X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-si%2Fgosa-si-server;h=9860dcfc4b7275d1d344e5b5d724b420bc9d7647;hb=7e8dc5687f8e539ba172ca704d73e251b19b3bfb;hp=0902420ed9fcf0d9e0f3f7023e8db43df6dc2758;hpb=90f776d38c1d42e57b249677d641711790c58d39;p=gosa.git diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server index 0902420ed..9860dcfc4 100755 --- a/gosa-si/gosa-si-server +++ b/gosa-si/gosa-si-server @@ -25,6 +25,7 @@ use warnings; use Getopt::Long; use Config::IniFiles; use POSIX; +use utf8; use Fcntl; use IO::Socket::INET; @@ -50,8 +51,8 @@ use lib "/usr/lib/gosa-si/modules"; my (%cfg_defaults, $foreground, $verbose, $ping_timeout); my ($bus_activ, $bus, $msg_to_bus, $bus_cipher); my ($server, $server_mac_address); -my ($gosa_server, $job_queue_timeout, $job_queue_table_name, $job_queue_file_name,$job_queue_loop_delay); -my ($known_modules, $known_clients_file_name, $known_server_file_name); +my ($gosa_server, $job_queue_timeout, $job_queue_loop_delay); +my ($known_modules); my ($pid_file, $procid, $pid, $log_file); my ($arp_activ, $arp_fifo); my ($xml); @@ -87,16 +88,27 @@ $bus_activ = "true"; $no_arp = 0; -# name of table for storing gosa jobs -our $job_queue_table_name = 'jobs'; +our $prg= basename($0); + +# holds all gosa jobs +my $job_queue_file_name; our $job_db; +our $job_queue_tn = 'jobs'; # holds all other gosa-sd as well as the gosa-sd-bus +my $known_server_file_name; our $known_server_db; +our $known_server_tn = "known_server"; # holds all registrated clients +my $known_clients_file_name; our $known_clients_db; -our $prg= basename($0); +our $known_clients_tn = "known_clients"; + +# holds all logged in user at each client +my $login_users_file_name; +our $login_users_db; +our $login_users_tn = "login_users"; %cfg_defaults = ( "general" => { @@ -107,10 +119,11 @@ our $prg= basename($0); "activ" => [\$bus_activ, "true"], }, "server" => { -# "ip" => [\$server_ip, "0.0.0.0"], +# "ip" => [\$server_ip, "0.0.0.0"], "port" => [\$server_port, "20081"], "known-clients" => [\$known_clients_file_name, '/var/lib/gosa-si/clients.db' ], "known-servers" => [\$known_server_file_name, '/var/lib/gosa-si/servers.db'], + "login-users" => [\$login_users_file_name, '/var/lib/gosa-si/users.db'], "gosa-unit-tag" => [\$gosa_unit_tag, ""], }, "GOsaPackages" => { @@ -213,15 +226,6 @@ sub daemon_log { } close( LOG_HANDLE ); } -#log into syslog -# my ($msg, $level, $facility) = @_; -# if(not defined $msg) {return} -# if(not defined $level) {$level = "info"} -# if(not defined $facility) {$facility = "LOG_DAEMON"} -# openlog($0, "pid,cons,", $facility); -# syslog($level, $msg); -# closelog; -# return; } @@ -336,7 +340,7 @@ sub import_modules { if( $info ) { my ($input_address, $input_key, $input, $input_active, $input_type) = @{$info}; $known_modules->{$mod_name} = $info; - daemon_log("module $mod_name loaded", 1); + daemon_log("INFO: module $mod_name loaded", 5); } } } @@ -362,9 +366,9 @@ $SIG{INT} = \&sig_int_handler; sub check_key_and_xml_validity { my ($crypted_msg, $module_key) = @_; - my $msg; my $msg_hash; + my $error_string; eval{ $msg = &decrypt_msg($crypted_msg, $module_key); @@ -372,40 +376,36 @@ sub check_key_and_xml_validity { &main::daemon_log("decrypted_msg: \n$msg", 8); $msg_hash = $xml->XMLin($msg, ForceArray=>1); + ############## # check header + if( not exists $msg_hash->{'header'} ) { die "no header specified"; } my $header_l = $msg_hash->{'header'}; - if( 1 != @{$header_l} ) { - die 'header error'; - } + if( 1 > @{$header_l} ) { die 'empty header tag'; } + if( 1 < @{$header_l} ) { die 'more than one header specified'; } my $header = @{$header_l}[0]; - if( 0 == length $header) { - die 'header error'; - } + if( 0 == length $header) { die 'empty string in header tag'; } + ############## # check source + if( not exists $msg_hash->{'source'} ) { die "no source specified"; } my $source_l = $msg_hash->{'source'}; - if( not defined @{$source_l} or 1 != @{$source_l} ) { - die 'source error'; - } + if( 1 > @{$source_l} ) { die 'empty source tag'; } + if( 1 < @{$source_l} ) { die 'more than one source specified'; } my $source = @{$source_l}[0]; - if( 0 == length $source) { - die 'source error'; - } + if( 0 == length $source) { die 'source error'; } + ############## # check target + if( not exists $msg_hash->{'target'} ) { die "no target specified"; } my $target_l = $msg_hash->{'target'}; - if( 1 != @{$target_l} ) { - die'target error'; - } - my $target = @{$target_l}[0]; - if( 0 == length $target) { - die 'target error'; - } + if( 1 > @{$target_l} ) { die 'empty target tag'; } } }; if($@) { &main::daemon_log("WARNING: do not understand the message", 5); &main::daemon_log("$@", 8); + $msg = undef; + $msg_hash = undef; } return ($msg, $msg_hash); @@ -459,6 +459,7 @@ sub check_outgoing_xml_validity { $target =~ /^GOSA$/i || $target =~ /^\*$/ || $target =~ /KNOWN_SERVER/i || + $target =~ /JOBDB/i || $target =~ /^([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})$/i ){ die "target '$target' is not a complete ip-address with port or a valid target name or a mac-address"; } @@ -466,7 +467,7 @@ sub check_outgoing_xml_validity { }; if($@) { daemon_log("WARNING: outgoing msg is not gosa-si envelope conform", 5); - daemon_log("$@ $msg", 8); + daemon_log("$@ ".(defined($msg) && length($msg)>0)?$msg:"Empty Message", 8); $msg_hash = undef; } @@ -487,13 +488,13 @@ sub input_from_known_server { next; } my $host_key = $hit->{hostkey}; - daemon_log("SIPackages: known_server host_name: $host_name", 7); - daemon_log("SIPackages: known_server host_key: $host_key", 7); + daemon_log("DEBUG: input_from_known_server: host_name: $host_name", 7); + daemon_log("DEBUG: input_from_known_server: host_key: $host_key", 7); # check if module can open msg envelope with module key my ($tmp_msg, $tmp_msg_hash) = &check_key_and_xml_validity($input, $host_key); if( (!$tmp_msg) || (!$tmp_msg_hash) ) { - daemon_log("SIPackages: deciphering raise error", 7); + daemon_log("DEBUG: input_from_known_server: deciphering raise error", 7); daemon_log("$@", 8); next; } @@ -506,7 +507,7 @@ sub input_from_known_server { } if( (!$msg) || (!$msg_hash) || (!$module) ) { - daemon_log("Incoming message is not from a known server", 3); + daemon_log("INFO: Incoming message is not from a known server", 5); } return ($msg, $msg_hash, $module); @@ -522,17 +523,17 @@ sub input_from_known_client { while( my ($hit_num, $hit) = each %{ $query_res } ) { my $host_name = $hit->{hostname}; if( not $host_name =~ /^$remote_ip:\d*$/) { - next; + next; } my $host_key = $hit->{hostkey}; - &daemon_log("SIPackages: known_client host_name: $host_name", 7); - &daemon_log("SIPackages: known_client host_key: $host_key", 7); + &daemon_log("DEBUG: input_from_known_client: host_name: $host_name", 7); + &daemon_log("DEBUG: input_from_known_client: host_key: $host_key", 7); # check if module can open msg envelope with module key ($msg, $msg_hash) = &check_key_and_xml_validity($input, $host_key); if( (!$msg) || (!$msg_hash) ) { - &daemon_log("SIPackages: deciphering raise error", 7); + &daemon_log("DEGUG: input_from_known_client: deciphering raise error", 7); &daemon_log("$@", 8); next; } @@ -543,7 +544,7 @@ sub input_from_known_client { } if( (!$msg) || (!$msg_hash) || (!$module) ) { - &daemon_log("Incoming message is not from a known client", 3); + &daemon_log("INFO: Incoming message is not from a known client", 5); } return ($msg, $msg_hash, $module); @@ -554,6 +555,7 @@ sub input_from_unknown_host { no strict "refs"; my ($input) = @_ ; my ($msg, $msg_hash, $module); + my $error_string; my %act_modules = %$known_modules; @@ -561,19 +563,18 @@ sub input_from_unknown_host { # check a key exists for this module my $module_key = ${$mod."_key"}; - if( ! $module_key ) { + if( not defined $module_key ) { if( $mod eq 'ArpHandler' ) { next; } daemon_log("ERROR: no key specified in config file for $mod", 1); next; } - daemon_log("$mod: $module_key", 5); + daemon_log("DEBUG: $mod: $module_key", 7); # check if module can open msg envelope with module key ($msg, $msg_hash) = &check_key_and_xml_validity($input, $module_key); - if( (!$msg) || (!$msg_hash) ) { - #daemon_log("$mod: deciphering failed", 5); + if( (not defined $msg) || (not defined $msg_hash) ) { next; } else { @@ -583,7 +584,7 @@ sub input_from_unknown_host { } if( (!$msg) || (!$msg_hash) || (!$module)) { - daemon_log("Incoming message is not from a unknown host", 5); + daemon_log("INFO: Incoming message is not from an unknown host", 5); } return ($msg, $msg_hash, $module); @@ -606,10 +607,12 @@ sub create_ciphering { sub encrypt_msg { my ($msg, $key) = @_; my $my_cipher = &create_ciphering($key); + my $len; { - use bytes; - $msg = "\0"x(16-length($msg)%16).$msg; + use bytes; + $len= 16-length($msg)%16; } + $msg = "\0"x($len).$msg; $msg = $my_cipher->encrypt($msg); chomp($msg = &encode_base64($msg)); # there are no newlines allowed inside msg @@ -687,7 +690,7 @@ sub open_socket { if(not defined $socket) { return; } - &daemon_log("open_socket: $PeerAddr", 7); +# &daemon_log("DEBUG: open_socket: $PeerAddr", 7); return $socket; } @@ -788,7 +791,7 @@ sub send_msg_to_target { # opensocket my $socket = &open_socket($address); if( !$socket ) { - daemon_log("cannot send ".$header."msg to $address , host not reachable", 1); + daemon_log("ERROR: cannot send ".$header."msg to $address , host not reachable", 1); $error++; } @@ -796,7 +799,7 @@ sub send_msg_to_target { # send xml msg print $socket $crypted_msg."\n"; - daemon_log("send ".$header."msg to $address", 1); + daemon_log("INFO: send ".$header."msg to $address", 5); daemon_log("message:\n$msg", 8); } @@ -853,8 +856,7 @@ sub send_msg_to_target { } } } - - return; + return $error; } @@ -874,8 +876,8 @@ sub client_input { my ($answer_header, @answer_target_l, $answer_source); my $client_answer; - daemon_log("Incoming msg from '".$heap->{'remote_ip'}."'", 7); - daemon_log("message:\n$input", 8); + daemon_log("INFO: Incoming msg from '".$heap->{'remote_ip'}."'", 5); + daemon_log("DEBUG: Incoming message:\n$input", 8); #################### # check incoming msg @@ -897,12 +899,12 @@ sub client_input { ###################### # process incoming msg if( $error == 0) { - daemon_log("Processing module ".$module, 5); + daemon_log("DEBUG: Processing module ".$module, 7); $answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash, $session_id); if ( 0 > @{$answer_l} ) { my $answer_str = join("\n", @{$answer_l}); - daemon_log("$module: Got answer from module: \n".$answer_str,8); + daemon_log("DEGUB: $module: Got answer from module: \n".$answer_str,8); } } if( !$answer_l ) { $error++ }; @@ -926,6 +928,8 @@ sub client_input { # deliver msg to all targets foreach my $answer_target ( @answer_target_l ) { + + # targets of msg are all gosa-si-clients in known_clients_db if( $answer_target eq "*" ) { # answer is for all clients my $sql_statement= "SELECT * FROM known_clients"; @@ -936,19 +940,8 @@ sub client_input { &send_msg_to_target($answer, $host_name, $host_key, $answer_header); } } - elsif( $answer_target eq "GOSA" ) { - $answer =~ /(\d+)<\/session_id>/; - my $session_id = $1; - my $add_on = ""; - if( defined $session_id ) { - $add_on = ".session_id=$session_id"; - } - - # answer is for GOSA and has to returned to connected client - my $gosa_answer = &encrypt_msg($answer, $GosaPackages_key); - $client_answer = $gosa_answer.$add_on; - } + # targets of msg are all gosa-si-server in known_server_db elsif( $answer_target eq "KNOWN_SERVER" ) { # answer is for all server in known_server my $sql_statement= "SELECT * FROM known_server"; @@ -960,6 +953,29 @@ sub client_input { &send_msg_to_target($answer, $host_name, $host_key, $answer_header); } } + + # target of msg is GOsa + elsif( $answer_target eq "GOSA" ) { + $answer =~ /(\d+)<\/session_id>/; + my $session_id = $1; + my $add_on = ""; + if( defined $session_id ) { + $add_on = ".session_id=$session_id"; + } + # answer is for GOSA and has to returned to connected client + my $gosa_answer = &encrypt_msg($answer, $GosaPackages_key); + $client_answer = $gosa_answer.$add_on; + } + + # target of msg is job queue at this host + elsif( $answer_target eq "JOBDB") { + $answer =~ /
(\S+)<\/header>/; + my $header; + if( defined $1 ) { $header = $1; } + &send_msg_to_target($answer, $server_address, $GosaPackages_key, $header); + } + + # target of msg is a mac address elsif( $answer_target =~ /^([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})$/i ) { daemon_log("target is mac address '$answer_target', looking for host in known_clients", 3); my $sql_statement = "SELECT * FROM known_clients WHERE macaddress='$answer_target'"; @@ -969,7 +985,7 @@ sub client_input { my $host_name = $hit->{hostname}; my $host_key = $hit->{hostkey}; $answer =~ s/$answer_target/$host_name/g; - daemon_log("found host '$host_name', assoziated to '$answer_target'", 3); + daemon_log("found host '$host_name', associated to '$answer_target'", 3); &send_msg_to_target($answer, $host_name, $host_key, $answer_header); $found_ip_flag++ ; } @@ -988,9 +1004,9 @@ sub client_input { } } - } else { - # ... answer is for one specific host + # answer is for one specific host + } else { # get encrypt_key my $encrypt_key = &get_encrypt_key($answer_target); if( not defined $encrypt_key ) { @@ -1048,65 +1064,38 @@ sub watch_for_new_jobs { # check gosa job queue for jobs with executable timestamp my $timestamp = &get_time(); - - my $sql_statement = "SELECT * FROM ".$job_queue_table_name. + my $sql_statement = "SELECT * FROM ".$job_queue_tn. " WHERE status='waiting' AND timestamp<'$timestamp'"; - my $res = $job_db->select_dbentry( $sql_statement ); while( my ($id, $hit) = each %{$res} ) { - my $jobdb_id = $hit->{id}; - my $macaddress = $hit->{macaddress}; - my $job_msg_hash = &transform_msg2hash($hit->{xmlmessage}); - my $out_msg_hash = $job_msg_hash; + my $macaddress = $hit->{'macaddress'}; + my $job_msg = $hit->{'xmlmessage'}; + my $header = $hit->{'headertag'}; my $sql_statement = "SELECT * FROM known_clients WHERE macaddress='$macaddress'"; my $res_hash = $known_clients_db->select_dbentry( $sql_statement ); # expect macaddress is unique!!!!!! my $target = $res_hash->{1}->{hostname}; if (not defined $target) { - &daemon_log("ERROR: no host found for mac address: $job_msg_hash->{mac}[0]", 1); - &daemon_log("xml message: $hit->{xmlmessage}", 5); - my $sql_statement = "UPDATE $job_queue_table_name ". + &daemon_log("ERROR: no host found for mac address: $macaddress", 1); + &daemon_log("$hit->{xmlmessage}", 8); + my $sql_statement = "UPDATE $job_queue_tn ". "SET status='error', result='no host found for mac address' ". "WHERE id='$jobdb_id'"; my $res = $job_db->update_dbentry($sql_statement); next; } - # add target - &add_content2xml_hash($out_msg_hash, "target", $target); - - # add new header - my $out_header = $job_msg_hash->{header}[0]; - $out_header =~ s/job_/gosa_/; - delete $out_msg_hash->{header}; - &add_content2xml_hash($out_msg_hash, "header", $out_header); + # change header + $job_msg =~ s/
job_/
gosa_/; # add sqlite_id - &add_content2xml_hash($out_msg_hash, "jobdb_id", $jobdb_id); - - my $out_msg = &create_xml_string($out_msg_hash); + $job_msg =~ s/<\/xml>$/$jobdb_id<\/jobdb_id><\/xml>/; - # encrypt msg as a GosaPackage module - my $cipher = &create_ciphering($GosaPackages_key); - my $crypted_out_msg = &encrypt_msg($out_msg, $cipher); - - my $error = &send_msg_hash2address($out_msg_hash, "$gosa_ip:$gosa_port", $GosaPackages_key); - - if ($error == 0) { - my $sql_statement = "UPDATE $job_queue_table_name ". - "SET status='processing', targettag='$target' ". - "WHERE id='$jobdb_id'"; - my $res = $job_db->update_dbentry($sql_statement); - } else { - my $sql_statement = "UPDATE $job_queue_table_name ". - "SET status='error' ". - "WHERE id='$jobdb_id'"; - my $res = $job_db->update_dbentry($sql_statement); - } - } + my $func_error = &send_msg_to_target($job_msg, $server_address, $GosaPackages_key, $header); + } $kernel->delay_set('watch_for_new_jobs',3); } @@ -1169,7 +1158,7 @@ if ($no_bus > 0) { #unlink('/tmp/gosa_si_lock*'); # connect to gosa-si job queue -my @job_col_names = ("id INTEGER", "timestamp", "status", "result", "headertag", "targettag", "xmlmessage", "macaddress"); +my @job_col_names = ("id INTEGER", "timestamp", "status", "result", "progress INTEGER", "headertag", "targettag", "xmlmessage", "macaddress"); $job_db = GOSA::DBsqlite->new($job_queue_file_name); $job_db->create_table('jobs', \@job_col_names); @@ -1183,6 +1172,11 @@ my @server_col_names = ('hostname', 'status', 'hostkey', 'timestamp'); $known_server_db = GOSA::DBsqlite->new($known_server_file_name); $known_server_db->create_table('known_server', \@server_col_names); +# connect to login_usr_db +my @login_users_col_names = ('client', 'user', 'timestamp'); +$login_users_db = GOSA::DBsqlite->new($login_users_file_name); +$login_users_db->create_table("login_users", \@login_users_col_names); + # create xml object used for en/decrypting $xml = new XML::Simple();