X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-si%2Fmodules%2FSIPackages.pm;h=099ae2121b449bfd32c8bd2d0266577e74064ca6;hb=af9d2bdd58e8b70f29c64dbe3aa96c3f1692a18d;hp=45643ea862e740a816ad2a9ab2bb55c5d843c6e9;hpb=b9b909ed480e68083699c5973d43669c7c26362e;p=gosa.git diff --git a/gosa-si/modules/SIPackages.pm b/gosa-si/modules/SIPackages.pm index 45643ea86..099ae2121 100644 --- a/gosa-si/modules/SIPackages.pm +++ b/gosa-si/modules/SIPackages.pm @@ -12,41 +12,46 @@ use GOSA::GosaSupportDaemon; use IO::Socket::INET; use XML::Simple; use Data::Dumper; +use NetAddr::IP; use Net::LDAP; use Socket; use Net::hostent; +use utf8; + +my $event_dir = "/usr/lib/gosa-si/server/events"; +use lib "/usr/lib/gosa-si/server/events"; BEGIN{} END {} -my ($known_clients_file_name); -my ($server_activ, $server_ip, $server_mac_address, $server_port, $server_passwd, $max_clients, $ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password); -my ($bus_activ, $bus_passwd, $bus_ip, $bus_port); +my ($server_ip, $server_mac_address, $server_port, $SIPackages_key, $max_clients, $ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password, $server_interface); +my ($bus_activ, $bus_key, $bus_ip, $bus_port); my $server; +my $event_hash; my $network_interface; my $no_bus; my (@ldap_cfg, @pam_cfg, @nss_cfg, $goto_admin, $goto_secret); - - -my %cfg_defaults = -( -"server" => - {"server_activ" => [\$server_activ, "on"], - "server_ip" => [\$server_ip, "0.0.0.0"], - "server_mac_address" => [\$server_mac_address, ""], - "server_port" => [\$server_port, "20081"], - "server_passwd" => [\$server_passwd, ""], - "max_clients" => [\$max_clients, 100], - "ldap_uri" => [\$ldap_uri, ""], - "ldap_base" => [\$ldap_base, ""], - "ldap_admin_dn" => [\$ldap_admin_dn, ""], - "ldap_admin_password" => [\$ldap_admin_password, ""], +my $mesg; + +my %cfg_defaults = ( +"bus" => { + "activ" => [\$bus_activ, "on"], + "key" => [\$bus_key, ""], + "ip" => [\$bus_ip, ""], + "port" => [\$bus_port, "20080"], }, -"bus" => - {"bus_activ" => [\$bus_activ, "on"], - "bus_passwd" => [\$bus_passwd, ""], - "bus_ip" => [\$bus_ip, ""], - "bus_port" => [\$bus_port, "20080"], +"server" => { + "ip" => [\$server_ip, "0.0.0.0"], + "mac-address" => [\$server_mac_address, "00:00:00:00:00"], + "port" => [\$server_port, "20081"], + "ldap-uri" => [\$ldap_uri, ""], + "ldap-base" => [\$ldap_base, ""], + "ldap-admin-dn" => [\$ldap_admin_dn, ""], + "ldap-admin-password" => [\$ldap_admin_password, ""], + "max-clients" => [\$max_clients, 100], + }, +"SIPackages" => { + "key" => [\$SIPackages_key, ""], }, ); @@ -55,16 +60,93 @@ my %cfg_defaults = # read configfile and import variables &read_configfile(); -# detect interfaces and mac address -$network_interface= &get_interface_for_ip($server_ip); -$server_mac_address= &get_mac($network_interface); -# complete addresses -if( $server_ip eq "0.0.0.0" ) { - $server_ip = "127.0.0.1"; +# if server_ip is not an ip address but a name +if( inet_aton($server_ip) ){ $server_ip = inet_ntoa(inet_aton($server_ip)); } +$network_interface= &get_interface_for_ip($server_ip); +$server_mac_address= &get_mac($network_interface); + +&import_events(); + +# Unit tag can be defined in config +if((not defined($main::gosa_unit_tag)) || length($main::gosa_unit_tag) == 0) { + # Read gosaUnitTag from LDAP + &main::refresh_ldap_handle(); + if( defined($main::ldap_handle) ) { + &main::daemon_log("INFO: Searching for servers gosaUnitTag with mac address $server_mac_address",5); + # Perform search for Unit Tag + $mesg = $main::ldap_handle->search( + base => $ldap_base, + scope => 'sub', + attrs => ['gosaUnitTag'], + filter => "(macaddress=$server_mac_address)" + ); + + if ($mesg->count == 1) { + my $entry= $mesg->entry(0); + my $unit_tag= $entry->get_value("gosaUnitTag"); + if(defined($unit_tag) && length($unit_tag) > 0) { + &main::daemon_log("INFO: Detected gosaUnitTag $unit_tag for creating entries", 5); + $main::gosa_unit_tag= $unit_tag; + } + } else { + # Perform another search for Unit Tag + my $hostname= `hostname -f`; + chomp($hostname); + &main::daemon_log("INFO: Searching for servers gosaUnitTag with hostname $hostname",5); + $mesg = $main::ldap_handle->search( + base => $ldap_base, + scope => 'sub', + attrs => ['gosaUnitTag'], + filter => "(&(cn=$hostname)(objectClass=goServer))" + ); + if ($mesg->count == 1) { + my $entry= $mesg->entry(0); + my $unit_tag= $entry->get_value("gosaUnitTag"); + if(defined($unit_tag) && length($unit_tag) > 0) { + &main::daemon_log("INFO: Detected gosaUnitTag $unit_tag for creating entries", 5); + $main::gosa_unit_tag= $unit_tag; + } + } else { + # Perform another search for Unit Tag + $hostname= `hostname -s`; + chomp($hostname); + &main::daemon_log("INFO: Searching for servers gosaUnitTag with hostname $hostname",5); + $mesg = $main::ldap_handle->search( + base => $ldap_base, + scope => 'sub', + attrs => ['gosaUnitTag'], + filter => "(&(cn=$hostname)(objectClass=goServer))" + ); + if ($mesg->count == 1) { + my $entry= $mesg->entry(0); + my $unit_tag= $entry->get_value("gosaUnitTag"); + if(defined($unit_tag) && length($unit_tag) > 0) { + &main::daemon_log("INFO: Detected gosaUnitTag $unit_tag for creating entries", 5); + $main::gosa_unit_tag= $unit_tag; + } + } else { + &main::daemon_log("WARNING: No gosaUnitTag detected. Not using gosaUnitTag", 3); + } + } + } + } else { + &main::daemon_log("INFO: Using gosaUnitTag from config-file: $main::gosa_unit_tag",5); + } } + + my $server_address = "$server_ip:$server_port"; +$main::server_address = $server_address; + + +if( inet_aton($bus_ip) ){ $bus_ip = inet_ntoa(inet_aton($bus_ip)); } +###################################################### +# to change +if( $bus_ip eq "127.0.1.1" ) { $bus_ip = "127.0.0.1" } +###################################################### my $bus_address = "$bus_ip:$bus_port"; +$main::bus_address = $bus_address; # create general settings for this module my $xml = new XML::Simple(); @@ -77,69 +159,28 @@ if($bus_activ eq "on") { ®ister_at_bus(); } +# add myself to known_server_db +my $res = $main::known_server_db->add_dbentry( {table=>'known_server', + primkey=>['hostname'], + hostname=>$server_address, + status=>'myself', + hostkey=>$SIPackages_key, + timestamp=>&get_time, + } ); + + + ### functions ################################################################# sub get_module_info { my @info = ($server_address, - $server_passwd, - $server, - $server_activ, - "socket", + $SIPackages_key, ); return \@info; } - -sub do_wake { - my $host = shift; - my $ipaddr = shift || '255.255.255.255'; - my $port = getservbyname('discard', 'udp'); - - my ($raddr, $them, $proto); - my ($hwaddr, $hwaddr_re, $pkt); - - # get the hardware address (ethernet address) - - $hwaddr_re = join(':', ('[0-9A-Fa-f]{1,2}') x 6); - if ($host =~ m/^$hwaddr_re$/) { - $hwaddr = $host; - } else { - # $host is not a hardware address, try to resolve it - my $ip_re = join('\.', ('([0-9]|[1-9][0-9]|1[0-9]{2}|2([0-4][0-9]|5[0-5]))') x 4); - my $ip_addr; - if ($host =~ m/^$ip_re$/) { - $ip_addr = $host; - } else { - my $h; - unless ($h = gethost($host)) { - return undef; - } - $ip_addr = inet_ntoa($h->addr); - } - } - - # Generate magic sequence - foreach (split /:/, $hwaddr) { - $pkt .= chr(hex($_)); - } - $pkt = chr(0xFF) x 6 . $pkt x 16; - - # Allocate socket and send packet - - $raddr = gethostbyname($ipaddr)->addr; - $them = pack_sockaddr_in($port, $raddr); - $proto = getprotobyname('udp'); - - socket(S, AF_INET, SOCK_DGRAM, $proto) or die "socket : $!"; - setsockopt(S, SOL_SOCKET, SO_BROADCAST, 1) or die "setsockopt : $!"; - - send(S, $pkt, 0, $them) or die "send : $!"; - close S; -} - - #=== FUNCTION ================================================================ # NAME: read_configfile # PARAMETERS: cfg_file - string - @@ -207,7 +248,7 @@ sub get_interface_for_ip { } else { foreach (@ifs) { my $if=$_; - if(get_ip($if) eq $ip) { + if(&main::get_ip($if) eq $ip) { $result = $if; } } @@ -284,34 +325,6 @@ sub get_mac { return $result; } -#=== FUNCTION ================================================================ -# NAME: get_ip -# PARAMETERS: interface name (i.e. eth0) -# RETURNS: (ip address) -# DESCRIPTION: Uses ioctl to get ip address directly from system. -#=============================================================================== -sub get_ip { - my $ifreq= shift; - my $result= ""; - my $SIOCGIFADDR= 0x8915; # man 2 ioctl_list - my $proto= getprotobyname('ip'); - - socket SOCKET, PF_INET, SOCK_DGRAM, $proto - or die "socket: $!"; - - if(ioctl SOCKET, $SIOCGIFADDR, $ifreq) { - my ($if, $sin) = unpack 'a16 a16', $ifreq; - my ($port, $addr) = sockaddr_in $sin; - my $ip = inet_ntoa $addr; - - if ($ip && length($ip) > 0) { - $result = $ip; - } - } - - return $result; -} - #=== FUNCTION ================================================================ # NAME: register_at_bus @@ -323,21 +336,46 @@ sub register_at_bus { # add bus to known_server_db my $res = $main::known_server_db->add_dbentry( {table=>'known_server', - primkey=>'hostname', + primkey=>['hostname'], hostname=>$bus_address, status=>'bus', - hostkey=>$bus_passwd, + hostkey=>$bus_key, timestamp=>&get_time, } ); my $msg_hash = &create_xml_hash("here_i_am", $server_address, $bus_address); - my $answer = ""; - $answer = &send_msg_hash2address($msg_hash, $bus_address, $bus_passwd); - if ($answer == 0) { - &main::daemon_log("register at bus: $bus_address", 1); - } else { - &main::daemon_log("unable to send 'register'-msg to bus '$bus_address': $answer", 1); + my $msg = &create_xml_string($msg_hash); + + &main::send_msg_to_target($msg, $bus_address, $bus_key, "here_i_am"); + return $msg; +} + + +sub import_events { + if (not -e $event_dir) { + &main::daemon_log("ERROR: cannot find directory or directory is not readable: $event_dir", 1); + } + opendir (DIR, $event_dir) or die "ERROR while loading gosa-si-events from directory $event_dir : $!\n"; + + while (defined (my $event = readdir (DIR))) { + if( $event eq "." || $event eq ".." ) { next; } + if( $event eq "gosaTriggered.pm" ) { next; } # only GOsa specific events + + eval{ require $event; }; + if( $@ ) { + &main::daemon_log("import of event module '$event' failed", 1); + &main::daemon_log("$@", 8); + next; + } + + $event =~ /(\S*?).pm$/; + my $event_module = $1; + my $events_l = eval( $1."::get_events()") ; + foreach my $event_name (@{$events_l}) { + $event_hash->{$event_name} = $event_module; + } + my $events_string = join( ", ", @{$events_l}); + &main::daemon_log("INFO: SIPackages imported events $events_string", 5); } - return; } @@ -348,19 +386,20 @@ sub register_at_bus { # DESCRIPTION: handels the proceeded distribution to the appropriated functions #=============================================================================== sub process_incoming_msg { - my ($msg, $msg_hash) = @_ ; + my ($msg, $msg_hash, $session_id) = @_ ; my $error = 0; my $host_name; my $host_key; - my @out_msg_l; + my @out_msg_l = (); # process incoming msg my $header = @{$msg_hash->{header}}[0]; - my $source = @{$msg_hash->{source}}[0]; my @target_l = @{$msg_hash->{target}}; - &main::daemon_log("SIPackages: msg to process: $header", 3); - &main::daemon_log("$msg", 8); + # skip PREFIX + $header =~ s/^CLMSG_//; + + &main::daemon_log("DEBUG: SIPackages: msg to process: $header", 7); if( 0 == length @target_l){ &main::daemon_log("ERROR: no target specified for msg $header", 1); @@ -369,85 +408,52 @@ sub process_incoming_msg { if( 1 == length @target_l) { my $target = $target_l[0]; - if( $target eq $server_address ) { - if ($header eq 'new_passwd') { - @out_msg_l = &new_passwd($msg_hash) - } elsif ($header eq 'here_i_am') { - @out_msg_l = &here_i_am($msg_hash) - } elsif ($header eq 'who_has') { - @out_msg_l = &who_has($msg_hash) - } elsif ($header eq 'who_has_i_do') { - @out_msg_l = &who_has_i_do($msg_hash) - } elsif ($header eq 'got_ping') { - @out_msg_l = &got_ping($msg_hash) - } elsif ($header eq 'get_load') { - @out_msg_l = &execute_actions($msg_hash) - } elsif ($header eq 'detected_hardware') { - @out_msg_l = &process_detected_hardware($msg_hash) - } elsif ($header eq 'trigger_wake') { - my $in_hash= &transform_msg2hash($msg); - foreach (@{$in_hash->{macAddress}}){ - &main::daemon_log("SIPackages: trigger wake for $_", 1); - do_wake($_); - } + if(&server_matches($target)) { + + if ($header eq 'new_key') { + @out_msg_l = &new_key($msg_hash) + } elsif ($header eq 'here_i_am') { + @out_msg_l = &here_i_am($msg_hash) } else { - &main::daemon_log("ERROR: $header is an unknown core function", 1); - $error++; + if( exists $event_hash->{$header} ) { + # a event exists with the header as name + &main::daemon_log("INFO: found event '$header' at event-module '".$event_hash->{$header}."'", 5); + no strict 'refs'; + @out_msg_l = &{$event_hash->{$header}."::$header"}($msg, $msg_hash, $session_id); + } } + + # if delivery not possible raise error and return + if( not @out_msg_l ) { + &main::daemon_log("WARNING: SIPackages got no answer from event handler '$header'", 3); + } elsif( 0 == @out_msg_l) { + &main::daemon_log("ERROR: SIPackages: no event handler or core function defined for '$header'", 1); + } } else { - &main::daemon_log("msg is not for gosa-si-server '$server_address', deliver it to target '$target'", 5); + &main::daemon_log("INFO: msg is not for gosa-si-server '$server_address', deliver it to target '$target'", 5); push(@out_msg_l, $msg); } } - if( $error == 0) { - if( 0 == @out_msg_l ) { - push(@out_msg_l, $msg); - } - } - return \@out_msg_l; } -#=== FUNCTION ================================================================ -# NAME: got_ping -# PARAMETERS: msg_hash - hash - hash from function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: process this incoming message -#=============================================================================== -sub got_ping { - my ($msg_hash) = @_; - - my $source = @{$msg_hash->{source}}[0]; - my $target = @{$msg_hash->{target}}[0]; - my $header = @{$msg_hash->{header}}[0]; - - if(exists $main::known_daemons->{$source}) { - &main::add_content2known_daemons(hostname=>$source, status=>$header); - } else { - &main::add_content2known_clients(hostname=>$source, status=>$header); - } - - return; -} - - #=== FUNCTION ================================================================ # NAME: new_passwd # PARAMETERS: msg_hash - ref - hash from function create_xml_hash # RETURNS: nothing # DESCRIPTION: process this incoming message #=============================================================================== -sub new_passwd { +sub new_key { my ($msg_hash) = @_; my @out_msg_l; my $header = @{$msg_hash->{header}}[0]; my $source_name = @{$msg_hash->{source}}[0]; - my $source_key = @{$msg_hash->{new_passwd}}[0]; + my $source_key = @{$msg_hash->{new_key}}[0]; my $query_res; # check known_clients_db @@ -459,8 +465,7 @@ sub new_passwd { "SET hostkey='$source_key', timestamp='$act_time' ". "WHERE hostname='$source_name'"; my $res = $main::known_clients_db->update_dbentry( $sql_statement ); - - my $hash = &create_xml_hash("confirm_new_passwd", $server_address, $source_name); + my $hash = &create_xml_hash("confirm_new_key", $server_address, $source_name); my $out_msg = &create_xml_string($hash); push(@out_msg_l, $out_msg); } @@ -477,7 +482,7 @@ sub new_passwd { "WHERE hostname='$source_name'"; my $res = $main::known_server_db->update_dbentry( $sql_statement ); - my $hash = &create_xml_hash("confirm_new_passwd", $server_address, $source_name); + my $hash = &create_xml_hash("confirm_new_key", $server_address, $source_name); my $out_msg = &create_xml_string($hash); push(@out_msg_l, $out_msg); } @@ -518,8 +523,8 @@ sub here_i_am { # number of actual activ clients my $act_nu_clients = $nu_clients; - &main::daemon_log("number of actual activ clients: $act_nu_clients", 5); - &main::daemon_log("number of maximal allowed clients: $max_clients", 5); + &main::daemon_log("INFO: number of actual activ clients: $act_nu_clients", 5); + &main::daemon_log("INFO: number of maximal allowed clients: $max_clients", 5); if($max_clients <= $act_nu_clients) { my $out_hash = &create_xml_hash("denied", $server_address, $source); @@ -537,14 +542,15 @@ sub here_i_am { # add entry to known_clients_db + my $act_timestamp = &get_time; my $res = $main::known_clients_db->add_dbentry( {table=>'known_clients', - primkey=>'hostname', + primkey=>['hostname'], hostname=>$source, events=>$events, macaddress=>$mac_address, status=>'registered', hostkey=>$new_passwd, - timestamp=>&get_time, + timestamp=>$act_timestamp, } ); if ($res != 0) { @@ -554,8 +560,6 @@ sub here_i_am { # return acknowledgement to client $out_hash = &create_xml_hash("registered", $server_address, $source); - my $register_out = &create_xml_string($out_hash); - push(@out_msg_l, $register_out); # notify registered client to bus if( $bus_activ eq "on") { @@ -566,15 +570,25 @@ sub here_i_am { # send update msg to bus $out_hash = &create_xml_hash("new_client", $server_address, $bus_address, $source); + &add_content2xml_hash($out_hash, "macaddress", $mac_address); + &add_content2xml_hash($out_hash, "timestamp", $act_timestamp); my $new_client_out = &create_xml_string($out_hash); push(@out_msg_l, $new_client_out); - &main::daemon_log("send bus msg that client '$source' has registerd at server '$server_address'", 3); + &main::daemon_log("INFO: send bus msg that client '$source' has registered at server '$server_address'", 5); } # give the new client his ldap config + # Workaround: Send within the registration response, if the client will get an ldap config later my $new_ldap_config_out = &new_ldap_config($source); if( $new_ldap_config_out ) { - push(@out_msg_l, $new_ldap_config_out); + &add_content2xml_hash($out_hash, "ldap_available", "true"); + } + my $register_out = &create_xml_string($out_hash); + push(@out_msg_l, $register_out); + + # Really send the ldap config + if( $new_ldap_config_out ) { + push(@out_msg_l, $new_ldap_config_out); } my $hardware_config_out = &hardware_config($source, $gotoHardwareChecksum); @@ -594,6 +608,7 @@ sub here_i_am { #=============================================================================== sub who_has { my ($msg_hash) = @_ ; + my @out_msg_l; # what is your search pattern my $search_pattern = @{$msg_hash->{who_has}}[0]; @@ -615,11 +630,12 @@ sub who_has { # search was successful if (defined $host_address) { my $source = @{$msg_hash->{source}}[0]; - my $out_msg = &create_xml_hash("who_has_i_do", $server_address, $source, "mac_address"); - &add_content2xml_hash($out_msg, "mac_address", $search_element); - &send_msg_hash2address($out_msg, $bus_address); + my $out_hash = &create_xml_hash("who_has_i_do", $server_address, $source, "mac_address"); + &add_content2xml_hash($out_hash, "mac_address", $search_element); + my $out_msg = &create_xml_string($out_hash); + push(@out_msg_l, $out_msg); } - return; + return @out_msg_l; } @@ -632,16 +648,17 @@ sub who_has_i_do { print "\ngot msg $header:\nserver $source has client with $search_param $search_value\n"; } + #=== FUNCTION ================================================================ # NAME: new_ldap_config # PARAMETERS: address - string - ip address and port of a host -# RETURNS: nothing +# RETURNS: gosa-si conform message # DESCRIPTION: send to address the ldap configuration found for dn gotoLdapServer #=============================================================================== sub new_ldap_config { my ($address) = @_ ; - my $sql_statement= "SELECT * FROM known_clients WHERE hostname='$address'"; + my $sql_statement= "SELECT * FROM known_clients WHERE hostname='$address' OR macaddress='$address'"; my $res = $main::known_clients_db->select_dbentry( $sql_statement ); # check hit @@ -650,6 +667,7 @@ sub new_ldap_config { &main::daemon_log("ERROR: more or no hit found in known_clients_db by query by '$address'", 1); } + $address = $res->{1}->{hostname}; my $macaddress = $res->{1}->{macaddress}; my $hostkey = $res->{1}->{hostkey}; @@ -659,21 +677,17 @@ sub new_ldap_config { } # Build LDAP connection - my $ldap = Net::LDAP->new($ldap_uri); - if( not defined $ldap ) { + &main::refresh_ldap_handle(); + if( not defined $main::ldap_handle ) { &main::daemon_log("ERROR: cannot connect to ldap: $ldap_uri", 1); return; } - - # Bind to a directory with dn and password - my $mesg= $ldap->bind($ldap_admin_dn, $ldap_admin_password); - # Perform search - $mesg = $ldap->search( base => $ldap_base, + $mesg = $main::ldap_handle->search( base => $ldap_base, scope => 'sub', - attrs => ['dn', 'gotoLdapServer', 'gosaUnitTag'], - filter => "(&(objectClass=GOhard)(macaddress=$macaddress))"); + attrs => ['dn', 'gotoLdapServer', 'gosaUnitTag', 'FAIclass'], + filter => "(&(objectClass=GOhard)(macaddress=$macaddress)(gotoLdapServer=*))"); #$mesg->code && die $mesg->error; if($mesg->code) { &main::daemon_log($mesg->error, 1); @@ -682,11 +696,11 @@ sub new_ldap_config { # Sanity check if ($mesg->count != 1) { - &main::daemon_log("WARNING: client mac address $macaddress not found/not unique in ldap search", 1); + &main::daemon_log("WARNING: client with mac address $macaddress not found/unique/active - not sending ldap config", 1); &main::daemon_log("\tbase: $ldap_base", 1); &main::daemon_log("\tscope: sub", 1); &main::daemon_log("\tattrs: dn, gotoLdapServer", 1); - &main::daemon_log("\tfilter: (&(objectClass=GOhard)(macaddress=$macaddress))", 1); + &main::daemon_log("\tfilter: (&(objectClass=GOhard)(macaddress=$macaddress)(gotoLdapServer=*))", 1); return; } @@ -697,12 +711,19 @@ sub new_ldap_config { my @ldap_uris; my $server; my $base; + my $release; + + # Fill release if available + my $FAIclass= $entry->get_value("FAIclass"); + if (defined $FAIclass && $FAIclass =~ /^.* :([A-Za-z0-9\/.]+).*$/) { + $release= $1; + } # Do we need to look at an object class? if (length(@servers) < 1){ - $mesg = $ldap->search( base => $ldap_base, + $mesg = $main::ldap_handle->search( base => $ldap_base, scope => 'sub', - attrs => ['dn', 'gotoLdapServer'], + attrs => ['dn', 'gotoLdapServer', 'FAIclass'], filter => "(&(objectClass=gosaGroupOfNames)(member=$dn))"); #$mesg->code && die $mesg->error; if($mesg->code) { @@ -719,20 +740,39 @@ sub new_ldap_config { $entry= $mesg->entry(0); $dn= $entry->dn; @servers= $entry->get_value("gotoLdapServer"); + + if (not defined $release){ + $FAIclass= $entry->get_value("FAIclass"); + if (defined $FAIclass && $FAIclass =~ /^.* :([A-Za-z0-9\/.]+).*$/) { + $release= $1; + } + } } @servers= sort (@servers); foreach $server (@servers){ - $base= $server; - $server =~ s%^[^:]+:[^:]+:(ldap.*://[^/]+)/.*$%$1%; - $base =~ s%^[^:]+:[^:]+:ldap.*://[^/]+/(.*)$%$1%; - push (@ldap_uris, $server); + # Conversation for backward compatibility + if (not $server =~ /^\d+:[^:]+:ldap[^:]*:\/\// ) { + if ($server =~ /^([^:]+):([^:]+)$/ ) { + $server= "1:dummy:ldap://$1/$2"; + } elsif ($server =~ /^(\d+):([^:]+):(.*)$/ ) { + $server= "$1:dummy:ldap://$2/$3"; + } + } + + $base= $server; + $server =~ s%^[^:]+:[^:]+:(ldap.*://[^/]+)/.*$%$1%; + $base =~ s%^[^:]+:[^:]+:ldap.*://[^/]+/(.*)$%$1%; + push (@ldap_uris, $server); } # Assemble data package my %data = ( 'ldap_uri' => \@ldap_uris, 'ldap_base' => $base, 'ldap_cfg' => \@ldap_cfg, 'pam_cfg' => \@pam_cfg,'nss_cfg' => \@nss_cfg ); + if (defined $release){ + $data{'release'}= $release; + } # Need to append GOto settings? if (defined $goto_admin and defined $goto_secret){ @@ -744,7 +784,7 @@ sub new_ldap_config { if (defined $unit_tag){ # Find admin base and department name - $mesg = $ldap->search( base => $ldap_base, + $mesg = $main::ldap_handle->search( base => $ldap_base, scope => 'sub', attrs => ['dn', 'ou'], filter => "(&(objectClass=gosaAdministrativeUnit)(gosaUnitTag=$unit_tag))"); @@ -768,19 +808,11 @@ sub new_ldap_config { $data{'unit_tag'}= $unit_tag; } - # Unbind - $mesg = $ldap->unbind; - # Send information - return send_msg("new_ldap_config", $server_address, $address, \%data); + return &build_msg("new_ldap_config", $server_address, $address, \%data); } -sub process_detected_hardware { - my $msg_hash = shift; - - return; -} #=== FUNCTION ================================================================ # NAME: hardware_config # PARAMETERS: address - string - ip address and port of a host @@ -788,114 +820,117 @@ sub process_detected_hardware { # DESCRIPTION: #=============================================================================== sub hardware_config { - my ($address, $gotoHardwareChecksum, $detectedHardware) = @_ ; - - my $sql_statement= "SELECT * FROM known_clients WHERE hostname='$address'"; - my $res = $main::known_clients_db->select_dbentry( $sql_statement ); - - # check hit - my $hit_counter = keys %{$res}; - if( not $hit_counter == 1 ) { - &main::daemon_log("ERROR: more or no hit found in known_clients_db by query by '$address'", 1); - } - - my $macaddress = $res->{1}->{macaddress}; - my $hostkey = $res->{1}->{hostkey}; + my ($address, $gotoHardwareChecksum) = @_ ; - if (not defined $macaddress) { - &main::daemon_log("ERROR: no mac address found for client $address", 1); - return; - } - - # Build LDAP connection - my $ldap = Net::LDAP->new($ldap_uri); - if( not defined $ldap ) { - &main::daemon_log("ERROR: cannot connect to ldap: $ldap_uri", 1); - return; - } + my $sql_statement= "SELECT * FROM known_clients WHERE hostname='$address'"; + my $res = $main::known_clients_db->select_dbentry( $sql_statement ); + # check hit + my $hit_counter = keys %{$res}; + if( not $hit_counter == 1 ) { + &main::daemon_log("ERROR: more or no hit found in known_clients_db by query by '$address'", 1); + } - # Bind to a directory with dn and password - my $mesg= $ldap->bind($ldap_admin_dn, $ldap_admin_password); + my $macaddress = $res->{1}->{macaddress}; + my $hostkey = $res->{1}->{hostkey}; - # Perform search - $mesg = $ldap->search( base => $ldap_base, - scope => 'sub', - attrs => ['dn', 'gotoHardwareChecksum'], - filter => "(&(objectClass=GOhard)(macaddress=$macaddress))"); - #$mesg->code && die $mesg->error; + if (not defined $macaddress) { + &main::daemon_log("ERROR: no mac address found for client $address", 1); + return; + } - #my $entry= $mesg->entry(0); - #my $dn= $entry->dn; - #my @servers= $entry->get_value("gotoHardwareChecksum"); + # Build LDAP connection + &main::refresh_ldap_handle(); + if( not defined $main::ldap_handle ) { + &main::daemon_log("ERROR: cannot connect to ldap: $ldap_uri", 1); + return; + } - # Assemble data package - my %data = (); + # Perform search + $mesg = $main::ldap_handle->search( + base => $ldap_base, + scope => 'sub', + filter => "(&(objectClass=GOhard)(|(macAddress=$macaddress)(dhcpHWaddress=ethernet $macaddress)))" + ); + + if($mesg->count() == 0) { + &main::daemon_log("Host was not found in LDAP!", 1); + } else { + my $entry= $mesg->entry(0); + my $dn= $entry->dn; + if(defined($entry->get_value("gotoHardwareChecksum"))) { + if(! $entry->get_value("gotoHardwareChecksum") eq $gotoHardwareChecksum) { + $entry->replace(gotoHardwareChecksum => $gotoHardwareChecksum); + if($entry->update($main::ldap_handle)) { + &main::daemon_log("Hardware changed! Detection triggered.", 4); + } + } else { + # Nothing to do + return; + } + } + } - # Need to append GOto settings? - if (defined $goto_admin and defined $goto_secret){ - $data{'goto_admin'}= $goto_admin; - $data{'goto_secret'}= $goto_secret; - } + # Assemble data package + my %data = (); - # Unbind - $mesg = $ldap->unbind; + # Need to append GOto settings? + if (defined $goto_admin and defined $goto_secret){ + $data{'goto_admin'}= $goto_admin; + $data{'goto_secret'}= $goto_secret; + } &main::daemon_log("Send detect_hardware message to $address", 4); - # Send information - return send_msg("detect_hardware", $server_address, $address, \%data); -} - -#=== FUNCTION ================================================================ -# NAME: execute_actions -# PARAMETERS: msg_hash - hash - hash from function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: invokes the script specified in msg_hash which is located under -# /etc/gosad/actions -#=============================================================================== -sub execute_actions { - my ($msg_hash) = @_ ; - my $configdir= '/etc/gosad/actions/'; - my $result; - - my $header = @{$msg_hash->{header}}[0]; - my $source = @{$msg_hash->{source}}[0]; - my $target = @{$msg_hash->{target}}[0]; - - if((not defined $source) - && (not defined $target) - && (not defined $header)) { - &main::daemon_log("ERROR: Entries missing in XML msg for gosad actions under /etc/gosad/actions"); - } else { - my $parameters=""; - my @params = @{$msg_hash->{$header}}; - my $params = join(", ", @params); - &main::daemon_log("execute_actions: got parameters: $params", 5); - - if (@params) { - foreach my $param (@params) { - my $param_value = (&get_content_from_xml_hash($msg_hash, $param))[0]; - &main::daemon_log("execute_actions: parameter -> value: $param -> $param_value", 7); - $parameters.= " ".$param_value; - } - } - - my $cmd= $configdir.$header."$parameters"; - &main::daemon_log("execute_actions: executing cmd: $cmd", 7); - $result= ""; - open(PIPE, "$cmd 2>&1 |"); - while() { - $result.=$_; - } - close(PIPE); - } - - # process the event result + # Send information + return &build_msg("detect_hardware", $server_address, $address, \%data); +} +sub server_matches { + my $target = shift; + my $target_ip = sprintf("%s", $target =~ /^([0-9\.]*?):.*$/); + my $result = 0; + + if($server_ip eq $target_ip) { + $result= 1; + } elsif ($target_ip eq "0.0.0.0") { + $result= 1; + } elsif ($server_ip eq "0.0.0.0") { + if ($target_ip eq "127.0.0.1") { + $result= 1; + } else { + my $PROC_NET_ROUTE= ('/proc/net/route'); + + open(PROC_NET_ROUTE, "<$PROC_NET_ROUTE") + or die "Could not open $PROC_NET_ROUTE"; + + my @ifs = ; + + close(PROC_NET_ROUTE); + + # Eat header line + shift @ifs; + chomp @ifs; + foreach my $line(@ifs) { + my ($Iface,$Destination,$Gateway,$Flags,$RefCnt,$Use,$Metric,$Mask,$MTU,$Window,$IRTT)=split(/\s/, $line); + my $destination; + my $mask; + my ($d,$c,$b,$a)=unpack('a2 a2 a2 a2', $Destination); + $destination= sprintf("%d.%d.%d.%d", hex($a), hex($b), hex($c), hex($d)); + ($d,$c,$b,$a)=unpack('a2 a2 a2 a2', $Mask); + $mask= sprintf("%d.%d.%d.%d", hex($a), hex($b), hex($c), hex($d)); + if(new NetAddr::IP($target_ip)->within(new NetAddr::IP($destination, $mask))) { + # destination matches route, save mac and exit + $result= 1; + last; + } + } + } + } else { + &main::daemon_log("Target ip $target_ip does not match Server ip $server_ip",1); + } - return; + return $result; } - 1;