X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-si%2Fgosa-si-server;h=3dbb629bb0194f490551ba614c21797a03a57c1c;hb=54fa8908ca0eb97e5437371c5f33d1b58524889d;hp=19fdc07d1f0725bc33dad6aa2c5e046ca5c1a825;hpb=1c930804a95583769c4379a23884a399b379ca34;p=gosa.git diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server index 19fdc07d1..3dbb629bb 100755 --- a/gosa-si/gosa-si-server +++ b/gosa-si/gosa-si-server @@ -25,7 +25,6 @@ use warnings; use Getopt::Long; use Config::IniFiles; use POSIX; -use Time::HiRes qw( gettimeofday ); use Fcntl; use IO::Socket::INET; @@ -40,7 +39,6 @@ use Data::Dumper; use Sys::Syslog qw( :DEFAULT setlogsock); use Cwd; use File::Spec; -use GOSA::GosaSupportDaemon; use GOSA::DBsqlite; use POE qw(Component::Server::TCP); @@ -56,17 +54,17 @@ my ($max_clients); my ($pid_file, $procid, $pid, $log_file); my (%free_child, %busy_child, $child_max, $child_min, %child_alive_time, $child_timeout); my ($arp_activ, $arp_fifo, $arp_fifo_path); +my ($xml); # variables declared in config file are always set to 'our' our (%cfg_defaults, $log_file, $pid_file, - $bus_activ, $bus_passwd, $bus_ip, $bus_port, - $server_activ, $server_ip, $server_port, $server_passwd, $max_clients, + $bus_activ, $bus_key, $bus_ip, $bus_port, + $server_activ, $server_ip, $server_port, $SIPackages_key, $max_clients, $arp_activ, $arp_fifo_path, - $gosa_activ, $gosa_passwd, $gosa_ip, $gosa_port, $gosa_timeout, + $gosa_activ, $GosaPackages_key, $gosa_ip, $gosa_port, $gosa_timeout, ); # additional variable which should be globaly accessable -our $xml; our $server_address; our $bus_address; our $gosa_address; @@ -107,14 +105,14 @@ our $known_clients_db; "child_min" => [\$child_min, 3], "child_timeout" => [\$child_timeout, 180], "job_queue_timeout" => [\$job_queue_timeout, undef], - "job_queue_file_name" => [\$job_queue_file_name, '/var/lib/gosa-si/jobs.db'], + "job_queue_file_name" => [\$job_queue_file_name, '/var/lib/gosa-si/gosa-si-server_jobs.db'], "job_queue_loop_delay" => [\$job_queue_loop_delay, 3], - "known_clients_file_name" => [\$known_clients_file_name, '/var/lib/gosa-si/known_clients.db' ], - "known_server_file_name" => [\$known_server_file_name, '/var/lib/gosa-si/known_server.db'], + "known_clients_file_name" => [\$known_clients_file_name, '/var/lib/gosa-si/gosa-si-server_known_clients.db' ], + "known_server_file_name" => [\$known_server_file_name, '/var/lib/gosa-si/gosa-si-server_known_server.db'], }, "bus" => {"bus_activ" => [\$bus_activ, "on"], - "bus_passwd" => [\$bus_passwd, ""], + "bus_passwd" => [\$bus_key, ""], "bus_ip" => [\$bus_ip, "0.0.0.0"], "bus_port" => [\$bus_port, "20080"], }, @@ -122,7 +120,7 @@ our $known_clients_db; {"server_activ" => [\$server_activ, "on"], "server_ip" => [\$server_ip, "0.0.0.0"], "server_port" => [\$server_port, "20081"], - "server_passwd" => [\$server_passwd, ""], + "SIPackages_key" => [\$SIPackages_key, "none"], "max_clients" => [\$max_clients, 100], }, "arp" => @@ -133,7 +131,7 @@ our $known_clients_db; {"gosa_activ" => [\$gosa_activ, "on"], "gosa_ip" => [\$gosa_ip, "0.0.0.0"], "gosa_port" => [\$gosa_port, "20082"], - "gosa_passwd" => [\$gosa_passwd, "none"], + "GosaPackages_key" => [\$GosaPackages_key, "none"], }, ); @@ -211,7 +209,7 @@ sub daemon_log { $hours = $hours < 10 ? $hours = "0".$hours : $hours; $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes; $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds; - my @monthnames = ("Jan", "Feb", "Mar", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"); + my @monthnames = ("Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"); $month = $monthnames[$month]; $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; $year+=1900; @@ -238,6 +236,21 @@ sub daemon_log { } +sub get_time { + my ($seconds, $minutes, $hours, $monthday, $month, + $year, $weekday, $yearday, $sommertime) = localtime(time); + $hours = $hours < 10 ? $hours = "0".$hours : $hours; + $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes; + $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds; + $month+=1; + $month = $month < 10 ? $month = "0".$month : $month; + $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; + $year+=1900; + return "$year$month$monthday$hours$minutes$seconds"; + +} + + #=== FUNCTION ================================================================ # NAME: check_cmdline_param # PARAMETERS: nothing @@ -316,8 +329,8 @@ sub check_pid { # PARAMETERS: module_path - string - abs. path to the directory the modules # are stored # RETURNS: nothing -# DESCRIPTION: each file in module_path which ends with '.pm' is imported by -# "require 'file';" +# DESCRIPTION: each file in module_path which ends with '.pm' and activation +# state is on is imported by "require 'file';" #=============================================================================== sub import_modules { daemon_log(" ", 1); @@ -331,25 +344,28 @@ sub import_modules { if (not $file =~ /(\S*?).pm$/) { next; } + my $mod_name = $1; + + if( $file =~ /ArpHandler.pm/ ) { + if( $no_arp > 0 ) { + next; + } + } + eval { require $file; }; if ($@) { daemon_log("ERROR: gosa-si-server could not load module $file", 1); daemon_log("$@", 5); - } else { - my $mod_name = $1; - my $info = eval($mod_name.'::get_module_info()'); - my ($input_address, $input_key, $input, $input_active, $input_type) = @{$info}; - $known_modules->{$mod_name} = $info; - - daemon_log("module $mod_name loaded", 1); - } + } else { + my $info = eval($mod_name.'::get_module_info()'); + # Only load module if get_module_info() returns a non-null object + if( $info ) { + my ($input_address, $input_key, $input, $input_active, $input_type) = @{$info}; + $known_modules->{$mod_name} = $info; + daemon_log("module $mod_name loaded", 1); + } + } } - - # for debugging - #while ( my ($module, $tag_hash) = each(%$known_modules)) { - # print "\tmodule: $module"."\n"; - # print "\ttags: ".join(", ", keys(%$tag_hash))."\n"; - #} close (DIR); } @@ -369,31 +385,548 @@ sub sig_int_handler { $SIG{INT} = \&sig_int_handler; + +sub check_key_and_xml_validity { + my ($crypted_msg, $module_key) = @_; +#print STDERR "crypted_msg:$crypted_msg\n"; +#print STDERR "modul_key:$module_key\n"; + + my $msg; + my $msg_hash; + eval{ + $msg = &decrypt_msg($crypted_msg, $module_key); + &main::daemon_log("decrypted_msg: \n$msg", 8); + + $msg_hash = $xml->XMLin($msg, ForceArray=>1); + + # check header + my $header_l = $msg_hash->{'header'}; + if( 1 != @{$header_l} ) { + die'header error'; + } + my $header = @{$header_l}[0]; + if( 0 == length $header) { + die 'header error'; + } + + # check source + my $source_l = $msg_hash->{'source'}; + if( 1 != @{$source_l} ) { + die'source error'; + } + my $source = @{$source_l}[0]; + if( 0 == length $source) { + die 'source error'; + } + + # check target + my $target_l = $msg_hash->{'target'}; + if( 1 != @{$target_l} ) { + die'target error'; + } + my $target = @{$target_l}[0]; + if( 0 == length $target) { + die 'target error'; + } + + }; + if($@) { + &main::daemon_log("WARNING: do not understand the message:", 5); + &main::daemon_log("$@", 8); + } + + return ($msg, $msg_hash); +} + + +sub input_from_known_server { + my ($input, $remote_ip) = @_ ; + my ($msg, $msg_hash, $module); + + my $sql_statement= "SELECT * FROM known_server"; + my $query_res = $known_server_db->select_dbentry( $sql_statement ); + + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + if( not $host_name =~ "^$remote_ip") { + next; + } + my $host_key = $hit->{hostkey}; + daemon_log("SIPackages: known_server host_name: $host_name", 7); + daemon_log("SIPackages: known_server host_key: $host_key", 7); + + # check if module can open msg envelope with module key + my ($tmp_msg, $tmp_msg_hash) = &check_key_and_xml_validity($input, $host_key); + if( (!$tmp_msg) || (!$tmp_msg_hash) ) { + daemon_log("SIPackages: deciphering raise error", 7); + daemon_log("$@", 8); + next; + } + else { + $msg = $tmp_msg; + $msg_hash = $tmp_msg_hash; + $module = "SIPackages"; + last; + } + } + + if( (!$msg) || (!$msg_hash) || (!$module) ) { + daemon_log("Incoming message is not from a known server", 3); + } + + return ($msg, $msg_hash, $module); +} + + +sub input_from_known_client { + my ($input, $remote_ip) = @_ ; + my ($msg, $msg_hash, $module); + + my $sql_statement= "SELECT * FROM known_clients"; + my $query_res = $known_clients_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + if( not $host_name =~ /^$remote_ip:\d*$/) { + next; + } + my $host_key = $hit->{hostkey}; + &daemon_log("SIPackages: known_client host_name: $host_name", 7); + &daemon_log("SIPackages: known_client host_key: $host_key", 7); + + # check if module can open msg envelope with module key + ($msg, $msg_hash) = &check_key_and_xml_validity($input, $host_key); + + if( (!$msg) || (!$msg_hash) ) { + &daemon_log("SIPackages: deciphering raise error", 7); + &daemon_log("$@", 8); + next; + } + else { + $module = "SIPackages"; + last; + } + } + + if( (!$msg) || (!$msg_hash) || (!$module) ) { + &daemon_log("Incoming message is not from a known client", 3); + } + + return ($msg, $msg_hash, $module); +} + + +sub input_from_unknown_host { + no strict "refs"; + my ($input) = @_ ; + my ($msg, $msg_hash, $module); + + my %act_modules = %$known_modules; + + while( my ($mod, $info) = each(%act_modules)) { + # check a key exists for this module + my $module_key = ${$mod."_key"}; + if( ! $module_key ) { + daemon_log("ERROR: no key specified in config file for $mod", 1); + next; + } + daemon_log("$mod: $module_key", 5); + + # check if module can open msg envelope with module key + ($msg, $msg_hash) = &check_key_and_xml_validity($input, $module_key); + if( (!$msg) || (!$msg_hash) ) { + daemon_log("$mod: deciphering failed", 5); + next; + } + else { + $module = $mod; + last; + } + } + + if( (!$msg) || (!$msg_hash) || (!$module)) { + daemon_log("Incoming message is not from a unknown host", 5); + } + + return ($msg, $msg_hash, $module); +} + +sub create_ciphering { + my ($passwd) = @_; + $passwd = substr(md5_hex("$passwd") x 32, 0, 32); + my $iv = substr(md5_hex('GONICUS GmbH'),0, 16); + my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC()); + $my_cipher->set_iv($iv); + return $my_cipher; +} + + +sub encrypt_msg { + my ($msg, $key) = @_; + my $my_cipher = &create_ciphering($key); + { + use bytes; + $msg = "\0"x(16-length($msg)%16).$msg; + } + $msg = $my_cipher->encrypt($msg); + chomp($msg = &encode_base64($msg)); + # there are no newlines allowed inside msg + $msg=~ s/\n//g; + return $msg; +} + + +sub decrypt_msg { + my ($msg, $key) = @_ ; + $msg = &decode_base64($msg); + my $my_cipher = &create_ciphering($key); + $msg = $my_cipher->decrypt($msg); + $msg =~ s/\0*//g; + return $msg; +} + + +sub get_encrypt_key { + my ($target) = @_ ; + my $encrypt_key; + my $error = 0; + + # target can be in known_server + if( !$encrypt_key ) { + my $sql_statement= "SELECT * FROM known_server WHERE hostname='$target'"; + my $query_res = $known_server_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + if( $host_name ne $target ) { + next; + } + $encrypt_key = $hit->{hostkey}; + last; + } + } + + + # target can be in known_client + if( !$encrypt_key ) { + my $sql_statement= "SELECT * FROM known_clients WHERE hostname='$target'"; + my $query_res = $known_clients_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + if( $host_name ne $target ) { + next; + } + $encrypt_key = $hit->{hostkey}; + last; + } + } + + return $encrypt_key; +} + + #=== FUNCTION ================================================================ -# NAME: create_known_client -# PARAMETERS: hostname - string - key for the hash known_clients -# RETURNS: nothing -# DESCRIPTION: creates a dummy entry for hostname in known_clients +# NAME: open_socket +# PARAMETERS: PeerAddr string something like 192.168.1.1 or 192.168.1.1:10000 +# [PeerPort] string necessary if port not appended by PeerAddr +# RETURNS: socket IO::Socket::INET +# DESCRIPTION: open a socket to PeerAddr #=============================================================================== -sub create_known_client { - my ($hostname) = @_; - - my $entry = { table=>'known_clients', - hostname=>$hostname, - status=>'none', - hostkey=>'none', - timestamp=>'none', - macaddress=>'none', - events=>'none', - }; - my $res = $known_clients_db->add_dbentry($entry); - if ($res > 0) { - daemon_log("ERROR: cannot add entry to known_clients.db: $res", 1); +sub open_socket { + my ($PeerAddr, $PeerPort) = @_ ; + if(defined($PeerPort)){ + $PeerAddr = $PeerAddr.":".$PeerPort; + } + my $socket; + $socket = new IO::Socket::INET(PeerAddr => $PeerAddr, + Porto => "tcp", + Type => SOCK_STREAM, + Timeout => 5, + ); + if(not defined $socket) { + return; } + &daemon_log("open_socket: $PeerAddr", 7); + return $socket; +} + + +sub send_msg_to_target { + my ($msg, $address, $encrypt_key, $msg_header) = @_ ; + my $error = 0; + + if( $msg_header ) { + $msg_header = "'$msg_header'-"; + } + else { + $msg_header = ""; + } + + # encrypt xml msg + my $crypted_msg = &encrypt_msg($msg, $encrypt_key); + + # opensocket + my $socket = &open_socket($address); + if( !$socket ) { + daemon_log("cannot send ".$msg_header."msg to $address , host not reachable", 1); + $error++; + } + + if( $error == 0 ) { + # send xml msg + print $socket $crypted_msg."\n"; + + daemon_log("send ".$msg_header."msg to $address", 1); + daemon_log("message:\n$msg", 8); + + } + + # close socket in any case + if( $socket ) { + close $socket; + } + + return; +} + + +sub _start { + my ($kernel) = $_[KERNEL]; + &trigger_db_loop($kernel); +} + + +sub client_input { + no strict "refs"; + my ($heap,$input,$wheel) = @_[HEAP, ARG0, ARG1]; + my ($msg, $msg_hash, $module); + my $error = 0; + my $answer_l; + my ($answer_header, @answer_target_l, $answer_source); + my $client_answer; + + daemon_log("Incoming msg from '".$heap->{'remote_ip'}."'", 7); + daemon_log("\n$input", 8); + + # msg is from a new client or gosa + ($msg, $msg_hash, $module) = &input_from_unknown_host($input); + + # msg is from a gosa-si-server or gosa-si-bus + if(( !$msg ) || ( !$msg_hash ) || ( !$module )){ + ($msg, $msg_hash, $module) = &input_from_known_server($input, $heap->{'remote_ip'}); + } + + # msg is from a gosa-si-client + if(( !$msg ) || ( !$msg_hash ) || ( !$module )){ + ($msg, $msg_hash, $module) = &input_from_known_client($input, $heap->{'remote_ip'}); + } + + # an error occurred + if(( !$msg ) || ( !$msg_hash ) || ( !$module )){ + $error++; + } + + ###################### + # process incoming msg + if( $error == 0) { + daemon_log("Processing module ".$module, 5); + $answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash, $heap->{'remote_ip'}); + + if ( 0 > @{$answer_l} ) { + my $answer_str = join("\n", @{$answer_l}); + daemon_log("$module: Got answer from module: \n".$answer_str,8); + } + } + if( !$answer_l ) { $error++ }; + + ######## + # answer + if( $error == 0 ) { + + # for each answer in answer list + foreach my $answer ( @{$answer_l} ) { + + my $error = 0; + # check answer if gosa-si envelope conform + if(defined($answer)) { + my $answer_hash = $xml->XMLin($answer, ForceArray=>1); + $answer_header = @{$answer_hash->{'header'}}[0]; + @answer_target_l = @{$answer_hash->{'target'}}; + $answer_source = @{$answer_hash->{'source'}}[0]; + if( !$answer_header ) { + daemon_log('ERROR: module answer is not gosa-si envelope conform: no header', 1); + daemon_log("\n$answer", 8); + $error++; + } + if( 0 == length @answer_target_l ) { + daemon_log('ERROR: module answer is not gosa-si envelope conform: no targets', 1); + daemon_log("\n$answer", 8); + $error++; + } + if( !$answer_source ) { + daemon_log('ERROR: module answer is not gosa-si envelope conform: no source', 1); + daemon_log("\n$answer", 8); + $error++; + } + + if( $error != 0 ) { + next; + } + } + + # deliver msg to all targets + foreach my $answer_target ( @answer_target_l ) { + if( $answer_target eq "*" ) { + # answer is for all clients + my $sql_statement= "SELECT * FROM known_clients"; + my $query_res = $known_clients_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + my $host_key = $hit->{hostkey}; + &send_msg_to_target($answer, $host_name, $host_key, $answer_header); + } + } + elsif( $answer_target eq "GOSA" ) { + # answer is for GOSA and has to returned to connected client + my $gosa_answer = &encrypt_msg($answer, $GosaPackages_key); + $client_answer = $gosa_answer; + } + elsif( $answer_target eq "KNOWN_SERVER" ) { + # answer is for all server in known_server + my $sql_statement= "SELECT * FROM known_server"; + my $query_res = $known_server_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + my $host_key = $hit->{hostkey}; + $answer =~ s/KNOWN_SERVER/$host_name/g; + &send_msg_to_target($answer, $host_name, $host_key, $answer_header); + } + } + elsif( $answer_target =~ /([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})/ ) { + daemon_log("target is mac address '$answer_target', looking for host in known_clients", 3); + my $sql_statement = "SELECT * FROM known_clients WHERE macaddress='$answer_target'"; + my $query_res = $known_clients_db->select_dbentry( $sql_statement ); + my $found_ip_flag = 0; + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + my $host_key = $hit->{hostkey}; + $answer =~ s/$answer_target/$host_name/g; + daemon_log("found host '$host_name', assoziated to '$answer_target'", 3); + &send_msg_to_target($answer, $host_name, $host_key, $answer_header); + $found_ip_flag++ ; + } + if( $found_ip_flag == 0) { + daemon_log("WARNING: no host found in known_clients with mac address '$answer_target', forward msg to bus", 1); + my $sql_statement = "SELECT * FROM known_server WHERE status='bus'"; + my $query_res = $known_server_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $bus_address = $hit->{hostname}; + my $bus_key = $hit->{hostkey}; + &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header); + last; + } + + } + } + else { + # answer is for one specific host + # get encrypt_key + my $encrypt_key = &get_encrypt_key($answer_target); + if( !$encrypt_key ) { + daemon_log("ERROR: no encrypt key found in known_clients or known_server for target '$answer_target'", 1); + daemon_log("\n$answer", 8); + next; + } + # send_msg + &send_msg_to_target($answer, $answer_target, $encrypt_key, $answer_header); + } + } + } + } + + if( $client_answer ) { + $heap->{client}->put($client_answer); + } + + return; +} + + + +sub trigger_db_loop { +# my ($kernel) = $_[KERNEL]; + my ($kernel) = @_ ; + $kernel->delay_set('watch_for_new_jobs',3); +} + + +sub watch_for_new_jobs { + my ($kernel,$heap) = @_[KERNEL, HEAP]; + + # check gosa job queue for jobs with executable timestamp + my $timestamp = &get_time(); + + my $sql_statement = "SELECT * FROM ".$job_queue_table_name. + " WHERE status='waiting' AND timestamp<'$timestamp'"; + + my $res = $job_db->select_dbentry( $sql_statement ); + + while( my ($id, $hit) = each %{$res} ) { + + my $jobdb_id = $hit->{id}; + my $macaddress = $hit->{macaddress}; + my $job_msg_hash = &transform_msg2hash($hit->{xmlmessage}); + my $out_msg_hash = $job_msg_hash; + my $sql_statement = "SELECT * FROM known_clients WHERE macaddress='$macaddress'"; + my $res_hash = $known_clients_db->select_dbentry( $sql_statement ); + # expect macaddress is unique!!!!!! + my $target = $res_hash->{1}->{hostname}; + + if (not defined $target) { + &daemon_log("ERROR: no host found for mac address: $job_msg_hash->{mac}[0]", 1); + &daemon_log("xml message: $hit->{xmlmessage}", 5); + my $sql_statement = "UPDATE $job_queue_table_name ". + "SET status='error', result='no host found for mac address' ". + "WHERE id='$jobdb_id'"; + my $res = $job_db->update_dbentry($sql_statement); + next; + } + + # add target + &add_content2xml_hash($out_msg_hash, "target", $target); + + # add new header + my $out_header = $job_msg_hash->{header}[0]; + $out_header =~ s/job_/gosa_/; + delete $out_msg_hash->{header}; + &add_content2xml_hash($out_msg_hash, "header", $out_header); + + # add sqlite_id + &add_content2xml_hash($out_msg_hash, "jobdb_id", $jobdb_id); + + my $out_msg = &create_xml_string($out_msg_hash); + + # encrypt msg as a GosaPackage module + my $cipher = &create_ciphering($GosaPackages_key); + my $crypted_out_msg = &encrypt_msg($out_msg, $cipher); + + my $error = &send_msg_hash2address($out_msg_hash, "$gosa_ip:$gosa_port", $GosaPackages_key); - return; + if ($error == 0) { + my $sql_statement = "UPDATE $job_queue_table_name ". + "SET status='processing', targettag='$target' ". + "WHERE id='$jobdb_id'"; + my $res = $job_db->update_dbentry($sql_statement); + } else { + my $sql_statement = "UPDATE $job_queue_table_name ". + "SET status='error' ". + "WHERE id='$jobdb_id'"; + my $res = $job_db->update_dbentry($sql_statement); + } + } + + $kernel->delay_set('watch_for_new_jobs',3); } + #==== MAIN = main ============================================================== # parse commandline options Getopt::Long::Configure( "bundling" ); @@ -442,7 +975,7 @@ daemon_log(" ", 1); daemon_log("$0 started!", 1); # delete old DBsqlite lock files -system('rm -f /tmp/gosa_si_lock*'); +system('rm -f /tmp/gosa_si_lock*gosa-si-server*'); # connect to gosa-si job queue my @job_col_names = ("id", "timestamp", "status", "result", "headertag", "targettag", "xmlmessage", "macaddress"); @@ -459,273 +992,30 @@ my @server_col_names = ('hostname', 'status', 'hostkey', 'timestamp'); $known_server_db = GOSA::DBsqlite->new($known_server_file_name); $known_server_db->create_table('known_server', \@server_col_names); -# import all modules -&import_modules; - -# check wether all modules are gosa-si valid passwd check +# create xml object used for en/decrypting +$xml = new XML::Simple(); -# create reading and writing vectors -my $rbits = my $wbits = my $ebits = ""; - -# add all module inputs to listening vector -# while( my ($mod_name, $info) = each %$known_modules ) { -# my ($input_address, $input_key, $input, $input_activ, $input_type) = @{$info}; -# vec($rbits, fileno $input, 1) = 1; -# -# } - - -## start arp fifo -#if ($no_arp > 0) { -# $arp_activ = "off"; -#} -#my $my_fifo; -#if($arp_activ eq "on") { -# daemon_log(" ", 1); -# $my_fifo = &open_fifo($arp_fifo_path); -# if($my_fifo == 0) { die "fifo file disappeared\n" } -# sysopen($arp_fifo, $arp_fifo_path, O_RDWR) or die "can't read from $arp_fifo: $!" ; -# -# vec($rbits, fileno $arp_fifo, 1) = 1; -#} -# - -################################### -##everything ready, okay, lets start -################################### -#while(1) { -# -# # add all handles from the childs -# while ( my ($pid, $child_hash) = each %busy_child ) { -# -# # check whether process still exists -# my $exitus_pid = waitpid($pid, WNOHANG); -# if($exitus_pid != 0) { -# delete $busy_child{$pid}; -# next; -# } -# -# # add child fhd to the listener -# my $fhd = $$child_hash{'pipe_rd'}; -# vec($rbits, fileno $fhd, 1) = 1; -# } -# -# my ($rout, $wout); -# my $nf = select($rout=$rbits, $wout=$wbits, undef, $job_queue_timeout); -# -# # error handling -# if($nf < 0 ) { -# } -# -# -## if($arp_activ eq "on" && vec($rout, fileno $arp_fifo, 1)) { -## my $in_msg = <$arp_fifo>; -## chomp($in_msg); -## print "arp_activ: msg: $in_msg\n"; -## my $act_passwd = $known_daemons->{$bus_address}->{passwd}; -## print "arp_activ: arp_passwd: $act_passwd\n"; -## -## my $in_msg_hash = $xml->XMLin($in_msg, ForceArray=>1); -## -## my $target = &get_content_from_xml_hash($in_msg_hash, 'target'); -## -## if ($target eq $server_address) { -## print "arp_activ: forward to server\n"; -## my $arp_cipher = &create_ciphering($act_passwd); -## my $crypted_msg = &encrypt_msg($in_msg, $arp_cipher); -## &activating_child($crypted_msg, $server_ip); -## } else { -## print "arp_activ: send to bus\n"; -## &send_msg_hash2address($in_msg_hash, $bus_address); -## } -## print "\n"; -## } -# -# -# # check input fhd of all modules -# while ( my ($mod_name, $info) = each %$known_modules) { -# my $input_fhd = @{$info}[2]; -# my $input_activ = @{$info}[3]; -# if (vec($rout, fileno $input_fhd, 1) && $input_activ eq 'on') { -# daemon_log(" ", 1); -# my $client = $input_fhd->accept(); -# my $other_end = getpeername($client); -# if(not defined $other_end) { -# daemon_log("client cannot be identified: $!"); -# } else { -# my ($port, $iaddr) = unpack_sockaddr_in($other_end); -# my $actual_ip = inet_ntoa($iaddr); -# daemon_log("accept client at daemon socket from $actual_ip", 5); -# my $in_msg = &read_from_socket($client); -# if(defined $in_msg){ -# chomp($in_msg); -# &activating_child($in_msg, $actual_ip, $client); -# } else { -# daemon_log("cannot read from $actual_ip", 5); -# } -# } -# } -# } -# -# # check all processing childs whether they are finished ('done') or -# while ( my ($pid, $child_hash) = each %busy_child ) { -# my $fhd = $$child_hash{'pipe_rd'}; -# -# if (vec($rout, fileno $fhd, 1) ) { -# daemon_log("process child $pid is ready to read", 5); -# -# my $in_msg; -# while (1) { -# my $part_in_msg = <$fhd>; -# if( $part_in_msg eq "ENDMESSAGE\n") { -# last; -# } -# $in_msg .= $part_in_msg; -# } -# chomp($in_msg); -# -# if (not defined $in_msg) { -# next; -# } elsif ($in_msg =~ "done") { -# daemon_log("process child read: $in_msg", 7); -# delete $busy_child{$pid}; -# $free_child{$pid} = $child_hash; -# -# } else { -# daemon_log("process child read:", 7); -# daemon_log("\n$in_msg", 8); -# # send computed answer back to connected client -# my $act_client = $busy_child{$pid}{client_ref}; -# print $act_client $in_msg."\n"; -# delete $busy_child{$pid}; -# $free_child{$pid} = $child_hash; -# -# } -# } -# } -# -# -# } -# -# -#} - -POE::Session->create -( - inline_states => { - _start => \&trigger_db_loop, - watch_for_new_jobs => \&watch_for_new_jobs, - } -); - -POE::Component::Server::TCP->new -( +# create socket for incoming xml messages +POE::Component::Server::TCP->new( Port => $server_port, ClientInput => \&client_input, ); +daemon_log("start socket for incoming xml messages at port '$server_port' ", 1); -POE::Kernel->run(); -exit; - -sub client_input { - my ($heap,$input,$wheel) = @_[HEAP, ARG0, ARG1]; - ###################################### - # forward msg to all imported modules - no strict "refs"; - my $answer; - my %act_modules = %$known_modules; - while( my ($module, $info) = each(%act_modules)) { - daemon_log("Processing module ".$module, 3); - my $tmp = &{ $module."::process_incoming_msg" }($input.".".$heap->{remote_ip}."\n"); - if (defined $tmp) { - $answer = $tmp; - } - daemon_log("Got answer from module ".$module.": ".$answer,3); - } - daemon_log("processing of msg finished", 5); - - if (defined $answer) { - $heap->{client}->put($answer); - } else { - $heap->{client}->put("done\n"); +# create session for repeatedly checking the job queue for jobs +POE::Session->create( + inline_states => { + _start => \&_start, + watch_for_new_jobs => \&watch_for_new_jobs, } -} - -sub trigger_db_loop { - my ($kernel) = $_[KERNEL]; - $kernel->delay_set('watch_for_new_jobs',3); -} - -sub watch_for_new_jobs { - my ($kernel,$heap) = @_[KERNEL, HEAP]; - - # check gosa job queue for jobs with executable timestamp - my ($seconds, $minutes, $hours, $monthday, $month, - $year, $weekday, $yearday, $sommertime) = localtime(time); - $hours = $hours < 10 ? $hours = "0".$hours : $hours; - $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes; - $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds; - $month+=1; - $month = $month < 10 ? $month = "0".$month : $month; - $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; - $year+=1900; - my $timestamp = "$year$month$monthday$hours$minutes$seconds"; - - my $res = $job_db->select_dbentry( { table=>$job_queue_table_name, status=>'waiting', timestamp=>$timestamp } ); - - while( my ($id, $hit) = each %{$res} ) { - - my $jobdb_id = $hit->{id}; - my $macaddress = $hit->{macaddress}; - my $job_msg_hash = &transform_msg2hash($hit->{xmlmessage}); - my $out_msg_hash = $job_msg_hash; - my $res_hash = $known_clients_db->select_dbentry( {table=>'known_clients', macaddress=>$macaddress} ); - # expect macaddress is unique!!!!!! - my $target = $res_hash->{1}->{hostname}; - - if (not defined $target) { - &daemon_log("ERROR: no host found for mac address: $job_msg_hash->{mac}[0]", 1); - &daemon_log("xml message: $hit->{xmlmessage}", 5); - my $update_hash = { table=>$job_queue_table_name, - update=> [ { status=>['error'], result=>["no host found for mac address"] } ], - where=> [ { id=>[$jobdb_id] } ], - }; - my $res = $job_db->update_dbentry($update_hash); - - next; - } - - # add target - &add_content2xml_hash($out_msg_hash, "target", $target); - - # add new header - my $out_header = $job_msg_hash->{header}[0]; - $out_header =~ s/job_/gosa_/; - delete $out_msg_hash->{header}; - &add_content2xml_hash($out_msg_hash, "header", $out_header); - - # add sqlite_id - &add_content2xml_hash($out_msg_hash, "jobdb_id", $jobdb_id); +); - my $out_msg = &create_xml_string($out_msg_hash); - # encrypt msg as a GosaPackage module - my $cipher = &create_ciphering($gosa_passwd); - my $crypted_out_msg = &encrypt_msg($out_msg, $cipher); +# import all modules +&import_modules; - my $error = &send_msg_hash2address($out_msg_hash, "$gosa_ip:$gosa_port", $gosa_passwd); +# check wether all modules are gosa-si valid passwd check - if ($error == 0) { - my $sql = "UPDATE '$job_queue_table_name' SET status='processing', targettag='$target' WHERE id='$jobdb_id'"; - my $res = $job_db->exec_statement($sql); - } else { - my $update_hash = { table=>$job_queue_table_name, - update=> [ { status=>'error' } ], - where=> [ { id=>$jobdb_id } ], - }; - my $res = $job_db->update_dbentry($update_hash); - } - } +POE::Kernel->run(); +exit; - $kernel->delay_set('watch_for_new_jobs',3); -}