![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c896798)
raw | patch | inline | side by side (parent: c896798)
| author | rettenbe <rettenbe@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Mon, 21 Sep 2009 07:46:21 +0000 (07:46 +0000) | ||
| committer | rettenbe <rettenbe@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Mon, 21 Sep 2009 07:46:21 +0000 (07:46 +0000) |
* rename of read_configfile function within krb5 plugin
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@14295 594d385d-05f5-0310-b6e9-bd551577e9d8
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@14295 594d385d-05f5-0310-b6e9-bd551577e9d8
| gosa-si/client/events/corefunctions.pm | patch | blob | history | |
| gosa-si/client/events/krb5.pm | patch | blob | history | |
| gosa-si/gosa-si-client | patch | blob | history |
index 04cb8a8bfe32549c5167e28d2c311842dc149029..8c599849fdbe7c91c29c8f8478b61a4cb4a248c6 100644 (file)
$main::client_address = $target;
# set registration_flag to true
- my $out_hash = &create_xml_hash("registered", $main::client_address, $main::server_address);
- # Write the MAC address to file
+ $main::REGISTERED = 1;
+
+ # Write the MAC address to file
if(stat($main::opts_file)) {
- unlink($main::opts_file);
+ unlink($main::opts_file);
}
my $opts_file_FH;
}
close($opts_file_FH);
- my $out_msg = &create_xml_string($out_hash);
- return $out_msg;
+ return;
}
sub server_leaving {
open (FILE, "+>$syslog_file");
print FILE join("", @file);
close FILE;
- &main::daemon_log("INFO: wrote new configuration file: $syslog_file", 5);
+ &main::daemon_log("INFO: Wrote new configuration file: $syslog_file", 5);
# Restart syslog deamon
my $res = qx(/etc/init.d/sysklogd restart);
open (FILE, ">$chrony_file");
print FILE join("", @new_file);
close FILE;
- &main::daemon_log("INFO: wrote new configuration file: $chrony_file", 5);
+ &main::daemon_log("INFO: Wrote new configuration file: $chrony_file", 5);
# Restart chrony deamon
my $res = qx(/etc/init.d/chrony force-reload);
print file1 "$element\n";
}
close (file1);
- daemon_log("wrote $ldap_config", 5);
+ daemon_log("INFO: Wrote $ldap_config", 5);
# Setup pam_ldap.conf / libnss-ldap.conf
open(file1, "> $pam_config");
print file2 "$element\n";
}
close (file2);
- daemon_log("wrote $nss_config", 5);
+ daemon_log("INFO: Wrote $nss_config", 5);
close (file1);
- daemon_log("wrote $pam_config", 5);
+ daemon_log("INFO: Wrote $pam_config", 5);
# Create goto.secrets if told so - for compatibility reasons
if (defined $goto_admin){
open(file1, "> /etc/goto/secret");
print file1 "GOTOADMIN=\"$goto_admin\"\nGOTOSECRET=\"$goto_secret\"\n";
close(file1);
- daemon_log("wrote /etc/goto/secret", 5);
+ daemon_log("INFO: Wrote /etc/goto/secret", 5);
}
# Write shell based config
print file1 "UNIT_TAG=\"".(defined $unit_tag ? "$unit_tag" : "")."\"\n";
print file1 "UNIT_TAG_FILTER=\"".(defined $unit_tag ? "(gosaUnitTag=$unit_tag)" : "")."\"\n";
close(file1);
- daemon_log("wrote $cfg_name", 5);
+ daemon_log("INFO: Wrote $cfg_name", 5);
# Write offline config
if ($offline_enabled){
print file1 "UNIT_TAG=\"".(defined $unit_tag ? "$unit_tag" : "")."\"\n";
print file1 "UNIT_TAG_FILTER=\"".(defined $unit_tag ? "(gosaUnitTag=$unit_tag)" : "")."\"\n";
close(file1);
- daemon_log("wrote $cfg_name", 5);
+ daemon_log("INFO: Wrote $cfg_name", 5);
}
# Set permissions and ownership structure of
sub new_key {
- # my ($msg_hash) = @_ ;
+
+ # Create new key
my $new_server_key = &main::create_passwd();
- my $out_hash = &create_xml_hash("new_key", $main::client_address, $main::server_address, $new_server_key);
- my $out_msg = &create_xml_string($out_hash);
+ # Send new_key message to server
+ my $errSend = &main::send_msg_hash_to_target(
+ &main::create_xml_hash("new_key", $main::client_address, $main::server_address, $new_server_key),
+ $main::server_address,
+ $main::server_key,
+ );
- # set global $NEW_KEY_FLAG, gosa-si-client cause a reregistering process if no 'confirm_new_key'-msg
- # comes from gosa-si-server within a given time
-
+ # Set global key
+ if (not $errSend) {
+ $main::server_key = $new_server_key;
+ }
- return $out_msg;
+ return;
}
sub confirm_new_key {
my ($msg, $msg_hash) = @_ ;
- my $header = @{$msg_hash->{'header'}}[0];
- my $target = @{$msg_hash->{'target'}}[0];
my $source = @{$msg_hash->{'source'}}[0];
&main::daemon_log("confirm new key from $source", 5);
index efe993f3859e0c4dddd1eabc94a7d6afec1a745f..c0cc930a6af67e0c82737a8ac1cf49abdafabbfb 100644 (file)
"password" => [\$krb_password, ""],
},
);
-&read_configfile($main::cfg_file, %cfg_defaults);
+&krb5_read_configfile($main::cfg_file, %cfg_defaults);
-sub read_configfile {
+sub krb5_read_configfile {
my ($cfg_file, %cfg_defaults) = @_;
my $cfg;
diff --git a/gosa-si/gosa-si-client b/gosa-si/gosa-si-client
index 7e38a20830fc145430a63727192149d14df85b35..e8d37fe34225ed12c2b6803742eedfd1cad81fb3 100755 (executable)
--- a/gosa-si/gosa-si-client
+++ b/gosa-si/gosa-si-client
# DESCRIPTION:
#===============================================================================
sub register_at_gosa_si_server {
- my ($kernel) = $_[KERNEL];
- my $try_to_register = 0;
-
- # if client is already registered, stop registration process
- if ($REGISTERED) {
- $kernel->delay('register_at_gosa_si_server');
+ my ($kernel) = $_[KERNEL];
+ my $try_to_register = 0;
- # client is not registered, start registration process
+ if ($REGISTERED) {
+ # Client is already registered, clear all other registration events
+ $kernel->delay('register_at_gosa_si_server');
} else {
- # clear all other triggered events and wait till registration was successful
- $kernel->delay('trigger_new_key');
+ # Client is not registered, start registration process
+ # Clear all other events and wait till registration was successful
+ $kernel->delay('register_at_gosa_si_server');
+ $kernel->delay('trigger_new_key');
- # create new passwd and ciphering object for client-server communication
- $server_key = &create_passwd();
+ # Create new passwd and ciphering object for client-server communication
+ $server_key = &create_passwd();
- my $events = join( ",", keys %{$event_hash} );
- while(1) {
- $try_to_register++;
+ my $events = join( ",", keys %{$event_hash} );
+ while(1) {
+ $try_to_register++;
- # after one complete round through all server, stop trying to register
- if( $try_to_register > @servers ) { last; }
+ # after one complete round through all server, stop trying to register
+ if( $try_to_register > @servers ) { last; }
- # fetch first gosa-si-server from @servers
- # append shifted gosa-si-server at the end of @servers, so looking for servers never stop if
- # a registration never occured
- my $server = shift(@servers);
- push( @servers, $server );
+ # fetch first gosa-si-server from @servers
+ # append shifted gosa-si-server at the end of @servers, so looking for servers never stop if
+ # a registration never occured
+ my $server = shift(@servers);
+ push( @servers, $server );
- # Check if our ip is resolvable - if not: don't try to register
+ # Check if $server is a valid server address
if(!(defined($server) && $server =~ m/^[0-9\.]*?:.*$/)) {
&main::daemon_log("ERROR: Server with address '".defined($server)?$server:""."' is invalid!", 1);
if (length(@servers) == 1) {
}
}
- # Check if our ip is resolvable - if not: don't try to register
- my $ip= &get_local_ip_for_remote_ip(sprintf("%s", $server =~ /^([0-9\.]*?):.*$/));
- my $dnsname= gethostbyaddr(inet_aton($ip), AF_INET);
- if(!defined($dnsname)) {
- if( defined($client_force_hostname) && $client_force_hostname eq "true") {
- $dnsname = `hostname`;
- } else {
- &write_to_file("goto-error-dns:$ip", $fai_logpath);
- &main::daemon_log("ERROR: ip is not resolvable, no registration possible. Write 'goto-error-dns:$ip' to $fai_logpath", 1);
- exit(1);
- }
- }
+ # Check if our ip is resolvable - if not: don't try to register
+ my $ip= &get_local_ip_for_remote_ip(sprintf("%s", $server =~ /^([0-9\.]*?):.*$/));
+ my $dnsname= gethostbyaddr(inet_aton($ip), AF_INET);
+ if(!defined($dnsname)) {
+ if( defined($client_force_hostname) && $client_force_hostname eq "true") {
+ $dnsname = `hostname`;
+ } else {
+ &write_to_file("goto-error-dns:$ip", $fai_logpath);
+ &main::daemon_log("ERROR: ip is not resolvable, no registration possible. Write 'goto-error-dns:$ip' to $fai_logpath", 1);
+ exit(1);
+ }
+ }
- # create registration msg
+ # create registration msg
my $local_ip = &get_local_ip_for_remote_ip(sprintf("%s", $server =~ /^([0-9\.]*?):.*$/));
my $local_mac = &get_local_mac_for_remote_ip(sprintf("%s", $server =~ /^([0-9\.]*?):.*$/));
my $register_hash = &create_xml_hash("here_i_am", $local_ip.":".$client_port, $server);
&add_content2xml_hash($register_hash, "new_passwd", $server_key);
&add_content2xml_hash($register_hash, "mac_address", $local_mac);
&add_content2xml_hash($register_hash, "events", $events);
- &add_content2xml_hash($register_hash, "client_status", $client_status);
- &add_content2xml_hash($register_hash, "client_revision", $client_revision);
+ &add_content2xml_hash($register_hash, "client_status", $client_status);
+ &add_content2xml_hash($register_hash, "client_revision", $client_revision);
&add_content2xml_hash($register_hash, "gotoHardwareChecksum", $gotoHardwareChecksum);
- &add_content2xml_hash($register_hash, "key_lifetime", $server_key_lifetime);
+ &add_content2xml_hash($register_hash, "key_lifetime", $server_key_lifetime);
# Add $HOSTNAME from ENV if force-hostname is set
if( defined($client_force_hostname) && $client_force_hostname eq "true") {
}
}
- # send xml hash to server with general server passwd
+ # send xml hash to server with general server passwd
my $res = &send_msg_hash_to_target($register_hash, $server, $default_server_key);
- # if delivery of registration msg succeed
+ # if delivery of registration msg succeed
if($res eq "0") {
- # reset try_to_register
+ # reset try_to_register
$try_to_register = 0;
- # Set fixed client address and mac address
+ # Set fixed client address and mac address
$client_ip= &get_local_ip_for_remote_ip(sprintf("%s", $server =~ /^([0-9\.]*?):.*$/));
$client_address= "$client_ip:$client_port";
$client_mac_address = $local_mac;
$client_dnsname = $dnsname;
- last;
+ last;
- # delivery of registration msg failed
+ # delivery of registration msg failed
} else {
- # wait 1 sec until trying to register again
+ # wait 1 sec until trying to register again
sleep(1);
next;
}
- } # end of while
- # one circle through all servers finished and no registration succeed
- if ( $try_to_register >= @servers ) {
+ } # end of while
+
+ if ( $try_to_register >= @servers ) {
+ # One circle through all servers finished and no registration succeed
&write_to_file("gosa-si-no-server-available", $fai_logpath);
- $kernel->delay_set('register_at_gosa_si_server', $delay_set_time);
-
- # delivery of registraion msg succeed, waiting for server response
- } else {
+ } else {
+ # Delivery of registraion msg succeed, waiting for server response
daemon_log("INFO: waiting for msg 'register_at_gosa_si_server'",5);
- $kernel->delay_set('register_at_gosa_si_server', $delay_set_time);
- # clear old settings and set it again
+ # Clear old settings and set it again
$kernel->delay('trigger_new_key');
$kernel->delay_set('trigger_new_key', $server_key_lifetime);
- }
+ }
- }
- return;
+ # Set waiting time for 'register_at_gosa_si_server'-event
+ $kernel->delay_set('register_at_gosa_si_server', $delay_set_time);
+ }
+ return;
}
if( (!$msg) || (!$msg_hash) ) {
daemon_log("WARNING: Deciphering of incoming msg failed", 3);
if($server_address =~ /$remote_ip/) {
- # got a msg from gosa-si-server which can not be decrypted, may the secrete not up-to-date
+ # Got a msg from gosa-si-server which can not be decrypted, the secrete is not up-to-date
# cause a reregistering with a new secrete handshake
- daemon_log("WARNING: Message from gosa-si-server could not be understood, cause reregistering at server", 3);
-
- # if client is alread in a registration process, that means not registered, do nothing
- # if not, cause re-registration
-# TODO : This if-else can cause a registration deadlock. Currently I can not reproduce the deadlock and don't have a clue what is the reason for the deadlock
- if (not $REGISTERED) {
- &daemon_log("WARNING: gosa-si-client is already in a registration process so ignore this message", 3);
- } else {
- $REGISTERED = 0;
- $kernel->post('client_session', 'register_at_gosa_si_server');
- }
+ daemon_log("ERROR: Message from gosa-si-server could not be understood, cause reregistering at server", 1);
+ daemon_log("INFO: Set status of si-client to unregistered and throw new registering event", 5);
+ $REGISTERED = 0;
+ $kernel->post('client_session', 'register_at_gosa_si_server');
}
$error++;
}
# Check gosa-si envelope validity
my $answer_hash = &check_outgoing_xml_validity($answer);
- if( $answer_hash )
- {
- # Answer is valid
- # Pre-sending
- if( $answer =~ "<header>registered</header>")
- {
- # Set registered flag to true to stop sending further registered msgs
- $REGISTERED = 1;
- }
- else
- {
- $answer =~ /<header>(\S+)<\/header>/;
- &send_msg_to_target($answer, $server_address, $server_key, $1);
- }
-
- # Post-sending
- if( $answer =~ "<header>new_key</header>")
- {
- # Set new key to global variable
- $answer =~ /<new_key>(\S*?)<\/new_key>/;
- my $new_key = $1;
- $server_key = $new_key;
- }
- }
-
+ # If answer is valid go ahead
+ if( not defined $answer_hash ) { return; }
+
+ # Sending
+ $answer =~ /<header>(\S+)<\/header>/;
+ &send_msg_to_target($answer, $server_address, $server_key, $1);
+
return;
}