X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-si%2Fgosa-si-server;h=10a6d118545fd228de44eec18beb9d5e20fd220b;hb=0e2de0eb04845891d90f6bf127224ac5110dcf1c;hp=f909a06d0073226e5b36a86e75d856a0c22b9071;hpb=25bcefa5047144a7cc62673c63ee0cd2b0df235b;p=gosa.git diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server index f909a06d0..10a6d1185 100755 --- a/gosa-si/gosa-si-server +++ b/gosa-si/gosa-si-server @@ -39,14 +39,16 @@ use Data::Dumper; use Sys::Syslog qw( :DEFAULT setlogsock); use Cwd; use File::Spec; +use File::Basename; use GOSA::DBsqlite; +use GOSA::GosaSupportDaemon; use POE qw(Component::Server::TCP); my $modules_path = "/usr/lib/gosa-si/modules"; use lib "/usr/lib/gosa-si/modules"; my (%cfg_defaults, $foreground, $verbose, $ping_timeout); -my ($bus, $msg_to_bus, $bus_cipher); +my ($bus_activ, $bus, $msg_to_bus, $bus_cipher); my ($server, $server_mac_address); my ($gosa_server, $job_queue_timeout, $job_queue_table_name, $job_queue_file_name,$job_queue_loop_delay); my ($known_modules, $known_clients_file_name, $known_server_file_name); @@ -57,7 +59,7 @@ my ($xml); # variables declared in config file are always set to 'our' our (%cfg_defaults, $log_file, $pid_file, $server_ip, $server_port, $SIPackages_key, - $arp_activ, + $arp_activ, $gosa_unit_tag, $GosaPackages_key, $gosa_ip, $gosa_port, $gosa_timeout, ); @@ -81,29 +83,35 @@ $foreground = 0 ; $ping_timeout = 5; $no_bus = 0; +$bus_activ = "true"; $no_arp = 0; -# name of table for storing gosa jobs -our $job_queue_table_name = 'jobs'; +# holds all gosa jobs our $job_db; +our $job_queue_table_name = 'jobs'; # holds all other gosa-sd as well as the gosa-sd-bus our $known_server_db; # holds all registrated clients our $known_clients_db; +our $prg= basename($0); %cfg_defaults = ( "general" => { - "log-file" => [\$log_file, "/var/run/".$0.".log"], - "pid-file" => [\$pid_file, "/var/run/".$0.".pid"], + "log-file" => [\$log_file, "/var/run/".$prg.".log"], + "pid-file" => [\$pid_file, "/var/run/".$prg.".pid"], + }, +"bus" => { + "activ" => [\$bus_activ, "true"], }, "server" => { # "ip" => [\$server_ip, "0.0.0.0"], "port" => [\$server_port, "20081"], "known-clients" => [\$known_clients_file_name, '/var/lib/gosa-si/clients.db' ], "known-servers" => [\$known_server_file_name, '/var/lib/gosa-si/servers.db'], + "gosa-unit-tag" => [\$gosa_unit_tag, ""], }, "GOsaPackages" => { "ip" => [\$gosa_ip, "0.0.0.0"], @@ -126,14 +134,14 @@ our $known_clients_db; #=============================================================================== sub usage { print STDERR << "EOF" ; -usage: $0 [-hvf] [-c config] +usage: $prg [-hvf] [-c config] -h : this (help) message -c : config file -f : foreground, process will not be forked to background -v : be verbose (multiple to increase verbosity) - -no-bus : starts $0 without connection to bus - -no-arp : starts $0 without connection to arp module + -no-bus : starts $prg without connection to bus + -no-arp : starts $prg without connection to arp module EOF print "\n" ; @@ -195,8 +203,7 @@ sub daemon_log { $month = $monthnames[$month]; $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; $year+=1900; - my $name = $0; - $name =~ s/\.\///; + my $name = $prg; my $log_msg = "$month $monthday $hours:$minutes:$seconds $name $msg\n"; print LOG_HANDLE $log_msg; @@ -218,21 +225,6 @@ sub daemon_log { } -sub get_time { - my ($seconds, $minutes, $hours, $monthday, $month, - $year, $weekday, $yearday, $sommertime) = localtime(time); - $hours = $hours < 10 ? $hours = "0".$hours : $hours; - $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes; - $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds; - $month+=1; - $month = $month < 10 ? $month = "0".$month : $month; - $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; - $year+=1900; - return "$year$month$monthday$hours$minutes$seconds"; - -} - - #=== FUNCTION ================================================================ # NAME: check_cmdline_param # PARAMETERS: nothing @@ -370,54 +362,112 @@ $SIG{INT} = \&sig_int_handler; sub check_key_and_xml_validity { my ($crypted_msg, $module_key) = @_; -#print STDERR "crypted_msg:$crypted_msg\n"; -#print STDERR "modul_key:$module_key\n"; - my $msg; my $msg_hash; + my $error_string; eval{ $msg = &decrypt_msg($crypted_msg, $module_key); - &main::daemon_log("decrypted_msg: \n$msg", 8); + if ($msg =~ //i){ + &main::daemon_log("decrypted_msg: \n$msg", 8); + $msg_hash = $xml->XMLin($msg, ForceArray=>1); + + ############## + # check header + if( not exists $msg_hash->{'header'} ) { die "no header specified"; } + my $header_l = $msg_hash->{'header'}; + if( 1 > @{$header_l} ) { die 'empty header tag'; } + if( 1 < @{$header_l} ) { die 'more than one header specified'; } + my $header = @{$header_l}[0]; + if( 0 == length $header) { die 'empty string in header tag'; } + + ############## + # check source + if( not exists $msg_hash->{'source'} ) { die "no source specified"; } + my $source_l = $msg_hash->{'source'}; + if( 1 > @{$source_l} ) { die 'empty source tag'; } + if( 1 < @{$source_l} ) { die 'more than one source specified'; } + my $source = @{$source_l}[0]; + if( 0 == length $source) { die 'source error'; } + + ############## + # check target + if( not exists $msg_hash->{'target'} ) { die "no target specified"; } + my $target_l = $msg_hash->{'target'}; + if( 1 > @{$target_l} ) { die 'empty target tag'; } + } + }; + if($@) { + &main::daemon_log("WARNING: do not understand the message", 5); + &main::daemon_log("$@", 8); + $msg = undef; + $msg_hash = undef; + } + + return ($msg, $msg_hash); +} + + +sub check_outgoing_xml_validity { + my ($msg) = @_; + + my $msg_hash; + eval{ $msg_hash = $xml->XMLin($msg, ForceArray=>1); + ############## # check header my $header_l = $msg_hash->{'header'}; if( 1 != @{$header_l} ) { - die'header error'; + die 'no or more than one headers specified'; } my $header = @{$header_l}[0]; if( 0 == length $header) { - die 'header error'; + die 'header has length 0'; } + ############## # check source my $source_l = $msg_hash->{'source'}; if( 1 != @{$source_l} ) { - die'source error'; + die 'no or more than 1 sources specified'; } my $source = @{$source_l}[0]; if( 0 == length $source) { - die 'source error'; + die 'source has length 0'; } - - # check target + unless( $source =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ || + $source =~ /^GOSA$/i ) { + die "source '$source' is neither a complete ip-address with port nor 'GOSA'"; + } + + ############## + # check target my $target_l = $msg_hash->{'target'}; - if( 1 != @{$target_l} ) { - die'target error'; + if( 0 == @{$target_l} ) { + die "no targets specified"; } - my $target = @{$target_l}[0]; - if( 0 == length $target) { - die 'target error'; + foreach my $target (@$target_l) { + if( 0 == length $target) { + die "target has length 0"; + } + unless( $target =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ || + $target =~ /^GOSA$/i || + $target =~ /^\*$/ || + $target =~ /KNOWN_SERVER/i || + $target =~ /JOBDB/i || + $target =~ /^([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})$/i ){ + die "target '$target' is not a complete ip-address with port or a valid target name or a mac-address"; + } } - }; if($@) { - &main::daemon_log("WARNING: do not understand the message", 5); - &main::daemon_log("$@", 8); + daemon_log("WARNING: outgoing msg is not gosa-si envelope conform", 5); + daemon_log("$@ ".(defined($msg) && length($msg)>0)?$msg:"Empty Message", 8); + $msg_hash = undef; } - return ($msg, $msg_hash); + return ($msg_hash); } @@ -501,18 +551,18 @@ sub input_from_unknown_host { no strict "refs"; my ($input) = @_ ; my ($msg, $msg_hash, $module); + my $error_string; my %act_modules = %$known_modules; while( my ($mod, $info) = each(%act_modules)) { - # check a key exists for this module - - -print STDERR "SIPackages_key:$SIPackages_key\n"; - + # check a key exists for this module my $module_key = ${$mod."_key"}; - if( ! $module_key ) { + if( not defined $module_key ) { + if( $mod eq 'ArpHandler' ) { + next; + } daemon_log("ERROR: no key specified in config file for $mod", 1); next; } @@ -520,8 +570,7 @@ print STDERR "SIPackages_key:$SIPackages_key\n"; # check if module can open msg envelope with module key ($msg, $msg_hash) = &check_key_and_xml_validity($input, $module_key); - if( (!$msg) || (!$msg_hash) ) { - #daemon_log("$mod: deciphering failed", 5); + if( (not defined $msg) || (not defined $msg_hash) ) { next; } else { @@ -537,6 +586,7 @@ print STDERR "SIPackages_key:$SIPackages_key\n"; return ($msg, $msg_hash, $module); } + sub create_ciphering { my ($passwd) = @_; if((!defined($passwd)) || length($passwd)==0) { @@ -566,6 +616,7 @@ sub encrypt_msg { sub decrypt_msg { + my ($msg, $key) = @_ ; $msg = &decode_base64($msg); my $my_cipher = &create_ciphering($key); @@ -581,7 +632,7 @@ sub get_encrypt_key { my $error = 0; # target can be in known_server - if( !$encrypt_key ) { + if( not defined $encrypt_key ) { my $sql_statement= "SELECT * FROM known_server WHERE hostname='$target'"; my $query_res = $known_server_db->select_dbentry( $sql_statement ); while( my ($hit_num, $hit) = each %{ $query_res } ) { @@ -593,10 +644,9 @@ sub get_encrypt_key { last; } } - # target can be in known_client - if( !$encrypt_key ) { + if( not defined $encrypt_key ) { my $sql_statement= "SELECT * FROM known_clients WHERE hostname='$target'"; my $query_res = $known_clients_db->select_dbentry( $sql_statement ); while( my ($hit_num, $hit) = each %{ $query_res } ) { @@ -786,7 +836,7 @@ sub send_msg_to_target { $act_status = $res->{1}->{'status'}; if( $act_status eq "down" ) { $sql_statement = "DELETE FROM known_server WHERE hostname='$address'"; - $res = $known_clients_db->del_dbentry($sql_statement); + $res = $known_server_db->del_dbentry($sql_statement); daemon_log("WARNING: failed 2x to a send msg to host '$address', delete host from known_server", 3); } else { @@ -813,7 +863,8 @@ sub _start { sub client_input { no strict "refs"; - my ($heap,$input,$wheel) = @_[HEAP, ARG0, ARG1]; + my ($kernel, $session, $heap,$input,$wheel) = @_[KERNEL, SESSION, HEAP, ARG0, ARG1]; + my $session_id = $session->ID; my ($msg, $msg_hash, $module); my $error = 0; my $answer_l; @@ -821,21 +872,20 @@ sub client_input { my $client_answer; daemon_log("Incoming msg from '".$heap->{'remote_ip'}."'", 7); - daemon_log("\n$input", 8); + daemon_log("message:\n$input", 8); + #################### + # check incoming msg # msg is from a new client or gosa ($msg, $msg_hash, $module) = &input_from_unknown_host($input); - # msg is from a gosa-si-server or gosa-si-bus if(( !$msg ) || ( !$msg_hash ) || ( !$module )){ ($msg, $msg_hash, $module) = &input_from_known_server($input, $heap->{'remote_ip'}); } - # msg is from a gosa-si-client if(( !$msg ) || ( !$msg_hash ) || ( !$module )){ ($msg, $msg_hash, $module) = &input_from_known_client($input, $heap->{'remote_ip'}); } - # an error occurred if(( !$msg ) || ( !$msg_hash ) || ( !$module )){ $error++; @@ -845,7 +895,7 @@ sub client_input { # process incoming msg if( $error == 0) { daemon_log("Processing module ".$module, 5); - $answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash, $heap->{'remote_ip'}); + $answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash, $session_id); if ( 0 > @{$answer_l} ) { my $answer_str = join("\n", @{$answer_l}); @@ -858,39 +908,23 @@ sub client_input { # answer if( $error == 0 ) { - # for each answer in answer list foreach my $answer ( @{$answer_l} ) { - - my $error = 0; - # check answer if gosa-si envelope conform - if(defined($answer)) { - my $answer_hash = $xml->XMLin($answer, ForceArray=>1); - $answer_header = @{$answer_hash->{'header'}}[0]; - @answer_target_l = @{$answer_hash->{'target'}}; - $answer_source = @{$answer_hash->{'source'}}[0]; - if( !$answer_header ) { - daemon_log('ERROR: module answer is not gosa-si envelope conform: no header', 1); - daemon_log("\n$answer", 8); - $error++; - } - if( 0 == length @answer_target_l ) { - daemon_log('ERROR: module answer is not gosa-si envelope conform: no targets', 1); - daemon_log("\n$answer", 8); - $error++; - } - if( !$answer_source ) { - daemon_log('ERROR: module answer is not gosa-si envelope conform: no source', 1); - daemon_log("\n$answer", 8); - $error++; - } - - if( $error != 0 ) { - next; - } - } + # for each answer in answer list + + # check outgoing msg to xml validity + my $answer_hash = &check_outgoing_xml_validity($answer); + if( not defined $answer_hash ) { + next; + } + + $answer_header = @{$answer_hash->{'header'}}[0]; + @answer_target_l = @{$answer_hash->{'target'}}; + $answer_source = @{$answer_hash->{'source'}}[0]; # deliver msg to all targets foreach my $answer_target ( @answer_target_l ) { + + # targets of msg are all gosa-si-clients in known_clients_db if( $answer_target eq "*" ) { # answer is for all clients my $sql_statement= "SELECT * FROM known_clients"; @@ -899,13 +933,10 @@ sub client_input { my $host_name = $hit->{hostname}; my $host_key = $hit->{hostkey}; &send_msg_to_target($answer, $host_name, $host_key, $answer_header); - } - } - elsif( $answer_target eq "GOSA" ) { - # answer is for GOSA and has to returned to connected client - my $gosa_answer = &encrypt_msg($answer, $GosaPackages_key); - $client_answer = $gosa_answer; + } } + + # targets of msg are all gosa-si-server in known_server_db elsif( $answer_target eq "KNOWN_SERVER" ) { # answer is for all server in known_server my $sql_statement= "SELECT * FROM known_server"; @@ -917,6 +948,29 @@ sub client_input { &send_msg_to_target($answer, $host_name, $host_key, $answer_header); } } + + # target of msg is GOsa + elsif( $answer_target eq "GOSA" ) { + $answer =~ /(\d+)<\/session_id>/; + my $session_id = $1; + my $add_on = ""; + if( defined $session_id ) { + $add_on = ".session_id=$session_id"; + } + # answer is for GOSA and has to returned to connected client + my $gosa_answer = &encrypt_msg($answer, $GosaPackages_key); + $client_answer = $gosa_answer.$add_on; + } + + # target of msg is job queue at this host + elsif( $answer_target eq "JOBDB") { + $answer =~ /
(\S+)<\/header>/; + my $header; + if( defined $1 ) { $header = $1; } + &send_msg_to_target($answer, $server_address, $GosaPackages_key, $header); + } + + # target of msg is a mac address elsif( $answer_target =~ /^([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})$/i ) { daemon_log("target is mac address '$answer_target', looking for host in known_clients", 3); my $sql_statement = "SELECT * FROM known_clients WHERE macaddress='$answer_target'"; @@ -931,29 +985,43 @@ sub client_input { $found_ip_flag++ ; } if( $found_ip_flag == 0) { - daemon_log("WARNING: no host found in known_clients with mac address '$answer_target', forward msg to bus", 1); - my $sql_statement = "SELECT * FROM known_server WHERE hostname='$bus_address'"; - my $query_res = $known_server_db->select_dbentry( $sql_statement ); - while( my ($hit_num, $hit) = each %{ $query_res } ) { - my $bus_address = $hit->{hostname}; - my $bus_key = $hit->{hostkey}; - &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header); - last; + daemon_log("WARNING: no host found in known_clients with mac address '$answer_target'", 3); + if( $bus_activ eq "true" ) { + daemon_log("INFO: try to forward msg '$answer_header' to bus '$bus_address'", 5); + my $sql_statement = "SELECT * FROM known_server WHERE hostname='$bus_address'"; + my $query_res = $known_server_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $bus_address = $hit->{hostname}; + my $bus_key = $hit->{hostkey}; + &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header); + last; + } } } - } - else { - # answer is for one specific host + + # answer is for one specific host + } else { # get encrypt_key my $encrypt_key = &get_encrypt_key($answer_target); - if( !$encrypt_key ) { + if( not defined $encrypt_key ) { # unknown target, forward msg to bus - daemon_log("WARNING: unknown target '$answer_target', forward msg to bus", 3); - my $sql_statement = "SELECT * FROM known_server WHERE hostname='$bus_address'"; - my $query_res = $known_server_db->select_dbentry( $sql_statement ); - my $bus_key = $query_res->{1}->{hostkey}; - &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header); + daemon_log("WARNING: unknown target '$answer_target'", 3); + if( $bus_activ eq "true" ) { + daemon_log("INFO: try to forward msg '$answer_header' to bus '$bus_address'", 5); + my $sql_statement = "SELECT * FROM known_server WHERE hostname='$bus_address'"; + my $query_res = $known_server_db->select_dbentry( $sql_statement ); + my $res_length = keys( %{$query_res} ); + if( $res_length == 0 ){ + daemon_log("WARNING: send '$answer_header' to '$bus_address' failed, no bus found in known_server", 3); + } + else { + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $bus_key = $hit->{hostkey}; + &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header); + } + } + } next; } # send_msg @@ -964,6 +1032,13 @@ sub client_input { } if( $client_answer ) { + if( $client_answer =~ s/session_id=(\d+)$// ) { + my $session_id = $1; + if( defined $session_id ) { + my $session_reference = $kernel->ID_id_to_session($session_id); + $heap = $session_reference->get_heap(); + } + } $heap->{client}->put($client_answer); } @@ -984,26 +1059,23 @@ sub watch_for_new_jobs { # check gosa job queue for jobs with executable timestamp my $timestamp = &get_time(); - my $sql_statement = "SELECT * FROM ".$job_queue_table_name. " WHERE status='waiting' AND timestamp<'$timestamp'"; - my $res = $job_db->select_dbentry( $sql_statement ); while( my ($id, $hit) = each %{$res} ) { - my $jobdb_id = $hit->{id}; - my $macaddress = $hit->{macaddress}; - my $job_msg_hash = &transform_msg2hash($hit->{xmlmessage}); - my $out_msg_hash = $job_msg_hash; + my $macaddress = $hit->{'macaddress'}; + my $job_msg = $hit->{'xmlmessage'}; + my $header = $hit->{'headertag'}; my $sql_statement = "SELECT * FROM known_clients WHERE macaddress='$macaddress'"; my $res_hash = $known_clients_db->select_dbentry( $sql_statement ); # expect macaddress is unique!!!!!! my $target = $res_hash->{1}->{hostname}; if (not defined $target) { - &daemon_log("ERROR: no host found for mac address: $job_msg_hash->{mac}[0]", 1); - &daemon_log("xml message: $hit->{xmlmessage}", 5); + &daemon_log("ERROR: no host found for mac address: $macaddress", 1); + &daemon_log("$hit->{xmlmessage}", 8); my $sql_statement = "UPDATE $job_queue_table_name ". "SET status='error', result='no host found for mac address' ". "WHERE id='$jobdb_id'"; @@ -1011,37 +1083,29 @@ sub watch_for_new_jobs { next; } - # add target - &add_content2xml_hash($out_msg_hash, "target", $target); - - # add new header - my $out_header = $job_msg_hash->{header}[0]; - $out_header =~ s/job_/gosa_/; - delete $out_msg_hash->{header}; - &add_content2xml_hash($out_msg_hash, "header", $out_header); + # change header + $job_msg =~ s/
job_/
gosa_/; # add sqlite_id - &add_content2xml_hash($out_msg_hash, "jobdb_id", $jobdb_id); + $job_msg =~ s/<\/xml>$/$jobdb_id<\/jobdb_id><\/xml>/; - my $out_msg = &create_xml_string($out_msg_hash); - # encrypt msg as a GosaPackage module - my $cipher = &create_ciphering($GosaPackages_key); - my $crypted_out_msg = &encrypt_msg($out_msg, $cipher); +print STDERR "=======================================================\n$job_msg\n"; - my $error = &send_msg_hash2address($out_msg_hash, "$gosa_ip:$gosa_port", $GosaPackages_key); + &send_msg_to_target($job_msg, $server_address, $GosaPackages_key, $header); - if ($error == 0) { - my $sql_statement = "UPDATE $job_queue_table_name ". - "SET status='processing', targettag='$target' ". - "WHERE id='$jobdb_id'"; - my $res = $job_db->update_dbentry($sql_statement); - } else { - my $sql_statement = "UPDATE $job_queue_table_name ". - "SET status='error' ". - "WHERE id='$jobdb_id'"; - my $res = $job_db->update_dbentry($sql_statement); - } +# my $error = 1; +# if ($error == 0) { +# my $sql_statement = "UPDATE $job_queue_table_name ". +# "SET status='done', targettag='$target' ". +# "WHERE id='$jobdb_id'"; +# my $res = $job_db->update_dbentry($sql_statement); +# } else { +# my $sql_statement = "UPDATE $job_queue_table_name ". +# "SET status='error' ". +# "WHERE id='$jobdb_id'"; +# my $res = $job_db->update_dbentry($sql_statement); +# } } $kernel->delay_set('watch_for_new_jobs',3); @@ -1095,8 +1159,14 @@ if( 0 != $pid ) { daemon_log(" ", 1); daemon_log("$0 started!", 1); +if ($no_bus > 0) { + $bus_activ = "false" +} + + + # delete old DBsqlite lock files -unlink('/tmp/gosa_si_lock*'); +#unlink('/tmp/gosa_si_lock*'); # connect to gosa-si job queue my @job_col_names = ("id INTEGER", "timestamp", "status", "result", "headertag", "targettag", "xmlmessage", "macaddress");