From: rettenbe Date: Wed, 6 Feb 2008 14:33:25 +0000 (+0000) Subject: bugfix: server - bus communication X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=37928944b4c50e1b7c7f07dcbb75e2d42046a97b;p=gosa.git bugfix: server - bus communication git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@8758 594d385d-05f5-0310-b6e9-bd551577e9d8 --- diff --git a/gosa-si/bus.conf b/gosa-si/bus.conf index 7ca56e906..c6ba710a7 100644 --- a/gosa-si/bus.conf +++ b/gosa-si/bus.conf @@ -8,6 +8,6 @@ child_timeout = 10 [bus] bus_activ = on bus_passwd = secret-bus-password -bus_ip = 127.0.0.1 +bus_ip = 10.89.1.31 bus_port = 20080 diff --git a/gosa-si/gosa-si-bus b/gosa-si/gosa-si-bus index 2c7be1ac5..e69560e55 100755 --- a/gosa-si/gosa-si-bus +++ b/gosa-si/gosa-si-bus @@ -38,7 +38,7 @@ use GOSA::GosaSupportDaemon; use GOSA::DBsqlite; my ($cfg_file, $default_cfg_file, %cfg_defaults, $foreground, $verbose); -my ($bus_activ, $bus_passwd, $bus_ip, $bus_port, $bus_address, $bus, $bus_mac_address, $network_interface); +my ($bus_activ, $bus_key, $bus_ip, $bus_port, $bus_address, $bus, $bus_mac_address, $network_interface); my ($pid_file, $procid, $pid, $log_file, $my_own_address); my (%free_child, %busy_child, $child_max, $child_min, %child_alive_time, $child_timeout); my ($bus_known_server_db, $bus_known_server_file_name); @@ -57,7 +57,7 @@ $foreground = 0 ; }, "bus" => {"bus_activ" => [\$bus_activ, "on"], - "bus_passwd" => [\$bus_passwd, ""], + "bus_passwd" => [\$bus_key, ""], "bus_ip" => [\$bus_ip, "0.0.0.0"], "bus_port" => [\$bus_port, "20080"], } @@ -507,6 +507,80 @@ sub get_processing_child { } } +#=== FUNCTION ================================================================ +# NAME: open_socket +# PARAMETERS: PeerAddr string something like 192.168.1.1 or 192.168.1.1:10000 +# [PeerPort] string necessary if port not appended by PeerAddr +# RETURNS: socket IO::Socket::INET +# DESCRIPTION: open a socket to PeerAddr +#=============================================================================== +sub open_socket { + my ($PeerAddr, $PeerPort) = @_ ; + if(defined($PeerPort)){ + $PeerAddr = $PeerAddr.":".$PeerPort; + } + my $socket; + $socket = new IO::Socket::INET(PeerAddr => $PeerAddr, + Porto => "tcp", + Type => SOCK_STREAM, + Timeout => 5, + ); + if(not defined $socket) { + return; + } + &daemon_log("open_socket: $PeerAddr", 7); + return $socket; +} + + +sub send_msg_hash2address { + my ($msg_hash, $address, $encrypt_key) = @_ ; + my $msg = &create_xml_string($msg_hash); + my $header = @{$msg_hash->{'header'}}[0]; + &send_msg_to_target($msg, $address, $encrypt_key, $header); + + return; +} + + +sub send_msg_to_target { + my ($msg, $address, $encrypt_key, $msg_header) = @_ ; + my $error = 0; + + if( $msg_header ) { + $msg_header = "'$msg_header'-"; + } + else { + $msg_header = ""; + } + + # encrypt xml msg + my $crypted_msg = &encrypt_msg($msg, $encrypt_key); + + # opensocket + my $socket = &open_socket($address); + if( !$socket ) { + daemon_log("cannot send ".$msg_header."msg to $address , host not reachable", 1); + $error++; + } + + if( $error == 0 ) { + # send xml msg + print $socket $crypted_msg."\n"; + + daemon_log("send ".$msg_header."msg to $address", 1); + daemon_log("message:\n$msg", 8); + + } + + # close socket in any case + if( $socket ) { + close $socket; + } + + return; +} + #=== FUNCTION ================================================================ # NAME: process_incoming_msg @@ -531,12 +605,11 @@ sub process_incoming_msg { # check wether incoming msg is a new msg $host_name = $bus_address; - $host_key = $bus_passwd; + $host_key = $bus_key; daemon_log("process_incoming_msg: host_name: $host_name", 7); daemon_log("process_incoming_msg: host_key: $host_key", 7); eval{ - my $key_cipher = &create_ciphering($host_key); - $msg = &decrypt_msg($crypted_msg, $key_cipher); + $msg = &decrypt_msg($crypted_msg, $host_key); $msg_hash = &transform_msg2hash($msg); }; if($@) { @@ -561,8 +634,7 @@ sub process_incoming_msg { daemon_log("process_incoming_msg: host_name: $host_name", 7); daemon_log("process_incoming_msg: host_key: $host_key", 7); eval{ - my $key_cipher = &create_ciphering($host_key); - $msg = &decrypt_msg($crypted_msg, $key_cipher); + $msg = &decrypt_msg($crypted_msg, $host_key); $msg_hash = &transform_msg2hash($msg); }; if($@) { @@ -679,6 +751,12 @@ sub create_passwd { } + + + + + + #=== FUNCTION ================================================================ # NAME: read_from_socket # PARAMETERS: socket - fh - filehandel to read from @@ -728,14 +806,14 @@ sub here_i_am { primkey=>"hostname", hostname=>$source, status=>"registered", - hostkey=>$bus_passwd, + hostkey=>$bus_key, clients=>"", }; $bus_known_server_db->add_dbentry($add_hash); # create outgoing msg - my $out_hash = &create_xml_hash("new_passwd", $bus_address, $source, $new_key); - &send_msg_hash2address($out_hash, $source, $bus_passwd); + my $out_hash = &create_xml_hash("new_key", $bus_address, $source, $new_key); + &send_msg_hash2address($out_hash, $source, $bus_key); # change hostkey, reason my $where_str= " WHERE hostname='$source'"; @@ -905,7 +983,7 @@ $bus_address = "$bus_ip:$bus_port"; $xml = new XML::Simple(); # create cipher object -$bus_cipher = &create_ciphering($bus_passwd); +$bus_cipher = &create_ciphering($bus_key); $bus_address = "$bus_ip:$bus_port"; # create reading and writing vectors @@ -927,7 +1005,7 @@ if($bus_activ eq "on") { # add bus to known_daemons #&create_known_daemons_entry($bus_address); -#&update_known_daemons_entry(hostname=>$bus_address, status=>"bus", passwd=>$bus_passwd); +#&update_known_daemons_entry(hostname=>$bus_address, status=>"bus", passwd=>$bus_key); while(1) { diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server index 29a526509..777e5feee 100755 --- a/gosa-si/gosa-si-server +++ b/gosa-si/gosa-si-server @@ -58,7 +58,7 @@ my ($xml); # variables declared in config file are always set to 'our' our (%cfg_defaults, $log_file, $pid_file, - $bus_activ, $bus_passwd, $bus_ip, $bus_port, + $bus_activ, $bus_key, $bus_ip, $bus_port, $server_activ, $server_ip, $server_port, $SIPackages_key, $max_clients, $arp_activ, $arp_fifo_path, $gosa_activ, $GosaPackages_key, $gosa_ip, $gosa_port, $gosa_timeout, @@ -112,7 +112,7 @@ our $known_clients_db; }, "bus" => {"bus_activ" => [\$bus_activ, "on"], - "bus_passwd" => [\$bus_passwd, ""], + "bus_passwd" => [\$bus_key, ""], "bus_ip" => [\$bus_ip, "0.0.0.0"], "bus_port" => [\$bus_port, "20080"], }, @@ -445,23 +445,26 @@ sub input_from_known_server { my $sql_statement= "SELECT * FROM known_server"; my $query_res = $known_server_db->select_dbentry( $sql_statement ); + while( my ($hit_num, $hit) = each %{ $query_res } ) { my $host_name = $hit->{hostname}; if( not $host_name =~ "^$remote_ip") { next; } my $host_key = $hit->{hostkey}; - daemon_log("SIPackages: host_name: $host_name", 7); - daemon_log("SIPackages: host_key: $host_key", 7); + daemon_log("SIPackages: known_server host_name: $host_name", 7); + daemon_log("SIPackages: known_server host_key: $host_key", 7); # check if module can open msg envelope with module key - my ($msg, $msg_hash) = &check_key_and_xml_validity($input, $host_key); - if( (!$msg) || (!$msg_hash) ) { + my ($tmp_msg, $tmp_msg_hash) = &check_key_and_xml_validity($input, $host_key); + if( (!$tmp_msg) || (!$tmp_msg_hash) ) { daemon_log("SIPackages: deciphering raise error", 7); daemon_log("$@", 8); next; } else { + $msg = $tmp_msg; + $msg_hash = $tmp_msg_hash; $module = "SIPackages"; last; } @@ -487,8 +490,8 @@ sub input_from_known_client { next; } my $host_key = $hit->{hostkey}; - &daemon_log("SIPackages: host_name: $host_name", 7); - &daemon_log("SIPackages: host_key: $host_key", 7); + &daemon_log("SIPackages: known_client host_name: $host_name", 7); + &daemon_log("SIPackages: known_client host_key: $host_key", 7); # check if module can open msg envelope with module key ($msg, $msg_hash) = &check_key_and_xml_validity($input, $host_key); @@ -589,14 +592,14 @@ sub get_encrypt_key { # target can be in known_server if( !$encrypt_key ) { - my $sql_statement= "SELECT * FROM known_server"; + my $sql_statement= "SELECT * FROM known_server WHERE hostname='$target'"; my $query_res = $known_server_db->select_dbentry( $sql_statement ); while( my ($hit_num, $hit) = each %{ $query_res } ) { my $host_name = $hit->{hostname}; if( $host_name ne $target ) { next; } - my $host_key = $hit->{hostkey}; + $encrypt_key = $hit->{hostkey}; last; } } @@ -604,7 +607,7 @@ sub get_encrypt_key { # target can be in known_client if( !$encrypt_key ) { - my $sql_statement= "SELECT * FROM known_clients"; + my $sql_statement= "SELECT * FROM known_clients WHERE hostname='$target'"; my $query_res = $known_clients_db->select_dbentry( $sql_statement ); while( my ($hit_num, $hit) = each %{ $query_res } ) { my $host_name = $hit->{hostname}; @@ -700,7 +703,8 @@ sub client_input { my ($answer_header, @answer_target_l, $answer_source); my $client_answer; - daemon_log("Incoming msg:\n$input\n", 8); + daemon_log("Incoming msg from '".$heap->{'remote_ip'}."'", 7); + daemon_log("\n$input", 8); # msg is from a new client or gosa ($msg, $msg_hash, $module) = &input_from_unknown_host($input); @@ -748,14 +752,17 @@ sub client_input { $answer_source = @{$answer_hash->{'source'}}[0]; if( !$answer_header ) { daemon_log('ERROR: module answer is not gosa-si envelope conform: no header', 1); + daemon_log("\n$answer", 8); $error++; } if( 0 == length @answer_target_l ) { daemon_log('ERROR: module answer is not gosa-si envelope conform: no targets', 1); + daemon_log("\n$answer", 8); $error++; } if( !$answer_source ) { daemon_log('ERROR: module answer is not gosa-si envelope conform: no source', 1); + daemon_log("\n$answer", 8); $error++; } @@ -797,6 +804,7 @@ sub client_input { my $encrypt_key = &get_encrypt_key($answer_target); if( !$encrypt_key ) { daemon_log("ERROR: no encrypt key found for answer target '$answer_target'", 1); + daemon_log("\n$answer", 8); next; } # send_msg @@ -957,15 +965,9 @@ my @server_col_names = ('hostname', 'status', 'hostkey', 'timestamp'); $known_server_db = GOSA::DBsqlite->new($known_server_file_name); $known_server_db->create_table('known_server', \@server_col_names); -# import all modules -&import_modules; - -# check wether all modules are gosa-si valid passwd check - # create xml object used for en/decrypting $xml = new XML::Simple(); - # create socket for incoming xml messages POE::Component::Server::TCP->new( Port => $server_port, @@ -981,6 +983,12 @@ POE::Session->create( } ); + +# import all modules +&import_modules; + +# check wether all modules are gosa-si valid passwd check + POE::Kernel->run(); exit; diff --git a/gosa-si/modules/SIPackages.pm b/gosa-si/modules/SIPackages.pm index 00def4847..889161b85 100644 --- a/gosa-si/modules/SIPackages.pm +++ b/gosa-si/modules/SIPackages.pm @@ -21,7 +21,7 @@ END {} my ($known_clients_file_name); my ($server_activ, $server_ip, $server_mac_address, $server_port, $SIPackages_key, $max_clients, $ldap_uri, $ldap_base, $ldap_admin_dn, $ldap_admin_password); -my ($bus_activ, $bus_passwd, $bus_ip, $bus_port); +my ($bus_activ, $bus_key, $bus_ip, $bus_port); my $server; my $network_interface; my $no_bus; @@ -44,7 +44,7 @@ my %cfg_defaults = }, "bus" => {"bus_activ" => [\$bus_activ, "on"], - "bus_passwd" => [\$bus_passwd, ""], + "bus_passwd" => [\$bus_key, ""], "bus_ip" => [\$bus_ip, ""], "bus_port" => [\$bus_port, "20080"], }, @@ -337,11 +337,17 @@ sub register_at_bus { primkey=>'hostname', hostname=>$bus_address, status=>'bus', - hostkey=>$bus_passwd, + hostkey=>$bus_key, timestamp=>&get_time, } ); my $msg_hash = &create_xml_hash("here_i_am", $server_address, $bus_address); my $msg = &create_xml_string($msg_hash); + +print STDERR "bus_key:$bus_key\n"; +print STDERR "msg:$msg\n"; + + + &main::send_msg_to_target($msg, $bus_address, $bus_key, "here_i_am"); return $msg; # my $answer = ""; # $answer = &send_msg_hash2address($msg_hash, $bus_address, $bus_passwd); diff --git a/gosa-si/server.conf b/gosa-si/server.conf index ac0d78d37..22b42fb80 100644 --- a/gosa-si/server.conf +++ b/gosa-si/server.conf @@ -9,7 +9,7 @@ job_queue_timeout = 5 [bus] bus_activ = on bus_passwd = secret-bus-password -bus_ip = 127.0.0.1 +bus_ip = 10.89.1.31 bus_port = 20080 [server] diff --git a/gosa-si/tests/sqlite-check.pl b/gosa-si/tests/sqlite-check.pl index f050a034d..94d19847f 100755 --- a/gosa-si/tests/sqlite-check.pl +++ b/gosa-si/tests/sqlite-check.pl @@ -81,7 +81,7 @@ if (-e $db_name) { print "\n############################################################\n"; # $db_name =~ /\/([^\/]*?)\.db$/; # my $table_name = $1; - my $table_name = "known_server"; + my $table_name = "bus_known_server"; print "$db_name\n"; print "$table_name\n"; my $sqlite = GOSA::DBsqlite->new($db_name);