X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-si%2Fgosa-si-server;h=bc7d4f52f3576d1f2ce6305491252ac8e8015f43;hb=ee958167924985074693316ab1ebc3f50012c9db;hp=461c15498e4cb73cb113153516f69b202d8e3f7f;hpb=f8bca60530b516e2f2e5a142018cfd3244993370;p=gosa.git diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server index 461c15498..bc7d4f52f 100755 --- a/gosa-si/gosa-si-server +++ b/gosa-si/gosa-si-server @@ -25,7 +25,6 @@ use warnings; use Getopt::Long; use Config::IniFiles; use POSIX; -use Time::HiRes qw( gettimeofday ); use Fcntl; use IO::Socket::INET; @@ -59,7 +58,7 @@ my ($xml); # variables declared in config file are always set to 'our' our (%cfg_defaults, $log_file, $pid_file, - $bus_activ, $bus_passwd, $bus_ip, $bus_port, + $bus_activ, $bus_key, $bus_ip, $bus_port, $server_activ, $server_ip, $server_port, $SIPackages_key, $max_clients, $arp_activ, $arp_fifo_path, $gosa_activ, $GosaPackages_key, $gosa_ip, $gosa_port, $gosa_timeout, @@ -113,7 +112,7 @@ our $known_clients_db; }, "bus" => {"bus_activ" => [\$bus_activ, "on"], - "bus_passwd" => [\$bus_passwd, ""], + "bus_passwd" => [\$bus_key, ""], "bus_ip" => [\$bus_ip, "0.0.0.0"], "bus_port" => [\$bus_port, "20080"], }, @@ -210,7 +209,7 @@ sub daemon_log { $hours = $hours < 10 ? $hours = "0".$hours : $hours; $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes; $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds; - my @monthnames = ("Jan", "Feb", "Mar", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"); + my @monthnames = ("Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"); $month = $monthnames[$month]; $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; $year+=1900; @@ -446,23 +445,26 @@ sub input_from_known_server { my $sql_statement= "SELECT * FROM known_server"; my $query_res = $known_server_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { my $host_name = $hit->{hostname}; if( not $host_name =~ "^$remote_ip") { next; } my $host_key = $hit->{hostkey}; - daemon_log("SIPackages: host_name: $host_name", 7); - daemon_log("SIPackages: host_key: $host_key", 7); + daemon_log("SIPackages: known_server host_name: $host_name", 7); + daemon_log("SIPackages: known_server host_key: $host_key", 7); # check if module can open msg envelope with module key - my ($msg, $msg_hash) = &check_key_and_xml_validity($input, $host_key); - if( (!$msg) || (!$msg_hash) ) { + my ($tmp_msg, $tmp_msg_hash) = &check_key_and_xml_validity($input, $host_key); + if( (!$tmp_msg) || (!$tmp_msg_hash) ) { daemon_log("SIPackages: deciphering raise error", 7); daemon_log("$@", 8); next; } else { + $msg = $tmp_msg; + $msg_hash = $tmp_msg_hash; $module = "SIPackages"; last; } @@ -488,8 +490,8 @@ sub input_from_known_client { next; } my $host_key = $hit->{hostkey}; - &daemon_log("SIPackages: host_name: $host_name", 7); - &daemon_log("SIPackages: host_key: $host_key", 7); + &daemon_log("SIPackages: known_client host_name: $host_name", 7); + &daemon_log("SIPackages: known_client host_key: $host_key", 7); # check if module can open msg envelope with module key ($msg, $msg_hash) = &check_key_and_xml_validity($input, $host_key); @@ -542,7 +544,7 @@ sub input_from_unknown_host { } if( (!$msg) || (!$msg_hash) || (!$module)) { - daemon_log("Incoming message is not from a unknown host", 3); + daemon_log("Incoming message is not from a unknown host", 5); } return ($msg, $msg_hash, $module); @@ -590,14 +592,14 @@ sub get_encrypt_key { # target can be in known_server if( !$encrypt_key ) { - my $sql_statement= "SELECT * FROM known_server"; + my $sql_statement= "SELECT * FROM known_server WHERE hostname='$target'"; my $query_res = $known_server_db->select_dbentry( $sql_statement ); while( my ($hit_num, $hit) = each %{ $query_res } ) { my $host_name = $hit->{hostname}; if( $host_name ne $target ) { next; } - my $host_key = $hit->{hostkey}; + $encrypt_key = $hit->{hostkey}; last; } } @@ -605,7 +607,7 @@ sub get_encrypt_key { # target can be in known_client if( !$encrypt_key ) { - my $sql_statement= "SELECT * FROM known_clients"; + my $sql_statement= "SELECT * FROM known_clients WHERE hostname='$target'"; my $query_res = $known_clients_db->select_dbentry( $sql_statement ); while( my ($hit_num, $hit) = each %{ $query_res } ) { my $host_name = $hit->{hostname}; @@ -669,7 +671,6 @@ sub send_msg_to_target { } if( $error == 0 ) { - # send xml msg print $socket $crypted_msg."\n"; @@ -702,7 +703,8 @@ sub client_input { my ($answer_header, @answer_target_l, $answer_source); my $client_answer; - daemon_log("Incoming msg:\n$input\n", 8); + daemon_log("Incoming msg from '".$heap->{'remote_ip'}."'", 7); + daemon_log("\n$input", 8); # msg is from a new client or gosa ($msg, $msg_hash, $module) = &input_from_unknown_host($input); @@ -725,8 +727,8 @@ sub client_input { ###################### # process incoming msg if( $error == 0) { - daemon_log("Processing module ".$module, 3); - $answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash); + daemon_log("Processing module ".$module, 5); + $answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash, $heap->{'remote_ip'}); if ( 0 > @{$answer_l} ) { my $answer_str = join("\n", @{$answer_l}); @@ -735,76 +737,111 @@ sub client_input { } if( !$answer_l ) { $error++ }; + ######## + # answer if( $error == 0 ) { # for each answer in answer list foreach my $answer ( @{$answer_l} ) { - # check answer if gosa-si envelope conform - if( $error == 0 ) { - my $answer_hash = $xml->XMLin($answer, ForceArray=>1); - $answer_header = @{$answer_hash->{'header'}}[0]; - @answer_target_l = @{$answer_hash->{'target'}}; - $answer_source = @{$answer_hash->{'source'}}[0]; - if( !$answer_header ) { - daemon_log('ERROR: module answer is not gosa-si envelope conform: no header', 1); - $error++; - } - if( 0 == length @answer_target_l ) { - daemon_log('ERROR: module answer is not gosa-si envelope conform: no targets', 1); - $error++; - } - if( !$answer_source ) { - daemon_log('ERROR: module answer is not gosa-si envelope conform: no source', 1); - $error++; - } - - if( $error != 0 ) { - next; - } + my $error = 0; + # check answer if gosa-si envelope conform + if(defined($answer)) { + my $answer_hash = $xml->XMLin($answer, ForceArray=>1); + $answer_header = @{$answer_hash->{'header'}}[0]; + @answer_target_l = @{$answer_hash->{'target'}}; + $answer_source = @{$answer_hash->{'source'}}[0]; + if( !$answer_header ) { + daemon_log('ERROR: module answer is not gosa-si envelope conform: no header', 1); + daemon_log("\n$answer", 8); + $error++; + } + if( 0 == length @answer_target_l ) { + daemon_log('ERROR: module answer is not gosa-si envelope conform: no targets', 1); + daemon_log("\n$answer", 8); + $error++; + } + if( !$answer_source ) { + daemon_log('ERROR: module answer is not gosa-si envelope conform: no source', 1); + daemon_log("\n$answer", 8); + $error++; + } + + if( $error != 0 ) { + next; + } + } - # deliver msg to all targets - foreach my $answer_target ( @answer_target_l ) { - if( $answer_target eq "*" ) { - # answer is for all clients - my $sql_statement= "SELECT * FROM known_clients"; - my $query_res = $known_clients_db->select_dbentry( $sql_statement ); - while( my ($hit_num, $hit) = each %{ $query_res } ) { - my $host_name = $hit->{hostname}; - my $host_key = $hit->{hostkey}; - &send_msg_to_target($answer, $host_name, $host_key); - } + # deliver msg to all targets + foreach my $answer_target ( @answer_target_l ) { + if( $answer_target eq "*" ) { + # answer is for all clients + my $sql_statement= "SELECT * FROM known_clients"; + my $query_res = $known_clients_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + my $host_key = $hit->{hostkey}; + &send_msg_to_target($answer, $host_name, $host_key, $answer_header); } - elsif( $answer_target eq "GOSA" ) { - # answer is for GOSA and has to returned to connected client - my $gosa_answer = &encrypt_msg($answer, $GosaPackages_key); - $client_answer = $gosa_answer; + } + elsif( $answer_target eq "GOSA" ) { + # answer is for GOSA and has to returned to connected client + my $gosa_answer = &encrypt_msg($answer, $GosaPackages_key); + $client_answer = $gosa_answer; + } + elsif( $answer_target eq "KNOWN_SERVER" ) { + # answer is for all server in known_server + my $sql_statement= "SELECT * FROM known_server"; + my $query_res = $known_server_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + my $host_key = $hit->{hostkey}; + $answer =~ s/KNOWN_SERVER/$host_name/g; + &send_msg_to_target($answer, $host_name, $host_key, $answer_header); } - elsif( $answer_target eq "KNOWN_SERVER" ) { - # answer is for all server in known_server - my $sql_statement= "SELECT * FROM known_server"; - my $query_res = $known_server_db->select_dbentry( $sql_statement ); + } + elsif( $answer_target =~ /([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})/ ) { + daemon_log("target is mac address '$answer_target', looking for host in known_clients", 3); + my $sql_statement = "SELECT * FROM known_clients WHERE macaddress='$answer_target'"; + my $query_res = $known_clients_db->select_dbentry( $sql_statement ); + my $found_ip_flag = 0; + while( my ($hit_num, $hit) = each %{ $query_res } ) { + my $host_name = $hit->{hostname}; + my $host_key = $hit->{hostkey}; + $answer =~ s/$answer_target/$host_name/g; + daemon_log("found host '$host_name', assoziated to '$answer_target'", 3); + &send_msg_to_target($answer, $host_name, $host_key, $answer_header); + $found_ip_flag++ ; + } + if( $found_ip_flag == 0) { + daemon_log("WARNING: no host found in known_clients with mac address '$answer_target', forward msg to bus", 1); + my $sql_statement = "SELECT * FROM known_server WHERE status='bus'"; + my $query_res = $known_server_db->select_dbentry( $sql_statement ); while( my ($hit_num, $hit) = each %{ $query_res } ) { - my $host_name = $hit->{hostname}; - my $host_key = $hit->{hostkey}; - $answer =~ s/KNOWN_SERVER/$host_name/g; - &send_msg_to_target($answer, $host_name, $host_key); + my $bus_address = $hit->{hostname}; + my $bus_key = $hit->{hostkey}; + &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header); + last; } - - print STDERR $answer_target."\n"; } - else { - # answer is for one specific host - # get encrypt_key - my $encrypt_key = &get_encrypt_key($answer_target); - if( !$encrypt_key ) { - daemon_log("ERROR: no encrypt key found for answer target '$answer_target'", 1); - next; - } - # send_msg - &send_msg_to_target($answer, $answer_target, $encrypt_key, $answer_header); + } + else { + # answer is for one specific host + # get encrypt_key + my $encrypt_key = &get_encrypt_key($answer_target); + if( !$encrypt_key ) { + # unknown target, forward msg to bus + daemon_log("WARNING: unknown target '$answer_target', forward msg to bus", 3); + my $sql_statement = "SELECT * FROM known_server WHERE status='bus'"; + my $query_res = $known_server_db->select_dbentry( $sql_statement ); + my $bus_address = $query_res->{1}->{hostname}; + my $bus_key = $query_res->{1}->{hostkey}; + &send_msg_to_target($answer, $bus_address, $bus_key, $answer_header); + next; } + # send_msg + &send_msg_to_target($answer, $answer_target, $encrypt_key, $answer_header); } } } @@ -960,15 +997,9 @@ my @server_col_names = ('hostname', 'status', 'hostkey', 'timestamp'); $known_server_db = GOSA::DBsqlite->new($known_server_file_name); $known_server_db->create_table('known_server', \@server_col_names); -# import all modules -&import_modules; - -# check wether all modules are gosa-si valid passwd check - # create xml object used for en/decrypting $xml = new XML::Simple(); - # create socket for incoming xml messages POE::Component::Server::TCP->new( Port => $server_port, @@ -984,6 +1015,12 @@ POE::Session->create( } ); + +# import all modules +&import_modules; + +# check wether all modules are gosa-si valid passwd check + POE::Kernel->run(); exit;