![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e091947)
raw | patch | inline | side by side (parent: e091947)
| author | rettenbe <rettenbe@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Tue, 12 Feb 2008 17:13:13 +0000 (17:13 +0000) | ||
| committer | rettenbe <rettenbe@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Tue, 12 Feb 2008 17:13:13 +0000 (17:13 +0000) |
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@8878 594d385d-05f5-0310-b6e9-bd551577e9d8
| gosa-si/gosa-si-client | patch | blob | history | |
| gosa-si/gosa-si-server | patch | blob | history | |
| gosa-si/tests/client.php | patch | blob | history |
diff --git a/gosa-si/gosa-si-client b/gosa-si/gosa-si-client
index b573f13dee31f9ae0c0647b204123459fc812321..9b0374de264db0b450c8f716dd700f741b50a421 100755 (executable)
--- a/gosa-si/gosa-si-client
+++ b/gosa-si/gosa-si-client
$msg_hash = $xml->XMLin($msg, ForceArray=>1);
+ ##############
# check header
my $header_l = $msg_hash->{'header'};
if( 1 != @{$header_l} ) {
die 'header has length 0';
}
+ ##############
# check source
my $source_l = $msg_hash->{'source'};
if( 1 != @{$source_l} ) {
- die 'no or more sources specified';
+ die 'no or more than 1 sources specified';
}
my $source = @{$source_l}[0];
if( 0 == length $source) {
die 'source has length 0';
}
-
- # check target
+ unless( $source =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ ) {
+ die "source '$source' is neither a complete ip-address with port nor 'GOSA'";
+ }
+
+ ##############
+ # check target
my $target_l = $msg_hash->{'target'};
if( 1 != @{$target_l} ) {
- die 'no or more targets specified ';
+ die 'no or more than 1 targets specified ';
}
my $target = @{$target_l}[0];
if( 0 == length $target) {
die 'target has length 0 ';
}
-
+ unless( $target =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ ){
+ die "source is neither a complete ip-address with port nor 'GOSA'";
+ }
};
if($@) {
&main::daemon_log("WARNING: do not understand the message or msg is not gosa-si envelope conform:", 5);
&main::daemon_log("$@", 8);
+ $msg = undef;
+ $msg_hash = undef;
}
return ($msg, $msg_hash);
}
+sub check_outgoing_xml_validity {
+ my ($msg) = @_;
+
+ my $msg_hash;
+ eval{
+ $msg_hash = $xml->XMLin($msg, ForceArray=>1);
+
+ ##############
+ # check header
+ my $header_l = $msg_hash->{'header'};
+ if( 1 != @{$header_l} ) {
+ die 'no or more than one headers specified';
+ }
+ my $header = @{$header_l}[0];
+ if( 0 == length $header) {
+ die 'header has length 0';
+ }
+
+ ##############
+ # check source
+ my $source_l = $msg_hash->{'source'};
+ if( 1 != @{$source_l} ) {
+ die 'no or more than 1 sources specified';
+ }
+ my $source = @{$source_l}[0];
+ if( 0 == length $source) {
+ die 'source has length 0';
+ }
+ unless( $source =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ ||
+ $source =~ /^GOSA$/i ) {
+ die "source '$source' is neither a complete ip-address with port";
+ }
+
+ ##############
+ # check target
+ my $target_l = $msg_hash->{'target'};
+ if( 1 != @{$target_l} ) {
+ die "no or more than one targets specified";
+ }
+ foreach my $target (@$target_l) {
+ if( 0 == length $target) {
+ die "target has length 0";
+ }
+ unless( $target =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ ) {
+ die "target '$target' is not a complete ip-address with port or a valid target name";
+ }
+ }
+ };
+ if($@) {
+ daemon_log("WARNING: outgoing msg is not gosa-si envelope conform", 5);
+ daemon_log("$@ $msg", 8);
+ $msg_hash = undef;
+ }
+ return ($msg_hash);
+}
+
+
sub import_events {
if (not -e $event_dir) {
########
# answer
if( $answer ) {
- # preprocessing
- if( $answer =~ "<header>registered</header>") {
- # set registered flag to true to stop sending further registered msgs
- $REGISTERED = 1;
- }
- else {
- &send_msg_to_target($answer, $server_address, $server_key);
- }
- # postprocessing
- if( $answer =~ "<header>new_key</header>") {
- # set new key to global variable
- $answer =~ /<new_key>(\S*?)<\/new_key>/;
- my $new_key = $1;
- $server_key = $new_key;
+
+ #check gosa-si envelope validity
+ my $answer_hash = &check_outgoing_xml_validity($answer);
+
+ if( $answer_hash ) {
+ # answer is valid
+
+ # preprocessing
+ if( $answer =~ "<header>registered</header>") {
+ # set registered flag to true to stop sending further registered msgs
+ $REGISTERED = 1;
+ }
+ else {
+ &send_msg_to_target($answer, $server_address, $server_key);
+ }
+
+ # postprocessing
+ if( $answer =~ "<header>new_key</header>") {
+ # set new key to global variable
+ $answer =~ /<new_key>(\S*?)<\/new_key>/;
+ my $new_key = $1;
+ $server_key = $new_key;
+ }
}
+
}
return;
diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server
index 127d8b65ea6d0b28c4ace28db4e9932c01abf466..e3849b442ae309a6a56b12b402b7fffab0883c0a 100755 (executable)
--- a/gosa-si/gosa-si-server
+++ b/gosa-si/gosa-si-server
}
+sub check_outgoing_xml_validity {
+ my ($msg) = @_;
+
+ my $msg_hash;
+ eval{
+ $msg_hash = $xml->XMLin($msg, ForceArray=>1);
+
+ ##############
+ # check header
+ my $header_l = $msg_hash->{'header'};
+ if( 1 != @{$header_l} ) {
+ die 'no or more than one headers specified';
+ }
+ my $header = @{$header_l}[0];
+ if( 0 == length $header) {
+ die 'header has length 0';
+ }
+
+ ##############
+ # check source
+ my $source_l = $msg_hash->{'source'};
+ if( 1 != @{$source_l} ) {
+ die 'no or more than 1 sources specified';
+ }
+ my $source = @{$source_l}[0];
+ if( 0 == length $source) {
+ die 'source has length 0';
+ }
+ unless( $source =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ ||
+ $source =~ /^GOSA$/i ) {
+ die "source '$source' is neither a complete ip-address with port nor 'GOSA'";
+ }
+
+ ##############
+ # check target
+ my $target_l = $msg_hash->{'target'};
+ if( 0 == @{$target_l} ) {
+ die "no targets specified";
+ }
+ foreach my $target (@$target_l) {
+ if( 0 == length $target) {
+ die "target has length 0";
+ }
+ unless( $target =~ /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}:\d+$/ ||
+ $target =~ /^GOSA$/i ||
+ $target =~ /^\*$/ ||
+ $target =~ /KNOWN_SERVER/i ||
+ $target =~ /^([0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2}:[0-9a-f]{2})$/i ){
+ die "target '$target' is not a complete ip-address with port or a valid target name or a mac-address";
+ }
+ }
+ };
+ if($@) {
+ daemon_log("WARNING: outgoing msg is not gosa-si envelope conform", 5);
+ daemon_log("$@ $msg", 8);
+ $msg_hash = undef;
+ }
+
+ return ($msg_hash);
+}
+
+
sub input_from_known_server {
my ($input, $remote_ip) = @_ ;
my ($msg, $msg_hash, $module);
# check a key exists for this module
my $module_key = ${$mod."_key"};
if( ! $module_key ) {
+ if( $mod eq 'ArpHandler' ) {
+ next;
+ }
daemon_log("ERROR: no key specified in config file for $mod", 1);
next;
}
# msg is from a new client or gosa
($msg, $msg_hash, $module) = &input_from_unknown_host($input);
-
# msg is from a gosa-si-server or gosa-si-bus
if(( !$msg ) || ( !$msg_hash ) || ( !$module )){
($msg, $msg_hash, $module) = &input_from_known_server($input, $heap->{'remote_ip'});
}
-
# msg is from a gosa-si-client
if(( !$msg ) || ( !$msg_hash ) || ( !$module )){
($msg, $msg_hash, $module) = &input_from_known_client($input, $heap->{'remote_ip'});
}
-
# an error occurred
if(( !$msg ) || ( !$msg_hash ) || ( !$module )){
$error++;
# answer
if( $error == 0 ) {
- # for each answer in answer list
foreach my $answer ( @{$answer_l} ) {
-
- my $error = 0;
- # check answer if gosa-si envelope conform
- if(defined($answer)) {
- my $answer_hash = $xml->XMLin($answer, ForceArray=>1);
- $answer_header = @{$answer_hash->{'header'}}[0];
- @answer_target_l = @{$answer_hash->{'target'}};
- $answer_source = @{$answer_hash->{'source'}}[0];
- if( !$answer_header ) {
- daemon_log('ERROR: module answer is not gosa-si envelope conform: no header', 1);
- daemon_log("\n$answer", 8);
- $error++;
- }
- if( 0 == length @answer_target_l ) {
- daemon_log('ERROR: module answer is not gosa-si envelope conform: no targets', 1);
- daemon_log("\n$answer", 8);
- $error++;
- }
- if( !$answer_source ) {
- daemon_log('ERROR: module answer is not gosa-si envelope conform: no source', 1);
- daemon_log("\n$answer", 8);
- $error++;
- }
-
- if( $error != 0 ) {
- next;
- }
+ # for each answer in answer list
+
+ # check outgoing msg to xml validity
+ my $answer_hash = &check_outgoing_xml_validity($answer);
+ if( not defined $answer_hash ) {
+ next;
}
+
+ $answer_header = @{$answer_hash->{'header'}}[0];
+ @answer_target_l = @{$answer_hash->{'target'}};
+ $answer_source = @{$answer_hash->{'source'}}[0];
# deliver msg to all targets
foreach my $answer_target ( @answer_target_l ) {
index 4f07e45428a45df8a4c93051e710c031e8f9e55f..c0d3332d0344ffe11144fa77ed756dea1eda2ad9 100755 (executable)
--- a/gosa-si/tests/client.php
+++ b/gosa-si/tests/client.php
#$data = "<xml> <header>gosa_halt</header> <target>10.89.1.31:20083</target> <source>10.89.1.31:20081</source> </xml>";
#$data = "<xml> <header>gosa_new_key_for_client</header> <target>00:01:6c:9d:b9:fa</target> <source>10.89.1.31:20081</source> </xml>";
#$data = "<xml> <header>gosa_new_key_for_client</header> <target>00:0c:29:bd:7b:e7</target> <source>10.89.1.31:20081</source> </xml>";
-$data = "<xml> <header>gosa_new_key_for_client</header> <target>10.89.1.197:20083</target> <source>10.89.1.31:20081</source> </xml>";
+$data = "<xml> <header>gosa_new_key_for_client</header> <target>10.89.1.12:1234</target> <source>10.89.1.31:20081</source> </xml>";
#$data = "<xml> <header>gosa_new_key_for_client</header> <target>10.89.1.31:20083</target> <source>10.89.1.31:20081</source> </xml>";