[X2Go-Commits] x2gobroker.git - build-main (branch) updated: 1be2f404a96226fd28c4a39272b8eaf24987dd8d
X2Go dev team
git-admin at x2go.org
Sun May 19 13:02:54 CEST 2013
The branch, build-main has been updated
via 1be2f404a96226fd28c4a39272b8eaf24987dd8d (commit)
from 70d45f5895ec8ca79f3b6703d9e1e30997d39c51 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
Makefile | 16 +-
Makefile.PL | 9 +
Makefile => X2Go/Broker.pm | 57 +-
etc/x2gobroker-ldap.cfg => X2Go/Broker/Common.pm | 33 +-
lib/x2gobroker-ldap.pm => X2Go/Broker/LDAP.pm | 0
lib/x2gobroker-simple.pm => X2Go/Broker/Simple.pm | 0
X2Go/Broker/ZeroConf.pm | 177 ++++++
cgi/x2gobroker.cgi | 27 +-
debian/control | 29 +
debian/rules | 7 +-
debian/x2gobroker-ldap.install | 1 -
debian/x2gobroker-simple.install | 1 -
debian/x2gobroker-zeroconf.install | 1 -
lib/x2gobroker-agent.pl | 18 +-
lib/x2gobroker-zeroconf.pm | 632 ---------------------
15 files changed, 319 insertions(+), 689 deletions(-)
create mode 100644 Makefile.PL
copy Makefile => X2Go/Broker.pm (57%)
mode change 100755 => 100644
copy etc/x2gobroker-ldap.cfg => X2Go/Broker/Common.pm (63%)
rename lib/x2gobroker-ldap.pm => X2Go/Broker/LDAP.pm (100%)
rename lib/x2gobroker-simple.pm => X2Go/Broker/Simple.pm (100%)
create mode 100644 X2Go/Broker/ZeroConf.pm
delete mode 100644 debian/x2gobroker-zeroconf.install
delete mode 100644 lib/x2gobroker-zeroconf.pm
The diff of changes is:
diff --git a/Makefile b/Makefile
index 0a107b1..0cf6a8b 100755
--- a/Makefile
+++ b/Makefile
@@ -43,6 +43,8 @@ BIN_SCRIPTS=$(shell cd bin && echo *)
SBIN_SCRIPTS=$(shell cd sbin && echo *)
LIB_FILES=$(shell cd lib && echo *)
+PERL ?= /usr/bin/perl
+
all: clean build
build: build-arch build-indep
@@ -53,9 +55,21 @@ build_setuidwrappers:
gcc -fPIE -pie -o lib/x2gobroker-agent src/x2gobroker-agent.c
build-indep:
+ $(PERL) Makefile.PL INSTALLDIRS=vendor
+ $(MAKE) -f Makefile.perl
+
+distclean: clean
-clean: clean_arch
+clean: clean_arch clean_indep
clean_arch:
rm -f lib/x2gobroker-agent
+clean_indep:
+ -make -f Makefile.perl realclean
+
+test:
+ make -f Makefile.perl test
+
+install:
+ make -f Makefile.perl install
diff --git a/Makefile.PL b/Makefile.PL
new file mode 100644
index 0000000..1b63b56
--- /dev/null
+++ b/Makefile.PL
@@ -0,0 +1,9 @@
+#!/usr/bin/perl
+
+use ExtUtils::MakeMaker;
+
+WriteMakefile(FIRST_MAKEFILE => 'Makefile.perl',
+ PMLIBDIRS => ['X2Go'],
+ NAME => '',
+ VERSION => '0.0.0.1',
+ );
diff --git a/Makefile b/X2Go/Broker.pm
old mode 100755
new mode 100644
similarity index 57%
copy from Makefile
copy to X2Go/Broker.pm
index 0a107b1..62d0da0
--- a/Makefile
+++ b/X2Go/Broker.pm
@@ -1,5 +1,3 @@
-#!/usr/bin/make -f
-
# This file is part of the X2Go Project - http://www.x2go.org
# Copyright (C) 2011-2012 by Oleksandr Shneyder <oleksandr.shneyder at obviously-nice.de>
# Copyright (C) 2011-2012 by Heinz-Markus Graesing <heinz-m.graesing at obviously-nice.de>
@@ -20,42 +18,43 @@
# Free Software Foundation, Inc.,
# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
-SRC_DIR=$(CURDIR)
-SHELL=/bin/bash
+package X2Go::Broker;
+
+=head1 NAME
+
+X2Go::Broker - X2GO Session Broker modules for Perl
+
+=head1 DESCRIPTION
+
+An X2Go Session Broker allows to manage X2Go server farms TTW (using
+https protocol).
+
+=head1 VERSION
+
+Version 0.0.0.1
-INSTALL_DIR=install -d -o root -g root -m 755
-INSTALL_FILE=install -o root -g root -m 644
-INSTALL_PROGRAM=install -o root -g root -m 755
+=head1 AUTHOR
-RM_FILE=rm -f
-RM_DIR=rmdir -p --ignore-fail-on-non-empty
+Oleksandr Shneyder, C<< <oleksandr.shneyder at obviously-nice.de> >>
-DESTDIR=
-PREFIX=/usr/local
-ETCDIR=/etc/x2go
-BINDIR=$(PREFIX)/bin
-SBINDIR=$(PREFIX)/sbin
-LIBDIR=$(PREFIX)/lib/x2go
-MANDIR=$(PREFIX)/share/man
-SHAREDIR=$(PREFIX)/share/x2go
+Mike Gabriel, C<< <mike.gabriel at das-netzwerkteam.de> >>
-BIN_SCRIPTS=$(shell cd bin && echo *)
-SBIN_SCRIPTS=$(shell cd sbin && echo *)
-LIB_FILES=$(shell cd lib && echo *)
+=head1 LICENSE AND COPYRIGHT
-all: clean build
+Copyright 2011-2012, Oleksandr Shneyder, C<< <oleksandr.shneyder at obviously-nice.de> >>
-build: build-arch build-indep
+Copyright 2012, Mike Gabriel, C<< <mike.gabriel at das-netzwerkteam.de> >>
-build-arch: build_setuidwrappers
+This program is free software; you can redistribute it and/or modify it
+under the terms of the AGPL-3+ license.
-build_setuidwrappers:
- gcc -fPIE -pie -o lib/x2gobroker-agent src/x2gobroker-agent.c
+=cut
-build-indep:
+use strict;
-clean: clean_arch
+### for debugging purposes...
+#use Data::Dumper;
-clean_arch:
- rm -f lib/x2gobroker-agent
+use base 'Exporter';
+our @EXPORT = ( );
diff --git a/etc/x2gobroker-ldap.cfg b/X2Go/Broker/Common.pm
similarity index 63%
copy from etc/x2gobroker-ldap.cfg
copy to X2Go/Broker/Common.pm
index fe8e9bd..a81d85c 100644
--- a/etc/x2gobroker-ldap.cfg
+++ b/X2Go/Broker/Common.pm
@@ -18,7 +18,32 @@
# Free Software Foundation, Inc.,
# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
-ldapuri=ldap://<ldapmaster.localdomain>
-#replica=ldapi:///
-binddn="cn=admin,dc=example,dc=net"
-bindpw="<very-secret>"
+package X2Go::Broker::Common;
+
+use strict;
+
+### for debugging purposes...
+#use Data::Dumper;
+
+use base 'Exporter';
+our @EXPORT = ('ExecBrokerAgent', );
+
+###
+### public functions
+###
+
+sub ExecBrokerAgent
+{
+ my ($user, $hostname, $cmd)=@_;
+ my $res=`ssh -o ConnectTimeout=15 -o UserKnownHostsFile=/etc/x2go/x2gobroker/ts_known_hosts x2gobroker\@$hostname -i /etc/x2go/x2gobroker/id_x2gobroker_dsa \"/usr/lib/x2go/broker/x2gobroker-agent $user $cmd 2>/dev/null\"`;
+ my @rarr=split("\n",$res);
+ my $stat;
+ if( @rarr[0] eq 'OK' )
+ {
+ $stat=1;
+ } else {
+ $stat=0;
+ }
+ shift(@rarr);
+ return($stat,join("\n", at rarr));
+}
diff --git a/lib/x2gobroker-ldap.pm b/X2Go/Broker/LDAP.pm
similarity index 100%
rename from lib/x2gobroker-ldap.pm
rename to X2Go/Broker/LDAP.pm
diff --git a/lib/x2gobroker-simple.pm b/X2Go/Broker/Simple.pm
similarity index 100%
rename from lib/x2gobroker-simple.pm
rename to X2Go/Broker/Simple.pm
diff --git a/X2Go/Broker/ZeroConf.pm b/X2Go/Broker/ZeroConf.pm
new file mode 100644
index 0000000..d5c66a4
--- /dev/null
+++ b/X2Go/Broker/ZeroConf.pm
@@ -0,0 +1,177 @@
+# This file is part of the X2Go Project - http://www.x2go.org
+# Copyright (C) 2011-2012 by Oleksandr Shneyder <oleksandr.shneyder at obviously-nice.de>
+# Copyright (C) 2011-2012 by Heinz-Markus Graesing <heinz-m.graesing at obviously-nice.de>
+# Copyright (C) 2012 by Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
+#
+# X2Go Session Broker is free software; you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# X2Go Session Broker is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program; if not, write to the
+# Free Software Foundation, Inc.,
+# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+
+package X2Go::Broker::ZeroConf;
+
+use strict;
+use Sys:Hostname;
+use Authen::PAM;
+use Authen::Simple::PAM;
+#use Data::Dumper;
+use X2Go::Broker::Common;
+
+### for debugging purposes...
+#use Data::Dumper;
+
+use base 'Exporter';
+our @EXPORT = ('CheckAccess', 'ListSessions', 'SelectSession', 'SetPass', );
+
+my $hostname = hostname;
+
+###
+### public functions, available to broker cgi
+###
+
+### exported function ###
+sub CheckAccess
+{
+ # zeroconf broker: use PAM to perform authentication against
+ # the local PAM login module
+ my ($user,$pass)=@_;
+ my $pam = Authen::Simple::PAM->new(service => 'login');
+ if ( $pam->authenticate( $username, $password ) ) {
+ # successfull authentication
+ return 0
+ }
+ return 1;
+}
+
+### exported function ###
+sub SetPass
+{
+ ###
+ ### the broker API in X2Go Client currently requests a password change
+ ### without verifying the old password, this needs to be fixed...
+ ###
+
+ my ($username, $oldpassword, $newpassword)=@_;
+
+ # zeroconf broker: use PAM to initiate a local passwd change
+ my $service = "passwd";
+ ref($pamh = new Authen::PAM($service, $username, \&passwd_conv_func)) ||
+ die "Error code $pamh during PAM init!";
+ $state = 0;
+ $res = $pamh->pam_chauthtok;
+ die $pamh->pam_strerror($res) unless $res == PAM_SUCCESS();
+
+ print "\n<br>CHANGING PASS OK<br>\n";
+}
+
+### exported function ###
+sub SelectSession
+{
+ my ($user, $sid)=@_;
+ my @words=split("\@",$sid);
+ ###
+ ### FIXME: why the heck is the $sid format <host>@<session>,
+ ### <session>@<host> would make much more sense!!! (for
+ ### the human eye...)
+ ###
+ my $sess_id=@words[1];
+ my $host=@words[0];
+ check_and_start_session($user, $host, $sess_id);
+}
+
+### exported function ###
+sub ListSessions
+{
+ # print Dumper($message->entries);
+ print "START_USER_SESSIONS<br>";
+ my($status,$sessions)=CallBrokerAgent($hostname, $user, 'listsessions');
+ if ( $status )
+ {
+ if($sessions)
+ {
+ my @sinfo = split("\\|",$sessions);
+ my $session_status = @sinfo[4];
+ my $sid = @sinfo[1];
+ print "<br>[$hostname\@$sid]<br>";
+ print "status=$session_status<br>";
+ } else {
+ print "<br>[$hostname]<br>";
+ }
+ }
+ print "END_USER_SESSIONS<br>";
+}
+
+###
+### private functions, not available to broker cgi
+###
+
+# helper function for SetPass
+sub passwd_conv_func {
+ my @res;
+ while ( @_ ) {
+ my $code = shift;
+ my $msg = shift;
+ my $ans = "";
+
+ $ans = $username if ( $code == PAM_PROMPT_ECHO_ON() );
+ if ( $code == PAM_PROMPT_ECHO_OFF() ) {
+ $ans = $oldpassword if ($state == 0);
+ $ans = $newpassword if ($state == 1);
+ $ans = $newpassword if ($state == 2);
+ $state++;
+ }
+ push @res, (PAM_SUCCESS(),$ans);
+ }
+ push @res, PAM_SUCCESS();
+ return @res;
+}
+
+sub check_and_start_session
+{
+ my ($uid, $host, $sid) = @_;
+ my ($status, $sessions)=ExecRemoteBroker($user, $hostname, 'listsessions');
+ if ( ! $status )
+ {
+ print "ERROR: X2Go server not available\n";
+ return;
+ }
+ my $running_sessions = 0;
+ if ( $sessions )
+ {
+ # suspend all running sessions first...
+ my @sinfo = split("\\|",$sessions);
+ my $session_status = @sinfo[4];
+ my $session_server = @sinfo[3];
+ $sid=@sinfo[1];
+ if( $session_status eq 'R' )
+ {
+ $running = 1;
+ my $str;
+ ($status, $str) = ExecRemoteBroker($uid, $hostname, "suspend $sid");
+ $sessions =~ s/\|R\|/\|S\|/;
+ }
+ if( $session_status eq 'S' )
+ {
+ $running = 1;
+ }
+ }
+
+ print "SERVER:$hostname:$port\n";
+ if($running)
+ {
+ # use first session in session list...
+ print "SESSION_INFO:".(split("\n",$sessions))[0]."\n";
+ }
+}
+
+1;
diff --git a/cgi/x2gobroker.cgi b/cgi/x2gobroker.cgi
index fd62a62..06ed66b 100755
--- a/cgi/x2gobroker.cgi
+++ b/cgi/x2gobroker.cgi
@@ -28,14 +28,17 @@ my $broker_backend ~= s/x2gobroker-(.*)\.cgi/\1/
use lib "/usr/lib/x2go/";
use lib "/usr/lib/x2go/broker/";
-use x2gobroker-$broker_backend;
+
+switch ( $broker_backend ) {
+ case 'zeroconf' { use X2Go::Broker::ZeroConf qw(CheckAccess SetPass SelectSession ListSessions) }
+ case 'simple' { use X2Go::Broker::Simple qw(CheckAccess SetPass SelectSession ListSessions) }
+ case 'ldap' { use X2Go::Broker::LDAP qw(CheckAccess SetPass SelectSession ListSessions) }
+}
use CGI;
use CGI::Carp qw(fatalsToBrowser);
my $cgi = new CGI;
-
-
my @formValues = $cgi->param();
print $cgi->header(
@@ -49,11 +52,6 @@ print $cgi->header(
-meta =>{'keywords' =>'X2Go', 'description'=>'X2Go Session Broker'}
);
-#open (FL, ">>/tmp/x2gobroker.log");
-#print FL `date`;
-#print FL "called method ".$cgi->param('task')." from ".$ENV{REMOTE_ADDR}."\n";
-#close (FL);
-
if($cgi->param('task') eq 'testcon')
{
for ( my $i=0;$i<2*1024*1024;$i++ )
@@ -63,10 +61,9 @@ if($cgi->param('task') eq 'testcon')
print $cgi->end_html();
}
-
-if ( ! checkAccess($cgi->param('user'), $cgi->param('password'), $cgi->param('authid')) == 1 )
+if ( ! CheckAccess($cgi->param('user'), $cgi->param('password'), $cgi->param('authid')) == 1 )
{
- printNoAccess();
+ print_no_access();
print $cgi->end_html();
exit (0);
}
@@ -76,24 +73,24 @@ $cgi->strong('Access granted');
if ($cgi->param('task') eq 'listsessions')
{
- listSessions($cgi->param('user'));
+ ListSessions($cgi->param('user'));
}
if ($cgi->param('task') eq 'selectsession')
{
- selectSession($cgi->param('user'), $cgi->param('sid'));
+ SelectSession($cgi->param('user'), $cgi->param('sid'));
}
if ($cgi->param('task') eq 'setpass')
{
- setPass($cgi->param('user'), $cgi->param('newpass'));
+ SetPass($cgi->param('user'), $cgi->param('newpass'));
}
$cgi->hr(),
$cgi->end_form();
print $cgi->end_html();
-sub printNoAccess
+sub print_no_access
{
print $cgi->start_form(),
$cgi->hr(),
diff --git a/debian/control b/debian/control
index 10dc11a..85c15df 100644
--- a/debian/control
+++ b/debian/control
@@ -8,8 +8,37 @@ Uploaders:
Build-Depends:
debhelper (>= 7.0.50~),
cdbs (>= 0.4.90~),
+ dpkg-dev (>= 1.16.1~),
Standards-Version: 3.9.3
+Package: libx2go-broker-perl
+Architecture: all
+Section: perl
+Depends:
+ ${misc:Depends},
+ ${perl:Depends},
+Description: X2Go http(s) based session broker (Perl modules)
+ X2Go is a serverbased computing environment with
+ - session resuming
+ - low bandwidth support
+ - LDAP support
+ - client side mass storage mounting support
+ - client side printing support
+ - audio support
+ - authentication by smartcard and USB stick
+ .
+ The session broker is a server tool for X2Go that
+ tells your X2Go Client application in a terminal
+ server cluster what servers and session types are
+ most appropriate for the user in front of the
+ X2Go terminal.
+ .
+ A session broker is most useful in load balanced
+ X2Go server farms.
+ .
+ This package contains the related Perl modules needed
+ by the X2Go Session Broker scripts.
+
Package: x2gobroker-common
Architecture: all
Depends:
diff --git a/debian/rules b/debian/rules
index 82087a5..8b53e5a 100755
--- a/debian/rules
+++ b/debian/rules
@@ -21,5 +21,8 @@ export DEB_BUILD_MAINT_OPTIONS = hardening=+all
export DEB_CFLAGS_MAINT_APPEND = -Wall
include /usr/share/dpkg/buildflags.mk
-include /usr/share/cdbs/1/class/makefile.mk
-include /usr/share/cdbs/1/rules/debhelper.mk
\ No newline at end of file
+DEB_PERL_PACKAGES=libx2go-broker-perl
+DEB_PERL_CLEAN_TARGET=realclean
+include /usr/share/cdbs/1/class/perl-makemaker.mk
+include /usr/share/cdbs/1/rules/debhelper.mk
+
diff --git a/debian/x2gobroker-ldap.install b/debian/x2gobroker-ldap.install
index 71e503b..c35da81 100644
--- a/debian/x2gobroker-ldap.install
+++ b/debian/x2gobroker-ldap.install
@@ -1,2 +1 @@
etc/x2gobroker-ldap.cfg etc/x2go/
-lib/x2gobroker-ldap.pm usr/lib/x2go/broker/
diff --git a/debian/x2gobroker-simple.install b/debian/x2gobroker-simple.install
index 4313377..258c187 100644
--- a/debian/x2gobroker-simple.install
+++ b/debian/x2gobroker-simple.install
@@ -1,2 +1 @@
etc/x2gobroker-simple.cfg etc/x2go/
-lib/x2gobroker-simple.pm usr/lib/x2go/broker/
diff --git a/debian/x2gobroker-zeroconf.install b/debian/x2gobroker-zeroconf.install
deleted file mode 100644
index ea6bbbb..0000000
--- a/debian/x2gobroker-zeroconf.install
+++ /dev/null
@@ -1 +0,0 @@
-lib/x2gobroker-zeroconf.pm usr/lib/x2go/broker/
diff --git a/lib/x2gobroker-agent.pl b/lib/x2gobroker-agent.pl
index 0bac8de..be9145c 100755
--- a/lib/x2gobroker-agent.pl
+++ b/lib/x2gobroker-agent.pl
@@ -26,11 +26,20 @@ sub initUser
{
my ($user, $uid, $gid, $home)=@_;
if (! -d "$home")
+ ###
+ ### FIXME: it should no be our job to create homes...!!!
+ ### Use pam_mkhomedir.so or similar or just have a
+ ### genuine system administration tool... (Mike)
+ ###
{
mkdir ("$home", 0700);
chown ($uid, $gid, $home);
}
if (! -e "$home/.x2go/sqlpass")
+ ###
+ ### FIXME: This code block will fail on most NFS mounted shares
+ ### and esp. on those mounted via NFSv4+Krb. (Mike)
+ ###
{
open my $save_out, ">&STDOUT";
close (STDOUT);
@@ -41,6 +50,11 @@ sub initUser
sub createKey
{
+ ###
+ ### FIXME: This bit of code look dangerous... My
+ ### authorized_keys file is starting to get
+ ### scared... (Mike)
+ ###
my ($uid, $gid, $home)=@_;
if (! -d "$home/.ssh")
{
@@ -69,7 +83,7 @@ $ENV{'PATH'} = '/bin:/usr/bin';
my $username=shift or die;
my $mode=shift or die;
-my ($name,$passwd,$uid,$gid, $quota,$comment,$gcos,$home,$shell,$expire) = getpwnam($username);
+my ($name, $passwd, $uid, $gid, $quota, $comment, $gcos, $home, $shell, $expire) = getpwnam($username);
if($uid < 1000)
{
@@ -110,5 +124,3 @@ if($mode eq 'ping')
{
print "OK\n";
}
-
-
diff --git a/lib/x2gobroker-zeroconf.pm b/lib/x2gobroker-zeroconf.pm
deleted file mode 100644
index fae529a..0000000
--- a/lib/x2gobroker-zeroconf.pm
+++ /dev/null
@@ -1,632 +0,0 @@
-# This file is part of the X2Go Project - http://www.x2go.org
-# Copyright (C) 2011-2012 by Oleksandr Shneyder <oleksandr.shneyder at obviously-nice.de>
-# Copyright (C) 2011-2012 by Heinz-Markus Graesing <heinz-m.graesing at obviously-nice.de>
-# Copyright (C) 2012 by Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
-#
-# X2Go Session Broker is free software; you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published by
-# the Free Software Foundation; either version 3 of the License, or
-# (at your option) any later version.
-#
-# X2Go Session Broker is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with this program; if not, write to the
-# Free Software Foundation, Inc.,
-# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
-
-package x2gobroker-simple;
-
-use strict;
-use Config::Simple;
-use Crypt::SaltedHash;
-use MIME::Base64;
-use Data::Dumper;
-
-
-my $cfg=new Config::Simple(syntax=>'ini');
-$cfg->read("/etc/x2go/x2gobroker-simple.cfg");
-my $ldapuri=$cfg->param('ldapuri');
-my $replica=$cfg->param('replica');
-my $binddn=$cfg->param('binddn');
-my $bindpw=$cfg->param('bindpw');
-
-use base 'Exporter';
-our @EXPORT = ('checkAccess', 'listSessions', 'selectSession', 'setPass');
-
-sub getBase
-###
-### FIXME: provide that in /etc/x2go/x2gobroker-simple.cfg
-### FIXME: put the pid of this process in the lock files
-{
- my $login=shift;
- $login=~s/cn=ldapadmin,//;
- return $login;
-}
-
-sub initLdap
-###
-### FIXME: lock files have to be in /run or /var/run...
-###
-{
- my $masterlocked=0;
- my $replicalocked=0;
- if ( ( -e "/etc/x2go/x2gobroker/masterldap.lock") && ( -e "/etc/x2go/x2gobroker/replicaldap.lock" ) )
- {
- die "Can't connect to LDAP server";
- }
- if ( -e "/etc/x2go/x2gobroker/replicaldap.lock" )
- {
- $masterlocked=1;
- my ($ldap,$error)=initLDAPServer( $ldapuri );
- if( ! $ldap )
- {
- `touch /etc/x2go/x2gobroker/masterldap.lock`;
- die "Can't connect to LDAP server";
- }
- return $ldap;
- }
- if( -e "/etc/x2go/x2gobroker/masterldap.lock" )
- {
- $replicalocked=1;
- my ($ldap,$error)=initLDAPServer( $replica );
- if ( ! $ldap )
- {
- `touch /etc/x2go/x2gobroker/replicaldap.lock`;
- die "Can't connect to LDAP server";
- }
- return $ldap;
- }
- if( ! int(rand(2)) )
- {
- my ($ldap,$error)=initLDAPServer( $ldapuri );
- if( ! $ldap )
- {
- `touch /etc/x2go/x2gobroker/masterldap.lock`;
- return initLdap();
- }
- return $ldap;
- } else {
- my ($ldap,$error)=initLDAPServer( $replica );
- if(!$ldap)
- {
- `touch /etc/x2go/x2gobroker/replicaldap.lock`;
- return initLdap();
- }
- return $ldap;
- }
-}
-
-sub initMasterLdap
-{
- if(-e "/etc/x2go/x2gobroker/masterldap.lock")
- {
- die "Master LDAP server is down\n";
- }
- my ($ldap,$error)=initLDAPServer( $ldapuri );
- if( ! $ldap )
- {
- `touch /etc/x2go/x2gobroker/masterldap.lock`;
- die $error;
- }
- return $ldap;
-}
-
-sub initLDAPServer
-{
- my $url=shift;
- my $ldap=Net::LDAP->new( $url );
- if( ! $ldap )
- {
- notify("LDAP server $url is down ($@). Please, repair it and remove lock file in /etc/x2go/x2gobroker\n");
- return (0,"$@");
- }
- my $message = $ldap->bind($binddn,password=>$bindpw);
- if(!$message)
- {
- notify("LDAP server $url is down ($@). Please, repair it and remove lock file in /etc/x2go/x2gobroker\n");
- return (0,"$@");
- }
- return ($ldap,0);
-}
-
-sub setPass
-{
- my ($user, $newpass)=@_;
- # check if we have master ldap here
-
- my $attr;
-
- my $csh=Crypt::SaltedHash->new(algorithm => 'SHA-1');
- $csh->add($newpass);
- $newpass=$csh->generate;
-
- push(@$attr,'userPassword'=>$newpass);
- my $changes;
- push(@$changes,'replace'=>$attr);
-
- my $ldap = initMasterLdap();
-
- my $dn="cn=$user,ou=BrokerUsers".getBase($binddn);
- my $message=$ldap->modify($dn, changes => $changes);
-
- if($message->code)
- {
- die $message->error.": ".$message->error_desc;
- }
- print "\n<br>CHANGING PASS OK<br>\n";
-}
-
-sub selectSession
-{
- my ($user, $sid)=@_;
- my @words=split("\@",$sid);
- my $sess_id=@words[1];
- my $host=@words[0];
- checkAndStartSession($user, $host, $sess_id);
-}
-
-sub getExtCon
-{
- my $host=shift;
-
- my $ldap = initLdap();
-
- my $dn="cn=$host,ou=Servers,ou=ON".getBase($binddn);
- ####
- #### FIXME: get scope from config file in /etc/x2go/x2gobroker-*.conf
- ####
- my $message=$ldap->search(base => $dn,
- scope => 'base',
- filter => '(objectClass=ipHost)'
- );
-
- if($message->code)
- {
- die $message->error.": ".$message->error_desc;
- }
- foreach ($message->entries)
- {
- my $asn=$_->{'asn'};
- my $attr=$asn->{'attributes'};
- foreach (@$attr)
- {
- my $type=$_->{'type'};
- my $value=$_->{'vals'}[0];
- if( $type eq 'description' )
- {
- my @words=split(":",$value);
- return (@words[0], @words[1]);
- }
- }
- }
-}
-
-sub checkAndStartSession
-{
- my ($uid,$host,$sid)=@_;
- my ($status,$sessions)=check_ts($host,$uid);
- if(!$status)
- {
- print "ERROR check TS\n";
- return;
- }
- my $running=0;
- if( $sessions )
- {
- my @sinfo=split("\\|",$sessions);
- my $sess_stat=@sinfo[4];
- my $sess_srv=@sinfo[3];
- $sid=@sinfo[1];
- if( $sess_stat eq 'R' )
- {
- $running=1;
- my $str;
- ($status,$str)=remoteBroker($host,$uid,"suspend $sid");
- $sessions=~s/\|R\|/\|S\|/;
- }
- if( $sess_stat eq 'S' )
- {
- $running=1;
- }
- }
-
- my($ip,$port)=getExtCon($host);
- print "SERVER:$ip:$port\n";
- if($running)
- {
- print "SESSION_INFO:".(split("\n",$sessions))[0]."\n";
- }
-}
-
-sub checkRunningSession
-{
- my ($sess_srv, $sess_stat, $server_dn, $uid, $sid, $ldap)=@_;
- my @dn_el=split(',',$server_dn);
- shift(@dn_el);
- shift(@dn_el);
- my $node_dn="cn=".$sess_srv.",ou=Hosts,".join(',', at dn_el);
- ####
- #### FIXME: get scope from config file in /etc/x2go/x2gobroker-*.conf
- ####
- my $mesg=$ldap->search(base => $node_dn,
- scope => 'base',
- filter => '(objectClass=X2GoServerNode)'
- );
- if(!$mesg->code)
- {
- my @entries=$mesg->entries();
- if(@entries[0]->get_value('serverStatus') eq 'TRUE')
- {
- my $node_ref={};
- $node_ref->{'ip'}=@entries[0]->get_value('ipHostNumber');
- $node_ref->{'dn'}=$node_dn;
- my $status;
- my $str;
- if( $sess_stat eq 'R' )
- {
- print "session running, suspend session $sid\n";
- ($status,$str)=remoteBroker($node_ref->{'ip'},$uid,"suspend $sid",$node_ref->{'dn'}, $ldap);
- } else {
- print "session not running, ping node\n";
- ($status,$str)=remoteBroker($node_ref->{'ip'},$uid,'ping',$node_ref->{'dn'}, $ldap);
- }
- if($status)
- {
- return $node_ref;
- }
- print "error executing remote broker \n";
- }
- print "node is down \n";
- return 0;
- }
- print "error searching $node_dn: ".$mesg->error."\n";
- return 0;
-}
-
-sub startNewSession
-{
- my ($dn, $ldap, $uid)=@_;
- ####
- #### FIXME: get scope from config file in /etc/x2go/x2gobroker-*.conf
- ####
- my $mesg=$ldap->search(base => $dn,
- scope => 'base',
- filter => '(objectClass=X2GoServer)'
- );
-
- if($mesg->code)
- {
- return 0;
- }
-
- my @entries=$mesg->entries();
- my $ref = @entries[0]->get_value ( 'serverNode', asref => 1 );
- my $nodes;
- foreach(@$ref)
- {
- my $server=$_;
- my @sdn=split(",",$dn);
- shift(@sdn);
- shift(@sdn);
- my $server_dn="cn=$server,ou=Hosts,".join(",", at sdn);
-
- my $mesg=$ldap->search(base => $server_dn,
- scope => 'base',
- filter => '(objectClass=X2GoServerNode)'
- );
- if( ! $mesg->code )
- {
- my @entries=$mesg->entries();
- if(@entries[0]->get_value('serverStatus') eq 'TRUE')
- {
- my $node_ref={};
- $node_ref->{'ip'}=@entries[0]->get_value('ipHostNumber');
- $node_ref->{'sessions'}=0;
- $node_ref->{'dn'}=$server_dn;
- $nodes->{$server}=$node_ref;
- }
- }
- }
- return findBestServer($nodes,$ldap, $uid);
-}
-
-sub findBestServer
-{
- my ($nodes, $ldap, $user)=@_;
- my $servers;
- my $status;
- while( my ($key,$value) = each(%$nodes))
- {
- if( ! $status )
- {
- my $ip=$value->{'ip'};
- my $dn=$value->{'dn'};
- ($status,$servers)=remoteBroker($ip,$user,'getservers',$dn, $ldap);
- if(!$status)
- {
- delete $nodes->{$key};
- }
- }
- }
- if( ! $status )
- {
- return 0;
- }
- my @srvlines=split("\n",$servers);
- foreach(@srvlines)
- {
- my @words=split(' ',$_);
- my $ref=$nodes->{@words[0]};
- if( $ref )
- {
- $ref->{'sessions'}=1*@words[1];
- }
- }
- return checkServers($nodes, $ldap, $user);
-}
-
-sub checkServers
-{
- my ($nodes, $ldap, $user)=@_;
- my $bestnode=0;
- my $bestnodekey;
- my $key;
- my $value;
- while( ($key,$value) = each(%$nodes))
- {
- if(! $bestnode)
- {
- $bestnode=$value;
- $bestnodekey=$key;
- } else {
- if($value->{'sessions'}<$bestnode->{'sessions'})
- {
- $bestnode=$value;
- $bestnodekey=$key;
- }
- }
- }
- if( ! $bestnode )
- {
- print "bestnode is null: \n";
- return 0;
- } else {
- my $ip=$bestnode->{'ip'};
- my $dn=$bestnode->{'dn'};
- my ($status,$fakearr)=remoteBroker($ip,$user,'ping',$dn, $ldap);
- if( ! $status )
- {
- delete $nodes->{$bestnodekey};
- return checkServers($nodes, $ldap, $user);
- } else {
- return $bestnode;
- }
- }
-}
-
-
-sub check_ts
-{
- my ($host, $user)=@_;
- my $server_dn;
- my $ldap;
- my($status,$sessions)=getSessionRunning($server_dn, $host, $user, $ldap);
- if( $status )
- {
- return (1,$sessions);
- }
- return (0,0);
-}
-
-sub getSessionRunning
-{
- my ($dn,$ip,$user, $ldap)=@_;
- my ($status,$sessions)=remoteBroker($ip,$user,'listsessions', $dn, $ldap);
- if( ! $status )
- {
- return (0,0);
- } else {
- return (1,$sessions);
- }
-}
-
-sub remoteBroker
-{
- my ($ip, $user, $cmd, $dn, $ldap)=@_;
- my $res=`ssh -o ConnectTimeout=15 -o UserKnownHostsFile=/etc/x2go/x2gobroker/ts_known_hosts x2gobroker\@$ip -i /etc/x2go/x2gobroker/id_x2gobroker_dsa \"/usr/lib/x2go/broker/x2gobroker-command $user $cmd 2>/dev/null\"`;
- my @rarr=split("\n",$res);
- my $stat;
- if(@rarr[0] eq 'OK')
- {
- $stat=1;
- } else {
- $stat=0;
- # setNodeDown($dn, $ldap, $cmd, $user);
- }
- shift(@rarr);
- return($stat,join("\n", at rarr));
-}
-
-sub notify
-{
- my $message=shift;
- open (F,">>/tmp/x2gobroker.log");
- print F `date`.$message."\n";
- close(F);
-}
-
-sub setNodeDown
-{
- my($dn, $ldap, $cmd, $user)=@_;
- my $attr;
- push(@$attr,'serverStatus' => 'FALSE');
- my $changes;
- push (@$changes, 'replace' => $attr);
- $ldap->modify($dn,changes => $changes);
- notify ("set status of $dn to \"down\", failed command: \"$cmd\", user: \"$user\"\n");
-}
-
-sub setServerDown
-{
- my($dn, $ldap)=@_;
- my $attr;
- push(@$attr,'serverStatus' => 'FALSE');
- my $changes;
- push (@$changes, 'replace' => $attr);
- $ldap->modify($dn,changes => $changes);
- notify ("set status of $dn to \"down\", all nodes are down\n");
-}
-
-sub checkAccess
-{
- my ($user,$pass)=@_;
-
- my $ldap = initLdap();
-
- my $dn="uid=$user,ou=People".getBase($binddn);
- my $mesg=$ldap->search(base => $dn,
- scope => 'base',
- filter => '(objectClass=posixAccount)'
- );
-
- if( $mesg->code )
- {
- return 0;
- }
-
- my @entries=$mesg->entries();
- my $crypted=@entries[0]->get_value('userPassword');
- $mesg = $ldap->unbind;
- if ( Crypt::SaltedHash->validate($crypted, $pass) )
- {
- return 1;
- }
- return 0;
-}
-
-sub listSessions
-{
- my $user=shift;
-
- my $ldap = initLdap();
-
- my $dn="ou=Servers,ou=ON".getBase($binddn);
- my $message=$ldap->search(base => $dn,
- scope => 'sub',
- filter => '(objectClass=ipHost)'
- );
-
- if($message->code)
- {
- die $message->error.": ".$message->error_desc;
- }
- # print Dumper($message->entries);
- print "START_USER_SESSIONS<br>";
- foreach ($message->entries)
- {
- my $asn=$_->{'asn'};
- my $attr=$asn->{'attributes'};
- my $host;
- my $int_ip;
- my $ext_ip;
- my $ext_port;
- foreach (@$attr)
- {
- my $type=$_->{'type'};
- my $value=$_->{'vals'}[0];
- if( $type eq 'cn' )
- {
- $host=$value;
- }
- }
- my($status,$sessions)=getSessionRunning($dn,$host,$user, $ldap);
- if($status)
- {
- my $sess_srv;
- if($sessions)
- {
- my @sinfo=split("\\|",$sessions);
- my $sess_stat=@sinfo[4];
- $sess_srv=@sinfo[3];
- my $sid=@sinfo[1];
- print "<br>[$host\@$sid]<br>";
- print "status=$sess_stat<br>";
- #get ip
- #get port
- } else {
- my $sessions;
- ($sess_srv,$ext_ip,$ext_port, $sessions)=getBestNode($dn, $ldap, $user, $host, $message);
- print "<br>[$host]<br>";
- }
- #print "host=$ext_ip<br>";
- print "user=$user<br>";
- #print "sshport=$ext_port<br>";
- print "name=Stadt Treuchtlingen<br>";
- goto loop_end;
- }
- }
- loop_end:
- print "END_USER_SESSIONS<br>";
- $ldap->unbind();
-}
-
-sub getBestNode
-{
- my ($dn, $ldap, $user, $ip, $message)=@_;
- my $servers;
- my $status;
- ($status,$servers)=remoteBroker($ip,$user,'getservers',$dn, $ldap);
- my $srvref={};
- my @srvlines=split("\n",$servers);
- foreach(@srvlines)
- {
- my @words=split(' ',$_);
- $srvref->{@words[0]}=1*@words[1];
- }
- my $bestval=-1;
- my $bestsrv;
- my $bestext_ip;
- my $bestext_port;
- foreach ($message->entries)
- {
- my $asn=$_->{'asn'};
- my $attr=$asn->{'attributes'};
- my $host;
- my $ext_ip;
- my $ext_port;
- foreach (@$attr)
- {
- my $type=$_->{'type'};
- my $value=$_->{'vals'}[0];
- if( $type eq 'cn' )
- {
- $host=$value;
- }
- if($type eq 'description')
- {
- my @words=split(":",$value);
- $ext_ip=@words[0];
- $ext_port=@words[1];
- }
- }
- my $sess=$srvref->{$host};
- if( ! $sess )
- {
- return($host, $ext_ip, $ext_port,0);
- }
- if($sess < $bestval || $bestval == -1)
- {
- $bestval=$sess;
- $bestsrv=$host;
- $bestext_ip=$ext_ip;
- $bestext_port=$ext_port;
- }
- }
- return($bestsrv, $bestext_ip, $bestext_port, $bestval);
-}
-
-1;
hooks/post-receive
--
x2gobroker.git (HTTP(S) Session broker for X2Go)
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "x2gobroker.git" (HTTP(S) Session broker for X2Go).
More information about the x2go-commits
mailing list