From 1250b0b83f0029db59e4dc6dfa0d53b1b76e5f8f Mon Sep 17 00:00:00 2001 From: rettenbe Date: Tue, 5 Feb 2008 15:28:26 +0000 Subject: [PATCH] client forces every x sec a renewal of server_key git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@8751 594d385d-05f5-0310-b6e9-bd551577e9d8 --- gosa-si/client.conf | 3 +- gosa-si/client/events/corefunctions.pm | 13 +++----- gosa-si/gosa-si-client | 38 ++++++++++++++++++++--- gosa-si/gosa-si-server | 2 +- gosa-si/modules/GosaSupportDaemon.pm | 2 +- gosa-si/modules/SIPackages.pm | 43 +++++++++++++------------- gosa-si/server.conf | 1 + 7 files changed, 64 insertions(+), 38 deletions(-) diff --git a/gosa-si/client.conf b/gosa-si/client.conf index 5359d59cd..34c774338 100644 --- a/gosa-si/client.conf +++ b/gosa-si/client.conf @@ -5,10 +5,9 @@ pid_file = /var/run/gosa-si-client.pid [client] client_ip = 10.89.1.31 client_port = 20083 -client_mac_address = 00:01:6c:9d:b9:fa [server] -server_ip = 127.0.0.1 +server_ip = 10.89.1.31 server_port = 20081 server_key = secret-server-password server_timeout = 5 diff --git a/gosa-si/client/events/corefunctions.pm b/gosa-si/client/events/corefunctions.pm index babe60030..6cbdc1b5d 100644 --- a/gosa-si/client/events/corefunctions.pm +++ b/gosa-si/client/events/corefunctions.pm @@ -35,7 +35,6 @@ END {} my $server_address = $main::server_address; my $server_key = $main::server_key; -my $client_address = $main::client_address; my $client_mac_address = $main::client_mac_address; sub get_events { @@ -52,13 +51,13 @@ sub daemon_log { sub registered { my ($msg, $msg_hash) = @_ ; + my $header = @{$msg_hash->{'header'}}[0]; - if( $header eq "registered" ) { my $source = @{$msg_hash->{'source'}}[0]; &main::daemon_log("registration at $source",1); } - + # set registration_flag to true my $out_hash = &create_xml_hash("registered", $main::client_address, $main::server_address); my $out_msg = &create_xml_string($out_hash); @@ -248,12 +247,10 @@ sub new_ldap_config { sub new_key { # my ($msg_hash) = @_ ; - my $new_server_key = &create_passwd(); + my $new_server_key = &main::create_passwd(); - my $out_hash = &create_xml_hash("new_passwd", $client_address, $server_address, $new_server_key); + my $out_hash = &create_xml_hash("new_key", $main::client_address, $main::server_address, $new_server_key); my $out_msg = &create_xml_string($out_hash); - #&send_msg_hash2address($out_hash, $server_address, $main::server_key); - $main::server_key = $new_server_key; return $out_msg; } @@ -366,7 +363,7 @@ sub detect_hardware { &main::daemon_log("Hardware detection done!", 4); return &send_msg_hash2address( - &create_xml_hash("detected_hardware", $client_address, $server_address, $result), + &create_xml_hash("detected_hardware", $main::client_address, $server_address, $result), $server_address, $server_key, ); diff --git a/gosa-si/gosa-si-client b/gosa-si/gosa-si-client index 417b9263e..2647710d8 100755 --- a/gosa-si/gosa-si-client +++ b/gosa-si/gosa-si-client @@ -40,7 +40,7 @@ my $event_dir = "/usr/lib/gosa-si/client/events"; use lib "/usr/lib/gosa-si/client/events"; my ($cfg_file, %cfg_defaults, $foreground, $verbose, $pid_file, $procid, $pid, $log_file); -my ($server_ip, $server_port, $server_key, $server_timeout, $server_domain); +my ($server_ip, $server_port, $server_key, $server_timeout, $server_domain, $server_key_lifetime); my ($client_ip, $client_port, $client_mac_address, $ldap_enabled, $ldap_config, $pam_config, $nss_config); my $xml; my $default_server_key; @@ -77,6 +77,7 @@ our $REGISTERED_FLAG = 1; "server_key" => [\$server_key, ""], "server_timeout" => [\$server_timeout, 10], "server_domain" => [\$server_domain, ""], + "server_key_lifetime" => [\$server_key_lifetime, 600], }, ); @@ -869,6 +870,8 @@ sub register_at_gosa_si_server { } daemon_log("waiting for msg 'register_at_gosa_si_server'",1); $kernel->delay_set('register_at_gosa_si_server',2); + # clear old settings and set it again + $kernel->delay_set('trigger_new_key', $server_key_lifetime); } return; } @@ -954,9 +957,26 @@ sub import_events { } } +sub trigger_new_key { + my ($kernel) = $_[KERNEL] ; + + my $msg = "
new_key
$client_address$client_address"; + &send_msg_to_target($msg, $client_address, $server_key, 'new_key'); + + $kernel->delay_set('trigger_new_key', $server_key_lifetime); + +} + + +sub _start { + my ($kernel) = $_[KERNEL]; + $kernel->alias_set('client_session'); + $kernel->yield('register_at_gosa_si_server'); +} + sub server_input { - my ($heap,$input,$wheel) = @_[HEAP, ARG0, ARG1]; + my ($kernel, $heap, $input, $wheel) = @_[KERNEL, HEAP, ARG0, ARG1]; my $error = 0; my $answer; @@ -985,11 +1005,20 @@ sub server_input { ######## # answer if( $answer ) { + # preprocessing if( $answer =~ "
registered
") { + # set registered flag to true to stop sending further registered msgs $REGISTERED_FLAG = 0; } else { - &send_msg_to_address($answer, $server_address, $server_key); + &send_msg_to_target($answer, $server_address, $server_key); + } + # postprocessing + if( $answer =~ "
new_key
") { + # set new key to global variable + $answer =~ /(\S*?)<\/new_key>/; + my $new_key = $1; + $server_key = $new_key; } } @@ -1100,8 +1129,9 @@ daemon_log("found servers in configuration file and via DNS: $servers_string", 5 POE::Session->create( inline_states => { - _start => \®ister_at_gosa_si_server , + _start => \&_start, register_at_gosa_si_server => \®ister_at_gosa_si_server, + trigger_new_key => \&trigger_new_key, } ); diff --git a/gosa-si/gosa-si-server b/gosa-si/gosa-si-server index 3c73064d8..29a526509 100755 --- a/gosa-si/gosa-si-server +++ b/gosa-si/gosa-si-server @@ -724,7 +724,7 @@ sub client_input { # process incoming msg if( $error == 0) { daemon_log("Processing module ".$module, 3); - $answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash); + $answer_l = &{ $module."::process_incoming_msg" }($msg, $msg_hash, $heap->{'remote_ip'}); if ( 0 > @{$answer_l} ) { my $answer_str = join("\n", @{$answer_l}); diff --git a/gosa-si/modules/GosaSupportDaemon.pm b/gosa-si/modules/GosaSupportDaemon.pm index 93ff49d7a..1a40c23a0 100644 --- a/gosa-si/modules/GosaSupportDaemon.pm +++ b/gosa-si/modules/GosaSupportDaemon.pm @@ -2,7 +2,7 @@ package GOSA::GosaSupportDaemon; use Exporter; @ISA = qw(Exporter); -@EXPORT = qw(create_xml_hash send_msg_hash2address get_content_from_xml_hash add_content2xml_hash create_xml_string encrypt_msg decrypt_msg create_ciphering transform_msg2hash get_time send_msg get_where_statement get_select_statement get_update_statement get_limit_statement get_orderby_statement); +@EXPORT = qw(create_xml_hash get_content_from_xml_hash add_content2xml_hash create_xml_string encrypt_msg decrypt_msg create_ciphering transform_msg2hash get_time send_msg get_where_statement get_select_statement get_update_statement get_limit_statement get_orderby_statement); use strict; use warnings; diff --git a/gosa-si/modules/SIPackages.pm b/gosa-si/modules/SIPackages.pm index 9924be37f..6c44e134a 100644 --- a/gosa-si/modules/SIPackages.pm +++ b/gosa-si/modules/SIPackages.pm @@ -361,7 +361,7 @@ sub register_at_bus { # DESCRIPTION: handels the proceeded distribution to the appropriated functions #=============================================================================== sub process_incoming_msg { - my ($msg, $msg_hash) = @_ ; + my ($msg, $msg_hash, $remote_ip) = @_ ; my $error = 0; my $host_name; my $host_key; @@ -369,7 +369,6 @@ sub process_incoming_msg { # process incoming msg my $header = @{$msg_hash->{header}}[0]; - my $source = @{$msg_hash->{source}}[0]; my @target_l = @{$msg_hash->{target}}; &main::daemon_log("SIPackages: msg to process: $header", 3); @@ -383,25 +382,25 @@ sub process_incoming_msg { if( 1 == length @target_l) { my $target = $target_l[0]; if( $target eq $server_address ) { - if ($header eq 'new_passwd') { - @out_msg_l = &new_passwd($msg_hash) - } elsif ($header eq 'here_i_am') { - @out_msg_l = &here_i_am($msg_hash) - } elsif ($header eq 'who_has') { - @out_msg_l = &who_has($msg_hash) - } elsif ($header eq 'who_has_i_do') { - @out_msg_l = &who_has_i_do($msg_hash) - } elsif ($header eq 'got_ping') { - @out_msg_l = &got_ping($msg_hash) - } elsif ($header eq 'get_load') { - @out_msg_l = &execute_actions($msg_hash) + if ($header eq 'new_key') { + @out_msg_l = &new_key($msg_hash) + } elsif ($header eq 'here_i_am') { + @out_msg_l = &here_i_am($msg_hash) + } elsif ($header eq 'who_has') { + @out_msg_l = &who_has($msg_hash) + } elsif ($header eq 'who_has_i_do') { + @out_msg_l = &who_has_i_do($msg_hash) + } elsif ($header eq 'got_ping') { + @out_msg_l = &got_ping($msg_hash) + } elsif ($header eq 'get_load') { + @out_msg_l = &execute_actions($msg_hash) } elsif ($header eq 'detected_hardware') { - @out_msg_l = &process_detected_hardware($msg_hash) - } elsif ($header eq 'trigger_wake') { - foreach (@{$msg_hash->{macAddress}}){ - &main::daemon_log("SIPackages: trigger wake for $_", 1); - do_wake($_); - } + @out_msg_l = &process_detected_hardware($msg_hash) + } elsif ($header eq 'trigger_wake') { + foreach (@{$msg_hash->{macAddress}}){ + &main::daemon_log("SIPackages: trigger wake for $_", 1); + do_wake($_); + } } else { &main::daemon_log("ERROR: $header is an unknown core function", 1); @@ -453,13 +452,13 @@ sub got_ping { # RETURNS: nothing # DESCRIPTION: process this incoming message #=============================================================================== -sub new_passwd { +sub new_key { my ($msg_hash) = @_; my @out_msg_l; my $header = @{$msg_hash->{header}}[0]; my $source_name = @{$msg_hash->{source}}[0]; - my $source_key = @{$msg_hash->{new_passwd}}[0]; + my $source_key = @{$msg_hash->{new_key}}[0]; my $query_res; # check known_clients_db diff --git a/gosa-si/server.conf b/gosa-si/server.conf index 5f22d234c..ac0d78d37 100644 --- a/gosa-si/server.conf +++ b/gosa-si/server.conf @@ -14,6 +14,7 @@ bus_port = 20080 [server] server_activ = on +server_ip = 10.89.1.31 server_port = 20081 SIPackages_key = secret-server-password max_clients = 5 -- 2.30.2