($log_string)); + my $log_string = "no gosa-si-server found in DNS for domain: ".join(", ", @domain_list) if (@domain_list); + my $log_string2 = "server addresses in domain: ".join(", ",@$tmp_domains) if (defined($tmp_domains)); + daemon_log("ERROR: $log_string", 1) if (defined($log_string)); + daemon_log("ERROR: $log_string2", 1) if (defined($log_string2)); daemon_log("ERROR: $error_string", 1) if (defined($error_string)); daemon_log("ERROR: please specify a gosa-si-server address or a domain in config file", 1); kill 2, $$; @@ -1311,13 +1306,13 @@ if( defined $server_check ) { # Open a new fifo for FAI messages to gosa-si-server if (-p $fai_com_fifo) { unlink $fai_com_fifo } -POSIX::mkfifo("$fai_com_fifo", "0600"); +POSIX::mkfifo("$fai_com_fifo", 0600); # Open a new fifo for system communication, if (-p $system_com_fifo) { unlink $system_com_fifo } if ($system_com eq "enabled") { - POSIX::mkfifo("$system_com_fifo", "0600"); + POSIX::mkfifo("$system_com_fifo", 0600); } POE::Session->create(