From 67b5bc5f44439ecbe9a6cee9847e26b25a0f88af Mon Sep 17 00:00:00 2001 From: janw Date: Thu, 19 Jun 2008 12:40:42 +0000 Subject: [PATCH] Changed element keyid to uid. Check for expires - entry. git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@11381 594d385d-05f5-0310-b6e9-bd551577e9d8 --- gosa-si/server/events/gosaTriggered.pm | 189 ++++++++++++++----------- 1 file changed, 106 insertions(+), 83 deletions(-) diff --git a/gosa-si/server/events/gosaTriggered.pm b/gosa-si/server/events/gosaTriggered.pm index 0b35e500e..c51515022 100644 --- a/gosa-si/server/events/gosaTriggered.pm +++ b/gosa-si/server/events/gosaTriggered.pm @@ -860,10 +860,15 @@ sub trigger_activate_new { sub get_dak_keyring { - my ($msg, $msg_hash, $session_id) = @_; - my $source = @{$msg_hash->{'source'}}[0]; - my $target = @{$msg_hash->{'target'}}[0]; - my $header= @{$msg_hash->{'header'}}[0]; + my ($msg, $msg_hash) = @_; + my $source = @{$msg_hash->{'source'}}[0]; + my $target = @{$msg_hash->{'target'}}[0]; + my $header= @{$msg_hash->{'header'}}[0]; + my $session_id = @{$msg_hash->{'session_id'}}[0]; + + # build return message with twisted target and source + my $out_hash = &main::create_xml_hash("answer_$header", $target, $source); + &add_content2xml_hash($out_hash, "session_id", $session_id); my @keys; my %data; @@ -872,114 +877,132 @@ sub get_dak_keyring { my $gpg_cmd = `which gpg`; chomp $gpg_cmd; my $gpg = "$gpg_cmd --no-default-keyring --no-random-seed --keyring $keyring"; - + # Check if the keyrings are in place and readable if( - &run_as($main::dak_user, "test -r $keyring")->{'resultCode'} != 0 - ) { - &main::daemon_log("ERROR: Dak Keyrings are unreadable!"); - } else { - my $command = "$gpg --list-keys"; - my $output = &run_as($main::dak_user, $command); - - my $i=0; - foreach (@{$output->{'output'}}) { - if ($_ =~ m/^pub\s.*$/) { - ($keys[$i]->{'pub'}->{'length'}, $keys[$i]->{'pub'}->{'uid'}, $keys[$i]->{'pub'}->{'valid'}) = ($1, $2, $3) - if $_ =~ m/^pub\s*?(\w*?)\/(\w*?)\s(\d{4}-\d{2}-\d{2})$/; - } elsif ($_ =~ m/^sub\s.*$/) { - ($keys[$i]->{'sub'}->{'length'}, $keys[$i]->{'sub'}->{'uid'}, $keys[$i]->{'sub'}->{'valid'}) = ($1, $2, $3) - if $_ =~ m/^sub\s*?(\w*?)\/(\w*?)\s(\d{4}-\d{2}-\d{2})$/; - } elsif ($_ =~ m/^uid\s.*$/) { - push @{$keys[$i]->{'uid'}}, $1 if $_ =~ m/^uid\s*?([^\s].*?)$/; - } elsif ($_ =~ m/^$/) { - $i++; - } - } - } + &run_as($main::dak_user, "test -r $keyring")->{'resultCode'} != 0 + ) { + &add_content2xml_hash($out_hash, "error", "DAK Keyring is not readable"); + } else { + my $command = "$gpg --list-keys"; + my $output = &run_as($main::dak_user, $command); + + my $i=0; + foreach (@{$output->{'output'}}) { + if ($_ =~ m/^pub\s.*$/) { + ($keys[$i]->{'pub'}->{'length'}, $keys[$i]->{'pub'}->{'uid'}, $keys[$i]->{'pub'}->{'created'}) = ($1, $2, $3) + if $_ =~ m/^pub\s*?(\w*?)\/(\w*?)\s(\d{4}-\d{2}-\d{2})/; + $keys[$1]->{'pub'}->{'expires'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expires:\s(\d{4}-\d{2}-\d{2})\]/; + } elsif ($_ =~ m/^sub\s.*$/) { + ($keys[$i]->{'sub'}->{'length'}, $keys[$i]->{'sub'}->{'uid'}, $keys[$i]->{'sub'}->{'created'}) = ($1, $2, $3) + if $_ =~ m/^sub\s*?(\w*?)\/(\w*?)\s(\d{4}-\d{2}-\d{2})/; + $keys[$1]->{'sub'}->{'expires'} = $1 if $_ =~ m/^pub\s*?\w*?\/\w*?\s\d{4}-\d{2}-\d{2}\s\[expires:\s(\d{4}-\d{2}-\d{2})\]/; + } elsif ($_ =~ m/^uid\s.*$/) { + push @{$keys[$i]->{'uid'}}, $1 if $_ =~ m/^uid\s*?([^\s].*?)$/; + } elsif ($_ =~ m/^$/) { + $i++; + } + } + } - my $i=0; - foreach my $key (@keys) { - $data{"answer".$i++}= $key; - } - - my $out_msg = &build_msg("get_dak_keyring", $target, $source, \%data); - my @out_msg_l = ($out_msg); - return @out_msg_l; + my $i=0; + foreach my $key (@keys) { + &add_content2xml_hash($out_hash, "answer".$i++, $key); + } + my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0]; + if (defined $forward_to_gosa) { + &add_content2xml_hash($out_hash, "forward_to_gosa", $forward_to_gosa); + } + return &create_xml_string($out_hash); } sub import_dak_key { - my ($msg, $msg_hash, $session_id) = @_; - my $source = @{$msg_hash->{'source'}}[0]; - my $target = @{$msg_hash->{'target'}}[0]; - my $header= @{$msg_hash->{'header'}}[0]; + my ($msg, $msg_hash) = @_; + my $source = @{$msg_hash->{'source'}}[0]; + my $target = @{$msg_hash->{'target'}}[0]; + my $header= @{$msg_hash->{'header'}}[0]; + my $session_id = @{$msg_hash->{'session_id'}}[0]; my $key = &decode_base64(@{$msg_hash->{'key'}}[0]); - + + # build return message with twisted target and source + my $out_hash = &main::create_xml_hash("answer_$header", $target, $source); + &add_content2xml_hash($out_hash, "session_id", $session_id); + my %data; my $keyring = $main::dak_signing_keys_directory."/keyring.gpg"; my $gpg_cmd = `which gpg`; chomp $gpg_cmd; my $gpg = "$gpg_cmd --no-default-keyring --no-random-seed --keyring $keyring"; - + # Check if the keyrings are in place and writable if( - &run_as($main::dak_user, "test -w $keyring")->{'resultCode'} != 0 - ) { - &main::daemon_log("ERROR: Dak Keyring is not writable!"); - } else { - my $keyfile; - open($keyfile, ">/tmp/gosa_si_tmp_dak_key"); - print $keyfile $key; - close($keyfile); - my $command = "$gpg --import /tmp/gosa_si_tmp_dak_key"; - my $output = &run_as($main::dak_user, $command); - unlink("/tmp/gosa_si_tmp_dak_key"); - - if($output->{'resultCode'} != 0) { - &main::daemon_log("ERROR: Import of dak key failed! Output was: '".$output->{'output'}."'", 1); - } - } + &run_as($main::dak_user, "test -w $keyring")->{'resultCode'} != 0 + ) { + &add_content2xml_hash($out_hash, "error", "DAK Keyring is not writable"); + } else { + my $keyfile; + open($keyfile, ">/tmp/gosa_si_tmp_dak_key"); + print $keyfile $key; + close($keyfile); + my $command = "$gpg --import /tmp/gosa_si_tmp_dak_key"; + my $output = &run_as($main::dak_user, $command); + unlink("/tmp/gosa_si_tmp_dak_key"); + + if($output->{'resultCode'} != 0) { + &add_content2xml_hash($out_hash, "error", "Import of DAK key failed! Output was '".$output->{'output'}."'"); + } else { + &add_content2xml_hash($out_hash, "answer", "Import of DAK key successfull! Output was '".$output->{'output'}."'"); + } + } - my $out_msg = &build_msg("import_dak_key", $target, $source, \%data); - my @out_msg_l = ($out_msg); - return @out_msg_l; + my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0]; + if (defined $forward_to_gosa) { + &add_content2xml_hash($out_hash, "forward_to_gosa", $forward_to_gosa); + } + return &create_xml_string($out_hash); } sub remove_dak_key { - my ($msg, $msg_hash, $session_id) = @_; - my $source = @{$msg_hash->{'source'}}[0]; - my $target = @{$msg_hash->{'target'}}[0]; - my $header= @{$msg_hash->{'header'}}[0]; - my $key = @{$msg_hash->{'keyid'}}[0]; + my ($msg, $msg_hash) = @_; + my $source = @{$msg_hash->{'source'}}[0]; + my $target = @{$msg_hash->{'target'}}[0]; + my $header= @{$msg_hash->{'header'}}[0]; + my $session_id = @{$msg_hash->{'session_id'}}[0]; + my $key = @{$msg_hash->{'uid'}}[0]; + # build return message with twisted target and source + my $out_hash = &main::create_xml_hash("answer_$header", $target, $source); + &add_content2xml_hash($out_hash, "session_id", $session_id); my %data; my $keyring = $main::dak_signing_keys_directory."/keyring.gpg"; my $gpg_cmd = `which gpg`; chomp $gpg_cmd; - my $gpg = "$gpg_cmd --no-default-keyring --no-random-seed --keyring $keyring"; - + my $gpg = "$gpg_cmd --no-default-keyring --no-random-seed --homedir ".$main::dak_signing_keys_directory." --keyring $keyring"; + # Check if the keyrings are in place and writable if( - &run_as($main::dak_user, "test -w $keyring")->{'resultCode'} != 0 - ) { - &main::daemon_log("ERROR: Dak Keyrings are not writable!"); - } else { - # Check if the key is present in the keyring - if(&run_as($main::dak_user, "$gpg --list-keys $key")->{'resultCode'} == 0) { - my $command = "$gpg --batch --yes --delete-key $key"; - my $output = &run_as($main::dak_user, $command); - } else { - &main::daemon_log("WARNING: Dak key with id '$key' was not found in keyring!", 4); - } - } - - my $out_msg = &build_msg("remove_dak_key", $target, $source, \%data); - my @out_msg_l = ($out_msg); - return @out_msg_l; + &run_as($main::dak_user, "test -w $keyring")->{'resultCode'} != 0 + ) { + &add_content2xml_hash($out_hash, "error", "DAK keyring is not writable"); + } else { + # Check if the key is present in the keyring + if(&run_as($main::dak_user, "$gpg --list-keys $key")->{'resultCode'} == 0) { + my $command = "$gpg --batch --yes --delete-key $key"; + my $output = &run_as($main::dak_user, $command); + } else { + &add_content2xml_hash($out_hash, "error", "DAK key with id '$key' was not found in keyring"); + } + } + + my $forward_to_gosa = @{$msg_hash->{'forward_to_gosa'}}[0]; + if (defined $forward_to_gosa) { + &add_content2xml_hash($out_hash, "forward_to_gosa", $forward_to_gosa); + } + return &create_xml_string($out_hash); } -- 2.30.2