X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-si%2Fnew-gosa-si-client;h=d24ced9d6426c21b331ab2267fa5044ad2233ba5;hb=5b504caadf8bb4ad4a4b163bb10ff8444d88fad7;hp=d8cf9db2884841195eb6ccaa9b6d28de5fc5acb7;hpb=6b71ae2f487e725002cdbc9a7b2dae0f1e6b2d26;p=gosa.git diff --git a/gosa-si/new-gosa-si-client b/gosa-si/new-gosa-si-client index d8cf9db28..d24ced9d6 100755 --- a/gosa-si/new-gosa-si-client +++ b/gosa-si/new-gosa-si-client @@ -43,15 +43,17 @@ use lib "/usr/lib/gosa-si/client/events"; my ($cfg_file, %cfg_defaults, $foreground, $verbose, $pid_file, $procid, $pid, $log_file); my ($server_ip, $server_port, $server_key, $server_timeout, $server_domain); -my ($client_ip, $client_port, $ldap_enabled, $ldap_config, $pam_config, $nss_config); - -my $server_address; -my @servers; -my $client_address; -my $client_mac_address; +my ($client_ip, $client_port, $client_mac_address, $ldap_enabled, $ldap_config, $pam_config, $nss_config); my $xml; my $default_server_key; my $event_hash; +my @servers; + +# globalise variables which are used in imported events +our $cfg_file; +our $server_address; +our $client_address; +our $server_key; # default variables our $REGISTERED_FLAG = 1; @@ -64,6 +66,7 @@ our $REGISTERED_FLAG = 1; "client" => {"client_port" => [\$client_port, "20083"], "client_ip" => [\$client_ip, "0.0.0.0"], + "client_mac_address" => [\$client_mac_address, "00:00:00:00:00:00:00"], "ldap" => [\$ldap_enabled, 1], "ldap_config" => [\$ldap_config, "/etc/ldap/ldap.conf"], "pam_config" => [\$pam_config, "/etc/pam_ldap.conf"], @@ -114,6 +117,7 @@ sub check_cmdline_param () { # DESCRIPTION: #=============================================================================== sub read_configfile { + my ($cfg_file, %cfg_defaults) = @_ ; my $cfg; if( defined( $cfg_file) && ( length($cfg_file) > 0 )) { if( -r $cfg_file ) { @@ -272,38 +276,43 @@ sub get_interfaces { # DESCRIPTION: Uses ioctl to get mac address directly from system. #=============================================================================== sub get_mac { - my $ifreq= shift; - my $result; - if ($ifreq && length($ifreq) > 0) { - if($ifreq eq "all") { - if(defined($server_ip)) { - $result = &get_local_mac_for_remote_ip($server_ip); - } else { - $result = "00:00:00:00:00:00"; - } - } else { - my $SIOCGIFHWADDR= 0x8927; # man 2 ioctl_list - - # A configured MAC Address should always override a guessed value - if ($client_mac_address and length($client_mac_address) > 0) { - $result= $client_mac_address; - } - - socket SOCKET, PF_INET, SOCK_DGRAM, getprotobyname('ip') - or die "socket: $!"; - - if(ioctl SOCKET, $SIOCGIFHWADDR, $ifreq) { - my ($if, $mac)= unpack 'h36 H12', $ifreq; - - if (length($mac) > 0) { - $mac=~ m/^([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])$/; - $mac= sprintf("%s:%s:%s:%s:%s:%s", $1, $2, $3, $4, $5, $6); - $result = $mac; - } - } - } - } - return $result; + my $ifreq= shift; + my $result; + if ($ifreq && length($ifreq) > 0) { + if($ifreq eq "all") { + if(defined($server_ip)) { + $result = &get_local_mac_for_remote_ip($server_ip); + } + elsif ($client_mac_address && length($client_mac_address) > 0){ + $result = &client_mac_address; + } + else { + $result = "00:00:00:00:00:00"; + } + } else { + my $SIOCGIFHWADDR= 0x8927; # man 2 ioctl_list + + # A configured MAC Address should always override a guessed value + if ($client_mac_address and length($client_mac_address) > 0) { + $result= $client_mac_address; + } + else { + socket SOCKET, PF_INET, SOCK_DGRAM, getprotobyname('ip') + or die "socket: $!"; + + if(ioctl SOCKET, $SIOCGIFHWADDR, $ifreq) { + my ($if, $mac)= unpack 'h36 H12', $ifreq; + + if (length($mac) > 0) { + $mac=~ m/^([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])$/; + $mac= sprintf("%s:%s:%s:%s:%s:%s", $1, $2, $3, $4, $5, $6); + $result = $mac; + } + } + } + } + } + return $result; } @@ -405,6 +414,147 @@ sub get_local_mac_for_remote_ip { } +sub new_ldap_config { + my ($msg_hash) = @_ ; + my $element; + my @ldap_uris; + my $ldap_base; + my @ldap_options; + my @pam_options; + my @nss_options; + my $goto_admin; + my $goto_secret; + my $admin_base= ""; + my $department= ""; + my $unit_tag; + + # Transform input into array + while ( my ($key, $value) = each(%$msg_hash) ) { + if ($key =~ /^(source|target|header)$/) { + next; + } + + foreach $element (@$value) { + if ($key =~ /^ldap_uri$/) { + push (@ldap_uris, $element); + next; + } + if ($key =~ /^ldap_base$/) { + $ldap_base= $element; + next; + } + if ($key =~ /^goto_admin$/) { + $goto_admin= $element; + next; + } + if ($key =~ /^goto_secret$/) { + $goto_secret= $element; + next; + } + if ($key =~ /^ldap_cfg$/) { + push (@ldap_options, "$element"); + next; + } + if ($key =~ /^pam_cfg$/) { + push (@pam_options, "$element"); + next; + } + if ($key =~ /^nss_cfg$/) { + push (@nss_options, "$element"); + next; + } + if ($key =~ /^admin_base$/) { + $admin_base= $element; + next; + } + if ($key =~ /^department$/) { + $department= $element; + next; + } + if ($key =~ /^unit_tag$/) { + $unit_tag= $element; + next; + } + } + } + + # Unit tagging enabled? + if (defined $unit_tag){ + push (@pam_options, "pam_filter gosaUnitTag=$unit_tag"); + push (@nss_options, "nss_base_passwd $admin_base?sub?gosaUnitTag=$unit_tag"); + push (@nss_options, "nss_base_group $admin_base?sub?gosaUnitTag=$unit_tag"); + } + + # Setup ldap.conf + my $file1; + my $file2; + open(file1, "> $ldap_config"); + print file1 "# This file was automatically generated by gosa-si-client. Do not change.\n"; + print file1 "URI"; + foreach $element (@ldap_uris) { + print file1 " $element"; + } + print file1 "\nBASE $ldap_base\n"; + foreach $element (@ldap_options) { + print file1 "$element\n"; + } + close (file1); + daemon_log("wrote $ldap_config", 5); + + # Setup pam_ldap.conf / libnss_ldap.conf + open(file1, "> $pam_config"); + open(file2, "> $nss_config"); + print file1 "# This file was automatically generated by gosa-si-client. Do not change.\n"; + print file2 "# This file was automatically generated by gosa-si-client. Do not change.\n"; + print file1 "uri"; + print file2 "uri"; + foreach $element (@ldap_uris) { + print file1 " $element"; + print file2 " $element"; + } + print file1 "\nbase $ldap_base\n"; + print file2 "\nbase $ldap_base\n"; + foreach $element (@pam_options) { + print file1 "$element\n"; + } + foreach $element (@nss_options) { + print file2 "$element\n"; + } + close (file2); + daemon_log("wrote $nss_config", 5); + close (file1); + daemon_log("wrote $pam_config", 5); + + # Create goto.secrets if told so - for compatibility reasons + if (defined $goto_admin){ + open(file1, "> /etc/goto/secret"); + close(file1); + chown(0,0, "/etc/goto/secret"); + chmod(0600, "/etc/goto/secret"); + open(file1, "> /etc/goto/secret"); + print file1 "GOTOADMIN=\"$goto_admin\"\nGOTOSECRET=\"$goto_secret\"\n"; + close(file1); + daemon_log("wrote /etc/goto/secret", 5); + } + + + + # Write shell based config + my $cfg_name= dirname($ldap_config)."/ldap-shell.conf"; + open(file1, "> $cfg_name"); + print file1 "LDAP_BASE=\"$ldap_base\"\n"; + print file1 "ADMIN_BASE=\"$admin_base\"\n"; + print file1 "DEPARTMENT=\"$department\"\n"; + print file1 "UNIT_TAG=\"".(defined $unit_tag ? "$unit_tag" : "")."\"\n"; + print file1 "UNIT_TAG_FILTER=\"".(defined $unit_tag ? "(gosaUnitTag=$unit_tag)" : "")."\"\n"; + close(file1); + daemon_log("wrote $cfg_name", 5); + + return; + +} + + sub create_passwd { my $new_passwd = ""; for(my $i=0; $i<31; $i++) { @@ -541,6 +691,45 @@ sub send_msg_hash2address { } +sub send_msg_to_target { + my ($msg, $address, $encrypt_key, $msg_header) = @_ ; + my $error = 0; + + if( $msg_header ) { + $msg_header = "'$msg_header'-"; + } + else { + $msg_header = ""; + } + + # encrypt xml msg + my $crypted_msg = &encrypt_msg($msg, $encrypt_key); + + # opensocket + my $socket = &open_socket($address); + if( !$socket ) { + daemon_log("cannot send ".$msg_header."msg to $address , host not reachable", 1); + $error++; + } + + if( $error == 0 ) { + # send xml msg + print $socket $crypted_msg."\n"; + + daemon_log("send ".$msg_header."msg to $address", 1); + daemon_log("message:\n$msg", 8); + + } + + # close socket in any case + if( $socket ) { + close $socket; + } + + return; +} + + sub open_socket { my ($PeerAddr, $PeerPort) = @_ ; if(defined($PeerPort)){ @@ -788,6 +977,8 @@ sub server_input { $error++; } + ###################### + # process incoming msg if( $error == 0 ) { my $header = @{$msg_hash->{header}}[0]; my $source = @{$msg_hash->{source}}[0]; @@ -797,19 +988,27 @@ sub server_input { daemon_log("found event '$header' at event-module '".$event_hash->{$header}."'", 5); no strict 'refs'; $answer = &{$event_hash->{$header}."::$header"}($msg, $msg_hash); - if( $header eq "registered") { - $REGISTERED_FLAG = $answer; - } - } + } +# else { +# # maybe header is a core function +# daemon_log("WARNING: no event assigned to msg $header", 5); +# if ($header eq 'new_ldap_config') { if ($ldap_enabled == 1) {&new_ldap_config($msg_hash)}} +# elsif ($header eq 'ping') { &got_ping($msg_hash) } +# elsif ($header eq 'wake_up') { &execute_event($msg_hash)} +# elsif ($header eq 'new_passwd') { &new_passwd()} +# elsif ($header eq 'compute_hardware') { &compute_hardware() } +# else { daemon_log("ERROR: no core function assigned to msg $header", 5) } +# } + } + + ######## + # answer + if( $answer ) { + if( $answer =~ "
registered
") { + $REGISTERED_FLAG = 0; + } else { - # maybe header is a core function - daemon_log("WARNING: no event assigned to msg $header", 5); - if ($header eq 'new_ldap_config') { if ($ldap_enabled == 1) {&new_ldap_config($msg_hash)}} - elsif ($header eq 'ping') { &got_ping($msg_hash) } - elsif ($header eq 'wake_up') { &execute_event($msg_hash)} - elsif ($header eq 'new_passwd') { &new_passwd()} - elsif ($header eq 'compute_hardware') { &compute_hardware() } - else { daemon_log("ERROR: no core function assigned to msg $header", 5) } + &send_msg_to_address($answer, $server_address, $server_key); } } @@ -827,7 +1026,7 @@ GetOptions("h|help" => \&usage, # read and set config parameters &check_cmdline_param ; -&read_configfile; +&read_configfile($cfg_file, %cfg_defaults); &check_pid; @@ -872,6 +1071,8 @@ $client_address = $client_ip.":".$client_port; # detect own ip and mac address my $network_interface= &get_interface_for_ip($client_ip); +daemon_log("Mac address at this point: $client_mac_address", 1); +daemon_log("Interface at this point: $network_interface", 1); $client_mac_address= &get_mac($network_interface); daemon_log("gosa-si-client ip address detected: $client_ip", 1); daemon_log("gosa-si-client mac address detected: $client_mac_address", 1);