X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-si%2Fgosa-si-client;h=9b0374de264db0b450c8f716dd700f741b50a421;hb=9d96c80900bc2d8f751662ae4272b419ec612fa0;hp=454b1b765996b4ee94a73cdd8e317d7b1b17d6dc;hpb=ac462d5f8ff5d90e8d00e17b1238f2f2eb04c4e7;p=gosa.git diff --git a/gosa-si/gosa-si-client b/gosa-si/gosa-si-client index 454b1b765..9b0374de2 100755 --- a/gosa-si/gosa-si-client +++ b/gosa-si/gosa-si-client @@ -35,6 +35,7 @@ use Digest::MD5 qw(md5_hex md5 md5_base64); use MIME::Base64; use XML::Simple; use Net::DNS; +use File::Basename; my $event_dir = "/usr/lib/gosa-si/client/events"; use lib "/usr/lib/gosa-si/client/events"; @@ -61,12 +62,13 @@ our $REGISTERED = 0; # in function register_at_gosa_si_server, after which period of seconds a new registration should be tried if a registration was # not successful until now my $delay_set_time = 5; +our $prg= basename($0); %cfg_defaults = ( "general" => - {"log-file" => [\$log_file, "/var/run/".$0.".log"], - "pid-file" => [\$pid_file, "/var/run/".$0.".pid"], - "opts-file" => [\$opts_file, "/var/run/".$0.".opts"], + {"log-file" => [\$log_file, "/var/run/".$prg.".log"], + "pid-file" => [\$pid_file, "/var/run/".$prg.".pid"], + "opts-file" => [\$opts_file, "/var/run/".$prg.".opts"], }, "client" => {"port" => [\$client_port, "20083"], @@ -222,10 +224,8 @@ sub daemon_log { $month = $monthnames[$month]; $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; $year+=1900; - my $name = $0; - $name =~ s/\.\///; - my $log_msg = "$month $monthday $hours:$minutes:$seconds $name $msg\n"; + my $log_msg = "$month $monthday $hours:$minutes:$seconds $prg $msg\n"; print LOG_HANDLE $log_msg; if( $foreground ) { print STDERR $log_msg; @@ -809,11 +809,11 @@ sub write_to_file { my $error = 0; if( not defined $file || not -f $file ) { - &main::daemon_log("ERROR: $0: check '-f file' failed: $file", 1); + &main::daemon_log("ERROR: $prg: check '-f file' failed: $file", 1); $error++; } if( not defined $string || 0 == length($string)) { - &main::daemon_log("ERROR: $0: empty string to write to file '$file'", 1); + &main::daemon_log("ERROR: $prg: empty string to write to file '$file'", 1); $error++; } @@ -913,10 +913,13 @@ sub register_at_gosa_si_server { unlink($opts_file); } my $opts_file_FH; + my $hostname= $dnsname; + $hostname =~ s/\..*$//; open($opts_file_FH, ">$opts_file"); print $opts_file_FH "MAC=\"$local_mac\"\n"; print $opts_file_FH "IPADDRESS=\"$client_ip\"\n"; - print $opts_file_FH "HOSTNAME=\"$dnsname\"\n"; + print $opts_file_FH "HOSTNAME=\"$hostname\"\n"; + print $opts_file_FH "FQDN=\"$dnsname\"\n"; close($opts_file_FH); last; } else { @@ -955,6 +958,7 @@ sub check_key_and_xml_validity { $msg_hash = $xml->XMLin($msg, ForceArray=>1); + ############## # check header my $header_l = $msg_hash->{'header'}; if( 1 != @{$header_l} ) { @@ -965,36 +969,102 @@ sub check_key_and_xml_validity { die 'header has length 0'; } + ############## # check source my $source_l = $msg_hash->{'source'}; if( 1 != @{$source_l} ) { - die 'no or more sources specified'; + die 'no or more than 1 sources specified'; } my $source = @{$source_l}[0]; if( 0 == length $source) { die 'source has length 0'; } - - # check target + unless( $source =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ ) { + die "source '$source' is neither a complete ip-address with port nor 'GOSA'"; + } + + ############## + # check target my $target_l = $msg_hash->{'target'}; if( 1 != @{$target_l} ) { - die 'no or more targets specified '; + die 'no or more than 1 targets specified '; } my $target = @{$target_l}[0]; if( 0 == length $target) { die 'target has length 0 '; } - + unless( $target =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ ){ + die "source is neither a complete ip-address with port nor 'GOSA'"; + } }; if($@) { &main::daemon_log("WARNING: do not understand the message or msg is not gosa-si envelope conform:", 5); &main::daemon_log("$@", 8); + $msg = undef; + $msg_hash = undef; } return ($msg, $msg_hash); } +sub check_outgoing_xml_validity { + my ($msg) = @_; + + my $msg_hash; + eval{ + $msg_hash = $xml->XMLin($msg, ForceArray=>1); + + ############## + # check header + my $header_l = $msg_hash->{'header'}; + if( 1 != @{$header_l} ) { + die 'no or more than one headers specified'; + } + my $header = @{$header_l}[0]; + if( 0 == length $header) { + die 'header has length 0'; + } + + ############## + # check source + my $source_l = $msg_hash->{'source'}; + if( 1 != @{$source_l} ) { + die 'no or more than 1 sources specified'; + } + my $source = @{$source_l}[0]; + if( 0 == length $source) { + die 'source has length 0'; + } + unless( $source =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ || + $source =~ /^GOSA$/i ) { + die "source '$source' is neither a complete ip-address with port"; + } + + ############## + # check target + my $target_l = $msg_hash->{'target'}; + if( 1 != @{$target_l} ) { + die "no or more than one targets specified"; + } + foreach my $target (@$target_l) { + if( 0 == length $target) { + die "target has length 0"; + } + unless( $target =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ ) { + die "target '$target' is not a complete ip-address with port or a valid target name"; + } + } + }; + if($@) { + daemon_log("WARNING: outgoing msg is not gosa-si envelope conform", 5); + daemon_log("$@ $msg", 8); + $msg_hash = undef; + } + return ($msg_hash); +} + + sub import_events { if (not -e $event_dir) { @@ -1074,21 +1144,31 @@ sub server_input { ######## # answer if( $answer ) { - # preprocessing - if( $answer =~ "
registered
") { - # set registered flag to true to stop sending further registered msgs - $REGISTERED = 1; - } - else { - &send_msg_to_target($answer, $server_address, $server_key); - } - # postprocessing - if( $answer =~ "
new_key
") { - # set new key to global variable - $answer =~ /(\S*?)<\/new_key>/; - my $new_key = $1; - $server_key = $new_key; + + #check gosa-si envelope validity + my $answer_hash = &check_outgoing_xml_validity($answer); + + if( $answer_hash ) { + # answer is valid + + # preprocessing + if( $answer =~ "
registered
") { + # set registered flag to true to stop sending further registered msgs + $REGISTERED = 1; + } + else { + &send_msg_to_target($answer, $server_address, $server_key); + } + + # postprocessing + if( $answer =~ "
new_key
") { + # set new key to global variable + $answer =~ /(\S*?)<\/new_key>/; + my $new_key = $1; + $server_key = $new_key; + } } + } return; @@ -1138,7 +1218,7 @@ if( 0 != $pid ) { } daemon_log(" ", 1); -daemon_log("$0 started!", 1); +daemon_log("$prg started!", 1); # delete old DBsqlite lock files system('rm -f /tmp/gosa_si_lock*gosa-si-client*');