X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-si%2Fgosa-si-server;h=3dbb629bb0194f490551ba614c21797a03a57c1c;hb=54fa8908ca0eb97e5437371c5f33d1b58524889d;hp=29a52650990ca810c40c63f223ce0aaf5ebd238e;hpb=1250b0b83f0029db59e4dc6dfa0d53b1b76e5f8f;p=gosa.git diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server index 29a526509..3dbb629bb 100755 --- a/gosa-si/gosa-si-server +++ b/gosa-si/gosa-si-server @@ -58,7 +58,7 @@ my ($xml); # variables declared in config file are always set to 'our' our (%cfg_defaults, $log_file, $pid_file, - $bus_activ, $bus_passwd, $bus_ip, $bus_port, + $bus_activ, $bus_key, $bus_ip, $bus_port, $server_activ, $server_ip, $server_port, $SIPackages_key, $max_clients, $arp_activ, $arp_fifo_path, $gosa_activ, $GosaPackages_key, $gosa_ip, $gosa_port, $gosa_timeout, @@ -112,7 +112,7 @@ our $known_clients_db; }, "bus" => {"bus_activ" => [\$bus_activ, "on"], - "bus_passwd" => [\$bus_passwd, ""], + "bus_passwd" => [\$bus_key, ""], "bus_ip" => [\$bus_ip, "0.0.0.0"], "bus_port" => [\$bus_port, "20080"], }, @@ -445,23 +445,26 @@ sub input_from_known_server { my $sql_statement= "SELECT * FROM known_server"; my $query_res = $known_server_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { my $host_name = $hit->{hostname}; if( not $host_name =~ "^$remote_ip") { next; } my $host_key = $hit->{hostkey}; - daemon_log("SIPackages: host_name: $host_name", 7); - daemon_log("SIPackages: host_key: $host_key", 7); + daemon_log("SIPackages: known_server host_name: $host_name", 7); + daemon_log("SIPackages: known_server host_key: $host_key", 7); # check if module can open msg envelope with module key - my ($msg, $msg_hash) = &check_key_and_xml_validity($input, $host_key); - if( (!$msg) || (!$msg_hash) ) { + my ($tmp_msg, $tmp_msg_hash) = &check_key_and_xml_validity($input, $host_key); + if( (!$tmp_msg) || (!$tmp_msg_hash) ) { daemon_log("SIPackages: deciphering raise error", 7); daemon_log("$@", 8); next; } else { + $msg = $tmp_msg; + $msg_hash = $tmp_msg_hash; $module = "SIPackages"; last; } @@ -487,8 +490,8 @@ sub input_from_known_client { next; } my $host_key = $hit->{hostkey}; - &daemon_log("SIPackages: host_name: $host_name", 7); - &daemon_log("SIPackages: host_key: $host_key", 7); + &daemon_log("SIPackages: known_client host_name: $host_name", 7); + &daemon_log("SIPackages: known_client host_key: $host_key", 7); # check if module can open msg envelope with module key ($msg, $msg_hash) = &check_key_and_xml_validity($input, $host_key); @@ -541,7 +544,7 @@ sub input_from_unknown_host { } if( (!$msg) || (!$msg_hash) || (!$module)) { - daemon_log("Incoming message is not from a unknown host", 3); + daemon_log("Incoming message is not from a unknown host", 5); } return ($msg, $msg_hash, $module); @@ -589,14 +592,14 @@ sub get_encrypt_key { # target can be in known_server if( !$encrypt_key ) { - my $sql_statement= "SELECT * FROM known_server"; + my $sql_statement= "SELECT * FROM known_server WHERE hostname='$target'"; my $query_res = $known_server_db->select_dbentry( $sql_statement ); while( my ($hit_num, $hit) = each %{ $query_res } ) { my $host_name = $hit->{hostname}; if( $host_name ne $target ) { next; } - my $host_key = $hit->{hostkey}; + $encrypt_key = $hit->{hostkey}; last; } } @@ -604,7 +607,7 @@ sub get_encrypt_key { # target can be in known_client if( !$encrypt_key ) { - my $sql_statement= "SELECT * FROM known_clients"; + my $sql_statement= "SELECT * FROM known_clients WHERE hostname='$target'"; my $query_res = $known_clients_db->select_dbentry( $sql_statement ); while( my ($hit_num, $hit) = each %{ $query_res } ) { my $host_name = $hit->{hostname}; @@ -700,7 +703,8 @@ sub client_input { my ($answer_header, @answer_target_l, $answer_source); my $client_answer; - daemon_log("Incoming msg:\n$input\n", 8); + daemon_log("Incoming msg from '".$heap->{'remote_ip'}."'", 7); + daemon_log("\n$input", 8); # msg is from a new client or gosa ($msg, $msg_hash, $module) = &input_from_unknown_host($input); @@ -723,7 +727,7 @@ sub client_input { ###################### # process incoming msg if( $error == 0) { - daemon_log("Processing module ".$module, 3); + daemon_log("Processing module ".$module, 5); $answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash, $heap->{'remote_ip'}); if ( 0 > @{$answer_l} ) { @@ -740,68 +744,99 @@ sub client_input { # for each answer in answer list foreach my $answer ( @{$answer_l} ) { - # check answer if gosa-si envelope conform - if( $error == 0 ) { - my $answer_hash = $xml->XMLin($answer, ForceArray=>1); - $answer_header = @{$answer_hash->{'header'}}[0]; - @answer_target_l = @{$answer_hash->{'target'}}; - $answer_source = @{$answer_hash->{'source'}}[0]; - if( !$answer_header ) { - daemon_log('ERROR: module answer is not gosa-si envelope conform: no header', 1); - $error++; - } - if( 0 == length @answer_target_l ) { - daemon_log('ERROR: module answer is not gosa-si envelope conform: no targets', 1); - $error++; - } - if( !$answer_source ) { - daemon_log('ERROR: module answer is not gosa-si envelope conform: no source', 1); - $error++; - } - - if( $error != 0 ) { - next; - } + my $error = 0; + # check answer if gosa-si envelope conform + if(defined($answer)) { + my $answer_hash = $xml->XMLin($answer, ForceArray=>1); + $answer_header = @{$answer_hash->{'header'}}[0]; + @answer_target_l = @{$answer_hash->{'target'}}; + $answer_source = @{$answer_hash->{'source'}}[0]; + if( !$answer_header ) { + daemon_log('ERROR: module answer is not gosa-si envelope conform: no header', 1); + daemon_log("\n$answer", 8); + $error++; + } + if( 0 == length @answer_target_l ) { + daemon_log('ERROR: module answer is not gosa-si envelope conform: no targets', 1); + daemon_log("\n$answer", 8); + $error++; + } + if( !$answer_source ) { + daemon_log('ERROR: module answer is not gosa-si envelope conform: no source', 1); + daemon_log("\n$answer", 8); + $error++; + } + + if( $error != 0 ) { + next; + } + } - # deliver msg to all targets - foreach my $answer_target ( @answer_target_l ) { - if( $answer_target eq "*" ) { - # answer is for all clients - my $sql_statement= "SELECT * FROM known_clients"; - my $query_res = $known_clients_db->select_dbentry( $sql_statement ); - while( my ($hit_num, $hit) = each %{ $query_res } ) { - my $host_name = $hit->{hostname}; - my $host_key = $hit->{hostkey}; - &send_msg_to_target($answer, $host_name, $host_key, $answer_header); - } + # deliver msg to all targets + foreach my $answer_target ( @answer_target_l ) { + if( $answer_target eq "*" ) { + # answer is for all clients + my $sql_statement= "SELECT * FROM known_clients"; + my $query_res = $known_clients_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + my $host_key = $hit->{hostkey}; + &send_msg_to_target($answer, $host_name, $host_key, $answer_header); } - elsif( $answer_target eq "GOSA" ) { - # answer is for GOSA and has to returned to connected client - my $gosa_answer = &encrypt_msg($answer, $GosaPackages_key); - $client_answer = $gosa_answer; + } + elsif( $answer_target eq "GOSA" ) { + # answer is for GOSA and has to returned to connected client + my $gosa_answer = &encrypt_msg($answer, $GosaPackages_key); + $client_answer = $gosa_answer; + } + elsif( $answer_target eq "KNOWN_SERVER" ) { + # answer is for all server in known_server + my $sql_statement= "SELECT * FROM known_server"; + my $query_res = $known_server_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + my $host_key = $hit->{hostkey}; + $answer =~ s/KNOWN_SERVER/$host_name/g; + &send_msg_to_target($answer, $host_name, $host_key, $answer_header); } - elsif( $answer_target eq "KNOWN_SERVER" ) { - # answer is for all server in known_server - my $sql_statement= "SELECT * FROM known_server"; - my $query_res = $known_server_db->select_dbentry( $sql_statement ); + } + elsif( $answer_target =~ /([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})/ ) { + daemon_log("target is mac address '$answer_target', looking for host in known_clients", 3); + my $sql_statement = "SELECT * FROM known_clients WHERE macaddress='$answer_target'"; + my $query_res = $known_clients_db->select_dbentry( $sql_statement ); + my $found_ip_flag = 0; + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + my $host_key = $hit->{hostkey}; + $answer =~ s/$answer_target/$host_name/g; + daemon_log("found host '$host_name', assoziated to '$answer_target'", 3); + &send_msg_to_target($answer, $host_name, $host_key, $answer_header); + $found_ip_flag++ ; + } + if( $found_ip_flag == 0) { + daemon_log("WARNING: no host found in known_clients with mac address '$answer_target', forward msg to bus", 1); + my $sql_statement = "SELECT * FROM known_server WHERE status='bus'"; + my $query_res = $known_server_db->select_dbentry( $sql_statement ); while( my ($hit_num, $hit) = each %{ $query_res } ) { - my $host_name = $hit->{hostname}; - my $host_key = $hit->{hostkey}; - $answer =~ s/KNOWN_SERVER/$host_name/g; - &send_msg_to_target($answer, $host_name, $host_key, $answer_header); + my $bus_address = $hit->{hostname}; + my $bus_key = $hit->{hostkey}; + &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header); + last; } + } - else { - # answer is for one specific host - # get encrypt_key - my $encrypt_key = &get_encrypt_key($answer_target); - if( !$encrypt_key ) { - daemon_log("ERROR: no encrypt key found for answer target '$answer_target'", 1); - next; - } - # send_msg - &send_msg_to_target($answer, $answer_target, $encrypt_key, $answer_header); + } + else { + # answer is for one specific host + # get encrypt_key + my $encrypt_key = &get_encrypt_key($answer_target); + if( !$encrypt_key ) { + daemon_log("ERROR: no encrypt key found in known_clients or known_server for target '$answer_target'", 1); + daemon_log("\n$answer", 8); + next; } + # send_msg + &send_msg_to_target($answer, $answer_target, $encrypt_key, $answer_header); } } } @@ -957,15 +992,9 @@ my @server_col_names = ('hostname', 'status', 'hostkey', 'timestamp'); $known_server_db = GOSA::DBsqlite->new($known_server_file_name); $known_server_db->create_table('known_server', \@server_col_names); -# import all modules -&import_modules; - -# check wether all modules are gosa-si valid passwd check - # create xml object used for en/decrypting $xml = new XML::Simple(); - # create socket for incoming xml messages POE::Component::Server::TCP->new( Port => $server_port, @@ -981,6 +1010,12 @@ POE::Session->create( } ); + +# import all modules +&import_modules; + +# check wether all modules are gosa-si valid passwd check + POE::Kernel->run(); exit;