X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-si%2Fmodules%2FClientPackages.pm;h=fb8aab830dd33adcc62e5226f235e304b16f934c;hb=a1a372b00f22bf95a8dc29870e1ec5dabfe157c9;hp=06b041023b58b6abe106bd91fcc21717bda162f1;hpb=700756366461b68bd781cf9361a8d2f61e5a5e44;p=gosa.git diff --git a/gosa-si/modules/ClientPackages.pm b/gosa-si/modules/ClientPackages.pm index 06b041023..fb8aab830 100644 --- a/gosa-si/modules/ClientPackages.pm +++ b/gosa-si/modules/ClientPackages.pm @@ -13,6 +13,7 @@ use XML::Simple; use Data::Dumper; use NetAddr::IP; use Net::LDAP; +use Net::LDAP::Util; use Socket; use Net::hostent; @@ -23,20 +24,12 @@ BEGIN{} END {} my ($server_ip, $server_port, $ClientPackages_key, $max_clients, $ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password, $server_interface); -#my ($bus_activ, $bus_key, $bus_ip, $bus_port); my $server; my $network_interface; -#my $no_bus; my (@ldap_cfg, @pam_cfg, @nss_cfg, $goto_admin, $goto_secret); my $mesg; my %cfg_defaults = ( -#"bus" => { -# "activ" => [\$bus_activ, "on"], -# "key" => [\$bus_key, ""], -# "ip" => [\$bus_ip, ""], -# "port" => [\$bus_port, "20080"], -# }, "server" => { "ip" => [\$server_ip, "0.0.0.0"], "mac-address" => [\$main::server_mac_address, "00:00:00:00:00"], @@ -55,7 +48,7 @@ my %cfg_defaults = ( ### START ##################################################################### # read configfile and import variables -&read_configfile(); +&local_read_configfile(); # if server_ip is not an ip address but a name @@ -66,14 +59,20 @@ $main::server_mac_address= &get_mac($network_interface); # import local events my ($error, $result, $event_hash) = &import_events($event_dir); -if ($error == 0) { - foreach my $log_line (@$result) { - &main::daemon_log("0 DEBUG: ClientPackages - $log_line", 7); - } -} else { - foreach my $log_line (@$result) { + +foreach my $log_line (@$result) { + if ($log_line =~ / succeed: /) { + &main::daemon_log("0 INFO: ClientPackages - $log_line", 5); + } else { &main::daemon_log("0 ERROR: ClientPackages - $log_line", 1); } +} +# build vice versa event_hash, event_name => module +my $event2module_hash = {}; +while (my ($module, $mod_events) = each %$event_hash) { + while (my ($event_name, $nothing) = each %$mod_events) { + $event2module_hash->{$event_name} = $module; + } } @@ -146,48 +145,38 @@ if((not defined($main::gosa_unit_tag)) || length($main::gosa_unit_tag) == 0) { } else { &main::daemon_log("0 INFO: Using gosaUnitTag from config-file: $main::gosa_unit_tag",5); } + &main::release_ldap_handle($ldap_handle); } my $server_address = "$server_ip:$server_port"; $main::server_address = $server_address; - -#if( inet_aton($bus_ip) ){ $bus_ip = inet_ntoa(inet_aton($bus_ip)); } -####################################################### -## to change -#if( $bus_ip eq "127.0.1.1" ) { $bus_ip = "127.0.0.1" } -####################################################### -#my $bus_address = "$bus_ip:$bus_port"; -#$main::bus_address = $bus_address; - - -#my $hostkey = &create_passwd; -#my $res = $main::known_server_db->add_dbentry( {table=>$main::known_server_tn, -# primkey=>['hostname'], -# hostname=>$main::server_address, -# status=>'myself', -# hostkey=>$hostkey, -# timestamp=>&get_time(), -# } ); -#if (not $res == 0) { -# &main::daemon_log("0 ERROR: cannot add server to known_server_db: $res", 1); -#} else { -# &main::daemon_log("0 INFO: '$main::server_address' successfully added to known_server_db", 5); -#} - - - -## create general settings for this module -#my $xml = new XML::Simple(); -# -## register at bus -#if ($main::no_bus > 0) { -# $bus_activ = "off" -#} -#if($bus_activ eq "on") { -# ®ister_at_bus(); -#} +{ + # Check if ou=incoming exists + # TODO: This should be transferred to a module init-function + my $ldap_handle = &main::get_ldap_handle(); + if( defined($ldap_handle) ) { + &main::daemon_log("0 INFO: Searching for ou=incoming container for new clients", 5); + # Perform search + my $mesg = $ldap_handle->search( + base => $ldap_base, + scope => 'one', + filter => "(&(ou=incoming)(objectClass=organizationalUnit))" + ); + if(not defined($mesg->count) or $mesg->count == 0) { + my $incomingou = Net::LDAP::Entry->new(); + $incomingou->dn('ou=incoming,'.$ldap_base); + $incomingou->add('objectClass' => 'organizationalUnit'); + $incomingou->add('ou' => 'incoming'); + my $result = $incomingou->update($ldap_handle); + if($result->code != 0) { + &main::daemon_log("0 ERROR: Problem adding ou=incoming: '".$result->error()."'!", 1); + } + } + } + &main::release_ldap_handle($ldap_handle); +} ### functions ################################################################# @@ -196,18 +185,19 @@ $main::server_address = $server_address; sub get_module_info { my @info = ($server_address, $ClientPackages_key, + $event_hash, ); return \@info; } #=== FUNCTION ================================================================ -# NAME: read_configfile +# NAME: local_read_configfile # PARAMETERS: cfg_file - string - # RETURNS: nothing # DESCRIPTION: read cfg_file and set variables #=============================================================================== -sub read_configfile { +sub local_read_configfile { my $cfg; if( defined( $main::cfg_file) && ( (-s $main::cfg_file) > 0 )) { if( -r $main::cfg_file ) { @@ -252,63 +242,6 @@ sub read_configfile { } -# moved to GosaSupportDaemon: 03-06-2008 rettenbe -#=== FUNCTION ================================================================ -# NAME: get_interface_for_ip -# PARAMETERS: ip address (i.e. 192.168.0.1) -# RETURNS: array: list of interfaces if ip=0.0.0.0, matching interface if found, undef else -# DESCRIPTION: Uses proc fs (/proc/net/dev) to get list of interfaces. -#=============================================================================== -#sub get_interface_for_ip { -# my $result; -# my $ip= shift; -# if ($ip && length($ip) > 0) { -# my @ifs= &get_interfaces(); -# if($ip eq "0.0.0.0") { -# $result = "all"; -# } else { -# foreach (@ifs) { -# my $if=$_; -# if(&main::get_ip($if) eq $ip) { -# $result = $if; -# } -# } -# } -# } -# return $result; -#} - -# moved to GosaSupportDaemon: 03-06-2008 rettenbe -#=== FUNCTION ================================================================ -# NAME: get_interfaces -# PARAMETERS: none -# RETURNS: (list of interfaces) -# DESCRIPTION: Uses proc fs (/proc/net/dev) to get list of interfaces. -#=============================================================================== -#sub get_interfaces { -# my @result; -# my $PROC_NET_DEV= ('/proc/net/dev'); -# -# open(PROC_NET_DEV, "<$PROC_NET_DEV") -# or die "Could not open $PROC_NET_DEV"; -# -# my @ifs = ; -# -# close(PROC_NET_DEV); -# -# # Eat first two line -# shift @ifs; -# shift @ifs; -# -# chomp @ifs; -# foreach my $line(@ifs) { -# my $if= (split /:/, $line)[0]; -# $if =~ s/^\s+//; -# push @result, $if; -# } -# -# return @result; -#} #=== FUNCTION ================================================================ # NAME: get_mac @@ -348,61 +281,6 @@ sub get_mac { } -#=== FUNCTION ================================================================ -# NAME: register_at_bus -# PARAMETERS: nothing -# RETURNS: nothing -# DESCRIPTION: creates an entry in known_daemons and send a 'here_i_am' msg to bus -#=============================================================================== -#sub register_at_bus { -# -# # add bus to known_server_db -# my $res = $main::known_server_db->add_dbentry( {table=>'known_server', -# primkey=>['hostname'], -# hostname=>$bus_address, -# status=>'bus', -# hostkey=>$bus_key, -# timestamp=>&get_time, -# } ); -# my $msg_hash = &create_xml_hash("here_i_am", $server_address, $bus_address); -# my $msg = &create_xml_string($msg_hash); -# -# &main::send_msg_to_target($msg, $bus_address, $bus_key, "here_i_am"); -# return $msg; -#} - - - -# outcommented from rettenbe: moved to GosaSupportDaemon.pm -#sub import_events { -# if (not -e $event_dir) { -# &main::daemon_log("S ERROR: cannot find directory or directory is not readable: $event_dir", 1); -# } -# opendir (DIR, $event_dir) or die "ERROR while loading gosa-si-events from directory $event_dir : $!\n"; -# -# while (defined (my $event = readdir (DIR))) { -# if( $event eq "." || $event eq ".." ) { next; } -# if( $event eq "gosaTriggered.pm" ) { next; } # only GOsa specific events -# -# eval{ require $event; }; -# if( $@ ) { -# &main::daemon_log("S ERROR: import of event module '$event' failed", 1); -# &main::daemon_log("$@", 8); -# next; -# } -# -# $event =~ /(\S*?).pm$/; -# my $event_module = $1; -# my $events_l = eval( $1."::get_events()") ; -# foreach my $event_name (@{$events_l}) { -# $event_hash->{$event_name} = $event_module; -# } -# my $events_string = join( ", ", @{$events_l}); -# &main::daemon_log("S DEBUG: ClientPackages imported events $events_string", 8); -# } -#} - - #=== FUNCTION ================================================================ # NAME: process_incoming_msg # PARAMETERS: crypted_msg - string - incoming crypted message @@ -425,26 +303,24 @@ sub process_incoming_msg { # skip PREFIX $header =~ s/^CLMSG_//; - &main::daemon_log("$session_id DEBUG: ClientPackages: msg to process: $header", 7); + &main::daemon_log("$session_id DEBUG: ClientPackages: msg to process: $header", 26); if( 0 == length @target_l){ &main::daemon_log("$session_id ERROR: no target specified for msg $header", 1); $error++; - } - - if( 1 == length @target_l) { + } elsif( 1 == length @target_l) { my $target = $target_l[0]; - if(&server_matches($target)) { + if(&server_matches($target, $session_id)) { if ($header eq 'new_key') { @out_msg_l = &new_key($msg_hash) } elsif ($header eq 'here_i_am') { @out_msg_l = &here_i_am($msg, $msg_hash, $session_id) } else { # a event exists with the header as name - if( exists $event_hash->{$header} ) { - &main::daemon_log("$session_id INFO: found event '$header' at event-module '".$event_hash->{$header}."'", 5); + if( exists $event2module_hash->{$header} ) { + &main::daemon_log("$session_id DEBUG: found event '$header' at event-module '".$event2module_hash->{$header}."'", 26); no strict 'refs'; - @out_msg_l = &{$event_hash->{$header}."::$header"}($msg, $msg_hash, $session_id); + @out_msg_l = &{$event2module_hash->{$header}."::$header"}($msg, $msg_hash, $session_id); # if no event handler is implemented } else { @@ -486,19 +362,14 @@ sub process_incoming_msg { @out_msg_l = (); } elsif ($out_msg_l[0] eq 'knownclienterror') { &main::daemon_log("$session_id ERROR: no or more than 1 hits are found at known_clients_db with sql query: '$sql_events'", 1); - &main::daemon_log("$session_id WARNING: processing is aborted and message will not be forwarded"); + &main::daemon_log("$session_id ERROR: processing is aborted and message will not be forwarded", 1); @out_msg_l = (); } elsif ($out_msg_l[0] eq 'noeventerror') { - &main::daemon_log("$session_id WARNING: client '$target' is not registered for event '$header', processing is aborted", 1); + &main::daemon_log("$session_id ERROR: client '$target' is not registered for event '$header', processing is aborted", 1); @out_msg_l = (); } - - - - - } - else { - &main::daemon_log("INFO: msg is not for gosa-si-server '$server_address', deliver it to target '$target'", 5); + } else { + &main::daemon_log("DEBUG: msg is not for gosa-si-server '$server_address', deliver it to target '$target'", 26); push(@out_msg_l, $msg); } } @@ -575,6 +446,21 @@ sub here_i_am { my $client_revision = @{$msg_hash->{client_revision}}[0]; my $key_lifetime = @{$msg_hash->{key_lifetime}}[0]; + # Move forced hostname to heap - if used + #FIXME: move to some global POE namespace - please + if ( defined($msg_hash->{'force-hostname'}[0]) && + length($msg_hash->{'force-hostname'}[0]) > 0){ + # $heap->{force-hostname}->{$mac_address}= $msg_hash->{'force-hostname'}[0]; + open (TFILE, ">/var/tmp/$mac_address"); + print TFILE $msg_hash->{'force-hostname'}[0]; + close (TFILE); + } else { + # $heap->{force-hostname}->{$mac_address}= undef; + if ( -e "/var/tmp/$mac_address") { + unlink("/var/tmp/$mac_address") + }; + } + # number of known clients my $nu_clients= $main::known_clients_db->count_dbentries('known_clients'); @@ -583,16 +469,16 @@ sub here_i_am { my $db_res= $main::known_clients_db->select_dbentry( $sql_statement ); if ( 1 == keys %{$db_res} ) { - &main::daemon_log("$session_id WARNING: $source is already known as a client", 1); - &main::daemon_log("$session_id WARNING: values for $source are being overwritten", 1); + &main::daemon_log("$session_id WARNING: $source is already known as a client", 3); + &main::daemon_log("$session_id WARNING: values for $source are being overwritten", 3); $nu_clients --; } - # number of actual activ clients + # number of current active clients my $act_nu_clients = $nu_clients; - &main::daemon_log("$session_id INFO: number of actual activ clients: $act_nu_clients", 5); - &main::daemon_log("$session_id INFO: number of maximal allowed clients: $max_clients", 5); + &main::daemon_log("$session_id DEBUG: number of current active clients: $act_nu_clients", 26); + &main::daemon_log("$session_id DEBUG: number of maximal allowed clients: $max_clients", 26); if($max_clients <= $act_nu_clients) { my $out_hash = &create_xml_hash("denied", $server_address, $source); @@ -620,14 +506,13 @@ sub here_i_am { } ); if ($res != 0) { - &main::daemon_log("$session_id ERROR: cannot add entry to known_clients: $res"); + &main::daemon_log("$session_id ERROR: cannot add entry to known_clients: $res",1); return; } # return acknowledgement to client $out_hash = &create_xml_hash("registered", $server_address, $source); - # give the new client his ldap config # Workaround: Send within the registration response, if the client will get an ldap config later my $new_ldap_config_out = &new_ldap_config($source, $session_id); @@ -640,7 +525,7 @@ sub here_i_am { "SET status='error', result='$new_ldap_config_out' ". "WHERE status='processing' AND macaddress LIKE '$mac_address'"; my $res = $main::job_db->update_dbentry($sql_statement); - &main::daemon_log("$session_id DEBUG: $sql_statement RESULT: $res", 7); + &main::daemon_log("$session_id DEBUG: $sql_statement RESULT: $res", 26); } my $register_out = &create_xml_string($out_hash); push(@out_msg_l, $register_out); @@ -650,18 +535,63 @@ sub here_i_am { push(@out_msg_l, $new_ldap_config_out); } + # Send client hardware configuration my $hardware_config_out = &hardware_config($msg, $msg_hash, $session_id); if( $hardware_config_out ) { push(@out_msg_l, $hardware_config_out); } + # Send client ntp server + my $ntp_config_out = &new_ntp_config($mac_address, $session_id); + if ($ntp_config_out) { + push(@out_msg_l, $ntp_config_out); + } + + # Send client syslog server + my $syslog_config_out = &new_syslog_config($mac_address, $session_id); + if ($syslog_config_out) { + push(@out_msg_l, $syslog_config_out); + } + + # update ldap entry if exists + my $ldap_handle= &main::get_ldap_handle(); + my $ldap_res= $ldap_handle->search( + base => $ldap_base, + scope => 'sub', + #attrs => ['ipHostNumber'], + filter => "(&(objectClass=GOhard)(macAddress=$mac_address))"); + if($ldap_res->code) { + &main::daemon_log("$session_id ERROR: LDAP Entry for client with mac address $mac_address not found: ".$ldap_res->error, 1); + } elsif ($ldap_res->count != 1) { + &main::daemon_log("$session_id ERROR: client with mac address $mac_address not found/unique/active - not updating ldap entry". + "\n\tbase: $ldap_base". + "\n\tscope: sub". + "\n\tattrs: ipHostNumber". + "\n\tfilter: (&(objectClass=GOhard)(macaddress=$mac_address))", 1); + } else { + my $entry= $ldap_res->pop_entry(); + my $ip_address= $entry->get_value('ipHostNumber'); + my $source_ip= ($1) if $source =~ /^([0-9\.]*?):[0-9]*$/; + if(not defined($ip_address) and defined($source_ip)) { + $entry->add( 'ipHostNumber' => $source_ip ); + my $mesg= $entry->update($ldap_handle); + $mesg->code && &main::daemon_log("$session_id ERROR: Updating IP Address for client with mac address $mac_address failed with '".$mesg->mesg()."'", 1); + } elsif(defined($source_ip) and not ($source_ip eq $ip_address)) { + $entry->replace( 'ipHostNumber' => $source_ip ); + my $mesg= $entry->update($ldap_handle); + $mesg->code && &main::daemon_log("$session_id ERROR: Updating IP Address for client with mac address $mac_address failed with '".$mesg->mesg()."'", 1); + } elsif (not defined($source_ip)) { + &main::daemon_log("ERROR: Could not parse source value '$source' perhaps not an ip address?", 1); + } + } + &main::release_ldap_handle($ldap_handle); + # notify registered client to all other server my %mydata = ( 'client' => $source, 'macaddress' => $mac_address); my $mymsg = &build_msg('new_foreign_client', $main::server_address, "KNOWN_SERVER", \%mydata); push(@out_msg_l, $mymsg); - &main::daemon_log("$session_id INFO: register client $source ($mac_address)", 5); - &main::daemon_log("$session_id INFO: client version: $client_status - $client_revision", 5); + &main::daemon_log("$session_id INFO: register client $source ($mac_address), $client_status - $client_revision", 5); return @out_msg_l; } @@ -679,7 +609,7 @@ sub who_has { # what is your search pattern my $search_pattern = @{$msg_hash->{who_has}}[0]; my $search_element = @{$msg_hash->{$search_pattern}}[0]; - &main::daemon_log("who_has-msg looking for $search_pattern $search_element", 7); + #&main::daemon_log("who_has-msg looking for $search_pattern $search_element", 7); # scanning known_clients for search_pattern my @host_addresses = keys %$main::known_clients; @@ -715,6 +645,159 @@ sub who_has_i_do { } +sub new_syslog_config { + my ($mac_address, $session_id) = @_; + my $syslog_msg; + my $ldap_handle=&main::get_ldap_handle(); + + # Perform search + my $ldap_res = $ldap_handle->search( base => $ldap_base, + scope => 'sub', + attrs => ['gotoSyslogServer'], + filter => "(&(objectClass=GOhard)(macaddress=$mac_address))"); + if($ldap_res->code) { + &main::daemon_log("$session_id ERROR: new_syslog_config: ldap search: ".$ldap_res->error, 1); + &main::release_ldap_handle($ldap_handle); + return; + } + + # Sanity check + if ($ldap_res->count != 1) { + &main::daemon_log("$session_id ERROR: client with mac address $mac_address not found/unique/active - not sending syslog config". + "\n\tbase: $ldap_base". + "\n\tscope: sub". + "\n\tattrs: gotoSyslogServer". + "\n\tfilter: (&(objectClass=GOhard)(macaddress=$mac_address))", 1); + &main::release_ldap_handle($ldap_handle); + return; + } + + my $entry= $ldap_res->entry(0); + my $filter_dn = &Net::LDAP::Util::escape_filter_value($entry->dn); + my $syslog_server = $entry->get_value("gotoSyslogServer"); + + # If no syslog server is specified at host, just have a look at the object group of the host + # Perform object group search + if (not defined $syslog_server) { + my $ldap_res = $ldap_handle->search( base => $ldap_base, + scope => 'sub', + attrs => ['gotoSyslogServer'], + filter => "(&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))"); + if($ldap_res->code) { + &main::daemon_log("$session_id ERROR: new_syslog_config: ldap search: ".$ldap_res->error, 1); + &main::release_ldap_handle($ldap_handle); + return; + } + + # Sanity check + if ($ldap_res->count != 1) { + &main::daemon_log("$session_id ERROR: client with mac address $mac_address not found/unique/active - not sending syslog config". + "\n\tbase: $ldap_base". + "\n\tscope: sub". + "\n\tattrs: gotoSyslogServer". + "\n\tfilter: (&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1); + &main::release_ldap_handle($ldap_handle); + return; + } + + my $entry= $ldap_res->entry(0); + $syslog_server= $entry->get_value("gotoSyslogServer"); + } + + # Return if no syslog server specified + if (not defined $syslog_server) { + &main::daemon_log("$session_id WARNING: no syslog server specified for this host '$mac_address'", 3); + &main::release_ldap_handle($ldap_handle); + return; + } + + + # Add syslog server to 'syslog_config' message + my $syslog_msg_hash = &create_xml_hash("new_syslog_config", $server_address, $mac_address); + &add_content2xml_hash($syslog_msg_hash, "server", $syslog_server); + + &main::release_ldap_handle($ldap_handle); + return &create_xml_string($syslog_msg_hash); +} + + +sub new_ntp_config { + my ($address, $session_id) = @_; + my $ntp_msg; + my $ldap_handle=&main::get_ldap_handle(); + + # Perform search + my $ldap_res = $ldap_handle->search( base => $ldap_base, + scope => 'sub', + attrs => ['gotoNtpServer'], + filter => "(&(objectClass=GOhard)(macaddress=$address))"); + if($ldap_res->code) { + &main::daemon_log("$session_id ERROR: new_ntp_config: ldap search: ".$ldap_res->error, 1); + &main::release_ldap_handle($ldap_handle); + return; + } + + # Sanity check + if ($ldap_res->count != 1) { + &main::daemon_log("$session_id ERROR: client with mac address $address not found/unique/active - not sending ntp config". + "\n\tbase: $ldap_base". + "\n\tscope: sub". + "\n\tattrs: gotoNtpServer". + "\n\tfilter: (&(objectClass=GOhard)(macaddress=$address))", 1); + &main::release_ldap_handle($ldap_handle); + return; + } + + my $entry= $ldap_res->entry(0); + my $filter_dn = &Net::LDAP::Util::escape_filter_value($entry->dn); + my @ntp_servers= $entry->get_value("gotoNtpServer"); + + # If no ntp server is specified at host, just have a look at the object group of the host + # Perform object group search + if ((not @ntp_servers) || (@ntp_servers == 0)) { + my $ldap_res = $ldap_handle->search( base => $ldap_base, + scope => 'sub', + attrs => ['gotoNtpServer'], + filter => "(&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))"); + if($ldap_res->code) { + &main::daemon_log("$session_id ERROR: new_ntp_config: ldap search: ".$ldap_res->error, 1); + &main::release_ldap_handle($ldap_handle); + return; + } + + # Sanity check + if ($ldap_res->count != 1) { + &main::daemon_log("$session_id ERROR: client with mac address $address not found/unique/active - not sending ntp config". + "\n\tbase: $ldap_base". + "\n\tscope: sub". + "\n\tattrs: gotoNtpServer". + "\n\tfilter: (&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1); + &main::release_ldap_handle($ldap_handle); + return; + } + + my $entry= $ldap_res->entry(0); + @ntp_servers= $entry->get_value("gotoNtpServer"); + } + + # Return if no ntp server specified + if ((not @ntp_servers) || (@ntp_servers == 0)) { + &main::daemon_log("$session_id WARNING: no ntp server specified for this host '$address'", 3); + &main::release_ldap_handle($ldap_handle); + return; + } + + # Add each ntp server to 'ntp_config' message + my $ntp_msg_hash = &create_xml_hash("new_ntp_config", $server_address, $address); + foreach my $ntp_server (@ntp_servers) { + &add_content2xml_hash($ntp_msg_hash, "server", $ntp_server); + } + + &main::release_ldap_handle($ldap_handle); + return &create_xml_string($ntp_msg_hash); +} + + #=== FUNCTION ================================================================ # NAME: new_ldap_config # PARAMETERS: address - string - ip address and port of a host @@ -730,53 +813,51 @@ sub new_ldap_config { # check hit my $hit_counter = keys %{$res}; if( not $hit_counter == 1 ) { - &main::daemon_log("$session_id ERROR: more or no hit found in known_clients_db by query '$sql_statement'", 1); + &main::daemon_log("$session_id ERROR: new_ldap_config: more or no hit found in known_clients_db by query '$sql_statement'", 1); + return; } $address = $res->{1}->{hostname}; my $macaddress = $res->{1}->{macaddress}; my $hostkey = $res->{1}->{hostkey}; - + if (not defined $macaddress) { - &main::daemon_log("$session_id ERROR: no mac address found for client $address", 1); + &main::daemon_log("$session_id ERROR: new_ldap_config: no mac address found for client $address", 1); return; } - # Build LDAP connection - my $ldap_handle = &main::get_ldap_handle($session_id); - if( not defined $ldap_handle ) { - &main::daemon_log("$session_id ERROR: cannot connect to ldap: $ldap_uri", 1); - return; - } - # Perform search + my $ldap_handle=&main::get_ldap_handle(); $mesg = $ldap_handle->search( base => $ldap_base, scope => 'sub', attrs => ['dn', 'gotoLdapServer', 'gosaUnitTag', 'FAIclass'], filter => "(&(objectClass=GOhard)(macaddress=$macaddress))"); if($mesg->code) { - &main::daemon_log("$session_id ".$mesg->error, 1); + &main::daemon_log("$session_id ERROR: new_ldap_config: ldap search: ".$mesg->error, 1); + &main::release_ldap_handle($ldap_handle); return; } # Sanity check if ($mesg->count != 1) { - &main::daemon_log("$session_id WARNING: client with mac address $macaddress not found/unique/active - not sending ldap config". + &main::daemon_log("$session_id ERROR: client with mac address $macaddress not found/unique/active - not sending ldap config". "\n\tbase: $ldap_base". "\n\tscope: sub". "\n\tattrs: dn, gotoLdapServer". "\n\tfilter: (&(objectClass=GOhard)(macaddress=$macaddress))", 1); + &main::release_ldap_handle($ldap_handle); return; } my $entry= $mesg->entry(0); - my $dn= $entry->dn; + my $filter_dn= &Net::LDAP::Util::escape_filter_value($entry->dn); my @servers= $entry->get_value("gotoLdapServer"); my $unit_tag= $entry->get_value("gosaUnitTag"); my @ldap_uris; my $server; my $base; my $release; + my $dn= $entry->dn; # Fill release if available my $FAIclass= $entry->get_value("FAIclass"); @@ -789,18 +870,21 @@ sub new_ldap_config { $mesg = $ldap_handle->search( base => $ldap_base, scope => 'sub', attrs => ['dn', 'gotoLdapServer', 'FAIclass'], - filter => "(&(objectClass=gosaGroupOfNames)(member=$dn))"); + filter => "(&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))"); if($mesg->code) { - &main::daemon_log("$session_id ERROR: unable to search for '(&(objectClass=gosaGroupOfNames)(member=$dn))': ".$mesg->error, 1); + &main::daemon_log("$session_id ERROR: new_ldap_config: unable to search for '(&(objectClass=gosaGroupOfNames)(member=$filter_dn))': ".$mesg->error, 1); + &main::release_ldap_handle($ldap_handle); return; } # Sanity check - if ($mesg->count == 0) { - &main::daemon_log("$session_id WARNING: no LDAP informations found for client with filter '(&(objectClass=gosaGroupOfNames)(member=$dn))'", 3); - return; - } elsif ($mesg->count >= 2) { - &main::daemon_log("$session_id ERROR: multiple LDAP informations found for client with filter '(&(objectClass=gosaGroupOfNames)(member=$dn))'", 1); + if ($mesg->count != 1) { + &main::daemon_log("$session_id ERROR: new_ldap_config: client with mac address $macaddress not found/unique/active - not sending ldap config". + "\n\tbase: $ldap_base". + "\n\tscope: sub". + "\n\tattrs: dn, gotoLdapServer, FAIclass". + "\n\tfilter: (&(gosaGroupObjects=[W])(objectClass=gosaGroupOfNames)(member=$filter_dn))", 1); + &main::release_ldap_handle($ldap_handle); return; } @@ -820,7 +904,7 @@ sub new_ldap_config { # complain if no ldap information found if (@servers == 0) { - &main::daemon_log("$session_id ERROR: no gotoLdapServer information for LDAP entry with filter '(&(objectClass=gosaGroupOfNames)(member=$dn))'"); + &main::daemon_log("$session_id ERROR: no gotoLdapServer information for LDAP entry '$dn'", 1); } foreach $server (@servers){ @@ -862,13 +946,15 @@ sub new_ldap_config { filter => "(&(objectClass=gosaAdministrativeUnit)(gosaUnitTag=$unit_tag))"); #$mesg->code && die $mesg->error; if($mesg->code) { - &main::daemon_log($mesg->error, 1); + &main::daemon_log("$session_id ERROR: new_ldap_config: ldap search: ".$mesg->error, 1); + &main::release_ldap_handle($ldap_handle); return "error-unit-tag-count-0"; } # Sanity check if ($mesg->count != 1) { - &main::daemon_log("WARNING: cannot find administrative unit for client with tag $unit_tag", 1); + &main::daemon_log("WARNING: cannot find administrative unit for client with tag $unit_tag", 3); + &main::release_ldap_handle($ldap_handle); return "error-unit-tag-count-".$mesg->count; } @@ -879,6 +965,7 @@ sub new_ldap_config { # Append unit Tag $data{'unit_tag'}= $unit_tag; } + &main::release_ldap_handle($ldap_handle); # Send information return &build_msg("new_ldap_config", $server_address, $address, \%data); @@ -903,24 +990,18 @@ sub hardware_config { # check hit my $hit_counter = keys %{$res}; if( not $hit_counter == 1 ) { - &main::daemon_log("$session_id ERROR: more or no hit found in known_clients_db by query by '$address'", 1); + &main::daemon_log("$session_id ERROR: hardware_config: more or no hit found in known_clients_db by query by '$address'", 1); } my $macaddress = $res->{1}->{macaddress}; my $hostkey = $res->{1}->{hostkey}; if (not defined $macaddress) { - &main::daemon_log("$session_id ERROR: no mac address found for client $address", 1); + &main::daemon_log("$session_id ERROR: hardware_config: no mac address found for client $address", 1); return; } - # Build LDAP connection - my $ldap_handle = &main::get_ldap_handle($session_id); - if( not defined $ldap_handle ) { - &main::daemon_log("$session_id ERROR: cannot connect to ldap: $ldap_uri", 1); - return; - } - # Perform search + my $ldap_handle=&main::get_ldap_handle(); $mesg = $ldap_handle->search( base => $ldap_base, scope => 'sub', @@ -928,7 +1009,7 @@ sub hardware_config { ); if($mesg->count() == 0) { - &main::daemon_log("Host was not found in LDAP!", 1); + &main::daemon_log("$session_id INFO: Host was not found in LDAP!", 5); # set status = hardware_detection at jobqueue if entry exists # TODO @@ -952,15 +1033,15 @@ sub hardware_config { } else { my $entry= $mesg->entry(0); - my $dn= $entry->dn; if (defined($entry->get_value("gotoHardwareChecksum"))) { - if (! $entry->get_value("gotoHardwareChecksum") eq $gotoHardwareChecksum) { + if (! ($entry->get_value("gotoHardwareChecksum") eq $gotoHardwareChecksum)) { $entry->replace(gotoHardwareChecksum => $gotoHardwareChecksum); if($entry->update($ldap_handle)) { &main::daemon_log("$session_id INFO: Hardware changed! Detection triggered.", 5); } } else { # Nothing to do + &main::release_ldap_handle($ldap_handle); return; } } @@ -975,12 +1056,14 @@ sub hardware_config { $data{'goto_secret'}= $goto_secret; } + &main::release_ldap_handle($ldap_handle); + # Send information return &build_msg("detect_hardware", $server_address, $address, \%data); } sub server_matches { - my $target = shift; + my ($target, $session_id) = @_ ; my $target_ip = ($1) if $target =~ /^([0-9\.]*?):.*$/; if(!defined($target_ip) or length($target_ip) == 0) { return; @@ -1024,10 +1107,11 @@ sub server_matches { } } } else { - &main::daemon_log("Target ip $target_ip does not match Server ip $server_ip",1); + &main::daemon_log("$session_id INFO: Target ip $target_ip does not match Server ip $server_ip",5); } return $result; } +# vim:ts=4:shiftwidth:expandtab 1;