X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-si%2Fmodules%2FGosaSupportDaemon.pm;h=b3a43167718f6a03a631abf084648b2af918c64e;hb=c7c87bf20a909ed7ff997aa879cd9146e74316af;hp=219a2fde5193f0bda81941d569453c231bd2e41e;hpb=6994da4a295f9e62685b4fa06181b9231ec750f2;p=gosa.git
diff --git a/gosa-si/modules/GosaSupportDaemon.pm b/gosa-si/modules/GosaSupportDaemon.pm
index 219a2fde5..b3a431677 100644
--- a/gosa-si/modules/GosaSupportDaemon.pm
+++ b/gosa-si/modules/GosaSupportDaemon.pm
@@ -3,19 +3,39 @@ package GOSA::GosaSupportDaemon;
use Exporter;
@ISA = qw(Exporter);
my @functions = (
+ "create_passwd",
"create_xml_hash",
"get_content_from_xml_hash",
"add_content2xml_hash",
"create_xml_string",
"transform_msg2hash",
"get_time",
+ "get_utc_time",
"build_msg",
+ "db_res2xml",
+ "db_res2si_msg",
"get_where_statement",
"get_select_statement",
"get_update_statement",
"get_limit_statement",
"get_orderby_statement",
"get_dns_domains",
+ "get_server_addresses",
+ "get_logged_in_users",
+ "import_events",
+ "del_doubles",
+ "get_ip",
+ "get_interface_for_ip",
+ "get_interfaces",
+ "get_mac_for_interface",
+ "get_local_ip_for_remote_ip",
+ "is_local",
+ "run_as",
+ "inform_all_other_si_server",
+ "read_configfile",
+ "check_opsi_res",
+ "calc_timestamp",
+ "opsi_callobj2string",
);
@EXPORT = @functions;
use strict;
@@ -25,6 +45,10 @@ use Crypt::Rijndael;
use Digest::MD5 qw(md5 md5_hex md5_base64);
use MIME::Base64;
use XML::Simple;
+use Data::Dumper;
+use Net::DNS;
+use DateTime;
+
my $op_hash = {
'eq' => '=',
@@ -33,6 +57,7 @@ my $op_hash = {
'gt' => '>',
'le' => '<=',
'lt' => '<',
+ 'like' => ' LIKE ',
};
@@ -51,6 +76,21 @@ sub daemon_log {
}
+sub create_passwd {
+ my $new_passwd = "";
+ for(my $i=0; $i<31; $i++) {
+ $new_passwd .= ("a".."z","A".."Z",0..9)[int(rand(62))]
+ }
+
+ return $new_passwd;
+}
+
+
+sub del_doubles {
+ my %all;
+ $all{$_}=0 for @_;
+ return (keys %all);
+}
#=== FUNCTION ================================================================
@@ -141,110 +181,24 @@ sub add_content2xml_hash {
}
-#=== FUNCTION ================================================================
-# NAME: encrypt_msg
-# PARAMETERS: msg - string - message to encrypt
-# my_cipher - ref - reference to a Crypt::Rijndael object
-# RETURNS: crypted_msg - string - crypted message
-# DESCRIPTION: crypts the incoming message with the Crypt::Rijndael module
-#===============================================================================
-#sub encrypt_msg {
-# my ($msg, $key) = @_;
-# my $my_cipher = &create_ciphering($key);
-# {
-# use bytes;
-# $msg = "\0"x(16-length($msg)%16).$msg;
-# }
-# $msg = $my_cipher->encrypt($msg);
-# chomp($msg = &encode_base64($msg));
-# # there are no newlines allowed inside msg
-# $msg=~ s/\n//g;
-# return $msg;
-#}
-
-
-#=== FUNCTION ================================================================
-# NAME: decrypt_msg
-# PARAMETERS: crypted_msg - string - message to decrypt
-# my_cipher - ref - reference to a Crypt::Rijndael object
-# RETURNS: msg - string - decrypted message
-# DESCRIPTION: decrypts the incoming message with the Crypt::Rijndael module
-#===============================================================================
-#sub decrypt_msg {
-# my ($msg, $my_cipher) = @_ ;
-#
-# if(defined $msg && defined $my_cipher) {
-# $msg = &decode_base64($msg);
-# }
-# $msg = $my_cipher->decrypt($msg);
-# $msg =~ s/\0*//g;
-# return $msg;
-# my ($msg, $key) = @_ ;
-# $msg = &decode_base64($msg);
-# my $my_cipher = &create_ciphering($key);
-# $msg = $my_cipher->decrypt($msg);
-# $msg =~ s/\0*//g;
-# return $msg;
-#}
-
-
-#=== FUNCTION ================================================================
-# NAME: create_ciphering
-# PARAMETERS: passwd - string - used to create ciphering
-# RETURNS: cipher - object
-# DESCRIPTION: creates a Crypt::Rijndael::MODE_CBC object with passwd as key
-#===============================================================================
-#sub create_ciphering {
-# my ($passwd) = @_;
-# $passwd = substr(md5_hex("$passwd") x 32, 0, 32);
-# my $iv = substr(md5_hex('GONICUS GmbH'),0, 16);
-#
-# #daemon_log("iv: $iv", 7);
-# #daemon_log("key: $passwd", 7);
-# my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC());
-# $my_cipher->set_iv($iv);
-# return $my_cipher;
-#}
-
-
-#=== FUNCTION ================================================================
-# NAME: open_socket
-# PARAMETERS: PeerAddr string something like 192.168.1.1 or 192.168.1.1:10000
-# [PeerPort] string necessary if port not appended by PeerAddr
-# RETURNS: socket IO::Socket::INET
-# DESCRIPTION: open a socket to PeerAddr
-#===============================================================================
-#sub open_socket {
-# my ($PeerAddr, $PeerPort) = @_ ;
-# if(defined($PeerPort)){
-# $PeerAddr = $PeerAddr.":".$PeerPort;
-# }
-# my $socket;
-# $socket = new IO::Socket::INET(PeerAddr => $PeerAddr,
-# Porto => "tcp",
-# Type => SOCK_STREAM,
-# Timeout => 5,
-# );
-# if(not defined $socket) {
-# return;
-# }
-# &daemon_log("open_socket: $PeerAddr", 7);
-# return $socket;
-#}
-
-
sub get_time {
- my ($seconds, $minutes, $hours, $monthday, $month,
- $year, $weekday, $yearday, $sommertime) = localtime(time);
- $hours = $hours < 10 ? $hours = "0".$hours : $hours;
- $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes;
- $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds;
- $month+=1;
- $month = $month < 10 ? $month = "0".$month : $month;
- $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday;
- $year+=1900;
- return "$year$month$monthday$hours$minutes$seconds";
+ my ($seconds, $minutes, $hours, $monthday, $month,
+ $year, $weekday, $yearday, $sommertime) = localtime;
+ $hours = $hours < 10 ? $hours = "0".$hours : $hours;
+ $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes;
+ $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds;
+ $month+=1;
+ $month = $month < 10 ? $month = "0".$month : $month;
+ $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday;
+ $year+=1900;
+ return "$year$month$monthday$hours$minutes$seconds";
+}
+
+sub get_utc_time {
+ my $utc_time = qx(date --utc +%Y%m%d%H%M%S);
+ $utc_time =~ s/\s$//;
+ return $utc_time;
}
@@ -261,6 +215,9 @@ sub get_time {
sub build_msg ($$$$) {
my ($header, $from, $to, $data) = @_;
+ # data is of form, i.e.
+ # %data= ('ip' => $address, 'mac' => $mac);
+
my $out_hash = &create_xml_hash($header, $from, $to);
while ( my ($key, $value) = each(%$data) ) {
@@ -275,6 +232,45 @@ sub build_msg ($$$$) {
}
+sub db_res2xml {
+ my ($db_res) = @_ ;
+ my $xml = "";
+
+ my $len_db_res= keys %{$db_res};
+ for( my $i= 1; $i<= $len_db_res; $i++ ) {
+ $xml .= "\n";
+ my $hash= $db_res->{$i};
+ while ( my ($column_name, $column_value) = each %{$hash} ) {
+ $xml .= "<$column_name>";
+ my $xml_content;
+ if( $column_name eq "xmlmessage" ) {
+ $xml_content = &encode_base64($column_value);
+ } else {
+ $xml_content = defined $column_value ? $column_value : "";
+ }
+ $xml .= $xml_content;
+ $xml .= "$column_name>";
+ }
+ $xml .= "";
+
+ }
+
+ return $xml;
+}
+
+
+sub db_res2si_msg {
+ my ($db_res, $header, $target, $source) = @_;
+
+ my $si_msg = "";
+ $si_msg .= "";
+ $si_msg .= "";
+ $si_msg .= "$target";
+ $si_msg .= &db_res2xml;
+ $si_msg .= "";
+}
+
+
sub get_where_statement {
my ($msg, $msg_hash) = @_;
my $error= 0;
@@ -299,7 +295,7 @@ sub get_where_statement {
if( exists $phrase->{'operator'} ) {
my $op = $op_hash->{$phrase->{'operator'}[0]};
if( not defined $op ) {
- &main::daemon_log("Can not translate operator '$operator' in where ".
+ &main::daemon_log("ERROR: Can not translate operator '$operator' in where-".
"statement to sql valid syntax. Please use 'eq', ".
"'ne', 'ge', 'gt', 'le', 'lt' in xml message\n", 1);
&main::daemon_log($msg, 8);
@@ -312,15 +308,25 @@ sub get_where_statement {
my @xml_tags = keys %{$phrase};
my $tag = $xml_tags[0];
my $val = $phrase->{$tag}[0];
- push(@phrase_l, "$tag$operator'$val'");
+ if( ref($val) eq "HASH" ) { next; } # empty xml-tags should not appear in where statement
+
+ # integer columns do not have to have single quotes besides the value
+ if ($tag eq "id") {
+ push(@phrase_l, "$tag$operator$val");
+ } else {
+ push(@phrase_l, "$tag$operator'$val'");
+ }
+ }
+
+ if (not 0 == @phrase_l) {
+ my $clause_str .= join(" $connector ", @phrase_l);
+ push(@clause_l, "($clause_str)");
}
- my $clause_str .= join(" $connector ", @phrase_l);
- push(@clause_l, $clause_str);
}
if( not 0 == @clause_l ) {
$clause_str = join(" AND ", @clause_l);
- $clause_str = "WHERE $clause_str ";
+ $clause_str = "WHERE ($clause_str) ";
}
}
@@ -332,7 +338,7 @@ sub get_select_statement {
my $select = "*";
if( exists $msg_hash->{'select'} ) {
my $select_l = \@{$msg_hash->{'select'}};
- $select = join(' AND ', @{$select_l});
+ $select = join(', ', @{$select_l});
}
return $select;
}
@@ -437,4 +443,446 @@ sub get_dns_domains() {
return @searches;
}
+
+sub get_server_addresses {
+ my $domain= shift;
+ my @result;
+ my $error_string;
+
+ my $error = 0;
+ my $res = Net::DNS::Resolver->new;
+ my $query = $res->send("_gosa-si._tcp.".$domain, "SRV");
+ my @hits;
+
+ if ($query) {
+ foreach my $rr ($query->answer) {
+ push(@hits, $rr->target.":".$rr->port);
+ }
+ }
+ else {
+ $error_string = "determination of '_gosa-si._tcp' server in domain '$domain' failed: ".$res->errorstring;
+ $error++;
+ }
+
+ if( $error == 0 ) {
+ foreach my $hit (@hits) {
+ my ($hit_name, $hit_port) = split(/:/, $hit);
+ chomp($hit_name);
+ chomp($hit_port);
+
+ my $address_query = $res->send($hit_name);
+ if( 1 == length($address_query->answer) ) {
+ foreach my $rr ($address_query->answer) {
+ push(@result, $rr->address.":".$hit_port);
+ }
+ }
+ }
+ }
+
+ return \@result, $error_string;
+}
+
+
+sub get_logged_in_users {
+ my $result = qx(/usr/bin/w -hs);
+ my @res_lines;
+
+ if( defined $result ) {
+ chomp($result);
+ @res_lines = split("\n", $result);
+ }
+
+ my @logged_in_user_list;
+ foreach my $line (@res_lines) {
+ chomp($line);
+ my @line_parts = split(/\s+/, $line);
+ push(@logged_in_user_list, $line_parts[0]);
+ }
+
+ return @logged_in_user_list;
+
+}
+
+
+sub import_events {
+ my ($event_dir) = @_;
+ my $event_hash;
+ my $error = 0;
+ my @result = ();
+ if (not -e $event_dir) {
+ $error++;
+ push(@result, "cannot find directory or directory is not readable: $event_dir");
+ }
+
+ my $DIR;
+ if ($error == 0) {
+ opendir ($DIR, $event_dir) or do {
+ $error++;
+ push(@result, "cannot open directory '$event_dir' for reading: $!\n");
+ }
+ }
+
+ if ($error == 0) {
+ while (defined (my $event = readdir ($DIR))) {
+ if( $event eq "." || $event eq ".." || ($event =~ /^\.pm$/)) { next; }
+
+ # Check config file to exclude disabled event plugins (i.e. Opsi)
+ if ($event eq "opsi_com.pm" && $main::opsi_enabled ne "true") {
+ &main::daemon_log("0 WARNING: opsi-module is installed but not enabled in config file, please set under section '[OPSI]': 'enabled=true'", 3);
+ next;
+ }
+
+ # try to import event module
+ eval{ require $event; };
+ if( $@ ) {
+ $error++;
+ #push(@result, "import of event module '$event' failed: $@");
+ #next;
+
+ &main::daemon_log("ERROR: Import of event module '$event' failed: $@",1);
+ exit(1);
+ }
+
+ # fetch all single events
+ $event =~ /(\S*?).pm$/;
+ my $event_module = $1;
+ my $events_l = eval( $1."::get_events()") ;
+ foreach my $event_name (@{$events_l}) {
+ $event_hash->{$event_module}->{$event_name} = "";
+ }
+ my $events_string = join( ", ", @{$events_l});
+ push(@result, "import of event module '$event' succeed: $events_string");
+ }
+
+ close $DIR;
+ }
+
+ return ($error, \@result, $event_hash);
+
+}
+
+
+#=== FUNCTION ================================================================
+# NAME: get_ip
+# PARAMETERS: interface name (i.e. eth0)
+# RETURNS: (ip address)
+# DESCRIPTION: Uses ioctl to get ip address directly from system.
+#===============================================================================
+sub get_ip {
+ my $ifreq= shift;
+ my $result= "";
+ my $SIOCGIFADDR= 0x8915; # man 2 ioctl_list
+ my $proto= getprotobyname('ip');
+
+ socket SOCKET, PF_INET, SOCK_DGRAM, $proto
+ or die "socket: $!";
+
+ if(ioctl SOCKET, $SIOCGIFADDR, $ifreq) {
+ my ($if, $sin) = unpack 'a16 a16', $ifreq;
+ my ($port, $addr) = sockaddr_in $sin;
+ my $ip = inet_ntoa $addr;
+
+ if ($ip && length($ip) > 0) {
+ $result = $ip;
+ }
+ }
+
+ return $result;
+}
+
+
+#=== FUNCTION ================================================================
+# NAME: get_interface_for_ip
+# PARAMETERS: ip address (i.e. 192.168.0.1)
+# RETURNS: array: list of interfaces if ip=0.0.0.0, matching interface if found, undef else
+# DESCRIPTION: Uses proc fs (/proc/net/dev) to get list of interfaces.
+#===============================================================================
+sub get_interface_for_ip {
+ my $result;
+ my $ip= shift;
+ if ($ip && length($ip) > 0) {
+ my @ifs= &get_interfaces();
+ if($ip eq "0.0.0.0") {
+ $result = "all";
+ } else {
+ foreach (@ifs) {
+ my $if=$_;
+ if(&get_ip($if) eq $ip) {
+ $result = $if;
+ }
+ }
+ }
+ }
+ return $result;
+}
+
+#=== FUNCTION ================================================================
+# NAME: get_interfaces
+# PARAMETERS: none
+# RETURNS: (list of interfaces)
+# DESCRIPTION: Uses proc fs (/proc/net/dev) to get list of interfaces.
+#===============================================================================
+sub get_interfaces {
+ my @result;
+ my $PROC_NET_DEV= ('/proc/net/dev');
+
+ open(PROC_NET_DEV, "<$PROC_NET_DEV")
+ or die "Could not open $PROC_NET_DEV";
+
+ my @ifs = ;
+
+ close(PROC_NET_DEV);
+
+ # Eat first two line
+ shift @ifs;
+ shift @ifs;
+
+ chomp @ifs;
+ foreach my $line(@ifs) {
+ my $if= (split /:/, $line)[0];
+ $if =~ s/^\s+//;
+ push @result, $if;
+ }
+
+ return @result;
+}
+
+sub get_local_ip_for_remote_ip {
+ my $remote_ip= shift;
+ my $result="0.0.0.0";
+
+ if($remote_ip =~ /^(\d\d?\d?\.){3}\d\d?\d?$/) {
+ my $PROC_NET_ROUTE= ('/proc/net/route');
+
+ open(PROC_NET_ROUTE, "<$PROC_NET_ROUTE")
+ or die "Could not open $PROC_NET_ROUTE";
+
+ my @ifs = ;
+
+ close(PROC_NET_ROUTE);
+
+ # Eat header line
+ shift @ifs;
+ chomp @ifs;
+ foreach my $line(@ifs) {
+ my ($Iface,$Destination,$Gateway,$Flags,$RefCnt,$Use,$Metric,$Mask,$MTU,$Window,$IRTT)=split(/\s/, $line);
+ my $destination;
+ my $mask;
+ my ($d,$c,$b,$a)=unpack('a2 a2 a2 a2', $Destination);
+ $destination= sprintf("%d.%d.%d.%d", hex($a), hex($b), hex($c), hex($d));
+ ($d,$c,$b,$a)=unpack('a2 a2 a2 a2', $Mask);
+ $mask= sprintf("%d.%d.%d.%d", hex($a), hex($b), hex($c), hex($d));
+ if(new NetAddr::IP($remote_ip)->within(new NetAddr::IP($destination, $mask))) {
+ # destination matches route, save mac and exit
+ $result= &get_ip($Iface);
+ last;
+ }
+ }
+ }
+
+ return $result;
+}
+
+
+sub get_mac_for_interface {
+ my $ifreq= shift;
+ my $result;
+ if ($ifreq && length($ifreq) > 0) {
+ if($ifreq eq "all") {
+ $result = "00:00:00:00:00:00";
+ } else {
+ my $SIOCGIFHWADDR= 0x8927; # man 2 ioctl_list
+
+ # A configured MAC Address should always override a guessed value
+ if ($main::server_mac_address and length($main::server_mac_address) > 0) {
+ $result= $main::server_mac_address;
+ }
+
+ socket SOCKET, PF_INET, SOCK_DGRAM, getprotobyname('ip')
+ or die "socket: $!";
+
+ if(ioctl SOCKET, $SIOCGIFHWADDR, $ifreq) {
+ my ($if, $mac)= unpack 'h36 H12', $ifreq;
+
+ if (length($mac) > 0) {
+ $mac=~ m/^([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])$/;
+ $mac= sprintf("%s:%s:%s:%s:%s:%s", $1, $2, $3, $4, $5, $6);
+ $result = $mac;
+ }
+ }
+ }
+ }
+ return $result;
+}
+
+
+#=== FUNCTION ================================================================
+# NAME: is_local
+# PARAMETERS: Server Address
+# RETURNS: true if Server Address is on this host, false otherwise
+# DESCRIPTION: Checks all interface addresses, stops on first match
+#===============================================================================
+sub is_local {
+ my $server_address = shift || "";
+ my $result = 0;
+
+ my $server_ip = $1 if $server_address =~ /^(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}):\d{1,6}$/;
+
+ if(defined($server_ip) && length($server_ip) > 0) {
+ foreach my $interface(&get_interfaces()) {
+ my $ip_address= &get_ip($interface);
+ if($ip_address eq $server_ip) {
+ $result = 1;
+ last;
+ }
+ }
+ }
+
+ return $result;
+}
+
+
+#=== FUNCTION ================================================================
+# NAME: run_as
+# PARAMETERS: uid, command
+# RETURNS: hash with keys 'resultCode' = resultCode of command and
+# 'output' = program output
+# DESCRIPTION: Runs command as uid using the sudo utility.
+#===============================================================================
+sub run_as {
+ my ($uid, $command) = @_;
+ my $sudo_cmd = `which sudo`;
+ chomp($sudo_cmd);
+ if(! -x $sudo_cmd) {
+ &main::daemon_log("ERROR: The sudo utility is not available! Please fix this!");
+ }
+ my $cmd_line= "$sudo_cmd su - $uid -c '$command'";
+ open(PIPE, "$cmd_line |");
+ my $result = {'command' => $cmd_line};
+ push @{$result->{'output'}}, ;
+ close(PIPE);
+ my $exit_value = $? >> 8;
+ $result->{'resultCode'} = $exit_value;
+ return $result;
+}
+
+
+#=== FUNCTION ================================================================
+# NAME: inform_other_si_server
+# PARAMETERS: message
+# RETURNS: nothing
+# DESCRIPTION: Sends message to all other SI-server found in known_server_db.
+#===============================================================================
+sub inform_all_other_si_server {
+ my ($msg) = @_;
+
+ # determine all other si-server from known_server_db
+ my $sql_statement= "SELECT * FROM $main::known_server_tn";
+ my $res = $main::known_server_db->select_dbentry( $sql_statement );
+
+ while( my ($hit_num, $hit) = each %$res ) {
+ my $act_target_address = $hit->{hostname};
+ my $act_target_key = $hit->{hostkey};
+
+ # determine the source address corresponding to the actual target address
+ my ($act_target_ip, $act_target_port) = split(/:/, $act_target_address);
+ my $act_source_address = &main::get_local_ip_for_remote_ip($act_target_ip).":$act_target_port";
+
+ # fill into message the correct target and source addresses
+ my $act_msg = $msg;
+ $act_msg =~ s/\w*<\/target>/$act_target_address<\/target>/g;
+ $act_msg =~ s/