X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-si%2Fgosa-si-server;h=3dbb629bb0194f490551ba614c21797a03a57c1c;hb=54fa8908ca0eb97e5437371c5f33d1b58524889d;hp=096637417cbe0fdcff0b7a6889a0a89dd060932e;hpb=e38d4123a43ac0f63d6b101f8f8e71b083110491;p=gosa.git diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server index 096637417..3dbb629bb 100755 --- a/gosa-si/gosa-si-server +++ b/gosa-si/gosa-si-server @@ -8,7 +8,9 @@ # DESCRIPTION: # # OPTIONS: --- -# REQUIREMENTS: libconfig-inifiles-perl libcrypt-rijndael-perl libxml-simple-perl libipc-shareable-perl libdata-dumper-simple-perl +# REQUIREMENTS: libconfig-inifiles-perl libcrypt-rijndael-perl libxml-simple-perl +# libdata-dumper-simple-perl libdbd-sqlite3-perl libnet-ldap-perl +# libpoe-perl # BUGS: --- # NOTES: # AUTHOR: (Andreas Rettenberger), @@ -18,16 +20,17 @@ # REVISION: --- #=============================================================================== - use strict; use warnings; use Getopt::Long; use Config::IniFiles; use POSIX; -use Time::HiRes qw( gettimeofday ); use Fcntl; use IO::Socket::INET; +use IO::Handle; +use IO::Select; +use Symbol qw(qualify_to_ref); use Crypt::Rijndael; use MIME::Base64; use Digest::MD5 qw(md5 md5_hex md5_base64); @@ -36,35 +39,40 @@ use Data::Dumper; use Sys::Syslog qw( :DEFAULT setlogsock); use Cwd; use File::Spec; -use IPC::Shareable qw( :lock); -IPC::Shareable->clean_up_all; +use GOSA::DBsqlite; +use POE qw(Component::Server::TCP); -use lib "/etc/gosad/modules"; -my $modules_path = "/etc/gosad/modules"; +my $modules_path = "/usr/lib/gosa-si/modules"; +use lib "/usr/lib/gosa-si/modules"; -my ($cfg_file, %cfg_defaults, $foreground, $verbose, $ping_timeout, $no_bus); +my (%cfg_defaults, $foreground, $verbose, $ping_timeout); my ($bus, $msg_to_bus, $bus_cipher); my ($server, $server_mac_address, $server_events); -my ($gosa_server); -my ($known_daemons, $shmda, $known_clients, $shmcl, $known_modules); +my ($gosa_server, $job_queue_timeout, $job_queue_table_name, $job_queue_file_name,$job_queue_loop_delay); +my ($known_modules, $known_clients_file_name, $known_server_file_name); my ($max_clients); my ($pid_file, $procid, $pid, $log_file); my (%free_child, %busy_child, $child_max, $child_min, %child_alive_time, $child_timeout); -my ($arp_activ, $arp_fifo, $arp_fifo_path, $no_arp); +my ($arp_activ, $arp_fifo, $arp_fifo_path); +my ($xml); # variables declared in config file are always set to 'our' our (%cfg_defaults, $log_file, $pid_file, - $bus_activ, $bus_passwd, $bus_ip, $bus_port, - $server_activ, $server_ip, $server_port, $server_passwd, $max_clients, + $bus_activ, $bus_key, $bus_ip, $bus_port, + $server_activ, $server_ip, $server_port, $SIPackages_key, $max_clients, $arp_activ, $arp_fifo_path, - $gosa_activ, $gosa_passwd, $gosa_ip, $gosa_port, $gosa_timeout, + $gosa_activ, $GosaPackages_key, $gosa_ip, $gosa_port, $gosa_timeout, ); # additional variable which should be globaly accessable -our $xml; our $server_address; our $bus_address; our $gosa_address; +our $no_bus; +our $no_arp; +our $verbose; +our $forground; +our $cfg_file; # specifies the verbosity of the daemon_log $verbose = 0 ; @@ -79,21 +87,15 @@ $no_bus = 0; $no_arp = 0; +# name of table for storing gosa jobs +our $job_queue_table_name = 'jobs'; +our $job_db; + # holds all other gosa-sd as well as the gosa-sd-bus -our $known_daemons = {}; -our $shmda = tie($known_daemons, 'IPC::Shareable', undef, {create => 1, - exclusive => 1, - mode => 0666, - destroy => 1, - }); -# holds all registrated clients -our $known_clients = {}; -our $shmcl = tie($known_clients, 'IPC::Shareable', undef, {create => 1, - exclusive => 1, - mode => 0666, - destroy => 1, - }); +our $known_server_db; +# holds all registrated clients +our $known_clients_db; %cfg_defaults = ("general" => @@ -102,18 +104,23 @@ our $shmcl = tie($known_clients, 'IPC::Shareable', undef, {create => 1, "child_max" => [\$child_max, 10], "child_min" => [\$child_min, 3], "child_timeout" => [\$child_timeout, 180], + "job_queue_timeout" => [\$job_queue_timeout, undef], + "job_queue_file_name" => [\$job_queue_file_name, '/var/lib/gosa-si/gosa-si-server_jobs.db'], + "job_queue_loop_delay" => [\$job_queue_loop_delay, 3], + "known_clients_file_name" => [\$known_clients_file_name, '/var/lib/gosa-si/gosa-si-server_known_clients.db' ], + "known_server_file_name" => [\$known_server_file_name, '/var/lib/gosa-si/gosa-si-server_known_server.db'], }, "bus" => {"bus_activ" => [\$bus_activ, "on"], - "bus_passwd" => [\$bus_passwd, ""], - "bus_ip" => [\$bus_ip, ""], + "bus_passwd" => [\$bus_key, ""], + "bus_ip" => [\$bus_ip, "0.0.0.0"], "bus_port" => [\$bus_port, "20080"], }, "server" => {"server_activ" => [\$server_activ, "on"], - "server_ip" => [\$server_ip, ""], + "server_ip" => [\$server_ip, "0.0.0.0"], "server_port" => [\$server_port, "20081"], - "server_passwd" => [\$server_passwd, ""], + "SIPackages_key" => [\$SIPackages_key, "none"], "max_clients" => [\$max_clients, 100], }, "arp" => @@ -122,9 +129,9 @@ our $shmcl = tie($known_clients, 'IPC::Shareable', undef, {create => 1, }, "gosa" => {"gosa_activ" => [\$gosa_activ, "on"], - "gosa_ip" => [\$gosa_ip, ""], + "gosa_ip" => [\$gosa_ip, "0.0.0.0"], "gosa_port" => [\$gosa_port, "20082"], - "gosa_passwd" => [\$gosa_passwd, "none"], + "GosaPackages_key" => [\$GosaPackages_key, "none"], }, ); @@ -143,6 +150,9 @@ usage: $0 [-hvf] [-c config] -c : config file -f : foreground, process will not be forked to background -v : be verbose (multiple to increase verbosity) + -no-bus : starts $0 without connection to bus + -no-arp : starts $0 without connection to arp module + EOF print "\n" ; } @@ -160,7 +170,7 @@ sub read_configfile { if( -r $cfg_file ) { $cfg = Config::IniFiles->new( -file => $cfg_file ); } else { - print STDERR "Couldn't read config file!"; + print STDERR "Couldn't read config file!\n"; } } else { $cfg = Config::IniFiles->new() ; @@ -183,7 +193,7 @@ sub read_configfile { # DESCRIPTION: function for logging #=============================================================================== sub daemon_log { -# log into log_file + # log into log_file my( $msg, $level ) = @_; if(not defined $msg) { return } if(not defined $level) { $level = 1 } @@ -194,11 +204,26 @@ sub daemon_log { return } chomp($msg); if($level <= $verbose){ - print LOG_HANDLE "$level $msg\n"; - if(defined $foreground) { print $msg."\n" } + my ($seconds, $minutes, $hours, $monthday, $month, + $year, $weekday, $yearday, $sommertime) = localtime(time); + $hours = $hours < 10 ? $hours = "0".$hours : $hours; + $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes; + $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds; + my @monthnames = ("Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"); + $month = $monthnames[$month]; + $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; + $year+=1900; + my $name = $0; + $name =~ s/\.\///; + + my $log_msg = "$month $monthday $hours:$minutes:$seconds $name $msg\n"; + print LOG_HANDLE $log_msg; + if( $foreground ) { + print STDERR $log_msg; + } } + close( LOG_HANDLE ); } - close( LOG_HANDLE ); #log into syslog # my ($msg, $level, $facility) = @_; # if(not defined $msg) {return} @@ -211,6 +236,21 @@ sub daemon_log { } +sub get_time { + my ($seconds, $minutes, $hours, $monthday, $month, + $year, $weekday, $yearday, $sommertime) = localtime(time); + $hours = $hours < 10 ? $hours = "0".$hours : $hours; + $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes; + $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds; + $month+=1; + $month = $month < 10 ? $month = "0".$month : $month; + $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; + $year+=1900; + return "$year$month$monthday$hours$minutes$seconds"; + +} + + #=== FUNCTION ================================================================ # NAME: check_cmdline_param # PARAMETERS: nothing @@ -220,13 +260,12 @@ sub daemon_log { sub check_cmdline_param () { my $err_config; my $err_counter = 0; - if( not defined( $cfg_file)) { - #$err_config = "please specify a config file"; - #$err_counter += 1; - my $cwd = getcwd; - my $name = "/etc/gosa/gosa-si-server.conf"; - $cfg_file = File::Spec->catfile( $cwd, $name ); - print STDERR "no conf file specified\n try to use default: $cfg_file\n"; + if(not defined($cfg_file)) { + $cfg_file = "/etc/gosa-si/server.conf"; + if(! -r $cfg_file) { + $err_config = "please specify a config file"; + $err_counter += 1; + } } if( $err_counter > 0 ) { &usage( "", 1 ); @@ -285,39 +324,13 @@ sub check_pid { } } - -#=== FUNCTION ================================================================ -# NAME: get_ip_and_mac -# PARAMETERS: nothing -# RETURNS: (ip, mac) -# DESCRIPTION: executes /sbin/ifconfig and parses the output, the first occurence -# of a inet address is returned as well as the mac address in the line -# above the inet address -#=============================================================================== -sub get_ip_and_mac { - my $ip = "0.0.0.0.0"; # Defualt-IP - my $mac = "00:00:00:00:00:00"; # Default-MAC - my @ifconfig = qx(/sbin/ifconfig); - foreach(@ifconfig) { - if (/Hardware Adresse (\S{2}):(\S{2}):(\S{2}):(\S{2}):(\S{2}):(\S{2})/) { - $mac = "$1:$2:$3:$4:$5:$6"; - next; - } - if (/inet Adresse:(\d+).(\d+).(\d+).(\d+)/) { - $ip = "$1.$2.$3.$4"; - last; - } - } - return ($ip, $mac); -} - - - #=== FUNCTION ================================================================ # NAME: import_modules -# PARAMETERS: module_path - string - abs. path to the directory the modules are stored +# PARAMETERS: module_path - string - abs. path to the directory the modules +# are stored # RETURNS: nothing -# DESCRIPTION: each file in module_path which ends with '.pm' is imported by "require 'file';" +# DESCRIPTION: each file in module_path which ends with '.pm' and activation +# state is on is imported by "require 'file';" #=============================================================================== sub import_modules { daemon_log(" ", 1); @@ -331,47 +344,32 @@ sub import_modules { if (not $file =~ /(\S*?).pm$/) { next; } + my $mod_name = $1; + + if( $file =~ /ArpHandler.pm/ ) { + if( $no_arp > 0 ) { + next; + } + } + eval { require $file; }; if ($@) { - daemon_log("ERROR: gosa-sd could not load module $file", 1); + daemon_log("ERROR: gosa-si-server could not load module $file", 1); daemon_log("$@", 5); - next; - } - my $mod_name = $1; - my $module_tag_hash = eval( $mod_name.'::get_module_tags()' ); - $known_modules->{$mod_name} = $module_tag_hash; - - daemon_log("load module $mod_name", 1); + } else { + my $info = eval($mod_name.'::get_module_info()'); + # Only load module if get_module_info() returns a non-null object + if( $info ) { + my ($input_address, $input_key, $input, $input_active, $input_type) = @{$info}; + $known_modules->{$mod_name} = $info; + daemon_log("module $mod_name loaded", 1); + } + } } - - # for debugging - #while ( my ($module, $tag_hash) = each(%$known_modules)) { - # print "\tmodule: $module"."\n"; - # print "\ttags: ".join(", ", keys(%$tag_hash))."\n"; - #} close (DIR); } -#=== FUNCTION ================================================================ -# NAME: register_at_bus -# PARAMETERS: nothing -# RETURNS: nothing -# DESCRIPTION: creates an entry in known_daemons and send a 'here_i_am' msg to bus -#=============================================================================== -sub register_at_bus { - - # create known_daemons entry - &create_known_daemon($bus_address); - &add_content2known_daemons(hostname=>$bus_address, status=>"register_at_bus", passwd=>$bus_passwd); - daemon_log("register at bus: $bus_address", 1); - - my $msg_hash = &create_xml_hash("here_i_am", "$server_ip:$server_port", $bus_address); - &send_msg_hash2address($msg_hash, $bus_address); - return; -} - - #=== FUNCTION ================================================================ # NAME: sig_int_handler # PARAMETERS: signal - string - signal arose from system @@ -380,369 +378,248 @@ sub register_at_bus { #=============================================================================== sub sig_int_handler { my ($signal) = @_; - if($server){ - close($server); - daemon_log("daemon server closed", 1); - } - if( -p $arp_fifo_path ) { - close $arp_fifo ; - unlink($arp_fifo_path) ; - daemon_log("ARP_FIFO closed", 1) ; - } - - if($gosa_server){ - close($gosa_server); - daemon_log("gosa server closed", 1); - } - print STDERR "$signal\n"; - + daemon_log("shutting down gosa-si-server", 1); exit(1); } $SIG{INT} = \&sig_int_handler; -#=== FUNCTION ================================================================ -# NAME: activating_child -# PARAMETERS: msg - string - incoming message -# host - string - host from which the incomming message comes -# RETURNS: nothing -# DESCRIPTION: handels the distribution of incoming messages to working childs -#=============================================================================== -sub activating_child { - my ($msg, $host, $client) = @_; - my $child = &get_processing_child(); - my $pipe_wr = $$child{'pipe_wr'}; - my $pipe_rd = $$child{'pipe_rd'}; - $$child{client_ref} = $client; - daemon_log("activating: childpid:$$child{'pid'}", 5); - - print $pipe_wr $msg.".".$host."\n"; - -# if (defined $client) { -# my $rbits = ""; -# vec($rbits, fileno $client, 1) = 1; -# -# my ($rout); -# my $nf = select($rout=$rbits, undef, undef, $gosa_timeout); -# if($gosa_activ eq "on" && vec($rout, fileno $gosa_server, 1)) { -# -# } -# } - return; -} +sub check_key_and_xml_validity { + my ($crypted_msg, $module_key) = @_; +#print STDERR "crypted_msg:$crypted_msg\n"; +#print STDERR "modul_key:$module_key\n"; -#=== FUNCTION ================================================================ -# NAME: get_processing_child -# PARAMETERS: nothing -# RETURNS: child - hash - holding the process id and the references to the pipe -# handles pipe_wr and pipe_rd -# DESCRIPTION: handels the forking, reactivating and keeping alive tasks -#=============================================================================== -sub get_processing_child { - my $child; - # checking %busy_child{pipe_wr} if msg is 'done', then set child from busy to free -# while(my ($key, $val) = each(%busy_child)) { -# # test ob prozess noch existiert -# my $exitus_pid = waitpid($key, WNOHANG); -# if($exitus_pid != 0) { -# delete $busy_child{$key}; -# print "prozess:$key wurde aus busy_child entfernt\n"; -# next; -# } -# -# # check wether process sitll works -# my $fh = $$val{'pipe_rd'}; -# $fh->blocking(0); -# my $child_answer; -# if(not $child_answer = <$fh>) { next } -# chomp($child_answer); -# if($child_answer eq "done") { -# delete $busy_child{$key}; -# $free_child{$key} = $val; -# } -# } - - while(my ($key, $val) = each(%free_child)) { - my $exitus_pid = waitpid($key, WNOHANG); - if($exitus_pid != 0) { - delete $free_child{$key}; + my $msg; + my $msg_hash; + eval{ + $msg = &decrypt_msg($crypted_msg, $module_key); + &main::daemon_log("decrypted_msg: \n$msg", 8); + + $msg_hash = $xml->XMLin($msg, ForceArray=>1); + + # check header + my $header_l = $msg_hash->{'header'}; + if( 1 != @{$header_l} ) { + die'header error'; } - daemon_log("free child:$key", 5); - } - # check @free_child and @busy_child - my $free_len = scalar(keys(%free_child)); - my $busy_len = scalar(keys(%busy_child)); - daemon_log("free children $free_len, busy children $busy_len", 5); - - # if there is a free child, let the child work - if($free_len > 0){ - my @keys = keys(%free_child); - $child = $free_child{$keys[0]}; - if(defined $child) { - $busy_child{$$child{'pid'}} = $child ; - delete $free_child{$$child{'pid'}}; + my $header = @{$header_l}[0]; + if( 0 == length $header) { + die 'header error'; } - return $child; - } - # no free child, try to fork another one - if($free_len + $busy_len < $child_max) { + # check source + my $source_l = $msg_hash->{'source'}; + if( 1 != @{$source_l} ) { + die'source error'; + } + my $source = @{$source_l}[0]; + if( 0 == length $source) { + die 'source error'; + } - daemon_log("not enough children, create a new one", 5); + # check target + my $target_l = $msg_hash->{'target'}; + if( 1 != @{$target_l} ) { + die'target error'; + } + my $target = @{$target_l}[0]; + if( 0 == length $target) { + die 'target error'; + } - # New pipes for communication - my( $PARENT_wr, $PARENT_rd ); - my( $CHILD_wr, $CHILD_rd ); - pipe( $CHILD_rd, $PARENT_wr ); - pipe( $PARENT_rd, $CHILD_wr ); - $PARENT_wr->autoflush(1); - $CHILD_wr->autoflush(1); + }; + if($@) { + &main::daemon_log("WARNING: do not understand the message:", 5); + &main::daemon_log("$@", 8); + } - ############ - # fork child - ############ - my $child_pid = fork(); - - #CHILD - if($child_pid == 0) { - # Close unused pipes - close( $CHILD_rd ); - close( $CHILD_wr ); - while( 1 ) { - my $rbits = ""; - vec( $rbits, fileno $PARENT_rd , 1 ) = 1; - my $nf = select($rbits, undef, undef, $child_timeout); - if($nf < 0 ) { - die "select(): $!\n"; - } elsif (! $nf) { - # if already child_min childs are alive, then leave loop - $free_len = scalar(keys(%free_child)); - $busy_len = scalar(keys(%busy_child)); - if($free_len + $busy_len >= $child_min) { - last; - } else { - redo; - } - } + return ($msg, $msg_hash); +} - # a job for a child arise - if ( vec $rbits, fileno $PARENT_rd, 1 ) { - # read everything from pipe - my $msg = ""; - $PARENT_rd->blocking(0); - while(1) { - my $read = <$PARENT_rd>; - if(not defined $read) { last} - $msg .= $read; - } - ###################################### - # forward msg to all imported modules - no strict "refs"; - my $answer; - while( my ($module, $tag_hash) = each(%$known_modules)) { - #if(exists $known_modules->{$module}->{server_packages}) { - my $tmp = &{ $module."::process_incoming_msg" }($msg); - if (defined $tmp) { - $answer = $tmp; - } - #} - } - - &print_known_daemons(); - &print_known_clients(); - - daemon_log("processing of msg finished", 5); - - if (defined $answer) { - print $PARENT_wr $answer."\n"; - daemon_log("\t$answer", 5); - daemon_log(" ", 5); - } else { - print $PARENT_wr "done"."\n"; - daemon_log(" ", 5); - } - redo; - } - } - # childs leaving the loop are allowed to die - exit(0); +sub input_from_known_server { + my ($input, $remote_ip) = @_ ; + my ($msg, $msg_hash, $module); + my $sql_statement= "SELECT * FROM known_server"; + my $query_res = $known_server_db->select_dbentry( $sql_statement ); - #PARENT - } else { - # Close unused pipes - close( $PARENT_rd ); - close( $PARENT_wr ); - - # add child to child alive hash - my %child_hash = ( - 'pid' => $child_pid, - 'pipe_wr' => $CHILD_wr, - 'pipe_rd' => $CHILD_rd, - 'client_ref' => "", - ); - - $child = \%child_hash; - $busy_child{$$child{'pid'}} = $child; - return $child; + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + if( not $host_name =~ "^$remote_ip") { + next; + } + my $host_key = $hit->{hostkey}; + daemon_log("SIPackages: known_server host_name: $host_name", 7); + daemon_log("SIPackages: known_server host_key: $host_key", 7); + + # check if module can open msg envelope with module key + my ($tmp_msg, $tmp_msg_hash) = &check_key_and_xml_validity($input, $host_key); + if( (!$tmp_msg) || (!$tmp_msg_hash) ) { + daemon_log("SIPackages: deciphering raise error", 7); + daemon_log("$@", 8); + next; + } + else { + $msg = $tmp_msg; + $msg_hash = $tmp_msg_hash; + $module = "SIPackages"; + last; } } + + if( (!$msg) || (!$msg_hash) || (!$module) ) { + daemon_log("Incoming message is not from a known server", 3); + } + + return ($msg, $msg_hash, $module); } -#=== FUNCTION ================================================================ -# NAME: process_incoming_msg -# PARAMETERS: crypted_msg - string - incoming crypted message -# RETURNS: nothing -# DESCRIPTION: handels the proceeded distribution to the appropriated functions -#=============================================================================== -sub process_incoming_msg { - my ($crypted_msg) = @_; - if(not defined $crypted_msg) { - daemon_log("function 'process_incoming_msg': got no msg", 7); - } - $crypted_msg =~ /^([\s\S]*?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)$/; - $crypted_msg = $1; - my $host = sprintf("%s.%s.%s.%s", $2, $3, $4, $5); - daemon_log("msg from host:", 1); - daemon_log("\t$host", 1); - #daemon_log("crypted msg:", 7); - #daemon_log("\t$crypted_msg", 7); - - # collect addresses from possible incoming clients - my @valid_keys; - my @host_keys = keys %$known_daemons; - foreach my $host_key (@host_keys) { - if($host_key =~ "^$host") { - push(@valid_keys, $host_key); +sub input_from_known_client { + my ($input, $remote_ip) = @_ ; + my ($msg, $msg_hash, $module); + + my $sql_statement= "SELECT * FROM known_clients"; + my $query_res = $known_clients_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + if( not $host_name =~ /^$remote_ip:\d*$/) { + next; + } + my $host_key = $hit->{hostkey}; + &daemon_log("SIPackages: known_client host_name: $host_name", 7); + &daemon_log("SIPackages: known_client host_key: $host_key", 7); + + # check if module can open msg envelope with module key + ($msg, $msg_hash) = &check_key_and_xml_validity($input, $host_key); + + if( (!$msg) || (!$msg_hash) ) { + &daemon_log("SIPackages: deciphering raise error", 7); + &daemon_log("$@", 8); + next; } - } - my @client_keys = keys %$known_clients; - foreach my $client_key (@client_keys) { - if($client_key =~ "^$host"){ - push(@valid_keys, $client_key); + else { + $module = "SIPackages"; + last; } } - push(@valid_keys, $server_address); + + if( (!$msg) || (!$msg_hash) || (!$module) ) { + &daemon_log("Incoming message is not from a known client", 3); + } + + return ($msg, $msg_hash, $module); +} + + +sub input_from_unknown_host { + no strict "refs"; + my ($input) = @_ ; + my ($msg, $msg_hash, $module); - my $l = @valid_keys; - my ($msg, $msg_hash); - my $msg_flag = 0; - - # determine the correct passwd for deciphering of the incoming msgs - foreach my $host_key (@valid_keys) { - eval{ - daemon_log( "key: $host_key", 7); - my $key_passwd; - if (exists $known_daemons->{$host_key}) { - $key_passwd = $known_daemons->{$host_key}->{passwd}; - } elsif (exists $known_clients->{$host_key}) { - $key_passwd = $known_clients->{$host_key}->{passwd}; - } elsif ($host_key eq $server_address) { - $key_passwd = $server_passwd; - } - daemon_log("key_passwd: $key_passwd", 7); - my $key_cipher = &create_ciphering($key_passwd); - $msg = &decrypt_msg($crypted_msg, $key_cipher); - $msg_hash = $xml->XMLin($msg, ForceArray=>1); - }; - if($@) { - daemon_log("key raise error", 7); - $msg_flag += 1; - } else { + my %act_modules = %$known_modules; + + while( my ($mod, $info) = each(%act_modules)) { + # check a key exists for this module + my $module_key = ${$mod."_key"}; + if( ! $module_key ) { + daemon_log("ERROR: no key specified in config file for $mod", 1); + next; + } + daemon_log("$mod: $module_key", 5); + + # check if module can open msg envelope with module key + ($msg, $msg_hash) = &check_key_and_xml_validity($input, $module_key); + if( (!$msg) || (!$msg_hash) ) { + daemon_log("$mod: deciphering failed", 5); + next; + } + else { + $module = $mod; last; } - } - - if($msg_flag >= $l) { - daemon_log("ERROR: do not understand the message:", 1); - daemon_log("\t$msg", 1); - return; } - # process incoming msg - my $header = &get_content_from_xml_hash($msg_hash, "header"); - my $source = @{$msg_hash->{source}}[0]; - - daemon_log("header from msg:", 1); - daemon_log("\t$header", 1); - daemon_log("msg to process:", 5); - daemon_log("\t$msg", 5); - - my @targets = @{$msg_hash->{target}}; - my $len_targets = @targets; - if ($len_targets == 0){ - daemon_log("ERROR: no target specified for msg $header", 1); - - } elsif ($len_targets == 1){ - # we have only one target symbol - - my $target = $targets[0]; - daemon_log("msg is for:", 7); - daemon_log("\t$target", 7); - - if ($target eq $server_address) { - # msg is for server - if ($header eq 'new_passwd'){ &new_passwd($msg_hash)} - elsif ($header eq 'here_i_am') { &here_i_am($msg_hash)} - elsif ($header eq 'who_has') { &who_has($msg_hash) } - elsif ($header eq 'who_has_i_do') { &who_has_i_do($msg_hash)} - elsif ($header eq 'update_status') { &update_status($msg_hash) } - #elsif ($header eq 'got_ping') { &got_ping($msg_hash)} - elsif ($header eq 'get_load') { &execute_actions($msg_hash)} - else { daemon_log("ERROR: no function assigned to this msg", 5) } + if( (!$msg) || (!$msg_hash) || (!$module)) { + daemon_log("Incoming message is not from a unknown host", 5); + } - - } elsif ($target eq "*") { - # msg is for all clients - - my @target_addresses = keys(%$known_clients); - foreach my $target_address (@target_addresses) { - if ($target_address eq $source) { next; } - $msg_hash->{target} = [$target_address]; - &send_msg_hash2address($msg_hash, $target_address); - } - } else { - # msg is for one client + return ($msg, $msg_hash, $module); +} - if (exists $known_clients->{$target}) { - # target is known +sub create_ciphering { + my ($passwd) = @_; + $passwd = substr(md5_hex("$passwd") x 32, 0, 32); + my $iv = substr(md5_hex('GONICUS GmbH'),0, 16); + my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC()); + $my_cipher->set_iv($iv); + return $my_cipher; +} - &send_msg_hash2address($msg_hash, $target); - } else { - # target is not known - daemon_log("ERROR: target $target is not known in known_clients", 1); - } - } - } else { - # we have multiple target symbols +sub encrypt_msg { + my ($msg, $key) = @_; + my $my_cipher = &create_ciphering($key); + { + use bytes; + $msg = "\0"x(16-length($msg)%16).$msg; + } + $msg = $my_cipher->encrypt($msg); + chomp($msg = &encode_base64($msg)); + # there are no newlines allowed inside msg + $msg=~ s/\n//g; + return $msg; +} + + +sub decrypt_msg { + my ($msg, $key) = @_ ; + $msg = &decode_base64($msg); + my $my_cipher = &create_ciphering($key); + $msg = $my_cipher->decrypt($msg); + $msg =~ s/\0*//g; + return $msg; +} - my $target_string = join(", ", @targets); - daemon_log("msg is for:", 7); - daemon_log("\t$target_string", 7); - - my $target_address; - foreach $target_address (@targets) { - if (exists $known_clients->{$target_address}) { - # target_address is known - &send_msg_hash2address($msg_hash, $target_address); - daemon_log("server forwards msg $header to client $target_address", 3); - } else { - # target is not known +sub get_encrypt_key { + my ($target) = @_ ; + my $encrypt_key; + my $error = 0; - daemon_log("ERROR: target $target_address is not known in known_clients", 1); + # target can be in known_server + if( !$encrypt_key ) { + my $sql_statement= "SELECT * FROM known_server WHERE hostname='$target'"; + my $query_res = $known_server_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + if( $host_name ne $target ) { + next; } + $encrypt_key = $hit->{hostkey}; + last; } + } + - + # target can be in known_client + if( !$encrypt_key ) { + my $sql_statement= "SELECT * FROM known_clients WHERE hostname='$target'"; + my $query_res = $known_clients_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + if( $host_name ne $target ) { + next; + } + $encrypt_key = $hit->{hostkey}; + last; + } } - return; + return $encrypt_key; } @@ -759,1007 +636,298 @@ sub open_socket { $PeerAddr = $PeerAddr.":".$PeerPort; } my $socket; - $socket = new IO::Socket::INET(PeerAddr => $PeerAddr , - Porto => "tcp" , + $socket = new IO::Socket::INET(PeerAddr => $PeerAddr, + Porto => "tcp", Type => SOCK_STREAM, Timeout => 5, ); if(not defined $socket) { return; } - daemon_log("open_socket:", 7); - daemon_log("\t$PeerAddr", 7); + &daemon_log("open_socket: $PeerAddr", 7); return $socket; } -#=== FUNCTION ================================================================ -# NAME: open_fifo -# PARAMETERS: $fifo_path -# RETURNS: 0: FIFO couldn"t be setup, 1: FIFO setup correctly -# DESCRIPTION: creates a FIFO at $fifo_path -#=============================================================================== -sub open_fifo { - my ($fifo_path) = @_ ; - if( -p $fifo_path ) { - daemon_log("FIFO at $fifo_path already exists! Is being deleted!", 1); - unlink($fifo_path); - } - POSIX::mkfifo($fifo_path, 0666) or die "can't mkfifo $fifo_path: $!"; - daemon_log( "FIFO started at $fifo_path", 1) ; - return 1; -} - +sub send_msg_to_target { + my ($msg, $address, $encrypt_key, $msg_header) = @_ ; + my $error = 0; -#=== FUNCTION ================================================================ -# NAME: read_from_socket -# PARAMETERS: socket fh - -# RETURNS: result string - readed characters from socket -# DESCRIPTION: reads data from socket in 16 byte steps -#=============================================================================== -sub read_from_socket { - my ($socket) = @_; - my $result = ""; - - $socket->blocking(1); - $result = <$socket>; - - $socket->blocking(0); - while ( my $char = <$socket> ) { - if (not defined $char) { last } - $result .= $char; + if( $msg_header ) { + $msg_header = "'$msg_header'-"; } - -# my $len = 16; -# while($len == 16){ -# my $char; -# $len = sysread($socket, $char, 16); -# if($len != 16) { last } -# $result .= $char; -# } - return $result; -} - - -#=== FUNCTION ================================================================ -# NAME: create_xml_hash -# PARAMETERS: header - string - message header (required) -# source - string - where the message come from (required) -# target - string - where the message should go to (required) -# [header_value] - string - something usefull (optional) -# RETURNS: hash - hash - nomen est omen -# DESCRIPTION: creates a key-value hash, all values are stored in a array -#=============================================================================== -sub create_xml_hash { - my ($header, $source, $target, $header_value) = @_; - my $hash = { - header => [$header], - source => [$source], - target => [$target], - $header => [$header_value], - }; - #daemon_log("create_xml_hash:", 7), - #chomp(my $tmp = Dumper $hash); - #daemon_log("\t$tmp", 7); - return $hash -} - - -#=== FUNCTION ================================================================ -# NAME: create_xml_string -# PARAMETERS: xml_hash - hash - hash from function create_xml_hash -# RETURNS: xml_string - string - xml string representation of the hash -# DESCRIPTION: transform the hash to a string using XML::Simple module -#=============================================================================== -sub create_xml_string { - my ($xml_hash) = @_ ; - my $xml_string = $xml->XMLout($xml_hash, RootName => 'xml'); - $xml_string =~ s/[\n]+//g; - #daemon_log("create_xml_string:",7); - #daemon_log("$xml_string\n", 7); - return $xml_string; -} - - -#=== FUNCTION ================================================================ -# NAME: add_content2xml_hash -# PARAMETERS: xml_ref - ref - reference to a hash from function create_xml_hash -# element - string - key for the hash -# content - string - value for the hash -# RETURNS: nothing -# DESCRIPTION: add key-value pair to xml_ref, if key alread exists, then append value to list -#=============================================================================== -sub add_content2xml_hash { - my ($xml_ref, $element, $content) = @_; - if(not exists $$xml_ref{$element} ) { - $$xml_ref{$element} = []; + else { + $msg_header = ""; } - my $tmp = $$xml_ref{$element}; - push(@$tmp, $content); - return; -} - -#=== FUNCTION ================================================================ -# NAME: get_content_from_xml_hash -# PARAMETERS: xml_ref - ref - reference of the xml hash -# element - string - key of the value you want -# RETURNS: value - string - if key is either header, target or source -# value - list - for all other keys in xml hash -# DESCRIPTION: -#=============================================================================== -sub get_content_from_xml_hash { - my ($xml_ref, $element) = @_ ; - my $result = $xml_ref->{$element}; - if( $element eq "header" || $element eq "target" || $element eq "source") { - return @$result[0]; - } - return @$result; -} - - -#=== FUNCTION ================================================================ -# NAME: encrypt_msg -# PARAMETERS: msg - string - message to encrypt -# my_cipher - ref - reference to a Crypt::Rijndael object -# RETURNS: crypted_msg - string - crypted message -# DESCRIPTION: crypts the incoming message with the Crypt::Rijndael module -#=============================================================================== -sub encrypt_msg { - my ($msg, $my_cipher) = @_; - if(not defined $my_cipher) { print "no cipher object\n"; } - $msg = "\0"x(16-length($msg)%16).$msg; - my $crypted_msg = $my_cipher->encrypt($msg); - chomp($crypted_msg = &encode_base64($crypted_msg)); - return $crypted_msg; -} - - -#=== FUNCTION ================================================================ -# NAME: decrypt_msg -# PARAMETERS: crypted_msg - string - message to decrypt -# my_cipher - ref - reference to a Crypt::Rijndael object -# RETURNS: msg - string - decrypted message -# DESCRIPTION: decrypts the incoming message with the Crypt::Rijndael module -#=============================================================================== -sub decrypt_msg { - my ($crypted_msg, $my_cipher) = @_ ; - $crypted_msg = &decode_base64($crypted_msg); - my $msg = $my_cipher->decrypt($crypted_msg); - $msg =~ s/\0*//g; - return $msg; -} - - -#=== FUNCTION ================================================================ -# NAME: create_ciphering -# PARAMETERS: passwd - string - used to create ciphering -# RETURNS: cipher - object -# DESCRIPTION: creates a Crypt::Rijndael::MODE_CBC object with passwd as key -#=============================================================================== -sub create_ciphering { - my ($passwd) = @_; - $passwd = substr(md5_hex("$passwd") x 32, 0, 32); - my $iv = substr(md5_hex('GONICUS GmbH'),0, 16); - - #daemon_log("iv: $iv", 7); - #daemon_log("key: $passwd", 7); - my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC()); - $my_cipher->set_iv($iv); - return $my_cipher; -} - - -#=== FUNCTION ================================================================ -# NAME: send_msg_hash2address -# PARAMETERS: msg_hash - hash - xml_hash created with function create_xml_hash -# PeerAddr string - socket address to send msg -# PeerPort string - socket port, if not included in socket address -# RETURNS: nothing -# DESCRIPTION: ???? -#=============================================================================== -sub send_msg_hash2address { - my ($msg_hash, $address, $passwd) = @_ ; - - # fetch header for logging - my $header = &get_content_from_xml_hash($msg_hash, "header"); - - # generate xml string - my $msg_xml = &create_xml_string($msg_hash); - - # fetch the appropriated passwd from hash - if(not defined $passwd) { - if(exists $known_daemons->{$address}) { - $passwd = $known_daemons->{$address}->{passwd}; - } elsif(exists $known_clients->{$address}) { - $passwd = $known_clients->{$address}->{passwd}; - - } else { - daemon_log("$address not known, neither as server nor as client", 1); - return; - } - } - - # create ciphering object - my $act_cipher = &create_ciphering($passwd); - # encrypt xml msg - my $crypted_msg = &encrypt_msg($msg_xml, $act_cipher); - + my $crypted_msg = &encrypt_msg($msg, $encrypt_key); + # opensocket my $socket = &open_socket($address); - if(not defined $socket){ - daemon_log( "cannot send '$header'-msg to $address , server not reachable", 5); - - if (exists $known_clients->{$address}) { - if ($known_clients->{$address}->{status} eq "down") { - # if status of not reachable client is already 'down', then delete client from known_clients - &clean_up_known_clients($address); - - } else { - # update status to 'down' - &update_known_clients(hostname=>$address, status=>"down"); - - } - } - return; + if( !$socket ) { + daemon_log("cannot send ".$msg_header."msg to $address , host not reachable", 1); + $error++; } - # send xml msg - print $socket $crypted_msg."\n"; - - close $socket; - - daemon_log("send '$header'-msg to $address", 1); + if( $error == 0 ) { + # send xml msg + print $socket $crypted_msg."\n"; - daemon_log("$msg_xml", 5); + daemon_log("send ".$msg_header."msg to $address", 1); + daemon_log("message:\n$msg", 8); - #daemon_log("crypted message:",7); - #daemon_log("\t$crypted_msg", 7); - - # update status of client in known_clients with last send msg - if(exists $known_daemons->{$address}) { - #&update_known_daemons(); - } elsif(exists $known_clients->{$address}) { - &update_known_clients(hostname=>$address, status=>$header); } - return; -} - - -#=== FUNCTION ================================================================ -# NAME: send_msg_hash2bus -# PARAMETERS: msg_hash - hash - xml_hash created with function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: ???? -#=============================================================================== -sub send_msg_hash2bus { - my($msg_hash) = @_; - - # fetch header for logging - my $header = &get_content_from_xml_hash($msg_hash, "header"); - - # generate xml string - my $msg_xml = &create_xml_string($msg_hash); - - # encrypt xml msg - my $crypted_msg = &encrypt_msg($msg_xml, $bus_cipher); - - # open socket - my $socket = &open_socket($bus_address); - if(not defined $socket){ - daemon_log( "cannot send '$header'-msg to $bus_address , bus not reachable", 5); - return; + # close socket in any case + if( $socket ) { + close $socket; } - - # send xml msg - print $socket $crypted_msg."\n"; - - close $socket; - - - daemon_log("send '$header'-msg to bus", 1); - daemon_log("$msg_xml", 5); - #daemon_log("crypted msg:",7); - #daemon_log("\t$crypted_msg", 7); return; } +sub _start { + my ($kernel) = $_[KERNEL]; + &trigger_db_loop($kernel); +} +sub client_input { + no strict "refs"; + my ($heap,$input,$wheel) = @_[HEAP, ARG0, ARG1]; + my ($msg, $msg_hash, $module); + my $error = 0; + my $answer_l; + my ($answer_header, @answer_target_l, $answer_source); + my $client_answer; + daemon_log("Incoming msg from '".$heap->{'remote_ip'}."'", 7); + daemon_log("\n$input", 8); + # msg is from a new client or gosa + ($msg, $msg_hash, $module) = &input_from_unknown_host($input); -##=== FUNCTION ================================================================ -## NAME: new_passwd -## PARAMETERS: msg_hash - ref - hash from function create_xml_hash -## RETURNS: nothing -## DESCRIPTION: process this incoming message -##=============================================================================== -#sub new_passwd { -# my ($msg_hash) = @_; -# -# my $source = &get_content_from_xml_hash($msg_hash, "source"); -# my $passwd = (&get_content_from_xml_hash($msg_hash, "new_passwd"))[0]; -# -# if (exists $known_daemons->{$source}) { -# &add_content2known_daemons(hostname=>$source, status=>"new_passwd", passwd=>$passwd); -# $bus_cipher = &create_ciphering($passwd); -# my $hash = &create_xml_hash("confirm_new_passwd", "$server_ip:$server_port", "$source"); -# &send_msg_hash2address($hash, $source); -# -# } elsif (exists $known_clients->{$source}) { -# &add_content2known_clients(hostname=>$source, status=>"new_passwd", passwd=>$passwd); -# -# } else { -# daemon_log("ERROR: $source not known, neither in known_daemons nor in known_clients", 1) -# } -# -# return; -#} - - -##=== FUNCTION ================================================================ -## NAME: make ping -## PARAMETERS: address - string - address which should be pinged -## RETURNS: nothing -## DESCRIPTION: send ping message to address -##=============================================================================== -#sub make_ping { -# my ($msg_hash) = @_; -# -# my $source = &get_content_from_xml_hash($msg_hash, "source"); -# my $target = &get_content_from_xml_hash($msg_hash, "target"); -# -# print "make_ping:$source\n"; -# my $out_hash = &create_xml_hash("ping", $target, $source); -# &send_msg_hash2address($out_hash, $source); -# return; -#} - - -##=== FUNCTION ================================================================ -## NAME: got_ping -## PARAMETERS: msg_hash - hash - hash from function create_xml_hash -## RETURNS: nothing -## DESCRIPTION: process this incoming message -##=============================================================================== -#sub got_ping { -# my ($msg_hash) = @_; -# -# my $source = &get_content_from_xml_hash($msg_hash, 'source'); -# my $target = &get_content_from_xml_hash($msg_hash, 'target'); -# my $header = &get_content_from_xml_hash($msg_hash, 'header'); -# -# if(exists $known_daemons->{$source}) { -# &add_content2known_daemons(hostname=>$source, status=>$header); -# } else { -# &add_content2known_clients(hostname=>$source, status=>$header); -# } -# -# return; -#} - - -##=== FUNCTION ================================================================ -## NAME: here_i_am -## PARAMETERS: msg_hash - hash - hash from function create_xml_hash -## RETURNS: nothing -## DESCRIPTION: process this incoming message -##=============================================================================== -#sub here_i_am { -# my ($msg_hash) = @_; -# -# my $source = &get_content_from_xml_hash($msg_hash, "source"); -# my $mac_address = (&get_content_from_xml_hash($msg_hash, "mac_address"))[0]; -# my $out_hash; -# -# # number of known clients -# my $nu_clients = keys %$known_clients; -# -# # check wether client address or mac address is already known -# if (exists $known_clients->{$source}) { -# daemon_log("WARNING: $source is already known as a client", 1); -# daemon_log("WARNING: values for $source are being overwritten", 1); -# $nu_clients --; -# } -# -# # number of actual activ clients -# my $act_nu_clients = $nu_clients; -# -# daemon_log("number of actual activ clients: $act_nu_clients", 5); -# daemon_log("number of maximal allowed clients: $max_clients", 5); -# -# if($max_clients <= $act_nu_clients) { -# my $out_hash = &create_xml_hash("denied", $server_address, $source); -# &add_content2xml_hash($out_hash, "denied", "I_cannot_take_any_more_clients!"); -# my $passwd = (&get_content_from_xml_hash($msg_hash, "new_passwd"))[0]; -# &send_msg_hash2address($out_hash, $source, $passwd); -# return; -# } -# -# # new client accepted -# my $new_passwd = (&get_content_from_xml_hash($msg_hash, "new_passwd"))[0]; -# -# # create known_daemons entry -# my $events = (&get_content_from_xml_hash($msg_hash, "events"))[0]; -# &create_known_client($source); -# &add_content2known_clients(hostname=>$source, events=>$events, mac_address=>$mac_address, -# status=>"registered", passwd=>$new_passwd); -# -# # return acknowledgement to client -# $out_hash = &create_xml_hash("registered", $server_address, $source); -# &send_msg_hash2address($out_hash, $source); -# -# # notify registered client to bus -# $out_hash = &create_xml_hash("new_client", $server_address, $bus_address, $source); -# &send_msg_hash2bus($out_hash); -# -# # give the new client his ldap config -# &new_ldap_config($source); -# -# return; -#} - - -#=== FUNCTION ================================================================ -# NAME: who_has -# PARAMETERS: msg_hash - hash - hash from function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: process this incoming message -#=============================================================================== -#sub who_has { -# my ($msg_hash) = @_ ; -# -# # what is your search pattern -# my $search_pattern = (&get_content_from_xml_hash($msg_hash, "who_has"))[0]; -# my $search_element = (&get_content_from_xml_hash($msg_hash, $search_pattern))[0]; -# daemon_log("who_has-msg looking for $search_pattern $search_element", 7); -# -# # scanning known_clients for search_pattern -# my @host_addresses = keys %$known_clients; -# my $known_clients_entries = length @host_addresses; -# my $host_address; -# foreach my $host (@host_addresses) { -# my $client_element = $known_clients->{$host}->{$search_pattern}; -# if ($search_element eq $client_element) { -# $host_address = $host; -# last; -# } -# } -# -# # search was successful -# if (defined $host_address) { -# my $source = @{$msg_hash->{source}}[0]; -# my $out_msg = &create_xml_hash("who_has_i_do", $server_address, $source, "mac_address"); -# &add_content2xml_hash($out_msg, "mac_address", $search_element); -# &send_msg_hash2address($out_msg, $bus_address); -# } -# return; -#} - - -#sub who_has_i_do { -# my ($msg_hash) = @_ ; -# my $header = &get_content_from_xml_hash($msg_hash, "header"); -# my $source = &get_content_from_xml_hash($msg_hash, "source"); -# my $search_param = (&get_content_from_xml_hash($msg_hash, $header))[0]; -# my $search_value = (&get_content_from_xml_hash($msg_hash, $search_param))[0]; -# print "\ngot msg $header:\nserver $source has client with $search_param $search_value\n"; -#} - - -#=== FUNCTION ================================================================ -# NAME: update_status -# PARAMETERS: msg_hash - hash - hash from function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: process this incoming message -#=============================================================================== -#sub update_status { -# my ($msg_hash) = @_; -# my $header = &get_content_from_xml_hash($msg_hash, "header"); -# my $source = &get_content_from_xml_hash($msg_hash, "source"); -# my $new_status = (&get_content_from_xml_hash($msg_hash, "update_status"))[0]; -# -# # find the source -# my $act_known_hash; -# if (exists $known_daemons->{$source}) { -# -# &add_content2known_daemons(hostname=>$source, status=>$new_status); -# } elsif (exists $known_clients->{$source}) { -# &update_known_clients(hostname=>$source, status=>$new_status); -# #&add_content2known_clients(hostname=>$source, status=>$new_status); -# } else { -# daemon_log("ERROR: got $header-msg, but cannot find $source in my hashes, unable to update status", 1); -# return; -# } -# -# return; -#} - - -##=== FUNCTION ================================================================ -## NAME: new_ldap_config -## PARAMETERS: address - string - ip address and port of a host -## RETURNS: nothing -## DESCRIPTION: send to address the ldap configuration found for dn gotoLdapServer -##=============================================================================== -#sub new_ldap_config { -# my ($address) = @_ ; -# -# if (not exists $known_clients->{$address}) { -# daemon_log("ERROR: $address does not exist in known_clients, cannot send him his ldap config", 1); -# return; -# } -# -# my $mac_address = $known_clients->{$address}->{"mac_address"}; -# if (not defined $mac_address) { -# daemon_log("ERROR: no mac address found for client $address", 1); -# return; -# } -# -# # fetch dn -# my $goHard_cmd = "ldapsearch -x '(&(objectClass=goHard)(macAddress=00:11:22:33:44:57))' dn gotoLdapServer"; -# my $dn; -# my @gotoLdapServer; -# open (PIPE, "$goHard_cmd 2>&1 |"); -# while() { -# chomp $_; -# # If it's a comment, goto next -# if ($_ =~ m/^[#]/) { next;} -# if ($_ =~ m/^dn: ([\S]+?)$/) { -# $dn = $1; -# } elsif ($_ =~ m/^gotoLdapServer: ([\S]+?)$/) { -# push(@gotoLdapServer, $1); -# } -# } -# close(PIPE); -# -# # no dn found -# if (not defined $dn) { -# daemon_log("ERROR: no dn arose from command: $goHard_cmd", 1); -# return; -# } -# -# # no gotoLdapServer found -# my $gosaGroupOfNames_cmd = "ldapsearch -x '(&(objectClass=gosaGroupOfNames)(member=$dn))' gotoLdapServer"; -# if (@gotoLdapServer == 0) { -# open (PIPE, "$gosaGroupOfNames_cmd 2>&1 |"); -# while() { -# chomp $_; -# if ($_ =~ m/^[#]/) { next; } -# if ($_ =~ m/^gotoLdapServer: ([\S]+?)$/) { -# push(@gotoLdapServer, $1); -# } -# } -# close(PIPE); -# } -# -# # still no gotoLdapServer found -# if (@gotoLdapServer == 0) { -# daemon_log("ERROR: cannot find gotoLdapServer entry in command: $gosaGroupOfNames_cmd", 1); -# return; -# } -# -# # sort @gotoLdapServer and then split of ranking -# my @sorted_gotoLdapServer = sort(@gotoLdapServer); -# @gotoLdapServer = reverse(@sorted_gotoLdapServer); -# foreach (@gotoLdapServer) { -# $_ =~ s/^\d://; -# } -# -# my $t = join(" ", @gotoLdapServer); -# -# my $out_hash = &create_xml_hash("new_ldap_config", $server_address, $address); -# map(&add_content2xml_hash($out_hash, "new_ldap_config", $_), @gotoLdapServer); -# &send_msg_hash2address($out_hash, $address); -# -# return; -#} - - -##=== FUNCTION ================================================================ -## NAME: execute_actions -## PARAMETERS: msg_hash - hash - hash from function create_xml_hash -## RETURNS: nothing -## DESCRIPTION: invokes the script specified in msg_hash which is located under -## /etc/gosad/actions -##=============================================================================== -#sub execute_actions { -# my ($msg_hash) = @_ ; -# my $configdir= '/etc/gosad/actions/'; -# my $result; -# -# my $header = &get_content_from_xml_hash($msg_hash, 'header'); -# my $source = &get_content_from_xml_hash($msg_hash, 'source'); -# my $target = &get_content_from_xml_hash($msg_hash, 'target'); -# -# -# if((not defined $source) -# && (not defined $target) -# && (not defined $header)) { -# daemon_log("ERROR: Entries missing in XML msg for gosad actions under /etc/gosad/actions"); -# } else { -# my $parameters=""; -# my @params = &get_content_from_xml_hash($msg_hash, $header); -# my $params = join(", ", @params); -# daemon_log("execute_actions: got parameters: $params", 5); -# -# if (@params) { -# foreach my $param (@params) { -# my $param_value = (&get_content_from_xml_hash($msg_hash, $param))[0]; -# daemon_log("execute_actions: parameter -> value: $param -> $param_value", 7); -# $parameters.= " ".$param_value; -# } -# } -# -# my $cmd= $configdir.$header."$parameters"; -# daemon_log("execute_actions: executing cmd: $cmd", 7); -# $result= ""; -# open(PIPE, "$cmd 2>&1 |"); -# while() { -# $result.=$_; -# } -# close(PIPE); -# } -# -# # process the event result -# -# -# return; -#} - - -#=== FUNCTION ================================================================ -# NAME: print_known_daemons -# PARAMETERS: nothing -# RETURNS: nothing -# DESCRIPTION: nomen est omen -#=============================================================================== -sub print_known_daemons { - my ($tmp) = @_ ; - print "####################################\n"; - print "# status of known_daemons\n"; - $shmda->shlock(LOCK_EX); - my @hosts = keys %$known_daemons; - foreach my $host (@hosts) { - my $status = $known_daemons->{$host}->{status} ; - my $passwd = $known_daemons->{$host}->{passwd}; - my $timestamp = $known_daemons->{$host}->{timestamp}; - print "$host\n"; - print "\tstatus: $status\n"; - print "\tpasswd: $passwd\n"; - print "\ttimestamp: $timestamp\n"; + # msg is from a gosa-si-server or gosa-si-bus + if(( !$msg ) || ( !$msg_hash ) || ( !$module )){ + ($msg, $msg_hash, $module) = &input_from_known_server($input, $heap->{'remote_ip'}); } - $shmda->shunlock(LOCK_EX); - print "####################################\n"; - return; -} - - -#=== FUNCTION ================================================================ -# NAME: create_known_daemon -# PARAMETERS: hostname - string - key for the hash known_daemons -# RETURNS: nothing -# DESCRIPTION: creates a dummy entry for hostname in known_daemons -#=============================================================================== -sub create_known_daemon { - my ($hostname) = @_; - $shmda->shlock(LOCK_EX); - $known_daemons->{$hostname} = {}; - $known_daemons->{$hostname}->{status} = "none"; - $known_daemons->{$hostname}->{passwd} = "none"; - $known_daemons->{$hostname}->{timestamp} = "none"; - $shmda->shunlock(LOCK_EX); - return; -} - -#=== FUNCTION ================================================================ -# NAME: add_content2known_daemons -# PARAMETERS: hostname - string - ip address and port of host (required) -# status - string - (optional) -# passwd - string - (optional) -# mac_address - string - mac address of host (optional) -# RETURNS: nothing -# DESCRIPTION: nome est omen and updates each time the timestamp of hostname -#=============================================================================== -sub add_content2known_daemons { - my $arg = { - hostname => undef, status => undef, passwd => undef, - mac_address => undef, events => undef, - @_ }; - my $hostname = $arg->{hostname}; - my $status = $arg->{status}; - my $passwd = $arg->{passwd}; - my $mac_address = $arg->{mac_address}; - my $events = $arg->{events}; - - if (not defined $hostname) { - daemon_log("ERROR: function add_content2known_daemons is not invoked with requiered parameter 'hostname'", 1); - return; + # msg is from a gosa-si-client + if(( !$msg ) || ( !$msg_hash ) || ( !$module )){ + ($msg, $msg_hash, $module) = &input_from_known_client($input, $heap->{'remote_ip'}); } - my ($seconds, $minutes, $hours, $monthday, $month, - $year, $weekday, $yearday, $sommertime) = localtime(time); - $hours = $hours < 10 ? $hours = "0".$hours : $hours; - $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes; - $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds; - $month+=1; - $month = $month < 10 ? $month = "0".$month : $month; - $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; - $year+=1900; - my $t = "$year$month$monthday$hours$minutes$seconds"; - - $shmda->shlock(LOCK_EX); - if (defined $status) { - $known_daemons->{$hostname}->{status} = $status; - } - if (defined $passwd) { - $known_daemons->{$hostname}->{passwd} = $passwd; - } - if (defined $mac_address) { - $known_daemons->{$hostname}->{mac_address} = $mac_address; - } - if (defined $events) { - $known_daemons->{$hostname}->{events} = $events; + # an error occurred + if(( !$msg ) || ( !$msg_hash ) || ( !$module )){ + $error++; } - $known_daemons->{$hostname}->{timestamp} = $t; - $shmda->shlock(LOCK_EX); - return; -} + ###################### + # process incoming msg + if( $error == 0) { + daemon_log("Processing module ".$module, 5); + $answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash, $heap->{'remote_ip'}); -#=== FUNCTION ================================================================ -# NAME: update_known_daemons -# PARAMETERS: hostname - string - ip address and port of host (required) -# status - string - (optional) -# passwd - string - (optional) -# client - string - ip address and port of client (optional) -# RETURNS: nothing -# DESCRIPTION: nome est omen and updates each time the timestamp of hostname -#=============================================================================== -sub update_known_daemons { - my $arg = { - hostname => undef, status => undef, passwd => undef, - @_ }; - my $hostname = $arg->{hostname}; - my $status = $arg->{status}; - my $passwd = $arg->{passwd}; - - if (not defined $hostname) { - daemon_log("ERROR: function add_content2known_daemons is not invoked with requiered parameter 'hostname'", 1); - return; + if ( 0 > @{$answer_l} ) { + my $answer_str = join("\n", @{$answer_l}); + daemon_log("$module: Got answer from module: \n".$answer_str,8); + } } + if( !$answer_l ) { $error++ }; + + ######## + # answer + if( $error == 0 ) { + + # for each answer in answer list + foreach my $answer ( @{$answer_l} ) { + + my $error = 0; + # check answer if gosa-si envelope conform + if(defined($answer)) { + my $answer_hash = $xml->XMLin($answer, ForceArray=>1); + $answer_header = @{$answer_hash->{'header'}}[0]; + @answer_target_l = @{$answer_hash->{'target'}}; + $answer_source = @{$answer_hash->{'source'}}[0]; + if( !$answer_header ) { + daemon_log('ERROR: module answer is not gosa-si envelope conform: no header', 1); + daemon_log("\n$answer", 8); + $error++; + } + if( 0 == length @answer_target_l ) { + daemon_log('ERROR: module answer is not gosa-si envelope conform: no targets', 1); + daemon_log("\n$answer", 8); + $error++; + } + if( !$answer_source ) { + daemon_log('ERROR: module answer is not gosa-si envelope conform: no source', 1); + daemon_log("\n$answer", 8); + $error++; + } + + if( $error != 0 ) { + next; + } + } + + # deliver msg to all targets + foreach my $answer_target ( @answer_target_l ) { + if( $answer_target eq "*" ) { + # answer is for all clients + my $sql_statement= "SELECT * FROM known_clients"; + my $query_res = $known_clients_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + my $host_key = $hit->{hostkey}; + &send_msg_to_target($answer, $host_name, $host_key, $answer_header); + } + } + elsif( $answer_target eq "GOSA" ) { + # answer is for GOSA and has to returned to connected client + my $gosa_answer = &encrypt_msg($answer, $GosaPackages_key); + $client_answer = $gosa_answer; + } + elsif( $answer_target eq "KNOWN_SERVER" ) { + # answer is for all server in known_server + my $sql_statement= "SELECT * FROM known_server"; + my $query_res = $known_server_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + my $host_key = $hit->{hostkey}; + $answer =~ s/KNOWN_SERVER/$host_name/g; + &send_msg_to_target($answer, $host_name, $host_key, $answer_header); + } + } + elsif( $answer_target =~ /([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})/ ) { + daemon_log("target is mac address '$answer_target', looking for host in known_clients", 3); + my $sql_statement = "SELECT * FROM known_clients WHERE macaddress='$answer_target'"; + my $query_res = $known_clients_db->select_dbentry( $sql_statement ); + my $found_ip_flag = 0; + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + my $host_key = $hit->{hostkey}; + $answer =~ s/$answer_target/$host_name/g; + daemon_log("found host '$host_name', assoziated to '$answer_target'", 3); + &send_msg_to_target($answer, $host_name, $host_key, $answer_header); + $found_ip_flag++ ; + } + if( $found_ip_flag == 0) { + daemon_log("WARNING: no host found in known_clients with mac address '$answer_target', forward msg to bus", 1); + my $sql_statement = "SELECT * FROM known_server WHERE status='bus'"; + my $query_res = $known_server_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $bus_address = $hit->{hostname}; + my $bus_key = $hit->{hostkey}; + &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header); + last; + } - my ($seconds, $minutes, $hours, $monthday, $month, - $year, $weekday, $yearday, $sommertime) = localtime(time); - $hours = $hours < 10 ? $hours = "0".$hours : $hours; - $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes; - $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds; - $month+=1; - $month = $month < 10 ? $month = "0".$month : $month; - $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; - $year+=1900; - my $t = "$year$month$monthday$hours$minutes$seconds"; - - $shmda->shlock(LOCK_EX); - if (defined $status) { - $known_daemons->{$hostname}->{status} = $status; - } - if (defined $passwd) { - $known_daemons->{$hostname}->{passwd} = $passwd; + } + } + else { + # answer is for one specific host + # get encrypt_key + my $encrypt_key = &get_encrypt_key($answer_target); + if( !$encrypt_key ) { + daemon_log("ERROR: no encrypt key found in known_clients or known_server for target '$answer_target'", 1); + daemon_log("\n$answer", 8); + next; + } + # send_msg + &send_msg_to_target($answer, $answer_target, $encrypt_key, $answer_header); + } + } + } } - $known_daemons->{$hostname}->{timestamp} = $t; - $shmda->shunlock(LOCK_EX); - return; -} - -#=== FUNCTION ================================================================ -# NAME: print_known_clients -# PARAMETERS: nothing -# RETURNS: nothing -# DESCRIPTION: nomen est omen -#=============================================================================== -sub print_known_clients { - - print "####################################\n"; - print "# status of known_clients\n"; - $shmcl->shlock(LOCK_EX); - my @hosts = keys %$known_clients; - if (@hosts) { - foreach my $host (@hosts) { - my $status = $known_clients->{$host}->{status} ; - my $passwd = $known_clients->{$host}->{passwd}; - my $timestamp = $known_clients->{$host}->{timestamp}; - my $mac_address = $known_clients->{$host}->{mac_address}; - my $events = $known_clients->{$host}->{events}; - print "$host\n"; - print "\tstatus: $status\n"; - print "\tpasswd: $passwd\n"; - print "\ttimestamp: $timestamp\n"; - print "\tmac_address: $mac_address\n"; - print "\tevents: $events\n"; - } + if( $client_answer ) { + $heap->{client}->put($client_answer); } - $shmcl->shunlock(LOCK_EX); - print "####################################\n"; + return; } - - -#=== FUNCTION ================================================================ -# NAME: create_known_client -# PARAMETERS: hostname - string - key for the hash known_clients -# RETURNS: nothing -# DESCRIPTION: creates a dummy entry for hostname in known_clients -#=============================================================================== -sub create_known_client { - my ($hostname) = @_; - $shmcl->shlock(LOCK_EX); - $known_clients->{$hostname} = {}; - $known_clients->{$hostname}->{status} = "none"; - $known_clients->{$hostname}->{passwd} = "none"; - $known_clients->{$hostname}->{timestamp} = "none"; - $known_clients->{$hostname}->{mac_address} = "none"; - $known_clients->{$hostname}->{events} = "none"; - $shmcl->shunlock(LOCK_EX); - return; +sub trigger_db_loop { +# my ($kernel) = $_[KERNEL]; + my ($kernel) = @_ ; + $kernel->delay_set('watch_for_new_jobs',3); } +sub watch_for_new_jobs { + my ($kernel,$heap) = @_[KERNEL, HEAP]; + # check gosa job queue for jobs with executable timestamp + my $timestamp = &get_time(); -#=== FUNCTION ================================================================ -# NAME: add_content2known_clients -# PARAMETERS: hostname - string - ip address and port of host (required) -# status - string - (optional) -# passwd - string - (optional) -# mac_address - string - (optional) -# events - string - event of client, executable skripts under /etc/gosac/events -# RETURNS: nothing -# DESCRIPTION: nome est omen and updates each time the timestamp of hostname -#=============================================================================== -sub add_content2known_clients { - my $arg = { - hostname => undef, status => undef, passwd => undef, - mac_address => undef, events => undef, - @_ }; - my $hostname = $arg->{hostname}; - my $status = $arg->{status}; - my $passwd = $arg->{passwd}; - my $mac_address = $arg->{mac_address}; - my $events = $arg->{events}; - - if (not defined $hostname) { - daemon_log("ERROR: function add_content2known_clients is not invoked with requiered parameter 'hostname'", 1); - return; - } + my $sql_statement = "SELECT * FROM ".$job_queue_table_name. + " WHERE status='waiting' AND timestamp<'$timestamp'"; - my ($seconds, $minutes, $hours, $monthday, $month, - $year, $weekday, $yearday, $sommertime) = localtime(time); - $hours = $hours < 10 ? $hours = "0".$hours : $hours; - $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes; - $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds; - $month+=1; - $month = $month < 10 ? $month = "0".$month : $month; - $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; - $year+=1900; - my $t = "$year$month$monthday$hours$minutes$seconds"; - - $shmcl->shlock(LOCK_EX); - if (defined $status) { - $known_clients->{$hostname}->{status} = $status; - } - if (defined $passwd) { - $known_clients->{$hostname}->{passwd} = $passwd; - } - if (defined $mac_address) { - $known_clients->{$hostname}->{mac_address} = $mac_address; - } - if (defined $events) { - $known_clients->{$hostname}->{events} = $events; - } - $known_clients->{$hostname}->{timestamp} = $t; - $shmcl->shlock(LOCK_EX); - return; -} - + my $res = $job_db->select_dbentry( $sql_statement ); -#=== FUNCTION ================================================================ -# NAME: -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub clean_up_known_clients { - my ($address) = @_ ; - - if (not exists $known_clients->{$address}) { - daemon_log("cannot prune known_clients from $address, client not known", 5); - return; - } + while( my ($id, $hit) = each %{$res} ) { - delete $known_clients->{$address}; + my $jobdb_id = $hit->{id}; + my $macaddress = $hit->{macaddress}; + my $job_msg_hash = &transform_msg2hash($hit->{xmlmessage}); + my $out_msg_hash = $job_msg_hash; + my $sql_statement = "SELECT * FROM known_clients WHERE macaddress='$macaddress'"; + my $res_hash = $known_clients_db->select_dbentry( $sql_statement ); + # expect macaddress is unique!!!!!! + my $target = $res_hash->{1}->{hostname}; - # send bus a msg that address was deleted from known_clients - my $out_hash = &create_xml_hash('delete_client', $server_address, $bus_address, $address); - &send_msg_hash2bus($out_hash); + if (not defined $target) { + &daemon_log("ERROR: no host found for mac address: $job_msg_hash->{mac}[0]", 1); + &daemon_log("xml message: $hit->{xmlmessage}", 5); + my $sql_statement = "UPDATE $job_queue_table_name ". + "SET status='error', result='no host found for mac address' ". + "WHERE id='$jobdb_id'"; + my $res = $job_db->update_dbentry($sql_statement); + next; + } - daemon_log("client $address deleted from known_clients because of multiple down time", 3); - return; -} + # add target + &add_content2xml_hash($out_msg_hash, "target", $target); + # add new header + my $out_header = $job_msg_hash->{header}[0]; + $out_header =~ s/job_/gosa_/; + delete $out_msg_hash->{header}; + &add_content2xml_hash($out_msg_hash, "header", $out_header); -#=== FUNCTION ================================================================ -# NAME: update_known_clients -# PARAMETERS: hostname - string - ip address and port of host (required) -# status - string - (optional) -# passwd - string - (optional) -# client - string - ip address and port of client (optional) -# RETURNS: nothing -# DESCRIPTION: nome est omen and updates each time the timestamp of hostname -#=============================================================================== -sub update_known_clients { - my $arg = { - hostname => undef, status => undef, passwd => undef, - mac_address => undef, events => undef, - @_ }; - my $hostname = $arg->{hostname}; - my $status = $arg->{status}; - my $passwd = $arg->{passwd}; - my $mac_address = $arg->{mac_address}; - my $events = $arg->{events}; - - if (not defined $hostname) { - daemon_log("ERROR: function add_content2known_daemons is not invoked with requiered parameter 'hostname'", 1); - return; - } - - my ($seconds, $minutes, $hours, $monthday, $month, - $year, $weekday, $yearday, $sommertime) = localtime(time); - $hours = $hours < 10 ? $hours = "0".$hours : $hours; - $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes; - $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds; - $month+=1; - $month = $month < 10 ? $month = "0".$month : $month; - $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; - $year+=1900; - my $t = "$year$month$monthday$hours$minutes$seconds"; - - $shmcl->shlock(LOCK_EX); - if (defined $status) { - $known_clients->{$hostname}->{status} = $status; - } - if (defined $passwd) { - $known_clients->{$hostname}->{passwd} = $passwd; - } - if (defined $mac_address) { - $known_clients->{$hostname}->{mac_address} = $mac_address; - } - if (defined $events) { - $known_clients->{$hostname}->{events} = $events; - } - $known_clients->{$hostname}->{timestamp} = $t; - $shmcl->shunlock(LOCK_EX); - return; -} + # add sqlite_id + &add_content2xml_hash($out_msg_hash, "jobdb_id", $jobdb_id); + my $out_msg = &create_xml_string($out_msg_hash); + # encrypt msg as a GosaPackage module + my $cipher = &create_ciphering($GosaPackages_key); + my $crypted_out_msg = &encrypt_msg($out_msg, $cipher); + my $error = &send_msg_hash2address($out_msg_hash, "$gosa_ip:$gosa_port", $GosaPackages_key); + if ($error == 0) { + my $sql_statement = "UPDATE $job_queue_table_name ". + "SET status='processing', targettag='$target' ". + "WHERE id='$jobdb_id'"; + my $res = $job_db->update_dbentry($sql_statement); + } else { + my $sql_statement = "UPDATE $job_queue_table_name ". + "SET status='error' ". + "WHERE id='$jobdb_id'"; + my $res = $job_db->update_dbentry($sql_statement); + } + } + $kernel->delay_set('watch_for_new_jobs',3); +} #==== MAIN = main ============================================================== - # parse commandline options Getopt::Long::Configure( "bundling" ); GetOptions("h|help" => \&usage, @@ -1774,252 +942,80 @@ GetOptions("h|help" => \&usage, &check_cmdline_param ; &read_configfile; &check_pid; -&import_modules; $SIG{CHLD} = 'IGNORE'; -# restart daemon log file -if(-e $log_file ) { unlink $log_file } -daemon_log(" ", 1); -daemon_log("gosad started!", 1); +# forward error messages to logfile +if( ! $foreground ) { + open(STDERR, '>>', $log_file); + open(STDOUT, '>>', $log_file); +} -# Just fork, if we"re not in foreground mode -if( ! $foreground ) { $pid = fork(); } -else { $pid = $$; } +# Just fork, if we are not in foreground mode +if( ! $foreground ) { + chdir '/' or die "Can't chdir to /: $!"; + $pid = fork; + setsid or die "Can't start a new session: $!"; + umask 0; +} else { + $pid = $$; +} # Do something useful - put our PID into the pid_file if( 0 != $pid ) { open( LOCK_FILE, ">$pid_file" ); print LOCK_FILE "$pid\n"; -close( LOCK_FILE ); - if( !$foreground ) { exit( 0 ) }; -} - -# detect own ip and mac address -($server_ip, $server_mac_address) = &get_ip_and_mac(); -if (not defined $server_ip) { - die "EXIT: ip address of $0 could not be detected"; -} -daemon_log("server ip address detected: $server_ip", 1); -daemon_log("server mac address detected: $server_mac_address", 1); - -# setup xml parser -$xml = new XML::Simple(); - -# create cipher object -$bus_cipher = &create_ciphering($bus_passwd); -$bus_address = "$bus_ip:$bus_port"; - -# create reading and writing vectors -my $rbits = my $wbits = my $ebits = ""; - -# open server socket -$server_address = "$server_ip:$server_port"; -if($server_activ eq "on"){ - daemon_log(" ", 1); - $server = IO::Socket::INET->new(LocalPort => $server_port, - Type => SOCK_STREAM, - Reuse => 1, - Listen => 20, - ); - if(not defined $server){ - daemon_log("cannot be a tcp server at $server_port : $@"); - } else { - daemon_log("start server:", 1); - daemon_log("\t$server_ip:$server_port",1) ; - vec($rbits, fileno $server, 1) = 1; - vec($wbits, fileno $server, 1) = 1; - } -} - -# register at bus -if ($no_bus > 0) { - $bus_activ = "off" -} -if($bus_activ eq "on") { - daemon_log(" ", 1); - ®ister_at_bus(); + close( LOCK_FILE ); + if( !$foreground ) { + exit( 0 ) + }; } - daemon_log(" ", 1); +daemon_log("$0 started!", 1); -# start arp fifo -if ($no_arp > 0) { - $arp_activ = "off"; -} -my $my_fifo; -if($arp_activ eq "on") { - $my_fifo = &open_fifo($arp_fifo_path); - if($my_fifo == 0) { die "fifo file disappeared\n" } - sysopen($arp_fifo, $arp_fifo_path, O_RDWR) or die "can't read from $arp_fifo: $!" ; - - vec($rbits, fileno $arp_fifo, 1) = 1; -} - -$gosa_address = "$gosa_ip:$gosa_port"; -# start gosa inferface fifos -if ($gosa_activ eq "on") { - daemon_log(" ",1); - $gosa_server = IO::Socket::INET->new(LocalPort => $gosa_port, - Type => SOCK_STREAM, - Reuse => 1, - Listen => 1, - ); - if (not defined $gosa_server) { - daemon_log("cannot start tcp server at $gosa_port for communication to gosa: $@", 1); - } else { - daemon_log("start server at for communication to gosa", 1); - daemon_log("\t$server_ip:$gosa_port"); - vec($rbits, fileno $gosa_server, 1) = 1; - - } - - - #&open_fifo($gosa_fifo_in); - #sysopen(GOSA_FIFO_IN, $gosa_fifo_in, O_RDWR) or die "can't read from GOSA_FIFO_IN: $!" ; - #vec($rbits, fileno GOSA_FIFO_IN, 1) = 1; - - #&open_fifo($gosa_fifo_out); - #sysopen(GOSA_FIFO_OUT, $gosa_fifo_out, O_RDWR) or die "can't read from GOSA_FIFO_IN: $!" ; - -} - - -################################### -#everything ready, okay, lets start -################################### -while(1) { - - # add all handles from the childs - while ( my ($pid, $child_hash) = each %busy_child ) { - - # check whether process still exists - my $exitus_pid = waitpid($pid, WNOHANG); - if($exitus_pid != 0) { - delete $busy_child{$pid}; - next; - } - - # add child fhd to the listener - my $fhd = $$child_hash{'pipe_rd'}; - vec($rbits, fileno $fhd, 1) = 1; - } - - my ($rout, $wout); - my $nf = select($rout=$rbits, $wout=$wbits, undef, undef); - - # error handling - if($nf < 0 ) { - } - - # something is coming in - if($server_activ eq "on" && vec($rout, fileno $server, 1)) { - daemon_log(" ", 1); - my $client = $server->accept(); - my $other_end = getpeername($client); - if(not defined $other_end) { - daemon_log("client cannot be identified: $!"); - } else { - my ($port, $iaddr) = unpack_sockaddr_in($other_end); - my $actual_ip = inet_ntoa($iaddr); - daemon_log("accept client at daemon socket from $actual_ip", 5); - my $in_msg = &read_from_socket($client); - if(defined $in_msg){ - chomp($in_msg); - &activating_child($in_msg, $actual_ip); - } else { - daemon_log("cannot read from $actual_ip", 5); - } - } - close($client); - } +# delete old DBsqlite lock files +system('rm -f /tmp/gosa_si_lock*gosa-si-server*'); - if($arp_activ eq "on" && vec($rout, fileno $arp_fifo, 1)) { - my $in_msg = <$arp_fifo>; - chomp($in_msg); - print "arp_activ: msg: $in_msg\n"; - my $act_passwd = $known_daemons->{$bus_address}->{passwd}; - print "arp_activ: arp_passwd: $act_passwd\n"; +# connect to gosa-si job queue +my @job_col_names = ("id", "timestamp", "status", "result", "headertag", "targettag", "xmlmessage", "macaddress"); +$job_db = GOSA::DBsqlite->new($job_queue_file_name); +$job_db->create_table('jobs', \@job_col_names); - my $in_msg_hash = $xml->XMLin($in_msg, ForceArray=>1); +# connect to known_clients_db +my @clients_col_names = ('hostname', 'status', 'hostkey', 'timestamp', 'macaddress', 'events'); +$known_clients_db = GOSA::DBsqlite->new($known_clients_file_name); +$known_clients_db->create_table('known_clients', \@clients_col_names); - my $target = &get_content_from_xml_hash($in_msg_hash, 'target'); - - if ($target eq $server_address) { - print "arp_activ: forward to server\n"; - my $arp_cipher = &create_ciphering($act_passwd); - my $crypted_msg = &encrypt_msg($in_msg, $arp_cipher); - &activating_child($crypted_msg, $server_ip); - } else { - print "arp_activ: send to bus\n"; - &send_msg_hash2address($in_msg_hash, $bus_address); - } - print "\n"; - } +# connect to known_server_db +my @server_col_names = ('hostname', 'status', 'hostkey', 'timestamp'); +$known_server_db = GOSA::DBsqlite->new($known_server_file_name); +$known_server_db->create_table('known_server', \@server_col_names); - if($gosa_activ eq "on" && vec($rout, fileno $gosa_server, 1)) { - daemon_log(" ", 1); - my $client = $gosa_server->accept(); - my $other_end = getpeername($client); - if(not defined $other_end) { - daemon_log("client cannot be identified: $!"); - } else { - my ($port, $iaddr) = unpack_sockaddr_in($other_end); - my $actual_ip = inet_ntoa($iaddr); - daemon_log("accept client at gosa socket from $actual_ip", 5); - my $in_msg = <$client>; - #my $in_msg = &read_from_socket($client); - - daemon_log(">>>>>>>>>>> frisch vom socket gelesen\n!$in_msg!\n",1); - if(defined $in_msg){ - chomp($in_msg); - &activating_child($in_msg, $actual_ip, $client); - } else { - daemon_log("cannot read from $actual_ip", 5); - } - } - #close($client); - } +# create xml object used for en/decrypting +$xml = new XML::Simple(); - # check all processing childs whether they are finished ('done') or - while ( my ($pid, $child_hash) = each %busy_child ) { - my $fhd = $$child_hash{'pipe_rd'}; +# create socket for incoming xml messages +POE::Component::Server::TCP->new( + Port => $server_port, + ClientInput => \&client_input, +); +daemon_log("start socket for incoming xml messages at port '$server_port' ", 1); + +# create session for repeatedly checking the job queue for jobs +POE::Session->create( + inline_states => { + _start => \&_start, + watch_for_new_jobs => \&watch_for_new_jobs, + } +); - if (vec($rout, fileno $fhd, 1) ) { - daemon_log("process child $pid is ready to read", 5); - $fhd->blocking(1); - my $in_msg = <$fhd>; - $fhd->blocking(0); - my $part_in_msg; - while ($part_in_msg = <$fhd>) { - if (not defined $part_in_msg) { - last; - } - $in_msg .= $part_in_msg; - } - chomp($in_msg); - - daemon_log("process child read: $in_msg", 5); - if (not defined $in_msg) { - next; - } elsif ($in_msg =~ "done") { - delete $busy_child{$pid}; - $free_child{$pid} = $child_hash; - - } else { - my $act_client = $busy_child{$pid}{client_ref}; - print $act_client $in_msg."\n"; - my $act_pipe = $busy_child{$pid}{pipe_rd}; - sleep(10); - close ($act_client); - delete $busy_child{$pid}; - $free_child{$pid} = $child_hash; +# import all modules +&import_modules; - } - } - } +# check wether all modules are gosa-si valid passwd check +POE::Kernel->run(); +exit; -}