From: rettenbe Date: Fri, 1 Aug 2008 14:37:24 +0000 (+0000) Subject: update: dak moved from server event module to client event module X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=26feae93c4f1ee12a5c7a2c3e425600ef17dd6dd;p=gosa.git update: dak moved from server event module to client event module git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@12108 594d385d-05f5-0310-b6e9-bd551577e9d8 --- diff --git a/gosa-si/gosa-si-client b/gosa-si/gosa-si-client index 76eb6718b..c62d230e6 100755 --- a/gosa-si/gosa-si-client +++ b/gosa-si/gosa-si-client @@ -89,6 +89,12 @@ my $trigger_logged_in_users_report_delay = 600; # directory where all log files from installation are stored my $fai_log_dir = "/tmp/fai"; +# dak variables +our $dak_base_directory; +our $dak_signing_keys_directory; +our $dak_queue_directory; +our $dak_user; + %cfg_defaults = ( "general" => {"log-file" => [\$log_file, "/var/run/".$prg.".log"], @@ -106,6 +112,10 @@ my $fai_log_dir = "/tmp/fai"; "nss-config" => [\$nss_config, "/etc/libnss-ldap.conf"], "fai-logpath" => [\$fai_logpath, "/var/log/fai/fai.log"], "force-hostname" => [\$client_force_hostname, "false"], + "dak-base" => [\$dak_base_directory, "/srv/archive"], + "dak-keyring" => [\$dak_signing_keys_directory, "/srv/archive/keyrings"], + "dak-queue" => [\$dak_queue_directory, "/srv/archive/queue"], + "dak-user" => [\$dak_user, "deb-dak"], }, "server" => { "ip" => [\$server_ip, "127.0.0.1"], diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server index 0b895da7d..831ca6f55 100755 --- a/gosa-si/gosa-si-server +++ b/gosa-si/gosa-si-server @@ -100,12 +100,6 @@ our $forground; our $cfg_file; our ($ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password, $ldap_server_dn); -# dak variables -our $dak_base_directory; -our $dak_signing_keys_directory; -our $dak_queue_directory; -our $dak_user; - # specifies the verbosity of the daemon_log $verbose = 0 ; @@ -242,10 +236,6 @@ my $max_children = 2; "job-queue-loop-delay" => [\$job_queue_loop_delay, 3], "messaging-db-loop-delay" => [\$messaging_db_loop_delay, 3], "key" => [\$GosaPackages_key, "none"], - "dak-base" => [\$dak_base_directory, "/srv/archive"], - "dak-keyring" => [\$dak_signing_keys_directory, "/srv/archive/keyrings"], - "dak-queue" => [\$dak_queue_directory, "/srv/archive/queue"], - "dak-user" => [\$dak_user, "deb-dak"], }, "ClientPackages" => { "key" => [\$ClientPackages_key, "none"], @@ -1112,6 +1102,11 @@ sub msg_to_decrypt { my $hostname = $res->{1}->{'hostname'}; $msg =~ s/$target<\/target>/$hostname<\/target>/; #print STDERR "target is a client address in known_clients -> process here\n"; + my $local_address = &get_local_ip_for_remote_ip($target_ip).":$server_port"; + if ($source eq "GOSA") { + $msg =~ s/<\/xml>/$local_address,$session_id<\/forward_to_gosa><\/xml>/; + } + } else { $not_found_in_known_clients_db = 1; } diff --git a/gosa-si/modules/GosaPackages.pm b/gosa-si/modules/GosaPackages.pm index d4104f6a3..3f5bc8ca2 100644 --- a/gosa-si/modules/GosaPackages.pm +++ b/gosa-si/modules/GosaPackages.pm @@ -32,6 +32,8 @@ $gosa_mac_address= &get_mac($network_interface); if( inet_aton($main::server_ip) ){ $main::server_ip = inet_ntoa(inet_aton($main::server_ip)); } $main::server_address = $main::server_ip.":".$main::server_port; + + # import local events my ($error, $result, $event_hash) = &import_events($event_dir); foreach my $log_line (@$result) { @@ -116,9 +118,26 @@ sub process_incoming_msg { } foreach my $out_msg ( @msg_l ) { - # substitute in all outgoing msg GOSA of $server_address - $out_msg =~ s/GOSA<\/source>/$main::server_address<\/source>/g; + # determine the correct outgoing source address to the corresponding target address + $out_msg =~ /(\S*)<\/target>/; + my $act_server_ip = &main::get_local_ip_for_remote_ip(sprintf("%s", $1 =~ /^([0-9\.]*?):.*$/)); + + # Patch the correct outgoing source address + if ($out_msg =~ /GOSA<\/source>/ ) { + $out_msg =~ s/GOSA<\/source>/$act_server_ip:$main::server_port<\/source>/g; + } + + # Patch the correct outgoing forward_to_gosa address + if ($out_msg =~ /(\S+),(\d+)<\/forward_to_gosa>/ ) { + $out_msg =~ s/\S+<\/forward_to_gosa>/$act_server_ip:$main::server_port,$session_id<\/forward_to_gosa>/; + } else { + $out_msg =~ s/<\/xml>/$act_server_ip:$main::server_port,$session_id<\/forward_to_gosa> <\/xml>/; + } + + # Add to each outgoing message the current POE session id $out_msg =~ s/<\/xml>/$session_id<\/session_id><\/xml>/; + + if (defined $out_msg){ push(@out_msg_l, $out_msg); } @@ -157,7 +176,6 @@ sub process_gosa_msg { # set error if no or more than 1 hits are found for sql query if ( $l != 1) { @out_msg_l = ('knownclienterror'); - # found exact 1 hit in db } else { my $client_events = $res->{'1'}->{'events'}; diff --git a/gosa-si/server/events/gosaTriggered.pm b/gosa-si/server/events/gosaTriggered.pm index dc18c5ccf..8bb7acc33 100644 --- a/gosa-si/server/events/gosaTriggered.pm +++ b/gosa-si/server/events/gosaTriggered.pm @@ -40,9 +40,9 @@ my @events = ( "send_user_msg", "get_available_kernel", "trigger_activate_new", - "get_dak_keyring", - "import_dak_key", - "remove_dak_key", +# "get_dak_keyring", +# "import_dak_key", +# "remove_dak_key", # "get_dak_queue", ); @EXPORT = @events; @@ -897,157 +897,157 @@ sub trigger_activate_new { } -sub get_dak_keyring { - my ($msg, $msg_hash) = @_; - my $source = @{$msg_hash->{'source'}}[0]; - my $target = @{$msg_hash->{'target'}}[0]; - my $header= @{$msg_hash->{'header'}}[0]; - my $session_id = @{$msg_hash->{'session_id'}}[0]; - - # build return message with twisted target and source - my $out_hash = &main::create_xml_hash("answer_$header", $target, $source); - &add_content2xml_hash($out_hash, "session_id", $session_id); - - my @keys; - my %data; - - my $keyring = $main::dak_signing_keys_directory."/keyring.gpg"; - - my $gpg_cmd = `which gpg`; chomp $gpg_cmd; - my $gpg = "$gpg_cmd --no-default-keyring --no-random-seed --keyring $keyring"; - - # Check if the keyrings are in place and readable - if( - &run_as($main::dak_user, "test -r $keyring")->{'resultCode'} != 0 - ) { - &add_content2xml_hash($out_hash, "error", "DAK Keyring is not readable"); - } else { - my $command = "$gpg --list-keys"; - my $output = &run_as($main::dak_user, $command); - &main::daemon_log("$session_id DEBUG: ".$output->{'command'}, 7); - - my $i=0; - foreach (@{$output->{'output'}}) { - if ($_ =~ m/^pub\s.*$/) { - ($keys[$i]->{'pub'}->{'length'}, $keys[$i]->{'pub'}->{'uid'}, $keys[$i]->{'pub'}->{'created'}) = ($1, $2, $3) - if $_ =~ m/^pub\s*?(\w*?)\/(\w*?)\s(\d{4}-\d{2}-\d{2})/; - $keys[$i]->{'pub'}->{'expires'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expires:\s(\d{4}-\d{2}-\d{2})\]/; - $keys[$i]->{'pub'}->{'expired'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expired:\s(\d{4}-\d{2}-\d{2})\]/; - } elsif ($_ =~ m/^sub\s.*$/) { - ($keys[$i]->{'sub'}->{'length'}, $keys[$i]->{'sub'}->{'uid'}, $keys[$i]->{'sub'}->{'created'}) = ($1, $2, $3) - if $_ =~ m/^sub\s*?(\w*?)\/(\w*?)\s(\d{4}-\d{2}-\d{2})/; - $keys[$i]->{'sub'}->{'expires'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expires:\s(\d{4}-\d{2}-\d{2})\]/; - $keys[$i]->{'sub'}->{'expired'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expired:\s(\d{4}-\d{2}-\d{2})\]/; - } elsif ($_ =~ m/^uid\s.*$/) { - push @{$keys[$i]->{'uid'}}, $1 if $_ =~ m/^uid\s*?([^\s].*?)$/; - } elsif ($_ =~ m/^$/) { - $i++; - } - } - } - - my $i=0; - foreach my $key (@keys) { - # &main::daemon_log(Dumper($key)); - &add_content2xml_hash($out_hash, "answer".$i++, $key); - } - my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0]; - if (defined $forward_to_gosa) { - &add_content2xml_hash($out_hash, "forward_to_gosa", $forward_to_gosa); - } - return &create_xml_string($out_hash); -} - - -sub import_dak_key { - my ($msg, $msg_hash) = @_; - my $source = @{$msg_hash->{'source'}}[0]; - my $target = @{$msg_hash->{'target'}}[0]; - my $header= @{$msg_hash->{'header'}}[0]; - my $session_id = @{$msg_hash->{'session_id'}}[0]; - my $key = &decode_base64(@{$msg_hash->{'key'}}[0]); - - # build return message with twisted target and source - my $out_hash = &main::create_xml_hash("answer_$header", $target, $source); - &add_content2xml_hash($out_hash, "session_id", $session_id); - - my %data; - - my $keyring = $main::dak_signing_keys_directory."/keyring.gpg"; - - my $gpg_cmd = `which gpg`; chomp $gpg_cmd; - my $gpg = "$gpg_cmd --no-default-keyring --no-random-seed --keyring $keyring"; - - # Check if the keyrings are in place and writable - if( - &run_as($main::dak_user, "test -w $keyring")->{'resultCode'} != 0 - ) { - &add_content2xml_hash($out_hash, "error", "DAK Keyring is not writable"); - } else { - my $keyfile; - open($keyfile, ">/tmp/gosa_si_tmp_dak_key"); - print $keyfile $key; - close($keyfile); - my $command = "$gpg --import /tmp/gosa_si_tmp_dak_key"; - my $output = &run_as($main::dak_user, $command); - &main::daemon_log("$session_id DEBUG: ".$output->{'command'}, 7); - unlink("/tmp/gosa_si_tmp_dak_key"); - - if($output->{'resultCode'} != 0) { - &add_content2xml_hash($out_hash, "error", "Import of DAK key failed! Output was '".$output->{'output'}."'"); - } else { - &add_content2xml_hash($out_hash, "answer", "Import of DAK key successfull! Output was '".$output->{'output'}."'"); - } - } - - my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0]; - if (defined $forward_to_gosa) { - &add_content2xml_hash($out_hash, "forward_to_gosa", $forward_to_gosa); - } - return &create_xml_string($out_hash); -} - - -sub remove_dak_key { - my ($msg, $msg_hash) = @_; - my $source = @{$msg_hash->{'source'}}[0]; - my $target = @{$msg_hash->{'target'}}[0]; - my $header= @{$msg_hash->{'header'}}[0]; - my $session_id = @{$msg_hash->{'session_id'}}[0]; - my $key = @{$msg_hash->{'keyid'}}[0]; - # build return message with twisted target and source - my $out_hash = &main::create_xml_hash("answer_$header", $target, $source); - &add_content2xml_hash($out_hash, "session_id", $session_id); - - my %data; - - my $keyring = $main::dak_signing_keys_directory."/keyring.gpg"; - - my $gpg_cmd = `which gpg`; chomp $gpg_cmd; - my $gpg = "$gpg_cmd --no-default-keyring --no-random-seed --homedir ".$main::dak_signing_keys_directory." --keyring $keyring"; - - # Check if the keyrings are in place and writable - if( - &run_as($main::dak_user, "test -w $keyring")->{'resultCode'} != 0 - ) { - &add_content2xml_hash($out_hash, "error", "DAK keyring is not writable"); - } else { - # Check if the key is present in the keyring - if(&run_as($main::dak_user, "$gpg --list-keys $key")->{'resultCode'} == 0) { - my $command = "$gpg --batch --yes --delete-key $key"; - my $output = &run_as($main::dak_user, $command); - &main::daemon_log("$session_id DEBUG: ".$output->{'command'}, 7); - } else { - &add_content2xml_hash($out_hash, "error", "DAK key with id '$key' was not found in keyring"); - } - } - - my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0]; - if (defined $forward_to_gosa) { - &add_content2xml_hash($out_hash, "forward_to_gosa", $forward_to_gosa); - } - return &create_xml_string($out_hash); -} +#sub get_dak_keyring { +# my ($msg, $msg_hash) = @_; +# my $source = @{$msg_hash->{'source'}}[0]; +# my $target = @{$msg_hash->{'target'}}[0]; +# my $header= @{$msg_hash->{'header'}}[0]; +# my $session_id = @{$msg_hash->{'session_id'}}[0]; +# +# # build return message with twisted target and source +# my $out_hash = &main::create_xml_hash("answer_$header", $target, $source); +# &add_content2xml_hash($out_hash, "session_id", $session_id); +# +# my @keys; +# my %data; +# +# my $keyring = $main::dak_signing_keys_directory."/keyring.gpg"; +# +# my $gpg_cmd = `which gpg`; chomp $gpg_cmd; +# my $gpg = "$gpg_cmd --no-default-keyring --no-random-seed --keyring $keyring"; +# +# # Check if the keyrings are in place and readable +# if( +# &run_as($main::dak_user, "test -r $keyring")->{'resultCode'} != 0 +# ) { +# &add_content2xml_hash($out_hash, "error", "DAK Keyring is not readable"); +# } else { +# my $command = "$gpg --list-keys"; +# my $output = &run_as($main::dak_user, $command); +# &main::daemon_log("$session_id DEBUG: ".$output->{'command'}, 7); +# +# my $i=0; +# foreach (@{$output->{'output'}}) { +# if ($_ =~ m/^pub\s.*$/) { +# ($keys[$i]->{'pub'}->{'length'}, $keys[$i]->{'pub'}->{'uid'}, $keys[$i]->{'pub'}->{'created'}) = ($1, $2, $3) +# if $_ =~ m/^pub\s*?(\w*?)\/(\w*?)\s(\d{4}-\d{2}-\d{2})/; +# $keys[$i]->{'pub'}->{'expires'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expires:\s(\d{4}-\d{2}-\d{2})\]/; +# $keys[$i]->{'pub'}->{'expired'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expired:\s(\d{4}-\d{2}-\d{2})\]/; +# } elsif ($_ =~ m/^sub\s.*$/) { +# ($keys[$i]->{'sub'}->{'length'}, $keys[$i]->{'sub'}->{'uid'}, $keys[$i]->{'sub'}->{'created'}) = ($1, $2, $3) +# if $_ =~ m/^sub\s*?(\w*?)\/(\w*?)\s(\d{4}-\d{2}-\d{2})/; +# $keys[$i]->{'sub'}->{'expires'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expires:\s(\d{4}-\d{2}-\d{2})\]/; +# $keys[$i]->{'sub'}->{'expired'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expired:\s(\d{4}-\d{2}-\d{2})\]/; +# } elsif ($_ =~ m/^uid\s.*$/) { +# push @{$keys[$i]->{'uid'}}, $1 if $_ =~ m/^uid\s*?([^\s].*?)$/; +# } elsif ($_ =~ m/^$/) { +# $i++; +# } +# } +# } +# +# my $i=0; +# foreach my $key (@keys) { +# # &main::daemon_log(Dumper($key)); +# &add_content2xml_hash($out_hash, "answer".$i++, $key); +# } +# my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0]; +# if (defined $forward_to_gosa) { +# &add_content2xml_hash($out_hash, "forward_to_gosa", $forward_to_gosa); +# } +# return &create_xml_string($out_hash); +#} +# +# +#sub import_dak_key { +# my ($msg, $msg_hash) = @_; +# my $source = @{$msg_hash->{'source'}}[0]; +# my $target = @{$msg_hash->{'target'}}[0]; +# my $header= @{$msg_hash->{'header'}}[0]; +# my $session_id = @{$msg_hash->{'session_id'}}[0]; +# my $key = &decode_base64(@{$msg_hash->{'key'}}[0]); +# +# # build return message with twisted target and source +# my $out_hash = &main::create_xml_hash("answer_$header", $target, $source); +# &add_content2xml_hash($out_hash, "session_id", $session_id); +# +# my %data; +# +# my $keyring = $main::dak_signing_keys_directory."/keyring.gpg"; +# +# my $gpg_cmd = `which gpg`; chomp $gpg_cmd; +# my $gpg = "$gpg_cmd --no-default-keyring --no-random-seed --keyring $keyring"; +# +# # Check if the keyrings are in place and writable +# if( +# &run_as($main::dak_user, "test -w $keyring")->{'resultCode'} != 0 +# ) { +# &add_content2xml_hash($out_hash, "error", "DAK Keyring is not writable"); +# } else { +# my $keyfile; +# open($keyfile, ">/tmp/gosa_si_tmp_dak_key"); +# print $keyfile $key; +# close($keyfile); +# my $command = "$gpg --import /tmp/gosa_si_tmp_dak_key"; +# my $output = &run_as($main::dak_user, $command); +# &main::daemon_log("$session_id DEBUG: ".$output->{'command'}, 7); +# unlink("/tmp/gosa_si_tmp_dak_key"); +# +# if($output->{'resultCode'} != 0) { +# &add_content2xml_hash($out_hash, "error", "Import of DAK key failed! Output was '".$output->{'output'}."'"); +# } else { +# &add_content2xml_hash($out_hash, "answer", "Import of DAK key successfull! Output was '".$output->{'output'}."'"); +# } +# } +# +# my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0]; +# if (defined $forward_to_gosa) { +# &add_content2xml_hash($out_hash, "forward_to_gosa", $forward_to_gosa); +# } +# return &create_xml_string($out_hash); +#} +# +# +#sub remove_dak_key { +# my ($msg, $msg_hash) = @_; +# my $source = @{$msg_hash->{'source'}}[0]; +# my $target = @{$msg_hash->{'target'}}[0]; +# my $header= @{$msg_hash->{'header'}}[0]; +# my $session_id = @{$msg_hash->{'session_id'}}[0]; +# my $key = @{$msg_hash->{'keyid'}}[0]; +# # build return message with twisted target and source +# my $out_hash = &main::create_xml_hash("answer_$header", $target, $source); +# &add_content2xml_hash($out_hash, "session_id", $session_id); +# +# my %data; +# +# my $keyring = $main::dak_signing_keys_directory."/keyring.gpg"; +# +# my $gpg_cmd = `which gpg`; chomp $gpg_cmd; +# my $gpg = "$gpg_cmd --no-default-keyring --no-random-seed --homedir ".$main::dak_signing_keys_directory." --keyring $keyring"; +# +# # Check if the keyrings are in place and writable +# if( +# &run_as($main::dak_user, "test -w $keyring")->{'resultCode'} != 0 +# ) { +# &add_content2xml_hash($out_hash, "error", "DAK keyring is not writable"); +# } else { +# # Check if the key is present in the keyring +# if(&run_as($main::dak_user, "$gpg --list-keys $key")->{'resultCode'} == 0) { +# my $command = "$gpg --batch --yes --delete-key $key"; +# my $output = &run_as($main::dak_user, $command); +# &main::daemon_log("$session_id DEBUG: ".$output->{'command'}, 7); +# } else { +# &add_content2xml_hash($out_hash, "error", "DAK key with id '$key' was not found in keyring"); +# } +# } +# +# my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0]; +# if (defined $forward_to_gosa) { +# &add_content2xml_hash($out_hash, "forward_to_gosa", $forward_to_gosa); +# } +# return &create_xml_string($out_hash); +#} #sub get_dak_queue { diff --git a/gosa-si/tests/client.php b/gosa-si/tests/client.php index 4c507336f..ff516f48c 100755 --- a/gosa-si/tests/client.php +++ b/gosa-si/tests/client.php @@ -156,7 +156,7 @@ for($count = 1; $count <= $zahl; $count++) ######################### # Mailqueue communication - $data = "
gosa_mailqueue_query
GOSA 00:01:6c:9d:b9:fa "; + #$data = "
gosa_mailqueue_query
GOSA 00:01:6c:9d:b9:fa "; # multiple xml tags msg_id are allowed #$data = "
gosa_mailqueue_hold
GOSA 00:01:6c:9d:b9:fa 99C8ABEF23 "; @@ -167,8 +167,11 @@ for($count = 1; $count <= $zahl; $count++) # only one xml tag msg_id is allowed #$data = "
gosa_mailqueue_header
GOSA 00:01:6c:9d:b9:fa 99E92BEF2B "; - - + ######################## + # DAK Debian Archive Kit + #$data = "
gosa_get_dak_keyring
GOSA 00:01:6c:9d:b9:fa "; + #$data = "
gosa_import_dak_key
GOSA 00:01:6c:9d:b9:fa "; + $data = "
gosa_remove_dak_key
GOSA 00:01:6c:9d:b9:fa "; $sock->write($data); $answer = "nothing";