From: cajus Date: Wed, 12 Dec 2007 11:37:51 +0000 (+0000) Subject: Moving finalized X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=a6fe8c9d5d020bef9bfa60150afc6fceb8f13e32;p=gosa.git Moving finalized git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@8102 594d385d-05f5-0310-b6e9-bd551577e9d8 --- diff --git a/AUTHORS b/AUTHORS deleted file mode 100644 index 8a46db4f6..000000000 --- a/AUTHORS +++ /dev/null @@ -1,76 +0,0 @@ -GOsa AUTHORS -============ - -This is the alphabetical list of all people that have -contributed to the GOsa project, beeing code, translations, -documentation and additional help. - -* Markus Amersdorfer - Wiki setup, Testing, hints, proposals - -* Alessandro Amici - Italian translation - -* Holger Burbach - Kerberos PHP module - -* Craig Chang - Fixes for magic_quotes_qpc - -* Guillaume Delecourt - Setup fixes, nagios tab plugin, xls addons ldapmanager - pptp connectivity option, phpscheduleit connectivity option - -* Dan Ellis - Sieve lib is taken from him - -* Alejandro Escanero Blanco - Fixes, improvements, translation, Guide and some extensions - -* Fabian Hickert - Improvements for setup, various fixes and plugins - -* Eric Kilfoil - ldap.inc is taken from him - -* Niels Klomp - Dutch translation - -* Benoit Mortier - French translation - -* Igor Muratov - Various fixes and speed enhancements - -* Michael Pasdziernik - Documentation for GOsa and safe-mode, fixes - -* Cajus Pollmeier - Virtually everyting which is GOsa related - -* Piotr Rybicki - Polish translation - -* Henning Schmiedehausen - Various fixes, support for user defined people/group base - -* Alfred Schröder - German translation - -* Thomas Schüßler - debuglib.inc is taken from him - -* Jan Wenzel - Implementation and research for samba munged dial support, - fixing of "Fiptehlers"(TM) in the german translations. - -* Leila El Hitori - French online documentation - English online documentation - -* Vincent Seynhaeve - Xls export plugin - -* Wouter Verhelst - accept-to-gettext code that helps for language conversation - diff --git a/Changelog b/Changelog deleted file mode 100644 index cba0fc954..000000000 --- a/Changelog +++ /dev/null @@ -1,526 +0,0 @@ -GOsa2 changelog -=============== - -* gosa 2.6beta1 - -* gosa 2.5.13 - - Re-added ISC DHCP support - - Fixes for the mail based bugtracker - - Fixed autouid problem with slashes - - Added list sorting for FAI script lists - - Added copy'n paste for mimetypes - - Cut'n paste objects are now greyed out - - Added swedish locale - - Improved language detection - - Added a statistic footer to lists - - Added the ssh plugin - - Layout fixes - -* gosa 2.5.12 - - Fixed problems with automatic reverse zones - - Fixed several IE6 related Java-Script problems - - Removed png.js by default. Looks ugly, but performs. Take - a look at the FAQ on how to re-enable it for IE. - - Added non-login password change dialog - - Various spelling fixes - - Added some extra robustness to the PPD reader code - - FAI partition ordering fixed, partition sizes fixed - - FAI release management updates - - Fixed installations that fail the schema check - - Updated error messages to fade out the interface - - Repository cleanup - - Added feedback link to easily report PHP errors - - Added more content sorting where needed - - Made gidNumber be the current in posix check hook - - Removed inconsistency in gosa/gosa+samba3 schema - - Fixed multiple saving of "My account" data - - Don't allow moving of objects from administrative units to other - administrative units where ACL's permit it. Objects "seemed" to - disapear because the tagging changes. - - Added gosa-desktop package to be able to start it by link - - Added method to highlight tabs - - Generel translation update for de, es, fr, it, nl, pl, ru, zh - -* gosa 2.5.11a - - Added chinese translation - - Fixed language detection and removed line wraps in tab headers - - Fixed french translation - -* gosa 2.5.11 - - Add workaround for failing is_php4() when using PHP5 - with "zend.ze1_compatibility_mode" set to "On" - - Backported new sieve filter editor from trunk - - Backported new setup from trunk - - Fixed double loaded pages in gecko based browsers when js - is activated - - Replaced a set of PHP var in samba class. - - Fixed checkbox selection in samba class. - - Connectivity netatalk: Moved plugin intialization from execute() to contructor(). - - Fixes various issues with setup.php - - Avoid tab lables to have line feeds - - Activated missing checks for IP and MAC - - Fixed copy'n paste errors for netatalk - - Various W3C fixes - - Fixed "My Account" mode, where buttons disappear after saving - - Avoid removal of shares while they are used by users - - Added finer grained ACL settings for mail accounts - - Fixed day of birth problem in M$ IE - - Fixed setting of Kerberos passwords - -* gosa 2.5.5 - - Added remove method for shared folder in kolab mode - - Added checkbox to decide if the shared folder should be deleted from IMAP - if the mail extension is removed from group mail account - - Updated request method for mail folders - - Resolved problem with infinite loop while storing sieve scripts - - Added subsearch checkbox to object group "add items" filter - - Fixed "missing PPD" configuration error, for newly created printer - - Corrected problem where the object base was sometimes broken when - saving object groups - - Fixed saving of terminal attribute gotoLpdEnable to contain "yes" - instead of "1" - - Avoid reset of several attributes from workstations when not - inherited from object groups - - Show error messages from password dialog - - Fixed a set of W3C problems - - Fixed multiple savings in addressbook (Closes: #23) - - Fixed shadow expire when using templates (Closes: #20) - - Made %uid, %sn, etc. available in templates using gosaMailAlternateAddress - -* gosa 2.5.4 - - Included patch to choose the addressbook base - - Applied fixes for logviewer done by Mario Minati - - Updated locales, fixed a set of missing strings - - Fixed problems in FAI list handling - - Added "uid" to personal plugins for replacement in post events - - Fixed saving of user logon scripts - - Fixed non-FAI application mode - - More speed fixes applied, especially for users, objectgroups and - generic plugin loading - - Bug while saving FAI partitions fixed - - Don't save PPD if none is not selected bug fixed - - Saving of non revisioned applications fixed - -* gosa 2.5.3 - - Fixed problem in reloading departments when we've PHP4 - - Fixed gotoPrinter membership problem. - - Fixed environment shares, only available shares will be displayed (gosaUnitTag was ignored) - - Fixed saving of inherited workstation settings - - Removed error when no FAI repositories were present - - Fixed posix group add dialog, filter wasn't working. - - Fixed get_printer_list undefined index warnings while editing a user. - - Fixed ogroup non-static method error - - Fixed user membership for gotoPrinter, if membership was edited - via user environemnt, some numeric values were stored too - - Fixed mail account, mail server string possibly was an array - - Fixed typos - - Fixed upper/lowcase ou's for groups/people when using an - unclean LDAP database - - Fixed ACL handling to *not* show the admin user dialog - when configured for self modify only - - Fixed problem when changing passwords via "My account" - - Added more information to hotplug devices. - -* gosa 2.5.2 - - Fixed current main base not beeing set when editing non tabbed - plugins - - Fixed filtering for divlists - - Fixed deletion of shares in environment tabs - - Updated french online help - - Updated german online help - - Fixed display of FAI partitions - - Removed Quota warnings for existing accounts without quota limits - - Worked around PHP4 session problems when creating new departments - - Fixed problems when moving around departments including a comma - - Unified bool values in gosa.conf. true/yes and false/no are valid - now in upper and lower case. - - Avoid the try of creating already existing ou's - - Fixed non working printer removal - -* gosa 2.5.1 - - Fixed problems with NFS shares and terminals - - Finalized polish translations - - Fixed problem with compressed gosa.conf in the debian package - -* gosa 2.5 - - Improved FAI support - * Server and workstations are treated the same way - * Destination selector for new devices - * Summary tab introduced - - Improved robustness while operating whith the LDAP - - Several Kolab related fixes - - Tagging of departments introduced - - Global check hooks allow user defined testing - of single plugins - - Major speedups with large databases - - Added english and french online help - - Unified plugin "head" selectors, (re-)added subtree - support - - Fixed PPD parsing for several commercial PPD's - - Tune LDAP error messages - - Moved from "guru mediation style" to div-popups - - Several css fixes - - Fixed series of bugs that lead to not shown groups - -* gosa 2.4 - - Updated layout to work cleanly with IE6+, Firefox 1.0.4+, khtml 3.4+ - - Added FAI (Fully Automatted Installation) support - - Added mail queue management - - Added many missing acl informations - - Added help browser and initial french help - - Fixed templating for samba and unix users - - Applied hundreds of smaller bugfixes - - Improved speed by switching to directory style dialogs and performing - sub searches. - - Per user language selector in generic tab - - New connectivity plugins (PHPscheduleit/PPTP/glpi) - -* gosa 2.4beta3 - - Updated layout - - Fixed application removal - - Improved accessibility for disabled persons - - Added intranet account to list of connectivity plugins - - Several kolab related fixes for server objects - - Corrected contributed slapd.conf - - Fixed kolab mode where GOsa saves KB quotas, interprets quotas as kolab MB - - Increased robustnes for non set fields - - Fixed IE issues with W3C compatibilty where IE posts disabled fields - - Fixed problems with existing samba accounts and password changed fields - - Removed login problems with undefined ldap_conf variable - - Fixed problems where the GECOS field is not written correctly - -* gosa 2.4beta2 - - Fixed error handler to be PHP 4.x compatible - - Fixed PHP compatibility problem in setup.php, using ini_get() - instead of ini_get_all() - - Fixed cases where ipHostAddress is required but not checked - by GOsa - - Fixed group dialog filters - - Fixed problems in setup which showed up with white pages if - PHP has been compiled without mbstring support - - Fixed layout if the rendered page does not cover 100% of the - browser window - - Improved phone plugin to respect IAX, CAPI and SIP phone - attributes - automatically if the revision changes - - Improved W3C compatibility - - Added checks that remove the contents of /var/spool/gosa/* - - Added postmodify for password change operations - -* gosa 2.4beta1 - - Override automatically detected user bases if they don't exist - - Don't shred samba group ID's if they are not present in the - combobox - - Updated smarty to version 2.6.9 - - Updated GOfon support to handle new features - - Replacement of most external programm calls - - Samba3 bugfixes for munged dial handling - - Updated LDIF export - - Improved setup checks to find more possible errors - - Fixed index ruler for long lists - - Completed system creation for servers, phones and misc components - - Added support for kolab users and kolab server settings - - Added server settings - - Added LDIF import - - Added CSV import - - Added italian translation (thanks to Alessandro Amici) - - Added subtree search checkbox in lists with potential higher - usage - - Added version indicator to make support more easy - - Added sample databases for fax, phone and system logging - - Added error handler for normal PHP errors - -* gosa 2.3 - - Updated smarty to version 2.6.7 - - Added dutch translations (thanks to Niels Klomp) - - Added webdav and phpgroupware accounts - - Fixed french translation - - Fixed error in shadowExpire attribute - - Unified all filters in dialogs to use the internationalized choosers - - Added option to do non subtree searches with filters - - Fixed sample configuration files to be unproblematic when used in - conjunction with OpenLDAP 2.2 - - Added experimental support for editing LDAP trees that contain referrals - - Updated Altlinux contributions, including themes and scripts - - Worked around a possible problem with sizelimit in php-ldap - - Improved big ldap support by size limits and non sub searches - - Various smaller fixes - - Added global TLS switch for LDAP connections - - Fixed SELECT queries to be mysql 3.x _and_ 4.x compatible - - Made departments movable - -* gosa 2.2 - - Removed DHCP/DNS plugins, they will be replaced by - the terminal/server/workstation plugins. - - Added case sensitivity check for login names - - Made bases set to users "home" department when creating new objects - - Moved sieve-*.txt config files to /etc/gosa - - Told IMAP plugin to remove mail accounts when the user is deleted - - Interface cleanups - - Added simple log file viewer - - Added support for asterisk - - Included javascript magic to improve usability (doubleclicks in - lists, disabling of fields, warning messages, etc.) - - More filtering and sizelimits for speed optimizations - - Mail handling is now pluggable - - Added possibility to bundle objects to object groups - - Added a reference tab to track relation ships of different objects - - Improved samba 3 support (terminal server support) - - Updated translations and added a french one - -* gosa 2.1.3 - - Fixed problem with initial password setting - - Increase number in version.inc - - Add a workaround to fix problem with groups not beeing displayed - with openldap. Here the server reacts with empty results if searching - for non existing objectClass "sambaGroupMapping" in case of using samba2 - - Fix the homeDirectory check which is a bit too harsh with templates - -* gosa 2.1.2 - - Fixed problem with uppercase login names - - Extensive speed increasements in ldap searches - - Fixed gettext problem on older installations - - Corrected sieve login which was broken due to a library switch - - Made in_array act case insensitive for is_account check - - Fixed location of DMODE and HASH in config file - - Fixed general problems with password hash generation if not - specified - - Complete move to unicode which removes all active encoding/decoding - of contents from GOsa itself - - Made GOsa run smooth on PHP 5 - - Added complete russian translation contributed by Igor Muratov - - Migrated phone list to (global) addressbook - - Filtering fixes - -* gosa 2.1.1 - - Enabled mail-account-less fax accounts - - Fixed upper/lower case problem in mail templates - - Fixed typo in generic plugin error message - - Made template dialog work again - - Fixed headpage for application management which tends to do no - proper display of used applications - - Added command line interface to use GOsa without web interface - - Updated debian control to be aware of apache2 based installations - - Transferd tab variables in group dialog, so the primary mail - address can be checked - - Fixed possible case problem with is_account - - Made base selector contain newly added departments in department - dialog - -* gosa 2.1 - Bugfix release - - size of homeDirectory attribute increased - - FAQ/README/INSTALL updated - - spec file updated - -* gosa 2.1rc2 - Bugfix release - - Made user dn configurable - - Fixed memory usage check - - Fixed size of alternate mail address field - - Fixed sorting of group in posix tab - - Made GOsa keep group membership even if user has no posix - account - - Fixed typo in blocklist spelling - - Fixed error message when trying to filter users without a - valid uid - - Made posix account visible, even if there are no shadow - attributes inside this entry - - Included setup - - Translation updates - -* gosa 2.1rc1 - Bugfix release - - Fixed annoying ACL bug in template mode - - Fixed possible privilege escalation problem in password - routine (thanks to Henning Schmiedehausen) - - Removed password storage from user info class (thanks to - Rainer Herbst) - - Various interface cleanups - - Templatization finished - - Reworked user headpage - - Made GOsa more robust in detecting errors in config - - Added additional error messages reported by LDAP server - - Added schmemacheck hook - - Started with setup implementation - -* gosa 2.1beta3 - Bugfix release - - Made template mode remember the templates primary group - - Templatized posix plugin - - Added option to disable strict checking of uid/gid names - - Massive samba3 updates - - Made ou=people and ou=groups configurable - - Fixed user/group lists to react on filter changes - -* gosa 2.1beta2 - Bugfix and feature enhancement release. - - Made GOsa remove object locks when changing plugins during edit - process. - - Added DHCP plugin - - Gerneral speed tunig, reduced the number of unessasary ldap - accesses - - Added syslog output for actions "save" and "remove" - - Fixed handling for multiple ACL's per base - - Fixed listboxes to unify output / sort output - - Fixed annoying bug in tab_groups.inc when removing the mailtab - - Bases did not get set in template mode - - Fixed user part - - Templatized faxaccount/pureftpd/samba and mail plugins - - Included calendar.js functionality in samba plugin - -* gosa 2.1beta1 - This release has some feature enhancements and contains many - bugfixes and design cleanups - - Fixed many HTML related things. Pages are now perfectly validated - as html 4.01 transitional. - - Added dn cleaner to getDN() in order to fix problems with - "broken" ldap databases. - - Added schemata for iplanet, checked if it works. - - Rewrote phonelist, added vcard export. - - Added filters to allmost all plugins. - - Added DNS plugin. - - Generic userinterface cleanups, everything is a template now and can be - redesigned/stripped. - - Improved translations, added missing ones. - - Added choosable templates for mail vacation messages. - - Improved templating stuff to generate user defined auto uids. - - Made user interface more comprehensive, so its important for you - to start with a clean gosa.conf from contrib. - - Added external password change hook, so that its possible to synchronize - with a non samba PDC via scripts. (Some organizations tend to keep a - readable copy of their users password which possible now, too.) - - Updated FAQ - -* gosa 2.0.1 - This release doesn't have feature enhancements (nearly), only - bugfixes reported by users are incorporated. - - Fixed oblivious fields when changing to subdialogs. All - user dialogs were affected - - Made facsimileTelephoneNumber beeing saved without the - need of a fax account - - Fixed printer sorting which destroyed the array index - - Removed redundant fields in terminal configuration - - Made terminal plugin save the terminal hardware information - - Added missing tags to index.php/main.php - - Fixed debian debconf script not to touch uidbase/ridbase - values in gosa.conf - - Fixed "Force ID", which creates a group for the posix - user with forced ID. - - Finetuning in login window behaviour - - Code cleanup and templatized two more plugins - - As requested by some users, you can now advise GOsa not to - create a group for the user, but take an existing group - as primary one. - - Added 'dn cleaner' for the acl list. So syntactically - problematic dn's with strange commata get fixed. - -* gosa 2.0 final - - Made samba3 support work - - Fixed several small bugs with the templating stuff - - Fixed problem with shared folders, added missing attribute - gosaSharedFolderTarget needed in some setups - - Updated icons - - Renamed icons to have more logical names - -* gosa 2.0rc2 - - Corrected mistakenly copied ui object in functions.inc - - Fixed errors when activating new terminals - - Removed krb warnings in class_user.inc - - Plugins user, apps, groups and departments didn't check for - already present entries. Now they do. - - Removed problem in terminal dialog where checkboxes are not - saved - - Fixed ACL handling for users primary group - - Replaced own template class by smarty, since only two files - were affected by this - - Changed basic layout to seperate public readable files from - templates - - Added FAQ, update TODO for next versions - - Made accounts movable between departments - - Added partial spanish translations - - Fixed mail group handling - -* gosa 2.0rc1 - - Switched to XML based gosa.conf - - Cleaned all plugins, moved to children of plugin.conf - - Moved back to gettext for translations - - Added hooks for pre-/post-install scripts - - Cleaned LDAP class - - Added workarounds for MS-IE (>5.5) to render transparent - PNGs in a correct way - - Redesigned login screen / some plugins - - Added hooks for eGOsa, which is a java applet based - browsing tool - - Switched from user based ACLs to group based ACLs, - removed standalone ACL plugin in favor of new group tab. - - Fixed samba2 rid generation (btw. still missing is sid - support for samba3. But this will go into the final.) - - Fixed many minor bugs - - Introduced simple theming support - - Added 'dn'-renaming for accounts - -Changelog starts with latest Beta 1.99.97 diff --git a/bin/mkntpasswd b/bin/mkntpasswd deleted file mode 100755 index 174995829..000000000 --- a/bin/mkntpasswd +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/sh -if [ $# -ne 1 ]; then - echo "Usage: mkntpwd " - exit 1 -fi - -# Render hash using perl -perl -MCrypt::SmbHash -e "print join(q[:], ntlmgen $ARGV[0]), $/;" - -exit 0 diff --git a/contrib/altlinux/etc/cyrus.conf b/contrib/altlinux/etc/cyrus.conf deleted file mode 100644 index 4ada8431e..000000000 --- a/contrib/altlinux/etc/cyrus.conf +++ /dev/null @@ -1,43 +0,0 @@ -# standard standalone server implementation - -START { - # do not delete this entry! - recover cmd="ctl_cyrusdb -r" - - # this is only necessary if using idled for IMAP IDLE -# idled cmd="idled" -} - -# UNIX sockets start with a slash and are put into /var/lib/imap/socket -SERVICES { - # add or remove based on preferences - imap cmd="imapd" listen="imap" prefork=5 -# imaps cmd="imapd -s" listen="imaps" prefork=1 - pop3 cmd="pop3d" listen="pop3" prefork=3 -# pop3s cmd="pop3d -s" listen="pop3s" prefork=1 - sieve cmd="timsieved" listen="sieve" prefork=0 -# smmapd cmd="smmapd" listen="/var/lib/imap/socket/smmapd" prefork=1 - - # these are only necessary if receiving/exporting usenet via NNTP -# nntp cmd="nntpd" listen="nntp" prefork=3 -# nntps cmd="nntpd -s" listen="nntps" prefork=1 - - # at least one LMTP is required for delivery -# lmtp cmd="lmtpd" listen="lmtp" prefork=0 - lmtpunix cmd="lmtpd" listen="/var/spool/postfix/public/lmtp" prefork=1 - - # this is only necessary if using notifications -# notify cmd="notifyd" listen="/var/lib/imap/socket/notify" proto="udp" prefork=1 -} - -EVENTS { - # this is required - checkpoint cmd="ctl_cyrusdb -c" period=30 - - # this is only necessary if using duplicate delivery suppression, - # Sieve or NNTP - delprune cmd="cyr_expire -E 3" at=0400 - - # this is only necessary if caching TLS sessions - tlsprune cmd="tls_prune" at=0400 -} diff --git a/contrib/altlinux/etc/gosa/gosa.conf b/contrib/altlinux/etc/gosa/gosa.conf deleted file mode 100644 index d1ceab343..000000000 --- a/contrib/altlinux/etc/gosa/gosa.conf +++ /dev/null @@ -1,170 +0,0 @@ - - - -
- - - - - - - - - -
- -
- - - - - - - -
- -
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - -
- - - diff --git a/contrib/altlinux/etc/imapd.conf b/contrib/altlinux/etc/imapd.conf deleted file mode 100644 index 5ae2d9b5f..000000000 --- a/contrib/altlinux/etc/imapd.conf +++ /dev/null @@ -1,210 +0,0 @@ -# In more detail to look in man 5 imapd.conf - -#@include: - -admins: cyrus - -#afspts_localrealms: -#afspts_mycell: - -#allowallsubscribe: 0 -#allowanonymouslogin: 0 -allowapop: 0 -#allownewnews: 0 -allowplaintext: 1 -#allowusermoves: 0 -#altnamespace: 0 -sasl_mech_list: plain - -annotation_db: skiplist - -autocreatequota: 10240 -#createonpost: 0 -#autocreateinboxfolders: -#autosubscribeinboxfolders: -#autosubscribesharedfolders: - -#berkeley_cachesize: 512 -#berkeley_locks_max: 50000 -#berkeley_txns_max: 100 - - -configdirectory: /var/lib/imap -#debug_command: -#defaultacl: anyone lrs - -#defaultdomain: taf.ru -#defaultpartition: default -#deleteright: c - -duplicate_db: berkeley-nosync -duplicatesuppression: 0 - -#foolstupidclients: 0 -#force_sasl_client_mech: -#fulldirhash: 0 - -hashimapspool: 1 -#hostname_mechs: -#hostname_password: - -idlesocket: /var/lib/imap/socket/idle -#ignorereference: 0 -#imapidlepoll: 60 -imapidresponse: 0 -#imapmagicplus: 0 -#implicit_owner_rights: lca - -#ldap_authz: -#ldap_base: -#ldap_bind_dn: -#ldap_deref: never -#ldap_filter: -#ldap_group_base: -#ldap_group_filter: (cn=%u) -#ldap_group_scope: sub -#ldap_id: -#ldap_mech: -#ldap_member_attribute: -#ldap_member_base: -#ldap_member_filter: (member=%D) -#ldap_member_method: attribute -#ldap_member_scope: sub -#ldap_password: -#ldap_realm: -#ldap_referrals: 0 -#ldap_restart: 1 -#ldap_sasl: 1 -#ldap_sasl_authc: -#ldap_sasl_authz: -#ldap_sasl_mech: -#ldap_sasl_password: -#ldap_sasl_realm: -#ldap_scope: sub -#ldap_servers: ldap://localhost/ -#ldap_size_limit: 1 -#ldap_start_tls: 0 -#ldap_time_limit: 5 -#ldap_timeout: 5 -#ldap_tls_cacert_dir: -#ldap_tls_cacert_file: -#ldap_tls_cert: -#ldap_tls_check_peer: 0 -#ldap_tls_ciphers: -#ldap_tls_key: -#ldap_uri: -#ldap_version: 3 - - - -lmtp_downcase_rcpt: 1 -lmtp_over_quota_perm_failure: yes -#lmtpsocket: {configdirectory}/socket/lmtp -lmtpsocket: /var/spool/postfix/public/lmtp - -#loginrealms: -#loginuseacl: 0 -#logtimestamps: 0 - -#mailnotifier: -#maxmessagesize: 0 - -mboxlist_db: skiplist - -#mupdate_connections_max: 128 -#mupdate_authname: -#mupdate_password: -#mupdate_port: 3905 -#mupdate_realm: -#mupdate_retry_delay: 20 -#mupdate_server: -#mupdate_workers_start: 5 -#mupdate_workers_minspare: 2 -#mupdate_workers_maxspare: 10 -#mupdate_workers_max: 50 -#mupdate_username: - -#netscapeurl: http://asg.web.cmu.edu/cyrus/imapd/netscape-admin.html - -#newsmaster: news -#newspeer: -#newspostuser: -#newsprefix: -#notifysocket: {configdirectory}/socket/notify - -partition-default: /var/spool/imap -#partition-name: -#plaintextloginpause: 0 - -#popexpiretime: -1 -#popminpoll: 0 -poptimeout: 5 -#postmaster: postmaster -#postuser: -#proxy_authname: proxy -#proxy_password: -#proxy_realm: -#proxyd_allow_status_referral: 0 -#proxyservers: - -#ptloader_sock: - -#ptscache_db: berkeley -#ptscache_timeout: 10800 -#ptskrb5_convert524: 1 - -#quota_db: quotalegacy -#quotawarn: 90 -#quotawarnkb: 0 - -# If you want to have 8-bit symbols in 'Subject' the -# reject8bit should matter 0 -reject8bit: 0 - -#rfc2046_strict: 0 -#rfc3028_strict: 1 - -#sasl_auto_transition: 0 -#sasl_maximum_layer: 256 -#sasl_minimum_layer: 0 -#sasl_option: 0 -sasl_pwcheck_method: saslauthd - -seenstate_db: skiplist - -sendmail: /usr/sbin/sendmail -servername: example.com - -#sharedprefix: Shared Folders -#sieve_maxscriptsize: 32 -#sieve_maxscripts: 5 -sievedir: /var/lib/imap/sieve -#sievenotifier: -#sieveusehomedir: 0 - -#singleinstancestore: 1 -#skiplist_unsafe: 0 -#soft_noauth: 1 -#srvtab: - -subscription_db: flat - -#syslog_prefix: - -#temp_path: /tmp -#timeout: 30 -#tls_ca_file: -#tls_ca_path: -#tlscache_db: berkeley-nosync -#tls_cert_file: /var/lib/ssl/certs/cyrus-imapd.pem -#tls_cipher_list: DEFAULT -#tls_key_file: /var/lib/ssl/certs/cyrus-imapd.pem -#tls_require_cert: 0 -#tls_session_timeout: 1440 - -#umask: 077 -username_tolower: 1 -#userprefix: Other Users -#unix_group_enable: 1 -#unixhierarchysep: 0 -#virtdomains: on diff --git a/contrib/altlinux/etc/ldap.conf b/contrib/altlinux/etc/ldap.conf deleted file mode 100644 index c245047c4..000000000 --- a/contrib/altlinux/etc/ldap.conf +++ /dev/null @@ -1,227 +0,0 @@ -# @(#)$Id: ldap.conf,v 1.1 2004/09/16 06:46:19 migor-guest Exp $ -# -# This is the configuration file for the LDAP nameservice -# switch library and the LDAP PAM module. -# -# PADL Software -# http://www.padl.com -# - -# Your LDAP server. Must be resolvable without using LDAP. -# Multiple hosts may be specified, each separated by a -# space. How long nss_ldap takes to failover depends on -# whether your LDAP client library supports configurable -# network or connect timeouts (see bind_timelimit). -#host 127.0.0.1 - -# The distinguished name of the search base. -base dc=example,dc=com - -# Another way to specify your LDAP server is to provide an -# uri with the server name. This allows to use -# Unix Domain Sockets to connect to a local LDAP Server. -uri ldap://127.0.0.1/ -#uri ldaps://127.0.0.1/ -#uri ldapi://%2fvar%2frun%2fldapi_sock/ -# Note: %2f encodes the '/' used as directory separator - -# The LDAP version to use (defaults to 3 -# if supported by client library) -ldap_version 3 - -# The distinguished name to bind to the server with. -# Optional: default is to bind anonymously. -#binddn cn=proxyuser,dc=example,dc=com - -# The credentials to bind with. -# Optional: default is no credential. -#bindpw secret - -# The distinguished name to bind to the server with -# if the effective user ID is root. Password is -# stored in /etc/ldap.secret (mode 600) -#rootbinddn cn=manager,dc=example,dc=com - -# The port. -# Optional: default is 389. -#port 389 - -# The search scope. -#scope sub -#scope one -#scope base - -# Search timelimit -#timelimit 30 - -# Bind/connect timelimit -#bind_timelimit 30 - -# Reconnect policy: hard (default) will retry connecting to -# the software with exponential backoff, soft will fail -# immediately. -#bind_policy hard - -# Idle timelimit; client will close connections -# (nss_ldap only) if the server has not been contacted -# for the number of seconds specified below. -#idle_timelimit 3600 - -# Filter to AND with uid=%s -#pam_filter objectclass=account - -# The user ID attribute (defaults to uid) -#pam_login_attribute uid - -# Search the root DSE for the password policy (works -# with Netscape Directory Server) -#pam_lookup_policy yes - -# Group to enforce membership of -#pam_groupdn cn=PAM,ou=Groups,dc=example,dc=com - -# Group member attribute -#pam_member_attribute uniquemember - -# Template login attribute, default template user -# (can be overriden by value of former attribute -# in user's entry) -#pam_login_attribute userPrincipalName -#pam_template_login_attribute uid -#pam_template_login nobody - -# HEADS UP: the pam_crypt, pam_nds_passwd, -# and pam_ad_passwd options are no -# longer supported. - -# Do not hash the password at all; presume -# the directory server will do it, if -# necessary. This is the default. -#pam_password clear - -# Hash password locally; required for University of -# Michigan LDAP server, and works with Netscape -# Directory Server if you're using the UNIX-Crypt -# hash mechanism and not using the NT Synchronization -# service. -#pam_password crypt - -# Remove old password first, then update in -# cleartext. Necessary for use with Novell -# Directory Services (NDS) -#pam_password nds - -# Update Active Directory password, by -# creating Unicode password and updating -# unicodePwd attribute. -#pam_password ad - -# Use the OpenLDAP password change -# extended operation to update the password. -#pam_password exop - -# RFC2307bis naming contexts -# Syntax: -# nss_base_XXX base?scope?filter -# where scope is {base,one,sub} -# and filter is a filter to be &'d with the -# default filter. -# You can omit the suffix eg: -# nss_base_passwd ou=People, -# to append the default base DN but this -# may incur a small performance impact. -#nss_base_passwd ou=People,dc=example,dc=com?one -#nss_base_shadow ou=People,dc=example,dc=com?one -#nss_base_group ou=Groups,dc=example,dc=com?one -#nss_base_hosts ou=Hosts,dc=example,dc=com?one -#nss_base_services ou=Services,dc=example,dc=com?one -#nss_base_networks ou=Networks,dc=example,dc=com?one -#nss_base_protocols ou=Protocols,dc=example,dc=com?one -#nss_base_rpc ou=Rpc,dc=example,dc=com?one -#nss_base_ethers ou=Ethers,dc=example,dc=com?one -#nss_base_netmasks ou=Networks,dc=example,dc=com?ne -#nss_base_bootparams ou=Ethers,dc=example,dc=com?one -#nss_base_aliases ou=Aliases,dc=example,dc=com?one -#nss_base_netgroup ou=Netgroup,dc=example,dc=com?one - -# attribute/objectclass mapping -# Syntax: -#nss_map_attribute rfc2307attribute mapped_attribute -#nss_map_objectclass rfc2307objectclass mapped_objectclass - -# configure --enable-nds is no longer supported. -# For NDS now do: -#nss_map_attribute uniqueMember member - -# configure --enable-mssfu-schema is no longer supported. -# For MSSFU now do: -#nss_map_objectclass posixAccount User -#nss_map_attribute uid msSFUName -#nss_map_attribute uniqueMember posixMember -#nss_map_attribute userPassword msSFUPassword -#nss_map_attribute homeDirectory msSFUHomeDirectory -#nss_map_objectclass posixGroup Group -#nss_map_attribute cn msSFUName -#pam_login_attribute msSFUName -#pam_filter objectclass=User -#pam_password ad - -# Alternatively, if you wish to equivalence W2K and POSIX -# groups, change the uniqueMember mapping line to: -#nss_map_attribute uniqueMember member - -# configure --enable-authpassword is no longer supported -# For authPassword support, now do: -#nss_map_attribute userPassword authPassword -#pam_password nds - -# For IBM AIX SecureWay support, do: -#nss_map_objectclass posixAccount aixAccount -#nss_base_passwd ou=aixaccount,?one -#nss_map_attribute uid userName -#nss_map_attribute gidNumber gid -#nss_map_attribute uidNumber uid -#nss_map_attribute userPassword passwordChar -#nss_map_objectclass posixGroup aixAccessGroup -#nss_base_group ou=aixgroup,?one -#nss_map_attribute cn groupName -#nss_map_attribute uniqueMember member -#pam_login_attribute userName -#pam_filter objectclass=aixAccount -#pam_password clear - -# Netscape SDK LDAPS -#ssl on - -# Netscape SDK SSL options -#sslpath /etc/ssl/certs/cert7.db - -# OpenLDAP SSL mechanism -# start_tls mechanism uses the normal LDAP port, LDAPS typically 636 -#ssl start_tls -#ssl on - -# OpenLDAP SSL options -# Require and verify server certificate (yes/no) -# Default is "no" -#tls_checkpeer yes - -# CA certificates for server certificate verification -# At least one of these are required if tls_checkpeer is "yes" -#tls_cacertfile /etc/ssl/ca.cert -#tls_cacertdir /etc/ssl/certs - -# SSL cipher suite -# See man ciphers for syntax -#tls_ciphers TLSv1 - -# Client certificate and key -# Use these, if your server requires client authentication. -#tls_cert -#tls_key - -# Disable SASL security layers. This is needed for AD. -#sasl_secprops maxssf=0 - -# Override the default Kerberos ticket cache location. -#krb5_ccname FILE:/etc/.ldapcache diff --git a/contrib/altlinux/etc/nsswitch.conf b/contrib/altlinux/etc/nsswitch.conf deleted file mode 100644 index 5f0d1eb90..000000000 --- a/contrib/altlinux/etc/nsswitch.conf +++ /dev/null @@ -1,62 +0,0 @@ -# -# Please refer to nsswitch.conf(5) for more information on this file. -# -# This is the Name Service Switch configuration file. This file should -# be sorted with the most-used databases at the beginning. -# -# Specifying '[NOTFOUND=return]' means that the search for an entry -# should stop if the search with the previous service turned up nothing. -# Note that if the search failed due to some other reason (like no NIS -# server responding) then the search continues with the next service. -# -# Legal name services are: -# -# files Use local files -# tcb Use local tcb shadow files, see tcb(5) -# db Use local database files under /var/db -# nis or yp Use NIS (NIS version 2), also called YP -# nisplus or nis+ Use NIS+ (NIS version 3) -# dns Use DNS (Domain Name Service) -# compat Use NIS in compatibility mode -# hesiod Use Hesiod for user lookups -# [NOTFOUND=return] Stop searching if not found so far -# - -passwd: files ldap -shadow: tcb ldap -group: files ldap - -hosts: files nisplus nis dns - -# To use db, put the "db" in front of "files" for things you want to be -# looked up first in the db files. -# -#passwd: db files nisplus nis -#shadow: db tcb files nisplus nis -#group: db files nisplus nis -# -#hosts: db files nisplus nis dns - -ethers: files -netmasks: files -networks: files -protocols: files -rpc: files -services: files - -# Example - obey only what nisplus tells us... -#services: nisplus [NOTFOUND=return] files -#networks: nisplus [NOTFOUND=return] files -#protocols: nisplus [NOTFOUND=return] files -#rpc: nisplus [NOTFOUND=return] files -#ethers: nisplus [NOTFOUND=return] files -#netmasks: nisplus [NOTFOUND=return] files - -bootparams: nisplus [NOTFOUND=return] files - -netgroup: nisplus - -publickey: nisplus - -automount: files nisplus -aliases: files nisplus diff --git a/contrib/altlinux/etc/openldap/ldap.conf b/contrib/altlinux/etc/openldap/ldap.conf deleted file mode 100644 index eac6d229a..000000000 --- a/contrib/altlinux/etc/openldap/ldap.conf +++ /dev/null @@ -1,17 +0,0 @@ -# $OpenLDAP: pkg/ldap/libraries/libldap/ldap.conf,v 1.9 2000/09/04 19:57:01 kurt Exp $ -# -# LDAP Defaults -# - -# See ldap.conf(5) for details -# This file should be world readable but not world writable. - -BASE dc=example,dc=com -URI ldap://localhost - -#URI ldap://ldap.example.com ldap://ldap-master.example.com:666 - -#SIZELIMIT 12 -#TIMELIMIT 15 -#DEREF never - diff --git a/contrib/altlinux/etc/openldap/slapd.conf b/contrib/altlinux/etc/openldap/slapd.conf deleted file mode 100644 index 37ee30177..000000000 --- a/contrib/altlinux/etc/openldap/slapd.conf +++ /dev/null @@ -1,311 +0,0 @@ -# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.23.2.8 2003/05/24 23:19:14 kurt Exp $ -# -# See slapd.conf(5) for details on configuration options. -# This file should NOT be world readable. -# -# [ GLOBAL SETTINGS ] -# Default schemas -include /etc/openldap/schema/core.schema -include /etc/openldap/schema/cosine.schema -include /etc/openldap/schema/inetorgperson.schema -include /etc/openldap/schema/openldap.schema -include /etc/openldap/schema/nis.schema -#include /etc/openldap/schema/misc.schema -#include /etc/openldap/schema/rfc822-MailMember.schema -#include /etc/openldap/schema/kerberosobject.schema -#include /etc/openldap/schema/corba.schema -#include /etc/openldap/schema/java.schema -# Addon schemas -#include /etc/openldap/schema/autofs.schema -#include /etc/openldap/schema/courier.schema -#include /etc/openldap/schema/dnszone.schema -#include /etc/openldap/schema/qmail.schema -#include /etc/openldap/schema/qmailControl.schema -#include /etc/openldap/schema/samba2.schema -include /etc/openldap/schema/samba3.schema -# Experementel schemas -#include /etc/openldap/schema/cron.schema -#include /etc/openldap/schema/trust.schema -#include /etc/openldap/schema/turbo.schema -# Netscape roaming -#include /etc/openldap/schema/mull.schema -#include /etc/openldap/schema/netscape-profile.schema -# Local schema - -# GOSA2 schemas -#include /etc/openldap/schema/local.schema -include /etc/openldap/schema/gohard.schema -include /etc/openldap/schema/goto.schema -include /etc/openldap/schema/gofax.schema -include /etc/openldap/schema/goserver.schema -include /etc/openldap/schema/gosa+samba3.schema -#include /etc/openldap/schema/gosa.schema - -# Specify a set of features (separated by white space) to allow. -allow bind_v2 - -# Do not enable referrals until AFTER you have a working directory -# service AND an understanding of referrals. -#referral ldap://root.openldap.org - -# Specify a desired level of concurrency. Provided to the underlying thread -# system as a hint. The default is not to provide any hint. -concurency 20 - -# Specify the maximum number of pending requests for an anonymous session. If -# requests are submitted faster than the server can process them, they will -# be queued up to this limit. If the limit is exceeded, the session is closed. -#conn_max_pending 100 - -# Specify the maximum number of pending requests for an -# authenticated session. -#conn_max_pending 1000 - -# Specify a default search base to use when client submits a non-base search -# request with an empty base DN. -defaultsearchbase "dc=example,dc=com" - -# A SIGHUP signal will only cause a 'gentle' shutdown-attempt: Slapd will -# stop listening for new connections, but will not close the connections to -# the current clients. -gentlehup on - -# Specify the number of seconds to wait before forcibly closing an idle client -# connection. A idletimeout of 0 disables this feature. -#idletimeout 0 - -# Specify time and size limits based on who initiated an operation. -#sizelimit 500 -#timelimit 60 -#limits anonymous time.soft=60 time.hard=120 -#limits anonymous size.soft=1000 size.hard=1100 size.unchecked=1000 -#limits users time.soft=60 time.hard=120 -#limits users size=1000 -#limits dn.base="ou=People,dc=example,dc=com" size=100 - -# Specify the level at which debugging statements and operation statistics -# should be syslogged (currently logged to the syslogd(8) LOG_LOCAL4 facility). -# Log levels are additive, and available levels are: -# -1 full -# 0 none -# 1 trace function calls -# 2 debug packet handling -# 4 heavy trace debugging -# 8 connection management -# 16 print out packets sent and received -# 32 search filter processing -# 64 configuration file processing -# 128 access control list processing -# 256 stats log connections/operations/results -# 512 stats log entries sent -# 1024 print communication with shell backends -# 2048 entry parsing -#loglevel 256 - -# This option sets the hash to be used in generation of user passwords, stored -# in userPassword, during processing of LDAP Password Modify Extended -# Operations (RFC 3062). The must be one of {SSHA}, {SHA}, {SMD5}, -# {MD5}, {CRYPT}, and {CLEARTEXT}. The default is {SSHA}. -#password-hash {SSHA} - -# The ( absolute ) name of a file that will hold the server's process ID -# if started without the debugging command line option. -pidfile /var/run/slapd.pid -argsfile /var/run/slapd.args -replica-pidfile /var/run/slurpd.pid -replica-argsfile /var/run/slurpd.args - -# Specify a set of conditions (separated by white space) to require (default -# none). The directive may be specified globally and/or per-database. bind -# requires bind operation prior to directory operations. LDAPv3 requires -# session to be using LDAP version 3. authc requires authentication prior to -# directory operations. SASL requires SASL authentication prior to directory -# operations. strong requires strong authentication prior to directory -# operations. The strong keyword allows protected "simple" authentication as -# well as SASL authentication. none may be used to require no conditions -# (useful for clearly globally set conditions within a particular database). -#require none - -# Specify the name of an LDIF(5) file containing user defined attributes for -# the root DSE. These attributes are returned in addition to the attributes -# normally produced by slapd. -#rootDSE /etc/openldap/rootdse.ldif - -# Specify a set of factors (separated by white space) to require. An integer -# value is associated with each factor and is roughly equivalent of the -# encryption key length to require. A value of 112 is equivalent to 3DES, 128 -# to Blowfish, etc.. -# Require integrity protection (prevent hijacking) -# Require 112-bit (3DES or better) encryption for updates -# Require 63-bit encryption for simple bind -#security ssf=1 update_ssf=112 simple_bind=64 - -# Specify the maximum size of the primary thread pool. The default is 16. -#threads 16 - - -# -# [ TLS OPTIONS ] -# -# Permits configuring what ciphers will be accepted and the preference order. -# should be a cipher specification for OpenSSL. -#TLSCipherSuite HIGH:MEDIUM:+SSLv2 - -# Specifies the path of a directory that contains Certificate Authority -# certificates in separate individual files. Usually only one of this or the -# TLSCACertificateFile is used. -#TLSCACertificateFile /etc/openldap/ssl/slapd.pem -#TLSCACertificatePath /etc/openldap/ssl - -# Specifies the file that contains the slapd server certificate. -#TLSCertificateFile /etc/openldap/ssl/slapd.pem - -# Specifies the file that contains the slapd server private key that matches -# the certificate stored in the TLSCertificateFile file. Currently, the private -# key must not be protected with a password, so it is of critical importance -# that it is protected carefully. -#TLSCertificateKeyFile /etc/openldap/ssl/slapd.pem - -# Specifies what checks to perform on client certificates in an incoming TLS -# session, if any. -#TLSVerifyClient never - - -# -# [ ACCESS CONTROL ] -# -# See slapd.access(5) for details -#access to attrs=userPassword -# by self write -# by anonymous auth -# by * none - - -# -# [ BACKEND OPTIONS ] -# -# Load dynamic backend modules: -modulepath /usr/lib/openldap -#moduleload back_dnssrv.la -#moduleload back_ldap.la -moduleload back_bdb.la -#moduleload back_ldbm.la -#moduleload back_meta.la -#moduleload back_monitor.la -#moduleload back_null.la -#moduleload back_passwd.la -#moduleload back_shell.la -#moduleload back_perl.la -#moduleload back_sql.la - -# Options in this section only apply to the configuration file section for the -# specified backend. They are supported by every type of backend. -#backend ldbm -#cachesize 1000 -#dbcachesize 100000 -#dbsync 10 12 5 - - -# -# [ DATABASE OPTIONS ] -# -# Mark the beginning of a new database instance definition. -#database ldbm - -# Specify the DN suffix of queries that will be passed to this backend -# database. Multiple suffix lines can be given and at least one is required for -# each database definition. If the suffix of one database is "inside" that of -# another, the database with the inner suffix must come first in the -# configuration file. -#suffix "dc=example,dc=com" - -# Specify the distinguished name that is not subject to access control or -# administrative limit restrictions for operations on this database. An empty -# root DN (the default) specifies no root access is to be granted. It is -# recommended that the rootdn only be specified when needed (such as when -# initially populating a database). -#rootdn "cn=admin,dc=example,dc=com" - -# Specify a password (or hash of the password) for the rootdn. This option -# accepts all RFC 2307 userPassword formats known to the server (see -# password-hash desription) as well as cleartext. -#rootpw secret - -# Controls whether slapd will automatically maintain the modifiersName, -# modifyTimestamp, creatorsName, and createTimestamp attributes for entries. -#lastmod on - -# Specifies the maximum number of aliases to dereference when trying to resolve -# an entry, used to avoid inifinite alias loops. -#maxderefdepth 1 - -# This option puts the database into "read-only" mode. Any attempts to modify -# the database will return an "unwilling to perform" error. -#readonly on - -# Specify a replication site for this database. Refer to the "OpenLDAP -# Administrator's Guide" for detailed information on setting up a replicated -# slapd directory service. -#replica uri=ldaps://ldap2.example.com/ - -# Specify the name of the replication log file to log changes to. -#replogfile /var/lib/ldap/replica/example.com.replog - -# Specify that the current backend database is a subordinate of another backend -# database. A subordinate database may have only one suffix. This option may be -# used to glue multiple databases into a single namingContext. -#subordinate - -# This option is only applicable in a slave slapd. It specifies the DN allowed -# to make changes to the replica -#updatedn "cn=slave,dc=example,dc=com" - -# Specify the referral to pass back when slapd(8) is asked to modify a -# replicated local database. If specified multiple times, each url is provided. -#updateref "uri=ldap://ldap2.example.com" - -# Specify the directory where the LDBM files containing this database and -# associated indexes live. -#directory /var/lib/ldap/bases/example.com - -# Specify the indexes to maintain for the given attribute (or list of -# attributes). Some attributes only support a subset of indexes.Specify the -# indexes to maintain for the given attribute (or list of attributes). Some -# attributes only support a subset of indexes. -#index objectClass eq -#index uid pres,eq,sub -#index cn pres,eq,sub,subany - -#access to * -# by * read - - -# -# Next database instance -# -database bdb -suffix "dc=example,dc=com" -#rootdn "cn=admin,dc=example,dc=com" -#rootpw secret -directory /var/lib/ldap/bases/example.com - -index objectClass eq -index uid pres,eq -index cn pres,eq,sub,subany -index mail pres,eq -index gosaMailDeliveryMode pres,eq,sub - -access to userPassword - by dn=".*,ou=Admins,dc=example,dc=com" write - by dn="cn=gosa,ou=Apps,dc=example,dc=com" write - by dn="cn=smbpasswd,ou=Apps,dc=example,dc=com" write - by self write - by anonymous auth - by * none - -access to * - by dn=".*,ou=Admins,dc=example,dc=com" write - by dn="cn=gosa,ou=Apps,dc=example,dc=com" write - by dn="cn=smbpasswd,ou=Apps,dc=example,dc=com" write - by * read - diff --git a/contrib/altlinux/etc/postfix/main.cf b/contrib/altlinux/etc/postfix/main.cf deleted file mode 100644 index 225bea7ff..000000000 --- a/contrib/altlinux/etc/postfix/main.cf +++ /dev/null @@ -1,596 +0,0 @@ -# Global Postfix configuration file. This file lists only a subset -# of all 300+ parameters. See the samples/xxx.cf files for a full list. -# -# The general format is lines with parameter = value pairs. Lines -# that begin with whitespace continue the previous line. A value can -# contain references to other $names or ${name}s. -# -# NOTE - CHANGE NO MORE THAN 2-3 PARAMETERS AT A TIME, AND TEST IF -# POSTFIX STILL WORKS AFTER EVERY CHANGE. - -# SOFT BOUNCE -# -# The soft_bounce parameter provides a limited safety net for -# testing. When soft_bounce is enabled, mail will remain queued that -# would otherwise bounce. This parameter disables locally-generated -# bounces, and prevents the SMTP server from rejecting mail permanently -# (by changing 5xx replies into 4xx replies). However, soft_bounce -# is no cure for address rewriting mistakes or mail routing mistakes. -# -#soft_bounce = no - -# INTERNET HOST AND DOMAIN NAMES -# -# The myhostname parameter specifies the internet hostname of this -# mail system. The default is to use the fully-qualified domain name -# from gethostname(). $myhostname is used as a default value for many -# other configuration parameters. -# -#myhostname = host.domain.tld -#myhostname = virtual.domain.tld - -# The mydomain parameter specifies the local internet domain name. -# The default is to use $myhostname minus the first component. -# $mydomain is used as a default value for many other configuration -# parameters. -# -#mydomain = domain.tld - -# SENDING MAIL -# -# The myorigin parameter specifies the domain that locally-posted -# mail appears to come from. The default is to append $myhostname, -# which is fine for small sites. If you run a domain with multiple -# machines, you should (1) change this to $mydomain and (2) set up -# a domain-wide alias database that aliases each user to -# user@that.users.mailhost. -# -# For the sake of consistency between sender and recipient addresses, -# myorigin also specifies the default domain name that is appended -# to recipient addresses that have no @domain part. -# -#myorigin = $myhostname -#myorigin = $mydomain - -# RECEIVING MAIL - -# The inet_interfaces parameter specifies the network interface -# addresses that this mail system receives mail on. By default, -# the software claims all active interfaces on the machine. The -# parameter also controls delivery of mail to user@[ip.address]. -# -# See also the proxy_interfaces parameter, for network addresses that -# are forwarded to us via a proxy or network address translator. -# -# Note: you need to stop/start Postfix when this parameter changes. -# -#inet_interfaces = all -#inet_interfaces = $myhostname -#inet_interfaces = $myhostname, localhost - -# The proxy_interfaces parameter specifies the network interface -# addresses that this mail system receives mail on by way of a -# proxy or network address translation unit. This setting extends -# the address list specified with the inet_interfaces parameter. -# -# You must specify your proxy/NAT addresses when your system is a -# backup MX host for other domains, otherwise mail delivery loops -# will happen when the primary MX host is down. -# -#proxy_interfaces = -#proxy_interfaces = 1.2.3.4 - -# The mydestination parameter specifies the list of domains that this -# machine considers itself the final destination for. -# -# These domains are routed to the delivery agent specified with the -# local_transport parameter setting. By default, that is the UNIX -# compatible delivery agent that lookups all recipients in /etc/passwd -# and /etc/aliases or their equivalent. -# -# The default is $myhostname + localhost.$mydomain. On a mail domain -# gateway, you should also include $mydomain. -# -# Do not specify the names of virtual domains - those domains are -# specified elsewhere (see samples/virtual.cf). -# -# Do not specify the names of domains that this machine is backup MX -# host for. Specify those names via the relay_domains settings for -# the SMTP server, or use permit_mx_backup if you are lazy (see -# samples/smtpd.cf). -# -# The local machine is always the final destination for mail addressed -# to user@[the.net.work.address] of an interface that the mail system -# receives mail on (see the inet_interfaces parameter). -# -# Specify a list of host or domain names, /file/name or type:table -# patterns, separated by commas and/or whitespace. A /file/name -# pattern is replaced by its contents; a type:table is matched when -# a name matches a lookup key (the right-hand side is ignored). -# Continue long lines by starting the next line with whitespace. -# -# DO NOT LIST RELAY DESTINATIONS IN MYDESTINATION. -# SPECIFY RELAY DESTINATIONS IN RELAY_DOMAINS. -# -# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS". -# -#mydestination = $myhostname, localhost.$mydomain -#mydestination = $myhostname, localhost.$mydomain $mydomain -#mydestination = $myhostname, localhost.$mydomain, $mydomain, -# mail.$mydomain, www.$mydomain, ftp.$mydomain -mydestination = localhost, $myhostname, localhost.$mydomain, $config_directory/mydestination - -# REJECTING MAIL FOR UNKNOWN LOCAL USERS -# -# The local_recipient_maps parameter specifies optional lookup tables -# with all names or addresses of users that are local with respect -# to $mydestination and $inet_interfaces. -# -# If this parameter is defined, then the SMTP server will reject -# mail for unknown local users. This parameter is defined by default. -# -# To turn off local recipient checking in the SMTP server, specify -# local_recipient_maps = (i.e. empty). -# -# The default setting assumes that you use the default Postfix local -# delivery agent for local delivery. You need to update the -# local_recipient_maps setting if: -# -# - You define $mydestination domain recipients in files other than -# /etc/passwd, /etc/postfix/aliases, or the $virtual_alias_maps files. -# For example, you define $mydestination domain recipients in -# the $virtual_mailbox_maps files. -# -# - You redefine the local delivery agent in master.cf. -# -# - You redefine the "local_transport" setting in main.cf. -# -# - You use the "luser_relay", "mailbox_transport", or "fallback_transport" -# feature of the Postfix local delivery agent (see samples/local.cf). -# -# Details are described in the LOCAL_RECIPIENT_README file. -# -# Beware: if the Postfix SMTP server runs chrooted, you probably have -# to access the passwd file via the proxymap service, in order to -# overcome chroot restrictions. The alternative, having a copy of -# the system passwd file in the chroot jail is just not practical. -# -# The right-hand side of the lookup tables is conveniently ignored. -# In the left-hand side, specify a bare username, an @domain.tld -# wild-card, or specify a user@domain.tld address. -# -#local_recipient_maps = unix:passwd.byname $alias_maps -#local_recipient_maps = proxy:unix:passwd.byname $alias_maps -#local_recipient_maps = - -# The unknown_local_recipient_reject_code specifies the SMTP server -# response code when a recipient domain matches $mydestination or -# $inet_interfaces, while $local_recipient_maps is non-empty and the -# recipient address or address local-part is not found. -# -# The default setting is 550 (reject mail) but it is safer to start -# with 450 (try again later) until you are certain that your -# local_recipient_maps settings are OK. -# -unknown_local_recipient_reject_code = 550 - -# TRUST AND RELAY CONTROL - -# The mynetworks parameter specifies the list of "trusted" SMTP -# clients that have more privileges than "strangers". -# -# In particular, "trusted" SMTP clients are allowed to relay mail -# through Postfix. See the smtpd_recipient_restrictions parameter -# in file samples/smtpd.cf. -# -# You can specify the list of "trusted" network addresses by hand -# or you can let Postfix do it for you (which is the default). -# -# By default (mynetworks_style = host), Postfix "trusts" SMTP -# clients of the local machine only. -# -# Specify "mynetworks_style = class" when Postfix should "trust" SMTP -# clients in the same IP class A/B/C networks as the local machine. -# Don't do this with a dialup site - it would cause Postfix to "trust" -# your entire provider's network. Instead, specify an explicit -# mynetworks list by hand, as described below. -# -# Specify "mynetworks_style = subnet" when Postfix should "trust" SMTP -# clients in the same IP subnetworks as the local machine. -# -#mynetworks_style = class -#mynetworks_style = subnet -#mynetworks_style = host - -# Alternatively, you can specify the mynetworks list by hand, in -# which case Postfix ignores the mynetworks_style setting. -# -# Specify an explicit list of network/netmask patterns, where the -# mask specifies the number of bits in the network part of a host -# address. -# -# You can also specify the absolute pathname of a pattern file instead -# of listing the patterns here. Specify type:table for table-based lookups -# (the value on the table right-hand side is not used). -# -#mynetworks = 168.100.189.0/28, 127.0.0.0/8 -#mynetworks = $config_directory/mynetworks -#mynetworks = hash:/etc/postfix/network_table - -# The relay_domains parameter restricts what destinations this system will -# relay mail to. See the smtpd_recipient_restrictions restriction in the -# file samples/smtpd.cf for detailed information. -# -# By default, Postfix relays mail -# - from "trusted" clients (IP address matches $mynetworks) to any destination, -# - from "untrusted" clients to destinations that match $relay_domains or -# subdomains thereof, except addresses with sender-specified routing. -# The default relay_domains value is $mydestination. -# -# In addition to the above, the Postfix SMTP server by default accepts mail -# that Postfix is final destination for: -# - destinations that match $inet_interfaces, -# - destinations that match $mydestination -# - destinations that match $virtual_alias_domains, -# - destinations that match $virtual_mailbox_domains. -# These destinations do not need to be listed in $relay_domains. -# -# Specify a list of hosts or domains, /file/name patterns or type:name -# lookup tables, separated by commas and/or whitespace. Continue -# long lines by starting the next line with whitespace. A file name -# is replaced by its contents; a type:name table is matched when a -# (parent) domain appears as lookup key. -# -# NOTE: Postfix will not automatically forward mail for domains that -# list this system as their primary or backup MX host. See the -# permit_mx_backup restriction in the file samples/smtpd.cf. -# -#relay_domains = $mydestination - -# INTERNET OR INTRANET - -# The relayhost parameter specifies the default host to send mail to -# when no entry is matched in the optional transport(5) table. When -# no relayhost is given, mail is routed directly to the destination. -# -# On an intranet, specify the organizational domain name. If your -# internal DNS uses no MX records, specify the name of the intranet -# gateway host instead. -# -# In the case of SMTP, specify a domain, host, host:port, [host]:port, -# [address] or [address]:port; the form [host] turns off MX lookups. -# -# If you're connected via UUCP, see also the default_transport parameter. -# -#relayhost = $mydomain -#relayhost = gateway.my.domain -#relayhost = uucphost -#relayhost = [an.ip.add.ress] - -# REJECTING UNKNOWN RELAY USERS -# -# The relay_recipient_maps parameter specifies optional lookup tables -# with all addresses in the domains that match $relay_domains. -# -# If this parameter is defined, then the SMTP server will reject -# mail for unknown relay users. This feature is off by default. -# -# The right-hand side of the lookup tables is conveniently ignored. -# In the left-hand side, specify an @domain.tld wild-card, or specify -# a user@domain.tld address. -# -#relay_recipient_maps = hash:/etc/postfix/relay_recipients - -# INPUT RATE CONTROL -# -# The in_flow_delay configuration parameter implements mail input -# flow control. This feature is turned on by default, although it -# still needs further development (it's disabled on SCO UNIX due -# to an SCO bug). -# -# A Postfix process will pause for $in_flow_delay seconds before -# accepting a new message, when the message arrival rate exceeds the -# message delivery rate. With the default 100 SMTP server process -# limit, this limits the mail inflow to 100 messages a second more -# than the number of messages delivered per second. -# -# Specify 0 to disable the feature. Valid delays are 0..10. -# -#in_flow_delay = 1s - -# ADDRESS REWRITING -# -# Insert text from samples/rewrite.cf if you need to do address -# masquerading. -# -# Insert text from samples/canonical.cf if you need to do address -# rewriting, or if you need username->Firstname.Lastname mapping. - -# ADDRESS REDIRECTION (VIRTUAL DOMAIN) -# -# Insert text from samples/virtual.cf if you need virtual domain support. - -# "USER HAS MOVED" BOUNCE MESSAGES -# -# Insert text from samples/relocated.cf if you need "user has moved" -# style bounce messages. Alternatively, you can bounce recipients -# with an SMTP server access table. See samples/smtpd.cf. - -# TRANSPORT MAP -# -# Insert text from samples/transport.cf if you need explicit routing. - -# ALIAS DATABASE -# -# The alias_maps parameter specifies the list of alias databases used -# by the local delivery agent. The default list is system dependent. -# -# On systems with NIS, the default is to search the local alias -# database, then the NIS alias database. See aliases(5) for syntax -# details. -# -# If you change the alias database, run "postalias /etc/postfix/aliases" (or -# wherever your system stores the mail alias file), or simply run -# "newaliases" to build the necessary DBM or DB file. -# -# It will take a minute or so before changes become visible. Use -# "postfix reload" to eliminate the delay. -# -#alias_maps = dbm:/etc/postfix/aliases -alias_maps = hash:/etc/postfix/aliases -#, hash:/var/lib/mailman/etc/aliases -#alias_maps = hash:/etc/postfix/aliases, nis:mail.aliases -#alias_maps = netinfo:/aliases - -# The alias_database parameter specifies the alias database(s) that -# are built with "newaliases" or "sendmail -bi". This is a separate -# configuration parameter, because alias_maps (see above) may specify -# tables that are not necessarily all under control by Postfix. -# -#alias_database = dbm:/etc/postfix/aliases -alias_database = hash:/etc/postfix/aliases -#alias_database = hash:/etc/postfix/aliases, hash:/opt/majordomo/aliases -#virtual_maps = hash:/var/lib/mailman/etc/virtual-mailman - -# ADDRESS EXTENSIONS (e.g., user+foo) -# -# The recipient_delimiter parameter specifies the separator between -# user names and address extensions (user+foo). See canonical(5), -# local(8), relocated(5) and virtual(5) for the effects this has on -# aliases, canonical, virtual, relocated and .forward file lookups. -# Basically, the software tries user+foo and .forward+foo before -# trying user and .forward. -# -#recipient_delimiter = + - -# DELIVERY TO MAILBOX -# -# The home_mailbox parameter specifies the optional pathname of a -# mailbox file relative to a user's home directory. The default -# mailbox file is /var/spool/mail/user or /var/mail/user. Specify -# "Maildir/" for qmail-style delivery (the / is required). -# -#home_mailbox = Mailbox -#home_mailbox = Maildir/ - -# The mail_spool_directory parameter specifies the directory where -# UNIX-style mailboxes are kept. The default setting depends on the -# system type. -# -#mail_spool_directory = /var/mail -#mail_spool_directory = /var/spool/mail - -# The mailbox_command parameter specifies the optional external -# command to use instead of mailbox delivery. The command is run as -# the recipient with proper HOME, SHELL and LOGNAME environment settings. -# Exception: delivery for root is done as $default_user. -# -# Other environment variables of interest: USER (recipient username), -# EXTENSION (address extension), DOMAIN (domain part of address), -# and LOCAL (the address localpart). -# -# Unlike other Postfix configuration parameters, the mailbox_command -# parameter is not subjected to $parameter substitutions. This is to -# make it easier to specify shell syntax (see example below). -# -# Avoid shell meta characters because they will force Postfix to run -# an expensive shell process. Procmail alone is expensive enough. -# -# IF YOU USE THIS TO DELIVER MAIL SYSTEM-WIDE, YOU MUST SET UP AN -# ALIAS THAT FORWARDS MAIL FOR ROOT TO A REAL USER. -# -#mailbox_command = /usr/bin/procmail -a "$EXTENSION" -mailbox_command = /usr/bin/procmail -a $DOMAIN -d $LOGNAME - -# The mailbox_transport specifies the optional transport in master.cf -# to use after processing aliases and .forward files. This parameter -# has precedence over the mailbox_command, fallback_transport and -# luser_relay parameters. -# -# Specify a string of the form transport:nexthop, where transport is -# the name of a mail delivery transport defined in master.cf. The -# :nexthop part is optional. For more details see the sample transport -# configuration file. -# -# NOTE: if you use this feature for accounts not in the UNIX password -# file, then you must update the "local_recipient_maps" setting in -# the main.cf file, otherwise the SMTP server will reject mail for -# non-UNIX accounts with "User unknown in local recipient table". -# -mailbox_transport = lmtp:unix:/public/lmtp -#mailbox_transport = cyrus - -# The fallback_transport specifies the optional transport in master.cf -# to use for recipients that are not found in the UNIX passwd database. -# This parameter has precedence over the luser_relay parameter. -# -# Specify a string of the form transport:nexthop, where transport is -# the name of a mail delivery transport defined in master.cf. The -# :nexthop part is optional. For more details see the sample transport -# configuration file. -# -# NOTE: if you use this feature for accounts not in the UNIX password -# file, then you must update the "local_recipient_maps" setting in -# the main.cf file, otherwise the SMTP server will reject mail for -# non-UNIX accounts with "User unknown in local recipient table". -# -#fallback_transport = lmtp:unix:/private/lmtp -fallback_transport = cyrus -#fallback_transport = - -# The luser_relay parameter specifies an optional destination address -# for unknown recipients. By default, mail for unknown@$mydestination -# and unknown@[$inet_interfaces] is returned as undeliverable. -# -# The following expansions are done on luser_relay: $user (recipient -# username), $shell (recipient shell), $home (recipient home directory), -# $recipient (full recipient address), $extension (recipient address -# extension), $domain (recipient domain), $local (entire recipient -# localpart), $recipient_delimiter. Specify ${name?value} or -# ${name:value} to expand value only when $name does (does not) exist. -# -# luser_relay works only for the default Postfix local delivery agent. -# -# NOTE: if you use this feature for accounts not in the UNIX password -# file, then you must specify "local_recipient_maps =" (i.e. empty) in -# the main.cf file, otherwise the SMTP server will reject mail for -# non-UNIX accounts with "User unknown in local recipient table". -# -#luser_relay = $user@other.host -#luser_relay = $local@other.host -#luser_relay = admin+$local - -# JUNK MAIL CONTROLS -# -# The controls listed here are only a very small subset. See the file -# samples/smtpd.cf for an elaborate list of anti-UCE controls. - -# The header_checks parameter specifies an optional table with patterns -# that each logical message header is matched against, including -# headers that span multiple physical lines. -# -# By default, these patterns also apply to MIME headers and to the -# headers of attached messages. With older Postfix versions, MIME and -# attached message headers were treated as body text. -# -# For details, see the samples/filter.cf file. -# -#header_checks = regexp:/etc/postfix/header_checks - -# FAST ETRN SERVICE -# -# Postfix maintains per-destination logfiles with information about -# deferred mail, so that mail can be flushed quickly with the SMTP -# "ETRN domain.tld" command, or by executing "sendmail -qRdomain.tld". -# -# By default, Postfix maintains deferred mail logfile information -# only for destinations that Postfix is willing to relay to (as -# specified in the relay_domains parameter). For other destinations, -# Postfix attempts to deliver ALL queued mail after receiving the -# SMTP "ETRN domain.tld" command, or after execution of "sendmail -# -qRdomain.tld". This can be slow when a lot of mail is queued. -# -# The fast_flush_domains parameter controls what destinations are -# eligible for this "fast ETRN/sendmail -qR" service. -# -#fast_flush_domains = $relay_domains -#fast_flush_domains = - -# SHOW SOFTWARE VERSION OR NOT -# -# The smtpd_banner parameter specifies the text that follows the 220 -# code in the SMTP server's greeting banner. Some people like to see -# the mail version advertised. By default, Postfix shows no version. -# -# You MUST specify $myhostname at the start of the text. That is an -# RFC requirement. Postfix itself does not care. -# -#smtpd_banner = $myhostname ESMTP $mail_name -#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) - -# The smtpd_etrn_restrictions parameter restricts what clients are -# allowed to issue the ETRN command. -# -# The Postfix ETRN command accepts only destinations that are eligible -# for the Postfix "fast flush" service. See the samples/flush.cf file -# for details. -# -# The default is to allow ETRN from any host. The following restrictions -# are available: -# -# reject_unknown_client: reject the request if the client hostname is unknown. -# permit_mynetworks: permit if the client address matches $mynetworks. -# check_client_access maptype:mapname -# look up client name, parent domains, client address, -# or networks obtained by stripping octets. -# see access(5) for possible lookup results. -# reject_rbl_client domain.tld: reject if the reverse client network -# address is listed in an A record under domain.tld. -# reject_rhsbl_client domain.tld: reject if the client hostname is listed -# in an A record under domain.tld. -# reject: reject the request. Place this at the end of a restriction. -# permit: permit the request. Place this at the end of a restriction. -# warn_if_reject: next restriction logs a warning instead of rejecting. -# -# You may also list any helo or client restrictions here (see below). -# -smtpd_etrn_restrictions = permit_mynetworks, reject - -# The smtpd_helo_required parameter optionally turns on the requirement -# that SMTP clients must introduce themselves at the beginning of an -# SMTP session. -# -smtpd_helo_required = yes - -# PARALLEL DELIVERY TO THE SAME DESTINATION -# -# How many parallel deliveries to the same user or domain? With local -# delivery, it does not make sense to do massively parallel delivery -# to the same user, because mailbox updates must happen sequentially, -# and expensive pipelines in .forward files can cause disasters when -# too many are run at the same time. With SMTP deliveries, 10 -# simultaneous connections to the same domain could be sufficient to -# raise eyebrows. -# -# Each message delivery transport has its XXX_destination_concurrency_limit -# parameter. The default is $default_destination_concurrency_limit for -# most delivery transports. For the local delivery agent the default is 2. - -#local_destination_concurrency_limit = 2 -#default_destination_concurrency_limit = 20 - -# INSTALL-TIME CONFIGURATION INFORMATION -readme_directory = /etc/postfix/README_FILES -sample_directory = /etc/postfix/samples -sendmail_path = /usr/sbin/sendmail -setgid_group = postdrop -command_directory = /usr/sbin -manpage_directory = /usr/share/man -daemon_directory = /usr/lib/postfix -newaliases_path = /usr/bin/newaliases -mailq_path = /usr/bin/mailq -queue_directory = /var/spool/postfix -mail_owner = postfix - -# SASL authenticated SMTPD -#smtpd_sasl_auth_enable = yes -#broken_sasl_auth_clients = yes -#smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_relay_domains -#smtpd_etrn_restrictions = permit_mynetworks, reject - -# Virtual users -virtual_maps = hash:/etc/postfix/virtual -virtual_alias_maps = ldap:vlocal, ldap:vforward - -# Delivery for Local, Local/Forward and Alias -vlocal_server_host = localhost -vlocal_search_base = dc=example,dc=com -vlocal_query_filter = (&(objectClass=gosaMailAccount)(gosaMailDeliveryMode=[*L*])(|(mail=%s)(gosaMailAlternateAddress=%s))) -vlocal_result_attribute = uid,gosaMailForwardingAddress,memberUid - -# Delivery when Forward only -vforward_server_host = localhost -vforward_search_base = dc=example,dc=com -vforward_query_filter = (&(objectClass=gosaMailAccount)(!(gosaMailDeliveryMode=[*L*]))(|(mail=%s)(gosaMailAlternateAddress=%s))) -vforward_result_attribute = gosaMailForwardingAddress - diff --git a/contrib/altlinux/etc/samba/smb.conf b/contrib/altlinux/etc/samba/smb.conf deleted file mode 100644 index 6910adb61..000000000 --- a/contrib/altlinux/etc/samba/smb.conf +++ /dev/null @@ -1,73 +0,0 @@ -#======================= Global Settings ===================================== -[global] - ldap server = localhost - ldap port = 389 - ldap suffix = dc=example,dc=com - ldap admin dn = cn=smbpasswd,ou=Apps,dc=example,dc=com - - ldap user suffix = ou=People - ldap group suffix = ou=Groups - ldap machine suffix = ou=Computers - ldap passwd sync = Yes - - workgroup = EXAMPLE - netbios name = PDC - server string = Samba server on %h (v. %v) - #realm = PDC.EXAMPLE.TLD - announce version = 4.8 - time server = Yes - - log file = /var/log/samba/log.%m - max log size = 50 - - security = user - hosts allow = 192.168.1. 127. - encrypt passwords = yes - null passwords = No - min passwd length = 6 - smb passwd file = /etc/samba/smbpasswd - socket options = TCP_NODELAY - os level = 254 - nt acl support = No - passdb backend = ldapsam:ldap://localhost - - domain master = yes - preferred master = yes - domain logons = yes - dns proxy = no - - #dos charset = CP866 - #unix charset = KOI8-R - #display charset = KOI8-R - use sendfile = yes - preserve case = Yes - short preserve case = Yes - case sensitive = Yes - hide dot files = Yes - -#============================ Share Definitions ============================== -[homes] - comment = Home Directory for '%u' - browseable = no - writable = yes - -# Un-comment the following and create the netlogon directory for Domain Logons -[netlogon] - comment = Network Logon Service - path = /var/lib/samba/netlogon - guest ok = yes - browsable = no - writable = no - -#Uncomment the following 2 lines if you would like your login scripts to -#be created dynamically by ntlogon (check that you have it in the correct -#location (the default of the ntlogon rpm available in contribs) -;root preexec = /usr/bin/ntlogon -u %U -g %G -o %a -d /var/lib/samba/netlogon -;root postexec = rm -f /var/lib/samba/netlogon/%U.bat - -# Un-comment the following to provide a specific roving profile share -# the default is to use the user's home directory -;[Profiles] -; path = /var/lib/samba/profiles -; browseable = no -; guest ok = yes diff --git a/contrib/altlinux/etc/sasl2/imapd.conf b/contrib/altlinux/etc/sasl2/imapd.conf deleted file mode 100644 index 993c2b0bd..000000000 --- a/contrib/altlinux/etc/sasl2/imapd.conf +++ /dev/null @@ -1,2 +0,0 @@ -pwcheck_method: saslauthd -mech_list: login plain diff --git a/contrib/altlinux/etc/sasl2/saslauthd.conf b/contrib/altlinux/etc/sasl2/saslauthd.conf deleted file mode 100644 index f7139036e..000000000 --- a/contrib/altlinux/etc/sasl2/saslauthd.conf +++ /dev/null @@ -1,74 +0,0 @@ -ldap_servers: ldap://localhost/ -ldap_bind_dn: cn=saslauthd,ou=Apps,dc=example,dc=com -ldap_bind_pw: saslauthd -ldap_version: 3 -# <2|3> -# Specify the LDAP protocol version to use. - -ldap_timeout: 5 -# Specify a number of seconds a search can take before timing out. - -ldap_time_limit: 5 -# Specify a number of seconds for a search request to complete. - -#ldap_deref: -# Specify how aliases dereferencing is handled during a search. - -#ldap_referrals: -# Specify whether or not the client should follow referrals. - -#ldap_restart: -# Specify whether or not LDAP I/O operations are automatically restarted -# if they abort prematurely. - -#ldap_cache_ttl: <0> -# Non zero enables client side caching. Cached results will expire after -# specified number seconds, e.g. 30. Use this option with care. -# OpenLDAP folks consider this feature experimental. - -#ldap_cache_mem: <0> -# If client side caching is enabled, the value specifies the cache size -# in bytes, e.g. 32768. - -#ldap_scope: -# Search scope. - -ldap_search_base: dc=iph,dc=ras,dc=ru -# Specify a starting point for the search. e.g. dc=foo,dc=com - -#ldap_auth_method: -# Specify an authentication method. The default 'bind' method uses the -# LDAP simple bind facility to verify the password. The custom method -# uses userPassword attribute to verify the password. Currently, {CRYPT} -# hash is supported. - -ldap_filter: (|(uid=%u)(cn=%u)) -# Specify a filter. Use the %u and %r tokens for the username and realm -# substitution. The %u token has to be used at minimum for the filter to -# be useful. If ldap_auth_method is 'bind', the filter will search for -# the DN (distinguished name) attribute. Otherwise, the search will look -# for the userPassword attribute. - -#ldap_debug: <0> -# Specify a debugging level in the OpenLDAP libraries. See -# ldap_set_option(3) for more (LDAP_OPT_DEBUG_LEVEL). -# -#ldap_tls_check_peer: -# Require and verify server certificate. If this option is yes, -# you must specify ldap_tls_cacert_file or ldap_tls_cacert_dir. - -#ldap_tls_cacert_file: -# File containing CA (Certificate Authority) certificate(s). - -#ldap_tls_cacert_dir: -# Path to directory with CA (Certificate Authority) certificates. - -#ldap_tls_ciphers: -# List of SSL/TLS ciphers to allow. The format of the string is -# described in ciphers(1). - -#ldap_tls_cert: -# File containing the client certificate. - -#ldap_tls_key: -# File containing the private client key. diff --git a/contrib/altlinux/etc/services b/contrib/altlinux/etc/services deleted file mode 100644 index 9251a4881..000000000 --- a/contrib/altlinux/etc/services +++ /dev/null @@ -1,557 +0,0 @@ -# /etc/services: -# $Id: services,v 1.1 2004/12/08 07:22:10 migor-guest Exp $ -# -# Network services, Internet style -# -# Note that it is presently the policy of IANA to assign a single well-known -# port number for both TCP and UDP; hence, most entries here have two entries -# even if the protocol doesn't support UDP operations. -# Updated from RFC 1700, ``Assigned Numbers'' (October 1994). Not all ports -# are included, only the more common ones. -# -# The latest IANA port assignments can be gotten from -# http://www.iana.org/assignments/port-numbers -# The Well Known Ports are those from 0 through 1023. -# The Registered Ports are those from 1024 through 49151 -# The Dynamic and/or Private Ports are those from 49152 through 65535 -# -# Each line describes one service, and is of the form: -# -# service-name port/protocol [aliases ...] [# comment] - -tcpmux 1/tcp # TCP port service multiplexer -tcpmux 1/udp # TCP port service multiplexer -rje 5/tcp # Remote Job Entry -rje 5/udp # Remote Job Entry -echo 7/tcp -echo 7/udp -discard 9/tcp sink null -discard 9/udp sink null -systat 11/tcp users # Active Users -systat 11/udp users # Active Users -daytime 13/tcp -daytime 13/udp -qotd 17/tcp quote # Quote of the Day -qotd 17/udp quote # Quote of the Day -msp 18/tcp # Message Send Protocol -msp 18/udp # Message Send Protocol -chargen 19/tcp ttytst source # Character Generator -chargen 19/udp ttytst source # Character Generator -ftp-data 20/tcp # File Transfer [Default Data] -ftp-data 20/udp # File Transfer [Default Data] -# 21 is registered to ftp, but also used by fsp -ftp 21/tcp # File Transfer [Control] -ftp 21/udp fsp fspd # File Transfer [Control] -ssh 22/tcp # SSH Remote Login Protocol -ssh 22/udp # SSH Remote Login Protocol -telnet 23/tcp -telnet 23/udp -# 24 - private mail system -smtp 25/tcp mail # Simple Mail Transfer Protocol -smtp 25/udp mail # Simple Mail Transfer Protocol -time 37/tcp timserver -time 37/udp timserver -rlp 39/tcp resource # Resource Location Protocol -rlp 39/udp resource # Resource Location Protocol -nameserver 42/tcp name # Host Name Server -nameserver 42/udp name # Host Name Server -nicname 43/tcp whois -nicname 43/udp whois -tacacs 49/tcp # Login Host Protocol (TACACS) -tacacs 49/udp # Login Host Protocol (TACACS) -re-mail-ck 50/tcp # Remote Mail Checking Protocol -re-mail-ck 50/udp # Remote Mail Checking Protocol -domain 53/tcp # Domain Name Server -domain 53/udp # Domain Name Server -whois++ 63/tcp -whois++ 63/udp -bootps 67/tcp # BOOTP server -bootps 67/udp -bootpc 68/tcp # BOOTP client -bootpc 68/udp -tftp 69/tcp # Trivial File Transfer -tftp 69/udp # Trivial File Transfer -gopher 70/tcp # Internet Gopher -gopher 70/udp -netrjs-1 71/tcp # Remote Job Service -netrjs-1 71/udp # Remote Job Service -netrjs-2 72/tcp # Remote Job Service -netrjs-2 72/udp # Remote Job Service -netrjs-3 73/tcp # Remote Job Service -netrjs-3 73/udp # Remote Job Service -netrjs-4 74/tcp # Remote Job Service -netrjs-4 74/udp # Remote Job Service -finger 79/tcp -finger 79/udp -http 80/tcp www www-http # World Wide Web HTTP -http 80/udp www www-http # HyperText Transfer Protocol -kerberos 88/tcp kerberos5 krb5 # Kerberos v5 -kerberos 88/udp kerberos5 krb5 # Kerberos v5 -supdup 95/tcp -supdup 95/udp -hostname 101/tcp hostnames # usually from sri-nic -hostname 101/udp hostnames # usually from sri-nic -iso-tsap 102/tcp tsap # part of ISODE. -csnet-ns 105/tcp cso # also used by CSO name server -csnet-ns 105/udp cso -# unfortunately the poppassd (Eudora) uses a port which has already -# been assigned to a different service. We list the poppassd as an -# alias here. This should work for programs asking for this service. -# (due to a bug in inetd the 3com-tsmux line is disabled) -#3com-tsmux 106/tcp poppassd -#3com-tsmux 106/udp poppassd -rtelnet 107/tcp # Remote Telnet -rtelnet 107/udp -pop2 109/tcp pop-2 postoffice # POP version 2 -pop2 109/udp pop-2 -pop3 110/tcp pop-3 # POP version 3 -pop3 110/udp pop-3 -sunrpc 111/tcp portmapper # RPC 4.0 portmapper TCP -sunrpc 111/udp portmapper # RPC 4.0 portmapper UDP -auth 113/tcp authentication tap ident -auth 113/udp authentication tap ident -sftp 115/tcp -sftp 115/udp -uucp-path 117/tcp -uucp-path 117/udp -nntp 119/tcp readnews untp # USENET News Transfer Protocol -nntp 119/udp readnews untp # USENET News Transfer Protocol -ntp 123/tcp -ntp 123/udp # Network Time Protocol -pwdgen 129/tcp # Password Generator Protocol -pwdgen 129/udp # Password Generator Protocol -netbios-ns 137/tcp # NETBIOS Name Service -netbios-ns 137/udp -netbios-dgm 138/tcp # NETBIOS Datagram Service -netbios-dgm 138/udp -netbios-ssn 139/tcp # NETBIOS session service -netbios-ssn 139/udp -imap 143/tcp imap2 # Interim Mail Access Proto v2 -imap 143/udp imap2 -snmp 161/tcp # Simple Net Mgmt Proto -snmp 161/udp # Simple Net Mgmt Proto -snmptrap 162/udp snmp-trap # Traps for SNMP -cmip-man 163/tcp # ISO mgmt over IP (CMOT) -cmip-man 163/udp -cmip-agent 164/tcp -cmip-agent 164/udp -mailq 174/tcp # MAILQ -mailq 174/udp # MAILQ -xdmcp 177/tcp # X Display Mgr. Control Proto -xdmcp 177/udp -nextstep 178/tcp NeXTStep NextStep # NeXTStep window -nextstep 178/udp NeXTStep NextStep # server -bgp 179/tcp # Border Gateway Proto. -bgp 179/udp -prospero 191/tcp # Cliff Neuman's Prospero -prospero 191/udp -irc 194/tcp # Internet Relay Chat -irc 194/udp -smux 199/tcp # SNMP Unix Multiplexer -smux 199/udp -at-rtmp 201/tcp # AppleTalk routing -at-rtmp 201/udp -at-nbp 202/tcp # AppleTalk name binding -at-nbp 202/udp -at-echo 204/tcp # AppleTalk echo -at-echo 204/udp -at-zis 206/tcp # AppleTalk zone information -at-zis 206/udp -qmtp 209/tcp # Quick Mail Transfer Protocol -qmtp 209/udp # Quick Mail Transfer Protocol -z39.50 210/tcp z3950 wais # NISO Z39.50 database -z39.50 210/udp z3950 wais -ipx 213/tcp # IPX -ipx 213/udp -imap3 220/tcp # Interactive Mail Access -imap3 220/udp # Protocol v3 -link 245/tcp ttylink -link 245/ucp ttylink -fatserv 347/tcp # Fatmen Server -fatserv 347/udp # Fatmen Server -rsvp_tunnel 363/tcp -rsvp_tunnel 363/udp -rpc2portmap 369/tcp -rpc2portmap 369/udp # Coda portmapper -codaauth2 370/tcp -codaauth2 370/udp # Coda authentication server -ulistproc 372/tcp ulistserv # UNIX Listserv -ulistproc 372/udp ulistserv -ldap 389/tcp -ldap 389/udp -svrloc 427/tcp # Server Location Protocl -svrloc 427/udp # Server Location Protocl -mobileip-agent 434/tcp -mobileip-agent 434/udp -mobilip-mn 435/tcp -mobilip-mn 435/udp -https 443/tcp # MCom -https 443/udp # MCom -snpp 444/tcp # Simple Network Paging Protocol -snpp 444/udp # Simple Network Paging Protocol -microsoft-ds 445/tcp -microsoft-ds 445/udp -kpasswd 464/tcp kpwd # Kerberos "passwd" -kpasswd 464/udp kpwd # Kerberos "passwd" -photuris 468/tcp -photuris 468/udp -saft 487/tcp # Simple Asynchronous File Transfer -saft 487/udp # Simple Asynchronous File Transfer -gss-http 488/tcp -gss-http 488/udp -pim-rp-disc 496/tcp -pim-rp-disc 496/udp -isakmp 500/tcp -isakmp 500/udp -gdomap 538/tcp # GNUstep distributed objects -gdomap 538/udp # GNUstep distributed objects -iiop 535/tcp -iiop 535/udp -dhcpv6-client 546/tcp -dhcpv6-client 546/udp -dhcpv6-server 547/tcp -dhcpv6-server 547/udp -rtsp 554/tcp # Real Time Stream Control Protocol -rtsp 554/udp # Real Time Stream Control Protocol -nntps 563/tcp # NNTP over SSL -nntps 563/udp # NNTP over SSL -whoami 565/tcp -whoami 565/udp -submission 587/tcp msa # mail message submission -submission 587/udp msa # mail message submission -npmp-local 610/tcp dqs313_qmaster # npmp-local / DQS -npmp-local 610/udp dqs313_qmaster # npmp-local / DQS -npmp-gui 611/tcp dqs313_execd # npmp-gui / DQS -npmp-gui 611/udp dqs313_execd # npmp-gui / DQS -hmmp-ind 612/tcp dqs313_intercell # HMMP Indication / DQS -hmmp-ind 612/udp dqs313_intercell # HMMP Indication / DQS -ipp 631/tcp # Internet Printing Protocol -ipp 631/ucp # Internet Printing Protocol -ldaps 636/tcp # LDAP over SSL -ldaps 636/udp # LDAP over SSL -acap 674/tcp -acap 674/udp -ha-cluster 694/tcp # Heartbeat HA-cluster -ha-cluster 694/udp # Heartbeat HA-cluster -kerberos-adm 749/tcp # Kerberos `kadmin' (v5) -kerberos-iv 750/udp kerberos4 kerberos-sec kdc -kerberos-iv 750/tcp kerberos4 kerberos-sec kdc -webster 765/tcp # Network dictionary -webster 765/udp -phonebook 767/tcp # Network phonebook -phonebook 767/udp -rsync 873/tcp # rsync -rsync 873/udp # rsync -telnets 992/tcp -telnets 992/udp -imaps 993/tcp # IMAP over SSL -imaps 993/udp # IMAP over SSL -ircs 994/tcp -ircs 994/udp -pop3s 995/tcp # POP-3 over SSL -pop3s 995/udp # POP-3 over SSL - -# -# UNIX specific services -# -exec 512/tcp -biff 512/udp comsat -login 513/tcp -who 513/udp whod -shell 514/tcp cmd # no passwords used -syslog 514/udp -printer 515/tcp spooler # line printer spooler -printer 515/udp spooler # line printer spooler -talk 517/udp -ntalk 518/udp -utime 519/tcp unixtime -utime 519/udp unixtime -efs 520/tcp -router 520/udp route routed # RIP -ripng 521/tcp -ripng 521/udp -timed 525/tcp timeserver -timed 525/udp timeserver -tempo 526/tcp newdate -courier 530/tcp rpc -conference 531/tcp chat -netnews 532/tcp -netwall 533/udp # -for emergency broadcasts -uucp 540/tcp uucpd # uucp daemon -klogin 543/tcp # Kerberized `rlogin' (v5) -kshell 544/tcp krcmd # Kerberized `rsh' (v5) -afpovertcp 548/tcp # AFP over TCP -afpovertcp 548/udp # AFP over TCP -remotefs 556/tcp rfs_server rfs # Brunhoff remote filesystem - -# -# From ``PORT NUMBERS'': -# -#>REGISTERED PORT NUMBERS -#> -#>The Registered Ports are listed by the IANA and on most systems can be -#>used by ordinary user processes or programs executed by ordinary -#>users. -#> -#>Ports are used in the TCP [RFC793] to name the ends of logical -#>connections which carry long term conversations. For the purpose of -#>providing services to unknown callers, a service contact port is -#>defined. This list specifies the port used by the server process as -#>its contact port. -#> -#>The IANA registers uses of these ports as a convienence to the -#>community. -# -socks 1080/tcp # socks proxy server -socks 1080/udp # socks proxy server -h323hostcallsc 1300/tcp # H323 Host Call Secure -h323hostcallsc 1300/udp # H323 Host Call Secure -ms-sql-s 1433/tcp # Microsoft-SQL-Server -ms-sql-s 1433/udp # Microsoft-SQL-Server -ms-sql-m 1434/tcp # Microsoft-SQL-Monitor -ms-sql-m 1434/udp # Microsoft-SQL-Monitor -ica 1494/tcp # Citrix ICA Client -ica 1494/udp # Citrix ICA Client -wins 1512/tcp # Microsoft's Windows Internet Name Service -wins 1512/udp # Microsoft's Windows Internet Name Service -ingreslock 1524/tcp -ingreslock 1524/udp -prospero-np 1525/tcp # Prospero non-privileged -prospero-np 1525/udp -datametrics 1645/tcp old-radius # datametrics / old radius entry -datametrics 1645/udp old-radius # datametrics / old radius entry -sa-msg-port 1646/tcp old-radacct # sa-msg-port / old radacct entry -sa-msg-port 1646/udp old-radacct # sa-msg-port / old radacct entry -kermit 1649/tcp -kermit 1649/udp -l2tp 1701/tcp l2f -l2tp 1701/udp l2f -h323gatedisc 1718/tcp -h323gatedisc 1718/udp -h323gatestat 1719/tcp -h323gatestat 1719/udp -h323hostcall 1720/tcp -h323hostcall 1720/udp -tftp-mcast 1758/tcp -tftp-mcast 1758/udp -hello 1789/tcp -hello 1789/udp -radius 1812/tcp # Radius -radius 1812/udp # Radius -radius-acct 1813/tcp radacct # Radius Accounting -radius-acct 1813/udp radacct # Radius Accounting -mtp 1911/tcp # -mtp 1911/udp # -hsrp 1985/tcp # Cisco Hot Standby Router Protocol -hsrp 1985/udp # Cisco Hot Standby Router Protocol -licensedaemon 1986/tcp -licensedaemon 1986/udp -gdp-port 1997/tcp # Cisco Gateway Discovery Protocol -gdp-port 1997/udp # Cisco Gateway Discovery Protocol -nfs 2049/tcp nfsd -nfs 2049/udp nfsd -zephyr-srv 2102/tcp # Zephyr server -zephyr-srv 2102/udp # Zephyr server -zephyr-clt 2103/tcp # Zephyr serv-hm connection -zephyr-clt 2103/udp # Zephyr serv-hm connection -zephyr-hm 2104/tcp # Zephyr hostmanager -zephyr-hm 2104/udp # Zephyr hostmanager -cvspserver 2401/tcp # CVS client/server operations -cvspserver 2401/udp # CVS client/server operations -venus 2430/tcp # codacon port -venus 2430/udp # Venus callback/wbc interface -venus-se 2431/tcp # tcp side effects -venus-se 2431/udp # udp sftp side effect -codasrv 2432/tcp # not used -codasrv 2432/udp # server port -codasrv-se 2433/tcp # tcp side effects -codasrv-se 2433/udp # udp sftp side effectQ - -# Ports numbered 2600 through 2606 are used by the zebra package. The primary -# names are the registered names, and the zebra names are listed as aliases. -hpstgmgr 2600/tcp zebrasrv # HPSTGMGR -hpstgmgr 2600/udp # HPSTGMGR -discp-client 2601/tcp zebra # discp client -discp-client 2601/udp # discp client -discp-server 2602/tcp ripd # discp server -discp-server 2602/udp # discp server -servicemeter 2603/tcp ripngd # Service Meter -servicemeter 2603/udp # Service Meter -nsc-ccs 2604/tcp ospfd # NSC CCS -nsc-ccs 2604/udp # NSC CCS -nsc-posa 2605/tcp bgpd # NSC POSA -nsc-posa 2605/udp # NSC POSA -netmon 2606/tcp ospf6d # Dell Netmon -netmon 2606/udp # Dell Netmon - -corbaloc 2809/tcp # CORBA naming service locator -icpv2 3130/tcp # Internet Cache Protocol V2 (Squid) -icpv2 3130/udp # Internet Cache Protocol V2 (Squid) -mysql 3306/tcp # MySQL -mysql 3306/udp # MySQL -trnsprntproxy 3346/tcp # Trnsprnt Proxy -trnsprntproxy 3346/udp # Trnsprnt Proxy -rwhois 4321/tcp # Remote Who Is -rwhois 4321/udp # Remote Who Is -krb524 4444/tcp # Kerberos 5 to 4 ticket xlator -krb524 4444/udp # Kerberos 5 to 4 ticket xlator -rfe 5002/tcp # Radio Free Ethernet -rfe 5002/udp # Actually uses UDP only -jabber-client 5222/tcp # Jabber Client Connection -jabber-client 5222/udp # Jabber Client Connection -jabber-server 5269/tcp # Jabber Server Connection -jabber-server 5269/udp # Jabber Server Connection -cfengine 5308/tcp # CFengine -cfengine 5308/udp # CFengine -cvsup 5999/tcp CVSup # CVSup file transfer/John Polstra/FreeBSD -cvsup 5999/udp CVSup # CVSup file transfer/John Polstra/FreeBSD -x11 6000/tcp X # the X Window System -afs3-fileserver 7000/tcp # file server itself -afs3-fileserver 7000/udp # file server itself -afs3-callback 7001/tcp # callbacks to cache managers -afs3-callback 7001/udp # callbacks to cache managers -afs3-prserver 7002/tcp # users & groups database -afs3-prserver 7002/udp # users & groups database -afs3-vlserver 7003/tcp # volume location database -afs3-vlserver 7003/udp # volume location database -afs3-kaserver 7004/tcp # AFS/Kerberos authentication service -afs3-kaserver 7004/udp # AFS/Kerberos authentication service -afs3-volser 7005/tcp # volume managment server -afs3-volser 7005/udp # volume managment server -afs3-errors 7006/tcp # error interpretation service -afs3-errors 7006/udp # error interpretation service -afs3-bos 7007/tcp # basic overseer process -afs3-bos 7007/udp # basic overseer process -afs3-update 7008/tcp # server-to-server updater -afs3-update 7008/udp # server-to-server updater -afs3-rmtsys 7009/tcp # remote cache manager service -afs3-rmtsys 7009/udp # remote cache manager service -sd 9876/tcp # Session Director -sd 9876/udp # Session Director -amanda 10080/tcp # amanda backup services -amanda 10080/udp # amanda backup services -pgpkeyserver 11371/tcp # PGP/GPG public keyserver -pgpkeyserver 11371/udp # PGP/GPG public keyserver -h323callsigalt 11720/tcp # H323 Call Signal Alternate -h323callsigalt 11720/udp # H323 Call Signal Alternate - -# This port is registered as wnn6, but also used under the name "wnn4" by the -# FreeWnn package. -wnn6 22273/tcp wnn4 -wnn6 22273/ucp wnn4 - -quake 26000/tcp -quake 26000/udp -wnn6-ds 26208/tcp -wnn6-ds 26208/udp -traceroute 33434/tcp -traceroute 33434/udp - -# -# Datagram Delivery Protocol services -# -rtmp 1/ddp # Routing Table Maintenance Protocol -nbp 2/ddp # Name Binding Protocol -echo 4/ddp # AppleTalk Echo Protocol -zip 6/ddp # Zone Information Protocol - -# -# Kerberos (Project Athena/MIT) services -# Note that these are for Kerberos v4, and are unofficial. Sites running -# v4 should uncomment these and comment out the v5 entries above. -# -kerberos_master 751/udp # Kerberos authentication -kerberos_master 751/tcp # Kerberos authentication -passwd_server 752/udp # Kerberos passwd server -krbupdate 760/tcp kreg # Kerberos registration -kpop 1109/tcp # Pop with Kerberos -knetd 2053/tcp # Kerberos de-multiplexor - -# -# Kerberos 5 services, also not registered with IANA -# -krb5_prop 754/tcp # Kerberos slave propagation -eklogin 2105/tcp # Kerberos encrypted rlogin - -# -# Unregistered but necessary (for NetBSD) services -# -supfilesrv 871/tcp # SUP server -supfiledbg 1127/tcp # SUP debugging - -# -# Unregistered but useful/necessary other services -# -netstat 15/tcp # (was once asssigned, no more) -linuxconf 98/tcp # Linuxconf HTML access -poppassd 106/tcp # Eudora -poppassd 106/udp # Eudora -smtps 465/tcp # SMTP over SSL (TLS) -gii 616/tcp # gated interactive interface -omirr 808/tcp omirrd # online mirror -omirr 808/udp omirrd # online mirror -swat 901/tcp # Samba Web Administration Tool -rndc 953/tcp # rndc control sockets (BIND 9) -rndc 953/udp # rndc control sockets (BIND 9) -skkserv 1178/tcp # SKK Japanese input method -rmtcfg 1236/tcp # Gracilis Packeten remote config server -xtel 1313/tcp # french minitel -lotusnote 1352/tcp lotusnotes # Lotus notes -lotusnote 1352/udp lotusnotes # Lotus notes -support 1529/tcp prmsd gnatsd # GNATS, cygnus bug tracker -cfinger 2003/tcp # GNU Finger -ninstall 2150/tcp # ninstall service -ninstall 2150/udp # ninstall service -afbackup 2988/tcp # Afbackup system -afbackup 2988/udp # Afbackup system -squid 3128/tcp # squid web proxy -prsvp 3455/tcp # RSVP Port -prsvp 3455/udp # RSVP Port -postgres 5432/tcp # POSTGRES -postgres 5432/udp # POSTGRES -fax 4557/tcp # FAX transmission service (old) -hylafax 4559/tcp # HylaFAX client-server protocol (new) -sgi-dgl 5232/tcp # SGI Distributed Graphics -sgi-dgl 5232/udp -noclog 5354/tcp # noclogd with TCP (nocol) -noclog 5354/udp # noclogd with UDP (nocol) -hostmon 5355/tcp # hostmon uses TCP (nocol) -hostmon 5355/udp # hostmon uses TCP (nocol) -canna 5680/tcp -x11-ssh-offset 6010/tcp # SSH X11 forwarding offset -ircd 6667/tcp # Internet Relay Chat -ircd 6667/udp # Internet Relay Chat -xfs 7100/tcp # X font server -tircproxy 7666/tcp # Tircproxy -http-alt 8008/tcp -http-alt 8008/udp -webcache 8080/tcp # WWW caching service -webcache 8080/udp # WWW caching service -tproxy 8081/tcp # Transparent Proxy -tproxy 8081/udp # Transparent Proxy -jetdirect 9100/tcp laserjet hplj # -mandelspawn 9359/udp mandelbrot # network mandelbrot -kamanda 10081/tcp # amanda backup services (Kerberos) -kamanda 10081/udp # amanda backup services (Kerberos) -amandaidx 10082/tcp # amanda backup services -amidxtape 10083/tcp # amanda backup services -ladcca 14541/tcp # LADCCA client/server protocol -isdnlog 20011/tcp # isdn logging system -isdnlog 20011/udp # isdn logging system -vboxd 20012/tcp # voice box system -vboxd 20012/udp # voice box system -wnn4_Kr 22305/tcp # used by the kWnn package -wnn4_Cn 22289/tcp # used by the cWnn package -wnn4_Tw 22321/tcp # used by the tWnn package -binkp 24554/tcp # Binkley -binkp 24554/udp # Binkley -asp 27374/tcp # Address Search Protocol -asp 27374/udp # Address Search Protocol -tfido 60177/tcp # Ifmail -tfido 60177/udp # Ifmail -fido 60179/tcp # Ifmail -fido 60179/udp # Ifmail - -# Cyrus SIEVE service -sieve 2000/tcp -sieve 2000/udp diff --git a/contrib/altlinux/etc/squid/squid.conf b/contrib/altlinux/etc/squid/squid.conf deleted file mode 100644 index 5d2459b91..000000000 --- a/contrib/altlinux/etc/squid/squid.conf +++ /dev/null @@ -1,3303 +0,0 @@ - -# WELCOME TO SQUID 2 -# ------------------ -# -# This is the default Squid configuration file. You may wish -# to look at the Squid home page (http://www.squid-cache.org/) -# for the FAQ and other documentation. -# -# The default Squid config file shows what the defaults for -# various options happen to be. If you don't need to change the -# default, you shouldn't uncomment the line. Doing so may cause -# run-time problems. In some cases "none" refers to no default -# setting at all, while in other cases it refers to a valid -# option - the comments for that keyword indicate if this is the -# case. -# - - -# NETWORK OPTIONS -# ----------------------------------------------------------------------------- - -# TAG: http_port -# Usage: port -# hostname:port -# 1.2.3.4:port -# -# The socket addresses where Squid will listen for HTTP client -# requests. You may specify multiple socket addresses. -# There are three forms: port alone, hostname with port, and -# IP address with port. If you specify a hostname or IP -# address, then Squid binds the socket to that specific -# address. This replaces the old 'tcp_incoming_address' -# option. Most likely, you do not need to bind to a specific -# address, so you can use the port number alone. -# -# The default port number is 3128. -# -# If you are running Squid in accelerator mode, then you -# probably want to listen on port 80 also, or instead. -# -# The -a command line option will override the *first* port -# number listed here. That option will NOT override an IP -# address, however. -# -# You may specify multiple socket addresses on multiple lines. -# -# If you run Squid on a dual-homed machine with an internal -# and an external interface then we recommend you to specify the -# internal address:port in http_port. This way Squid will only be -# visible on the internal address. -# -#Default: -# http_port 3128 - -# TAG: https_port -# Usage: [ip:]port cert=certificate.pem [key=key.pem] [options...] -# -# The socket address where Squid will listen for HTTPS client -# requests. -# -# This is really only useful for situations where you are running -# squid in accelerator mode and you want to do the SSL work at the -# accelerator level. -# -# You may specify multiple socket addresses on multiple lines, -# each with their own SSL certificate and/or options. -# -# Options: -# -# cert= Path to SSL certificate (PEM format) -# -# key= Path to SSL private key file (PEM format) -# if not specified, the certificate file is -# assumed to be a combined certificate and -# key file -# -# version= The version of SSL/TLS supported -# 1 automatic (default) -# 2 SSLv2 only -# 3 SSLv3 only -# 4 TLSv1 only -# -# cipher= Colon separated list of supported ciphers -# -# options= Varions SSL engine options. The most important -# being: -# NO_SSLv2 Disallow the use of SSLv2 -# NO_SSLv3 Disallow the use of SSLv3 -# NO_TLSv1 Disallow the use of TLSv1 -# See src/ssl_support.c or OpenSSL documentation -# for a more complete list. -# -#Default: -# none - -# TAG: ssl_unclean_shutdown -# Some browsers (especially MSIE) bugs out on SSL shutdown -# messages. -# -#Default: -# ssl_unclean_shutdown off - -# TAG: icp_port -# The port number where Squid sends and receives ICP queries to -# and from neighbor caches. Default is 3130. To disable use -# "0". May be overridden with -u on the command line. -# -#Default: -# icp_port 3130 - -# TAG: htcp_port -# Note: This option is only available if Squid is rebuilt with the -# --enable-htcp option -# -# The port number where Squid sends and receives HTCP queries to -# and from neighbor caches. Default is 4827. To disable use -# "0". -# -#Default: -# htcp_port 4827 - -# TAG: mcast_groups -# This tag specifies a list of multicast groups which your server -# should join to receive multicasted ICP queries. -# -# NOTE! Be very careful what you put here! Be sure you -# understand the difference between an ICP _query_ and an ICP -# _reply_. This option is to be set only if you want to RECEIVE -# multicast queries. Do NOT set this option to SEND multicast -# ICP (use cache_peer for that). ICP replies are always sent via -# unicast, so this option does not affect whether or not you will -# receive replies from multicast group members. -# -# You must be very careful to NOT use a multicast address which -# is already in use by another group of caches. -# -# If you are unsure about multicast, please read the Multicast -# chapter in the Squid FAQ (http://www.squid-cache.org/FAQ/). -# -# Usage: mcast_groups 239.128.16.128 224.0.1.20 -# -# By default, Squid doesn't listen on any multicast groups. -# -#Default: -# none - -# TAG: udp_incoming_address -# TAG: udp_outgoing_address -# udp_incoming_address is used for the ICP socket receiving packets -# from other caches. -# udp_outgoing_address is used for ICP packets sent out to other -# caches. -# -# The default behavior is to not bind to any specific address. -# -# A udp_incoming_address value of 0.0.0.0 indicates that Squid should -# listen for UDP messages on all available interfaces. -# -# If udp_outgoing_address is set to 255.255.255.255 (the default) -# then it will use the same socket as udp_incoming_address. Only -# change this if you want to have ICP queries sent using another -# address than where this Squid listens for ICP queries from other -# caches. -# -# NOTE, udp_incoming_address and udp_outgoing_address can not -# have the same value since they both use port 3130. -# -#Default: -# udp_incoming_address 0.0.0.0 -# udp_outgoing_address 255.255.255.255 - - -# OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM -# ----------------------------------------------------------------------------- - -# TAG: cache_peer -# To specify other caches in a hierarchy, use the format: -# -# cache_peer hostname type http_port icp_port -# -# For example, -# -# # proxy icp -# # hostname type port port options -# # -------------------- -------- ----- ----- ----------- -# cache_peer parent.foo.net parent 3128 3130 [proxy-only] -# cache_peer sib1.foo.net sibling 3128 3130 [proxy-only] -# cache_peer sib2.foo.net sibling 3128 3130 [proxy-only] -# -# type: either 'parent', 'sibling', or 'multicast'. -# -# proxy_port: The port number where the cache listens for proxy -# requests. -# -# icp_port: Used for querying neighbor caches about -# objects. To have a non-ICP neighbor -# specify '7' for the ICP port and make sure the -# neighbor machine has the UDP echo port -# enabled in its /etc/inetd.conf file. -# -# options: proxy-only -# weight=n -# ttl=n -# no-query -# default -# round-robin -# multicast-responder -# closest-only -# no-digest -# no-netdb-exchange -# no-delay -# login=user:password | PASS | *:password -# connect-timeout=nn -# digest-url=url -# allow-miss -# max-conn -# htcp -# carp-load-factor -# -# use 'proxy-only' to specify that objects fetched -# from this cache should not be saved locally. -# -# use 'weight=n' to specify a weighted parent. -# The weight must be an integer. The default weight -# is 1, larger weights are favored more. -# -# use 'ttl=n' to specify a IP multicast TTL to use -# when sending an ICP queries to this address. -# Only useful when sending to a multicast group. -# Because we don't accept ICP replies from random -# hosts, you must configure other group members as -# peers with the 'multicast-responder' option below. -# -# use 'no-query' to NOT send ICP queries to this -# neighbor. -# -# use 'default' if this is a parent cache which can -# be used as a "last-resort." You should probably -# only use 'default' in situations where you cannot -# use ICP with your parent cache(s). -# -# use 'round-robin' to define a set of parents which -# should be used in a round-robin fashion in the -# absence of any ICP queries. -# -# 'multicast-responder' indicates that the named peer -# is a member of a multicast group. ICP queries will -# not be sent directly to the peer, but ICP replies -# will be accepted from it. -# -# 'closest-only' indicates that, for ICP_OP_MISS -# replies, we'll only forward CLOSEST_PARENT_MISSes -# and never FIRST_PARENT_MISSes. -# -# use 'no-digest' to NOT request cache digests from -# this neighbor. -# -# 'no-netdb-exchange' disables requesting ICMP -# RTT database (NetDB) from the neighbor. -# -# use 'no-delay' to prevent access to this neighbor -# from influencing the delay pools. -# -# use 'login=user:password' if this is a personal/workgroup -# proxy and your parent requires proxy authentication. -# Note: The string can include URL escapes (i.e. %20 for -# spaces). This also means that % must be written as %%. -# -# use 'login=PASS' if users must authenticate against -# the upstream proxy. This will pass the users credentials -# as they are to the peer proxy. This only works for the -# Basic HTTP authentication sheme. Note: To combine this -# with proxy_auth both proxies must share the same user -# database as HTTP only allows for one proxy login. -# Also be warned that this will expose your users proxy -# password to the peer. USE WITH CAUTION -# -# use 'login=*:password' to pass the username to the -# upstream cache, but with a fixed password. This is meant -# to be used when the peer is in another administrative -# domain, but it is still needed to identify each user. -# The star can optionally be followed by some extra -# information which is added to the username. This can -# be used to identify this proxy to the peer, similar to -# the login=username:password option above. -# -# use 'connect-timeout=nn' to specify a peer -# specific connect timeout (also see the -# peer_connect_timeout directive) -# -# use 'digest-url=url' to tell Squid to fetch the cache -# digest (if digests are enabled) for this host from -# the specified URL rather than the Squid default -# location. -# -# use 'allow-miss' to disable Squid's use of only-if-cached -# when forwarding requests to siblings. This is primarily -# useful when icp_hit_stale is used by the sibling. To -# extensive use of this option may result in forwarding -# loops, and you should avoid having two-way peerings -# with this option. (for example to deny peer usage on -# requests from peer by denying cache_peer_access if the -# source is a peer) -# -# use 'max-conn' to limit the amount of connections Squid -# may open to this peer. -# -# use 'htcp' to send HTCP, instead of ICP, queries -# to the neighbor. You probably also want to -# set the "icp port" to 4827 instead of 3130. -# -# use 'carp-load-factor=f' to define a parent -# cache as one participating in a CARP array. -# The 'f' values for all CARP parents must add -# up to 1.0. -# -# -# NOTE: non-ICP/HTCP neighbors must be specified as 'parent'. -# -#Default: -# none - -# TAG: cache_peer_domain -# Use to limit the domains for which a neighbor cache will be -# queried. Usage: -# -# cache_peer_domain cache-host domain [domain ...] -# cache_peer_domain cache-host !domain -# -# For example, specifying -# -# cache_peer_domain parent.foo.net .edu -# -# has the effect such that UDP query packets are sent to -# 'bigserver' only when the requested object exists on a -# server in the .edu domain. Prefixing the domainname -# with '!' means that the cache will be queried for objects -# NOT in that domain. -# -# NOTE: * Any number of domains may be given for a cache-host, -# either on the same or separate lines. -# * When multiple domains are given for a particular -# cache-host, the first matched domain is applied. -# * Cache hosts with no domain restrictions are queried -# for all requests. -# * There are no defaults. -# * There is also a 'cache_peer_access' tag in the ACL -# section. -# -#Default: -# none - -# TAG: neighbor_type_domain -# usage: neighbor_type_domain neighbor parent|sibling domain domain ... -# -# Modifying the neighbor type for specific domains is now -# possible. You can treat some domains differently than the the -# default neighbor type specified on the 'cache_peer' line. -# Normally it should only be necessary to list domains which -# should be treated differently because the default neighbor type -# applies for hostnames which do not match domains listed here. -# -#EXAMPLE: -# cache_peer parent cache.foo.org 3128 3130 -# neighbor_type_domain cache.foo.org sibling .com .net -# neighbor_type_domain cache.foo.org sibling .au .de -# -#Default: -# none - -# TAG: icp_query_timeout (msec) -# Normally Squid will automatically determine an optimal ICP -# query timeout value based on the round-trip-time of recent ICP -# queries. If you want to override the value determined by -# Squid, set this 'icp_query_timeout' to a non-zero value. This -# value is specified in MILLISECONDS, so, to use a 2-second -# timeout (the old default), you would write: -# -# icp_query_timeout 2000 -# -#Default: -# icp_query_timeout 0 - -# TAG: maximum_icp_query_timeout (msec) -# Normally the ICP query timeout is determined dynamically. But -# sometimes it can lead to very large values (say 5 seconds). -# Use this option to put an upper limit on the dynamic timeout -# value. Do NOT use this option to always use a fixed (instead -# of a dynamic) timeout value. To set a fixed timeout see the -# 'icp_query_timeout' directive. -# -#Default: -# maximum_icp_query_timeout 2000 - -# TAG: mcast_icp_query_timeout (msec) -# For Multicast peers, Squid regularly sends out ICP "probes" to -# count how many other peers are listening on the given multicast -# address. This value specifies how long Squid should wait to -# count all the replies. The default is 2000 msec, or 2 -# seconds. -# -#Default: -# mcast_icp_query_timeout 2000 - -# TAG: dead_peer_timeout (seconds) -# This controls how long Squid waits to declare a peer cache -# as "dead." If there are no ICP replies received in this -# amount of time, Squid will declare the peer dead and not -# expect to receive any further ICP replies. However, it -# continues to send ICP queries, and will mark the peer as -# alive upon receipt of the first subsequent ICP reply. -# -# This timeout also affects when Squid expects to receive ICP -# replies from peers. If more than 'dead_peer' seconds have -# passed since the last ICP reply was received, Squid will not -# expect to receive an ICP reply on the next query. Thus, if -# your time between requests is greater than this timeout, you -# will see a lot of requests sent DIRECT to origin servers -# instead of to your parents. -# -#Default: -# dead_peer_timeout 10 seconds - -# TAG: hierarchy_stoplist -# A list of words which, if found in a URL, cause the object to -# be handled directly by this cache. In other words, use this -# to not query neighbor caches for certain objects. You may -# list this option multiple times. -#We recommend you to use at least the following line. -hierarchy_stoplist cgi-bin ? - -# TAG: no_cache -# A list of ACL elements which, if matched, cause the request to -# not be satisfied from the cache and the reply to not be cached. -# In other words, use this to force certain objects to never be cached. -# -# You must use the word 'DENY' to indicate the ACL names which should -# NOT be cached. -# -#We recommend you to use the following two lines. -acl QUERY urlpath_regex cgi-bin \? -no_cache deny QUERY - - -# OPTIONS WHICH AFFECT THE CACHE SIZE -# ----------------------------------------------------------------------------- - -# TAG: cache_mem (bytes) -# NOTE: THIS PARAMETER DOES NOT SPECIFY THE MAXIMUM PROCESS SIZE. -# IT ONLY PLACES A LIMIT ON HOW MUCH ADDITIONAL MEMORY SQUID WILL -# USE AS A MEMORY CACHE OF OBJECTS. SQUID USES MEMORY FOR OTHER -# THINGS AS WELL. SEE THE SQUID FAQ SECTION 8 FOR DETAILS. -# -# 'cache_mem' specifies the ideal amount of memory to be used -# for: -# * In-Transit objects -# * Hot Objects -# * Negative-Cached objects -# -# Data for these objects are stored in 4 KB blocks. This -# parameter specifies the ideal upper limit on the total size of -# 4 KB blocks allocated. In-Transit objects take the highest -# priority. -# -# In-transit objects have priority over the others. When -# additional space is needed for incoming data, negative-cached -# and hot objects will be released. In other words, the -# negative-cached and hot objects will fill up any unused space -# not needed for in-transit objects. -# -# If circumstances require, this limit will be exceeded. -# Specifically, if your incoming request rate requires more than -# 'cache_mem' of memory to hold in-transit objects, Squid will -# exceed this limit to satisfy the new requests. When the load -# decreases, blocks will be freed until the high-water mark is -# reached. Thereafter, blocks will be used to store hot -# objects. -# -#Default: -# cache_mem 8 MB - -# TAG: cache_swap_low (percent, 0-100) -# TAG: cache_swap_high (percent, 0-100) -# -# The low- and high-water marks for cache object replacement. -# Replacement begins when the swap (disk) usage is above the -# low-water mark and attempts to maintain utilization near the -# low-water mark. As swap utilization gets close to high-water -# mark object eviction becomes more aggressive. If utilization is -# close to the low-water mark less replacement is done each time. -# -# Defaults are 90% and 95%. If you have a large cache, 5% could be -# hundreds of MB. If this is the case you may wish to set these -# numbers closer together. -# -#Default: -# cache_swap_low 90 -# cache_swap_high 95 - -# TAG: maximum_object_size (bytes) -# Objects larger than this size will NOT be saved on disk. The -# value is specified in kilobytes, and the default is 4MB. If -# you wish to get a high BYTES hit ratio, you should probably -# increase this (one 32 MB object hit counts for 3200 10KB -# hits). If you wish to increase speed more than your want to -# save bandwidth you should leave this low. -# -# NOTE: if using the LFUDA replacement policy you should increase -# this value to maximize the byte hit rate improvement of LFUDA! -# See replacement_policy below for a discussion of this policy. -# -#Default: -# maximum_object_size 4096 KB - -# TAG: minimum_object_size (bytes) -# Objects smaller than this size will NOT be saved on disk. The -# value is specified in kilobytes, and the default is 0 KB, which -# means there is no minimum. -# -#Default: -# minimum_object_size 0 KB - -# TAG: maximum_object_size_in_memory (bytes) -# Objects greater than this size will not be attempted to kept in -# the memory cache. This should be set high enough to keep objects -# accessed frequently in memory to improve performance whilst low -# enough to keep larger objects from hoarding cache_mem . -# -#Default: -# maximum_object_size_in_memory 8 KB - -# TAG: ipcache_size (number of entries) -# TAG: ipcache_low (percent) -# TAG: ipcache_high (percent) -# The size, low-, and high-water marks for the IP cache. -# -#Default: -# ipcache_size 1024 -# ipcache_low 90 -# ipcache_high 95 - -# TAG: fqdncache_size (number of entries) -# Maximum number of FQDN cache entries. -# -#Default: -# fqdncache_size 1024 - -# TAG: cache_replacement_policy -# The cache replacement policy parameter determines which -# objects are evicted (replaced) when disk space is needed. -# -# lru : Squid's original list based LRU policy -# heap GDSF : Greedy-Dual Size Frequency -# heap LFUDA: Least Frequently Used with Dynamic Aging -# heap LRU : LRU policy implemented using a heap -# -# Applies to any cache_dir lines listed below this. -# -# The LRU policies keeps recently referenced objects. -# -# The heap GDSF policy optimizes object hit rate by keeping smaller -# popular objects in cache so it has a better chance of getting a -# hit. It achieves a lower byte hit rate than LFUDA though since -# it evicts larger (possibly popular) objects. -# -# The heap LFUDA policy keeps popular objects in cache regardless of -# their size and thus optimizes byte hit rate at the expense of -# hit rate since one large, popular object will prevent many -# smaller, slightly less popular objects from being cached. -# -# Both policies utilize a dynamic aging mechanism that prevents -# cache pollution that can otherwise occur with frequency-based -# replacement policies. -# -# NOTE: if using the LFUDA replacement policy you should increase -# the value of maximum_object_size above its default of 4096 KB to -# to maximize the potential byte hit rate improvement of LFUDA. -# -# For more information about the GDSF and LFUDA cache replacement -# policies see http://www.hpl.hp.com/techreports/1999/HPL-1999-69.html -# and http://fog.hpl.external.hp.com/techreports/98/HPL-98-173.html. -# -#Default: -# cache_replacement_policy lru - -# TAG: memory_replacement_policy -# The memory replacement policy parameter determines which -# objects are purged from memory when memory space is needed. -# -# See cache_replacement_policy for details. -# -#Default: -# memory_replacement_policy lru - - -# LOGFILE PATHNAMES AND CACHE DIRECTORIES -# ----------------------------------------------------------------------------- - -# TAG: cache_dir -# Usage: -# -# cache_dir Type Directory-Name Fs-specific-data [options] -# -# You can specify multiple cache_dir lines to spread the -# cache among different disk partitions. -# -# Type specifies the kind of storage system to use. Only "ufs" -# is built by default. To eanble any of the other storage systems -# see the --enable-storeio configure option. -# -# 'Directory' is a top-level directory where cache swap -# files will be stored. If you want to use an entire disk -# for caching, then this can be the mount-point directory. -# The directory must exist and be writable by the Squid -# process. Squid will NOT create this directory for you. -# -# The ufs store type: -# -# "ufs" is the old well-known Squid storage format that has always -# been there. -# -# cache_dir ufs Directory-Name Mbytes L1 L2 [options] -# -# 'Mbytes' is the amount of disk space (MB) to use under this -# directory. The default is 100 MB. Change this to suit your -# configuration. Do NOT put the size of your disk drive here. -# Instead, if you want Squid to use the entire disk drive, -# subtract 20% and use that value. -# -# 'Level-1' is the number of first-level subdirectories which -# will be created under the 'Directory'. The default is 16. -# -# 'Level-2' is the number of second-level subdirectories which -# will be created under each first-level directory. The default -# is 256. -# -# The aufs store type: -# -# "aufs" uses the same storage format as "ufs", utilizing -# POSIX-threads to avoid blocking the main Squid process on -# disk-I/O. This was formerly known in Squid as async-io. -# -# cache_dir aufs Directory-Name Mbytes L1 L2 [options] -# -# see argument descriptions under ufs above -# -# The diskd store type: -# -# "diskd" uses the same storage format as "ufs", utilizing a -# separate process to avoid blocking the main Squid process on -# disk-I/O. -# -# cache_dir diskd Directory-Name Mbytes L1 L2 [options] [Q1=n] [Q2=n] -# -# see argument descriptions under ufs above -# -# Q1 specifies the number of unacknowledged I/O requests when Squid -# stops opening new files. If this many messages are in the queues, -# Squid won't open new files. Default is 64 -# -# Q2 specifies the number of unacknowledged messages when Squid -# starts blocking. If this many messages are in the queues, -# Squid blocks until it recevies some replies. Default is 72 -# -# The coss store type: -# -# block-size=n defines the "block size" for COSS cache_dir's. -# Squid uses file numbers as block numbers. Since file numbers -# are limited to 24 bits, the block size determines the maximum -# size of the COSS partition. The default is 512 bytes, which -# leads to a maximum cache_dir size of 512<<24, or 8 GB. Note -# that you should not change the coss block size after Squid -# has written some objects to the cache_dir. -# -# Common options: -# -# read-only, this cache_dir is read only. -# -# max-size=n, refers to the max object size this storedir supports. -# It is used to initially choose the storedir to dump the object. -# Note: To make optimal use of the max-size limits you should order -# the cache_dir lines with the smallest max-size value first and the -# ones with no max-size specification last. -# -# Note that for coss, max-size must be less than COSS_MEMBUF_SZ -# (hard coded at 1 MB). -# -#Default: -# cache_dir ufs /var/spool/squid 100 16 256 - -# TAG: cache_access_log -# Logs the client request activity. Contains an entry for -# every HTTP and ICP queries received. To disable, enter "none". -# -#Default: -# cache_access_log /var/log/squid/access.log - -# TAG: cache_log -# Cache logging file. This is where general information about -# your cache's behavior goes. You can increase the amount of data -# logged to this file with the "debug_options" tag below. -# -#Default: -# cache_log /var/log/squid/cache.log - -# TAG: cache_store_log -# Logs the activities of the storage manager. Shows which -# objects are ejected from the cache, and which objects are -# saved and for how long. To disable, enter "none". There are -# not really utilities to analyze this data, so you can safely -# disable it. -# -#Default: -# cache_store_log /var/log/squid/store.log - -# TAG: cache_swap_log -# Location for the cache "swap.log." This log file holds the -# metadata of objects saved on disk. It is used to rebuild the -# cache during startup. Normally this file resides in each -# 'cache_dir' directory, but you may specify an alternate -# pathname here. Note you must give a full filename, not just -# a directory. Since this is the index for the whole object -# list you CANNOT periodically rotate it! -# -# If %s can be used in the file name then it will be replaced with a -# a representation of the cache_dir name where each / is replaced -# with '.'. This is needed to allow adding/removing cache_dir -# lines when cache_swap_log is being used. -# -# If have more than one 'cache_dir', and %s is not used in the name -# then these swap logs will have names such as: -# -# cache_swap_log.00 -# cache_swap_log.01 -# cache_swap_log.02 -# -# The numbered extension (which is added automatically) -# corresponds to the order of the 'cache_dir' lines in this -# configuration file. If you change the order of the 'cache_dir' -# lines in this file, then these log files will NOT correspond to -# the correct 'cache_dir' entry (unless you manually rename -# them). We recommend that you do NOT use this option. It is -# better to keep these log files in each 'cache_dir' directory. -# -#Default: -# none - -# TAG: emulate_httpd_log on|off -# The Cache can emulate the log file format which many 'httpd' -# programs use. To disable/enable this emulation, set -# emulate_httpd_log to 'off' or 'on'. The default -# is to use the native log format since it includes useful -# information that Squid-specific log analyzers use. -# -#Default: -# emulate_httpd_log off - -# TAG: log_ip_on_direct on|off -# Log the destination IP address in the hierarchy log tag when going -# direct. Earlier Squid versions logged the hostname here. If you -# prefer the old way set this to off. -# -#Default: -# log_ip_on_direct on - -# TAG: mime_table -# Pathname to Squid's MIME table. You shouldn't need to change -# this, but the default file contains examples and formatting -# information if you do. -# -#Default: -# mime_table /etc/squid/mime.conf - -# TAG: log_mime_hdrs on|off -# The Cache can record both the request and the response MIME -# headers for each HTTP transaction. The headers are encoded -# safely and will appear as two bracketed fields at the end of -# the access log (for either the native or httpd-emulated log -# formats). To enable this logging set log_mime_hdrs to 'on'. -# -#Default: -# log_mime_hdrs off - -# TAG: useragent_log -# Squid will write the User-Agent field from HTTP requests -# to the filename specified here. By default useragent_log -# is disabled. -# -#Default: -# none - -# TAG: referer_log -# Note: This option is only available if Squid is rebuilt with the -# --enable-referer-log option -# -# Squid will write the Referer field from HTTP requests to the -# filename specified here. By default referer_log is disabled. -# -#Default: -# none - -# TAG: pid_filename -# A filename to write the process-id to. To disable, enter "none". -# -#Default: -# pid_filename /var/run/squid.pid - -# TAG: debug_options -# Logging options are set as section,level where each source file -# is assigned a unique section. Lower levels result in less -# output, Full debugging (level 9) can result in a very large -# log file, so be careful. The magic word "ALL" sets debugging -# levels for all sections. We recommend normally running with -# "ALL,1". -# -#Default: -# debug_options ALL,1 - -# TAG: log_fqdn on|off -# Turn this on if you wish to log fully qualified domain names -# in the access.log. To do this Squid does a DNS lookup of all -# IP's connecting to it. This can (in some situations) increase -# latency, which makes your cache seem slower for interactive -# browsing. -# -#Default: -# log_fqdn off - -# TAG: client_netmask -# A netmask for client addresses in logfiles and cachemgr output. -# Change this to protect the privacy of your cache clients. -# A netmask of 255.255.255.0 will log all IP's in that range with -# the last digit set to '0'. -# -#Default: -# client_netmask 255.255.255.255 - - -# OPTIONS FOR EXTERNAL SUPPORT PROGRAMS -# ----------------------------------------------------------------------------- - -# TAG: ftp_user -# If you want the anonymous login password to be more informative -# (and enable the use of picky ftp servers), set this to something -# reasonable for your domain, like wwwuser@somewhere.net -# -# The reason why this is domainless by default is that the -# request can be made on the behalf of a user in any domain, -# depending on how the cache is used. -# Some ftp server also validate that the email address is valid -# (for example perl.com). -# -#Default: -# ftp_user Squid@ - -# TAG: ftp_list_width -# Sets the width of ftp listings. This should be set to fit in -# the width of a standard browser. Setting this too small -# can cut off long filenames when browsing ftp sites. -# -#Default: -# ftp_list_width 32 - -# TAG: ftp_passive -# If your firewall does not allow Squid to use passive -# connections, then turn off this option. -# -#Default: -# ftp_passive on - -# TAG: ftp_sanitycheck -# For security and data integrity reasons Squid by default performs -# sanity checks of the addresses of FTP data connections ensure the -# data connection is to the requested server. If you need to allow -# FTP connections to servers using another IP address for the data -# connection then turn this off. -# -#Default: -# ftp_sanitycheck on - -# TAG: ftp_telnet_protocol -# The FTP protocol is officially defined to use the telnet protocol -# as transport channel for the control connection. However, many -# implemenations are broken and does not respect this aspect of -# the FTP protocol. -# -# If you have trouble accessing files with ASCII code 255 in the -# path or similar problems involving this ASCII code then you can -# try setting this directive to off. If that helps report to the -# operator of the FTP server in question that their FTP server -# is broken and does not follow the FTP standard. -# -#Default: -# ftp_telnet_protocol on - -# TAG: cache_dns_program -# Note: This option is only available if Squid is rebuilt with the -# --disable-internal-dns option -# -# Specify the location of the executable for dnslookup process. -# -#Default: -# cache_dns_program /usr/lib/squid/dnsserver - -# TAG: dns_children -# Note: This option is only available if Squid is rebuilt with the -# --disable-internal-dns option -# -# The number of processes spawn to service DNS name lookups. -# For heavily loaded caches on large servers, you should -# probably increase this value to at least 10. The maximum -# is 32. The default is 5. -# -# You must have at least one dnsserver process. -# -#Default: -# dns_children 5 - -# TAG: dns_retransmit_interval -# Initial retransmit interval for DNS queries. The interval is -# doubled each time all configured DNS servers have been tried. -# -# -#Default: -# dns_retransmit_interval 5 seconds - -# TAG: dns_timeout -# DNS Query timeout. If no response is received to a DNS query -# within this time then all DNS servers for the queried domain -# is assumed to be unavailable. -# -#Default: -# dns_timeout 2 minutes - -# TAG: dns_defnames on|off -# Note: This option is only available if Squid is rebuilt with the -# --disable-internal-dns option -# -# Normally the 'dnsserver' disables the RES_DEFNAMES resolver -# option (see res_init(3)). This prevents caches in a hierarchy -# from interpreting single-component hostnames locally. To allow -# dnsserver to handle single-component names, enable this -# option. -# -#Default: -# dns_defnames off - -# TAG: dns_nameservers -# Use this if you want to specify a list of DNS name servers -# (IP addresses) to use instead of those given in your -# /etc/resolv.conf file. -# On Windows platforms, if no value is specified here or in -# the /etc/resolv.conf file, the list of DNS name servers are -# taken from the Windows registry, both static and dynamic DHCP -# configurations are supported. -# -# Example: dns_nameservers 10.0.0.1 192.172.0.4 -# -#Default: -# none - -# TAG: hosts_file -# Location of the host-local IP name-address associations -# database. Most Operating Systems have such a file: under -# Un*X it's by default in /etc/hosts MS-Windows NT/2000 places -# that in %SystemRoot%(by default -# c:\winnt)\system32\drivers\etc\hosts, while Windows 9x/ME -# places that in %windir%(usually c:\windows)\hosts -# -# The file contains newline-separated definitions, in the -# form ip_address_in_dotted_form name [name ...] names are -# whitespace-separated. lines beginnng with an hash (#) -# character are comments. -# -# The file is checked at startup and upon configuration. If -# set to 'none', it won't be checked. If append_domain is -# used, that domain will be added to domain-local (i.e. not -# containing any dot character) host definitions. -# -#Default: -# hosts_file /etc/hosts - -# TAG: diskd_program -# Specify the location of the diskd executable. -# Note that this is only useful if you have compiled in -# diskd as one of the store io modules. -# -#Default: -# diskd_program /usr/lib/squid/diskd - -# TAG: unlinkd_program -# Specify the location of the executable for file deletion process. -# -#Default: -# unlinkd_program /usr/lib/squid/unlinkd - -# TAG: pinger_program -# Specify the location of the executable for the pinger process. -# -#Default: -# pinger_program /usr/lib/squid/pinger - -# TAG: redirect_program -# Specify the location of the executable for the URL redirector. -# Since they can perform almost any function there isn't one included. -# See the FAQ (section 15) for information on how to write one. -# By default, a redirector is not used. -# -#Default: -# none - -# TAG: redirect_children -# The number of redirector processes to spawn. If you start -# too few Squid will have to wait for them to process a backlog of -# URLs, slowing it down. If you start too many they will use RAM -# and other system resources. -# -#Default: -# redirect_children 5 - -# TAG: redirect_rewrites_host_header -# By default Squid rewrites any Host: header in redirected -# requests. If you are running an accelerator then this may -# not be a wanted effect of a redirector. -# -#Default: -# redirect_rewrites_host_header on - -# TAG: redirector_access -# If defined, this access list specifies which requests are -# sent to the redirector processes. By default all requests -# are sent. -# -#Default: -# none - -# TAG: auth_param -# This is used to define parameters for the various authentication -# schemes supported by Squid. -# -# format: auth_param scheme parameter [setting] -# -# The order that authentication schemes are presented to the client is -# dependant on the order the scheme first appears in config file. IE -# has a bug (it's not rfc 2617 compliant) in that it will use the basic -# scheme if basic is the first entry presented, even if more secure -# schemes are presented. For now use the order in the recommended -# settings section below. If other browsers have difficulties (don't -# recognise the schemes offered even if you are using basic) then either -# put basic first, or disable the other schemes (by commenting out their -# program entry). -# -# Once an authentication scheme is fully configured, it can only be -# shutdown by shutting squid down and restarting. Changes can be made on -# the fly and activated with a reconfigure. I.E. You can change to a -# different helper, but not unconfigure the helper completely. -# -# Please note that while this directive defines how Squid processes -# authentication it does not automatically activate authentication. -# To use authenticaiton you must in addition make use of acls based -# on login name in http_access (proxy_auth, proxy_auth_regex or -# external with %LOGIN used in the format tag). The browser will be -# challenged for authentication on the first such acl encountered -# in http_access processing and will also be rechallenged for new -# login credentials if the request is being denied by a proxy_auth -# type acl. -# -# === Parameters for the basic scheme follow. === -# -# "program" cmdline -# Specify the command for the external authenticator. Such a program -# reads a line containing "username password" and replies "OK" or -# "ERR" in an endless loop. -# -# By default, the basic authentication sheme is not used unless a -# program is specified. -# -# If you want to use the traditional proxy authentication, jump over to -# the helpers/basic_auth/NCSA directory and type: -# % make -# % make install -# -# Then, set this line to something like -# -# auth_param basic program /usr/libexec/ncsa_auth /usr/etc/passwd -# -# "children" numberofchildren -# The number of authenticator processes to spawn. -# If you start too few Squid will have to wait for them to process a -# backlog of usercode/password verifications, slowing it down. When -# password verifications are done via a (slow) network you are likely to -# need lots of authenticator processes. -# auth_param basic children 5 -# -# "realm" realmstring -# Specifies the realm name which is to be reported to the client for -# the basic proxy authentication scheme (part of the text the user -# will see when prompted their username and password). -# auth_param basic realm Squid proxy-caching web server -# -# "credentialsttl" timetolive -# Specifies how long squid assumes an externally validated -# username:password pair is valid for - in other words how often the -# helper program is called for that user. Set this low to force -# revalidation with short lived passwords. Note that setting this high -# does not impact your susceptability to replay attacks unless you are -# using an one-time password system (such as SecureID). If you are using -# such a system, you will be vulnerable to replay attacks unless you -# also use the max_user_ip ACL in an http_access rule. -# auth_param basic credentialsttl 2 hours -# -# === Parameters for the digest scheme follow === -# -# "program" cmdline -# Specify the command for the external authenticator. Such a program -# reads a line containing "username":"realm" and replies with the -# appropriate H(A1) value base64 encoded. See rfc 2616 for the -# definition of H(A1). -# -# By default, the digest authentication scheme is not used unless a -# program is specified. -# -# If you want to use a digest authenticator, jump over to the -# helpers/digest_auth/ directory and choose the authenticator to use. -# It it's directory type -# % make -# % make install -# -# Then, set this line to something like -# -# auth_param digest program /usr/libexec/digest_auth_pw /usr/etc/digpass -# -# -# "children" numberofchildren -# The number of authenticator processes to spawn (no default). If you -# start too few Squid will have to wait for them to process a backlog of -# H(A1) calculations, slowing it down. When the H(A1) calculations are -# done via a (slow) network you are likely to need lots of authenticator -# processes. -# auth_param digest children 5 -# -# "realm" realmstring -# Specifies the realm name which is to be reported to the client for the -# digest proxy authentication scheme (part of the text the user will see -# when prompted their username and password). -# auth_param digest realm Squid proxy-caching web server -# -# "nonce_garbage_interval" timeinterval -# Specifies the interval that nonces that have been issued to clients are -# checked for validity. -# auth_param digest nonce_garbage_interval 5 minutes -# -# "nonce_max_duration" timeinterval -# Specifies the maximum length of time a given nonce will be valid for. -# auth_param digest nonce_max_duration 30 minutes -# -# "nonce_max_count" number -# Specifies the maximum number of times a given nonce can be used. -# auth_param digest nonce_max_count 50 -# -# "nonce_strictness" on|off -# Determines if squid requires strict increment-by-1 behaviour for nonce -# counts, or just incrementing (off - for use when useragents generate -# nonce counts that occasionally miss 1 (ie, 1,2,4,6)). -# auth_param digest nonce_strictness off -# -# "check_nonce_count" on|off -# This directive if set to off can disable the nonce count check -# completely to work around buggy digest qop implementations in certain -# mainstream browser versions. Default on to check the nonce count to -# protect from authentication replay attacks. -# auth_param digest check_nonce_count on -# -# "post_workaround" on|off -# This is a workaround to certain buggy browsers who sends an incorrect -# request digest in POST requests when reusing the same nonce as aquired -# earlier in response to a GET request. -# auth_param digest post_workaround off -# -# === NTLM scheme options follow === -# -# "program" cmdline -# Specify the command for the external ntlm authenticator. Such a -# program participates in the NTLMSSP exchanges between Squid and the -# client and reads commands according to the Squid ntlmssp helper -# protocol. See helpers/ntlm_auth/ for details. Recommended ntlm -# authenticator is ntlm_auth from Samba-3.X, but a number of other -# ntlm authenticators is available. -# -# By default, the ntlm authentication scheme is not used unless a -# program is specified. -# -# auth_param ntlm program /path/to/samba/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp -# -# "children" numberofchildren -# The number of authenticator processes to spawn (no default). If you -# start too few Squid will have to wait for them to process a backlog -# of credential verifications, slowing it down. When crendential -# verifications are done via a (slow) network you are likely to need -# lots of authenticator processes. -# auth_param ntlm children 5 -# -# "max_challenge_reuses" number -# The maximum number of times a challenge given by a ntlm authentication -# helper can be reused. Increasing this number increases your exposure -# to replay attacks on your network. 0 (the default) means use the -# challenge is used only once. See also the max_ntlm_challenge_lifetime -# directive if enabling challenge reuses. -# auth_param ntlm max_challenge_reuses 0 -# -# "max_challenge_lifetime" timespan -# The maximum time period that a ntlm challenge is reused over. The -# actual period will be the minimum of this time AND the number of -# reused challenges. -# auth_param ntlm max_challenge_lifetime 2 minutes -# -# "use_ntlm_negotiate" on|off -# Enables support for NTLM NEGOTIATE packet exchanges with the helper. -# The configured ntlm authenticator must be able to handle NTLM -# NEGOTIATE packet. See the authenticator programs documentation if -# unsure. ntlm_auth from Samba-3.0.2 or later supports the use of this -# option. -# The NEGOTIATE packet is required to support NTLMv2 and a -# number of other negotiable NTLMSSP options, and also makes it -# more likely the negotiation is successful. Enabling this parameter -# will also solve problems encountered when NT domain policies -# restrict users to access only certain workstations. When this is off, -# all users must be allowed to log on the proxy servers too, or they'll -# get "invalid workstation" errors - and access denied - when trying to -# use Squid's services. -# Use of ntlm NEGOTIATE is incompatible with challenge reuse, so -# enabling this parameter will OVERRIDE the max_challenge_reuses and -# max_challenge_lifetime parameters and set them to 0. -# auth_param ntlm use_ntlm_negotiate off -# -#Recommended minimum configuration: -#auth_param digest program -#auth_param digest children 5 -#auth_param digest realm Squid proxy-caching web server -#auth_param digest nonce_garbage_interval 5 minutes -#auth_param digest nonce_max_duration 30 minutes -#auth_param digest nonce_max_count 50 -#auth_param ntlm program /usr/lib/squid/ntlm_auth IPH\\PDC -#auth_param ntlm children 5 -#auth_param ntlm max_challenge_reuses 0 -#auth_param ntlm max_challenge_lifetime 2 minutes -#auth_param ntlm use_ntlm_negotiate off -auth_param basic program /usr/lib/squid/squid_ldap_auth -b ou=People,dc=example,dc=com -f (&(uid=%s)(objectClass=gosaProxyAccount)) -auth_param basic children 5 -auth_param basic realm Squid proxy-caching web server -auth_param basic credentialsttl 2 hours - -# TAG: authenticate_cache_garbage_interval -# The time period between garbage collection across the username cache. -# This is a tradeoff between memory utilisation (long intervals - say -# 2 days) and CPU (short intervals - say 1 minute). Only change if you -# have good reason to. -# -#Default: -# authenticate_cache_garbage_interval 1 hour - -# TAG: authenticate_ttl -# The time a user & their credentials stay in the logged in user cache -# since their last request. When the garbage interval passes, all user -# credentials that have passed their TTL are removed from memory. -# -#Default: -# authenticate_ttl 1 hour - -# TAG: authenticate_ip_ttl -# If you use proxy authentication and the 'max_user_ip' ACL, this -# directive controls how long Squid remembers the IP addresses -# associated with each user. Use a small value (e.g., 60 seconds) if -# your users might change addresses quickly, as is the case with -# dialups. You might be safe using a larger value (e.g., 2 hours) in a -# corporate LAN environment with relatively static address assignments. -# -#Default: -# authenticate_ip_ttl 0 seconds - -# TAG: external_acl_type -# This option defines external acl classes using a helper program to -# look up the status -# -# external_acl_type name [options] FORMAT.. /path/to/helper [helper arguments..] -# -# Options: -# -# ttl=n TTL in seconds for cached results (defaults to 3600 -# for 1 hour) -# negative_ttl=n -# TTL for cached negative lookups (default same -# as ttl) -# children=n Concurrency level / number of processes spawn -# to service external acl lookups of this type. -# Note: see compatibility note below -# cache=n result cache size, 0 is unbounded (default) -# -# FORMAT specifications -# -# %LOGIN Authenticated user login name -# %IDENT Ident user name -# %SRC Client IP -# %DST Requested host -# %PROTO Requested protocol -# %PORT Requested port -# %METHOD Request method -# %{Header} HTTP request header -# %{Hdr:member} HTTP request header list member -# %{Hdr:;member} -# HTTP request header list member using ; as -# list separator. ; can be any non-alphanumeric -# character. -# -# In addition, any string specified in the referencing acl will -# also be included in the helper request line, after the specified -# formats (see the "acl external" directive) -# -# The helper receives lines per the above format specification, -# and returns lines starting with OK or ERR indicating the validity -# of the request and optionally followed by additional keywords with -# more details. -# -# General result syntax: -# -# OK/ERR keyword=value ... -# -# Defined keywords: -# -# user= The users name (login) -# error= Error description (only defined for ERR results) -# -# Keyword values need to be enclosed in quotes if they may contain -# whitespace, or the whitespace escaped using \. Any quotes or \ -# characters within the keyword value must be \ escaped. -# -# Compatibility Note: The children= option was named concurrency= in -# Squid-2.5.STABLE3 and earlier and such syntax is still accepted to -# keep compatibility within the Squid-2.5 release. However, the meaning -# of concurrency= option has changed in Squid-3 and the old syntax of -# the directive is therefore depreated from Squid-2.5.STABLE4 and later. -# If you want to be able to easily downgrade to earlier Squid-2.5 -# releases then you may want to continue using the old name, if not -# please use the new name. -# -#Default: -# none - - -# OPTIONS FOR TUNING THE CACHE -# ----------------------------------------------------------------------------- - -# TAG: wais_relay_host -# TAG: wais_relay_port -# Relay WAIS request to host (1st arg) at port (2 arg). -# -#Default: -# wais_relay_port 0 - -# TAG: request_header_max_size (KB) -# This specifies the maximum size for HTTP headers in a request. -# Request headers are usually relatively small (about 512 bytes). -# Placing a limit on the request header size will catch certain -# bugs (for example with persistent connections) and possibly -# buffer-overflow or denial-of-service attacks. -# -#Default: -# request_header_max_size 10 KB - -# TAG: request_body_max_size (KB) -# This specifies the maximum size for an HTTP request body. -# In other words, the maximum size of a PUT/POST request. -# A user who attempts to send a request with a body larger -# than this limit receives an "Invalid Request" error message. -# If you set this parameter to a zero (the default), there will -# be no limit imposed. -# -#Default: -# request_body_max_size 0 KB - -# TAG: refresh_pattern -# usage: refresh_pattern [-i] regex min percent max [options] -# -# By default, regular expressions are CASE-SENSITIVE. To make -# them case-insensitive, use the -i option. -# -# 'Min' is the time (in minutes) an object without an explicit -# expiry time should be considered fresh. The recommended -# value is 0, any higher values may cause dynamic applications -# to be erroneously cached unless the application designer -# has taken the appropriate actions. -# -# 'Percent' is a percentage of the objects age (time since last -# modification age) an object without explicit expiry time -# will be considered fresh. -# -# 'Max' is an upper limit on how long objects without an explicit -# expiry time will be considered fresh. -# -# options: override-expire -# override-lastmod -# reload-into-ims -# ignore-reload -# -# override-expire enforces min age even if the server -# sent a Expires: header. Doing this VIOLATES the HTTP -# standard. Enabling this feature could make you liable -# for problems which it causes. -# -# override-lastmod enforces min age even on objects -# that was modified recently. -# -# reload-into-ims changes client no-cache or ``reload'' -# to If-Modified-Since requests. Doing this VIOLATES the -# HTTP standard. Enabling this feature could make you -# liable for problems which it causes. -# -# ignore-reload ignores a client no-cache or ``reload'' -# header. Doing this VIOLATES the HTTP standard. Enabling -# this feature could make you liable for problems which -# it causes. -# -# Basically a cached object is: -# -# FRESH if expires < now, else STALE -# STALE if age > max -# FRESH if lm-factor < percent, else STALE -# FRESH if age < min -# else STALE -# -# The refresh_pattern lines are checked in the order listed here. -# The first entry which matches is used. If none of the entries -# match, then the default will be used. -# -# Note, you must uncomment all the default lines if you want -# to change one. The default setting is only active if none is -# used. -# -#Suggested default: -refresh_pattern ^ftp: 1440 20% 10080 -refresh_pattern ^gopher: 1440 0% 1440 -refresh_pattern . 0 20% 4320 - -# TAG: quick_abort_min (KB) -# TAG: quick_abort_max (KB) -# TAG: quick_abort_pct (percent) -# The cache by default continues downloading aborted requests -# which are almost completed (less than 16 KB remaining). This -# may be undesirable on slow (e.g. SLIP) links and/or very busy -# caches. Impatient users may tie up file descriptors and -# bandwidth by repeatedly requesting and immediately aborting -# downloads. -# -# When the user aborts a request, Squid will check the -# quick_abort values to the amount of data transfered until -# then. -# -# If the transfer has less than 'quick_abort_min' KB remaining, -# it will finish the retrieval. -# -# If the transfer has more than 'quick_abort_max' KB remaining, -# it will abort the retrieval. -# -# If more than 'quick_abort_pct' of the transfer has completed, -# it will finish the retrieval. -# -# If you do not want any retrieval to continue after the client -# has aborted, set both 'quick_abort_min' and 'quick_abort_max' -# to '0 KB'. -# -# If you want retrievals to always continue if they are being -# cached then set 'quick_abort_min' to '-1 KB'. -# -#Default: -# quick_abort_min 16 KB -# quick_abort_max 16 KB -# quick_abort_pct 95 - -# TAG: negative_ttl time-units -# Time-to-Live (TTL) for failed requests. Certain types of -# failures (such as "connection refused" and "404 Not Found") are -# negatively-cached for a configurable amount of time. The -# default is 5 minutes. Note that this is different from -# negative caching of DNS lookups. -# -#Default: -# negative_ttl 5 minutes - -# TAG: positive_dns_ttl time-units -# Upper limit on how long Squid will cache positive DNS responses. -# Default is 6 hours (360 minutes). This directive must be set -# larger than negative_dns_ttl. -# -#Default: -# positive_dns_ttl 6 hours - -# TAG: negative_dns_ttl time-units -# Time-to-Live (TTL) for negative caching of failed DNS lookups. -# This also makes sets the lower cache limit on positive lookups. -# Minimum value is 1 second, and it is not recommendable to go -# much below 10 seconds. -# -#Default: -# negative_dns_ttl 1 minute - -# TAG: range_offset_limit (bytes) -# Sets a upper limit on how far into the the file a Range request -# may be to cause Squid to prefetch the whole file. If beyond this -# limit then Squid forwards the Range request as it is and the result -# is NOT cached. -# -# This is to stop a far ahead range request (lets say start at 17MB) -# from making Squid fetch the whole object up to that point before -# sending anything to the client. -# -# A value of -1 causes Squid to always fetch the object from the -# beginning so that it may cache the result. (2.0 style) -# -# A value of 0 causes Squid to never fetch more than the -# client requested. (default) -# -#Default: -# range_offset_limit 0 KB - - -# TIMEOUTS -# ----------------------------------------------------------------------------- - -# TAG: forward_timeout time-units -# This parameter specifies how long Squid should at most attempt in -# finding a forwarding path for the request before giving up. -# -#Default: -# forward_timeout 4 minutes - -# TAG: connect_timeout time-units -# This parameter specifies how long to wait for the TCP connect to -# the requested server or peer to complete before Squid should -# attempt to find another path where to forward the request. -# -#Default: -# connect_timeout 1 minute - -# TAG: peer_connect_timeout time-units -# This parameter specifies how long to wait for a pending TCP -# connection to a peer cache. The default is 30 seconds. You -# may also set different timeout values for individual neighbors -# with the 'connect-timeout' option on a 'cache_peer' line. -# -#Default: -# peer_connect_timeout 30 seconds - -# TAG: read_timeout time-units -# The read_timeout is applied on server-side connections. After -# each successful read(), the timeout will be extended by this -# amount. If no data is read again after this amount of time, -# the request is aborted and logged with ERR_READ_TIMEOUT. The -# default is 15 minutes. -# -#Default: -# read_timeout 15 minutes - -# TAG: request_timeout -# How long to wait for an HTTP request after initial -# connection establishment. -# -#Default: -# request_timeout 5 minutes - -# TAG: persistent_request_timeout -# How long to wait for the next HTTP request on a persistent -# connection after the previous request completes. -# -#Default: -# persistent_request_timeout 1 minute - -# TAG: client_lifetime time-units -# The maximum amount of time that a client (browser) is allowed to -# remain connected to the cache process. This protects the Cache -# from having a lot of sockets (and hence file descriptors) tied up -# in a CLOSE_WAIT state from remote clients that go away without -# properly shutting down (either because of a network failure or -# because of a poor client implementation). The default is one -# day, 1440 minutes. -# -# NOTE: The default value is intended to be much larger than any -# client would ever need to be connected to your cache. You -# should probably change client_lifetime only as a last resort. -# If you seem to have many client connections tying up -# filedescriptors, we recommend first tuning the read_timeout, -# request_timeout, persistent_request_timeout and quick_abort values. -# -#Default: -# client_lifetime 1 day - -# TAG: half_closed_clients -# Some clients may shutdown the sending side of their TCP -# connections, while leaving their receiving sides open. Sometimes, -# Squid can not tell the difference between a half-closed and a -# fully-closed TCP connection. By default, half-closed client -# connections are kept open until a read(2) or write(2) on the -# socket returns an error. Change this option to 'off' and Squid -# will immediately close client connections when read(2) returns -# "no more data to read." -# -#Default: -# half_closed_clients on - -# TAG: pconn_timeout -# Timeout for idle persistent connections to servers and other -# proxies. -# -#Default: -# pconn_timeout 120 seconds - -# TAG: ident_timeout -# Maximum time to wait for IDENT lookups to complete. -# -# If this is too high, and you enabled IDENT lookups from untrusted -# users, then you might be susceptible to denial-of-service by having -# many ident requests going at once. -# -#Default: -# ident_timeout 10 seconds - -# TAG: shutdown_lifetime time-units -# When SIGTERM or SIGHUP is received, the cache is put into -# "shutdown pending" mode until all active sockets are closed. -# This value is the lifetime to set for all open descriptors -# during shutdown mode. Any active clients after this many -# seconds will receive a 'timeout' message. -# -#Default: -# shutdown_lifetime 30 seconds - - -# ACCESS CONTROLS -# ----------------------------------------------------------------------------- - -# TAG: acl -# Defining an Access List -# -# acl aclname acltype string1 ... -# acl aclname acltype "file" ... -# -# when using "file", the file should contain one item per line -# -# acltype is one of the types described below -# -# By default, regular expressions are CASE-SENSITIVE. To make -# them case-insensitive, use the -i option. -# -# acl aclname src ip-address/netmask ... (clients IP address) -# acl aclname src addr1-addr2/netmask ... (range of addresses) -# acl aclname dst ip-address/netmask ... (URL host's IP address) -# acl aclname myip ip-address/netmask ... (local socket IP address) -# -# acl aclname srcdomain .foo.com ... # reverse lookup, client IP -# acl aclname dstdomain .foo.com ... # Destination server from URL -# acl aclname srcdom_regex [-i] xxx ... # regex matching client name -# acl aclname dstdom_regex [-i] xxx ... # regex matching server -# # For dstdomain and dstdom_regex a reverse lookup is tried if a IP -# # based URL is used. The name "none" is used if the reverse lookup -# # fails. -# -# acl aclname time [day-abbrevs] [h1:m1-h2:m2] -# day-abbrevs: -# S - Sunday -# M - Monday -# T - Tuesday -# W - Wednesday -# H - Thursday -# F - Friday -# A - Saturday -# h1:m1 must be less than h2:m2 -# acl aclname url_regex [-i] ^http:// ... # regex matching on whole URL -# acl aclname urlpath_regex [-i] \.gif$ ... # regex matching on URL path -# acl aclname urllogin [-i] [^a-zA-Z0-9] ... # regex matching on URL login field -# acl aclname port 80 70 21 ... -# acl aclname port 0-1024 ... # ranges allowed -# acl aclname myport 3128 ... # (local socket TCP port) -# acl aclname proto HTTP FTP ... -# acl aclname method GET POST ... -# acl aclname browser [-i] regexp ... -# # pattern match on User-Agent header -# acl aclname referer_regex [-i] regexp ... -# # pattern match on Referer header -# # Referer is highly unreliable, so use with care -# acl aclname ident username ... -# acl aclname ident_regex [-i] pattern ... -# # string match on ident output. -# # use REQUIRED to accept any non-null ident. -# acl aclname src_as number ... -# acl aclname dst_as number ... -# # Except for access control, AS numbers can be used for -# # routing of requests to specific caches. Here's an -# # example for routing all requests for AS#1241 and only -# # those to mycache.mydomain.net: -# # acl asexample dst_as 1241 -# # cache_peer_access mycache.mydomain.net allow asexample -# # cache_peer_access mycache_mydomain.net deny all -# -# acl aclname proxy_auth username ... -# acl aclname proxy_auth_regex [-i] pattern ... -# # list of valid usernames -# # use REQUIRED to accept any valid username. -# # -# # NOTE: when a Proxy-Authentication header is sent but it is not -# # needed during ACL checking the username is NOT logged -# # in access.log. -# # -# # NOTE: proxy_auth requires a EXTERNAL authentication program -# # to check username/password combinations (see -# # auth_param directive). -# # -# # WARNING: proxy_auth can't be used in a transparent proxy. It -# # collides with any authentication done by origin servers. It may -# # seem like it works at first, but it doesn't. -# -# acl aclname snmp_community string ... -# # A community string to limit access to your SNMP Agent -# # Example: -# # -# # acl snmppublic snmp_community public -# -# acl aclname maxconn number -# # This will be matched when the client's IP address has -# # more than HTTP connections established. -# -# acl aclname max_user_ip [-s] number -# # This will be matched when the user attempts to log in from more -# # than different ip addresses. The authenticate_ip_ttl -# # parameter controls the timeout on the ip entries. -# # If -s is specified then the limit is strict, denying browsing -# # from any further IP addresses until the ttl has expired. Without -# # -s Squid will just annoy the user by "randomly" denying requests. -# # (the counter is then reset each time the limit is reached and a -# # request is denied) -# # NOTE: in acceleration mode or where there is mesh of child proxies, -# # clients may appear to come from multiple addresses if they are -# # going through proxy farms, so a limit of 1 may cause user problems. -# -# acl aclname req_mime_type mime-type1 ... -# # regex match agains the mime type of the request generated -# # by the client. Can be used to detect file upload or some -# # types HTTP tunelling requests. -# # NOTE: This does NOT match the reply. You cannot use this -# # to match the returned file type. -# -# acl aclname rep_mime_type mime-type1 ... -# # regex match against the mime type of the reply recieved by -# # squid. Can be used to detect file download or some -# # types HTTP tunelling requests. -# # NOTE: This has no effect in http_access rules. It only has -# # effect in rules that affect the reply data stream such as -# # http_reply_access. -# -# acl acl_name external class_name [arguments...] -# # external ACL lookup via a helper class defined by the -# # external_acl_type directive. -# -#Examples: -#acl myexample dst_as 1241 -#acl password proxy_auth REQUIRED -#acl fileupload req_mime_type -i ^multipart/form-data$ -#acl javascript rep_mime_type -i ^application/x-javascript$ -# -#Recommended minimum configuration: -acl all src 0.0.0.0/0.0.0.0 -acl manager proto cache_object -acl localhost src 127.0.0.1/255.255.255.255 -acl to_localhost dst 127.0.0.0/8 -acl SSL_ports port 443 563 -acl Jabber_ports port 5222 -acl Safe_ports port 80 # http -acl Safe_ports port 21 # ftp -acl Safe_ports port 443 563 # https, snews -acl Safe_ports port 70 # gopher -acl Safe_ports port 210 # wais -acl Safe_ports port 1025-65535 # unregistered ports -acl Safe_ports port 280 # http-mgmt -acl Safe_ports port 488 # gss-http -acl Safe_ports port 591 # filemaker -acl Safe_ports port 777 # multiling http -acl CONNECT method CONNECT - -# TAG: http_access -# Allowing or Denying access based on defined access lists -# -# Access to the HTTP port: -# http_access allow|deny [!]aclname ... -# -# NOTE on default values: -# -# If there are no "access" lines present, the default is to deny -# the request. -# -# If none of the "access" lines cause a match, the default is the -# opposite of the last line in the list. If the last line was -# deny, then the default is allow. Conversely, if the last line -# is allow, the default will be deny. For these reasons, it is a -# good idea to have an "deny all" or "allow all" entry at the end -# of your access lists to avoid potential confusion. -# -#Default: -# http_access deny all -# -#Recommended minimum configuration: -# -# Only allow cachemgr access from localhost -http_access allow manager localhost -http_access deny manager -# Deny requests to unknown ports -http_access deny !Safe_ports -# Deny CONNECT to other than SSL ports -http_access deny CONNECT !SSL_ports !Jabber_ports -# -# We strongly recommend to uncomment the following to protect innocent -# web applications running on the proxy server who think that the only -# one who can access services on "localhost" is a local user -#http_access deny to_localhost -# -# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS - -# Example rule allowing access from your local networks. Adapt -# to list your (internal) IP networks from where browsing should -# be allowed -acl password proxy_auth REQUIRED - -http_access allow password - - -# And finally deny all other access to this proxy -http_access allow localhost -http_access deny all - -# TAG: http_reply_access -# Allow replies to client requests. This is complementary to http_access. -# -# http_reply_access allow|deny [!] aclname ... -# -# NOTE: if there are no access lines present, the default is to allow -# all replies -# -# If none of the access lines cause a match, then the opposite of the -# last line will apply. Thus it is good practice to end the rules -# with an "allow all" or "deny all" entry. -# -#Default: -# http_reply_access allow all -# -#Recommended minimum configuration: -# -# Insert your own rules here. -# -# -# and finally allow by default -http_reply_access allow all - -# TAG: icp_access -# Allowing or Denying access to the ICP port based on defined -# access lists -# -# icp_access allow|deny [!]aclname ... -# -# See http_access for details -# -#Default: -# icp_access deny all -# -#Allow ICP queries from everyone -#icp_access allow all - -# TAG: miss_access -# Use to force your neighbors to use you as a sibling instead of -# a parent. For example: -# -# acl localclients src 172.16.0.0/16 -# miss_access allow localclients -# miss_access deny !localclients -# -# This means that only your local clients are allowed to fetch -# MISSES and all other clients can only fetch HITS. -# -# By default, allow all clients who passed the http_access rules -# to fetch MISSES from us. -# -#Default setting: -# miss_access allow all - -# TAG: cache_peer_access -# Similar to 'cache_peer_domain' but provides more flexibility by -# using ACL elements. -# -# cache_peer_access cache-host allow|deny [!]aclname ... -# -# The syntax is identical to 'http_access' and the other lists of -# ACL elements. See the comments for 'http_access' below, or -# the Squid FAQ (http://www.squid-cache.org/FAQ/FAQ-10.html). -# -#Default: -# none - -# TAG: ident_lookup_access -# A list of ACL elements which, if matched, cause an ident -# (RFC 931) lookup to be performed for this request. For -# example, you might choose to always perform ident lookups -# for your main multi-user Unix boxes, but not for your Macs -# and PCs. By default, ident lookups are not performed for -# any requests. -# -# To enable ident lookups for specific client addresses, you -# can follow this example: -# -# acl ident_aware_hosts src 198.168.1.0/255.255.255.0 -# ident_lookup_access allow ident_aware_hosts -# ident_lookup_access deny all -# -# Only src type ACL checks are fully supported. A src_domain -# ACL might work at times, but it will not always provide -# the correct result. -# -#Default: -# ident_lookup_access deny all - -# TAG: tcp_outgoing_tos -# Allows you to select a TOS/Diffserv value to mark outgoing -# connections with, based on the username or source address -# making the request. -# -# tcp_outgoing_tos ds-field [!]aclname ... -# -# Example where normal_service_net uses the TOS value 0x00 -# and normal_service_net uses 0x20 -# -# acl normal_service_net src 10.0.0.0/255.255.255.0 -# acl good_service_net src 10.0.1.0/255.255.255.0 -# tcp_outgoing_tos 0x00 normal_service_net 0x00 -# tcp_outgoing_tos 0x20 good_service_net -# -# TOS/DSCP values really only have local significance - so you should -# know what you're specifying. For more, see RFC 2474 -# -# The TOS/DSCP byte must be exactly that - a byte, value 0 - 255, or -# "default" to use whatever default your host has. -# -# Processing proceeds in the order specified, and stops at first fully -# matching line. -# -#Default: -# none - -# TAG: tcp_outgoing_address -# Allows you to map requests to different outgoing IP addresses -# based on the username or sourceaddress of the user making -# the request. -# -# tcp_outgoing_address ipaddr [[!]aclname] ... -# -# Example where requests from 10.0.0.0/24 will be forwareded -# with source address 10.1.0.1, 10.0.2.0/24 forwarded with -# source address 10.1.0.2 and the rest will be forwarded with -# source address 10.1.0.3. -# -# acl normal_service_net src 10.0.0.0/255.255.255.0 -# acl good_service_net src 10.0.1.0/255.255.255.0 -# tcp_outgoing_address 10.0.0.1 normal_service_net -# tcp_outgoing_address 10.0.0.2 good_service_net -# tcp_outgoing_address 10.0.0.3 -# -# Processing proceeds in the order specified, and stops at first fully -# matching line. -# -#Default: -# none - -# TAG: reply_body_max_size bytes allow|deny acl acl... -# This option specifies the maximum size of a reply body in bytes. -# It can be used to prevent users from downloading very large files, -# such as MP3's and movies. When the reply headers are recieved, -# the reply_body_max_size lines are processed, and the first line with -# a result of "allow" is used as the maximum body size for this reply. -# This size is then checked twice. First when we get the reply headers, -# we check the content-length value. If the content length value exists -# and is larger than the allowed size, the request is denied and the -# user receives an error message that says "the request or reply -# is too large." If there is no content-length, and the reply -# size exceeds this limit, the client's connection is just closed -# and they will receive a partial reply. -# -# WARNING: downstream caches probably can not detect a partial reply -# if there is no content-length header, so they will cache -# partial responses and give them out as hits. You should NOT -# use this option if you have downstream caches. -# -# If you set this parameter to zero (the default), there will be -# no limit imposed. -# -#Default: -# reply_body_max_size 0 allow all - - -# ADMINISTRATIVE PARAMETERS -# ----------------------------------------------------------------------------- - -# TAG: cache_mgr -# Email-address of local cache manager who will receive -# mail if the cache dies. The default is "webmaster." -# -#Default: -# cache_mgr webmaster - -# TAG: cache_effective_user -# TAG: cache_effective_group -# -# If you start Squid as root, it will change its effective/real -# UID/GID to the UID/GID specified below. The default is to -# change to UID to nobody. If you define cache_effective_user, -# but not cache_effective_group, Squid sets the GID the -# effective user's default group ID (taken from the password -# file). -# -# If Squid is not started as root, the cache_effective_user -# value is ignored and the GID value is unchanged by default. -# However, you can make Squid change its GID to another group -# that the process owner is a member of. Note that if Squid -# is not started as root then you cannot set http_port to a -# value lower than 1024. -# -#Default: -# cache_effective_user squid -# cache_effective_group squid - -# TAG: visible_hostname -# If you want to present a special hostname in error messages, etc, -# then define this. Otherwise, the return value of gethostname() -# will be used. If you have multiple caches in a cluster and -# get errors about IP-forwarding you must set them to have individual -# names with this setting. -# -#Default: -# none - -# TAG: unique_hostname -# If you want to have multiple machines with the same -# 'visible_hostname' then you must give each machine a different -# 'unique_hostname' so that forwarding loops can be detected. -# -#Default: -# none - -# TAG: hostname_aliases -# A list of other DNS names that your cache has. -# -#Default: -# none - - -# OPTIONS FOR THE CACHE REGISTRATION SERVICE -# ----------------------------------------------------------------------------- -# -# This section contains parameters for the (optional) cache -# announcement service. This service is provided to help -# cache administrators locate one another in order to join or -# create cache hierarchies. -# -# An 'announcement' message is sent (via UDP) to the registration -# service by Squid. By default, the announcement message is NOT -# SENT unless you enable it with 'announce_period' below. -# -# The announcement message includes your hostname, plus the -# following information from this configuration file: -# -# http_port -# icp_port -# cache_mgr -# -# All current information is processed regularly and made -# available on the Web at http://www.ircache.net/Cache/Tracker/. - -# TAG: announce_period -# This is how frequently to send cache announcements. The -# default is `0' which disables sending the announcement -# messages. -# -# To enable announcing your cache, just uncomment the line -# below. -# -#Default: -# announce_period 0 -# -#To enable announcing your cache, just uncomment the line below. -#announce_period 1 day - -# TAG: announce_host -# TAG: announce_file -# TAG: announce_port -# announce_host and announce_port set the hostname and port -# number where the registration message will be sent. -# -# Hostname will default to 'tracker.ircache.net' and port will -# default default to 3131. If the 'filename' argument is given, -# the contents of that file will be included in the announce -# message. -# -#Default: -# announce_host tracker.ircache.net -# announce_port 3131 - - -# HTTPD-ACCELERATOR OPTIONS -# ----------------------------------------------------------------------------- - -# TAG: httpd_accel_host -# TAG: httpd_accel_port -# If you want to run Squid as an httpd accelerator, define the -# host name and port number where the real HTTP server is. -# -# If you want IP based virtual host support then specify the -# hostname as "virtual". This will make Squid use the IP address -# where it accepted the request as hostname in the URL. -# -# If you want virtual port support then specify the port as "0". -# -# NOTE: enabling httpd_accel_host disables proxy-caching and -# ICP. If you want these features enabled also, then set -# the 'httpd_accel_with_proxy' option. -# -#Default: -# httpd_accel_port 80 - -# TAG: httpd_accel_single_host on|off -# If you are running Squid as an accelerator and have a single backend -# server then set this to on. This causes Squid to forward the request -# to this server irregardles of what any redirectors or Host headers -# says. -# -# Leave this at off if you have multiple backend servers, and use a -# redirector (or host table or private DNS) to map the requests to the -# appropriate backend servers. Note that the mapping needs to be a -# 1-1 mapping between requested and backend (from redirector) domain -# names or caching will fail, as cacing is performed using the -# URL returned from the redirector. -# -# See also redirect_rewrites_host_header. -# -#Default: -# httpd_accel_single_host off - -# TAG: httpd_accel_with_proxy on|off -# If you want to use Squid as both a local httpd accelerator -# and as a proxy, change this to 'on'. Note however that your -# proxy users may have trouble to reach the accelerated domains -# unless their browsers are configured not to use this proxy for -# those domains (for example via the no_proxy browser configuration -# setting) -# -#Default: -# httpd_accel_with_proxy off - -# TAG: httpd_accel_uses_host_header on|off -# HTTP/1.1 requests include a Host: header which is basically the -# hostname from the URL. The Host: header is used for domain based -# virutal hosts. If your accelerator needs to provide domain based -# virtual hosts on the same IP address then you will need to turn this -# on. -# -# Note that Squid does NOT check the value of the Host header matches -# any of your accelerated server, so it may open a big security hole -# unless you take care to set up access controls proper. We recommend -# that this option remain disabled unless you are sure of what you -# are doing. -# -# However, you will need to enable this option if you run Squid -# as a transparent proxy. Otherwise, virtual servers which -# require the Host: header will not be properly cached. -# -#Default: -# httpd_accel_uses_host_header off - - -# MISCELLANEOUS -# ----------------------------------------------------------------------------- - -# TAG: dns_testnames -# The DNS tests exit as soon as the first site is successfully looked up -# -# This test can be disabled with the -D command line option. -# -#Default: -# dns_testnames netscape.com internic.net nlanr.net microsoft.com - -# TAG: logfile_rotate -# Specifies the number of logfile rotations to make when you -# type 'squid -k rotate'. The default is 10, which will rotate -# with extensions 0 through 9. Setting logfile_rotate to 0 will -# disable the rotation, but the logfiles are still closed and -# re-opened. This will enable you to rename the logfiles -# yourself just before sending the rotate signal. -# -# Note, the 'squid -k rotate' command normally sends a USR1 -# signal to the running squid process. In certain situations -# (e.g. on Linux with Async I/O), USR1 is used for other -# purposes, so -k rotate uses another signal. It is best to get -# in the habit of using 'squid -k rotate' instead of 'kill -USR1 -# '. -# -#Default: -# logfile_rotate 0 - -# TAG: append_domain -# Appends local domain name to hostnames without any dots in -# them. append_domain must begin with a period. -# -# Be warned that there today is Internet names with no dots in -# them using only top-domain names, so setting this may -# cause some Internet sites to become unavailable. -# -#Example: -# append_domain .yourdomain.com -# -#Default: -# none - -# TAG: tcp_recv_bufsize (bytes) -# Size of receive buffer to set for TCP sockets. Probably just -# as easy to change your kernel's default. Set to zero to use -# the default buffer size. -# -#Default: -# tcp_recv_bufsize 0 bytes - -# TAG: err_html_text -# HTML text to include in error messages. Make this a "mailto" -# URL to your admin address, or maybe just a link to your -# organizations Web page. -# -# To include this in your error messages, you must rewrite -# the error template files (found in the "errors" directory). -# Wherever you want the 'err_html_text' line to appear, -# insert a %L tag in the error template file. -# -#Default: -# none - -# TAG: deny_info -# Usage: deny_info err_page_name acl -# or deny_info http://... acl -# Example: deny_info ERR_CUSTOM_ACCESS_DENIED bad_guys -# -# This can be used to return a ERR_ page for requests which -# do not pass the 'http_access' rules. A single ACL will cause -# the http_access check to fail. If a 'deny_info' line exists -# for that ACL then Squid returns a corresponding error page. -# -# You may use ERR_ pages that come with Squid or create your own pages -# and put them into the configured errors/ directory. -# -# Alternatively you can specify an error URL. The browsers will then -# get redirected (302) to the specified URL. %s in the redirection -# URL will be replaced by the requested URL. -# -# Alternatively you can tell Squid to reset the TCP connection -# by specifying TCP_RESET. -# -#Default: -# none - -# TAG: memory_pools on|off -# If set, Squid will keep pools of allocated (but unused) memory -# available for future use. If memory is a premium on your -# system and you believe your malloc library outperforms Squid -# routines, disable this. -# -#Default: -# memory_pools on - -# TAG: memory_pools_limit (bytes) -# Used only with memory_pools on: -# memory_pools_limit 50 MB -# -# If set to a non-zero value, Squid will keep at most the specified -# limit of allocated (but unused) memory in memory pools. All free() -# requests that exceed this limit will be handled by your malloc -# library. Squid does not pre-allocate any memory, just safe-keeps -# objects that otherwise would be free()d. Thus, it is safe to set -# memory_pools_limit to a reasonably high value even if your -# configuration will use less memory. -# -# If not set (default) or set to zero, Squid will keep all memory it -# can. That is, there will be no limit on the total amount of memory -# used for safe-keeping. -# -# To disable memory allocation optimization, do not set -# memory_pools_limit to 0. Set memory_pools to "off" instead. -# -# An overhead for maintaining memory pools is not taken into account -# when the limit is checked. This overhead is close to four bytes per -# object kept. However, pools may actually _save_ memory because of -# reduced memory thrashing in your malloc library. -# -#Default: -# none - -# TAG: forwarded_for on|off -# If set, Squid will include your system's IP address or name -# in the HTTP requests it forwards. By default it looks like -# this: -# -# X-Forwarded-For: 192.1.2.3 -# -# If you disable this, it will appear as -# -# X-Forwarded-For: unknown -# -#Default: -# forwarded_for on - -# TAG: log_icp_queries on|off -# If set, ICP queries are logged to access.log. You may wish -# do disable this if your ICP load is VERY high to speed things -# up or to simplify log analysis. -# -#Default: -# log_icp_queries on - -# TAG: icp_hit_stale on|off -# If you want to return ICP_HIT for stale cache objects, set this -# option to 'on'. If you have sibling relationships with caches -# in other administrative domains, this should be 'off'. If you only -# have sibling relationships with caches under your control, then -# it is probably okay to set this to 'on'. -# If set to 'on', then your siblings should use the option "allow-miss" -# on their cache_peer lines for connecting to you. -# -#Default: -# icp_hit_stale off - -# TAG: minimum_direct_hops -# If using the ICMP pinging stuff, do direct fetches for sites -# which are no more than this many hops away. -# -#Default: -# minimum_direct_hops 4 - -# TAG: minimum_direct_rtt -# If using the ICMP pinging stuff, do direct fetches for sites -# which are no more than this many rtt milliseconds away. -# -#Default: -# minimum_direct_rtt 400 - -# TAG: cachemgr_passwd -# Specify passwords for cachemgr operations. -# -# Usage: cachemgr_passwd password action action ... -# -# Some valid actions are (see cache manager menu for a full list): -# 5min -# 60min -# asndb -# authenticator -# cbdata -# client_list -# comm_incoming -# config * -# counters -# delay -# digest_stats -# dns -# events -# filedescriptors -# fqdncache -# histograms -# http_headers -# info -# io -# ipcache -# mem -# menu -# netdb -# non_peers -# objects -# offline_toggle * -# pconn -# peer_select -# redirector -# refresh -# server_list -# shutdown * -# store_digest -# storedir -# utilization -# via_headers -# vm_objects -# -# * Indicates actions which will not be performed without a -# valid password, others can be performed if not listed here. -# -# To disable an action, set the password to "disable". -# To allow performing an action without a password, set the -# password to "none". -# -# Use the keyword "all" to set the same password for all actions. -# -#Example: -# cachemgr_passwd secret shutdown -# cachemgr_passwd lesssssssecret info stats/objects -# cachemgr_passwd disable all -# -#Default: -# none - -# TAG: store_avg_object_size (kbytes) -# Average object size, used to estimate number of objects your -# cache can hold. See doc/Release-Notes-1.1.txt. The default is -# 13 KB. -# -#Default: -# store_avg_object_size 13 KB - -# TAG: store_objects_per_bucket -# Target number of objects per bucket in the store hash table. -# Lowering this value increases the total number of buckets and -# also the storage maintenance rate. The default is 50. -# -#Default: -# store_objects_per_bucket 20 - -# TAG: client_db on|off -# If you want to disable collecting per-client statistics, then -# turn off client_db here. -# -#Default: -# client_db on - -# TAG: netdb_low -# TAG: netdb_high -# The low and high water marks for the ICMP measurement -# database. These are counts, not percents. The defaults are -# 900 and 1000. When the high water mark is reached, database -# entries will be deleted until the low mark is reached. -# -#Default: -# netdb_low 900 -# netdb_high 1000 - -# TAG: netdb_ping_period -# The minimum period for measuring a site. There will be at -# least this much delay between successive pings to the same -# network. The default is five minutes. -# -#Default: -# netdb_ping_period 5 minutes - -# TAG: query_icmp on|off -# If you want to ask your peers to include ICMP data in their ICP -# replies, enable this option. -# -# If your peer has configured Squid (during compilation) with -# '--enable-icmp' then that peer will send ICMP pings to origin server -# sites of the URLs it receives. If you enable this option then the -# ICP replies from that peer will include the ICMP data (if available). -# Then, when choosing a parent cache, Squid will choose the parent with -# the minimal RTT to the origin server. When this happens, the -# hierarchy field of the access.log will be -# "CLOSEST_PARENT_MISS". This option is off by default. -# -#Default: -# query_icmp off - -# TAG: test_reachability on|off -# When this is 'on', ICP MISS replies will be ICP_MISS_NOFETCH -# instead of ICP_MISS if the target host is NOT in the ICMP -# database, or has a zero RTT. -# -#Default: -# test_reachability off - -# TAG: buffered_logs on|off -# cache.log log file is written with stdio functions, and as such -# it can be buffered or unbuffered. By default it will be unbuffered. -# Buffering it can speed up the writing slightly (though you are -# unlikely to need to worry unless you run with tons of debugging -# enabled in which case performance will suffer badly anyway..). -# -#Default: -# buffered_logs off - -# TAG: reload_into_ims on|off -# When you enable this option, client no-cache or ``reload'' -# requests will be changed to If-Modified-Since requests. -# Doing this VIOLATES the HTTP standard. Enabling this -# feature could make you liable for problems which it -# causes. -# -# see also refresh_pattern for a more selective approach. -# -#Default: -# reload_into_ims off - -# TAG: always_direct -# Usage: always_direct allow|deny [!]aclname ... -# -# Here you can use ACL elements to specify requests which should -# ALWAYS be forwarded directly to origin servers. For example, -# to always directly forward requests for local servers use -# something like: -# -# acl local-servers dstdomain my.domain.net -# always_direct allow local-servers -# -# To always forward FTP requests directly, use -# -# acl FTP proto FTP -# always_direct allow FTP -# -# NOTE: There is a similar, but opposite option named -# 'never_direct'. You need to be aware that "always_direct deny -# foo" is NOT the same thing as "never_direct allow foo". You -# may need to use a deny rule to exclude a more-specific case of -# some other rule. Example: -# -# acl local-external dstdomain external.foo.net -# acl local-servers dstdomain .foo.net -# always_direct deny local-external -# always_direct allow local-servers -# -# This option replaces some v1.1 options such as local_domain -# and local_ip. -# -#Default: -# none - -# TAG: never_direct -# Usage: never_direct allow|deny [!]aclname ... -# -# never_direct is the opposite of always_direct. Please read -# the description for always_direct if you have not already. -# -# With 'never_direct' you can use ACL elements to specify -# requests which should NEVER be forwarded directly to origin -# servers. For example, to force the use of a proxy for all -# requests, except those in your local domain use something like: -# -# acl local-servers dstdomain .foo.net -# acl all src 0.0.0.0/0.0.0.0 -# never_direct deny local-servers -# never_direct allow all -# -# or if squid is inside a firewall and there is local intranet -# servers inside the firewall then use something like: -# -# acl local-intranet dstdomain .foo.net -# acl local-external dstdomain external.foo.net -# always_direct deny local-external -# always_direct allow local-intranet -# never_direct allow all -# -# This option replaces some v1.1 options such as inside_firewall -# and firewall_ip. -# -#Default: -# none - -# TAG: header_access -# Usage: header_access header_name allow|deny [!]aclname ... -# -# WARNING: Doing this VIOLATES the HTTP standard. Enabling -# this feature could make you liable for problems which it -# causes. -# -# This option replaces the old 'anonymize_headers' and the -# older 'http_anonymizer' option with something that is much -# more configurable. This new method creates a list of ACLs -# for each header, allowing you very fine-tuned header -# mangling. -# -# You can only specify known headers for the header name. -# Other headers are reclassified as 'Other'. You can also -# refer to all the headers with 'All'. -# -# For example, to achieve the same behaviour as the old -# 'http_anonymizer standard' option, you should use: -# -# header_access From deny all -# header_access Referer deny all -# header_access Server deny all -# header_access User-Agent deny all -# header_access WWW-Authenticate deny all -# header_access Link deny all -# -# Or, to reproduce the old 'http_anonymizer paranoid' feature -# you should use: -# -# header_access Allow allow all -# header_access Authorization allow all -# header_access WWW-Authenticate allow all -# header_access Cache-Control allow all -# header_access Content-Encoding allow all -# header_access Content-Length allow all -# header_access Content-Type allow all -# header_access Date allow all -# header_access Expires allow all -# header_access Host allow all -# header_access If-Modified-Since allow all -# header_access Last-Modified allow all -# header_access Location allow all -# header_access Pragma allow all -# header_access Accept allow all -# header_access Accept-Charset allow all -# header_access Accept-Encoding allow all -# header_access Accept-Language allow all -# header_access Content-Language allow all -# header_access Mime-Version allow all -# header_access Retry-After allow all -# header_access Title allow all -# header_access Connection allow all -# header_access Proxy-Connection allow all -# header_access All deny all -# -# By default, all headers are allowed (no anonymizing is -# performed). -# -#Default: -# none - -# TAG: header_replace -# Usage: header_replace header_name message -# Example: header_replace User-Agent Nutscrape/1.0 (CP/M; 8-bit) -# -# This option allows you to change the contents of headers -# denied with header_access above, by replacing them with -# some fixed string. This replaces the old fake_user_agent -# option. -# -# By default, headers are removed if denied. -# -#Default: -# none - -# TAG: icon_directory -# Where the icons are stored. These are normally kept in -# /usr/share/squid/icons -# -#Default: -# icon_directory /usr/share/squid/icons - -# TAG: short_icon_urls -# If this is enabled then Squid will use short URLs for icons. -# -# If off then the URLs for icons will always be absolute URLs -# including the proxy name and port. -# -#Default: -# short_icon_urls off - -# TAG: error_directory -# If you wish to create your own versions of the default -# (English) error files, either to customize them to suit your -# language or company copy the template English files to another -# directory and point this tag at them. -# -#Default: -# error_directory /usr/share/squid/errors/English - -# TAG: maximum_single_addr_tries -# This sets the maximum number of connection attempts for a -# host that only has one address (for multiple-address hosts, -# each address is tried once). -# -# The default value is one attempt, the (not recommended) -# maximum is 255 tries. A warning message will be generated -# if it is set to a value greater than ten. -# -# Note: This is in addition to the request reforwarding which -# takes place if Squid fails to get a satisfying response. -# -#Default: -# maximum_single_addr_tries 1 - -# TAG: snmp_port -# Squid can now serve statistics and status information via SNMP. -# By default it listens to port 3401 on the machine. If you don't -# wish to use SNMP, set this to "0". -# -#Default: -# snmp_port 3401 - -# TAG: snmp_access -# Allowing or denying access to the SNMP port. -# -# All access to the agent is denied by default. -# usage: -# -# snmp_access allow|deny [!]aclname ... -# -#Example: -# snmp_access allow snmppublic localhost -# snmp_access deny all -# -#Default: -# snmp_access deny all - -# TAG: snmp_incoming_address -# TAG: snmp_outgoing_address -# Just like 'udp_incoming_address' above, but for the SNMP port. -# -# snmp_incoming_address is used for the SNMP socket receiving -# messages from SNMP agents. -# snmp_outgoing_address is used for SNMP packets returned to SNMP -# agents. -# -# The default snmp_incoming_address (0.0.0.0) is to listen on all -# available network interfaces. -# -# If snmp_outgoing_address is set to 255.255.255.255 (the default) -# then it will use the same socket as snmp_incoming_address. Only -# change this if you want to have SNMP replies sent using another -# address than where this Squid listens for SNMP queries. -# -# NOTE, snmp_incoming_address and snmp_outgoing_address can not have -# the same value since they both use port 3401. -# -#Default: -# snmp_incoming_address 0.0.0.0 -# snmp_outgoing_address 255.255.255.255 - -# TAG: as_whois_server -# WHOIS server to query for AS numbers. NOTE: AS numbers are -# queried only when Squid starts up, not for every request. -# -#Default: -# as_whois_server whois.ra.net -# as_whois_server whois.ra.net - -# TAG: wccp_router -# Use this option to define your WCCP ``home'' router for -# Squid. Setting the 'wccp_router' to 0.0.0.0 (the default) -# disables WCCP. -# -#Default: -# wccp_router 0.0.0.0 - -# TAG: wccp_version -# According to some users, Cisco IOS 11.2 only supports WCCP -# version 3. If you're using that version of IOS, change -# this value to 3. -# -#Default: -# wccp_version 4 - -# TAG: wccp_incoming_address -# TAG: wccp_outgoing_address -# wccp_incoming_address Use this option if you require WCCP -# messages to be received on only one -# interface. Do NOT use this option if -# you're unsure how many interfaces you -# have, or if you know you have only one -# interface. -# -# wccp_outgoing_address Use this option if you require WCCP -# messages to be sent out on only one -# interface. Do NOT use this option if -# you're unsure how many interfaces you -# have, or if you know you have only one -# interface. -# -# The default behavior is to not bind to any specific address. -# -# NOTE, wccp_incoming_address and wccp_outgoing_address can not have -# the same value since they both use port 2048. -# -#Default: -# wccp_incoming_address 0.0.0.0 -# wccp_outgoing_address 255.255.255.255 - - -# DELAY POOL PARAMETERS (all require DELAY_POOLS compilation option) -# ----------------------------------------------------------------------------- - -# TAG: delay_pools -# This represents the number of delay pools to be used. For example, -# if you have one class 2 delay pool and one class 3 delays pool, you -# have a total of 2 delay pools. -# -#Default: -# delay_pools 0 - -# TAG: delay_class -# This defines the class of each delay pool. There must be exactly one -# delay_class line for each delay pool. For example, to define two -# delay pools, one of class 2 and one of class 3, the settings above -# and here would be: -# -#Example: -# delay_pools 2 # 2 delay pools -# delay_class 1 2 # pool 1 is a class 2 pool -# delay_class 2 3 # pool 2 is a class 3 pool -# -# The delay pool classes are: -# -# class 1 Everything is limited by a single aggregate -# bucket. -# -# class 2 Everything is limited by a single aggregate -# bucket as well as an "individual" bucket chosen -# from bits 25 through 32 of the IP address. -# -# class 3 Everything is limited by a single aggregate -# bucket as well as a "network" bucket chosen -# from bits 17 through 24 of the IP address and a -# "individual" bucket chosen from bits 17 through -# 32 of the IP address. -# -# NOTE: If an IP address is a.b.c.d -# -> bits 25 through 32 are "d" -# -> bits 17 through 24 are "c" -# -> bits 17 through 32 are "c * 256 + d" -# -#Default: -# none - -# TAG: delay_access -# This is used to determine which delay pool a request falls into. -# The first matched delay pool is always used, i.e., if a request falls -# into delay pool number one, no more delay are checked, otherwise the -# rest are checked in order of their delay pool number until they have -# all been checked. For example, if you want some_big_clients in delay -# pool 1 and lotsa_little_clients in delay pool 2: -# -#Example: -# delay_access 1 allow some_big_clients -# delay_access 1 deny all -# delay_access 2 allow lotsa_little_clients -# delay_access 2 deny all -# -#Default: -# none - -# TAG: delay_parameters -# This defines the parameters for a delay pool. Each delay pool has -# a number of "buckets" associated with it, as explained in the -# description of delay_class. For a class 1 delay pool, the syntax is: -# -#delay_parameters pool aggregate -# -# For a class 2 delay pool: -# -#delay_parameters pool aggregate individual -# -# For a class 3 delay pool: -# -#delay_parameters pool aggregate network individual -# -# The variables here are: -# -# pool a pool number - ie, a number between 1 and the -# number specified in delay_pools as used in -# delay_class lines. -# -# aggregate the "delay parameters" for the aggregate bucket -# (class 1, 2, 3). -# -# individual the "delay parameters" for the individual -# buckets (class 2, 3). -# -# network the "delay parameters" for the network buckets -# (class 3). -# -# A pair of delay parameters is written restore/maximum, where restore is -# the number of bytes (not bits - modem and network speeds are usually -# quoted in bits) per second placed into the bucket, and maximum is the -# maximum number of bytes which can be in the bucket at any time. -# -# For example, if delay pool number 1 is a class 2 delay pool as in the -# above example, and is being used to strictly limit each host to 64kbps -# (plus overheads), with no overall limit, the line is: -# -#delay_parameters 1 -1/-1 8000/8000 -# -# Note that the figure -1 is used to represent "unlimited". -# -# And, if delay pool number 2 is a class 3 delay pool as in the above -# example, and you want to limit it to a total of 256kbps (strict limit) -# with each 8-bit network permitted 64kbps (strict limit) and each -# individual host permitted 4800bps with a bucket maximum size of 64kb -# to permit a decent web page to be downloaded at a decent speed -# (if the network is not being limited due to overuse) but slow down -# large downloads more significantly: -# -#delay_parameters 2 32000/32000 8000/8000 600/8000 -# -# There must be one delay_parameters line for each delay pool. -# -#Default: -# none - -# TAG: delay_initial_bucket_level (percent, 0-100) -# The initial bucket percentage is used to determine how much is put -# in each bucket when squid starts, is reconfigured, or first notices -# a host accessing it (in class 2 and class 3, individual hosts and -# networks only have buckets associated with them once they have been -# "seen" by squid). -# -#Default: -# delay_initial_bucket_level 50 - -# TAG: incoming_icp_average -# TAG: incoming_http_average -# TAG: incoming_dns_average -# TAG: min_icp_poll_cnt -# TAG: min_dns_poll_cnt -# TAG: min_http_poll_cnt -# Heavy voodoo here. I can't even believe you are reading this. -# Are you crazy? Don't even think about adjusting these unless -# you understand the algorithms in comm_select.c first! -# -#Default: -# incoming_icp_average 6 -# incoming_http_average 4 -# incoming_dns_average 4 -# min_icp_poll_cnt 8 -# min_dns_poll_cnt 8 -# min_http_poll_cnt 8 - -# TAG: max_open_disk_fds -# To avoid having disk as the I/O bottleneck Squid can optionally -# bypass the on-disk cache if more than this amount of disk file -# descriptors are open. -# -# A value of 0 indicates no limit. -# -#Default: -# max_open_disk_fds 0 - -# TAG: offline_mode -# Enable this option and Squid will never try to validate cached -# objects. -# -#Default: -# offline_mode off - -# TAG: uri_whitespace -# What to do with requests that have whitespace characters in the -# URI. Options: -# -# strip: The whitespace characters are stripped out of the URL. -# This is the behavior recommended by RFC2396. -# deny: The request is denied. The user receives an "Invalid -# Request" message. -# allow: The request is allowed and the URI is not changed. The -# whitespace characters remain in the URI. Note the -# whitespace is passed to redirector processes if they -# are in use. -# encode: The request is allowed and the whitespace characters are -# encoded according to RFC1738. This could be considered -# a violation of the HTTP/1.1 -# RFC because proxies are not allowed to rewrite URI's. -# chop: The request is allowed and the URI is chopped at the -# first whitespace. This might also be considered a -# violation. -# -#Default: -# uri_whitespace strip - -# TAG: broken_posts -# A list of ACL elements which, if matched, causes Squid to send -# an extra CRLF pair after the body of a PUT/POST request. -# -# Some HTTP servers has broken implementations of PUT/POST, -# and rely on an extra CRLF pair sent by some WWW clients. -# -# Quote from RFC 2068 section 4.1 on this matter: -# -# Note: certain buggy HTTP/1.0 client implementations generate an -# extra CRLF's after a POST request. To restate what is explicitly -# forbidden by the BNF, an HTTP/1.1 client must not preface or follow -# a request with an extra CRLF. -# -#Example: -# acl buggy_server url_regex ^http://.... -# broken_posts allow buggy_server -# -#Default: -# none - -# TAG: mcast_miss_addr -# Note: This option is only available if Squid is rebuilt with the -# -DMULTICAST_MISS_STREAM option -# -# If you enable this option, every "cache miss" URL will -# be sent out on the specified multicast address. -# -# Do not enable this option unless you are are absolutely -# certain you understand what you are doing. -# -#Default: -# mcast_miss_addr 255.255.255.255 - -# TAG: mcast_miss_ttl -# Note: This option is only available if Squid is rebuilt with the -# -DMULTICAST_MISS_TTL option -# -# This is the time-to-live value for packets multicasted -# when multicasting off cache miss URLs is enabled. By -# default this is set to 'site scope', i.e. 16. -# -#Default: -# mcast_miss_ttl 16 - -# TAG: mcast_miss_port -# Note: This option is only available if Squid is rebuilt with the -# -DMULTICAST_MISS_STREAM option -# -# This is the port number to be used in conjunction with -# 'mcast_miss_addr'. -# -#Default: -# mcast_miss_port 3135 - -# TAG: mcast_miss_encode_key -# Note: This option is only available if Squid is rebuilt with the -# -DMULTICAST_MISS_STREAM option -# -# The URLs that are sent in the multicast miss stream are -# encrypted. This is the encryption key. -# -#Default: -# mcast_miss_encode_key XXXXXXXXXXXXXXXX - -# TAG: nonhierarchical_direct -# By default, Squid will send any non-hierarchical requests -# (matching hierarchy_stoplist or not cachable request type) direct -# to origin servers. -# -# If you set this to off, then Squid will prefer to send these -# requests to parents. -# -# Note that in most configurations, by turning this off you will only -# add latency to these request without any improvement in global hit -# ratio. -# -# If you are inside an firewall then see never_direct instead of -# this directive. -# -#Default: -# nonhierarchical_direct on - -# TAG: prefer_direct -# Normally Squid tries to use parents for most requests. If you by some -# reason like it to first try going direct and only use a parent if -# going direct fails then set this to on. -# -# By combining nonhierarchical_direct off and prefer_direct on you -# can set up Squid to use a parent as a backup path if going direct -# fails. -# -# Note: If you want Squid to use parents for all requests then see -# the never_direct directive. prefer_direct only modifies how Squid -# acts on cachable requests. -# -#Default: -# prefer_direct off - -# TAG: strip_query_terms -# By default, Squid strips query terms from requested URLs before -# logging. This protects your user's privacy. -# -#Default: -# strip_query_terms on - -# TAG: coredump_dir -# By default Squid leaves core files in the directory from where -# it was started. If you set 'coredump_dir' to a directory -# that exists, Squid will chdir() to that directory at startup -# and coredump files will be left there. -# -#Default: -# coredump_dir none -# -# Leave coredumps in the first cache dir -coredump_dir /var/spool/squid - -# TAG: redirector_bypass -# When this is 'on', a request will not go through the -# redirector if all redirectors are busy. If this is 'off' -# and the redirector queue grows too large, Squid will exit -# with a FATAL error and ask you to increase the number of -# redirectors. You should only enable this if the redirectors -# are not critical to your caching system. If you use -# redirectors for access control, and you enable this option, -# then users may have access to pages that they should not -# be allowed to request. -# -#Default: -# redirector_bypass off - -# TAG: ignore_unknown_nameservers -# By default Squid checks that DNS responses are received -# from the same IP addresses that they are sent to. If they -# don't match, Squid ignores the response and writes a warning -# message to cache.log. You can allow responses from unknown -# nameservers by setting this option to 'off'. -# -#Default: -# ignore_unknown_nameservers on - -# TAG: digest_generation -# This controls whether the server will generate a Cache Digest -# of its contents. By default, Cache Digest generation is -# enabled if Squid is compiled with USE_CACHE_DIGESTS defined. -# -#Default: -# digest_generation on - -# TAG: digest_bits_per_entry -# This is the number of bits of the server's Cache Digest which -# will be associated with the Digest entry for a given HTTP -# Method and URL (public key) combination. The default is 5. -# -#Default: -# digest_bits_per_entry 5 - -# TAG: digest_rebuild_period (seconds) -# This is the number of seconds between Cache Digest rebuilds. -# -#Default: -# digest_rebuild_period 1 hour - -# TAG: digest_rewrite_period (seconds) -# This is the number of seconds between Cache Digest writes to -# disk. -# -#Default: -# digest_rewrite_period 1 hour - -# TAG: digest_swapout_chunk_size (bytes) -# This is the number of bytes of the Cache Digest to write to -# disk at a time. It defaults to 4096 bytes (4KB), the Squid -# default swap page. -# -#Default: -# digest_swapout_chunk_size 4096 bytes - -# TAG: digest_rebuild_chunk_percentage (percent, 0-100) -# This is the percentage of the Cache Digest to be scanned at a -# time. By default it is set to 10% of the Cache Digest. -# -#Default: -# digest_rebuild_chunk_percentage 10 - -# TAG: chroot -# Use this to have Squid do a chroot() while initializing. This -# also causes Squid to fully drop root privileges after -# initializing. This means, for example, that if you use a HTTP -# port less than 1024 and try to reconfigure, you will get an -# error. -# -#Default: -# none - -# TAG: client_persistent_connections -# TAG: server_persistent_connections -# Persistent connection support for clients and servers. By -# default, Squid uses persistent connections (when allowed) -# with its clients and servers. You can use these options to -# disable persistent connections with clients and/or servers. -# -#Default: -# client_persistent_connections on -# server_persistent_connections on - -# TAG: detect_broken_pconn -# Some servers have been found to incorrectly signal the use -# of HTTP/1.0 persistent connections even on replies not -# compatible, causing significant delays. This server problem -# has mostly been seen on redirects. -# -# By enabling this directive Squid attempts to detect such -# broken replies and automatically assume the reply is finished -# after 10 seconds timeout. -# -#Default: -# detect_broken_pconn off - -# TAG: pipeline_prefetch -# To boost the performance of pipelined requests to closer -# match that of a non-proxied environment Squid can try to fetch -# up to two requests in parallell from a pipeline. -# -# Defaults to off for bandwidth management and access logging -# reasons. -# -#Default: -# pipeline_prefetch off - -# TAG: extension_methods -# Squid only knows about standardized HTTP request methods. -# You can add up to 20 additional "extension" methods here. -# -#Default: -# none - -# TAG: request_entities -# Squid defaults to deny GET and HEAD requests with request entities, -# as the meaning of such requests are undefined in the HTTP standard -# even if not explicitly forbidden. -# -# Set this directive to on if you have clients which insists -# on sending request entities in GET or HEAD requests. -# -#Default: -# request_entities off - -# TAG: high_response_time_warning (msec) -# If the one-minute median response time exceeds this value, -# Squid prints a WARNING with debug level 0 to get the -# administrators attention. The value is in milliseconds. -# -#Default: -# high_response_time_warning 0 - -# TAG: high_page_fault_warning -# If the one-minute average page fault rate exceeds this -# value, Squid prints a WARNING with debug level 0 to get -# the administrators attention. The value is in page faults -# per second. -# -#Default: -# high_page_fault_warning 0 - -# TAG: high_memory_warning -# If the memory usage (as determined by mallinfo) exceeds -# value, Squid prints a WARNING with debug level 0 to get -# the administrators attention. -# -#Default: -# high_memory_warning 0 - -# TAG: store_dir_select_algorithm -# Set this to 'round-robin' as an alternative. -# -#Default: -# store_dir_select_algorithm least-load - -# TAG: forward_log -# Note: This option is only available if Squid is rebuilt with the -# -DWIP_FWD_LOG option -# -# Logs the server-side requests. -# -# This is currently work in progress. -# -#Default: -# none - -# TAG: ie_refresh on|off -# Microsoft Internet Explorer up until version 5.5 Service -# Pack 1 has an issue with transparent proxies, wherein it -# is impossible to force a refresh. Turning this on provides -# a partial fix to the problem, by causing all IMS-REFRESH -# requests from older IE versions to check the origin server -# for fresh content. This reduces hit ratio by some amount -# (~10% in my experience), but allows users to actually get -# fresh content when they want it. Note that because Squid -# cannot tell if the user is using 5.5 or 5.5SP1, the behavior -# of 5.5 is unchanged from old versions of Squid (i.e. a -# forced refresh is impossible). Newer versions of IE will, -# hopefully, continue to have the new behavior and will be -# handled based on that assumption. This option defaults to -# the old Squid behavior, which is better for hit ratios but -# worse for clients using IE, if they need to be able to -# force fresh content. -# -#Default: -# ie_refresh off - -# TAG: vary_ignore_expire on|off -# Many HTTP servers supporting Vary gives such objects -# immediate expiry time with no cache-control header -# when requested by a HTTP/1.0 client. This option -# enables Squid to ignore such expiry times until -# HTTP/1.1 is fully implemented. -# WARNING: This may eventually cause some varying -# objects not intended for caching to get cached. -# -#Default: -# vary_ignore_expire off - -# TAG: sleep_after_fork (microseconds) -# When this is set to a non-zero value, the main Squid process -# sleeps the specified number of microseconds after a fork() -# system call. This sleep may help the situation where your -# system reports fork() failures due to lack of (virtual) -# memory. Note, however, that if you have a lot of child -# processes, then these sleep delays will add up and your -# Squid will not service requests for some amount of time -# until all the child processes have been started. -# -#Default: -# sleep_after_fork 0 - diff --git a/contrib/altlinux/init.ldif b/contrib/altlinux/init.ldif deleted file mode 100644 index 9545ecfb9..000000000 --- a/contrib/altlinux/init.ldif +++ /dev/null @@ -1,124 +0,0 @@ -dn: dc=example,dc=com -objectClass: top -objectClass: dcObject -objectClass: organization -objectClass: gosaDepartment -dc: example -o: Example Inc. -ou: example -description: Main building - -dn: ou=Apps,dc=example,dc=com -objectClass: organizationalUnit -ou: Apps - -dn: cn=gosa,ou=Apps,dc=example,dc=com -objectClass: top -objectClass: applicationProcess -objectClass: simpleSecurityObject -userPassword: gosa -cn: gosa - -dn: cn=smbpasswd,ou=Apps,dc=example,dc=com -objectClass: top -objectClass: applicationProcess -objectClass: simpleSecurityObject -cn: smbpasswd -userPassword: smbpasswd - -dn: cn=cyrus,ou=Apps,dc=example,dc=com -objectClass: top -objectClass: applicationProcess -objectClass: simpleSecurityObject -cn: cyrus -userPassword: cyrus - -dn: cn=saslauthd,ou=Apps,dc=example,dc=com -objectClass: top -objectClass: applicationProcess -objectClass: simpleSecurityObject -cn: saslauthd -userPassword: saslauthd - -dn: ou=Admins,dc=example,dc=com -objectClass: organizationalUnit -ou: Admins -description: Directory administrators - -dn: cn=admin,ou=Admins,dc=example,dc=com -objectClass: person -cn: admin -sn: admin -userPassword: secret - -dn: ou=People,dc=example,dc=com -objectClass: organizationalUnit -ou: People - -dn: uid=administrator,ou=People,dc=example,dc=com -objectClass: top -objectClass: person -objectClass: organizationalPerson -objectClass: inetOrgPerson -objectClass: gosaAccount -userPassword: secret -sn: System -cn: administrator -givenName: Administrator -uid: administrator - -dn: ou=Groups,dc=example,dc=com -objectClass: organizationalUnit -ou: Groups - -dn: cn=administrator,ou=Groups,dc=example,dc=com -objectClass: top -objectClass: gosaObject -objectClass: posixGroup -gosaSubtreeACL:: OmFsbA== -cn: administrator -gidNumber: 999 -memberUid: administrator - -dn: ou=Computers,dc=example,dc=com -objectClass: organizationalUnit -ou: Computers - -dn: uid=pdc$,ou=Computers,dc=example,dc=com -objectClass: top -objectClass: account -objectClass: goImapServer -uid: pdc$ -cn: localhost -goImapName: mail.example.lan -goImapConnect: {localhost:143} -goImapAdmin: cyrus -goImapSieveServer: localhost -goImapSievePort: 2000 -goImapPassword: cyrus - -dn: dc=branch,dc=example,dc=com -objectClass: top -objectClass: dcObject -objectClass: organizationalUnit -objectClass: gosaDepartment -dc: branch -ou: branch -description: Remote branch - -dn: ou=Addressbook,dc=example,dc=com -objectClass: organizationalUnit -ou: Addressbook - -dn: ou=Systems,dc=example,dc=com -objectClass: organizationalUnit -ou: Systems - -dn: ou=configs,ou=systems,dc=example,dc=com -objectClass: organizationalUnit -ou: configs - -dn: ou=gosa,ou=configs,ou=systems,dc=example,dc=com -objectClass: organizationalUnit -ou: gosa - diff --git a/contrib/daemon/arp-handler-d b/contrib/daemon/arp-handler-d deleted file mode 100755 index b8698bcf7..000000000 --- a/contrib/daemon/arp-handler-d +++ /dev/null @@ -1,563 +0,0 @@ -#!/usr/bin/perl -#=============================================================================== -# -# FILE: gosa-support-daemon.pl -# -# USAGE: ./.gosa-support-daemon.pl -# -# DESCRIPTION: -# -# OPTIONS: --- -# REQUIREMENTS: --- -# BUGS: --- -# NOTES: --- -# AUTHOR: Andreas Rettenberger, -# COMPANY: Gonicus GmbH, Arnsberg -# VERSION: 1.0 -# CREATED: 21.08.2007 15:13:51 CEST -# REVISION: --- -#=============================================================================== - -use strict; -use warnings; -use Getopt::Long; -use Config::IniFiles; -use POSIX; -use Fcntl; -use Net::LDAP; -use Net::LDAP::LDIF; -use Net::LDAP::Entry; -use Switch; - - -my ($verbose, $cfg_file, $log_file, $pid_file, $foreground); -my ($timeout, $mailto, $mailfrom, $user, $group); -my ($procid, $pid, $loglevel); -my ($fifo_path, $max_process_timeout, $max_process ); -my %daemon_children; -my ($ldap, $bind_phrase, $password, $ldap_base) ; - -$procid = -1 ; -$foreground = 0 ; -$verbose = 0 ; -$max_process = 2 ; -$max_process_timeout = 1 ; -$ldap_base = "dc=gonicus,dc=de" ; -#$ldap_path = "/var/run/gosa-support-daemon.socket"; -#$log_path = "/var/log/gosa-support-daemon.log"; -#$pid_path = "/var/run/gosa-support-daemon/gosa-support-daemon.pid"; - -#--------------------------------------------------------------------------- -# parse commandline options -#--------------------------------------------------------------------------- -Getopt::Long::Configure( "bundling" ); -GetOptions( "v|verbose+" => \$verbose, - "c|config=s" => \$cfg_file, - "h|help" => \&usage, - "l|logfile=s" => \$log_file, - "p|pid=s" => \$pid_file, - "f|foreground" => \$foreground); - -#--------------------------------------------------------------------------- -# read and set config parameters -#--------------------------------------------------------------------------- -my %cfg_defaults = -("Allgemein" => - {"timeout" => [ \$timeout, 1000 ], - "mailto" => [ \$mailto, 'root@localhost' ], - "mailfrom" => [ \$mailfrom, 'sps-daemon@localhost' ], - "user" => [ \$user, "nobody" ], - "group" => [ \$group, "nogroup" ], - "fifo_path" => [ \$fifo_path, "/home/rettenbe/gonicus/gosa-support/tmp/fifo" ], - "log_file" => [ \$log_file, "/home/rettenbe/gonicus/gosa-support/tmp/gosa-support.log" ], - "pid_file" => [ \$pid_file, "/home/rettenbe/gonicus/gosa-support/tmp/gosa-support.pid" ], - "loglevel" => [ \$loglevel, 1] - }, -"LDAP" => - {"bind" => [ \$bind_phrase, "cn=ldapadmin,dc=gonicus,dc=de" ], - "password" => [ \$password, "tester" ], - } - ); -&read_configfile; - - -#=== FUNCTION ================================================================ -# NAME: check_cmdline_param -# PURPOSE: checks all commandline parameters to validity -# PARAMETERS: none -# RETURNS: none -# DESCRIPTION: ???? -# THROWS: no exceptions -# COMMENTS: none -# SEE ALSO: n/a -#=============================================================================== -sub check_cmdline_param () { - my $err_config; - my $err_log; - my $err_pid; - my $err_counter = 0; - if( not defined( $cfg_file)) { - $err_config = "please specify a config file"; - $err_counter += 1; - } - if( not defined( $log_file)) { - $err_log = "please specify a log file"; - $err_counter += 1; - } - if( not defined( $pid_file)) { - $err_pid = "please specify a pid file"; - $err_counter += 1; - } - if( $err_counter > 0 ) { - &usage( "", 1 ); - if( defined( $err_config)) { print STDERR "$err_config\n"} - if( defined( $err_log)) { print STDERR "$err_log\n" } - if( defined( $err_pid)) { print STDERR "$err_pid\n"} - print STDERR "\n"; - exit( -1 ); - } -} - -#=== FUNCTION ================================================================ -# NAME: check_pid -# PURPOSE: -# PARAMETERS: none -# RETURNS: none -# DESCRIPTION: ???? -# THROWS: no exceptions -# COMMENTS: none -# SEE ALSO: n/a -#=============================================================================== -sub check_pid { - if( open( LOCK_FILE, "<$pid_file") ) { - $procid = ; - if( defined $procid ) { - chomp( $procid ); - if( -f "/proc/$procid/stat" ) { - my($stat) = `cat /proc/$procid/stat` =~ m/$procid \((.+)\).*/; - print "\t".$stat."\n"; - if( "sps-daemon.pl" eq $stat ) { - close( LOCK_FILE ); - exit -1; - } - } - } - close( LOCK_FILE ); - unlink( $pid_file ); - } - - # Try to open PID file - if (!sysopen(LOCK_FILE, $pid_file, O_WRONLY|O_CREAT|O_EXCL, 0644)) { - my($msg) = "Couldn't obtain lockfile '$pid_file' "; - if (open(LOCK_FILE, "<", $pid_file) && ($pid = )) { - chomp($pid); - $msg .= "(PID $pid)\n"; - } else { - $msg .= "(unable to read PID)\n"; - } - if ( ! $foreground ) { - daemon_log( $msg."\n"); - } else { - print( STDERR " $msg " ); - } - exit( -1 ); - } -} - -#=== FUNCTION ================================================================ -# NAME: read_configfile -# PURPOSE: read the configuration file and provide the programm with -# parameters -# PARAMETERS: none -# RETURNS: none -# DESCRIPTION: ???? -# THROWS: no exceptions -# COMMENTS: none -# SEE ALSO: n/a -#=============================================================================== -sub read_configfile { - my $log_time = localtime(time); - my $cfg; - if( defined( $cfg_file) && ( length($cfg_file) > 0 )) { - if( -r $cfg_file ) { - $cfg = Config::IniFiles->new( -file => $cfg_file ); - } else { - usage( "Couldn't read config file: $cfg_file \n" ); - } - } else { - $cfg = Config::IniFiles->new() ; - } - - foreach my $section (keys %cfg_defaults) { # "Parse" config into values - foreach my $param (keys %{$cfg_defaults{ $section }}) { - my $pinfo = $cfg_defaults{ $section }{ $param }; - ${@$pinfo[ 0 ]} = $cfg->val( $section, $param, @$pinfo[ 1 ] ); - } - } - - if(-e $log_file ) { unlink $log_file } - daemon_log("$log_time: config file read\n"); -} - -#=== FUNCTION ================================================================ -# NAME: daemon_log -# PURPOSE: log messages to specified logfile -# PARAMETERS: $msg, $level -# RETURNS: ???? -# DESCRIPTION: Takes a message ($msg) and append it to the logfile. The -# standard log-level ($level) is 1. Messages whith higher level -# than the verbosity-level (defined by commandline) are printed -# out to commandline. Messages with log-level lower than 2 are -# not logged to logfile! -# THROWS: no exceptions -# COMMENTS: none -# SEE ALSO: n/a -#=============================================================================== -sub daemon_log { - my( $msg, $level ) = @_; - if(not defined $msg) { return } - if(not defined $level) { $level = 1 } - open(LOG_HANDLE, ">>$log_file"); - if(not defined open( LOG_HANDLE, ">>$log_file" ) ) { return } - chomp($msg); - #if( $verbose >= $level ) { print "$msg"."\n" } - if( $level <= 1 ) { print LOG_HANDLE $msg."\n" } - if( $foreground ) { print $msg."\n" } - close( LOG_HANDLE ); - } - -#=== FUNCTION ================================================================ -# NAME: signal handler -# PURPOSE: catches signals from the programm and do diffrent things -# than default -# PARAMETERS: none -# RETURNS: none -# DESCRIPTION: sighandler -# THROWS: no exceptions -# COMMENTS: none -# SEE ALSO: n/a -#=============================================================================== -sub sigINT { - my $log_time = localtime(time); - print "INT\n"; - if( -p $fifo_path ) { - close FIFO ; - unlink($fifo_path) ; - daemon_log( "$log_time: FIFO closed after signal INT!\n") ; - } - if(defined($ldap)) { - $ldap->unbind; - } - $SIG{INT} = "DEFAULT" ; - kill INT => $$ ; -} -$SIG{INT} = \&sigINT ; - -#=== FUNCTION ================================================================ -# NAME: usage -# PURPOSE: -# PARAMETERS: none -# RETURNS: none -# DESCRIPTION: print out the usage of the program -# THROWS: no exceptions -# COMMENTS: none -# SEE ALSO: n/a -#=============================================================================== -sub usage { - my( $text, $help ) = @_; - $text = undef if( "h" eq $text ); - (defined $text) && print STDERR "\n$text\n"; - if( (defined $help && $help) || (!defined $help && !defined $text) ) { - print STDERR << "EOF" ; -usage: $0 [-hvf] [-c config, -l logfile, -p pidfile] - - -h : this (help) message - -c : config file - -l : log file (example: /var/log/sps/sps.log) - -p : pid file (example: /var/run/sps/sps.pid) - -f : foreground (don"t fork) - -v : be verbose (multiple to increase verbosity) -EOF - } - print "\n" ; -} - - -#=== FUNCTION ================================================================ -# NAME: open_fifo -# PURPOSE: -# PARAMETERS: $fifo_path -# RETURNS: 0: FIFO couldn"t be setup, 1: FIFO setup correctly -# DESCRIPTION: creates a FIFO at $fifo_path -# THROWS: no exceptions -# COMMENTS: none -# SEE ALSO: n/a -#=============================================================================== -sub open_fifo { - my ($fifo_path) = @_ ; - my $log_time = localtime( time ); - if( -p $fifo_path ) { - daemon_log("$log_time: FIFO at $fifo_path already exists\n"); - return 0; - } - POSIX::mkfifo($fifo_path, 0666) or die "can't mkfifo $fifo_path: $!"; - daemon_log( "$log_time: FIFO started at $fifo_path\n" ) ; - return 1; - } - - -#=== FUNCTION ================================================================ -# NAME: add_ldap_entry -# PURPOSE: adds an element to ldap-tree -# PARAMETERS: -# RETURNS: none -# DESCRIPTION: ???? -# THROWS: no exceptions -# COMMENTS: none -# SEE ALSO: n/a -#=============================================================================== -sub add_ldap_entry { - my ($ldap_tree, $ldap_base, $mac, $gotoSysStatus, $ip, $interface, $desc) = @_; - my $dn = "cn=$mac,ou=incoming,$ldap_base"; - my $s_res = &search_ldap_entry($ldap_tree, $ldap_base, "(|(macAddress=$mac)(dhcpHWAddress=ethernet $mac))"); - my $c_res = $s_res->count; - if($c_res == 1) { - daemon_log("WARNING: macAddress $mac already in LDAP", 1); - return; - } elsif($c_res > 0) { - daemon_log("ERROR: macAddress $mac exists $c_res times in LDAP", 1); - return; - } - - # create LDAP entry - my $entry = Net::LDAP::Entry->new( $dn ); - $entry->dn($dn); - $entry->add("objectClass" => "goHard"); - $entry->add("cn" => $mac); - $entry->add("macAddress" => $mac); - if(defined $gotoSysStatus) {$entry->add("gotoSysStatus" => $gotoSysStatus)} - if(defined $ip) {$entry->add("ipHostNumber" => $ip) } - #if(defined $interface) { } - if(defined $desc) {$entry->add("description" => $desc) } - - # submit entry to LDAP - my $result = $entry->update ($ldap_tree); - - # for $result->code constants please look at Net::LDAP::Constant - my $log_time = localtime( time ); - if($result->code == 68) { # entry already exists - daemon_log("WARNING: $log_time: $dn ".$result->error, 3); - } elsif($result->code == 0) { # everything went fine - daemon_log("$log_time: add entry $dn to ldap", 1); - } else { # if any other error occur - daemon_log("ERROR: $log_time: $dn, ".$result->code.", ".$result->error, 1); - } - return; -} - - -#=== FUNCTION ================================================================ -# NAME: change_ldap_entry -# PURPOSE: ???? -# PARAMETERS: ???? -# RETURNS: ???? -# DESCRIPTION: ???? -# THROWS: no exceptions -# COMMENTS: none -# SEE ALSO: n/a -#=============================================================================== -sub change_ldap_entry { - my ($ldap_tree, $ldap_base, $mac, $gotoSysStatus ) = @_; - - # check if ldap_entry exists or not - my $s_res = &search_ldap_entry($ldap_tree, $ldap_base, "(|(macAddress=$mac)(dhcpHWAddress=ethernet $mac))"); - my $c_res = $s_res->count; - if($c_res == 0) { - daemon_log("WARNING: macAddress $mac not in LDAP", 1); - return; - } elsif($c_res > 1) { - daemon_log("ERROR: macAddress $mac exists $c_res times in LDAP", 1); - return; - } - - my $s_res_entry = $s_res->pop_entry(); - my $dn = $s_res_entry->dn(); - my $result = $ldap->modify( $dn, replace => {'gotoSysStatus' => $gotoSysStatus } ); - - # for $result->code constants please look at Net::LDAP::Constant - my $log_time = localtime( time ); - if($result->code == 32) { # entry doesnt exists - &add_ldap_entry($mac, $gotoSysStatus); - } elsif($result->code == 0) { # everything went fine - daemon_log("$log_time: entry $dn changed successful", 1); - } else { # if any other error occur - daemon_log("ERROR: $log_time: $dn, ".$result->code.", ".$result->error, 1); - } - - return; -} - -#=== FUNCTION ================================================================ -# NAME: search_ldap_entry -# PURPOSE: ???? -# PARAMETERS: [Net::LDAP] $ldap_tree - object of an ldap-tree -# string $sub_tree - dn of the subtree the search is performed -# string $search_string - either a string or a Net::LDAP::Filter object -# RETURNS: [Net::LDAP::Search] $msg - result object of the performed search -# DESCRIPTION: ???? -# THROWS: no exceptions -# COMMENTS: none -# SEE ALSO: n/a -#=============================================================================== -sub search_ldap_entry { - my ($ldap_tree, $sub_tree, $search_string) = @_; - my $msg = $ldap_tree->search( # perform a search - base => $sub_tree, - filter => $search_string, - ) or daemon_log("cannot perform search at ldap: $@", 1); -# if(defined $msg) { -# print $sub_tree."\t".$search_string."\t"; -# print $msg->count."\n"; -# foreach my $entry ($msg->entries) { $entry->dump; }; -# } - - return $msg; -} - - - -#========= MAIN = main ======================================================== -daemon_log( "####### START DAEMON ######\n", 1 ); -&check_cmdline_param ; -&check_pid; -&open_fifo($fifo_path); - -# Just fork, if we"re not in foreground mode -if( ! $foreground ) { $pid = fork(); } -else { $pid = $$; } - -# Do something useful - put our PID into the pid_file -if( 0 != $pid ) { - open( LOCK_FILE, ">$pid_file" ); - print LOCK_FILE "$pid\n"; - close( LOCK_FILE ); - if( !$foreground ) { exit( 0 ) }; -} - - -if( not -p $fifo_path ) { die "fifo file disappeared\n" } -sysopen(FIFO, $fifo_path, O_RDONLY) or die "can't read from $fifo_path: $!" ; - -while( 1 ) { - # checke alle prozesse im hash daemon_children ob sie noch aktiv sind, wenn - # nicht, dann entferne prozess aus hash - while( (my $key, my $val) = each( %daemon_children) ) { - my $status = waitpid( $key, &WNOHANG) ; - if( $status == -1 ) { - delete $daemon_children{$key} ; - daemon_log("childprocess finished: $key", 3) ; - } - } - - # ist die max_process anzahl von prozesskindern erreicht, dann warte und - # prüfe erneut, ob in der zwischenzeit prozesse fertig geworden sind - if( keys( %daemon_children ) >= $max_process ) { - sleep($max_process_timeout) ; - next ; - } - - my $msg = ; - if( not defined( $msg )) { next ; } - - chomp( $msg ); - if( length( $msg ) == 0 ) { next ; } - - my $forked_pid = fork(); -#=== PARENT = parent ========================================================== - if ( $forked_pid != 0 ) { - daemon_log("childprocess forked: $forked_pid", 3) ; - $daemon_children{$forked_pid} = 0 ; - } -#=== CHILD = child ============================================================ - else { - # parse the incoming message from arp, split the message and return - # the values in an array. not defined values are set to "none" - #my ($mac, $ip, $interface, $arp_sig, $desc) = &parse_input( $msg ) ; - daemon_log( "childprocess read from arp: $fifo_path\nline: $msg", 3); - my ($mac, $ip, $interface, $arp_sig, $desc) = split('\s', $msg, 5); - - # create connection to LDAP - $ldap = Net::LDAP->new( "localhost" ) or die "$@"; - $ldap->bind($bind_phrase, - password => $password, - ) ; - - switch($arp_sig) { - case 0 {&change_ldap_entry($ldap, $ldap_base, - $mac, "ip-changed", - )} - case 1 {&change_ldap_entry($ldap, $ldap_base, - $mac, "mac-not-whitelisted", - )} - case 2 {&change_ldap_entry($ldap, $ldap_base, - $mac, "mac-in-blacklist", - )} - case 3 {&add_ldap_entry($ldap, $ldap_base, - $mac, "new-mac-address", $ip, - $interface, $desc, - )} - case 4 {&change_ldap_entry($ldap, $ldap_base, - $mac, "unauthorized-arp-request", - )} - case 5 {&change_ldap_entry($ldap, $ldap_base, - $mac, "abusive-number-of-arp-requests", - )} - case 6 {&change_ldap_entry($ldap, $ldap_base, - $mac, "ether-and-arp-mac-differs", - )} - case 7 {&change_ldap_entry($ldap, $ldap_base, - $mac, "flood-detected", - )} - case 8 {&add_ldap_entry($ldap, $ldap_base, - $mac, $ip, "new-system", - )} - case 9 {&change_ldap_entry($ldap, $ldap_base, - $mac, "mac-changed", - )} - } - - - # ldap search -# my $base_phrase = "dc=gonicus,dc=de"; -# my $filter_phrase = "cn=keinesorge"; -# my $attrs_phrase = "cn macAdress"; -# my $msg_search = $ldap->search( base => $base_phrase, -# filter => $filter_phrase, -# attrs => $attrs_phrase, -# ); -# $msg_search->code && die $msg_search->error; -# -# my @entries = $msg_search->entries; -# my $max = $msg_search->count; -# print "anzahl der entries: $max\n"; -# my $i; -# for ( $i = 0 ; $i < $max ; $i++ ) { -# my $entry = $msg_search->entry ( $i ); -# foreach my $attr ( $entry->attributes ) { -# if( not $attr eq "cn") { -# next; -# } -# print join( "\n ", $attr, $entry->get_value( $attr ) ), "\n\n"; -# } -# } - - # ldap add - - - $ldap->unbind; - exit; - } - -} - - diff --git a/contrib/daemon/arp-handler-d.cfg b/contrib/daemon/arp-handler-d.cfg deleted file mode 100644 index 36c24a35b..000000000 --- a/contrib/daemon/arp-handler-d.cfg +++ /dev/null @@ -1,14 +0,0 @@ -[Allgemein] -timeout = 1000 -mailto = root@localhost -mailfrom = gosa-sd@localhost -user = rettenbe -group = usr -fifo_path = /home/rettenbe/gonicus/projekte/gosa-trunk/contrib/daemon/fifo -log_file = /home/rettenbe/gonicus/projekte/gosa-trunk/contrib/daemon/gosa-sd.log -pid_file = /home/rettenbe/gonicus/projekte/gosa-trunk/contrib/daemon/gosa-sd.pid -loglevel = 1 - -[LDAP] -bind = cn=ldapadmin,dc=gonicus,dc=de -password = tester diff --git a/contrib/daemon/debian/README.debian b/contrib/daemon/debian/README.debian deleted file mode 100644 index 100bd2d6d..000000000 --- a/contrib/daemon/debian/README.debian +++ /dev/null @@ -1,11 +0,0 @@ -README.Debian for GOto 3.0 --------------------------- - -* Configuring GOto 3.0 - -You need a proper LDAP/FAI/GOsa setup to make this run. More -text will follow later. Sorry. - ----- -Cajus Pollmeier Fri 02 Jun 2006 16:23:50 +0200 - diff --git a/contrib/daemon/debian/changelog b/contrib/daemon/debian/changelog deleted file mode 100644 index 33672995a..000000000 --- a/contrib/daemon/debian/changelog +++ /dev/null @@ -1,6 +0,0 @@ -gosa-sd (1.0-1) unstable; urgency=low - - * Initial release - - -- Cajus Pollmeier Fri, 7 Dec 2007 11:37:45 +0100 - diff --git a/contrib/daemon/debian/compat b/contrib/daemon/debian/compat deleted file mode 100644 index 7ed6ff82d..000000000 --- a/contrib/daemon/debian/compat +++ /dev/null @@ -1 +0,0 @@ -5 diff --git a/contrib/daemon/debian/control b/contrib/daemon/debian/control deleted file mode 100644 index b7b873de3..000000000 --- a/contrib/daemon/debian/control +++ /dev/null @@ -1,40 +0,0 @@ -Source: gosa-si -Section: utils -Priority: optional -Maintainer: Cajus Pollmeier -Standards-Version: 3.7.2.2 -Build-Depends: debhelper(>= 4.2.32), dpatch - -Package: gosa-si-common -Architecture: any -Depends: libconfig-inifiles-perl, libcrypt-rijndael-perl, libxml-simple-perl, libipc-shareable-perl, libdata-dumper-simple-perl, libmime-perl -Suggests: gosa-si-daemon, gosa-si-client -Description: GOsa support infrastructure - This package provides common library functionality used by the - infrastructure server and client packages. - . - GOsa is a combination of system-administrator and end-user web - interface, designed to handle LDAP based setups. - -Package: gosa-si-daemon -Architecture: any -Depends: gosa-si-common -Suggests: gosa -Description: GOsa support infrastructure daemon - This package provides everything you need in order to deploy a simple - or distributed GOsa support infrastructure. It can be used to trigger - certain actions or retrieve information from clients. - . - GOsa is a combination of system-administrator and end-user web - interface, designed to handle LDAP based setups. - -Package: gosa-si-client -Architecture: any -Depends: gosa-si-common -Suggests: gosa -Description: GOsa support infrastructure client - This package lets you join to a GOsa support infrastructure as a - client in order to provide information or to act on events. - . - GOsa is a combination of system-administrator and end-user web - interface, designed to handle LDAP based setups. diff --git a/contrib/daemon/debian/copyright b/contrib/daemon/debian/copyright deleted file mode 100644 index d7463efe4..000000000 --- a/contrib/daemon/debian/copyright +++ /dev/null @@ -1,8 +0,0 @@ -This package was debianized by Cajus Pollmeier - on Mon, 25 Jun 2007 12:57:35 +0100. - -Copyright: GPL2 - -This code is released under the terms of the GPLv2 license. - -See /usr/share/common-licenses/GPL-2 for the full license. diff --git a/contrib/daemon/debian/default b/contrib/daemon/debian/default deleted file mode 100644 index 10df929a0..000000000 --- a/contrib/daemon/debian/default +++ /dev/null @@ -1,2 +0,0 @@ -# /etc/default/gosa-si - configure the init script -START_BUS=0 diff --git a/contrib/daemon/debian/gosa-si-client.dirs b/contrib/daemon/debian/gosa-si-client.dirs deleted file mode 100644 index 763e43a2b..000000000 --- a/contrib/daemon/debian/gosa-si-client.dirs +++ /dev/null @@ -1,4 +0,0 @@ -usr/share/ltsp/plugins/ltsp-build-client/common -usr/share/ltsp/scripts -usr/sbin -etc/default diff --git a/contrib/daemon/debian/gosa-si-client.install b/contrib/daemon/debian/gosa-si-client.install deleted file mode 100644 index 8155a9ccb..000000000 --- a/contrib/daemon/debian/gosa-si-client.install +++ /dev/null @@ -1,12 +0,0 @@ -debian/goto etc/default -build-goto-client usr/sbin -plugins/001-ltsp-addon-packages usr/share/ltsp/plugins/ltsp-build-client/common -plugins/020-ssh-pubkey-login usr/share/ltsp/plugins/ltsp-build-client/common -plugins/001-goto-ldap-packages usr/share/ltsp/plugins/ltsp-build-client/common -plugins/001-sane-packages usr/share/ltsp/plugins/ltsp-build-client/common -plugins/020-nx-client usr/share/ltsp/plugins/ltsp-build-client/common -plugins/010-goto-ldap-files usr/share/ltsp/plugins/ltsp-build-client/common -plugins/999-goto-ldap-final usr/share/ltsp/plugins/ltsp-build-client/common -plugins/001-snmp-packages usr/share/ltsp/plugins/ltsp-build-client/common -plugins/030-late-packages-goto usr/share/ltsp/plugins/ltsp-build-client/common -plugins/000-goto-ldap-vars usr/share/ltsp/plugins/ltsp-build-client/common diff --git a/contrib/daemon/debian/gosa-si-common.dirs b/contrib/daemon/debian/gosa-si-common.dirs deleted file mode 100644 index 763e43a2b..000000000 --- a/contrib/daemon/debian/gosa-si-common.dirs +++ /dev/null @@ -1,4 +0,0 @@ -usr/share/ltsp/plugins/ltsp-build-client/common -usr/share/ltsp/scripts -usr/sbin -etc/default diff --git a/contrib/daemon/debian/gosa-si-common.install b/contrib/daemon/debian/gosa-si-common.install deleted file mode 100644 index 8155a9ccb..000000000 --- a/contrib/daemon/debian/gosa-si-common.install +++ /dev/null @@ -1,12 +0,0 @@ -debian/goto etc/default -build-goto-client usr/sbin -plugins/001-ltsp-addon-packages usr/share/ltsp/plugins/ltsp-build-client/common -plugins/020-ssh-pubkey-login usr/share/ltsp/plugins/ltsp-build-client/common -plugins/001-goto-ldap-packages usr/share/ltsp/plugins/ltsp-build-client/common -plugins/001-sane-packages usr/share/ltsp/plugins/ltsp-build-client/common -plugins/020-nx-client usr/share/ltsp/plugins/ltsp-build-client/common -plugins/010-goto-ldap-files usr/share/ltsp/plugins/ltsp-build-client/common -plugins/999-goto-ldap-final usr/share/ltsp/plugins/ltsp-build-client/common -plugins/001-snmp-packages usr/share/ltsp/plugins/ltsp-build-client/common -plugins/030-late-packages-goto usr/share/ltsp/plugins/ltsp-build-client/common -plugins/000-goto-ldap-vars usr/share/ltsp/plugins/ltsp-build-client/common diff --git a/contrib/daemon/debian/gosa-si-server.dirs b/contrib/daemon/debian/gosa-si-server.dirs deleted file mode 100644 index 763e43a2b..000000000 --- a/contrib/daemon/debian/gosa-si-server.dirs +++ /dev/null @@ -1,4 +0,0 @@ -usr/share/ltsp/plugins/ltsp-build-client/common -usr/share/ltsp/scripts -usr/sbin -etc/default diff --git a/contrib/daemon/debian/gosa-si-server.init b/contrib/daemon/debian/gosa-si-server.init deleted file mode 100755 index 26fb1cbcf..000000000 --- a/contrib/daemon/debian/gosa-si-server.init +++ /dev/null @@ -1,91 +0,0 @@ -#!/bin/sh -# Start/stop the GOsa support daemon infrastructure. -# -### BEGIN INIT INFO -# Provides: gosa-si -# Required-Start: $syslog $time -# Required-Stop: $syslog $time -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: GOsa message bus and server component -# Description: gosa-si establishes the communication between a couple of -# GOsa hosting servers and optionally clients to do event -# signaling for all communication partners. -### END INIT INFO - -# Sanity checks -test -f /usr/sbin/gosa-si-server || exit 0 -test -f /usr/sbin/gosa-si-bus || exit 0 - -# Load defaults -START_BUS=0 -[ -r /etc/default/gosa-si ] && . /etc/default/gosa-si - -# Load LSB support functions -. /lib/lsb/init-functions - - -start_bus() { - start-stop-daemon --start --quiet --pidfile /var/run/gosa-si-bus.pid --name gosa-si-bus --startas /usr/sbin/gosa-si-bus -} - - -start_server() { - start-stop-daemon --start --quiet --pidfile /var/run/gosa-si-server.pid --name gosa-si-server --startas /usr/sbin/gosa-si-server -- $1 -} - - -stop_bus() { - start-stop-daemon --stop --retry 5 --quiet --pidfile /var/run/gosa-si-bus.pid --name gosa-si-bus -} - - -stop_server() { - start-stop-daemon --stop --retry 5 --quiet --pidfile /var/run/gosa-si-server.pid --name gosa-si-server -} - - -case "$1" in -start) log_daemon_msg "Starting GOsa support infrastructure" - if [ "$START_BUS" == "1" ]; then - log_progress_msg "bus" - start_bus - log_progress_msg "daemon" - start_server - else - log_progress_msg "daemon" - start_server --no-bus - fi - log_end_msg $? - ;; -stop) log_daemon_msg "Stopping GOsa support infrastructure" - if [ "$START_BUS" == "1" ]; then - log_progress_msg "daemon" - stop_server - log_progress_msg "bus" - stop_bus - else - log_progress_msg "daemon" - stop_server - fi - log_end_msg $? - ;; -reload|force-reload|restart) log_daemon_msg "Restarting GOsa support infrastructure" - if [ "$START_BUS" == "1" ]; then - stop_server - stop_bus - start_bus - start_server --no-bus - log_progress_msg "done" - else - stop_server - start_server --no-bus - log_progress_msg "done" - fi - log_end_msg $? - ;; -*) log_action_msg "Usage: /etc/init.d/gosa-si {start|stop|restart|reload|force-reload}" - exit 2 - ;; -esac -exit 0 diff --git a/contrib/daemon/debian/gosa-si-server.install b/contrib/daemon/debian/gosa-si-server.install deleted file mode 100644 index 8155a9ccb..000000000 --- a/contrib/daemon/debian/gosa-si-server.install +++ /dev/null @@ -1,12 +0,0 @@ -debian/goto etc/default -build-goto-client usr/sbin -plugins/001-ltsp-addon-packages usr/share/ltsp/plugins/ltsp-build-client/common -plugins/020-ssh-pubkey-login usr/share/ltsp/plugins/ltsp-build-client/common -plugins/001-goto-ldap-packages usr/share/ltsp/plugins/ltsp-build-client/common -plugins/001-sane-packages usr/share/ltsp/plugins/ltsp-build-client/common -plugins/020-nx-client usr/share/ltsp/plugins/ltsp-build-client/common -plugins/010-goto-ldap-files usr/share/ltsp/plugins/ltsp-build-client/common -plugins/999-goto-ldap-final usr/share/ltsp/plugins/ltsp-build-client/common -plugins/001-snmp-packages usr/share/ltsp/plugins/ltsp-build-client/common -plugins/030-late-packages-goto usr/share/ltsp/plugins/ltsp-build-client/common -plugins/000-goto-ldap-vars usr/share/ltsp/plugins/ltsp-build-client/common diff --git a/contrib/daemon/debian/rules b/contrib/daemon/debian/rules deleted file mode 100755 index 78cd0aaf6..000000000 --- a/contrib/daemon/debian/rules +++ /dev/null @@ -1,77 +0,0 @@ -#!/usr/bin/make -f -# Sample debian/rules that uses debhelper. GNU copyright 1997 by Joey Hess. - -# Uncomment this to turn on verbose mode. -#export DH_VERBOSE=1 - -build: patch - #******************************************************** - #* Building ltsp-goto into a Debian/GNU Linux Package * - #* please stand by * - #******************************************************** - -clean: clean-patched unpatch -clean-patched: - dh_testdir - rm -f install-stamp - -rm -f debian/files - -rm -rf debian/tmp - -rm -f debian/substvars - dh_clean - -unpatch: - dpatch deapply-all - rm -rf patch-stamp debian/patched - -install: install-stamp -install-stamp: - dh_testdir - dh_testroot - dh_clean -k - dh_installdirs - - # Create a copy, remove svn stuff - -mkdir debian/tmp - -for i in `ls | grep -v debian`; do \ - cp -R $$i debian/tmp ; \ - done - -find debian/tmp -name '*.svn' -type d -exec rm -rf {} \; 2> /dev/null - - touch install-stamp - -patch: patch-stamp -patch-stamp: - dpatch apply-all - dpatch cat-all >patch-stamp - -binary-indep: install - dh_testdir - dh_testroot - - dh_install - dh_installdocs - dh_installcron - dh_installexamples - dh_installchangelogs - #dh_installdebconf - #dh_installcron -p goto-agents-printmanager - dh_link - dh_strip - dh_compress - dh_fixperms - dh_perl - dh_installdeb - dh_shlibdeps - - dh_gencontrol - dh_md5sums - dh_builddeb - -source diff: - @echo >&2 'source and diff are obsolete - use dpkg-source -b'; false - -binary: binary-indep -.PHONY: build install clean binary-indep binary - -binary-arch: - diff --git a/contrib/daemon/gosa-si-bus b/contrib/daemon/gosa-si-bus deleted file mode 100755 index a56a38e1a..000000000 --- a/contrib/daemon/gosa-si-bus +++ /dev/null @@ -1,1183 +0,0 @@ -#!/usr/bin/perl -#=============================================================================== -# -# FILE: gosa-server -# -# USAGE: ./gosa-server -# -# DESCRIPTION: -# -# OPTIONS: --- -# REQUIREMENTS: --- -# BUGS: --- -# NOTES: -# AUTHOR: (Andreas Rettenberger), -# COMPANY: -# VERSION: 1.0 -# CREATED: 12.09.2007 08:54:41 CEST -# REVISION: --- -#=============================================================================== - -use strict; -use warnings; -use Getopt::Long; -use Config::IniFiles; -use POSIX; -use Time::HiRes qw( gettimeofday ); - -use IO::Socket::INET; -use Crypt::Rijndael; -use MIME::Base64; -use Digest::MD5 qw(md5 md5_hex md5_base64); -use XML::Simple; -use Data::Dumper; -use Sys::Syslog qw( :DEFAULT setlogsock); -use Cwd; -use File::Spec; -use IPC::Shareable qw( :lock); -IPC::Shareable->clean_up_all; - -my ($cfg_file, $default_cfg_file, %cfg_defaults, $foreground, $verbose); -my ($bus_activ, $bus_passwd, $bus_ip, $bus_port, $bus_address, $bus, $bus_mac_address); -my ($pid_file, $procid, $pid, $log_file, $my_own_address); -my (%free_child, %busy_child, $child_max, $child_min, %child_alive_time, $child_timeout); -my ($xml, $bus_cipher, $known_daemons, $shmkh); - -$foreground = 0 ; -$known_daemons = {}; -$shmkh = tie($known_daemons, 'IPC::Shareable', undef, {create => 1, - exclusive => 1, - mode => 0666, - destroy => 1, - }); -%cfg_defaults = -("general" => - {"log_file" => [\$log_file, "/var/run/".$0.".log"], - "pid_file" => [\$pid_file, "/var/run/".$0.".pid"], - "child_max" => [\$child_max, 10], - "child_min" => [\$child_min, 3], - "child_timeout" => [\$child_timeout, 180], - - }, -"bus" => - {"bus_activ" => [\$bus_activ, "on"], - "bus_passwd" => [\$bus_passwd, ""], - "bus_port" => [\$bus_port, "20080"], - } - ); - -#=== FUNCTION ================================================================ -# NAME: read_configfile -# PARAMETERS: cfg_file - string - -# RETURNS: nothing -# DESCRIPTION: read cfg_file and set variables -#=============================================================================== -sub read_configfile { - my $cfg; - if( defined( $cfg_file) && ( length($cfg_file) > 0 )) { - if( -r $cfg_file ) { - $cfg = Config::IniFiles->new( -file => $cfg_file ); - } else { - print STDERR "Couldn't read config file!"; - } - } else { - $cfg = Config::IniFiles->new() ; - } - foreach my $section (keys %cfg_defaults) { - foreach my $param (keys %{$cfg_defaults{ $section }}) { - my $pinfo = $cfg_defaults{ $section }{ $param }; - ${@$pinfo[ 0 ]} = $cfg->val( $section, $param, @$pinfo[ 1 ] ); - } - } -} - -#=== FUNCTION ================================================================ -# NAME: logging -# PARAMETERS: level - string - default 'info' -# msg - string - -# facility - string - default 'LOG_DAEMON' -# RETURNS: nothing -# DESCRIPTION: function for logging -#=============================================================================== -sub daemon_log { - my( $msg, $level ) = @_; - if(not defined $msg) { return } - if(not defined $level) { $level = 1 } - if(defined $log_file){ - open(LOG_HANDLE, ">>$log_file"); - if(not defined open( LOG_HANDLE, ">>$log_file" )) { - print STDERR "cannot open $log_file: $!"; - return } - chomp($msg); - if($level <= $verbose){ - print LOG_HANDLE $msg."\n"; - if(defined $foreground) { print $msg."\n" } - } - } - close( LOG_HANDLE ); -# my ($msg, $level, $facility) = @_; -# if(not defined $msg) {return} -# if(not defined $level) {$level = "info"} -# if(not defined $facility) {$facility = "LOG_DAEMON"} -# openlog($0, "pid,cons,", $facility); -# syslog($level, $msg); -# closelog; -# return; -} - -#=== FUNCTION ================================================================ -# NAME: check_cmdline_param -# PARAMETERS: nothing -# RETURNS: nothing -# DESCRIPTION: validates commandline parameter -#=============================================================================== -sub check_cmdline_param () { - my $err_config; - my $err_counter = 0; - if( not defined( $cfg_file)) { - my $cwd = getcwd; - my $name = "/etc/gosa/gosa-si-bus.conf"; - $cfg_file = File::Spec->catfile( $cwd, $name ); - print STDERR "no conf file specified\n try to use default: $cfg_file\n"; - } - if( $err_counter > 0 ) { - &usage( "", 1 ); - if( defined( $err_config)) { print STDERR "$err_config\n"} - print STDERR "\n"; - exit( -1 ); - } -} - -#=== FUNCTION ================================================================ -# NAME: check_pid -# PARAMETERS: nothing -# RETURNS: nothing -# DESCRIPTION: handels pid processing -#=============================================================================== -sub check_pid { - $pid = -1; - # Check, if we are already running - if( open(LOCK_FILE, "<$pid_file") ) { - $pid = ; - if( defined $pid ) { - chomp( $pid ); - if( -f "/proc/$pid/stat" ) { - my($stat) = `cat /proc/$pid/stat` =~ m/$pid \((.+)\).*/; - if( $0 eq $stat ) { - close( LOCK_FILE ); - exit -1; - } - } - } - close( LOCK_FILE ); - unlink( $pid_file ); - } - - # create a syslog msg if it is not to possible to open PID file - if (not sysopen(LOCK_FILE, $pid_file, O_WRONLY|O_CREAT|O_EXCL, 0644)) { - my($msg) = "Couldn't obtain lockfile '$pid_file' "; - if (open(LOCK_FILE, '<', $pid_file) - && ($pid = )) - { - chomp($pid); - $msg .= "(PID $pid)\n"; - } else { - $msg .= "(unable to read PID)\n"; - } - if( ! ($foreground) ) { - openlog( $0, "cons,pid", "daemon" ); - syslog( "warning", $msg ); - closelog(); - } - else { - print( STDERR " $msg " ); - } - exit( -1 ); - } -} - - -#=== FUNCTION ================================================================ -# NAME: usage -# PARAMETERS: nothing -# RETURNS: nothing -# DESCRIPTION: print out usage text to STDERR -#=============================================================================== -sub usage { - print STDERR << "EOF" ; -usage: $0 [-hvf] [-c config] - - -h : this (help) message - -c : config file - -f : foreground, process will not be forked to background - -v : be verbose (multiple to increase verbosity) -EOF - print "\n" ; -} - - -#=== FUNCTION ================================================================ -# NAME: sig_int_handler -# PARAMETERS: signal - string - signal arose from system -# RETURNS: noting -# DESCRIPTION: handels tasks to be done befor signal becomes active -#=============================================================================== -sub sig_int_handler { - my ($signal) = @_; - if($bus){ - close($bus); - print "$bus closed\n"; - } - print "$signal\n"; - IPC::Shareable->clean_up; - exit(1); -} -$SIG{INT} = \&sig_int_handler; - - -#=== FUNCTION ================================================================ -# NAME: get_ip_and_mac -# PARAMETERS: nothing -# RETURNS: (ip, mac) -# DESCRIPTION: executes /sbin/ifconfig and parses the output, the first occurence -# of a inet address is returned as well as the mac address in the line -# above the inet address -#=============================================================================== -sub get_ip_and_mac { - my $ip = "0.0.0.0.0"; # Defualt-IP - my $mac_address = "00:00:00:00:00:00"; # Default-MAC - my @ifconfig = qx(/sbin/ifconfig); - foreach(@ifconfig) { - if (/Hardware Adresse (\S{2}):(\S{2}):(\S{2}):(\S{2}):(\S{2}):(\S{2})/) { - $mac_address = "$1:$2:$3:$4:$5:$6"; - next; - } - if (/inet Adresse:(\d+).(\d+).(\d+).(\d+)/) { - $ip = "$1.$2.$3.$4"; - last; - } - } - return ($ip, $mac_address); -} - - - -#=== FUNCTION ================================================================ -# NAME: activating_child -# PARAMETERS: msg - string - incoming message -# host - string - host from which the incomming message comes -# RETURNS: nothing -# DESCRIPTION: handels the distribution of incoming messages to working childs -#=============================================================================== -sub activating_child { - my ($msg, $host) = @_; - my $child = &get_processing_child(); - my $pipe_wr = $$child{'pipe_wr'}; - daemon_log("activating: childpid: $$child{'pid'}", 5); - print $pipe_wr $msg.".".$host."\n"; - return; -} - - -#=== FUNCTION ================================================================ -# NAME: get_processing_child -# PARAMETERS: nothing -# RETURNS: child - hash - holding the process id and the references to the pipe -# handles pipe_wr and pipe_rd -# DESCRIPTION: handels the forking, reactivating and keeping alive tasks -#=============================================================================== -sub get_processing_child { - my $child; - # checking %busy_child{pipe_wr} if msg is 'done', then set child from busy to free - while(my ($key, $val) = each(%busy_child)) { - # check wether process still exists - my $exitus_pid = waitpid($key, WNOHANG); - if($exitus_pid != 0) { - delete $busy_child{$key}; - daemon_log( "prozess:$key wurde aus busy_child entfernt\n", 5); - next; - } - - # check wether process sitll works - my $fh = $$val{'pipe_rd'}; - $fh->blocking(0); - my $child_answer; - if(not $child_answer = <$fh>) { next } - chomp($child_answer); - if($child_answer eq "done") { - delete $busy_child{$key}; - $free_child{$key} = $val; - } - } - - while(my ($key, $val) = each(%free_child)) { - my $exitus_pid = waitpid($key, WNOHANG); - if($exitus_pid != 0) { - delete $free_child{$key}; - daemon_log( "prozess:$key wurde aus free_child entfernt\n", 5); - } - daemon_log("free child:$key\n", 5); - } - # check @free_child and @busy_child - my $free_len = scalar(keys(%free_child)); - my $busy_len = scalar(keys(%busy_child)); - daemon_log("free children $free_len, busy children $busy_len\n",5); - - # if there is a free child, let the child work - if($free_len > 0){ - my @keys = keys(%free_child); - $child = $free_child{$keys[0]}; - if(defined $child) { - $busy_child{$$child{'pid'}} = $child ; - delete $free_child{$$child{'pid'}}; - } - return $child; - } - - # no free child, try to fork another one - if($free_len + $busy_len < $child_max) { - - daemon_log("not enough children, create a new one\n",5); - - # New pipes for communication - my( $PARENT_wr, $PARENT_rd ); - my( $CHILD_wr, $CHILD_rd ); - pipe( $CHILD_rd, $PARENT_wr ); - pipe( $PARENT_rd, $CHILD_wr ); - $PARENT_wr->autoflush(1); - $CHILD_wr->autoflush(1); - - ############ - # fork child - ############ - my $child_pid = fork(); - - #CHILD - if($child_pid == 0) { - # Close unused pipes - close( $CHILD_rd ); - close( $CHILD_wr ); - while( 1 ) { - my $rbits = ""; - vec( $rbits, fileno $PARENT_rd , 1 ) = 1; - - # waiting child_timeout for jobs to do - my $nf = select($rbits, undef, undef, $child_timeout); - if($nf < 0 ) { - # if $nf < 1, error handling - die "select(): $!\n"; - } elsif (! $nf) { - # if already child_min childs are alive, then leave loop - $free_len = scalar(keys(%free_child)); - $busy_len = scalar(keys(%busy_child)); - if($free_len + $busy_len >= $child_min) { - last; - } else { - redo; - } - } - - # a job for a child arise - if ( vec $rbits, fileno $PARENT_rd, 1 ) { - # read everything from pipe - my $msg = ""; - $PARENT_rd->blocking(0); - while(1) { - my $read = <$PARENT_rd>; - if(not defined $read) { last} - $msg .= $read; - } - - # forward the job msg to another function - &process_incoming_msg($msg); - daemon_log("processing of msg finished", 5); - - # important!!! wait until child says 'done', until then child is set from busy to free - print $PARENT_wr "done"; - redo; - } - } - # childs leaving the loop are allowed to die - exit(0); - - #PARENT - } else { - # Close unused pipes - close( $PARENT_rd ); - close( $PARENT_wr ); - # add child to child alive hash - my %child_hash = ( - 'pid' => $child_pid, - 'pipe_wr' => $CHILD_wr, - 'pipe_rd' => $CHILD_rd, - ); - - $child = \%child_hash; - $busy_child{$$child{'pid'}} = $child; - return $child; - } - } -} - - -#=== FUNCTION ================================================================ -# NAME: process_incoming_msg -# PARAMETERS: crypted_msg - string - incoming crypted message -# RETURNS: nothing -# DESCRIPTION: handels the proceeded distribution to the appropriated functions -#=============================================================================== -sub process_incoming_msg { - my ($crypted_msg) = @_; - if(not defined $crypted_msg) { - daemon_log("function 'process_incoming_msg': got no msg", 7); - return; - } - $crypted_msg =~ /^([\s\S]*?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)$/; - $crypted_msg = $1; - my $host = sprintf("%s.%s.%s.%s", $2, $3, $4, $5); - - daemon_log("msg from host:\n\t$host", 1); - daemon_log("crypted_msg:\n\t$crypted_msg", 7); - - my @valid_keys; - my @daemon_keys = keys %$known_daemons; - foreach my $daemon_key (@daemon_keys) { - if($daemon_key =~ "^$daemon_key") { - push(@valid_keys, $daemon_key); - } - } - - my $l = @valid_keys; - daemon_log("number of valid daemons: $l\n", 7); - - my ($msg, $msg_hash); - my $msg_flag = 0; - - # collect addresses from possible incoming clients - foreach my $host_key (@valid_keys) { - eval{ - daemon_log( "daemon: $host_key\n", 7); - my $key_passwd = $known_daemons->{$host_key}->{passwd}; - daemon_log("daemon_passwd: $key_passwd\n", 7); - my $key_cipher = &create_ciphering($key_passwd); - $msg = &decrypt_msg($crypted_msg, $key_cipher); - daemon_log("daemon decrypted msg:$msg", 7); - $msg_hash = $xml->XMLin($msg, ForceArray=>1); - }; - if($@) { - daemon_log("msg processing raise error", 7); - daemon_log("error string: $@", 7); - $msg_flag += 1; - } else { - last; - } - } - - if($msg_flag >= $l) { - daemon_log("\nERROR: do not understand the message:\n$msg" , 1); - return; - } - - my $header = &get_content_from_xml_hash($msg_hash, "header"); - my $target = &get_content_from_xml_hash($msg_hash, "target"); - - daemon_log("header from msg:\n\t$header", 1); - daemon_log("msg to process:\n\t$msg", 5); - daemon_log("msg is for: \n\t$target", 7); - - if($target eq $bus_address) { - # msg is for bus - if($header eq 'here_i_am'){ &here_i_am($msg_hash)} - elsif($header eq 'confirm_new_passwd'){ &confirm_new_passwd($msg_hash)} - elsif($header eq 'got_ping') { &got_ping($msg_hash)} - elsif($header eq 'ping') { &ping($msg_hash)} - elsif($header eq 'who_has') { &who_has($msg_hash)} - elsif($header eq 'new_client') { &new_client($msg_hash)} - elsif($header eq 'delete_client') { &delete_client($msg_hash)} - } else { - # msg is for any other server - my @targets = @{$msg_hash->{target}}; - my $len_targets = @targets; - - if ($len_targets == 0){ - # no targets specified - - daemon_log("ERROR: no target specified for msg $header", 1); - - } elsif ($targets[0] eq "*"){ - # all deamons in known_daemons are targets - - my $target = $targets[0]; - my $source = @{$msg_hash->{source}}[0]; - my @target_addresses = keys(%$known_daemons); - foreach my $target_address (@target_addresses) { - if ($target_address eq $source) { next; } - if ($target_address eq $bus_address) { next ; } - $msg_hash->{target} = [$target_address]; - &send_msg_hash2address($msg_hash, $target_address); - } - - } else { - # a list of targets is specified - - my $target_address; - foreach $target_address (@targets) { - if (exists $known_daemons->{$target_address}) { - &send_msg_hash2address($msg_hash, $target_address); - } else { - my @daemon_addresses = keys %$known_daemons; - my $daemon_address; - foreach $daemon_address (@daemon_addresses) { - if (exists $known_daemons->{$daemon_address}->{clients}->{$target_address}) { - my $header = &get_content_from_xml_hash($msg_hash, "header"); - &send_msg_hash2address($msg_hash, $daemon_address); - daemon_log("bus forwards msg $header for client $target_address to server $daemon_address", 3); - last; - } - } - - } - } - } - } - - &print_known_daemons_hash(); - return; -} - - -#=== FUNCTION ================================================================ -# NAME: get_content_of_known_daemons -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -#sub get_content_of_known_daemons { -# my ($host, $content) = @_; -# return; -#} - - -#=== FUNCTION ================================================================ -# NAME: create_passwd -# PARAMETERS: nothing -# RETURNS: new_passwd - string -# DESCRIPTION: creates a 32 bit long random passwd out of "a".."z","A".."Z",0..9 -#=============================================================================== -sub create_passwd { - my $new_passwd = ""; - for(my $i=0; $i<31; $i++) { - $new_passwd .= ("a".."z","A".."Z",0..9)[int(rand(62))] - } - return $new_passwd; -} - - -#=== FUNCTION ================================================================ -# NAME: create_ciphering -# PARAMETERS: passwd - string - used to create ciphering -# RETURNS: cipher - object -# DESCRIPTION: creates a Crypt::Rijndael::MODE_CBC object with passwd as key -#=============================================================================== -sub create_ciphering { - my ($passwd) = @_; - $passwd = substr(md5_hex("$passwd") x 32, 0, 32); - my $iv = substr(md5_hex('GONICUS GmbH'),0, 16); - - #daemon_log("iv: $iv", 7); - #daemon_log("key: $passwd", 7); - my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC()); - $my_cipher->set_iv($iv); - return $my_cipher; -} - - -#=== FUNCTION ================================================================ -# NAME: encrypt_msg -# PARAMETERS: msg - string - message to encrypt -# my_cipher - ref - reference to a Crypt::Rijndael object -# RETURNS: crypted_msg - string - crypted message -# DESCRIPTION: crypts the incoming message with the Crypt::Rijndael module -#=============================================================================== -sub encrypt_msg { - my ($msg, $my_cipher) = @_; - if(not defined $my_cipher) { print "no cipher object\n"; } - $msg = "\0"x(16-length($msg)%16).$msg; - my $crypted_msg = $my_cipher->encrypt($msg); - chomp($crypted_msg = &encode_base64($crypted_msg)); - return $crypted_msg; -} - - -#=== FUNCTION ================================================================ -# NAME: decrypt_msg -# PARAMETERS: crypted_msg - string - message to decrypt -# my_cipher - ref - reference to a Crypt::Rijndael object -# RETURNS: msg - string - decrypted message -# DESCRIPTION: decrypts the incoming message with the Crypt::Rijndael module -#=============================================================================== -sub decrypt_msg { - my ($crypted_msg, $my_cipher) = @_ ; - $crypted_msg = &decode_base64($crypted_msg); - my $msg = $my_cipher->decrypt($crypted_msg); - $msg =~ s/^\0*//g; - return $msg; -} - - -#=== FUNCTION ================================================================ -# NAME: create_xml_hash -# PARAMETERS: header - string - message header (required) -# source - string - where the message come from (required) -# target - string - where the message should go to (required) -# [header_value] - string - something usefull (optional) -# RETURNS: hash - hash - nomen est omen -# DESCRIPTION: creates a key-value hash, all values are stored in a array -#=============================================================================== -sub create_xml_hash { - my ($header, $source, $target, $header_value) = @_ ; - - if (not defined $header || not defined $source || not defined $target) { - daemon_log("ERROR: create_xml_hash function is invoked with uncompleted parameters", 7); - } - - my $hash = { - header => [$header], - source => [$source], - target => [$target], - $header => [$header_value], - }; - #daemon_log("create_xml_hash:", 7), - #chomp(my $tmp = Dumper $hash); - #daemon_log("\t$tmp\n", 7); - return $hash -} - - -#=== FUNCTION ================================================================ -# NAME: create_xml_string -# PARAMETERS: xml_hash - hash - hash from function create_xml_hash -# RETURNS: xml_string - string - xml string representation of the hash -# DESCRIPTION: transform the hash to a string using XML::Simple module -#=============================================================================== -sub create_xml_string { - my ($xml_hash) = @_ ; - my $xml_string = $xml->XMLout($xml_hash, RootName => 'xml'); - $xml_string =~ s/[\n]+//g; - return $xml_string; -} - - -#=== FUNCTION ================================================================ -# NAME: add_content2xml_hash -# PARAMETERS: xml_ref - ref - reference to a hash from function create_xml_hash -# element - string - key for the hash -# content - string - value for the hash -# RETURNS: nothing -# DESCRIPTION: add key-value pair to xml_ref, if key alread exists, then append value to list -#=============================================================================== -sub add_content2xml_hash { - my ($xml_ref, $element, $content) = @_; - if(not exists $$xml_ref{$element} ) { - $$xml_ref{$element} = []; - } - my $tmp = $$xml_ref{$element}; - push(@$tmp, $content); - return; -} - - -#=== FUNCTION ================================================================ -# NAME: get_content_from_xml_hash -# PARAMETERS: xml_ref - ref - reference of the xml hash -# element - string - key of the value you want -# RETURNS: value - string - if key is either header, target or source -# value - list - for all other keys in xml hash -# DESCRIPTION: -#=============================================================================== -sub get_content_from_xml_hash { - my ($xml_ref, $element) = @_; - my $result = $xml_ref->{$element}; - if( $element eq "header" || $element eq "target" || $element eq "source") { - return @$result[0]; - } - return @$result; -} - - -#=== FUNCTION ================================================================ -# NAME: open_socket -# PARAMETERS: PeerAddr - string - something like 192.168.1.1 or 192.168.1.1:10000 -# [PeerPort] - string - necessary if port not appended by PeerAddr -# RETURNS: socket - IO::Socket::INET -# DESCRIPTION: open a socket to PeerAddr -#=============================================================================== -sub open_socket { - my ($PeerAddr, $PeerPort) = @_ ; - if(defined($PeerPort)){ - $PeerAddr = $PeerAddr.":".$PeerPort; - } - my $socket; - $socket = new IO::Socket::INET(PeerAddr => $PeerAddr , - Porto => "tcp" , - Type => SOCK_STREAM, - Reuse => 1, - Timeout => 5, - ); - if(not defined $socket) { - return; - } - return $socket; -} - - -#=== FUNCTION ================================================================ -# NAME: read_from_socket -# PARAMETERS: socket - fh - filehandel to read from -# RETURNS: result - string - readed characters from socket -# DESCRIPTION: reads data from socket in 16 byte steps -#=============================================================================== -sub read_from_socket { - my ($socket) = @_; - - $socket->blocking(1); - my $result = <$socket>; - $socket->blocking(0); - my $part_msg; - while ($part_msg = <$socket>) { - if (not defined $part_msg) { last; } - $result .= $part_msg; - } - - #my $result = ""; - #my $len = 16; - #while($len == 16){ - # my $char; - # $len = sysread($socket, $char, 16); - # if($len != 16) { last } - # if($len != 16) { last } - # $result .= $char; - #} - return $result; -} - - -#=== FUNCTION ================================================================ -# NAME: send_msg_hash2address -# PARAMETERS: msg_hash - hash - xml_hash created with function create_xml_hash -# PeerAddr string - socket address to send msg -# PeerPort string - socket port, if not included in socket address -# RETURNS: nothing -# DESCRIPTION: ???? -#=============================================================================== -sub send_msg_hash2address { - my ($msg_hash, $address) = @_ ; - - # fetch header for logging - my $header = &get_content_from_xml_hash($msg_hash, "header"); - - # generate xml string - my $msg_xml = &create_xml_string($msg_hash); - - # fetch the appropriated passwd from hash - my $passwd = $known_daemons->{$address}->{passwd}; - - # create a ciphering object - my $act_cipher = &create_ciphering($passwd); - - # encrypt xml msg - my $crypted_msg = &encrypt_msg($msg_xml, $act_cipher); - - # open socket - my $socket = &open_socket($address); - if(not defined $socket){ - daemon_log("ERROR: cannot send '$header'-msg to $address , server not reachable", 1); - return; - } - - # send xml msg - print $socket $crypted_msg."\n"; - - close $socket; - daemon_log("send '$header'-msg to $address", 5); - daemon_log("crypted_msg:\n\t$crypted_msg", 7); - return; -} - - -#=== FUNCTION ================================================================ -# NAME: send_msg_hash2all -# PARAMETERS: msg_hash - hash - xml_hash created with function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: send msg_hash to all registered daemons -#=============================================================================== -sub send_msg_hash2all { - my ($msg_hash) = @_; - - # fetch header for logging - my $header = &get_content_from_xml_hash($msg_hash, "header"); - - # generate xml string - my $msg_xml = &create_xml_string($msg_hash); - - # fetch a list of all target addresses - my @targets = keys(%$known_daemons); - - # itterates through the list an send each the msg - foreach my $target (@targets) { - if($target eq $bus_address) {next}; # do not send msg to bus - - # fetch the appropriated passwd - my $passwd = $known_daemons->{$target}->{passwd}; - - # create ciphering object - my $act_cipher = &create_ciphering($passwd); - - # encrypt xml msg - my $crypted_msg = &encrypt_msg($msg_xml, $act_cipher); - - # open socket - my $socket = &open_socket($target); - if(not defined $socket){ - daemon_log("ERROR: cannot open socket to $target , server not reachable", 1); - &update_known_daemons_entry(hostname=>$target, status=>"down"); - next; - } - - # send xml msg - print $socket $crypted_msg."\n"; - - close $socket; - daemon_log("send '$header'-msg to $target", 5); - daemon_log("crypted_msg:\n\t$crypted_msg", 7); - } - return; -} - - -#=== FUNCTION ================================================================ -# NAME: here_i_am -# PARAMETERS: msg_hash - hash - hash from function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: process the incoming msg 'here_i_am' -#=============================================================================== -sub here_i_am { - my ($msg_hash) = @_ ; - my $source = &get_content_from_xml_hash($msg_hash, "source"); - - my $new_passwd = &create_passwd(); - - # create known_daemons entry - &create_known_daemons_entry($source); - &update_known_daemons_entry(hostname=>$source, status=>"registered", passwd=>$bus_passwd); - - # create outgoing msg - my $out_hash = &create_xml_hash("new_passwd", "$bus_ip:$bus_port", $source, $new_passwd); - &send_msg_hash2address($out_hash, $source); - - # change passwd, reason - # &send_msg_hash2address takes $known_daemons->{"$source"}->{passwd} to cipher msg - &update_known_daemons_entry(hostname=>$source, status=>"new_passwd", passwd=>$new_passwd); - - return; -} - - -#=== FUNCTION ================================================================ -# NAME: confirm_new_passwd -# PARAMETERS: msg_hash - hash - hash from function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: process this incoming message -#=============================================================================== -sub confirm_new_passwd { - my ($msg_hash) = @_ ; - my $source = &get_content_from_xml_hash($msg_hash, "source"); - &update_known_daemons_entry(hostname=>$source, status=>"confirmed_new_passwd"); - return; -} - - -#=== FUNCTION ================================================================ -# NAME: ping -# PARAMETERS: msg_hash - hash - hash from function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: process this incoming message -#=============================================================================== -sub ping { - my ($msg_hash) = @_ ; - my $source = &get_content_from_xml_hash($msg_hash, "source"); - &update_known_daemons_entry(hostname=>$source, status=>"ping"); - my $out_hash = &create_xml_hash("got_ping", $bus_address, $source); - &send_msg_hash2address($out_hash, $source); - return; -} - - -#=== FUNCTION ================================================================ -# NAME: make ping -# PARAMETERS: address - string - address which should be pinged -# RETURNS: nothing -# DESCRIPTION: send ping message to address -#=============================================================================== -sub make_ping { - my ($address) = @_; - daemon_log("ping:$address\n", 1); - my $out_hash = &create_xml_hash("ping", "$bus_ip:$bus_port", $address); - &send_msg_hash2address($out_hash, $address); - return; -} - - -#=== FUNCTION ================================================================ -# NAME: got_ping -# PARAMETERS: msg_hash - hash - hash from function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: process this incoming message -#=============================================================================== -sub got_ping { - my ($msg_hash) = @_; - my $source = &get_content_from_xml_hash($msg_hash, "source"); - &update_known_daemons_entry(hostname=>$source, status=>"got_ping"); - return; -} - - -#=== FUNCTION ================================================================ -# NAME: new_client -# PARAMETERS: msg_hash - hash - hash from function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: process this incoming message -#=============================================================================== -sub new_client { - my ($msg_hash) = @_ ; - my $source = &get_content_from_xml_hash($msg_hash, "source"); - my $header = &get_content_from_xml_hash($msg_hash, "header"); - my $new_client = (&get_content_from_xml_hash($msg_hash, $header))[0]; - - &update_known_daemons_entry(hostname=>$source, client=>$new_client); - return; -} - - -#=== FUNCTION ================================================================ -# NAME: delete_client -# PARAMETERS: msg_hash - hash - hash from function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: process this incoming message -#=============================================================================== -sub delete_client { - my ($msg_hash) = @_ ; - my $source = &get_content_from_xml_hash($msg_hash, "source"); - my $header = &get_content_from_xml_hash($msg_hash, "header"); - my $del_client = (&get_content_from_xml_hash($msg_hash, $header))[0]; - - if (not exists $known_daemons->{$source}->{$del_client}) { - daemon_log - } - delete $known_daemons->{$source}->{$del_client}; - - return; -} - - -#=== FUNCTION ================================================================ -# NAME: print_known_daemons_hash -# PARAMETERS: nothing -# RETURNS: nothing -# DESCRIPTION: nome est omen -#=============================================================================== -sub print_known_daemons_hash { - my ($tmp) = @_; - print "####################################\n"; - print "# status of known_daemons\n"; - my $hosts; - my $host_hash; - $shmkh->shlock(LOCK_EX); - my @hosts = keys %$known_daemons; - foreach my $host (@hosts) { - my $status = $known_daemons->{$host}->{status} ; - my $passwd = $known_daemons->{$host}->{passwd}; - my $timestamp = $known_daemons->{$host}->{timestamp}; - my @clients = keys %{$known_daemons->{$host}->{clients}}; - my $client_string = join(", ", @clients); - print "$host\n"; - print "\tstatus: $status\n"; - print "\tpasswd: $passwd\n"; - print "\ttimestamp: $timestamp\n"; - print "\tclients: $client_string\n"; - - } - $shmkh->shunlock(LOCK_EX); - print "####################################\n\n"; - return; -} - - -#=== FUNCTION ================================================================ -# NAME: create_known_daemons_entry -# PARAMETERS: hostname - string - ip address and port of host -# RETURNS: nothing -# DESCRIPTION: nome est omen -#=============================================================================== -sub create_known_daemons_entry { - my ($hostname) = @_; - $shmkh->shlock(LOCK_EX); - $known_daemons->{$hostname} = {}; - $known_daemons->{$hostname}->{status} = "none"; - $known_daemons->{$hostname}->{passwd} = "none"; - $known_daemons->{$hostname}->{timestamp} = "none"; - $known_daemons->{$hostname}->{clients} = {}; - $shmkh->shunlock(LOCK_EX); - return; -} - - -#=== FUNCTION ================================================================ -# NAME: update_known_daemons_entry -# PARAMETERS: hostname - string - ip address and port of host (required) -# status - string - (optional) -# passwd - string - (optional) -# client - string - ip address and port of client (optional) -# RETURNS: nothing -# DESCRIPTION: nome est omen and updates each time the timestamp of hostname -#=============================================================================== -sub update_known_daemons_entry { - my $arg = { - hostname => undef, status => undef, passwd => undef, - client => undef, - @_ }; - my $hostname = $arg->{hostname}; - my $status = $arg->{status}; - my $passwd = $arg->{passwd}; - my $client = $arg->{client}; - - if (not defined $hostname) { - daemon_log("ERROR: function add_content2known_daemons is not invoked with requiered parameter 'hostname'", 1); - return; - } - - my ($seconds, $minutes, $hours, $monthday, $month, - $year, $weekday, $yearday, $sommertime) = localtime(time); - $hours = $hours < 10 ? $hours = "0".$hours : $hours; - $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes; - $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds; - $month+=1; - $month = $month < 10 ? $month = "0".$month : $month; - $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; - $year+=1900; - my $t = "$year$month$monthday$hours$minutes$seconds"; - - $shmkh->shlock(LOCK_EX); - if (defined $status) { - $known_daemons->{$hostname}->{status} = $status; - } - if (defined $passwd) { - $known_daemons->{$hostname}->{passwd} = $passwd; - } - if (defined $client) { - $known_daemons->{$hostname}->{clients}->{$client} = ""; - } - $known_daemons->{$hostname}->{timestamp} = $t; - $shmkh->shunlock(LOCK_EX); - return; -} - - -#==== MAIN = main ============================================================== - -# parse commandline options -Getopt::Long::Configure( "bundling" ); -GetOptions("h|help" => \&usage, - "c|config=s" => \$cfg_file, - "f|foreground" => \$foreground, - "v|verbose+" => \$verbose, - ); - -# read and set config parameters -&check_cmdline_param ; -&read_configfile; -&check_pid; - -$SIG{CHLD} = 'IGNORE'; - -# restart daemon log file -if(-e $log_file ) { unlink $log_file } -daemon_log("$0 started!"); - -# Just fork, if we"re not in foreground mode -if( ! $foreground ) { $pid = fork(); } -else { $pid = $$; } - -# Do something useful - put our PID into the pid_file -if( 0 != $pid ) { - open( LOCK_FILE, ">$pid_file" ); - print LOCK_FILE "$pid\n"; - close( LOCK_FILE ); - if( !$foreground ) { exit( 0 ) }; -} - -# detect own ip and mac address -($bus_ip, $bus_mac_address) = &get_ip_and_mac(); -if (not defined $bus_ip) { - die "EXIT: ip address of $0 could not be detected"; -} -daemon_log("bus ip address detected: $bus_ip", 1); -daemon_log("bus mac address detected: $bus_mac_address", 1); - - -# setup xml parser -$xml = new XML::Simple(); - -# create cipher object -$bus_cipher = &create_ciphering($bus_passwd); -$bus_address = "$bus_ip:$bus_port"; - -# create reading and writing vectors -my $rbits = my $wbits = my $ebits = ""; - -# open the bus socket -if($bus_activ eq "on") { - $bus = IO::Socket::INET->new(LocalPort => $bus_port, - Type => SOCK_STREAM, - Reuse => 1, - Listen => 20, - ) or die "kann kein TCP-Server an Port $bus_port sein: $@\n"; - vec($rbits, fileno $bus, 1) = 1; - vec($wbits, fileno $bus, 1) = 1; - print "start bus at $bus_ip:$bus_port\n"; -} - -# add bus to known_daemons -&create_known_daemons_entry($bus_address); -&update_known_daemons_entry(hostname=>$bus_address, status=>"bus", passwd=>$bus_passwd); - - -while(1) { - my $nf = select($rbits, $wbits, undef, undef); - # error handling - if($nf < 0 ) { - } - - # something is coming in - if(vec $rbits, fileno $bus, 1 ) { - my $client = $bus->accept(); - my $other_end = getpeername($client); - if(not defined $other_end) { - daemon_log("Gegenstelle konnte nicht identifiziert werden: $!\n"); - } else { - my ($port, $iaddr) = unpack_sockaddr_in($other_end); - my $actual_ip = inet_ntoa($iaddr); - daemon_log("\naccept client from $actual_ip\n", 5); - my $in_msg = &read_from_socket($client); - if(defined $in_msg){ - &activating_child($in_msg, $actual_ip); - } else { - daemon_log("cannot read from $actual_ip\n",1); - } - } - close($client); - } - -} - - diff --git a/contrib/daemon/gosa-si-bus.conf-template b/contrib/daemon/gosa-si-bus.conf-template deleted file mode 100644 index 7ca56e906..000000000 --- a/contrib/daemon/gosa-si-bus.conf-template +++ /dev/null @@ -1,13 +0,0 @@ -[general] -log_file = /var/log/gosa-si-bus.log -pid_file = /var/run/gosa-si-bus.pid -child_max = 10 -child_min = 2 -child_timeout = 10 - -[bus] -bus_activ = on -bus_passwd = secret-bus-password -bus_ip = 127.0.0.1 -bus_port = 20080 - diff --git a/contrib/daemon/gosa-si-client b/contrib/daemon/gosa-si-client deleted file mode 100755 index 3825940a7..000000000 --- a/contrib/daemon/gosa-si-client +++ /dev/null @@ -1,1109 +0,0 @@ -#!/usr/bin/perl -#=============================================================================== -# -# FILE: gosa-server -# -# USAGE: ./gosasc -# -# DESCRIPTION: -# -# OPTIONS: --- -# REQUIREMENTS: --- -# BUGS: --- -# NOTES: -# AUTHOR: (Andreas Rettenberger), -# COMPANY: -# VERSION: 1.0 -# CREATED: 12.09.2007 08:54:41 CEST -# REVISION: --- -#=============================================================================== - -use strict; -use warnings; -use Getopt::Long; -use Config::IniFiles; -use POSIX; -use Time::HiRes qw( gettimeofday ); - -use Fcntl; -use IO::Socket::INET; -use Crypt::Rijndael; -use MIME::Base64; -use Digest::MD5 qw(md5 md5_hex md5_base64); -use XML::Simple; -use Data::Dumper; -use Sys::Syslog qw( :DEFAULT setlogsock); -use File::Spec; -use Cwd; -use GosaSupportDaemon; - - -my ($cfg_file, %cfg_defaults, $foreground, $verbose, $pid_file, $procid, $pid, $log_file); -my ($server_address, $server_ip, $server_port, $server_domain, $server_passwd, $server_cipher, $server_timeout); -my ($client_address, $client_ip, $client_port, $client_mac_address); -my ($input_socket, $rbits, $wbits, $ebits, $xml, $known_hosts); -my (@events); - -# default variables -my $event_dir = "/etc/gosac/events"; -$known_hosts = {}; -$foreground = 0 ; -%cfg_defaults = -("general" => - {"log_file" => [\$log_file, "/var/run/".$0.".log"], - "pid_file" => [\$pid_file, "/var/run/".$0.".pid"], - }, -"client" => - {"client_port" => [\$client_port, "20083"], - }, -"server" => - {"server_ip" => [\$server_ip, ""], - "server_port" => [\$server_port, "20081"], - "server_passwd" => [\$server_passwd, ""], - "server_timeout" => [\$server_timeout, 10], - "server_domain" => [\$server_domain, ""], - }, - ); - - -#=== FUNCTION ================================================================ -# NAME: read_configfile -# PARAMETERS: cfg_file - string - -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub read_configfile { - my $cfg; - if( defined( $cfg_file) && ( length($cfg_file) > 0 )) { - if( -r $cfg_file ) { - $cfg = Config::IniFiles->new( -file => $cfg_file ); - } else { - print STDERR "Couldn't read config file!"; - } - } else { - $cfg = Config::IniFiles->new() ; - } - foreach my $section (keys %cfg_defaults) { - foreach my $param (keys %{$cfg_defaults{ $section }}) { - my $pinfo = $cfg_defaults{ $section }{ $param }; - ${@$pinfo[ 0 ]} = $cfg->val( $section, $param, @$pinfo[ 1 ] ); - } - } -} - - -#=== FUNCTION ================================================================ -# NAME: logging -# PARAMETERS: level - string - default 'info' -# msg - string - -# facility - string - default 'LOG_DAEMON' -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub daemon_log { - my( $msg, $level ) = @_; - if(not defined $msg) { return } - if(not defined $level) { $level = 1 } - if(defined $log_file){ - open(LOG_HANDLE, ">>$log_file"); - if(not defined open( LOG_HANDLE, ">>$log_file" )) { - print STDERR "cannot open $log_file: $!"; - return } - chomp($msg); - if($level <= $verbose){ - print LOG_HANDLE $msg."\n"; - if(defined $foreground) { print $msg."\n" } - } - } - close( LOG_HANDLE ); -# my ($msg, $level, $facility) = @_; -# if(not defined $msg) {return} -# if(not defined $level) {$level = "info"} -# if(not defined $facility) {$facility = "LOG_DAEMON"} -# openlog($0, "pid,cons,", $facility); -# syslog($level, $msg); -# closelog; -# return; -} - - -#=== FUNCTION ================================================================ -# NAME: check_cmdline_param -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub check_cmdline_param () { - my $err_config; - my $err_counter = 0; - if( not defined( $cfg_file)) { - #$err_config = "please specify a config file"; - #$err_counter += 1; - my $cwd = getcwd; - my $name = "/etc/gosa/gosa-si-client.conf"; - $cfg_file = File::Spec->catfile( $cwd, $name ); - print STDERR "no conf file specified\n try to use default: $cfg_file\n"; - } - if( $err_counter > 0 ) { - &usage( "", 1 ); - if( defined( $err_config)) { print STDERR "$err_config\n"} - print STDERR "\n"; - exit( -1 ); - } -} - - -#=== FUNCTION ================================================================ -# NAME: check_pid -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub check_pid { - $pid = -1; - # Check, if we are already running - if( open(LOCK_FILE, "<$pid_file") ) { - $pid = ; - if( defined $pid ) { - chomp( $pid ); - if( -f "/proc/$pid/stat" ) { - my($stat) = `cat /proc/$pid/stat` =~ m/$pid \((.+)\).*/; - if( $0 eq $stat ) { - close( LOCK_FILE ); - exit -1; - } - } - } - close( LOCK_FILE ); - unlink( $pid_file ); - } - - # create a syslog msg if it is not to possible to open PID file - if (not sysopen(LOCK_FILE, $pid_file, O_WRONLY|O_CREAT|O_EXCL, 0644)) { - my($msg) = "Couldn't obtain lockfile '$pid_file' "; - if (open(LOCK_FILE, '<', $pid_file) - && ($pid = )) - { - chomp($pid); - $msg .= "(PID $pid)\n"; - } else { - $msg .= "(unable to read PID)\n"; - } - if( ! ($foreground) ) { - openlog( $0, "cons,pid", "daemon" ); - syslog( "warning", $msg ); - closelog(); - } - else { - print( STDERR " $msg " ); - } - exit( -1 ); - } -} - - -#=== FUNCTION ================================================================ -# NAME: get_ip_and_mac -# PARAMETERS: nothing -# RETURNS: (ip, mac) -# DESCRIPTION: executes /sbin/ifconfig and parses the output, the first occurence -# of a inet address is returned as well as the mac address in the line -# above the inet address -#=============================================================================== -sub get_ip_and_mac { - my $ip = "0.0.0.0.0"; # Defualt-IP - my $mac = "00:00:00:00:00:00"; # Default-MAC - my @ifconfig = qx(/sbin/ifconfig); - foreach(@ifconfig) { - if (/Hardware Adresse (\S{2}):(\S{2}):(\S{2}):(\S{2}):(\S{2}):(\S{2})/) { - $mac = "$1:$2:$3:$4:$5:$6"; - next; - } - if (/inet Adresse:(\d+).(\d+).(\d+).(\d+)/) { - $ip = "$1.$2.$3.$4"; - last; - } - } - return ($ip, $mac); -} - - -#=== FUNCTION ================================================================ -# NAME: usage -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub usage { - my( $text, $help ) = @_; - $text = undef if( "h" eq $text ); - (defined $text) && print STDERR "\n$text\n"; - if( (defined $help && $help) || (!defined $help && !defined $text) ) { - print STDERR << "EOF" ; -usage: $0 [-hvf] [-c config] - - -h : this (help) message - -c : config file - -f : foreground, process will not be forked to background - -v : be verbose (multiple to increase verbosity) -EOF - } - print "\n" ; -} - -#=== FUNCTION ================================================================ -# NAME: get_server_addresses -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub get_server_addresses { - my $domain= shift; - my @result; - my $dig_cmd= 'dig +nocomments srv _gosad._tcp.'.$domain; - - my $output= `$dig_cmd 2>&1`; - open (PIPE, "$dig_cmd 2>&1 |"); - while() { - chomp $_; - # If it's not a comment - if($_ =~ m/^[^;]/) { - my @matches= split /\s+/; - - # Push hostname with port - if($matches[3] eq 'SRV') { - push @result, $matches[7].':'.$matches[6]; - } elsif ($matches[3] eq 'A') { - my $i=0; - - # Substitute the hostname with the ip address of the matching A record - foreach my $host (@result) { - if ((split /\:/, $host)[0] eq $matches[0]) { - $result[$i]= $matches[4].':'.(split /\:/, $host)[1]; - } - $i++; - } - } - } - } - close(PIPE); - return @result; -} - - -#=== FUNCTION ================================================================ -# NAME: register_at_server -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub register_at_server { - my ($tmp) = @_; - - # create new passwd and ciphering object for client-server communication - my $new_server_passwd = &create_passwd(); - my $new_server_cipher; - - # detect all client accepted events - opendir(DIR, $event_dir) - or daemon_log("cannot find directory $event_dir!\ngosac starts without any accepting events!", 1); - my $file_name; - @events = (); - while(defined($file_name = readdir(DIR))){ - if ($file_name eq "." || $file_name eq "..") { - next; - } - push(@events, $file_name); - } - my $events = join(",", @events); - daemon_log("found events: $events", 1); - - # fill in all possible servers - my @servers; - if (defined $server_domain) { - my @tmp_servers = &get_server_addresses($server_domain); - foreach my $server (@tmp_servers) { unshift(@servers, $server); } - } - # add server address from config file at first position of server list - if (defined $server_address) { - unshift(@servers, $server_address); - } - daemon_log("found servers in configuration file and via DNS:", 5); - foreach my $server (@servers) { - daemon_log("\t$server", 5); - } - - my ($rout, $wout, $reg_server); - foreach my $server (@servers) { - # create msg hash - my $register_hash = &create_xml_hash("here_i_am", $client_address, $server); - &add_content2xml_hash($register_hash, "new_passwd", $new_server_passwd); - &add_content2xml_hash($register_hash, "client_mac_address", $client_mac_address); - &add_content2xml_hash($register_hash, "events", $events); - - # send xml hash to server with general server passwd - my $answer = &send_msg_hash2address($register_hash, $server, $server_passwd); - - # sending fails, no sens to wait for response - if ($answer ne "done") { next; } - - # waiting for response - daemon_log("waiting for response...\n", 5); - my $nf = select($rout=$rbits, $wout=$wbits, undef, $server_timeout); - - # something is coming in - if(vec $rout, fileno $input_socket, 1) { - my $crypted_msg; - my $client = $input_socket->accept(); - my $other_end = getpeername($client); - if(not defined $other_end) { - daemon_log("client cannot be identified: $!\n"); - } else { - my ($port, $iaddr) = unpack_sockaddr_in($other_end); - my $actual_ip = inet_ntoa($iaddr); - daemon_log("\naccept client from $actual_ip\n", 5); - my $in_msg = &read_from_socket($client); - if(defined $in_msg){ - chomp($in_msg); - $crypted_msg = $in_msg; - } else { - daemon_log("cannot read from $actual_ip\n", 5); - } - } - close($client); - - # validate acknowledge msg from server - $new_server_cipher = &create_ciphering($new_server_passwd); - my $msg_hash; - eval { - my $decrypted_msg = &decrypt_msg($crypted_msg, $new_server_cipher); - daemon_log("decrypted register msg: $decrypted_msg", 5); - $msg_hash = $xml->XMLin($decrypted_msg, ForceArray=>1); - }; - if($@) { - daemon_log("ERROR: do not understand the incoming message:" , 5); - daemon_log("$@", 7); - } else { - my $header = &get_content_from_xml_hash($msg_hash, "header"); - if($header eq "registered") { - $reg_server = $server; - last; - } elsif($header eq "denied") { - my $reason = (&get_content_from_xml_hash($msg_hash, "denied"))[0]; - daemon_log("registration at $server denied: $reason", 1); - } else { - daemon_log("cannot register at $server", 1); - } - } - } - # kommt antwort nicht, dann probiere es mit dem nächsten in der liste - - } - - if(defined $reg_server) { - daemon_log("registered at $reg_server", 1); - } else { - daemon_log("cannot register at any server", 1); - daemon_log("exiting!!!", 1); - exit(1); - } - - # update the global available variables - $server_address = $reg_server; - $server_passwd = $new_server_passwd; - $server_cipher = $new_server_cipher; - return; -} - - -#=== FUNCTION ================================================================ -# NAME: create_xml_hash -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub create_xml_hash { - my ($header, $source, $target, $header_value) = @_; - my $hash = { - header => [$header], - source => [$source], - target => [$target], - $header => [$header_value], - }; - daemon_log("create_xml_hash:", 7), - chomp(my $tmp = Dumper $hash); - daemon_log("\t$tmp\n", 7); - return $hash -} - - -#=== FUNCTION ================================================================ -# NAME: create_xml_string -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub create_xml_string { - my ($xml_hash) = @_ ; - my $xml_string = $xml->XMLout($xml_hash, RootName => 'xml'); - $xml_string =~ s/[\n]+//g; - daemon_log("create_xml_string:\n\t$xml_string\n", 7); - return $xml_string; -} - - -#=== FUNCTION ================================================================ -# NAME: add_content2xml_hash -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub add_content2xml_hash { - my ($xml_ref, $element, $content) = @_; - if(not exists $$xml_ref{$element} ) { - $$xml_ref{$element} = []; - } - my $tmp = $$xml_ref{$element}; - push(@$tmp, $content); - return; -} - - -#=== FUNCTION ================================================================ -# NAME: get_content_from_xml_hash -# PARAMETERS: ref : reference to the xml hash -# string: key of the value you want -# RETURNS: STRING AND ARRAY -# DESCRIPTION: if key of the hash is either 'header', 'target' or 'source' the -# function returns a string cause it is expected that these keys -# do just have one value, all other keys returns an array!!! -#=============================================================================== -sub get_content_from_xml_hash { - my ($xml_ref, $element) = @_; - my $result = $xml_ref->{$element}; - if( $element eq "header" || $element eq "target" || $element eq "source") { - return @$result[0]; - } - return @$result; -} - -# my ($xml_ref, $element) = @_; -# if (exists $xml_ref->{$element}) { -# my $result = $xml_ref->{$element}; -# if( $element eq "header" || $element eq "target" || $element eq "source") { -# return @$result[0]; -# } else { -# return @$result; -# } -# -# } else { -# my $result = (); -# return @$result; -# } -#} - - -#=== FUNCTION ================================================================ -# NAME: encrypt_msg -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub encrypt_msg { - my ($msg, $my_cipher) = @_; - if(not defined $my_cipher) { print "no cipher object\n"; } - $msg = "\0"x(16-length($msg)%16).$msg; - my $crypted_msg = $my_cipher->encrypt($msg); - chomp($crypted_msg = &encode_base64($crypted_msg)); - return $crypted_msg; -} - - -#=== FUNCTION ================================================================ -# NAME: decrypt_msg -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub decrypt_msg { - my ($crypted_msg, $my_cipher) = @_ ; - $crypted_msg = &decode_base64($crypted_msg); - my $msg = $my_cipher->decrypt($crypted_msg); - $msg =~ s/\0*//g; - return $msg; -} - - -#=== FUNCTION ================================================================ -# NAME: create_ciphering -# PARAMETERS: -# RETURNS: cipher object -# DESCRIPTION: -#=============================================================================== -sub create_ciphering { - my ($passwd) = @_; - $passwd = substr(md5_hex("$passwd") x 32, 0, 32); - my $iv = substr(md5_hex('GONICUS GmbH'),0, 16); - - #daemon_log("iv: $iv", 7); - #daemon_log("key: $passwd", 7); - my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC()); - $my_cipher->set_iv($iv); - return $my_cipher; -} - - -#=== FUNCTION ================================================================ -# NAME: create_passwd -# PARAMETERS: -# RETURNS: cipher object -# DESCRIPTION: -#=============================================================================== -sub create_passwd { - my $new_passwd = ""; - for(my $i=0; $i<31; $i++) { - $new_passwd .= ("a".."z","A".."Z",0..9)[int(rand(62))] - } - - return $new_passwd; -} - - -#=== FUNCTION ================================================================ -# NAME: send_msg_hash2address -# PARAMETERS: msg string - xml message -# PeerAddr string - socket address to send msg -# PeerPort string - socket port, if not included in socket address -# RETURNS: nothing -# DESCRIPTION: ???? -#=============================================================================== -sub send_msg_hash2address { - my ($msg_hash, $address, $passwd) = @_ ; - - # fetch header for logging - my $header = @{$msg_hash->{header}}[0]; - - # generiere xml string - my $msg_xml = &create_xml_string($msg_hash); - - # hole das entsprechende passwd aus dem hash - if(not defined $passwd) { - if(exists $known_hosts->{$address}) { - $passwd = $known_hosts->{$address}->{passwd}; - } elsif ($address eq $server_address) { - $passwd = $server_passwd; - } else { - daemon_log("$address not known, neither as server nor as client", 1); - return "failed"; - } - } - - # erzeuge ein ciphering object - my $act_cipher = &create_ciphering($passwd); - - # encrypt xml msg - my $crypted_msg = &encrypt_msg($msg_xml, $act_cipher); - - # öffne socket - my $socket = &open_socket($address); - if(not defined $socket){ - daemon_log("cannot open socket to $address, server not reachable", 1); - daemon_log("cannot send '$header'-msg", 1); - return "failed"; - } - - # versende xml msg - print $socket $crypted_msg."\n"; - - # schließe socket - close $socket; - - daemon_log("send '$header'-msg to $address", 5); - daemon_log("crypted_msg:\n\t$crypted_msg", 7); - - return "done"; -} - - -#=== FUNCTION ================================================================ -# NAME: open_socket -# PARAMETERS: PeerAddr string something like 192.168.1.1 or 192.168.1.1:10000 -# [PeerPort] string necessary if port not appended by PeerAddr -# RETURNS: socket IO::Socket::INET -# DESCRIPTION: -#=============================================================================== -sub open_socket { - my ($PeerAddr, $PeerPort) = @_ ; - if(defined($PeerPort)){ - $PeerAddr = $PeerAddr.":".$PeerPort; - } - my $socket; - $socket = new IO::Socket::INET(PeerAddr => $PeerAddr , - Porto => "tcp" , - Type => SOCK_STREAM, - Timeout => 5, - ); - if(not defined $socket) { - #daemon_log("cannot connect to socket at $PeerAddr, $@\n"); - return; - } - daemon_log("open_socket:\n\t$PeerAddr", 7); - return $socket; -} - - -#=== FUNCTION ================================================================ -# NAME: read_from_socket -# PARAMETERS: socket fh - -# RETURNS: result string - readed characters from socket -# DESCRIPTION: reads data from socket in 16 byte steps -#=============================================================================== -sub read_from_socket { - my ($socket) = @_; - my $result = ""; - - $socket->blocking(1); - $result = <$socket>; - - $socket->blocking(0); - while ( my $char = <$socket> ) { - if (not defined $char) { last } - $result .= $char; - } - return $result; - - - -# my ($socket) = @_; -# my $result = ""; -# my $len = 16; -# while($len == 16){ -# my $char; -# $len = sysread($socket, $char, 16); -# if($len != 16) { last } -# if($len != 16) { last } -# $result .= $char; -# } -# return $result; -} - - -#=== FUNCTION ================================================================ -# NAME: print_known_hosts_hash -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub print_known_hosts_hash { - my ($tmp) = @_; - print "####################################\n"; - print "# status of known_hosts\n"; - my $hosts; - my $host_hash; - my @hosts = keys %$known_hosts; - foreach my $host (@hosts) { - #my @elements = keys %$known_hosts->{$host}; - my $status = $known_hosts->{$host}->{status} ; - my $passwd = $known_hosts->{$host}->{passwd}; - my $timestamp = $known_hosts->{$host}->{timestamp}; - print "$host\n"; - print "\t$status\n"; - print "\t$passwd\n"; - print "\t$timestamp\n"; - } - print "####################################\n"; - return; -} - -#=== FUNCTION ================================================================ -# NAME: -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub create_known_hosts_entry { - my ($hostname) = @_; - $known_hosts->{$hostname} = {}; - $known_hosts->{$hostname}->{status} = "none"; - $known_hosts->{$hostname}->{passwd} = "none"; - $known_hosts->{$hostname}->{timestamp} = "none"; - return; -} - - -#=== FUNCTION ================================================================ -# NAME: -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub update_known_hosts_entry { - my ($hostname, $status, $passwd, $timestamp) = @_; - my ($seconds, $minutes, $hours, $monthday, $month, - $year, $weekday, $yearday, $sommertime) = localtime(time); - $hours = $hours < 10 ? $hours = "0".$hours : $hours; - $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes; - $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds; - $month+=1; - $month = $month < 10 ? $month = "0".$month : $month; - $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; - $year+=1900; - my $t = "$year$month$monthday$hours$minutes$seconds"; - - if($status) { - $known_hosts->{$hostname}->{status} = $status; - } - if($passwd) { - $known_hosts->{$hostname}->{passwd} = $passwd; - } - if($timestamp) { - $t = $timestamp; - } - $known_hosts->{$hostname}->{timestamp} = $t; - return; -} - - -#=== FUNCTION ================================================================ -# NAME: -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub add_content2known_hosts { - my ($hostname, $element, $content) = @_; - my ($seconds, $minutes, $hours, $monthday, $month, - $year, $weekday, $yearday, $sommertime) = localtime(time); - $hours = $hours < 10 ? $hours = "0".$hours : $hours; - $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes; - $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds; - $month+=1; - $month = $month < 10 ? $month = "0".$month : $month; - $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; - $year+=1900; - my $t = "$year$month$monthday$hours$minutes$seconds"; - - $known_hosts->{$hostname}->{$element} = $content; - $known_hosts->{$hostname}->{timestamp} = $t; - return; -} - - -#=== FUNCTION ================================================================ -# NAME: -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub process_incoming_msg { - my ($crypted_msg) = @_; - if(not defined $crypted_msg) { - daemon_log("function 'process_incoming_msg': got no msg", 7); - } - $crypted_msg =~ /^([\s\S]*?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)$/; - $crypted_msg = $1; - my $host = sprintf("%s.%s.%s.%s", $2, $3, $4, $5); - daemon_log("msg from host:", 1); - daemon_log("\t$host", 1); - daemon_log("crypted msg:", 7); - daemon_log("\t$crypted_msg", 7); - - my $act_cipher = &create_ciphering($server_passwd); - - # try to decrypt incoming msg - my ($msg, $msg_hash); - eval{ - $msg = &decrypt_msg($crypted_msg, $act_cipher); - $msg_hash = $xml->XMLin($msg, ForceArray=>1); - }; - if($@) { - daemon_log("ERROR: incoming msg cannot be decrypted with server passwd", 1); - return; - } - - my $header = &get_content_from_xml_hash($msg_hash, "header"); - - daemon_log("header from msg:", 1); - daemon_log("\t$header", 1); - daemon_log("msg to process:", 7); - daemon_log("\t$msg", 7); - - #check whether msg to process is a event - opendir(DIR, $event_dir) - or daemon_log("cannot find directory $event_dir, no events specified", 5); - my $file_name; - while(defined($file_name = readdir(DIR))){ - if ($file_name eq "." || $file_name eq "..") { - next; - } - if ($file_name eq $header) { - my $cmd = "$event_dir/$file_name '$msg'"; - my $result_xml = ""; - open(PIPE, "$cmd 2>&1 |"); - while() { - $result_xml.=$_; - last; - } - close(PIPE); - my $res_hash = &transform_msg2hash($result_xml); - my $res_target = @{$res_hash->{target}}[0]; - &send_msg_hash2address($res_hash, $server_address); - - return; - } - } - close(DIR); - daemon_log("could not assign the msg $header to an event", 5); - - - - if ($header eq 'new_ldap_config') { &new_ldap_config($msg_hash)} - elsif ($header eq 'ping') { &got_ping($msg_hash) } - elsif ($header eq 'wake_up') { &execute_event($msg_hash)} - elsif ($header eq 'new_passwd') { &new_passwd()} - else { daemon_log("ERROR: no function assigned to msg $header", 5) } - - return; -} - - -#=== FUNCTION ================================================================ -# NAME: -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub update_status { - my ($new_status) = @_ ; - my $out_hash = &create_xml_hash("update_status", $client_address, $server_address); - &add_content2xml_hash($out_hash, "update_status", $new_status); - &send_msg_hash2address($out_hash, $server_address); - return; -} - - -#=== FUNCTION ================================================================ -# NAME: -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub server_leaving { - my ($msg_hash) = @_ ; - my $source = &get_content_from_xml_hash("source"); - my $header = &get_content_from_xml_hash("header"); - - daemon_log("gosa daemon $source is going down, cause registration procedure", 1); - my $server_address = "none"; - my $server_passwd = "none"; - my $server_cipher = "none"; - - # reinitialization of default values in config file - &read_configfile; - - # registrated at new daemon - ®ister_at_server(); - - return; -} - - -sub got_ping { - my ($msg_hash) = @_ ; - - my $source = &get_content_from_xml_hash($msg_hash, 'source'); - my $target = &get_content_from_xml_hash($msg_hash, 'target'); - my $header = &get_content_from_xml_hash($msg_hash, 'header'); - - &add_content2known_hosts(hostname=>$target, status=>$header); - - my $out_hash = &create_xml_hash("got_ping", $target, $source); - &send_msg_hash2address($out_hash, $source, $server_passwd); - - return; -} - - -sub new_ldap_config { - my ($msg_hash) = @_ ; - - my @gotoLdapServer = &get_content_from_xml_hash($msg_hash, "new_ldap_config"); - print Dumper @gotoLdapServer; - - - return; - -} - - -sub execute_event { - my ($msg_hash)= @_; - my $configdir= '/etc/gosac/events/'; - my $result; - - my $header = &get_content_from_xml_hash($msg_hash, 'header'); - my $source = &get_content_from_xml_hash($msg_hash, 'source'); - my $target = &get_content_from_xml_hash($msg_hash, 'target'); - - - if((not defined $source) - && (not defined $target) - && (not defined $header)) { - daemon_log("ERROR: Entries missing in XML msg for gosa events under /etc/gosac/events"); - } else { - my $parameters=""; - my @params = &get_content_from_xml_hash($msg_hash, $header); - my $params = join(", ", @params); - daemon_log("execute_event: got parameters: $params", 5); - - if (@params) { - foreach my $param (@params) { - my $param_value = (&get_content_from_xml_hash($msg_hash, $param))[0]; - daemon_log("execute_event: parameter -> value: $param -> $param_value", 7); - $parameters.= " ".$param_value; - } - } - - my $cmd= $configdir.$header."$parameters"; - daemon_log("execute_event: executing cmd: $cmd", 7); - $result= ""; - open(PIPE, "$cmd 2>&1 |"); - while() { - $result.=$_; - } - close(PIPE); - } - - # process the event result - - - return; -} - - -sub new_passwd { - # my ($msg_hash) = @_ ; - my $new_server_passwd = &create_passwd(); - my $new_server_cipher = &create_ciphering($new_server_passwd); - - my $out_hash = &create_xml_hash("new_passwd", $client_address, $server_address, $new_server_passwd); - - &send_msg_hash2address($out_hash, $server_address, $server_passwd); - - $server_passwd = $new_server_passwd; - $server_cipher = $new_server_cipher; - return; -} - - - - -#==== MAIN = main ============================================================== - -# parse commandline options -Getopt::Long::Configure( "bundling" ); -GetOptions("h|help" => \&usage, - "c|config=s" => \$cfg_file, - "f|foreground" => \$foreground, - "v|verbose+" => \$verbose, - ); - -# read and set config parameters -&check_cmdline_param ; -&read_configfile; -&check_pid; - -# restart daemon log file -if(-e $log_file ) { unlink $log_file } -daemon_log("started!"); - -# Just fork, if we"re not in foreground mode -if( ! $foreground ) { $pid = fork(); } -else { $pid = $$; } - -# Do something useful - put our PID into the pid_file -if( 0 != $pid ) { - open( LOCK_FILE, ">$pid_file" ); - print LOCK_FILE "$pid\n"; - close( LOCK_FILE ); - if( !$foreground ) { exit( 0 ) }; -} - -# detect own ip and mac address -($client_ip, $client_mac_address) = &get_ip_and_mac(); -if (not defined $client_ip) { - die "EXIT: ip address of $0 could not be detected"; -} -daemon_log("client ip address detected: $client_ip", 1); -daemon_log("client mac address detected: $client_mac_address", 1); - -# prepare variables -if (defined $server_ip && defined $server_port) { - $server_address = $server_ip.":".$server_port; -} -$client_address = $client_ip.":".$client_port; - -# setup xml parser -$xml = new XML::Simple(); - -# create input socket -$rbits = $wbits = $ebits = ""; -$input_socket = IO::Socket::INET->new(LocalPort => $client_port, - Type => SOCK_STREAM, - Reuse => 1, - Listen => 20, - ); -if(not defined $input_socket){ - daemon_log("cannot be a tcp server at $client_port : $@\n"); -} else { - daemon_log("start server:\n\t$server_ip:$client_port",1) ; - vec($rbits, fileno $input_socket, 1) = 1; - vec($wbits, fileno $input_socket, 1) = 1; -} - -# register at server -®ister_at_server(); - - -############## -# Debugging -############# -#sleep(2); -#&update_status("ich_bin_ein_neuer_status"); - -################################### -#everything ready, okay, lets start -################################### -while(1) { - my ($rout, $wout); - my $nf = select($rout=$rbits, $wout=$wbits, undef, undef); - - # error handling - if($nf < 0 ) { - } - - # something is coming in - if(vec $rout, fileno $input_socket, 1) { - my $client = $input_socket->accept(); - my $other_end = getpeername($client); - - if(not defined $other_end) { - daemon_log("client cannot be identified: $!"); - } else { - my ($port, $iaddr) = unpack_sockaddr_in($other_end); - my $actual_ip = inet_ntoa($iaddr); - daemon_log("accept client from $actual_ip", 5); - my $in_msg = &read_from_socket($client); - if(defined $in_msg){ - chomp($in_msg); - $in_msg = $in_msg.".".$actual_ip; - &process_incoming_msg($in_msg); - - } - } - } -} - - - - diff --git a/contrib/daemon/gosa-si-client.conf-template b/contrib/daemon/gosa-si-client.conf-template deleted file mode 100644 index 0c65e2cad..000000000 --- a/contrib/daemon/gosa-si-client.conf-template +++ /dev/null @@ -1,13 +0,0 @@ -[general] -log_file = /var/log/gosa-si-client.log -pid_file = /var/run/gosa-si-client.pid - -[client] -client_port = 20083 - -[server] -server_ip = 127.0.0.1 -server_port = 20081 -server_passwd = secret-server-password -server_timeout = 5 -server_domain = intranet.gonicus.de diff --git a/contrib/daemon/gosa-si-server b/contrib/daemon/gosa-si-server deleted file mode 100755 index 096637417..000000000 --- a/contrib/daemon/gosa-si-server +++ /dev/null @@ -1,2025 +0,0 @@ -#!/usr/bin/perl -#=============================================================================== -# -# FILE: gosa-sd -# -# USAGE: ./gosa-sd -# -# DESCRIPTION: -# -# OPTIONS: --- -# REQUIREMENTS: libconfig-inifiles-perl libcrypt-rijndael-perl libxml-simple-perl libipc-shareable-perl libdata-dumper-simple-perl -# BUGS: --- -# NOTES: -# AUTHOR: (Andreas Rettenberger), -# COMPANY: -# VERSION: 1.0 -# CREATED: 12.09.2007 08:54:41 CEST -# REVISION: --- -#=============================================================================== - - -use strict; -use warnings; -use Getopt::Long; -use Config::IniFiles; -use POSIX; -use Time::HiRes qw( gettimeofday ); - -use Fcntl; -use IO::Socket::INET; -use Crypt::Rijndael; -use MIME::Base64; -use Digest::MD5 qw(md5 md5_hex md5_base64); -use XML::Simple; -use Data::Dumper; -use Sys::Syslog qw( :DEFAULT setlogsock); -use Cwd; -use File::Spec; -use IPC::Shareable qw( :lock); -IPC::Shareable->clean_up_all; - -use lib "/etc/gosad/modules"; -my $modules_path = "/etc/gosad/modules"; - -my ($cfg_file, %cfg_defaults, $foreground, $verbose, $ping_timeout, $no_bus); -my ($bus, $msg_to_bus, $bus_cipher); -my ($server, $server_mac_address, $server_events); -my ($gosa_server); -my ($known_daemons, $shmda, $known_clients, $shmcl, $known_modules); -my ($max_clients); -my ($pid_file, $procid, $pid, $log_file); -my (%free_child, %busy_child, $child_max, $child_min, %child_alive_time, $child_timeout); -my ($arp_activ, $arp_fifo, $arp_fifo_path, $no_arp); - -# variables declared in config file are always set to 'our' -our (%cfg_defaults, $log_file, $pid_file, - $bus_activ, $bus_passwd, $bus_ip, $bus_port, - $server_activ, $server_ip, $server_port, $server_passwd, $max_clients, - $arp_activ, $arp_fifo_path, - $gosa_activ, $gosa_passwd, $gosa_ip, $gosa_port, $gosa_timeout, -); - -# additional variable which should be globaly accessable -our $xml; -our $server_address; -our $bus_address; -our $gosa_address; - -# specifies the verbosity of the daemon_log -$verbose = 0 ; - -# if foreground is not null, script will be not forked to background -$foreground = 0 ; - -# specifies the timeout seconds while checking the online status of a registrating client -$ping_timeout = 5; - -$no_bus = 0; - -$no_arp = 0; - -# holds all other gosa-sd as well as the gosa-sd-bus -our $known_daemons = {}; -our $shmda = tie($known_daemons, 'IPC::Shareable', undef, {create => 1, - exclusive => 1, - mode => 0666, - destroy => 1, - }); -# holds all registrated clients -our $known_clients = {}; -our $shmcl = tie($known_clients, 'IPC::Shareable', undef, {create => 1, - exclusive => 1, - mode => 0666, - destroy => 1, - }); - - -%cfg_defaults = -("general" => - {"log_file" => [\$log_file, "/var/run/".$0.".log"], - "pid_file" => [\$pid_file, "/var/run/".$0.".pid"], - "child_max" => [\$child_max, 10], - "child_min" => [\$child_min, 3], - "child_timeout" => [\$child_timeout, 180], - }, -"bus" => - {"bus_activ" => [\$bus_activ, "on"], - "bus_passwd" => [\$bus_passwd, ""], - "bus_ip" => [\$bus_ip, ""], - "bus_port" => [\$bus_port, "20080"], - }, -"server" => - {"server_activ" => [\$server_activ, "on"], - "server_ip" => [\$server_ip, ""], - "server_port" => [\$server_port, "20081"], - "server_passwd" => [\$server_passwd, ""], - "max_clients" => [\$max_clients, 100], - }, -"arp" => - {"arp_activ" => [\$arp_activ, "on"], - "arp_fifo_path" => [\$arp_fifo_path, "/var/run/gosa-si/arp-notify"], - }, -"gosa" => - {"gosa_activ" => [\$gosa_activ, "on"], - "gosa_ip" => [\$gosa_ip, ""], - "gosa_port" => [\$gosa_port, "20082"], - "gosa_passwd" => [\$gosa_passwd, "none"], - }, - ); - - -#=== FUNCTION ================================================================ -# NAME: usage -# PARAMETERS: nothing -# RETURNS: nothing -# DESCRIPTION: print out usage text to STDERR -#=============================================================================== -sub usage { - print STDERR << "EOF" ; -usage: $0 [-hvf] [-c config] - - -h : this (help) message - -c : config file - -f : foreground, process will not be forked to background - -v : be verbose (multiple to increase verbosity) -EOF - print "\n" ; -} - - -#=== FUNCTION ================================================================ -# NAME: read_configfile -# PARAMETERS: cfg_file - string - -# RETURNS: nothing -# DESCRIPTION: read cfg_file and set variables -#=============================================================================== -sub read_configfile { - my $cfg; - if( defined( $cfg_file) && ( length($cfg_file) > 0 )) { - if( -r $cfg_file ) { - $cfg = Config::IniFiles->new( -file => $cfg_file ); - } else { - print STDERR "Couldn't read config file!"; - } - } else { - $cfg = Config::IniFiles->new() ; - } - foreach my $section (keys %cfg_defaults) { - foreach my $param (keys %{$cfg_defaults{ $section }}) { - my $pinfo = $cfg_defaults{ $section }{ $param }; - ${@$pinfo[ 0 ]} = $cfg->val( $section, $param, @$pinfo[ 1 ] ); - } - } -} - - -#=== FUNCTION ================================================================ -# NAME: logging -# PARAMETERS: level - string - default 'info' -# msg - string - -# facility - string - default 'LOG_DAEMON' -# RETURNS: nothing -# DESCRIPTION: function for logging -#=============================================================================== -sub daemon_log { -# log into log_file - my( $msg, $level ) = @_; - if(not defined $msg) { return } - if(not defined $level) { $level = 1 } - if(defined $log_file){ - open(LOG_HANDLE, ">>$log_file"); - if(not defined open( LOG_HANDLE, ">>$log_file" )) { - print STDERR "cannot open $log_file: $!"; - return } - chomp($msg); - if($level <= $verbose){ - print LOG_HANDLE "$level $msg\n"; - if(defined $foreground) { print $msg."\n" } - } - } - close( LOG_HANDLE ); -#log into syslog -# my ($msg, $level, $facility) = @_; -# if(not defined $msg) {return} -# if(not defined $level) {$level = "info"} -# if(not defined $facility) {$facility = "LOG_DAEMON"} -# openlog($0, "pid,cons,", $facility); -# syslog($level, $msg); -# closelog; -# return; -} - - -#=== FUNCTION ================================================================ -# NAME: check_cmdline_param -# PARAMETERS: nothing -# RETURNS: nothing -# DESCRIPTION: validates commandline parameter -#=============================================================================== -sub check_cmdline_param () { - my $err_config; - my $err_counter = 0; - if( not defined( $cfg_file)) { - #$err_config = "please specify a config file"; - #$err_counter += 1; - my $cwd = getcwd; - my $name = "/etc/gosa/gosa-si-server.conf"; - $cfg_file = File::Spec->catfile( $cwd, $name ); - print STDERR "no conf file specified\n try to use default: $cfg_file\n"; - } - if( $err_counter > 0 ) { - &usage( "", 1 ); - if( defined( $err_config)) { print STDERR "$err_config\n"} - print STDERR "\n"; - exit( -1 ); - } -} - - -#=== FUNCTION ================================================================ -# NAME: check_pid -# PARAMETERS: nothing -# RETURNS: nothing -# DESCRIPTION: handels pid processing -#=============================================================================== -sub check_pid { - $pid = -1; - # Check, if we are already running - if( open(LOCK_FILE, "<$pid_file") ) { - $pid = ; - if( defined $pid ) { - chomp( $pid ); - if( -f "/proc/$pid/stat" ) { - my($stat) = `cat /proc/$pid/stat` =~ m/$pid \((.+)\).*/; - if( $0 eq $stat ) { - close( LOCK_FILE ); - exit -1; - } - } - } - close( LOCK_FILE ); - unlink( $pid_file ); - } - - # create a syslog msg if it is not to possible to open PID file - if (not sysopen(LOCK_FILE, $pid_file, O_WRONLY|O_CREAT|O_EXCL, 0644)) { - my($msg) = "Couldn't obtain lockfile '$pid_file' "; - if (open(LOCK_FILE, '<', $pid_file) - && ($pid = )) - { - chomp($pid); - $msg .= "(PID $pid)\n"; - } else { - $msg .= "(unable to read PID)\n"; - } - if( ! ($foreground) ) { - openlog( $0, "cons,pid", "daemon" ); - syslog( "warning", $msg ); - closelog(); - } - else { - print( STDERR " $msg " ); - } - exit( -1 ); - } -} - - -#=== FUNCTION ================================================================ -# NAME: get_ip_and_mac -# PARAMETERS: nothing -# RETURNS: (ip, mac) -# DESCRIPTION: executes /sbin/ifconfig and parses the output, the first occurence -# of a inet address is returned as well as the mac address in the line -# above the inet address -#=============================================================================== -sub get_ip_and_mac { - my $ip = "0.0.0.0.0"; # Defualt-IP - my $mac = "00:00:00:00:00:00"; # Default-MAC - my @ifconfig = qx(/sbin/ifconfig); - foreach(@ifconfig) { - if (/Hardware Adresse (\S{2}):(\S{2}):(\S{2}):(\S{2}):(\S{2}):(\S{2})/) { - $mac = "$1:$2:$3:$4:$5:$6"; - next; - } - if (/inet Adresse:(\d+).(\d+).(\d+).(\d+)/) { - $ip = "$1.$2.$3.$4"; - last; - } - } - return ($ip, $mac); -} - - - -#=== FUNCTION ================================================================ -# NAME: import_modules -# PARAMETERS: module_path - string - abs. path to the directory the modules are stored -# RETURNS: nothing -# DESCRIPTION: each file in module_path which ends with '.pm' is imported by "require 'file';" -#=============================================================================== -sub import_modules { - daemon_log(" ", 1); - - if (not -e $modules_path) { - daemon_log("ERROR: cannot find directory or directory is not readable: $modules_path", 1); - } - - opendir (DIR, $modules_path) or die "ERROR while loading modules from directory $modules_path : $!\n"; - while (defined (my $file = readdir (DIR))) { - if (not $file =~ /(\S*?).pm$/) { - next; - } - eval { require $file; }; - if ($@) { - daemon_log("ERROR: gosa-sd could not load module $file", 1); - daemon_log("$@", 5); - next; - } - my $mod_name = $1; - my $module_tag_hash = eval( $mod_name.'::get_module_tags()' ); - $known_modules->{$mod_name} = $module_tag_hash; - - daemon_log("load module $mod_name", 1); - } - - # for debugging - #while ( my ($module, $tag_hash) = each(%$known_modules)) { - # print "\tmodule: $module"."\n"; - # print "\ttags: ".join(", ", keys(%$tag_hash))."\n"; - #} - close (DIR); -} - - -#=== FUNCTION ================================================================ -# NAME: register_at_bus -# PARAMETERS: nothing -# RETURNS: nothing -# DESCRIPTION: creates an entry in known_daemons and send a 'here_i_am' msg to bus -#=============================================================================== -sub register_at_bus { - - # create known_daemons entry - &create_known_daemon($bus_address); - &add_content2known_daemons(hostname=>$bus_address, status=>"register_at_bus", passwd=>$bus_passwd); - daemon_log("register at bus: $bus_address", 1); - - my $msg_hash = &create_xml_hash("here_i_am", "$server_ip:$server_port", $bus_address); - &send_msg_hash2address($msg_hash, $bus_address); - return; -} - - -#=== FUNCTION ================================================================ -# NAME: sig_int_handler -# PARAMETERS: signal - string - signal arose from system -# RETURNS: noting -# DESCRIPTION: handels tasks to be done befor signal becomes active -#=============================================================================== -sub sig_int_handler { - my ($signal) = @_; - if($server){ - close($server); - daemon_log("daemon server closed", 1); - } - if( -p $arp_fifo_path ) { - close $arp_fifo ; - unlink($arp_fifo_path) ; - daemon_log("ARP_FIFO closed", 1) ; - } - - if($gosa_server){ - close($gosa_server); - daemon_log("gosa server closed", 1); - } - - print STDERR "$signal\n"; - - exit(1); -} -$SIG{INT} = \&sig_int_handler; - - -#=== FUNCTION ================================================================ -# NAME: activating_child -# PARAMETERS: msg - string - incoming message -# host - string - host from which the incomming message comes -# RETURNS: nothing -# DESCRIPTION: handels the distribution of incoming messages to working childs -#=============================================================================== -sub activating_child { - my ($msg, $host, $client) = @_; - my $child = &get_processing_child(); - my $pipe_wr = $$child{'pipe_wr'}; - my $pipe_rd = $$child{'pipe_rd'}; - $$child{client_ref} = $client; - daemon_log("activating: childpid:$$child{'pid'}", 5); - - print $pipe_wr $msg.".".$host."\n"; - -# if (defined $client) { -# my $rbits = ""; -# vec($rbits, fileno $client, 1) = 1; -# -# my ($rout); -# my $nf = select($rout=$rbits, undef, undef, $gosa_timeout); -# if($gosa_activ eq "on" && vec($rout, fileno $gosa_server, 1)) { -# -# } -# } - return; -} - - -#=== FUNCTION ================================================================ -# NAME: get_processing_child -# PARAMETERS: nothing -# RETURNS: child - hash - holding the process id and the references to the pipe -# handles pipe_wr and pipe_rd -# DESCRIPTION: handels the forking, reactivating and keeping alive tasks -#=============================================================================== -sub get_processing_child { - my $child; - # checking %busy_child{pipe_wr} if msg is 'done', then set child from busy to free -# while(my ($key, $val) = each(%busy_child)) { -# # test ob prozess noch existiert -# my $exitus_pid = waitpid($key, WNOHANG); -# if($exitus_pid != 0) { -# delete $busy_child{$key}; -# print "prozess:$key wurde aus busy_child entfernt\n"; -# next; -# } -# -# # check wether process sitll works -# my $fh = $$val{'pipe_rd'}; -# $fh->blocking(0); -# my $child_answer; -# if(not $child_answer = <$fh>) { next } -# chomp($child_answer); -# if($child_answer eq "done") { -# delete $busy_child{$key}; -# $free_child{$key} = $val; -# } -# } - - while(my ($key, $val) = each(%free_child)) { - my $exitus_pid = waitpid($key, WNOHANG); - if($exitus_pid != 0) { - delete $free_child{$key}; - } - daemon_log("free child:$key", 5); - } - # check @free_child and @busy_child - my $free_len = scalar(keys(%free_child)); - my $busy_len = scalar(keys(%busy_child)); - daemon_log("free children $free_len, busy children $busy_len", 5); - - # if there is a free child, let the child work - if($free_len > 0){ - my @keys = keys(%free_child); - $child = $free_child{$keys[0]}; - if(defined $child) { - $busy_child{$$child{'pid'}} = $child ; - delete $free_child{$$child{'pid'}}; - } - return $child; - } - - # no free child, try to fork another one - if($free_len + $busy_len < $child_max) { - - daemon_log("not enough children, create a new one", 5); - - # New pipes for communication - my( $PARENT_wr, $PARENT_rd ); - my( $CHILD_wr, $CHILD_rd ); - pipe( $CHILD_rd, $PARENT_wr ); - pipe( $PARENT_rd, $CHILD_wr ); - $PARENT_wr->autoflush(1); - $CHILD_wr->autoflush(1); - - ############ - # fork child - ############ - my $child_pid = fork(); - - #CHILD - if($child_pid == 0) { - # Close unused pipes - close( $CHILD_rd ); - close( $CHILD_wr ); - while( 1 ) { - my $rbits = ""; - vec( $rbits, fileno $PARENT_rd , 1 ) = 1; - my $nf = select($rbits, undef, undef, $child_timeout); - if($nf < 0 ) { - die "select(): $!\n"; - } elsif (! $nf) { - # if already child_min childs are alive, then leave loop - $free_len = scalar(keys(%free_child)); - $busy_len = scalar(keys(%busy_child)); - if($free_len + $busy_len >= $child_min) { - last; - } else { - redo; - } - } - - # a job for a child arise - if ( vec $rbits, fileno $PARENT_rd, 1 ) { - # read everything from pipe - my $msg = ""; - $PARENT_rd->blocking(0); - while(1) { - my $read = <$PARENT_rd>; - if(not defined $read) { last} - $msg .= $read; - } - - ###################################### - # forward msg to all imported modules - no strict "refs"; - my $answer; - while( my ($module, $tag_hash) = each(%$known_modules)) { - #if(exists $known_modules->{$module}->{server_packages}) { - my $tmp = &{ $module."::process_incoming_msg" }($msg); - if (defined $tmp) { - $answer = $tmp; - } - #} - } - - &print_known_daemons(); - &print_known_clients(); - - daemon_log("processing of msg finished", 5); - - if (defined $answer) { - print $PARENT_wr $answer."\n"; - daemon_log("\t$answer", 5); - daemon_log(" ", 5); - } else { - print $PARENT_wr "done"."\n"; - daemon_log(" ", 5); - } - redo; - } - } - # childs leaving the loop are allowed to die - exit(0); - - - #PARENT - } else { - # Close unused pipes - close( $PARENT_rd ); - close( $PARENT_wr ); - - # add child to child alive hash - my %child_hash = ( - 'pid' => $child_pid, - 'pipe_wr' => $CHILD_wr, - 'pipe_rd' => $CHILD_rd, - 'client_ref' => "", - ); - - $child = \%child_hash; - $busy_child{$$child{'pid'}} = $child; - return $child; - } - } -} - - -#=== FUNCTION ================================================================ -# NAME: process_incoming_msg -# PARAMETERS: crypted_msg - string - incoming crypted message -# RETURNS: nothing -# DESCRIPTION: handels the proceeded distribution to the appropriated functions -#=============================================================================== -sub process_incoming_msg { - my ($crypted_msg) = @_; - if(not defined $crypted_msg) { - daemon_log("function 'process_incoming_msg': got no msg", 7); - } - $crypted_msg =~ /^([\s\S]*?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)$/; - $crypted_msg = $1; - my $host = sprintf("%s.%s.%s.%s", $2, $3, $4, $5); - daemon_log("msg from host:", 1); - daemon_log("\t$host", 1); - #daemon_log("crypted msg:", 7); - #daemon_log("\t$crypted_msg", 7); - - # collect addresses from possible incoming clients - my @valid_keys; - my @host_keys = keys %$known_daemons; - foreach my $host_key (@host_keys) { - if($host_key =~ "^$host") { - push(@valid_keys, $host_key); - } - } - my @client_keys = keys %$known_clients; - foreach my $client_key (@client_keys) { - if($client_key =~ "^$host"){ - push(@valid_keys, $client_key); - } - } - push(@valid_keys, $server_address); - - my $l = @valid_keys; - my ($msg, $msg_hash); - my $msg_flag = 0; - - # determine the correct passwd for deciphering of the incoming msgs - foreach my $host_key (@valid_keys) { - eval{ - daemon_log( "key: $host_key", 7); - my $key_passwd; - if (exists $known_daemons->{$host_key}) { - $key_passwd = $known_daemons->{$host_key}->{passwd}; - } elsif (exists $known_clients->{$host_key}) { - $key_passwd = $known_clients->{$host_key}->{passwd}; - } elsif ($host_key eq $server_address) { - $key_passwd = $server_passwd; - } - daemon_log("key_passwd: $key_passwd", 7); - my $key_cipher = &create_ciphering($key_passwd); - $msg = &decrypt_msg($crypted_msg, $key_cipher); - $msg_hash = $xml->XMLin($msg, ForceArray=>1); - }; - if($@) { - daemon_log("key raise error", 7); - $msg_flag += 1; - } else { - last; - } - } - - if($msg_flag >= $l) { - daemon_log("ERROR: do not understand the message:", 1); - daemon_log("\t$msg", 1); - return; - } - - # process incoming msg - my $header = &get_content_from_xml_hash($msg_hash, "header"); - my $source = @{$msg_hash->{source}}[0]; - - daemon_log("header from msg:", 1); - daemon_log("\t$header", 1); - daemon_log("msg to process:", 5); - daemon_log("\t$msg", 5); - - my @targets = @{$msg_hash->{target}}; - my $len_targets = @targets; - if ($len_targets == 0){ - daemon_log("ERROR: no target specified for msg $header", 1); - - } elsif ($len_targets == 1){ - # we have only one target symbol - - my $target = $targets[0]; - daemon_log("msg is for:", 7); - daemon_log("\t$target", 7); - - if ($target eq $server_address) { - # msg is for server - if ($header eq 'new_passwd'){ &new_passwd($msg_hash)} - elsif ($header eq 'here_i_am') { &here_i_am($msg_hash)} - elsif ($header eq 'who_has') { &who_has($msg_hash) } - elsif ($header eq 'who_has_i_do') { &who_has_i_do($msg_hash)} - elsif ($header eq 'update_status') { &update_status($msg_hash) } - #elsif ($header eq 'got_ping') { &got_ping($msg_hash)} - elsif ($header eq 'get_load') { &execute_actions($msg_hash)} - else { daemon_log("ERROR: no function assigned to this msg", 5) } - - - } elsif ($target eq "*") { - # msg is for all clients - - my @target_addresses = keys(%$known_clients); - foreach my $target_address (@target_addresses) { - if ($target_address eq $source) { next; } - $msg_hash->{target} = [$target_address]; - &send_msg_hash2address($msg_hash, $target_address); - } - } else { - # msg is for one client - - if (exists $known_clients->{$target}) { - # target is known - - &send_msg_hash2address($msg_hash, $target); - } else { - # target is not known - - daemon_log("ERROR: target $target is not known in known_clients", 1); - } - } - } else { - # we have multiple target symbols - - my $target_string = join(", ", @targets); - daemon_log("msg is for:", 7); - daemon_log("\t$target_string", 7); - - my $target_address; - foreach $target_address (@targets) { - if (exists $known_clients->{$target_address}) { - # target_address is known - - &send_msg_hash2address($msg_hash, $target_address); - daemon_log("server forwards msg $header to client $target_address", 3); - } else { - # target is not known - - daemon_log("ERROR: target $target_address is not known in known_clients", 1); - } - } - - - } - - return; -} - - -#=== FUNCTION ================================================================ -# NAME: open_socket -# PARAMETERS: PeerAddr string something like 192.168.1.1 or 192.168.1.1:10000 -# [PeerPort] string necessary if port not appended by PeerAddr -# RETURNS: socket IO::Socket::INET -# DESCRIPTION: open a socket to PeerAddr -#=============================================================================== -sub open_socket { - my ($PeerAddr, $PeerPort) = @_ ; - if(defined($PeerPort)){ - $PeerAddr = $PeerAddr.":".$PeerPort; - } - my $socket; - $socket = new IO::Socket::INET(PeerAddr => $PeerAddr , - Porto => "tcp" , - Type => SOCK_STREAM, - Timeout => 5, - ); - if(not defined $socket) { - return; - } - daemon_log("open_socket:", 7); - daemon_log("\t$PeerAddr", 7); - return $socket; -} - - -#=== FUNCTION ================================================================ -# NAME: open_fifo -# PARAMETERS: $fifo_path -# RETURNS: 0: FIFO couldn"t be setup, 1: FIFO setup correctly -# DESCRIPTION: creates a FIFO at $fifo_path -#=============================================================================== -sub open_fifo { - my ($fifo_path) = @_ ; - if( -p $fifo_path ) { - daemon_log("FIFO at $fifo_path already exists! Is being deleted!", 1); - unlink($fifo_path); - } - POSIX::mkfifo($fifo_path, 0666) or die "can't mkfifo $fifo_path: $!"; - daemon_log( "FIFO started at $fifo_path", 1) ; - return 1; -} - - -#=== FUNCTION ================================================================ -# NAME: read_from_socket -# PARAMETERS: socket fh - -# RETURNS: result string - readed characters from socket -# DESCRIPTION: reads data from socket in 16 byte steps -#=============================================================================== -sub read_from_socket { - my ($socket) = @_; - my $result = ""; - - $socket->blocking(1); - $result = <$socket>; - - $socket->blocking(0); - while ( my $char = <$socket> ) { - if (not defined $char) { last } - $result .= $char; - } - -# my $len = 16; -# while($len == 16){ -# my $char; -# $len = sysread($socket, $char, 16); -# if($len != 16) { last } -# $result .= $char; -# } - return $result; -} - - -#=== FUNCTION ================================================================ -# NAME: create_xml_hash -# PARAMETERS: header - string - message header (required) -# source - string - where the message come from (required) -# target - string - where the message should go to (required) -# [header_value] - string - something usefull (optional) -# RETURNS: hash - hash - nomen est omen -# DESCRIPTION: creates a key-value hash, all values are stored in a array -#=============================================================================== -sub create_xml_hash { - my ($header, $source, $target, $header_value) = @_; - my $hash = { - header => [$header], - source => [$source], - target => [$target], - $header => [$header_value], - }; - #daemon_log("create_xml_hash:", 7), - #chomp(my $tmp = Dumper $hash); - #daemon_log("\t$tmp", 7); - return $hash -} - - -#=== FUNCTION ================================================================ -# NAME: create_xml_string -# PARAMETERS: xml_hash - hash - hash from function create_xml_hash -# RETURNS: xml_string - string - xml string representation of the hash -# DESCRIPTION: transform the hash to a string using XML::Simple module -#=============================================================================== -sub create_xml_string { - my ($xml_hash) = @_ ; - my $xml_string = $xml->XMLout($xml_hash, RootName => 'xml'); - $xml_string =~ s/[\n]+//g; - #daemon_log("create_xml_string:",7); - #daemon_log("$xml_string\n", 7); - return $xml_string; -} - - -#=== FUNCTION ================================================================ -# NAME: add_content2xml_hash -# PARAMETERS: xml_ref - ref - reference to a hash from function create_xml_hash -# element - string - key for the hash -# content - string - value for the hash -# RETURNS: nothing -# DESCRIPTION: add key-value pair to xml_ref, if key alread exists, then append value to list -#=============================================================================== -sub add_content2xml_hash { - my ($xml_ref, $element, $content) = @_; - if(not exists $$xml_ref{$element} ) { - $$xml_ref{$element} = []; - } - my $tmp = $$xml_ref{$element}; - push(@$tmp, $content); - return; -} - - -#=== FUNCTION ================================================================ -# NAME: get_content_from_xml_hash -# PARAMETERS: xml_ref - ref - reference of the xml hash -# element - string - key of the value you want -# RETURNS: value - string - if key is either header, target or source -# value - list - for all other keys in xml hash -# DESCRIPTION: -#=============================================================================== -sub get_content_from_xml_hash { - my ($xml_ref, $element) = @_ ; - my $result = $xml_ref->{$element}; - if( $element eq "header" || $element eq "target" || $element eq "source") { - return @$result[0]; - } - return @$result; -} - - -#=== FUNCTION ================================================================ -# NAME: encrypt_msg -# PARAMETERS: msg - string - message to encrypt -# my_cipher - ref - reference to a Crypt::Rijndael object -# RETURNS: crypted_msg - string - crypted message -# DESCRIPTION: crypts the incoming message with the Crypt::Rijndael module -#=============================================================================== -sub encrypt_msg { - my ($msg, $my_cipher) = @_; - if(not defined $my_cipher) { print "no cipher object\n"; } - $msg = "\0"x(16-length($msg)%16).$msg; - my $crypted_msg = $my_cipher->encrypt($msg); - chomp($crypted_msg = &encode_base64($crypted_msg)); - return $crypted_msg; -} - - -#=== FUNCTION ================================================================ -# NAME: decrypt_msg -# PARAMETERS: crypted_msg - string - message to decrypt -# my_cipher - ref - reference to a Crypt::Rijndael object -# RETURNS: msg - string - decrypted message -# DESCRIPTION: decrypts the incoming message with the Crypt::Rijndael module -#=============================================================================== -sub decrypt_msg { - my ($crypted_msg, $my_cipher) = @_ ; - $crypted_msg = &decode_base64($crypted_msg); - my $msg = $my_cipher->decrypt($crypted_msg); - $msg =~ s/\0*//g; - return $msg; -} - - -#=== FUNCTION ================================================================ -# NAME: create_ciphering -# PARAMETERS: passwd - string - used to create ciphering -# RETURNS: cipher - object -# DESCRIPTION: creates a Crypt::Rijndael::MODE_CBC object with passwd as key -#=============================================================================== -sub create_ciphering { - my ($passwd) = @_; - $passwd = substr(md5_hex("$passwd") x 32, 0, 32); - my $iv = substr(md5_hex('GONICUS GmbH'),0, 16); - - #daemon_log("iv: $iv", 7); - #daemon_log("key: $passwd", 7); - my $my_cipher = Crypt::Rijndael->new($passwd , Crypt::Rijndael::MODE_CBC()); - $my_cipher->set_iv($iv); - return $my_cipher; -} - - -#=== FUNCTION ================================================================ -# NAME: send_msg_hash2address -# PARAMETERS: msg_hash - hash - xml_hash created with function create_xml_hash -# PeerAddr string - socket address to send msg -# PeerPort string - socket port, if not included in socket address -# RETURNS: nothing -# DESCRIPTION: ???? -#=============================================================================== -sub send_msg_hash2address { - my ($msg_hash, $address, $passwd) = @_ ; - - # fetch header for logging - my $header = &get_content_from_xml_hash($msg_hash, "header"); - - # generate xml string - my $msg_xml = &create_xml_string($msg_hash); - - # fetch the appropriated passwd from hash - if(not defined $passwd) { - if(exists $known_daemons->{$address}) { - $passwd = $known_daemons->{$address}->{passwd}; - } elsif(exists $known_clients->{$address}) { - $passwd = $known_clients->{$address}->{passwd}; - - } else { - daemon_log("$address not known, neither as server nor as client", 1); - return; - } - } - - # create ciphering object - my $act_cipher = &create_ciphering($passwd); - - # encrypt xml msg - my $crypted_msg = &encrypt_msg($msg_xml, $act_cipher); - - # opensocket - my $socket = &open_socket($address); - if(not defined $socket){ - daemon_log( "cannot send '$header'-msg to $address , server not reachable", 5); - - if (exists $known_clients->{$address}) { - if ($known_clients->{$address}->{status} eq "down") { - # if status of not reachable client is already 'down', then delete client from known_clients - &clean_up_known_clients($address); - - } else { - # update status to 'down' - &update_known_clients(hostname=>$address, status=>"down"); - - } - } - return; - } - - # send xml msg - print $socket $crypted_msg."\n"; - - close $socket; - - daemon_log("send '$header'-msg to $address", 1); - - daemon_log("$msg_xml", 5); - - #daemon_log("crypted message:",7); - #daemon_log("\t$crypted_msg", 7); - - # update status of client in known_clients with last send msg - if(exists $known_daemons->{$address}) { - #&update_known_daemons(); - } elsif(exists $known_clients->{$address}) { - &update_known_clients(hostname=>$address, status=>$header); - } - - return; -} - - -#=== FUNCTION ================================================================ -# NAME: send_msg_hash2bus -# PARAMETERS: msg_hash - hash - xml_hash created with function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: ???? -#=============================================================================== -sub send_msg_hash2bus { - my($msg_hash) = @_; - - # fetch header for logging - my $header = &get_content_from_xml_hash($msg_hash, "header"); - - # generate xml string - my $msg_xml = &create_xml_string($msg_hash); - - # encrypt xml msg - my $crypted_msg = &encrypt_msg($msg_xml, $bus_cipher); - - # open socket - my $socket = &open_socket($bus_address); - if(not defined $socket){ - daemon_log( "cannot send '$header'-msg to $bus_address , bus not reachable", 5); - return; - } - - # send xml msg - print $socket $crypted_msg."\n"; - - close $socket; - - - daemon_log("send '$header'-msg to bus", 1); - daemon_log("$msg_xml", 5); - #daemon_log("crypted msg:",7); - #daemon_log("\t$crypted_msg", 7); - - return; -} - - - - - - - -##=== FUNCTION ================================================================ -## NAME: new_passwd -## PARAMETERS: msg_hash - ref - hash from function create_xml_hash -## RETURNS: nothing -## DESCRIPTION: process this incoming message -##=============================================================================== -#sub new_passwd { -# my ($msg_hash) = @_; -# -# my $source = &get_content_from_xml_hash($msg_hash, "source"); -# my $passwd = (&get_content_from_xml_hash($msg_hash, "new_passwd"))[0]; -# -# if (exists $known_daemons->{$source}) { -# &add_content2known_daemons(hostname=>$source, status=>"new_passwd", passwd=>$passwd); -# $bus_cipher = &create_ciphering($passwd); -# my $hash = &create_xml_hash("confirm_new_passwd", "$server_ip:$server_port", "$source"); -# &send_msg_hash2address($hash, $source); -# -# } elsif (exists $known_clients->{$source}) { -# &add_content2known_clients(hostname=>$source, status=>"new_passwd", passwd=>$passwd); -# -# } else { -# daemon_log("ERROR: $source not known, neither in known_daemons nor in known_clients", 1) -# } -# -# return; -#} - - -##=== FUNCTION ================================================================ -## NAME: make ping -## PARAMETERS: address - string - address which should be pinged -## RETURNS: nothing -## DESCRIPTION: send ping message to address -##=============================================================================== -#sub make_ping { -# my ($msg_hash) = @_; -# -# my $source = &get_content_from_xml_hash($msg_hash, "source"); -# my $target = &get_content_from_xml_hash($msg_hash, "target"); -# -# print "make_ping:$source\n"; -# my $out_hash = &create_xml_hash("ping", $target, $source); -# &send_msg_hash2address($out_hash, $source); -# return; -#} - - -##=== FUNCTION ================================================================ -## NAME: got_ping -## PARAMETERS: msg_hash - hash - hash from function create_xml_hash -## RETURNS: nothing -## DESCRIPTION: process this incoming message -##=============================================================================== -#sub got_ping { -# my ($msg_hash) = @_; -# -# my $source = &get_content_from_xml_hash($msg_hash, 'source'); -# my $target = &get_content_from_xml_hash($msg_hash, 'target'); -# my $header = &get_content_from_xml_hash($msg_hash, 'header'); -# -# if(exists $known_daemons->{$source}) { -# &add_content2known_daemons(hostname=>$source, status=>$header); -# } else { -# &add_content2known_clients(hostname=>$source, status=>$header); -# } -# -# return; -#} - - -##=== FUNCTION ================================================================ -## NAME: here_i_am -## PARAMETERS: msg_hash - hash - hash from function create_xml_hash -## RETURNS: nothing -## DESCRIPTION: process this incoming message -##=============================================================================== -#sub here_i_am { -# my ($msg_hash) = @_; -# -# my $source = &get_content_from_xml_hash($msg_hash, "source"); -# my $mac_address = (&get_content_from_xml_hash($msg_hash, "mac_address"))[0]; -# my $out_hash; -# -# # number of known clients -# my $nu_clients = keys %$known_clients; -# -# # check wether client address or mac address is already known -# if (exists $known_clients->{$source}) { -# daemon_log("WARNING: $source is already known as a client", 1); -# daemon_log("WARNING: values for $source are being overwritten", 1); -# $nu_clients --; -# } -# -# # number of actual activ clients -# my $act_nu_clients = $nu_clients; -# -# daemon_log("number of actual activ clients: $act_nu_clients", 5); -# daemon_log("number of maximal allowed clients: $max_clients", 5); -# -# if($max_clients <= $act_nu_clients) { -# my $out_hash = &create_xml_hash("denied", $server_address, $source); -# &add_content2xml_hash($out_hash, "denied", "I_cannot_take_any_more_clients!"); -# my $passwd = (&get_content_from_xml_hash($msg_hash, "new_passwd"))[0]; -# &send_msg_hash2address($out_hash, $source, $passwd); -# return; -# } -# -# # new client accepted -# my $new_passwd = (&get_content_from_xml_hash($msg_hash, "new_passwd"))[0]; -# -# # create known_daemons entry -# my $events = (&get_content_from_xml_hash($msg_hash, "events"))[0]; -# &create_known_client($source); -# &add_content2known_clients(hostname=>$source, events=>$events, mac_address=>$mac_address, -# status=>"registered", passwd=>$new_passwd); -# -# # return acknowledgement to client -# $out_hash = &create_xml_hash("registered", $server_address, $source); -# &send_msg_hash2address($out_hash, $source); -# -# # notify registered client to bus -# $out_hash = &create_xml_hash("new_client", $server_address, $bus_address, $source); -# &send_msg_hash2bus($out_hash); -# -# # give the new client his ldap config -# &new_ldap_config($source); -# -# return; -#} - - -#=== FUNCTION ================================================================ -# NAME: who_has -# PARAMETERS: msg_hash - hash - hash from function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: process this incoming message -#=============================================================================== -#sub who_has { -# my ($msg_hash) = @_ ; -# -# # what is your search pattern -# my $search_pattern = (&get_content_from_xml_hash($msg_hash, "who_has"))[0]; -# my $search_element = (&get_content_from_xml_hash($msg_hash, $search_pattern))[0]; -# daemon_log("who_has-msg looking for $search_pattern $search_element", 7); -# -# # scanning known_clients for search_pattern -# my @host_addresses = keys %$known_clients; -# my $known_clients_entries = length @host_addresses; -# my $host_address; -# foreach my $host (@host_addresses) { -# my $client_element = $known_clients->{$host}->{$search_pattern}; -# if ($search_element eq $client_element) { -# $host_address = $host; -# last; -# } -# } -# -# # search was successful -# if (defined $host_address) { -# my $source = @{$msg_hash->{source}}[0]; -# my $out_msg = &create_xml_hash("who_has_i_do", $server_address, $source, "mac_address"); -# &add_content2xml_hash($out_msg, "mac_address", $search_element); -# &send_msg_hash2address($out_msg, $bus_address); -# } -# return; -#} - - -#sub who_has_i_do { -# my ($msg_hash) = @_ ; -# my $header = &get_content_from_xml_hash($msg_hash, "header"); -# my $source = &get_content_from_xml_hash($msg_hash, "source"); -# my $search_param = (&get_content_from_xml_hash($msg_hash, $header))[0]; -# my $search_value = (&get_content_from_xml_hash($msg_hash, $search_param))[0]; -# print "\ngot msg $header:\nserver $source has client with $search_param $search_value\n"; -#} - - -#=== FUNCTION ================================================================ -# NAME: update_status -# PARAMETERS: msg_hash - hash - hash from function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: process this incoming message -#=============================================================================== -#sub update_status { -# my ($msg_hash) = @_; -# my $header = &get_content_from_xml_hash($msg_hash, "header"); -# my $source = &get_content_from_xml_hash($msg_hash, "source"); -# my $new_status = (&get_content_from_xml_hash($msg_hash, "update_status"))[0]; -# -# # find the source -# my $act_known_hash; -# if (exists $known_daemons->{$source}) { -# -# &add_content2known_daemons(hostname=>$source, status=>$new_status); -# } elsif (exists $known_clients->{$source}) { -# &update_known_clients(hostname=>$source, status=>$new_status); -# #&add_content2known_clients(hostname=>$source, status=>$new_status); -# } else { -# daemon_log("ERROR: got $header-msg, but cannot find $source in my hashes, unable to update status", 1); -# return; -# } -# -# return; -#} - - -##=== FUNCTION ================================================================ -## NAME: new_ldap_config -## PARAMETERS: address - string - ip address and port of a host -## RETURNS: nothing -## DESCRIPTION: send to address the ldap configuration found for dn gotoLdapServer -##=============================================================================== -#sub new_ldap_config { -# my ($address) = @_ ; -# -# if (not exists $known_clients->{$address}) { -# daemon_log("ERROR: $address does not exist in known_clients, cannot send him his ldap config", 1); -# return; -# } -# -# my $mac_address = $known_clients->{$address}->{"mac_address"}; -# if (not defined $mac_address) { -# daemon_log("ERROR: no mac address found for client $address", 1); -# return; -# } -# -# # fetch dn -# my $goHard_cmd = "ldapsearch -x '(&(objectClass=goHard)(macAddress=00:11:22:33:44:57))' dn gotoLdapServer"; -# my $dn; -# my @gotoLdapServer; -# open (PIPE, "$goHard_cmd 2>&1 |"); -# while() { -# chomp $_; -# # If it's a comment, goto next -# if ($_ =~ m/^[#]/) { next;} -# if ($_ =~ m/^dn: ([\S]+?)$/) { -# $dn = $1; -# } elsif ($_ =~ m/^gotoLdapServer: ([\S]+?)$/) { -# push(@gotoLdapServer, $1); -# } -# } -# close(PIPE); -# -# # no dn found -# if (not defined $dn) { -# daemon_log("ERROR: no dn arose from command: $goHard_cmd", 1); -# return; -# } -# -# # no gotoLdapServer found -# my $gosaGroupOfNames_cmd = "ldapsearch -x '(&(objectClass=gosaGroupOfNames)(member=$dn))' gotoLdapServer"; -# if (@gotoLdapServer == 0) { -# open (PIPE, "$gosaGroupOfNames_cmd 2>&1 |"); -# while() { -# chomp $_; -# if ($_ =~ m/^[#]/) { next; } -# if ($_ =~ m/^gotoLdapServer: ([\S]+?)$/) { -# push(@gotoLdapServer, $1); -# } -# } -# close(PIPE); -# } -# -# # still no gotoLdapServer found -# if (@gotoLdapServer == 0) { -# daemon_log("ERROR: cannot find gotoLdapServer entry in command: $gosaGroupOfNames_cmd", 1); -# return; -# } -# -# # sort @gotoLdapServer and then split of ranking -# my @sorted_gotoLdapServer = sort(@gotoLdapServer); -# @gotoLdapServer = reverse(@sorted_gotoLdapServer); -# foreach (@gotoLdapServer) { -# $_ =~ s/^\d://; -# } -# -# my $t = join(" ", @gotoLdapServer); -# -# my $out_hash = &create_xml_hash("new_ldap_config", $server_address, $address); -# map(&add_content2xml_hash($out_hash, "new_ldap_config", $_), @gotoLdapServer); -# &send_msg_hash2address($out_hash, $address); -# -# return; -#} - - -##=== FUNCTION ================================================================ -## NAME: execute_actions -## PARAMETERS: msg_hash - hash - hash from function create_xml_hash -## RETURNS: nothing -## DESCRIPTION: invokes the script specified in msg_hash which is located under -## /etc/gosad/actions -##=============================================================================== -#sub execute_actions { -# my ($msg_hash) = @_ ; -# my $configdir= '/etc/gosad/actions/'; -# my $result; -# -# my $header = &get_content_from_xml_hash($msg_hash, 'header'); -# my $source = &get_content_from_xml_hash($msg_hash, 'source'); -# my $target = &get_content_from_xml_hash($msg_hash, 'target'); -# -# -# if((not defined $source) -# && (not defined $target) -# && (not defined $header)) { -# daemon_log("ERROR: Entries missing in XML msg for gosad actions under /etc/gosad/actions"); -# } else { -# my $parameters=""; -# my @params = &get_content_from_xml_hash($msg_hash, $header); -# my $params = join(", ", @params); -# daemon_log("execute_actions: got parameters: $params", 5); -# -# if (@params) { -# foreach my $param (@params) { -# my $param_value = (&get_content_from_xml_hash($msg_hash, $param))[0]; -# daemon_log("execute_actions: parameter -> value: $param -> $param_value", 7); -# $parameters.= " ".$param_value; -# } -# } -# -# my $cmd= $configdir.$header."$parameters"; -# daemon_log("execute_actions: executing cmd: $cmd", 7); -# $result= ""; -# open(PIPE, "$cmd 2>&1 |"); -# while() { -# $result.=$_; -# } -# close(PIPE); -# } -# -# # process the event result -# -# -# return; -#} - - -#=== FUNCTION ================================================================ -# NAME: print_known_daemons -# PARAMETERS: nothing -# RETURNS: nothing -# DESCRIPTION: nomen est omen -#=============================================================================== -sub print_known_daemons { - my ($tmp) = @_ ; - print "####################################\n"; - print "# status of known_daemons\n"; - $shmda->shlock(LOCK_EX); - my @hosts = keys %$known_daemons; - foreach my $host (@hosts) { - my $status = $known_daemons->{$host}->{status} ; - my $passwd = $known_daemons->{$host}->{passwd}; - my $timestamp = $known_daemons->{$host}->{timestamp}; - print "$host\n"; - print "\tstatus: $status\n"; - print "\tpasswd: $passwd\n"; - print "\ttimestamp: $timestamp\n"; - } - $shmda->shunlock(LOCK_EX); - print "####################################\n"; - return; -} - - -#=== FUNCTION ================================================================ -# NAME: create_known_daemon -# PARAMETERS: hostname - string - key for the hash known_daemons -# RETURNS: nothing -# DESCRIPTION: creates a dummy entry for hostname in known_daemons -#=============================================================================== -sub create_known_daemon { - my ($hostname) = @_; - $shmda->shlock(LOCK_EX); - $known_daemons->{$hostname} = {}; - $known_daemons->{$hostname}->{status} = "none"; - $known_daemons->{$hostname}->{passwd} = "none"; - $known_daemons->{$hostname}->{timestamp} = "none"; - $shmda->shunlock(LOCK_EX); - return; -} - - -#=== FUNCTION ================================================================ -# NAME: add_content2known_daemons -# PARAMETERS: hostname - string - ip address and port of host (required) -# status - string - (optional) -# passwd - string - (optional) -# mac_address - string - mac address of host (optional) -# RETURNS: nothing -# DESCRIPTION: nome est omen and updates each time the timestamp of hostname -#=============================================================================== -sub add_content2known_daemons { - my $arg = { - hostname => undef, status => undef, passwd => undef, - mac_address => undef, events => undef, - @_ }; - my $hostname = $arg->{hostname}; - my $status = $arg->{status}; - my $passwd = $arg->{passwd}; - my $mac_address = $arg->{mac_address}; - my $events = $arg->{events}; - - if (not defined $hostname) { - daemon_log("ERROR: function add_content2known_daemons is not invoked with requiered parameter 'hostname'", 1); - return; - } - - my ($seconds, $minutes, $hours, $monthday, $month, - $year, $weekday, $yearday, $sommertime) = localtime(time); - $hours = $hours < 10 ? $hours = "0".$hours : $hours; - $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes; - $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds; - $month+=1; - $month = $month < 10 ? $month = "0".$month : $month; - $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; - $year+=1900; - my $t = "$year$month$monthday$hours$minutes$seconds"; - - $shmda->shlock(LOCK_EX); - if (defined $status) { - $known_daemons->{$hostname}->{status} = $status; - } - if (defined $passwd) { - $known_daemons->{$hostname}->{passwd} = $passwd; - } - if (defined $mac_address) { - $known_daemons->{$hostname}->{mac_address} = $mac_address; - } - if (defined $events) { - $known_daemons->{$hostname}->{events} = $events; - } - $known_daemons->{$hostname}->{timestamp} = $t; - $shmda->shlock(LOCK_EX); - return; -} - - -#=== FUNCTION ================================================================ -# NAME: update_known_daemons -# PARAMETERS: hostname - string - ip address and port of host (required) -# status - string - (optional) -# passwd - string - (optional) -# client - string - ip address and port of client (optional) -# RETURNS: nothing -# DESCRIPTION: nome est omen and updates each time the timestamp of hostname -#=============================================================================== -sub update_known_daemons { - my $arg = { - hostname => undef, status => undef, passwd => undef, - @_ }; - my $hostname = $arg->{hostname}; - my $status = $arg->{status}; - my $passwd = $arg->{passwd}; - - if (not defined $hostname) { - daemon_log("ERROR: function add_content2known_daemons is not invoked with requiered parameter 'hostname'", 1); - return; - } - - my ($seconds, $minutes, $hours, $monthday, $month, - $year, $weekday, $yearday, $sommertime) = localtime(time); - $hours = $hours < 10 ? $hours = "0".$hours : $hours; - $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes; - $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds; - $month+=1; - $month = $month < 10 ? $month = "0".$month : $month; - $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; - $year+=1900; - my $t = "$year$month$monthday$hours$minutes$seconds"; - - $shmda->shlock(LOCK_EX); - if (defined $status) { - $known_daemons->{$hostname}->{status} = $status; - } - if (defined $passwd) { - $known_daemons->{$hostname}->{passwd} = $passwd; - } - $known_daemons->{$hostname}->{timestamp} = $t; - $shmda->shunlock(LOCK_EX); - return; -} - - -#=== FUNCTION ================================================================ -# NAME: print_known_clients -# PARAMETERS: nothing -# RETURNS: nothing -# DESCRIPTION: nomen est omen -#=============================================================================== -sub print_known_clients { - - print "####################################\n"; - print "# status of known_clients\n"; - $shmcl->shlock(LOCK_EX); - my @hosts = keys %$known_clients; - if (@hosts) { - foreach my $host (@hosts) { - my $status = $known_clients->{$host}->{status} ; - my $passwd = $known_clients->{$host}->{passwd}; - my $timestamp = $known_clients->{$host}->{timestamp}; - my $mac_address = $known_clients->{$host}->{mac_address}; - my $events = $known_clients->{$host}->{events}; - print "$host\n"; - print "\tstatus: $status\n"; - print "\tpasswd: $passwd\n"; - print "\ttimestamp: $timestamp\n"; - print "\tmac_address: $mac_address\n"; - print "\tevents: $events\n"; - } - } - $shmcl->shunlock(LOCK_EX); - print "####################################\n"; - return; -} - - - - - -#=== FUNCTION ================================================================ -# NAME: create_known_client -# PARAMETERS: hostname - string - key for the hash known_clients -# RETURNS: nothing -# DESCRIPTION: creates a dummy entry for hostname in known_clients -#=============================================================================== -sub create_known_client { - my ($hostname) = @_; - $shmcl->shlock(LOCK_EX); - $known_clients->{$hostname} = {}; - $known_clients->{$hostname}->{status} = "none"; - $known_clients->{$hostname}->{passwd} = "none"; - $known_clients->{$hostname}->{timestamp} = "none"; - $known_clients->{$hostname}->{mac_address} = "none"; - $known_clients->{$hostname}->{events} = "none"; - $shmcl->shunlock(LOCK_EX); - return; -} - - - - -#=== FUNCTION ================================================================ -# NAME: add_content2known_clients -# PARAMETERS: hostname - string - ip address and port of host (required) -# status - string - (optional) -# passwd - string - (optional) -# mac_address - string - (optional) -# events - string - event of client, executable skripts under /etc/gosac/events -# RETURNS: nothing -# DESCRIPTION: nome est omen and updates each time the timestamp of hostname -#=============================================================================== -sub add_content2known_clients { - my $arg = { - hostname => undef, status => undef, passwd => undef, - mac_address => undef, events => undef, - @_ }; - my $hostname = $arg->{hostname}; - my $status = $arg->{status}; - my $passwd = $arg->{passwd}; - my $mac_address = $arg->{mac_address}; - my $events = $arg->{events}; - - if (not defined $hostname) { - daemon_log("ERROR: function add_content2known_clients is not invoked with requiered parameter 'hostname'", 1); - return; - } - - my ($seconds, $minutes, $hours, $monthday, $month, - $year, $weekday, $yearday, $sommertime) = localtime(time); - $hours = $hours < 10 ? $hours = "0".$hours : $hours; - $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes; - $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds; - $month+=1; - $month = $month < 10 ? $month = "0".$month : $month; - $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; - $year+=1900; - my $t = "$year$month$monthday$hours$minutes$seconds"; - - $shmcl->shlock(LOCK_EX); - if (defined $status) { - $known_clients->{$hostname}->{status} = $status; - } - if (defined $passwd) { - $known_clients->{$hostname}->{passwd} = $passwd; - } - if (defined $mac_address) { - $known_clients->{$hostname}->{mac_address} = $mac_address; - } - if (defined $events) { - $known_clients->{$hostname}->{events} = $events; - } - $known_clients->{$hostname}->{timestamp} = $t; - $shmcl->shlock(LOCK_EX); - return; -} - - -#=== FUNCTION ================================================================ -# NAME: -# PARAMETERS: -# RETURNS: -# DESCRIPTION: -#=============================================================================== -sub clean_up_known_clients { - my ($address) = @_ ; - - if (not exists $known_clients->{$address}) { - daemon_log("cannot prune known_clients from $address, client not known", 5); - return; - } - - delete $known_clients->{$address}; - - # send bus a msg that address was deleted from known_clients - my $out_hash = &create_xml_hash('delete_client', $server_address, $bus_address, $address); - &send_msg_hash2bus($out_hash); - - daemon_log("client $address deleted from known_clients because of multiple down time", 3); - return; -} - - -#=== FUNCTION ================================================================ -# NAME: update_known_clients -# PARAMETERS: hostname - string - ip address and port of host (required) -# status - string - (optional) -# passwd - string - (optional) -# client - string - ip address and port of client (optional) -# RETURNS: nothing -# DESCRIPTION: nome est omen and updates each time the timestamp of hostname -#=============================================================================== -sub update_known_clients { - my $arg = { - hostname => undef, status => undef, passwd => undef, - mac_address => undef, events => undef, - @_ }; - my $hostname = $arg->{hostname}; - my $status = $arg->{status}; - my $passwd = $arg->{passwd}; - my $mac_address = $arg->{mac_address}; - my $events = $arg->{events}; - - if (not defined $hostname) { - daemon_log("ERROR: function add_content2known_daemons is not invoked with requiered parameter 'hostname'", 1); - return; - } - - my ($seconds, $minutes, $hours, $monthday, $month, - $year, $weekday, $yearday, $sommertime) = localtime(time); - $hours = $hours < 10 ? $hours = "0".$hours : $hours; - $minutes = $minutes < 10 ? $minutes = "0".$minutes : $minutes; - $seconds = $seconds < 10 ? $seconds = "0".$seconds : $seconds; - $month+=1; - $month = $month < 10 ? $month = "0".$month : $month; - $monthday = $monthday < 10 ? $monthday = "0".$monthday : $monthday; - $year+=1900; - my $t = "$year$month$monthday$hours$minutes$seconds"; - - $shmcl->shlock(LOCK_EX); - if (defined $status) { - $known_clients->{$hostname}->{status} = $status; - } - if (defined $passwd) { - $known_clients->{$hostname}->{passwd} = $passwd; - } - if (defined $mac_address) { - $known_clients->{$hostname}->{mac_address} = $mac_address; - } - if (defined $events) { - $known_clients->{$hostname}->{events} = $events; - } - $known_clients->{$hostname}->{timestamp} = $t; - $shmcl->shunlock(LOCK_EX); - return; -} - - - - - - - -#==== MAIN = main ============================================================== - -# parse commandline options -Getopt::Long::Configure( "bundling" ); -GetOptions("h|help" => \&usage, - "c|config=s" => \$cfg_file, - "f|foreground" => \$foreground, - "v|verbose+" => \$verbose, - "no-bus+" => \$no_bus, - "no-arp+" => \$no_arp, - ); - -# read and set config parameters -&check_cmdline_param ; -&read_configfile; -&check_pid; -&import_modules; - -$SIG{CHLD} = 'IGNORE'; - -# restart daemon log file -if(-e $log_file ) { unlink $log_file } -daemon_log(" ", 1); -daemon_log("gosad started!", 1); - -# Just fork, if we"re not in foreground mode -if( ! $foreground ) { $pid = fork(); } -else { $pid = $$; } - -# Do something useful - put our PID into the pid_file -if( 0 != $pid ) { - open( LOCK_FILE, ">$pid_file" ); - print LOCK_FILE "$pid\n"; -close( LOCK_FILE ); - if( !$foreground ) { exit( 0 ) }; -} - -# detect own ip and mac address -($server_ip, $server_mac_address) = &get_ip_and_mac(); -if (not defined $server_ip) { - die "EXIT: ip address of $0 could not be detected"; -} -daemon_log("server ip address detected: $server_ip", 1); -daemon_log("server mac address detected: $server_mac_address", 1); - -# setup xml parser -$xml = new XML::Simple(); - -# create cipher object -$bus_cipher = &create_ciphering($bus_passwd); -$bus_address = "$bus_ip:$bus_port"; - -# create reading and writing vectors -my $rbits = my $wbits = my $ebits = ""; - -# open server socket -$server_address = "$server_ip:$server_port"; -if($server_activ eq "on"){ - daemon_log(" ", 1); - $server = IO::Socket::INET->new(LocalPort => $server_port, - Type => SOCK_STREAM, - Reuse => 1, - Listen => 20, - ); - if(not defined $server){ - daemon_log("cannot be a tcp server at $server_port : $@"); - } else { - daemon_log("start server:", 1); - daemon_log("\t$server_ip:$server_port",1) ; - vec($rbits, fileno $server, 1) = 1; - vec($wbits, fileno $server, 1) = 1; - } -} - -# register at bus -if ($no_bus > 0) { - $bus_activ = "off" -} -if($bus_activ eq "on") { - daemon_log(" ", 1); - ®ister_at_bus(); -} - - -daemon_log(" ", 1); - -# start arp fifo -if ($no_arp > 0) { - $arp_activ = "off"; -} -my $my_fifo; -if($arp_activ eq "on") { - $my_fifo = &open_fifo($arp_fifo_path); - if($my_fifo == 0) { die "fifo file disappeared\n" } - sysopen($arp_fifo, $arp_fifo_path, O_RDWR) or die "can't read from $arp_fifo: $!" ; - - vec($rbits, fileno $arp_fifo, 1) = 1; -} - -$gosa_address = "$gosa_ip:$gosa_port"; -# start gosa inferface fifos -if ($gosa_activ eq "on") { - daemon_log(" ",1); - $gosa_server = IO::Socket::INET->new(LocalPort => $gosa_port, - Type => SOCK_STREAM, - Reuse => 1, - Listen => 1, - ); - if (not defined $gosa_server) { - daemon_log("cannot start tcp server at $gosa_port for communication to gosa: $@", 1); - } else { - daemon_log("start server at for communication to gosa", 1); - daemon_log("\t$server_ip:$gosa_port"); - vec($rbits, fileno $gosa_server, 1) = 1; - - } - - - #&open_fifo($gosa_fifo_in); - #sysopen(GOSA_FIFO_IN, $gosa_fifo_in, O_RDWR) or die "can't read from GOSA_FIFO_IN: $!" ; - #vec($rbits, fileno GOSA_FIFO_IN, 1) = 1; - - #&open_fifo($gosa_fifo_out); - #sysopen(GOSA_FIFO_OUT, $gosa_fifo_out, O_RDWR) or die "can't read from GOSA_FIFO_IN: $!" ; - -} - - -################################### -#everything ready, okay, lets start -################################### -while(1) { - - # add all handles from the childs - while ( my ($pid, $child_hash) = each %busy_child ) { - - # check whether process still exists - my $exitus_pid = waitpid($pid, WNOHANG); - if($exitus_pid != 0) { - delete $busy_child{$pid}; - next; - } - - # add child fhd to the listener - my $fhd = $$child_hash{'pipe_rd'}; - vec($rbits, fileno $fhd, 1) = 1; - } - - my ($rout, $wout); - my $nf = select($rout=$rbits, $wout=$wbits, undef, undef); - - # error handling - if($nf < 0 ) { - } - - # something is coming in - if($server_activ eq "on" && vec($rout, fileno $server, 1)) { - daemon_log(" ", 1); - my $client = $server->accept(); - my $other_end = getpeername($client); - if(not defined $other_end) { - daemon_log("client cannot be identified: $!"); - } else { - my ($port, $iaddr) = unpack_sockaddr_in($other_end); - my $actual_ip = inet_ntoa($iaddr); - daemon_log("accept client at daemon socket from $actual_ip", 5); - my $in_msg = &read_from_socket($client); - if(defined $in_msg){ - chomp($in_msg); - &activating_child($in_msg, $actual_ip); - } else { - daemon_log("cannot read from $actual_ip", 5); - } - } - close($client); - } - - if($arp_activ eq "on" && vec($rout, fileno $arp_fifo, 1)) { - my $in_msg = <$arp_fifo>; - chomp($in_msg); - print "arp_activ: msg: $in_msg\n"; - my $act_passwd = $known_daemons->{$bus_address}->{passwd}; - print "arp_activ: arp_passwd: $act_passwd\n"; - - my $in_msg_hash = $xml->XMLin($in_msg, ForceArray=>1); - - my $target = &get_content_from_xml_hash($in_msg_hash, 'target'); - - if ($target eq $server_address) { - print "arp_activ: forward to server\n"; - my $arp_cipher = &create_ciphering($act_passwd); - my $crypted_msg = &encrypt_msg($in_msg, $arp_cipher); - &activating_child($crypted_msg, $server_ip); - } else { - print "arp_activ: send to bus\n"; - &send_msg_hash2address($in_msg_hash, $bus_address); - } - print "\n"; - } - - if($gosa_activ eq "on" && vec($rout, fileno $gosa_server, 1)) { - daemon_log(" ", 1); - my $client = $gosa_server->accept(); - my $other_end = getpeername($client); - if(not defined $other_end) { - daemon_log("client cannot be identified: $!"); - } else { - my ($port, $iaddr) = unpack_sockaddr_in($other_end); - my $actual_ip = inet_ntoa($iaddr); - daemon_log("accept client at gosa socket from $actual_ip", 5); - my $in_msg = <$client>; - #my $in_msg = &read_from_socket($client); - - daemon_log(">>>>>>>>>>> frisch vom socket gelesen\n!$in_msg!\n",1); - if(defined $in_msg){ - chomp($in_msg); - &activating_child($in_msg, $actual_ip, $client); - } else { - daemon_log("cannot read from $actual_ip", 5); - } - } - #close($client); - } - - # check all processing childs whether they are finished ('done') or - while ( my ($pid, $child_hash) = each %busy_child ) { - my $fhd = $$child_hash{'pipe_rd'}; - - if (vec($rout, fileno $fhd, 1) ) { - daemon_log("process child $pid is ready to read", 5); - - $fhd->blocking(1); - my $in_msg = <$fhd>; - $fhd->blocking(0); - my $part_in_msg; - while ($part_in_msg = <$fhd>) { - if (not defined $part_in_msg) { - last; - } - $in_msg .= $part_in_msg; - } - chomp($in_msg); - - daemon_log("process child read: $in_msg", 5); - if (not defined $in_msg) { - next; - } elsif ($in_msg =~ "done") { - delete $busy_child{$pid}; - $free_child{$pid} = $child_hash; - - } else { - my $act_client = $busy_child{$pid}{client_ref}; - print $act_client $in_msg."\n"; - my $act_pipe = $busy_child{$pid}{pipe_rd}; - sleep(10); - close ($act_client); - delete $busy_child{$pid}; - $free_child{$pid} = $child_hash; - - } - } - } - - -} diff --git a/contrib/daemon/gosa-si-server.conf-template b/contrib/daemon/gosa-si-server.conf-template deleted file mode 100644 index 8a07a631b..000000000 --- a/contrib/daemon/gosa-si-server.conf-template +++ /dev/null @@ -1,30 +0,0 @@ -[general] -log_file = /var/log/gosa-si-daemon.log -pid_file = /var/run/gosa-si-daemon.pid -child_max = 10 -child_min = 2 -child_timeout = 10 - -[bus] -bus_activ = on -bus_passwd = secret-bus-password -bus_ip = 127.0.0.1 -bus_port = 20080 - -[server] -server_activ = on -server_port = 20081 -server_passwd = secret-server-password -max_clients = 5 - -[arp] -arp_activ = off -arp_fifo_path = /var/run/gosa-si/arp-notify - -[gosa] -gosa_activ = on -gosa_ip = 127.0.0.1 -gosa_port = 20082 -gosa_passwd = secret-gosa-password -gosa_timeout = 5 - diff --git a/contrib/daemon/modules/GosaPackages.pm b/contrib/daemon/modules/GosaPackages.pm deleted file mode 100644 index ab5938dc6..000000000 --- a/contrib/daemon/modules/GosaPackages.pm +++ /dev/null @@ -1,108 +0,0 @@ -package GosaPackages; - -use Exporter; -@ISA = ("Exporter"); - -# Each module has to have a function 'process_incoming_msg'. This function works as a interface to gosa-sd and recieves the msg hash from gosa-sd. 'process_incoming_function checks, wether it has a function to process the incoming msg and forward the msg to it. - - -use strict; -use warnings; -use GosaSupportDaemon; - -BEGIN{} - -END{} - - -### START ########################## - -# create general settings for this module -my $gosa_cipher = &create_ciphering($main::gosa_passwd); - -sub get_module_tags { - - # dort stehen drei packettypen, für die sich das modul anmelden kann, gosa-admin-packages, - # server-packages, client-packages - my %tag_hash = (gosa_admin_packages => "yes", - server_packages => "no", - client_packages => "no"); - return \%tag_hash; -} - - -sub process_incoming_msg { - my ($crypted_msg) = @_ ; - if(not defined $crypted_msg) { - &main::daemon_log("function 'process_incoming_msg': got no msg", 7); - } - &main::daemon_log("GosaPackages: crypted_msg:$crypted_msg", 7); - &main::daemon_log("GosaPackages: crypted_msg len:".length($crypted_msg), 7); - - $crypted_msg =~ /^([\s\S]*?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)$/; - $crypted_msg = $1; - my $host = sprintf("%s.%s.%s.%s", $2, $3, $4, $5); - - &main::daemon_log("GosaPackages: crypted_msg:$crypted_msg", 7); - &main::daemon_log("GosaPackages: crypted_msg len:".length($crypted_msg), 7); - - - # collect addresses from possible incoming clients - # only gosa is allowd as incoming client - &main::daemon_log("GosaPackages: host_key: $host", 7); - &main::daemon_log("GosaPackages: key_passwd: $main::gosa_passwd", 7); - - $gosa_cipher = &main::create_ciphering($main::gosa_passwd); - # determine the correct passwd for deciphering of the incoming msgs - my $msg = ""; - my $msg_hash; - eval{ - $msg = &main::decrypt_msg($crypted_msg, $gosa_cipher); - &main::daemon_log("GosaPackages: decrypted_msg: $msg", 7); - - $msg_hash = $main::xml->XMLin($msg, ForceArray=>1); - }; - if($@) { - &main::daemon_log("WARNING: GosaPackages do not understand the message:", 5); - &main::daemon_log("$@", 7); - return; - } - - &main::daemon_log("GosaPackages: msg for daemon from host:", 1); - &main::daemon_log("\t$host", 1); - &main::daemon_log("GosaPackages: msg to process:", 5); - &main::daemon_log("\t$msg", 5); - - $msg = "gosaPackages hat was bekommen"; - - my $out_cipher = &main::create_ciphering($main::gosa_passwd); - my $out_msg = &main::encrypt_msg($msg, $out_cipher); - return $out_msg; - -} - - -#=== FUNCTION ================================================================ -# NAME: got_ping -# PARAMETERS: msg_hash - hash - hash from function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: process this incoming message -#=============================================================================== -sub got_ping { - my ($msg_hash) = @_; - - my $source = @{$msg_hash->{source}}[0]; - my $target = @{$msg_hash->{target}}[0]; - my $header = @{$msg_hash->{header}}[0]; - - if(exists $main::known_daemons->{$source}) { - &main::add_content2known_daemons(hostname=>$source, status=>$header); - } else { - &main::add_content2known_clients(hostname=>$source, status=>$header); - } - - return; -} - - -1; diff --git a/contrib/daemon/modules/ServerPackages.pm b/contrib/daemon/modules/ServerPackages.pm deleted file mode 100644 index c2fc7eea9..000000000 --- a/contrib/daemon/modules/ServerPackages.pm +++ /dev/null @@ -1,455 +0,0 @@ -package ServerPackages; - -use Exporter; -@ISA = ("Exporter"); - -# Each module has to have a function 'process_incoming_msg'. This function works as a interface to gosa-sd and recieves the msg hash from gosa-sd. 'process_incoming_function checks, wether it has a function to process the incoming msg and forward the msg to it. - - -use strict; -use warnings; -use GosaSupportDaemon; - -BEGIN{} - -END {} - - -### START ########## - - - -sub get_module_tags { - - # lese config file aus dort gibt es eine section Basic - # dort stehen drei packettypen, für die sich das modul anmelden kann, gosa-admin-packages, - # server-packages, client-packages - my %tag_hash = (gosa_admin_packages => "yes", - server_packages => "yes", - client_packages => "yes", - ); - return \%tag_hash; -} - - -sub process_incoming_msg { - my ($crypted_msg) = @_ ; - if(not defined $crypted_msg) { - &main::daemon_log("function 'process_incoming_msg': got no msg", 7); - } - $crypted_msg =~ /^([\s\S]*?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)\.(\d{1,3}?)$/; - $crypted_msg = $1; - my $host = sprintf("%s.%s.%s.%s", $2, $3, $4, $5); - - # collect addresses from possible incoming clients - my @valid_keys; - my @host_keys = keys %$main::known_daemons; - foreach my $host_key (@host_keys) { - if($host_key =~ "^$host") { - push(@valid_keys, $host_key); - } - } - my @client_keys = keys %$main::known_clients; - foreach my $client_key (@client_keys) { - if($client_key =~ "^$host"){ - push(@valid_keys, $client_key); - } - } - push(@valid_keys, $main::server_address); - - my $l = @valid_keys; - my $msg_hash; - my $msg_flag = 0; - my $msg = ""; - - # determine the correct passwd for deciphering of the incoming msgs - foreach my $host_key (@valid_keys) { - eval{ - &main::daemon_log("ServerPackage: host_key: $host_key", 7); - my $key_passwd; - if (exists $main::known_daemons->{$host_key}) { - $key_passwd = $main::known_daemons->{$host_key}->{passwd}; - } elsif (exists $main::known_clients->{$host_key}) { - $key_passwd = $main::known_clients->{$host_key}->{passwd}; - } elsif ($host_key eq $main::server_address) { - $key_passwd = $main::server_passwd; - } - &main::daemon_log("ServerPackage: key_passwd: $key_passwd", 7); - my $key_cipher = &create_ciphering($key_passwd); - $msg = &decrypt_msg($crypted_msg, $key_cipher); - &main::daemon_log("ServerPackages: decrypted msg: $msg", 7); - $msg_hash = $main::xml->XMLin($msg, ForceArray=>1); - #my $tmp = printf Dumper $msg_hash; - #&main::daemon_log("DEBUG: ServerPackages: xml hash: $tmp", 7); - }; - if($@) { - &main::daemon_log("ServerPackage: key raise error: $@", 7); - $msg_flag += 1; - } else { - last; - } - } - - if($msg_flag >= $l) { - &main::daemon_log("WARNING: ServerPackage do not understand the message:", 5); - &main::daemon_log("$@", 7); - return; - } - - # process incoming msg - my $header = @{$msg_hash->{header}}[0]; - my $source = @{$msg_hash->{source}}[0]; - - &main::daemon_log("ServerPackages: msg from host:", 5); - &main::daemon_log("\t$host", 5); - &main::daemon_log("ServerPackages: header from msg:", 5); - &main::daemon_log("\t$header", 5); - &main::daemon_log("ServerPackages: msg to process:", 5); - &main::daemon_log("\t$msg", 5); - - my @targets = @{$msg_hash->{target}}; - my $len_targets = @targets; - if ($len_targets == 0){ - &main::daemon_log("ERROR: ServerPackages: no target specified for msg $header", 1); - - } elsif ($len_targets == 1){ - # we have only one target symbol - - my $target = $targets[0]; - &main::daemon_log("SeverPackages: msg is for:", 7); - &main::daemon_log("\t$target", 7); - - if ($target eq $main::server_address) { - # msg is for server - if ($header eq 'new_passwd'){ &new_passwd($msg_hash)} - elsif ($header eq 'here_i_am') { &here_i_am($msg_hash)} - elsif ($header eq 'who_has') { &who_has($msg_hash) } - elsif ($header eq 'who_has_i_do') { &who_has_i_do($msg_hash)} - elsif ($header eq 'update_status') { &update_status($msg_hash) } - elsif ($header eq 'got_ping') { &got_ping($msg_hash)} - elsif ($header eq 'get_load') { &execute_actions($msg_hash)} - else { &main::daemon_log("ERROR: ServerPackages: no function assigned to this msg", 5) } - - - } elsif ($target eq "*") { - # msg is for all clients - - my @target_addresses = keys(%$main::known_clients); - foreach my $target_address (@target_addresses) { - if ($target_address eq $source) { next; } - $msg_hash->{target} = [$target_address]; - &send_msg_hash2address($msg_hash, $target_address); - } - } else { - # msg is for one host - - if (exists $main::known_clients->{$target}) { - &send_msg_hash2address($msg_hash, $target); - } elsif (exists $main::known_daemons->{$target}) { - # target is known - &send_msg_hash2address($msg_hash, $target); - } else { - # target is not known - &main::daemon_log("ERROR: ServerPackages: target $target is not known neither in known_clients nor in known_daemons", 1); - } - } - } - - return ; -} - - -#=== FUNCTION ================================================================ -# NAME: got_ping -# PARAMETERS: msg_hash - hash - hash from function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: process this incoming message -#=============================================================================== -sub got_ping { - my ($msg_hash) = @_; - - my $source = @{$msg_hash->{source}}[0]; - my $target = @{$msg_hash->{target}}[0]; - my $header = @{$msg_hash->{header}}[0]; - - if(exists $main::known_daemons->{$source}) { - &main::add_content2known_daemons(hostname=>$source, status=>$header); - } else { - &main::add_content2known_clients(hostname=>$source, status=>$header); - } - - return; -} - - -#=== FUNCTION ================================================================ -# NAME: new_passwd -# PARAMETERS: msg_hash - ref - hash from function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: process this incoming message -#=============================================================================== -sub new_passwd { - my ($msg_hash) = @_; - - my $source = @{$msg_hash->{source}}[0]; - my $passwd = @{$msg_hash->{new_passwd}}[0]; - - if (exists $main::known_daemons->{$source}) { - &main::add_content2known_daemons(hostname=>$source, status=>"new_passwd", passwd=>$passwd); - my $hash = &create_xml_hash("confirm_new_passwd", $main::server_address, $source); - &send_msg_hash2address($hash, $source); - - } elsif (exists $main::known_clients->{$source}) { - &main::add_content2known_clients(hostname=>$source, status=>"new_passwd", passwd=>$passwd); - - } else { - &main::daemon_log("ERROR: $source not known, neither in known_daemons nor in known_clients", 1) - } - - return; -} - - -#=== FUNCTION ================================================================ -# NAME: here_i_am -# PARAMETERS: msg_hash - hash - hash from function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: process this incoming message -#=============================================================================== -sub here_i_am { - my ($msg_hash) = @_; - - my $source = @{$msg_hash->{source}}[0]; - my $mac_address = @{$msg_hash->{mac_address}}[0]; - my $out_hash; - - # number of known clients - my $nu_clients = keys %$main::known_clients; - - # check wether client address or mac address is already known - if (exists $main::known_clients->{$source}) { - &main::daemon_log("WARNING: $source is already known as a client", 1); - &main::daemon_log("WARNING: values for $source are being overwritten", 1); - $nu_clients --; - } - - # number of actual activ clients - my $act_nu_clients = $nu_clients; - - &main::daemon_log("number of actual activ clients: $act_nu_clients", 5); - &main::daemon_log("number of maximal allowed clients: $main::max_clients", 5); - - if($main::max_clients <= $act_nu_clients) { - my $out_hash = &create_xml_hash("denied", $main::server_address, $source); - &add_content2xml_hash($out_hash, "denied", "I_cannot_take_any_more_clients!"); - my $passwd = @{$msg_hash->{new_passwd}}[0]; - &send_msg_hash2address($out_hash, $source, $passwd); - return; - } - - # new client accepted - my $new_passwd = @{$msg_hash->{new_passwd}}[0]; - - # create known_daemons entry - my $events = @{$msg_hash->{events}}[0]; - &main::create_known_client($source); - &main::add_content2known_clients(hostname=>$source, events=>$events, mac_address=>$mac_address, - status=>"registered", passwd=>$new_passwd); - - # return acknowledgement to client - $out_hash = &create_xml_hash("registered", $main::server_address, $source); - &send_msg_hash2address($out_hash, $source); - - # notify registered client to bus - $out_hash = &main::create_xml_hash("new_client", $main::server_address, $main::bus_address, $source); - &main::send_msg_hash2bus($out_hash); - - # give the new client his ldap config - &new_ldap_config($source); - - return; -} - - -#=== FUNCTION ================================================================ -# NAME: who_has -# PARAMETERS: msg_hash - hash - hash from function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: process this incoming message -#=============================================================================== -sub who_has { - my ($msg_hash) = @_ ; - - # what is your search pattern - my $search_pattern = @{$msg_hash->{who_has}}[0]; - my $search_element = @{$msg_hash->{$search_pattern}}[0]; - &main::daemon_log("who_has-msg looking for $search_pattern $search_element", 7); - - # scanning known_clients for search_pattern - my @host_addresses = keys %$main::known_clients; - my $known_clients_entries = length @host_addresses; - my $host_address; - foreach my $host (@host_addresses) { - my $client_element = $main::known_clients->{$host}->{$search_pattern}; - if ($search_element eq $client_element) { - $host_address = $host; - last; - } - } - - # search was successful - if (defined $host_address) { - my $source = @{$msg_hash->{source}}[0]; - my $out_msg = &main::create_xml_hash("who_has_i_do", $main::server_address, $source, "mac_address"); - &main::add_content2xml_hash($out_msg, "mac_address", $search_element); - &main::send_msg_hash2address($out_msg, $main::bus_address); - } - return; -} - - -sub who_has_i_do { - my ($msg_hash) = @_ ; - my $header = @{$msg_hash->{header}}[0]; - my $source = @{$msg_hash->{source}}[0]; - my $search_param = @{$msg_hash->{$header}}[0]; - my $search_value = @{$msg_hash->{$search_param}}[0]; - print "\ngot msg $header:\nserver $source has client with $search_param $search_value\n"; -} - - -#=== FUNCTION ================================================================ -# NAME: new_ldap_config -# PARAMETERS: address - string - ip address and port of a host -# RETURNS: nothing -# DESCRIPTION: send to address the ldap configuration found for dn gotoLdapServer -#=============================================================================== -sub new_ldap_config { - my ($address) = @_ ; - - if (not exists $main::known_clients->{$address}) { - &main::daemon_log("ERROR: $address does not exist in known_clients, cannot send him his ldap config", 1); - return; - } - - my $mac_address = $main::known_clients->{$address}->{"mac_address"}; - if (not defined $mac_address) { - &main::daemon_log("ERROR: no mac address found for client $address", 1); - return; - } - - # fetch dn - my $goHard_cmd = "ldapsearch -x '(&(objectClass=goHard)(macAddress=00:11:22:33:44:57))' dn gotoLdapServer"; - my $dn; - my @gotoLdapServer; - open (PIPE, "$goHard_cmd 2>&1 |"); -# my $rbits = ""; -# vec($rbits, fileno PIPE, 1) = 1; -# my $rout; -# my $nf = select($rout=$rbits, undef, undef, $ldap_timeout); - while() { - chomp $_; - # If it's a comment, goto next - if ($_ =~ m/^[#]/) { next;} - if ($_ =~ m/^dn: ([\S]+?)$/) { - $dn = $1; - } elsif ($_ =~ m/^gotoLdapServer: ([\S]+?)$/) { - push(@gotoLdapServer, $1); - } - } - close(PIPE); - - # no dn found - if (not defined $dn) { - &main::daemon_log("ERROR: no dn arose from command: $goHard_cmd", 1); - return; - } - - # no gotoLdapServer found - my $gosaGroupOfNames_cmd = "ldapsearch -x '(&(objectClass=gosaGroupOfNames)(member=$dn))' gotoLdapServer"; - if (@gotoLdapServer == 0) { - open (PIPE, "$gosaGroupOfNames_cmd 2>&1 |"); - while() { - chomp $_; - if ($_ =~ m/^[#]/) { next; } - if ($_ =~ m/^gotoLdapServer: ([\S]+?)$/) { - push(@gotoLdapServer, $1); - } - } - close(PIPE); - } - - # still no gotoLdapServer found - if (@gotoLdapServer == 0) { - &main::daemon_log("ERROR: cannot find gotoLdapServer entry in command: $gosaGroupOfNames_cmd", 1); - return; - } - - # sort @gotoLdapServer and then split of ranking - my @sorted_gotoLdapServer = sort(@gotoLdapServer); - @gotoLdapServer = reverse(@sorted_gotoLdapServer); - foreach (@gotoLdapServer) { - $_ =~ s/^\d://; - } - - my $t = join(" ", @gotoLdapServer); - - my $out_hash = &main::create_xml_hash("new_ldap_config", $main::server_address, $address); - map(&main::add_content2xml_hash($out_hash, "new_ldap_config", $_), @gotoLdapServer); - &main::send_msg_hash2address($out_hash, $address); - - return; -} - - -#=== FUNCTION ================================================================ -# NAME: execute_actions -# PARAMETERS: msg_hash - hash - hash from function create_xml_hash -# RETURNS: nothing -# DESCRIPTION: invokes the script specified in msg_hash which is located under -# /etc/gosad/actions -#=============================================================================== -sub execute_actions { - my ($msg_hash) = @_ ; - my $configdir= '/etc/gosad/actions/'; - my $result; - - my $header = @{$msg_hash->{header}}[0]; - my $source = @{$msg_hash->{source}}[0]; - my $target = @{$msg_hash->{target}}[0]; - - if((not defined $source) - && (not defined $target) - && (not defined $header)) { - &main::daemon_log("ERROR: Entries missing in XML msg for gosad actions under /etc/gosad/actions"); - } else { - my $parameters=""; - my @params = @{$msg_hash->{$header}}; - my $params = join(", ", @params); - &main::daemon_log("execute_actions: got parameters: $params", 5); - - if (@params) { - foreach my $param (@params) { - my $param_value = (&get_content_from_xml_hash($msg_hash, $param))[0]; - &main::daemon_log("execute_actions: parameter -> value: $param -> $param_value", 7); - $parameters.= " ".$param_value; - } - } - - my $cmd= $configdir.$header."$parameters"; - &main::daemon_log("execute_actions: executing cmd: $cmd", 7); - $result= ""; - open(PIPE, "$cmd 2>&1 |"); - while() { - $result.=$_; - } - close(PIPE); - } - - # process the event result - - - return; -} - -1; diff --git a/contrib/daemon/tests/testGOsa.pl b/contrib/daemon/tests/testGOsa.pl deleted file mode 100644 index 9ecb8f385..000000000 --- a/contrib/daemon/tests/testGOsa.pl +++ /dev/null @@ -1,107 +0,0 @@ -#!/usr/bin/perl -#=============================================================================== -# -# FILE: testGosa.pl -# -# USAGE: ./testGosa.pl -# -# DESCRIPTION: -# -# OPTIONS: --- -# REQUIREMENTS: --- -# BUGS: --- -# NOTES: --- -# AUTHOR: (), <> -# COMPANY: -# VERSION: 1.0 -# CREATED: 06.12.2007 14:31:37 CET -# REVISION: --- -#=============================================================================== - -use strict; -use warnings; -use IO::Socket::INET; -use Digest::MD5 qw(md5 md5_hex md5_base64); -use Crypt::Rijndael; -use MIME::Base64; - -sub create_ciphering { - my ($passwd) = @_; - - $passwd = substr(md5_hex("$passwd") x 32, 0, 32); - my $iv = substr(md5_hex('GONICUS GmbH'),0, 16); - print "iv: $iv\n"; - print "key: $passwd\n"; - - my $my_cipher = Crypt::Rijndael->new($passwd ,Crypt::Rijndael::MODE_CBC() ); - $my_cipher->set_iv($iv); - return $my_cipher; -} - -sub decrypt_msg { - my ($crypted_msg, $my_cipher) = @_ ; - $crypted_msg = &decode_base64($crypted_msg); - my $msg = $my_cipher->decrypt($crypted_msg); - return $msg; -} - -sub encrypt_msg { - my ($msg, $my_cipher) = @_; - if(not defined $my_cipher) { print "no cipher object\n"; } - $msg = "\0"x(16-length($msg)%16).$msg; - my $crypted_msg = $my_cipher->encrypt($msg); - chomp($crypted_msg = &encode_base64($crypted_msg)); - return $crypted_msg; -} - - - -my $gosa_server = IO::Socket::INET->new(LocalPort => "9999", - Type => SOCK_STREAM, - Reuse => 1, - Listen => 1, - ); - - - - - -my $client = $gosa_server->accept(); -my $other_end = getpeername($client); -if(not defined $other_end) { - print "client cannot be identified:"; -} else { - my ($port, $iaddr) = unpack_sockaddr_in($other_end); - my $actual_ip = inet_ntoa($iaddr); - print "accept client at gosa socket from $actual_ip\n"; - chomp(my $crypted_msg = <$client>); - print "crypted msg: <<<$crypted_msg<<<\n"; - - my $cipher = &create_ciphering("ferdinand_frost"); - - my $msg = &decrypt_msg($crypted_msg, $cipher); - print "msg: <<<$msg<<<\n"; - - print "\n#################################\n\n"; - - my $answer = "gosa answer: $msg"; - - print "answer: $answer\n"; - - my $out_cipher = &create_ciphering("ferdinand_frost"); - my $crypted_answer = &encrypt_msg($answer, $out_cipher); - - print $client $crypted_answer."\n"; - -} - -sleep(3); -close($client); - - - - - - - - diff --git a/contrib/demo.ldif b/contrib/demo.ldif deleted file mode 100644 index dc2ce2f9d..000000000 --- a/contrib/demo.ldif +++ /dev/null @@ -1,48 +0,0 @@ -dn: dc=gonicus,dc=de -objectClass: dcObject -objectClass: organization -description: Base object -dc: gonicus -o: GONICUS GmbH - -dn: cn=terminal-admin,dc=gonicus,dc=de -objectClass: person -cn: terminal-admin -sn: Upload user -description: GOto Upload Benutzer -userPassword:: e2tlcmJlcm9zfXRlcm1pbmFsYWRtaW5AR09OSUNVUy5MT0NBTAo= - -dn: ou=groups,dc=gonicus,dc=de -objectClass: organizationalUnit -ou: groups - -dn: ou=people,dc=gonicus,dc=de -objectClass: organizationalUnit -ou: people - -dn: cn=admin,ou=people,dc=gonicus,dc=de -objectClass: person -objectClass: organizationalPerson -objectClass: inetOrgPerson -objectClass: gosaAccount -uid: admin -cn: admin -givenName: admin -sn: GOsa main administrator -sambaLMPassword: 10974C6EFC0AEE1917306D272A9441BB -sambaNTPassword: 38F3951141D0F71A039CFA9D1EC06378 -userPassword:: dGVzdGVy - -dn: cn=administrators,ou=groups,dc=gonicus,dc=de -objectClass: gosaObject -objectClass: posixGroup -objectClass: top -gosaSubtreeACL: :all -cn: administrators -gidNumber: 999 -memberUid: admin - -dn: ou=incoming,dc=gonicus,dc=de -objectClass: organizationalUnit -ou: incoming - diff --git a/contrib/encodings b/contrib/encodings deleted file mode 100755 index 51d6f8211..000000000 --- a/contrib/encodings +++ /dev/null @@ -1,9 +0,0 @@ -# Encodings for class_servNfs.inc -# This file should be placed in /etc/gosa/ -UTF-8=UTF-8 -ISO8859-1=ISO8859-1 (Latin 1) -ISO8859-2=ISO8859-2 (Latin 2) -ISO8859-3=ISO8859-3 (Latin 3) -ISO8859-4=ISO8859-4 (Latin 4) -ISO8859-5=ISO8859-5 (Latin 5) -cp850=CP850 (Europe) diff --git a/contrib/fai/README.fai b/contrib/fai/README.fai deleted file mode 100644 index 89afff52c..000000000 --- a/contrib/fai/README.fai +++ /dev/null @@ -1,26 +0,0 @@ -FAI support for GOsa -==================== - -Please note, that FAI support is work in progress. Anyway here's a quick -guide how it works: - -1) Preparing FAI - - a) adjust the secrets file to match the password of your terminal-admin - ldap user - b) build the debian package in goto-fai (i.e. using dpkg-buidpackage) - c) add the resulting package to your fai nfs-root - -2) Preparing GOsa - - a) use the get-packages.pl script to generate a stripped down list of your - packages lists, move them to /etc/gosa/fai/servername/dist/. - - b) use the get-debconf.sh script to extract the debconf templates from - your mirror, move the resulting debconf.d directory to - /etc/gosa/fai/servername/dist/debconf.d - -3) Create classes/etc in GOsa, follow the ordinary fai documentation to - get your clients booted - - diff --git a/contrib/fai/get-debconf.sh b/contrib/fai/get-debconf.sh deleted file mode 100755 index dc7d2edce..000000000 --- a/contrib/fai/get-debconf.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash -# Call with: -# find /path/to/your/debmirror -name \*.deb | xargs ./get-debconf -# Move result to /etc/gosa/fai/server/debconf.d - -[ -d /tmp/debconf.d ] && mkdir /tmp/debconf.d -for i in $@; do - dpkg -e $i /tmp/debconf.d/DEBIAN - if [ -f /tmp/debconf.d/DEBIAN/templates ]; then - pp=$(basename $i) - p=${pp%%_*} - echo $p has debconf template - mv /tmp/debconf.d/DEBIAN/templates /tmp/debconf.d/$p.templates - fi -done - - diff --git a/contrib/fai/get-packages.pl b/contrib/fai/get-packages.pl deleted file mode 100755 index 7df4194c5..000000000 --- a/contrib/fai/get-packages.pl +++ /dev/null @@ -1,140 +0,0 @@ -#!/usr/bin/perl - -use strict; -use File::Path; -use File::Basename; - -# Check for parameters -if ($ARGV[0] eq ""){ - die ("Usage: parse-pkg \n"); -} - -# Generate cache -gen_cache($ARGV[0]); -exit 0; - -#----------------------------------------------------------------------------- - -sub gen_cache -{ - my ($conffile)= @_; - my $line; - - print "Generating GOsa package cache - this may take some time\n"; - open(CONFIG, "<$conffile") or die("Failed to open '$conffile' - aborted\n"); - - # Read lines - while ($line = ){ - # Unify - chop($line); - $line =~ s/^\s+//; - $line =~ s/^\s+/ /; - - # Strip comments - $line =~ s/#.*$//g; - - # Skip empty lines - if ($line =~ /^\s*$/){ - next; - } - - # Interpret deb line - if ($line =~ /^deb [^\s]+\s[^\s]+\s[^\s]+/){ - my ($baseurl) = ($line =~ /^deb\s([^\s]+)/); - my ($dist) = ($line =~ /^deb\s[^\s]+\s([^\s]+)/); - my ($sections) = ($line =~ /^deb\s[^\s]+\s[^\s]+\s(.*)$/); - - my $section; - foreach $section (split(" ", $sections)){ - parse_package_info ("$baseurl", "$dist", "$section"); - } - } - } - - close (CONFIG); -} - -#----------------------------------------------------------------------------- - -sub parse_package_info -{ - my ($baseurl, $dist, $section)= @_; - my ($package, $server); - - foreach $package ("Packages.gz"){ - print ("* trying to retrieve $baseurl/dists/$dist/$section/binary-i386/$package\n"); - - ($server)= ($baseurl =~ /^[^\/]+\/\/([^\/]+)\/.*$/); - get_package("$baseurl/dists/$dist/$section/binary-i386/$package", "/etc/gosa/fai/$server/$dist/$section"); - parse_package("/etc/gosa/fai/$server/$dist/$section"); - last; - } -} - -#----------------------------------------------------------------------------- - -sub get_package -{ - my ($url, $dest)= @_; - - # This is ugly, but I've no time to take a look at "how it works in perl" - system("wget '$url' -O '$dest'"); - system("gzip -cd '$dest' > '$dest.in'"); - system("rm -f '$dest'"); - - return 0; -} - -#----------------------------------------------------------------------------- - -sub parse_package -{ - my ($path)= @_; - my ($name, $desc, $vers, $sect, $line); - - my $tpath= dirname($path); - -d "$tpath" || mkpath "$tpath"; - - open(PACKAGES, "<$path.in") or die("Failed to open '$path.in' - aborted\n"); - open(OUT, ">$path") or die("Failed to open '$path' - aborted\n"); - - # Read lines - while ($line = ){ - # Unify - chop($line); - - # Use empty lines as a trigger - if ($line =~ /^\s*$/){ - print OUT "$name|$vers|$sect|$desc\n"; - next; - } - - # Trigger for package name - if ($line =~ /^Package:\s/){ - ($name)= ($line =~ /^Package: (.*)$/); - next; - } - - # Trigger for version - if ($line =~ /^Version:\s/){ - ($vers)= ($line =~ /^Version: (.*)$/); - next; - } - - # Trigger for description - if ($line =~ /^Description:\s/){ - ($desc)= ($line =~ /^Description: (.*)$/); - next; - } - - # Trigger for description - if ($line =~ /^Section:\s/){ - ($sect)= ($line =~ /^Section: (.*)$/); - next; - } - } - - close (OUT); - close (PACKAGES); -} - diff --git a/contrib/fai/goto-fai/Makefile b/contrib/fai/goto-fai/Makefile deleted file mode 100644 index 85756c2d2..000000000 --- a/contrib/fai/goto-fai/Makefile +++ /dev/null @@ -1,19 +0,0 @@ -all: - @echo "Nothing to do for all" - -install: - mkdir -p $(DESTDIR)/usr/sbin - mkdir -p $(DESTDIR)/etc/goto - mkdir -p $(DESTDIR)/usr/lib/goto - mkdir -p $(DESTDIR)/fai/hooks - cp secret $(DESTDIR)/etc/goto - cp -a get_fai_dir faimond $(DESTDIR)/usr/sbin - cp -a goto-support.lib $(DESTDIR)/usr/lib/goto - cp -a ldap2fai $(DESTDIR)/usr/sbin - cp confdir.DEFAULT.source $(DESTDIR)/fai/hooks - chmod go-rwx $(DESTDIR)/etc/goto/secret - - # Install diversions - mkdir -p $(DESTDIR)/usr/lib/fai/sbin - cp diversions/setup_harddisks $(DESTDIR)/usr/lib/fai/sbin - diff --git a/contrib/fai/goto-fai/confdir.DEFAULT.source b/contrib/fai/goto-fai/confdir.DEFAULT.source deleted file mode 100755 index afed2a22e..000000000 --- a/contrib/fai/goto-fai/confdir.DEFAULT.source +++ /dev/null @@ -1,19 +0,0 @@ -# undef default shell subroutine get_fai_dir -# instead the new script get_fai_dir will be used - -setterm -cursor off >/dev/tty3 -/usr/sbin/faimond >/dev/tty3 & -chvt 3 -unset get_fai_dir -unset sndmon - -sndmon() { - # send message to monitor daemon - [ "$faimond" -eq 0 ] && return 0 - if [ "$debug" ];then - echo "$sndhostname $*" | nc localhost 4711 - else - echo "$sndhostname $*" | nc localhost 4711 2>/dev/null - fi - return $? -} diff --git a/contrib/fai/goto-fai/debian/README.debian b/contrib/fai/goto-fai/debian/README.debian deleted file mode 100644 index 584b1dad6..000000000 --- a/contrib/fai/goto-fai/debian/README.debian +++ /dev/null @@ -1,6 +0,0 @@ -goto-fai for Debian -------------------- - -Comments regarding the Package - -Cajus Pollmeier , Thu, 17 Mar 2005 09:05:17 +0100 diff --git a/contrib/fai/goto-fai/debian/changelog b/contrib/fai/goto-fai/debian/changelog deleted file mode 100644 index 905c15e7c..000000000 --- a/contrib/fai/goto-fai/debian/changelog +++ /dev/null @@ -1,5 +0,0 @@ -goto-fai (2.0-1) unstable; urgency=low - - * Initial release. - - -- Cajus Pollmeier Thu, 17 Mar 2005 09:05:17 +0100 diff --git a/contrib/fai/goto-fai/debian/control b/contrib/fai/goto-fai/debian/control deleted file mode 100644 index 1cf61844b..000000000 --- a/contrib/fai/goto-fai/debian/control +++ /dev/null @@ -1,12 +0,0 @@ -Source: goto-fai -Section: lhm/main -Priority: optional -Maintainer: Cajus Pollmeier -Standards-Version: 3.6.1 -Build-Depends: debmake - -Package: goto-fai -Architecture: any -Depends: ${shlibs:Depends}, libnet-ldap-perl, hwdata-knoppix, hwsetup, ddcxinfo-knoppix -Description: GOto support scripts - Support and build scripts for terminal server diff --git a/contrib/fai/goto-fai/debian/copyright b/contrib/fai/goto-fai/debian/copyright deleted file mode 100644 index e18fe190b..000000000 --- a/contrib/fai/goto-fai/debian/copyright +++ /dev/null @@ -1,8 +0,0 @@ -This package was debianized by cajus cajus@ots-2.gonicus.local on -Thu, 17 Mar 2005 09:05:17 +0100. - -It was downloaded from - -Copyright: - - diff --git a/contrib/fai/goto-fai/debian/dirs b/contrib/fai/goto-fai/debian/dirs deleted file mode 100644 index ca882bbb7..000000000 --- a/contrib/fai/goto-fai/debian/dirs +++ /dev/null @@ -1,2 +0,0 @@ -usr/bin -usr/sbin diff --git a/contrib/fai/goto-fai/debian/postrm b/contrib/fai/goto-fai/debian/postrm deleted file mode 100755 index 526aaad47..000000000 --- a/contrib/fai/goto-fai/debian/postrm +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh -e - -#DEBHELPER# - -if [ "remove" = "$1" ]; then - dpkg-divert --package goto-fai --remove --rename \ - --divert /usr/lib/fai/sbin/setup_harddisks.goto-fai \ - /usr/lib/fai/sbin/setup_harddisks -fi - -exit 0 diff --git a/contrib/fai/goto-fai/debian/preinst b/contrib/fai/goto-fai/debian/preinst deleted file mode 100755 index fa469b9ad..000000000 --- a/contrib/fai/goto-fai/debian/preinst +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh -e - -#DEBHELPER# -# -if [ ! -e /usr/lib/fai/sbin/setup_harddisks.goto-fai ]; then - dpkg-divert --package goto-fai --add --rename \ - --divert /usr/lib/fai/sbin/setup_harddisks.goto-fai \ - /usr/lib/fai/sbin/setup_harddisks -fi - -exit 0 diff --git a/contrib/fai/goto-fai/debian/rules b/contrib/fai/goto-fai/debian/rules deleted file mode 100755 index 6967ca5c7..000000000 --- a/contrib/fai/goto-fai/debian/rules +++ /dev/null @@ -1,50 +0,0 @@ -#!/usr/bin/make -f -# Made with the aid of debmake, by Christoph Lameter, -# based on the sample debian/rules file for GNU hello by Ian Jackson. - -package=goto - -build: - $(checkdir) - - $(MAKE) CFLAGS="-O2 -g -Wall" - touch build - -clean: - $(checkdir) - rm -f build - -$(MAKE) clean - rm -f `find . -name "*~"` - rm -rf debian/tmp debian/files* core debian/substvars - -binary-indep: checkroot build - $(checkdir) -# There are no architecture-independent files to be uploaded -# generated by this package. If there were any they would be -# made here. - -binary-arch: checkroot build - $(checkdir) - rm -rf debian/tmp - install -d debian/tmp - cd debian/tmp && install -d `cat ../dirs` - $(MAKE) install DESTDIR=`pwd`/debian/tmp -# Must have debmake installed for this to work. Otherwise please copy -# /usr/bin/debstd into the debian directory and change debstd to debian/debstd - debstd - dpkg-gencontrol -isp - chown -R root:root debian/tmp - chmod -R go=rX debian/tmp - dpkg --build debian/tmp .. - -define checkdir - test -f debian/rules -endef - -binary: binary-indep binary-arch - -checkroot: - $(checkdir) - test root = "`whoami`" - -.PHONY: binary binary-arch binary-indep clean checkroot diff --git a/contrib/fai/goto-fai/diversions/setup_harddisks b/contrib/fai/goto-fai/diversions/setup_harddisks deleted file mode 100755 index de1427c4e..000000000 --- a/contrib/fai/goto-fai/diversions/setup_harddisks +++ /dev/null @@ -1,954 +0,0 @@ -#!/usr/bin/perl - -# $Id: setup_harddisks,v 1.41 2005/04/08 10:08:54 lange Exp $ -#********************************************************************* -# -# setup_harddisks -- create partitions and filesystems on harddisk -# -# This script is part of FAI (Fully Automatic Installation) -# Copyright (c) 1999, 2000 by ScALE Workgroup, Universitaet zu Koeln -# Copyright (c) 2000-2005 by Thomas Lange, Uni Koeln -# -#********************************************************************* -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; see the file COPYING. If not, write to the -# Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, -# MA 02111-1307, USA. -#********************************************************************* -# -# This program first read the configfiles, partitions and formats the harddisks, -# produces fstab and FAI-variables-file. It uses sfdisk, mke2fs, mkswap -# -# Parameters: -# [-X] no test, your harddisks will be formated -# default: only test, no real formating -# [-f] default: parse classes -# [-c] default: $FAI/disk_config/ -# [-d] default: no DOS alignment -# -#--------------------------------------------------- -# Last changes: 31.3.2005 by Thomas Lange add sub mapdisk{} -# Last changes: 8.11.2004 by Thomas Lange add $devdisklist when calling sfdisk -# Last changes: 3.2.2004 by Thomas Lange typos -# Last changes: 14.07.2003 by Thomas Lange add xfs filesystem support -# Last changes: 23.01.2003 by Thomas Lange print info data to stdout -# Last changes: 03.12.2002 by Thomas Lange remove ida, cciss stuff. Just match everything -# Last changes: 27.11.2002 by Thomas Lange allow more that 3 primary partitions -# Last changes: 14.05.2002 by Thomas Lange use strict -# Last changes: 04.05.2002 by Thomas Lange use strict -# Last changes: 29.04.2002 by Thomas Lange add swaplist -# Last changes: 12.01.2002 by Thomas Lange -# /dev/ida/ patch 12.01.2002 by Marc Martinez -# Last changes: 9.11.2001 by Thomas Lange -# reiserfs patch 8.11.2001 by Diane Trout -# Last changes: 25.10.2001 by Thomas Lange -# Last changes: 09.07.2001 by Thomas Lange -# Last changes: 04.07.2001 by Thomas Lange -# Last changes: 06.05.2001 by Thomas Lange -# Last changes: 09.03.2001 by Thomas Lange -# Last changes: 05.12.2000 by Thomas Lange -# Last changes: 03.05.2000 by Thomas Lange -# Last changes: 03.04.2000 by Mattias Gaertner -#--------------------------------------------------- -# -# config-file format: -# lines beginning with # are comments -# -# "disk_config |first|end" -# The disk_config command starts the parsing. -# It has to be the first command. -# is the harddisk to format in short form like "hda" or "sdc". -# if first is used, the first of $ENV{disklist} is used -# "end" = end parsing here -# Example: "disk_config hdb" -# Example: "disk_config first" -# -# Defining one partition: -# "primary|logical mountpoint|swap|- |preserve [fstab-options][;extraordinary options]" -# "primary|logical": -# "primary": this are the bootable partitions like the -# root directory "/" or the DOS "C:" disk. -# "logical": this are all other partitions like a linux -# "/var" or a swap partition or a DOS disk. -# -# "mountpoint|swap|-": -# "mountpoint": -# This is the mount-point for fstab. -# For example "/","/var","/usr". There must not -# be a space in the mountpoint. -# "swap": -# swap-partitions -# "-": -# do not mount this partition. -# -# "|preserve": -# "": -# The size of the partition in megabyte -# Examples: -# "30" = 30 mb -# "10-100" = 10 to 100 mb -# "20-" = minimum of 20 mb -# "-500" = 1 to 500 mb -# The megabytes will be rounded up to cylinders. -# "preserve": -# This is the alternative for the size attribute. -# is the partition number. For example -# preserve3 for the third partition. If the -# was hda then this results in hda3. -# The partition will be left unchanged. This -# is useful if you have partitions that do not -# need re-installation or if you want to have -# other operation systems on the device together -# with Linux. Extended Partitions can not be preserved. -# The bootable flag will not be preserved. -# Preserved partitions are mounted readonly during -# installation. -# -# "fstab-options": -# These options are copied to the fstab-file. The -# default is "default" -# -# After the semicolon there could be extra options like: -# -i : Bytes per inodes -# (only ext2/3 filesystem) -# -m % : reserved blocks percentage for superuser -# (only ext2/3 filesystem) -# -j : format in ext3 -# -c : check for bad blocks -# format : Always format this partition even if preserve -# lazyformat : Do not format if partition has not moved -# (useful for testing the installation) -# boot : make this partition the boot-partition (the -# linux root filesystem is the default) -# ext2 : Extended 2 filesystem (this is the default) -# swap : swap partition -# dosfat16 : DOS 16bit FAT file system -# winfat32 : Win95 FAT32 file system -# writable : mounts a preserved partition writable -# xfs : xfs -# reiser : reiserfs -# -h : set reiserfs hash -# -v : set reiserfs version -# -use strict; -# getopts variables: -our ($opt_X, $opt_f, $opt_c, $opt_d); -my $test; - -$| = 1; # flush always - -#**************************************************** -# Variables -#**************************************************** - -my $Version = "version 0.35fai"; - -my $megabyte = 1024 * 1024; # guess -# $gigabyte = 1024 * $megabyte; -my $sectorsize = 512; - -# used programs -my $sfdisk_options = "-q $ENV{sfdisk}"; # be quiet -my $mke2fs_options = "-q"; # be quiet -my $mkreiserfs_options = ""; -my $mkxfs_options = "-f"; -my $mkswap_options = ""; - -# FAI input variables -my $ClassPath = "$ENV{FAI}/disk_config";# this directory contains the classes -my $ConfigFileName = ""; # alternative classfile, only for tests -my $DOS_Alignment = ""; # align partitions for tracks - -# FAI output variables -my $BootPartition = ""; # the boot partition like "hda1" -my $BOOT_DEVICE = ""; # the root device like "hda" or "sdb" -my $FAIOutputFile = $ENV{diskvar}; # write output variables to this file - -# old partition tables -my %DiskUnits = (); # unit size of each disk in sectors -my %DiskSize = (); # size of every disk in units -my %SectorsAlignment = (); # tracksize in sectors -my %PartOldBoot = (); # partition was bootable. "yes"=yes -my %PartOldStart = (); # old startunit of partition -my %PartOldEnd = (); # old endunit of partition -my %PartOldStartSec = (); # old startsector of partition -my %PartOldEndSec = (); # old endsector of partition -my %PartOldID = (); # old ID of partition -my %OldNotAligned = (); # "yes" if old partition boundaries are not DOS aligned - -# mountpoints ("/" or "swap" or "no" or "extended") -my $NofSwapPart = 0; # number of swap partitions -my $NofNotMoPart = 0; # number of not mountet partitions -my %DiskMountpoints = (); # mountpoints of every disk. separated by spaces -my %MountpointPart = (); # partition of every mountpoint. e.g. "hda2" -my %PartMountpoint = (); # mountpoint of every partition. -my @swaplist; # list of all swpa devices - -# size of partition/mountpoint -my %MPMinSize = (); # minimum size of mountpoint in units -my %MPMaxSize = (); # maximum size of mountpoint in units -my %MPPreserve = (); # preserve partition: "yes"=yes -my %MPPrimary = (); # primary partition: "yes"=yes -my %MPStart = (); # start of partition in units -my %MPSize = (); # size of partition in units -my %MPID = (); # id of partition - -# options -my %MPfstaboptions = (); # fstab options for every mountpoint -my %MPOptions = (); # extra options for every mountpoint - -# sfdisk partition tables -my %sfdiskTables = (); # partition tables for sfdisk - -my $verbose = 0; -$verbose = $ENV{verbose} if $ENV{verbose}; - -# Parse command line - -use Getopt::Std; -&getopts('Xf:c:d') || die " -USAGE: [-X] no test, your harddisks will be formated - default: only test, no real formating - [-f] default: parse classes - [-c] default: \$FAI/disk_config/ - [-d] default: no DOS alignment -"; - -print "setup_harddisks $Version\n"; -if (defined $opt_X){ - $test = 2; -} else { - print "TEST ONLY - no real formating\n\n"; - $test = 1; -} -$ConfigFileName = $opt_f if $opt_f;# alternative config file -$ClassPath = $opt_c if $opt_c;# search classes here -$DOS_Alignment = "yes" if $opt_d; # track alignment - -# main part -&GetAllDisks; -&ParseAllConfigFiles; -&BuildNewPartTables; -&PartitionPersfdisk; -&FormatDisks; -&WriteFSTab; -&WriteFAIVariables; -exit 0; -#**************************************************** - -#**************************************************** -# get a partition pathname -#**************************************************** -sub PartName { - my ($disk, $partno) = @_; - my $ppath; - for ($disk) { - /^[a-z]+$/ and $ppath = "${disk}${partno}"; - /\d$/ and $ppath = "${disk}p${partno}"; - } - return $ppath; -} - -#**************************************************** -# Read all partition tables of this machine -#**************************************************** -sub GetAllDisks{ - my $line=""; my $disk=""; my $device=""; my $rest; my $result; my $divi; - my $devdisklist=""; - - foreach my $device(split(/\s/,$ENV{disklist})){ - $devdisklist = "$devdisklist /dev/$device"; - } - print "Probing disks: $devdisklist\n"; - print "Disks found:"; - $result = `sh -c "LC_ALL=C sfdisk -g -q $devdisklist"`; - foreach my $line(split(/\n/,$result)){ - if($line =~ m'^/dev/(.+?):\s+(\d+)\s+cylinders,\s+(\d+)\s+heads,\s+(\d+)\s+sectors'i){ - $disk = $1; - $DiskUnits{$disk} = $3 * $4;# heads * sectors = cylinder size in sectors - $DiskSize{$disk} = $2; # cylinders - ($DOS_Alignment eq "yes") ? ($SectorsAlignment{$disk} = $4) : ($SectorsAlignment{$disk} = 1); - print " $disk"; - } - } - $result = `sh -c "LC_ALL=C sfdisk -d -q $devdisklist"`; - foreach my $line(split(/\n/,$result)){ -# if($line =~ m'# partition table of /dev/(cciss/c\dd\d|ida/c\dd\d|rd/c\dd\d|[a-z]+)'i){ -# now just match all devices - if($line =~ m'# partition table of /dev/(\S+)$'i){ - $disk = $1; - } - if($line =~ m#^/dev/(.+?)\s*:\s+start=\s*(\d+),\s+size=\s*(\d+),\s+Id=\s*([a-z0-9]+)\b(.*)$#i){ - $device = $1; - # Sectors - $PartOldStartSec{$device} = $2; - $PartOldEndSec{$device} = $2 + $3 - 1; - # DiskUnits - $PartOldStart{$device} = int ($2 / $DiskUnits{$disk}); - $PartOldEnd{$device} = int (($2 + $3 - 1) / $DiskUnits{$disk}); - $divi = $2 / $SectorsAlignment{$disk}; - ($divi != int ($divi)) && ($OldNotAligned{$device} = "yes"); - $divi = $3 / $SectorsAlignment{$disk}; - ($divi != int ($divi)) && ($OldNotAligned{$device} = "yes"); - $PartOldID{$device} = $4; - $rest = $5; - $PartOldBoot{$device} = ($rest =~ /bootable/) ? "yes" : ""; - } - } - print "\n\n"; -} - -#**************************************************** -# parse config file or all class files -#**************************************************** -sub ParseAllConfigFiles{ - my $ConfigFileExists = 0; # no config file parsed yet - if ($ConfigFileName){ - # Read config filename - &ParseConfigFile($ConfigFileName); - $ConfigFileExists = 1; - } else { - # Read classes - foreach my $classfile (reverse split(/\s+/,$ENV{"classes"})){ - my $filename = "$ClassPath/$classfile"; - if (($classfile) && (-r $filename)) { - &ParseConfigFile($filename); - $ConfigFileExists = 1; - } - ($ConfigFileExists) && last; - } - } - ($ConfigFileExists == 0) && die "ERROR: no config file for setup_harddisk found. Please check you classes and files in disk_config.\n"; -} - -#**************************************************** -# map "disk_config first" to real disk device -#**************************************************** -sub mapdisk { - - my ($disk) = @_; - my @dlist = split /\s+/,$ENV{disklist}; - - if ($disk eq "disk1") { - print "Mapping disk name disk1 to $dlist[0]\n"; - $disk = $dlist[0]; - } - if ($disk eq "disk2") { - print "Mapping disk name disk2 to $dlist[1]\n"; - $disk = $dlist[1]; - } - return $disk; -} - -#**************************************************** -# parse config-file -#**************************************************** -sub ParseConfigFile{ - my $size=""; my $mountpoint=""; my $device =""; - my $fstaboptions=""; my $options=""; my $disk=""; my $command = ""; - my $LogPartNo; my $PrimPartNo; my $NoMoreLogicals; - my $LastPresPart; my $extmp; my $Min; my $Max; - my $filename = shift; - open (FILE,"$filename") - || die "config file not found: $filename\n"; - (print "Using config file: $filename\n"); - $disk = ""; - my $a = 1, my $paras ="", my $number=0; - while (my $line = ){ - chomp($line); - $a++; - next if( $line =~ /^#|^\s*$/ ); - - # disk_config - command - if ($line =~ /^disk_config(.*)/i){ - $paras = $1; - if ($paras =~ / end/i){ - $disk = ""; - } else { -# if($paras =~ m# (/dev/)?(cciss/c\dd\d|ida/c\dd\d|rd/c\dd\d|[a-z]+)#i){ -# now match all devives - if($paras =~ m# (/dev/)?(\S+)#i){ - $disk = mapdisk($2); - ($DiskMountpoints{$disk}) - && die "ERROR: there are more than one configuration of disk $disk.\n"; - ($DiskSize{$disk}) || die "ERROR: could not read device /dev/$disk\n"; - ($test != 1) || (print "config: $disk\n"); - $DiskMountpoints{$disk} = ""; - $MPPrimary{"extended$disk"} = ""; - $LogPartNo = 4; - $PrimPartNo = 0; - $NoMoreLogicals = 0; - $LastPresPart = ""; - $extmp = "extended$disk"; - } else { - die "SYNTAX ERROR: in config file line $a, unknown disk_config parameter $paras\n$line\n"; - } - } - } - - if ($disk){ - # primary|partition - command - if($line =~ /^\s*(primary|logical)\s+(.*)$/i){ - $command = $1; - # split variables - $paras = $2; - $options = ""; - if($paras =~ /(.*?)\s*;\s*(.*)$/){ - $paras = $1; - $options = $2; - } - $size=""; - $mountpoint =""; - $fstaboptions = ""; - ($mountpoint,$size,$fstaboptions)=split(/\s+/,$paras); - # mountpoint - ($mountpoint =~ m#^/.*|^swap$|^-$#i) - || die "SYNTAX ERROR in config file line $a, mountpoint: $mountpoint\n$line\n"; - ($MountpointPart{$mountpoint}) - && die "SYNTAX ERROR in config file line $a. Mountpoint $mountpoint redefined.\n$line\n"; - if($mountpoint eq "/"){ - ($BootPartition) || ($BOOT_DEVICE = $disk); - } - if($mountpoint eq "-"){ - $NofNotMoPart++; - $mountpoint = "no$NofNotMoPart"; - } - if($mountpoint eq "swap"){ - $NofSwapPart++; - $mountpoint = "swap$NofSwapPart"; - ($options !~ /\bswap\b/i) && ($options .= " swap"); - ($fstaboptions) || ($fstaboptions = "sw"); - } - if($mountpoint =~ m#^/#){ - ($fstaboptions) || ($fstaboptions = "defaults"); - } - if ($command eq "primary") { - ($MPPrimary{$extmp} eq "yes") && ($NoMoreLogicals = 1); - $MPPrimary{$mountpoint} = "yes"; - $PrimPartNo++; -# ($PrimPartNo == 3) && ($disk =~ /^sd/) && ($PrimPartNo++); - ($PrimPartNo >4 ) && die "ERROR: Too much primary partitions (max 4).". - " All logicals together need one primary too.\n"; - $MountpointPart{$mountpoint} = PartName($disk,$PrimPartNo); - if($options =~ /\bboot\b/i){ - ($BootPartition) && die "ERROR: only one partition can be bootable at a time."; - $BootPartition = $MountpointPart{$mountpoint}; - $BOOT_DEVICE = $disk; - } - } else { - ($NoMoreLogicals != 0) && die "ERROR: the logical partitions must be together.\n"; - $MPPrimary{$mountpoint} = ""; - $LogPartNo++; - $MountpointPart{$mountpoint} = PartName($disk,$LogPartNo); - if (!$MPPrimary{$extmp}){ - $MPPreserve{$extmp} = ""; - $MPPrimary{$extmp} = "yes"; - $MPMinSize{$extmp} = 0; - $MPMaxSize{$extmp} = 0; - $MPID{$extmp} = 5; - $PrimPartNo++; - ($PrimPartNo == 3) && ($disk =~ /^sd/) && ($PrimPartNo++); - ($PrimPartNo >4 ) - && die "ERROR: too much primary partitions (max 4).". - " All logicals together need one primary too.\n"; - $MountpointPart{$extmp} = PartName($disk,$PrimPartNo); - $DiskMountpoints{$disk} .= " $extmp"; - } -# ($options =~ /\bboot\b/i) && die "ERROR: line $a, only primary partitions can be bootable.\n"; - } - $DiskMountpoints{$disk} .= " $mountpoint"; - # size - ($size =~ /^preserve\d+$|^\d+\-?\d*$|^-\d+$/i) - || die "SYNTAX ERROR in config file line $a, size: $size\n$line\n"; - if($size =~ /^preserve(\d+)$/i){ - my $number = $1; - $device = PartName($disk,$number); - ($OldNotAligned{$device} eq "yes") - && die "ERROR: unable to preserve partition /dev/$device. Partition is not DOS aligned."; - ($command eq "primary") && ($number != $PrimPartNo) - && die "NUMERATION ERROR in line $a, the number of the partition can not be preserved:\n$line\n"; - ($command eq "logical") && ($number != $LogPartNo) - && die "NUMERATION ERROR in line $a, the number of the partition can not be preserved:\n$line\n"; - if ($PartOldEnd{$device}){ - (($PartOldID{$device} == 5) || ($PartOldID{$device} == 85)) && - die "ERROR in config file line $a.". - " Extended partitions can not be preserved. /dev/$device\n$line\n"; - $MPPreserve{$mountpoint}="yes"; - $MPMinSize{$mountpoint} = $PartOldEnd{$device}-$PartOldStart{$device}+1; - $MPMaxSize{$mountpoint} = $MPMinSize{$mountpoint}; # Max=Min - $MPStart{$mountpoint} = $PartOldStart{$device}; - $MPSize{$mountpoint} = $MPMinSize{$mountpoint}; - $MPID{$mountpoint} = $PartOldID{$device}; - } else { - die "ERROR: cannot preserve partition $device. partition not found.$PartOldEnd{$device}\n"; - } - if ($LastPresPart) { - ($PartOldStart{$device} < $PartOldStart{$LastPresPart}) && - die "ERROR: misordered partitions: cannot preserve partitions $LastPresPart and $device\n". - " in this order because of their positions on disk."; - } - $LastPresPart = $device; - ($MPMinSize{$mountpoint} < 1) - && die "ERROR: unable to preserve partitions of size 0.\n$line\n "; - } else { - # If not preserve we must know the filesystemtype - ($options !~ /\b(ext2|ext3|auto|swap|dosfat16|winfat32|reiser|xfs)\b/i ) && ($options .= " auto"); - } - if($size =~ /^(\d*)(\-?)(\d*)$/){ - $Min = $1; - $Min||= 1; - $Max = $3; - $MPMinSize{$mountpoint} = int (($Min * $megabyte - 1) / ($DiskUnits{$disk} * $sectorsize)) + 1; - if ($2 eq "-"){ - if($Max =~ /\d+/){ - $MPMaxSize{$mountpoint} = int (($Max * $megabyte - 1) / ($DiskUnits{$disk} * $sectorsize)) + 1; - } else { - $MPMaxSize{$mountpoint} = $DiskSize{$disk}; - } - } else { - $MPMaxSize{$mountpoint} = $MPMinSize{$mountpoint}; # Max=Min - } - ($MPMinSize{$mountpoint} > $DiskSize{$disk}) - && die "ERROR in config file line $a: Minsize larger than disk.\n$line\n"; - ($MPMinSize{$mountpoint} > $MPMaxSize{$mountpoint}) - && die "SYNTAX ERROR in config file line $a, MIN-MAX-size: $MPMinSize{$mountpoint}-$MPMaxSize{$mountpoint}\n$line\n"; - ($MPMinSize{$mountpoint} < 1) - && die "SYNTAX ERROR in config file line $a. Minsize must be greater than 1.\n$line\n"; - $MPPreserve{$mountpoint} = ""; - } - # fstaboptions - $MPfstaboptions{$mountpoint} = $fstaboptions; - # extra options - ($options =~ /\b(ext[23]|auto)\b/i) && ($MPID{$mountpoint} = 83); # Linux native - ($options =~ /\bswap\b/i) && ($MPID{$mountpoint} = 82); # Linux swap - ($options =~ /\bdosfat16\b/i) && ($MPID{$mountpoint} = 6); # DOS FAT 16bit (>=32MB, will be changed later) - ($options =~ /\bwinfat32\b/i) && ($MPID{$mountpoint} = "b"); # Win 95 FAT 32 - $MPOptions{$mountpoint} = $options; - if($test == 1){ - print "$mountpoint,$MPMinSize{$mountpoint}-$MPMaxSize{$mountpoint},"; - print "$fstaboptions,$options"; - ($MPPreserve{$mountpoint} eq "yes") && (print " Preserve: $MountpointPart{$mountpoint}"); - print "\n"; - } - } - } - } - close(FILE); -} - -#**************************************************** -# Build all partition tables -#**************************************************** -sub BuildNewPartTables{ - my ($disk, $mountpoint, $part, $PrimaryMP, $LogicalMP); - ($test != 1) || (print "\nBuilding partition tables:\n"); - # Build PartMountpoint array - foreach $disk(keys %DiskMountpoints) { - $DiskMountpoints{$disk} =~ s/\s(\s)/$1/g; - $DiskMountpoints{$disk} =~ s/^\s//; - $DiskMountpoints{$disk} =~ s/\s$//; - foreach $mountpoint(split(/\s/,$DiskMountpoints{$disk})) { - $PartMountpoint{$MountpointPart{$mountpoint}} = $mountpoint; - } - } - foreach $disk(keys %DiskMountpoints) { - &SetPartitionPositions($disk); - # change units to sectors - foreach $mountpoint(split(/\s/,$DiskMountpoints{$disk})) { - if($MPPreserve{$mountpoint} eq "yes"){ - $MPStart{$mountpoint} = $PartOldStartSec{$MountpointPart{$mountpoint}}; - $MPSize{$mountpoint} = $PartOldEndSec{$MountpointPart{$mountpoint}} - $MPStart{$mountpoint} + 1; - } else { - $MPStart{$mountpoint} *= $DiskUnits{$disk}; - $MPSize{$mountpoint} *= $DiskUnits{$disk}; - # align first partition for mbr - if($MPStart{$mountpoint} == 0){ - $MPStart{$mountpoint} += $SectorsAlignment{$disk}; - $MPSize{$mountpoint} -= $SectorsAlignment{$disk}; - } - } - } - # align all logical partitions - foreach $mountpoint(split(/\s/,$DiskMountpoints{$disk})) { - next if ($MPPrimary{$mountpoint} eq "yes"); - if ($MountpointPart{$mountpoint} eq "${disk}5") { - # partition with number 5 is first logical partition and start of extended partition - $MPStart{"extended$disk"} = $MPStart{$mountpoint}; - ($MPPreserve{$mountpoint} eq "yes") && ($MPStart{"extended$disk"} -= $SectorsAlignment{$disk}); - } - if ($MPPreserve{$mountpoint} ne "yes") { - $MPStart{$mountpoint} += $SectorsAlignment{$disk}; - $MPSize{$mountpoint} -= $SectorsAlignment{$disk}; - } - } - &CalculateExtPartSize($disk); - # sort mountpoints of partition number - $PrimaryMP = ""; - $LogicalMP = ""; - foreach $mountpoint(split(/\s/,$DiskMountpoints{$disk})) { - ($MPPrimary{$mountpoint} eq "yes") ? ($PrimaryMP .= " $mountpoint") : ($LogicalMP .= " $mountpoint"); - } - $DiskMountpoints{$disk} = "$PrimaryMP$LogicalMP"; - $DiskMountpoints{$disk} =~ s/^\s//; - # print partition table - ($test != 1) || (PrintPartitionTable($disk)); - } - if (!$BootPartition){ - $BootPartition = $MountpointPart{"/"}; - } -} - -#**************************************************** -# set position for every partition -#**************************************************** -sub SetPartitionPositions{ - my $disk = shift; - my $mountpoint; my $DynGroup =""; my $StartPos; my $EndPos; - # Build groups of unpreserved partitions between - # preserved partitions - $StartPos = 0; - foreach $mountpoint(split(/\s/,$DiskMountpoints{$disk})) { - if ($MPPreserve{$mountpoint} eq "yes") { - $EndPos = $PartOldStart{$MountpointPart{$mountpoint}} - 1; - &SetGroupPos($DynGroup,$StartPos,$EndPos); - $DynGroup = ""; - $StartPos = $PartOldEnd{$MountpointPart{$mountpoint}} + 1; - } else { - $DynGroup .= " $mountpoint"; - } - } - $EndPos = $DiskSize{$disk} - 1; - &SetGroupPos($DynGroup,$StartPos,$EndPos); - foreach $mountpoint(split(/\s/,$DiskMountpoints{$disk})) { - ($MPOptions{$mountpoint} =~ /\bdosfat16\b/i) - && (($MPSize{$mountpoint} * $DiskUnits{$disk} * $sectorsize) < 32 * $megabyte) - && ($MPID{$mountpoint} = 4); # DOS 16-bit FAT <32MB - } -} - -#**************************************************** -# set position for a group of unpreserved partitions -# between start and end -#**************************************************** -sub SetGroupPos{ - my ($PartGroup,$Start,$End) = @_; - $PartGroup =~ s/^ //; - ($PartGroup) || return; - my $totalsize = $End - $Start + 1; - ($totalsize <= 0) && return; - my $mountpoint; my $mintotal = 0; my $maxmintotal = 0; my $rest = 0; my $EndUnit = 0; - # compute total of MinSizes and difference to MaxSizes - foreach $mountpoint (split(/\s/,$PartGroup)) { - $mintotal += $MPMinSize{$mountpoint}; - $maxmintotal += ($MPMaxSize{$mountpoint} - $MPMinSize{$mountpoint}); - $MPSize{$mountpoint} = $MPMinSize{$mountpoint}; - } - # Test if partitions fit - ($mintotal > $totalsize) - && die "ERROR: Mountpoints $PartGroup do not fit.\n"; - # Maximize partitions - $rest = $totalsize - $mintotal; - ($rest > $maxmintotal) && ($rest = $maxmintotal); - if ($rest > 0) { - foreach $mountpoint (split(/\s/,$PartGroup)) { - $MPSize{$mountpoint} += int ((($MPMaxSize{$mountpoint} - $MPMinSize{$mountpoint}) * $rest) / $maxmintotal); - } - } - # compute rest - $rest = $totalsize; - foreach $mountpoint (split(/\s/,$PartGroup)) { - $rest -= $MPSize{$mountpoint}; - } - # Minimize rest - foreach $mountpoint (split(/\s/,$PartGroup)) { - if (($rest >0) && ($MPSize{$mountpoint} < $MPMaxSize{$mountpoint})){ - $MPSize{$mountpoint}++; - $rest--; - } - } - # Set start for every partition - foreach $mountpoint (split(/\s/,$PartGroup)) { - $MPStart{$mountpoint} = $Start; - $Start += $MPSize{$mountpoint}; - $EndUnit = $MPStart{$mountpoint} + $MPSize{$mountpoint} - 1; - } -} - -#**************************************************** -# calculate extended partition size -#**************************************************** -sub CalculateExtPartSize{ - my ($disk) = @_; - my $extmp = "extended$disk"; - my $mountpoint; my $ExtEnd; my $NewEnd; - ($MPPrimary{$extmp}) || return; - $ExtEnd = $MPStart{$extmp}; - foreach $mountpoint(split(/\s/,$DiskMountpoints{$disk})) { - next if ($MPPrimary{$mountpoint} eq "yes"); - $NewEnd = $MPStart{$mountpoint} + $MPSize{$mountpoint} - 1; - ($NewEnd > $ExtEnd) && ($ExtEnd = $NewEnd); - } - $MPSize{$extmp} = ($ExtEnd - $MPStart{$extmp} + 1); -} - -#**************************************************** -# Print partition "number - mountpoint" table -#**************************************************** -sub PrintPartitionTable{ - my ($disk) = @_; - my $part; my $mountpoint; my $mountpointname; my $end; - foreach $part (sort %MountpointPart) { - next if($part !~ /^$disk/); - $mountpoint = $PartMountpoint{$part}; - if ($mountpoint =~ /^no(.*)/){ - $mountpointname = "no mountpoint ($1)"; - } else { - $mountpointname = $mountpoint; - } - $end = $MPStart{$mountpoint} + $MPSize{$mountpoint} - 1; - print <<"EOM"; -/dev/$part $mountpointname start=$MPStart{$mountpoint} size=$MPSize{$mountpoint} end=$end id=$MPID{$mountpoint} -EOM - } -} - -#**************************************************** -# build all partition tables for sfdisk -#**************************************************** -sub PartitionPersfdisk{ - my ($disk, $mountpoint, $line, $part, $PrimaryNo); - my ($command, $result, $filename, $number); - print "Creating partition table: "; - foreach $disk(keys %DiskMountpoints) { - $sfdiskTables{$disk} = "# partition table of device: /dev/$disk\nunit: sectors\n\n"; - $PrimaryNo = 1; - foreach $mountpoint(split(/\s/,$DiskMountpoints{$disk})) { - $part = $MountpointPart{$mountpoint}; - $part =~ /(\d+)$/; - ($1 < 5) && ($PrimaryNo++); - if ( ($1 == 5) && ($PrimaryNo < 5) ){ - for my $number($PrimaryNo..4) { - $sfdiskTables{$disk} .= BuildsfdiskDumpLine(PartName($disk,$number),0,0,0)."\n"; - } - } - $line = BuildsfdiskDumpLine($MountpointPart{$mountpoint},$MPStart{$mountpoint},$MPSize{$mountpoint},$MPID{$mountpoint}); - ($part eq $BootPartition) && ($line .= ", bootable"); - $sfdiskTables{$disk} .= "$line\n"; - } -# print $sfdiskTables{$disk}; - $filename = "$ENV{LOGDIR}/partition." . (($disk=~ m#/#) ? join('_', split('/', $disk)) : $disk); - if(($test != 1) && ($filename)){ - open(FILE, ">$filename") || die "unable to write temporary file $filename\n"; - print FILE $sfdiskTables{$disk}; - close(FILE); - } - $command = "LC_ALL=C sfdisk $sfdisk_options /dev/$disk < $filename"; - if($test != 1){ - print "$command\n"; - $result = `sh -c "$command"`; - (($? >> 8) == 0) || (die "\nSFDISK ERROR:\n $result\n"); - } - } -} - -#**************************************************** -# build a sfdisk dump line -#**************************************************** -sub BuildsfdiskDumpLine{ - - sprintf "/dev/%-5s: start=%10s, size=%10s, Id=%3s",@_; -} - -#**************************************************** -# Format all disks -#**************************************************** -sub FormatDisks{ - my ($disk, $device, $mountpoint, $mountpointname, $command, $result); - print "Creating file systems:\n"; - foreach $disk(keys %DiskMountpoints) { - foreach $mountpoint (split(/\s/,$DiskMountpoints{$disk})) { - $device = $MountpointPart{$mountpoint}; - if ($mountpoint =~ /^no/){ - $mountpointname = "no mountpoint"; - } else { - $mountpointname = $mountpoint; - } - # preserved partition - if ( ($MPPreserve{$mountpoint} eq "yes") && ($MPOptions{$mountpoint} !~ /\bformat\b/i)){ - print "Preserve partition $device"; - if ($mountpoint =~ /^no$1/){ - print " with no mountpoint\n"; - } else { - print " with mountpoint $mountpoint\n"; - } - next; - } - # lazy format - if ( ( $MPOptions{$mountpoint} =~ /\blazyformat\b/i ) - && ($MPStart{$mountpoint} == $PartOldStartSec{$device}) - && (($MPStart{$mountpoint} + $MPSize{$mountpoint} - 1) == $PartOldEndSec{$device}) ){ - print "Lazy format: $device"; - if ($mountpoint =~ /^no$1/){ - print " with no mountpoint"; - } else { - print " with mountpoint $mountpoint"; - } - print " was neither moved nor formated.\n"; - next; - } - # swap - if ($mountpoint =~ /^swap/i) { -# print "Make swap partition:\n"; - $command = "mkswap $mkswap_options"; - ($MPOptions{$mountpoint} =~ /(\-c)\b/i) && ($command .= " $1"); - push @swaplist, "/dev/$device"; - $command .= " /dev/$device"; - print " $command\n"; - if($test != 1){ - $result = `$command`; - (($? >> 8) == 0) || (die "\nMKSWAP ERROR:\n $result\n"); - } - next; - } - # Linux Reiser file system - if ($MPOptions{$mountpoint} =~ /\breiser\b/i) { -# print "Make Reiser Filesystem:\n"; - $command = "echo y | mkreiserfs $mkreiserfs_options"; - ($MPOptions{$mountpoint} =~ /(\-h\s*\w+)\b/) && ($command .= " $1"); - ($MPOptions{$mountpoint} =~ /(\-v\s*\d+)\b/) && ($command .= " $1"); - $command .= " /dev/$device"; - print " $command\n"; - if ($test != 1){ - $result = `$command`; - (($? >> 8) == 0) || die "\nMKREISERFS ERROR:\n $result\n"; - } - next; - } - # Linux XFS file system - if ($MPOptions{$mountpoint} =~ /\bxfs\b/i) { -# print "Make XFS Filesystem:\n"; - $command = "mkfs.xfs $mkxfs_options"; - $command .= " /dev/$device"; - print " $command\n"; - if ($test != 1){ - $result = `$command`; - (($? >> 8) == 0) || die "\nMKFS.XFS ERROR:\n $result\n"; - } - next; - } - # Linux Extended 2 file system - if ($MPOptions{$mountpoint} =~ /\b(ext[23]|auto)\b/i) { -# print "Make Extended 2/3 Filesystem:\n"; - $command = "mke2fs $mke2fs_options"; - ($MPOptions{$mountpoint} =~ /(\-c)\b/i) && ($command .= " $1"); - ($MPOptions{$mountpoint} =~ /(\-i\s*\d+)\b/) && ($command .= " $1"); - ($MPOptions{$mountpoint} =~ /(\-m\s*\d+)\b/) && ($command .= " $1"); - ($MPOptions{$mountpoint} =~ /(\-j)\b/) && ($command .= " $1"); - $command .= " /dev/$device"; - print " $command\n"; - if ($test != 1){ - $result = `$command`; - (($? >> 8) == 0) || die "\nMKE2FS ERROR:\n $result\n"; - } - next; - } - # DOS 16bit FAT / Win95 FAT 32 - if ($MPOptions{$mountpoint} =~ /\b(dosfat16|winfat32)\b/i) { - print "Clear first sector for DOS/Windows\n"; - $command = "dd if=/dev/zero of=/dev/$MountpointPart{$mountpoint} bs=512 count=1"; - print " $command\n"; - if ($test != 1){ - $result = `$command`; - (($? >> 8) == 0) || die "\nDD ERROR:\n $result\n"; - } - next; - } - } - } -} - -#**************************************************** -# Build fstab and write it to /etc/fstab -#**************************************************** -sub WriteFSTab{ - my ($FileSystemTab, $device, $type, $filename); - $FileSystemTab = << "EOM"; -# /etc/fstab: static file system information. -# -# -EOM - # 1. / - $type = "ext2"; - ($MPOptions{'/'} =~ /\b(reiser)\b/i) && ($type = "reiserfs"); - ($MPOptions{'/'} =~ /\b(xfs)\b/i) && ($type = "xfs"); - ($MPOptions{'/'} =~ /\b(ext3)\b/i) && ($type = "ext3"); - ($MPOptions{'/'} =~ /\b(ext2)\b/i) && ($type = "ext2"); - $FileSystemTab .= BuildfstabLine("/dev/$MountpointPart{'/'}","/",$type,$MPfstaboptions{'/'},0,1); - # 2. swap partitions - foreach my $mountpoint (%PartMountpoint){ - next if( $mountpoint !~ /^swap/i); - $FileSystemTab .= BuildfstabLine("/dev/$MountpointPart{$mountpoint}", - "none","swap",$MPfstaboptions{$mountpoint},0,0); - } - # 3. /proc - $FileSystemTab .= BuildfstabLine("none","/proc","proc","defaults",0,0); - # 4. sorted others - foreach my $mountpoint (sort %PartMountpoint){ - next if ( ($mountpoint !~ m#^/#) || ($mountpoint eq "/")); - $device = $MountpointPart{$mountpoint}; - $type = "ext2"; - ($MPOptions{$mountpoint} =~ /\b(dosfat16|winfat32)\b/i) && ($type = "vfat"); - ($MPOptions{$mountpoint} =~ /\b(reiser)\b/i) && ($type = "reiserfs"); - ($MPOptions{$mountpoint} =~ /\b(xfs)\b/i) && ($type = "xfs"); - ($MPOptions{$mountpoint} =~ /\b(ext3)\b/i) && ($type = "ext3"); - ($MPOptions{$mountpoint} =~ /\b(ext2)\b/i) && ($type = "ext2"); - $FileSystemTab .= BuildfstabLine("/dev/$device",$mountpoint,$type,$MPfstaboptions{$mountpoint},0,2); - } - # write it - $filename = "$ENV{LOGDIR}/fstab"; -# print $FileSystemTab; - print "Write fstab to $filename\n" if $verbose; - if($test != 1){ - open(FILE, ">$filename") || die "unable to write fstab $filename\n"; - print FILE $FileSystemTab; - close(FILE); - } -} - -#**************************************************** -# Build fstab line -#**************************************************** -sub BuildfstabLine{ - - sprintf "%-10s %-15s %-6s %-8s %-4s %-4s\n",@_; -} - -#**************************************************** -# Write all FAI variables of this program to file -#**************************************************** -sub WriteFAIVariables{ - - my $swaps; - - print "Write FAI variables to file $FAIOutputFile\n" if $verbose; - return if ($test == 1); - $swaps = join ' ',@swaplist; - open(FILE, ">$FAIOutputFile") || die "Unable to write file $FAIOutputFile\n"; - print FILE << "EOM"; -BOOT_DEVICE=/dev/$BOOT_DEVICE -ROOT_PARTITION=/dev/$MountpointPart{'/'} -BOOT_PARTITION=/dev/$BootPartition -SWAPLIST="$swaps" -EOM - close(FILE); -} diff --git a/contrib/fai/goto-fai/faimond b/contrib/fai/goto-fai/faimond deleted file mode 100755 index 3ebdd5d12..000000000 --- a/contrib/fai/goto-fai/faimond +++ /dev/null @@ -1,93 +0,0 @@ -#!/usr/bin/perl - -# $Id: faimond,v 1.2 2004/06/27 11:18:55 lange Exp $ -#********************************************************************* -# -# faimond -- monitor daemon which collects client status info -# -# This script is part of FAI (Fully Automatic Installation) -# (c) 2003-2004 by Thomas Lange, lange@informatik.uni-koeln.de -# Universitaet zu Koeln -# -#********************************************************************* - -#use strict; -use Socket; - -$| = 1; -my $port = 4711; - -@tasklist = qw/confdir defclass defvar partition mountdisks extrbase updatebase instsoft configure finish/; - -%tasks = ( -confdir => [' ', "Beziehe System-Einstellungen"], -defclass => [' ',"Definieren von Klassen"], -defvar => [' ',"Definieren von Variablen"], -partition => [' ',"Paritionieren der Festplatten"], -mountdisks => [' ',"Einbinden der Dateisysteme"], -extrbase => [' ',"Installieren des Basis-Systems"], -updatebase => [' ',"Aktualisieren des Basis-Systems"], -instsoft => [' ',"Installieren der Software"], -configure => [' ',"Abschließende Konfiguration"], -finish => [' ',"Abschließen der Installation"] -); - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -sub server_init() { - - my $proto = getprotobyname('tcp'); - socket(SERVER, PF_INET, SOCK_STREAM, $proto) or die "socket: $!"; - setsockopt(SERVER, SOL_SOCKET, SO_REUSEADDR, 1) or die "setsock: $!"; - - my $paddr = sockaddr_in($port, INADDR_ANY); - - bind(SERVER, $paddr) or die "bind: $!"; - listen(SERVER, SOMAXCONN) or die "listen: $!"; -# print "FAI monitoring daemon started on port $port\n"; -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -sub big_loop() { - - # accept a connection, print message received and close - my ($client_addr,$inp); - while ($client_addr = accept(CLIENT, SERVER)) { - $inp = ; - close CLIENT; - ($host,$begend,$task,$ecode) = split /\s+/,$inp; - chomp $ecode; - $strecode = sprintf "%-3s",$ecode; - $sym = ($begend =~ /TASKEND/) ? " \\Z2OK\\Zn" : " ->"; - $tasks{$task}[0] = $ecode ? " \\Z1E$strecode\\Zn" : $sym; - showtab(); - - # Stop if we've reached faiend - if ( $task =~ /faiend/ ){ - system("dialog --timeout 60 --msgbox '\nDie Installation wurde abgeschlossen. Drücken Sie die Eingabetaste um das System neu zu starten.' 8 60"); - break; - } - } -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -sub showtab() { - -# nach taskbeg soll es blinken, bei taskend, X oder error code - - my $pre = '--colors --title " Aktueller Installationsverlauf "'; - my $s2 = " --infobox \"\n"; - # show tabular %tasks - - $str = "$pre $s2"; - foreach (@tasklist) { - $x = sprintf "%5s $tasks{$_}[1]\n", $tasks{$_}[0]; - $str .= $x; - } - - $str .= "\" 14 50\n"; -# print $str; - system("dialog $str"); - -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -server_init; -big_loop; diff --git a/contrib/fai/goto-fai/get_fai_dir b/contrib/fai/goto-fai/get_fai_dir deleted file mode 100755 index 5f246973c..000000000 --- a/contrib/fai/goto-fai/get_fai_dir +++ /dev/null @@ -1,128 +0,0 @@ -#!/bin/sh -# FAI script for preparing LDAP objects. It calls ldap2fai to generate -# the config space after everything is done. -# -# (C) 2005 Cajus Pollmeier -echo 0 > /proc/sys/kernel/printk -trap '' INT -PATH=/bin:/sbin:/usr/bin:/usr/sbin:$PATH -LANG=C - -. /usr/lib/goto/goto-support.lib - -#dialog() { -# echo $* -#} - -abort() { - setterm -cursor off - while true; do sleep 60; done -} - -# Try to figure out which interface is configured, in doubt -# choose the first one. -interfaces=$(ifconfig | awk '/^[a-z0-9]/ {print $1}' | grep -v "lo") -for int in $interfaces; do - ip=$(v=`ifconfig $int | awk '/inet addr/ {print $2}'`; echo ${v##*:}) - mac=$(ifconfig $int | awk '/HWaddr/ {print $5}') - [ -n "$ip" ] && break -done - -# Cancel if there's no IP available -if [ -z "$ip" ]; then - dialog --title 'Fehler' --no-shadow --infobox 'Fehler: Das System konnte keine Netzwerk-Adresse ermitteln.\n\nDie Installation kann ohne diese Adresse nicht fortgesetzt werden.' 5 60 - abort -fi - -# Check if DNS setup is correct and set the hostname -hostname=$(get_hostname_from_ip $ip) -if [ "$hostname" == "unknown" ]; then - dialog --title 'Fehler' --no-shadow --infobox 'Fehler: Das System konnte keinen Rechner-Namen ermitteln.\n\nDie Installation kann ohne diese Information nicht fortgesetzt werden.' 5 60 - abort -fi - -echo "* setting hostname: $hostname" -hostname "$hostname" -mount -t tmpfs tmpfs /etc/ldap - - -# Look for interesting parameters on kernel commandline -ldap=""; splash="" -for v in $(cat /proc/cmdline); do - case $v in - ldap=*) - echo -n "* found LDAP information, adapting configuration: " - ldap=$(echo ${v##ldap=}|base64-decode) - - # ldap://hostname:389/basedn - LDAP_HOST=$(echo $ldap|sed 's!^[^:][^:]*://\([^:/][^:/]*\).*$!\1!g') - LDAP_PORT=$(echo $ldap|sed 's!^[^:]*://[^:][^:]*:\([0-9]*\)/.*$!\1!g') - echo -n $ldap_port | grep -q '^[0-9]*$' || LDAP_PORT=389 - LDAP_BASE=$(echo $ldap|sed 's!^[^:][^:]*://[^/][^/]*/\(.*\)$!\1!g') - echo -e "BASE $LDAP_BASE\nURI ldap://$LDAP_HOST:$LDAP_PORT\n" > /etc/ldap/ldap.conf - echo "ok" - ;; - splash=*) - echo -n "* setting splash mode: " - splash=$(echo ${v##splash=}) - [ $splash == "silent" ] && echo "silent" || echo "normal" - ;; - esac -done - -[ -z "$ldap" ] && exit 0 - -# Check if autosetup is needed at this point -echo -n "* configurator: " -if ! terminal_has_hardware_profile $mac; then - setterm -cursor off - echo "not configured yet - please wait, detecting hardware" - - # Switch from bootsplash to normal screen, show dialog - [ -f /proc/splash ] && echo "verbose" > /proc/splash - - setterm -blank 60 - chvt 1 - dialog --infobox 'Bitte warten, die installierte Hardware wird untersucht...' 3 64 - - # Get common config - hwsetup - terminal_alsa_setup - terminal_autofs_setup - - # Save hardware profile - terminal_save_hardware_profile $mac -fi - -if ! terminal_activated $mac; then - # wait till we get activated - setterm -blank 60 - chvt 1 - dialog --infobox 'Warte auf Aktivierung durch den Systemadministrator.' 3 60 - - while ! terminal_activated $mac; do - sleep 2 - done - - # GOsa writes the GOto entry in three steps. To continue, we check - # if XDRIVER is present. - dialog --infobox 'System wurde aktiviert. Eintr�e werden nun bernommen.' 3 60 - while ! terminal_load_hardware_profile $mac &> /dev/null; do - cat /etc/sysconfig/GOto | grep -v 'XDRIVER="unknown"' | grep -q 'XDRIVER' - sleep 2 - done - - # Enable splash if it was enabled before - [ -f /proc/splash ] && echo "silent" > /proc/splash - - echo -n "* configurator (pass2): " - setterm -cursor on -fi - -# Mount configuration space -[ ! -d /tmp/goto-fai ] && mkdir /tmp/goto-fai -mount -obind /tmp/goto-fai /fai -ldap2fai $mac - -chvt 3 -exit 0 diff --git a/contrib/fai/goto-fai/goto-support.lib b/contrib/fai/goto-fai/goto-support.lib deleted file mode 100644 index c6bdbba8e..000000000 --- a/contrib/fai/goto-fai/goto-support.lib +++ /dev/null @@ -1,510 +0,0 @@ -#!/bin/sh -############################################################################### -# GOsa agent library # -############################################################################### - -SSH='ssh -o "StrictHostKeyChecking=no" -o "UserKnownHostsFile /dev/null" -o "BatchMode yes" ' - -get_hostname_from_ip() { - v=$(host -i $1); w=${v##*[ ]} - echo ${w%%.*} | grep -q 'NX' - if [ $? -eq 0 ]; then - echo "unknown" - else - echo "$v" | grep -q ';;' - if [ $? -eq 0 ]; then - if [ -n "$HOSTNAME" ]; then - echo "$HOSTNAME" - else - echo "unknown" - fi - else - echo ${w%%.*} - fi - fi -} - -get_hostname_from_display() -{ - if [ -n "$DISPLAY" ]; then - - HOST=${DISPLAY%%:*} - NUMBER=${DISPLAY##*:} - - # IP addresses are not supported here - echo $HOST | grep -q '^[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*$' - if [ $? -ne 0 ]; then - echo ${DISPLAY%%.*} - else - get_hostname_from_ip $HOST - fi - - else - echo "unknown" - fi -} - - -kill_user_processes() { - # don't let root do this - if [ "$USER" == "root" -o $UID -eq 0 ]; then - return - fi - - # Preset, or load from file - candidates="kdeinit\: soffice.bin mozilla-bin" - [ -r /etc/goto/kill-process.conf ] && candidates=$(cat /etc/goto/kill-process.conf) - - # kill old existing user processes - for process in $candidates; do - ps -fu $USER | grep "$process" | grep -v 'kprogress' | awk ' FS=" " { system("kill "$2) } ' - done - - # kill old existing user processes that didn't left us with SIGTERM - for process in $candidates; do - ps -fu $USER | grep "$process" | grep -v 'kprogress' | awk ' FS=" " { system("kill "$2) } ' - done -} - -fix_ldif() { - (cat -; echo "bank") | awk ' -/^[a-zA-Z]/ { - if(line!=""){ - print line - } - - line = $0 -} -/^ / { - line = line substr($0,2) -} -' -} - - -ldap_init() { - if [ $# -ne 2 ]; then - for config in /etc/*ldap/ldap.conf /etc/ldap.conf; do - - # Not readable? Continue - [ ! -r $config ] && continue - - # Try to read config - touch /tmp/agent.$$ - cat $config | while read line; do - echo $line | grep -q '^BASE' - [ $? -eq 0 ] && echo LDAP_BASE="\"$(echo $line|tr '\t' ' '|cut -d\ -f2-)\"" >>/tmp/agent.$$ - echo $line | grep -q '^HOST' - [ $? -eq 0 ] && echo LDAP_HOST="$(echo $line|tr '\t' ' '|cut -d\ -f2-)" >>/tmp/agent.$$ - echo $line | grep -q '^URI' - [ $? -eq 0 ] && echo LDAP_HOST="$(v=`echo $line|tr '\t' ' '|cut -d\ -f2-`;echo ${v##*://})" >> /tmp/agent.$$ - done - eval $(cat /tmp/agent.$$) - rm /tmp/agent.$$ - - # One successful configuration should be enough - break - done - if [ -z "$LDAP_HOST" -o -z "$LDAP_BASE" ]; then - echo "Critical: no LDAP configuration found!" - exit - fi - else - LDAP_HOST=$1 - LDAP_BASE=$2 - fi -} - - -ldap_count() { - ldapsearch -x -LLL -h "$LDAP_HOST" -b "$LDAP_BASE" "$1" dn | grep '^dn:' | wc -l -} - - -decode_blob() { - base64-decode > /tmp/agent-lib-decode.$$ - file /tmp/agent-lib-decode.$$ 2>/dev/null| grep -qi 'text' - [ $? -eq 0 ] && cat /tmp/agent-lib-decode.$$ | recode 'utf8..latin1' - [ -f /tmp/agent-lib-decode.$$ ] && rm /tmp/agent-lib-decode.$$ -} - -ldap_import() { - for v in $(set grep ldap_import_ | cut -d= -f1); do unset $v; done - vname_lastrun="" - counter=0 - > /tmp/agent-lib.$$ - (ldapsearch -x -LLL -h "$LDAP_HOST" -b "$LDAP_BASE" $2 "$1" $3 2> /dev/null) | fix_ldif | sed 's/^\([^:]*\):\(.*\)$/\1="\2"/' | while read line; do - vname=$(echo $line|cut -d= -f1) - vvalue=$(echo $line|cut -d= -f2-) - - echo $line | grep -q '=": ' - if [ $? -eq 0 ]; then - vvalue=`echo $line|sed 's/^[^="]*=": //'|decode_blob` - vvalue="$vvalue\"" - else - vvalue=`echo $line|sed 's/^[^="]*=" //'` - fi - - if [ "$vname_lastrun" == "$vname" ]; then - counter=$(( $counter + 1 )); - else - counter=0 - vname_lastrun=$vname - fi - - echo "ldap_import_$vname[$counter]=\"$vvalue" >> /tmp/agent-lib.$$ - done - - eval $(cat /tmp/agent-lib.$$) - rm /tmp/agent-lib.$$ -} - -ldap_cat() { - vname_lastrun="" - counter=0 - > /tmp/agent-lib.$$ - (ldapsearch -x -LLL -h "$LDAP_HOST" -b "$1" -s base 2> /dev/null) | fix_ldif | sed 's/ -^\([^:]*\):\(.*\)$/\1="\2"/' | while read line; do - vname=$(echo $line|cut -d= -f1) - vvalue=$(echo $line|cut -d= -f2-) - - echo $line | grep -q '=": ' - if [ $? -eq 0 ]; then - vvalue=`echo $line|sed 's/^[^="]*=": //'|decode_blob` - vvalue="$vvalue\"" - else - vvalue=`echo $line|sed 's/^[^="]*=" //'` - fi - - if [ "$vname_lastrun" == "$vname" ]; then - counter=$(( $counter + 1 )); - else - counter=0 - vname_lastrun=$vname - fi - - echo "ldap_import_$vname[$counter]=\"$vvalue" >> /tmp/agent-lib.$$ - done - - eval $(cat /tmp/agent-lib.$$) - rm /tmp/agent-lib.$$ - } - - - -ldap_get_group_membership_of() { - ldapsearch -x -LLL -h "$LDAP_HOST" -b "$LDAP_BASE" "(memberUid=$1)" \ - cn 2> /dev/null | fix_ldif | awk '/^cn: / {print $2}' -} - - -ldap_get_applications_of() { - ldapsearch -x -LLL "(memberUid=$1)" gosaMemberApplication | fix_ldif | \ - awk '/^gosaMemberApplication:/ {print $2}'| sort | uniq -} - - -ldap_get_appservers() { - ldapsearch -x -LLL "(objectclass=goTerminalServer)" cn | fix_ldif | grep -w cn: |cut -d' ' -f 2 -} - - -translate() { - # Look for translation - while read line; do - string="${line%%=*}" - if [ "$string" == "$*" ]; then - echo "${line##*=}" - return - fi - done < /etc/goto/goto-locales.dat - echo $* -} - - -show_progress() { - # No translation available - echo $PROGRESS $(translate "$*") -} - - -create_desktop_link() { - echo "$gosaApplicationFlags" | grep -q "D" - if [ $? -eq 0 ]; then - [ $DEBUG -eq 1 ] && echo "goto_setup: creating desktop link for application $application" 1>&2 - cat << EOF > ~/Desktop/$cn -[Desktop Entry] -Comment=$description -Encoding=UTF-8 -Exec=$gosaApplicationExecute -Icon=$HOME/.kde/share/icons/${cn}.png -Name=$gosaApplicationName -Type=Application -EOF - fi -} - - -create_menu_entry() { - echo "$gosaApplicationFlags" | grep -q "M" - if [ $? -eq 0 ]; then - [ $DEBUG -eq 1 ] && echo "goto_setup: creating menu link for application $application" 1>&2 - cat << EOF > ~/.local/share/applications/$cn.desktop -[Desktop Entry] -Type=Application -Encoding=UTF-8 -Exec=$gosaApplicationExecute -Name=$gosaApplicationName -GenericName= -Comment=$description -Icon=$HOME/.kde/share/icons/${cn}.png -Terminal=false -Categories=$appcat; -EOF - fi -} - - -delete_all_applinks() { - list=`ldapsearch -x "objectClass=gosaApplication" cn | fix_ldif | awk '/^cn: / {print $2}'` - for link in $list; do - [ -f $HOME/Desktop/$link ] && rm -f $HOME/Desktop/$link - [ -f $HOME/.kde/share/applnk/$link.desktop ] && rm -rf $HOME/.kde/share/applnk/$link.desktop - done -} - - -function terminal_load_hardware_profile() { - rm -f $RAM/etc/sysconfig/GOto && touch $RAM/etc/sysconfig/GOto - ldapsearch -x -LLL -h $LDAP_HOST -b "$LDAP_BASE" -D "cn=terminal-admin,$LDAP_BASE" -w "$(cat /etc/goto/secret)" "(&(objectClass=gotoWorkstation)(macAddress=$1))" 2> /dev/null | fix_ldif | sed -e 's/^\([^:]*\): \(.*\)$/\U\1\E="\2"/' -e 's/^GOTO//g' >> /etc/sysconfig/GOto - - # Get DN and load all parent defaults from tree - current=$(grep "^DN=" /etc/sysconfig/GOto|sed 's/\"//g;s/, /,/g;s/^.*,ou=terminals,ou=systems,//g') - - # Load potential object group entries - ldapsearch -x -LLL -h $LDAP_HOST -b "$LDAP_BASE" -D "cn=terminal-admin,$LDAP_BASE" -w "$(cat /etc/goto/secret)" "(&(objectClass=gosaGroupOfNames)(member=$(echo -n $current|sed 's/^DN=//')))" 2> /dev/null | fix_ldif | sed -e 's/^\([^:]*\): \(.*\)$/\U\1\E="\2"/' -e 's/^GOTO//g' >> /etc/sysconfig/GOto - - # get reverse list of potential default entries - for backward compatibility - { while true; do - # write out current value - echo "ou=terminals,ou=systems,$current" - - # prepare next entry - echo $current | grep -q ',' - [ $? -ne 0 ] && break - [ "$LDAP_BASE" == "$current" ] && break - current=${current#*,} - done } | tac | while read line; do - - # Read potential default entries and append - # them to sysconfig/GOto - ldapsearch -x -LLL -h $LDAP_HOST -D "cn=terminal-admin,$LDAP_BASE" -w "$(cat /etc/goto/secret)" -b $line "(&(objectClass=gotoWorkstation)(cn=wdefault))" 2> /dev/null | fix_ldif | sed -e 's/^\([^:]*\): \(.*\)$/\U\1\E="\2"/' -e 's/^GOTO//g' >> /etc/sysconfig/GOto - done - - # Reverse sysconfig/GOto - tac /etc/sysconfig/GOto > /etc/sysconfig/GOto.tmp - mv /etc/sysconfig/GOto.tmp /etc/sysconfig/GOto -} - - -terminal_has_hardware_profile() { - # Do we have a configuration? - terminal_load_hardware_profile $1 - grep -v "cn=default," /etc/sysconfig/GOto | grep -q "DN=" -} - - -terminal_activated() { - # Do we have a configuration? - terminal_load_hardware_profile $1 - grep -v ',ou=incoming,' /etc/sysconfig/GOto | grep -v 'cn=default,' | grep -q "DN=" -} - - -terminal_dump_hwprofile() { - # Save mac address - mac=$1 - name=$(hostname) - - # Source hardware information detected by hwsetup - for module in xserver sound netcard mouse; do - [ -f /etc/sysconfig/$module ] && . /etc/sysconfig/$module - done - - # Get hardware information directly from /proc - cpu=$(cat /proc/cpuinfo | awk 'BEGIN { FS=": "; ORS="" } /^vendor_id/ {print $2" / "} /^model name/{print $2" - "} /^cpu MHz/ {print $2" MHz"}') - mem=$(cat /proc/meminfo | awk '/^MemTotal:/ {print $2" KB"}') - modlist=$(lsmod | sed -e '/^Module/d;/^snd/d;s/^\(\w*\).*$/\1/g') - hsync=$(ddcxinfo-knoppix -hsync|tr -d ' ') - vsync=$(ddcxinfo-knoppix -vsync|tr -d ' ') - - # USB support? - [ -d /proc/bus/usb ] && usb="true" || usb="false" - - # Add floppy/cdrom - grep -q 'floppy' /etc/sysconfig/autofs && FLOPPY='YES' || FLOPPY='NO' - grep -q 'cdrom' /etc/sysconfig/autofs && CDROM='YES' || CDROM='NO' - - cat << EOF -dn: cn=$name,ou=incoming,$LDAP_BASE -objectClass: gotoWorkstation -objectClass: goHard -cn: $name -macAddress: $mac -gotoMode: locked -gotoXDriver: $XMODULE -gotoXMouseType: $XMOUSETYPE -gotoXMouseport: $DEVICE -gotoXHsync: $hsync -gotoXVsync: $vsync -ghUsbSupport: $usb -gotoFloppyEnable: $FLOPPY -gotoCdromEnable: $CDROM -gotoSndModule: $SNDMODULE -EOF - - # Insert IDE-Devices - for f in /proc/ide/ide?/hd?/model; do - [ -f $f ] && echo "ghIdeDev: "$(echo $f | cut -d/ -f5)" ("$(cat $f)")" - done - - (cat /proc/scsi/scsi | sed -ne 's/.*Vendor: \([^ ]*\) *Model: \([^ ]*\) *.*$/\1 \2/p') 2> /dev/null|while read line; do - echo ghScsiDev: $line - done - - # Insert modules - for m in $modlist; do - echo "gotoModules: $m" - done | sort | uniq - - # Add potential swap filesystems - [ -f /etc/sysconfig/swap ] && cat /etc/sysconfig/swap | while read line; do - echo "gotoFilesystem: $line" - done - - # Add autofs devices - [ -f /etc/sysconfig/autofs ] && cat /etc/sysconfig/autofs | while read line; do - echo "gotoAutoFs: $line" - done - - cat << EOF -ghGfxAdapter: $XDESC -ghNetNic: `cat /etc/sysconfig/netcard|grep "^FULLNAME"|cut -d= -f2|tr -d "\""` -ghSoundAdapter: `cat /etc/sysconfig/sound|grep "^FULLNAME"|cut -d= -f2|tr -d "\""` -ghMemSize: $mem -ghCpuType: $cpu -EOF -} - - -terminal_save_hardware_profile() { - # Get hardware ldif and strip out possibly broken entries - terminal_dump_hwprofile $1 | grep -v '^[^:]*: *$' &> /tmp/upload.ldif - - # Upload ldif - while true; do - error=$(ldapadd -x -h "$LDAP_HOST" -D "cn=terminal-admin,$LDAP_BASE" -w "$(cat /etc/goto/secret)" < /tmp/upload.ldif 2>&1) - if [ $? -ne 0 ]; then - dialog --msgbox "Das Terminal konnte sich nicht am LDAP anmelden. Bitte prüfen Sie de Einstellungen: $error" 14 60 - else - break - fi - done -} - - -terminal_alsa_setup() { - audio=$(lspci -n | awk '/ 0401/ {print $3}' | sed 's/://g' | head -1) - KVER=$(uname -r) - MODULE=$(cat /lib/modules/$KVER/modules.pcimap | (while read driver vendor device dummy; do - if expr $driver : 'snd-.*' > /dev/null; then - printf '%04x%04x %s\n' $vendor $device $driver | grep "^$audio" | cut -d\ -f2 - fi - done)) - echo "SNDMODULE=\"$MODULE\"" >> /etc/sysconfig/sound -} - - -terminal_autofs_setup(){ - wcount=1 - lcount=1 - - # Remove old ones - rm -f /etc/sysconfig/autofs /etc/sysconfig/swap - - # Generate autofs entries for removable devices - for d in /dev/floppy/?; do - [ "$d" == "/dev/floppy/?" ] && break - nr=$(echo $d | sed 's/^.*\/\([^/]*$\)/\1/g') - echo "floppy$nr -fstype=auto,sync,nodev,nosuid,umask=000,quiet,rw :$d" >> /etc/sysconfig/autofs - done - - for d in /dev/cdroms/*; do - [ "$d" == "/dev/cdroms/*" ] && break - name=`echo $d | sed 's/^.*\/\([^/]*$\)/\1/g'` - echo "$name -fstype=iso9660,sync,nodev,nosuid,umask=000,quiet,ro :$d" >> /etc/sysconfig/autofs - done - - # Generate autofs entries for fixed drives - (sfdisk -qLl | grep "^/" | tr -d '\*') | while read device d1 d2 d3 d4 type d5; do - case $type in - [4bce]) - echo "win$wcount -fstype=vfat,sync,nodev,nosuid,umask=000,quiet,rw :$device" >> /etc/sysconfig/autofs - wcount=$(( $wcount + 1 )) - ;; - 7) - echo "win$wcount -fstype=ntfs,sync,nodev,nosuid,umask=000,quiet,ro :$device" >> /etc/sysconfig/autofs - wcount=$(( $wcount + 1 )) - ;; - 83) - echo "linux$lcount -fstype=ext3,sync,nodev,nosuid,umask=000,quiet,rw :$device" >> /etc/sysconfig/autofs - lcount=$(( $lcount + 1 )) - ;; - 82) - echo "$device none swap sw 0 0" >> /etc/sysconfig/swap - ;; - esac - done -} - - -get_xdmcp_server(){ - SERVERS=$(ldapsearch -LLL -b "$LDAP_BASE" -H $LDAP_HOST -x '(&(objectclass=goTerminalServer)(goXdmcpIsEnabled=true))'| awk '/^cn/{print $2}' 2> /dev/null) - - # Generate load sorted server list - { for s in $SERVERS; do - xdmping $s -v -t 1 2> /dev/null | awk '!/contacting/ {print $5"|"$1"|"$2}' | sed 's/[:,]//g' - done } | egrep "^[0-9]" | sort -n > /tmp/xservers.tmp - - case $(cat /tmp/xservers.tmp | wc -w | awk '{print $1}') in - 0) - return - ;; - 1) - cat /tmp/xservers.tmp | cut -d\| -f2 - return - ;; - *) - AVAILABLE="" - for i in $(cat /tmp/xservers.tmp); do - NEW=$(echo "$i" | awk -F "|" '{if ($1 < 0.5) print $1"|"$2}') - [ -n "$NEW" ] && AVAILABLE="$NEW\n$AVAILABLE" - done - if [ -n "$AVAILABLE" ]; then - echo -e "$AVAILABLE" > /tmp/xservers.tmp - NUM=$(cat /tmp/xservers.tmp | wc -l | awk '{print $1 - 1}') - ROW=$(echo $NUM | awk '{print rand() * $1 + 1 ;}' | cut -d . -f1) - cat /tmp/xservers.tmp | sed -n "${ROW}p" | cut -d\| -f2 - else - cat /tmp/xservers.tmp|egrep "^[0-9]"|tr "." ","|sort -n|head -1|cut -d\| -f2 - fi - ;; - esac -} - - -get_fontpath() { - ldapsearch -x -LLL -h $LDAP_HOST -b "$LDAP_BASE" "(&(objectClass=goTerminalServer)(cn=$1))" | - grep "^goFontPath" | cut -d\ -f2- | sed 's!\/!\/!g' -} - diff --git a/contrib/fai/goto-fai/ldap2fai b/contrib/fai/goto-fai/ldap2fai deleted file mode 100755 index 50f315d77..000000000 --- a/contrib/fai/goto-fai/ldap2fai +++ /dev/null @@ -1,630 +0,0 @@ -#!/usr/bin/perl -# $Id$ -#********************************************************************* -# -# ldap2fai -- read FAI config from LDAP and create config space -# -# This script is part of FAI (Fully Automatic Installation) -# (c) 2005, Thomas Lange -# (c) 2005, Jens Nitschke -# (c) 2005, Jan-Marek Glogowski -# (c) 2005, Cajus Pollmeier -# -#********************************************************************* - -use strict; -use Net::LDAP; -use MIME::Base64; -use Getopt::Std; -use File::Path; -use File::Copy; -use vars qw/ %opt /; - -my $base; -my $ldapuri; -my $ldapdir = "/etc/ldap/ldap.conf"; -my $outdir = "/fai"; -my $verbose = 0; -my $opt_string = 'c:d:hv'; -my $hostname; - -getopts( "$opt_string", \%opt ) or usage("Hello"); -usage("Help") if $opt{h}; - -$verbose = $opt{v} ? 1 : 0; -$outdir = $opt{d} ? $opt{d} : $outdir; -$ldapdir = $opt{c} ? $opt{c} : $ldapdir; - -# Get MAC from cmdline -my $mac = shift @ARGV; -$mac eq '' && usage("MAC address not specified."); - -# Is outdir a directory --d "$outdir" || usage("'$outdir' is not a directory.\n"); - -my @classes=(); # the classes a host belongs to - -# initialize ldap -setup(); -my $ldap = Net::LDAP->new("$ldapuri") or die "$@"; -my $mesg = $ldap->bind; - -# create class hooks debconf disk_config package_config scripts files -my @dirs= qw/class hooks debconf disk_config package_config scripts files/; -foreach (@dirs) { - -d "$outdir/$_" || mkpath "$outdir/$_" - || warn "WARNING: Can't create subdir $outdir/$_ $!\n"; -} - -@classes= get_classes($mac); -prt_scripts(); -prt_package_list(); -prt_debconf(); -prt_templates(); -prt_var(); -prt_hooks(); -prt_disk_config(); - -# create sources list -if (!$hostname) { - -d "${outdir}/files/etc/apt/sources.list" - || mkpath "${outdir}/files/etc/apt/sources.list"; - copy ("${outdir}/tmp/apt-sources.list", - "${outdir}/files/etc/apt/sources.list/$hostname") ; -} - -$mesg = $ldap->unbind; # take down session -exit 0; - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -sub setup -{ - # Read LDAP - open (LDAPCONF,"${ldapdir}") - || usage("Can't open LDAP configuration$!\n"); - my @content=; - close(LDAPCONF); - - # Scan LDAP config - foreach my $line (@content) { - $line =~ /^\s*(#|$)/ && next; - chomp($line); - - if ($line =~ /^BASE\s+(.*)$/) { - $base= $1; - next; - } - if ($line =~ m#^URI\s+ldaps?://([^/:]+).*$#) { - $ldapuri= $1; - next; - } - } -} - -sub usage -{ - (@_) && print STDERR "\n@_\n\n"; - - print STDERR << "EOF"; -usage: $0 [-hv] [-c config] [-d outdir] - --h : this (help) message --c : LDAP config file (default: ${ldapdir}) --d : output dir (default: ${outdir}) --v : be verbose -EOF - exit -1; -} -#----------------------------------------------------------------------------------- - -sub write_file { - - my @opts = @_; - my $len = scalar @_; - ($len < 2) && return; - - my $filename = shift; - my $data = shift; - - open (SCRIPT,">${filename}") || warn "Can't create ${filename}. $!\n"; - print SCRIPT $data; - close(SCRIPT); - - ($opts[2] ne "") && chmod oct($opts[2]),${filename}; - ($opts[3] ne "") && chown_files(${filename}, $opts[3]); -} - -#----------------------------------------------------------------------------------- - -sub chown_files -{ - my @owner = split('.',@_[1]); - my $filename = @_[0]; - my ($uid,$gid); - $uid = getpwnam(@owner[0]); - $gid = getgrnam(@owner[1]); - - chown $uid, $gid, $filename; -} - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -sub get_classes { - - # return list of FAI classes defined for host - my $mac = shift; - my (@classes,$mesg,$entry); - - $mesg = $ldap->search( - base => "ou=systems,$base", - filter => "(&(macAddress=$mac)(objectClass=gotoWorkstation))", - attrs => [ 'FAIclass', 'cn']); - $mesg->code && die $mesg->error; - # normally, only one value should be returned - if ($mesg->count != 1) { - die "LDAP search for client failed. ".$mesg->count." entries have been returned\n"; - } - - # this assigns the last value to @classes - $entry= ($mesg->entries)[0]; - @classes= split /\s+/,$entry->get_value('FAIclass'); - - # get hostname - my $hname= $entry->get_value('cn'); - my $dn= $entry->dn; - $hostname= $hname; - - # Search for object groups containing this client - $mesg = $ldap->search( - base => "ou=groups,$base", - filter => "(&(objectClass=gosaGroupOfNames)(objectClass=FAIobject)(member=$dn))", - attrs => [ 'FAIclass' ]); - $mesg->code && die $mesg->error; - foreach my $m ($mesg->entries) { - push @classes, split /\s+/,$m->get_value('FAIclass'); - } - - # print all classes to the file with hostname - open (FAICLASS,">$outdir/class/$hname") || warn "Can't create $outdir/class/$hname. $!\n"; - my @newclasses; - foreach my $class (@classes) { - - # We need to walk through the list of classes and watch out for - # a profile which is named like the class. Replace the profile - # name by the names of the included classes. - $mesg = $ldap->search( - base => "ou=systems,$base", - filter => "(&(objectClass=FAIprofile)(cn=$class))", - attrs => [ 'FAIclass' ]); - $mesg->code && die $mesg->error; - - if ($mesg->count > 0){ - foreach my $m ($mesg->entries) { - foreach my $tc (split /\s+/,$m->get_value('FAIclass')){ - print FAICLASS "$tc\n"; - push @newclasses, $tc; - } - } - } else { - print FAICLASS "$class\n"; - push @newclasses, $class; - } - } - close(FAICLASS); - print "Host $hname belongs to FAI classes: ",join ' ',@newclasses,"\n" if $verbose; - return @newclasses; -} - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -sub get_variables { - # gets all variables defined for a class - # returns a list of lines in bourne shell syntax - - my $class = shift; - my ($mesg,$var_base,$entry,$line,@vars); - - $mesg = $ldap->search( - base => "$base", - filter => "(&(cn=$class)(objectClass=FAIvariable))", - attrs => [ 'cn']); - return if ($mesg->count() == 0); # skip if no such object exists - $mesg->code && die $mesg->error; - - $entry=($mesg->entries)[0]; - $var_base=$entry->dn; - - $mesg = $ldap->search( - base => "$var_base", - filter => "(objectClass=FAIvariableEntry)", - attrs => ['cn', 'FAIvariableContent']); - return if ($mesg->count() == 0); # skip if no such object exists - $mesg->code && die $mesg->error; - - - foreach $entry ($mesg->entries) { - $line= sprintf "%s=\'%s\'\n", $entry->get_value('cn'), - $entry->get_value('FAIvariableContent'); - push @vars,$line; - } - return @vars; -} - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -sub prt_var { - - my (@lines, $hname); - - foreach my $class (@classes) { - @lines = get_variables($class); - next until @lines; # do not create .var file if no variables are defined - open (FAIVAR,">$outdir/class/${class}.var") - || warn "Can't create $outdir/class/$hname.var.$!\n"; - print FAIVAR @lines; - close(FAIVAR); - } -} - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -sub get_disk_config { - - my $class = shift; - my ($mesg,$entry,$line,@diskconfig,$partition_base,$dn,%diskline,$xxmesg); - - # Search for partition schema for the specified class - $mesg = $ldap->search( - base => "$base", - filter => "(&(cn=$class)(objectClass=FAIpartitionTable))" ); - - return if ($mesg->count() == 0); # skip if no such object exists - $mesg->code && die $mesg->error; - - $entry=($mesg->entries)[0]; - $partition_base= $entry->dn; - - # Search for disks - $mesg = $ldap->search( - base => "$partition_base", - filter => "(objectClass=FAIpartitionDisk)" ); - - return if ($mesg->code == 32); # skip if no such object exists - $mesg->code && die $mesg->error; - - foreach $entry ($mesg->entries) { - my $logic_count= 4; - my $primary_count= 0; - my $dn=$entry->dn; - my $disk=$entry->get_value('cn'); - my $part; - undef %diskline; - $diskline{0} = "disk_config $disk\n"; - $xxmesg = $ldap->search( - base => "$dn", - filter => "objectClass=FAIpartitionEntry" ); - $xxmesg->code && die $xxmesg->error; - foreach my $dl ($xxmesg->entries) { - if ($dl->get_value('FAIpartitionType') eq 'primary'){ - $primary_count++; - } else { - $logic_count++; - } - if ($dl->get_value('FAIpartitionFlags') eq 'preserve'){ - if ($dl->get_value('FAIpartitionType') eq 'primary'){ - $part= 'preserve'.$primary_count; - } else { - $part= 'preserve'.$logic_count; - } - $line= sprintf "%-7s %-12s %-12s %-10s ; %s\n", - $dl->get_value('FAIpartitionType'), - $dl->get_value('FAImountPoint'), - $part, - $dl->get_value('FAImountOptions') eq '' - ? 'rw' : $dl->get_value('FAImountOptions'), - $dl->get_value('FAIfsOptions'); - } - elsif ($dl->get_value('FAIfsType') eq 'swap'){ - $line= sprintf "%-7s %-12s %-12s %-10s\n", - $dl->get_value('FAIpartitionType'), - $dl->get_value('FAImountPoint'), - $dl->get_value('FAIpartitionSize'), - $dl->get_value('FAImountOptions') eq '' - ? 'rw' : $dl->get_value('FAImountOptions'); - } - else { - $line= sprintf "%-7s %-12s %-12s %-10s ; %s %s\n", - $dl->get_value('FAIpartitionType'), - $dl->get_value('FAImountPoint'), - $dl->get_value('FAIpartitionSize'), - $dl->get_value('FAImountOptions') eq '' - ? 'rw' : $dl->get_value('FAImountOptions'), - $dl->get_value('FAIfsOptions'), - $dl->get_value('FAIfsType'); - } - - $diskline{$dl->get_value('FAIpartitionNr')}=$line; - } - foreach my $l (sort {$a <=> $b} keys %diskline) { - push @diskconfig, $diskline{$l}; - } - } - return @diskconfig; -} - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -sub prt_disk_config { - - # create one disk_config file - - my ($class,@lines); - - foreach $class (reverse @classes) { - @lines=get_disk_config($class); - next until @lines; # skip if nothing is defined for this class - - print "Generating partition layout for class '${class}'\n." if $verbose; - open (FAIVAR,">${outdir}/disk_config/${class}") - || warn "Can't create $outdir/disk_config/$class. $!\n"; - print FAIVAR join '',@lines; - close(FAIVAR); - last; # finish when one config file is created - } -} - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -sub get_packages { - - # gets list of packages defined for a class - - my $class = shift; - my ($mesg,$entry,$line,$method,%packlist); - - -d "${outdir}/tmp" || mkpath "${outdir}/tmp" - || warn "Can't create ${outdir}/tmp. $!\n"; - print "Generate sources.list for install\n" if $verbose; - open (SOURCES,">>${outdir}/tmp/apt-sources.list") - || warn "Can't create ${outdir}/tmp/apt-sources.list. $!\n"; - - $mesg = $ldap->search( - base => "$base", - filter => "(&(cn=$class)(objectClass=FAIpackageList))" , - attrs => [ 'FAIpackage', 'FAIinstallMethod', - 'FAIdebianMirror', 'FAIdebianRelease', 'FAIdebianSection']); - - $mesg->code && die $mesg->error; - # should also return only one value - - undef %packlist; - foreach $entry ($mesg->entries) { - $method=$entry->get_value('FAIinstallMethod'); - push @{$packlist{$method}}, $entry->get_value('FAIpackage'); - - print SOURCES "deb ".$entry->get_value('FAIdebianMirror')." ".$entry->get_value('FAIdebianRelease')." "; - my $section; - foreach $section ($entry->get_value('FAIdebianSection')){ - print SOURCES "$section "; - } - print SOURCES "\n"; - } - - close (SOURCES); - - # return a ref to the hash of arrays (key of the hash is the method), - # the value is the array of package names for this method - return \%packlist; -} - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -sub prt_package_list { - - my (@lines,$plist,$method,$value); - - foreach my $class (@classes) { - $plist=get_packages($class); - # test if hash contains any keys or values - unless (keys %{$plist}) { - next; - } - - print "Generate package list for class '$class'.\n" if $verbose; - open (PACKAGES,">$outdir/package_config/$class") - || warn "Can't create $outdir/package_config/$class. $!\n"; - while (($method, $value) = each %{$plist}) { - print PACKAGES "PACKAGES $method\n"; - print PACKAGES join "\n",@{$value}; - print PACKAGES "\n"; - } - close(PACKAGES); - } -} - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -sub get_templates { - - # get list of template-files defined for a class - my $class = shift; - my ($mesg,$entry,$str,$pfad,$name,$owner,$mode,$template_base,@template); - - $mesg = $ldap->search( - base => "$base", - filter => "(&(cn=$class)(objectClass=FAItemplate))", - attrs => ['cn']); - return if ($mesg->count() == 0); # skip if no such object exists - $mesg->code && die $mesg->error; - - $entry=($mesg->entries)[0]; - $template_base=$entry->dn; - - $mesg = $ldap->search( - base => "$template_base", - filter => "(objectClass=FAItemplateEntry)", - attrs => ['FAItemplateFile', 'FAItemplatePath', 'FAIowner', 'FAImode' ,'cn']); - return if ($mesg->count() == 0); # skip if no such object exists - $mesg->code && die $mesg->error; - - foreach $entry ($mesg->entries) { - $name = $entry->get_value('cn'); - $owner = $entry->get_value('FAIowner'); - $owner = $entry->get_value('FAImode'); - $pfad = $entry->get_value('FAItemplatePath'); - chomp($pfad); - -d "${outdir}/files/${pfad}" || mkpath "${outdir}/files/${pfad}" - || warn "WARNING: Can't create subdir ${outdir}/files/${pfad} !$\n"; - print "Generate template '$pfad' ($name) for class '$class'.\n" if $verbose; - write_file( "${outdir}/files/${pfad}/${class}", - $entry->get_value('FAItemplateFile'),$entry->get_value('FAImode'),$entry->get_value('FAIowner')); - } -} - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -sub prt_templates { - my ($class); - - foreach $class (reverse @classes) { - get_templates($class); - } -} - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -sub get_debconf { - - # gets list of packages defined for a class - - my $class = shift; - my ($mesg,$entry,$str,$debconf_base,@debconf); - - $mesg = $ldap->search( - base => "$base", - filter => "(&(cn=$class)(objectClass=FAIpackageList))", - attrs => ['cn']); - return if ($mesg->count() == 0); # skip if no such object exists - $mesg->code && die $mesg->error; - - $entry=($mesg->entries)[0]; - $debconf_base=$entry->dn; - - $mesg = $ldap->search( - base => "$debconf_base", - filter => "(objectClass=FAIdebconfInfo)" , - attrs => [ 'FAIpackage', 'FAIvariable', - 'FAIvariableType','FAIvariableContent']); - $mesg->code && die $mesg->error; - - # undef @debconf; - foreach $entry ($mesg->entries) { - $str = sprintf "%s %s %s %s\n", - $entry->get_value('FAIpackage'), - $entry->get_value('FAIvariable'), - $entry->get_value('FAIvariableType'), - $entry->get_value('FAIvariableContent'); - push @debconf, $str; - } - return @debconf; -} - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -sub prt_debconf { - - my @lines; - my $class; - - foreach $class (@classes) { - @lines = get_debconf($class); - next until @lines; - print "Generate DebConf for class '$class'.\n" if $verbose; - open (DEBCONF,">${outdir}/debconf/${class}") || warn "Can't create $outdir/debconf/$class. $!\n"; - print DEBCONF @lines; - close(DEBCONF); - } -} - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -sub prt_scripts { - my ($class,@lines); - - foreach $class (@classes) { - get_scripts($class); - } -} - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -sub get_scripts { - - # gets list of packages defined for a class - - my $class = shift; - my ($mesg,$entry,$str,$script_base,$prio,$name,$script); - - $mesg = $ldap->search( - base => "$base", - filter => "(&(cn=$class)(objectClass=FAIscript))", - attrs => ['cn']); - return if ($mesg->count() == 0); # skip if no such object exists - $mesg->code && die $mesg->error; - - $entry=($mesg->entries)[0]; - $script_base= $entry->dn; - - $mesg = $ldap->search( - base => "$script_base", - filter => "(objectClass=FAIscriptEntry)", - attrs => ['FAIpriority', 'FAIscript', 'cn']); - return if ($mesg->count() == 0); # skip if no such object exists - $mesg->code && die $mesg->error; - - foreach $entry ($mesg->entries) { - $name = $entry->get_value('cn'); - $prio = $entry->get_value('FAIpriority'); - $script= sprintf('%02d-%s', $prio, $name); - - -d "$outdir/scripts/$class" || mkpath "$outdir/scripts/$class" || - warn "WARNING: Can't create subdir $outdir/scripts/$class !$\n"; - - write_file("${outdir}/scripts/${class}/${script}", - $entry->get_value('FAIscript'), "0700"); - } -} - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -sub prt_hooks { - my ($class,@lines); - - foreach $class (reverse @classes) { - get_hooks($class); - } -} - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -sub get_hooks { - - # gets list of packages defined for a class - - my $class = shift; - my ($mesg,$entry,$str,$hook_base,$prio,$task,$hook,$name); - - $mesg = $ldap->search( - base => "$base", - filter => "(&(cn=$class)(objectClass=FAIhook))", - attrs => ['cn']); - return if ($mesg->count() == 0); # skip if no such object exists - $mesg->code && die $mesg->error; - - $entry=($mesg->entries)[0]; - $hook_base= $entry->dn; - - $mesg = $ldap->search( - base => "$hook_base", - filter => "(objectClass=FAIhookEntry)", - attrs => ['FAItask', 'FAIscript', 'cn']); - return if ($mesg->count() == 0); # skip if no such object exists - $mesg->code && die $mesg->error; - - foreach $entry ($mesg->entries) { - $name = $entry->get_value('cn'); - $task = $entry->get_value('FAItask'); - $prio = $entry->get_value('FAIpriority'); - $hook = sprintf('%s.%s', ${task}, ${class}); - - write_file("${outdir}/hooks/${hook}", - $entry->get_value('FAIscript'), "0700"); - } -} - -# vim:ts=2:sw=2:expandtab:shiftwidth=2:syntax:paste diff --git a/contrib/fai/goto-fai/secret b/contrib/fai/goto-fai/secret deleted file mode 100644 index 7f480a8c1..000000000 --- a/contrib/fai/goto-fai/secret +++ /dev/null @@ -1 +0,0 @@ -your secret terminal-admin password diff --git a/contrib/fix_munged.php b/contrib/fix_munged.php deleted file mode 100755 index 405d345af..000000000 --- a/contrib/fix_munged.php +++ /dev/null @@ -1,95 +0,0 @@ -#!/usr/bin/php - - * - * Copyright (C) 2006 GONICUS GmbH - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 - * USA - * - * Contact information: GONICUS GmbH - * Moehnestrasse 11-17 - * D-59755 Arnsberg - * Germany - * tel: ++49 2932 916 0 - * fax: ++49 2932 916 230 - * email: info@GONICUS.de - * http://www.GONICUS.de - * */ - -/* Modify these settings to your needs */ -$ldap_host= "localhost"; -$ldap_port= "389"; -$ldap_base= "dc=gonicus,dc=de"; -$ldap_admin= "cn=ldapadmin,".$ldap_base; -$ldap_password= "tester"; - -/* Internal Settings */ -$ldap_protocol= "3"; -$filter= "(&(objectClass=sambaSamAccount)(sambaMungedDial=*))"; -$attributes= array("dn","sambaMungedDial"); - -print("This script will try to convert all ldap entries that have the sambaMungedDial-Attribute set, into the new \n". - "format that win2003sp1 and later requires. If an entry is already in the new format, it is not touched. \n". - "BEWARE: This script is not widely tested yet, so use it at your own risk! Be sure to backup your complete LDAP \n". - "before running.\n". - "Do you want to continue (y/n)?\n"); - -$handle= fopen("php://stdin","r"); -$input=(fgets($handle,16)); -fclose($handle); -if(substr(strtolower($input),0,1)!="y") { - exit(1); -} -/* Connect to server */ -$connection= ldap_connect($ldap_host,$ldap_port) - or die ('Could not connect to server '.$ldap_host."\n!"); -ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, $ldap_protocol); -ldap_bind($connection,$ldap_admin,$ldap_password) - or die ('Could not bind to server '.$ldap_host."!\n"); - -$results= ldap_get_entries($connection, ldap_search($connection, $ldap_base, $filter, $attributes)); - -$count= 0; - -if(array_key_exists('count', $results)) { - $count= $results['count']; -} - -if($count > 0) { - print('We found '.$count.' matching '.(($count==1)?'entry':'entries').".\n"); -} - -for($i=0; $i<$count; $i++) { - $entry= $results[$i]; - print('Converting '.$entry['dn'].'...'); - $mungedDial = new sambaMungedDial(); - $mungedDial->load($entry['sambamungeddial'][0]); - $modify['sambaMungedDial'][0]= $mungedDial->getMunged(); - if(ldap_modify($connection,$entry['dn'],$modify)) { - print("done.\n"); - } else { - print("failed.\n"); - } -} - -ldap_close($connection); -?> - diff --git a/contrib/gosa.conf b/contrib/gosa.conf deleted file mode 100644 index 26a9ee26d..000000000 --- a/contrib/gosa.conf +++ /dev/null @@ -1,571 +0,0 @@ -{literal}{/literal} - - -
- - - - - -{if $cv.use_netatalk} - -{else} - -{/if} - - - - - -
- -
- - - - - - -{if $cv.enableMimeType} - -{else} - -{/if} - - - -{if $cv.enableFAI_management} - -{else} - -{/if} - - - - -
- -
- - - - - - - -{if $cv.optional.gotomasses_active} - -{else} - -{/if} - -
- - - - - - - - - - - - -{if $cv.use_netatalk} - -{else} - -{/if} - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -{if $cv.enableFAI_management} - -{else} - -{/if} - - - - - - - - - - -{if $cv.enableFAI_management} - -{else} - -{/if} - - - - - - - - - - - - - - - - - - - - - - - - - -{if $cv.mail == "kolab"} - -{/if} - - - - - - - - - - - - - - -{if $cv.generic_settings.enableDHCP} - -{/if} -{if $cv.generic_settings.enableDNS} - -{/if} - - - - - - - - - - - - -{if $cv.mail == "kolab"} - -{/if} - - - - - - - - - - - - - - - - -{if $cv.enableFAI_management} - - - - - - - - - - - - - - - - - - - - - - - - - - - - -{else} - -{/if} - - - - - - -
- - - - - -
- diff --git a/contrib/gosa.spec b/contrib/gosa.spec deleted file mode 100644 index a737bfaa8..000000000 --- a/contrib/gosa.spec +++ /dev/null @@ -1,324 +0,0 @@ -# Some sort of "detection" of suse -%{?suse_version:%define suse 1} -%{!?suse_version:%define suse 0} - -# Define Packagename, e.g.: -# rpmbuild --rebuild --define 'sourcename gosa' gosa.srpm -%{!?sourcename:%define sourcename %{name}-%{version}} - -# -# Distribution -# -Summary: Web Based LDAP Administration Program -Name: gosa -Version: 2.5.99cvs -Release: 1 -License: GPL -Source: ftp://oss.GONICUS.de/pub/gosa/%{sourcename}.tar.bz2 -URL: http://oss.GONICUS.de/project/?group_id=6 -Group: System/Administration -Vendor: GONICUS GmbH -Packager: Lars Scheiter -Buildarch: noarch -%if %{suse} -Requires: apache2,apache2-mod_php5,php5,php5-gd,php5-ldap,php5-mcrypt,php5-mysql,php5-imap,php5-iconv,php5-mbstring,php5-gettext,php5-session,ImageMagick -%else -Requires: httpd,php,php-ldap,php-imap,php-snmp,php-mysql,php-mbstring,ImageMagick -%endif -BuildRoot: %{_tmppath}/%{name}-%{version}-root -BuildArch: noarch - -%define confdir /etc/%{name} - -%if %{suse} - %{echo:Building SuSE rpm} - %define apacheuser wwwrun - %define apachegroup root - %define webconf /etc/apache2/conf.d/ - %define docdir /usr/share/doc/packages/gosa -%else - %{echo:Building other rpm} - %define apacheuser apache - %define apachegroup apache - %define webconf /etc/httpd/conf.d/ - %define docdir /usr/share/doc/gosa-%{version} -%endif - -%description -GOsa is a combination of system-administrator and end-user web -interface, designed to handle LDAP based setups. -Provided is access to posix, shadow, samba, proxy, fax, and kerberos -accounts. It is able to manage the postfix/cyrus server combination -and can write user adapted sieve scripts. - -%package schema -Group: System/Administration -Summary: Schema Definitions for the GOSA package -%if %{suse} -Requires: openldap2 >= 2.1.22 -%else -Requires: openldap-servers >= 2.2.0 -%endif -Obsoletes: gosa-ldap - -%description schema -Contains the Schema definition files for the GOSA admin package. - -%package mkntpasswd -Group: System/Administration -Summary: Schema Definitions for the GOSA package -%if %{suse} -Requires: perl-Crypt-SmbHash -%else -Requires: perl-Crypt-SmbHash >= 0.02 -%endif - -%description mkntpasswd -Wrapper Script around perl to create Samba Hashes on the fly, added for completeness only. -If in doubt use sambas "native" mkntpwd tool to generate hashes for GOsa. - -%package help-en -Group: System/Administration -Summary: English online manual for GOSA package -Requires: gosa >= %{version} - -%description help-en -English online manual page for GOSA package - -%package help-de -Group: System/Administration -Summary: German localized online manual for GOSA package -Requires: gosa >= %{version} - -%description help-de -German localized online manual page for GOSA package - -%package help-fr -Group: System/Administration -Summary: French localized online manual for GOSA package -Requires: gosa >= %{version} - -%description help-fr -French localized online manual page for GOSA package - -%package help-nl -Group: System/Administration -Summary: Dutch localized online manual for GOSA package -Requires: gosa >= %{version} - -%description help-nl -Dutch localized online manual page for GOSA package - -%prep -%setup -q -n %{sourcename} -find . -depth -name CVS -type d | xargs rm -rf - -%build - - -%install -# Create buildroot -mkdir -p %{buildroot}/usr/share/gosa - -# Copy -DIRS="doc ihtml plugins html include locale setup" -for i in $DIRS; do \ - cp -ua $i %{buildroot}/usr/share/gosa/$i ; \ -done -mkdir %{buildroot}/usr/bin -cp bin/mkntpasswd %{buildroot}/usr/bin/ - -# Create files for temporary stuff -for i in compile config cache; do \ - mkdir -p %{buildroot}/var/spool/gosa/$i ; \ -done - -# Cleanup manual dirs -for i in admin devel; do \ - rm -rf %{buildroot}/usr/share/gosa/doc/guide/$i ; \ -done - -# Remove (some) unneeded files -for i in gen_locale.sh gen_online_help.sh gen_function_list.php update.sh; do \ - rm -rf %{buildroot}/usr/share/gosa/$i ; \ -done - -# Cleanup lyx warnings -find %{buildroot}/usr/share/gosa -name WARNINGS |xargs rm - - -# Cleanup guide -rm -rf %{buildroot}/usr/share/gosa/doc/guide/user/*/lyx-source - - -# Copy default config -mkdir -p %{buildroot}%{confdir} -mkdir -p %{buildroot}%{webconf} - -cat > %{buildroot}%{webconf}/gosa_include.conf < - Options None - AllowOverride None - Order allow,deny - Allow from all - -# Set alias to gosa -Alias /gosa /usr/share/gosa/html -EOF - -mkdir -p %{buildroot}/etc/openldap/schema/gosa -mv contrib/openldap/*.schema %{buildroot}/etc/openldap/schema/gosa -sed 's%"CONFIG_TEMPLATE_DIR", "../contrib/"%"CONFIG_TEMPLATE_DIR", "%{docdir}/"%g' %{buildroot}/usr/share/gosa/include/functions.inc > %{buildroot}/usr/share/gosa/include/functions.inc.new -mv -f %{buildroot}/usr/share/gosa/include/functions.inc.new %{buildroot}/usr/share/gosa/include/functions.inc - -mv -f doc manual -mkdir -p %{buildroot}/etc/gosa/vacation -mv -f %{buildroot}/usr/share/gosa/plugins/personal/mail/sieve-*.txt %{buildroot}/etc/gosa -mkdir -p %{buildroot}/usr/share/doc/gosa-%{version} -rm -rf %{buildroot}/usr/share/gosa/contrib -#rm -rf %{buildroot}/usr/share/gosa/doc -#rmdir contrib/openldap -bzip2 -9 contrib/opensides/goSamba.pl - -%clean -rm -rf %{buildroot} - -%post -# Add shells file to /etc/gosa -/bin/cp /etc/shells /etc/gosa - -%pre -# Cleanup compile dir on updates, always exit cleanly even on errors -[ -d /var/spool/gosa ] && rm -rf /var/spool/gosa/* ; exit 0 - -%postun -# Remove temporary files, just to be sure -[ -d /var/spool/gosa ] && rm -rf /var/spool/gosa/* ; exit 0 - -%files -%defattr(-,%{apacheuser},%{apachegroup}) -%doc %attr(-,root,root) AUTHORS TODO README README.safemode Changelog COPYING INSTALL FAQ -%doc %attr(-,root,root) contrib/altlinux contrib/fix_config.sh contrib/gosa.conf contrib/mysql contrib/opensides -%doc %attr(-,root,root) contrib/patches contrib/scripts contrib/vacation_example.txt contrib/demo.ldif contrib/openldap - -%config(noreplace) %attr(0600,%{apacheuser},%{apachegroup}) %{webconf}/gosa_include.conf -%config(noreplace) %attr(0700,%{apacheuser},%{apachegroup}) /etc/gosa -%attr(0700, %{apacheuser}, %{apachegroup}) /var/spool/gosa -%attr(0744, %{apacheuser}, %{apachegroup}) /usr/share/gosa/html -%attr(0744, %{apacheuser}, %{apachegroup}) /usr/share/gosa/ihtml -%attr(0744, %{apacheuser}, %{apachegroup}) /usr/share/gosa/include -%attr(0744, %{apacheuser}, %{apachegroup}) /usr/share/gosa/locale -%attr(0744, %{apacheuser}, %{apachegroup}) /usr/share/gosa/setup -%attr(0744, %{apacheuser}, %{apachegroup}) /usr/share/gosa/plugins -%attr(0744, %{apacheuser}, %{apachegroup}) /usr/share/gosa/doc/guide.xml - -%files schema -%defattr(-,root,root) -%doc COPYING AUTHORS README contrib/demo.ldif contrib/openldap -/etc/openldap/schema/gosa - -%files mkntpasswd -%defattr(-,root,root) -/usr/bin/mkntpasswd - -%files help-en -%defattr(-,root,root) -/usr/share/gosa/doc/guide/user/en - -%files help-de -%defattr(-,root,root) -/usr/share/gosa/doc/guide/user/de - -%files help-fr -%defattr(-,root,root) -/usr/share/gosa/doc/guide/user/fr - -%files help-nl -%defattr(-,root,root) -/usr/share/gosa/doc/guide/user/nl - -%changelog -* Mon May 7 2007 Lars Scheiter 2.5.99cvs -- Changed packageversion to reflect CVS status of resulting build - -* Wed Apr 11 2007 Lars Scheiter 2.5.10 -- New upstream -- Added new subpackage mkntpasswd -- Remove perl dependencies off of GOsa main package - -* Tue Mar 6 2007 Lars Scheiter 2.5.9 -- New upstream -- fixed typo in updateprocess - -* Mon Jan 15 2007 Lars Scheiter 2.5.8 -- New upstream release with security fixes - -* Wed Dec 20 2006 Lars Scheiter 2.5.7 -- New upstream -- %pre and %postun always end successfully now, even on errors - -* Fri Nov 17 2006 Lars Scheiter 2.5.6 -- New upstream -- Cleanup temporary dir after package removal -- Cleanup temporary dir before update - -* Thu Sep 28 2006 Lars Scheiter 2.5.4 -- New upstream version -- Downgraded SuSE dependencies to php4 - -* Wed Jun 21 2006 Lars Scheiter 2.5.1 -- New upstream version - -* Tue May 30 2006 Lars Scheiter 2.5 -- Updated RedHat dependencies -- New upstream version -- Spelling errors fixed ;) -- Seperation of online manual - -* Mon Dec 19 2005 Lars Scheiter 2.4-2 -- Updated SuSE dependencies to php5 - -* Mon Nov 21 2005 Lars Scheiter 2.4 -- New upstream version -- Removed %doc for postgresql and openexchange - -* Wed Jun 01 2005 Lars Scheiter 2.4beta1 -- New upstream version -- Added gosa.conf to contrib dir -- Rearranged documentation stuff -- Updated dependencies -- compress some files - -* Mon Feb 21 2005 Lars Scheiter 2.3 -- Update version to 2.3 (upstream) - -* Mon Dec 13 2004 Lars Scheiter 2.2-2 -- Optionally allow different sourcenames - -* Mon Nov 22 2004 Lars Scheiter 2.2 -- Update to 2.2 (upstream) -- reintroduction of suse detection -- small fixes -- Corrected URL -- Synchronize schema package name with debian - -* Mon May 19 2004 Levente Farkas 2.1.1 -- update to 2.1.1 - -* Mon Apr 19 2004 Levente Farkas 2.1 -- update to 2.1 - -* Fri Apr 16 2004 Levente Farkas 2.1 -- minor fixes -- update to 2.1rc2 - -* Tue Jan 24 2004 Henning P. Schmiedehausen 2.1-2t -- bumped to 2.1beta2 -- first INTERMETA internal build - -* Mon Oct 20 2003 Lars Scheiter -- Update to new upstream release (2.0rc1) - -* Fri Oct 17 2003 Lars Scheiter -- First build of GOsa as an RPM, should work on SuSE and RedHat diff --git a/contrib/keyboardLayouts b/contrib/keyboardLayouts deleted file mode 100644 index ca282485f..000000000 --- a/contrib/keyboardLayouts +++ /dev/null @@ -1,7 +0,0 @@ -# Left side will be saved in ldap attribute -# Right side will be displayed in the selectbox -# (Terminal Workstation -> Services -> Keyboard ) -a:1 -b:2 -c:3 -d:4 diff --git a/contrib/latex2html b/contrib/latex2html deleted file mode 100755 index 5b4e3f7f5..000000000 --- a/contrib/latex2html +++ /dev/null @@ -1,17413 +0,0 @@ -#! /usr/bin/perl -# -# $Id: latex2html.pin,v 1.71 2004/01/06 23:49:54 RRM Exp $ -# -# Comprises patches and revisions by various authors: -# See Changes, the log file of LaTeX2HTML. -# -# Original Copyright notice: -# -# LaTeX2HTML by Nikos Drakos - -# **************************************************************** -# LaTeX To HTML Translation ************************************** -# **************************************************************** -# LaTeX2HTML is a Perl program that translates LaTeX source -# files into HTML (HyperText Markup Language). For each source -# file given as an argument the translator will create a -# directory containing the corresponding HTML files. -# -# The man page for this program is included at the end of this file -# and can be viewed using "perldoc latex2html" -# -# For more information on this program and some examples of its -# capabilities visit -# -# http://www.latex2html.org/ -# -# or see the accompanying documentation in the docs/ directory -# -# or -# -# http://www-texdev.ics.mq.edu.au/l2h/docs/manual/ -# -# or -# -# http://www.cbl.leeds.ac.uk/nikos/tex2html/doc/latex2html/ -# -# Original code written by Nikos Drakos, July 1993. -# -# Address: Computer Based Learning Unit -# University of Leeds -# Leeds, LS2 9JT -# -# Copyright (c) 1993-95. All rights reserved. -# -# -# Extensively modified by Ross Moore, Herb Swan and others -# -# Address: Mathematics Department -# Macquarie University -# Sydney, Australia, 2109 -# -# Copyright (c) 1996-2001. All rights reserved. -# -# See general license in the LICENSE file. -# -########################################################################## - -use 5.003; # refuse to work with old and buggy perl version -#use strict; -#use diagnostics; - -# include some perl packages; these come with the standard distribution -use Getopt::Long; -use Fcntl; -use AnyDBM_File; - -# The following are global variables that also appear in some modules -use vars qw($LATEX2HTMLDIR $LATEX2HTMLPLATDIR $SCRIPT - %Month %used_icons $inside_tabbing $TABLE_attribs - %mathentities $date_name $outer_math $TABLE__CELLPADDING_rx); - -BEGIN { - # print "scanning for l2hdir\n"; - if($ENV{'LATEX2HTMLDIR'}) { - $LATEX2HTMLDIR = $ENV{'LATEX2HTMLDIR'}; - } else { - $ENV{'LATEX2HTMLDIR'} = $LATEX2HTMLDIR = '/usr/share/latex2html'; - } - - if($ENV{'LATEX2HTMLPLATDIR'}) { - $LATEX2HTMLPLATDIR = $ENV{'LATEX2HTMLPLATDIR'}; - } else { - $LATEX2HTMLPLATDIR = '/usr/share/latex2html'||$LATEX2HTMLDIR; - $ENV{'LATEX2HTMLPLATDIR'} = $LATEX2HTMLPLATDIR; - } - if(-d $LATEX2HTMLPLATDIR) { - push(@INC,$LATEX2HTMLPLATDIR); - } - - if(-d $LATEX2HTMLDIR) { - push(@INC,$LATEX2HTMLDIR); - } else { - die qq{Fatal: Directory "$LATEX2HTMLDIR" does not exist.\n}; - } -} - -use L2hos; # Operating system dependent routines - -# $^W = 1; # turn on warnings - -my $RELEASE = '2002-2-1'; -my ($REVISION) = q$Revision: 1.71 $ =~ /:\s*(\S+)/; - -# The key, which delimts expressions defined in the environment -# depends on the operating system. -$envkey = L2hos->pathd(); - -# $dd is the directory delimiter character -$dd = L2hos->dd(); - -# make sure the $LATEX2HTMLDIR is on the search-path for forked processes -if($ENV{'PERL5LIB'}) { - $ENV{'PERL5LIB'} .= "$envkey$LATEX2HTMLDIR" - unless($ENV{'PERL5LIB'} =~ m|\Q$LATEX2HTMLDIR\E|o); -} else { - $ENV{'PERL5LIB'} = $LATEX2HTMLDIR; -} - -# Local configuration, read at runtime -# Read the $CONFIG_FILE (usually l2hconf.pm ) -if($ENV{'L2HCONFIG'}) { - require $ENV{'L2HCONFIG'} || - die "Fatal (require $ENV{'L2HCONFIG'}): $!"; -} else { - eval 'use l2hconf'; - if($@) { - die "Fatal (use l2hconf): $@\n"; - } -} - -# MRO: Changed this to global value in config/config.pl -# change these whenever you do a patch to this program and then -# name the resulting patch file accordingly -# $TVERSION = "2002-2-1"; -#$TPATCHLEVEL = " beta"; -#$TPATCHLEVEL = " release"; -#$RELDATE = "(March 30, 1999)"; -#$TEX2HTMLV_SHORT = $TVERSION . $TPATCHLEVEL; - -$TEX2HTMLV_SHORT = $RELEASE; -$TEX2HTMLVERSION = "$TEX2HTMLV_SHORT ($REVISION)"; -$TEX2HTMLADDRESS = "http://www.latex2html.org/"; -$AUTHORADDRESS = "http://cbl.leeds.ac.uk/nikos/personal.html"; -#$AUTHORADDRESS2 = "http://www-math.mpce.mq.edu.au/%7Eross/"; -$AUTHORADDRESS2 = "http://www.maths.mq.edu.au/~ross/"; - -# Set $HOME to what the system considers the home directory -$HOME = L2hos->home(); -push(@INC,$HOME); - -# flush stdout with every print -- gives better feedback during -# long computations -$| = 1; - -# set Perl's subscript separator to LaTeX's illegal character. -# (quite defensive but why not) -$; = "\000"; - -# No arguments!! -unless(@ARGV) { - die "Error: No files to process!\n"; -} - -# Image prefix -$IMAGE_PREFIX = '_image'; - -# Partition prefix -$PARTITION_PREFIX = 'part_' unless $PARTITION_PREFIX; - -# Author address -@address_data = &address_data('ISO'); -$ADDRESS = "$address_data[0]\n$address_data[1]"; - -# ensure non-zero defaults -$MAX_SPLIT_DEPTH = 4 unless ($MAX_SPLIT_DEPTH); -$MAX_LINK_DEPTH = 4 unless ($MAX_LINK_DEPTH); -$TOC_DEPTH = 4 unless ($TOC_DEPTH); - -# A global value may already be set in the $CONFIG_FILE -$INIT_FILE_NAME = $ENV{'L2HINIT_NAME'} || '.latex2html-init' - unless $INIT_FILE_NAME; - -# Read the $HOME/$INIT_FILE_NAME if one is found -if (-f "$HOME$dd$INIT_FILE_NAME" && -r _) { - print "Note: Loading $HOME$dd$INIT_FILE_NAME\n"; - require("$HOME$dd$INIT_FILE_NAME"); - $INIT_FILE = "$HOME$dd$INIT_FILE_NAME"; - # _MRO_TODO_: Introduce a version to be checked? - die "Error: You have an out-of-date " . $HOME . - "$dd$INIT_FILE_NAME file.\nPlease update or delete it.\n" - if ($DESTDIR eq '.'); -} - -# Read the $INIT_FILE_NAME file if one is found in current directory -if ( L2hos->Cwd() ne $HOME && -f ".$dd$INIT_FILE_NAME" && -r _) { - print "Note: Loading .$dd$INIT_FILE_NAME\n"; - require(".$dd$INIT_FILE_NAME"); - $INIT_FILE = "$INIT_FILE_NAME"; -} -die "Error: '.' is an incorrect setting for DESTDIR.\n" . - "Please check your $INIT_FILE_NAME file.\n" - if ($DESTDIR eq '.'); - -# User home substitutions -$LATEX2HTMLSTYLES =~ s/~([$dd$dd$envkey]|$)/$HOME$1/go; -# the next line fails utterly on non-UNIX systems -$LATEX2HTMLSTYLES =~ s/~([^$dd$dd$envkey]+)/L2hos->home($1)/geo; - -#absolutise the paths -$LATEX2HTMLSTYLES = join($envkey, - map(L2hos->Make_directory_absolute($_), - split(/$envkey/o, $LATEX2HTMLSTYLES))); - -#HWS: That was the last reference to HOME. Now set HOME to $LATEX2HTMLDIR, -# to enable dvips to see that version of .dvipsrc! But only if we -# have DVIPS_MODE not set - yes - this is a horrible nasty kludge -# MRO: The file has to be updated by configure _MRO_TODO_ - -if ($PK_GENERATION && ! $DVIPS_MODE) { - $ENV{HOME} = $LATEX2HTMLDIR; - delete $ENV{PRINTER}; # Overrides .dvipsrc -} - -# language of the DTD specified in the tag -$ISO_LANGUAGE = 'EN' unless $ISO_LANGUAGE; - -# Save the command line arguments, quote where necessary -$argv = join(' ', map {/[\s#*!\$%]/ ? "'$_'" : $_ } @ARGV); - -# Pre-process the command line for backward compatibility -foreach(@ARGV) { - s/^--?no_/-no/; # replace e.g. no_fork by nofork - # s/^[+](\d+)$/$1/; # remove + in front of integers -} - -# Process command line options -my %opt; -unless(GetOptions(\%opt, # all non-linked options go into %opt - # option linkage (optional) - 'help|h', - 'version|V', - 'split=s', - 'link=s', - 'toc_depth=i', \$TOC_DEPTH, - 'toc_stars!', \$TOC_STARS, - 'short_extn!', \$SHORTEXTN, - 'iso_language=s', \$ISO_LANGUAGE, - 'validate!', \$HTML_VALIDATE, - 'latex!', - 'djgpp!', \$DJGPP, - 'fork!', \$CAN_FORK, - 'external_images!', \$EXTERNAL_IMAGES, - 'ascii_mode!', \$ASCII_MODE, - 'lcase_tags!', \$LOWER_CASE_TAGS, - 'ps_images!', \$PS_IMAGES, - 'font_size=s', \$FONT_SIZE, - 'tex_defs!', \$TEXDEFS, - 'navigation!', - 'top_navigation!', \$TOP_NAVIGATION, - 'bottom_navigation!', \$BOTTOM_NAVIGATION, - 'auto_navigation!', \$AUTO_NAVIGATION, - 'index_in_navigation!', \$INDEX_IN_NAVIGATION, - 'contents_in_navigation!', \$CONTENTS_IN_NAVIGATION, - 'next_page_in_navigation!', \$NEXT_PAGE_IN_NAVIGATION, - 'previous_page_in_navigation!', \$PREVIOUS_PAGE_IN_NAVIGATION, - 'footnode!', - 'numbered_footnotes!', \$NUMBERED_FOOTNOTES, - 'prefix=s', \$PREFIX, - 'auto_prefix!', \$AUTO_PREFIX, - 'long_titles=i', \$LONG_TITLES, - 'custom_titles!', \$CUSTOM_TITLES, - 'title|t=s', \$TITLE, - 'rooted!', \$ROOTED, - 'rootdir=s', - 'dir=s', \$FIXEDDIR, - 'mkdir', \$MKDIR, - 'address=s', \$ADDRESS, - 'noaddress', - 'subdir!', - 'info=s', \$INFO, - 'noinfo', - 'auto_link!', - 'reuse=i', \$REUSE, - 'noreuse', - 'antialias_text!', \$ANTI_ALIAS_TEXT, - 'antialias!', \$ANTI_ALIAS, - 'transparent!', \$TRANSPARENT_FIGURES, - 'white!', \$WHITE_BACKGROUND, - 'discard!', \$DISCARD_PS, - 'image_type=s', \$IMAGE_TYPE, - 'images!', - 'accent_images=s', \$ACCENT_IMAGES, - 'noaccent_images', - 'style=s', \$STYLESHEET, - 'parbox_images!', - 'math!', - 'math_parsing!', - 'latin!', - 'entities!', \$USE_ENTITY_NAMES, - 'local_icons!', \$LOCAL_ICONS, - 'scalable_fonts!', \$SCALABLE_FONTS, - 'images_only!', \$IMAGES_ONLY, - 'show_section_numbers!',\$SHOW_SECTION_NUMBERS, - 'show_init!', \$SHOW_INIT_FILE, - 'init_file=s', \$INIT_FILE, - 'up_url=s', \$EXTERNAL_UP_LINK, - 'up_title=s', \$EXTERNAL_UP_TITLE, - 'down_url=s', \$EXTERNAL_DOWN_LINK, - 'down_title=s', \$EXTERNAL_DOWN_TITLE, - 'prev_url=s', \$EXTERNAL_PREV_LINK, - 'prev_title=s', \$EXTERNAL_PREV_TITLE, - 'index=s', \$EXTERNAL_INDEX, - 'biblio=s', \$EXTERNAL_BIBLIO, - 'contents=s', \$EXTERNAL_CONTENTS, - 'external_file=s', \$EXTERNAL_FILE, - 'short_index!', \$SHORT_INDEX, - 'unsegment!', \$UNSEGMENT, - 'debug!', \$DEBUG, - 'tmp=s', \$TMP, - 'ldump!', \$LATEX_DUMP, - 'timing!', \$TIMING, - 'verbosity=i', \$VERBOSITY, - 'html_version=s', \$HTML_VERSION, - 'strict!', \$STRICT_HTML, - 'xbit!', \$XBIT_HACK, - 'ssi!', \$ALLOW_SSI, - 'php!', \$ALLOW_PHP, - 'test_mode!' # undocumented switch - )) { - &usage(); - exit 1; -} - -# interpret options, check option consistency -if(defined $opt{'split'}) { - if ($opt{'split'} =~ /^(\+?)(\d+)$/) { - $MAX_SPLIT_DEPTH = $2; - if ($1) { $MAX_SPLIT_DEPTH *= -1; $REL_DEPTH = 1; } - } else { - &usage; - die "Error: Unrecognised value for -split: $opt{'split'}\n"; - } -} -if(defined $opt{'link'}) { - if ($opt{'link'} =~ /^(\+?)(\d+)$/) { - $MAX_LINK_DEPTH = $2; - if ($1) { $MAX_LINK_DEPTH *= -1 } - } else { - &usage; - die "Error: Unrecognised value for -link: $opt{'link'}\n"; - } -} -unless ($ISO_LANGUAGE =~ /^[A-Z.]+$/) { - die "Error: Language (-iso_language) must be uppercase and dots only: $ISO_LANGUAGE\n"; -} -if ($HTML_VALIDATE && !$HTML_VALIDATOR) { - die "Error: Need a HTML_VALIDATOR when -validate is specified.\n"; -} -&set_if_false($NOLATEX,$opt{latex}); # negate the option... -if ($ASCII_MODE || $PS_IMAGES) { - $EXTERNAL_IMAGES = 1; -} -if ($FONT_SIZE && $FONT_SIZE !~ /^\d+pt$/) { - die "Error: Font size (-font_size) must end with 'pt': $FONT_SIZE\n" -} -&set_if_false($NO_NAVIGATION,$opt{navigation}); -&set_if_false($NO_FOOTNODE,$opt{footnode}); -if (defined $TITLE && !length($TITLE)) { - die "Error: Empty title (-title).\n"; -} -if ($opt{rootdir}) { - $ROOTED = 1; - $FIXEDDIR = $opt{rootdir}; -} -if ($FIXEDDIR && !-d $FIXEDDIR) { - if ($MKDIR) { - print "\n *** creating directory: $FIXEDDIR "; - die "Failed: $!\n" unless (mkdir($FIXEDDIR, 0755)); - # _TODO_ use File::Path to create a series of directories - } else { - &usage; - die "Error: Specified directory (-rootdir, -dir) does not exist.\n"; - } -} -&set_if_false($NO_SUBDIR, $opt{subdir}); -&set_if_false($NO_AUTO_LINK, $opt{auto_link}); -if ($opt{noreuse}) { - $REUSE = 0; -} -unless(grep(/^\Q$IMAGE_TYPE\E$/o, @IMAGE_TYPES)) { - die <<"EOF"; -Error: No such image type '$IMAGE_TYPE'. - This installation supports (first is default): @IMAGE_TYPES -EOF -} -&set_if_false($NO_IMAGES, $opt{images}); -if ($opt{noaccent_images}) { - $ACCENT_IMAGES = ''; -} -if($opt{noaddress}) { - $ADDRESS = ''; -} -if($opt{noinfo}) { - $INFO = 0; -} -if($ACCENT_IMAGES && $ACCENT_IMAGES !~ /^[a-zA-Z,]+$/) { - die "Error: Single word or comma-list of style words needed for -accent_images, not: $_\n"; -} -&set_if_false($NO_PARBOX_IMAGES, $opt{parbox_images}); -&set_if_false($NO_SIMPLE_MATH, $opt{math}); -if (defined $opt{math_parsing}) { - $NO_MATH_PARSING = !$opt{math_parsing}; - $NO_SIMPLE_MATH = !$opt{math_parsing} unless(defined $opt{math}); -} -&set_if_false($NO_ISOLATIN, $opt{latin}); -if ($INIT_FILE) { - if (-f $INIT_FILE && -r _) { - print "Note: Initialising with file: $INIT_FILE\n" - if ($DEBUG || $VERBOSITY); - require($INIT_FILE); - } else { - die "Error: Could not find file (-init_file): $INIT_FILE\n"; - } -} -foreach($EXTERNAL_UP_LINK, $EXTERNAL_DOWN_LINK, $EXTERNAL_PREV_LINK, - $EXTERNAL_INDEX, $EXTERNAL_BIBLIO, $EXTERNAL_CONTENTS) { - $_ ||= ''; # initialize - s/~/~/g; # protect `~' -} -if($TMP && !(-d $TMP && -w _)) { - die "Error: '$TMP' not usable as temporary directory.\n"; -} -if ($opt{help}) { - L2hos->perldoc($SCRIPT); - exit 0; -} -if ($opt{version}) { - &banner(); - exit 0; -} -if ($opt{test_mode}) { - return; # make /usr/bin/latex2html non-exploitable - $TITLE = 'LaTeX2HTML Test Document'; - $TEXEXPAND = "$PERL /build/buildd/latex2html-2002-2-1-20050114${dd}texexpand"; - $PSTOIMG = "$PERL /build/buildd/latex2html-2002-2-1-20050114${dd}pstoimg"; - $ICONSERVER = L2hos->path2URL("/build/buildd/latex2html-2002-2-1-20050114${dd}icons"); - $TEST_MODE = 1; - $RGBCOLORFILE = "/build/buildd/latex2html-2002-2-1-20050114${dd}styles${dd}rgb.txt"; - $CRAYOLAFILE = "/build/buildd/latex2html-2002-2-1-20050114${dd}styles${dd}crayola.txt"; -} -if($DEBUG) { - # make the OS-dependent functions more chatty, too - $L2hos::Verbose = 1; -} - -undef %opt; # not needed any more - - -$FIXEDDIR = $FIXEDDIR || $DESTDIR || ''; # for backward compatibility - -if ($EXTERNAL_UP_TITLE xor $EXTERNAL_UP_LINK) { - warn "Warning (-up_url, -up_title): Need to specify both a parent URL and a parent title!\n"; - $EXTERNAL_UP_TITLE = $EXTERNAL_UP_LINK = ""; -} - -if ($EXTERNAL_DOWN_TITLE xor $EXTERNAL_DOWN_LINK) { - warn "Warning (-down_url, -down_title): Need to specify both a parent URL and a parent title!\n"; - $EXTERNAL_DOWN_TITLE = $EXTERNAL_DOWN_LINK = ""; -} - -# $NO_NAVIGATION = 1 unless $MAX_SPLIT_DEPTH; # Martin Wilck - -if ($MAX_SPLIT_DEPTH && $MAX_SPLIT_DEPTH < 0) { - $MAX_SPLIT_DEPTH *= -1; $REL_DEPTH = 1; -} -if ($MAX_LINK_DEPTH && $MAX_LINK_DEPTH < 0) { - $MAX_LINK_DEPTH *= -1; $LEAF_LINKS = 1; -} - -$FOOT_FILENAME = 'footnode' unless ($FOOT_FILENAME); -$NO_FOOTNODE = 1 unless ($MAX_SPLIT_DEPTH || $NO_FOOTNODE); -$NO_SPLIT = 1 unless $MAX_SPLIT_DEPTH; # _MRO_TODO_: is this needed at all? -$SEGMENT = $SEGMENTED = 0; -$NO_MATH_MARKUP = 1; - -# specify the filename extension to use with the generated HTML files -if ($SHORTEXTN) { $EXTN = ".htm"; } # for HTML files on CDROM -elsif ($ALLOW_PHP) { $EXTN = ".php"; } # has PHP dynamic includes - # with server-side includes (SSI) : -elsif ($ALLOW_SSI && !$XBIT_HACK) { $EXTN = ".shtml"; } - # ordinary names, valid also for SSI with XBit hack : -else { $EXTN = ".html"; } - -$NODE_NAME = 'node' unless (defined $NODE_NAME); - -# space for temporary files -# different to the $TMPDIR for image-generation -# MRO: No directory should end with $dd! -$TMP_ = "TMP"; - -$TMP_PREFIX = "l2h" unless ($TMP_PREFIX); - -# This can be set to 1 when using a version of dvips that is safe -# from the "dot-in-name" bug. -# _TODO_ this should be determined by configure -$DVIPS_SAFE = 1; - -$CHARSET = $charset || 'iso-8859-1'; - -#################################################################### -# -# If possible, use icons of the same type as generated images -# -if ($IMAGE_TYPE && defined %{"icons_$IMAGE_TYPE"}) { - %icons = %{"icons_$IMAGE_TYPE"}; -} - -#################################################################### -# -# Figure out what options we need to pass to DVIPS and store that in -# the $DVIPSOPT variable. Also, scaling is taken care of at the -# dvips level if PK_GENERATION is set to 1, so adjust SCALE_FACTORs -# accordingly. -# -if ($SCALABLE_FONTS) { - $PK_GENERATION = 0; - $DVIPS_MODE = ''; -} - -if ($PK_GENERATION) { - if ($MATH_SCALE_FACTOR <= 0) { $MATH_SCALE_FACTOR = 2; } - if ($FIGURE_SCALE_FACTOR <= 0) { $FIGURE_SCALE_FACTOR = 2; } - my $saveMSF = $MATH_SCALE_FACTOR; - my $saveFSF = $FIGURE_SCALE_FACTOR; - my $desired_dpi = int($MATH_SCALE_FACTOR*75); - $FIGURE_SCALE_FACTOR = ($METAFONT_DPI / 72) * - ($FIGURE_SCALE_FACTOR / $MATH_SCALE_FACTOR) ; - $MATH_SCALE_FACTOR = $METAFONT_DPI / 72; - $dvi_mag = int(1000 * $desired_dpi / $METAFONT_DPI); - if ($dvi_mag > 1000) { - &write_warnings( - "WARNING: Your SCALE FACTOR is too large for PK_GENERATION.\n" . - " See $CONFIG_FILE for more information.\n"); - } - - # RRM: over-sized scaling, using dvi-magnification - if ($EXTRA_IMAGE_SCALE) { - print "\n *** Images at $EXTRA_IMAGE_SCALE times resolution of displayed size ***\n"; - $desired_dpi = int($EXTRA_IMAGE_SCALE * $desired_dpi+.5); - print " desired_dpi = $desired_dpi METAFONT_DPI = $METAFONT_DPI\n" - if $DEBUG; - $dvi_mag = int(1000 * $desired_dpi / $METAFONT_DPI); - $MATH_SCALE_FACTOR = $saveMSF; - $FIGURE_SCALE_FACTOR = $saveFSF; - } - # no space after "-y", "-D", "-e" --- required by DVIPS under DOS ! - my $mode_switch = "-mode $DVIPS_MODE" if $DVIPS_MODE; - $DVIPSOPT .= " -y$dvi_mag -D$METAFONT_DPI $mode_switch -e5 "; -} else { # no PK_GENERATION -# if ($EXTRA_IMAGE_SCALE) { -# &write_warnings( -# "the \$EXTRA_IMAGE_SCALE feature requires either \$PK_GENERATION=1" -# . " or the '-scalable_fonts' option"); -# $EXTRA_IMAGE_SCALE = ''; -# } - # MRO: shifted to l2hconf - #$DVIPSOPT .= ' -M'; -} # end PK_GENERATION - -# The mapping from numbers to accents. -# These are required to process the \accent command, which is found in -# tables of contents whenever there is an accented character in a -# caption or section title. Processing the \accent command makes -# $encoded_*_number work properly (see &extract_captions) with -# captions that contain accented characters. -# I got the numbers from the plain.tex file, version 3.141. - -# Missing entries should be looked up by a native speaker. -# Have a look at generate_accent_commands and $iso_8859_1_character_map. - -# MEH: added more accent types -# MRO: only uppercase needed! -%accent_type = ( - '18' => 'grave', # \` - '19' => 'acute', # `' - '20' => 'caron', # \v - '21' => 'breve', # \u - '22' => 'macr', # \= - '23' => 'ring', # - '24' => 'cedil', # \c - '94' => 'circ', # \^ - '95' => 'dot', # \. - '7D' => 'dblac', # \H - '7E' => 'tilde', # \~ - '7F' => 'uml', # \" -); - -&driver; - -exit 0; # clean exit, no errors - -############################ Subroutines ################################## - -#check that $TMP is writable, if so create a subdirectory -sub make_tmp_dir { - &close_dbm_database if $DJGPP; # to save file-handles - - # determine a suitable temporary path - # - $TMPDIR = ''; - my @tmp_try = (); - push(@tmp_try, $TMP) if($TMP); - push(@tmp_try, "$DESTDIR$dd$TMP_") if($TMP_); - push(@tmp_try, $DESTDIR) if($DESTDIR); - push(@tmp_try, L2hos->Cwd()); - - my $try; - TempTry: foreach $try (@tmp_try) { - next unless(-d $try && -w _); - my $tmp = "$try$dd$TMP_PREFIX$$"; - if(mkdir($tmp,0755)) { - $TMPDIR=$tmp; - last TempTry; - } else { - warn "Warning: Cannot create temporary directory '$tmp': $!\n"; - } - } - - $dvips_warning = <<"EOF"; - -Warning: There is a '.' in \$TMPDIR, $DVIPS will probably fail. -Set \$TMP to use a /tmp directory, or rename the working directory. -EOF - die ($dvips_warning . "\n\$TMPDIR=$TMPDIR ***\n\n") - if ($TMPDIR =~ /\./ && $DVIPS =~ /dvips/ && !$DVIPS_SAFE); - - &open_dbm_database if $DJGPP; -} - -# MRO: set first parameter to the opposite of the second if second parameter is defined -sub set_if_false { - $_[0] = !$_[1] if(defined $_[1]); -} - -sub check_for_dots { - local($file) = @_; - if ($file =~ /\.[^.]*\./ && !$DVIPS_SAFE) { - die "\n\n\n *** Fatal Error --- but easy to fix ***\n" - . "\nCannot have '.' in file-name prefix, else dvips fails on images" - . "\nChange the name from $file and try again.\n\n"; - } -} - -# Process each file ... -sub driver { - local($FILE, $orig_cwd, %unknown_commands, %dependent, %depends_on - , %styleID, %env_style, $bbl_cnt, $dbg, %numbered_section); - # MRO: $texfilepath has to be global! - local(%styles_loaded); - $orig_cwd = L2hos->Cwd(); - - print "\n *** initialise *** " if ($VERBOSITY > 1); - &initialise; # Initialise some global variables - - print "\n *** check modes *** " if ($VERBOSITY > 1); - &ascii_mode if $ASCII_MODE; # Must come after initialization - &titles_language($TITLES_LANGUAGE); - &make_numbered_footnotes if ($NUMBERED_FOOTNOTES); - $dbg = $DEBUG ? "-debug" : ""; - $dbg .= (($VERBOSITY>2) ? " -verbose" : ""); - - #use the same hashes for all files in a batch - local(%cached_env_img, %id_map, %symbolic_labels, %latex_labels) - if ($FIXEDDIR && $NO_SUBDIR); - - local($MULTIPLE_FILES,$THIS_FILE); - $MULTIPLE_FILES = 1+$#ARGV if $ROOTED; - print "\n *** $MULTIPLE_FILES file".($MULTIPLE_FILES ? 's: ' : ': ') - . join(',',@ARGV) . " *** " if ($VERBOSITY > 1); - - local(%section_info, %toc_section_info, %cite_info, %ref_files); - - foreach $FILE (@ARGV) { - &check_for_dots($FILE) unless $DVIPS_SAFE; - ++$THIS_FILE if $MULTIPLE_FILES; - do { - %section_info = (); - %toc_section_info = (); - %cite_info = (); - %ref_files = (); - } unless $MULTIPLE_FILES; - local($bbl_nr) = 1; - - # The number of reused images and those in images.tex - local($global_page_num) = (0) unless($FIXEDDIR && $NO_SUBDIR); - # The number of images in images.tex - local($new_page_num) = (0); # unless($FIXEDDIR && $NO_SUBDIR); - local($pid, $sections_rx, - , $outermost_level, %latex_body, $latex_body - , %encoded_section_number - , %verbatim, %new_command, %new_environment - , %provide_command, %renew_command, %new_theorem - , $preamble, $aux_preamble, $prelatex, @preamble); - - # must retain these when all files are in the same directory - # else the images.pl and labels.pl files get clobbered - unless ($FIXEDDIR && $NO_SUBDIR) { - print "\nResetting image-cache" if ($#ARGV); - local(%cached_env_img, %id_map, %symbolic_labels, %latex_labels) - } - -## AYS: Allow extension other than .tex and make it optional - ($EXT = $FILE) =~ s/.*\.([^\.]*)$/$1/; - if ( $EXT eq $FILE ) { - $EXT = "tex"; - $FILE =~ s/$/.tex/; - } - - #RRM: allow user-customisation, dependent on file-name - # e.g. add directories to $TEXINPUTS named for the file - # --- idea due to Fred Drake - &custom_driver_hook($FILE) if (defined &custom_driver_hook); - -# JCL(jcl-dir) -# We need absolute paths for TEXINPUTS here, because -# we change the directory - if ($orig_cwd eq $texfilepath) { - &deal_with_texinputs($orig_cwd); - } else { - &deal_with_texinputs($orig_cwd, $texfilepath); - } - - ($texfilepath, $FILE) = &get_full_path($FILE); - $texfilepath = '.' unless($texfilepath); - - die "Cannot read $texfilepath$dd$FILE \n" - unless (-f "$texfilepath$dd$FILE"); - - -# Tell texexpand which files we *don't* want to look at. - $ENV{'TEXE_DONT_INCLUDE'} = $DONT_INCLUDE if $DONT_INCLUDE; -# Tell texexpand which files we *do* want to look at, e.g. -# home-brew style files - $ENV{'TEXE_DO_INCLUDE'} = $DO_INCLUDE if $DO_INCLUDE; - - $FILE =~ s/\.[^\.]*$//; ## AYS - $DESTDIR = ''; # start at empty - if ($FIXEDDIR) { - $DESTDIR = $FIXEDDIR unless ($FIXEDDIR eq '.'); - if (($ROOTED)&&!($texfilepath eq $orig_cwd)) { - $DESTDIR .= $dd . $FILE unless $NO_SUBDIR; - }; - } elsif ($texfilepath eq $orig_cwd) { - $DESTDIR = ($NO_SUBDIR ? '.' : $FILE); - } else { - $DESTDIR = $ROOTED ? '.' : $texfilepath; - $DESTDIR .= $dd . $FILE unless $NO_SUBDIR; - } - $PREFIX = "$FILE-" if $AUTO_PREFIX; - - print "\nOPENING $texfilepath$dd$FILE.$EXT \n"; ## AYS - - next unless (&new_dir($DESTDIR,'')); - # establish absolute path to $DESTDIR - $DESTDIR = L2hos->Make_directory_absolute($DESTDIR); - &make_tmp_dir; - print "\nNote: Working directory is $DESTDIR\n"; - print "Note: Images will be generated in $TMPDIR\n\n"; - -# Need to clean up a bit in case there's garbage left -# from former runs. - if ($DESTDIR) { chdir($DESTDIR) || die "$!\n"; } - if (opendir (TMP,$TMP_)) { - foreach (readdir TMP) { - L2hos->Unlink("TMP_$dd$_") unless (/^\.\.?$/); - } - closedir TMP; - } - &cleanup(1); - unless(-d $TMP_) { - mkdir($TMP_, 0755) || - die "Cannot create directory '$TMP_': $!\n"; - } - chdir($orig_cwd); - -# RRM 14/5/98 moved this to occur earlier -## JCL(jcl-dir) -## We need absolute paths for TEXINPUTS here, because -## we change the directory -# if ($orig_cwd eq $texfilepath) { -# &deal_with_texinputs($orig_cwd); -# } else { -# &deal_with_texinputs($orig_cwd, $texfilepath); -# } - - -# This needs $DESTDIR to have been created ... - print " *** calling `texexpand' ***" if ($VERBOSITY > 1); - local($unseg) = ($UNSEGMENT ? "-unsegment " : ""); - -# does DOS need to check these here ? -# die "File $TEXEXPAND does not exist or is not executable\n" -# unless (-x $TEXEXPAND); - L2hos->syswait("$TEXEXPAND $dbg -auto_exclude $unseg" - . "-save_styles $DESTDIR$dd$TMP_${dd}styles " - . ($TEXINPUTS ? "-texinputs $TEXINPUTS " : '' ) - . (($VERBOSITY >2) ? "-verbose " : '' ) - . "-out $DESTDIR$dd$TMP_$dd$FILE " - . "$texfilepath$dd$FILE.$EXT") - && die " texexpand failed: $!\n"; - print STDOUT "\n *** `texexpand' done ***\n" if ($VERBOSITY > 1); - - chdir($DESTDIR) if $DESTDIR; - $SIG{'INT'} = 'handler'; - - &open_dbm_database; - &initialise_sections; - print STDOUT "\n *** database open ***\n" if ($VERBOSITY > 1); - - if ($IMAGES_ONLY) { - &make_off_line_images; - } else { - &rename_image_files; - &load_style_file_translations; - &make_language_rx; - &make_raw_arg_cmd_rx; -# &make_isolatin1_rx unless ($NO_ISOLATIN); - &translate_titles; - &make_sections_rx; - print "\nReading ..."; - if ($SHORT_FILENAME) { - L2hos->Rename ("$TMP_$dd$FILE" ,"$TMP_$dd$SHORT_FILENAME" ); - &slurp_input_and_partition_and_pre_process( - "$TMP_$dd$SHORT_FILENAME"); - } else { - &slurp_input_and_partition_and_pre_process("$TMP_$dd$FILE"); - } - &add_preamble_head; - # Create a regular expressions - &set_depth_levels; - &make_sections_rx; - &make_order_sensitive_rx; - &add_document_info_page if ($INFO && !(/\\htmlinfo/)); - &add_bbl_and_idx_dummy_commands; - &translate; # Destructive! - } - &style_sheet; - &close_dbm_database; - &cleanup(); - -#JCL: read warnings from file to $warnings - local($warnings) = &get_warnings; - print "\n\n*********** WARNINGS *********** \n$warnings" - if ($warnings || $NO_IMAGES || $IMAGES_ONLY); - &image_cache_message if ($NO_IMAGES || $IMAGES_ONLY); - &image_message if ($warnings =~ /Failed to convert/io); - undef $warnings; - -# JCL - generate directory index entry. -# Yet, a hard link, cause Perl lacks symlink() on some systems. - do { - local($EXTN) = $EXTN; - $EXTN =~ s/_\w+(\.html?)/$1/ if ($frame_main_name); - local($from,$to) = (eval($LINKPOINT),eval($LINKNAME)); - if (length($from) && length($to) && ($from ne $to)) { - #frames may have altered $EXTN - $from =~ s/$frame_main_name(\.html?)/$1/ if ($frame_main_name); - $to =~ s/$frame_main_name(\.html?)/$1/ if ($frame_main_name); - L2hos->Unlink($to); - L2hos->Link($from,$to); - } - } unless ($NO_AUTO_LINK || !($LINKPOINT) || !($LINKNAME)); - - &html_validate if ($HTML_VALIDATE && $HTML_VALIDATOR); - -# Go back to the source directory - chdir($orig_cwd); - $TEST_MODE = $DESTDIR if($TEST_MODE); # save path - $DESTDIR = ''; - $OUT_NODE = 0 unless $FIXEDDIR; - $STYLESHEET = '' if ($STYLESHEET =~ /^\Q$FILE./); - } - print "\nUnknown commands: ". join(" ",keys %unknown_commands) - if %unknown_commands; -###MEH -- math support - print "\nMath commands outside math: " . - join(" ",keys %commands_outside_math) . - "\n Output may look weird or may be faulty!\n" - if %commands_outside_math; - print "\nDone.\n"; - if($TEST_MODE) { - $TEST_MODE =~ s:[$dd$dd]+$::; - print "\nTo view the results, point your browser at:\n", - L2hos->path2URL(L2hos->Make_directory_absolute($TEST_MODE).$dd. - "index$EXTN"),"\n"; - } - $end_time = time; - $total_time = $end_time - $start_time; - print STDOUT join(' ',"Timing:",$total_time,"seconds\n") - if ($TIMING||$DEBUG||($VERBOSITY > 2)); - $_; -} - -sub open_dbm_database { - # These are DBM (unix DataBase Management) arrays which are actually - # stored in external files. They are used for communication between - # the main process and forked child processes; - print STDOUT "\n"; # this mysteriously prevents a core dump ! - - dbmopen(%verb, "$TMP_${dd}verb",0755); -# dbmopen(%verbatim, "$TMP_${dd}verbatim",0755); - dbmopen(%verb_delim, "$TMP_${dd}verb_delim",0755); - dbmopen(%expanded,"$TMP_${dd}expanded",0755); -# Holds max_id, verb_counter, verbatim_counter, eqn_number - dbmopen(%global, "$TMP_${dd}global",0755); -# Hold style sheet information - dbmopen(%env_style, "$TMP_${dd}envstyles",0755); - dbmopen(%txt_style, "$TMP_${dd}txtstyles",0755); - dbmopen(%styleID, "$TMP_${dd}styleIDs",0755); - -# These next two are used during off-line image conversion -# %new_id_map maps image id's to page_numbers of the images in images.tex -# %image_params maps image_ids to conversion parameters for that image - dbmopen(%new_id_map, "$TMP_${dd}ID_MAP",0755); - dbmopen(%img_params, "$TMP_${dd}IMG_PARAMS",0755); - dbmopen(%orig_name_map, "$TMP_${dd}ORIG_MAP",0755); - - $global{'max_id'} = ($global{'max_id'} | 0); - &read_mydb(\%verbatim, "verbatim"); - $global{'verb_counter'} = ($global{'verb_counter'} | 0); - $global{'verbatim_counter'} = ($global{'verbatim_counter'} | 0); - - &read_mydb(\%new_command, "new_command"); - &read_mydb(\%renew_command, "renew_command"); - &read_mydb(\%provide_command, "provide_command"); - &read_mydb(\%new_theorem, "new_theorem"); - &read_mydb(\%new_environment, "new_environment"); - &read_mydb(\%dependent, "dependent"); -# &read_mydb(\%env_style, "env_style"); -# &read_mydb(\%styleID, "styleID"); - # MRO: Why should we use read_mydb instead of catfile? - $preamble = &catfile(&_dbname("preamble"),1) || ''; - $prelatex = &catfile(&_dbname("prelatex"),1) || ''; - $aux_preamble = &catfile(&_dbname("aux_preamble"),1) || ''; - &restore_critical_variables; -} - -sub close_dbm_database { - &save_critical_variables; - dbmclose(%verb); undef %verb; -# dbmclose(%verbatim); undef %verbatim; - dbmclose(%verb_delim); undef %verb_delim; - dbmclose(%expanded); undef %expanded; - dbmclose(%global); undef %global; - dbmclose(%env_style); undef %env_style; - dbmclose(%style_id); undef %style_id; - dbmclose(%new_id_map); undef %new_id_map; - dbmclose(%img_params); undef %img_params; - dbmclose(%orig_name_map); undef %orig_name_map; - dbmclose(%txt_style); undef %txt_style; - dbmclose(%styleID); undef %styleID; -} - -sub clear_images_dbm_database { - # - # %new_id_map will be used by the off-line image conversion process - # - dbmclose(%new_id_map); - dbmclose(%img_params); - dbmclose(%orig_name_map); - undef %new_id_map; - undef %img_params; - undef %orig_name_map; - dbmopen(%new_id_map, "$TMP_${dd}ID_MAP",0755); - dbmopen(%img_params, "$TMP_${dd}IMG_PARAMS",0755); - dbmopen(%orig_name_map, "$TMP_${dd}ORIG_MAP",0755); -} - -sub initialise_sections { - local($key); - foreach $key (keys %numbered_section) { - $global{$key} = $numbered_section{$key}} -} - -sub save_critical_variables { - $global{'math_markup'} = $NO_MATH_MARKUP; - $global{'charset'} = $CHARSET; - $global{'charenc'} = $charset; - $global{'language'} = $default_language; - $global{'isolatin'} = $ISOLATIN_CHARS; - $global{'unicode'} = $UNICODE_CHARS; - if ($UNFINISHED_ENV) { - $global{'unfinished_env'} = $UNFINISHED_ENV; - $global{'replace_end_env'} = $REPLACE_END_ENV; - } - $global{'unfinished_comment'} = $UNFINISHED_COMMENT; - if (@UNMATCHED_OPENING) { - $global{'unmatched'} = join(',',@UNMATCHED_OPENING); - } -} - -sub restore_critical_variables { - $NO_MATH_MARKUP = ($global{'math_markup'}| - (defined $NO_MATH_MARKUP ? $NO_MATH_MARKUP:1)); - $CHARSET = ($global{'charset'}| $CHARSET); - $charset = ($global{'charenc'}| $charset); - $default_language = ($global{'language'}| - (defined $default_language ? $default_language:'english')); - $ISOLATIN_CHARS = ($global{'isolatin'}| - (defined $ISOLATIN_CHARS ? $ISOLATIN_CHARS:0)); - $UNICODE_CHARS = ($global{'unicode'}| - (defined $UNICODE_CHARS ? $UNICODE_CHARS:0)); - if ($global{'unfinished_env'}) { - $UNFINISHED_ENV = $global{'unfinished_env'}; - $REPLACE_END_ENV = $global{'replace_end_env'}; - } - $UNFINISHED_COMMENT = $global{'unfinished_comment'}; - if ($global{'unmatched'}) { - @UNMATCHED_OPENING = split(',',$global{'unmatched'}); - } - - # undef any renewed-commands... - # so the new defs are read from %new_command - local($cmd,$key,$code); - foreach $key (keys %renew_command) { - $cmd = "do_cmd_$key"; - $code = "undef \&$cmd"; eval($code) if (defined &$cmd); - if ($@) { print "\nundef \&do_cmd_$cmd failed"} - } -} - -#JCL: The warnings should have been handled within the DBM database. -# Unfortunately if the contents of an array are more than ~900 (system -# dependent) chars long then dbm cannot handle it and gives error messages. -sub write_warnings { #clean - my ($str) = @_; - $str .= "\n" unless($str =~ /\n$/); - print STDOUT "\n *** Warning: $str" if ($VERBOSITY > 1); - my $warnings = ''; - if(-f 'WARNINGS') { - $warnings = &catfile('WARNINGS') || ''; - } - return () if ($warnings =~ /\Q$str\E/); - if(open(OUT,">>WARNINGS")) { - print OUT $str; - close OUT; - } else { - print "\nError: Cannot append to 'WARNINGS': $!\n"; - } -} - -sub get_warnings { - return &catfile('WARNINGS',1) || ''; -} - -# MRO: Standardizing -sub catfile { - my ($file,$ignore) = @_; - unless(open(CATFILE,"<$file")) { - print "\nError: Cannot read '$file': $!\n" - unless($ignore); - return undef; - } - local($/) = undef; # slurp in whole file - my $contents = ; - close(CATFILE); - $contents; -} - - -sub html_validate { - my ($extn) = $EXTN; - if ($EXTN !~ /^\.html?$/i) { - $extn =~ s/^[^\.]*(\.html?)$/$1/; - } - print "\n *** Validating ***\n"; - my @htmls = glob("*$extn"); - my $file; - foreach $file (@htmls) { - system("$HTML_VALIDATOR $file"); - } -} - -sub lost_argument { - local($cmd) = @_; - &write_warnings("\nincomplete argument to command: \\$cmd"); -} - - -# These subroutines should have been handled within the DBM database. -# Unfortunately if the contents of an array are more than ~900 (system -# dependent) chars long then dbm cannot handle it and gives error messages. -# So here we save and then read the contents explicitly. -sub write_mydb { - my ($db, $key, $str) = @_; - &write_mydb_simple($db, "\n$mydb_mark#$key#$str"); -} - -# generate the DB file name from the DB name -sub _dbname { - "$TMP_$dd$_[0]"; -} - -sub write_mydb_simple { - my ($db, $str) = @_; - my $file = &_dbname($db); - if(open(DB,">>$file")) { - print DB $str; - close DB; - } else { - print "\nError: Cannot append to '$file': $!\n"; - } -} - -sub clear_mydb { - my ($db) = @_; - my $file = &_dbname($db); - if(open(DB,">$file")) { - close DB; - } else { - print "\nError: Cannot clear '$file': $!\n"; - } -} - -# Assumes the existence of a DB file which contains -# sequences of e.g. verbatim counters and verbatim contents. -sub read_mydb { - my ($dbref,$name) = @_; - my $contents = &catfile(&_dbname($name),1); - return '' unless(defined $contents); - my @tmp = split(/\n$mydb_mark#([^#]*)#/, $contents); - my $i = 1; # Ignore the first element at 0 - print "\nDBM: $name open..." if ($VERBOSITY > 2); - while ($i < scalar(@tmp)) { - my $tmp1 = $tmp[$i]; - my $tmp2 = $tmp[++$i]; - $$dbref{$tmp1} = defined $tmp2 ? $tmp2 : ''; - ++$i; - }; - $contents; -} - - -# Reads in a latex generated file (e.g. .bbl or .aux) -# It returns success or failure -# ****** and binds $_ in the caller as a side-effect ****** -sub process_ext_file { - local($ext) = @_; - local($found, $extfile,$dum,$texpath); - $extfile = $EXTERNAL_FILE||$FILE; - local($file) = &fulltexpath("$extfile.$ext"); - $found = 0; - &write_warnings( - "\n$extfile.$EXT is newer than $extfile.$ext: Please rerun latex" . ## AYS - (($ext =~ /bbl/) ? " and bibtex.\n" : ".\n")) - if ( ($found = (-f $file)) && - &newer(&fulltexpath("$extfile.$EXT"), $file)); ## AYS - if ((!$found)&&($extfile =~ /\.$EXT$/)) { - $file = &fulltexpath("$extfile"); - &write_warnings( - "\n$extfile is newer than $extfile: Please rerun latex" . ## AYS - (($ext =~ /bbl/) ? " and bibtex.\n" : ".\n")) - if ( ($found = (-f $file)) && - &newer(&fulltexpath("$extfile"), $file)); ## AYS - } - - # check in other directories on the $TEXINPUTS paths - if (!$found) { - foreach $texpath (split /$envkey/, $TEXINPUTS ) { - $file = "$texpath$dd$extfile.$ext"; - last if ($found = (-f $file)); - } - } - if ( $found ) { - print "\nReading $ext file: $file ..."; - # must allow @ within control-sequence names - $dum = &do_cmd_makeatletter(); - &slurp_input($file); - if ($ext =~ /bbl/) { - # remove the \newcommand{\etalchar}{...} since not needed - s/^\\newcommand{\\etalchar}[^\n\r]*[\n\r]+//s; - } - &pre_process; - &substitute_meta_cmds if (%new_command || %new_environment); - if ($ext eq "aux") { - my $latex_pathname = L2hos->path2latex($file); - $aux_preamble .= - "\\AtBeginDocument{\\makeatletter\n\\input $latex_pathname\n\\makeatother\n}\n"; - local(@extlines) = split ("\n", $_); - print " translating ".(0+@extlines). " lines " if ($VERBOSITY >1); - local($eline,$skip_to); #$_ = ''; - foreach $eline (@extlines) { - if ($skip_to) { next unless ($eline =~ s/$O$skip_to$C//) } - $skip_to = ''; - # skip lines added for pdfTeX/hyperref compatibility - next if ($eline =~ /^\\(ifx|else|fi|global \\let|gdef|AtEndDocument|let )/); - # remove \index and \label commands, else invalid links may result - $eline =~ s/\\(index|label)\s*($O\d+$C).*\2//g; - if ($eline =~ /\\(old)?contentsline/) { - do { local($_,$save_AUX) = ($eline,$AUX_FILE); - $AUX_FILE = 0; - &wrap_shorthand_environments; - #footnote markers upset the numbering - s/\\footnote(mark|text)?//g; - $eline = &translate_environments($_); - $AUX_FILE = $save_AUX; - undef $_ }; - } elsif ($eline =~ s/^\\\@input//) { - &do_cmd__at_input($eline); - $eline = ''; - } elsif ($eline =~ s/^\\\@setckpt$O(\d+)$C//) { - $skip_to = $1; next; - } -# $eline =~ s/$image_mark#([^#]+)#/print "\nIMAGE:",$img_params{$1},"\n";''/e; -# $_ .= &translate_commands(&translate_environments($eline)); - $_ .= &translate_commands($eline) if $eline; - } - undef @extlines; - } elsif ($ext =~ /$caption_suffixes/) { - local(@extlines) = split ("\n", $_); - print " translating ".(0+@extlines). " lines "if ($VERBOSITY >1); - local($eline); $_ = ''; - foreach $eline (@extlines) { - # remove \index and \label commands, else invalid links may result - $eline =~ s/\\(index|label)\s*($O\d+$C).*\2//gso; - if ($eline =~ /\\(old)?contentsline/) { - do { local($_,$save_PREAMBLE) = ($eline,$PREAMBLE); - $PREAMBLE = 0; - &wrap_shorthand_environments; - $eline = &translate_environments($_); - $PREAMBLE = $save_PREAMBLE; - undef $_ }; - } - $_ .= &translate_commands($eline); - } - undef @extlines; - } else { - print " wrapping " if ($VERBOSITY >1); - &wrap_shorthand_environments; - $_ = &translate_commands(&translate_environments($_)); - print " translating " if ($VERBOSITY >1); - } - print "\n processed size: ".length($_)."\n" if($VERBOSITY>1); - $dum = &do_cmd_makeatother(); - } else { - print "\n*** Could not find file: $file ***\n" if ($DEBUG) - }; - $found; -} - -sub deal_with_texinputs { -# The dot precedes all, this let's local files override always. -# The dirs we want are given as parameter list. - if(!$TEXINPUTS) { $TEXINPUTS = '.' } - elsif ($TEXINPUTS =~ /^$envkey/) { - $TEXINPUTS = '.'.$TEXINPUTS - }; - if ($ROOTED) {$TEXINPUTS .= "$envkey$FIXEDDIR"} - $TEXINPUTS = &absolutize_path($TEXINPUTS); - $ENV{'TEXINPUTS'} = join($envkey,".",@_,$TEXINPUTS,$ENV{'TEXINPUTS'}); -} - -# provided by Fred Drake -sub absolutize_path { - my ($path) = @_; - my $npath = ''; - foreach $dir (split /$envkey/o, $path) { - $npath .= L2hos->Make_directory_absolute($dir) . $envkey; - } - $npath =~ s/$envkey$//; - $npath; -} - -sub add_document_info_page { - # Uses $outermost_level - # Nasty race conditions if the next two are done in parallel - local($X) = ++$global{'max_id'}; - local($Y) = ++$global{'max_id'}; - ###MEH -- changed for math support: no underscores in commandnames - $_ = join('', $_ - , (($MAX_SPLIT_DEPTH <= $section_commands{$outermost_level})? - "\n
\n" : '') - , "\\$outermost_level", "*" - , "$O$X$C$O$Y$C\\infopagename$O$Y$C$O$X$C\n", - , " \\textohtmlinfopage"); -} - - -# For each style file name in TMP_styles (generated by texexpand) look for a -# perl file in $LATEX2HTMLDIR/styles and load it. -sub load_style_file_translations { - local($_, $style, $options, $dir); - print "\n"; - if ($TEXDEFS) { - foreach $dir (split(/$envkey/,$LATEX2HTMLSTYLES)) { - if (-f ($_ = "$dir${dd}texdefs.perl")) { - print "\nLoading $_..."; - require ($_); - $styles_loaded{'texdefs'} = 1; - last; - } - } - } - - # packages automatically implemented - local($auto_styles) = $AUTO_STYLES; - $auto_styles .= 'array|' if ($HTML_VERSION > 3.1); - $auto_styles .= 'tabularx|' if ($HTML_VERSION > 3.1); - $auto_styles .= 'theorem|'; - - # these are not packages, but can appear as if class-options - $auto_styles .= 'psamsfonts|'; - $auto_styles .= 'noamsfonts|'; - - $auto_styles =~ s/\|$//; - - if(open(STYLES, "<$TMP_${dd}styles")) { - while() { - if(s/^\s*(\S+)\s*(.*)$/$style = $1; $options = $2;/eo) { - &do_require_package($style); - $_ = $DONT_INCLUDE; - s/:/|/g; - &write_warnings("No implementation found for style \`$style\'\n") - unless ($styles_loaded{$style} || $style =~ /^($_)$/ - || $style =~ /$auto_styles/); - - # MRO: Process options for packages - &do_package_options($style,$options) if($options); - } - } - close(STYLES); - } else { - print "\nError: Cannot read '$TMP_${dd}styles': $!\n"; - } -} - -################## Weird Special case ################## - -# The new texexpand can be told to leave in \input and \include -# commands which contain code that the translator should simply pass -# to latex, such as the psfig stuff. These should still be seen by -# TeX, so we add them to the preamble ... - -sub do_include_lines { - while (s/$include_line_rx//o) { - local($include_line) = &revert_to_raw_tex($&); - &add_to_preamble ('include', $include_line); - } -} - -########################## Preprocessing ############################ - -# JCL(jcl-verb) -# The \verb declaration and the verbatim environment contain simulated -# typed text and should not be processed. Characters such as $,\,{,and } -# loose their special meanings and should not be considered when marking -# brackets etc. To achieve this \verb declarations and the contents of -# verbatim environments are replaced by markers. At the end the original -# text is put back into the document. -# The markers for verb and verbatim are different so that these commands -# can be restored to what the raw input was just in case they need to -# be passed to latex. - -sub pre_process { - # Modifies $_; - #JKR: We need support for some special environments. - # This has to be here, because they might contain - # structuring commands like \section etc. - local(%comments); - &pre_pre_process if (defined &pre_pre_process); - s/\\\\/\\\\ /go; # Makes it unnecessary to look for escaped cmds - &replace_html_special_chars; - # Remove fake environment which should be invisible to LaTeX2HTML. - s/\001//m; - s/[%]end\s*{latexonly}/\001/gom; - s/[%]begin\s*{latexonly}([^\001]*)\001/%/gos; - s/\001//m; - - &preprocess_alltt if defined(&preprocess_alltt); - - $KEEP_FILE_MARKERS = 1; - if ($KEEP_FILE_MARKERS) { -# if (s/%%% TEXEXPAND: \w+ FILE( MARKER)? (\S*).*/ -# ''.qq|#$2#|."\n"/em) { -# $_ = "#$2#\n". $_ }; - #RRM: ignore \n at end of included file, else \par may result - if (s/(\n{1,2})?%%% TEXEXPAND: \w+ FILE( MARKER)? (\S*).*\n?/ - ($2?$1:"\n").''.qq|#$3#|."\n"/em) { - $_ = "#$3#\n". $_ }; - } else { - s/%%% TEXEXPAND[^\n]*\n//gm; - } - - # Move all LaTeX comments into a local list - s/([ \t]*(^|\G|[^\\]))(%.*(\n[ \t]*|$))/print "%"; - $comments{++$global{'verbatim_counter'}} = "$3"; - &write_mydb("verbatim", $global{'verbatim_counter'}, $3); - "$1$comment_mark".$global{'verbatim_counter'}."\n"/mge; - # Remove the htmlonly-environment - s/\\begin\s*{htmlonly}\s*\n?//gom; - s/\\end\s*{htmlonly}\s*\n?//gom; - # Remove enviroments which should be invisible to LaTeX2HTML. - s/\n[^%\n]*\\end\s*{latexonly}\s*\n?/\001/gom; - s/((^|\n)[^%\n]*)\\begin\s*{latexonly}([^\001]*)\001/$1/gom; - s/\\end\s*{comment}\s*\n?/\001/gom; - s/\\begin\s*{comment}([^\001]*)\001//gom; - - # this used to be earlier, but that can create problems with comments - &wrap_other_environments if (%other_environments); - -# s/\\\\/\\\\ /go; # Makes it unnecessary to look for escaped cmds - local($next, $esc_del); - &normalize_language_changes; - # Patches by #JKR, #EI#, #JCL(jcl-verb) - - #protect \verb|\begin/end....| parts, for LaTeX documentation - s/(\\verb\*?(.))\\(begin|end)/$1\003$3/g; - - local(@processedV); - local($opt, $style_info,$before, $contents, $after, $env); - while (($UNFINISHED_COMMENT)|| - (/\\begin\s*($opt_arg_rx)?\s*\{($verbatim_env_rx|$keepcomments_rx)\}/o)) { - ($opt, $style_info) = ($1,$2); - $before=$contents=$after=$env=''; - if ($UNFINISHED_COMMENT) { - $UNFINISHED_COMMENT =~ s/([^:]*)::(\d+)/$env=$1;$after=$_; - $before = join("",$unfinished_mark,$env,$2,"#");''/e; - print "\nfound the lost \\end{$env}\n"; - } - #RRM: can we avoid copying long strings here ? - # maybe this loop can be an s/.../../s with (.*?) - # - ($before, $after, $env) = ($`, $', $3) unless ($env); - if (!($before =~ - /\\begin(\s*\[[^\]]*\]\s*)?\{($verbatim_env_rx|$keepcomments_rx)\}/)) { - push(@processedV,$before); - print "'";$before = ''; - } - if ($after =~ /\s*\\end{$env[*]?}/) { # Must NOT use the s///o option!!! - ($contents, $after) = ($`, $'); - $contents =~ s/^\n+/\n/s; -# $contents =~ s/\n+$//s; - - # re-insert comments - $contents =~ s/$comment_mark(\d+)\n?/$comments{$1}/g; -# $contents =~ s/$comment_mark(\d+)/$verbatim{$1}/g; - - # revert '\\ ' -> '\\' only once - if ($env =~ /rawhtml|$keepcomments_rx/i) { - $contents = &revert_to_raw_tex($contents); - } else { - $contents =~ s/([^\\](?:\\\\)*\\)([$html_escape_chars])/$1.&special($2)/geos; - $contents =~ s/\\\\ /\\\\/go; - } - - if ($env =~/$keepcomments_rx/) { - $verbatim{++$global{'verbatim_counter'}} = "$contents"; - } else { - &write_mydb("verbatim", ++$global{'verbatim_counter'}, $contents); - } -# $verbatim{$global{'verbatim_counter'}} = "$contents" if ($env =~/$keepcomments_rx/); -# $verbatim{$global{'verbatim_counter'}} = "$contents"; - - if ($env =~ /rawhtml|$keepcomments_rx/i) { - if ($before) { - $after = join("",$verbatim_mark,$env - ,$global{'verbatim_counter'},"#",$after); - } else { - push (@processedV, join("",$verbatim_mark,$env - ,$global{'verbatim_counter'},"#")); - } - } elsif ($env =~ /tex2html_code/) { - if ($before) { - $after = join("","\\begin", $opt, "\{verbatim_code\}" - , $verbatim_mark,$env - , $global{'verbatim_counter'},"#" - , "\\end\{verbatim_code\}",$after); - } else { - push (@processedV - , join("","\\begin", $opt, "\{verbatim_code\}" - , $verbatim_mark,$env - , $global{'verbatim_counter'},"#" - , "\\end\{verbatim_code\}")); - } - } else { - if ($before) { - $after = join("","\\begin", $opt, "\{tex2html_preform\}" - , $verbatim_mark,$env - , $global{'verbatim_counter'},"#" - , "\\end\{tex2html_preform\}",$after); - } else { - push (@processedV - , join("","\\begin", $opt, "\{tex2html_preform\}" - , $verbatim_mark,$env - , $global{'verbatim_counter'},"#" - , "\\end\{tex2html_preform\}" )); - } - } - } else { - print "Cannot find \\end{$env}\n"; - $after =~ s/$comment_mark(\d+)\n?/$comments{$1}/g; -# $after =~ s/$comment_mark(\d+)/$verbatim{$1}/g; - if ($env =~ /rawhtml|$keepcomments_rx/i) { - $after = &revert_to_raw_tex($contents); - } else { - $after =~ s/([^\\](?:\\\\)*\\)([$html_escape_chars])/$1.&special($2)/geos; - $after =~ s/\\\\ /\\\\/go; - } - if ($env =~/$keepcomments_rx/) { - $verbatim{++$global{'verbatim_counter'}} = "$after"; - } else { - &write_mydb("verbatim", ++$global{'verbatim_counter'}, $after ); - } - $after = join("",$unfinished_mark,$env - ,$global{'verbatim_counter'},"#"); - } - $_ = join("",$before,$after); - } - print STDOUT "\nsensitive environments found: ".(int(0+@processedV/2))." " - if((@processedV)&&($VERBOSITY > 1)); - $_ = join('',@processedV, $_); undef @processedV; - - #restore \verb|\begin/end....| parts, for LaTeX documentation -# $_ =~ s/(\\verb\W*?)\003(begin|end)/$1\\$2/g; - $_ =~ s/(\\verb(;SPM\w+;|\W*?))\003(begin|end)/$1\\$3/g; - - # Now do the \verb declarations - # Patches by: #JKR, #EI#, #JCL(jcl-verb) - # Tag \verb command and legal opening delimiter with unique number. - # Replace tagged ones and its contents with $verb_mark & id number if the - # closing delimiter can be found. After no more \verb's are to tag, revert - # tagged one's to the original pattern. - local($del,$contents,$verb_rerun); - local($id) = $global{'verb_counter'}; - # must tag only one alternation per loop - ##RRM: can this be speeded up using a list ?? - my $vbmark = $verb_mark; - while (s/\\verb(\t*\*\t*)(\S)/"$2"/e || - s/\\verb()(\;SPM\w+\;|[^a-zA-Z*\s])/"$2"/e || - s/\\verb(\t\t*)([^*\s])/"$2"/e) { - - $del = $2; - #RRM: retain knowledge of whether \verb* or \verb - $vb_mark = ($1 =~/^\s*\*/? $verbstar_mark : $verb_mark); - $esc_del = &escape_rx_chars($del); - $esc_del = '' if (length($del) > 2); - - # try to find closing delimiter and substitute the complete - # statement with $verb_mark or $verbstar_mark -# s/(]*$id>[\Q$del\E])([^$esc_del\n]*)([\Q$del\E]|$comment_mark(\d+)\n?)/ - s/(]*$id>\Q$del\E)([^$esc_del\n]*?)(\Q$del\E|$comment_mark(\d+)\n?)/ - $contents=$2; - if ($4) { $verb_rerun = 1; - join('', "\\verb$del", $contents, $comments{$4}) - } else { - $contents =~ s|\\\\ |\\\\|g; - $contents =~ s|\n| |g; - $verb{$id}=$contents; - $verb_delim{$id}=$del; - join('',$vb_mark,$id,$verb_mark) - } - /e; - } - $global{'verb_counter'} = $id; - # revert changes to fake verb statements - s/]*)\d+>/\\verb$1/g; - - #JKR: the comments include the linebreak and the following whitespace -# s/([^\\]|^)(%.*\n[ \t]*)+/$1/gom; # Remove Comments but not % which may be meaningful - s/((^|\n)$comment_mark(\d+))+//gom; # Remove comment markers on new lines, but *not* the trailing \n - s/(\\\w+|(\W?))($comment_mark\d*\n?)/($2)? $2.$3:($1? $1.' ':'')/egm; # Remove comment markers, not after braces -# s/(\W?)($comment_mark\d*\n?)/($1)? $1.$2:''/egm; # Remove comment markers, not after braces - # Remove comment markers, but *not* the trailing \n -# HWS: Correctly remove multiple %%'s. -# - s/\\%/\002/gm; -# s/(%.*\n[ \t]*)//gm; - s/(%[^\n]*\n)[ \t]*/$comment_mark\n/gm; - - s/\002/\\%/gm; - - local($tmp1,$tmp2); - s/^$unfinished_mark$keepcomments_rx(\d+)#\n?$verbatim_mark$keepcomments_rx(\d+)#/ - $verbatim{$4}."\n\\end{$1}"/egm; # Raw TeX - s/$verbatim_mark$keepcomments_rx(\d+)#/ - $tmp1 = $1; - $tmp2 = &protect_after_comments($verbatim{$2}); - $tmp2 =~ s!\n$!!s; - join ('', "\\begin{$tmp1}" - , $tmp2 - , "\n\\end{$tmp1}" - )/egm; # Raw TeX - s/$unfinished_mark$keepcomments_rx(\d+)#/$UNFINISHED_COMMENT="$1::$2"; - "\\begin{$1}\n".$verbatim{$2}/egm; # Raw TeX - - $KEEP_FILE_MARKERS = 1; - if ($KEEP_FILE_MARKERS) { - s/%%% TEXEXPAND: \w+ FILE( MARKER) (\S*).*\n/ - ''.qq|#.$2#\n|/gem; - } else { - s/%%% TEXEXPAND[^\n]*\n//gm; - } - - &mark_string($_); - - - # attempt to remove the \html \latex and \latexhtml commands - s/\\latex\s*($O\d+$C)(.*)\1//gm; - s/\\latexhtml\s*($O\d+$C)(.*)\1\s*($O\d+$C)(.*)\3/$4/sg; - s/\\html\s*($O\d+$C)(.*)\1/$2/sg; - s/\\html\s*($O\d+$C)//gm; - -# &make_unique($_); -} - -# RRM: When comments are retained, then ensure that they are benign -# by removing \s and escaping braces, -# so that environments/bracing cannot become unbalanced. -sub protect_after_comments { - my ($verb_text) = @_; -# $verb_text =~ s/\%(.*)/'%'.&protect_helper($1)/eg; - $verb_text =~ s/(^|[^\\])(\\\\)*\%(.*)/$1.$2.'%'.&protect_helper($3)/emg; - $verb_text; -} - -sub protect_helper { - my ($text) = @_; - $text =~ s/\\/ /g; - $text =~ s/(\{|\})/\\$1/g; - $text; -} - -sub make_comment { - local($type,$_) = @_; - $_ =~ s/\\(index|label)\s*(($O|$OP)\d+($C|$CP)).*\2//sg; - $_ = &revert_to_raw_tex($_); s/^\n+//m; - $_ =~ s/\\(index|label)\s*\{.*\}//sg; - s/\-\-/- -/g; s/\-\-/- -/g; # cannot have -- inside a comment - $_ = join('', '" ); - $verbatim{++$global{'verbatim_counter'}} = $_; - &write_mydb('verbatim', $global{'verbatim_counter'}, $_ ); - join('', $verbatim_mark, 'verbatim' , $global{'verbatim_counter'},'#') -} - -sub wrap_other_environments { - local($key, $env, $start, $end, $opt_env, $opt_start); - foreach $key (keys %other_environments) { - # skip bogus entries - next unless ($env = $other_environments{$key}); - $key =~ s/:/($start,$end)=($`,$');':'/e; - - if (($end =~ /^\#$/m) && ($start =~ /^\#/m)) { - # catch Indica pre-processor language switches - $opt_start = $'; - if ($env =~ s/\[(\w*)\]//o) { - $opt_env = join('','[', ($1 ? $1 : $opt_start ), ']'); - } - local($next); - while ($_ =~ /$start\b/) { - push(@pre_wrapped, $`, "\\begin\{pre_$env\}", $opt_env ); - $_=$'; - if (/(\n*)$end/) { - push(@pre_wrapped, $`.$1,"\\end\{pre_$env\}$1"); - $_ = $'; - if (!(s/^N(IL)?//o)) {$_ = '#'.$_ } - } else { - print "\n *** unclosed $start...$end chunk ***\n"; - last; - } - } - $_ = join('', @pre_wrapped, $_); - undef @pre_wrapped; - - } elsif (($end=~/^\n$/) && ($start =~ /^\#/)) { - # catch ITRANS pre-processor language info; $env = 'nowrap'; - local($ilang) = $start; $ilang =~ s/^\#//m; - s/$start\s*\=([^<\n%]*)\s*($comment_mark\d*|\n|%)/\\begin\{tex2html_$env\}\\ITRANSinfo\{$ilang\}\{$1\}\n\\end\{tex2html_$env\}$2/g; - - } elsif (!$end &&($start =~ /^\#/m)) { - # catch Indica pre-processor input-mode switches - s/$start(.*)\n/\\begin\{tex2html_$env\}$&\\end\{tex2html_$env\}\n/g; - - } elsif (($start eq $end)&&(length($start) == 1)) { - $start =~ s/(\W)/\\$1/; $end = $start; - s/([^$end])$start([^$end]+)$end/$1\\begin\{pre_$env\}$2\\end\{pre_$env\}/mg; - } elsif ($start eq $end) { - if (!($start =~ /\#\#/)) { - $start =~ s/(\W)/\\$1/g; $end = $start; } - local (@pre_wrapped); - local($opt); $opt = '[indian]' if ($start =~ /^\#\#$/m); - while ($_ =~ /$start/s) { - push(@pre_wrapped, $` , "\\begin\{pre_$env\}$opt"); - $_=$'; - if (/$end/s) { - push(@pre_wrapped, $`, "\\end\{pre_$env\}"); - $_ = $'; - } else { - print "\n *** unclosed $start...$end chunk ***\n"; - last; - } - } - $_ = join('', @pre_wrapped, $_); - undef @pre_wrapped; - } elsif ($start && ($env =~ /itrans/)) { - # ITRANS is of this form - local($indic); if($start =~ /\#(\w+)$/m) {$indic = $1} - #include the language-name as an optional parameter - s/$start\b/\\begin\{pre_$env\}\[$indic\]/sg; - s/$end\b/\\end\{pre_$env\}/sg; - } elsif (($start)&&($end)) { - s/$start\b/\\begin\{pre_$env\}/sg; - s/$end\b/\\end\{pre_$env\}/sg; - } - } - $_; -} - -#################### Marking Matching Brackets ###################### - -# Reads the entire input file and performs pre_processing operations -# on it before returning it as a single string. The pre_processing is -# done on separate chunks of the input file by separate Unix processes -# as determined by LaTeX \input commands, in order to reduce the memory -# requirements of LaTeX2HTML. -sub slurp_input_and_partition_and_pre_process { - local($file) = @_; - local(%string, @files, $pos); - local ($count) = 1; - - unless(open(SINPUT,"<$file")) { - die "\nError: Cannot read '$file': $!\n"; - } - local(@file_string); - print STDOUT "$file" if ($VERBOSITY >1); - while () { - if (/TEXEXPAND: INCLUDED FILE MARKER (\S*)/) { - # Forking seems to screw up the rest of the input stream - # We save the current position ... - $pos = tell SINPUT; - print STDOUT " fork at offset $pos " if ($VERBOSITY >1); - $string{'STRING'} = join('',@file_string); @file_string = (); - &write_string_out($count); - delete $string{'STRING'}; - # ... so that we can return to it - seek(SINPUT, $pos, 0); - print STDOUT "\nDoing $1 "; - ++$count} - else { -# $string{'STRING'} .= $_ - push(@file_string,$_); - } - } - $string{'STRING'} = join('',@file_string); @file_string = (); - &write_string_out($count); - delete $string{'STRING'}; - close SINPUT; - @files = (); - if(opendir(DIR, $TMP_)) { - @files = sort grep(/^\Q$PARTITION_PREFIX\E\d+/, readdir(DIR)); - closedir(DIR); - } - - unless(@files) { - die "\nFailed to read in document parts.\n". - "Look up section Globbing in the troubleshooting manual.\n"; - } - - $count = 0; - foreach $file (@files) { - print STDOUT "\nappending file: $TMP_$dd$file " if ($VERBOSITY > 1); - $_ .= (&catfile("$TMP_$dd$file") || ''); - print STDOUT "\ntotal length: ".length($_)." characters\n" if ($VERBOSITY > 1); - } - die "\nFailed to read in document parts (out of memory?).\n" - unless length($_); - print STDOUT "\ntotal length: ".length($_)." characters\n" if ($VERBOSITY > 1); -} - -sub write_string_out { - local($count) = @_; - if ($count < 10) {$count = '00'.$count} - elsif ($count < 100) {$count = '0'.$count} - local($pid); - # All open unflushed streams are inherited by the child. If this is - # not set then the parent will *not* wait - $| = 1; - # fork returns 0 to the child and PID to the parent - &write_mydb_simple("prelatex", $prelatex); - &close_dbm_database; - unless ($CAN_FORK) { - &do_write_string_out; - } else { - unless ($pid = fork) { - &do_write_string_out; - exit 0; - }; - waitpid($pid,0); - } - &open_dbm_database; -} - -sub do_write_string_out { - local($_); - close (SINPUT) if($CAN_FORK); - &open_dbm_database; - $_ = delete $string{'STRING'}; - # locate blank-lines, for paragraphs. - # Replace verbatim environments etc. - &pre_process; - # locate the blank lines for \par s - &substitute_pars; - # Handle newcommand, newenvironment, newcounter ... - &substitute_meta_cmds; - &wrap_shorthand_environments; - print STDOUT "\n *** End-of-partition ***" if ($VERBOSITY > 1); - if(open(OUT, ">$TMP_$dd$PARTITION_PREFIX$count")) { - print OUT $_; - close(OUT); - } else { - print "\nError: Cannot write '$TMP_$dd$PARTITION_PREFIX$count': $!\n"; - } - print STDOUT $_ if ($VERBOSITY > 9); - $preamble = join("\n",$preamble,@preamble); # undef @preamble; - &write_mydb_simple("preamble", $preamble); - # this was done earlier; it should not be repeated - #&write_mydb_simple("prelatex", $prelatex); - &write_mydb_simple("aux_preamble", $aux_preamble); - &close_dbm_database; -} - -# Reads the entire input file into a -# single string. -sub slurp_input { - local($file) = @_; - local(%string); - if(open(INPUT,"<$file")) { - local(@file_string); - while () { - push(@file_string, $_ ); - } - $string{'STRING'} = join('',@file_string); - close INPUT; - undef @file_string; - } else { - print "\nError: Cannot read '$file': $!\n"; - } - $_ = delete $string{'STRING'}; # Blow it away and return the result -} - -# MRO: make them more efficient -sub special { - $html_specials{$_[0]} || $_[0]; -} - -sub special_inv { - $html_specials_inv{$_[0]} || $_[0]; -} - -sub special_html { - $html_special_entities{$_[0]} || $_[0]; -} - -sub special_html_inv { - $html_spec_entities_inv{$_[0]} || $_[0]; -} - -# Mark each matching opening and closing bracket with a unique id. -sub mark_string { - # local (*_) = @_; # Modifies $_ in the caller; - # -> MRO: changed to $_[0] (same effect) - # MRO: removed deprecated $*, replaced by option /m - $_[0] =~ s/(^|[^\\])\\{/$1tex2html_escaped_opening_bracket/gom; - $_[0] =~ s/(^|[^\\])\\{/$1tex2html_escaped_opening_bracket/gom; # repeat this - $_[0] =~ s/(^|[^\\])\\}/$1tex2html_escaped_closing_bracket/gom; - $_[0] =~ s/(^|[^\\])\\}/$1tex2html_escaped_closing_bracket/gom; # repeat this - my $id = $global{'max_id'}; - my $prev_id = $id; - # mark all balanced braces - # MRO: This should in fact mark all of them as the hierarchy is - # processed inside-out. - 1 while($_[0] =~ s/{([^{}]*)}/join("",$O,++$id,$C,$1,$O,$id,$C)/geo); - # What follows seems esoteric... - my @processedB = (); - # Take one opening brace at a time - while ($_[0] =~ /\{/) { - my ($before,$after) = ($`,$'); - my $change = 0; - while (@UNMATCHED_OPENING && $before =~ /\}/) { - my $this = pop(@UNMATCHED_OPENING); - print "\n *** matching brace \#$this found ***\n"; - $before =~ s/\}/join("",$O,$this,$C)/eo; - $change = 1; - } - $_[0] = join('',$before,"\{",$after) if($change); - # MRO: mark one opening brace - if($_[0] =~ s/^([^{]*){/push(@processedB,$1);join('',$O,++$id,$C)/eos) { - $before=''; $after=$'; - } - if ($after =~ /\}/) { - $after =~ s/\}/join("",$O,$id,$C)/eo; - $_[0] = join('',$before,$O,$id,$C,$after); - } else { - print "\n *** opening brace \#$id is unmatched ***\n"; - $after =~ /^(.+\n)(.+\n)?/; - print " preceding: $after \n"; - push (@UNMATCHED_OPENING,$id); - } - } - $_[0] = join('',@processedB,$_[0]); undef(@processedB); - print STDOUT "\nInfo: bracketings found: ", $id - $prev_id,"\n" - if ($VERBOSITY > 1); - # process remaining closing braces - while (@UNMATCHED_OPENING && $_[0] =~ /\}/) { - my $this = pop(@UNMATCHED_OPENING); - print "\n *** matching brace \#$this found ***\n"; - $_[0] =~ s/\}/join("",$O,$this,$C)/eo; - } - - while ($_[0] =~ /\}/) { - print "\n *** there was an unmatched closing \} "; - my ($beforeline,$prevline,$afterline) = ($`, $`.$& , $'); - $prevline =~ /\n([^\n]+)\}$/m; - if ($1) { - print "at the end of:\n" . $1 . "\}\n\n"; - } else { - $afterline =~ /^([^\n]+)\n/m; - if ($1) { - print "at the start of:\n\}" . $1 ."\n\n"; - } else { - $prevline =~ /\n([^\n]+)\n\}$/m; - print "on a line by itself after:\n" . $1 . "\n\}\n\n"; - } - } - $_[0] = $beforeline . $afterline; - } - $global{'max_id'} = $id; - - # restore escaped braces - $_[0] =~ s/tex2html_escaped_opening_bracket/\\{/go; - $_[0] =~ s/tex2html_escaped_closing_bracket/\\}/go; -} - -sub replace_html_special_chars { - # Replaces html special characters with markers unless preceded by "\" - s/([^\\])(<|>|&|\"|``|'')/&special($1).&special($2)/geom; - # MUST DO IT AGAIN JUST IN CASE THERE ARE CONSECUTIVE HTML SPECIALS - s/([^\\])(<|>|&|\"|``|'')/&special($1).&special($2)/geom; - s/^(<|>|&|\"|``|'')/&special($1)/geom; -} - -# used in \verbatiminput only: $html_escape_chars = '<>&'; -sub replace_all_html_special_chars { s/([$html_escape_chars])/&special($1)/geom; } - -# The bibliography and the index should be treated as separate sections -# in their own HTML files. The \bibliography{} command acts as a sectioning command -# that has the desired effect. But when the bibliography is constructed -# manually using the thebibliography environment, or when using the -# theindex environment it is not possible to use the normal sectioning -# mechanism. This subroutine inserts a \bibliography{} or a dummy -# \textohtmlindex command just before the appropriate environments -# to force sectioning. -sub add_bbl_and_idx_dummy_commands { - local($id) = $global{'max_id'}; - - s/([\\]begin\s*$O\d+$C\s*thebibliography)/$bbl_cnt++; $1/eg; - ## if ($bbl_cnt == 1) { - s/([\\]begin\s*$O\d+$C\s*thebibliography)/$id++; "\\bibliography$O$id$C$O$id$C $1"/geo; - #} - $global{'max_id'} = $id; - s/([\\]begin\s*$O\d+$C\s*theindex)/\\textohtmlindex $1/o; - s/[\\]printindex/\\textohtmlindex /o; - &lib_add_bbl_and_idx_dummy_commands() if defined(&lib_add_bbl_and_idx_dummy_commands); -} - - -# Uses and modifies $default_language -# This would be straight-forward except when there are -# \MakeUppercase, \MakeLowercase or \uppercase , \lowercase commands -# present in the source. The cases have to be adjusted before the -# ISO-character code is set; e.g. with "z --> "Z in german.perl -# -sub convert_iso_latin_chars { - local($_) = @_; - local($next_language, $pattern); - local($xafter, $before, $after, $funct, $level, $delim); - local(@case_processed); - while (/$case_change_rx/) { - $xafter = $2; -# $before .= $`; - push(@case_processed, $`); - $funct = $3; - $after = ''; - $_ = $'; - if ($xafter =~ /noexpand/) { $before .= "\\$funct"; next; } - - s/^[\s%]*(.)/$delim=$1;''/eo; - if ($delim =~ /{/ ) { - # brackets not yet numbered... -# $before .= $funct . $delim; - push(@case_processed, $funct . $delim); - $level = 1; - $after = $delim; - while (($level)&&($_)&&(/[\{\}]/)) { - $after .= $` . $&; - $_ = $'; - if ( "$&" eq "\{" ) {$level++} - elsif ( "$&" eq "\}" ) { $level-- } - else { print $_ } - print "$level"; - } -# $before .= $after; - push(@case_processed, $after); - } elsif ($delim eq "<") { - # brackets numbered, but maybe not processed... - s/((<|#)(\d+)(>|#)>).*\1//; - $after .= $delim . $&; - $_ = $'; - print STDOUT "\n<$2$funct$4>" if ($VERBOSITY > 2); - $funct =~ s/^\\//o; - local($cmd) = "do_cmd_$funct"; - $after = &$cmd($after); -# $before .= $after; - push(@case_processed, $after); - } elsif (($xafter)&&($delim eq "\\")) { - # preceded by \expandafter ... - # ...so expand the following macro first - $funct =~ s/^\\//o; - local($case_change) = $funct; - s/^(\w+|\W)/$funct=$1;''/eo; - local($cmd) = $funct; - local($thiscmd) = "do_cmd_$funct"; - if (defined &$thiscmd) { $_ = &$thiscmd($_) } - elsif ($new_command{$funct}) { - local($argn, $body, $opt) = split(/:!:/, $new_command{$funct}); - do { ### local($_) = $body; - &make_unique($body); - } if ($body =~ /$O/); - if ($argn) { - do { - local($before) = ''; - local($after) = "\\$funct ".$_; - $after = &substitute_newcmd; # may change $after - $after =~ s/\\\@#\@\@/\\/o ; - } - } else { $_ = $body . $_; } - } else { print "\nUNKNOWN COMMAND: $cmd "; } - - $cmd = $case_change; - $case_change = "do_cmd_$cmd"; - if (defined &$case_change) { $_ = &$case_change($_) } - } else { - # this should not happen, but just in case... - $funct =~ s/^\\//o; - local($cmd) = "do_cmd_$funct"; - print STDOUT "\n\n<$delim$funct>" if ($VERBOSITY > 2); - $_ = join('', $delim , $_ ); - if (defined &$cmd) { $_ = &$cmd($_) } - } - } -# $_ = join('', $before, $_) if ($before); - $_ = join('', @case_processed, $_) if (@case_processed); - - # ...now do the conversions - ($before, $after, $funct) = ('','',''); - @case_processed = (); - if (/$language_rx/o) { - ($next_language, $pattern, $before, $after) = (($2||$1), $&, $`, $'); - $before = &convert_iso_latin_chars($before) if ($before); -# push(@case_processed, $pattern, $before); - local($br_id) = ++$global{'max_id'}; - $pattern = join('' , '\selectlanguage', $O.$br_id.$C - , (($pattern =~ /original/) ? $TITLES_LANGUAGE : $next_language ) - , $O.$br_id.$C ); - push(@case_processed, $before, $pattern); - push(@language_stack, $default_language); - $default_language = $next_language; - $_ = &convert_iso_latin_chars($after); - $default_language = pop @language_stack; - } else { - $funct = $language_translations{$default_language}; - (defined(&$funct) ? $_ = &$funct($_) : - do { &write_warnings( - "\nCould not find translation function for $default_language.\n\n") - } - ); - if ($USE_UTF ||(!$NO_UTF &&(defined %unicode_table)&&length(%unicode_table)>2)) { - &convert_to_unicode($_)}; - } - $_ = join('', @case_processed, $_); undef(@case_processed); - $_; -} - -# May need to add something here later -sub english_translation { $_[0] } - -# This replaces \setlanguage{\language} with \languageTeX -# This makes the identification of language chunks easier. -sub normalize_language_changes { - s/$setlanguage_rx/\\$2TeX/gs; -} - -sub get_current_language { - return () if ($default_language eq $TITLES_LANGUAGE); - local($lang,$lstyle) = ' LANG="'; - $lang_code = $iso_languages{$default_language}; - if (%styled_languages) { - $lstyle = $styled_languages{$default_language}; - $lstyle = '" CLASS="'.$lstyle if $lstyle; - } - ($lang_code ? $lang.$lang_code.$lstyle.'"' : ''); -} - -%styled_languages = (); - -sub do_cmd_htmllanguagestyle { - local($_) = @_; - local($class) = &get_next_optional_argument; - local($lang) = &missing_braces unless ( - (s/$next_pair_pr_rx/$lang=$2;''/e) - ||(s/$next_pair_rx/$lang=$2;''/e)); - return ($_) unless $lang; - local($class) = $iso_languages{$lang} unless $class; - if ($USING_STYLES && $class) { - print "\nStyling language: $lang = \"$class\" "; - $styled_languages{"$lang"} = $class; - } - $_; -} - -# General translation mechanism: -# -# -# The main program latex2html calls texexpand with the document name -# in order to expand some of its \input and \include statements, here -# also called 'merging', and to write a list of sensitized style, class, -# input, or include file names. -# When texexpand has finished, all is contained in one file, TMP_foo. -# (assumed foo.tex is the name of the document to translate). -# -# In this version, texexpand cares for following environments -# that may span include files / section boundaries: -# (For a more technical description, see texexpand.) -# a) \begin{comment} -# b) %begin{comment} -# c) \begin{any} introduced with \excludecomment -# d) %begin{any} -# e) \begin{verbatim} -# f) \begin{latexonly} -# g) %begin{latexonly} -# -# a)-d) cause texexpand to drop its contents, it will not show up in the -# output file. You can use this to 'comment out' a bunch of files, say. -# -# e)-g) prevent texexpand from expanding input files, but the environment -# content goes fully into the output file. -# -# Together with each merging of \input etc. there are so-called %%%texexpand -# markers accompanying the boundary. -# -# When latex2html reads in the output file, it uses these markers to write -# each part to a separate file, and process them further. -# -# -# If you have, for example: -# -# a) preample -# b) \begin{document} -# c) text -# d) \input{chapter} -# e) more text -# f) \end{document} -# -# you end up in two parts, part 1 is a)-c), part 2 is the rest. -# Regardless of environments spanning input files or sections. -# -# -# What now starts is meta command substitution: -# Therefore, latex2html forks a child process on the first part and waits -# until it finished, then forks another on the next part and so forth -# (see also &slurp_input_and_partition_and_preprocess). -# -# Here's what each child is doing: -# Each child process reads the new commands translated so far by the previous -# child from the TMP_global DBM database. -# After &pre_processing, it substitutes the meta commands (\newcommand, \def, -# and the like) it finds, and adds the freshly retrieved new commands to the -# list so far. -# This is done *only on its part* of the document; this saves upwards of memory. -# Finally, it writes its list of new commands (synopsis and bodies) to the -# DBM database, and exits. -# After the last child finished, latex2html reads in all parts and -# concatenates them. -# -# -# So, at this point in time (start of &translate), it again has the complete -# document, but now preprocessed and with new commands substituted. -# This has several disadvantages: an amount of commands is substituted (in -# TeX lingo, expanded) earlier than the rest. -# This causes trouble if commands really must get expanded at the point -# in time they show up. -# -# -# Then, still in &translate, latex2html uses the list of section commands to -# split the complete document into chunks. -# The chunks are not written to files yet. They are retained in the @sections -# list, but each chunk is handled separately. -# latex2html puts the current chunk to $_ and processes it with -# &translate_environments etc., then fetches the next chunk, and so on. -# This prevents environments that span section boundaries from getting -# translated, because \begin and \end cannot find one another, to say it this -# way. -# -# -# After the chunk is translated to HTML, it is written to a file. -# When all chunks are done, latex2html rereads each file to get cross -# references right, replace image markers with the image file names, and -# writes index and bibliography. -# -# -sub translate { - &normalize_sections; # Deal with the *-form of sectioning commands - - # Split the input into sections, keeping the preamble together - # Due to the regular expression, each split will create 5 more entries. - # Entry 1 and 2: non-letter/letter sectioning command, - # entry 4: the delimiter (may be empty) - # entry 5: the text. - local($pre_section, @sections); - if (/\\(startdocument|begin\s*($O\d+$C)\s*document\s*\2)/) { - $pre_section = $`.$&; $_ = $'; - } - @sections = split(/$sections_rx/, $_); - $sections[0] = $pre_section.$sections[0] if ($pre_section); - undef $pre_section; - local($sections) = int(scalar(@sections) / 5); - - # Initialises $curr_sec_id to a list of 0's equal to - # the number of sectioning commands. - local(@curr_sec_id) = split(' ', &make_first_key); - local(@segment_sec_id) = @curr_sec_id; - local($i, $j, $current_depth) = (0,0,0); - local($curr_sec) = $SHORT_FILENAME||$FILE; - local($top_sec) = ($SEGMENT ? '' : 'top of '); -# local(%section_info, %toc_section_info, $CURRENT_FILE, %cite_info, %ref_files); - local($CURRENT_FILE); - # These filenames may be set when translating the corresponding commands. - local($tocfile, $loffile, $lotfile, $footfile, $citefile, $idxfile, - $figure_captions, $table_captions, $footnotes, $citations, %font_size, %index, - %done, $t_title, $t_author, $t_date, $t_address, $t_affil, $changed); - local(@authors,@affils,@addresses,@emails,@authorURLs); - local(%index_labels, %index_segment, $preindex, %footnotes, %citefiles); - local($segment_table_captions, $segment_figure_captions); - local($dir,$nosave) = ('',''); - local($del,$close_all,$open_all,$toc_sec_title,$multiple_toc); - local($open_tags_R) = []; - local(@save_open_tags)= (); - local(@language_stack) = (); - push (@language_stack, $default_language); - -# $LATEX_FONT_SIZE = '10pt' unless ($LATEX_FONT_SIZE); - &process_aux_file - if $SHOW_SECTION_NUMBERS || /\\(caption|(html|hyper)?((eq)?ref|cite))/; - - require ("${PREFIX}internals.pl") if (-f "${PREFIX}internals.pl"); -#JCL(jcl-del) - &make_single_cmd_rx; -# - $tocfile = $EXTERNAL_CONTENTS; - $idxfile = $EXTERNAL_INDEX; - $citefile = $EXTERNAL_BIBLIO; $citefile =~ s/#.*$//; - $citefiles{1} = $citefile if ($citefile); - print "\nTranslating ..."; - - while ($i <= @sections) { - undef $_; - $_ = $sections[$i]; - s/^[\s]*//; # Remove initial blank lines - - # The section command was removed when splitting ... - s/^/\\$curr_sec$del/ if ($i > 0); # ... so put it back - if ($current_depth < $MAX_SPLIT_DEPTH) { - if (($footnotes)&&($NO_FOOTNODE)&&( $current_depth < $MAX_SPLIT_DEPTH)) { - local($thesenotes) = &make_footnotes ; - print OUTPUT $thesenotes; - } - $CURRENT_FILE = &make_name($curr_sec, join('_',@curr_sec_id)); - - open(OUTPUT, ">$CURRENT_FILE") - || die "Cannot write '$CURRENT_FILE': $!\n"; - if ($XBIT_HACK) { # use Apache's XBit hack - chmod 0744, $CURRENT_FILE; - &check_htaccess; - } else { - chmod 0644, $CURRENT_FILE; - } - - if ($MULTIPLE_FILES && $ROOTED) { - if ($DESTDIR =~ /^\Q$FIXEDDIR\E[$dd$dd]?([^$dd$dd]+)/) - { $CURRENT_FILE = "$1$dd$CURRENT_FILE" }; - } - } - &remove_document_env; -# &wrap_shorthand_environments; #RRM Is this needed ? - print STDOUT "\n" if ($VERBOSITY); - print STDOUT "\n" if ($VERBOSITY > 2); - print $i/5,"/$sections"; - print ":$top_sec$curr_sec:" if ($VERBOSITY); - - # Must do this early ... It also sets $TITLE - &process_command($sections_rx, $_) if (/^$sections_rx/); - # reset tags saved from the previous section - $open_tags_R = [ @save_open_tags ]; - @save_open_tags = (); - - local($curr_sec_tex); - if ((! $TITLE) || ($TITLE eq $default_title)) { - eval '$TITLE = '.$default_title; - $TITLE = $default_title if $@; - $curr_sec_tex = ($top_sec ? '' : - join('', '"', &revert_to_raw_tex($curr_sec), '"')); - print STDOUT "$curr_sec_tex for $CURRENT_FILE\n" if ($VERBOSITY); - } else { - local($tmp) = &purify($TITLE,1); - $tmp = &revert_to_raw_tex($tmp); - print STDOUT "\"$tmp\" for $CURRENT_FILE\n" if ($VERBOSITY); - } - - if (/\\(latextohtmlditchpreceding|startdocument)/m) { - local($after) = $'; - local($before) = $`.$&; - $SEGMENT = 1 if ($1 =~ /startdocument/); - print STDOUT "\n *** translating preamble ***\n" if ($VERBOSITY); - $_ = &translate_preamble($before); - s/\n\n//g; s/
//g; # remove redundant blank lines and breaks -# -# &process_aux_file if $AUX_FILE_NEEDED; -# - print STDOUT "\n *** preamble done ***\n" if ($VERBOSITY); - $PREAMBLE = 0; - $NESTING_LEVEL=0; - &do_AtBeginDocument; - $after =~ s/^\s*//m; - print STDOUT (($VERBOSITY >2)? "\n*** Translating environments ***" : ";"); - $after = &translate_environments($after); - print STDOUT (($VERBOSITY >2)? "\n*** Translating commands ***" : ";"); - $_ .= &translate_commands($after); -# $_ = &translate_commands($after); - } else { - &do_AtBeginDocument; - $PREAMBLE = 0; - $NESTING_LEVEL=0; - print STDOUT (($VERBOSITY >2)? "\n*** Translating environments ***" : ";"); - $_ = &translate_environments($_); - print STDOUT (($VERBOSITY >2)? "\n*** Translating commands ***" : ";"); - $_ = &translate_commands($_); - } - - # close any tags that remain open - if (@$open_tags_R) { - ($close_all,$open_all) = &preserve_open_tags(); - $_ .= $close_all; - @save_open_tags = @$open_tags_R; $open_tags_R = []; - } else { ($close_all,$open_all) = ('','') } - - print STDOUT (($VERBOSITY >2)? "\n*** Translations done ***" : "\n"); -# if (($footnotes)&&($NO_FOOTNODE)&&( $current_depth < $MAX_SPLIT_DEPTH)) { -# $_ .= &make_footnotes -# } - print OUTPUT $_; - - # Associate each id with the depth, the filename and the title - ###MEH -- starred sections don't show up in TOC ... - # RRM: ...unless $TOC_STARS is set -# $toc_sec_title = &simplify($toc_sec_title); - $toc_sec_title = &purify($toc_sec_title);# if $SEGMENT; - $toc_sec_title = &purify($TITLE) unless ($toc_sec_title); - - if ($TOC_STARS) { - $toc_section_info{join(' ',@curr_sec_id)} = - "$current_depth$delim$CURRENT_FILE$delim$toc_sec_title" -# if ($current_depth <= $MAX_SPLIT_DEPTH + $MAX_LINK_DEPTH); - if ($current_depth <= $TOC_DEPTH); - } else { - $toc_section_info{join(' ',@curr_sec_id)} = - "$current_depth$delim$CURRENT_FILE$delim$toc_sec_title" - . ($curr_sec =~ /star$/ ? "$delim" : "") -# if ($current_depth <= $MAX_SPLIT_DEPTH + $MAX_LINK_DEPTH); - if ($current_depth <= $TOC_DEPTH); - } - - # include $BODYTEXT in the section_info, when starting a new page - $section_info{join(' ',@curr_sec_id)} = - "$current_depth$delim$CURRENT_FILE$delim$TITLE$delim" - . (($current_depth < $MAX_SPLIT_DEPTH)? $BODYTEXT: ""); - - # Get type of section (see also the split above) - $curr_sec = $sections[$i+1].$sections[$i+2]; - $del = $sections[$i+4]; - - # Get the depth of the current section; -# $curr_sec = $outermost_level unless $curr_sec; - $current_depth = $section_commands{$curr_sec}; - if ($after_segment) { - $current_depth = $after_segment; - $curr_sec_id[$after_segment] += $after_seg_num; - ($after_segment,$after_seg_num) = ('',''); - for($j=1+$current_depth; $j <= $#curr_sec_id; $j++) { - $curr_sec_id[$j] = 0; - } - } - if ($SEGMENT||$SEGMENTED) { - for($j=1; $j <= $#curr_sec_id; $j++) { - $curr_sec_id[$j] += $segment_sec_id[$j]; - $segment_sec_id[$j] = 0; - } - }; - - - # this may alter the section-keys - $multiple_toc = 1 if ($MULTIPLE_FILES && $ROOTED && (/$toc_mark/)); - - - #RRM : Should this be done here, or in \stepcounter ? - @curr_sec_id = &new_level($current_depth, @curr_sec_id); - - $toc_sec_title = $TITLE = $top_sec = ''; - $i+=5; #skip to next text section - } - $open_tags_R = []; - $open_all = ''; - - $_ = undef; - $_ = &make_footnotes if ($footnotes); - $CURRENT_FILE = ''; - print OUTPUT; - close OUTPUT; - - -# # this may alter the section-keys -# &adjust_root_keys if $multiple_toc; - - if ($PREPROCESS_IMAGES) { &preprocess_images } - else { &make_image_file } - print STDOUT "\n *** making images ***" if ($VERBOSITY > 1); - &make_images; - - # Link sections, add head/body/address do cross-refs etc - print STDOUT "\n *** post-process ***" if ($VERBOSITY > 1); - &post_process; - - if (defined &document_post_post_process) { - #BRM: extra document-wide post-processing - print STDOUT "\n *** post-processing Document ***" if ($VERBOSITY > 1); - &document_post_post_process(); - } - - print STDOUT "\n *** post-processed ***" if ($VERBOSITY > 1); - ©_icons if $LOCAL_ICONS; - if ($SEGMENT || $DEBUG || $SEGMENTED) { - &save_captions_in_file("figure", $figure_captions) if $figure_captions; - &save_captions_in_file("table", $table_captions) if $table_captions; -# &save_array_in_file ("captions", "figure_captions", 0, %figure_captions) if %figure_captions; -# &save_array_in_file ("captions", "table_captions", 0, %table_captions) if %table_captions; - &save_array_in_file ("index", "index", 0, %index); - &save_array_in_file ("sections", "section_info", 0, %section_info); - &save_array_in_file ("contents", "toc_section_info", 0,%toc_section_info); - &save_array_in_file ("index", "sub_index", 1, %sub_index) if %sub_index; - &save_array_in_file ("index", "index_labels", 1, %index_labels) if %index_labels; - &save_array_in_file ("index", "index_segment", 1, %index_segment) if %index_segment; - &save_array_in_file ("index", "printable_key", 1, %printable_key) - if (%printable_key || %index_segment); - } - elsif ($MULTIPLE_FILES && $ROOTED) { - &save_array_in_file ("sections", "section_info", 0, %section_info); - &save_array_in_file ("contents", "toc_section_info", 0, %toc_section_info); - } - &save_array_in_file ("internals", "ref_files", 0, %ref_files) if $changed; - &save_array_in_file ("labels", "external_labels", 0, %ref_files); - &save_array_in_file ("labels", "external_latex_labels", 1, %latex_labels); - &save_array_in_file ("images", "cached_env_img", 0, %cached_env_img); -} - -# RRM: -sub translate_preamble { - local($_) = @_; - $PREAMBLE = 1; - $NESTING_LEVEL=0; #counter for TeX group nesting level - # remove some artificially inserted constructions - s/\n${tex2html_deferred_rx}\\par\s*${tex2html_deferred_rx2}\n/\n/gm; - s/\\newedcommand(<<\d+>>)([A-Za-z]+|[^A-Za-z])\1(\[\d+\])?(\[[^]]*\])?(<<\d+>>)[\w\W\n]*\5($comment_mark\d*)?//gm; - s/\n{2,}/\n/ogm; - - if (/\\htmlhead/) { - print STDOUT "\nPREAMBLE: discarding...\n$`" if ($VERBOSITY > 4); - local($after) = $&.$'; - # translate segment preamble preceding \htmlhead - &translate_commands(&translate_environments($`)); - # translate \htmlhead and rest of preamble - $_=&translate_commands(&translate_environments($after)); - print STDOUT "\nPREAMBLE: retaining...\n$_" if ($VERBOSITY > 4); - } else { - # translate only preamble here (metacommands etc.) - # there should be no textual results, if so, discard them - &translate_commands(&translate_environments($_)); - print STDOUT "\nPREAMBLE: discarding...\n$_" if ($VERBOSITY > 4); - $_=""; - }; - $_ = &do_AtBeginDocument($_); - if (! $SEGMENT) { $_ = ''} # segmented documents have a heading already - $_; -} - -############################ Processing Environments ########################## - -sub wrap_shorthand_environments { - # This wraps a dummy environment around environments that do not use - # the begin-end convention. The wrapper will force them to be - # evaluated by Latex rather than them being translated. - # Wrap a dummy environment around matching TMPs. - # s/^\$\$|([^\\])\$\$/{$1.&next_wrapper('tex2html_double_dollar')}/ge; - # Wrap a dummy environment around matching $s. - # s/^\$|([^\\])\$/{$1.&next_wrapper('$')}/ge; - # s/tex2html_double_dollar/\$\$/go; - # Do \(s and \[s - # - local($wrapper) = "tex2html_wrap_inline"; # \ensuremath wrapper - print STDOUT "\n *** wrapping environments ***\n" if ($VERBOSITY > 3); - - # MRO: replaced $* with /m - print STDOUT "\\(" if ($VERBOSITY > 3); - s/(^\\[(])|([^\\])(\\[(])/{$2.&make_any_wrapper(1,'',$wrapper).$1.$3}/geom; - print STDOUT "\\)" if ($VERBOSITY > 3); - s/(^\\[)]|[^\\]\\[)])/{$1.&make_any_wrapper(0,'',$wrapper)}/geom; - - print STDOUT "\\[" if ($VERBOSITY > 3); - s/(^\\[[])|([^\\])(\\[[])/{$2.&make_any_wrapper(1,1,"displaymath")}/geom; - print STDOUT "\\]" if ($VERBOSITY > 3); - s/(^\\[\]])|([^\\])(\\[\]])/{$2.&make_any_wrapper(0,1,"displaymath")}/geom; - - print STDOUT "\$" if ($VERBOSITY > 3); - s/$enspair/print "\$"; - {&make_any_wrapper(1,'',$wrapper).$&.&make_any_wrapper(0,'',$wrapper)}/geom; - - $double_dol_rx = '(^|[^\\\\])\\$\\$'; - $single_dol_rx = '(^|[^\\\\])\\$'; - print STDOUT "\$" if ($VERBOSITY > 3); - - local($dollars_remain) = 0; - $_ = &wrap_math_environment; - $_ = &wrap_raw_arg_cmds; -} - -sub wrap_math_environment { - - # This wraps math-type environments - # The trick here is that the opening brace is the same as the close, - # but they *can* still nest, in cases like this: - # - # $ outer stuff ... \hbox{ ... $ inner stuff $ ... } ... $ - # - # Note that the inner pair of $'s is nested within a group. So, to - # handle these cases correctly, we need to make sure that the outer - # brace-level is the same as the inner. --- rst - #tex2html_wrap - # And yet another problem: there is a scungy local idiom to do - # this: $\_$ for a boldfaced underscore. xmosaic can't display the - # resulting itty-bitty bitmap, for some reason; even if it could, it - # would probably come out as an overbar because of the floating- - # baseline problem. So, we have to special case this. --- rst again. - - local ($processed_text, @processed_text, $before, $end_rx, $delim, $ifclosed); - local ($underscore_match_rx) = "^\\s*\\\\\\_\\s*\\\$"; - local ($wrapper); - print STDOUT "\nwrap math:" if ($VERBOSITY > 3); - - #find braced dollars, in tabular-specs - while (/((($O|$OP)\d+($C|$CP))\s*)\$(\s*\2)/) { - push (@processed_text, $`, $1.$dol_mark.$5); - $_ = $'; - } - $_ = join('',@processed_text, $_) if (@processed_text); - undef @processed_text; - - $dollars_remain = 0; - while (/$single_dol_rx/) { - $processed_text .= $`.$1; - $_ = $'; - $wrapper = "tex2html_wrap_inline"; - $end_rx = $single_dol_rx; # Default, unless we begin with $$. - $delim = "\$"; - - if (/^\$/ && (! $`)) { - s/^\$//; - $end_rx = $double_dol_rx; - $delim = ""; # Cannot say "\$\$" inside displaymath - $wrapper = "displaymath"; - - } elsif (/$underscore_match_rx/ && (! $`)) { - - # Special case for $\_$ ... - - s/$underscore_match_rx//; - $processed_text .= '\\_'; - next; - } - - # Have an opening $ or $$. Find matching close, at same bracket level -# $processed_text .= &make_any_wrapper(1,'',$wrapper).$delim; - - print STDOUT "\$" if ($VERBOSITY > 3); - $ifclosed = 0; - local($thismath); - while (/$end_rx/) { - # Forget the $$ if we are going to replace it with "displaymath" - $before = $` . (($wrapper eq "displaymath")? "$1" : $&); - last if ($before =~ /\\(sub)*(item|section|chapter|part|paragraph)(star)?\b/); - $thismath .= $before; - $_ = $'; - s/^( [^\n])/\\space$1/s; #make sure a trailing space doesn't get lost. - - # Found dollar sign inside open subgroup ... now see if it's - # at the same brace-level ... - - local ($losing, $br_rx) = (0, ''); - print STDOUT "\$" if ($VERBOSITY > 3); - while ($before =~ /$begin_cmd_rx/) { - $br_rx = &make_end_cmd_rx($1); $before = $'; - - if ($before =~ /$br_rx/) { $before = $'; } - else { $losing = 1; last; } - } - do { $ifclosed = 1; last } unless $losing; - - # It wasn't ... find the matching close brace farther on; then - # keep going. - - /$br_rx/; - - $thismath .= $`.$&; - - #RRM: may now contain unprocessed $s e.g. $\mbox{...$...$...}$ - # the &do_cmd_mbox uses this specially to force an image - # ...but there may be other situations; e.g. \hbox - # so set a flag: - $dollars_remain = 1; - - $_ = $'; - } - - # Got to the end. Whew! - if ($ifclosed) { - # also process any nested math - while (($dollars_remain)&&($delim eq "\$")) { - local($saved) = $_; - $thismath =~ s/\$$//; - $_ = $thismath; - $thismath = &wrap_math_environment; - $thismath .= "\$"; - $_ = $saved; - } - $processed_text .= &make_any_wrapper(1,'',$wrapper) . $delim - . $thismath . &make_any_wrapper(0,'',$wrapper); - } else { - print STDERR "\n\n *** Error: unclosed math or extra `\$', before:\n$thismath\n\n"; -# # remove a $ to try to recover as much as possible. -# $thismath =~ s/([^\\]\\\\|[^\\])\$/$1\%\%/; -# $_ = $thismath . $_; $thismath = ""; - print "\n$thismath\n\n\n$_\n\n\n"; die; - - } - } - $processed_text . $_; -} - -sub translate_environments { - local ($_) = @_; - local($tmp, $capenv); -# print "\nTranslating environments ..."; - local($after, @processedE); - local ($contents, $before, $br_id, $env, $pattern); - for (;;) { -# last unless (/$begin_env_rx/o); - last unless (/$begin_env_rx|$begin_cmd_rx|\\(selectlanguage)/o); -# local ($contents, $before, $br_id, $env, $pattern); - local($this_env, $opt_arg, $style_info); - $contents = ''; - # $1,$2 : optional argument/text --- stylesheet info - # $3 : br_id (at the beginning of an environment name) - # $4 : environment name - # $5 : br_id of open-brace, when $3 == $4 == ''; - # $6 : \selectlanguage{...} - if ($7) { - push(@processedE,$`); - $_ = $'; - if (defined &do_cmd_selectlanguage) { - $_ = &do_cmd_selectlanguage($_); - } else { - local($cmd) = $7; - $pattern = &missing_braces unless ( - s/$next_pair_rx/$pattern = $2;''/e); - local($trans) = $pattern.'_translation'; - if (defined &$trans) { - &set_default_language($pattern,$_); - } - undef $cmd; undef $trans; - } - next; - } elsif ($4) { - ($before, $opt_arg, $style_info, $br_id - , $env, $after, $pattern) = ($`, $2, $3, $4, $5, $', $&); - if (($before)&& (!($before =~ /$begin_env_rx|$begin_cmd_rx/))) { - push(@processedE,$before); - $_ = $pattern . $after; $before = ''; - } - } else { - ($before, $br_id, $env, $after, $pattern) = ($`, $6, 'group', $', $&); - if (($before)&& (!($before =~ /$begin_env_rx|$begin_cmd_rx/))) { - push(@processedE,$before); - $_ = $pattern . $after; $before = ''; - } - local($end_cmd_rx) = &make_end_cmd_rx($br_id); - if ($after =~ /$end_cmd_rx/) { - # ... find the the matching closing one - $NESTING_LEVEL++; - ($contents, $after) = ($`, $'); - $contents = &process_group_env($contents); - print STDOUT "\nOUT: {$br_id} ".length($contents) if ($VERBOSITY > 3); - print STDOUT "\n:$contents\n" if ($VERBOSITY > 7); - # THIS MARKS THE OPEN-CLOSE DELIMITERS AS PROCESSED - $_ = join("", $before,"$OP$br_id$CP", $contents,"$OP$br_id$CP", $after); - $NESTING_LEVEL--; - } else { - $pattern = &escape_rx_chars($pattern); - s/$pattern//; - print "\nCannot find matching bracket for $br_id"; - $_ = join("", $before,"$OP$br_id$CP", $after); - } - next; - } - $contents = undef; - local($defenv) = $env =~ /deferred/; -# local($color_env); - local($color_env) - unless ($env =~ /tabular|longtable|in(line|display)|math/); - local($closures,$reopens); - local(@save_open_tags) = @$open_tags_R unless ($defenv); - local($open_tags_R) = [ @save_open_tags ] unless ($defenv); - local(@saved_tags) if ($env =~ /tabular|longtable/); - if ($env =~ /tabular|longtable|makeimage|in(line|display)/) { - @save_open_tags = @$open_tags_R; - $open_tags_R = [ @save_open_tags ]; - # check for color - local($color_test) = join(',',@$open_tags_R); - if ($color_test =~ /(color{[^}]*})/g ) { - $color_env = $1; - } # else { $color_env = '' } - - if ($env =~ /tabular|longtable|makeimage/) { - # close to the surrounding block-type tag - ($closures,$reopens,@saved_tags) = &preserve_open_block_tags(); - @save_open_tags = @$open_tags_R; - $open_tags_R = [ @save_open_tags ]; - if ($color_env) { - $color_test = join(',',@saved_tags); - if ($color_test =~ /(color{[^}]*})/g ) { - $color_env = $1; - } - } - } elsif ($env =~ /in(line|display)/) { - $closures = &close_all_tags() if ((&defined_env($env)) - &&!($defenv)&&!($env=~/inline/)&&(!$declarations{$env})); - if ($color_env) { - $color_test = $declarations{$color_env}; - $color_test =~ s/<\/.*$//; - $closures .= "\n$color_test"; - push (@$open_tags_R , $color_env); - } - } - } elsif ($env =~ /alltt|tex2html_wrap/) { - # alltt is constructed as paragraphs, not with 
-	    #  tex2html_wrap  creates an image, which is at text-level
-	} else {
-	    $closures = &close_all_tags() if ((&defined_env($env))
-		&&!($defenv)&&(!$declarations{$env}) );
-	}
-	# Sets $contents and modifies $after
-	if (&find_end_env($env,$contents,$after)) {
-	    print STDOUT "\nIN-A {$env $br_id}\n$contents\n" if ($VERBOSITY > 4);
-	    &process_command($counters_rx, $before)
-		if ($before =~ /$counters_rx/);
-	    # This may modify $before and $after
-	    # Modifies $contents
-#RRM: the do_env_... subroutines handle when to translate sub-environments
-#	    $contents = &translate_environments($contents) if
-##		((!$defenv) && (&defined_env($env)) && (! $raw_arg_cmds{$env})
-##		&& (!$declarations{$env})
-#		((&defined_env($env)) && (! $raw_arg_cmds{$env})
-#		&& (!($env =~ /latexonly|enumerate|figure|table|makeimage|wrap_inline/))
-#		&& ((! $NO_SIMPLE_MATH)||(!($env =~ /wrap/)))
-#		&& (!($env =~ /(math|wrap|equation|eqnarray|makeimage|minipage|tabular)/) )
-#		);
-	    if ($opt_arg) { 
-		&process_environment(1, $env, $br_id, $style_info); # alters $contents
-	    } else {
-		&process_environment(0, $env, $br_id, '');
-	    }
-	    undef $_;
-	    print STDOUT "\nOUT-A {$env $br_id}\n$contents\n" if ($VERBOSITY > 4);
-	    #JCL(jcl-env) - insert the $O$br_id$C stuff to handle environment grouping
-	    if (!($contents eq '')) {
-		$after =~ s/^\n//o if ($defenv);
-		$this_env = join("", $before, $closures
-			  , $contents
-			  , ($defenv ? '': &balance_tags())
-			  , $reopens ); $_ = $after;
-	    } else { 
-		$this_env = join("", $before , $closures
-			  , ($defenv ? '': &balance_tags())
-			  , $reopens ); $_ = $after;
-	    };
-	### Evan Welsh  added the next 24 lines ##
-	} elsif (&defined_env($env)) {
-	    print STDOUT "\nIN-B {$env $br_id}\n$contents\n" if ($VERBOSITY > 4);
-	    # If I specify a function for the environment then it
-	    # calls it with the contents truncated at the next section.
-	    # It assumes I know what I'm doing and doesn't give a
-	    # deferred warning.
-	    $contents = $after;
-	    if ($opt_arg) { 
-		$contents = &process_environment(1, $env, $br_id, $style_info);
-	    } else {
-		$contents = &process_environment(0, $env, $br_id, '');
-	    }
-	    print STDOUT "\nOUT-B {$env $br_id}\n$contents\n" if ($VERBOSITY > 4);
-	    $this_env = join("", $before, $closures ,$contents, $reopens);
-
-	    # there should not be anything left over 
-#	    $_ = $after;
-	    $_ = '';
-	} elsif ($ignore{$env}) {
-	    print STDOUT "\nIGNORED {$env $br_id}\n$contents\n" if ($VERBOSITY > 4);
-	    # If I specify that the environment should be ignored then
-	    # it is but I get a deferred warning.
-	    $this_env = join("", $before , $closures , &balance_tags()
-		      , $contents, $reopens );
-	    $_ = $after;
-	    &write_warnings("\n\\end{$env} not found (ignored).\n");
-	} elsif ($raw_arg_cmds{$env}) {
-	    print "\nIN-C {$env $br_id}\n$contents\n" if ($VERBOSITY > 4);
-	    # If I specify that the environment should be passed to tex
-	    # then it is with the environment truncated at the next
-	    # section and I get a deferred warning.
-
-	    $contents = $after;
-	    if ($opt_arg) { 
-		$contents = &process_environment(1, $env, $br_id, $style_info);
-	    } else {
-		$contents = &process_environment(0, $env, $br_id, '');
-	    }
-	    print STDOUT "\nOUT-C {$env $br_id}\n$contents\n" if ($VERBOSITY > 4);
-	    $this_env = join("", $before, $closures
-			     , $contents, &balance_tags(), $reopens );
-	    $_='';
-	    &write_warnings(
-	        "\n\\end{$env $br_id} not found (truncated at next section boundary).\n");
-	} else {
-	    $pattern = &escape_rx_chars($pattern);
-	    s/$pattern/$closures/;
-	    print "\nCannot find \\end{$env $br_id}\n";
-	    $_ .= join('', &balance_tags(), $reopens) unless ($defenv);
-	}
-	if ($this_env =~ /$begin_env_rx|$begin_cmd_rx/) {
-	    $_ = $this_env . $_;
-	} else { push (@processedE, $this_env) }
-    }
-    $_ = join('',@processedE) . $_;
-    $tmp = $_; undef $_;
-    &process_command($counters_rx, $tmp) if ($tmp =~ /$counters_rx/);
-    $_ = $tmp; undef $tmp;
-    $_
-}
-
-sub find_end_env {
-    # MRO: find_end_env($env,$contents,$rest)
-    #local ($env, *ref_contents, *rest) = @_;
-    my $env = $_[0];
-    my $be_rx = &make_begin_end_env_rx($env);
-    my $count = 1;
-
-    while ($_[2] =~ /($be_rx)(\n?)/s) { # $rest
-	$_[1] .= $`; # $contents
-
-	if ($2 eq "begin") { ++$count }
-	else { --$count };
-
-	#include any final \n at an {end} only
-	$_[2] = (($2 eq 'end')? $5 : '') . $'; # $rest
-	last if $count == 0;
-
-	$_[1] .= $1; # $contents
-    }
-
-    if ($count != 0) {
-	$_[2] = join('', $_[1], $_[2]); # $rest = join('', $contents, $rest);
-	$_[1] = ''; # $contents
-	return(0)
-    } else { return(1) }
-}
-
-
-sub process_group_env {
-    local($contents) = @_;
-    local(@save_open_tags) = @$open_tags_R;
-    local($open_tags_R) = [ @save_open_tags ];
-    print STDOUT "\nIN::{group $br_id}" if ($VERBOSITY > 4);
-    print STDOUT "\n:$contents\n" if ($VERBOSITY > 6);
-
-    # need to catch explicit local font-changes
-    local(%font_size) = %font_size if (/\\font\b/);
-
-    # record class/id info for a style-sheet entry
-    local($env_id, $tmp, $etmp);
-    if (($USING_STYLES) && !$PREAMBLE ) { $env_id = $br_id; }
-#	$env_id = "grp$br_id";
-#	$styleID{$env_id} = " ";
-#        $env_id = " ID=\"$env_id\"";
-#    }
-
-    undef $_;
-    $contents =~ s/^\s*$par_rx\s*//s; # don't start with a \par 
-    if ($contents =~ /^\s*\\($image_switch_rx)\b\s*/s) {
-	# catch TeX-like environments: {\fontcmd ... }
-	local($image_style) = $1;
-	if ($USING_STYLES) {
-	    $env_style{$image_style} = " " unless ($env_style{$image_style});
-	}
-	local($switch_cmd) = "do_cmd_${image_style}";
-	if (defined &$switch_cmd ) {
-	    eval "\$contents = \&${switch_cmd}(\$')";
-	    print "\n*** &$switch_cmd didn't work: $@\n$contents\n\n" if ($@);
-	} elsif ($contents =~ /$par_rx/) {
-	    # split into separate image for each paragraph
-	    local($par_style,$this_par_img) = '';
-	    local(@par_pieces) = split($par_rx, $contents);
-	    local($this_par,$par_style,$par_comment);
-	    $contents = '';
-	    while (@par_pieces) {
-		$this_par = shift @par_pieces;
-		if ($this_par =~ /^\s*\\($image_switch_rx)\b/s) {
-		    $image_style = $1;
-		    $par_style = 'P.'.$1;
-		    $env_style{$par_style} = " " unless ($env_style{$par_style});
-		}
-#	no comment: source is usually too highly encoded to be meaningful
-#	$par_comment = &make_comment($image_style,$this_par);
-		$this_par_img = &process_in_latex("\{".$this_par."\}");
-		$contents .=  join(''  #,"\n", $par_comment
-			, "\n", $this_par_img
-			, "
\n");
-		if (@par_pieces) {
-		    # discard the pieces from matching  $par_rx
-		    $dum = shift @par_pieces;
-		    $dum = shift @par_pieces;
-		    $dum = shift @par_pieces;
-		    $dum = shift @par_pieces;
-		    $dum = shift @par_pieces;
-		    $dum = shift @par_pieces;
-#		    $contents .= "\n
\n
";
-		}
-	    }
-	} else {
-	    $contents = &process_undefined_environment("tex2html_accent_inline"
-		, ++$global{'max_id'},"\{".$contents."\}");
-        }
-    } elsif ($contents =~ /^\s*\\(html)?url\b($O\d+$C)[^<]*\2\s*/) {
-	# do nothing
-	$contents = &translate_environments($contents);
-	$contents = &translate_commands($contents);
-    } elsif (($env_switch_rx)&&($contents =~ s/^(\s*)\\($env_switch_rx)\b//s)) {
-	# write directly into images.tex, protected by \begingroup...\endgroup
-	local($prespace, $cmd, $tmp) = ($1,$2,"do_cmd_$2");
-	$latex_body .= "\n\\begingroup ";
-	if (defined &$tmp) {
-	    eval("\$contents = &do_cmd_$cmd(\$contents)");
-	}
-	$contents = &translate_environments($contents);
-	$contents = &translate_commands($contents);
-	undef $tmp; undef $cmd;
-	$contents .= "\n\\endgroup ";
-    } elsif ($contents =~ /^\s*\\([a-zA-Z]+)\b/s) { 
-	local($after_cmd) = $';
-	local($cmd) = $1; $tmp = "do_cmd_$cmd"; $etmp = "do_env_$cmd";
-	if (($cmd =~/^(rm(family)?|normalsize)$/)
-		||($declarations{$cmd}&&(defined &$tmp))) {
-	    do{
-		local(@save_open_tags) = @$open_tags_R;
-		eval "\$contents = \&$tmp(\$after_cmd);";
-		print "\n*** eval &$tmp failed: $@\n$contents\n\n" if ($@);
-		$contents .= &balance_tags();
-	    };
-	} elsif ($declarations{$cmd}&&(defined &$etmp)) {
-	    eval "\$contents = \&$etmp(\$after_cmd);";
-	} else {
-	    $contents = &translate_environments($contents);
-	    $contents = &translate_commands($contents)
-		if ($contents =~ /$match_br_rx/o);
-	    # Modifies $contents
-	    &process_command($single_cmd_rx,$contents) if ($contents =~ /\\/o);
-	}
-	undef $cmd; undef $tmp; undef $etmp;
-    } else { 
-	$contents = &translate_environments($contents);
-	$contents = &translate_commands($contents)
-	    if ($contents =~ /$match_br_rx/o);
-        # Modifies $contents
-	&process_command($single_cmd_rx,$contents)
-	    if ($contents =~ /\\/o);
-    }
-    $contents . &balance_tags();
-}
-
-# MODIFIES $contents
-sub process_environment {
-    local($opt, $env, $id, $styles) = @_;
-
-    local($envS) = $env; $envS =~ s/\*\s*$/star/;
-    local($env_sub,$border,$attribs,$env_id) = ("do_env_$envS",'','','');
-    local($original) = $contents;
-
-    if ($env =~ /tex2html_deferred/ ) {
-	$contents = &do_env_tex2html_deferred($contents);
-	return ($contents);
-    }
-    $env_id = &read_style_info($opt, $env, $id, $styles) 
-	if (($USING_STYLES)&&($opt));
-
-    if (&defined_env($env)) {
-	print STDOUT ",";
-	print STDOUT "{$env $id}" if ($VERBOSITY > 1);
-#	$env_sub =~ s/\*$/star/;
-	$contents = &$env_sub($contents);
-
-    } elsif ($env =~ /tex2html_nowrap/) {
-	#pass it on directly for LaTeX, via images.tex
-	$contents = &process_undefined_environment($env, $id, $contents);
-	return ($contents);
-
-#    elsif (&special_env) {	# &special_env modifies $contents
-    } else {
-	local($no_special_chars) = 0;
-	local($failed) = 0;
-	local($has_special_chars) = 0;
-	&special_env; #  modifies $contents
-	print STDOUT "\n" if ($VERBOSITY > 3);
-	if ($failed || $has_special_chars) {
-	    $contents = $original;
-	    $failed = 1;
-	    print STDOUT " !failed!\n" if ($VERBOSITY > 3);
-        }
-    }
-    if (($contents) && ($contents eq $original)) {
-        if ($ignore{$env}) {  return(''); }
-        # Generate picture
-	if ($contents =~ s/$htmlborder_rx//o) {
-	    $attribs = $2; $border = (($4)? "$4" : 1)
-	} elsif ($contents =~ s/$htmlborder_pr_rx//o) { 
-	    $attribs = $2; $border = (($4)? "$4" : 1)
-	}
-	$contents = &process_undefined_environment($env, $id, $contents);
-	$env_sub = "post_latex_$env_sub"; # i.e. post_latex_do_env_ENV
-        if ( defined &$env_sub) {
-	    $contents = &$env_sub($contents);
-	} elsif (($border||($attributes))&&($HTML_VERSION > 2.1)) {
-	    $contents = &make_table($border,$attribs,'','','',$contents);
-	} else {
-	    $contents = join('',"
\n",$contents,"\n
")
-	        unless (!($contents)||($inner_math)||($env =~
-	              /^(tex2html_wrap|tex2html_nowrap|\w*math|eq\w*n)/o ));
-	}
-    }
-    $contents;
-}
-
-
-#RRM: This reads the style information contained in the optional argument
-#   to the \begin command. It is stored to be recovered later as an entry
-#   within the automatically-generated style-sheet, if $USING_STYLES is set.
-# Syntax for this info is:
-#